Google Git
Sign in
flutter / third_party / openssl / 1510b5f7ca8d06d2ea5966f645dce72a17b1b9c5 / . / ssl / s3_lib.c
blob: c9b27eba4bce1d36b0339f791609bcb51dd46831 [file] [log] [blame]
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]7 *
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]14 *
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]21 *
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]36 * 4. If you include any Windows specific code (or a derivative thereof) from
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]39 *
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]51 *
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
56 */
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]57/* ====================================================================
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]58 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]59 *
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
62 * are met:
63 *
64 * 1. Redistributions of source code must retain the above copyright
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]65 * notice, this list of conditions and the following disclaimer.
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]66 *
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
70 * distribution.
71 *
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76 *
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
81 *
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
85 *
86 * 6. Redistributions of any form whatsoever must retain the following
87 * acknowledgment:
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90 *
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
104 *
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
108 *
109 */
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]110/* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 *
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]113 * Portions of the attached software ("Contribution") are developed by
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]114 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
115 *
116 * The Contribution is licensed pursuant to the OpenSSL open source
117 * license provided above.
118 *
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]119 * ECC cipher suite support in OpenSSL originally written by
120 * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
121 *
122 */
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]123/* ====================================================================
124 * Copyright 2005 Nokia. All rights reserved.
125 *
126 * The portions of the attached software ("Contribution") is developed by
127 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
128 * license.
129 *
130 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
131 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
132 * support (see RFC 4279) to OpenSSL.
133 *
134 * No patent licenses or other rights except those expressly stated in
135 * the OpenSSL open source license shall be deemed granted or received
136 * expressly, by implication, estoppel, or otherwise.
137 *
138 * No assurances are provided by Nokia that the Contribution does not
139 * infringe the patent or other intellectual property rights of any third
140 * party or that the license provides you with all the necessary rights
141 * to make use of the Contribution.
142 *
143 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
144 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
145 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
146 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
147 * OTHERWISE.
148 */
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]149
150#include <stdio.h>
Bodo Möllerec577821999-04-23 22:13:45 +0000[diff] [blame]151#include <openssl/objects.h>
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]152#include "ssl_locl.h"
Ben Lauriedbad1692001-07-30 23:57:25 +0000[diff] [blame]153#include <openssl/md5.h>
Nils Larsch3eeaab42005-07-16 12:37:36 +0000[diff] [blame]154#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]155# include <openssl/dh.h>
Nils Larsch3eeaab42005-07-16 12:37:36 +0000[diff] [blame]156#endif
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]157#include <openssl/rand.h>
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]158
Dr. Stephen Hensonb6eb9822015-05-02 18:30:00 +0100[diff] [blame]159#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]160
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]161/* list of available SSLv3 ciphers (sorted by id) */
Viktor Szakatsf0ff3282016-02-13 18:46:30 +0100[diff] [blame]162static const SSL_CIPHER ssl3_ciphers[] = {
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]163
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]164/* The RSA ciphers */
165/* Cipher 01 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]166 {
167 1,
168 SSL3_TXT_RSA_NULL_MD5,
169 SSL3_CK_RSA_NULL_MD5,
170 SSL_kRSA,
171 SSL_aRSA,
172 SSL_eNULL,
173 SSL_MD5,
174 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]175 SSL_STRONG_NONE,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]176 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
177 0,
178 0,
179 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]180
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]181/* Cipher 02 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]182 {
183 1,
184 SSL3_TXT_RSA_NULL_SHA,
185 SSL3_CK_RSA_NULL_SHA,
186 SSL_kRSA,
187 SSL_aRSA,
188 SSL_eNULL,
189 SSL_SHA1,
190 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]191 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]192 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
193 0,
194 0,
195 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]196
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]197/* Cipher 04 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]198#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]199 {
200 1,
201 SSL3_TXT_RSA_RC4_128_MD5,
202 SSL3_CK_RSA_RC4_128_MD5,
203 SSL_kRSA,
204 SSL_aRSA,
205 SSL_RC4,
206 SSL_MD5,
207 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]208 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]209 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
210 128,
211 128,
212 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]213
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]214/* Cipher 05 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]215 {
216 1,
217 SSL3_TXT_RSA_RC4_128_SHA,
218 SSL3_CK_RSA_RC4_128_SHA,
219 SSL_kRSA,
220 SSL_aRSA,
221 SSL_RC4,
222 SSL_SHA1,
223 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]224 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]225 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
226 128,
227 128,
228 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]229#endif
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]230
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]231/* Cipher 07 */
Richard Levitte5fdf0662003-12-27 16:10:30 +0000[diff] [blame]232#ifndef OPENSSL_NO_IDEA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]233 {
234 1,
235 SSL3_TXT_RSA_IDEA_128_SHA,
236 SSL3_CK_RSA_IDEA_128_SHA,
237 SSL_kRSA,
238 SSL_aRSA,
239 SSL_IDEA,
240 SSL_SHA1,
241 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]242 SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]243 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
244 128,
245 128,
246 },
Richard Levitte5fdf0662003-12-27 16:10:30 +0000[diff] [blame]247#endif
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]248
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]249/* Cipher 0A */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]250 {
251 1,
252 SSL3_TXT_RSA_DES_192_CBC3_SHA,
253 SSL3_CK_RSA_DES_192_CBC3_SHA,
254 SSL_kRSA,
255 SSL_aRSA,
256 SSL_3DES,
257 SSL_SHA1,
258 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]259 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]260 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
261 112,
262 168,
263 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]264
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]265/* Cipher 13 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]266 {
267 1,
268 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
269 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
270 SSL_kDHE,
271 SSL_aDSS,
272 SSL_3DES,
273 SSL_SHA1,
274 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]275 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]276 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
277 112,
278 168,
279 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]280
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]281/* Cipher 16 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]282 {
283 1,
284 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
285 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
286 SSL_kDHE,
287 SSL_aRSA,
288 SSL_3DES,
289 SSL_SHA1,
290 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]291 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]292 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
293 112,
294 168,
295 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]296
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]297/* Cipher 18 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]298#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]299 {
300 1,
301 SSL3_TXT_ADH_RC4_128_MD5,
302 SSL3_CK_ADH_RC4_128_MD5,
303 SSL_kDHE,
304 SSL_aNULL,
305 SSL_RC4,
306 SSL_MD5,
307 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]308 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]309 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
310 128,
311 128,
312 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]313#endif
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]314
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]315/* Cipher 1B */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]316 {
317 1,
318 SSL3_TXT_ADH_DES_192_CBC_SHA,
319 SSL3_CK_ADH_DES_192_CBC_SHA,
320 SSL_kDHE,
321 SSL_aNULL,
322 SSL_3DES,
323 SSL_SHA1,
324 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]325 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]326 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
327 112,
328 168,
329 },
Dr. Stephen Henson5516fcc2015-06-29 00:44:39 +0100[diff] [blame]330#ifndef OPENSSL_NO_PSK
331 /* Cipher 2C */
332 {
333 1,
334 TLS1_TXT_PSK_WITH_NULL_SHA,
335 TLS1_CK_PSK_WITH_NULL_SHA,
336 SSL_kPSK,
337 SSL_aPSK,
338 SSL_eNULL,
339 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]340 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]341 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Henson5516fcc2015-06-29 00:44:39 +0100[diff] [blame]342 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
343 0,
344 0,
345 },
346 /* Cipher 2D */
347 {
348 1,
349 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
350 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
351 SSL_kDHEPSK,
352 SSL_aPSK,
353 SSL_eNULL,
354 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]355 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]356 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Henson5516fcc2015-06-29 00:44:39 +0100[diff] [blame]357 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
358 0,
359 0,
360 },
361 /* Cipher 2E */
362 {
363 1,
364 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
365 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
366 SSL_kRSAPSK,
367 SSL_aRSA,
368 SSL_eNULL,
369 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]370 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]371 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Henson5516fcc2015-06-29 00:44:39 +0100[diff] [blame]372 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
373 0,
374 0,
375 },
376#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]377
Bodo Möller89bbe142006-06-14 17:40:31 +0000[diff] [blame]378/* New AES ciphersuites */
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]379/* Cipher 2F */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]380 {
381 1,
382 TLS1_TXT_RSA_WITH_AES_128_SHA,
383 TLS1_CK_RSA_WITH_AES_128_SHA,
384 SSL_kRSA,
385 SSL_aRSA,
386 SSL_AES128,
387 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]388 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]389 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
391 128,
392 128,
393 },
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]394/* Cipher 32 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]395 {
396 1,
397 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
398 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
399 SSL_kDHE,
400 SSL_aDSS,
401 SSL_AES128,
402 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]403 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]404 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]405 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
406 128,
407 128,
408 },
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]409/* Cipher 33 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]410 {
411 1,
412 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
413 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
414 SSL_kDHE,
415 SSL_aRSA,
416 SSL_AES128,
417 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]418 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]419 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]420 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
421 128,
422 128,
423 },
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]424/* Cipher 34 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]425 {
426 1,
427 TLS1_TXT_ADH_WITH_AES_128_SHA,
428 TLS1_CK_ADH_WITH_AES_128_SHA,
429 SSL_kDHE,
430 SSL_aNULL,
431 SSL_AES128,
432 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]433 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]434 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]435 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
436 128,
437 128,
438 },
Dr. Stephen Hensondeb2c1a2001-02-07 18:15:18 +0000[diff] [blame]439
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]440/* Cipher 35 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]441 {
442 1,
443 TLS1_TXT_RSA_WITH_AES_256_SHA,
444 TLS1_CK_RSA_WITH_AES_256_SHA,
445 SSL_kRSA,
446 SSL_aRSA,
447 SSL_AES256,
448 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]449 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]450 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]451 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
452 256,
453 256,
454 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]455
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]456/* Cipher 38 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]457 {
458 1,
459 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
460 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
461 SSL_kDHE,
462 SSL_aDSS,
463 SSL_AES256,
464 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]465 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]466 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]467 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
468 256,
469 256,
470 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]471
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]472/* Cipher 39 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]473 {
474 1,
475 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
476 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
477 SSL_kDHE,
478 SSL_aRSA,
479 SSL_AES256,
480 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]481 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]482 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]483 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
484 256,
485 256,
486 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]487
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]488 /* Cipher 3A */
489 {
490 1,
491 TLS1_TXT_ADH_WITH_AES_256_SHA,
492 TLS1_CK_ADH_WITH_AES_256_SHA,
493 SSL_kDHE,
494 SSL_aNULL,
495 SSL_AES256,
496 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]497 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]498 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]499 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
500 256,
501 256,
502 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]503
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]504 /* TLS v1.2 ciphersuites */
505 /* Cipher 3B */
506 {
507 1,
508 TLS1_TXT_RSA_WITH_NULL_SHA256,
509 TLS1_CK_RSA_WITH_NULL_SHA256,
510 SSL_kRSA,
511 SSL_aRSA,
512 SSL_eNULL,
513 SSL_SHA256,
514 SSL_TLSV1_2,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]515 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]516 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
517 0,
518 0,
519 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]520
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]521 /* Cipher 3C */
522 {
523 1,
524 TLS1_TXT_RSA_WITH_AES_128_SHA256,
525 TLS1_CK_RSA_WITH_AES_128_SHA256,
526 SSL_kRSA,
527 SSL_aRSA,
528 SSL_AES128,
529 SSL_SHA256,
530 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]531 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]532 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
533 128,
534 128,
535 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]536
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]537 /* Cipher 3D */
538 {
539 1,
540 TLS1_TXT_RSA_WITH_AES_256_SHA256,
541 TLS1_CK_RSA_WITH_AES_256_SHA256,
542 SSL_kRSA,
543 SSL_aRSA,
544 SSL_AES256,
545 SSL_SHA256,
546 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]547 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]548 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
549 256,
550 256,
551 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]552
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]553 /* Cipher 40 */
554 {
555 1,
556 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
557 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
558 SSL_kDHE,
559 SSL_aDSS,
560 SSL_AES128,
561 SSL_SHA256,
562 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]563 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]564 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
565 128,
566 128,
567 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]568
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]569#ifndef OPENSSL_NO_CAMELLIA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]570 /* Camellia ciphersuites from RFC4132 (128-bit portion) */
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]571
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]572 /* Cipher 41 */
573 {
574 1,
575 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
576 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
577 SSL_kRSA,
578 SSL_aRSA,
579 SSL_CAMELLIA128,
580 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]581 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]582 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]583 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
584 128,
585 128,
586 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]587
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]588 /* Cipher 44 */
589 {
590 1,
591 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
592 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
593 SSL_kDHE,
594 SSL_aDSS,
595 SSL_CAMELLIA128,
596 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]597 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]598 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]599 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
600 128,
601 128,
602 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]603
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]604 /* Cipher 45 */
605 {
606 1,
607 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
608 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
609 SSL_kDHE,
610 SSL_aRSA,
611 SSL_CAMELLIA128,
612 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]613 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]614 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]615 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
616 128,
617 128,
618 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]619
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]620 /* Cipher 46 */
621 {
622 1,
623 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
624 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
625 SSL_kDHE,
626 SSL_aNULL,
627 SSL_CAMELLIA128,
628 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]629 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]630 SSL_NOT_DEFAULT | SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]631 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
632 128,
633 128,
634 },
635#endif /* OPENSSL_NO_CAMELLIA */
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]636
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]637 /* TLS v1.2 ciphersuites */
638 /* Cipher 67 */
639 {
640 1,
641 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
642 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
643 SSL_kDHE,
644 SSL_aRSA,
645 SSL_AES128,
646 SSL_SHA256,
647 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]648 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]649 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
650 128,
651 128,
652 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]653
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]654 /* Cipher 6A */
655 {
656 1,
657 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
658 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
659 SSL_kDHE,
660 SSL_aDSS,
661 SSL_AES256,
662 SSL_SHA256,
663 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]664 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]665 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
666 256,
667 256,
668 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]669
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]670 /* Cipher 6B */
671 {
672 1,
673 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
674 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
675 SSL_kDHE,
676 SSL_aRSA,
677 SSL_AES256,
678 SSL_SHA256,
679 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]680 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]681 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
682 256,
683 256,
684 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]685
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]686 /* Cipher 6C */
687 {
688 1,
689 TLS1_TXT_ADH_WITH_AES_128_SHA256,
690 TLS1_CK_ADH_WITH_AES_128_SHA256,
691 SSL_kDHE,
692 SSL_aNULL,
693 SSL_AES128,
694 SSL_SHA256,
695 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]696 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]697 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
698 128,
699 128,
700 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]701
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]702 /* Cipher 6D */
703 {
704 1,
705 TLS1_TXT_ADH_WITH_AES_256_SHA256,
706 TLS1_CK_ADH_WITH_AES_256_SHA256,
707 SSL_kDHE,
708 SSL_aNULL,
709 SSL_AES256,
710 SSL_SHA256,
711 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]712 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]713 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
714 256,
715 256,
716 },
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]717
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]718 /* GOST Ciphersuites */
Matt Caswell2a9b9652015-11-24 13:52:07 +0000[diff] [blame]719#ifndef OPENSL_NO_GOST
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]720 {
721 1,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]722 "GOST2001-GOST89-GOST89",
723 0x3000081,
724 SSL_kGOST,
725 SSL_aGOST01,
726 SSL_eGOST2814789CNT,
727 SSL_GOST89MAC,
Dr. Stephen Hensonfa499242015-11-18 15:54:31 +0000[diff] [blame]728 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]729 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]730 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
731 256,
Rich Salzade44dc2015-08-04 12:32:40 -0400[diff] [blame]732 256
733 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]734 {
735 1,
736 "GOST2001-NULL-GOST94",
737 0x3000083,
738 SSL_kGOST,
739 SSL_aGOST01,
740 SSL_eNULL,
741 SSL_GOST94,
Dr. Stephen Hensonfa499242015-11-18 15:54:31 +0000[diff] [blame]742 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]743 SSL_STRONG_NONE,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]744 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
745 0,
Rich Salzade44dc2015-08-04 12:32:40 -0400[diff] [blame]746 0
747 },
Matt Caswell2a9b9652015-11-24 13:52:07 +0000[diff] [blame]748#endif
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]749#ifndef OPENSSL_NO_CAMELLIA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]750 /* Camellia ciphersuites from RFC4132 (256-bit portion) */
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]751
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]752 /* Cipher 84 */
753 {
754 1,
755 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
756 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
757 SSL_kRSA,
758 SSL_aRSA,
759 SSL_CAMELLIA256,
760 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]761 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]762 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]763 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
764 256,
765 256,
766 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]767
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]768 /* Cipher 87 */
769 {
770 1,
771 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
772 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
773 SSL_kDHE,
774 SSL_aDSS,
775 SSL_CAMELLIA256,
776 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]777 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]778 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]779 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
780 256,
781 256,
782 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]783
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]784 /* Cipher 88 */
785 {
786 1,
787 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
788 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
789 SSL_kDHE,
790 SSL_aRSA,
791 SSL_CAMELLIA256,
792 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]793 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]794 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]795 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
796 256,
797 256,
798 },
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]799
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]800 /* Cipher 89 */
801 {
802 1,
803 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
804 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
805 SSL_kDHE,
806 SSL_aNULL,
807 SSL_CAMELLIA256,
808 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]809 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]810 SSL_NOT_DEFAULT | SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]811 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
812 256,
813 256,
814 },
815#endif /* OPENSSL_NO_CAMELLIA */
Bodo Möllerf3dea9a2006-06-09 15:44:59 +0000[diff] [blame]816
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]817#ifndef OPENSSL_NO_PSK
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]818 /* PSK ciphersuites from RFC 4279 */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]819 /* Cipher 8A */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]820#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]821 {
822 1,
823 TLS1_TXT_PSK_WITH_RC4_128_SHA,
824 TLS1_CK_PSK_WITH_RC4_128_SHA,
825 SSL_kPSK,
826 SSL_aPSK,
827 SSL_RC4,
828 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]829 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]830 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]831 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
832 128,
833 128,
834 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]835#endif
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]836
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]837 /* Cipher 8B */
838 {
839 1,
840 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
841 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
842 SSL_kPSK,
843 SSL_aPSK,
844 SSL_3DES,
845 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]846 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]847 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]848 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
849 112,
850 168,
851 },
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]852
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]853 /* Cipher 8C */
854 {
855 1,
856 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
857 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
858 SSL_kPSK,
859 SSL_aPSK,
860 SSL_AES128,
861 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]862 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]863 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]864 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
865 128,
866 128,
867 },
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]868
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]869 /* Cipher 8D */
870 {
871 1,
872 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
873 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
874 SSL_kPSK,
875 SSL_aPSK,
876 SSL_AES256,
877 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]878 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]879 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]880 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
881 256,
882 256,
883 },
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]884
885 /* Cipher 8E */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]886#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]887 {
888 1,
889 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
890 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
891 SSL_kDHEPSK,
892 SSL_aPSK,
893 SSL_RC4,
894 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]895 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]896 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]897 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
898 128,
899 128,
900 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]901#endif
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]902
903 /* Cipher 8F */
904 {
905 1,
906 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
907 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
908 SSL_kDHEPSK,
909 SSL_aPSK,
910 SSL_3DES,
911 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]912 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]913 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]914 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
915 112,
916 168,
917 },
918
919 /* Cipher 90 */
920 {
921 1,
922 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
923 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
924 SSL_kDHEPSK,
925 SSL_aPSK,
926 SSL_AES128,
927 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]928 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]929 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]930 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
931 128,
932 128,
933 },
934
935 /* Cipher 91 */
936 {
937 1,
938 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
939 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
940 SSL_kDHEPSK,
941 SSL_aPSK,
942 SSL_AES256,
943 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]944 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]945 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]946 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
947 256,
948 256,
949 },
950
951 /* Cipher 92 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]952#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]953 {
954 1,
955 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
956 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
957 SSL_kRSAPSK,
958 SSL_aRSA,
959 SSL_RC4,
960 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]961 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]962 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]963 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
964 128,
965 128,
966 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]967#endif
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]968
969 /* Cipher 93 */
970 {
971 1,
972 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
973 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
974 SSL_kRSAPSK,
975 SSL_aRSA,
976 SSL_3DES,
977 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]978 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]979 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]980 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
981 112,
982 168,
983 },
984
985 /* Cipher 94 */
986 {
987 1,
988 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
989 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
990 SSL_kRSAPSK,
991 SSL_aRSA,
992 SSL_AES128,
993 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]994 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]995 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]996 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
997 128,
998 128,
999 },
1000
1001 /* Cipher 95 */
1002 {
1003 1,
1004 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1005 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1006 SSL_kRSAPSK,
1007 SSL_aRSA,
1008 SSL_AES256,
1009 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1010 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1011 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1012 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1013 256,
1014 256,
1015 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1016#endif /* OPENSSL_NO_PSK */
Bodo Möller89bbe142006-06-14 17:40:31 +0000[diff] [blame]1017
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1018#ifndef OPENSSL_NO_SEED
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1019 /* SEED ciphersuites from RFC4162 */
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1020
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1021 /* Cipher 96 */
1022 {
1023 1,
1024 TLS1_TXT_RSA_WITH_SEED_SHA,
1025 TLS1_CK_RSA_WITH_SEED_SHA,
1026 SSL_kRSA,
1027 SSL_aRSA,
1028 SSL_SEED,
1029 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1030 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1031 SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1032 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1033 128,
1034 128,
1035 },
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1036
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1037 /* Cipher 99 */
1038 {
1039 1,
1040 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1041 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1042 SSL_kDHE,
1043 SSL_aDSS,
1044 SSL_SEED,
1045 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1046 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1047 SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1048 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1049 128,
1050 128,
1051 },
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1052
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1053 /* Cipher 9A */
1054 {
1055 1,
1056 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1057 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1058 SSL_kDHE,
1059 SSL_aRSA,
1060 SSL_SEED,
1061 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1062 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1063 SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1064 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1065 128,
1066 128,
1067 },
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1068
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1069 /* Cipher 9B */
1070 {
1071 1,
1072 TLS1_TXT_ADH_WITH_SEED_SHA,
1073 TLS1_CK_ADH_WITH_SEED_SHA,
1074 SSL_kDHE,
1075 SSL_aNULL,
1076 SSL_SEED,
1077 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1078 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1079 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1080 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1081 128,
1082 128,
1083 },
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1084
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1085#endif /* OPENSSL_NO_SEED */
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]1086
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1087 /* GCM ciphersuites from RFC5288 */
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1088
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1089 /* Cipher 9C */
1090 {
1091 1,
1092 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1093 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1094 SSL_kRSA,
1095 SSL_aRSA,
1096 SSL_AES128GCM,
1097 SSL_AEAD,
1098 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1099 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1100 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1101 128,
1102 128,
1103 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1104
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1105 /* Cipher 9D */
1106 {
1107 1,
1108 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1109 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1110 SSL_kRSA,
1111 SSL_aRSA,
1112 SSL_AES256GCM,
1113 SSL_AEAD,
1114 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1115 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1116 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1117 256,
1118 256,
1119 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1120
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1121 /* Cipher 9E */
1122 {
1123 1,
1124 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1125 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1126 SSL_kDHE,
1127 SSL_aRSA,
1128 SSL_AES128GCM,
1129 SSL_AEAD,
1130 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1131 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1132 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1133 128,
1134 128,
1135 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1136
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1137 /* Cipher 9F */
1138 {
1139 1,
1140 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1141 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1142 SSL_kDHE,
1143 SSL_aRSA,
1144 SSL_AES256GCM,
1145 SSL_AEAD,
1146 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1147 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1148 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1149 256,
1150 256,
1151 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1152
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1153 /* Cipher A2 */
1154 {
1155 1,
1156 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1157 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1158 SSL_kDHE,
1159 SSL_aDSS,
1160 SSL_AES128GCM,
1161 SSL_AEAD,
1162 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1163 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1164 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1165 128,
1166 128,
1167 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1168
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1169 /* Cipher A3 */
1170 {
1171 1,
1172 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1173 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1174 SSL_kDHE,
1175 SSL_aDSS,
1176 SSL_AES256GCM,
1177 SSL_AEAD,
1178 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1179 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1180 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1181 256,
1182 256,
1183 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1184
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1185 /* Cipher A6 */
1186 {
1187 1,
1188 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1189 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1190 SSL_kDHE,
1191 SSL_aNULL,
1192 SSL_AES128GCM,
1193 SSL_AEAD,
1194 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1195 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1196 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1197 128,
1198 128,
1199 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1200
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1201 /* Cipher A7 */
1202 {
1203 1,
1204 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
1205 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
1206 SSL_kDHE,
1207 SSL_aNULL,
1208 SSL_AES256GCM,
1209 SSL_AEAD,
1210 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1211 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1212 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1213 256,
1214 256,
1215 },
Dr. Stephen Henson547dba72015-06-17 14:47:53 +0100[diff] [blame]1216#ifndef OPENSSL_NO_PSK
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1217 /* PSK ciphersuites from RFC5487 */
1218
Dr. Stephen Henson547dba72015-06-17 14:47:53 +0100[diff] [blame]1219 /* Cipher A8 */
1220 {
1221 1,
1222 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1223 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1224 SSL_kPSK,
1225 SSL_aPSK,
1226 SSL_AES128GCM,
1227 SSL_AEAD,
1228 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1229 SSL_HIGH | SSL_FIPS,
Dr. Stephen Henson547dba72015-06-17 14:47:53 +0100[diff] [blame]1230 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1231 128,
1232 128,
1233 },
1234
1235 /* Cipher A9 */
1236 {
1237 1,
1238 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1239 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1240 SSL_kPSK,
1241 SSL_aPSK,
1242 SSL_AES256GCM,
1243 SSL_AEAD,
1244 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1245 SSL_HIGH | SSL_FIPS,
Dr. Stephen Henson547dba72015-06-17 14:47:53 +0100[diff] [blame]1246 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1247 256,
1248 256,
1249 },
1250
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1251 /* Cipher AA */
1252 {
1253 1,
1254 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1255 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1256 SSL_kDHEPSK,
1257 SSL_aPSK,
1258 SSL_AES128GCM,
1259 SSL_AEAD,
1260 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1261 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1262 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1263 128,
1264 128,
1265 },
1266
1267 /* Cipher AB */
1268 {
1269 1,
1270 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1271 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1272 SSL_kDHEPSK,
1273 SSL_aPSK,
1274 SSL_AES256GCM,
1275 SSL_AEAD,
1276 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1277 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1278 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1279 256,
1280 256,
1281 },
1282
1283 /* Cipher AC */
1284 {
1285 1,
1286 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1287 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1288 SSL_kRSAPSK,
1289 SSL_aRSA,
1290 SSL_AES128GCM,
1291 SSL_AEAD,
1292 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1293 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1294 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1295 128,
1296 128,
1297 },
1298
1299 /* Cipher AD */
1300 {
1301 1,
1302 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1303 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1304 SSL_kRSAPSK,
1305 SSL_aRSA,
1306 SSL_AES256GCM,
1307 SSL_AEAD,
1308 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1309 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1310 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1311 256,
1312 256,
1313 },
1314
1315 /* Cipher AE */
1316 {
1317 1,
1318 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1319 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1320 SSL_kPSK,
1321 SSL_aPSK,
1322 SSL_AES128,
1323 SSL_SHA256,
1324 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1325 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1326 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1327 128,
1328 128,
1329 },
1330
1331 /* Cipher AF */
1332 {
1333 1,
1334 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1335 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1336 SSL_kPSK,
1337 SSL_aPSK,
1338 SSL_AES256,
1339 SSL_SHA384,
1340 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1341 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1342 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1343 256,
1344 256,
1345 },
1346
1347 /* Cipher B0 */
1348 {
1349 1,
1350 TLS1_TXT_PSK_WITH_NULL_SHA256,
1351 TLS1_CK_PSK_WITH_NULL_SHA256,
1352 SSL_kPSK,
1353 SSL_aPSK,
1354 SSL_eNULL,
1355 SSL_SHA256,
1356 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1357 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1358 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1359 0,
1360 0,
1361 },
1362
1363 /* Cipher B1 */
1364 {
1365 1,
1366 TLS1_TXT_PSK_WITH_NULL_SHA384,
1367 TLS1_CK_PSK_WITH_NULL_SHA384,
1368 SSL_kPSK,
1369 SSL_aPSK,
1370 SSL_eNULL,
1371 SSL_SHA384,
1372 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1373 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1374 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1375 0,
1376 0,
1377 },
1378
1379 /* Cipher B2 */
1380 {
1381 1,
1382 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1383 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1384 SSL_kDHEPSK,
1385 SSL_aPSK,
1386 SSL_AES128,
1387 SSL_SHA256,
1388 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1389 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1390 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1391 128,
1392 128,
1393 },
1394
1395 /* Cipher B3 */
1396 {
1397 1,
1398 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1399 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1400 SSL_kDHEPSK,
1401 SSL_aPSK,
1402 SSL_AES256,
1403 SSL_SHA384,
1404 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1405 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1406 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1407 256,
1408 256,
1409 },
1410
1411 /* Cipher B4 */
1412 {
1413 1,
1414 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1415 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1416 SSL_kDHEPSK,
1417 SSL_aPSK,
1418 SSL_eNULL,
1419 SSL_SHA256,
1420 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1421 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1422 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1423 0,
1424 0,
1425 },
1426
1427 /* Cipher B5 */
1428 {
1429 1,
1430 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1431 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1432 SSL_kDHEPSK,
1433 SSL_aPSK,
1434 SSL_eNULL,
1435 SSL_SHA384,
1436 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1437 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1438 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1439 0,
1440 0,
1441 },
1442
1443 /* Cipher B6 */
1444 {
1445 1,
1446 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1447 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1448 SSL_kRSAPSK,
1449 SSL_aRSA,
1450 SSL_AES128,
1451 SSL_SHA256,
1452 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1453 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1454 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1455 128,
1456 128,
1457 },
1458
1459 /* Cipher B7 */
1460 {
1461 1,
1462 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1463 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1464 SSL_kRSAPSK,
1465 SSL_aRSA,
1466 SSL_AES256,
1467 SSL_SHA384,
1468 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1469 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1470 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1471 256,
1472 256,
1473 },
1474
1475 /* Cipher B8 */
1476 {
1477 1,
1478 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1479 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1480 SSL_kRSAPSK,
1481 SSL_aRSA,
1482 SSL_eNULL,
1483 SSL_SHA256,
1484 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1485 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1486 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1487 0,
1488 0,
1489 },
1490
1491 /* Cipher B9 */
1492 {
1493 1,
1494 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1495 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1496 SSL_kRSAPSK,
1497 SSL_aRSA,
1498 SSL_eNULL,
1499 SSL_SHA384,
1500 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1501 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]1502 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1503 0,
1504 0,
1505 },
1506#endif /* OPENSSL_NO_PSK */
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]1507
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1508#ifndef OPENSSL_NO_CAMELLIA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1509 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1510
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1511 /* Cipher BA */
1512 {
1513 1,
1514 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
1515 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
1516 SSL_kRSA,
1517 SSL_aRSA,
1518 SSL_CAMELLIA128,
1519 SSL_SHA256,
1520 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1521 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1522 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1523 128,
1524 128,
1525 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1526
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1527 /* Cipher BD */
1528 {
1529 1,
1530 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
1531 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
1532 SSL_kEDH,
1533 SSL_aDSS,
1534 SSL_CAMELLIA128,
1535 SSL_SHA256,
1536 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1537 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1538 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1539 128,
1540 128,
1541 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1542
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1543 /* Cipher BE */
1544 {
1545 1,
1546 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
1547 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
1548 SSL_kEDH,
1549 SSL_aRSA,
1550 SSL_CAMELLIA128,
1551 SSL_SHA256,
1552 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1553 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1554 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1555 128,
1556 128,
1557 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1558
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1559 /* Cipher BF */
1560 {
1561 1,
1562 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
1563 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
1564 SSL_kEDH,
1565 SSL_aNULL,
1566 SSL_CAMELLIA128,
1567 SSL_SHA256,
1568 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1569 SSL_NOT_DEFAULT | SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1570 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1571 128,
1572 128,
1573 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1574
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1575 /* Cipher C0 */
1576 {
1577 1,
1578 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
1579 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
1580 SSL_kRSA,
1581 SSL_aRSA,
1582 SSL_CAMELLIA256,
1583 SSL_SHA256,
1584 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1585 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1586 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1587 256,
1588 256,
1589 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1590
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1591 /* Cipher C3 */
1592 {
1593 1,
1594 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
1595 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
1596 SSL_kEDH,
1597 SSL_aDSS,
1598 SSL_CAMELLIA256,
1599 SSL_SHA256,
1600 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1601 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1602 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1603 256,
1604 256,
1605 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1606
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1607 /* Cipher C4 */
1608 {
1609 1,
1610 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
1611 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
1612 SSL_kEDH,
1613 SSL_aRSA,
1614 SSL_CAMELLIA256,
1615 SSL_SHA256,
1616 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1617 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1618 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1619 256,
1620 256,
1621 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1622
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1623 /* Cipher C5 */
1624 {
1625 1,
1626 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
1627 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
1628 SSL_kEDH,
1629 SSL_aNULL,
1630 SSL_CAMELLIA256,
1631 SSL_SHA256,
1632 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1633 SSL_NOT_DEFAULT | SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1634 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1635 256,
1636 256,
1637 },
PKe6332482014-06-27 18:22:51 +0100[diff] [blame]1638#endif
1639
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]1640#ifndef OPENSSL_NO_EC
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1641
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1642 /* Cipher C006 */
1643 {
1644 1,
1645 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1646 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1647 SSL_kECDHE,
1648 SSL_aECDSA,
1649 SSL_eNULL,
1650 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1651 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1652 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1653 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1654 0,
1655 0,
1656 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1657
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1658 /* Cipher C007 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1659#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1660 {
1661 1,
1662 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1663 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1664 SSL_kECDHE,
1665 SSL_aECDSA,
1666 SSL_RC4,
1667 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1668 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1669 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1670 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1671 128,
1672 128,
1673 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1674#endif
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1675
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1676 /* Cipher C008 */
1677 {
1678 1,
1679 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1680 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1681 SSL_kECDHE,
1682 SSL_aECDSA,
1683 SSL_3DES,
1684 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1685 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1686 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1687 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1688 112,
1689 168,
1690 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1691
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1692 /* Cipher C009 */
1693 {
1694 1,
1695 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1696 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1697 SSL_kECDHE,
1698 SSL_aECDSA,
1699 SSL_AES128,
1700 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1701 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1702 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1703 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1704 128,
1705 128,
1706 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1707
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1708 /* Cipher C00A */
1709 {
1710 1,
1711 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1712 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1713 SSL_kECDHE,
1714 SSL_aECDSA,
1715 SSL_AES256,
1716 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1717 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1718 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1719 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1720 256,
1721 256,
1722 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1723
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1724 /* Cipher C010 */
1725 {
1726 1,
1727 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1728 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1729 SSL_kECDHE,
1730 SSL_aRSA,
1731 SSL_eNULL,
1732 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1733 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1734 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1735 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1736 0,
1737 0,
1738 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1739
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1740 /* Cipher C011 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1741#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1742 {
1743 1,
1744 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
1745 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
1746 SSL_kECDHE,
1747 SSL_aRSA,
1748 SSL_RC4,
1749 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1750 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1751 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1752 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1753 128,
1754 128,
1755 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1756#endif
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1757
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1758 /* Cipher C012 */
1759 {
1760 1,
1761 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1762 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1763 SSL_kECDHE,
1764 SSL_aRSA,
1765 SSL_3DES,
1766 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1767 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1768 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1769 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1770 112,
1771 168,
1772 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1773
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1774 /* Cipher C013 */
1775 {
1776 1,
1777 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1778 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1779 SSL_kECDHE,
1780 SSL_aRSA,
1781 SSL_AES128,
1782 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1783 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1784 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1785 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1786 128,
1787 128,
1788 },
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1789
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1790 /* Cipher C014 */
1791 {
1792 1,
1793 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1794 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1795 SSL_kECDHE,
1796 SSL_aRSA,
1797 SSL_AES256,
1798 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1799 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1800 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1801 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1802 256,
1803 256,
1804 },
Bodo Möllerd56349a2005-12-13 07:33:35 +0000[diff] [blame]1805
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1806 /* Cipher C015 */
1807 {
1808 1,
1809 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1810 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1811 SSL_kECDHE,
1812 SSL_aNULL,
1813 SSL_eNULL,
1814 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1815 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]1816 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1817 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1818 0,
1819 0,
1820 },
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1821
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1822 /* Cipher C016 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1823#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1824 {
1825 1,
1826 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1827 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1828 SSL_kECDHE,
1829 SSL_aNULL,
1830 SSL_RC4,
1831 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1832 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1833 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1834 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1835 128,
1836 128,
1837 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]1838#endif
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1839
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1840 /* Cipher C017 */
1841 {
1842 1,
1843 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1844 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1845 SSL_kECDHE,
1846 SSL_aNULL,
1847 SSL_3DES,
1848 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1849 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1850 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1851 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1852 112,
1853 168,
1854 },
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1855
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1856 /* Cipher C018 */
1857 {
1858 1,
1859 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1860 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1861 SSL_kECDHE,
1862 SSL_aNULL,
1863 SSL_AES128,
1864 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1865 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1866 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1867 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1868 128,
1869 128,
1870 },
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]1871
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1872 /* Cipher C019 */
1873 {
1874 1,
1875 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1876 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1877 SSL_kECDHE,
1878 SSL_aNULL,
1879 SSL_AES256,
1880 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1881 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1882 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1883 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1884 256,
1885 256,
1886 },
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]1887#endif /* OPENSSL_NO_EC */
Nils Larsch6e119bb2005-08-25 07:29:54 +0000[diff] [blame]1888
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1889#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1890 /* Cipher C01A */
1891 {
1892 1,
1893 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1894 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1895 SSL_kSRP,
1896 SSL_aSRP,
1897 SSL_3DES,
1898 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1899 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1900 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1901 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1902 112,
1903 168,
1904 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1905
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1906 /* Cipher C01B */
1907 {
1908 1,
1909 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1910 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1911 SSL_kSRP,
1912 SSL_aRSA,
1913 SSL_3DES,
1914 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1915 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1916 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1917 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1918 112,
1919 168,
1920 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1921
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1922 /* Cipher C01C */
1923 {
1924 1,
1925 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1926 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1927 SSL_kSRP,
1928 SSL_aDSS,
1929 SSL_3DES,
1930 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1931 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1932 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1933 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1934 112,
1935 168,
1936 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1937
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1938 /* Cipher C01D */
1939 {
1940 1,
1941 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1942 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1943 SSL_kSRP,
1944 SSL_aSRP,
1945 SSL_AES128,
1946 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1947 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1948 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1949 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1950 128,
1951 128,
1952 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1953
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1954 /* Cipher C01E */
1955 {
1956 1,
1957 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1958 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1959 SSL_kSRP,
1960 SSL_aRSA,
1961 SSL_AES128,
1962 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1963 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1964 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1965 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1966 128,
1967 128,
1968 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1969
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1970 /* Cipher C01F */
1971 {
1972 1,
1973 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1974 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1975 SSL_kSRP,
1976 SSL_aDSS,
1977 SSL_AES128,
1978 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1979 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1980 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1981 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1982 128,
1983 128,
1984 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]1985
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1986 /* Cipher C020 */
1987 {
1988 1,
1989 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1990 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1991 SSL_kSRP,
1992 SSL_aSRP,
1993 SSL_AES256,
1994 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]1995 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]1996 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]1997 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1998 256,
1999 256,
2000 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]2001
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2002 /* Cipher C021 */
2003 {
2004 1,
2005 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2006 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2007 SSL_kSRP,
2008 SSL_aRSA,
2009 SSL_AES256,
2010 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2011 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2012 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2013 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2014 256,
2015 256,
2016 },
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]2017
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2018 /* Cipher C022 */
2019 {
2020 1,
2021 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2022 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2023 SSL_kSRP,
2024 SSL_aDSS,
2025 SSL_AES256,
2026 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2027 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2028 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2029 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2030 256,
2031 256,
2032 },
2033#endif /* OPENSSL_NO_SRP */
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]2034#ifndef OPENSSL_NO_EC
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2035
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2036 /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2037
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2038 /* Cipher C023 */
2039 {
2040 1,
2041 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2042 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2043 SSL_kECDHE,
2044 SSL_aECDSA,
2045 SSL_AES128,
2046 SSL_SHA256,
2047 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2048 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2049 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2050 128,
2051 128,
2052 },
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2053
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2054 /* Cipher C024 */
2055 {
2056 1,
2057 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2058 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2059 SSL_kECDHE,
2060 SSL_aECDSA,
2061 SSL_AES256,
2062 SSL_SHA384,
2063 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2064 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2065 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2066 256,
2067 256,
2068 },
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2069
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2070
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2071 /* Cipher C027 */
2072 {
2073 1,
2074 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2075 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2076 SSL_kECDHE,
2077 SSL_aRSA,
2078 SSL_AES128,
2079 SSL_SHA256,
2080 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2081 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2082 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2083 128,
2084 128,
2085 },
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2086
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2087 /* Cipher C028 */
2088 {
2089 1,
2090 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2091 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2092 SSL_kECDHE,
2093 SSL_aRSA,
2094 SSL_AES256,
2095 SSL_SHA384,
2096 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2097 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2098 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2099 256,
2100 256,
2101 },
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]2102
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2103 /* GCM based TLS v1.2 ciphersuites from RFC5289 */
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]2104
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2105 /* Cipher C02B */
2106 {
2107 1,
2108 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2109 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2110 SSL_kECDHE,
2111 SSL_aECDSA,
2112 SSL_AES128GCM,
2113 SSL_AEAD,
2114 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2115 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2116 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2117 128,
2118 128,
2119 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]2120
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2121 /* Cipher C02C */
2122 {
2123 1,
2124 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2125 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2126 SSL_kECDHE,
2127 SSL_aECDSA,
2128 SSL_AES256GCM,
2129 SSL_AEAD,
2130 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2131 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2132 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2133 256,
2134 256,
2135 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]2136
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2137 /* Cipher C02F */
2138 {
2139 1,
2140 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2141 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2142 SSL_kECDHE,
2143 SSL_aRSA,
2144 SSL_AES128GCM,
2145 SSL_AEAD,
2146 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2147 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2148 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2149 128,
2150 128,
2151 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]2152
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2153 /* Cipher C030 */
2154 {
2155 1,
2156 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2157 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2158 SSL_kECDHE,
2159 SSL_aRSA,
2160 SSL_AES256GCM,
2161 SSL_AEAD,
2162 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2163 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2164 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2165 256,
2166 256,
2167 },
Dr. Stephen Henson28dd49f2011-08-03 15:37:22 +0000[diff] [blame]2168
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2169 /* PSK ciphersuites from RFC 5489 */
2170 /* Cipher C033 */
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]2171#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2172 {
2173 1,
2174 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2175 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2176 SSL_kECDHEPSK,
2177 SSL_aPSK,
2178 SSL_RC4,
2179 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2180 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2181 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2182 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2183 128,
2184 128,
2185 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]2186#endif
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2187
2188 /* Cipher C034 */
2189 {
2190 1,
2191 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
2192 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
2193 SSL_kECDHEPSK,
2194 SSL_aPSK,
2195 SSL_3DES,
2196 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2197 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2198 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2199 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2200 112,
2201 168,
2202 },
2203
2204 /* Cipher C035 */
2205 {
2206 1,
2207 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
2208 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
2209 SSL_kECDHEPSK,
2210 SSL_aPSK,
2211 SSL_AES128,
2212 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2213 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2214 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2215 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2216 128,
2217 128,
2218 },
2219
2220 /* Cipher C036 */
2221 {
2222 1,
2223 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
2224 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
2225 SSL_kECDHEPSK,
2226 SSL_aPSK,
2227 SSL_AES256,
2228 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2229 SSL_SSLV3,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2230 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2231 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2232 256,
2233 256,
2234 },
2235
2236 /* Cipher C037 */
2237 {
2238 1,
2239 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
2240 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
2241 SSL_kECDHEPSK,
2242 SSL_aPSK,
2243 SSL_AES128,
2244 SSL_SHA256,
2245 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2246 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2247 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2248 128,
2249 128,
2250 },
2251
2252 /* Cipher C038 */
2253 {
2254 1,
2255 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
2256 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
2257 SSL_kECDHEPSK,
2258 SSL_aPSK,
2259 SSL_AES256,
2260 SSL_SHA384,
2261 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2262 SSL_HIGH | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2263 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2264 256,
2265 256,
2266 },
2267
2268 /* Cipher C039 */
2269 {
2270 1,
2271 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
2272 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
2273 SSL_kECDHEPSK,
2274 SSL_aPSK,
2275 SSL_eNULL,
2276 SSL_SHA1,
Dr. Stephen Henson5e3d21f2015-11-13 12:52:51 +0000[diff] [blame]2277 SSL_SSLV3,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]2278 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2279 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2280 0,
2281 0,
2282 },
2283
2284 /* Cipher C03A */
2285 {
2286 1,
2287 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
2288 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
2289 SSL_kECDHEPSK,
2290 SSL_aPSK,
2291 SSL_eNULL,
2292 SSL_SHA256,
2293 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]2294 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2295 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2296 0,
2297 0,
2298 },
2299
2300 /* Cipher C03B */
2301 {
2302 1,
2303 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
2304 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
2305 SSL_kECDHEPSK,
2306 SSL_aPSK,
2307 SSL_eNULL,
2308 SSL_SHA384,
2309 SSL_TLSV1,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame^]2310 SSL_STRONG_NONE | SSL_FIPS,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2311 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2312 0,
2313 0,
2314 },
2315
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2316# ifndef OPENSSL_NO_CAMELLIA
2317 { /* Cipher C072 */
2318 1,
2319 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2320 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2321 SSL_kECDHE,
2322 SSL_aECDSA,
2323 SSL_CAMELLIA128,
2324 SSL_SHA256,
2325 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2326 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2327 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2328 128,
2329 128},
Hubert Kario75048782014-07-23 15:03:59 +0200[diff] [blame]2330
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2331 { /* Cipher C073 */
2332 1,
2333 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2334 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2335 SSL_kECDHE,
2336 SSL_aECDSA,
2337 SSL_CAMELLIA256,
2338 SSL_SHA384,
2339 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2340 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2341 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2342 256,
2343 256},
Hubert Kario75048782014-07-23 15:03:59 +0200[diff] [blame]2344
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2345 { /* Cipher C076 */
2346 1,
2347 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2348 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2349 SSL_kECDHE,
2350 SSL_aRSA,
2351 SSL_CAMELLIA128,
2352 SSL_SHA256,
2353 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2354 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2355 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2356 128,
2357 128},
Hubert Kario75048782014-07-23 15:03:59 +0200[diff] [blame]2358
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2359 { /* Cipher C077 */
2360 1,
2361 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2362 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2363 SSL_kECDHE,
2364 SSL_aRSA,
2365 SSL_CAMELLIA256,
2366 SSL_SHA384,
2367 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2368 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2369 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2370 256,
2371 256},
Hubert Kario75048782014-07-23 15:03:59 +0200[diff] [blame]2372
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2373# endif /* OPENSSL_NO_CAMELLIA */
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]2374#endif /* OPENSSL_NO_EC */
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]2375
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2376#if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_PSK)
2377 { /* Cipher C094 */
2378 1,
2379 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2380 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2381 SSL_kPSK,
2382 SSL_aPSK,
2383 SSL_CAMELLIA128,
2384 SSL_SHA256,
2385 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2386 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2387 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2388 128,
2389 128},
2390
2391 { /* Cipher C095 */
2392 1,
2393 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2394 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2395 SSL_kPSK,
2396 SSL_aPSK,
2397 SSL_CAMELLIA256,
2398 SSL_SHA384,
2399 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2400 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2401 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2402 256,
2403 256},
2404
2405 { /* Cipher C096 */
2406 1,
2407 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2408 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2409 SSL_kDHEPSK,
2410 SSL_aPSK,
2411 SSL_CAMELLIA128,
2412 SSL_SHA256,
2413 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2414 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2415 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2416 128,
2417 128},
2418
2419 { /* Cipher C097 */
2420 1,
2421 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2422 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2423 SSL_kDHEPSK,
2424 SSL_aPSK,
2425 SSL_CAMELLIA256,
2426 SSL_SHA384,
2427 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2428 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2429 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2430 256,
2431 256},
2432
2433 { /* Cipher C098 */
2434 1,
2435 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2436 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2437 SSL_kRSAPSK,
2438 SSL_aRSA,
2439 SSL_CAMELLIA128,
2440 SSL_SHA256,
2441 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2442 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2443 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2444 128,
2445 128},
2446
2447 { /* Cipher C099 */
2448 1,
2449 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2450 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2451 SSL_kRSAPSK,
2452 SSL_aRSA,
2453 SSL_CAMELLIA256,
2454 SSL_SHA384,
2455 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2456 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2457 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2458 256,
2459 256},
2460
2461 { /* Cipher C09A */
2462 1,
2463 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2464 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2465 SSL_kECDHEPSK,
2466 SSL_aPSK,
2467 SSL_CAMELLIA128,
2468 SSL_SHA256,
2469 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2470 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2471 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2472 128,
2473 128},
2474
2475 { /* Cipher C09B */
2476 1,
2477 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2478 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2479 SSL_kECDHEPSK,
2480 SSL_aPSK,
2481 SSL_CAMELLIA256,
2482 SSL_SHA384,
2483 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2484 SSL_HIGH,
Dr. Stephen Henson69a3a9f2015-06-30 19:14:58 +0100[diff] [blame]2485 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2486 256,
2487 256},
2488#endif
2489
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2490 /* Cipher C09C */
2491 {
2492 1,
2493 TLS1_TXT_RSA_WITH_AES_128_CCM,
2494 TLS1_CK_RSA_WITH_AES_128_CCM,
2495 SSL_kRSA,
2496 SSL_aRSA,
2497 SSL_AES128CCM,
2498 SSL_AEAD,
2499 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2500 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2501 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2502 128,
2503 128,
2504 },
2505
2506 /* Cipher C09D */
2507 {
2508 1,
2509 TLS1_TXT_RSA_WITH_AES_256_CCM,
2510 TLS1_CK_RSA_WITH_AES_256_CCM,
2511 SSL_kRSA,
2512 SSL_aRSA,
2513 SSL_AES256CCM,
2514 SSL_AEAD,
2515 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2516 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2517 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2518 256,
2519 256,
2520 },
2521
2522 /* Cipher C09E */
2523 {
2524 1,
2525 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
2526 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
2527 SSL_kDHE,
2528 SSL_aRSA,
2529 SSL_AES128CCM,
2530 SSL_AEAD,
2531 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2532 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2533 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2534 128,
2535 128,
2536 },
2537
2538 /* Cipher C09F */
2539 {
2540 1,
2541 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
2542 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
2543 SSL_kDHE,
2544 SSL_aRSA,
2545 SSL_AES256CCM,
2546 SSL_AEAD,
2547 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2548 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2549 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2550 256,
2551 256,
2552 },
2553
2554 /* Cipher C0A0 */
2555 {
2556 1,
2557 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
2558 TLS1_CK_RSA_WITH_AES_128_CCM_8,
2559 SSL_kRSA,
2560 SSL_aRSA,
2561 SSL_AES128CCM8,
2562 SSL_AEAD,
2563 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2564 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2565 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2566 128,
2567 128,
2568 },
2569
2570 /* Cipher C0A1 */
2571 {
2572 1,
2573 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
2574 TLS1_CK_RSA_WITH_AES_256_CCM_8,
2575 SSL_kRSA,
2576 SSL_aRSA,
2577 SSL_AES256CCM8,
2578 SSL_AEAD,
2579 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2580 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2581 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2582 256,
2583 256,
2584 },
2585
2586 /* Cipher C0A2 */
2587 {
2588 1,
2589 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
2590 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
2591 SSL_kDHE,
2592 SSL_aRSA,
2593 SSL_AES128CCM8,
2594 SSL_AEAD,
2595 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2596 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2597 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2598 128,
2599 128,
2600 },
2601
2602 /* Cipher C0A3 */
2603 {
2604 1,
2605 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
2606 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
2607 SSL_kDHE,
2608 SSL_aRSA,
2609 SSL_AES256CCM8,
2610 SSL_AEAD,
2611 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2612 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2613 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2614 256,
2615 256,
2616 },
2617
2618 /* Cipher C0A4 */
2619 {
2620 1,
2621 TLS1_TXT_PSK_WITH_AES_128_CCM,
2622 TLS1_CK_PSK_WITH_AES_128_CCM,
2623 SSL_kPSK,
2624 SSL_aPSK,
2625 SSL_AES128CCM,
2626 SSL_AEAD,
2627 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2628 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2629 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2630 128,
2631 128,
2632 },
2633
2634 /* Cipher C0A4 */
2635 {
2636 1,
2637 TLS1_TXT_PSK_WITH_AES_256_CCM,
2638 TLS1_CK_PSK_WITH_AES_256_CCM,
2639 SSL_kPSK,
2640 SSL_aPSK,
2641 SSL_AES256CCM,
2642 SSL_AEAD,
2643 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2644 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2645 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2646 256,
2647 256,
2648 },
2649
2650 /* Cipher C0A6 */
2651 {
2652 1,
2653 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
2654 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
2655 SSL_kDHEPSK,
2656 SSL_aPSK,
2657 SSL_AES128CCM,
2658 SSL_AEAD,
2659 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2660 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2661 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2662 128,
2663 128,
2664 },
2665
2666 /* Cipher C0A7 */
2667 {
2668 1,
2669 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
2670 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
2671 SSL_kDHEPSK,
2672 SSL_aPSK,
2673 SSL_AES256CCM,
2674 SSL_AEAD,
2675 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2676 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2677 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2678 256,
2679 256,
2680 },
2681
2682 /* Cipher C0A8 */
2683 {
2684 1,
2685 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
2686 TLS1_CK_PSK_WITH_AES_128_CCM_8,
2687 SSL_kPSK,
2688 SSL_aPSK,
2689 SSL_AES128CCM8,
2690 SSL_AEAD,
2691 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2692 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2693 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2694 128,
2695 128,
2696 },
2697
2698 /* Cipher C0A9 */
2699 {
2700 1,
2701 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
2702 TLS1_CK_PSK_WITH_AES_256_CCM_8,
2703 SSL_kPSK,
2704 SSL_aPSK,
2705 SSL_AES256CCM8,
2706 SSL_AEAD,
2707 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2708 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2709 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2710 256,
2711 256,
2712 },
2713
2714 /* Cipher C0AA */
2715 {
2716 1,
2717 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
2718 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
2719 SSL_kDHEPSK,
2720 SSL_aPSK,
2721 SSL_AES128CCM8,
2722 SSL_AEAD,
2723 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2724 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2725 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2726 128,
2727 128,
2728 },
2729
2730 /* Cipher C0AB */
2731 {
2732 1,
2733 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
2734 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
2735 SSL_kDHEPSK,
2736 SSL_aPSK,
2737 SSL_AES256CCM8,
2738 SSL_AEAD,
2739 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2740 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2741 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2742 256,
2743 256,
2744 },
2745
2746 /* Cipher C0AC */
2747 {
2748 1,
2749 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
2750 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
2751 SSL_kECDHE,
2752 SSL_aECDSA,
2753 SSL_AES128CCM,
2754 SSL_AEAD,
2755 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2756 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2757 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2758 128,
2759 128,
2760 },
2761
2762 /* Cipher C0AD */
2763 {
2764 1,
2765 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
2766 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
2767 SSL_kECDHE,
2768 SSL_aECDSA,
2769 SSL_AES256CCM,
2770 SSL_AEAD,
2771 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2772 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2773 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2774 256,
2775 256,
2776 },
2777
2778 /* Cipher C0AE */
2779 {
2780 1,
2781 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
2782 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
2783 SSL_kECDHE,
2784 SSL_aECDSA,
2785 SSL_AES128CCM8,
2786 SSL_AEAD,
2787 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2788 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2789 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2790 128,
2791 128,
2792 },
2793
2794 /* Cipher C0AF */
2795 {
2796 1,
2797 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
2798 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
2799 SSL_kECDHE,
2800 SSL_aECDSA,
2801 SSL_AES256CCM8,
2802 SSL_AEAD,
2803 SSL_TLSV1_2,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2804 SSL_HIGH,
Dr. Stephen Henson176f85a2015-07-31 16:53:45 +0100[diff] [blame]2805 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2806 256,
2807 256,
2808 },
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2809#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2810# ifndef OPENSSL_NO_EC
2811 /* Cipher CCA8 as per draft-ietf-tls-chacha20-poly1305-03 */
2812 {
2813 1,
2814 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2815 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2816 SSL_kECDHE,
2817 SSL_aRSA,
2818 SSL_CHACHA20POLY1305,
2819 SSL_AEAD,
2820 SSL_TLSV1_2,
2821 SSL_HIGH,
2822 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2823 256,
2824 256,
2825 },
2826 /* Cipher CCA9 */
2827 {
2828 1,
2829 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2830 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2831 SSL_kECDHE,
2832 SSL_aECDSA,
2833 SSL_CHACHA20POLY1305,
2834 SSL_AEAD,
2835 SSL_TLSV1_2,
2836 SSL_HIGH,
2837 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2838 256,
2839 256,
2840 },
2841# endif
2842# ifndef OPENSSL_NO_RSA
2843 /* Cipher CCAA */
2844 {
2845 1,
2846 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2847 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2848 SSL_kDHE,
2849 SSL_aRSA,
2850 SSL_CHACHA20POLY1305,
2851 SSL_AEAD,
2852 SSL_TLSV1_2,
2853 SSL_HIGH,
2854 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2855 256,
2856 256,
2857 },
2858# endif
2859# ifndef OPENSSL_NO_PSK
2860 /* Cipher CCAB */
2861 {
2862 1,
2863 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2864 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2865 SSL_kPSK,
2866 SSL_aPSK,
2867 SSL_CHACHA20POLY1305,
2868 SSL_AEAD,
2869 SSL_TLSV1_2,
2870 SSL_HIGH,
2871 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2872 256,
2873 256,
2874 },
2875 /* Cipher CCAC */
2876 {
2877 1,
2878 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2879 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2880 SSL_kECDHEPSK,
2881 SSL_aPSK,
2882 SSL_CHACHA20POLY1305,
2883 SSL_AEAD,
2884 SSL_TLSV1_2,
2885 SSL_HIGH,
2886 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2887 256,
2888 256,
2889 },
2890 /* Cipher CCAD */
2891 {
2892 1,
2893 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2894 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2895 SSL_kDHEPSK,
2896 SSL_aPSK,
2897 SSL_CHACHA20POLY1305,
2898 SSL_AEAD,
2899 SSL_TLSV1_2,
2900 SSL_HIGH,
2901 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2902 256,
2903 256,
2904 },
2905 /* Cipher CCAE */
2906 {
2907 1,
2908 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2909 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2910 SSL_kRSAPSK,
2911 SSL_aRSA,
2912 SSL_CHACHA20POLY1305,
2913 SSL_AEAD,
2914 SSL_TLSV1_2,
2915 SSL_HIGH,
2916 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2917 256,
2918 256,
2919 },
2920# endif
2921#endif
Matt Caswell2a9b9652015-11-24 13:52:07 +0000[diff] [blame]2922#ifndef OPENSSL_NO_GOST
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]2923 {
2924 1,
2925 "GOST2012-GOST8912-GOST8912",
2926 0x0300ff85,
2927 SSL_kGOST,
2928 SSL_aGOST12 | SSL_aGOST01,
2929 SSL_eGOST2814789CNT12,
2930 SSL_GOST89MAC12,
2931 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2932 SSL_HIGH,
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]2933 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2934 256,
2935 256},
2936 {
2937 1,
2938 "GOST2012-NULL-GOST12",
2939 0x0300ff87,
2940 SSL_kGOST,
2941 SSL_aGOST12 | SSL_aGOST01,
2942 SSL_eNULL,
2943 SSL_GOST12_256,
2944 SSL_TLSV1,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2945 SSL_STRONG_NONE,
Dmitry Belyavsky89577282016-01-19 11:36:43 +0000[diff] [blame]2946 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]2947 0,
2948 0},
Matt Caswell2a9b9652015-11-24 13:52:07 +0000[diff] [blame]2949#endif
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]2950
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2951/* end of list */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2952};
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2953
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2954const SSL3_ENC_METHOD SSLv3_enc_data = {
2955 ssl3_enc,
2956 n_ssl3_mac,
2957 ssl3_setup_key_block,
2958 ssl3_generate_master_secret,
2959 ssl3_change_cipher_state,
2960 ssl3_final_finish_mac,
2961 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2962 SSL3_MD_CLIENT_FINISHED_CONST, 4,
2963 SSL3_MD_SERVER_FINISHED_CONST, 4,
2964 ssl3_alert_code,
2965 (int (*)(SSL *, unsigned char *, size_t, const char *,
2966 size_t, const unsigned char *, size_t,
2967 int use_context))ssl_undefined_function,
2968 0,
2969 SSL3_HM_HEADER_LENGTH,
2970 ssl3_set_handshake_header,
2971 ssl3_handshake_write
2972};
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]2973
Dr. Stephen Hensonf3b656b2005-08-05 23:56:11 +0000[diff] [blame]2974long ssl3_default_timeout(void)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2975{
2976 /*
2977 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
2978 * http, the cache would over fill
2979 */
2980 return (60 * 60 * 2);
2981}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2982
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]2983int ssl3_num_ciphers(void)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2984{
2985 return (SSL3_NUM_CIPHERS);
2986}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2987
Ben Lauriebabb3792008-10-12 14:32:47 +0000[diff] [blame]2988const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2989{
2990 if (u < SSL3_NUM_CIPHERS)
2991 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
2992 else
2993 return (NULL);
2994}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]2995
Matt Caswell77d514c2015-03-09 15:33:46 +0000[diff] [blame]2996int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2997{
2998 unsigned char *p = (unsigned char *)s->init_buf->data;
2999 *(p++) = htype;
3000 l2n3(len, p);
3001 s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
3002 s->init_off = 0;
Matt Caswell77d514c2015-03-09 15:33:46 +0000[diff] [blame]3003
3004 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3005}
Dr. Stephen Henson173e72e2013-03-11 15:34:28 +0000[diff] [blame]3006
3007int ssl3_handshake_write(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3008{
3009 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3010}
Dr. Stephen Henson173e72e2013-03-11 15:34:28 +0000[diff] [blame]3011
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3012int ssl3_new(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3013{
3014 SSL3_STATE *s3;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3015
Rich Salzb51bce92015-08-25 13:25:58 -0400[diff] [blame]3016 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3017 goto err;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3018 s->s3 = s3;
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]3019
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3020#ifndef OPENSSL_NO_SRP
Viktor Dukhovni61986d32015-04-16 01:50:03 -0400[diff] [blame]3021 if (!SSL_SRP_CTX_init(s))
Matt Caswell69f68232015-03-06 14:37:17 +0000[diff] [blame]3022 goto err;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3023#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3024 s->method->ssl_clear(s);
3025 return (1);
3026 err:
3027 return (0);
3028}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3029
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3030void ssl3_free(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3031{
Pascal Cuoqa60c1512015-11-23 00:13:15 +0100[diff] [blame]3032 if (s == NULL || s->s3 == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3033 return;
Ben Lauriee03ddfa1999-01-07 19:15:59 +0000[diff] [blame]3034
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3035 ssl3_cleanup_key_block(s);
Dr. Stephen Henson8d92c1f2015-06-21 16:26:08 +0100[diff] [blame]3036
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3037#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
Dr. Stephen Henson61dd9f72015-12-14 00:33:33 +0000[diff] [blame]3038 EVP_PKEY_free(s->s3->peer_tmp);
3039 s->s3->peer_tmp = NULL;
Dr. Stephen Hensonb22d7112015-12-24 00:23:29 +0000[diff] [blame]3040 EVP_PKEY_free(s->s3->tmp.pkey);
3041 s->s3->tmp.pkey = NULL;
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]3042#endif
3043
Rich Salz222561f2015-04-30 17:33:59 -0400[diff] [blame]3044 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3045 OPENSSL_free(s->s3->tmp.ciphers_raw);
3046 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3047 OPENSSL_free(s->s3->tmp.peer_sigalgs);
Dr. Stephen Henson85fb6fd2015-06-20 15:37:22 +0100[diff] [blame]3048 ssl3_free_digest_list(s);
Rich Salz25aaa982015-05-01 14:37:16 -0400[diff] [blame]3049 OPENSSL_free(s->s3->alpn_selected);
Adam Langley6f017a82013-04-15 18:07:47 -0400[diff] [blame]3050
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3051#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3052 SSL_SRP_CTX_free(s);
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3053#endif
Rich Salzb4faea52015-05-01 23:10:31 -0400[diff] [blame]3054 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3055 s->s3 = NULL;
3056}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3057
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3058void ssl3_clear(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3059{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3060 ssl3_cleanup_key_block(s);
Rich Salz222561f2015-04-30 17:33:59 -0400[diff] [blame]3061 sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3062 OPENSSL_free(s->s3->tmp.ciphers_raw);
3063 s->s3->tmp.ciphers_raw = NULL;
3064 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3065 s->s3->tmp.pms = NULL;
3066 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3067 s->s3->tmp.peer_sigalgs = NULL;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3068
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3069#ifndef OPENSSL_NO_EC
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3070 s->s3->is_probably_safari = 0;
3071#endif
3072#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
Dr. Stephen Hensonb22d7112015-12-24 00:23:29 +0000[diff] [blame]3073 EVP_PKEY_free(s->s3->tmp.pkey);
3074 s->s3->tmp.pkey = NULL;
Dr. Stephen Henson61dd9f72015-12-14 00:33:33 +0000[diff] [blame]3075 EVP_PKEY_free(s->s3->peer_tmp);
3076 s->s3->peer_tmp = NULL;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3077#endif /* !OPENSSL_NO_EC */
Mark J. Cox413c4f41999-02-16 09:22:21 +0000[diff] [blame]3078
Dr. Stephen Henson85fb6fd2015-06-20 15:37:22 +0100[diff] [blame]3079 ssl3_free_digest_list(s);
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3080
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3081 if (s->s3->alpn_selected) {
Dr. Stephen Hensonbc9567c2015-06-20 16:10:54 +0100[diff] [blame]3082 OPENSSL_free(s->s3->alpn_selected);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3083 s->s3->alpn_selected = NULL;
3084 }
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3085
Rich Salzb4faea52015-05-01 23:10:31 -0400[diff] [blame]3086 memset(s->s3, 0, sizeof(*s->s3));
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3087
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3088 ssl_free_wbio_buffer(s);
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3089
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3090 s->s3->renegotiate = 0;
3091 s->s3->total_renegotiations = 0;
3092 s->s3->num_renegotiations = 0;
3093 s->s3->in_read_app_data = 0;
3094 s->version = SSL3_VERSION;
Ben Laurieee2ffc22010-07-28 10:06:55 +0000[diff] [blame]3095
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3096#if !defined(OPENSSL_NO_NEXTPROTONEG)
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3097 OPENSSL_free(s->next_proto_negotiated);
3098 s->next_proto_negotiated = NULL;
3099 s->next_proto_negotiated_len = 0;
Ben Laurieee2ffc22010-07-28 10:06:55 +0000[diff] [blame]3100#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3101}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3102
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3103#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3104static char *srp_password_from_info_cb(SSL *s, void *arg)
3105{
Rich Salz7644a9a2015-12-16 16:12:24 -0500[diff] [blame]3106 return OPENSSL_strdup(s->srp_ctx.info);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3107}
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3108#endif
3109
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3110static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p,
3111 size_t len);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3112
Bodo Möllera661b652001-10-20 17:56:36 +0000[diff] [blame]3113long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3114{
3115 int ret = 0;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]3116
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3117 switch (cmd) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3118 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3119 break;
3120 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3121 ret = s->s3->num_renegotiations;
3122 break;
3123 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3124 ret = s->s3->num_renegotiations;
3125 s->s3->num_renegotiations = 0;
3126 break;
3127 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3128 ret = s->s3->total_renegotiations;
3129 break;
3130 case SSL_CTRL_GET_FLAGS:
3131 ret = (int)(s->s3->flags);
3132 break;
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3133#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3134 case SSL_CTRL_SET_TMP_DH:
3135 {
3136 DH *dh = (DH *)parg;
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3137 EVP_PKEY *pkdh = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3138 if (dh == NULL) {
3139 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3140 return (ret);
3141 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3142 pkdh = ssl_dh_to_pkey(dh);
3143 if (pkdh == NULL) {
3144 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3145 return 0;
3146 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3147 if (!ssl_security(s, SSL_SECOP_TMP_DH,
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3148 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3149 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3150 EVP_PKEY_free(pkdh);
3151 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3152 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3153 EVP_PKEY_free(s->cert->dh_tmp);
3154 s->cert->dh_tmp = pkdh;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3155 ret = 1;
3156 }
3157 break;
3158 case SSL_CTRL_SET_TMP_DH_CB:
3159 {
3160 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3161 return (ret);
3162 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3163 case SSL_CTRL_SET_DH_AUTO:
3164 s->cert->dh_tmp_auto = larg;
3165 return 1;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3166#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3167#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3168 case SSL_CTRL_SET_TMP_ECDH:
3169 {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3170 const EC_GROUP *group = NULL;
3171 int nid;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3172
3173 if (parg == NULL) {
3174 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3175 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3176 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3177 group = EC_KEY_get0_group((const EC_KEY *)parg);
3178 if (group == NULL) {
3179 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3180 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3181 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3182 nid = EC_GROUP_get_curve_name(group);
3183 if (nid == NID_undef)
3184 return 0;
3185 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3186 &s->tlsext_ellipticcurvelist_length,
3187 &nid, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3188 }
3189 break;
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3190#endif /* !OPENSSL_NO_EC */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3191 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3192 if (larg == TLSEXT_NAMETYPE_host_name) {
Viktor Dukhovni0982eca2016-01-16 12:57:24 -0500[diff] [blame]3193 size_t len;
3194
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3195 OPENSSL_free(s->tlsext_hostname);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3196 s->tlsext_hostname = NULL;
Bodo Möllered3883d2006-01-02 23:14:37 +0000[diff] [blame]3197
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3198 ret = 1;
3199 if (parg == NULL)
3200 break;
Viktor Dukhovni0982eca2016-01-16 12:57:24 -0500[diff] [blame]3201 len = strlen((char *)parg);
3202 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3203 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3204 return 0;
3205 }
Rich Salz7644a9a2015-12-16 16:12:24 -0500[diff] [blame]3206 if ((s->tlsext_hostname = OPENSSL_strdup((char *)parg)) == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3207 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3208 return 0;
3209 }
3210 } else {
3211 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3212 return 0;
3213 }
3214 break;
3215 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3216 s->tlsext_debug_arg = parg;
3217 ret = 1;
3218 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3219
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3220 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3221 s->tlsext_status_type = larg;
3222 ret = 1;
3223 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3224
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3225 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3226 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3227 ret = 1;
3228 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3229
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3230 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3231 s->tlsext_ocsp_exts = parg;
3232 ret = 1;
3233 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3234
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3235 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3236 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3237 ret = 1;
3238 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3239
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3240 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3241 s->tlsext_ocsp_ids = parg;
3242 ret = 1;
3243 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3244
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3245 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3246 *(unsigned char **)parg = s->tlsext_ocsp_resp;
3247 return s->tlsext_ocsp_resplen;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3248
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3249 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3250 OPENSSL_free(s->tlsext_ocsp_resp);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3251 s->tlsext_ocsp_resp = parg;
3252 s->tlsext_ocsp_resplen = larg;
3253 ret = 1;
3254 break;
Dr. Stephen Henson48175042011-12-31 22:59:57 +0000[diff] [blame]3255
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3256#ifndef OPENSSL_NO_HEARTBEATS
Rich Salz22e3dcb2016-01-25 13:30:37 -0500[diff] [blame]3257 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3258 if (SSL_IS_DTLS(s))
3259 ret = dtls1_heartbeat(s);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3260 break;
Dr. Stephen Henson48175042011-12-31 22:59:57 +0000[diff] [blame]3261
Rich Salz22e3dcb2016-01-25 13:30:37 -0500[diff] [blame]3262 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3263 if (SSL_IS_DTLS(s))
3264 ret = s->tlsext_hb_pending;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3265 break;
Dr. Stephen Henson48175042011-12-31 22:59:57 +0000[diff] [blame]3266
Rich Salz22e3dcb2016-01-25 13:30:37 -0500[diff] [blame]3267 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3268 if (SSL_IS_DTLS(s)) {
3269 if (larg)
3270 s->tlsext_heartbeat |= SSL_DTLSEXT_HB_DONT_RECV_REQUESTS;
3271 else
3272 s->tlsext_heartbeat &= ~SSL_DTLSEXT_HB_DONT_RECV_REQUESTS;
3273 ret = 1;
3274 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3275 break;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3276#endif
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3277
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3278 case SSL_CTRL_CHAIN:
3279 if (larg)
3280 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3281 else
3282 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3283
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3284 case SSL_CTRL_CHAIN_CERT:
3285 if (larg)
3286 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3287 else
3288 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3289
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3290 case SSL_CTRL_GET_CHAIN_CERTS:
3291 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3292 break;
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3293
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3294 case SSL_CTRL_SELECT_CURRENT_CERT:
3295 return ssl_cert_select_current(s->cert, (X509 *)parg);
3296
3297 case SSL_CTRL_SET_CURRENT_CERT:
3298 if (larg == SSL_CERT_SET_SERVER) {
3299 CERT_PKEY *cpk;
3300 const SSL_CIPHER *cipher;
3301 if (!s->server)
3302 return 0;
3303 cipher = s->s3->tmp.new_cipher;
3304 if (!cipher)
3305 return 0;
3306 /*
3307 * No certificate for unauthenticated ciphersuites or using SRP
3308 * authentication
3309 */
3310 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3311 return 2;
3312 cpk = ssl_get_server_send_pkey(s);
3313 if (!cpk)
3314 return 0;
3315 s->cert->key = cpk;
3316 return 1;
3317 }
3318 return ssl_cert_set_current(s->cert, larg);
Dr. Stephen Henson0f788192014-02-02 02:51:30 +0000[diff] [blame]3319
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3320#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3321 case SSL_CTRL_GET_CURVES:
3322 {
3323 unsigned char *clist;
3324 size_t clistlen;
3325 if (!s->session)
3326 return 0;
3327 clist = s->session->tlsext_ellipticcurvelist;
3328 clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
3329 if (parg) {
3330 size_t i;
3331 int *cptr = parg;
3332 unsigned int cid, nid;
3333 for (i = 0; i < clistlen; i++) {
3334 n2s(clist, cid);
3335 nid = tls1_ec_curve_id2nid(cid);
3336 if (nid != 0)
3337 cptr[i] = nid;
3338 else
3339 cptr[i] = TLSEXT_nid_unknown | cid;
3340 }
3341 }
3342 return (int)clistlen;
3343 }
Dr. Stephen Hensone7f8ff42012-03-06 14:28:21 +0000[diff] [blame]3344
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3345 case SSL_CTRL_SET_CURVES:
3346 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3347 &s->tlsext_ellipticcurvelist_length,
3348 parg, larg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3349
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3350 case SSL_CTRL_SET_CURVES_LIST:
3351 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
3352 &s->tlsext_ellipticcurvelist_length,
3353 parg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3354
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3355 case SSL_CTRL_GET_SHARED_CURVE:
3356 return tls1_shared_curve(s, larg);
Dr. Stephen Hensona4352632012-04-05 13:38:27 +0000[diff] [blame]3357
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3358#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3359 case SSL_CTRL_SET_SIGALGS:
3360 return tls1_set_sigalgs(s->cert, parg, larg, 0);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3361
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3362 case SSL_CTRL_SET_SIGALGS_LIST:
3363 return tls1_set_sigalgs_list(s->cert, parg, 0);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3364
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3365 case SSL_CTRL_SET_CLIENT_SIGALGS:
3366 return tls1_set_sigalgs(s->cert, parg, larg, 1);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3367
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3368 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3369 return tls1_set_sigalgs_list(s->cert, parg, 1);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3370
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3371 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3372 {
3373 const unsigned char **pctype = parg;
3374 if (s->server || !s->s3->tmp.cert_req)
3375 return 0;
3376 if (s->cert->ctypes) {
3377 if (pctype)
3378 *pctype = s->cert->ctypes;
3379 return (int)s->cert->ctype_num;
3380 }
3381 if (pctype)
3382 *pctype = (unsigned char *)s->s3->tmp.ctype;
3383 return s->s3->tmp.ctype_num;
3384 }
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3385
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3386 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3387 if (!s->server)
3388 return 0;
3389 return ssl3_set_req_cert_type(s->cert, parg, larg);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3390
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3391 case SSL_CTRL_BUILD_CERT_CHAIN:
3392 return ssl_build_cert_chain(s, NULL, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3393
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3394 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3395 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3396
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3397 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3398 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3399
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3400 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3401 if (SSL_USE_SIGALGS(s)) {
Dr. Stephen Henson389ebce2015-06-21 19:42:04 +0100[diff] [blame]3402 if (s->session) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3403 const EVP_MD *sig;
Dr. Stephen Hensond376e572015-05-12 18:56:39 +0100[diff] [blame]3404 sig = s->s3->tmp.peer_md;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3405 if (sig) {
3406 *(int *)parg = EVP_MD_type(sig);
3407 return 1;
3408 }
3409 }
3410 return 0;
3411 }
3412 /* Might want to do something here for other versions */
3413 else
3414 return 0;
Dr. Stephen Henson319354e2012-09-07 12:53:42 +0000[diff] [blame]3415
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3416 case SSL_CTRL_GET_SERVER_TMP_KEY:
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3417#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3418 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3419 return 0;
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3420 } else {
3421 EVP_PKEY_up_ref(s->s3->peer_tmp);
3422 *(EVP_PKEY **)parg = s->s3->peer_tmp;
3423 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3424 }
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3425#else
3426 return 0;
3427#endif
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3428#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3429 case SSL_CTRL_GET_EC_POINT_FORMATS:
3430 {
3431 SSL_SESSION *sess = s->session;
3432 const unsigned char **pformat = parg;
3433 if (!sess || !sess->tlsext_ecpointformatlist)
3434 return 0;
3435 *pformat = sess->tlsext_ecpointformatlist;
3436 return (int)sess->tlsext_ecpointformatlist_length;
3437 }
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3438#endif
Bodo Moellercf6da052014-10-15 04:03:28 +0200[diff] [blame]3439
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3440 default:
3441 break;
3442 }
3443 return (ret);
3444}
Richard Levittea9188d42000-01-18 09:30:51 +0000[diff] [blame]3445
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3446long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3447{
3448 int ret = 0;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3449
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3450 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3451#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3452 case SSL_CTRL_SET_TMP_DH_CB:
3453 {
3454 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3455 }
3456 break;
Ralf S. Engelschall15d21c21999-02-25 14:40:29 +0000[diff] [blame]3457#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3458 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3459 s->tlsext_debug_cb = (void (*)(SSL *, int, int,
Emilia Kasperb6981742016-02-01 15:26:18 +0100[diff] [blame]3460 const unsigned char *, int, void *))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3461 break;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3462
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3463 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3464 {
3465 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3466 }
3467 break;
3468 default:
3469 break;
3470 }
3471 return (ret);
3472}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3473
Bodo Möllera661b652001-10-20 17:56:36 +0000[diff] [blame]3474long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3475{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3476 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3477#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3478 case SSL_CTRL_SET_TMP_DH:
3479 {
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3480 DH *dh = (DH *)parg;
3481 EVP_PKEY *pkdh = NULL;
3482 if (dh == NULL) {
3483 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3484 return 0;
3485 }
3486 pkdh = ssl_dh_to_pkey(dh);
3487 if (pkdh == NULL) {
3488 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3489 return 0;
3490 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3491 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3492 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3493 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3494 EVP_PKEY_free(pkdh);
3495 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3496 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3497 EVP_PKEY_free(ctx->cert->dh_tmp);
3498 ctx->cert->dh_tmp = pkdh;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3499 return 1;
3500 }
3501 /*
3502 * break;
3503 */
3504 case SSL_CTRL_SET_TMP_DH_CB:
3505 {
3506 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3507 return (0);
3508 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3509 case SSL_CTRL_SET_DH_AUTO:
3510 ctx->cert->dh_tmp_auto = larg;
3511 return 1;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3512#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3513#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3514 case SSL_CTRL_SET_TMP_ECDH:
3515 {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3516 const EC_GROUP *group = NULL;
3517 int nid;
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]3518
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3519 if (parg == NULL) {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3520 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3521 return 0;
3522 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3523 group = EC_KEY_get0_group((const EC_KEY *)parg);
3524 if (group == NULL) {
3525 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3526 return 0;
3527 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3528 nid = EC_GROUP_get_curve_name(group);
3529 if (nid == NID_undef)
3530 return 0;
3531 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3532 &ctx->tlsext_ellipticcurvelist_length,
3533 &nid, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3534 }
3535 /* break; */
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3536#endif /* !OPENSSL_NO_EC */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3537 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3538 ctx->tlsext_servername_arg = parg;
3539 break;
3540 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3541 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3542 {
3543 unsigned char *keys = parg;
3544 if (!keys)
3545 return 48;
3546 if (larg != 48) {
3547 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3548 return 0;
3549 }
3550 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3551 memcpy(ctx->tlsext_tick_key_name, keys, 16);
3552 memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3553 memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3554 } else {
3555 memcpy(keys, ctx->tlsext_tick_key_name, 16);
3556 memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3557 memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3558 }
3559 return 1;
3560 }
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3561
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3562 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3563 ctx->tlsext_status_arg = parg;
3564 return 1;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3565
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3566#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3567 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3568 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3569 OPENSSL_free(ctx->srp_ctx.login);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3570 ctx->srp_ctx.login = NULL;
3571 if (parg == NULL)
3572 break;
3573 if (strlen((const char *)parg) > 255
3574 || strlen((const char *)parg) < 1) {
3575 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3576 return 0;
3577 }
Rich Salz7644a9a2015-12-16 16:12:24 -0500[diff] [blame]3578 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3579 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3580 return 0;
3581 }
3582 break;
3583 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3584 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3585 srp_password_from_info_cb;
3586 ctx->srp_ctx.info = parg;
3587 break;
3588 case SSL_CTRL_SET_SRP_ARG:
3589 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3590 ctx->srp_ctx.SRP_cb_arg = parg;
3591 break;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3592
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3593 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3594 ctx->srp_ctx.strength = larg;
3595 break;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3596#endif
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3597
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3598#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3599 case SSL_CTRL_SET_CURVES:
3600 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3601 &ctx->tlsext_ellipticcurvelist_length,
3602 parg, larg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3603
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3604 case SSL_CTRL_SET_CURVES_LIST:
3605 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
3606 &ctx->tlsext_ellipticcurvelist_length,
3607 parg);
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3608#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3609 case SSL_CTRL_SET_SIGALGS:
3610 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3611
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3612 case SSL_CTRL_SET_SIGALGS_LIST:
3613 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3614
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3615 case SSL_CTRL_SET_CLIENT_SIGALGS:
3616 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3617
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3618 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3619 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3620
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3621 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3622 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3623
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3624 case SSL_CTRL_BUILD_CERT_CHAIN:
3625 return ssl_build_cert_chain(NULL, ctx, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3626
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3627 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3628 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3629
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3630 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3631 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3632
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3633 /* A Thawte special :-) */
3634 case SSL_CTRL_EXTRA_CHAIN_CERT:
3635 if (ctx->extra_certs == NULL) {
3636 if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
3637 return (0);
3638 }
3639 sk_X509_push(ctx->extra_certs, (X509 *)parg);
3640 break;
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3641
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3642 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3643 if (ctx->extra_certs == NULL && larg == 0)
3644 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3645 else
3646 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3647 break;
Dr. Stephen Hensonf9b0b452011-12-22 15:14:32 +0000[diff] [blame]3648
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3649 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
Rich Salz222561f2015-04-30 17:33:59 -0400[diff] [blame]3650 sk_X509_pop_free(ctx->extra_certs, X509_free);
3651 ctx->extra_certs = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3652 break;
Dr. Stephen Hensonf9b0b452011-12-22 15:14:32 +0000[diff] [blame]3653
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3654 case SSL_CTRL_CHAIN:
3655 if (larg)
3656 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3657 else
3658 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3659
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3660 case SSL_CTRL_CHAIN_CERT:
3661 if (larg)
3662 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3663 else
3664 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3665
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3666 case SSL_CTRL_GET_CHAIN_CERTS:
3667 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3668 break;
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3669
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3670 case SSL_CTRL_SELECT_CURRENT_CERT:
3671 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3672
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3673 case SSL_CTRL_SET_CURRENT_CERT:
3674 return ssl_cert_set_current(ctx->cert, larg);
Dr. Stephen Henson0f788192014-02-02 02:51:30 +0000[diff] [blame]3675
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3676 default:
3677 return (0);
3678 }
3679 return (1);
3680}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3681
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3682long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3683{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3684 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3685#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3686 case SSL_CTRL_SET_TMP_DH_CB:
3687 {
Matt Caswell8ca8fc42015-12-11 22:18:00 +0000[diff] [blame]3688 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3689 }
3690 break;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3691#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3692 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3693 ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
3694 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3695
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3696 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3697 ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
3698 break;
3699
3700 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3701 ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
3702 unsigned char *,
3703 EVP_CIPHER_CTX *,
3704 HMAC_CTX *, int))fp;
3705 break;
3706
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3707#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3708 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3709 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3710 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
3711 break;
3712 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3713 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3714 ctx->srp_ctx.TLS_ext_srp_username_callback =
3715 (int (*)(SSL *, int *, void *))fp;
3716 break;
3717 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3718 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3719 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3720 (char *(*)(SSL *, void *))fp;
3721 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3722#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3723 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3724 {
3725 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3726 }
3727 break;
3728 default:
3729 return (0);
3730 }
3731 return (1);
3732}
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3733
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3734/*
3735 * This function needs to check if the ciphers required are actually
3736 * available
3737 */
Ben Lauriebabb3792008-10-12 14:32:47 +0000[diff] [blame]3738const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3739{
3740 SSL_CIPHER c;
3741 const SSL_CIPHER *cp;
Dr. Stephen Henson90d9e492015-11-05 16:14:17 +0000[diff] [blame]3742 uint32_t id;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3743
Dr. Stephen Henson90d9e492015-11-05 16:14:17 +0000[diff] [blame]3744 id = 0x03000000 | ((uint32_t)p[0] << 8L) | (uint32_t)p[1];
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3745 c.id = id;
3746 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3747 return cp;
3748}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3749
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3750int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3751{
3752 long l;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3753
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3754 if (p != NULL) {
3755 l = c->id;
3756 if ((l & 0xff000000) != 0x03000000)
3757 return (0);
3758 p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
3759 p[1] = ((unsigned char)(l)) & 0xFF;
3760 }
3761 return (2);
3762}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3763
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]3764const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3765 STACK_OF(SSL_CIPHER) *srvr)
3766{
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]3767 const SSL_CIPHER *c, *ret = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3768 STACK_OF(SSL_CIPHER) *prio, *allow;
3769 int i, ii, ok;
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]3770 unsigned long alg_k, alg_a, mask_k, mask_a;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3771
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3772 /* Let's see which ciphers we can support */
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3773
Lutz Jänicke836f9962001-02-09 19:56:31 +0000[diff] [blame]3774#if 0
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3775 /*
3776 * Do not set the compare functions, because this may lead to a
3777 * reordering by "id". We want to keep the original ordering. We may pay
3778 * a price in performance during sk_SSL_CIPHER_find(), but would have to
3779 * pay with the price of sk_SSL_CIPHER_dup().
3780 */
3781 sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3782 sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
Lutz Jänicke836f9962001-02-09 19:56:31 +0000[diff] [blame]3783#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3784
Ben Laurief415fa31999-03-06 14:09:36 +0000[diff] [blame]3785#ifdef CIPHER_DEBUG
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3786 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
3787 (void *)srvr);
3788 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
3789 c = sk_SSL_CIPHER_value(srvr, i);
3790 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3791 }
3792 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
3793 (void *)clnt);
3794 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
3795 c = sk_SSL_CIPHER_value(clnt, i);
3796 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3797 }
Ben Laurief415fa31999-03-06 14:09:36 +0000[diff] [blame]3798#endif
3799
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3800 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
3801 prio = srvr;
3802 allow = clnt;
3803 } else {
3804 prio = clnt;
3805 allow = srvr;
3806 }
Lutz Jänicke836f9962001-02-09 19:56:31 +0000[diff] [blame]3807
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3808 tls1_set_cert_validity(s);
Dr. Stephen Henson2cf28d62016-02-17 15:39:25 +0000[diff] [blame]3809 ssl_set_masks(s);
Dr. Stephen Hensond61ff832012-06-28 12:45:49 +0000[diff] [blame]3810
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3811 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
3812 c = sk_SSL_CIPHER_value(prio, i);
Ben Laurie60e31c31999-02-21 21:58:59 +0000[diff] [blame]3813
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3814 /* Skip TLS v1.2 only ciphersuites if not supported */
3815 if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
3816 continue;
Dr. Stephen Henson2b573382015-11-13 14:37:24 +0000[diff] [blame]3817 /* Skip TLS v1.0 ciphersuites if SSLv3 */
3818 if ((c->algorithm_ssl & SSL_TLSV1) && s->version == SSL3_VERSION)
3819 continue;
Dr. Stephen Hensond09677a2011-07-25 20:41:32 +0000[diff] [blame]3820
Dr. Stephen Henson4d69f9e2015-05-18 23:29:57 +0100[diff] [blame]3821 mask_k = s->s3->tmp.mask_k;
3822 mask_a = s->s3->tmp.mask_a;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3823#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3824 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
3825 mask_k |= SSL_kSRP;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3826 mask_a |= SSL_aSRP;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3827 }
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3828#endif
Richard Levittef9b3bff2000-11-30 22:53:34 +0000[diff] [blame]3829
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3830 alg_k = c->algorithm_mkey;
3831 alg_a = c->algorithm_auth;
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]3832
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]3833#ifndef OPENSSL_NO_PSK
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3834 /* with PSK there must be server callback set */
Dr. Stephen Hensonfe5eef32015-06-28 17:01:07 +0100[diff] [blame]3835 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3836 continue;
3837#endif /* OPENSSL_NO_PSK */
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]3838
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]3839 ok = (alg_k & mask_k) && (alg_a & mask_a);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3840#ifdef CIPHER_DEBUG
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]3841 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
3842 alg_a, mask_k, mask_a, (void *)c, c->name);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3843#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3844
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3845# ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3846 /*
3847 * if we are considering an ECC cipher suite that uses an ephemeral
3848 * EC key check it
3849 */
3850 if (alg_k & SSL_kECDHE)
3851 ok = ok && tls1_check_ec_tmp_key(s, c->id);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3852# endif /* OPENSSL_NO_EC */
Bodo Möllerf393b742006-03-30 02:35:09 +0000[diff] [blame]3853
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3854 if (!ok)
3855 continue;
3856 ii = sk_SSL_CIPHER_find(allow, c);
3857 if (ii >= 0) {
3858 /* Check security callback permits this cipher */
3859 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]3860 c->strength_bits, 0, (void *)c))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3861 continue;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3862#if !defined(OPENSSL_NO_EC)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3863 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
3864 && s->s3->is_probably_safari) {
3865 if (!ret)
3866 ret = sk_SSL_CIPHER_value(allow, ii);
3867 continue;
3868 }
Rob Stradlingd89cd382013-09-10 12:20:29 +0100[diff] [blame]3869#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3870 ret = sk_SSL_CIPHER_value(allow, ii);
3871 break;
3872 }
3873 }
3874 return (ret);
3875}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3876
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3877int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3878{
3879 int ret = 0;
Dr. Stephen Henson90d9e492015-11-05 16:14:17 +0000[diff] [blame]3880 uint32_t alg_k, alg_a = 0;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3881
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3882 /* If we have custom certificate types set, use them */
3883 if (s->cert->ctypes) {
3884 memcpy(p, s->cert->ctypes, s->cert->ctype_num);
3885 return (int)s->cert->ctype_num;
3886 }
3887 /* Get mask of algorithms disabled by signature list */
3888 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3889
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3890 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3891
Dr. Stephen Hensoncaa97ef2009-05-28 18:11:29 +0000[diff] [blame]3892#ifndef OPENSSL_NO_GOST
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3893 if (s->version >= TLS1_VERSION) {
3894 if (alg_k & SSL_kGOST) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3895 p[ret++] = TLS_CT_GOST01_SIGN;
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]3896 p[ret++] = TLS_CT_GOST12_SIGN;
3897 p[ret++] = TLS_CT_GOST12_512_SIGN;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3898 return (ret);
3899 }
3900 }
Dr. Stephen Hensoncaa97ef2009-05-28 18:11:29 +0000[diff] [blame]3901#endif
3902
Dr. Stephen Hensonbc71f912015-12-15 23:57:18 +0000[diff] [blame]3903 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3904#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3905# ifndef OPENSSL_NO_RSA
3906 p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
3907# endif
3908# ifndef OPENSSL_NO_DSA
3909 p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
3910# endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3911#endif /* !OPENSSL_NO_DH */
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]3912 }
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3913#ifndef OPENSSL_NO_RSA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3914 if (!(alg_a & SSL_aRSA))
3915 p[ret++] = SSL3_CT_RSA_SIGN;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3916#endif
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3917#ifndef OPENSSL_NO_DSA
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3918 if (!(alg_a & SSL_aDSS))
3919 p[ret++] = SSL3_CT_DSS_SIGN;
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3920#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3921#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3922 /*
Dr. Stephen Hensonc66ce5e2015-12-12 17:41:18 +0000[diff] [blame]3923 * ECDSA certs can be used with RSA cipher suites too so we don't
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3924 * need to check for SSL_kECDH or SSL_kECDHE
3925 */
3926 if (s->version >= TLS1_VERSION) {
3927 if (!(alg_a & SSL_aECDSA))
3928 p[ret++] = TLS_CT_ECDSA_SIGN;
3929 }
3930#endif
3931 return (ret);
3932}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3933
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3934static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3935{
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3936 OPENSSL_free(c->ctypes);
3937 c->ctypes = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3938 if (!p || !len)
3939 return 1;
3940 if (len > 0xff)
3941 return 0;
3942 c->ctypes = OPENSSL_malloc(len);
Matt Caswella71edf32015-10-30 10:05:53 +0000[diff] [blame]3943 if (c->ctypes == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3944 return 0;
3945 memcpy(c->ctypes, p, len);
3946 c->ctype_num = len;
3947 return 1;
3948}
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3949
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3950int ssl3_shutdown(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3951{
3952 int ret;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3953
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3954 /*
3955 * Don't do anything much if we have not done the handshake or we don't
3956 * want to send messages :-)
3957 */
Matt Caswellc874def2015-10-05 10:41:13 +0100[diff] [blame]3958 if (s->quiet_shutdown || SSL_in_before(s)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3959 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
3960 return (1);
3961 }
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3962
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3963 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
3964 s->shutdown |= SSL_SENT_SHUTDOWN;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3965 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3966 /*
3967 * our shutdown alert has been sent now, and if it still needs to be
3968 * written, s->s3->alert_dispatch will be true
3969 */
3970 if (s->s3->alert_dispatch)
3971 return (-1); /* return WANT_WRITE */
3972 } else if (s->s3->alert_dispatch) {
3973 /* resend it if not sent */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3974 ret = s->method->ssl_dispatch_alert(s);
3975 if (ret == -1) {
3976 /*
3977 * we only get to return -1 here the 2nd/Nth invocation, we must
3978 * have already signalled return 0 upon a previous invoation,
3979 * return WANT_WRITE
3980 */
3981 return (ret);
3982 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3983 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
3984 /*
3985 * If we are waiting for a close from our peer, we are closed
3986 */
Matt Caswell657da852015-05-11 09:35:41 +0100[diff] [blame]3987 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3988 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
3989 return (-1); /* return WANT_READ */
3990 }
3991 }
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3992
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3993 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
3994 !s->s3->alert_dispatch)
3995 return (1);
3996 else
3997 return (0);
3998}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3999
Ben Laurie61f5b6f1999-04-23 15:01:15 +0000[diff] [blame]4000int ssl3_write(SSL *s, const void *buf, int len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4001{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4002 clear_sys_error();
4003 if (s->s3->renegotiate)
4004 ssl3_renegotiate_check(s);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4005
Matt Caswell57787ac2015-07-21 00:02:39 +0100[diff] [blame]4006 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4007 buf, len);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4008}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4009
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]4010static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4011{
4012 int ret;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4013
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4014 clear_sys_error();
4015 if (s->s3->renegotiate)
4016 ssl3_renegotiate_check(s);
4017 s->s3->in_read_app_data = 1;
4018 ret =
Matt Caswell657da852015-05-11 09:35:41 +0100[diff] [blame]4019 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4020 peek);
4021 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4022 /*
4023 * ssl3_read_bytes decided to call s->handshake_func, which called
4024 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4025 * actually found application data and thinks that application data
4026 * makes sense here; so disable handshake processing and try to read
4027 * application data again.
4028 */
Matt Caswell024f5432015-10-22 13:57:18 +0100[diff] [blame]4029 ossl_statem_set_in_handshake(s, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4030 ret =
Matt Caswell657da852015-05-11 09:35:41 +0100[diff] [blame]4031 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4032 len, peek);
Matt Caswell024f5432015-10-22 13:57:18 +0100[diff] [blame]4033 ossl_statem_set_in_handshake(s, 0);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4034 } else
4035 s->s3->in_read_app_data = 0;
4036
4037 return (ret);
4038}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4039
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]4040int ssl3_read(SSL *s, void *buf, int len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4041{
4042 return ssl3_read_internal(s, buf, len, 0);
4043}
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]4044
Bodo Möllere34cfcf2001-03-09 10:09:20 +0000[diff] [blame]4045int ssl3_peek(SSL *s, void *buf, int len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4046{
4047 return ssl3_read_internal(s, buf, len, 1);
4048}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4049
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]4050int ssl3_renegotiate(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4051{
4052 if (s->handshake_func == NULL)
4053 return (1);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4054
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4055 if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4056 return (0);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4057
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4058 s->s3->renegotiate = 1;
4059 return (1);
4060}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4061
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]4062int ssl3_renegotiate_check(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4063{
4064 int ret = 0;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4065
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4066 if (s->s3->renegotiate) {
Matt Caswellf1619952015-02-02 12:18:03 +0000[diff] [blame]4067 if (!RECORD_LAYER_read_pending(&s->rlayer)
4068 && !RECORD_LAYER_write_pending(&s->rlayer)
Matt Caswelldb9a32e2015-01-30 16:05:47 +0000[diff] [blame]4069 && !SSL_in_init(s)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4070 /*
4071 * if we are the server, and we have sent a 'RENEGOTIATE'
Matt Caswell49ae7422015-09-08 09:13:50 +0100[diff] [blame]4072 * message, we need to set the state machine into the renegotiate
4073 * state.
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4074 */
Matt Caswellfe3a3292015-10-05 10:39:54 +0100[diff] [blame]4075 ossl_statem_set_renegotiate(s);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4076 s->s3->renegotiate = 0;
4077 s->s3->num_renegotiations++;
4078 s->s3->total_renegotiations++;
4079 ret = 1;
4080 }
4081 }
4082 return (ret);
4083}
4084
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4085/*
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4086 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4087 * handshake macs if required.
Dr. Stephen Henson12053a82015-06-28 23:18:59 +0100[diff] [blame]4088 *
4089 * If PSK and using SHA384 for TLS < 1.2 switch to default.
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]4090 */
4091long ssl_get_algorithm2(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4092{
4093 long alg2 = s->s3->tmp.new_cipher->algorithm2;
Dr. Stephen Henson12053a82015-06-28 23:18:59 +0100[diff] [blame]4094 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4095 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4096 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4097 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4098 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4099 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4100 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4101 return alg2;
4102}
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4103
4104/*
4105 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4106 * failure, 1 on success.
4107 */
4108int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
4109{
4110 int send_time = 0;
4111
4112 if (len < 4)
4113 return 0;
4114 if (server)
4115 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4116 else
4117 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4118 if (send_time) {
4119 unsigned long Time = (unsigned long)time(NULL);
4120 unsigned char *p = result;
4121 l2n(Time, p);
4122 return RAND_bytes(p, len - 4);
4123 } else
4124 return RAND_bytes(result, len);
4125}
Dr. Stephen Henson57b272b2015-06-17 04:10:04 +0100[diff] [blame]4126
4127int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4128 int free_pms)
4129{
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4130#ifndef OPENSSL_NO_PSK
4131 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4132 if (alg_k & SSL_PSK) {
4133 unsigned char *pskpms, *t;
4134 size_t psklen = s->s3->tmp.psklen;
4135 size_t pskpmslen;
4136
4137 /* create PSK premaster_secret */
4138
4139 /* For plain PSK "other_secret" is psklen zeroes */
4140 if (alg_k & SSL_kPSK)
4141 pmslen = psklen;
4142
4143 pskpmslen = 4 + pmslen + psklen;
4144 pskpms = OPENSSL_malloc(pskpmslen);
Dr. Stephen Hensona7846652015-07-28 16:04:53 +0100[diff] [blame]4145 if (pskpms == NULL) {
4146 s->session->master_key_length = 0;
4147 goto err;
4148 }
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4149 t = pskpms;
4150 s2n(pmslen, t);
4151 if (alg_k & SSL_kPSK)
4152 memset(t, 0, pmslen);
4153 else
4154 memcpy(t, pms, pmslen);
4155 t += pmslen;
4156 s2n(psklen, t);
4157 memcpy(t, s->s3->tmp.psk, psklen);
4158
4159 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4160 s->s3->tmp.psk = NULL;
4161 s->session->master_key_length =
4162 s->method->ssl3_enc->generate_master_secret(s,
4163 s->session->master_key,
4164 pskpms, pskpmslen);
4165 OPENSSL_clear_free(pskpms, pskpmslen);
4166 } else
4167#endif
4168 s->session->master_key_length =
4169 s->method->ssl3_enc->generate_master_secret(s,
4170 s->session->master_key,
4171 pms, pmslen);
Dr. Stephen Henson9076bd22015-09-11 17:08:11 +0100[diff] [blame]4172#ifndef OPENSSL_NO_PSK
Dr. Stephen Hensona7846652015-07-28 16:04:53 +0100[diff] [blame]4173 err:
Dr. Stephen Henson9076bd22015-09-11 17:08:11 +0100[diff] [blame]4174#endif
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4175 if (pms) {
4176 if (free_pms)
4177 OPENSSL_clear_free(pms, pmslen);
4178 else
4179 OPENSSL_cleanse(pms, pmslen);
4180 }
Dr. Stephen Henson57b272b2015-06-17 04:10:04 +0100[diff] [blame]4181 if (s->server == 0)
4182 s->s3->tmp.pms = NULL;
4183 return s->session->master_key_length >= 0;
4184}
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4185
4186/* Generate a private key from parameters or a curve NID */
4187EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm, int nid)
4188{
4189 EVP_PKEY_CTX *pctx = NULL;
4190 EVP_PKEY *pkey = NULL;
4191 if (pm != NULL) {
4192 pctx = EVP_PKEY_CTX_new(pm, NULL);
4193 } else {
Dr. Stephen Hensone4cf8662015-12-16 14:45:40 +0000[diff] [blame]4194 /*
4195 * Generate a new key for this curve.
4196 * Should not be called if EC is disabled: if it is it will
4197 * fail with an unknown algorithm error.
4198 */
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4199 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4200 }
4201 if (pctx == NULL)
4202 goto err;
4203 if (EVP_PKEY_keygen_init(pctx) <= 0)
4204 goto err;
Dr. Stephen Hensone4cf8662015-12-16 14:45:40 +0000[diff] [blame]4205#ifndef OPENSSL_NO_EC
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4206 if (pm == NULL && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0)
4207 goto err;
Dr. Stephen Hensone4cf8662015-12-16 14:45:40 +0000[diff] [blame]4208#endif
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4209
4210 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4211 EVP_PKEY_free(pkey);
4212 pkey = NULL;
4213 }
4214
4215 err:
4216 EVP_PKEY_CTX_free(pctx);
4217 return pkey;
4218}
4219/* Derive premaster or master secret for ECDH/DH */
4220int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey)
4221{
4222 int rv = 0;
4223 unsigned char *pms = NULL;
4224 size_t pmslen = 0;
4225 EVP_PKEY_CTX *pctx;
4226
4227 if (privkey == NULL || pubkey == NULL)
4228 return 0;
4229
4230 pctx = EVP_PKEY_CTX_new(privkey, NULL);
4231
4232 if (EVP_PKEY_derive_init(pctx) <= 0
4233 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4234 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4235 goto err;
4236 }
4237
4238 pms = OPENSSL_malloc(pmslen);
4239 if (pms == NULL)
4240 goto err;
4241
4242 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0)
4243 goto err;
4244
4245 if (s->server) {
4246 /* For server generate master secret and discard premaster */
4247 rv = ssl_generate_master_secret(s, pms, pmslen, 1);
4248 pms = NULL;
4249 } else {
4250 /* For client just save premaster secret */
4251 s->s3->tmp.pms = pms;
4252 s->s3->tmp.pmslen = pmslen;
4253 pms = NULL;
4254 rv = 1;
4255 }
4256
4257 err:
4258 OPENSSL_clear_free(pms, pmslen);
4259 EVP_PKEY_CTX_free(pctx);
4260 return rv;
4261}
Dr. Stephen Henson6c4e6672015-12-18 15:58:28 +0000[diff] [blame]4262
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]4263#ifndef OPENSSL_NO_DH
Dr. Stephen Henson6c4e6672015-12-18 15:58:28 +0000[diff] [blame]4264EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4265{
4266 EVP_PKEY *ret;
4267 if (dh == NULL)
4268 return NULL;
4269 ret = EVP_PKEY_new();
4270 if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4271 EVP_PKEY_free(ret);
4272 return NULL;
4273 }
4274 return ret;
4275}
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]4276#endif