Google Git
Sign in
flutter / third_party / openssl / 1c534560dc905b6d399dbde242422f0cf5543286 / . / ssl / s3_lib.c
blob: c5f22359d52680de62c2eb74e63b11afb3291025 [file] [log] [blame]
Rich Salz846e33c2016-05-17 14:18:30 -0400[diff] [blame]1/*
Matt Caswell6738bf12018-02-13 12:51:29 +0000[diff] [blame]2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
Rich Salzaa8f3d72017-06-15 10:16:46 -0400[diff] [blame]3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
Rich Salzc80149d2017-06-20 10:14:36 -0400[diff] [blame]4 * Copyright 2005 Nokia. All rights reserved.
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]5 *
Rich Salz846e33c2016-05-17 14:18:30 -0400[diff] [blame]6 * Licensed under the OpenSSL license (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]10 */
Rich Salz846e33c2016-05-17 14:18:30 -0400[diff] [blame]11
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]12#include <stdio.h>
Bodo Möllerec577821999-04-23 22:13:45 +0000[diff] [blame]13#include <openssl/objects.h>
Pauli677963e2017-08-18 13:52:46 +1000[diff] [blame]14#include "internal/nelem.h"
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]15#include "ssl_locl.h"
Ben Lauriedbad1692001-07-30 23:57:25 +0000[diff] [blame]16#include <openssl/md5.h>
Rich Salz3c272082016-03-18 14:30:20 -0400[diff] [blame]17#include <openssl/dh.h>
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]18#include <openssl/rand.h>
Rich Salz5f8dd0f2017-08-03 16:21:01 -0400[diff] [blame]19#include "internal/cryptlib.h"
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]20
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]21#define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers)
Dr. Stephen Hensonb6eb9822015-05-02 18:30:00 +0100[diff] [blame]22#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]23#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]24
Matt Caswell643a3582017-03-24 09:57:21 +0000[diff] [blame]25/* TLSv1.3 downgrade protection sentinel values */
26const unsigned char tls11downgrade[] = {
27 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
28};
29const unsigned char tls12downgrade[] = {
30 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
31};
32
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]33/* The list of available TLSv1.3 ciphers */
34static SSL_CIPHER tls13_ciphers[] = {
35 {
36 1,
37 TLS1_3_RFC_AES_128_GCM_SHA256,
38 TLS1_3_RFC_AES_128_GCM_SHA256,
39 TLS1_3_CK_AES_128_GCM_SHA256,
Matt Caswellf80c8642018-04-26 14:20:59 +0100[diff] [blame]40 SSL_kANY,
41 SSL_aANY,
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]42 SSL_AES128GCM,
43 SSL_AEAD,
44 TLS1_3_VERSION, TLS1_3_VERSION,
Matt Caswellf80c8642018-04-26 14:20:59 +0100[diff] [blame]45 0, 0,
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]46 SSL_HIGH,
47 SSL_HANDSHAKE_MAC_SHA256,
48 128,
49 128,
50 }, {
51 1,
52 TLS1_3_RFC_AES_256_GCM_SHA384,
53 TLS1_3_RFC_AES_256_GCM_SHA384,
54 TLS1_3_CK_AES_256_GCM_SHA384,
55 SSL_kANY,
56 SSL_aANY,
57 SSL_AES256GCM,
58 SSL_AEAD,
59 TLS1_3_VERSION, TLS1_3_VERSION,
60 0, 0,
61 SSL_HIGH,
62 SSL_HANDSHAKE_MAC_SHA384,
63 256,
64 256,
65 },
66#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
67 {
68 1,
69 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
70 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
71 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
72 SSL_kANY,
73 SSL_aANY,
74 SSL_CHACHA20POLY1305,
75 SSL_AEAD,
76 TLS1_3_VERSION, TLS1_3_VERSION,
77 0, 0,
78 SSL_HIGH,
79 SSL_HANDSHAKE_MAC_SHA256,
80 256,
81 256,
82 },
83#endif
84 {
85 1,
86 TLS1_3_RFC_AES_128_CCM_SHA256,
87 TLS1_3_RFC_AES_128_CCM_SHA256,
88 TLS1_3_CK_AES_128_CCM_SHA256,
89 SSL_kANY,
90 SSL_aANY,
91 SSL_AES128CCM,
92 SSL_AEAD,
93 TLS1_3_VERSION, TLS1_3_VERSION,
94 0, 0,
95 SSL_NOT_DEFAULT | SSL_HIGH,
96 SSL_HANDSHAKE_MAC_SHA256,
97 128,
98 128,
99 }, {
100 1,
101 TLS1_3_RFC_AES_128_CCM_8_SHA256,
102 TLS1_3_RFC_AES_128_CCM_8_SHA256,
103 TLS1_3_CK_AES_128_CCM_8_SHA256,
104 SSL_kANY,
105 SSL_aANY,
106 SSL_AES128CCM8,
107 SSL_AEAD,
108 TLS1_3_VERSION, TLS1_3_VERSION,
109 0, 0,
110 SSL_NOT_DEFAULT | SSL_HIGH,
111 SSL_HANDSHAKE_MAC_SHA256,
112 128,
113 128,
114 }
115};
116
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]117/*
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]118 * The list of available ciphers, mostly organized into the following
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]119 * groups:
120 * Always there
121 * EC
122 * PSK
123 * SRP (within that: RSA EC PSK)
Pauli9bb6f822017-02-02 09:56:47 +1000[diff] [blame]124 * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]125 * Weak ciphers
126 */
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]127static SSL_CIPHER ssl3_ciphers[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]128 {
129 1,
130 SSL3_TXT_RSA_NULL_MD5,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]131 SSL3_RFC_RSA_NULL_MD5,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]132 SSL3_CK_RSA_NULL_MD5,
133 SSL_kRSA,
134 SSL_aRSA,
135 SSL_eNULL,
136 SSL_MD5,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]137 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]138 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame]139 SSL_STRONG_NONE,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]140 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
141 0,
142 0,
143 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]144 {
145 1,
146 SSL3_TXT_RSA_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]147 SSL3_RFC_RSA_NULL_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]148 SSL3_CK_RSA_NULL_SHA,
149 SSL_kRSA,
150 SSL_aRSA,
151 SSL_eNULL,
152 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]153 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]154 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame]155 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]156 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
157 0,
158 0,
159 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]160#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]161 {
162 1,
163 SSL3_TXT_RSA_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]164 SSL3_RFC_RSA_DES_192_CBC3_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]165 SSL3_CK_RSA_DES_192_CBC3_SHA,
166 SSL_kRSA,
167 SSL_aRSA,
168 SSL_3DES,
169 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]170 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]171 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]172 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]173 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
174 112,
175 168,
176 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]177 {
178 1,
179 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]180 SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]181 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
182 SSL_kDHE,
183 SSL_aDSS,
184 SSL_3DES,
185 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]186 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]187 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz4a8e9c22016-05-05 17:08:41 -0400[diff] [blame]188 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]189 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
190 112,
191 168,
192 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]193 {
194 1,
195 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]196 SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]197 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
198 SSL_kDHE,
199 SSL_aRSA,
200 SSL_3DES,
201 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]202 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]203 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]204 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]205 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
206 112,
207 168,
208 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]209 {
210 1,
211 SSL3_TXT_ADH_DES_192_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]212 SSL3_RFC_ADH_DES_192_CBC_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]213 SSL3_CK_ADH_DES_192_CBC_SHA,
214 SSL_kDHE,
215 SSL_aNULL,
216 SSL_3DES,
217 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]218 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]219 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz4a8e9c22016-05-05 17:08:41 -0400[diff] [blame]220 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]221 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
222 112,
223 168,
224 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]225#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]226 {
227 1,
228 TLS1_TXT_RSA_WITH_AES_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]229 TLS1_RFC_RSA_WITH_AES_128_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]230 TLS1_CK_RSA_WITH_AES_128_SHA,
231 SSL_kRSA,
232 SSL_aRSA,
233 SSL_AES128,
234 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]235 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]236 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]237 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]238 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
239 128,
240 128,
241 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]242 {
243 1,
244 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]245 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]246 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
247 SSL_kDHE,
248 SSL_aDSS,
249 SSL_AES128,
250 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]251 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]252 DTLS1_BAD_VER, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]253 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]254 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
255 128,
256 128,
257 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]258 {
259 1,
260 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]261 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]262 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
263 SSL_kDHE,
264 SSL_aRSA,
265 SSL_AES128,
266 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]267 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]268 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]269 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]270 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
271 128,
272 128,
273 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]274 {
275 1,
276 TLS1_TXT_ADH_WITH_AES_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]277 TLS1_RFC_ADH_WITH_AES_128_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]278 TLS1_CK_ADH_WITH_AES_128_SHA,
279 SSL_kDHE,
280 SSL_aNULL,
281 SSL_AES128,
282 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]283 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]284 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]285 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]286 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
287 128,
288 128,
289 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]290 {
291 1,
292 TLS1_TXT_RSA_WITH_AES_256_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]293 TLS1_RFC_RSA_WITH_AES_256_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]294 TLS1_CK_RSA_WITH_AES_256_SHA,
295 SSL_kRSA,
296 SSL_aRSA,
297 SSL_AES256,
298 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]299 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]300 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]301 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]302 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
303 256,
304 256,
305 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]306 {
307 1,
308 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]309 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]310 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
311 SSL_kDHE,
312 SSL_aDSS,
313 SSL_AES256,
314 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]315 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]316 DTLS1_BAD_VER, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]317 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]318 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
319 256,
320 256,
321 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]322 {
323 1,
324 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]325 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]326 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
327 SSL_kDHE,
328 SSL_aRSA,
329 SSL_AES256,
330 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]331 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]332 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]333 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]334 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
335 256,
336 256,
337 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]338 {
339 1,
340 TLS1_TXT_ADH_WITH_AES_256_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]341 TLS1_RFC_ADH_WITH_AES_256_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]342 TLS1_CK_ADH_WITH_AES_256_SHA,
343 SSL_kDHE,
344 SSL_aNULL,
345 SSL_AES256,
346 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]347 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]348 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]349 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]350 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
351 256,
352 256,
353 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]354 {
355 1,
356 TLS1_TXT_RSA_WITH_NULL_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]357 TLS1_RFC_RSA_WITH_NULL_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]358 TLS1_CK_RSA_WITH_NULL_SHA256,
359 SSL_kRSA,
360 SSL_aRSA,
361 SSL_eNULL,
362 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]363 TLS1_2_VERSION, TLS1_2_VERSION,
364 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame]365 SSL_STRONG_NONE | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]366 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
367 0,
368 0,
369 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]370 {
371 1,
372 TLS1_TXT_RSA_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]373 TLS1_RFC_RSA_WITH_AES_128_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]374 TLS1_CK_RSA_WITH_AES_128_SHA256,
375 SSL_kRSA,
376 SSL_aRSA,
377 SSL_AES128,
378 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]379 TLS1_2_VERSION, TLS1_2_VERSION,
380 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]381 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]382 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
383 128,
384 128,
385 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]386 {
387 1,
388 TLS1_TXT_RSA_WITH_AES_256_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]389 TLS1_RFC_RSA_WITH_AES_256_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]390 TLS1_CK_RSA_WITH_AES_256_SHA256,
391 SSL_kRSA,
392 SSL_aRSA,
393 SSL_AES256,
394 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]395 TLS1_2_VERSION, TLS1_2_VERSION,
396 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]397 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]398 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
399 256,
400 256,
401 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]402 {
403 1,
404 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]405 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]406 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
407 SSL_kDHE,
408 SSL_aDSS,
409 SSL_AES128,
410 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]411 TLS1_2_VERSION, TLS1_2_VERSION,
412 DTLS1_2_VERSION, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]413 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]414 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
415 128,
416 128,
417 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]418 {
419 1,
420 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]421 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]422 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
423 SSL_kDHE,
424 SSL_aRSA,
425 SSL_AES128,
426 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]427 TLS1_2_VERSION, TLS1_2_VERSION,
428 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]429 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]430 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
431 128,
432 128,
433 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]434 {
435 1,
436 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]437 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]438 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
439 SSL_kDHE,
440 SSL_aDSS,
441 SSL_AES256,
442 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]443 TLS1_2_VERSION, TLS1_2_VERSION,
444 DTLS1_2_VERSION, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]445 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]446 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
447 256,
448 256,
449 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]450 {
451 1,
452 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]453 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]454 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
455 SSL_kDHE,
456 SSL_aRSA,
457 SSL_AES256,
458 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]459 TLS1_2_VERSION, TLS1_2_VERSION,
460 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]461 SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]462 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
463 256,
464 256,
465 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]466 {
467 1,
468 TLS1_TXT_ADH_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]469 TLS1_RFC_ADH_WITH_AES_128_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]470 TLS1_CK_ADH_WITH_AES_128_SHA256,
471 SSL_kDHE,
472 SSL_aNULL,
473 SSL_AES128,
474 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]475 TLS1_2_VERSION, TLS1_2_VERSION,
476 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]477 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]478 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
479 128,
480 128,
481 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]482 {
483 1,
484 TLS1_TXT_ADH_WITH_AES_256_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]485 TLS1_RFC_ADH_WITH_AES_256_SHA256,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]486 TLS1_CK_ADH_WITH_AES_256_SHA256,
487 SSL_kDHE,
488 SSL_aNULL,
489 SSL_AES256,
490 SSL_SHA256,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]491 TLS1_2_VERSION, TLS1_2_VERSION,
492 DTLS1_2_VERSION, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]493 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]494 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
495 256,
496 256,
497 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]498 {
499 1,
500 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]501 TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]502 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
503 SSL_kRSA,
504 SSL_aRSA,
505 SSL_AES128GCM,
506 SSL_AEAD,
507 TLS1_2_VERSION, TLS1_2_VERSION,
508 DTLS1_2_VERSION, DTLS1_2_VERSION,
509 SSL_HIGH | SSL_FIPS,
510 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
511 128,
512 128,
513 },
514 {
515 1,
516 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]517 TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]518 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
519 SSL_kRSA,
520 SSL_aRSA,
521 SSL_AES256GCM,
522 SSL_AEAD,
523 TLS1_2_VERSION, TLS1_2_VERSION,
524 DTLS1_2_VERSION, DTLS1_2_VERSION,
525 SSL_HIGH | SSL_FIPS,
526 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
527 256,
528 256,
529 },
530 {
531 1,
532 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]533 TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]534 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
535 SSL_kDHE,
536 SSL_aRSA,
537 SSL_AES128GCM,
538 SSL_AEAD,
539 TLS1_2_VERSION, TLS1_2_VERSION,
540 DTLS1_2_VERSION, DTLS1_2_VERSION,
541 SSL_HIGH | SSL_FIPS,
542 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
543 128,
544 128,
545 },
546 {
547 1,
548 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]549 TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]550 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
551 SSL_kDHE,
552 SSL_aRSA,
553 SSL_AES256GCM,
554 SSL_AEAD,
555 TLS1_2_VERSION, TLS1_2_VERSION,
556 DTLS1_2_VERSION, DTLS1_2_VERSION,
557 SSL_HIGH | SSL_FIPS,
558 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
559 256,
560 256,
561 },
562 {
563 1,
564 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]565 TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]566 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
567 SSL_kDHE,
568 SSL_aDSS,
569 SSL_AES128GCM,
570 SSL_AEAD,
571 TLS1_2_VERSION, TLS1_2_VERSION,
572 DTLS1_2_VERSION, DTLS1_2_VERSION,
573 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
574 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
575 128,
576 128,
577 },
578 {
579 1,
580 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]581 TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]582 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
583 SSL_kDHE,
584 SSL_aDSS,
585 SSL_AES256GCM,
586 SSL_AEAD,
587 TLS1_2_VERSION, TLS1_2_VERSION,
588 DTLS1_2_VERSION, DTLS1_2_VERSION,
589 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
590 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
591 256,
592 256,
593 },
594 {
595 1,
596 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]597 TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]598 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
599 SSL_kDHE,
600 SSL_aNULL,
601 SSL_AES128GCM,
602 SSL_AEAD,
603 TLS1_2_VERSION, TLS1_2_VERSION,
604 DTLS1_2_VERSION, DTLS1_2_VERSION,
605 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
606 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
607 128,
608 128,
609 },
610 {
611 1,
612 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]613 TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]614 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
615 SSL_kDHE,
616 SSL_aNULL,
617 SSL_AES256GCM,
618 SSL_AEAD,
619 TLS1_2_VERSION, TLS1_2_VERSION,
620 DTLS1_2_VERSION, DTLS1_2_VERSION,
621 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
622 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
623 256,
624 256,
625 },
626 {
627 1,
628 TLS1_TXT_RSA_WITH_AES_128_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]629 TLS1_RFC_RSA_WITH_AES_128_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]630 TLS1_CK_RSA_WITH_AES_128_CCM,
631 SSL_kRSA,
632 SSL_aRSA,
633 SSL_AES128CCM,
634 SSL_AEAD,
635 TLS1_2_VERSION, TLS1_2_VERSION,
636 DTLS1_2_VERSION, DTLS1_2_VERSION,
637 SSL_NOT_DEFAULT | SSL_HIGH,
638 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
639 128,
640 128,
641 },
642 {
643 1,
644 TLS1_TXT_RSA_WITH_AES_256_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]645 TLS1_RFC_RSA_WITH_AES_256_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]646 TLS1_CK_RSA_WITH_AES_256_CCM,
647 SSL_kRSA,
648 SSL_aRSA,
649 SSL_AES256CCM,
650 SSL_AEAD,
651 TLS1_2_VERSION, TLS1_2_VERSION,
652 DTLS1_2_VERSION, DTLS1_2_VERSION,
653 SSL_NOT_DEFAULT | SSL_HIGH,
654 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
655 256,
656 256,
657 },
658 {
659 1,
660 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]661 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]662 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
663 SSL_kDHE,
664 SSL_aRSA,
665 SSL_AES128CCM,
666 SSL_AEAD,
667 TLS1_2_VERSION, TLS1_2_VERSION,
668 DTLS1_2_VERSION, DTLS1_2_VERSION,
669 SSL_NOT_DEFAULT | SSL_HIGH,
670 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
671 128,
672 128,
673 },
674 {
675 1,
676 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]677 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]678 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
679 SSL_kDHE,
680 SSL_aRSA,
681 SSL_AES256CCM,
682 SSL_AEAD,
683 TLS1_2_VERSION, TLS1_2_VERSION,
684 DTLS1_2_VERSION, DTLS1_2_VERSION,
685 SSL_NOT_DEFAULT | SSL_HIGH,
686 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
687 256,
688 256,
689 },
690 {
691 1,
692 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]693 TLS1_RFC_RSA_WITH_AES_128_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]694 TLS1_CK_RSA_WITH_AES_128_CCM_8,
695 SSL_kRSA,
696 SSL_aRSA,
697 SSL_AES128CCM8,
698 SSL_AEAD,
699 TLS1_2_VERSION, TLS1_2_VERSION,
700 DTLS1_2_VERSION, DTLS1_2_VERSION,
701 SSL_NOT_DEFAULT | SSL_HIGH,
702 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
703 128,
704 128,
705 },
706 {
707 1,
708 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]709 TLS1_RFC_RSA_WITH_AES_256_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]710 TLS1_CK_RSA_WITH_AES_256_CCM_8,
711 SSL_kRSA,
712 SSL_aRSA,
713 SSL_AES256CCM8,
714 SSL_AEAD,
715 TLS1_2_VERSION, TLS1_2_VERSION,
716 DTLS1_2_VERSION, DTLS1_2_VERSION,
717 SSL_NOT_DEFAULT | SSL_HIGH,
718 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
719 256,
720 256,
721 },
722 {
723 1,
724 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]725 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]726 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
727 SSL_kDHE,
728 SSL_aRSA,
729 SSL_AES128CCM8,
730 SSL_AEAD,
731 TLS1_2_VERSION, TLS1_2_VERSION,
732 DTLS1_2_VERSION, DTLS1_2_VERSION,
733 SSL_NOT_DEFAULT | SSL_HIGH,
734 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
735 128,
736 128,
737 },
738 {
739 1,
740 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]741 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]742 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
743 SSL_kDHE,
744 SSL_aRSA,
745 SSL_AES256CCM8,
746 SSL_AEAD,
747 TLS1_2_VERSION, TLS1_2_VERSION,
748 DTLS1_2_VERSION, DTLS1_2_VERSION,
749 SSL_NOT_DEFAULT | SSL_HIGH,
750 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
751 256,
752 256,
753 },
754 {
755 1,
756 TLS1_TXT_PSK_WITH_AES_128_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]757 TLS1_RFC_PSK_WITH_AES_128_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]758 TLS1_CK_PSK_WITH_AES_128_CCM,
759 SSL_kPSK,
760 SSL_aPSK,
761 SSL_AES128CCM,
762 SSL_AEAD,
763 TLS1_2_VERSION, TLS1_2_VERSION,
764 DTLS1_2_VERSION, DTLS1_2_VERSION,
765 SSL_NOT_DEFAULT | SSL_HIGH,
766 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
767 128,
768 128,
769 },
770 {
771 1,
772 TLS1_TXT_PSK_WITH_AES_256_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]773 TLS1_RFC_PSK_WITH_AES_256_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]774 TLS1_CK_PSK_WITH_AES_256_CCM,
775 SSL_kPSK,
776 SSL_aPSK,
777 SSL_AES256CCM,
778 SSL_AEAD,
779 TLS1_2_VERSION, TLS1_2_VERSION,
780 DTLS1_2_VERSION, DTLS1_2_VERSION,
781 SSL_NOT_DEFAULT | SSL_HIGH,
782 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
783 256,
784 256,
785 },
786 {
787 1,
788 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]789 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]790 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
791 SSL_kDHEPSK,
792 SSL_aPSK,
793 SSL_AES128CCM,
794 SSL_AEAD,
795 TLS1_2_VERSION, TLS1_2_VERSION,
796 DTLS1_2_VERSION, DTLS1_2_VERSION,
797 SSL_NOT_DEFAULT | SSL_HIGH,
798 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
799 128,
800 128,
801 },
802 {
803 1,
804 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]805 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]806 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
807 SSL_kDHEPSK,
808 SSL_aPSK,
809 SSL_AES256CCM,
810 SSL_AEAD,
811 TLS1_2_VERSION, TLS1_2_VERSION,
812 DTLS1_2_VERSION, DTLS1_2_VERSION,
813 SSL_NOT_DEFAULT | SSL_HIGH,
814 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
815 256,
816 256,
817 },
818 {
819 1,
820 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]821 TLS1_RFC_PSK_WITH_AES_128_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]822 TLS1_CK_PSK_WITH_AES_128_CCM_8,
823 SSL_kPSK,
824 SSL_aPSK,
825 SSL_AES128CCM8,
826 SSL_AEAD,
827 TLS1_2_VERSION, TLS1_2_VERSION,
828 DTLS1_2_VERSION, DTLS1_2_VERSION,
829 SSL_NOT_DEFAULT | SSL_HIGH,
830 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
831 128,
832 128,
833 },
834 {
835 1,
836 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]837 TLS1_RFC_PSK_WITH_AES_256_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]838 TLS1_CK_PSK_WITH_AES_256_CCM_8,
839 SSL_kPSK,
840 SSL_aPSK,
841 SSL_AES256CCM8,
842 SSL_AEAD,
843 TLS1_2_VERSION, TLS1_2_VERSION,
844 DTLS1_2_VERSION, DTLS1_2_VERSION,
845 SSL_NOT_DEFAULT | SSL_HIGH,
846 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
847 256,
848 256,
849 },
850 {
851 1,
852 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]853 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]854 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
855 SSL_kDHEPSK,
856 SSL_aPSK,
857 SSL_AES128CCM8,
858 SSL_AEAD,
859 TLS1_2_VERSION, TLS1_2_VERSION,
860 DTLS1_2_VERSION, DTLS1_2_VERSION,
861 SSL_NOT_DEFAULT | SSL_HIGH,
862 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
863 128,
864 128,
865 },
866 {
867 1,
868 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]869 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]870 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
871 SSL_kDHEPSK,
872 SSL_aPSK,
873 SSL_AES256CCM8,
874 SSL_AEAD,
875 TLS1_2_VERSION, TLS1_2_VERSION,
876 DTLS1_2_VERSION, DTLS1_2_VERSION,
877 SSL_NOT_DEFAULT | SSL_HIGH,
878 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
879 256,
880 256,
881 },
882 {
883 1,
884 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]885 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]886 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
887 SSL_kECDHE,
888 SSL_aECDSA,
889 SSL_AES128CCM,
890 SSL_AEAD,
891 TLS1_2_VERSION, TLS1_2_VERSION,
892 DTLS1_2_VERSION, DTLS1_2_VERSION,
893 SSL_NOT_DEFAULT | SSL_HIGH,
894 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
895 128,
896 128,
897 },
898 {
899 1,
900 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]901 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]902 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
903 SSL_kECDHE,
904 SSL_aECDSA,
905 SSL_AES256CCM,
906 SSL_AEAD,
907 TLS1_2_VERSION, TLS1_2_VERSION,
908 DTLS1_2_VERSION, DTLS1_2_VERSION,
909 SSL_NOT_DEFAULT | SSL_HIGH,
910 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
911 256,
912 256,
913 },
914 {
915 1,
916 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]917 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]918 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
919 SSL_kECDHE,
920 SSL_aECDSA,
921 SSL_AES128CCM8,
922 SSL_AEAD,
923 TLS1_2_VERSION, TLS1_2_VERSION,
924 DTLS1_2_VERSION, DTLS1_2_VERSION,
925 SSL_NOT_DEFAULT | SSL_HIGH,
926 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
927 128,
928 128,
929 },
930 {
931 1,
932 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]933 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]934 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
935 SSL_kECDHE,
936 SSL_aECDSA,
937 SSL_AES256CCM8,
938 SSL_AEAD,
939 TLS1_2_VERSION, TLS1_2_VERSION,
940 DTLS1_2_VERSION, DTLS1_2_VERSION,
941 SSL_NOT_DEFAULT | SSL_HIGH,
942 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
943 256,
944 256,
945 },
Matt Caswell582a17d2016-10-21 17:39:33 +0100[diff] [blame]946 {
947 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]948 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]949 TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]950 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
951 SSL_kECDHE,
952 SSL_aECDSA,
953 SSL_eNULL,
954 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]955 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]956 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]957 SSL_STRONG_NONE | SSL_FIPS,
958 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
959 0,
960 0,
961 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]962# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]963 {
964 1,
965 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]966 TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]967 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
968 SSL_kECDHE,
969 SSL_aECDSA,
970 SSL_3DES,
971 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]972 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]973 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]974 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]975 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
976 112,
977 168,
978 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]979# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]980 {
981 1,
982 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]983 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]984 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
985 SSL_kECDHE,
986 SSL_aECDSA,
987 SSL_AES128,
988 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]989 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]990 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]991 SSL_HIGH | SSL_FIPS,
992 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
993 128,
994 128,
995 },
996 {
997 1,
998 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]999 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1000 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1001 SSL_kECDHE,
1002 SSL_aECDSA,
1003 SSL_AES256,
1004 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1005 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1006 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1007 SSL_HIGH | SSL_FIPS,
1008 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1009 256,
1010 256,
1011 },
1012 {
1013 1,
1014 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1015 TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1016 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1017 SSL_kECDHE,
1018 SSL_aRSA,
1019 SSL_eNULL,
1020 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1021 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1022 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1023 SSL_STRONG_NONE | SSL_FIPS,
1024 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1025 0,
1026 0,
1027 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1028# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1029 {
1030 1,
1031 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1032 TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1033 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1034 SSL_kECDHE,
1035 SSL_aRSA,
1036 SSL_3DES,
1037 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1038 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1039 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1040 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1041 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1042 112,
1043 168,
1044 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1045# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1046 {
1047 1,
1048 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1049 TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1050 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1051 SSL_kECDHE,
1052 SSL_aRSA,
1053 SSL_AES128,
1054 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1055 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1056 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1057 SSL_HIGH | SSL_FIPS,
1058 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1059 128,
1060 128,
1061 },
1062 {
1063 1,
1064 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1065 TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1066 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1067 SSL_kECDHE,
1068 SSL_aRSA,
1069 SSL_AES256,
1070 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1071 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1072 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1073 SSL_HIGH | SSL_FIPS,
1074 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1075 256,
1076 256,
1077 },
1078 {
1079 1,
1080 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1081 TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1082 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1083 SSL_kECDHE,
1084 SSL_aNULL,
1085 SSL_eNULL,
1086 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1087 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1088 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1089 SSL_STRONG_NONE | SSL_FIPS,
1090 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1091 0,
1092 0,
1093 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1094# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1095 {
1096 1,
1097 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1098 TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1099 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1100 SSL_kECDHE,
1101 SSL_aNULL,
1102 SSL_3DES,
1103 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1104 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1105 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz4a8e9c22016-05-05 17:08:41 -0400[diff] [blame]1106 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1107 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1108 112,
1109 168,
1110 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1111# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1112 {
1113 1,
1114 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1115 TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1116 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1117 SSL_kECDHE,
1118 SSL_aNULL,
1119 SSL_AES128,
1120 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1121 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1122 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1123 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1124 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1125 128,
1126 128,
1127 },
1128 {
1129 1,
1130 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1131 TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1132 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1133 SSL_kECDHE,
1134 SSL_aNULL,
1135 SSL_AES256,
1136 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1137 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1138 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1139 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1140 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1141 256,
1142 256,
1143 },
1144 {
1145 1,
1146 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1147 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1148 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1149 SSL_kECDHE,
1150 SSL_aECDSA,
1151 SSL_AES128,
1152 SSL_SHA256,
1153 TLS1_2_VERSION, TLS1_2_VERSION,
1154 DTLS1_2_VERSION, DTLS1_2_VERSION,
1155 SSL_HIGH | SSL_FIPS,
1156 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1157 128,
1158 128,
1159 },
1160 {
1161 1,
1162 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1163 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1164 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1165 SSL_kECDHE,
1166 SSL_aECDSA,
1167 SSL_AES256,
1168 SSL_SHA384,
1169 TLS1_2_VERSION, TLS1_2_VERSION,
1170 DTLS1_2_VERSION, DTLS1_2_VERSION,
1171 SSL_HIGH | SSL_FIPS,
1172 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1173 256,
1174 256,
1175 },
1176 {
1177 1,
1178 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1179 TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1180 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1181 SSL_kECDHE,
1182 SSL_aRSA,
1183 SSL_AES128,
1184 SSL_SHA256,
1185 TLS1_2_VERSION, TLS1_2_VERSION,
1186 DTLS1_2_VERSION, DTLS1_2_VERSION,
1187 SSL_HIGH | SSL_FIPS,
1188 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1189 128,
1190 128,
1191 },
1192 {
1193 1,
1194 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1195 TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1196 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1197 SSL_kECDHE,
1198 SSL_aRSA,
1199 SSL_AES256,
1200 SSL_SHA384,
1201 TLS1_2_VERSION, TLS1_2_VERSION,
1202 DTLS1_2_VERSION, DTLS1_2_VERSION,
1203 SSL_HIGH | SSL_FIPS,
1204 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1205 256,
1206 256,
1207 },
1208 {
1209 1,
1210 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1211 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1212 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1213 SSL_kECDHE,
1214 SSL_aECDSA,
1215 SSL_AES128GCM,
1216 SSL_AEAD,
1217 TLS1_2_VERSION, TLS1_2_VERSION,
1218 DTLS1_2_VERSION, DTLS1_2_VERSION,
1219 SSL_HIGH | SSL_FIPS,
1220 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1221 128,
1222 128,
1223 },
1224 {
1225 1,
1226 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1227 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1228 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1229 SSL_kECDHE,
1230 SSL_aECDSA,
1231 SSL_AES256GCM,
1232 SSL_AEAD,
1233 TLS1_2_VERSION, TLS1_2_VERSION,
1234 DTLS1_2_VERSION, DTLS1_2_VERSION,
1235 SSL_HIGH | SSL_FIPS,
1236 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1237 256,
1238 256,
1239 },
1240 {
1241 1,
1242 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1243 TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1244 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1245 SSL_kECDHE,
1246 SSL_aRSA,
1247 SSL_AES128GCM,
1248 SSL_AEAD,
1249 TLS1_2_VERSION, TLS1_2_VERSION,
1250 DTLS1_2_VERSION, DTLS1_2_VERSION,
1251 SSL_HIGH | SSL_FIPS,
1252 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1253 128,
1254 128,
1255 },
1256 {
1257 1,
1258 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1259 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1260 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1261 SSL_kECDHE,
1262 SSL_aRSA,
1263 SSL_AES256GCM,
1264 SSL_AEAD,
1265 TLS1_2_VERSION, TLS1_2_VERSION,
1266 DTLS1_2_VERSION, DTLS1_2_VERSION,
1267 SSL_HIGH | SSL_FIPS,
1268 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1269 256,
1270 256,
1271 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1272 {
1273 1,
1274 TLS1_TXT_PSK_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1275 TLS1_RFC_PSK_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1276 TLS1_CK_PSK_WITH_NULL_SHA,
1277 SSL_kPSK,
1278 SSL_aPSK,
1279 SSL_eNULL,
1280 SSL_SHA1,
1281 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1282 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1283 SSL_STRONG_NONE | SSL_FIPS,
1284 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1285 0,
1286 0,
1287 },
1288 {
1289 1,
1290 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1291 TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1292 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1293 SSL_kDHEPSK,
1294 SSL_aPSK,
1295 SSL_eNULL,
1296 SSL_SHA1,
1297 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1298 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1299 SSL_STRONG_NONE | SSL_FIPS,
1300 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1301 0,
1302 0,
1303 },
1304 {
1305 1,
1306 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1307 TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1308 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1309 SSL_kRSAPSK,
1310 SSL_aRSA,
1311 SSL_eNULL,
1312 SSL_SHA1,
1313 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1314 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1315 SSL_STRONG_NONE | SSL_FIPS,
1316 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1317 0,
1318 0,
1319 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1320# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1321 {
1322 1,
1323 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1324 TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1325 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1326 SSL_kPSK,
1327 SSL_aPSK,
1328 SSL_3DES,
1329 SSL_SHA1,
1330 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1331 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1332 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1333 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1334 112,
1335 168,
1336 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1337# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1338 {
1339 1,
1340 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1341 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1342 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1343 SSL_kPSK,
1344 SSL_aPSK,
1345 SSL_AES128,
1346 SSL_SHA1,
1347 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1348 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1349 SSL_HIGH | SSL_FIPS,
1350 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1351 128,
1352 128,
1353 },
1354 {
1355 1,
1356 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1357 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1358 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1359 SSL_kPSK,
1360 SSL_aPSK,
1361 SSL_AES256,
1362 SSL_SHA1,
1363 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1364 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1365 SSL_HIGH | SSL_FIPS,
1366 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1367 256,
1368 256,
1369 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1370# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1371 {
1372 1,
1373 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1374 TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1375 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376 SSL_kDHEPSK,
1377 SSL_aPSK,
1378 SSL_3DES,
1379 SSL_SHA1,
1380 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1381 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1382 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1383 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1384 112,
1385 168,
1386 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1387# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1388 {
1389 1,
1390 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1391 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1392 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1393 SSL_kDHEPSK,
1394 SSL_aPSK,
1395 SSL_AES128,
1396 SSL_SHA1,
1397 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1398 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1399 SSL_HIGH | SSL_FIPS,
1400 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1401 128,
1402 128,
1403 },
1404 {
1405 1,
1406 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1407 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1408 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1409 SSL_kDHEPSK,
1410 SSL_aPSK,
1411 SSL_AES256,
1412 SSL_SHA1,
1413 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1414 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1415 SSL_HIGH | SSL_FIPS,
1416 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1417 256,
1418 256,
1419 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1420# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1421 {
1422 1,
1423 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1424 TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1425 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426 SSL_kRSAPSK,
1427 SSL_aRSA,
1428 SSL_3DES,
1429 SSL_SHA1,
1430 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1431 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1432 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1433 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1434 112,
1435 168,
1436 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1437# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1438 {
1439 1,
1440 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1441 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1442 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1443 SSL_kRSAPSK,
1444 SSL_aRSA,
1445 SSL_AES128,
1446 SSL_SHA1,
1447 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1448 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1449 SSL_HIGH | SSL_FIPS,
1450 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1451 128,
1452 128,
1453 },
1454 {
1455 1,
1456 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1457 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1458 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1459 SSL_kRSAPSK,
1460 SSL_aRSA,
1461 SSL_AES256,
1462 SSL_SHA1,
1463 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1464 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1465 SSL_HIGH | SSL_FIPS,
1466 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1467 256,
1468 256,
1469 },
1470 {
1471 1,
1472 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1473 TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1474 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1475 SSL_kPSK,
1476 SSL_aPSK,
1477 SSL_AES128GCM,
1478 SSL_AEAD,
1479 TLS1_2_VERSION, TLS1_2_VERSION,
1480 DTLS1_2_VERSION, DTLS1_2_VERSION,
1481 SSL_HIGH | SSL_FIPS,
1482 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1483 128,
1484 128,
1485 },
1486 {
1487 1,
1488 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1489 TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1490 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1491 SSL_kPSK,
1492 SSL_aPSK,
1493 SSL_AES256GCM,
1494 SSL_AEAD,
1495 TLS1_2_VERSION, TLS1_2_VERSION,
1496 DTLS1_2_VERSION, DTLS1_2_VERSION,
1497 SSL_HIGH | SSL_FIPS,
1498 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1499 256,
1500 256,
1501 },
1502 {
1503 1,
1504 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1505 TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1506 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507 SSL_kDHEPSK,
1508 SSL_aPSK,
1509 SSL_AES128GCM,
1510 SSL_AEAD,
1511 TLS1_2_VERSION, TLS1_2_VERSION,
1512 DTLS1_2_VERSION, DTLS1_2_VERSION,
1513 SSL_HIGH | SSL_FIPS,
1514 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1515 128,
1516 128,
1517 },
1518 {
1519 1,
1520 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1521 TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1522 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523 SSL_kDHEPSK,
1524 SSL_aPSK,
1525 SSL_AES256GCM,
1526 SSL_AEAD,
1527 TLS1_2_VERSION, TLS1_2_VERSION,
1528 DTLS1_2_VERSION, DTLS1_2_VERSION,
1529 SSL_HIGH | SSL_FIPS,
1530 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1531 256,
1532 256,
1533 },
1534 {
1535 1,
1536 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1537 TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1538 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539 SSL_kRSAPSK,
1540 SSL_aRSA,
1541 SSL_AES128GCM,
1542 SSL_AEAD,
1543 TLS1_2_VERSION, TLS1_2_VERSION,
1544 DTLS1_2_VERSION, DTLS1_2_VERSION,
1545 SSL_HIGH | SSL_FIPS,
1546 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1547 128,
1548 128,
1549 },
1550 {
1551 1,
1552 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1553 TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1554 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555 SSL_kRSAPSK,
1556 SSL_aRSA,
1557 SSL_AES256GCM,
1558 SSL_AEAD,
1559 TLS1_2_VERSION, TLS1_2_VERSION,
1560 DTLS1_2_VERSION, DTLS1_2_VERSION,
1561 SSL_HIGH | SSL_FIPS,
1562 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1563 256,
1564 256,
1565 },
1566 {
1567 1,
1568 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1569 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1570 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1571 SSL_kPSK,
1572 SSL_aPSK,
1573 SSL_AES128,
1574 SSL_SHA256,
1575 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1576 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1577 SSL_HIGH | SSL_FIPS,
1578 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1579 128,
1580 128,
1581 },
1582 {
1583 1,
1584 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1585 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1586 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1587 SSL_kPSK,
1588 SSL_aPSK,
1589 SSL_AES256,
1590 SSL_SHA384,
1591 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1592 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1593 SSL_HIGH | SSL_FIPS,
1594 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1595 256,
1596 256,
1597 },
1598 {
1599 1,
1600 TLS1_TXT_PSK_WITH_NULL_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1601 TLS1_RFC_PSK_WITH_NULL_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1602 TLS1_CK_PSK_WITH_NULL_SHA256,
1603 SSL_kPSK,
1604 SSL_aPSK,
1605 SSL_eNULL,
1606 SSL_SHA256,
1607 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1608 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1609 SSL_STRONG_NONE | SSL_FIPS,
1610 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1611 0,
1612 0,
1613 },
1614 {
1615 1,
1616 TLS1_TXT_PSK_WITH_NULL_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1617 TLS1_RFC_PSK_WITH_NULL_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1618 TLS1_CK_PSK_WITH_NULL_SHA384,
1619 SSL_kPSK,
1620 SSL_aPSK,
1621 SSL_eNULL,
1622 SSL_SHA384,
1623 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1624 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1625 SSL_STRONG_NONE | SSL_FIPS,
1626 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1627 0,
1628 0,
1629 },
1630 {
1631 1,
1632 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1633 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1634 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635 SSL_kDHEPSK,
1636 SSL_aPSK,
1637 SSL_AES128,
1638 SSL_SHA256,
1639 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1640 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1641 SSL_HIGH | SSL_FIPS,
1642 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1643 128,
1644 128,
1645 },
1646 {
1647 1,
1648 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1649 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1650 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651 SSL_kDHEPSK,
1652 SSL_aPSK,
1653 SSL_AES256,
1654 SSL_SHA384,
1655 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1656 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1657 SSL_HIGH | SSL_FIPS,
1658 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1659 256,
1660 256,
1661 },
1662 {
1663 1,
1664 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1665 TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1666 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1667 SSL_kDHEPSK,
1668 SSL_aPSK,
1669 SSL_eNULL,
1670 SSL_SHA256,
1671 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1672 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1673 SSL_STRONG_NONE | SSL_FIPS,
1674 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1675 0,
1676 0,
1677 },
1678 {
1679 1,
1680 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1681 TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1682 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1683 SSL_kDHEPSK,
1684 SSL_aPSK,
1685 SSL_eNULL,
1686 SSL_SHA384,
1687 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1688 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1689 SSL_STRONG_NONE | SSL_FIPS,
1690 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1691 0,
1692 0,
1693 },
1694 {
1695 1,
1696 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1697 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1698 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699 SSL_kRSAPSK,
1700 SSL_aRSA,
1701 SSL_AES128,
1702 SSL_SHA256,
1703 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1704 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1705 SSL_HIGH | SSL_FIPS,
1706 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1707 128,
1708 128,
1709 },
1710 {
1711 1,
1712 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1713 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1714 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715 SSL_kRSAPSK,
1716 SSL_aRSA,
1717 SSL_AES256,
1718 SSL_SHA384,
1719 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1720 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1721 SSL_HIGH | SSL_FIPS,
1722 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1723 256,
1724 256,
1725 },
1726 {
1727 1,
1728 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1729 TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1730 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1731 SSL_kRSAPSK,
1732 SSL_aRSA,
1733 SSL_eNULL,
1734 SSL_SHA256,
1735 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1736 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1737 SSL_STRONG_NONE | SSL_FIPS,
1738 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1739 0,
1740 0,
1741 },
1742 {
1743 1,
1744 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1745 TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1746 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1747 SSL_kRSAPSK,
1748 SSL_aRSA,
1749 SSL_eNULL,
1750 SSL_SHA384,
1751 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1752 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1753 SSL_STRONG_NONE | SSL_FIPS,
1754 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1755 0,
1756 0,
1757 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1758# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1759 {
1760 1,
1761 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1762 TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1763 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1764 SSL_kECDHEPSK,
1765 SSL_aPSK,
1766 SSL_3DES,
1767 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1768 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1769 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1770 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1771 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1772 112,
1773 168,
1774 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1775# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1776 {
1777 1,
1778 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1779 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1780 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1781 SSL_kECDHEPSK,
1782 SSL_aPSK,
1783 SSL_AES128,
1784 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1785 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1786 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1787 SSL_HIGH | SSL_FIPS,
1788 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1789 128,
1790 128,
1791 },
1792 {
1793 1,
1794 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1795 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1796 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1797 SSL_kECDHEPSK,
1798 SSL_aPSK,
1799 SSL_AES256,
1800 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1801 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1802 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1803 SSL_HIGH | SSL_FIPS,
1804 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1805 256,
1806 256,
1807 },
1808 {
1809 1,
1810 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1811 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1812 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1813 SSL_kECDHEPSK,
1814 SSL_aPSK,
1815 SSL_AES128,
1816 SSL_SHA256,
1817 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1818 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1819 SSL_HIGH | SSL_FIPS,
1820 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1821 128,
1822 128,
1823 },
1824 {
1825 1,
1826 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1827 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1828 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1829 SSL_kECDHEPSK,
1830 SSL_aPSK,
1831 SSL_AES256,
1832 SSL_SHA384,
1833 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1834 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1835 SSL_HIGH | SSL_FIPS,
1836 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1837 256,
1838 256,
1839 },
1840 {
1841 1,
1842 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1843 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1844 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1845 SSL_kECDHEPSK,
1846 SSL_aPSK,
1847 SSL_eNULL,
1848 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]1849 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1850 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1851 SSL_STRONG_NONE | SSL_FIPS,
1852 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1853 0,
1854 0,
1855 },
1856 {
1857 1,
1858 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1859 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1860 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1861 SSL_kECDHEPSK,
1862 SSL_aPSK,
1863 SSL_eNULL,
1864 SSL_SHA256,
1865 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1866 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1867 SSL_STRONG_NONE | SSL_FIPS,
1868 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1869 0,
1870 0,
1871 },
1872 {
1873 1,
1874 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1875 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1876 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1877 SSL_kECDHEPSK,
1878 SSL_aPSK,
1879 SSL_eNULL,
1880 SSL_SHA384,
1881 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1882 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1883 SSL_STRONG_NONE | SSL_FIPS,
1884 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1885 0,
1886 0,
1887 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1888
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1889# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1890 {
1891 1,
1892 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1893 TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1894 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1895 SSL_kSRP,
1896 SSL_aSRP,
1897 SSL_3DES,
1898 SSL_SHA1,
1899 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1900 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1901 SSL_NOT_DEFAULT | SSL_MEDIUM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1902 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1903 112,
1904 168,
1905 },
1906 {
1907 1,
1908 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1909 TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1910 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1911 SSL_kSRP,
1912 SSL_aRSA,
1913 SSL_3DES,
1914 SSL_SHA1,
1915 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1916 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salzef288912016-08-18 08:56:42 -0400[diff] [blame]1917 SSL_NOT_DEFAULT | SSL_MEDIUM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1918 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1919 112,
1920 168,
1921 },
1922 {
1923 1,
1924 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1925 TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1926 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1927 SSL_kSRP,
1928 SSL_aDSS,
1929 SSL_3DES,
1930 SSL_SHA1,
1931 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1932 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz4a8e9c22016-05-05 17:08:41 -0400[diff] [blame]1933 SSL_NOT_DEFAULT | SSL_MEDIUM,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1934 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1935 112,
1936 168,
1937 },
Rich Salzd33726b2016-07-30 12:21:32 -0400[diff] [blame]1938# endif
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1939 {
1940 1,
1941 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1942 TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1943 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1944 SSL_kSRP,
1945 SSL_aSRP,
1946 SSL_AES128,
1947 SSL_SHA1,
1948 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1949 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1950 SSL_HIGH,
1951 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1952 128,
1953 128,
1954 },
1955 {
1956 1,
1957 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1958 TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1959 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1960 SSL_kSRP,
1961 SSL_aRSA,
1962 SSL_AES128,
1963 SSL_SHA1,
1964 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1965 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1966 SSL_HIGH,
1967 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1968 128,
1969 128,
1970 },
1971 {
1972 1,
1973 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1974 TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1975 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1976 SSL_kSRP,
1977 SSL_aDSS,
1978 SSL_AES128,
1979 SSL_SHA1,
1980 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1981 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1982 SSL_NOT_DEFAULT | SSL_HIGH,
1983 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1984 128,
1985 128,
1986 },
1987 {
1988 1,
1989 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]1990 TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1991 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1992 SSL_kSRP,
1993 SSL_aSRP,
1994 SSL_AES256,
1995 SSL_SHA1,
1996 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]1997 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]1998 SSL_HIGH,
1999 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2000 256,
2001 256,
2002 },
2003 {
2004 1,
2005 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2006 TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2007 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2008 SSL_kSRP,
2009 SSL_aRSA,
2010 SSL_AES256,
2011 SSL_SHA1,
2012 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2013 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2014 SSL_HIGH,
2015 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2016 256,
2017 256,
2018 },
2019 {
2020 1,
2021 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2022 TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2023 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2024 SSL_kSRP,
2025 SSL_aDSS,
2026 SSL_AES256,
2027 SSL_SHA1,
2028 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2029 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2030 SSL_NOT_DEFAULT | SSL_HIGH,
2031 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2032 256,
2033 256,
2034 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2035
2036#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2037 {
2038 1,
2039 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2040 TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2041 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2042 SSL_kDHE,
2043 SSL_aRSA,
2044 SSL_CHACHA20POLY1305,
2045 SSL_AEAD,
2046 TLS1_2_VERSION, TLS1_2_VERSION,
2047 DTLS1_2_VERSION, DTLS1_2_VERSION,
2048 SSL_HIGH,
2049 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2050 256,
2051 256,
2052 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2053 {
2054 1,
2055 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2056 TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2057 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2058 SSL_kECDHE,
2059 SSL_aRSA,
2060 SSL_CHACHA20POLY1305,
2061 SSL_AEAD,
2062 TLS1_2_VERSION, TLS1_2_VERSION,
2063 DTLS1_2_VERSION, DTLS1_2_VERSION,
2064 SSL_HIGH,
2065 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2066 256,
2067 256,
2068 },
2069 {
2070 1,
2071 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2072 TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2073 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2074 SSL_kECDHE,
2075 SSL_aECDSA,
2076 SSL_CHACHA20POLY1305,
2077 SSL_AEAD,
2078 TLS1_2_VERSION, TLS1_2_VERSION,
2079 DTLS1_2_VERSION, DTLS1_2_VERSION,
2080 SSL_HIGH,
2081 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2082 256,
2083 256,
2084 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2085 {
2086 1,
2087 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2088 TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2089 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2090 SSL_kPSK,
2091 SSL_aPSK,
2092 SSL_CHACHA20POLY1305,
2093 SSL_AEAD,
2094 TLS1_2_VERSION, TLS1_2_VERSION,
2095 DTLS1_2_VERSION, DTLS1_2_VERSION,
2096 SSL_HIGH,
2097 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2098 256,
2099 256,
2100 },
2101 {
2102 1,
2103 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2104 TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2105 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2106 SSL_kECDHEPSK,
2107 SSL_aPSK,
2108 SSL_CHACHA20POLY1305,
2109 SSL_AEAD,
2110 TLS1_2_VERSION, TLS1_2_VERSION,
2111 DTLS1_2_VERSION, DTLS1_2_VERSION,
2112 SSL_HIGH,
2113 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2114 256,
2115 256,
2116 },
2117 {
2118 1,
2119 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2120 TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2121 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2122 SSL_kDHEPSK,
2123 SSL_aPSK,
2124 SSL_CHACHA20POLY1305,
2125 SSL_AEAD,
2126 TLS1_2_VERSION, TLS1_2_VERSION,
2127 DTLS1_2_VERSION, DTLS1_2_VERSION,
2128 SSL_HIGH,
2129 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2130 256,
2131 256,
2132 },
2133 {
2134 1,
2135 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2136 TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2137 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2138 SSL_kRSAPSK,
2139 SSL_aRSA,
2140 SSL_CHACHA20POLY1305,
2141 SSL_AEAD,
2142 TLS1_2_VERSION, TLS1_2_VERSION,
2143 DTLS1_2_VERSION, DTLS1_2_VERSION,
2144 SSL_HIGH,
2145 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2146 256,
2147 256,
2148 },
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2149#endif /* !defined(OPENSSL_NO_CHACHA) &&
2150 * !defined(OPENSSL_NO_POLY1305) */
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2151
2152#ifndef OPENSSL_NO_CAMELLIA
2153 {
2154 1,
2155 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2156 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2157 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2158 SSL_kRSA,
2159 SSL_aRSA,
2160 SSL_CAMELLIA128,
2161 SSL_SHA256,
2162 TLS1_2_VERSION, TLS1_2_VERSION,
2163 DTLS1_2_VERSION, DTLS1_2_VERSION,
2164 SSL_NOT_DEFAULT | SSL_HIGH,
2165 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2166 128,
2167 128,
2168 },
2169 {
2170 1,
2171 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2172 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2173 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2174 SSL_kEDH,
2175 SSL_aDSS,
2176 SSL_CAMELLIA128,
2177 SSL_SHA256,
2178 TLS1_2_VERSION, TLS1_2_VERSION,
2179 DTLS1_2_VERSION, DTLS1_2_VERSION,
2180 SSL_NOT_DEFAULT | SSL_HIGH,
2181 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2182 128,
2183 128,
2184 },
2185 {
2186 1,
2187 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2188 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2189 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2190 SSL_kEDH,
2191 SSL_aRSA,
2192 SSL_CAMELLIA128,
2193 SSL_SHA256,
2194 TLS1_2_VERSION, TLS1_2_VERSION,
2195 DTLS1_2_VERSION, DTLS1_2_VERSION,
2196 SSL_NOT_DEFAULT | SSL_HIGH,
2197 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2198 128,
2199 128,
2200 },
2201 {
2202 1,
2203 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2204 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2205 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2206 SSL_kEDH,
2207 SSL_aNULL,
2208 SSL_CAMELLIA128,
2209 SSL_SHA256,
2210 TLS1_2_VERSION, TLS1_2_VERSION,
2211 DTLS1_2_VERSION, DTLS1_2_VERSION,
2212 SSL_NOT_DEFAULT | SSL_HIGH,
2213 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2214 128,
2215 128,
2216 },
2217 {
2218 1,
2219 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2220 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2221 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2222 SSL_kRSA,
2223 SSL_aRSA,
2224 SSL_CAMELLIA256,
2225 SSL_SHA256,
2226 TLS1_2_VERSION, TLS1_2_VERSION,
2227 DTLS1_2_VERSION, DTLS1_2_VERSION,
2228 SSL_NOT_DEFAULT | SSL_HIGH,
2229 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2230 256,
2231 256,
2232 },
2233 {
2234 1,
2235 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2236 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2237 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2238 SSL_kEDH,
2239 SSL_aDSS,
2240 SSL_CAMELLIA256,
2241 SSL_SHA256,
2242 TLS1_2_VERSION, TLS1_2_VERSION,
2243 DTLS1_2_VERSION, DTLS1_2_VERSION,
2244 SSL_NOT_DEFAULT | SSL_HIGH,
2245 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2246 256,
2247 256,
2248 },
2249 {
2250 1,
2251 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2252 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2253 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2254 SSL_kEDH,
2255 SSL_aRSA,
2256 SSL_CAMELLIA256,
2257 SSL_SHA256,
2258 TLS1_2_VERSION, TLS1_2_VERSION,
2259 DTLS1_2_VERSION, DTLS1_2_VERSION,
2260 SSL_NOT_DEFAULT | SSL_HIGH,
2261 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2262 256,
2263 256,
2264 },
2265 {
2266 1,
2267 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2268 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2269 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2270 SSL_kEDH,
2271 SSL_aNULL,
2272 SSL_CAMELLIA256,
2273 SSL_SHA256,
2274 TLS1_2_VERSION, TLS1_2_VERSION,
2275 DTLS1_2_VERSION, DTLS1_2_VERSION,
2276 SSL_NOT_DEFAULT | SSL_HIGH,
2277 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2278 256,
2279 256,
2280 },
2281 {
2282 1,
2283 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2284 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2285 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2286 SSL_kRSA,
2287 SSL_aRSA,
2288 SSL_CAMELLIA256,
2289 SSL_SHA1,
2290 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2291 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2292 SSL_NOT_DEFAULT | SSL_HIGH,
2293 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2294 256,
2295 256,
2296 },
2297 {
2298 1,
2299 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2300 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2301 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2302 SSL_kDHE,
2303 SSL_aDSS,
2304 SSL_CAMELLIA256,
2305 SSL_SHA1,
2306 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2307 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2308 SSL_NOT_DEFAULT | SSL_HIGH,
2309 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2310 256,
2311 256,
2312 },
2313 {
2314 1,
2315 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2316 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2317 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2318 SSL_kDHE,
2319 SSL_aRSA,
2320 SSL_CAMELLIA256,
2321 SSL_SHA1,
2322 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2323 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2324 SSL_NOT_DEFAULT | SSL_HIGH,
2325 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2326 256,
2327 256,
2328 },
2329 {
2330 1,
2331 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2332 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2333 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2334 SSL_kDHE,
2335 SSL_aNULL,
2336 SSL_CAMELLIA256,
2337 SSL_SHA1,
2338 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2339 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2340 SSL_NOT_DEFAULT | SSL_HIGH,
2341 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2342 256,
2343 256,
2344 },
2345 {
2346 1,
2347 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2348 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2349 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2350 SSL_kRSA,
2351 SSL_aRSA,
2352 SSL_CAMELLIA128,
2353 SSL_SHA1,
2354 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2355 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2356 SSL_NOT_DEFAULT | SSL_HIGH,
2357 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2358 128,
2359 128,
2360 },
2361 {
2362 1,
2363 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2364 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2365 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2366 SSL_kDHE,
2367 SSL_aDSS,
2368 SSL_CAMELLIA128,
2369 SSL_SHA1,
2370 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2371 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2372 SSL_NOT_DEFAULT | SSL_HIGH,
2373 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2374 128,
2375 128,
2376 },
2377 {
2378 1,
2379 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2380 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2381 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2382 SSL_kDHE,
2383 SSL_aRSA,
2384 SSL_CAMELLIA128,
2385 SSL_SHA1,
2386 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2387 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2388 SSL_NOT_DEFAULT | SSL_HIGH,
2389 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2390 128,
2391 128,
2392 },
2393 {
2394 1,
2395 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2396 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2397 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2398 SSL_kDHE,
2399 SSL_aNULL,
2400 SSL_CAMELLIA128,
2401 SSL_SHA1,
2402 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2403 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2404 SSL_NOT_DEFAULT | SSL_HIGH,
2405 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2406 128,
2407 128,
2408 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2409 {
2410 1,
2411 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2412 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2413 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2414 SSL_kECDHE,
2415 SSL_aECDSA,
2416 SSL_CAMELLIA128,
2417 SSL_SHA256,
2418 TLS1_2_VERSION, TLS1_2_VERSION,
2419 DTLS1_2_VERSION, DTLS1_2_VERSION,
2420 SSL_NOT_DEFAULT | SSL_HIGH,
2421 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2422 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2423 128,
2424 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2425 {
2426 1,
2427 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2428 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2429 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2430 SSL_kECDHE,
2431 SSL_aECDSA,
2432 SSL_CAMELLIA256,
2433 SSL_SHA384,
2434 TLS1_2_VERSION, TLS1_2_VERSION,
2435 DTLS1_2_VERSION, DTLS1_2_VERSION,
2436 SSL_NOT_DEFAULT | SSL_HIGH,
2437 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2438 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2439 256,
2440 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2441 {
2442 1,
2443 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2444 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2445 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2446 SSL_kECDHE,
2447 SSL_aRSA,
2448 SSL_CAMELLIA128,
2449 SSL_SHA256,
2450 TLS1_2_VERSION, TLS1_2_VERSION,
2451 DTLS1_2_VERSION, DTLS1_2_VERSION,
2452 SSL_NOT_DEFAULT | SSL_HIGH,
2453 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2454 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2455 128,
2456 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2457 {
2458 1,
2459 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2460 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2461 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2462 SSL_kECDHE,
2463 SSL_aRSA,
2464 SSL_CAMELLIA256,
2465 SSL_SHA384,
2466 TLS1_2_VERSION, TLS1_2_VERSION,
2467 DTLS1_2_VERSION, DTLS1_2_VERSION,
2468 SSL_NOT_DEFAULT | SSL_HIGH,
2469 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2470 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2471 256,
2472 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2473 {
2474 1,
2475 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2476 TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2477 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2478 SSL_kPSK,
2479 SSL_aPSK,
2480 SSL_CAMELLIA128,
2481 SSL_SHA256,
2482 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2483 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2484 SSL_NOT_DEFAULT | SSL_HIGH,
2485 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2486 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2487 128,
2488 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2489 {
2490 1,
2491 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2492 TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2493 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2494 SSL_kPSK,
2495 SSL_aPSK,
2496 SSL_CAMELLIA256,
2497 SSL_SHA384,
2498 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2499 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2500 SSL_NOT_DEFAULT | SSL_HIGH,
2501 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2502 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2503 256,
2504 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2505 {
2506 1,
2507 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2508 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2509 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2510 SSL_kDHEPSK,
2511 SSL_aPSK,
2512 SSL_CAMELLIA128,
2513 SSL_SHA256,
2514 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2515 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2516 SSL_NOT_DEFAULT | SSL_HIGH,
2517 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2518 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2519 128,
2520 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2521 {
2522 1,
2523 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2524 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2525 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2526 SSL_kDHEPSK,
2527 SSL_aPSK,
2528 SSL_CAMELLIA256,
2529 SSL_SHA384,
2530 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2531 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2532 SSL_NOT_DEFAULT | SSL_HIGH,
2533 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2534 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2535 256,
2536 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2537 {
2538 1,
2539 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2540 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2541 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2542 SSL_kRSAPSK,
2543 SSL_aRSA,
2544 SSL_CAMELLIA128,
2545 SSL_SHA256,
2546 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2547 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2548 SSL_NOT_DEFAULT | SSL_HIGH,
2549 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2550 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2551 128,
2552 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2553 {
2554 1,
2555 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2556 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2557 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2558 SSL_kRSAPSK,
2559 SSL_aRSA,
2560 SSL_CAMELLIA256,
2561 SSL_SHA384,
2562 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2563 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2564 SSL_NOT_DEFAULT | SSL_HIGH,
2565 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2566 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2567 256,
2568 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2569 {
2570 1,
2571 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2572 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2573 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2574 SSL_kECDHEPSK,
2575 SSL_aPSK,
2576 SSL_CAMELLIA128,
2577 SSL_SHA256,
2578 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2579 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2580 SSL_NOT_DEFAULT | SSL_HIGH,
2581 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2582 128,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2583 128,
2584 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2585 {
2586 1,
2587 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2588 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2589 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2590 SSL_kECDHEPSK,
2591 SSL_aPSK,
2592 SSL_CAMELLIA256,
2593 SSL_SHA384,
2594 TLS1_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2595 DTLS1_BAD_VER, DTLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2596 SSL_NOT_DEFAULT | SSL_HIGH,
2597 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2598 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2599 256,
2600 },
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2601#endif /* OPENSSL_NO_CAMELLIA */
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2602
Pauli580731a2016-03-22 09:16:36 +1000[diff] [blame]2603#ifndef OPENSSL_NO_GOST
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2604 {
2605 1,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2606 "GOST2001-GOST89-GOST89",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2607 "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2608 0x3000081,
2609 SSL_kGOST,
2610 SSL_aGOST01,
2611 SSL_eGOST2814789CNT,
2612 SSL_GOST89MAC,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2613 TLS1_VERSION, TLS1_2_VERSION,
Dmitry Belyavsky48c16012016-05-11 21:00:12 +0100[diff] [blame]2614 0, 0,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2615 SSL_HIGH,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2616 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2617 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2618 256,
2619 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2620 {
2621 1,
2622 "GOST2001-NULL-GOST94",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2623 "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2624 0x3000083,
2625 SSL_kGOST,
2626 SSL_aGOST01,
2627 SSL_eNULL,
2628 SSL_GOST94,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2629 TLS1_VERSION, TLS1_2_VERSION,
Dmitry Belyavsky48c16012016-05-11 21:00:12 +0100[diff] [blame]2630 0, 0,
Kurt Roeckx1510b5f2016-03-03 22:02:58 +0100[diff] [blame]2631 SSL_STRONG_NONE,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2632 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2633 0,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2634 0,
2635 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2636 {
2637 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2638 "GOST2012-GOST8912-GOST8912",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2639 NULL,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2640 0x0300ff85,
2641 SSL_kGOST,
2642 SSL_aGOST12 | SSL_aGOST01,
2643 SSL_eGOST2814789CNT12,
2644 SSL_GOST89MAC12,
2645 TLS1_VERSION, TLS1_2_VERSION,
Dmitry Belyavsky48c16012016-05-11 21:00:12 +0100[diff] [blame]2646 0, 0,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2647 SSL_HIGH,
2648 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2649 256,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2650 256,
2651 },
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2652 {
2653 1,
2654 "GOST2012-NULL-GOST12",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2655 NULL,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2656 0x0300ff87,
2657 SSL_kGOST,
2658 SSL_aGOST12 | SSL_aGOST01,
2659 SSL_eNULL,
2660 SSL_GOST12_256,
2661 TLS1_VERSION, TLS1_2_VERSION,
Dmitry Belyavsky48c16012016-05-11 21:00:12 +0100[diff] [blame]2662 0, 0,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2663 SSL_STRONG_NONE,
2664 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2665 0,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2666 0,
2667 },
2668#endif /* OPENSSL_NO_GOST */
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2669
2670#ifndef OPENSSL_NO_IDEA
2671 {
2672 1,
2673 SSL3_TXT_RSA_IDEA_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2674 SSL3_RFC_RSA_IDEA_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2675 SSL3_CK_RSA_IDEA_128_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2676 SSL_kRSA,
2677 SSL_aRSA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2678 SSL_IDEA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2679 SSL_SHA1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2680 SSL3_VERSION, TLS1_1_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2681 DTLS1_BAD_VER, DTLS1_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2682 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2683 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2684 128,
2685 128,
2686 },
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]2687#endif
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]2688
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]2689#ifndef OPENSSL_NO_SEED
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2690 {
2691 1,
2692 TLS1_TXT_RSA_WITH_SEED_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2693 TLS1_RFC_RSA_WITH_SEED_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2694 TLS1_CK_RSA_WITH_SEED_SHA,
2695 SSL_kRSA,
2696 SSL_aRSA,
2697 SSL_SEED,
2698 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2699 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2700 DTLS1_BAD_VER, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]2701 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2702 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2703 128,
2704 128,
2705 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2706 {
2707 1,
2708 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2709 TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2710 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2711 SSL_kDHE,
2712 SSL_aDSS,
2713 SSL_SEED,
2714 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2715 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2716 DTLS1_BAD_VER, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]2717 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2718 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2719 128,
2720 128,
2721 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2722 {
2723 1,
2724 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2725 TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2726 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2727 SSL_kDHE,
2728 SSL_aRSA,
2729 SSL_SEED,
2730 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2731 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2732 DTLS1_BAD_VER, DTLS1_2_VERSION,
Emilia Kaspera556f342016-03-03 19:50:03 +0100[diff] [blame]2733 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2734 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2735 128,
2736 128,
2737 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2738 {
2739 1,
2740 TLS1_TXT_ADH_WITH_SEED_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2741 TLS1_RFC_ADH_WITH_SEED_SHA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2742 TLS1_CK_ADH_WITH_SEED_SHA,
2743 SSL_kDHE,
2744 SSL_aNULL,
2745 SSL_SEED,
2746 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2747 SSL3_VERSION, TLS1_2_VERSION,
David Woodhouse387cf212016-07-08 20:59:50 +0100[diff] [blame]2748 DTLS1_BAD_VER, DTLS1_2_VERSION,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2749 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2750 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2751 128,
2752 128,
2753 },
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2754#endif /* OPENSSL_NO_SEED */
Bodo Möller96afc1c2007-04-23 23:48:59 +0000[diff] [blame]2755
Matt Caswell8b1a5af2016-03-03 15:40:51 +0000[diff] [blame]2756#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2757 {
2758 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2759 SSL3_TXT_RSA_RC4_128_MD5,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2760 SSL3_RFC_RSA_RC4_128_MD5,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2761 SSL3_CK_RSA_RC4_128_MD5,
2762 SSL_kRSA,
2763 SSL_aRSA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2764 SSL_RC4,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2765 SSL_MD5,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2766 SSL3_VERSION, TLS1_2_VERSION,
Kurt Roeckxca3895f2016-03-08 20:26:38 +0100[diff] [blame]2767 0, 0,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2768 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2769 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2770 128,
2771 128,
2772 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2773 {
2774 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2775 SSL3_TXT_RSA_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2776 SSL3_RFC_RSA_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2777 SSL3_CK_RSA_RC4_128_SHA,
2778 SSL_kRSA,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2779 SSL_aRSA,
2780 SSL_RC4,
2781 SSL_SHA1,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2782 SSL3_VERSION, TLS1_2_VERSION,
Kurt Roeckxca3895f2016-03-08 20:26:38 +0100[diff] [blame]2783 0, 0,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2784 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2785 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2786 128,
2787 128,
2788 },
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2789 {
2790 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2791 SSL3_TXT_ADH_RC4_128_MD5,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2792 SSL3_RFC_ADH_RC4_128_MD5,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2793 SSL3_CK_ADH_RC4_128_MD5,
2794 SSL_kDHE,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2795 SSL_aNULL,
2796 SSL_RC4,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2797 SSL_MD5,
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]2798 SSL3_VERSION, TLS1_2_VERSION,
Kurt Roeckxca3895f2016-03-08 20:26:38 +0100[diff] [blame]2799 0, 0,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2800 SSL_NOT_DEFAULT | SSL_MEDIUM,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]2801 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2802 128,
2803 128,
2804 },
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2805 {
2806 1,
2807 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2808 TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2809 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2810 SSL_kECDHEPSK,
2811 SSL_aPSK,
2812 SSL_RC4,
2813 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]2814 TLS1_VERSION, TLS1_2_VERSION,
Kurt Roeckxca3895f2016-03-08 20:26:38 +0100[diff] [blame]2815 0, 0,
Kurt Roeckx361a1192015-12-05 02:04:41 +0100[diff] [blame]2816 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2817 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2818 128,
2819 128,
2820 },
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2821 {
2822 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2823 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2824 TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2825 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2826 SSL_kECDHE,
2827 SSL_aNULL,
2828 SSL_RC4,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2829 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]2830 TLS1_VERSION, TLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2831 0, 0,
2832 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2833 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2834 128,
2835 128,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2836 },
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2837 {
2838 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2839 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2840 TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2841 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2842 SSL_kECDHE,
2843 SSL_aECDSA,
2844 SSL_RC4,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2845 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]2846 TLS1_VERSION, TLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2847 0, 0,
2848 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2849 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2850 128,
2851 128,
2852 },
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2853 {
2854 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2855 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2856 TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2857 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2858 SSL_kECDHE,
2859 SSL_aRSA,
2860 SSL_RC4,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2861 SSL_SHA1,
Todd Shortfe55c4a2017-04-11 09:02:05 -0400[diff] [blame]2862 TLS1_VERSION, TLS1_2_VERSION,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2863 0, 0,
2864 SSL_NOT_DEFAULT | SSL_MEDIUM,
Dr. Stephen Hensonea6114c2015-06-28 17:05:47 +0100[diff] [blame]2865 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2866 128,
2867 128,
2868 },
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2869 {
2870 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2871 TLS1_TXT_PSK_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2872 TLS1_RFC_PSK_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2873 TLS1_CK_PSK_WITH_RC4_128_SHA,
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2874 SSL_kPSK,
2875 SSL_aPSK,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2876 SSL_RC4,
2877 SSL_SHA1,
2878 SSL3_VERSION, TLS1_2_VERSION,
2879 0, 0,
2880 SSL_NOT_DEFAULT | SSL_MEDIUM,
2881 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2882 128,
2883 128,
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2884 },
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2885 {
2886 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2887 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2888 TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2889 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2890 SSL_kRSAPSK,
2891 SSL_aRSA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2892 SSL_RC4,
2893 SSL_SHA1,
2894 SSL3_VERSION, TLS1_2_VERSION,
2895 0, 0,
2896 SSL_NOT_DEFAULT | SSL_MEDIUM,
2897 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2898 128,
2899 128,
Andy Polyakova76ba822015-12-09 21:47:00 +0100[diff] [blame]2900 },
Dmitry Belyavskye44380a2015-11-17 15:32:30 +0000[diff] [blame]2901 {
2902 1,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2903 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]2904 TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2905 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2906 SSL_kDHEPSK,
2907 SSL_aPSK,
2908 SSL_RC4,
2909 SSL_SHA1,
2910 SSL3_VERSION, TLS1_2_VERSION,
2911 0, 0,
2912 SSL_NOT_DEFAULT | SSL_MEDIUM,
2913 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2914 128,
2915 128,
2916 },
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]2917#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]2918
Jon Spillettbc326732017-08-22 09:56:13 +1000[diff] [blame]2919#ifndef OPENSSL_NO_ARIA
2920 {
2921 1,
2922 TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2923 TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2924 TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2925 SSL_kRSA,
2926 SSL_aRSA,
2927 SSL_ARIA128GCM,
2928 SSL_AEAD,
2929 TLS1_2_VERSION, TLS1_2_VERSION,
2930 DTLS1_2_VERSION, DTLS1_2_VERSION,
2931 SSL_NOT_DEFAULT | SSL_HIGH,
2932 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2933 128,
2934 128,
2935 },
2936 {
2937 1,
2938 TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2939 TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2940 TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2941 SSL_kRSA,
2942 SSL_aRSA,
2943 SSL_ARIA256GCM,
2944 SSL_AEAD,
2945 TLS1_2_VERSION, TLS1_2_VERSION,
2946 DTLS1_2_VERSION, DTLS1_2_VERSION,
2947 SSL_NOT_DEFAULT | SSL_HIGH,
2948 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2949 256,
2950 256,
2951 },
2952 {
2953 1,
2954 TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2955 TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2956 TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2957 SSL_kDHE,
2958 SSL_aRSA,
2959 SSL_ARIA128GCM,
2960 SSL_AEAD,
2961 TLS1_2_VERSION, TLS1_2_VERSION,
2962 DTLS1_2_VERSION, DTLS1_2_VERSION,
2963 SSL_NOT_DEFAULT | SSL_HIGH,
2964 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2965 128,
2966 128,
2967 },
2968 {
2969 1,
2970 TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2971 TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2972 TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2973 SSL_kDHE,
2974 SSL_aRSA,
2975 SSL_ARIA256GCM,
2976 SSL_AEAD,
2977 TLS1_2_VERSION, TLS1_2_VERSION,
2978 DTLS1_2_VERSION, DTLS1_2_VERSION,
2979 SSL_NOT_DEFAULT | SSL_HIGH,
2980 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2981 256,
2982 256,
2983 },
2984 {
2985 1,
2986 TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2987 TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2988 TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2989 SSL_kDHE,
2990 SSL_aDSS,
2991 SSL_ARIA128GCM,
2992 SSL_AEAD,
2993 TLS1_2_VERSION, TLS1_2_VERSION,
2994 DTLS1_2_VERSION, DTLS1_2_VERSION,
2995 SSL_NOT_DEFAULT | SSL_HIGH,
2996 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2997 128,
2998 128,
2999 },
3000 {
3001 1,
3002 TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3003 TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3004 TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3005 SSL_kDHE,
3006 SSL_aDSS,
3007 SSL_ARIA256GCM,
3008 SSL_AEAD,
3009 TLS1_2_VERSION, TLS1_2_VERSION,
3010 DTLS1_2_VERSION, DTLS1_2_VERSION,
3011 SSL_NOT_DEFAULT | SSL_HIGH,
3012 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3013 256,
3014 256,
3015 },
3016 {
3017 1,
3018 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3019 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3020 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3021 SSL_kECDHE,
3022 SSL_aECDSA,
3023 SSL_ARIA128GCM,
3024 SSL_AEAD,
3025 TLS1_2_VERSION, TLS1_2_VERSION,
3026 DTLS1_2_VERSION, DTLS1_2_VERSION,
3027 SSL_NOT_DEFAULT | SSL_HIGH,
3028 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3029 128,
3030 128,
3031 },
3032 {
3033 1,
3034 TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3035 TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3036 TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3037 SSL_kECDHE,
3038 SSL_aECDSA,
3039 SSL_ARIA256GCM,
3040 SSL_AEAD,
3041 TLS1_2_VERSION, TLS1_2_VERSION,
3042 DTLS1_2_VERSION, DTLS1_2_VERSION,
3043 SSL_NOT_DEFAULT | SSL_HIGH,
3044 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3045 256,
3046 256,
3047 },
Jon Spillettbc326732017-08-22 09:56:13 +1000[diff] [blame]3048 {
3049 1,
3050 TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3051 TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3052 TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3053 SSL_kECDHE,
3054 SSL_aRSA,
3055 SSL_ARIA128GCM,
3056 SSL_AEAD,
3057 TLS1_2_VERSION, TLS1_2_VERSION,
3058 DTLS1_2_VERSION, DTLS1_2_VERSION,
3059 SSL_NOT_DEFAULT | SSL_HIGH,
3060 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3061 128,
3062 128,
3063 },
3064 {
3065 1,
3066 TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3067 TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3068 TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3069 SSL_kECDHE,
3070 SSL_aRSA,
3071 SSL_ARIA256GCM,
3072 SSL_AEAD,
3073 TLS1_2_VERSION, TLS1_2_VERSION,
3074 DTLS1_2_VERSION, DTLS1_2_VERSION,
3075 SSL_NOT_DEFAULT | SSL_HIGH,
3076 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3077 256,
3078 256,
3079 },
3080 {
3081 1,
3082 TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3083 TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3084 TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3085 SSL_kPSK,
3086 SSL_aPSK,
3087 SSL_ARIA128GCM,
3088 SSL_AEAD,
3089 TLS1_2_VERSION, TLS1_2_VERSION,
3090 DTLS1_2_VERSION, DTLS1_2_VERSION,
3091 SSL_NOT_DEFAULT | SSL_HIGH,
3092 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3093 128,
3094 128,
3095 },
3096 {
3097 1,
3098 TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3099 TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3100 TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3101 SSL_kPSK,
3102 SSL_aPSK,
3103 SSL_ARIA256GCM,
3104 SSL_AEAD,
3105 TLS1_2_VERSION, TLS1_2_VERSION,
3106 DTLS1_2_VERSION, DTLS1_2_VERSION,
3107 SSL_NOT_DEFAULT | SSL_HIGH,
3108 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3109 256,
3110 256,
3111 },
3112 {
3113 1,
3114 TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3115 TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3116 TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3117 SSL_kDHEPSK,
3118 SSL_aPSK,
3119 SSL_ARIA128GCM,
3120 SSL_AEAD,
3121 TLS1_2_VERSION, TLS1_2_VERSION,
3122 DTLS1_2_VERSION, DTLS1_2_VERSION,
3123 SSL_NOT_DEFAULT | SSL_HIGH,
3124 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3125 128,
3126 128,
3127 },
3128 {
3129 1,
3130 TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3131 TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3132 TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3133 SSL_kDHEPSK,
3134 SSL_aPSK,
3135 SSL_ARIA256GCM,
3136 SSL_AEAD,
3137 TLS1_2_VERSION, TLS1_2_VERSION,
3138 DTLS1_2_VERSION, DTLS1_2_VERSION,
3139 SSL_NOT_DEFAULT | SSL_HIGH,
3140 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3141 256,
3142 256,
3143 },
Jon Spillettbc326732017-08-22 09:56:13 +1000[diff] [blame]3144 {
3145 1,
3146 TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3147 TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3148 TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3149 SSL_kRSAPSK,
3150 SSL_aRSA,
3151 SSL_ARIA128GCM,
3152 SSL_AEAD,
3153 TLS1_2_VERSION, TLS1_2_VERSION,
3154 DTLS1_2_VERSION, DTLS1_2_VERSION,
3155 SSL_NOT_DEFAULT | SSL_HIGH,
3156 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3157 128,
3158 128,
3159 },
3160 {
3161 1,
3162 TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3163 TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3164 TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3165 SSL_kRSAPSK,
3166 SSL_aRSA,
3167 SSL_ARIA256GCM,
3168 SSL_AEAD,
3169 TLS1_2_VERSION, TLS1_2_VERSION,
3170 DTLS1_2_VERSION, DTLS1_2_VERSION,
3171 SSL_NOT_DEFAULT | SSL_HIGH,
3172 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3173 256,
3174 256,
3175 },
3176#endif /* OPENSSL_NO_ARIA */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3177};
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3178
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]3179/*
3180 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3181 * values stuffed into the ciphers field of the wire protocol for signalling
3182 * purposes.
3183 */
3184static SSL_CIPHER ssl3_scsvs[] = {
3185 {
3186 0,
3187 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]3188 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]3189 SSL3_CK_SCSV,
3190 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3191 },
3192 {
3193 0,
3194 "TLS_FALLBACK_SCSV",
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]3195 "TLS_FALLBACK_SCSV",
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]3196 SSL3_CK_FALLBACK_SCSV,
3197 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3198 },
3199};
3200
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]3201static int cipher_compare(const void *a, const void *b)
3202{
3203 const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3204 const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3205
Richard Levittea7ff5792017-07-08 22:13:24 +0200[diff] [blame]3206 if (ap->id == bp->id)
3207 return 0;
3208 return ap->id < bp->id ? -1 : 1;
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]3209}
3210
3211void ssl_sort_cipher_list(void)
3212{
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]3213 qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3214 cipher_compare);
Rich Salzcbe29642017-12-07 13:39:34 -0500[diff] [blame]3215 qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]3216 cipher_compare);
Rich Salzcbe29642017-12-07 13:39:34 -0500[diff] [blame]3217 qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
Rich Salz748f2542016-03-16 12:33:00 -0400[diff] [blame]3218}
3219
Bernd Edlingerfce78bd2017-12-15 19:33:48 +0100[diff] [blame]3220static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s,
3221 const char * t, size_t u,
3222 const unsigned char * v, size_t w, int x)
3223{
3224 (void)r;
3225 (void)s;
3226 (void)t;
3227 (void)u;
3228 (void)v;
3229 (void)w;
3230 (void)x;
3231 return ssl_undefined_function(ssl);
3232}
3233
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3234const SSL3_ENC_METHOD SSLv3_enc_data = {
3235 ssl3_enc,
3236 n_ssl3_mac,
3237 ssl3_setup_key_block,
3238 ssl3_generate_master_secret,
3239 ssl3_change_cipher_state,
3240 ssl3_final_finish_mac,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3241 SSL3_MD_CLIENT_FINISHED_CONST, 4,
3242 SSL3_MD_SERVER_FINISHED_CONST, 4,
3243 ssl3_alert_code,
Bernd Edlingerfce78bd2017-12-15 19:33:48 +0100[diff] [blame]3244 ssl_undefined_function_1,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3245 0,
Matt Caswella29fa982016-09-29 22:40:15 +0100[diff] [blame]3246 ssl3_set_handshake_header,
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]3247 tls_close_construct_packet,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3248 ssl3_handshake_write
3249};
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]3250
Dr. Stephen Hensonf3b656b2005-08-05 23:56:11 +0000[diff] [blame]3251long ssl3_default_timeout(void)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3252{
3253 /*
3254 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3255 * http, the cache would over fill
3256 */
3257 return (60 * 60 * 2);
3258}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3259
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3260int ssl3_num_ciphers(void)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3261{
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3262 return SSL3_NUM_CIPHERS;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3263}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3264
Ben Lauriebabb3792008-10-12 14:32:47 +0000[diff] [blame]3265const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3266{
3267 if (u < SSL3_NUM_CIPHERS)
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3268 return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3269 else
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3270 return NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3271}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3272
Matt Caswella29fa982016-09-29 22:40:15 +0100[diff] [blame]3273int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]3274{
Matt Caswell4a01c592016-09-30 10:38:32 +0100[diff] [blame]3275 /* No header in the event of a CCS */
3276 if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3277 return 1;
3278
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]3279 /* Set the content type and 3 bytes for the message len */
Matt Caswell08029df2016-09-20 14:47:44 +0100[diff] [blame]3280 if (!WPACKET_put_bytes_u8(pkt, htype)
Matt Caswellde451852016-09-09 00:13:41 +0100[diff] [blame]3281 || !WPACKET_start_sub_packet_u24(pkt))
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]3282 return 0;
3283
3284 return 1;
3285}
3286
Dr. Stephen Henson173e72e2013-03-11 15:34:28 +0000[diff] [blame]3287int ssl3_handshake_write(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3288{
3289 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3290}
Dr. Stephen Henson173e72e2013-03-11 15:34:28 +0000[diff] [blame]3291
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3292int ssl3_new(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3293{
3294 SSL3_STATE *s3;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3295
Rich Salzb51bce92015-08-25 13:25:58 -0400[diff] [blame]3296 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3297 goto err;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3298 s->s3 = s3;
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]3299
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3300#ifndef OPENSSL_NO_SRP
Viktor Dukhovni61986d32015-04-16 01:50:03 -0400[diff] [blame]3301 if (!SSL_SRP_CTX_init(s))
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]3302 goto err;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3303#endif
Matt Caswellb77f3ed2017-05-22 12:33:42 +0100[diff] [blame]3304
3305 if (!s->method->ssl_clear(s))
3306 return 0;
3307
Matt Caswella89325e2017-05-22 12:33:29 +0100[diff] [blame]3308 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3309 err:
Matt Caswella89325e2017-05-22 12:33:29 +0100[diff] [blame]3310 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3311}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3312
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]3313void ssl3_free(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3314{
Rich Salze6e91702018-03-27 16:25:08 -0400[diff] [blame]3315 if (s == NULL || s->s3 == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3316 return;
Ben Lauriee03ddfa1999-01-07 19:15:59 +0000[diff] [blame]3317
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3318 ssl3_cleanup_key_block(s);
Dr. Stephen Henson8d92c1f2015-06-21 16:26:08 +0100[diff] [blame]3319
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3320#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
Dr. Stephen Henson61dd9f72015-12-14 00:33:33 +0000[diff] [blame]3321 EVP_PKEY_free(s->s3->peer_tmp);
3322 s->s3->peer_tmp = NULL;
Dr. Stephen Hensonb22d7112015-12-24 00:23:29 +0000[diff] [blame]3323 EVP_PKEY_free(s->s3->tmp.pkey);
3324 s->s3->tmp.pkey = NULL;
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]3325#endif
3326
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]3327 OPENSSL_free(s->s3->tmp.ctype);
Dr. Stephen Hensonfa7c2632017-03-13 15:00:36 +0000[diff] [blame]3328 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3329 OPENSSL_free(s->s3->tmp.ciphers_raw);
3330 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3331 OPENSSL_free(s->s3->tmp.peer_sigalgs);
Benjamin Kadukc589c342018-01-11 11:47:12 -0600[diff] [blame]3332 OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
Dr. Stephen Henson85fb6fd2015-06-20 15:37:22 +0100[diff] [blame]3333 ssl3_free_digest_list(s);
Rich Salz25aaa982015-05-01 14:37:16 -0400[diff] [blame]3334 OPENSSL_free(s->s3->alpn_selected);
Todd Short817cd0d2016-03-05 08:47:55 -0500[diff] [blame]3335 OPENSSL_free(s->s3->alpn_proposed);
Adam Langley6f017a82013-04-15 18:07:47 -0400[diff] [blame]3336
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3337#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3338 SSL_SRP_CTX_free(s);
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3339#endif
Rich Salzb4faea52015-05-01 23:10:31 -0400[diff] [blame]3340 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3341 s->s3 = NULL;
3342}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3343
Matt Caswellb77f3ed2017-05-22 12:33:42 +0100[diff] [blame]3344int ssl3_clear(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3345{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3346 ssl3_cleanup_key_block(s);
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]3347 OPENSSL_free(s->s3->tmp.ctype);
Dr. Stephen Hensonfa7c2632017-03-13 15:00:36 +0000[diff] [blame]3348 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3349 OPENSSL_free(s->s3->tmp.ciphers_raw);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3350 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
Dr. Stephen Henson76106e62015-05-12 17:17:37 +0100[diff] [blame]3351 OPENSSL_free(s->s3->tmp.peer_sigalgs);
Benjamin Kadukc589c342018-01-11 11:47:12 -0600[diff] [blame]3352 OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3353
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3354#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
Dr. Stephen Hensonb22d7112015-12-24 00:23:29 +0000[diff] [blame]3355 EVP_PKEY_free(s->s3->tmp.pkey);
Dr. Stephen Henson61dd9f72015-12-14 00:33:33 +0000[diff] [blame]3356 EVP_PKEY_free(s->s3->peer_tmp);
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]3357#endif /* !OPENSSL_NO_EC */
Mark J. Cox413c4f41999-02-16 09:22:21 +0000[diff] [blame]3358
Dr. Stephen Henson85fb6fd2015-06-20 15:37:22 +0100[diff] [blame]3359 ssl3_free_digest_list(s);
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3360
Todd Short817cd0d2016-03-05 08:47:55 -0500[diff] [blame]3361 OPENSSL_free(s->s3->alpn_selected);
3362 OPENSSL_free(s->s3->alpn_proposed);
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3363
Todd Short817cd0d2016-03-05 08:47:55 -0500[diff] [blame]3364 /* NULL/zero-out everything in the s3 struct */
Rich Salzb4faea52015-05-01 23:10:31 -0400[diff] [blame]3365 memset(s->s3, 0, sizeof(*s->s3));
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3366
Matt Caswellb77f3ed2017-05-22 12:33:42 +0100[diff] [blame]3367 if (!ssl_free_wbio_buffer(s))
3368 return 0;
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3369
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3370 s->version = SSL3_VERSION;
Ben Laurieee2ffc22010-07-28 10:06:55 +0000[diff] [blame]3371
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3372#if !defined(OPENSSL_NO_NEXTPROTONEG)
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3373 OPENSSL_free(s->ext.npn);
3374 s->ext.npn = NULL;
3375 s->ext.npn_len = 0;
Ben Laurieee2ffc22010-07-28 10:06:55 +0000[diff] [blame]3376#endif
Matt Caswellb77f3ed2017-05-22 12:33:42 +0100[diff] [blame]3377
3378 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3379}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3380
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3381#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3382static char *srp_password_from_info_cb(SSL *s, void *arg)
3383{
Rich Salz7644a9a2015-12-16 16:12:24 -0500[diff] [blame]3384 return OPENSSL_strdup(s->srp_ctx.info);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3385}
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3386#endif
3387
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]3388static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3389
Bodo Möllera661b652001-10-20 17:56:36 +0000[diff] [blame]3390long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3391{
3392 int ret = 0;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]3393
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3394 switch (cmd) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3395 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3396 break;
3397 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3398 ret = s->s3->num_renegotiations;
3399 break;
3400 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3401 ret = s->s3->num_renegotiations;
3402 s->s3->num_renegotiations = 0;
3403 break;
3404 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3405 ret = s->s3->total_renegotiations;
3406 break;
3407 case SSL_CTRL_GET_FLAGS:
3408 ret = (int)(s->s3->flags);
3409 break;
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3410#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3411 case SSL_CTRL_SET_TMP_DH:
3412 {
3413 DH *dh = (DH *)parg;
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3414 EVP_PKEY *pkdh = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3415 if (dh == NULL) {
3416 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3417 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3418 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3419 pkdh = ssl_dh_to_pkey(dh);
3420 if (pkdh == NULL) {
3421 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3422 return 0;
3423 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3424 if (!ssl_security(s, SSL_SECOP_TMP_DH,
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3425 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3426 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3427 EVP_PKEY_free(pkdh);
3428 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3429 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3430 EVP_PKEY_free(s->cert->dh_tmp);
3431 s->cert->dh_tmp = pkdh;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3432 ret = 1;
3433 }
3434 break;
3435 case SSL_CTRL_SET_TMP_DH_CB:
3436 {
3437 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3438 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3439 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3440 case SSL_CTRL_SET_DH_AUTO:
3441 s->cert->dh_tmp_auto = larg;
3442 return 1;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3443#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3444#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3445 case SSL_CTRL_SET_TMP_ECDH:
3446 {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3447 const EC_GROUP *group = NULL;
3448 int nid;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3449
3450 if (parg == NULL) {
3451 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3452 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3453 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3454 group = EC_KEY_get0_group((const EC_KEY *)parg);
3455 if (group == NULL) {
3456 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3457 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3458 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3459 nid = EC_GROUP_get_curve_name(group);
3460 if (nid == NID_undef)
3461 return 0;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3462 return tls1_set_groups(&s->ext.supportedgroups,
3463 &s->ext.supportedgroups_len,
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3464 &nid, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3465 }
3466 break;
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3467#endif /* !OPENSSL_NO_EC */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3468 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3469 if (larg == TLSEXT_NAMETYPE_host_name) {
Viktor Dukhovni0982eca2016-01-16 12:57:24 -0500[diff] [blame]3470 size_t len;
3471
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3472 OPENSSL_free(s->ext.hostname);
3473 s->ext.hostname = NULL;
Bodo Möllered3883d2006-01-02 23:14:37 +0000[diff] [blame]3474
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3475 ret = 1;
3476 if (parg == NULL)
3477 break;
Viktor Dukhovni0982eca2016-01-16 12:57:24 -0500[diff] [blame]3478 len = strlen((char *)parg);
3479 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3480 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3481 return 0;
3482 }
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3483 if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3484 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3485 return 0;
3486 }
3487 } else {
3488 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3489 return 0;
3490 }
3491 break;
3492 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3493 s->ext.debug_arg = parg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3494 ret = 1;
3495 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3496
Alessandro Ghedini4300aaf2016-05-11 00:48:49 +0100[diff] [blame]3497 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3498 ret = s->ext.status_type;
Alessandro Ghedini4300aaf2016-05-11 00:48:49 +0100[diff] [blame]3499 break;
3500
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3501 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3502 s->ext.status_type = larg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3503 ret = 1;
3504 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3505
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3506 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3507 *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3508 ret = 1;
3509 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3510
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3511 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3512 s->ext.ocsp.exts = parg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3513 ret = 1;
3514 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3515
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3516 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3517 *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3518 ret = 1;
3519 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3520
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3521 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3522 s->ext.ocsp.ids = parg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3523 ret = 1;
3524 break;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3525
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3526 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3527 *(unsigned char **)parg = s->ext.ocsp.resp;
3528 if (s->ext.ocsp.resp_len == 0
3529 || s->ext.ocsp.resp_len > LONG_MAX)
Matt Caswell8b0e9342016-10-06 19:17:54 +0100[diff] [blame]3530 return -1;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3531 return (long)s->ext.ocsp.resp_len;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3532
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3533 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3534 OPENSSL_free(s->ext.ocsp.resp);
3535 s->ext.ocsp.resp = parg;
3536 s->ext.ocsp.resp_len = larg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3537 ret = 1;
3538 break;
Dr. Stephen Henson48175042011-12-31 22:59:57 +0000[diff] [blame]3539
Richard Levitteb6127992016-11-15 14:53:33 +0100[diff] [blame]3540#ifndef OPENSSL_NO_HEARTBEATS
3541 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3542 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3543 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3544 break;
3545#endif
3546
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3547 case SSL_CTRL_CHAIN:
3548 if (larg)
3549 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3550 else
3551 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3552
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3553 case SSL_CTRL_CHAIN_CERT:
3554 if (larg)
3555 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3556 else
3557 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3558
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3559 case SSL_CTRL_GET_CHAIN_CERTS:
3560 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3561 break;
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3562
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3563 case SSL_CTRL_SELECT_CURRENT_CERT:
3564 return ssl_cert_select_current(s->cert, (X509 *)parg);
3565
3566 case SSL_CTRL_SET_CURRENT_CERT:
3567 if (larg == SSL_CERT_SET_SERVER) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3568 const SSL_CIPHER *cipher;
3569 if (!s->server)
3570 return 0;
3571 cipher = s->s3->tmp.new_cipher;
Dr. Stephen Hensonf365a3e2017-02-13 16:32:06 +0000[diff] [blame]3572 if (cipher == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3573 return 0;
3574 /*
3575 * No certificate for unauthenticated ciphersuites or using SRP
3576 * authentication
3577 */
3578 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3579 return 2;
Dr. Stephen Hensona497cf22017-02-14 00:35:26 +0000[diff] [blame]3580 if (s->s3->tmp.cert == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3581 return 0;
Dr. Stephen Hensona497cf22017-02-14 00:35:26 +0000[diff] [blame]3582 s->cert->key = s->s3->tmp.cert;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3583 return 1;
3584 }
3585 return ssl_cert_set_current(s->cert, larg);
Dr. Stephen Henson0f788192014-02-02 02:51:30 +0000[diff] [blame]3586
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3587#ifndef OPENSSL_NO_EC
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3588 case SSL_CTRL_GET_GROUPS:
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3589 {
Dr. Stephen Henson9e84a422017-09-22 16:06:52 +0100[diff] [blame]3590 uint16_t *clist;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3591 size_t clistlen;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3592
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3593 if (!s->session)
3594 return 0;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3595 clist = s->session->ext.supportedgroups;
Dr. Stephen Henson9e84a422017-09-22 16:06:52 +0100[diff] [blame]3596 clistlen = s->session->ext.supportedgroups_len;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3597 if (parg) {
3598 size_t i;
3599 int *cptr = parg;
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]3600
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3601 for (i = 0; i < clistlen; i++) {
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]3602 const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]);
3603
3604 if (cinf != NULL)
3605 cptr[i] = cinf->nid;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3606 else
Dr. Stephen Henson9e84a422017-09-22 16:06:52 +0100[diff] [blame]3607 cptr[i] = TLSEXT_nid_unknown | clist[i];
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3608 }
3609 }
3610 return (int)clistlen;
3611 }
Dr. Stephen Hensone7f8ff42012-03-06 14:28:21 +0000[diff] [blame]3612
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3613 case SSL_CTRL_SET_GROUPS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3614 return tls1_set_groups(&s->ext.supportedgroups,
3615 &s->ext.supportedgroups_len, parg, larg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3616
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3617 case SSL_CTRL_SET_GROUPS_LIST:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3618 return tls1_set_groups_list(&s->ext.supportedgroups,
3619 &s->ext.supportedgroups_len, parg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3620
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3621 case SSL_CTRL_GET_SHARED_GROUP:
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]3622 {
3623 uint16_t id = tls1_shared_group(s, larg);
Dr. Stephen Hensona4352632012-04-05 13:38:27 +0000[diff] [blame]3624
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]3625 if (larg != -1) {
3626 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
3627
3628 return ginf == NULL ? 0 : ginf->nid;
3629 }
3630 return id;
3631 }
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3632#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3633 case SSL_CTRL_SET_SIGALGS:
3634 return tls1_set_sigalgs(s->cert, parg, larg, 0);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3635
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3636 case SSL_CTRL_SET_SIGALGS_LIST:
3637 return tls1_set_sigalgs_list(s->cert, parg, 0);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3638
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3639 case SSL_CTRL_SET_CLIENT_SIGALGS:
3640 return tls1_set_sigalgs(s->cert, parg, larg, 1);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3641
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3642 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3643 return tls1_set_sigalgs_list(s->cert, parg, 1);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3644
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3645 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3646 {
3647 const unsigned char **pctype = parg;
3648 if (s->server || !s->s3->tmp.cert_req)
3649 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3650 if (pctype)
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]3651 *pctype = s->s3->tmp.ctype;
3652 return s->s3->tmp.ctype_len;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3653 }
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3654
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3655 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3656 if (!s->server)
3657 return 0;
3658 return ssl3_set_req_cert_type(s->cert, parg, larg);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3659
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3660 case SSL_CTRL_BUILD_CERT_CHAIN:
3661 return ssl_build_cert_chain(s, NULL, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3662
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3663 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3664 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3665
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3666 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3667 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3668
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3669 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
Dr. Stephen Hensonf742cda2017-01-30 13:48:39 +0000[diff] [blame]3670 if (s->s3->tmp.peer_sigalg == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3671 return 0;
Dr. Stephen Hensonf742cda2017-01-30 13:48:39 +0000[diff] [blame]3672 *(int *)parg = s->s3->tmp.peer_sigalg->hash;
3673 return 1;
Dr. Stephen Henson319354e2012-09-07 12:53:42 +0000[diff] [blame]3674
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3675 case SSL_CTRL_GET_SERVER_TMP_KEY:
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3676#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3677 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3678 return 0;
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3679 } else {
3680 EVP_PKEY_up_ref(s->s3->peer_tmp);
3681 *(EVP_PKEY **)parg = s->s3->peer_tmp;
3682 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3683 }
Dr. Stephen Hensonfb79abe2015-12-17 01:07:46 +0000[diff] [blame]3684#else
3685 return 0;
3686#endif
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3687#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3688 case SSL_CTRL_GET_EC_POINT_FORMATS:
3689 {
3690 SSL_SESSION *sess = s->session;
3691 const unsigned char **pformat = parg;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3692
3693 if (sess == NULL || sess->ext.ecpointformats == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3694 return 0;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3695 *pformat = sess->ext.ecpointformats;
3696 return (int)sess->ext.ecpointformats_len;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3697 }
Dr. Stephen Henson14536c82013-08-17 17:40:08 +0100[diff] [blame]3698#endif
Bodo Moellercf6da052014-10-15 04:03:28 +0200[diff] [blame]3699
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3700 default:
3701 break;
3702 }
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3703 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3704}
Richard Levittea9188d42000-01-18 09:30:51 +0000[diff] [blame]3705
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3706long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3707{
3708 int ret = 0;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3709
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3710 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3711#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3712 case SSL_CTRL_SET_TMP_DH_CB:
3713 {
3714 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3715 }
3716 break;
Ralf S. Engelschall15d21c21999-02-25 14:40:29 +0000[diff] [blame]3717#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3718 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3719 s->ext.debug_cb = (void (*)(SSL *, int, int,
Rich Salz1ed327f2017-01-09 12:42:15 -0500[diff] [blame]3720 const unsigned char *, int, void *))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3721 break;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3722
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3723 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3724 {
3725 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3726 }
3727 break;
3728 default:
3729 break;
3730 }
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3731 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3732}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3733
Bodo Möllera661b652001-10-20 17:56:36 +0000[diff] [blame]3734long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3735{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3736 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3737#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3738 case SSL_CTRL_SET_TMP_DH:
3739 {
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3740 DH *dh = (DH *)parg;
3741 EVP_PKEY *pkdh = NULL;
3742 if (dh == NULL) {
3743 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3744 return 0;
3745 }
3746 pkdh = ssl_dh_to_pkey(dh);
3747 if (pkdh == NULL) {
3748 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3749 return 0;
3750 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3751 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3752 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3753 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3754 EVP_PKEY_free(pkdh);
3755 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3756 }
Dr. Stephen Hensone2b420f2015-12-17 00:05:26 +0000[diff] [blame]3757 EVP_PKEY_free(ctx->cert->dh_tmp);
3758 ctx->cert->dh_tmp = pkdh;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3759 return 1;
3760 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3761 case SSL_CTRL_SET_TMP_DH_CB:
3762 {
3763 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3764 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3765 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3766 case SSL_CTRL_SET_DH_AUTO:
3767 ctx->cert->dh_tmp_auto = larg;
3768 return 1;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3769#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3770#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3771 case SSL_CTRL_SET_TMP_ECDH:
3772 {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3773 const EC_GROUP *group = NULL;
3774 int nid;
Bodo Möllerea262262002-08-09 08:56:08 +0000[diff] [blame]3775
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3776 if (parg == NULL) {
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3777 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3778 return 0;
3779 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3780 group = EC_KEY_get0_group((const EC_KEY *)parg);
3781 if (group == NULL) {
3782 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3783 return 0;
3784 }
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3785 nid = EC_GROUP_get_curve_name(group);
3786 if (nid == NID_undef)
3787 return 0;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3788 return tls1_set_groups(&ctx->ext.supportedgroups,
3789 &ctx->ext.supportedgroups_len,
Kurt Roeckx6977e8e2015-12-04 22:25:11 +0100[diff] [blame]3790 &nid, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3791 }
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]3792#endif /* !OPENSSL_NO_EC */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3793 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3794 ctx->ext.servername_arg = parg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3795 break;
3796 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3797 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3798 {
3799 unsigned char *keys = parg;
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3800 long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3801 sizeof(ctx->ext.secure->tick_hmac_key) +
3802 sizeof(ctx->ext.secure->tick_aes_key));
Kurt Roeckxd1397232016-03-02 14:39:14 +0100[diff] [blame]3803 if (keys == NULL)
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3804 return tick_keylen;
3805 if (larg != tick_keylen) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3806 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3807 return 0;
3808 }
3809 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3810 memcpy(ctx->ext.tick_key_name, keys,
3811 sizeof(ctx->ext.tick_key_name));
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3812 memcpy(ctx->ext.secure->tick_hmac_key,
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3813 keys + sizeof(ctx->ext.tick_key_name),
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3814 sizeof(ctx->ext.secure->tick_hmac_key));
3815 memcpy(ctx->ext.secure->tick_aes_key,
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3816 keys + sizeof(ctx->ext.tick_key_name) +
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3817 sizeof(ctx->ext.secure->tick_hmac_key),
3818 sizeof(ctx->ext.secure->tick_aes_key));
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3819 } else {
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3820 memcpy(keys, ctx->ext.tick_key_name,
3821 sizeof(ctx->ext.tick_key_name));
3822 memcpy(keys + sizeof(ctx->ext.tick_key_name),
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3823 ctx->ext.secure->tick_hmac_key,
3824 sizeof(ctx->ext.secure->tick_hmac_key));
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3825 memcpy(keys + sizeof(ctx->ext.tick_key_name) +
Todd Short4bfb96f2018-03-19 10:50:51 -0400[diff] [blame]3826 sizeof(ctx->ext.secure->tick_hmac_key),
3827 ctx->ext.secure->tick_aes_key,
3828 sizeof(ctx->ext.secure->tick_aes_key));
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3829 }
3830 return 1;
3831 }
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3832
Matt Caswell30b96762016-06-07 15:14:14 +0100[diff] [blame]3833 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3834 return ctx->ext.status_type;
Matt Caswell30b96762016-06-07 15:14:14 +0100[diff] [blame]3835
jfigusba261f72014-12-02 15:44:49 -0500[diff] [blame]3836 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3837 ctx->ext.status_type = larg;
jfigusba261f72014-12-02 15:44:49 -0500[diff] [blame]3838 break;
3839
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3840 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3841 ctx->ext.status_arg = parg;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3842 return 1;
Dr. Stephen Henson67c8e7f2007-09-26 21:56:59 +0000[diff] [blame]3843
Remi Gacognefddfc0a2016-08-06 12:54:29 +0200[diff] [blame]3844 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3845 *(void**)parg = ctx->ext.status_arg;
Remi Gacognefddfc0a2016-08-06 12:54:29 +0200[diff] [blame]3846 break;
3847
3848 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3849 *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
Remi Gacognefddfc0a2016-08-06 12:54:29 +0200[diff] [blame]3850 break;
3851
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3852#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3853 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3854 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]3855 OPENSSL_free(ctx->srp_ctx.login);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3856 ctx->srp_ctx.login = NULL;
3857 if (parg == NULL)
3858 break;
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]3859 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3860 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3861 return 0;
3862 }
Rich Salz7644a9a2015-12-16 16:12:24 -0500[diff] [blame]3863 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3864 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3865 return 0;
3866 }
3867 break;
3868 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3869 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3870 srp_password_from_info_cb;
Diego Santa Cruze655f542017-05-15 10:35:45 +0200[diff] [blame]3871 if (ctx->srp_ctx.info != NULL)
3872 OPENSSL_free(ctx->srp_ctx.info);
3873 if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) {
3874 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3875 return 0;
3876 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3877 break;
3878 case SSL_CTRL_SET_SRP_ARG:
3879 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3880 ctx->srp_ctx.SRP_cb_arg = parg;
3881 break;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]3882
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3883 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3884 ctx->srp_ctx.strength = larg;
3885 break;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3886#endif
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3887
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3888#ifndef OPENSSL_NO_EC
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3889 case SSL_CTRL_SET_GROUPS:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3890 return tls1_set_groups(&ctx->ext.supportedgroups,
3891 &ctx->ext.supportedgroups_len,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3892 parg, larg);
Dr. Stephen Hensond0595f12012-03-28 15:05:04 +0000[diff] [blame]3893
Matt Caswellde4d7642016-11-09 14:51:06 +0000[diff] [blame]3894 case SSL_CTRL_SET_GROUPS_LIST:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3895 return tls1_set_groups_list(&ctx->ext.supportedgroups,
3896 &ctx->ext.supportedgroups_len,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3897 parg);
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]3898#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3899 case SSL_CTRL_SET_SIGALGS:
3900 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3901
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3902 case SSL_CTRL_SET_SIGALGS_LIST:
3903 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3904
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3905 case SSL_CTRL_SET_CLIENT_SIGALGS:
3906 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
Dr. Stephen Henson3dbc46d2012-07-03 12:51:14 +0000[diff] [blame]3907
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3908 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3909 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
Dr. Stephen Henson0f229cc2012-06-22 14:03:31 +0000[diff] [blame]3910
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3911 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3912 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]3913
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3914 case SSL_CTRL_BUILD_CERT_CHAIN:
3915 return ssl_build_cert_chain(NULL, ctx, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3916
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3917 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3918 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3919
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3920 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3921 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
Dr. Stephen Henson74ecfab2012-07-23 23:34:28 +0000[diff] [blame]3922
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3923 /* A Thawte special :-) */
3924 case SSL_CTRL_EXTRA_CHAIN_CERT:
3925 if (ctx->extra_certs == NULL) {
FdaSilvaYY3c82e432016-06-04 00:15:19 +0200[diff] [blame]3926 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3927 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3928 return 0;
3929 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3930 }
FdaSilvaYY3c82e432016-06-04 00:15:19 +0200[diff] [blame]3931 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3932 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3933 return 0;
3934 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3935 break;
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]3936
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3937 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3938 if (ctx->extra_certs == NULL && larg == 0)
3939 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3940 else
3941 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3942 break;
Dr. Stephen Hensonf9b0b452011-12-22 15:14:32 +0000[diff] [blame]3943
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3944 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
Rich Salz222561f2015-04-30 17:33:59 -0400[diff] [blame]3945 sk_X509_pop_free(ctx->extra_certs, X509_free);
3946 ctx->extra_certs = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3947 break;
Dr. Stephen Hensonf9b0b452011-12-22 15:14:32 +0000[diff] [blame]3948
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3949 case SSL_CTRL_CHAIN:
3950 if (larg)
3951 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3952 else
3953 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3954
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3955 case SSL_CTRL_CHAIN_CERT:
3956 if (larg)
3957 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3958 else
3959 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
Dr. Stephen Hensonf71c6e52012-01-31 14:00:10 +0000[diff] [blame]3960
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3961 case SSL_CTRL_GET_CHAIN_CERTS:
3962 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3963 break;
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3964
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3965 case SSL_CTRL_SELECT_CURRENT_CERT:
3966 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
Rob Stradling7b6b2462013-11-11 18:04:24 +0100[diff] [blame]3967
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3968 case SSL_CTRL_SET_CURRENT_CERT:
3969 return ssl_cert_set_current(ctx->cert, larg);
Dr. Stephen Henson0f788192014-02-02 02:51:30 +0000[diff] [blame]3970
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3971 default:
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]3972 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3973 }
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]3974 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3975}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3976
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3977long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3978{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3979 switch (cmd) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]3980#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3981 case SSL_CTRL_SET_TMP_DH_CB:
3982 {
Matt Caswell8ca8fc42015-12-11 22:18:00 +0000[diff] [blame]3983 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3984 }
3985 break;
Richard Levitted3442bc2000-02-20 23:43:02 +0000[diff] [blame]3986#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3987 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3988 ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3989 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]3990
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3991 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3992 ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3993 break;
3994
3995 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
Rich Salzaff8c122016-12-08 14:18:40 -0500[diff] [blame]3996 ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]3997 unsigned char *,
3998 EVP_CIPHER_CTX *,
3999 HMAC_CTX *, int))fp;
4000 break;
4001
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]4002#ifndef OPENSSL_NO_SRP
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4003 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4004 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4005 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4006 break;
4007 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4008 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4009 ctx->srp_ctx.TLS_ext_srp_username_callback =
4010 (int (*)(SSL *, int *, void *))fp;
4011 break;
4012 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4013 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4014 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4015 (char *(*)(SSL *, void *))fp;
4016 break;
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]4017#endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4018 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4019 {
4020 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4021 }
4022 break;
4023 default:
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]4024 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4025 }
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]4026 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4027}
Bodo Möller761772d2007-09-21 06:54:24 +0000[diff] [blame]4028
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4029const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4030{
4031 SSL_CIPHER c;
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]4032 const SSL_CIPHER *cp;
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4033
4034 c.id = id;
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]4035 cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4036 if (cp != NULL)
4037 return cp;
Benjamin Kaduk650c6e42017-02-03 17:17:21 -0600[diff] [blame]4038 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4039 if (cp != NULL)
4040 return cp;
4041 return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4042}
4043
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]4044const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4045{
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]4046 SSL_CIPHER *c = NULL, *tbl;
4047 SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers};
4048 size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS};
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]4049
Xiaoyin Liu3519bae2017-07-30 18:43:19 -0400[diff] [blame]4050 /* this is not efficient, necessary to optimize this? */
Matt Caswellf865b082018-02-16 11:26:02 +0000[diff] [blame]4051 for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4052 for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4053 if (tbl->stdname == NULL)
4054 continue;
4055 if (strcmp(stdname, tbl->stdname) == 0) {
4056 c = tbl;
4057 break;
4058 }
Paul Yangbbb4ceb2017-06-30 03:06:19 +0800[diff] [blame]4059 }
4060 }
4061 if (c == NULL) {
4062 tbl = ssl3_scsvs;
4063 for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) {
4064 if (strcmp(stdname, tbl->stdname) == 0) {
4065 c = tbl;
4066 break;
4067 }
4068 }
4069 }
4070 return c;
4071}
4072
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4073/*
4074 * This function needs to check if the ciphers required are actually
4075 * available
4076 */
Ben Lauriebabb3792008-10-12 14:32:47 +0000[diff] [blame]4077const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4078{
Matt Caswell1f5b44e2017-01-20 16:02:07 +0000[diff] [blame]4079 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4080 | ((uint32_t)p[0] << 8L)
4081 | (uint32_t)p[1]);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4082}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4083
Matt Caswellae2f7b32016-09-05 17:34:04 +0100[diff] [blame]4084int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]4085{
Matt Caswell34f72452017-01-27 11:58:04 +0000[diff] [blame]4086 if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]4087 *len = 0;
4088 return 1;
4089 }
4090
Matt Caswell08029df2016-09-20 14:47:44 +0100[diff] [blame]4091 if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
Matt Caswell2c7b4db2016-08-03 20:57:52 +0100[diff] [blame]4092 return 0;
4093
4094 *len = 2;
4095 return 1;
4096}
4097
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]4098/*
4099 * ssl3_choose_cipher - choose a cipher from those offered by the client
4100 * @s: SSL connection
4101 * @clnt: ciphers offered by the client
4102 * @srvr: ciphers enabled on the server?
4103 *
4104 * Returns the selected cipher or NULL when no common ciphers.
4105 */
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]4106const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4107 STACK_OF(SSL_CIPHER) *srvr)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4108{
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]4109 const SSL_CIPHER *c, *ret = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4110 STACK_OF(SSL_CIPHER) *prio, *allow;
Matt Caswell48a03162018-05-10 11:51:45 +0100[diff] [blame]4111 int i, ii, ok, prefer_sha256 = 0;
Matt Caswell0de6d662017-06-06 17:19:32 +0100[diff] [blame]4112 unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
Matt Caswell48a03162018-05-10 11:51:45 +0100[diff] [blame]4113 const EVP_MD *mdsha256 = EVP_sha256();
Todd Shorte1c78712015-12-21 15:19:29 -0500[diff] [blame]4114#ifndef OPENSSL_NO_CHACHA
4115 STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4116#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4117
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4118 /* Let's see which ciphers we can support */
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4119
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4120 /*
4121 * Do not set the compare functions, because this may lead to a
4122 * reordering by "id". We want to keep the original ordering. We may pay
4123 * a price in performance during sk_SSL_CIPHER_find(), but would have to
4124 * pay with the price of sk_SSL_CIPHER_dup().
4125 */
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4126
Ben Laurief415fa31999-03-06 14:09:36 +0000[diff] [blame]4127#ifdef CIPHER_DEBUG
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4128 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
4129 (void *)srvr);
4130 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4131 c = sk_SSL_CIPHER_value(srvr, i);
4132 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4133 }
4134 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
4135 (void *)clnt);
4136 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4137 c = sk_SSL_CIPHER_value(clnt, i);
4138 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4139 }
Ben Laurief415fa31999-03-06 14:09:36 +0000[diff] [blame]4140#endif
4141
Todd Shorte1c78712015-12-21 15:19:29 -0500[diff] [blame]4142 /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4143 if (tls1_suiteb(s)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4144 prio = srvr;
4145 allow = clnt;
Todd Shorte1c78712015-12-21 15:19:29 -0500[diff] [blame]4146 } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4147 prio = srvr;
4148 allow = clnt;
4149#ifndef OPENSSL_NO_CHACHA
4150 /* If ChaCha20 is at the top of the client preference list,
4151 and there are ChaCha20 ciphers in the server list, then
4152 temporarily prioritize all ChaCha20 ciphers in the servers list. */
4153 if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4154 c = sk_SSL_CIPHER_value(clnt, 0);
4155 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4156 /* ChaCha20 is client preferred, check server... */
4157 int num = sk_SSL_CIPHER_num(srvr);
4158 int found = 0;
4159 for (i = 0; i < num; i++) {
4160 c = sk_SSL_CIPHER_value(srvr, i);
4161 if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4162 found = 1;
4163 break;
4164 }
4165 }
4166 if (found) {
Todd Shorte670e902017-10-04 09:15:19 -0400[diff] [blame]4167 prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
Todd Shorte1c78712015-12-21 15:19:29 -0500[diff] [blame]4168 /* if reserve fails, then there's likely a memory issue */
4169 if (prio_chacha != NULL) {
4170 /* Put all ChaCha20 at the top, starting with the one we just found */
4171 sk_SSL_CIPHER_push(prio_chacha, c);
4172 for (i++; i < num; i++) {
4173 c = sk_SSL_CIPHER_value(srvr, i);
4174 if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4175 sk_SSL_CIPHER_push(prio_chacha, c);
4176 }
4177 /* Pull in the rest */
4178 for (i = 0; i < num; i++) {
4179 c = sk_SSL_CIPHER_value(srvr, i);
4180 if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4181 sk_SSL_CIPHER_push(prio_chacha, c);
4182 }
4183 prio = prio_chacha;
4184 }
4185 }
4186 }
4187 }
4188# endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4189 } else {
4190 prio = clnt;
4191 allow = srvr;
4192 }
Lutz Jänicke836f9962001-02-09 19:56:31 +0000[diff] [blame]4193
Matt Caswell48a03162018-05-10 11:51:45 +0100[diff] [blame]4194 if (SSL_IS_TLS13(s)) {
4195 int j;
4196
4197 /*
4198 * If we allow "old" style PSK callbacks, and we have no certificate (so
4199 * we're not going to succeed without a PSK anyway), and we're in
4200 * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4201 * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4202 * that.
4203 */
4204 if (s->psk_server_callback != NULL) {
4205 for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++);
4206 if (j == SSL_PKEY_NUM) {
4207 /* There are no certificates */
4208 prefer_sha256 = 1;
4209 }
4210 }
4211 } else {
Matt Caswell0de6d662017-06-06 17:19:32 +0100[diff] [blame]4212 tls1_set_cert_validity(s);
4213 ssl_set_masks(s);
4214 }
Dr. Stephen Hensond61ff832012-06-28 12:45:49 +0000[diff] [blame]4215
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4216 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4217 c = sk_SSL_CIPHER_value(prio, i);
Ben Laurie60e31c31999-02-21 21:58:59 +0000[diff] [blame]4218
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]4219 /* Skip ciphers not supported by the protocol version */
4220 if (!SSL_IS_DTLS(s) &&
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4221 ((s->version < c->min_tls) || (s->version > c->max_tls)))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4222 continue;
Kurt Roeckx3eb2aff2016-02-07 20:17:07 +0100[diff] [blame]4223 if (SSL_IS_DTLS(s) &&
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4224 (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4225 DTLS_VERSION_GT(s->version, c->max_dtls)))
Dr. Stephen Henson2b573382015-11-13 14:37:24 +0000[diff] [blame]4226 continue;
Matt Caswella055a882017-05-26 17:59:34 +0100[diff] [blame]4227
Matt Caswell0de6d662017-06-06 17:19:32 +0100[diff] [blame]4228 /*
4229 * Since TLS 1.3 ciphersuites can be used with any auth or
4230 * key exchange scheme skip tests.
4231 */
4232 if (!SSL_IS_TLS13(s)) {
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4233 mask_k = s->s3->tmp.mask_k;
4234 mask_a = s->s3->tmp.mask_a;
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]4235#ifndef OPENSSL_NO_SRP
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4236 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4237 mask_k |= SSL_kSRP;
4238 mask_a |= SSL_aSRP;
4239 }
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]4240#endif
Richard Levittef9b3bff2000-11-30 22:53:34 +0000[diff] [blame]4241
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4242 alg_k = c->algorithm_mkey;
4243 alg_a = c->algorithm_auth;
Bodo Möller52b8dad2007-02-17 06:45:38 +0000[diff] [blame]4244
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]4245#ifndef OPENSSL_NO_PSK
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4246 /* with PSK there must be server callback set */
4247 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4248 continue;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4249#endif /* OPENSSL_NO_PSK */
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]4250
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4251 ok = (alg_k & mask_k) && (alg_a & mask_a);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4252#ifdef CIPHER_DEBUG
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4253 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
4254 alg_a, mask_k, mask_a, (void *)c, c->name);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4255#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4256
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4257#ifndef OPENSSL_NO_EC
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4258 /*
4259 * if we are considering an ECC cipher suite that uses an ephemeral
4260 * EC key check it
4261 */
4262 if (alg_k & SSL_kECDHE)
4263 ok = ok && tls1_check_ec_tmp_key(s, c->id);
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4264#endif /* OPENSSL_NO_EC */
Bodo Möllerf393b742006-03-30 02:35:09 +0000[diff] [blame]4265
Dr. Stephen Henson612ca802017-01-31 18:59:31 +0000[diff] [blame]4266 if (!ok)
4267 continue;
4268 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4269 ii = sk_SSL_CIPHER_find(allow, c);
4270 if (ii >= 0) {
4271 /* Check security callback permits this cipher */
4272 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
Dr. Stephen Henson4a640fb2015-12-23 00:47:28 +0000[diff] [blame]4273 c->strength_bits, 0, (void *)c))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4274 continue;
Matt Caswelle481f9b2015-05-15 10:49:56 +0100[diff] [blame]4275#if !defined(OPENSSL_NO_EC)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4276 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4277 && s->s3->is_probably_safari) {
4278 if (!ret)
4279 ret = sk_SSL_CIPHER_value(allow, ii);
4280 continue;
4281 }
Rob Stradlingd89cd382013-09-10 12:20:29 +0100[diff] [blame]4282#endif
Matt Caswell48a03162018-05-10 11:51:45 +0100[diff] [blame]4283 if (prefer_sha256) {
4284 const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4285
4286 if (ssl_md(tmp->algorithm2) == mdsha256) {
4287 ret = tmp;
4288 break;
4289 }
4290 if (ret == NULL)
4291 ret = tmp;
4292 continue;
4293 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4294 ret = sk_SSL_CIPHER_value(allow, ii);
4295 break;
4296 }
4297 }
Todd Shorte1c78712015-12-21 15:19:29 -0500[diff] [blame]4298#ifndef OPENSSL_NO_CHACHA
4299 sk_SSL_CIPHER_free(prio_chacha);
4300#endif
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]4301 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4302}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4303
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4304int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4305{
Dr. Stephen Henson90d9e492015-11-05 16:14:17 +0000[diff] [blame]4306 uint32_t alg_k, alg_a = 0;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4307
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4308 /* If we have custom certificate types set, use them */
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]4309 if (s->cert->ctype)
4310 return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4311 /* Get mask of algorithms disabled by signature list */
4312 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]4313
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4314 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4315
Dr. Stephen Hensoncaa97ef2009-05-28 18:11:29 +0000[diff] [blame]4316#ifndef OPENSSL_NO_GOST
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4317 if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4318 return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4319 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN)
4320 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN);
Dr. Stephen Hensoncaa97ef2009-05-28 18:11:29 +0000[diff] [blame]4321#endif
4322
Dr. Stephen Hensonbc71f912015-12-15 23:57:18 +0000[diff] [blame]4323 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]4324#ifndef OPENSSL_NO_DH
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4325# ifndef OPENSSL_NO_RSA
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4326 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4327 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4328# endif
4329# ifndef OPENSSL_NO_DSA
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4330 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4331 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4332# endif
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4333#endif /* !OPENSSL_NO_DH */
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]4334 }
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]4335#ifndef OPENSSL_NO_RSA
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4336 if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4337 return 0;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4338#endif
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]4339#ifndef OPENSSL_NO_DSA
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4340 if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4341 return 0;
Ralf S. Engelschalldfeab061998-12-21 11:00:56 +0000[diff] [blame]4342#endif
Rich Salz10bf4fc2015-03-10 19:09:27 -0400[diff] [blame]4343#ifndef OPENSSL_NO_EC
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4344 /*
Dr. Stephen Hensonc66ce5e2015-12-12 17:41:18 +0000[diff] [blame]4345 * ECDSA certs can be used with RSA cipher suites too so we don't
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4346 * need to check for SSL_kECDH or SSL_kECDHE
4347 */
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4348 if (s->version >= TLS1_VERSION
4349 && !(alg_a & SSL_aECDSA)
4350 && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4351 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4352#endif
Matt Caswell28ff8ef2016-09-29 14:25:52 +0100[diff] [blame]4353 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4354}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4355
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]4356static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4357{
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]4358 OPENSSL_free(c->ctype);
4359 c->ctype = NULL;
4360 c->ctype_len = 0;
4361 if (p == NULL || len == 0)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4362 return 1;
4363 if (len > 0xff)
4364 return 0;
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]4365 c->ctype = OPENSSL_memdup(p, len);
4366 if (c->ctype == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4367 return 0;
Dr. Stephen Henson75c13e72017-02-23 22:12:28 +0000[diff] [blame]4368 c->ctype_len = len;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4369 return 1;
4370}
Dr. Stephen Henson9f27b1e2012-07-08 14:22:45 +0000[diff] [blame]4371
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]4372int ssl3_shutdown(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4373{
4374 int ret;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4375
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4376 /*
4377 * Don't do anything much if we have not done the handshake or we don't
4378 * want to send messages :-)
4379 */
Matt Caswellc874def2015-10-05 10:41:13 +0100[diff] [blame]4380 if (s->quiet_shutdown || SSL_in_before(s)) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4381 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]4382 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4383 }
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4384
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4385 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4386 s->shutdown |= SSL_SENT_SHUTDOWN;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4387 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4388 /*
4389 * our shutdown alert has been sent now, and if it still needs to be
4390 * written, s->s3->alert_dispatch will be true
4391 */
4392 if (s->s3->alert_dispatch)
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]4393 return -1; /* return WANT_WRITE */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4394 } else if (s->s3->alert_dispatch) {
4395 /* resend it if not sent */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4396 ret = s->method->ssl_dispatch_alert(s);
4397 if (ret == -1) {
4398 /*
4399 * we only get to return -1 here the 2nd/Nth invocation, we must
FdaSilvaYY8483a002016-03-10 21:34:48 +0100[diff] [blame]4400 * have already signalled return 0 upon a previous invocation,
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4401 * return WANT_WRITE
4402 */
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]4403 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4404 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4405 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4406 size_t readbytes;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4407 /*
4408 * If we are waiting for a close from our peer, we are closed
4409 */
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4410 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4411 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
Matt Caswelleda75752016-09-06 12:05:25 +0100[diff] [blame]4412 return -1; /* return WANT_READ */
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4413 }
4414 }
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4415
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4416 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4417 !s->s3->alert_dispatch)
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]4418 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4419 else
KaoruToda26a7d932017-10-17 23:04:09 +0900[diff] [blame]4420 return 0;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4421}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4422
Matt Caswell7ee86272016-09-07 11:34:39 +0100[diff] [blame]4423int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4424{
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4425 clear_sys_error();
4426 if (s->s3->renegotiate)
Matt Caswellc7f47782017-01-10 23:02:28 +0000[diff] [blame]4427 ssl3_renegotiate_check(s, 0);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4428
Matt Caswell7ee86272016-09-07 11:34:39 +0100[diff] [blame]4429 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4430 written);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4431}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4432
Matt Caswelleda75752016-09-06 12:05:25 +0100[diff] [blame]4433static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4434 size_t *readbytes)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4435{
4436 int ret;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4437
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4438 clear_sys_error();
4439 if (s->s3->renegotiate)
Matt Caswellc7f47782017-01-10 23:02:28 +0000[diff] [blame]4440 ssl3_renegotiate_check(s, 0);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4441 s->s3->in_read_app_data = 1;
4442 ret =
Matt Caswell657da852015-05-11 09:35:41 +0100[diff] [blame]4443 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4444 peek, readbytes);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4445 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4446 /*
4447 * ssl3_read_bytes decided to call s->handshake_func, which called
4448 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4449 * actually found application data and thinks that application data
4450 * makes sense here; so disable handshake processing and try to read
4451 * application data again.
4452 */
Matt Caswell024f5432015-10-22 13:57:18 +0100[diff] [blame]4453 ossl_statem_set_in_handshake(s, 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4454 ret =
Matt Caswell657da852015-05-11 09:35:41 +0100[diff] [blame]4455 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4456 len, peek, readbytes);
Matt Caswell024f5432015-10-22 13:57:18 +0100[diff] [blame]4457 ossl_statem_set_in_handshake(s, 0);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4458 } else
4459 s->s3->in_read_app_data = 0;
4460
Matt Caswelleda75752016-09-06 12:05:25 +0100[diff] [blame]4461 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4462}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4463
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4464int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4465{
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4466 return ssl3_read_internal(s, buf, len, 0, readbytes);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4467}
Bodo Möller5a4fbc62000-12-14 17:36:59 +0000[diff] [blame]4468
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4469int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4470{
Matt Caswell54105dd2016-10-26 10:43:34 +0100[diff] [blame]4471 return ssl3_read_internal(s, buf, len, 1, readbytes);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4472}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4473
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]4474int ssl3_renegotiate(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4475{
4476 if (s->handshake_func == NULL)
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]4477 return 1;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4478
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4479 s->s3->renegotiate = 1;
KaoruToda208fb892017-10-09 20:05:58 +0900[diff] [blame]4480 return 1;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4481}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]4482
Matt Caswellc7f47782017-01-10 23:02:28 +0000[diff] [blame]4483/*
4484 * Check if we are waiting to do a renegotiation and if so whether now is a
4485 * good time to do it. If |initok| is true then we are being called from inside
4486 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4487 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4488 * should do a renegotiation now and sets up the state machine for it. Otherwise
4489 * returns 0.
4490 */
4491int ssl3_renegotiate_check(SSL *s, int initok)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4492{
4493 int ret = 0;
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4494
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4495 if (s->s3->renegotiate) {
Matt Caswellf1619952015-02-02 12:18:03 +0000[diff] [blame]4496 if (!RECORD_LAYER_read_pending(&s->rlayer)
4497 && !RECORD_LAYER_write_pending(&s->rlayer)
Matt Caswellc7f47782017-01-10 23:02:28 +0000[diff] [blame]4498 && (initok || !SSL_in_init(s))) {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4499 /*
4500 * if we are the server, and we have sent a 'RENEGOTIATE'
Matt Caswell49ae7422015-09-08 09:13:50 +0100[diff] [blame]4501 * message, we need to set the state machine into the renegotiate
4502 * state.
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4503 */
Matt Caswellfe3a3292015-10-05 10:39:54 +0100[diff] [blame]4504 ossl_statem_set_renegotiate(s);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4505 s->s3->renegotiate = 0;
4506 s->s3->num_renegotiations++;
4507 s->s3->total_renegotiations++;
4508 ret = 1;
4509 }
4510 }
Matt Caswellc7f47782017-01-10 23:02:28 +0000[diff] [blame]4511 return ret;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4512}
4513
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]4514/*
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4515 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4516 * handshake macs if required.
Dr. Stephen Henson12053a82015-06-28 23:18:59 +0100[diff] [blame]4517 *
4518 * If PSK and using SHA384 for TLS < 1.2 switch to default.
Dr. Stephen Henson7409d7a2011-04-29 22:56:51 +0000[diff] [blame]4519 */
4520long ssl_get_algorithm2(SSL *s)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4521{
Dr. Stephen Henson52eede52016-07-19 16:03:10 +0100[diff] [blame]4522 long alg2;
4523 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
4524 return -1;
4525 alg2 = s->s3->tmp.new_cipher->algorithm2;
Dr. Stephen Henson12053a82015-06-28 23:18:59 +0100[diff] [blame]4526 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4527 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4528 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4529 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4530 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4531 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4532 }
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]4533 return alg2;
4534}
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4535
4536/*
4537 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4538 * failure, 1 on success.
4539 */
Matt Caswellf7f2a012017-03-22 08:52:54 +0000[diff] [blame]4540int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4541 DOWNGRADE dgrd)
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4542{
Matt Caswellf7f2a012017-03-22 08:52:54 +0000[diff] [blame]4543 int send_time = 0, ret;
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4544
4545 if (len < 4)
4546 return 0;
4547 if (server)
4548 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4549 else
4550 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4551 if (send_time) {
4552 unsigned long Time = (unsigned long)time(NULL);
4553 unsigned char *p = result;
Rich Salzae3947d2017-08-03 10:24:03 -0400[diff] [blame]4554
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4555 l2n(Time, p);
Kurt Roeckx16cfc2c2018-03-08 22:30:28 +0100[diff] [blame]4556 ret = RAND_bytes(p, len - 4);
Matt Caswellf7f2a012017-03-22 08:52:54 +0000[diff] [blame]4557 } else {
Kurt Roeckx16cfc2c2018-03-08 22:30:28 +0100[diff] [blame]4558 ret = RAND_bytes(result, len);
Matt Caswellf7f2a012017-03-22 08:52:54 +0000[diff] [blame]4559 }
4560#ifndef OPENSSL_NO_TLS13DOWNGRADE
Kurt Roeckx16cfc2c2018-03-08 22:30:28 +0100[diff] [blame]4561 if (ret > 0) {
Matt Caswellb77f3ed2017-05-22 12:33:42 +0100[diff] [blame]4562 if (!ossl_assert(sizeof(tls11downgrade) < len)
4563 || !ossl_assert(sizeof(tls12downgrade) < len))
4564 return 0;
Matt Caswellf7f2a012017-03-22 08:52:54 +0000[diff] [blame]4565 if (dgrd == DOWNGRADE_TO_1_2)
4566 memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4567 sizeof(tls12downgrade));
4568 else if (dgrd == DOWNGRADE_TO_1_1)
4569 memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4570 sizeof(tls11downgrade));
4571 }
4572#endif
4573 return ret;
Matt Caswella3680c82015-03-31 13:57:46 +0100[diff] [blame]4574}
Dr. Stephen Henson57b272b2015-06-17 04:10:04 +0100[diff] [blame]4575
4576int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4577 int free_pms)
4578{
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4579 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4580 int ret = 0;
4581
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4582 if (alg_k & SSL_PSK) {
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4583#ifndef OPENSSL_NO_PSK
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4584 unsigned char *pskpms, *t;
4585 size_t psklen = s->s3->tmp.psklen;
4586 size_t pskpmslen;
4587
4588 /* create PSK premaster_secret */
4589
4590 /* For plain PSK "other_secret" is psklen zeroes */
4591 if (alg_k & SSL_kPSK)
4592 pmslen = psklen;
4593
4594 pskpmslen = 4 + pmslen + psklen;
4595 pskpms = OPENSSL_malloc(pskpmslen);
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4596 if (pskpms == NULL)
Dr. Stephen Hensona7846652015-07-28 16:04:53 +0100[diff] [blame]4597 goto err;
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4598 t = pskpms;
4599 s2n(pmslen, t);
4600 if (alg_k & SSL_kPSK)
4601 memset(t, 0, pmslen);
4602 else
4603 memcpy(t, pms, pmslen);
4604 t += pmslen;
4605 s2n(psklen, t);
4606 memcpy(t, s->s3->tmp.psk, psklen);
4607
4608 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4609 s->s3->tmp.psk = NULL;
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4610 if (!s->method->ssl3_enc->generate_master_secret(s,
4611 s->session->master_key,pskpms, pskpmslen,
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4612 &s->session->master_key_length)) {
4613 /* SSLfatal() already called */
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4614 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4615 }
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4616 OPENSSL_clear_free(pskpms, pskpmslen);
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4617#else
4618 /* Should never happen */
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4619 goto err;
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4620#endif
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4621 } else {
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4622 if (!s->method->ssl3_enc->generate_master_secret(s,
4623 s->session->master_key, pms, pmslen,
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4624 &s->session->master_key_length)) {
4625 /* SSLfatal() already called */
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4626 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4627 }
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4628 }
4629
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4630 ret = 1;
Matt Caswell0907d712016-07-06 09:55:31 +0100[diff] [blame]4631 err:
Dr. Stephen Henson8a0a12e2015-06-28 16:58:00 +0100[diff] [blame]4632 if (pms) {
4633 if (free_pms)
4634 OPENSSL_clear_free(pms, pmslen);
4635 else
4636 OPENSSL_cleanse(pms, pmslen);
4637 }
Dr. Stephen Henson57b272b2015-06-17 04:10:04 +0100[diff] [blame]4638 if (s->server == 0)
4639 s->s3->tmp.pms = NULL;
Matt Caswell8c1a5342016-10-03 23:22:07 +0100[diff] [blame]4640 return ret;
Dr. Stephen Henson57b272b2015-06-17 04:10:04 +0100[diff] [blame]4641}
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4642
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4643/* Generate a private key from parameters */
4644EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm)
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4645{
4646 EVP_PKEY_CTX *pctx = NULL;
4647 EVP_PKEY *pkey = NULL;
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4648
4649 if (pm == NULL)
4650 return NULL;
4651 pctx = EVP_PKEY_CTX_new(pm, NULL);
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4652 if (pctx == NULL)
4653 goto err;
4654 if (EVP_PKEY_keygen_init(pctx) <= 0)
4655 goto err;
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4656 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4657 EVP_PKEY_free(pkey);
4658 pkey = NULL;
4659 }
4660
4661 err:
4662 EVP_PKEY_CTX_free(pctx);
4663 return pkey;
4664}
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4665#ifndef OPENSSL_NO_EC
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]4666/* Generate a private key from a group ID */
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4667EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4668{
4669 EVP_PKEY_CTX *pctx = NULL;
4670 EVP_PKEY *pkey = NULL;
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]4671 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4672 uint16_t gtype;
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4673
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4674 if (ginf == NULL) {
4675 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4676 ERR_R_INTERNAL_ERROR);
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4677 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4678 }
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]4679 gtype = ginf->flags & TLS_CURVE_TYPE;
4680 if (gtype == TLS_CURVE_CUSTOM)
4681 pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL);
4682 else
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4683 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4684 if (pctx == NULL) {
4685 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4686 ERR_R_MALLOC_FAILURE);
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4687 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4688 }
4689 if (EVP_PKEY_keygen_init(pctx) <= 0) {
4690 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4691 ERR_R_EVP_LIB);
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4692 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4693 }
Dr. Stephen Henson43b95d72017-09-23 00:15:34 +0100[diff] [blame]4694 if (gtype != TLS_CURVE_CUSTOM
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4695 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) {
4696 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4697 ERR_R_EVP_LIB);
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4698 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4699 }
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4700 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4701 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4702 ERR_R_EVP_LIB);
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4703 EVP_PKEY_free(pkey);
4704 pkey = NULL;
4705 }
4706
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4707 err:
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4708 EVP_PKEY_CTX_free(pctx);
4709 return pkey;
4710}
Dr. Stephen Henson612f9d22017-09-23 02:40:30 +0100[diff] [blame]4711
4712/*
4713 * Generate parameters from a group ID
4714 */
4715EVP_PKEY *ssl_generate_param_group(uint16_t id)
4716{
4717 EVP_PKEY_CTX *pctx = NULL;
4718 EVP_PKEY *pkey = NULL;
4719 const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4720
4721 if (ginf == NULL)
4722 goto err;
4723
4724 if ((ginf->flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
4725 pkey = EVP_PKEY_new();
4726 if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid))
4727 return pkey;
4728 EVP_PKEY_free(pkey);
4729 return NULL;
4730 }
4731
4732 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4733 if (pctx == NULL)
4734 goto err;
4735 if (EVP_PKEY_paramgen_init(pctx) <= 0)
4736 goto err;
4737 if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
4738 goto err;
4739 if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4740 EVP_PKEY_free(pkey);
4741 pkey = NULL;
4742 }
4743
4744 err:
4745 EVP_PKEY_CTX_free(pctx);
4746 return pkey;
4747}
Dr. Stephen Henson0a699a02016-08-15 14:07:33 +0100[diff] [blame]4748#endif
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4749
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4750/* Derive secrets for ECDH/DH */
4751int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4752{
4753 int rv = 0;
4754 unsigned char *pms = NULL;
4755 size_t pmslen = 0;
4756 EVP_PKEY_CTX *pctx;
4757
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4758 if (privkey == NULL || pubkey == NULL) {
4759 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4760 ERR_R_INTERNAL_ERROR);
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4761 return 0;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4762 }
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4763
4764 pctx = EVP_PKEY_CTX_new(privkey, NULL);
4765
4766 if (EVP_PKEY_derive_init(pctx) <= 0
4767 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4768 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4769 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4770 ERR_R_INTERNAL_ERROR);
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4771 goto err;
4772 }
4773
4774 pms = OPENSSL_malloc(pmslen);
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4775 if (pms == NULL) {
4776 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4777 ERR_R_MALLOC_FAILURE);
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4778 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4779 }
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4780
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4781 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4782 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4783 ERR_R_INTERNAL_ERROR);
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4784 goto err;
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4785 }
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4786
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4787 if (gensecret) {
Matt Caswellf63a17d2017-11-21 17:18:43 +0000[diff] [blame]4788 /* SSLfatal() called as appropriate in the below functions */
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4789 if (SSL_IS_TLS13(s)) {
4790 /*
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4791 * If we are resuming then we already generated the early secret
4792 * when we created the ClientHello, so don't recreate it.
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4793 */
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4794 if (!s->hit)
4795 rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4796 0,
4797 (unsigned char *)&s->early_secret);
Matt Caswell02470862017-01-18 17:22:18 +0000[diff] [blame]4798 else
4799 rv = 1;
4800
Matt Caswellec15acb2017-01-13 17:00:49 +0000[diff] [blame]4801 rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4802 } else {
Matt Caswellc8ab3a42017-01-30 19:36:51 +0000[diff] [blame]4803 rv = ssl_generate_master_secret(s, pms, pmslen, 0);
Matt Caswell92760c22016-11-09 14:06:12 +0000[diff] [blame]4804 }
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4805 } else {
Matt Caswell0f1e51e2016-11-02 15:03:56 +0000[diff] [blame]4806 /* Save premaster secret */
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4807 s->s3->tmp.pms = pms;
4808 s->s3->tmp.pmslen = pmslen;
4809 pms = NULL;
4810 rv = 1;
4811 }
4812
Emilia Kaspera230b262016-08-05 19:03:17 +0200[diff] [blame]4813 err:
Dr. Stephen Henson3f3504b2015-12-15 18:15:16 +0000[diff] [blame]4814 OPENSSL_clear_free(pms, pmslen);
4815 EVP_PKEY_CTX_free(pctx);
4816 return rv;
4817}
Dr. Stephen Henson6c4e6672015-12-18 15:58:28 +0000[diff] [blame]4818
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]4819#ifndef OPENSSL_NO_DH
Dr. Stephen Henson6c4e6672015-12-18 15:58:28 +0000[diff] [blame]4820EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4821{
4822 EVP_PKEY *ret;
4823 if (dh == NULL)
4824 return NULL;
4825 ret = EVP_PKEY_new();
4826 if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4827 EVP_PKEY_free(ret);
4828 return NULL;
4829 }
4830 return ret;
4831}
Ben Laurie1e0784f2016-01-01 15:39:31 +0000[diff] [blame]4832#endif