aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssl/ssl/s3_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/ssl/s3_lib.c')
-rw-r--r--crypto/openssl/ssl/s3_lib.c7173
1 files changed, 3784 insertions, 3389 deletions
diff --git a/crypto/openssl/ssl/s3_lib.c b/crypto/openssl/ssl/s3_lib.c
index 14373cdfa029..213ec84b171d 100644
--- a/crypto/openssl/ssl/s3_lib.c
+++ b/crypto/openssl/ssl/s3_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -23,9 +23,9 @@
#include "internal/cryptlib.h"
#include "internal/ssl_unwrap.h"
-#define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers)
-#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
-#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
+#define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers)
+#define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
+#define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
/* TLSv1.3 downgrade protection sentinel values */
const unsigned char tls11downgrade[] = {
@@ -46,13 +46,16 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_AES128GCM,
SSL_AEAD,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
128,
128,
- }, {
+ },
+ {
1,
TLS1_3_RFC_AES_256_GCM_SHA384,
TLS1_3_RFC_AES_256_GCM_SHA384,
@@ -61,8 +64,10 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_AES256GCM,
SSL_AEAD,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA384 | SSL_QUIC,
256,
@@ -77,8 +82,10 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_CHACHA20POLY1305,
SSL_AEAD,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
256,
@@ -93,13 +100,16 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_AES128CCM,
SSL_AEAD,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_NOT_DEFAULT | SSL_HIGH,
SSL_HANDSHAKE_MAC_SHA256,
128,
128,
- }, {
+ },
+ {
1,
TLS1_3_RFC_AES_128_CCM_8_SHA256,
TLS1_3_RFC_AES_128_CCM_8_SHA256,
@@ -108,8 +118,10 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_AES128CCM8,
SSL_AEAD,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_NOT_DEFAULT | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_SHA256,
64, /* CCM8 uses a short tag, so we have a low security strength */
@@ -125,13 +137,16 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_eNULL,
SSL_SHA256,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_NOT_DEFAULT | SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_SHA256,
0,
256,
- }, {
+ },
+ {
1,
TLS1_3_RFC_SHA384_SHA384,
TLS1_3_RFC_SHA384_SHA384,
@@ -140,8 +155,10 @@ static SSL_CIPHER tls13_ciphers[] = {
SSL_aANY,
SSL_eNULL,
SSL_SHA384,
- TLS1_3_VERSION, TLS1_3_VERSION,
- 0, 0,
+ TLS1_3_VERSION,
+ TLS1_3_VERSION,
+ 0,
+ 0,
SSL_NOT_DEFAULT | SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_SHA384,
0,
@@ -163,3113 +180,3495 @@ static SSL_CIPHER tls13_ciphers[] = {
static SSL_CIPHER ssl3_ciphers[] = {
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- SSL3_TXT_RSA_NULL_MD5,
- SSL3_RFC_RSA_NULL_MD5,
- SSL3_CK_RSA_NULL_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_MD5,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- SSL3_TXT_RSA_NULL_SHA,
- SSL3_RFC_RSA_NULL_SHA,
- SSL3_CK_RSA_NULL_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ SSL3_TXT_RSA_NULL_MD5,
+ SSL3_RFC_RSA_NULL_MD5,
+ SSL3_CK_RSA_NULL_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_MD5,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_SHA,
+ SSL3_RFC_RSA_NULL_SHA,
+ SSL3_CK_RSA_NULL_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
#endif
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
- 1,
- SSL3_TXT_RSA_DES_192_CBC3_SHA,
- SSL3_RFC_RSA_DES_192_CBC3_SHA,
- SSL3_CK_RSA_DES_192_CBC3_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
- {
- 1,
- SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
- SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
- SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
- {
- 1,
- SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
- SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
- SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
- {
- 1,
- SSL3_TXT_ADH_DES_192_CBC_SHA,
- SSL3_RFC_ADH_DES_192_CBC_SHA,
- SSL3_CK_ADH_DES_192_CBC_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
+ 1,
+ SSL3_TXT_RSA_DES_192_CBC3_SHA,
+ SSL3_RFC_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_RSA_DES_192_CBC3_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+ {
+ 1,
+ SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
+ SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+ {
+ 1,
+ SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
+ SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+ {
+ 1,
+ SSL3_TXT_ADH_DES_192_CBC_SHA,
+ SSL3_RFC_ADH_DES_192_CBC_SHA,
+ SSL3_CK_ADH_DES_192_CBC_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
#endif
{
- 1,
- TLS1_TXT_RSA_WITH_AES_128_SHA,
- TLS1_RFC_RSA_WITH_AES_128_SHA,
- TLS1_CK_RSA_WITH_AES_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
- TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
- TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
- TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
- TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_SHA,
- TLS1_RFC_ADH_WITH_AES_128_SHA,
- TLS1_CK_ADH_WITH_AES_128_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_SHA,
- TLS1_RFC_RSA_WITH_AES_256_SHA,
- TLS1_CK_RSA_WITH_AES_256_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
- TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
- TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
- TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
- TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_SHA,
- TLS1_RFC_ADH_WITH_AES_256_SHA,
- TLS1_CK_ADH_WITH_AES_256_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA,
+ TLS1_RFC_RSA_WITH_AES_128_SHA,
+ TLS1_CK_RSA_WITH_AES_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+ TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+ TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA,
+ TLS1_RFC_ADH_WITH_AES_128_SHA,
+ TLS1_CK_ADH_WITH_AES_128_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA,
+ TLS1_RFC_RSA_WITH_AES_256_SHA,
+ TLS1_CK_RSA_WITH_AES_256_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+ TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+ TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA,
+ TLS1_RFC_ADH_WITH_AES_256_SHA,
+ TLS1_CK_ADH_WITH_AES_256_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_RSA_WITH_NULL_SHA256,
- TLS1_RFC_RSA_WITH_NULL_SHA256,
- TLS1_CK_RSA_WITH_NULL_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_RSA_WITH_NULL_SHA256,
+ TLS1_RFC_RSA_WITH_NULL_SHA256,
+ TLS1_CK_RSA_WITH_NULL_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
#endif
{
- 1,
- TLS1_TXT_RSA_WITH_AES_128_SHA256,
- TLS1_RFC_RSA_WITH_AES_128_SHA256,
- TLS1_CK_RSA_WITH_AES_128_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_SHA256,
- TLS1_RFC_RSA_WITH_AES_256_SHA256,
- TLS1_CK_RSA_WITH_AES_256_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
- TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
- TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
- TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
- TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_SHA256,
- TLS1_RFC_ADH_WITH_AES_128_SHA256,
- TLS1_CK_ADH_WITH_AES_128_SHA256,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_SHA256,
- TLS1_RFC_ADH_WITH_AES_256_SHA256,
- TLS1_CK_ADH_WITH_AES_256_SHA256,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
- SSL_kDHE,
- SSL_aDSS,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
- SSL_kDHE,
- SSL_aNULL,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_CCM,
- TLS1_RFC_RSA_WITH_AES_128_CCM,
- TLS1_CK_RSA_WITH_AES_128_CCM,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_CCM,
- TLS1_RFC_RSA_WITH_AES_256_CCM,
- TLS1_CK_RSA_WITH_AES_256_CCM,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
- TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
- TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES128CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
- TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
- TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES256CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_128_CCM_8,
- TLS1_RFC_RSA_WITH_AES_128_CCM_8,
- TLS1_CK_RSA_WITH_AES_128_CCM_8,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES128CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_AES_256_CCM_8,
- TLS1_RFC_RSA_WITH_AES_256_CCM_8,
- TLS1_CK_RSA_WITH_AES_256_CCM_8,
- SSL_kRSA,
- SSL_aRSA,
- SSL_AES256CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
- TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
- TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES128CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
- TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
- TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
- SSL_kDHE,
- SSL_aRSA,
- SSL_AES256CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_CCM,
- TLS1_RFC_PSK_WITH_AES_128_CCM,
- TLS1_CK_PSK_WITH_AES_128_CCM,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_CCM,
- TLS1_RFC_PSK_WITH_AES_256_CCM,
- TLS1_CK_PSK_WITH_AES_256_CCM,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
- TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
- TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES128CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
- TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
- TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES256CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_CCM_8,
- TLS1_RFC_PSK_WITH_AES_128_CCM_8,
- TLS1_CK_PSK_WITH_AES_128_CCM_8,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_CCM_8,
- TLS1_RFC_PSK_WITH_AES_256_CCM_8,
- TLS1_CK_PSK_WITH_AES_256_CCM_8,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
- TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
- TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES128CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
- TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
- TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES256CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES128CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES256CCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES128CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES256CCM8,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 64, /* CCM8 uses a short tag, so we have a low security strength */
- 256,
- },
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_SHA256,
+ TLS1_RFC_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_SHA256,
+ TLS1_RFC_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_RSA_WITH_AES_256_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_SHA256,
+ TLS1_RFC_ADH_WITH_AES_128_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_SHA256,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_SHA256,
+ TLS1_RFC_ADH_WITH_AES_256_SHA256,
+ TLS1_CK_ADH_WITH_AES_256_SHA256,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_CCM,
+ TLS1_RFC_RSA_WITH_AES_128_CCM,
+ TLS1_CK_RSA_WITH_AES_128_CCM,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_CCM,
+ TLS1_RFC_RSA_WITH_AES_256_CCM,
+ TLS1_CK_RSA_WITH_AES_256_CCM,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
+ TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
+ TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
+ TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
+ TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES256CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_128_CCM_8,
+ TLS1_RFC_RSA_WITH_AES_128_CCM_8,
+ TLS1_CK_RSA_WITH_AES_128_CCM_8,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_AES_256_CCM_8,
+ TLS1_RFC_RSA_WITH_AES_256_CCM_8,
+ TLS1_CK_RSA_WITH_AES_256_CCM_8,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_AES256CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
+ TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
+ TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
+ TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
+ TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_AES256CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CCM,
+ TLS1_RFC_PSK_WITH_AES_128_CCM,
+ TLS1_CK_PSK_WITH_AES_128_CCM,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CCM,
+ TLS1_RFC_PSK_WITH_AES_256_CCM,
+ TLS1_CK_PSK_WITH_AES_256_CCM,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
+ TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
+ TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
+ TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
+ TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES256CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CCM_8,
+ TLS1_RFC_PSK_WITH_AES_128_CCM_8,
+ TLS1_CK_PSK_WITH_AES_128_CCM_8,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CCM_8,
+ TLS1_RFC_PSK_WITH_AES_256_CCM_8,
+ TLS1_CK_PSK_WITH_AES_256_CCM_8,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
+ TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
+ TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
+ TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
+ TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES256CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES128CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES256CCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES128CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES256CCM8,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 64, /* CCM8 uses a short tag, so we have a low security strength */
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
- TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_eNULL,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_3DES,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_3DES,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES128,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES256,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
- TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
- TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+ TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+#endif
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
- TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
- TLS1_CK_ECDH_anon_WITH_NULL_SHA,
- SSL_kECDHE,
- SSL_aNULL,
- SSL_eNULL,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+ TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
+ TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+ SSL_kECDHE,
+ SSL_aNULL,
+ SSL_eNULL,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHE,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
- TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE,
- SSL_aNULL,
- SSL_3DES,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
- TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
- SSL_kECDHE,
- SSL_aNULL,
- SSL_AES128,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
- TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
- SSL_kECDHE,
- SSL_aNULL,
- SSL_AES256,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES256,
- SSL_SHA384,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
- TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
- TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA384,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+ SSL_kECDHE,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_PSK_WITH_NULL_SHA,
- TLS1_RFC_PSK_WITH_NULL_SHA,
- TLS1_CK_PSK_WITH_NULL_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
- TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
- TLS1_CK_DHE_PSK_WITH_NULL_SHA,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
- TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
- TLS1_CK_RSA_PSK_WITH_NULL_SHA,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_PSK_WITH_NULL_SHA,
+ TLS1_RFC_PSK_WITH_NULL_SHA,
+ TLS1_CK_PSK_WITH_NULL_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
+ TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
+ TLS1_CK_DHE_PSK_WITH_NULL_SHA,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
+ TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
+ TLS1_CK_RSA_PSK_WITH_NULL_SHA,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+#endif
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
- TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
- TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
- TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
- TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
- TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
- TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
- TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
- TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
- TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
- TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
- TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
- TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
- TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
- TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
- SSL_kPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+#endif
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_PSK_WITH_NULL_SHA256,
- TLS1_RFC_PSK_WITH_NULL_SHA256,
- TLS1_CK_PSK_WITH_NULL_SHA256,
- SSL_kPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_NULL_SHA384,
- TLS1_RFC_PSK_WITH_NULL_SHA384,
- TLS1_CK_PSK_WITH_NULL_SHA384,
- SSL_kPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_PSK_WITH_NULL_SHA256,
+ TLS1_RFC_PSK_WITH_NULL_SHA256,
+ TLS1_CK_PSK_WITH_NULL_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_NULL_SHA384,
+ TLS1_RFC_PSK_WITH_NULL_SHA384,
+ TLS1_CK_PSK_WITH_NULL_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 0,
+ 0,
+ },
#endif
{
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
- TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
- TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
- TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
- TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
+ TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
+ TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 0,
+ 0,
+ },
#endif
{
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
- TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
- TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
- TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
- TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_eNULL,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
+ TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
+ TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 0,
+ 0,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_3DES,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
- TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
- TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
- TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_AES128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
- TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_AES256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_3DES,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+#endif
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+ TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_AES128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+ TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_AES256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
{
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
- TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
- TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
- TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
- TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 0,
- 0,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
- TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
- TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_eNULL,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_STRONG_NONE | SSL_FIPS,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 0,
- 0,
- },
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
+ TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
+ TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
+ TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
+ TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
+ TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_eNULL,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 0,
+ 0,
+ },
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
#endif
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
- TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_3DES,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 112,
- 168,
- },
-# endif
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
- TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
- TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
- TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_AES128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
- TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aSRP,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
- TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aRSA,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
- TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
- TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
- SSL_kSRP,
- SSL_aDSS,
- SSL_AES256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
-
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
- TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
- TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
- SSL_kDHE,
- SSL_aRSA,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
- TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
- TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
- TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
- TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
- TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
- TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
- SSL_kPSK,
- SSL_aPSK,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
- TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
- TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
- TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
- TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
- TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
- TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_CHACHA20POLY1305,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
-
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kDHE,
- SSL_aNULL,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_CAMELLIA256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
- TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
- SSL_kDHE,
- SSL_aNULL,
- SSL_CAMELLIA256,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
- TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_CAMELLIA256,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
- TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_CAMELLIA128,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kPSK,
- SSL_aPSK,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kPSK,
- SSL_aPSK,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_CAMELLIA128,
- SSL_SHA256,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_CAMELLIA256,
- SSL_SHA384,
- TLS1_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
+ TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_CHACHA20POLY1305,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_CAMELLIA256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_CAMELLIA256,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
+ TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_CAMELLIA256,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
+ TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_CAMELLIA128,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA128,
+ SSL_SHA256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_CAMELLIA256,
+ SSL_SHA384,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
#ifndef OPENSSL_NO_GOST
{
- 1,
- "GOST2001-GOST89-GOST89",
- "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
- 0x3000081,
- SSL_kGOST,
- SSL_aGOST01,
- SSL_eGOST2814789CNT,
- SSL_GOST89MAC,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
- 256,
- 256,
- },
-# ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
- {
- 1,
- "GOST2001-NULL-GOST94",
- "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
- 0x3000083,
- SSL_kGOST,
- SSL_aGOST01,
- SSL_eNULL,
- SSL_GOST94,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
- 0,
- 0,
- },
-# endif
- {
- 1,
- "IANA-GOST2012-GOST8912-GOST8912",
- NULL,
- 0x0300c102,
- SSL_kGOST,
- SSL_aGOST12 | SSL_aGOST01,
- SSL_eGOST2814789CNT12,
- SSL_GOST89MAC12,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
- 256,
- 256,
- },
- {
- 1,
- "LEGACY-GOST2012-GOST8912-GOST8912",
- NULL,
- 0x0300ff85,
- SSL_kGOST,
- SSL_aGOST12 | SSL_aGOST01,
- SSL_eGOST2814789CNT12,
- SSL_GOST89MAC12,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
- 256,
- 256,
- },
-# ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
- {
- 1,
- "GOST2012-NULL-GOST12",
- NULL,
- 0x0300ff87,
- SSL_kGOST,
- SSL_aGOST12 | SSL_aGOST01,
- SSL_eNULL,
- SSL_GOST12_256,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
- 0,
- 0,
- },
-# endif
- {
- 1,
- "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC",
- NULL,
- 0x0300C100,
- SSL_kGOST18,
- SSL_aGOST12,
- SSL_KUZNYECHIK,
- SSL_KUZNYECHIKOMAC,
- TLS1_2_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
- 256,
- 256,
- },
- {
- 1,
- "GOST2012-MAGMA-MAGMAOMAC",
- NULL,
- 0x0300C101,
- SSL_kGOST18,
- SSL_aGOST12,
- SSL_MAGMA,
- SSL_MAGMAOMAC,
- TLS1_2_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_HIGH,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
- 256,
- 256,
- },
-#endif /* OPENSSL_NO_GOST */
-
- {
- 1,
- SSL3_TXT_RSA_IDEA_128_SHA,
- SSL3_RFC_RSA_IDEA_128_SHA,
- SSL3_CK_RSA_IDEA_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_IDEA,
- SSL_SHA1,
- SSL3_VERSION, TLS1_1_VERSION,
- DTLS1_BAD_VER, DTLS1_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
-
- {
- 1,
- TLS1_TXT_RSA_WITH_SEED_SHA,
- TLS1_RFC_RSA_WITH_SEED_SHA,
- TLS1_CK_RSA_WITH_SEED_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_SEED,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
- TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
- TLS1_CK_DHE_DSS_WITH_SEED_SHA,
- SSL_kDHE,
- SSL_aDSS,
- SSL_SEED,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
- TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
- TLS1_CK_DHE_RSA_WITH_SEED_SHA,
- SSL_kDHE,
- SSL_aRSA,
- SSL_SEED,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ADH_WITH_SEED_SHA,
- TLS1_RFC_ADH_WITH_SEED_SHA,
- TLS1_CK_ADH_WITH_SEED_SHA,
- SSL_kDHE,
- SSL_aNULL,
- SSL_SEED,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- DTLS1_BAD_VER, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 128,
- 128,
- },
+ 1,
+ "GOST2001-GOST89-GOST89",
+ "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
+ 0x3000081,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+ 256,
+ 256,
+ },
+#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
+ {
+ 1,
+ "GOST2001-NULL-GOST94",
+ "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
+ 0x3000083,
+ SSL_kGOST,
+ SSL_aGOST01,
+ SSL_eNULL,
+ SSL_GOST94,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+ 0,
+ 0,
+ },
+#endif
+ {
+ 1,
+ "IANA-GOST2012-GOST8912-GOST8912",
+ NULL,
+ 0x0300c102,
+ SSL_kGOST,
+ SSL_aGOST12 | SSL_aGOST01,
+ SSL_eGOST2814789CNT12,
+ SSL_GOST89MAC12,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "LEGACY-GOST2012-GOST8912-GOST8912",
+ NULL,
+ 0x0300ff85,
+ SSL_kGOST,
+ SSL_aGOST12 | SSL_aGOST01,
+ SSL_eGOST2814789CNT12,
+ SSL_GOST89MAC12,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+ 256,
+ 256,
+ },
+#ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
+ {
+ 1,
+ "GOST2012-NULL-GOST12",
+ NULL,
+ 0x0300ff87,
+ SSL_kGOST,
+ SSL_aGOST12 | SSL_aGOST01,
+ SSL_eNULL,
+ SSL_GOST12_256,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_STRONG_NONE,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
+ 0,
+ 0,
+ },
+#endif
+ {
+ 1,
+ "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC",
+ NULL,
+ 0x0300C100,
+ SSL_kGOST18,
+ SSL_aGOST12,
+ SSL_KUZNYECHIK,
+ SSL_KUZNYECHIKOMAC,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "GOST2012-MAGMA-MAGMAOMAC",
+ NULL,
+ 0x0300C101,
+ SSL_kGOST18,
+ SSL_aGOST12,
+ SSL_MAGMA,
+ SSL_MAGMAOMAC,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_HIGH,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_GOST */
+
+ {
+ 1,
+ SSL3_TXT_RSA_IDEA_128_SHA,
+ SSL3_RFC_RSA_IDEA_128_SHA,
+ SSL3_CK_RSA_IDEA_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_IDEA,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_1_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_SEED_SHA,
+ TLS1_RFC_RSA_WITH_SEED_SHA,
+ TLS1_CK_RSA_WITH_SEED_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+ TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
+ TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+ TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
+ TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_SEED_SHA,
+ TLS1_RFC_ADH_WITH_SEED_SHA,
+ TLS1_CK_ADH_WITH_SEED_SHA,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_BAD_VER,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
{
- 1,
- SSL3_TXT_RSA_RC4_128_MD5,
- SSL3_RFC_RSA_RC4_128_MD5,
- SSL3_CK_RSA_RC4_128_MD5,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_MD5,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- SSL3_TXT_RSA_RC4_128_SHA,
- SSL3_RFC_RSA_RC4_128_SHA,
- SSL3_CK_RSA_RC4_128_SHA,
- SSL_kRSA,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- SSL3_TXT_ADH_RC4_128_MD5,
- SSL3_RFC_ADH_RC4_128_MD5,
- SSL3_CK_ADH_RC4_128_MD5,
- SSL_kDHE,
- SSL_aNULL,
- SSL_RC4,
- SSL_MD5,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
- TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
- TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
- SSL_kECDHEPSK,
- SSL_aPSK,
- SSL_RC4,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
- TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
- SSL_kECDHE,
- SSL_aNULL,
- SSL_RC4,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
- TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_RC4,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
- TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- TLS1_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_RC4_128_SHA,
- TLS1_RFC_PSK_WITH_RC4_128_SHA,
- TLS1_CK_PSK_WITH_RC4_128_SHA,
- SSL_kPSK,
- SSL_aPSK,
- SSL_RC4,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
- TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
- TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_RC4,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
- TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
- TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_RC4,
- SSL_SHA1,
- SSL3_VERSION, TLS1_2_VERSION,
- 0, 0,
- SSL_NOT_DEFAULT | SSL_MEDIUM,
- SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
- 80,
- 128,
- },
-#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
-
- {
- 1,
- TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
- SSL_kRSA,
- SSL_aRSA,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
- SSL_kRSA,
- SSL_aRSA,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
- SSL_kDHE,
- SSL_aRSA,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
- SSL_kDHE,
- SSL_aRSA,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
- SSL_kDHE,
- SSL_aDSS,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
- SSL_kDHE,
- SSL_aDSS,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
- SSL_kECDHE,
- SSL_aECDSA,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
- SSL_kECDHE,
- SSL_aRSA,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
- SSL_kPSK,
- SSL_aPSK,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
- SSL_kPSK,
- SSL_aPSK,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
- SSL_kDHEPSK,
- SSL_aPSK,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
- TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_ARIA128GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
- 128,
- 128,
- },
- {
- 1,
- TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
- TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
- SSL_kRSAPSK,
- SSL_aRSA,
- SSL_ARIA256GCM,
- SSL_AEAD,
- TLS1_2_VERSION, TLS1_2_VERSION,
- DTLS1_2_VERSION, DTLS1_2_VERSION,
- SSL_NOT_DEFAULT | SSL_HIGH,
- SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
- 256,
- 256,
- },
+ 1,
+ SSL3_TXT_RSA_RC4_128_MD5,
+ SSL3_RFC_RSA_RC4_128_MD5,
+ SSL3_CK_RSA_RC4_128_MD5,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_MD5,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_SHA,
+ SSL3_RFC_RSA_RC4_128_SHA,
+ SSL3_CK_RSA_RC4_128_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_128_MD5,
+ SSL3_RFC_ADH_RC4_128_MD5,
+ SSL3_CK_ADH_RC4_128_MD5,
+ SSL_kDHE,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_MD5,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
+ TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
+ SSL_kECDHEPSK,
+ SSL_aPSK,
+ SSL_RC4,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+ TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+ SSL_kECDHE,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_RC4,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ TLS1_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_RC4_128_SHA,
+ TLS1_RFC_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_PSK_WITH_RC4_128_SHA,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
+ TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
+ TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
+ TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL3_VERSION,
+ TLS1_2_VERSION,
+ 0,
+ 0,
+ SSL_NOT_DEFAULT | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 80,
+ 128,
+ },
+#endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
+
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHE,
+ SSL_aDSS,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aECDSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+ SSL_kECDHE,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kPSK,
+ SSL_aPSK,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kDHEPSK,
+ SSL_aPSK,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_ARIA128GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+ {
+ 1,
+ TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
+ SSL_kRSAPSK,
+ SSL_aRSA,
+ SSL_ARIA256GCM,
+ SSL_AEAD,
+ TLS1_2_VERSION,
+ TLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ DTLS1_2_VERSION,
+ SSL_NOT_DEFAULT | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
};
/*
@@ -3279,18 +3678,40 @@ static SSL_CIPHER ssl3_ciphers[] = {
*/
static SSL_CIPHER ssl3_scsvs[] = {
{
- 0,
- "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
- "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
- SSL3_CK_SCSV,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0,
+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
+ "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
+ SSL3_CK_SCSV,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
},
{
- 0,
- "TLS_FALLBACK_SCSV",
- "TLS_FALLBACK_SCSV",
- SSL3_CK_FALLBACK_SCSV,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0,
+ "TLS_FALLBACK_SCSV",
+ "TLS_FALLBACK_SCSV",
+ SSL3_CK_FALLBACK_SCSV,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
+ 0,
},
};
@@ -3307,15 +3728,15 @@ static int cipher_compare(const void *a, const void *b)
void ssl_sort_cipher_list(void)
{
qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
- cipher_compare);
+ cipher_compare);
qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
- cipher_compare);
+ cipher_compare);
qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
}
static int sslcon_undefined_function_1(SSL_CONNECTION *sc, unsigned char *r,
- size_t s, const char *t, size_t u,
- const unsigned char *v, size_t w, int x)
+ size_t s, const char *t, size_t u,
+ const unsigned char *v, size_t w, int x)
{
(void)r;
(void)s;
@@ -3372,7 +3793,7 @@ int ssl3_set_handshake_header(SSL_CONNECTION *s, WPACKET *pkt, int htype)
/* Set the content type and 3 bytes for the message len */
if (!WPACKET_put_bytes_u8(pkt, htype)
- || !WPACKET_start_sub_packet_u24(pkt))
+ || !WPACKET_start_sub_packet_u24(pkt))
return 0;
return 1;
@@ -3555,50 +3976,46 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ret = (int)(sc->s3.flags);
break;
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
- case SSL_CTRL_SET_TMP_DH:
- {
- EVP_PKEY *pkdh = NULL;
- if (parg == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- pkdh = ssl_dh_to_pkey(parg);
- if (pkdh == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
- return 0;
- }
- if (!SSL_set0_tmp_dh_pkey(s, pkdh)) {
- EVP_PKEY_free(pkdh);
- return 0;
- }
- return 1;
+ case SSL_CTRL_SET_TMP_DH: {
+ EVP_PKEY *pkdh = NULL;
+ if (parg == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
}
- break;
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return ret;
+ pkdh = ssl_dh_to_pkey(parg);
+ if (pkdh == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
+ return 0;
+ }
+ if (!SSL_set0_tmp_dh_pkey(s, pkdh)) {
+ EVP_PKEY_free(pkdh);
+ return 0;
}
+ return 1;
+ } break;
+ case SSL_CTRL_SET_TMP_DH_CB: {
+ ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return ret;
+ }
#endif
case SSL_CTRL_SET_DH_AUTO:
sc->cert->dh_tmp_auto = larg;
return 1;
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
- case SSL_CTRL_SET_TMP_ECDH:
- {
- if (parg == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return ssl_set_tmp_ecdh_groups(&sc->ext.supportedgroups,
- &sc->ext.supportedgroups_len,
- &sc->ext.keyshares,
- &sc->ext.keyshares_len,
- &sc->ext.tuples,
- &sc->ext.tuples_len,
- parg);
+ case SSL_CTRL_SET_TMP_ECDH: {
+ if (parg == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
}
-#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
+ return ssl_set_tmp_ecdh_groups(&sc->ext.supportedgroups,
+ &sc->ext.supportedgroups_len,
+ &sc->ext.keyshares,
+ &sc->ext.keyshares_len,
+ &sc->ext.tuples,
+ &sc->ext.tuples_len,
+ parg);
+ }
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
/*
* This API is only used for a client to set what SNI it will request
@@ -3668,7 +4085,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
*(unsigned char **)parg = sc->ext.ocsp.resp;
if (sc->ext.ocsp.resp_len == 0
- || sc->ext.ocsp.resp_len > LONG_MAX)
+ || sc->ext.ocsp.resp_len > LONG_MAX)
return -1;
return (long)sc->ext.ocsp.resp_len;
@@ -3720,70 +4137,67 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
}
return ssl_cert_set_current(sc->cert, larg);
- case SSL_CTRL_GET_GROUPS:
- {
- uint16_t *clist;
- size_t clistlen;
+ case SSL_CTRL_GET_GROUPS: {
+ uint16_t *clist;
+ size_t clistlen;
- if (!sc->session)
- return 0;
- clist = sc->ext.peer_supportedgroups;
- clistlen = sc->ext.peer_supportedgroups_len;
- if (parg) {
- size_t i;
- int *cptr = parg;
-
- for (i = 0; i < clistlen; i++) {
- const TLS_GROUP_INFO *cinf
- = tls1_group_id_lookup(s->ctx, clist[i]);
-
- if (cinf != NULL)
- cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
- else
- cptr[i] = TLSEXT_nid_unknown | clist[i];
- }
+ if (!sc->session)
+ return 0;
+ clist = sc->ext.peer_supportedgroups;
+ clistlen = sc->ext.peer_supportedgroups_len;
+ if (parg) {
+ size_t i;
+ int *cptr = parg;
+
+ for (i = 0; i < clistlen; i++) {
+ const TLS_GROUP_INFO *cinf
+ = tls1_group_id_lookup(s->ctx, clist[i]);
+
+ if (cinf != NULL)
+ cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
+ else
+ cptr[i] = TLSEXT_nid_unknown | clist[i];
}
- return (int)clistlen;
}
+ return (int)clistlen;
+ }
case SSL_CTRL_SET_GROUPS:
return tls1_set_groups(&sc->ext.supportedgroups,
- &sc->ext.supportedgroups_len,
- &sc->ext.keyshares,
- &sc->ext.keyshares_len,
- &sc->ext.tuples,
- &sc->ext.tuples_len,
- parg, larg);
+ &sc->ext.supportedgroups_len,
+ &sc->ext.keyshares,
+ &sc->ext.keyshares_len,
+ &sc->ext.tuples,
+ &sc->ext.tuples_len,
+ parg, larg);
case SSL_CTRL_SET_GROUPS_LIST:
return tls1_set_groups_list(s->ctx,
- &sc->ext.supportedgroups,
- &sc->ext.supportedgroups_len,
- &sc->ext.keyshares,
- &sc->ext.keyshares_len,
- &sc->ext.tuples,
- &sc->ext.tuples_len,
- parg);
-
- case SSL_CTRL_GET_SHARED_GROUP:
- {
- uint16_t id = tls1_shared_group(sc, larg);
-
- if (larg != -1)
- return tls1_group_id2nid(id, 1);
- return id;
- }
- case SSL_CTRL_GET_NEGOTIATED_GROUP:
- {
- unsigned int id;
-
- if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
- id = sc->s3.group_id;
- else
- id = (sc->session != NULL) ? sc->session->kex_group : NID_undef;
- ret = tls1_group_id2nid(id, 1);
- break;
- }
+ &sc->ext.supportedgroups,
+ &sc->ext.supportedgroups_len,
+ &sc->ext.keyshares,
+ &sc->ext.keyshares_len,
+ &sc->ext.tuples,
+ &sc->ext.tuples_len,
+ parg);
+
+ case SSL_CTRL_GET_SHARED_GROUP: {
+ uint16_t id = tls1_shared_group(sc, larg);
+
+ if (larg != -1)
+ return tls1_group_id2nid(id, 1);
+ return id;
+ }
+ case SSL_CTRL_GET_NEGOTIATED_GROUP: {
+ unsigned int id;
+
+ if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
+ id = sc->s3.group_id;
+ else
+ id = (sc->session != NULL) ? sc->session->kex_group : NID_undef;
+ ret = tls1_group_id2nid(id, 1);
+ break;
+ }
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(sc->cert, parg, larg, 0);
@@ -3796,15 +4210,14 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1);
- case SSL_CTRL_GET_CLIENT_CERT_TYPES:
- {
- const unsigned char **pctype = parg;
- if (sc->server || !sc->s3.tmp.cert_req)
- return 0;
- if (pctype)
- *pctype = sc->s3.tmp.ctype;
- return sc->s3.tmp.ctype_len;
- }
+ case SSL_CTRL_GET_CLIENT_CERT_TYPES: {
+ const unsigned char **pctype = parg;
+ if (sc->server || !sc->s3.tmp.cert_req)
+ return 0;
+ if (pctype)
+ *pctype = sc->s3.tmp.ctype;
+ return sc->s3.tmp.ctype_len;
+ }
case SSL_CTRL_SET_CLIENT_CERT_TYPES:
if (!sc->server)
@@ -3872,23 +4285,21 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return 1;
}
- case SSL_CTRL_GET_EC_POINT_FORMATS:
- {
- const unsigned char **pformat = parg;
+ case SSL_CTRL_GET_EC_POINT_FORMATS: {
+ const unsigned char **pformat = parg;
- if (sc->ext.peer_ecpointformats == NULL)
- return 0;
- *pformat = sc->ext.peer_ecpointformats;
- return (int)sc->ext.peer_ecpointformats_len;
- }
+ if (sc->ext.peer_ecpointformats == NULL)
+ return 0;
+ *pformat = sc->ext.peer_ecpointformats;
+ return (int)sc->ext.peer_ecpointformats_len;
+ }
- case SSL_CTRL_GET_IANA_GROUPS:
- {
- if (parg != NULL) {
- *(uint16_t **)parg = (uint16_t *)sc->ext.peer_supportedgroups;
- }
- return (int)sc->ext.peer_supportedgroups_len;
+ case SSL_CTRL_GET_IANA_GROUPS: {
+ if (parg != NULL) {
+ *(uint16_t **)parg = (uint16_t *)sc->ext.peer_supportedgroups;
}
+ return (int)sc->ext.peer_supportedgroups_len;
+ }
case SSL_CTRL_SET_MSG_CALLBACK_ARG:
sc->msg_callback_arg = parg;
@@ -3900,7 +4311,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return ret;
}
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
{
int ret = 0;
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
@@ -3917,7 +4328,7 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
#endif
case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
sc->ext.debug_cb = (void (*)(SSL *, int, int,
- const unsigned char *, int, void *))fp;
+ const unsigned char *, int, void *))fp;
ret = 1;
break;
@@ -3939,88 +4350,80 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
{
switch (cmd) {
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
- case SSL_CTRL_SET_TMP_DH:
- {
- EVP_PKEY *pkdh = NULL;
- if (parg == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- pkdh = ssl_dh_to_pkey(parg);
- if (pkdh == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
- return 0;
- }
- if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) {
- EVP_PKEY_free(pkdh);
- return 0;
- }
- return 1;
+ case SSL_CTRL_SET_TMP_DH: {
+ EVP_PKEY *pkdh = NULL;
+ if (parg == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
}
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ pkdh = ssl_dh_to_pkey(parg);
+ if (pkdh == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
+ return 0;
+ }
+ if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) {
+ EVP_PKEY_free(pkdh);
return 0;
}
+ return 1;
+ }
+ case SSL_CTRL_SET_TMP_DH_CB: {
+ ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
#endif
case SSL_CTRL_SET_DH_AUTO:
ctx->cert->dh_tmp_auto = larg;
return 1;
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
- case SSL_CTRL_SET_TMP_ECDH:
- {
- if (parg == NULL) {
- ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
- &ctx->ext.supportedgroups_len,
- &ctx->ext.keyshares,
- &ctx->ext.keyshares_len,
- &ctx->ext.tuples,
- &ctx->ext.tuples_len,
- parg);
+ case SSL_CTRL_SET_TMP_ECDH: {
+ if (parg == NULL) {
+ ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
}
-#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
+ return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
+ &ctx->ext.supportedgroups_len,
+ &ctx->ext.keyshares,
+ &ctx->ext.keyshares_len,
+ &ctx->ext.tuples,
+ &ctx->ext.tuples_len,
+ parg);
+ }
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
ctx->ext.servername_arg = parg;
break;
case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
- case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
- {
- unsigned char *keys = parg;
- long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
- sizeof(ctx->ext.secure->tick_hmac_key) +
- sizeof(ctx->ext.secure->tick_aes_key));
- if (keys == NULL)
- return tick_keylen;
- if (larg != tick_keylen) {
- ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
- return 0;
- }
- if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
- memcpy(ctx->ext.tick_key_name, keys,
- sizeof(ctx->ext.tick_key_name));
- memcpy(ctx->ext.secure->tick_hmac_key,
- keys + sizeof(ctx->ext.tick_key_name),
- sizeof(ctx->ext.secure->tick_hmac_key));
- memcpy(ctx->ext.secure->tick_aes_key,
- keys + sizeof(ctx->ext.tick_key_name) +
- sizeof(ctx->ext.secure->tick_hmac_key),
- sizeof(ctx->ext.secure->tick_aes_key));
- } else {
- memcpy(keys, ctx->ext.tick_key_name,
- sizeof(ctx->ext.tick_key_name));
- memcpy(keys + sizeof(ctx->ext.tick_key_name),
- ctx->ext.secure->tick_hmac_key,
- sizeof(ctx->ext.secure->tick_hmac_key));
- memcpy(keys + sizeof(ctx->ext.tick_key_name) +
- sizeof(ctx->ext.secure->tick_hmac_key),
- ctx->ext.secure->tick_aes_key,
- sizeof(ctx->ext.secure->tick_aes_key));
- }
- return 1;
+ case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: {
+ unsigned char *keys = parg;
+ long tick_keylen = (sizeof(ctx->ext.tick_key_name) + sizeof(ctx->ext.secure->tick_hmac_key) + sizeof(ctx->ext.secure->tick_aes_key));
+ if (keys == NULL)
+ return tick_keylen;
+ if (larg != tick_keylen) {
+ ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ return 0;
}
+ if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+ memcpy(ctx->ext.tick_key_name, keys,
+ sizeof(ctx->ext.tick_key_name));
+ memcpy(ctx->ext.secure->tick_hmac_key,
+ keys + sizeof(ctx->ext.tick_key_name),
+ sizeof(ctx->ext.secure->tick_hmac_key));
+ memcpy(ctx->ext.secure->tick_aes_key,
+ keys + sizeof(ctx->ext.tick_key_name) + sizeof(ctx->ext.secure->tick_hmac_key),
+ sizeof(ctx->ext.secure->tick_aes_key));
+ } else {
+ memcpy(keys, ctx->ext.tick_key_name,
+ sizeof(ctx->ext.tick_key_name));
+ memcpy(keys + sizeof(ctx->ext.tick_key_name),
+ ctx->ext.secure->tick_hmac_key,
+ sizeof(ctx->ext.secure->tick_hmac_key));
+ memcpy(keys + sizeof(ctx->ext.tick_key_name) + sizeof(ctx->ext.secure->tick_hmac_key),
+ ctx->ext.secure->tick_aes_key,
+ sizeof(ctx->ext.secure->tick_aes_key));
+ }
+ return 1;
+ }
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
return ctx->ext.status_type;
@@ -4034,11 +4437,11 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
- *(void**)parg = ctx->ext.status_arg;
+ *(void **)parg = ctx->ext.status_arg;
break;
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
- *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
+ *(int (**)(SSL *, void *))parg = ctx->ext.status_cb;
break;
#ifndef OPENSSL_NO_SRP
@@ -4058,8 +4461,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
}
break;
case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
- ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
- srp_password_from_info_cb;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = srp_password_from_info_cb;
if (ctx->srp_ctx.info != NULL)
OPENSSL_free(ctx->srp_ctx.info);
if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) {
@@ -4079,28 +4481,28 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
case SSL_CTRL_SET_GROUPS:
return tls1_set_groups(&ctx->ext.supportedgroups,
- &ctx->ext.supportedgroups_len,
- &ctx->ext.keyshares,
- &ctx->ext.keyshares_len,
- &ctx->ext.tuples,
- &ctx->ext.tuples_len,
- parg, larg);
+ &ctx->ext.supportedgroups_len,
+ &ctx->ext.keyshares,
+ &ctx->ext.keyshares_len,
+ &ctx->ext.tuples,
+ &ctx->ext.tuples_len,
+ parg, larg);
case SSL_CTRL_SET_GROUPS_LIST:
return tls1_set_groups_list(ctx,
- &ctx->ext.supportedgroups,
- &ctx->ext.supportedgroups_len,
- &ctx->ext.keyshares,
- &ctx->ext.keyshares_len,
- &ctx->ext.tuples,
- &ctx->ext.tuples_len,
- parg);
+ &ctx->ext.supportedgroups,
+ &ctx->ext.supportedgroups_len,
+ &ctx->ext.keyshares,
+ &ctx->ext.keyshares_len,
+ &ctx->ext.tuples,
+ &ctx->ext.tuples_len,
+ parg);
case SSL_CTRL_GET0_IMPLEMENTED_GROUPS:
return tls1_get0_implemented_groups(ctx->min_proto_version,
- ctx->max_proto_version,
- ctx->group_list,
- ctx->group_list_len, larg, parg);
+ ctx->max_proto_version,
+ ctx->group_list,
+ ctx->group_list_len, larg, parg);
case SSL_CTRL_SET_SIGALGS:
return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
@@ -4186,15 +4588,13 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 1;
}
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
{
switch (cmd) {
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
- case SSL_CTRL_SET_TMP_DH_CB:
- {
- ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
- break;
+ case SSL_CTRL_SET_TMP_DH_CB: {
+ ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+ } break;
#endif
case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
@@ -4204,12 +4604,12 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
break;
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+#ifndef OPENSSL_NO_DEPRECATED_3_0
case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
- unsigned char *,
- EVP_CIPHER_CTX *,
- HMAC_CTX *, int))fp;
+ unsigned char *,
+ EVP_CIPHER_CTX *,
+ HMAC_CTX *, int))fp;
break;
#endif
@@ -4220,29 +4620,23 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
break;
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.TLS_ext_srp_username_callback =
- (int (*)(SSL *, int *, void *))fp;
+ ctx->srp_ctx.TLS_ext_srp_username_callback = (int (*)(SSL *, int *, void *))fp;
break;
case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
- (char *(*)(SSL *, void *))fp;
+ ctx->srp_ctx.SRP_give_srp_client_pwd_callback = (char *(*)(SSL *, void *))fp;
break;
#endif
- case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
- {
- ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
- }
- break;
+ case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB: {
+ ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
+ } break;
default:
return 0;
}
return 1;
}
-int SSL_CTX_set_tlsext_ticket_key_evp_cb
- (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
- EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
+int SSL_CTX_set_tlsext_ticket_key_evp_cb(SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *, EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
{
ctx->ext.ticket_key_evp_cb = fp;
return 1;
@@ -4266,9 +4660,8 @@ const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
{
SSL_CIPHER *tbl;
- SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs};
- size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS,
- SSL3_NUM_SCSVS};
+ SSL_CIPHER *alltabs[] = { tls13_ciphers, ssl3_ciphers, ssl3_scsvs };
+ size_t i, j, tblsize[] = { TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS, SSL3_NUM_SCSVS };
/* this is not efficient, necessary to optimize this? */
for (j = 0; j < OSSL_NELEM(alltabs); j++) {
@@ -4290,8 +4683,8 @@ const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
{
return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
- | ((uint32_t)p[0] << 8L)
- | (uint32_t)p[1]);
+ | ((uint32_t)p[0] << 8L)
+ | (uint32_t)p[1]);
}
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
@@ -4317,7 +4710,7 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
* Returns the selected cipher or NULL when no common ciphers.
*/
const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *clnt,
- STACK_OF(SSL_CIPHER) *srvr)
+ STACK_OF(SSL_CIPHER) *srvr)
{
const SSL_CIPHER *c, *ret = NULL;
STACK_OF(SSL_CIPHER) *prio, *allow;
@@ -4334,20 +4727,22 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *cl
* pay with the price of sk_SSL_CIPHER_dup().
*/
- OSSL_TRACE_BEGIN(TLS_CIPHER) {
+ OSSL_TRACE_BEGIN(TLS_CIPHER)
+ {
BIO_printf(trc_out, "Server has %d from %p:\n",
- sk_SSL_CIPHER_num(srvr), (void *)srvr);
+ sk_SSL_CIPHER_num(srvr), (void *)srvr);
for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
c = sk_SSL_CIPHER_value(srvr, i);
BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
}
BIO_printf(trc_out, "Client sent %d from %p:\n",
- sk_SSL_CIPHER_num(clnt), (void *)clnt);
+ sk_SSL_CIPHER_num(clnt), (void *)clnt);
for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
c = sk_SSL_CIPHER_value(clnt, i);
BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
}
- } OSSL_TRACE_END(TLS_CIPHER);
+ }
+ OSSL_TRACE_END(TLS_CIPHER);
/* SUITE-B takes precedence over server preference and ChaCha priortiy */
if (tls1_suiteb(s)) {
@@ -4412,7 +4807,8 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *cl
* that.
*/
if (s->psk_server_callback != NULL) {
- for (j = 0; j < s->ssl_pkey_num && !ssl_has_cert(s, j); j++);
+ for (j = 0; j < s->ssl_pkey_num && !ssl_has_cert(s, j); j++)
+ ;
if (j == s->ssl_pkey_num) {
/* There are no certificates */
prefer_sha256 = 1;
@@ -4457,12 +4853,12 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *cl
/* with PSK there must be server callback set */
if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
continue;
-#endif /* OPENSSL_NO_PSK */
+#endif /* OPENSSL_NO_PSK */
ok = (alg_k & mask_k) && (alg_a & mask_a);
OSSL_TRACE7(TLS_CIPHER,
- "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
- ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
+ "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
+ ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
/*
* if we are considering an ECC cipher suite that uses an ephemeral
@@ -4478,7 +4874,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *cl
if (ii >= 0) {
/* Check security callback permits this cipher */
if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
- c->strength_bits, 0, (void *)c))
+ c->strength_bits, 0, (void *)c))
continue;
if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
@@ -4491,10 +4887,10 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *cl
if (prefer_sha256) {
const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
const EVP_MD *md = ssl_md(SSL_CONNECTION_GET_CTX(s),
- tmp->algorithm2);
+ tmp->algorithm2);
if (md != NULL
- && EVP_MD_is_a(md, OSSL_DIGEST_NAME_SHA2_256)) {
+ && EVP_MD_is_a(md, OSSL_DIGEST_NAME_SHA2_256)) {
ret = tmp;
break;
}
@@ -4543,7 +4939,7 @@ int ssl3_get_req_cert_type(SSL_CONNECTION *s, WPACKET *pkt)
if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
return 0;
if (!(alg_a & SSL_aDSS)
- && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
+ && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
return 0;
}
if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
@@ -4556,8 +4952,8 @@ int ssl3_get_req_cert_type(SSL_CONNECTION *s, WPACKET *pkt)
* need to check for SSL_kECDH or SSL_kECDHE
*/
if (s->version >= TLS1_VERSION
- && !(alg_a & SSL_aECDSA)
- && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
+ && !(alg_a & SSL_aECDSA)
+ && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
return 0;
return 1;
@@ -4604,7 +5000,7 @@ int ssl3_shutdown(SSL *s)
* written, s->s3.alert_dispatch will be > 0
*/
if (sc->s3.alert_dispatch > 0)
- return -1; /* return WANT_WRITE */
+ return -1; /* return WANT_WRITE */
} else if (sc->s3.alert_dispatch > 0) {
/* resend it if not sent */
ret = s->method->ssl_dispatch_alert(s);
@@ -4623,12 +5019,12 @@ int ssl3_shutdown(SSL *s)
*/
s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
if (!(sc->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- return -1; /* return WANT_READ */
+ return -1; /* return WANT_READ */
}
}
if ((sc->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
- && sc->s3.alert_dispatch == SSL_ALERT_DISPATCH_NONE)
+ && sc->s3.alert_dispatch == SSL_ALERT_DISPATCH_NONE)
return 1;
else
return 0;
@@ -4646,11 +5042,11 @@ int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
ssl3_renegotiate_check(s, 0);
return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
- written);
+ written);
}
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
- size_t *readbytes)
+ size_t *readbytes)
{
int ret;
SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
@@ -4662,9 +5058,8 @@ static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
if (sc->s3.renegotiate)
ssl3_renegotiate_check(s, 0);
sc->s3.in_read_app_data = 1;
- ret =
- s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
- peek, readbytes);
+ ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
+ peek, readbytes);
if ((ret == -1) && (sc->s3.in_read_app_data == 2)) {
/*
* ssl3_read_bytes decided to call s->handshake_func, which called
@@ -4674,9 +5069,8 @@ static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
* application data again.
*/
ossl_statem_set_in_handshake(sc, 1);
- ret =
- s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
- len, peek, readbytes);
+ ret = s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
+ len, peek, readbytes);
ossl_statem_set_in_handshake(sc, 0);
} else
sc->s3.in_read_app_data = 0;
@@ -4772,8 +5166,8 @@ long ssl_get_algorithm2(SSL_CONNECTION *s)
* failure, 1 on success.
*/
int ssl_fill_hello_random(SSL_CONNECTION *s, int server,
- unsigned char *result, size_t len,
- DOWNGRADE dgrd)
+ unsigned char *result, size_t len,
+ DOWNGRADE dgrd)
{
int send_time = 0, ret;
@@ -4795,21 +5189,21 @@ int ssl_fill_hello_random(SSL_CONNECTION *s, int server,
if (ret > 0) {
if (!ossl_assert(sizeof(tls11downgrade) < len)
- || !ossl_assert(sizeof(tls12downgrade) < len))
- return 0;
+ || !ossl_assert(sizeof(tls12downgrade) < len))
+ return 0;
if (dgrd == DOWNGRADE_TO_1_2)
memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
- sizeof(tls12downgrade));
+ sizeof(tls12downgrade));
else if (dgrd == DOWNGRADE_TO_1_1)
memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
- sizeof(tls11downgrade));
+ sizeof(tls11downgrade));
}
return ret;
}
int ssl_generate_master_secret(SSL_CONNECTION *s, unsigned char *pms,
- size_t pmslen, int free_pms)
+ size_t pmslen, int free_pms)
{
unsigned long alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
int ret = 0;
@@ -4845,8 +5239,8 @@ int ssl_generate_master_secret(SSL_CONNECTION *s, unsigned char *pms,
s->s3.tmp.psk = NULL;
s->s3.tmp.psklen = 0;
if (!ssl->method->ssl3_enc->generate_master_secret(s,
- s->session->master_key, pskpms, pskpmslen,
- &s->session->master_key_length)) {
+ s->session->master_key, pskpms, pskpmslen,
+ &s->session->master_key_length)) {
OPENSSL_clear_free(pskpms, pskpmslen);
/* SSLfatal() already called */
goto err;
@@ -4866,7 +5260,7 @@ int ssl_generate_master_secret(SSL_CONNECTION *s, unsigned char *pms,
}
ret = 1;
- err:
+err:
if (pms) {
if (free_pms)
OPENSSL_clear_free(pms, pmslen);
@@ -4899,7 +5293,7 @@ EVP_PKEY *ssl_generate_pkey(SSL_CONNECTION *s, EVP_PKEY *pm)
pkey = NULL;
}
- err:
+err:
EVP_PKEY_CTX_free(pctx);
return pkey;
}
@@ -4918,7 +5312,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id)
}
pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
- sctx->propq);
+ sctx->propq);
if (pctx == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
@@ -4938,7 +5332,7 @@ EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id)
pkey = NULL;
}
- err:
+err:
EVP_PKEY_CTX_free(pctx);
return pkey;
}
@@ -4957,7 +5351,7 @@ EVP_PKEY *ssl_generate_param_group(SSL_CONNECTION *s, uint16_t id)
goto err;
pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
- sctx->propq);
+ sctx->propq);
if (pctx == NULL)
goto err;
@@ -4972,7 +5366,7 @@ EVP_PKEY *ssl_generate_param_group(SSL_CONNECTION *s, uint16_t id)
pkey = NULL;
}
- err:
+err:
EVP_PKEY_CTX_free(pctx);
return pkey;
}
@@ -4990,8 +5384,8 @@ int ssl_gensecret(SSL_CONNECTION *s, unsigned char *pms, size_t pmslen)
*/
if (!s->hit)
rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
- 0,
- (unsigned char *)&s->early_secret);
+ 0,
+ (unsigned char *)&s->early_secret);
else
rv = 1;
@@ -5026,7 +5420,7 @@ int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gense
goto err;
}
- if (SSL_CONNECTION_IS_TLS13(s) && EVP_PKEY_is_a(privkey, "DH"))
+ if (SSL_CONNECTION_IS_TLS13(s) && EVP_PKEY_is_a(privkey, "DH"))
EVP_PKEY_CTX_set_dh_pad(pctx, 1);
pms = OPENSSL_malloc(pmslen);
@@ -5054,7 +5448,7 @@ int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gense
rv = 1;
}
- err:
+err:
OPENSSL_clear_free(pms, pmslen);
EVP_PKEY_CTX_free(pctx);
return rv;
@@ -5062,8 +5456,8 @@ int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gense
/* Decapsulate secrets for KEM */
int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey,
- const unsigned char *ct, size_t ctlen,
- int gensecret)
+ const unsigned char *ct, size_t ctlen,
+ int gensecret)
{
int rv = 0;
unsigned char *pms = NULL;
@@ -5079,7 +5473,7 @@ int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey,
pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, privkey, sctx->propq);
if (EVP_PKEY_decapsulate_init(pctx, NULL) <= 0
- || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
+ || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -5106,15 +5500,15 @@ int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey,
rv = 1;
}
- err:
+err:
OPENSSL_clear_free(pms, pmslen);
EVP_PKEY_CTX_free(pctx);
return rv;
}
int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey,
- unsigned char **ctp, size_t *ctlenp,
- int gensecret)
+ unsigned char **ctp, size_t *ctlenp,
+ int gensecret)
{
int rv = 0;
unsigned char *pms = NULL, *ct = NULL;
@@ -5130,8 +5524,8 @@ int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey,
pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pubkey, sctx->propq);
if (EVP_PKEY_encapsulate_init(pctx, NULL) <= 0
- || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
- || pmslen == 0 || ctlen == 0) {
+ || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
+ || pmslen == 0 || ctlen == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
@@ -5166,7 +5560,7 @@ int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey,
ct = NULL;
}
- err:
+err:
OPENSSL_clear_free(pms, pmslen);
OPENSSL_free(ct);
EVP_PKEY_CTX_free(pctx);
@@ -5189,7 +5583,8 @@ const char *SSL_get0_group_name(SSL *s)
return tls1_group_id2name(s->ctx, id);
}
-const char *SSL_group_to_name(SSL *s, int nid) {
+const char *SSL_group_to_name(SSL *s, int nid)
+{
int group_id = 0;
const TLS_GROUP_INFO *cinf = NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-28 16:09:07 +0000