1/* 2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4 * Copyright 2005 Nokia. All rights reserved. 5 * 6 * Licensed under the OpenSSL license (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 */ 11 12#include <stdio.h> 13#include <openssl/objects.h> 14#include "internal/nelem.h" 15#include "ssl_local.h" 16#include <openssl/md5.h> 17#include <openssl/dh.h> 18#include <openssl/rand.h> 19#include "internal/cryptlib.h" 20 21#define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) 22#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) 23#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs) 24 25/* TLSv1.3 downgrade protection sentinel values */ 26const unsigned char tls11downgrade[] = { 27 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00 28}; 29const unsigned char tls12downgrade[] = { 30 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01 31}; 32 33/* The list of available TLSv1.3 ciphers */ 34static SSL_CIPHER tls13_ciphers[] = { 35 { 36 1, 37 TLS1_3_RFC_AES_128_GCM_SHA256, 38 TLS1_3_RFC_AES_128_GCM_SHA256, 39 TLS1_3_CK_AES_128_GCM_SHA256, 40 SSL_kANY, 41 SSL_aANY, 42 SSL_AES128GCM, 43 SSL_AEAD, 44 TLS1_3_VERSION, TLS1_3_VERSION, 45 0, 0, 46 SSL_HIGH, 47 SSL_HANDSHAKE_MAC_SHA256, 48 128, 49 128, 50 }, { 51 1, 52 TLS1_3_RFC_AES_256_GCM_SHA384, 53 TLS1_3_RFC_AES_256_GCM_SHA384, 54 TLS1_3_CK_AES_256_GCM_SHA384, 55 SSL_kANY, 56 SSL_aANY, 57 SSL_AES256GCM, 58 SSL_AEAD, 59 TLS1_3_VERSION, TLS1_3_VERSION, 60 0, 0, 61 SSL_HIGH, 62 SSL_HANDSHAKE_MAC_SHA384, 63 256, 64 256, 65 }, 66#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 67 { 68 1, 69 TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 70 TLS1_3_RFC_CHACHA20_POLY1305_SHA256, 71 TLS1_3_CK_CHACHA20_POLY1305_SHA256, 72 SSL_kANY, 73 SSL_aANY, 74 SSL_CHACHA20POLY1305, 75 SSL_AEAD, 76 TLS1_3_VERSION, TLS1_3_VERSION, 77 0, 0, 78 SSL_HIGH, 79 SSL_HANDSHAKE_MAC_SHA256, 80 256, 81 256, 82 }, 83#endif 84 { 85 1, 86 TLS1_3_RFC_AES_128_CCM_SHA256, 87 TLS1_3_RFC_AES_128_CCM_SHA256, 88 TLS1_3_CK_AES_128_CCM_SHA256, 89 SSL_kANY, 90 SSL_aANY, 91 SSL_AES128CCM, 92 SSL_AEAD, 93 TLS1_3_VERSION, TLS1_3_VERSION, 94 0, 0, 95 SSL_NOT_DEFAULT | SSL_HIGH, 96 SSL_HANDSHAKE_MAC_SHA256, 97 128, 98 128, 99 }, { 100 1, 101 TLS1_3_RFC_AES_128_CCM_8_SHA256, 102 TLS1_3_RFC_AES_128_CCM_8_SHA256, 103 TLS1_3_CK_AES_128_CCM_8_SHA256, 104 SSL_kANY, 105 SSL_aANY, 106 SSL_AES128CCM8, 107 SSL_AEAD, 108 TLS1_3_VERSION, TLS1_3_VERSION, 109 0, 0, 110 SSL_NOT_DEFAULT | SSL_HIGH, 111 SSL_HANDSHAKE_MAC_SHA256, 112 128, 113 128, 114 } 115}; 116 117/* 118 * The list of available ciphers, mostly organized into the following 119 * groups: 120 * Always there 121 * EC 122 * PSK 123 * SRP (within that: RSA EC PSK) 124 * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED 125 * Weak ciphers 126 */ 127static SSL_CIPHER ssl3_ciphers[] = { 128 { 129 1, 130 SSL3_TXT_RSA_NULL_MD5, 131 SSL3_RFC_RSA_NULL_MD5, 132 SSL3_CK_RSA_NULL_MD5, 133 SSL_kRSA, 134 SSL_aRSA, 135 SSL_eNULL, 136 SSL_MD5, 137 SSL3_VERSION, TLS1_2_VERSION, 138 DTLS1_BAD_VER, DTLS1_2_VERSION, 139 SSL_STRONG_NONE, 140 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 141 0, 142 0, 143 }, 144 { 145 1, 146 SSL3_TXT_RSA_NULL_SHA, 147 SSL3_RFC_RSA_NULL_SHA, 148 SSL3_CK_RSA_NULL_SHA, 149 SSL_kRSA, 150 SSL_aRSA, 151 SSL_eNULL, 152 SSL_SHA1, 153 SSL3_VERSION, TLS1_2_VERSION, 154 DTLS1_BAD_VER, DTLS1_2_VERSION, 155 SSL_STRONG_NONE | SSL_FIPS, 156 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 157 0, 158 0, 159 }, 160#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 161 { 162 1, 163 SSL3_TXT_RSA_DES_192_CBC3_SHA, 164 SSL3_RFC_RSA_DES_192_CBC3_SHA, 165 SSL3_CK_RSA_DES_192_CBC3_SHA, 166 SSL_kRSA, 167 SSL_aRSA, 168 SSL_3DES, 169 SSL_SHA1, 170 SSL3_VERSION, TLS1_2_VERSION, 171 DTLS1_BAD_VER, DTLS1_2_VERSION, 172 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 173 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 174 112, 175 168, 176 }, 177 { 178 1, 179 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 180 SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA, 181 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA, 182 SSL_kDHE, 183 SSL_aDSS, 184 SSL_3DES, 185 SSL_SHA1, 186 SSL3_VERSION, TLS1_2_VERSION, 187 DTLS1_BAD_VER, DTLS1_2_VERSION, 188 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 189 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 190 112, 191 168, 192 }, 193 { 194 1, 195 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 196 SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA, 197 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA, 198 SSL_kDHE, 199 SSL_aRSA, 200 SSL_3DES, 201 SSL_SHA1, 202 SSL3_VERSION, TLS1_2_VERSION, 203 DTLS1_BAD_VER, DTLS1_2_VERSION, 204 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 205 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 206 112, 207 168, 208 }, 209 { 210 1, 211 SSL3_TXT_ADH_DES_192_CBC_SHA, 212 SSL3_RFC_ADH_DES_192_CBC_SHA, 213 SSL3_CK_ADH_DES_192_CBC_SHA, 214 SSL_kDHE, 215 SSL_aNULL, 216 SSL_3DES, 217 SSL_SHA1, 218 SSL3_VERSION, TLS1_2_VERSION, 219 DTLS1_BAD_VER, DTLS1_2_VERSION, 220 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 221 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 222 112, 223 168, 224 }, 225#endif 226 { 227 1, 228 TLS1_TXT_RSA_WITH_AES_128_SHA, 229 TLS1_RFC_RSA_WITH_AES_128_SHA, 230 TLS1_CK_RSA_WITH_AES_128_SHA, 231 SSL_kRSA, 232 SSL_aRSA, 233 SSL_AES128, 234 SSL_SHA1, 235 SSL3_VERSION, TLS1_2_VERSION, 236 DTLS1_BAD_VER, DTLS1_2_VERSION, 237 SSL_HIGH | SSL_FIPS, 238 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 239 128, 240 128, 241 }, 242 { 243 1, 244 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 245 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA, 246 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 247 SSL_kDHE, 248 SSL_aDSS, 249 SSL_AES128, 250 SSL_SHA1, 251 SSL3_VERSION, TLS1_2_VERSION, 252 DTLS1_BAD_VER, DTLS1_2_VERSION, 253 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 254 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 255 128, 256 128, 257 }, 258 { 259 1, 260 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 261 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA, 262 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 263 SSL_kDHE, 264 SSL_aRSA, 265 SSL_AES128, 266 SSL_SHA1, 267 SSL3_VERSION, TLS1_2_VERSION, 268 DTLS1_BAD_VER, DTLS1_2_VERSION, 269 SSL_HIGH | SSL_FIPS, 270 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 271 128, 272 128, 273 }, 274 { 275 1, 276 TLS1_TXT_ADH_WITH_AES_128_SHA, 277 TLS1_RFC_ADH_WITH_AES_128_SHA, 278 TLS1_CK_ADH_WITH_AES_128_SHA, 279 SSL_kDHE, 280 SSL_aNULL, 281 SSL_AES128, 282 SSL_SHA1, 283 SSL3_VERSION, TLS1_2_VERSION, 284 DTLS1_BAD_VER, DTLS1_2_VERSION, 285 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 286 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 287 128, 288 128, 289 }, 290 { 291 1, 292 TLS1_TXT_RSA_WITH_AES_256_SHA, 293 TLS1_RFC_RSA_WITH_AES_256_SHA, 294 TLS1_CK_RSA_WITH_AES_256_SHA, 295 SSL_kRSA, 296 SSL_aRSA, 297 SSL_AES256, 298 SSL_SHA1, 299 SSL3_VERSION, TLS1_2_VERSION, 300 DTLS1_BAD_VER, DTLS1_2_VERSION, 301 SSL_HIGH | SSL_FIPS, 302 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 303 256, 304 256, 305 }, 306 { 307 1, 308 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 309 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA, 310 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 311 SSL_kDHE, 312 SSL_aDSS, 313 SSL_AES256, 314 SSL_SHA1, 315 SSL3_VERSION, TLS1_2_VERSION, 316 DTLS1_BAD_VER, DTLS1_2_VERSION, 317 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 318 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 319 256, 320 256, 321 }, 322 { 323 1, 324 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 325 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA, 326 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 327 SSL_kDHE, 328 SSL_aRSA, 329 SSL_AES256, 330 SSL_SHA1, 331 SSL3_VERSION, TLS1_2_VERSION, 332 DTLS1_BAD_VER, DTLS1_2_VERSION, 333 SSL_HIGH | SSL_FIPS, 334 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 335 256, 336 256, 337 }, 338 { 339 1, 340 TLS1_TXT_ADH_WITH_AES_256_SHA, 341 TLS1_RFC_ADH_WITH_AES_256_SHA, 342 TLS1_CK_ADH_WITH_AES_256_SHA, 343 SSL_kDHE, 344 SSL_aNULL, 345 SSL_AES256, 346 SSL_SHA1, 347 SSL3_VERSION, TLS1_2_VERSION, 348 DTLS1_BAD_VER, DTLS1_2_VERSION, 349 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 350 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 351 256, 352 256, 353 }, 354 { 355 1, 356 TLS1_TXT_RSA_WITH_NULL_SHA256, 357 TLS1_RFC_RSA_WITH_NULL_SHA256, 358 TLS1_CK_RSA_WITH_NULL_SHA256, 359 SSL_kRSA, 360 SSL_aRSA, 361 SSL_eNULL, 362 SSL_SHA256, 363 TLS1_2_VERSION, TLS1_2_VERSION, 364 DTLS1_2_VERSION, DTLS1_2_VERSION, 365 SSL_STRONG_NONE | SSL_FIPS, 366 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 367 0, 368 0, 369 }, 370 { 371 1, 372 TLS1_TXT_RSA_WITH_AES_128_SHA256, 373 TLS1_RFC_RSA_WITH_AES_128_SHA256, 374 TLS1_CK_RSA_WITH_AES_128_SHA256, 375 SSL_kRSA, 376 SSL_aRSA, 377 SSL_AES128, 378 SSL_SHA256, 379 TLS1_2_VERSION, TLS1_2_VERSION, 380 DTLS1_2_VERSION, DTLS1_2_VERSION, 381 SSL_HIGH | SSL_FIPS, 382 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 383 128, 384 128, 385 }, 386 { 387 1, 388 TLS1_TXT_RSA_WITH_AES_256_SHA256, 389 TLS1_RFC_RSA_WITH_AES_256_SHA256, 390 TLS1_CK_RSA_WITH_AES_256_SHA256, 391 SSL_kRSA, 392 SSL_aRSA, 393 SSL_AES256, 394 SSL_SHA256, 395 TLS1_2_VERSION, TLS1_2_VERSION, 396 DTLS1_2_VERSION, DTLS1_2_VERSION, 397 SSL_HIGH | SSL_FIPS, 398 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 399 256, 400 256, 401 }, 402 { 403 1, 404 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 405 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256, 406 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 407 SSL_kDHE, 408 SSL_aDSS, 409 SSL_AES128, 410 SSL_SHA256, 411 TLS1_2_VERSION, TLS1_2_VERSION, 412 DTLS1_2_VERSION, DTLS1_2_VERSION, 413 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 414 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 415 128, 416 128, 417 }, 418 { 419 1, 420 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 421 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256, 422 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 423 SSL_kDHE, 424 SSL_aRSA, 425 SSL_AES128, 426 SSL_SHA256, 427 TLS1_2_VERSION, TLS1_2_VERSION, 428 DTLS1_2_VERSION, DTLS1_2_VERSION, 429 SSL_HIGH | SSL_FIPS, 430 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 431 128, 432 128, 433 }, 434 { 435 1, 436 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 437 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256, 438 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 439 SSL_kDHE, 440 SSL_aDSS, 441 SSL_AES256, 442 SSL_SHA256, 443 TLS1_2_VERSION, TLS1_2_VERSION, 444 DTLS1_2_VERSION, DTLS1_2_VERSION, 445 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 446 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 447 256, 448 256, 449 }, 450 { 451 1, 452 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 453 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256, 454 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 455 SSL_kDHE, 456 SSL_aRSA, 457 SSL_AES256, 458 SSL_SHA256, 459 TLS1_2_VERSION, TLS1_2_VERSION, 460 DTLS1_2_VERSION, DTLS1_2_VERSION, 461 SSL_HIGH | SSL_FIPS, 462 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 463 256, 464 256, 465 }, 466 { 467 1, 468 TLS1_TXT_ADH_WITH_AES_128_SHA256, 469 TLS1_RFC_ADH_WITH_AES_128_SHA256, 470 TLS1_CK_ADH_WITH_AES_128_SHA256, 471 SSL_kDHE, 472 SSL_aNULL, 473 SSL_AES128, 474 SSL_SHA256, 475 TLS1_2_VERSION, TLS1_2_VERSION, 476 DTLS1_2_VERSION, DTLS1_2_VERSION, 477 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 478 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 479 128, 480 128, 481 }, 482 { 483 1, 484 TLS1_TXT_ADH_WITH_AES_256_SHA256, 485 TLS1_RFC_ADH_WITH_AES_256_SHA256, 486 TLS1_CK_ADH_WITH_AES_256_SHA256, 487 SSL_kDHE, 488 SSL_aNULL, 489 SSL_AES256, 490 SSL_SHA256, 491 TLS1_2_VERSION, TLS1_2_VERSION, 492 DTLS1_2_VERSION, DTLS1_2_VERSION, 493 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 494 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 495 256, 496 256, 497 }, 498 { 499 1, 500 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 501 TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256, 502 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 503 SSL_kRSA, 504 SSL_aRSA, 505 SSL_AES128GCM, 506 SSL_AEAD, 507 TLS1_2_VERSION, TLS1_2_VERSION, 508 DTLS1_2_VERSION, DTLS1_2_VERSION, 509 SSL_HIGH | SSL_FIPS, 510 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 511 128, 512 128, 513 }, 514 { 515 1, 516 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 517 TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384, 518 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 519 SSL_kRSA, 520 SSL_aRSA, 521 SSL_AES256GCM, 522 SSL_AEAD, 523 TLS1_2_VERSION, TLS1_2_VERSION, 524 DTLS1_2_VERSION, DTLS1_2_VERSION, 525 SSL_HIGH | SSL_FIPS, 526 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 527 256, 528 256, 529 }, 530 { 531 1, 532 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 533 TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256, 534 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 535 SSL_kDHE, 536 SSL_aRSA, 537 SSL_AES128GCM, 538 SSL_AEAD, 539 TLS1_2_VERSION, TLS1_2_VERSION, 540 DTLS1_2_VERSION, DTLS1_2_VERSION, 541 SSL_HIGH | SSL_FIPS, 542 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 543 128, 544 128, 545 }, 546 { 547 1, 548 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 549 TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384, 550 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 551 SSL_kDHE, 552 SSL_aRSA, 553 SSL_AES256GCM, 554 SSL_AEAD, 555 TLS1_2_VERSION, TLS1_2_VERSION, 556 DTLS1_2_VERSION, DTLS1_2_VERSION, 557 SSL_HIGH | SSL_FIPS, 558 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 559 256, 560 256, 561 }, 562 { 563 1, 564 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 565 TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256, 566 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 567 SSL_kDHE, 568 SSL_aDSS, 569 SSL_AES128GCM, 570 SSL_AEAD, 571 TLS1_2_VERSION, TLS1_2_VERSION, 572 DTLS1_2_VERSION, DTLS1_2_VERSION, 573 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 574 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 575 128, 576 128, 577 }, 578 { 579 1, 580 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 581 TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384, 582 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 583 SSL_kDHE, 584 SSL_aDSS, 585 SSL_AES256GCM, 586 SSL_AEAD, 587 TLS1_2_VERSION, TLS1_2_VERSION, 588 DTLS1_2_VERSION, DTLS1_2_VERSION, 589 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 590 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 591 256, 592 256, 593 }, 594 { 595 1, 596 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 597 TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256, 598 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 599 SSL_kDHE, 600 SSL_aNULL, 601 SSL_AES128GCM, 602 SSL_AEAD, 603 TLS1_2_VERSION, TLS1_2_VERSION, 604 DTLS1_2_VERSION, DTLS1_2_VERSION, 605 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 606 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 607 128, 608 128, 609 }, 610 { 611 1, 612 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 613 TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384, 614 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 615 SSL_kDHE, 616 SSL_aNULL, 617 SSL_AES256GCM, 618 SSL_AEAD, 619 TLS1_2_VERSION, TLS1_2_VERSION, 620 DTLS1_2_VERSION, DTLS1_2_VERSION, 621 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 622 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 623 256, 624 256, 625 }, 626 { 627 1, 628 TLS1_TXT_RSA_WITH_AES_128_CCM, 629 TLS1_RFC_RSA_WITH_AES_128_CCM, 630 TLS1_CK_RSA_WITH_AES_128_CCM, 631 SSL_kRSA, 632 SSL_aRSA, 633 SSL_AES128CCM, 634 SSL_AEAD, 635 TLS1_2_VERSION, TLS1_2_VERSION, 636 DTLS1_2_VERSION, DTLS1_2_VERSION, 637 SSL_NOT_DEFAULT | SSL_HIGH, 638 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 639 128, 640 128, 641 }, 642 { 643 1, 644 TLS1_TXT_RSA_WITH_AES_256_CCM, 645 TLS1_RFC_RSA_WITH_AES_256_CCM, 646 TLS1_CK_RSA_WITH_AES_256_CCM, 647 SSL_kRSA, 648 SSL_aRSA, 649 SSL_AES256CCM, 650 SSL_AEAD, 651 TLS1_2_VERSION, TLS1_2_VERSION, 652 DTLS1_2_VERSION, DTLS1_2_VERSION, 653 SSL_NOT_DEFAULT | SSL_HIGH, 654 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 655 256, 656 256, 657 }, 658 { 659 1, 660 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM, 661 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM, 662 TLS1_CK_DHE_RSA_WITH_AES_128_CCM, 663 SSL_kDHE, 664 SSL_aRSA, 665 SSL_AES128CCM, 666 SSL_AEAD, 667 TLS1_2_VERSION, TLS1_2_VERSION, 668 DTLS1_2_VERSION, DTLS1_2_VERSION, 669 SSL_NOT_DEFAULT | SSL_HIGH, 670 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 671 128, 672 128, 673 }, 674 { 675 1, 676 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM, 677 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM, 678 TLS1_CK_DHE_RSA_WITH_AES_256_CCM, 679 SSL_kDHE, 680 SSL_aRSA, 681 SSL_AES256CCM, 682 SSL_AEAD, 683 TLS1_2_VERSION, TLS1_2_VERSION, 684 DTLS1_2_VERSION, DTLS1_2_VERSION, 685 SSL_NOT_DEFAULT | SSL_HIGH, 686 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 687 256, 688 256, 689 }, 690 { 691 1, 692 TLS1_TXT_RSA_WITH_AES_128_CCM_8, 693 TLS1_RFC_RSA_WITH_AES_128_CCM_8, 694 TLS1_CK_RSA_WITH_AES_128_CCM_8, 695 SSL_kRSA, 696 SSL_aRSA, 697 SSL_AES128CCM8, 698 SSL_AEAD, 699 TLS1_2_VERSION, TLS1_2_VERSION, 700 DTLS1_2_VERSION, DTLS1_2_VERSION, 701 SSL_NOT_DEFAULT | SSL_HIGH, 702 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 703 128, 704 128, 705 }, 706 { 707 1, 708 TLS1_TXT_RSA_WITH_AES_256_CCM_8, 709 TLS1_RFC_RSA_WITH_AES_256_CCM_8, 710 TLS1_CK_RSA_WITH_AES_256_CCM_8, 711 SSL_kRSA, 712 SSL_aRSA, 713 SSL_AES256CCM8, 714 SSL_AEAD, 715 TLS1_2_VERSION, TLS1_2_VERSION, 716 DTLS1_2_VERSION, DTLS1_2_VERSION, 717 SSL_NOT_DEFAULT | SSL_HIGH, 718 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 719 256, 720 256, 721 }, 722 { 723 1, 724 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8, 725 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8, 726 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8, 727 SSL_kDHE, 728 SSL_aRSA, 729 SSL_AES128CCM8, 730 SSL_AEAD, 731 TLS1_2_VERSION, TLS1_2_VERSION, 732 DTLS1_2_VERSION, DTLS1_2_VERSION, 733 SSL_NOT_DEFAULT | SSL_HIGH, 734 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 735 128, 736 128, 737 }, 738 { 739 1, 740 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8, 741 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8, 742 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8, 743 SSL_kDHE, 744 SSL_aRSA, 745 SSL_AES256CCM8, 746 SSL_AEAD, 747 TLS1_2_VERSION, TLS1_2_VERSION, 748 DTLS1_2_VERSION, DTLS1_2_VERSION, 749 SSL_NOT_DEFAULT | SSL_HIGH, 750 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 751 256, 752 256, 753 }, 754 { 755 1, 756 TLS1_TXT_PSK_WITH_AES_128_CCM, 757 TLS1_RFC_PSK_WITH_AES_128_CCM, 758 TLS1_CK_PSK_WITH_AES_128_CCM, 759 SSL_kPSK, 760 SSL_aPSK, 761 SSL_AES128CCM, 762 SSL_AEAD, 763 TLS1_2_VERSION, TLS1_2_VERSION, 764 DTLS1_2_VERSION, DTLS1_2_VERSION, 765 SSL_NOT_DEFAULT | SSL_HIGH, 766 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 767 128, 768 128, 769 }, 770 { 771 1, 772 TLS1_TXT_PSK_WITH_AES_256_CCM, 773 TLS1_RFC_PSK_WITH_AES_256_CCM, 774 TLS1_CK_PSK_WITH_AES_256_CCM, 775 SSL_kPSK, 776 SSL_aPSK, 777 SSL_AES256CCM, 778 SSL_AEAD, 779 TLS1_2_VERSION, TLS1_2_VERSION, 780 DTLS1_2_VERSION, DTLS1_2_VERSION, 781 SSL_NOT_DEFAULT | SSL_HIGH, 782 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 783 256, 784 256, 785 }, 786 { 787 1, 788 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM, 789 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM, 790 TLS1_CK_DHE_PSK_WITH_AES_128_CCM, 791 SSL_kDHEPSK, 792 SSL_aPSK, 793 SSL_AES128CCM, 794 SSL_AEAD, 795 TLS1_2_VERSION, TLS1_2_VERSION, 796 DTLS1_2_VERSION, DTLS1_2_VERSION, 797 SSL_NOT_DEFAULT | SSL_HIGH, 798 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 799 128, 800 128, 801 }, 802 { 803 1, 804 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM, 805 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM, 806 TLS1_CK_DHE_PSK_WITH_AES_256_CCM, 807 SSL_kDHEPSK, 808 SSL_aPSK, 809 SSL_AES256CCM, 810 SSL_AEAD, 811 TLS1_2_VERSION, TLS1_2_VERSION, 812 DTLS1_2_VERSION, DTLS1_2_VERSION, 813 SSL_NOT_DEFAULT | SSL_HIGH, 814 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 815 256, 816 256, 817 }, 818 { 819 1, 820 TLS1_TXT_PSK_WITH_AES_128_CCM_8, 821 TLS1_RFC_PSK_WITH_AES_128_CCM_8, 822 TLS1_CK_PSK_WITH_AES_128_CCM_8, 823 SSL_kPSK, 824 SSL_aPSK, 825 SSL_AES128CCM8, 826 SSL_AEAD, 827 TLS1_2_VERSION, TLS1_2_VERSION, 828 DTLS1_2_VERSION, DTLS1_2_VERSION, 829 SSL_NOT_DEFAULT | SSL_HIGH, 830 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 831 128, 832 128, 833 }, 834 { 835 1, 836 TLS1_TXT_PSK_WITH_AES_256_CCM_8, 837 TLS1_RFC_PSK_WITH_AES_256_CCM_8, 838 TLS1_CK_PSK_WITH_AES_256_CCM_8, 839 SSL_kPSK, 840 SSL_aPSK, 841 SSL_AES256CCM8, 842 SSL_AEAD, 843 TLS1_2_VERSION, TLS1_2_VERSION, 844 DTLS1_2_VERSION, DTLS1_2_VERSION, 845 SSL_NOT_DEFAULT | SSL_HIGH, 846 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 847 256, 848 256, 849 }, 850 { 851 1, 852 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8, 853 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8, 854 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8, 855 SSL_kDHEPSK, 856 SSL_aPSK, 857 SSL_AES128CCM8, 858 SSL_AEAD, 859 TLS1_2_VERSION, TLS1_2_VERSION, 860 DTLS1_2_VERSION, DTLS1_2_VERSION, 861 SSL_NOT_DEFAULT | SSL_HIGH, 862 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 863 128, 864 128, 865 }, 866 { 867 1, 868 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8, 869 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8, 870 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8, 871 SSL_kDHEPSK, 872 SSL_aPSK, 873 SSL_AES256CCM8, 874 SSL_AEAD, 875 TLS1_2_VERSION, TLS1_2_VERSION, 876 DTLS1_2_VERSION, DTLS1_2_VERSION, 877 SSL_NOT_DEFAULT | SSL_HIGH, 878 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 879 256, 880 256, 881 }, 882 { 883 1, 884 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM, 885 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM, 886 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM, 887 SSL_kECDHE, 888 SSL_aECDSA, 889 SSL_AES128CCM, 890 SSL_AEAD, 891 TLS1_2_VERSION, TLS1_2_VERSION, 892 DTLS1_2_VERSION, DTLS1_2_VERSION, 893 SSL_NOT_DEFAULT | SSL_HIGH, 894 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 895 128, 896 128, 897 }, 898 { 899 1, 900 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM, 901 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM, 902 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM, 903 SSL_kECDHE, 904 SSL_aECDSA, 905 SSL_AES256CCM, 906 SSL_AEAD, 907 TLS1_2_VERSION, TLS1_2_VERSION, 908 DTLS1_2_VERSION, DTLS1_2_VERSION, 909 SSL_NOT_DEFAULT | SSL_HIGH, 910 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 911 256, 912 256, 913 }, 914 { 915 1, 916 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8, 917 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8, 918 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8, 919 SSL_kECDHE, 920 SSL_aECDSA, 921 SSL_AES128CCM8, 922 SSL_AEAD, 923 TLS1_2_VERSION, TLS1_2_VERSION, 924 DTLS1_2_VERSION, DTLS1_2_VERSION, 925 SSL_NOT_DEFAULT | SSL_HIGH, 926 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 927 128, 928 128, 929 }, 930 { 931 1, 932 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8, 933 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8, 934 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8, 935 SSL_kECDHE, 936 SSL_aECDSA, 937 SSL_AES256CCM8, 938 SSL_AEAD, 939 TLS1_2_VERSION, TLS1_2_VERSION, 940 DTLS1_2_VERSION, DTLS1_2_VERSION, 941 SSL_NOT_DEFAULT | SSL_HIGH, 942 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 943 256, 944 256, 945 }, 946 { 947 1, 948 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 949 TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA, 950 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 951 SSL_kECDHE, 952 SSL_aECDSA, 953 SSL_eNULL, 954 SSL_SHA1, 955 TLS1_VERSION, TLS1_2_VERSION, 956 DTLS1_BAD_VER, DTLS1_2_VERSION, 957 SSL_STRONG_NONE | SSL_FIPS, 958 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 959 0, 960 0, 961 }, 962# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 963 { 964 1, 965 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 966 TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 967 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 968 SSL_kECDHE, 969 SSL_aECDSA, 970 SSL_3DES, 971 SSL_SHA1, 972 TLS1_VERSION, TLS1_2_VERSION, 973 DTLS1_BAD_VER, DTLS1_2_VERSION, 974 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 975 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 976 112, 977 168, 978 }, 979# endif 980 { 981 1, 982 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 983 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 984 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 985 SSL_kECDHE, 986 SSL_aECDSA, 987 SSL_AES128, 988 SSL_SHA1, 989 TLS1_VERSION, TLS1_2_VERSION, 990 DTLS1_BAD_VER, DTLS1_2_VERSION, 991 SSL_HIGH | SSL_FIPS, 992 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 993 128, 994 128, 995 }, 996 { 997 1, 998 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 999 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1000 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1001 SSL_kECDHE, 1002 SSL_aECDSA, 1003 SSL_AES256, 1004 SSL_SHA1, 1005 TLS1_VERSION, TLS1_2_VERSION, 1006 DTLS1_BAD_VER, DTLS1_2_VERSION, 1007 SSL_HIGH | SSL_FIPS, 1008 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1009 256, 1010 256, 1011 }, 1012 { 1013 1, 1014 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 1015 TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA, 1016 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 1017 SSL_kECDHE, 1018 SSL_aRSA, 1019 SSL_eNULL, 1020 SSL_SHA1, 1021 TLS1_VERSION, TLS1_2_VERSION, 1022 DTLS1_BAD_VER, DTLS1_2_VERSION, 1023 SSL_STRONG_NONE | SSL_FIPS, 1024 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1025 0, 1026 0, 1027 }, 1028# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1029 { 1030 1, 1031 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1032 TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1033 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1034 SSL_kECDHE, 1035 SSL_aRSA, 1036 SSL_3DES, 1037 SSL_SHA1, 1038 TLS1_VERSION, TLS1_2_VERSION, 1039 DTLS1_BAD_VER, DTLS1_2_VERSION, 1040 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1041 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1042 112, 1043 168, 1044 }, 1045# endif 1046 { 1047 1, 1048 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1049 TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1050 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1051 SSL_kECDHE, 1052 SSL_aRSA, 1053 SSL_AES128, 1054 SSL_SHA1, 1055 TLS1_VERSION, TLS1_2_VERSION, 1056 DTLS1_BAD_VER, DTLS1_2_VERSION, 1057 SSL_HIGH | SSL_FIPS, 1058 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1059 128, 1060 128, 1061 }, 1062 { 1063 1, 1064 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1065 TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1066 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1067 SSL_kECDHE, 1068 SSL_aRSA, 1069 SSL_AES256, 1070 SSL_SHA1, 1071 TLS1_VERSION, TLS1_2_VERSION, 1072 DTLS1_BAD_VER, DTLS1_2_VERSION, 1073 SSL_HIGH | SSL_FIPS, 1074 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1075 256, 1076 256, 1077 }, 1078 { 1079 1, 1080 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 1081 TLS1_RFC_ECDH_anon_WITH_NULL_SHA, 1082 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 1083 SSL_kECDHE, 1084 SSL_aNULL, 1085 SSL_eNULL, 1086 SSL_SHA1, 1087 TLS1_VERSION, TLS1_2_VERSION, 1088 DTLS1_BAD_VER, DTLS1_2_VERSION, 1089 SSL_STRONG_NONE | SSL_FIPS, 1090 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1091 0, 1092 0, 1093 }, 1094# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1095 { 1096 1, 1097 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 1098 TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA, 1099 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 1100 SSL_kECDHE, 1101 SSL_aNULL, 1102 SSL_3DES, 1103 SSL_SHA1, 1104 TLS1_VERSION, TLS1_2_VERSION, 1105 DTLS1_BAD_VER, DTLS1_2_VERSION, 1106 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1107 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1108 112, 1109 168, 1110 }, 1111# endif 1112 { 1113 1, 1114 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 1115 TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA, 1116 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 1117 SSL_kECDHE, 1118 SSL_aNULL, 1119 SSL_AES128, 1120 SSL_SHA1, 1121 TLS1_VERSION, TLS1_2_VERSION, 1122 DTLS1_BAD_VER, DTLS1_2_VERSION, 1123 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 1124 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1125 128, 1126 128, 1127 }, 1128 { 1129 1, 1130 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 1131 TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA, 1132 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 1133 SSL_kECDHE, 1134 SSL_aNULL, 1135 SSL_AES256, 1136 SSL_SHA1, 1137 TLS1_VERSION, TLS1_2_VERSION, 1138 DTLS1_BAD_VER, DTLS1_2_VERSION, 1139 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS, 1140 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1141 256, 1142 256, 1143 }, 1144 { 1145 1, 1146 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 1147 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256, 1148 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 1149 SSL_kECDHE, 1150 SSL_aECDSA, 1151 SSL_AES128, 1152 SSL_SHA256, 1153 TLS1_2_VERSION, TLS1_2_VERSION, 1154 DTLS1_2_VERSION, DTLS1_2_VERSION, 1155 SSL_HIGH | SSL_FIPS, 1156 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1157 128, 1158 128, 1159 }, 1160 { 1161 1, 1162 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 1163 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384, 1164 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 1165 SSL_kECDHE, 1166 SSL_aECDSA, 1167 SSL_AES256, 1168 SSL_SHA384, 1169 TLS1_2_VERSION, TLS1_2_VERSION, 1170 DTLS1_2_VERSION, DTLS1_2_VERSION, 1171 SSL_HIGH | SSL_FIPS, 1172 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1173 256, 1174 256, 1175 }, 1176 { 1177 1, 1178 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 1179 TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256, 1180 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 1181 SSL_kECDHE, 1182 SSL_aRSA, 1183 SSL_AES128, 1184 SSL_SHA256, 1185 TLS1_2_VERSION, TLS1_2_VERSION, 1186 DTLS1_2_VERSION, DTLS1_2_VERSION, 1187 SSL_HIGH | SSL_FIPS, 1188 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1189 128, 1190 128, 1191 }, 1192 { 1193 1, 1194 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 1195 TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384, 1196 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 1197 SSL_kECDHE, 1198 SSL_aRSA, 1199 SSL_AES256, 1200 SSL_SHA384, 1201 TLS1_2_VERSION, TLS1_2_VERSION, 1202 DTLS1_2_VERSION, DTLS1_2_VERSION, 1203 SSL_HIGH | SSL_FIPS, 1204 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1205 256, 1206 256, 1207 }, 1208 { 1209 1, 1210 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 1211 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 1212 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 1213 SSL_kECDHE, 1214 SSL_aECDSA, 1215 SSL_AES128GCM, 1216 SSL_AEAD, 1217 TLS1_2_VERSION, TLS1_2_VERSION, 1218 DTLS1_2_VERSION, DTLS1_2_VERSION, 1219 SSL_HIGH | SSL_FIPS, 1220 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1221 128, 1222 128, 1223 }, 1224 { 1225 1, 1226 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 1227 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 1228 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 1229 SSL_kECDHE, 1230 SSL_aECDSA, 1231 SSL_AES256GCM, 1232 SSL_AEAD, 1233 TLS1_2_VERSION, TLS1_2_VERSION, 1234 DTLS1_2_VERSION, DTLS1_2_VERSION, 1235 SSL_HIGH | SSL_FIPS, 1236 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1237 256, 1238 256, 1239 }, 1240 { 1241 1, 1242 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 1243 TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 1244 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 1245 SSL_kECDHE, 1246 SSL_aRSA, 1247 SSL_AES128GCM, 1248 SSL_AEAD, 1249 TLS1_2_VERSION, TLS1_2_VERSION, 1250 DTLS1_2_VERSION, DTLS1_2_VERSION, 1251 SSL_HIGH | SSL_FIPS, 1252 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1253 128, 1254 128, 1255 }, 1256 { 1257 1, 1258 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 1259 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 1260 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 1261 SSL_kECDHE, 1262 SSL_aRSA, 1263 SSL_AES256GCM, 1264 SSL_AEAD, 1265 TLS1_2_VERSION, TLS1_2_VERSION, 1266 DTLS1_2_VERSION, DTLS1_2_VERSION, 1267 SSL_HIGH | SSL_FIPS, 1268 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1269 256, 1270 256, 1271 }, 1272 { 1273 1, 1274 TLS1_TXT_PSK_WITH_NULL_SHA, 1275 TLS1_RFC_PSK_WITH_NULL_SHA, 1276 TLS1_CK_PSK_WITH_NULL_SHA, 1277 SSL_kPSK, 1278 SSL_aPSK, 1279 SSL_eNULL, 1280 SSL_SHA1, 1281 SSL3_VERSION, TLS1_2_VERSION, 1282 DTLS1_BAD_VER, DTLS1_2_VERSION, 1283 SSL_STRONG_NONE | SSL_FIPS, 1284 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1285 0, 1286 0, 1287 }, 1288 { 1289 1, 1290 TLS1_TXT_DHE_PSK_WITH_NULL_SHA, 1291 TLS1_RFC_DHE_PSK_WITH_NULL_SHA, 1292 TLS1_CK_DHE_PSK_WITH_NULL_SHA, 1293 SSL_kDHEPSK, 1294 SSL_aPSK, 1295 SSL_eNULL, 1296 SSL_SHA1, 1297 SSL3_VERSION, TLS1_2_VERSION, 1298 DTLS1_BAD_VER, DTLS1_2_VERSION, 1299 SSL_STRONG_NONE | SSL_FIPS, 1300 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1301 0, 1302 0, 1303 }, 1304 { 1305 1, 1306 TLS1_TXT_RSA_PSK_WITH_NULL_SHA, 1307 TLS1_RFC_RSA_PSK_WITH_NULL_SHA, 1308 TLS1_CK_RSA_PSK_WITH_NULL_SHA, 1309 SSL_kRSAPSK, 1310 SSL_aRSA, 1311 SSL_eNULL, 1312 SSL_SHA1, 1313 SSL3_VERSION, TLS1_2_VERSION, 1314 DTLS1_BAD_VER, DTLS1_2_VERSION, 1315 SSL_STRONG_NONE | SSL_FIPS, 1316 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1317 0, 1318 0, 1319 }, 1320# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1321 { 1322 1, 1323 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1324 TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA, 1325 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1326 SSL_kPSK, 1327 SSL_aPSK, 1328 SSL_3DES, 1329 SSL_SHA1, 1330 SSL3_VERSION, TLS1_2_VERSION, 1331 DTLS1_BAD_VER, DTLS1_2_VERSION, 1332 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1333 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1334 112, 1335 168, 1336 }, 1337# endif 1338 { 1339 1, 1340 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1341 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA, 1342 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1343 SSL_kPSK, 1344 SSL_aPSK, 1345 SSL_AES128, 1346 SSL_SHA1, 1347 SSL3_VERSION, TLS1_2_VERSION, 1348 DTLS1_BAD_VER, DTLS1_2_VERSION, 1349 SSL_HIGH | SSL_FIPS, 1350 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1351 128, 1352 128, 1353 }, 1354 { 1355 1, 1356 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1357 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA, 1358 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1359 SSL_kPSK, 1360 SSL_aPSK, 1361 SSL_AES256, 1362 SSL_SHA1, 1363 SSL3_VERSION, TLS1_2_VERSION, 1364 DTLS1_BAD_VER, DTLS1_2_VERSION, 1365 SSL_HIGH | SSL_FIPS, 1366 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1367 256, 1368 256, 1369 }, 1370# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1371 { 1372 1, 1373 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 1374 TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 1375 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 1376 SSL_kDHEPSK, 1377 SSL_aPSK, 1378 SSL_3DES, 1379 SSL_SHA1, 1380 SSL3_VERSION, TLS1_2_VERSION, 1381 DTLS1_BAD_VER, DTLS1_2_VERSION, 1382 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1383 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1384 112, 1385 168, 1386 }, 1387# endif 1388 { 1389 1, 1390 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA, 1391 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA, 1392 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA, 1393 SSL_kDHEPSK, 1394 SSL_aPSK, 1395 SSL_AES128, 1396 SSL_SHA1, 1397 SSL3_VERSION, TLS1_2_VERSION, 1398 DTLS1_BAD_VER, DTLS1_2_VERSION, 1399 SSL_HIGH | SSL_FIPS, 1400 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1401 128, 1402 128, 1403 }, 1404 { 1405 1, 1406 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA, 1407 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA, 1408 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA, 1409 SSL_kDHEPSK, 1410 SSL_aPSK, 1411 SSL_AES256, 1412 SSL_SHA1, 1413 SSL3_VERSION, TLS1_2_VERSION, 1414 DTLS1_BAD_VER, DTLS1_2_VERSION, 1415 SSL_HIGH | SSL_FIPS, 1416 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1417 256, 1418 256, 1419 }, 1420# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1421 { 1422 1, 1423 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 1424 TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 1425 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 1426 SSL_kRSAPSK, 1427 SSL_aRSA, 1428 SSL_3DES, 1429 SSL_SHA1, 1430 SSL3_VERSION, TLS1_2_VERSION, 1431 DTLS1_BAD_VER, DTLS1_2_VERSION, 1432 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1433 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1434 112, 1435 168, 1436 }, 1437# endif 1438 { 1439 1, 1440 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA, 1441 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA, 1442 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA, 1443 SSL_kRSAPSK, 1444 SSL_aRSA, 1445 SSL_AES128, 1446 SSL_SHA1, 1447 SSL3_VERSION, TLS1_2_VERSION, 1448 DTLS1_BAD_VER, DTLS1_2_VERSION, 1449 SSL_HIGH | SSL_FIPS, 1450 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1451 128, 1452 128, 1453 }, 1454 { 1455 1, 1456 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA, 1457 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA, 1458 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA, 1459 SSL_kRSAPSK, 1460 SSL_aRSA, 1461 SSL_AES256, 1462 SSL_SHA1, 1463 SSL3_VERSION, TLS1_2_VERSION, 1464 DTLS1_BAD_VER, DTLS1_2_VERSION, 1465 SSL_HIGH | SSL_FIPS, 1466 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1467 256, 1468 256, 1469 }, 1470 { 1471 1, 1472 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256, 1473 TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256, 1474 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256, 1475 SSL_kPSK, 1476 SSL_aPSK, 1477 SSL_AES128GCM, 1478 SSL_AEAD, 1479 TLS1_2_VERSION, TLS1_2_VERSION, 1480 DTLS1_2_VERSION, DTLS1_2_VERSION, 1481 SSL_HIGH | SSL_FIPS, 1482 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1483 128, 1484 128, 1485 }, 1486 { 1487 1, 1488 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384, 1489 TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384, 1490 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384, 1491 SSL_kPSK, 1492 SSL_aPSK, 1493 SSL_AES256GCM, 1494 SSL_AEAD, 1495 TLS1_2_VERSION, TLS1_2_VERSION, 1496 DTLS1_2_VERSION, DTLS1_2_VERSION, 1497 SSL_HIGH | SSL_FIPS, 1498 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1499 256, 1500 256, 1501 }, 1502 { 1503 1, 1504 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256, 1505 TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256, 1506 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256, 1507 SSL_kDHEPSK, 1508 SSL_aPSK, 1509 SSL_AES128GCM, 1510 SSL_AEAD, 1511 TLS1_2_VERSION, TLS1_2_VERSION, 1512 DTLS1_2_VERSION, DTLS1_2_VERSION, 1513 SSL_HIGH | SSL_FIPS, 1514 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1515 128, 1516 128, 1517 }, 1518 { 1519 1, 1520 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384, 1521 TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384, 1522 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384, 1523 SSL_kDHEPSK, 1524 SSL_aPSK, 1525 SSL_AES256GCM, 1526 SSL_AEAD, 1527 TLS1_2_VERSION, TLS1_2_VERSION, 1528 DTLS1_2_VERSION, DTLS1_2_VERSION, 1529 SSL_HIGH | SSL_FIPS, 1530 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1531 256, 1532 256, 1533 }, 1534 { 1535 1, 1536 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256, 1537 TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256, 1538 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256, 1539 SSL_kRSAPSK, 1540 SSL_aRSA, 1541 SSL_AES128GCM, 1542 SSL_AEAD, 1543 TLS1_2_VERSION, TLS1_2_VERSION, 1544 DTLS1_2_VERSION, DTLS1_2_VERSION, 1545 SSL_HIGH | SSL_FIPS, 1546 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 1547 128, 1548 128, 1549 }, 1550 { 1551 1, 1552 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384, 1553 TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384, 1554 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384, 1555 SSL_kRSAPSK, 1556 SSL_aRSA, 1557 SSL_AES256GCM, 1558 SSL_AEAD, 1559 TLS1_2_VERSION, TLS1_2_VERSION, 1560 DTLS1_2_VERSION, DTLS1_2_VERSION, 1561 SSL_HIGH | SSL_FIPS, 1562 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1563 256, 1564 256, 1565 }, 1566 { 1567 1, 1568 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256, 1569 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256, 1570 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256, 1571 SSL_kPSK, 1572 SSL_aPSK, 1573 SSL_AES128, 1574 SSL_SHA256, 1575 TLS1_VERSION, TLS1_2_VERSION, 1576 DTLS1_BAD_VER, DTLS1_2_VERSION, 1577 SSL_HIGH | SSL_FIPS, 1578 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1579 128, 1580 128, 1581 }, 1582 { 1583 1, 1584 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384, 1585 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384, 1586 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384, 1587 SSL_kPSK, 1588 SSL_aPSK, 1589 SSL_AES256, 1590 SSL_SHA384, 1591 TLS1_VERSION, TLS1_2_VERSION, 1592 DTLS1_BAD_VER, DTLS1_2_VERSION, 1593 SSL_HIGH | SSL_FIPS, 1594 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1595 256, 1596 256, 1597 }, 1598 { 1599 1, 1600 TLS1_TXT_PSK_WITH_NULL_SHA256, 1601 TLS1_RFC_PSK_WITH_NULL_SHA256, 1602 TLS1_CK_PSK_WITH_NULL_SHA256, 1603 SSL_kPSK, 1604 SSL_aPSK, 1605 SSL_eNULL, 1606 SSL_SHA256, 1607 TLS1_VERSION, TLS1_2_VERSION, 1608 DTLS1_BAD_VER, DTLS1_2_VERSION, 1609 SSL_STRONG_NONE | SSL_FIPS, 1610 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1611 0, 1612 0, 1613 }, 1614 { 1615 1, 1616 TLS1_TXT_PSK_WITH_NULL_SHA384, 1617 TLS1_RFC_PSK_WITH_NULL_SHA384, 1618 TLS1_CK_PSK_WITH_NULL_SHA384, 1619 SSL_kPSK, 1620 SSL_aPSK, 1621 SSL_eNULL, 1622 SSL_SHA384, 1623 TLS1_VERSION, TLS1_2_VERSION, 1624 DTLS1_BAD_VER, DTLS1_2_VERSION, 1625 SSL_STRONG_NONE | SSL_FIPS, 1626 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1627 0, 1628 0, 1629 }, 1630 { 1631 1, 1632 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256, 1633 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256, 1634 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256, 1635 SSL_kDHEPSK, 1636 SSL_aPSK, 1637 SSL_AES128, 1638 SSL_SHA256, 1639 TLS1_VERSION, TLS1_2_VERSION, 1640 DTLS1_BAD_VER, DTLS1_2_VERSION, 1641 SSL_HIGH | SSL_FIPS, 1642 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1643 128, 1644 128, 1645 }, 1646 { 1647 1, 1648 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384, 1649 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384, 1650 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384, 1651 SSL_kDHEPSK, 1652 SSL_aPSK, 1653 SSL_AES256, 1654 SSL_SHA384, 1655 TLS1_VERSION, TLS1_2_VERSION, 1656 DTLS1_BAD_VER, DTLS1_2_VERSION, 1657 SSL_HIGH | SSL_FIPS, 1658 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1659 256, 1660 256, 1661 }, 1662 { 1663 1, 1664 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256, 1665 TLS1_RFC_DHE_PSK_WITH_NULL_SHA256, 1666 TLS1_CK_DHE_PSK_WITH_NULL_SHA256, 1667 SSL_kDHEPSK, 1668 SSL_aPSK, 1669 SSL_eNULL, 1670 SSL_SHA256, 1671 TLS1_VERSION, TLS1_2_VERSION, 1672 DTLS1_BAD_VER, DTLS1_2_VERSION, 1673 SSL_STRONG_NONE | SSL_FIPS, 1674 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1675 0, 1676 0, 1677 }, 1678 { 1679 1, 1680 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384, 1681 TLS1_RFC_DHE_PSK_WITH_NULL_SHA384, 1682 TLS1_CK_DHE_PSK_WITH_NULL_SHA384, 1683 SSL_kDHEPSK, 1684 SSL_aPSK, 1685 SSL_eNULL, 1686 SSL_SHA384, 1687 TLS1_VERSION, TLS1_2_VERSION, 1688 DTLS1_BAD_VER, DTLS1_2_VERSION, 1689 SSL_STRONG_NONE | SSL_FIPS, 1690 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1691 0, 1692 0, 1693 }, 1694 { 1695 1, 1696 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256, 1697 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256, 1698 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256, 1699 SSL_kRSAPSK, 1700 SSL_aRSA, 1701 SSL_AES128, 1702 SSL_SHA256, 1703 TLS1_VERSION, TLS1_2_VERSION, 1704 DTLS1_BAD_VER, DTLS1_2_VERSION, 1705 SSL_HIGH | SSL_FIPS, 1706 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1707 128, 1708 128, 1709 }, 1710 { 1711 1, 1712 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384, 1713 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384, 1714 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384, 1715 SSL_kRSAPSK, 1716 SSL_aRSA, 1717 SSL_AES256, 1718 SSL_SHA384, 1719 TLS1_VERSION, TLS1_2_VERSION, 1720 DTLS1_BAD_VER, DTLS1_2_VERSION, 1721 SSL_HIGH | SSL_FIPS, 1722 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1723 256, 1724 256, 1725 }, 1726 { 1727 1, 1728 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256, 1729 TLS1_RFC_RSA_PSK_WITH_NULL_SHA256, 1730 TLS1_CK_RSA_PSK_WITH_NULL_SHA256, 1731 SSL_kRSAPSK, 1732 SSL_aRSA, 1733 SSL_eNULL, 1734 SSL_SHA256, 1735 TLS1_VERSION, TLS1_2_VERSION, 1736 DTLS1_BAD_VER, DTLS1_2_VERSION, 1737 SSL_STRONG_NONE | SSL_FIPS, 1738 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1739 0, 1740 0, 1741 }, 1742 { 1743 1, 1744 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384, 1745 TLS1_RFC_RSA_PSK_WITH_NULL_SHA384, 1746 TLS1_CK_RSA_PSK_WITH_NULL_SHA384, 1747 SSL_kRSAPSK, 1748 SSL_aRSA, 1749 SSL_eNULL, 1750 SSL_SHA384, 1751 TLS1_VERSION, TLS1_2_VERSION, 1752 DTLS1_BAD_VER, DTLS1_2_VERSION, 1753 SSL_STRONG_NONE | SSL_FIPS, 1754 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1755 0, 1756 0, 1757 }, 1758# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1759 { 1760 1, 1761 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 1762 TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 1763 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 1764 SSL_kECDHEPSK, 1765 SSL_aPSK, 1766 SSL_3DES, 1767 SSL_SHA1, 1768 TLS1_VERSION, TLS1_2_VERSION, 1769 DTLS1_BAD_VER, DTLS1_2_VERSION, 1770 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS, 1771 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1772 112, 1773 168, 1774 }, 1775# endif 1776 { 1777 1, 1778 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, 1779 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA, 1780 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, 1781 SSL_kECDHEPSK, 1782 SSL_aPSK, 1783 SSL_AES128, 1784 SSL_SHA1, 1785 TLS1_VERSION, TLS1_2_VERSION, 1786 DTLS1_BAD_VER, DTLS1_2_VERSION, 1787 SSL_HIGH | SSL_FIPS, 1788 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1789 128, 1790 128, 1791 }, 1792 { 1793 1, 1794 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, 1795 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA, 1796 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, 1797 SSL_kECDHEPSK, 1798 SSL_aPSK, 1799 SSL_AES256, 1800 SSL_SHA1, 1801 TLS1_VERSION, TLS1_2_VERSION, 1802 DTLS1_BAD_VER, DTLS1_2_VERSION, 1803 SSL_HIGH | SSL_FIPS, 1804 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1805 256, 1806 256, 1807 }, 1808 { 1809 1, 1810 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 1811 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 1812 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 1813 SSL_kECDHEPSK, 1814 SSL_aPSK, 1815 SSL_AES128, 1816 SSL_SHA256, 1817 TLS1_VERSION, TLS1_2_VERSION, 1818 DTLS1_BAD_VER, DTLS1_2_VERSION, 1819 SSL_HIGH | SSL_FIPS, 1820 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1821 128, 1822 128, 1823 }, 1824 { 1825 1, 1826 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 1827 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 1828 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 1829 SSL_kECDHEPSK, 1830 SSL_aPSK, 1831 SSL_AES256, 1832 SSL_SHA384, 1833 TLS1_VERSION, TLS1_2_VERSION, 1834 DTLS1_BAD_VER, DTLS1_2_VERSION, 1835 SSL_HIGH | SSL_FIPS, 1836 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1837 256, 1838 256, 1839 }, 1840 { 1841 1, 1842 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA, 1843 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA, 1844 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA, 1845 SSL_kECDHEPSK, 1846 SSL_aPSK, 1847 SSL_eNULL, 1848 SSL_SHA1, 1849 TLS1_VERSION, TLS1_2_VERSION, 1850 DTLS1_BAD_VER, DTLS1_2_VERSION, 1851 SSL_STRONG_NONE | SSL_FIPS, 1852 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1853 0, 1854 0, 1855 }, 1856 { 1857 1, 1858 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256, 1859 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256, 1860 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256, 1861 SSL_kECDHEPSK, 1862 SSL_aPSK, 1863 SSL_eNULL, 1864 SSL_SHA256, 1865 TLS1_VERSION, TLS1_2_VERSION, 1866 DTLS1_BAD_VER, DTLS1_2_VERSION, 1867 SSL_STRONG_NONE | SSL_FIPS, 1868 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1869 0, 1870 0, 1871 }, 1872 { 1873 1, 1874 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384, 1875 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384, 1876 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384, 1877 SSL_kECDHEPSK, 1878 SSL_aPSK, 1879 SSL_eNULL, 1880 SSL_SHA384, 1881 TLS1_VERSION, TLS1_2_VERSION, 1882 DTLS1_BAD_VER, DTLS1_2_VERSION, 1883 SSL_STRONG_NONE | SSL_FIPS, 1884 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 1885 0, 1886 0, 1887 }, 1888 1889# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 1890 { 1891 1, 1892 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 1893 TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 1894 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 1895 SSL_kSRP, 1896 SSL_aSRP, 1897 SSL_3DES, 1898 SSL_SHA1, 1899 SSL3_VERSION, TLS1_2_VERSION, 1900 DTLS1_BAD_VER, DTLS1_2_VERSION, 1901 SSL_NOT_DEFAULT | SSL_MEDIUM, 1902 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1903 112, 1904 168, 1905 }, 1906 { 1907 1, 1908 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 1909 TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 1910 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 1911 SSL_kSRP, 1912 SSL_aRSA, 1913 SSL_3DES, 1914 SSL_SHA1, 1915 SSL3_VERSION, TLS1_2_VERSION, 1916 DTLS1_BAD_VER, DTLS1_2_VERSION, 1917 SSL_NOT_DEFAULT | SSL_MEDIUM, 1918 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1919 112, 1920 168, 1921 }, 1922 { 1923 1, 1924 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 1925 TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 1926 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 1927 SSL_kSRP, 1928 SSL_aDSS, 1929 SSL_3DES, 1930 SSL_SHA1, 1931 SSL3_VERSION, TLS1_2_VERSION, 1932 DTLS1_BAD_VER, DTLS1_2_VERSION, 1933 SSL_NOT_DEFAULT | SSL_MEDIUM, 1934 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1935 112, 1936 168, 1937 }, 1938# endif 1939 { 1940 1, 1941 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA, 1942 TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA, 1943 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA, 1944 SSL_kSRP, 1945 SSL_aSRP, 1946 SSL_AES128, 1947 SSL_SHA1, 1948 SSL3_VERSION, TLS1_2_VERSION, 1949 DTLS1_BAD_VER, DTLS1_2_VERSION, 1950 SSL_HIGH, 1951 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1952 128, 1953 128, 1954 }, 1955 { 1956 1, 1957 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 1958 TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 1959 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 1960 SSL_kSRP, 1961 SSL_aRSA, 1962 SSL_AES128, 1963 SSL_SHA1, 1964 SSL3_VERSION, TLS1_2_VERSION, 1965 DTLS1_BAD_VER, DTLS1_2_VERSION, 1966 SSL_HIGH, 1967 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1968 128, 1969 128, 1970 }, 1971 { 1972 1, 1973 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 1974 TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 1975 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 1976 SSL_kSRP, 1977 SSL_aDSS, 1978 SSL_AES128, 1979 SSL_SHA1, 1980 SSL3_VERSION, TLS1_2_VERSION, 1981 DTLS1_BAD_VER, DTLS1_2_VERSION, 1982 SSL_NOT_DEFAULT | SSL_HIGH, 1983 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 1984 128, 1985 128, 1986 }, 1987 { 1988 1, 1989 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA, 1990 TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA, 1991 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA, 1992 SSL_kSRP, 1993 SSL_aSRP, 1994 SSL_AES256, 1995 SSL_SHA1, 1996 SSL3_VERSION, TLS1_2_VERSION, 1997 DTLS1_BAD_VER, DTLS1_2_VERSION, 1998 SSL_HIGH, 1999 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2000 256, 2001 256, 2002 }, 2003 { 2004 1, 2005 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2006 TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2007 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 2008 SSL_kSRP, 2009 SSL_aRSA, 2010 SSL_AES256, 2011 SSL_SHA1, 2012 SSL3_VERSION, TLS1_2_VERSION, 2013 DTLS1_BAD_VER, DTLS1_2_VERSION, 2014 SSL_HIGH, 2015 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2016 256, 2017 256, 2018 }, 2019 { 2020 1, 2021 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2022 TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2023 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 2024 SSL_kSRP, 2025 SSL_aDSS, 2026 SSL_AES256, 2027 SSL_SHA1, 2028 SSL3_VERSION, TLS1_2_VERSION, 2029 DTLS1_BAD_VER, DTLS1_2_VERSION, 2030 SSL_NOT_DEFAULT | SSL_HIGH, 2031 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2032 256, 2033 256, 2034 }, 2035 2036#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 2037 { 2038 1, 2039 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305, 2040 TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305, 2041 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305, 2042 SSL_kDHE, 2043 SSL_aRSA, 2044 SSL_CHACHA20POLY1305, 2045 SSL_AEAD, 2046 TLS1_2_VERSION, TLS1_2_VERSION, 2047 DTLS1_2_VERSION, DTLS1_2_VERSION, 2048 SSL_HIGH, 2049 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2050 256, 2051 256, 2052 }, 2053 { 2054 1, 2055 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, 2056 TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305, 2057 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, 2058 SSL_kECDHE, 2059 SSL_aRSA, 2060 SSL_CHACHA20POLY1305, 2061 SSL_AEAD, 2062 TLS1_2_VERSION, TLS1_2_VERSION, 2063 DTLS1_2_VERSION, DTLS1_2_VERSION, 2064 SSL_HIGH, 2065 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2066 256, 2067 256, 2068 }, 2069 { 2070 1, 2071 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 2072 TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 2073 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 2074 SSL_kECDHE, 2075 SSL_aECDSA, 2076 SSL_CHACHA20POLY1305, 2077 SSL_AEAD, 2078 TLS1_2_VERSION, TLS1_2_VERSION, 2079 DTLS1_2_VERSION, DTLS1_2_VERSION, 2080 SSL_HIGH, 2081 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2082 256, 2083 256, 2084 }, 2085 { 2086 1, 2087 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305, 2088 TLS1_RFC_PSK_WITH_CHACHA20_POLY1305, 2089 TLS1_CK_PSK_WITH_CHACHA20_POLY1305, 2090 SSL_kPSK, 2091 SSL_aPSK, 2092 SSL_CHACHA20POLY1305, 2093 SSL_AEAD, 2094 TLS1_2_VERSION, TLS1_2_VERSION, 2095 DTLS1_2_VERSION, DTLS1_2_VERSION, 2096 SSL_HIGH, 2097 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2098 256, 2099 256, 2100 }, 2101 { 2102 1, 2103 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305, 2104 TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305, 2105 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305, 2106 SSL_kECDHEPSK, 2107 SSL_aPSK, 2108 SSL_CHACHA20POLY1305, 2109 SSL_AEAD, 2110 TLS1_2_VERSION, TLS1_2_VERSION, 2111 DTLS1_2_VERSION, DTLS1_2_VERSION, 2112 SSL_HIGH, 2113 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2114 256, 2115 256, 2116 }, 2117 { 2118 1, 2119 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305, 2120 TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305, 2121 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305, 2122 SSL_kDHEPSK, 2123 SSL_aPSK, 2124 SSL_CHACHA20POLY1305, 2125 SSL_AEAD, 2126 TLS1_2_VERSION, TLS1_2_VERSION, 2127 DTLS1_2_VERSION, DTLS1_2_VERSION, 2128 SSL_HIGH, 2129 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2130 256, 2131 256, 2132 }, 2133 { 2134 1, 2135 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305, 2136 TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305, 2137 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305, 2138 SSL_kRSAPSK, 2139 SSL_aRSA, 2140 SSL_CHACHA20POLY1305, 2141 SSL_AEAD, 2142 TLS1_2_VERSION, TLS1_2_VERSION, 2143 DTLS1_2_VERSION, DTLS1_2_VERSION, 2144 SSL_HIGH, 2145 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2146 256, 2147 256, 2148 }, 2149#endif /* !defined(OPENSSL_NO_CHACHA) && 2150 * !defined(OPENSSL_NO_POLY1305) */ 2151 2152#ifndef OPENSSL_NO_CAMELLIA 2153 { 2154 1, 2155 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2156 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2157 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2158 SSL_kRSA, 2159 SSL_aRSA, 2160 SSL_CAMELLIA128, 2161 SSL_SHA256, 2162 TLS1_2_VERSION, TLS1_2_VERSION, 2163 DTLS1_2_VERSION, DTLS1_2_VERSION, 2164 SSL_NOT_DEFAULT | SSL_HIGH, 2165 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2166 128, 2167 128, 2168 }, 2169 { 2170 1, 2171 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 2172 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 2173 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 2174 SSL_kEDH, 2175 SSL_aDSS, 2176 SSL_CAMELLIA128, 2177 SSL_SHA256, 2178 TLS1_2_VERSION, TLS1_2_VERSION, 2179 DTLS1_2_VERSION, DTLS1_2_VERSION, 2180 SSL_NOT_DEFAULT | SSL_HIGH, 2181 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2182 128, 2183 128, 2184 }, 2185 { 2186 1, 2187 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2188 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2189 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2190 SSL_kEDH, 2191 SSL_aRSA, 2192 SSL_CAMELLIA128, 2193 SSL_SHA256, 2194 TLS1_2_VERSION, TLS1_2_VERSION, 2195 DTLS1_2_VERSION, DTLS1_2_VERSION, 2196 SSL_NOT_DEFAULT | SSL_HIGH, 2197 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2198 128, 2199 128, 2200 }, 2201 { 2202 1, 2203 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256, 2204 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256, 2205 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256, 2206 SSL_kEDH, 2207 SSL_aNULL, 2208 SSL_CAMELLIA128, 2209 SSL_SHA256, 2210 TLS1_2_VERSION, TLS1_2_VERSION, 2211 DTLS1_2_VERSION, DTLS1_2_VERSION, 2212 SSL_NOT_DEFAULT | SSL_HIGH, 2213 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2214 128, 2215 128, 2216 }, 2217 { 2218 1, 2219 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2220 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2221 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2222 SSL_kRSA, 2223 SSL_aRSA, 2224 SSL_CAMELLIA256, 2225 SSL_SHA256, 2226 TLS1_2_VERSION, TLS1_2_VERSION, 2227 DTLS1_2_VERSION, DTLS1_2_VERSION, 2228 SSL_NOT_DEFAULT | SSL_HIGH, 2229 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2230 256, 2231 256, 2232 }, 2233 { 2234 1, 2235 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 2236 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 2237 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 2238 SSL_kEDH, 2239 SSL_aDSS, 2240 SSL_CAMELLIA256, 2241 SSL_SHA256, 2242 TLS1_2_VERSION, TLS1_2_VERSION, 2243 DTLS1_2_VERSION, DTLS1_2_VERSION, 2244 SSL_NOT_DEFAULT | SSL_HIGH, 2245 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2246 256, 2247 256, 2248 }, 2249 { 2250 1, 2251 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2252 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2253 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 2254 SSL_kEDH, 2255 SSL_aRSA, 2256 SSL_CAMELLIA256, 2257 SSL_SHA256, 2258 TLS1_2_VERSION, TLS1_2_VERSION, 2259 DTLS1_2_VERSION, DTLS1_2_VERSION, 2260 SSL_NOT_DEFAULT | SSL_HIGH, 2261 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2262 256, 2263 256, 2264 }, 2265 { 2266 1, 2267 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256, 2268 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256, 2269 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256, 2270 SSL_kEDH, 2271 SSL_aNULL, 2272 SSL_CAMELLIA256, 2273 SSL_SHA256, 2274 TLS1_2_VERSION, TLS1_2_VERSION, 2275 DTLS1_2_VERSION, DTLS1_2_VERSION, 2276 SSL_NOT_DEFAULT | SSL_HIGH, 2277 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2278 256, 2279 256, 2280 }, 2281 { 2282 1, 2283 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 2284 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA, 2285 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 2286 SSL_kRSA, 2287 SSL_aRSA, 2288 SSL_CAMELLIA256, 2289 SSL_SHA1, 2290 SSL3_VERSION, TLS1_2_VERSION, 2291 DTLS1_BAD_VER, DTLS1_2_VERSION, 2292 SSL_NOT_DEFAULT | SSL_HIGH, 2293 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2294 256, 2295 256, 2296 }, 2297 { 2298 1, 2299 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 2300 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 2301 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 2302 SSL_kDHE, 2303 SSL_aDSS, 2304 SSL_CAMELLIA256, 2305 SSL_SHA1, 2306 SSL3_VERSION, TLS1_2_VERSION, 2307 DTLS1_BAD_VER, DTLS1_2_VERSION, 2308 SSL_NOT_DEFAULT | SSL_HIGH, 2309 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2310 256, 2311 256, 2312 }, 2313 { 2314 1, 2315 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 2316 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 2317 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 2318 SSL_kDHE, 2319 SSL_aRSA, 2320 SSL_CAMELLIA256, 2321 SSL_SHA1, 2322 SSL3_VERSION, TLS1_2_VERSION, 2323 DTLS1_BAD_VER, DTLS1_2_VERSION, 2324 SSL_NOT_DEFAULT | SSL_HIGH, 2325 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2326 256, 2327 256, 2328 }, 2329 { 2330 1, 2331 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 2332 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA, 2333 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 2334 SSL_kDHE, 2335 SSL_aNULL, 2336 SSL_CAMELLIA256, 2337 SSL_SHA1, 2338 SSL3_VERSION, TLS1_2_VERSION, 2339 DTLS1_BAD_VER, DTLS1_2_VERSION, 2340 SSL_NOT_DEFAULT | SSL_HIGH, 2341 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2342 256, 2343 256, 2344 }, 2345 { 2346 1, 2347 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 2348 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA, 2349 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 2350 SSL_kRSA, 2351 SSL_aRSA, 2352 SSL_CAMELLIA128, 2353 SSL_SHA1, 2354 SSL3_VERSION, TLS1_2_VERSION, 2355 DTLS1_BAD_VER, DTLS1_2_VERSION, 2356 SSL_NOT_DEFAULT | SSL_HIGH, 2357 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2358 128, 2359 128, 2360 }, 2361 { 2362 1, 2363 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 2364 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 2365 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 2366 SSL_kDHE, 2367 SSL_aDSS, 2368 SSL_CAMELLIA128, 2369 SSL_SHA1, 2370 SSL3_VERSION, TLS1_2_VERSION, 2371 DTLS1_BAD_VER, DTLS1_2_VERSION, 2372 SSL_NOT_DEFAULT | SSL_HIGH, 2373 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2374 128, 2375 128, 2376 }, 2377 { 2378 1, 2379 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 2380 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 2381 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 2382 SSL_kDHE, 2383 SSL_aRSA, 2384 SSL_CAMELLIA128, 2385 SSL_SHA1, 2386 SSL3_VERSION, TLS1_2_VERSION, 2387 DTLS1_BAD_VER, DTLS1_2_VERSION, 2388 SSL_NOT_DEFAULT | SSL_HIGH, 2389 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2390 128, 2391 128, 2392 }, 2393 { 2394 1, 2395 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 2396 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA, 2397 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 2398 SSL_kDHE, 2399 SSL_aNULL, 2400 SSL_CAMELLIA128, 2401 SSL_SHA1, 2402 SSL3_VERSION, TLS1_2_VERSION, 2403 DTLS1_BAD_VER, DTLS1_2_VERSION, 2404 SSL_NOT_DEFAULT | SSL_HIGH, 2405 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2406 128, 2407 128, 2408 }, 2409 { 2410 1, 2411 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 2412 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 2413 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 2414 SSL_kECDHE, 2415 SSL_aECDSA, 2416 SSL_CAMELLIA128, 2417 SSL_SHA256, 2418 TLS1_2_VERSION, TLS1_2_VERSION, 2419 DTLS1_2_VERSION, DTLS1_2_VERSION, 2420 SSL_NOT_DEFAULT | SSL_HIGH, 2421 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2422 128, 2423 128, 2424 }, 2425 { 2426 1, 2427 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 2428 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 2429 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 2430 SSL_kECDHE, 2431 SSL_aECDSA, 2432 SSL_CAMELLIA256, 2433 SSL_SHA384, 2434 TLS1_2_VERSION, TLS1_2_VERSION, 2435 DTLS1_2_VERSION, DTLS1_2_VERSION, 2436 SSL_NOT_DEFAULT | SSL_HIGH, 2437 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2438 256, 2439 256, 2440 }, 2441 { 2442 1, 2443 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2444 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2445 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 2446 SSL_kECDHE, 2447 SSL_aRSA, 2448 SSL_CAMELLIA128, 2449 SSL_SHA256, 2450 TLS1_2_VERSION, TLS1_2_VERSION, 2451 DTLS1_2_VERSION, DTLS1_2_VERSION, 2452 SSL_NOT_DEFAULT | SSL_HIGH, 2453 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2454 128, 2455 128, 2456 }, 2457 { 2458 1, 2459 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 2460 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 2461 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 2462 SSL_kECDHE, 2463 SSL_aRSA, 2464 SSL_CAMELLIA256, 2465 SSL_SHA384, 2466 TLS1_2_VERSION, TLS1_2_VERSION, 2467 DTLS1_2_VERSION, DTLS1_2_VERSION, 2468 SSL_NOT_DEFAULT | SSL_HIGH, 2469 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2470 256, 2471 256, 2472 }, 2473 { 2474 1, 2475 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2476 TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2477 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2478 SSL_kPSK, 2479 SSL_aPSK, 2480 SSL_CAMELLIA128, 2481 SSL_SHA256, 2482 TLS1_VERSION, TLS1_2_VERSION, 2483 DTLS1_BAD_VER, DTLS1_2_VERSION, 2484 SSL_NOT_DEFAULT | SSL_HIGH, 2485 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2486 128, 2487 128, 2488 }, 2489 { 2490 1, 2491 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2492 TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2493 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2494 SSL_kPSK, 2495 SSL_aPSK, 2496 SSL_CAMELLIA256, 2497 SSL_SHA384, 2498 TLS1_VERSION, TLS1_2_VERSION, 2499 DTLS1_BAD_VER, DTLS1_2_VERSION, 2500 SSL_NOT_DEFAULT | SSL_HIGH, 2501 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2502 256, 2503 256, 2504 }, 2505 { 2506 1, 2507 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2508 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2509 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2510 SSL_kDHEPSK, 2511 SSL_aPSK, 2512 SSL_CAMELLIA128, 2513 SSL_SHA256, 2514 TLS1_VERSION, TLS1_2_VERSION, 2515 DTLS1_BAD_VER, DTLS1_2_VERSION, 2516 SSL_NOT_DEFAULT | SSL_HIGH, 2517 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2518 128, 2519 128, 2520 }, 2521 { 2522 1, 2523 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2524 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2525 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2526 SSL_kDHEPSK, 2527 SSL_aPSK, 2528 SSL_CAMELLIA256, 2529 SSL_SHA384, 2530 TLS1_VERSION, TLS1_2_VERSION, 2531 DTLS1_BAD_VER, DTLS1_2_VERSION, 2532 SSL_NOT_DEFAULT | SSL_HIGH, 2533 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2534 256, 2535 256, 2536 }, 2537 { 2538 1, 2539 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2540 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2541 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2542 SSL_kRSAPSK, 2543 SSL_aRSA, 2544 SSL_CAMELLIA128, 2545 SSL_SHA256, 2546 TLS1_VERSION, TLS1_2_VERSION, 2547 DTLS1_BAD_VER, DTLS1_2_VERSION, 2548 SSL_NOT_DEFAULT | SSL_HIGH, 2549 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2550 128, 2551 128, 2552 }, 2553 { 2554 1, 2555 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2556 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2557 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2558 SSL_kRSAPSK, 2559 SSL_aRSA, 2560 SSL_CAMELLIA256, 2561 SSL_SHA384, 2562 TLS1_VERSION, TLS1_2_VERSION, 2563 DTLS1_BAD_VER, DTLS1_2_VERSION, 2564 SSL_NOT_DEFAULT | SSL_HIGH, 2565 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2566 256, 2567 256, 2568 }, 2569 { 2570 1, 2571 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2572 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2573 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 2574 SSL_kECDHEPSK, 2575 SSL_aPSK, 2576 SSL_CAMELLIA128, 2577 SSL_SHA256, 2578 TLS1_VERSION, TLS1_2_VERSION, 2579 DTLS1_BAD_VER, DTLS1_2_VERSION, 2580 SSL_NOT_DEFAULT | SSL_HIGH, 2581 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2582 128, 2583 128, 2584 }, 2585 { 2586 1, 2587 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2588 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2589 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 2590 SSL_kECDHEPSK, 2591 SSL_aPSK, 2592 SSL_CAMELLIA256, 2593 SSL_SHA384, 2594 TLS1_VERSION, TLS1_2_VERSION, 2595 DTLS1_BAD_VER, DTLS1_2_VERSION, 2596 SSL_NOT_DEFAULT | SSL_HIGH, 2597 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2598 256, 2599 256, 2600 }, 2601#endif /* OPENSSL_NO_CAMELLIA */ 2602 2603#ifndef OPENSSL_NO_GOST 2604 { 2605 1, 2606 "GOST2001-GOST89-GOST89", 2607 "TLS_GOSTR341001_WITH_28147_CNT_IMIT", 2608 0x3000081, 2609 SSL_kGOST, 2610 SSL_aGOST01, 2611 SSL_eGOST2814789CNT, 2612 SSL_GOST89MAC, 2613 TLS1_VERSION, TLS1_2_VERSION, 2614 0, 0, 2615 SSL_HIGH, 2616 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC, 2617 256, 2618 256, 2619 }, 2620 { 2621 1, 2622 "GOST2001-NULL-GOST94", 2623 "TLS_GOSTR341001_WITH_NULL_GOSTR3411", 2624 0x3000083, 2625 SSL_kGOST, 2626 SSL_aGOST01, 2627 SSL_eNULL, 2628 SSL_GOST94, 2629 TLS1_VERSION, TLS1_2_VERSION, 2630 0, 0, 2631 SSL_STRONG_NONE, 2632 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94, 2633 0, 2634 0, 2635 }, 2636 { 2637 1, 2638 "GOST2012-GOST8912-GOST8912", 2639 NULL, 2640 0x0300ff85, 2641 SSL_kGOST, 2642 SSL_aGOST12 | SSL_aGOST01, 2643 SSL_eGOST2814789CNT12, 2644 SSL_GOST89MAC12, 2645 TLS1_VERSION, TLS1_2_VERSION, 2646 0, 0, 2647 SSL_HIGH, 2648 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 2649 256, 2650 256, 2651 }, 2652 { 2653 1, 2654 "GOST2012-NULL-GOST12", 2655 NULL, 2656 0x0300ff87, 2657 SSL_kGOST, 2658 SSL_aGOST12 | SSL_aGOST01, 2659 SSL_eNULL, 2660 SSL_GOST12_256, 2661 TLS1_VERSION, TLS1_2_VERSION, 2662 0, 0, 2663 SSL_STRONG_NONE, 2664 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC, 2665 0, 2666 0, 2667 }, 2668#endif /* OPENSSL_NO_GOST */ 2669 2670#ifndef OPENSSL_NO_IDEA 2671 { 2672 1, 2673 SSL3_TXT_RSA_IDEA_128_SHA, 2674 SSL3_RFC_RSA_IDEA_128_SHA, 2675 SSL3_CK_RSA_IDEA_128_SHA, 2676 SSL_kRSA, 2677 SSL_aRSA, 2678 SSL_IDEA, 2679 SSL_SHA1, 2680 SSL3_VERSION, TLS1_1_VERSION, 2681 DTLS1_BAD_VER, DTLS1_VERSION, 2682 SSL_NOT_DEFAULT | SSL_MEDIUM, 2683 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2684 128, 2685 128, 2686 }, 2687#endif 2688 2689#ifndef OPENSSL_NO_SEED 2690 { 2691 1, 2692 TLS1_TXT_RSA_WITH_SEED_SHA, 2693 TLS1_RFC_RSA_WITH_SEED_SHA, 2694 TLS1_CK_RSA_WITH_SEED_SHA, 2695 SSL_kRSA, 2696 SSL_aRSA, 2697 SSL_SEED, 2698 SSL_SHA1, 2699 SSL3_VERSION, TLS1_2_VERSION, 2700 DTLS1_BAD_VER, DTLS1_2_VERSION, 2701 SSL_NOT_DEFAULT | SSL_MEDIUM, 2702 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2703 128, 2704 128, 2705 }, 2706 { 2707 1, 2708 TLS1_TXT_DHE_DSS_WITH_SEED_SHA, 2709 TLS1_RFC_DHE_DSS_WITH_SEED_SHA, 2710 TLS1_CK_DHE_DSS_WITH_SEED_SHA, 2711 SSL_kDHE, 2712 SSL_aDSS, 2713 SSL_SEED, 2714 SSL_SHA1, 2715 SSL3_VERSION, TLS1_2_VERSION, 2716 DTLS1_BAD_VER, DTLS1_2_VERSION, 2717 SSL_NOT_DEFAULT | SSL_MEDIUM, 2718 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2719 128, 2720 128, 2721 }, 2722 { 2723 1, 2724 TLS1_TXT_DHE_RSA_WITH_SEED_SHA, 2725 TLS1_RFC_DHE_RSA_WITH_SEED_SHA, 2726 TLS1_CK_DHE_RSA_WITH_SEED_SHA, 2727 SSL_kDHE, 2728 SSL_aRSA, 2729 SSL_SEED, 2730 SSL_SHA1, 2731 SSL3_VERSION, TLS1_2_VERSION, 2732 DTLS1_BAD_VER, DTLS1_2_VERSION, 2733 SSL_NOT_DEFAULT | SSL_MEDIUM, 2734 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2735 128, 2736 128, 2737 }, 2738 { 2739 1, 2740 TLS1_TXT_ADH_WITH_SEED_SHA, 2741 TLS1_RFC_ADH_WITH_SEED_SHA, 2742 TLS1_CK_ADH_WITH_SEED_SHA, 2743 SSL_kDHE, 2744 SSL_aNULL, 2745 SSL_SEED, 2746 SSL_SHA1, 2747 SSL3_VERSION, TLS1_2_VERSION, 2748 DTLS1_BAD_VER, DTLS1_2_VERSION, 2749 SSL_NOT_DEFAULT | SSL_MEDIUM, 2750 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2751 128, 2752 128, 2753 }, 2754#endif /* OPENSSL_NO_SEED */ 2755 2756#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS 2757 { 2758 1, 2759 SSL3_TXT_RSA_RC4_128_MD5, 2760 SSL3_RFC_RSA_RC4_128_MD5, 2761 SSL3_CK_RSA_RC4_128_MD5, 2762 SSL_kRSA, 2763 SSL_aRSA, 2764 SSL_RC4, 2765 SSL_MD5, 2766 SSL3_VERSION, TLS1_2_VERSION, 2767 0, 0, 2768 SSL_NOT_DEFAULT | SSL_MEDIUM, 2769 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2770 128, 2771 128, 2772 }, 2773 { 2774 1, 2775 SSL3_TXT_RSA_RC4_128_SHA, 2776 SSL3_RFC_RSA_RC4_128_SHA, 2777 SSL3_CK_RSA_RC4_128_SHA, 2778 SSL_kRSA, 2779 SSL_aRSA, 2780 SSL_RC4, 2781 SSL_SHA1, 2782 SSL3_VERSION, TLS1_2_VERSION, 2783 0, 0, 2784 SSL_NOT_DEFAULT | SSL_MEDIUM, 2785 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2786 128, 2787 128, 2788 }, 2789 { 2790 1, 2791 SSL3_TXT_ADH_RC4_128_MD5, 2792 SSL3_RFC_ADH_RC4_128_MD5, 2793 SSL3_CK_ADH_RC4_128_MD5, 2794 SSL_kDHE, 2795 SSL_aNULL, 2796 SSL_RC4, 2797 SSL_MD5, 2798 SSL3_VERSION, TLS1_2_VERSION, 2799 0, 0, 2800 SSL_NOT_DEFAULT | SSL_MEDIUM, 2801 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2802 128, 2803 128, 2804 }, 2805 { 2806 1, 2807 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA, 2808 TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA, 2809 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA, 2810 SSL_kECDHEPSK, 2811 SSL_aPSK, 2812 SSL_RC4, 2813 SSL_SHA1, 2814 TLS1_VERSION, TLS1_2_VERSION, 2815 0, 0, 2816 SSL_NOT_DEFAULT | SSL_MEDIUM, 2817 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2818 128, 2819 128, 2820 }, 2821 { 2822 1, 2823 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 2824 TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA, 2825 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 2826 SSL_kECDHE, 2827 SSL_aNULL, 2828 SSL_RC4, 2829 SSL_SHA1, 2830 TLS1_VERSION, TLS1_2_VERSION, 2831 0, 0, 2832 SSL_NOT_DEFAULT | SSL_MEDIUM, 2833 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2834 128, 2835 128, 2836 }, 2837 { 2838 1, 2839 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 2840 TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA, 2841 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 2842 SSL_kECDHE, 2843 SSL_aECDSA, 2844 SSL_RC4, 2845 SSL_SHA1, 2846 TLS1_VERSION, TLS1_2_VERSION, 2847 0, 0, 2848 SSL_NOT_DEFAULT | SSL_MEDIUM, 2849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2850 128, 2851 128, 2852 }, 2853 { 2854 1, 2855 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 2856 TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA, 2857 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 2858 SSL_kECDHE, 2859 SSL_aRSA, 2860 SSL_RC4, 2861 SSL_SHA1, 2862 TLS1_VERSION, TLS1_2_VERSION, 2863 0, 0, 2864 SSL_NOT_DEFAULT | SSL_MEDIUM, 2865 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2866 128, 2867 128, 2868 }, 2869 { 2870 1, 2871 TLS1_TXT_PSK_WITH_RC4_128_SHA, 2872 TLS1_RFC_PSK_WITH_RC4_128_SHA, 2873 TLS1_CK_PSK_WITH_RC4_128_SHA, 2874 SSL_kPSK, 2875 SSL_aPSK, 2876 SSL_RC4, 2877 SSL_SHA1, 2878 SSL3_VERSION, TLS1_2_VERSION, 2879 0, 0, 2880 SSL_NOT_DEFAULT | SSL_MEDIUM, 2881 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2882 128, 2883 128, 2884 }, 2885 { 2886 1, 2887 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA, 2888 TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA, 2889 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA, 2890 SSL_kRSAPSK, 2891 SSL_aRSA, 2892 SSL_RC4, 2893 SSL_SHA1, 2894 SSL3_VERSION, TLS1_2_VERSION, 2895 0, 0, 2896 SSL_NOT_DEFAULT | SSL_MEDIUM, 2897 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2898 128, 2899 128, 2900 }, 2901 { 2902 1, 2903 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA, 2904 TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA, 2905 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA, 2906 SSL_kDHEPSK, 2907 SSL_aPSK, 2908 SSL_RC4, 2909 SSL_SHA1, 2910 SSL3_VERSION, TLS1_2_VERSION, 2911 0, 0, 2912 SSL_NOT_DEFAULT | SSL_MEDIUM, 2913 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF, 2914 128, 2915 128, 2916 }, 2917#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */ 2918 2919#ifndef OPENSSL_NO_ARIA 2920 { 2921 1, 2922 TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256, 2923 TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256, 2924 TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256, 2925 SSL_kRSA, 2926 SSL_aRSA, 2927 SSL_ARIA128GCM, 2928 SSL_AEAD, 2929 TLS1_2_VERSION, TLS1_2_VERSION, 2930 DTLS1_2_VERSION, DTLS1_2_VERSION, 2931 SSL_NOT_DEFAULT | SSL_HIGH, 2932 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2933 128, 2934 128, 2935 }, 2936 { 2937 1, 2938 TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384, 2939 TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384, 2940 TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384, 2941 SSL_kRSA, 2942 SSL_aRSA, 2943 SSL_ARIA256GCM, 2944 SSL_AEAD, 2945 TLS1_2_VERSION, TLS1_2_VERSION, 2946 DTLS1_2_VERSION, DTLS1_2_VERSION, 2947 SSL_NOT_DEFAULT | SSL_HIGH, 2948 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2949 256, 2950 256, 2951 }, 2952 { 2953 1, 2954 TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2955 TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2956 TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2957 SSL_kDHE, 2958 SSL_aRSA, 2959 SSL_ARIA128GCM, 2960 SSL_AEAD, 2961 TLS1_2_VERSION, TLS1_2_VERSION, 2962 DTLS1_2_VERSION, DTLS1_2_VERSION, 2963 SSL_NOT_DEFAULT | SSL_HIGH, 2964 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2965 128, 2966 128, 2967 }, 2968 { 2969 1, 2970 TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2971 TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2972 TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2973 SSL_kDHE, 2974 SSL_aRSA, 2975 SSL_ARIA256GCM, 2976 SSL_AEAD, 2977 TLS1_2_VERSION, TLS1_2_VERSION, 2978 DTLS1_2_VERSION, DTLS1_2_VERSION, 2979 SSL_NOT_DEFAULT | SSL_HIGH, 2980 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 2981 256, 2982 256, 2983 }, 2984 { 2985 1, 2986 TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256, 2987 TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256, 2988 TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256, 2989 SSL_kDHE, 2990 SSL_aDSS, 2991 SSL_ARIA128GCM, 2992 SSL_AEAD, 2993 TLS1_2_VERSION, TLS1_2_VERSION, 2994 DTLS1_2_VERSION, DTLS1_2_VERSION, 2995 SSL_NOT_DEFAULT | SSL_HIGH, 2996 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 2997 128, 2998 128, 2999 }, 3000 { 3001 1, 3002 TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384, 3003 TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384, 3004 TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384, 3005 SSL_kDHE, 3006 SSL_aDSS, 3007 SSL_ARIA256GCM, 3008 SSL_AEAD, 3009 TLS1_2_VERSION, TLS1_2_VERSION, 3010 DTLS1_2_VERSION, DTLS1_2_VERSION, 3011 SSL_NOT_DEFAULT | SSL_HIGH, 3012 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3013 256, 3014 256, 3015 }, 3016 { 3017 1, 3018 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 3019 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 3020 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 3021 SSL_kECDHE, 3022 SSL_aECDSA, 3023 SSL_ARIA128GCM, 3024 SSL_AEAD, 3025 TLS1_2_VERSION, TLS1_2_VERSION, 3026 DTLS1_2_VERSION, DTLS1_2_VERSION, 3027 SSL_NOT_DEFAULT | SSL_HIGH, 3028 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 3029 128, 3030 128, 3031 }, 3032 { 3033 1, 3034 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 3035 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 3036 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 3037 SSL_kECDHE, 3038 SSL_aECDSA, 3039 SSL_ARIA256GCM, 3040 SSL_AEAD, 3041 TLS1_2_VERSION, TLS1_2_VERSION, 3042 DTLS1_2_VERSION, DTLS1_2_VERSION, 3043 SSL_NOT_DEFAULT | SSL_HIGH, 3044 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3045 256, 3046 256, 3047 }, 3048 { 3049 1, 3050 TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 3051 TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 3052 TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 3053 SSL_kECDHE, 3054 SSL_aRSA, 3055 SSL_ARIA128GCM, 3056 SSL_AEAD, 3057 TLS1_2_VERSION, TLS1_2_VERSION, 3058 DTLS1_2_VERSION, DTLS1_2_VERSION, 3059 SSL_NOT_DEFAULT | SSL_HIGH, 3060 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 3061 128, 3062 128, 3063 }, 3064 { 3065 1, 3066 TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 3067 TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 3068 TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 3069 SSL_kECDHE, 3070 SSL_aRSA, 3071 SSL_ARIA256GCM, 3072 SSL_AEAD, 3073 TLS1_2_VERSION, TLS1_2_VERSION, 3074 DTLS1_2_VERSION, DTLS1_2_VERSION, 3075 SSL_NOT_DEFAULT | SSL_HIGH, 3076 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3077 256, 3078 256, 3079 }, 3080 { 3081 1, 3082 TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256, 3083 TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256, 3084 TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256, 3085 SSL_kPSK, 3086 SSL_aPSK, 3087 SSL_ARIA128GCM, 3088 SSL_AEAD, 3089 TLS1_2_VERSION, TLS1_2_VERSION, 3090 DTLS1_2_VERSION, DTLS1_2_VERSION, 3091 SSL_NOT_DEFAULT | SSL_HIGH, 3092 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 3093 128, 3094 128, 3095 }, 3096 { 3097 1, 3098 TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384, 3099 TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384, 3100 TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384, 3101 SSL_kPSK, 3102 SSL_aPSK, 3103 SSL_ARIA256GCM, 3104 SSL_AEAD, 3105 TLS1_2_VERSION, TLS1_2_VERSION, 3106 DTLS1_2_VERSION, DTLS1_2_VERSION, 3107 SSL_NOT_DEFAULT | SSL_HIGH, 3108 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3109 256, 3110 256, 3111 }, 3112 { 3113 1, 3114 TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 3115 TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 3116 TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 3117 SSL_kDHEPSK, 3118 SSL_aPSK, 3119 SSL_ARIA128GCM, 3120 SSL_AEAD, 3121 TLS1_2_VERSION, TLS1_2_VERSION, 3122 DTLS1_2_VERSION, DTLS1_2_VERSION, 3123 SSL_NOT_DEFAULT | SSL_HIGH, 3124 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 3125 128, 3126 128, 3127 }, 3128 { 3129 1, 3130 TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 3131 TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 3132 TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 3133 SSL_kDHEPSK, 3134 SSL_aPSK, 3135 SSL_ARIA256GCM, 3136 SSL_AEAD, 3137 TLS1_2_VERSION, TLS1_2_VERSION, 3138 DTLS1_2_VERSION, DTLS1_2_VERSION, 3139 SSL_NOT_DEFAULT | SSL_HIGH, 3140 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3141 256, 3142 256, 3143 }, 3144 { 3145 1, 3146 TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 3147 TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 3148 TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 3149 SSL_kRSAPSK, 3150 SSL_aRSA, 3151 SSL_ARIA128GCM, 3152 SSL_AEAD, 3153 TLS1_2_VERSION, TLS1_2_VERSION, 3154 DTLS1_2_VERSION, DTLS1_2_VERSION, 3155 SSL_NOT_DEFAULT | SSL_HIGH, 3156 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, 3157 128, 3158 128, 3159 }, 3160 { 3161 1, 3162 TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 3163 TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 3164 TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 3165 SSL_kRSAPSK, 3166 SSL_aRSA, 3167 SSL_ARIA256GCM, 3168 SSL_AEAD, 3169 TLS1_2_VERSION, TLS1_2_VERSION, 3170 DTLS1_2_VERSION, DTLS1_2_VERSION, 3171 SSL_NOT_DEFAULT | SSL_HIGH, 3172 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384, 3173 256, 3174 256, 3175 }, 3176#endif /* OPENSSL_NO_ARIA */ 3177}; 3178 3179/* 3180 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid 3181 * values stuffed into the ciphers field of the wire protocol for signalling 3182 * purposes. 3183 */ 3184static SSL_CIPHER ssl3_scsvs[] = { 3185 { 3186 0, 3187 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 3188 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 3189 SSL3_CK_SCSV, 3190 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3191 }, 3192 { 3193 0, 3194 "TLS_FALLBACK_SCSV", 3195 "TLS_FALLBACK_SCSV", 3196 SSL3_CK_FALLBACK_SCSV, 3197 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3198 }, 3199}; 3200 3201static int cipher_compare(const void *a, const void *b) 3202{ 3203 const SSL_CIPHER *ap = (const SSL_CIPHER *)a; 3204 const SSL_CIPHER *bp = (const SSL_CIPHER *)b; 3205 3206 if (ap->id == bp->id) 3207 return 0; 3208 return ap->id < bp->id ? -1 : 1; 3209} 3210 3211void ssl_sort_cipher_list(void) 3212{ 3213 qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]), 3214 cipher_compare); 3215 qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]), 3216 cipher_compare); 3217 qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare); 3218} 3219 3220static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s, 3221 const char * t, size_t u, 3222 const unsigned char * v, size_t w, int x) 3223{ 3224 (void)r; 3225 (void)s; 3226 (void)t; 3227 (void)u; 3228 (void)v; 3229 (void)w; 3230 (void)x; 3231 return ssl_undefined_function(ssl); 3232} 3233 3234const SSL3_ENC_METHOD SSLv3_enc_data = { 3235 ssl3_enc, 3236 n_ssl3_mac, 3237 ssl3_setup_key_block, 3238 ssl3_generate_master_secret, 3239 ssl3_change_cipher_state, 3240 ssl3_final_finish_mac, 3241 SSL3_MD_CLIENT_FINISHED_CONST, 4, 3242 SSL3_MD_SERVER_FINISHED_CONST, 4, 3243 ssl3_alert_code, 3244 ssl_undefined_function_1, 3245 0, 3246 ssl3_set_handshake_header, 3247 tls_close_construct_packet, 3248 ssl3_handshake_write 3249}; 3250 3251long ssl3_default_timeout(void) 3252{ 3253 /* 3254 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for 3255 * http, the cache would over fill 3256 */ 3257 return (60 * 60 * 2); 3258} 3259 3260int ssl3_num_ciphers(void) 3261{ 3262 return SSL3_NUM_CIPHERS; 3263} 3264 3265const SSL_CIPHER *ssl3_get_cipher(unsigned int u) 3266{ 3267 if (u < SSL3_NUM_CIPHERS) 3268 return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]); 3269 else 3270 return NULL; 3271} 3272 3273int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype) 3274{ 3275 /* No header in the event of a CCS */ 3276 if (htype == SSL3_MT_CHANGE_CIPHER_SPEC) 3277 return 1; 3278 3279 /* Set the content type and 3 bytes for the message len */ 3280 if (!WPACKET_put_bytes_u8(pkt, htype) 3281 || !WPACKET_start_sub_packet_u24(pkt)) 3282 return 0; 3283 3284 return 1; 3285} 3286 3287int ssl3_handshake_write(SSL *s) 3288{ 3289 return ssl3_do_write(s, SSL3_RT_HANDSHAKE); 3290} 3291 3292int ssl3_new(SSL *s) 3293{ 3294 SSL3_STATE *s3; 3295 3296 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL) 3297 goto err; 3298 s->s3 = s3; 3299 3300#ifndef OPENSSL_NO_SRP 3301 if (!SSL_SRP_CTX_init(s)) 3302 goto err; 3303#endif 3304 3305 if (!s->method->ssl_clear(s)) 3306 return 0; 3307 3308 return 1; 3309 err: 3310 return 0; 3311} 3312 3313void ssl3_free(SSL *s) 3314{ 3315 if (s == NULL || s->s3 == NULL) 3316 return; 3317 3318 ssl3_cleanup_key_block(s); 3319 3320#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) 3321 EVP_PKEY_free(s->s3->peer_tmp); 3322 s->s3->peer_tmp = NULL; 3323 EVP_PKEY_free(s->s3->tmp.pkey); 3324 s->s3->tmp.pkey = NULL; 3325#endif 3326 3327 OPENSSL_free(s->s3->tmp.ctype); 3328 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free); 3329 OPENSSL_free(s->s3->tmp.ciphers_raw); 3330 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen); 3331 OPENSSL_free(s->s3->tmp.peer_sigalgs); 3332 OPENSSL_free(s->s3->tmp.peer_cert_sigalgs); 3333 ssl3_free_digest_list(s); 3334 OPENSSL_free(s->s3->alpn_selected); 3335 OPENSSL_free(s->s3->alpn_proposed); 3336 3337#ifndef OPENSSL_NO_SRP 3338 SSL_SRP_CTX_free(s); 3339#endif 3340 OPENSSL_clear_free(s->s3, sizeof(*s->s3)); 3341 s->s3 = NULL; 3342} 3343 3344int ssl3_clear(SSL *s) 3345{ 3346 ssl3_cleanup_key_block(s); 3347 OPENSSL_free(s->s3->tmp.ctype); 3348 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free); 3349 OPENSSL_free(s->s3->tmp.ciphers_raw); 3350 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen); 3351 OPENSSL_free(s->s3->tmp.peer_sigalgs); 3352 OPENSSL_free(s->s3->tmp.peer_cert_sigalgs); 3353 3354#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) 3355 EVP_PKEY_free(s->s3->tmp.pkey); 3356 EVP_PKEY_free(s->s3->peer_tmp); 3357#endif /* !OPENSSL_NO_EC */ 3358 3359 ssl3_free_digest_list(s); 3360 3361 OPENSSL_free(s->s3->alpn_selected); 3362 OPENSSL_free(s->s3->alpn_proposed); 3363 3364 /* NULL/zero-out everything in the s3 struct */ 3365 memset(s->s3, 0, sizeof(*s->s3)); 3366 3367 if (!ssl_free_wbio_buffer(s)) 3368 return 0; 3369 3370 s->version = SSL3_VERSION; 3371 3372#if !defined(OPENSSL_NO_NEXTPROTONEG) 3373 OPENSSL_free(s->ext.npn); 3374 s->ext.npn = NULL; 3375 s->ext.npn_len = 0; 3376#endif 3377 3378 return 1; 3379} 3380 3381#ifndef OPENSSL_NO_SRP 3382static char *srp_password_from_info_cb(SSL *s, void *arg) 3383{ 3384 return OPENSSL_strdup(s->srp_ctx.info); 3385} 3386#endif 3387 3388static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len); 3389 3390long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 3391{ 3392 int ret = 0; 3393 3394 switch (cmd) { 3395 case SSL_CTRL_GET_CLIENT_CERT_REQUEST: 3396 break; 3397 case SSL_CTRL_GET_NUM_RENEGOTIATIONS: 3398 ret = s->s3->num_renegotiations; 3399 break; 3400 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: 3401 ret = s->s3->num_renegotiations; 3402 s->s3->num_renegotiations = 0; 3403 break; 3404 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: 3405 ret = s->s3->total_renegotiations; 3406 break; 3407 case SSL_CTRL_GET_FLAGS: 3408 ret = (int)(s->s3->flags); 3409 break; 3410#ifndef OPENSSL_NO_DH 3411 case SSL_CTRL_SET_TMP_DH: 3412 { 3413 DH *dh = (DH *)parg; 3414 EVP_PKEY *pkdh = NULL; 3415 if (dh == NULL) { 3416 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3417 return ret; 3418 } 3419 pkdh = ssl_dh_to_pkey(dh); 3420 if (pkdh == NULL) { 3421 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); 3422 return 0; 3423 } 3424 if (!ssl_security(s, SSL_SECOP_TMP_DH, 3425 EVP_PKEY_security_bits(pkdh), 0, pkdh)) { 3426 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL); 3427 EVP_PKEY_free(pkdh); 3428 return ret; 3429 } 3430 EVP_PKEY_free(s->cert->dh_tmp); 3431 s->cert->dh_tmp = pkdh; 3432 ret = 1; 3433 } 3434 break; 3435 case SSL_CTRL_SET_TMP_DH_CB: 3436 { 3437 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3438 return ret; 3439 } 3440 case SSL_CTRL_SET_DH_AUTO: 3441 s->cert->dh_tmp_auto = larg; 3442 return 1; 3443#endif 3444#ifndef OPENSSL_NO_EC 3445 case SSL_CTRL_SET_TMP_ECDH: 3446 { 3447 const EC_GROUP *group = NULL; 3448 int nid; 3449 3450 if (parg == NULL) { 3451 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3452 return 0; 3453 } 3454 group = EC_KEY_get0_group((const EC_KEY *)parg); 3455 if (group == NULL) { 3456 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS); 3457 return 0; 3458 } 3459 nid = EC_GROUP_get_curve_name(group); 3460 if (nid == NID_undef) 3461 return 0; 3462 return tls1_set_groups(&s->ext.supportedgroups, 3463 &s->ext.supportedgroups_len, 3464 &nid, 1); 3465 } 3466 break; 3467#endif /* !OPENSSL_NO_EC */ 3468 case SSL_CTRL_SET_TLSEXT_HOSTNAME: 3469 /* 3470 * TODO(OpenSSL1.2) 3471 * This API is only used for a client to set what SNI it will request 3472 * from the server, but we currently allow it to be used on servers 3473 * as well, which is a programming error. Currently we just clear 3474 * the field in SSL_do_handshake() for server SSLs, but when we can 3475 * make ABI-breaking changes, we may want to make use of this API 3476 * an error on server SSLs. 3477 */ 3478 if (larg == TLSEXT_NAMETYPE_host_name) { 3479 size_t len; 3480 3481 OPENSSL_free(s->ext.hostname); 3482 s->ext.hostname = NULL; 3483 3484 ret = 1; 3485 if (parg == NULL) 3486 break; 3487 len = strlen((char *)parg); 3488 if (len == 0 || len > TLSEXT_MAXLEN_host_name) { 3489 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME); 3490 return 0; 3491 } 3492 if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) { 3493 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR); 3494 return 0; 3495 } 3496 } else { 3497 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 3498 return 0; 3499 } 3500 break; 3501 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG: 3502 s->ext.debug_arg = parg; 3503 ret = 1; 3504 break; 3505 3506 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE: 3507 ret = s->ext.status_type; 3508 break; 3509 3510 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3511 s->ext.status_type = larg; 3512 ret = 1; 3513 break; 3514 3515 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: 3516 *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts; 3517 ret = 1; 3518 break; 3519 3520 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: 3521 s->ext.ocsp.exts = parg; 3522 ret = 1; 3523 break; 3524 3525 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: 3526 *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids; 3527 ret = 1; 3528 break; 3529 3530 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: 3531 s->ext.ocsp.ids = parg; 3532 ret = 1; 3533 break; 3534 3535 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: 3536 *(unsigned char **)parg = s->ext.ocsp.resp; 3537 if (s->ext.ocsp.resp_len == 0 3538 || s->ext.ocsp.resp_len > LONG_MAX) 3539 return -1; 3540 return (long)s->ext.ocsp.resp_len; 3541 3542 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: 3543 OPENSSL_free(s->ext.ocsp.resp); 3544 s->ext.ocsp.resp = parg; 3545 s->ext.ocsp.resp_len = larg; 3546 ret = 1; 3547 break; 3548 3549#ifndef OPENSSL_NO_HEARTBEATS 3550 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT: 3551 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING: 3552 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS: 3553 break; 3554#endif 3555 3556 case SSL_CTRL_CHAIN: 3557 if (larg) 3558 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg); 3559 else 3560 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg); 3561 3562 case SSL_CTRL_CHAIN_CERT: 3563 if (larg) 3564 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg); 3565 else 3566 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg); 3567 3568 case SSL_CTRL_GET_CHAIN_CERTS: 3569 *(STACK_OF(X509) **)parg = s->cert->key->chain; 3570 ret = 1; 3571 break; 3572 3573 case SSL_CTRL_SELECT_CURRENT_CERT: 3574 return ssl_cert_select_current(s->cert, (X509 *)parg); 3575 3576 case SSL_CTRL_SET_CURRENT_CERT: 3577 if (larg == SSL_CERT_SET_SERVER) { 3578 const SSL_CIPHER *cipher; 3579 if (!s->server) 3580 return 0; 3581 cipher = s->s3->tmp.new_cipher; 3582 if (cipher == NULL) 3583 return 0; 3584 /* 3585 * No certificate for unauthenticated ciphersuites or using SRP 3586 * authentication 3587 */ 3588 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) 3589 return 2; 3590 if (s->s3->tmp.cert == NULL) 3591 return 0; 3592 s->cert->key = s->s3->tmp.cert; 3593 return 1; 3594 } 3595 return ssl_cert_set_current(s->cert, larg); 3596 3597#ifndef OPENSSL_NO_EC 3598 case SSL_CTRL_GET_GROUPS: 3599 { 3600 uint16_t *clist; 3601 size_t clistlen; 3602 3603 if (!s->session) 3604 return 0; 3605 clist = s->ext.peer_supportedgroups; 3606 clistlen = s->ext.peer_supportedgroups_len; 3607 if (parg) { 3608 size_t i; 3609 int *cptr = parg; 3610 3611 for (i = 0; i < clistlen; i++) { 3612 const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]); 3613 3614 if (cinf != NULL) 3615 cptr[i] = cinf->nid; 3616 else 3617 cptr[i] = TLSEXT_nid_unknown | clist[i]; 3618 } 3619 } 3620 return (int)clistlen; 3621 } 3622 3623 case SSL_CTRL_SET_GROUPS: 3624 return tls1_set_groups(&s->ext.supportedgroups, 3625 &s->ext.supportedgroups_len, parg, larg); 3626 3627 case SSL_CTRL_SET_GROUPS_LIST: 3628 return tls1_set_groups_list(&s->ext.supportedgroups, 3629 &s->ext.supportedgroups_len, parg); 3630 3631 case SSL_CTRL_GET_SHARED_GROUP: 3632 { 3633 uint16_t id = tls1_shared_group(s, larg); 3634 3635 if (larg != -1) { 3636 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); 3637 3638 return ginf == NULL ? 0 : ginf->nid; 3639 } 3640 return id; 3641 } 3642#endif 3643 case SSL_CTRL_SET_SIGALGS: 3644 return tls1_set_sigalgs(s->cert, parg, larg, 0); 3645 3646 case SSL_CTRL_SET_SIGALGS_LIST: 3647 return tls1_set_sigalgs_list(s->cert, parg, 0); 3648 3649 case SSL_CTRL_SET_CLIENT_SIGALGS: 3650 return tls1_set_sigalgs(s->cert, parg, larg, 1); 3651 3652 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3653 return tls1_set_sigalgs_list(s->cert, parg, 1); 3654 3655 case SSL_CTRL_GET_CLIENT_CERT_TYPES: 3656 { 3657 const unsigned char **pctype = parg; 3658 if (s->server || !s->s3->tmp.cert_req) 3659 return 0; 3660 if (pctype) 3661 *pctype = s->s3->tmp.ctype; 3662 return s->s3->tmp.ctype_len; 3663 } 3664 3665 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3666 if (!s->server) 3667 return 0; 3668 return ssl3_set_req_cert_type(s->cert, parg, larg); 3669 3670 case SSL_CTRL_BUILD_CERT_CHAIN: 3671 return ssl_build_cert_chain(s, NULL, larg); 3672 3673 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3674 return ssl_cert_set_cert_store(s->cert, parg, 0, larg); 3675 3676 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3677 return ssl_cert_set_cert_store(s->cert, parg, 1, larg); 3678 3679 case SSL_CTRL_GET_PEER_SIGNATURE_NID: 3680 if (s->s3->tmp.peer_sigalg == NULL) 3681 return 0; 3682 *(int *)parg = s->s3->tmp.peer_sigalg->hash; 3683 return 1; 3684 3685 case SSL_CTRL_GET_SIGNATURE_NID: 3686 if (s->s3->tmp.sigalg == NULL) 3687 return 0; 3688 *(int *)parg = s->s3->tmp.sigalg->hash; 3689 return 1; 3690 3691 case SSL_CTRL_GET_PEER_TMP_KEY: 3692#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) 3693 if (s->session == NULL || s->s3->peer_tmp == NULL) { 3694 return 0; 3695 } else { 3696 EVP_PKEY_up_ref(s->s3->peer_tmp); 3697 *(EVP_PKEY **)parg = s->s3->peer_tmp; 3698 return 1; 3699 } 3700#else 3701 return 0; 3702#endif 3703 3704 case SSL_CTRL_GET_TMP_KEY: 3705#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) 3706 if (s->session == NULL || s->s3->tmp.pkey == NULL) { 3707 return 0; 3708 } else { 3709 EVP_PKEY_up_ref(s->s3->tmp.pkey); 3710 *(EVP_PKEY **)parg = s->s3->tmp.pkey; 3711 return 1; 3712 } 3713#else 3714 return 0; 3715#endif 3716 3717#ifndef OPENSSL_NO_EC 3718 case SSL_CTRL_GET_EC_POINT_FORMATS: 3719 { 3720 const unsigned char **pformat = parg; 3721 3722 if (s->ext.peer_ecpointformats == NULL) 3723 return 0; 3724 *pformat = s->ext.peer_ecpointformats; 3725 return (int)s->ext.peer_ecpointformats_len; 3726 } 3727#endif 3728 3729 default: 3730 break; 3731 } 3732 return ret; 3733} 3734 3735long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) 3736{ 3737 int ret = 0; 3738 3739 switch (cmd) { 3740#ifndef OPENSSL_NO_DH 3741 case SSL_CTRL_SET_TMP_DH_CB: 3742 { 3743 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 3744 } 3745 break; 3746#endif 3747 case SSL_CTRL_SET_TLSEXT_DEBUG_CB: 3748 s->ext.debug_cb = (void (*)(SSL *, int, int, 3749 const unsigned char *, int, void *))fp; 3750 break; 3751 3752 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: 3753 { 3754 s->not_resumable_session_cb = (int (*)(SSL *, int))fp; 3755 } 3756 break; 3757 default: 3758 break; 3759 } 3760 return ret; 3761} 3762 3763long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) 3764{ 3765 switch (cmd) { 3766#ifndef OPENSSL_NO_DH 3767 case SSL_CTRL_SET_TMP_DH: 3768 { 3769 DH *dh = (DH *)parg; 3770 EVP_PKEY *pkdh = NULL; 3771 if (dh == NULL) { 3772 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3773 return 0; 3774 } 3775 pkdh = ssl_dh_to_pkey(dh); 3776 if (pkdh == NULL) { 3777 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3778 return 0; 3779 } 3780 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH, 3781 EVP_PKEY_security_bits(pkdh), 0, pkdh)) { 3782 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL); 3783 EVP_PKEY_free(pkdh); 3784 return 0; 3785 } 3786 EVP_PKEY_free(ctx->cert->dh_tmp); 3787 ctx->cert->dh_tmp = pkdh; 3788 return 1; 3789 } 3790 case SSL_CTRL_SET_TMP_DH_CB: 3791 { 3792 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 3793 return 0; 3794 } 3795 case SSL_CTRL_SET_DH_AUTO: 3796 ctx->cert->dh_tmp_auto = larg; 3797 return 1; 3798#endif 3799#ifndef OPENSSL_NO_EC 3800 case SSL_CTRL_SET_TMP_ECDH: 3801 { 3802 const EC_GROUP *group = NULL; 3803 int nid; 3804 3805 if (parg == NULL) { 3806 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER); 3807 return 0; 3808 } 3809 group = EC_KEY_get0_group((const EC_KEY *)parg); 3810 if (group == NULL) { 3811 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS); 3812 return 0; 3813 } 3814 nid = EC_GROUP_get_curve_name(group); 3815 if (nid == NID_undef) 3816 return 0; 3817 return tls1_set_groups(&ctx->ext.supportedgroups, 3818 &ctx->ext.supportedgroups_len, 3819 &nid, 1); 3820 } 3821#endif /* !OPENSSL_NO_EC */ 3822 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: 3823 ctx->ext.servername_arg = parg; 3824 break; 3825 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS: 3826 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: 3827 { 3828 unsigned char *keys = parg; 3829 long tick_keylen = (sizeof(ctx->ext.tick_key_name) + 3830 sizeof(ctx->ext.secure->tick_hmac_key) + 3831 sizeof(ctx->ext.secure->tick_aes_key)); 3832 if (keys == NULL) 3833 return tick_keylen; 3834 if (larg != tick_keylen) { 3835 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH); 3836 return 0; 3837 } 3838 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 3839 memcpy(ctx->ext.tick_key_name, keys, 3840 sizeof(ctx->ext.tick_key_name)); 3841 memcpy(ctx->ext.secure->tick_hmac_key, 3842 keys + sizeof(ctx->ext.tick_key_name), 3843 sizeof(ctx->ext.secure->tick_hmac_key)); 3844 memcpy(ctx->ext.secure->tick_aes_key, 3845 keys + sizeof(ctx->ext.tick_key_name) + 3846 sizeof(ctx->ext.secure->tick_hmac_key), 3847 sizeof(ctx->ext.secure->tick_aes_key)); 3848 } else { 3849 memcpy(keys, ctx->ext.tick_key_name, 3850 sizeof(ctx->ext.tick_key_name)); 3851 memcpy(keys + sizeof(ctx->ext.tick_key_name), 3852 ctx->ext.secure->tick_hmac_key, 3853 sizeof(ctx->ext.secure->tick_hmac_key)); 3854 memcpy(keys + sizeof(ctx->ext.tick_key_name) + 3855 sizeof(ctx->ext.secure->tick_hmac_key), 3856 ctx->ext.secure->tick_aes_key, 3857 sizeof(ctx->ext.secure->tick_aes_key)); 3858 } 3859 return 1; 3860 } 3861 3862 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE: 3863 return ctx->ext.status_type; 3864 3865 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: 3866 ctx->ext.status_type = larg; 3867 break; 3868 3869 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: 3870 ctx->ext.status_arg = parg; 3871 return 1; 3872 3873 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG: 3874 *(void**)parg = ctx->ext.status_arg; 3875 break; 3876 3877 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB: 3878 *(int (**)(SSL*, void*))parg = ctx->ext.status_cb; 3879 break; 3880 3881#ifndef OPENSSL_NO_SRP 3882 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: 3883 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3884 OPENSSL_free(ctx->srp_ctx.login); 3885 ctx->srp_ctx.login = NULL; 3886 if (parg == NULL) 3887 break; 3888 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) { 3889 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME); 3890 return 0; 3891 } 3892 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) { 3893 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3894 return 0; 3895 } 3896 break; 3897 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD: 3898 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 3899 srp_password_from_info_cb; 3900 if (ctx->srp_ctx.info != NULL) 3901 OPENSSL_free(ctx->srp_ctx.info); 3902 if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) { 3903 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR); 3904 return 0; 3905 } 3906 break; 3907 case SSL_CTRL_SET_SRP_ARG: 3908 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 3909 ctx->srp_ctx.SRP_cb_arg = parg; 3910 break; 3911 3912 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH: 3913 ctx->srp_ctx.strength = larg; 3914 break; 3915#endif 3916 3917#ifndef OPENSSL_NO_EC 3918 case SSL_CTRL_SET_GROUPS: 3919 return tls1_set_groups(&ctx->ext.supportedgroups, 3920 &ctx->ext.supportedgroups_len, 3921 parg, larg); 3922 3923 case SSL_CTRL_SET_GROUPS_LIST: 3924 return tls1_set_groups_list(&ctx->ext.supportedgroups, 3925 &ctx->ext.supportedgroups_len, 3926 parg); 3927#endif 3928 case SSL_CTRL_SET_SIGALGS: 3929 return tls1_set_sigalgs(ctx->cert, parg, larg, 0); 3930 3931 case SSL_CTRL_SET_SIGALGS_LIST: 3932 return tls1_set_sigalgs_list(ctx->cert, parg, 0); 3933 3934 case SSL_CTRL_SET_CLIENT_SIGALGS: 3935 return tls1_set_sigalgs(ctx->cert, parg, larg, 1); 3936 3937 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST: 3938 return tls1_set_sigalgs_list(ctx->cert, parg, 1); 3939 3940 case SSL_CTRL_SET_CLIENT_CERT_TYPES: 3941 return ssl3_set_req_cert_type(ctx->cert, parg, larg); 3942 3943 case SSL_CTRL_BUILD_CERT_CHAIN: 3944 return ssl_build_cert_chain(NULL, ctx, larg); 3945 3946 case SSL_CTRL_SET_VERIFY_CERT_STORE: 3947 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg); 3948 3949 case SSL_CTRL_SET_CHAIN_CERT_STORE: 3950 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); 3951 3952 /* A Thawte special :-) */ 3953 case SSL_CTRL_EXTRA_CHAIN_CERT: 3954 if (ctx->extra_certs == NULL) { 3955 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) { 3956 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3957 return 0; 3958 } 3959 } 3960 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) { 3961 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE); 3962 return 0; 3963 } 3964 break; 3965 3966 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS: 3967 if (ctx->extra_certs == NULL && larg == 0) 3968 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3969 else 3970 *(STACK_OF(X509) **)parg = ctx->extra_certs; 3971 break; 3972 3973 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: 3974 sk_X509_pop_free(ctx->extra_certs, X509_free); 3975 ctx->extra_certs = NULL; 3976 break; 3977 3978 case SSL_CTRL_CHAIN: 3979 if (larg) 3980 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg); 3981 else 3982 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg); 3983 3984 case SSL_CTRL_CHAIN_CERT: 3985 if (larg) 3986 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg); 3987 else 3988 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg); 3989 3990 case SSL_CTRL_GET_CHAIN_CERTS: 3991 *(STACK_OF(X509) **)parg = ctx->cert->key->chain; 3992 break; 3993 3994 case SSL_CTRL_SELECT_CURRENT_CERT: 3995 return ssl_cert_select_current(ctx->cert, (X509 *)parg); 3996 3997 case SSL_CTRL_SET_CURRENT_CERT: 3998 return ssl_cert_set_current(ctx->cert, larg); 3999 4000 default: 4001 return 0; 4002 } 4003 return 1; 4004} 4005 4006long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void)) 4007{ 4008 switch (cmd) { 4009#ifndef OPENSSL_NO_DH 4010 case SSL_CTRL_SET_TMP_DH_CB: 4011 { 4012 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 4013 } 4014 break; 4015#endif 4016 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: 4017 ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp; 4018 break; 4019 4020 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: 4021 ctx->ext.status_cb = (int (*)(SSL *, void *))fp; 4022 break; 4023 4024 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB: 4025 ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *, 4026 unsigned char *, 4027 EVP_CIPHER_CTX *, 4028 HMAC_CTX *, int))fp; 4029 break; 4030 4031#ifndef OPENSSL_NO_SRP 4032 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB: 4033 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4034 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp; 4035 break; 4036 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB: 4037 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4038 ctx->srp_ctx.TLS_ext_srp_username_callback = 4039 (int (*)(SSL *, int *, void *))fp; 4040 break; 4041 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB: 4042 ctx->srp_ctx.srp_Mask |= SSL_kSRP; 4043 ctx->srp_ctx.SRP_give_srp_client_pwd_callback = 4044 (char *(*)(SSL *, void *))fp; 4045 break; 4046#endif 4047 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: 4048 { 4049 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp; 4050 } 4051 break; 4052 default: 4053 return 0; 4054 } 4055 return 1; 4056} 4057 4058const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id) 4059{ 4060 SSL_CIPHER c; 4061 const SSL_CIPHER *cp; 4062 4063 c.id = id; 4064 cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS); 4065 if (cp != NULL) 4066 return cp; 4067 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS); 4068 if (cp != NULL) 4069 return cp; 4070 return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS); 4071} 4072 4073const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname) 4074{ 4075 SSL_CIPHER *tbl; 4076 SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs}; 4077 size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS, 4078 SSL3_NUM_SCSVS}; 4079 4080 /* this is not efficient, necessary to optimize this? */ 4081 for (j = 0; j < OSSL_NELEM(alltabs); j++) { 4082 for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) { 4083 if (tbl->stdname == NULL) 4084 continue; 4085 if (strcmp(stdname, tbl->stdname) == 0) { 4086 return tbl; 4087 } 4088 } 4089 } 4090 return NULL; 4091} 4092 4093/* 4094 * This function needs to check if the ciphers required are actually 4095 * available 4096 */ 4097const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) 4098{ 4099 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG 4100 | ((uint32_t)p[0] << 8L) 4101 | (uint32_t)p[1]); 4102} 4103 4104int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len) 4105{ 4106 if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) { 4107 *len = 0; 4108 return 1; 4109 } 4110 4111 if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff)) 4112 return 0; 4113 4114 *len = 2; 4115 return 1; 4116} 4117 4118/* 4119 * ssl3_choose_cipher - choose a cipher from those offered by the client 4120 * @s: SSL connection 4121 * @clnt: ciphers offered by the client 4122 * @srvr: ciphers enabled on the server? 4123 * 4124 * Returns the selected cipher or NULL when no common ciphers. 4125 */ 4126const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, 4127 STACK_OF(SSL_CIPHER) *srvr) 4128{ 4129 const SSL_CIPHER *c, *ret = NULL; 4130 STACK_OF(SSL_CIPHER) *prio, *allow; 4131 int i, ii, ok, prefer_sha256 = 0; 4132 unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0; 4133 const EVP_MD *mdsha256 = EVP_sha256(); 4134#ifndef OPENSSL_NO_CHACHA 4135 STACK_OF(SSL_CIPHER) *prio_chacha = NULL; 4136#endif 4137 4138 /* Let's see which ciphers we can support */ 4139 4140 /* 4141 * Do not set the compare functions, because this may lead to a 4142 * reordering by "id". We want to keep the original ordering. We may pay 4143 * a price in performance during sk_SSL_CIPHER_find(), but would have to 4144 * pay with the price of sk_SSL_CIPHER_dup(). 4145 */ 4146 4147#ifdef CIPHER_DEBUG 4148 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), 4149 (void *)srvr); 4150 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) { 4151 c = sk_SSL_CIPHER_value(srvr, i); 4152 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4153 } 4154 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), 4155 (void *)clnt); 4156 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) { 4157 c = sk_SSL_CIPHER_value(clnt, i); 4158 fprintf(stderr, "%p:%s\n", (void *)c, c->name); 4159 } 4160#endif 4161 4162 /* SUITE-B takes precedence over server preference and ChaCha priortiy */ 4163 if (tls1_suiteb(s)) { 4164 prio = srvr; 4165 allow = clnt; 4166 } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) { 4167 prio = srvr; 4168 allow = clnt; 4169#ifndef OPENSSL_NO_CHACHA 4170 /* If ChaCha20 is at the top of the client preference list, 4171 and there are ChaCha20 ciphers in the server list, then 4172 temporarily prioritize all ChaCha20 ciphers in the servers list. */ 4173 if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) { 4174 c = sk_SSL_CIPHER_value(clnt, 0); 4175 if (c->algorithm_enc == SSL_CHACHA20POLY1305) { 4176 /* ChaCha20 is client preferred, check server... */ 4177 int num = sk_SSL_CIPHER_num(srvr); 4178 int found = 0; 4179 for (i = 0; i < num; i++) { 4180 c = sk_SSL_CIPHER_value(srvr, i); 4181 if (c->algorithm_enc == SSL_CHACHA20POLY1305) { 4182 found = 1; 4183 break; 4184 } 4185 } 4186 if (found) { 4187 prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num); 4188 /* if reserve fails, then there's likely a memory issue */ 4189 if (prio_chacha != NULL) { 4190 /* Put all ChaCha20 at the top, starting with the one we just found */ 4191 sk_SSL_CIPHER_push(prio_chacha, c); 4192 for (i++; i < num; i++) { 4193 c = sk_SSL_CIPHER_value(srvr, i); 4194 if (c->algorithm_enc == SSL_CHACHA20POLY1305) 4195 sk_SSL_CIPHER_push(prio_chacha, c); 4196 } 4197 /* Pull in the rest */ 4198 for (i = 0; i < num; i++) { 4199 c = sk_SSL_CIPHER_value(srvr, i); 4200 if (c->algorithm_enc != SSL_CHACHA20POLY1305) 4201 sk_SSL_CIPHER_push(prio_chacha, c); 4202 } 4203 prio = prio_chacha; 4204 } 4205 } 4206 } 4207 } 4208# endif 4209 } else { 4210 prio = clnt; 4211 allow = srvr; 4212 } 4213 4214 if (SSL_IS_TLS13(s)) { 4215#ifndef OPENSSL_NO_PSK 4216 int j; 4217 4218 /* 4219 * If we allow "old" style PSK callbacks, and we have no certificate (so 4220 * we're not going to succeed without a PSK anyway), and we're in 4221 * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the 4222 * TLSv1.3 spec). Therefore we should prioritise ciphersuites using 4223 * that. 4224 */ 4225 if (s->psk_server_callback != NULL) { 4226 for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++); 4227 if (j == SSL_PKEY_NUM) { 4228 /* There are no certificates */ 4229 prefer_sha256 = 1; 4230 } 4231 } 4232#endif 4233 } else { 4234 tls1_set_cert_validity(s); 4235 ssl_set_masks(s); 4236 } 4237 4238 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) { 4239 c = sk_SSL_CIPHER_value(prio, i); 4240 4241 /* Skip ciphers not supported by the protocol version */ 4242 if (!SSL_IS_DTLS(s) && 4243 ((s->version < c->min_tls) || (s->version > c->max_tls))) 4244 continue; 4245 if (SSL_IS_DTLS(s) && 4246 (DTLS_VERSION_LT(s->version, c->min_dtls) || 4247 DTLS_VERSION_GT(s->version, c->max_dtls))) 4248 continue; 4249 4250 /* 4251 * Since TLS 1.3 ciphersuites can be used with any auth or 4252 * key exchange scheme skip tests. 4253 */ 4254 if (!SSL_IS_TLS13(s)) { 4255 mask_k = s->s3->tmp.mask_k; 4256 mask_a = s->s3->tmp.mask_a; 4257#ifndef OPENSSL_NO_SRP 4258 if (s->srp_ctx.srp_Mask & SSL_kSRP) { 4259 mask_k |= SSL_kSRP; 4260 mask_a |= SSL_aSRP; 4261 } 4262#endif 4263 4264 alg_k = c->algorithm_mkey; 4265 alg_a = c->algorithm_auth; 4266 4267#ifndef OPENSSL_NO_PSK 4268 /* with PSK there must be server callback set */ 4269 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL) 4270 continue; 4271#endif /* OPENSSL_NO_PSK */ 4272 4273 ok = (alg_k & mask_k) && (alg_a & mask_a); 4274#ifdef CIPHER_DEBUG 4275 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k, 4276 alg_a, mask_k, mask_a, (void *)c, c->name); 4277#endif 4278 4279#ifndef OPENSSL_NO_EC 4280 /* 4281 * if we are considering an ECC cipher suite that uses an ephemeral 4282 * EC key check it 4283 */ 4284 if (alg_k & SSL_kECDHE) 4285 ok = ok && tls1_check_ec_tmp_key(s, c->id); 4286#endif /* OPENSSL_NO_EC */ 4287 4288 if (!ok) 4289 continue; 4290 } 4291 ii = sk_SSL_CIPHER_find(allow, c); 4292 if (ii >= 0) { 4293 /* Check security callback permits this cipher */ 4294 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED, 4295 c->strength_bits, 0, (void *)c)) 4296 continue; 4297#if !defined(OPENSSL_NO_EC) 4298 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA) 4299 && s->s3->is_probably_safari) { 4300 if (!ret) 4301 ret = sk_SSL_CIPHER_value(allow, ii); 4302 continue; 4303 } 4304#endif 4305 if (prefer_sha256) { 4306 const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii); 4307 4308 if (ssl_md(tmp->algorithm2) == mdsha256) { 4309 ret = tmp; 4310 break; 4311 } 4312 if (ret == NULL) 4313 ret = tmp; 4314 continue; 4315 } 4316 ret = sk_SSL_CIPHER_value(allow, ii); 4317 break; 4318 } 4319 } 4320#ifndef OPENSSL_NO_CHACHA 4321 sk_SSL_CIPHER_free(prio_chacha); 4322#endif 4323 return ret; 4324} 4325 4326int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt) 4327{ 4328 uint32_t alg_k, alg_a = 0; 4329 4330 /* If we have custom certificate types set, use them */ 4331 if (s->cert->ctype) 4332 return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len); 4333 /* Get mask of algorithms disabled by signature list */ 4334 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK); 4335 4336 alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4337 4338#ifndef OPENSSL_NO_GOST 4339 if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST)) 4340 return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN) 4341 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN) 4342 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN); 4343#endif 4344 4345 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) { 4346#ifndef OPENSSL_NO_DH 4347# ifndef OPENSSL_NO_RSA 4348 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH)) 4349 return 0; 4350# endif 4351# ifndef OPENSSL_NO_DSA 4352 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH)) 4353 return 0; 4354# endif 4355#endif /* !OPENSSL_NO_DH */ 4356 } 4357#ifndef OPENSSL_NO_RSA 4358 if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN)) 4359 return 0; 4360#endif 4361#ifndef OPENSSL_NO_DSA 4362 if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN)) 4363 return 0; 4364#endif 4365#ifndef OPENSSL_NO_EC 4366 /* 4367 * ECDSA certs can be used with RSA cipher suites too so we don't 4368 * need to check for SSL_kECDH or SSL_kECDHE 4369 */ 4370 if (s->version >= TLS1_VERSION 4371 && !(alg_a & SSL_aECDSA) 4372 && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN)) 4373 return 0; 4374#endif 4375 return 1; 4376} 4377 4378static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len) 4379{ 4380 OPENSSL_free(c->ctype); 4381 c->ctype = NULL; 4382 c->ctype_len = 0; 4383 if (p == NULL || len == 0) 4384 return 1; 4385 if (len > 0xff) 4386 return 0; 4387 c->ctype = OPENSSL_memdup(p, len); 4388 if (c->ctype == NULL) 4389 return 0; 4390 c->ctype_len = len; 4391 return 1; 4392} 4393 4394int ssl3_shutdown(SSL *s) 4395{ 4396 int ret; 4397 4398 /* 4399 * Don't do anything much if we have not done the handshake or we don't 4400 * want to send messages :-) 4401 */ 4402 if (s->quiet_shutdown || SSL_in_before(s)) { 4403 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 4404 return 1; 4405 } 4406 4407 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { 4408 s->shutdown |= SSL_SENT_SHUTDOWN; 4409 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); 4410 /* 4411 * our shutdown alert has been sent now, and if it still needs to be 4412 * written, s->s3->alert_dispatch will be true 4413 */ 4414 if (s->s3->alert_dispatch) 4415 return -1; /* return WANT_WRITE */ 4416 } else if (s->s3->alert_dispatch) { 4417 /* resend it if not sent */ 4418 ret = s->method->ssl_dispatch_alert(s); 4419 if (ret == -1) { 4420 /* 4421 * we only get to return -1 here the 2nd/Nth invocation, we must 4422 * have already signalled return 0 upon a previous invocation, 4423 * return WANT_WRITE 4424 */ 4425 return ret; 4426 } 4427 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4428 size_t readbytes; 4429 /* 4430 * If we are waiting for a close from our peer, we are closed 4431 */ 4432 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes); 4433 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { 4434 return -1; /* return WANT_READ */ 4435 } 4436 } 4437 4438 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) && 4439 !s->s3->alert_dispatch) 4440 return 1; 4441 else 4442 return 0; 4443} 4444 4445int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written) 4446{ 4447 clear_sys_error(); 4448 if (s->s3->renegotiate) 4449 ssl3_renegotiate_check(s, 0); 4450 4451 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, 4452 written); 4453} 4454 4455static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek, 4456 size_t *readbytes) 4457{ 4458 int ret; 4459 4460 clear_sys_error(); 4461 if (s->s3->renegotiate) 4462 ssl3_renegotiate_check(s, 0); 4463 s->s3->in_read_app_data = 1; 4464 ret = 4465 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len, 4466 peek, readbytes); 4467 if ((ret == -1) && (s->s3->in_read_app_data == 2)) { 4468 /* 4469 * ssl3_read_bytes decided to call s->handshake_func, which called 4470 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes 4471 * actually found application data and thinks that application data 4472 * makes sense here; so disable handshake processing and try to read 4473 * application data again. 4474 */ 4475 ossl_statem_set_in_handshake(s, 1); 4476 ret = 4477 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, 4478 len, peek, readbytes); 4479 ossl_statem_set_in_handshake(s, 0); 4480 } else 4481 s->s3->in_read_app_data = 0; 4482 4483 return ret; 4484} 4485 4486int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes) 4487{ 4488 return ssl3_read_internal(s, buf, len, 0, readbytes); 4489} 4490 4491int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes) 4492{ 4493 return ssl3_read_internal(s, buf, len, 1, readbytes); 4494} 4495 4496int ssl3_renegotiate(SSL *s) 4497{ 4498 if (s->handshake_func == NULL) 4499 return 1; 4500 4501 s->s3->renegotiate = 1; 4502 return 1; 4503} 4504 4505/* 4506 * Check if we are waiting to do a renegotiation and if so whether now is a 4507 * good time to do it. If |initok| is true then we are being called from inside 4508 * the state machine so ignore the result of SSL_in_init(s). Otherwise we 4509 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we 4510 * should do a renegotiation now and sets up the state machine for it. Otherwise 4511 * returns 0. 4512 */ 4513int ssl3_renegotiate_check(SSL *s, int initok) 4514{ 4515 int ret = 0; 4516 4517 if (s->s3->renegotiate) { 4518 if (!RECORD_LAYER_read_pending(&s->rlayer) 4519 && !RECORD_LAYER_write_pending(&s->rlayer) 4520 && (initok || !SSL_in_init(s))) { 4521 /* 4522 * if we are the server, and we have sent a 'RENEGOTIATE' 4523 * message, we need to set the state machine into the renegotiate 4524 * state. 4525 */ 4526 ossl_statem_set_renegotiate(s); 4527 s->s3->renegotiate = 0; 4528 s->s3->num_renegotiations++; 4529 s->s3->total_renegotiations++; 4530 ret = 1; 4531 } 4532 } 4533 return ret; 4534} 4535 4536/* 4537 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and 4538 * handshake macs if required. 4539 * 4540 * If PSK and using SHA384 for TLS < 1.2 switch to default. 4541 */ 4542long ssl_get_algorithm2(SSL *s) 4543{ 4544 long alg2; 4545 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL) 4546 return -1; 4547 alg2 = s->s3->tmp.new_cipher->algorithm2; 4548 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) { 4549 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF)) 4550 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256; 4551 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) { 4552 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384)) 4553 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF; 4554 } 4555 return alg2; 4556} 4557 4558/* 4559 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on 4560 * failure, 1 on success. 4561 */ 4562int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len, 4563 DOWNGRADE dgrd) 4564{ 4565 int send_time = 0, ret; 4566 4567 if (len < 4) 4568 return 0; 4569 if (server) 4570 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0; 4571 else 4572 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0; 4573 if (send_time) { 4574 unsigned long Time = (unsigned long)time(NULL); 4575 unsigned char *p = result; 4576 4577 l2n(Time, p); 4578 ret = RAND_bytes(p, len - 4); 4579 } else { 4580 ret = RAND_bytes(result, len); 4581 } 4582 4583 if (ret > 0) { 4584 if (!ossl_assert(sizeof(tls11downgrade) < len) 4585 || !ossl_assert(sizeof(tls12downgrade) < len)) 4586 return 0; 4587 if (dgrd == DOWNGRADE_TO_1_2) 4588 memcpy(result + len - sizeof(tls12downgrade), tls12downgrade, 4589 sizeof(tls12downgrade)); 4590 else if (dgrd == DOWNGRADE_TO_1_1) 4591 memcpy(result + len - sizeof(tls11downgrade), tls11downgrade, 4592 sizeof(tls11downgrade)); 4593 } 4594 4595 return ret; 4596} 4597 4598int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, 4599 int free_pms) 4600{ 4601 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; 4602 int ret = 0; 4603 4604 if (alg_k & SSL_PSK) { 4605#ifndef OPENSSL_NO_PSK 4606 unsigned char *pskpms, *t; 4607 size_t psklen = s->s3->tmp.psklen; 4608 size_t pskpmslen; 4609 4610 /* create PSK premaster_secret */ 4611 4612 /* For plain PSK "other_secret" is psklen zeroes */ 4613 if (alg_k & SSL_kPSK) 4614 pmslen = psklen; 4615 4616 pskpmslen = 4 + pmslen + psklen; 4617 pskpms = OPENSSL_malloc(pskpmslen); 4618 if (pskpms == NULL) 4619 goto err; 4620 t = pskpms; 4621 s2n(pmslen, t); 4622 if (alg_k & SSL_kPSK) 4623 memset(t, 0, pmslen); 4624 else 4625 memcpy(t, pms, pmslen); 4626 t += pmslen; 4627 s2n(psklen, t); 4628 memcpy(t, s->s3->tmp.psk, psklen); 4629 4630 OPENSSL_clear_free(s->s3->tmp.psk, psklen); 4631 s->s3->tmp.psk = NULL; 4632 s->s3->tmp.psklen = 0; 4633 if (!s->method->ssl3_enc->generate_master_secret(s, 4634 s->session->master_key, pskpms, pskpmslen, 4635 &s->session->master_key_length)) { 4636 OPENSSL_clear_free(pskpms, pskpmslen); 4637 /* SSLfatal() already called */ 4638 goto err; 4639 } 4640 OPENSSL_clear_free(pskpms, pskpmslen); 4641#else 4642 /* Should never happen */ 4643 goto err; 4644#endif 4645 } else { 4646 if (!s->method->ssl3_enc->generate_master_secret(s, 4647 s->session->master_key, pms, pmslen, 4648 &s->session->master_key_length)) { 4649 /* SSLfatal() already called */ 4650 goto err; 4651 } 4652 } 4653 4654 ret = 1; 4655 err: 4656 if (pms) { 4657 if (free_pms) 4658 OPENSSL_clear_free(pms, pmslen); 4659 else 4660 OPENSSL_cleanse(pms, pmslen); 4661 } 4662 if (s->server == 0) { 4663 s->s3->tmp.pms = NULL; 4664 s->s3->tmp.pmslen = 0; 4665 } 4666 return ret; 4667} 4668 4669/* Generate a private key from parameters */ 4670EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm) 4671{ 4672 EVP_PKEY_CTX *pctx = NULL; 4673 EVP_PKEY *pkey = NULL; 4674 4675 if (pm == NULL) 4676 return NULL; 4677 pctx = EVP_PKEY_CTX_new(pm, NULL); 4678 if (pctx == NULL) 4679 goto err; 4680 if (EVP_PKEY_keygen_init(pctx) <= 0) 4681 goto err; 4682 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) { 4683 EVP_PKEY_free(pkey); 4684 pkey = NULL; 4685 } 4686 4687 err: 4688 EVP_PKEY_CTX_free(pctx); 4689 return pkey; 4690} 4691#ifndef OPENSSL_NO_EC 4692/* Generate a private key from a group ID */ 4693EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id) 4694{ 4695 EVP_PKEY_CTX *pctx = NULL; 4696 EVP_PKEY *pkey = NULL; 4697 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); 4698 uint16_t gtype; 4699 4700 if (ginf == NULL) { 4701 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, 4702 ERR_R_INTERNAL_ERROR); 4703 goto err; 4704 } 4705 gtype = ginf->flags & TLS_CURVE_TYPE; 4706 if (gtype == TLS_CURVE_CUSTOM) 4707 pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL); 4708 else 4709 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); 4710 if (pctx == NULL) { 4711 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, 4712 ERR_R_MALLOC_FAILURE); 4713 goto err; 4714 } 4715 if (EVP_PKEY_keygen_init(pctx) <= 0) { 4716 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, 4717 ERR_R_EVP_LIB); 4718 goto err; 4719 } 4720 if (gtype != TLS_CURVE_CUSTOM 4721 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) { 4722 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, 4723 ERR_R_EVP_LIB); 4724 goto err; 4725 } 4726 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) { 4727 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP, 4728 ERR_R_EVP_LIB); 4729 EVP_PKEY_free(pkey); 4730 pkey = NULL; 4731 } 4732 4733 err: 4734 EVP_PKEY_CTX_free(pctx); 4735 return pkey; 4736} 4737 4738/* 4739 * Generate parameters from a group ID 4740 */ 4741EVP_PKEY *ssl_generate_param_group(uint16_t id) 4742{ 4743 EVP_PKEY_CTX *pctx = NULL; 4744 EVP_PKEY *pkey = NULL; 4745 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id); 4746 4747 if (ginf == NULL) 4748 goto err; 4749 4750 if ((ginf->flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) { 4751 pkey = EVP_PKEY_new(); 4752 if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid)) 4753 return pkey; 4754 EVP_PKEY_free(pkey); 4755 return NULL; 4756 } 4757 4758 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); 4759 if (pctx == NULL) 4760 goto err; 4761 if (EVP_PKEY_paramgen_init(pctx) <= 0) 4762 goto err; 4763 if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) 4764 goto err; 4765 if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) { 4766 EVP_PKEY_free(pkey); 4767 pkey = NULL; 4768 } 4769 4770 err: 4771 EVP_PKEY_CTX_free(pctx); 4772 return pkey; 4773} 4774#endif 4775 4776/* Derive secrets for ECDH/DH */ 4777int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) 4778{ 4779 int rv = 0; 4780 unsigned char *pms = NULL; 4781 size_t pmslen = 0; 4782 EVP_PKEY_CTX *pctx; 4783 4784 if (privkey == NULL || pubkey == NULL) { 4785 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE, 4786 ERR_R_INTERNAL_ERROR); 4787 return 0; 4788 } 4789 4790 pctx = EVP_PKEY_CTX_new(privkey, NULL); 4791 4792 if (EVP_PKEY_derive_init(pctx) <= 0 4793 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0 4794 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) { 4795 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE, 4796 ERR_R_INTERNAL_ERROR); 4797 goto err; 4798 } 4799 4800 pms = OPENSSL_malloc(pmslen); 4801 if (pms == NULL) { 4802 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE, 4803 ERR_R_MALLOC_FAILURE); 4804 goto err; 4805 } 4806 4807 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) { 4808 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE, 4809 ERR_R_INTERNAL_ERROR); 4810 goto err; 4811 } 4812 4813 if (gensecret) { 4814 /* SSLfatal() called as appropriate in the below functions */ 4815 if (SSL_IS_TLS13(s)) { 4816 /* 4817 * If we are resuming then we already generated the early secret 4818 * when we created the ClientHello, so don't recreate it. 4819 */ 4820 if (!s->hit) 4821 rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL, 4822 0, 4823 (unsigned char *)&s->early_secret); 4824 else 4825 rv = 1; 4826 4827 rv = rv && tls13_generate_handshake_secret(s, pms, pmslen); 4828 } else { 4829 rv = ssl_generate_master_secret(s, pms, pmslen, 0); 4830 } 4831 } else { 4832 /* Save premaster secret */ 4833 s->s3->tmp.pms = pms; 4834 s->s3->tmp.pmslen = pmslen; 4835 pms = NULL; 4836 rv = 1; 4837 } 4838 4839 err: 4840 OPENSSL_clear_free(pms, pmslen); 4841 EVP_PKEY_CTX_free(pctx); 4842 return rv; 4843} 4844 4845#ifndef OPENSSL_NO_DH 4846EVP_PKEY *ssl_dh_to_pkey(DH *dh) 4847{ 4848 EVP_PKEY *ret; 4849 if (dh == NULL) 4850 return NULL; 4851 ret = EVP_PKEY_new(); 4852 if (EVP_PKEY_set1_DH(ret, dh) <= 0) { 4853 EVP_PKEY_free(ret); 4854 return NULL; 4855 } 4856 return ret; 4857} 4858#endif 4859