Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
s3_lib.c 129.2 KB
Newer Older
R
Copyright consolidation 01/10  
Rich Salz 已提交
1 
/*
N
TLS Cipher Suite 0xC102 Support  
Nikolay Morozov 已提交
2 
 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
R
Modify Sun copyright to follow OpenSSL style  
Rich Salz 已提交
3 
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
R
Merge Nokia copyright notice into standard  
Rich Salz 已提交
4 
 * Copyright 2005 Nokia. All rights reserved.
B
First step towards SSL_peek fix.  
Bodo Möller 已提交
5 
 *
R
Following the license change, modify the boilerplates in ssl/  
Richard Levitte 已提交
6 
 * Licensed under the Apache License 2.0 (the "License").  You may not use
R
Copyright consolidation 01/10  
Rich Salz 已提交
7 8 9 
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
B
First step towards SSL_peek fix.  
Bodo Möller 已提交
10 
 */
R
Copyright consolidation 01/10  
Rich Salz 已提交
11
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
12 
#include <stdio.h>
B
Change #include filenames from <foo.h> to <openssl.h>.  
Bodo Möller 已提交
13 
#include <openssl/objects.h>
P
e_os.h removal from other headers and source files.  
Pauli 已提交
14 
#include "internal/nelem.h"
D
Reorganize local header files  
Dr. Matthias St. Pierre 已提交
15 
#include "ssl_local.h"
B
Really add the EVP and all of the DES changes.  
Ben Laurie 已提交
16 
#include <openssl/md5.h>
R
Remove #error from include files.  
Rich Salz 已提交
17 
#include <openssl/dh.h>
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
18 
#include <openssl/rand.h>
R
Adapt CIPHER_DEBUG to the new generic trace API  
Richard Levitte 已提交
19 
#include <openssl/trace.h>
M
Explicitly cache X509v3 extensions in libssl  
Matt Caswell 已提交
20 
#include <openssl/x509v3.h>
R
Add missing include of cryptlib.h  
Rich Salz 已提交
21 
#include "internal/cryptlib.h"
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
22
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
23 
#define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
D
Add OSSL_NELEM macro.  
Dr. Stephen Henson 已提交
24 
#define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
25 
#define SSL3_NUM_SCSVS          OSSL_NELEM(ssl3_scsvs)
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
26
M
Move the downgrade sentinel declarations to a header file  
Matt Caswell 已提交
27 28 29 30 31 32 33 34 
/* TLSv1.3 downgrade protection sentinel values */
const unsigned char tls11downgrade[] = {
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
};
const unsigned char tls12downgrade[] = {
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
};
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
35 36 37 38 39 40 41 
/* The list of available TLSv1.3 ciphers */
static SSL_CIPHER tls13_ciphers[] = {
    {
        1,
        TLS1_3_RFC_AES_128_GCM_SHA256,
        TLS1_3_RFC_AES_128_GCM_SHA256,
        TLS1_3_CK_AES_128_GCM_SHA256,
M
Fix typo in the definition of tls13_ciphers  
Matt Caswell 已提交
42 43 
        SSL_kANY,
        SSL_aANY,
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
44 45 46 
        SSL_AES128GCM,
        SSL_AEAD,
        TLS1_3_VERSION, TLS1_3_VERSION,
M
Fix typo in the definition of tls13_ciphers  
Matt Caswell 已提交
47 
        0, 0,
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 
        SSL_HIGH,
        SSL_HANDSHAKE_MAC_SHA256,
        128,
        128,
    }, {
        1,
        TLS1_3_RFC_AES_256_GCM_SHA384,
        TLS1_3_RFC_AES_256_GCM_SHA384,
        TLS1_3_CK_AES_256_GCM_SHA384,
        SSL_kANY,
        SSL_aANY,
        SSL_AES256GCM,
        SSL_AEAD,
        TLS1_3_VERSION, TLS1_3_VERSION,
        0, 0,
        SSL_HIGH,
        SSL_HANDSHAKE_MAC_SHA384,
        256,
        256,
    },
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
    {
        1,
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
        TLS1_3_CK_CHACHA20_POLY1305_SHA256,
        SSL_kANY,
        SSL_aANY,
        SSL_CHACHA20POLY1305,
        SSL_AEAD,
        TLS1_3_VERSION, TLS1_3_VERSION,
        0, 0,
        SSL_HIGH,
        SSL_HANDSHAKE_MAC_SHA256,
        256,
        256,
    },
#endif
    {
        1,
        TLS1_3_RFC_AES_128_CCM_SHA256,
        TLS1_3_RFC_AES_128_CCM_SHA256,
        TLS1_3_CK_AES_128_CCM_SHA256,
        SSL_kANY,
        SSL_aANY,
        SSL_AES128CCM,
        SSL_AEAD,
        TLS1_3_VERSION, TLS1_3_VERSION,
        0, 0,
        SSL_NOT_DEFAULT | SSL_HIGH,
        SSL_HANDSHAKE_MAC_SHA256,
        128,
        128,
    }, {
        1,
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
        TLS1_3_CK_AES_128_CCM_8_SHA256,
        SSL_kANY,
        SSL_aANY,
        SSL_AES128CCM8,
        SSL_AEAD,
        TLS1_3_VERSION, TLS1_3_VERSION,
        0, 0,
        SSL_NOT_DEFAULT | SSL_HIGH,
        SSL_HANDSHAKE_MAC_SHA256,
        128,
        128,
    }
};
R
Sort cipher-list at runtime.  
Rich Salz 已提交
119 
/*
R
Put DES into "not default" category.  
Rich Salz 已提交
120 
 * The list of available ciphers, mostly organized into the following
R
Sort cipher-list at runtime.  
Rich Salz 已提交
121 122 123 124 125 
 * groups:
 *      Always there
 *      EC
 *      PSK
 *      SRP (within that: RSA EC PSK)
P
fix spelling of Camellia in comment  
Pauli 已提交
126 
 *      Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
R
Sort cipher-list at runtime.  
Rich Salz 已提交
127 128 
 *      Weak ciphers
 */
E
Indent ssl/  
Emilia Kasper 已提交
129 
static SSL_CIPHER ssl3_ciphers[] = {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
130 131 132 
    {
     1,
     SSL3_TXT_RSA_NULL_MD5,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
133 
     SSL3_RFC_RSA_NULL_MD5,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
134 135 136 137 138 
     SSL3_CK_RSA_NULL_MD5,
     SSL_kRSA,
     SSL_aRSA,
     SSL_eNULL,
     SSL_MD5,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
139 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
140 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
141 
     SSL_STRONG_NONE,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
142 143 144 145 146 147 148 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
    {
     1,
     SSL3_TXT_RSA_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
149 
     SSL3_RFC_RSA_NULL_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
150 151 152 153 154 
     SSL3_CK_RSA_NULL_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_eNULL,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
155 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
156 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
157 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
158 159 160 161 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
162 
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
163 164 165 
    {
     1,
     SSL3_TXT_RSA_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
166 
     SSL3_RFC_RSA_DES_192_CBC3_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
167 168 169 170 171 
     SSL3_CK_RSA_DES_192_CBC3_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
172 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
173 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
174 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
175 176 177 178 179 180 181 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
    {
     1,
     SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
182 
     SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
183 184 185 186 187 
     SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
188 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
189 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Move 3DES from HIGH to MEDIUM  
Rich Salz 已提交
190 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
191 192 193 194 195 196 197 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
    {
     1,
     SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
198 
     SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
199 200 201 202 203 
     SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
204 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
205 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
206 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
207 208 209 210 211 212 213 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
    {
     1,
     SSL3_TXT_ADH_DES_192_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
214 
     SSL3_RFC_ADH_DES_192_CBC_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
215 216 217 218 219 
     SSL3_CK_ADH_DES_192_CBC_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
220 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
221 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Move 3DES from HIGH to MEDIUM  
Rich Salz 已提交
222 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
223 224 225 226 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
227 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
228 229 230 
    {
     1,
     TLS1_TXT_RSA_WITH_AES_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
231 
     TLS1_RFC_RSA_WITH_AES_128_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
232 233 234 235 236 
     TLS1_CK_RSA_WITH_AES_128_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
237 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
238 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
239 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
240 241 242 243 244 245 246 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
247 
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
248 249 250 251 252 
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
253 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
254 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
255 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
256 257 258 259 260 261 262 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
263 
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
264 265 266 267 268 
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
269 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
270 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
271 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
272 273 274 275 276 277 278 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_AES_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
279 
     TLS1_RFC_ADH_WITH_AES_128_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
280 281 282 283 284 
     TLS1_CK_ADH_WITH_AES_128_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
285 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
286 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
287 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
288 289 290 291 292 293 294 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_AES_256_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
295 
     TLS1_RFC_RSA_WITH_AES_256_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
296 297 298 299 300 
     TLS1_CK_RSA_WITH_AES_256_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
301 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
302 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
303 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
304 305 306 307 308 309 310 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
311 
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
312 313 314 315 316 
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
317 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
318 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
319 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
320 321 322 323 324 325 326 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
327 
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
328 329 330 331 332 
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
333 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
334 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
335 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
336 337 338 339 340 341 342 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_AES_256_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
343 
     TLS1_RFC_ADH_WITH_AES_256_SHA,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
344 345 346 347 348 
     TLS1_CK_ADH_WITH_AES_256_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
349 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
350 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
351 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
352 353 354 355 356 357 358 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_NULL_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
359 
     TLS1_RFC_RSA_WITH_NULL_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
360 361 362 363 364 
     TLS1_CK_RSA_WITH_NULL_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_eNULL,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
365 366 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
367 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
368 369 370 371 372 373 374 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
375 
     TLS1_RFC_RSA_WITH_AES_128_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
376 377 378 379 380 
     TLS1_CK_RSA_WITH_AES_128_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
381 382 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
383 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
384 385 386 387 388 389 390 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_AES_256_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
391 
     TLS1_RFC_RSA_WITH_AES_256_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
392 393 394 395 396 
     TLS1_CK_RSA_WITH_AES_256_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
397 398 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
399 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
400 401 402 403 404 405 406 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
407 
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
408 409 410 411 412 
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
     SSL_kDHE,
     SSL_aDSS,
     SSL_AES128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
413 414 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
415 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
416 417 418 419 420 421 422 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
423 
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
424 425 426 427 428 
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
429 430 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
431 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
432 433 434 435 436 437 438 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
439 
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
440 441 442 443 444 
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
     SSL_kDHE,
     SSL_aDSS,
     SSL_AES256,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
445 446 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
447 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
448 449 450 451 452 453 454 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
455 
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
456 457 458 459 460 
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
461 462 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
463 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
464 465 466 467 468 469 470 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
471 
     TLS1_RFC_ADH_WITH_AES_128_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
472 473 474 475 476 
     TLS1_CK_ADH_WITH_AES_128_SHA256,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
477 478 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
479 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
480 481 482 483 484 485 486 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_AES_256_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
487 
     TLS1_RFC_ADH_WITH_AES_256_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
488 489 490 491 492 
     TLS1_CK_ADH_WITH_AES_256_SHA256,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES256,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
493 494 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
495 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
496 497 498 499 500 501 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
502 
     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
503 
     TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
504 505 506 507 508 509 510 511 512 513 514 515 
     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
516 517 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
518 
     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
519 
     TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
520 
     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
521 522 
     SSL_kRSA,
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
523 524 525 526 527 528 
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
529 530 531 532 533 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
534 
     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
535 
     TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
536 
     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
537 
     SSL_kDHE,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
538 539 540 541 542 543 544 545 546 
     SSL_aRSA,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
547 548 549 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
550 
     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
551 
     TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
552 
     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
553 554 
     SSL_kDHE,
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
555 556 557 558 559 560 
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
561 562 563 564 565 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
566 
     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
567 
     TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
568 
     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
569 
     SSL_kDHE,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
570 571 572 573 574 575 576 
     SSL_aDSS,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
577 578 579 580 581 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
582 
     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
583 
     TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
584 585 586 587 588 589 590 591 592 593 594 
     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
     SSL_kDHE,
     SSL_aDSS,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
595 596 597 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
598 
     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
599 
     TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
600 601 602 603 604 605 606 607 608 
     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
609 610 611 612 613 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
614 
     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
615 
     TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
616 617 618 619 620 621 622 623 624 
     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
     SSL_kDHE,
     SSL_aNULL,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
625 626 627 
     256,
     256,
     },
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
628 629 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
630 
     TLS1_TXT_RSA_WITH_AES_128_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
631 
     TLS1_RFC_RSA_WITH_AES_128_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
632 633 634 635 636 637 638 639 640 
     TLS1_CK_RSA_WITH_AES_128_CCM,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES128CCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
641 642 643 644 645 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
646 
     TLS1_TXT_RSA_WITH_AES_256_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
647 
     TLS1_RFC_RSA_WITH_AES_256_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
648 649 650 651 652 653 654 655 656 657 658 
     TLS1_CK_RSA_WITH_AES_256_CCM,
     SSL_kRSA,
     SSL_aRSA,
     SSL_AES256CCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
659 660 661 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
662 
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
663 
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
664 665 666 667 668 669 670 671 672 
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES128CCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
673 674 675 676 677 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
678 
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
679 
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
680 681 682 683 684 685 686 687 688 
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
     SSL_kDHE,
     SSL_aRSA,
     SSL_AES256CCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
689 690 691 692 693 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
694 
     TLS1_TXT_RSA_WITH_AES_128_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
695 
     TLS1_RFC_RSA_WITH_AES_128_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
696 697 
     TLS1_CK_RSA_WITH_AES_128_CCM_8,
     SSL_kRSA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
698 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
699 
     SSL_AES128CCM8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
700 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
701 702 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
703 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
704 705 706 707 708 709 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
710 
     TLS1_TXT_RSA_WITH_AES_256_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
711 
     TLS1_RFC_RSA_WITH_AES_256_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
712 
     TLS1_CK_RSA_WITH_AES_256_CCM_8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
713 714 
     SSL_kRSA,
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
715 
     SSL_AES256CCM8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
716 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
717 718 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
719 720 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
721 722 723 724 725 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
726 
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
727 
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
728 
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
729 730 
     SSL_kDHE,
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
731 
     SSL_AES128CCM8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
732 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
733 734 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
735 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
736 737 738 739 740 741 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
742 
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
743 
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
744 
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
745 746 
     SSL_kDHE,
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
747 
     SSL_AES256CCM8,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
748 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
749 750 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
751 752 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
753 754 755 756 757 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
758 
     TLS1_TXT_PSK_WITH_AES_128_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
759 
     TLS1_RFC_PSK_WITH_AES_128_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
760 761 762 763 
     TLS1_CK_PSK_WITH_AES_128_CCM,
     SSL_kPSK,
     SSL_aPSK,
     SSL_AES128CCM,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
764 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
765 766 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
767 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
768 769 770 771 772 773 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
774 
     TLS1_TXT_PSK_WITH_AES_256_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
775 
     TLS1_RFC_PSK_WITH_AES_256_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
776 777 778 779 
     TLS1_CK_PSK_WITH_AES_256_CCM,
     SSL_kPSK,
     SSL_aPSK,
     SSL_AES256CCM,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
780 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
781 782 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
783 784 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
785 786 787 788 789 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
790 
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
791 
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
792 793 794 795 
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES128CCM,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
796 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
797 798 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
799 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
800 801 802 803 804 805 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
806 
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
807 
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
808 809 810 811 
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES256CCM,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
812 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
813 814 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
815 816 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
817 818 819 
     256,
     256,
     },
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
820 821 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
822 
     TLS1_TXT_PSK_WITH_AES_128_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
823 
     TLS1_RFC_PSK_WITH_AES_128_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
824 
     TLS1_CK_PSK_WITH_AES_128_CCM_8,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
825 826 
     SSL_kPSK,
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
827 
     SSL_AES128CCM8,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
828 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
829 830 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
831 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
832 833 834 835 836 837 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
838 
     TLS1_TXT_PSK_WITH_AES_256_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
839 
     TLS1_RFC_PSK_WITH_AES_256_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
840 
     TLS1_CK_PSK_WITH_AES_256_CCM_8,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
841 842 
     SSL_kPSK,
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
843 
     SSL_AES256CCM8,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
844 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
845 846 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
847 848 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add PSK GCM ciphersuites from RFC5487  
Dr. Stephen Henson 已提交
849 850 851 
     256,
     256,
     },
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
852 853 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
854 
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
855 
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
856 
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
857 858 
     SSL_kDHEPSK,
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
859 
     SSL_AES128CCM8,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
860 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
861 862 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
863 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
864 865 866 867 868 869 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
870 
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
871 
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
872 873 
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
     SSL_kDHEPSK,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
874 
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
875 
     SSL_AES256CCM8,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
876 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
877 878 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
879 880 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
881 882 883 884 885 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
886 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
887 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
888 889 890 891 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES128CCM,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
892 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
893 894 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
895 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
896 897 898 899 900 901 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
902 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
903 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
904 905 906 907 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES256CCM,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
908 
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
909 910 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
911 912 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
913 914 915 916 917 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
918 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
919 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
920 921 922 923 924 925 926 927 928 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES128CCM8,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
929 930 931 932 933 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
934 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
935 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
936 937 938 939 940 941 942 943 944 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES256CCM8,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
945 946 947 948 949 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
950 
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
951 
     TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
952 953 954 
     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
     SSL_kECDHE,
     SSL_aECDSA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
955 
     SSL_eNULL,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
956 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
957 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
958 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
959 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
960 961 962 963 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
964 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
965 966 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
967 
     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
968 
     TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
969 970 971 972 973 
     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_3DES,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
974 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
975 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
976 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
977 978 979 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
980 
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
981 
# endif
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
982 983 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
984 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
985 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
986 987 988 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
     SSL_kECDHE,
     SSL_aECDSA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
989 
     SSL_AES128,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
990 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
991 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
992 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
993 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
994 995 996 997 998 999 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1000 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1001 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1002 1003 1004 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
     SSL_kECDHE,
     SSL_aECDSA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1005 
     SSL_AES256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1006 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1007 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1008 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1009 
     SSL_HIGH | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1010 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1011 1012 1013 1014 1015 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1016 
     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1017 
     TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1018 1019 1020 
     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
     SSL_kECDHE,
     SSL_aRSA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1021 
     SSL_eNULL,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1022 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1023 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1024 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1025 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1026 1027 1028 1029 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1030 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1031 1032 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1033 
     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1034 
     TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1035 1036 1037 1038 1039 
     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_3DES,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1040 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1041 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1042 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1043 1044 1045 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1046 
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1047 
# endif
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1048 1049 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1050 
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1051 
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1052 1053 
     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
     SSL_kECDHE,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1054 1055 
     SSL_aRSA,
     SSL_AES128,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1056 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1057 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1058 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1059 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1060 1061 1062 1063 1064 1065 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1066 
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1067 
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1068 1069 
     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
     SSL_kECDHE,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1070 1071 
     SSL_aRSA,
     SSL_AES256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1072 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1073 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1074 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1075 
     SSL_HIGH | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1076 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1077 1078 1079 1080 1081 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1082 
     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1083 
     TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1084 1085 1086 
     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
     SSL_kECDHE,
     SSL_aNULL,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1087 
     SSL_eNULL,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1088 
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1089 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1090 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1091 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1092 1093 1094 1095 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1096 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1097 1098 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1099 
     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1100 
     TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1101 1102 1103 1104 1105 
     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
     SSL_kECDHE,
     SSL_aNULL,
     SSL_3DES,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1106 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1107 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Move 3DES from HIGH to MEDIUM  
Rich Salz 已提交
1108 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1109 1110 1111 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1112 
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1113 
# endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1114 1115 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1116 
     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1117 
     TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1118 1119 1120 1121 1122 
     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
     SSL_kECDHE,
     SSL_aNULL,
     SSL_AES128,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1123 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1124 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1125 1126 1127 1128 1129 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1130 1131 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1132 
     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1133 
     TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1134 1135 1136 1137 1138 
     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
     SSL_kECDHE,
     SSL_aNULL,
     SSL_AES256,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1139 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1140 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1141 1142 1143 1144 1145 1146 1147 1148 
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1149 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1150 1151 1152 1153 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1154 
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1155 1156 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1157 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1158 1159 1160 1161 1162 1163 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1164 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1165 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1166 1167 1168 1169 1170 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1171 1172 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1173 1174 1175 1176 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1177 1178 1179 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1180 
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1181 
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1182 1183 1184 1185 
     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_AES128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1186 
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1187 1188 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1189 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1190 1191 1192 1193 1194 1195 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1196 
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1197 
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1198 1199 
     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
     SSL_kECDHE,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1200 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1201 1202 
     SSL_AES256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1203 1204 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1205 1206 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1207 1208 1209 1210 1211 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1212 
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1213 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1214 1215 1216 1217 1218 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES128GCM,
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1219 1220 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1221 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1222 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1223 1224 1225 1226 1227 1228 
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1229 
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1230 1231 1232 1233 1234 1235 1236 1237 1238 
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1239 1240 1241 1242 1243 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1244 
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1245 
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1246 1247 
     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
     SSL_kECDHE,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1248 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1249 1250 
     SSL_AES128GCM,
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1251 1252 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1253 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1254 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1255 1256 
     128,
     128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1257 1258 1259 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1260 
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1261 
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1262 1263 1264 1265 1266 
     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_AES256GCM,
     SSL_AEAD,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1267 1268 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1269 1270 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1271 1272 1273 1274 1275 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1276 
     TLS1_TXT_PSK_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1277 
     TLS1_RFC_PSK_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1278 1279 1280 
     TLS1_CK_PSK_WITH_NULL_SHA,
     SSL_kPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1281 1282 
     SSL_eNULL,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1283 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1284 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1285 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1286 1287 1288 1289 1290 1291 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1292 
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1293 
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1294 1295 1296 1297 
     TLS1_CK_DHE_PSK_WITH_NULL_SHA,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1298 
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1299 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1300 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1301 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1302 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1303 1304 
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1305 1306 1307 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1308 
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1309 
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1310 1311 1312 1313 1314 1315 
     TLS1_CK_RSA_PSK_WITH_NULL_SHA,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_eNULL,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1316 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1317 1318 1319 1320 1321 
     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1322 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1323 1324 1325 
    {
     1,
     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1326 
     TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1327 1328 1329 
     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
     SSL_kPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1330 1331 
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1332 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1333 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1334 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1335 1336 1337 1338 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1339 
# endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1340 1341 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1342 
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1343 
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1344 1345 1346 
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
     SSL_kPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1347 1348 
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1349 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1350 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1351 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1352 1353 1354 1355 1356 1357 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1358 
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1359 
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1360 1361 1362 
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
     SSL_kPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1363 1364 
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1365 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1366 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1367 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1368 1369 1370 1371 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1372 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1373 1374 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1375 
     TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1376 
     TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1377 1378 1379 1380 
     TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_3DES,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1381 
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1382 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1383 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1384 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1385 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1386 1387 
     112,
     168,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1388 
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1389 
# endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1390 1391 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1392 
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1393 
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1394 1395 1396 1397 1398 1399 
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1400 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1401 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1402 1403 1404 1405 1406 1407 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1408 
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1409 
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1410 1411 1412 1413 1414 1415 
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1416 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1417 1418 1419 1420 1421 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1422 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1423 1424 1425 
    {
     1,
     TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1426 
     TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1427 1428 
     TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1429 1430 1431 
     SSL_aRSA,
     SSL_3DES,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1432 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1433 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1434 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1435 1436 1437 1438 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1439 
# endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1440 1441 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1442 
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1443 
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1444 1445 
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1446 1447 1448 
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1449 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1450 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1451 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1452 1453 1454 1455 1456 1457 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1458 
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1459 
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1460 1461 
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1462 1463 1464 
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA1,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1465 
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1466 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1467 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1468 1469 1470 1471 1472 1473 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1474 
     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1475 
     TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1476 1477 1478 1479 1480 1481 1482 1483 1484 
     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
     SSL_kPSK,
     SSL_aPSK,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1485 1486 1487 1488 1489 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1490 
     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1491 
     TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 
     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
     SSL_kPSK,
     SSL_aPSK,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1503 1504 1505 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1506 
     TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1507 
     TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1508 1509 1510 1511 1512 1513 1514 1515 1516 
     TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1517 1518 1519 1520 1521 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1522 
     TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1523 
     TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1524 1525 1526 1527 1528 1529 1530 1531 1532 
     TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1533 1534 1535 1536 1537 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1538 
     TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1539 
     TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1540 1541 
     TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1542 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1543 1544 1545 1546 1547 1548 1549 1550 
     SSL_AES128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1551 1552 1553 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1554 
     TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1555 
     TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 
     TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_AES256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1567 1568 1569 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1570 
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1571 
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1572 1573 1574 
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
     SSL_kPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1575 
     SSL_AES128,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1576 1577 
     SSL_SHA256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1578 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1579 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1580 1581 1582 1583 1584 1585 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1586 
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1587 
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1588 1589 1590 1591 1592 1593 
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
     SSL_kPSK,
     SSL_aPSK,
     SSL_AES256,
     SSL_SHA384,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1594 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1595 1596 1597 1598 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1599 1600 1601 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1602 
     TLS1_TXT_PSK_WITH_NULL_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1603 
     TLS1_RFC_PSK_WITH_NULL_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1604 1605 1606 1607 1608 1609 
     TLS1_CK_PSK_WITH_NULL_SHA256,
     SSL_kPSK,
     SSL_aPSK,
     SSL_eNULL,
     SSL_SHA256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1610 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1611 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1612 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1613 1614 
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1615 1616 1617 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1618 
     TLS1_TXT_PSK_WITH_NULL_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1619 
     TLS1_RFC_PSK_WITH_NULL_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1620 1621 1622 1623 1624 1625 
     TLS1_CK_PSK_WITH_NULL_SHA384,
     SSL_kPSK,
     SSL_aPSK,
     SSL_eNULL,
     SSL_SHA384,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1626 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1627 1628 1629 1630 
     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1631 1632 1633 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1634 
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1635 
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1636 1637 1638 1639 1640 1641 
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_AES128,
     SSL_SHA256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1642 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1643 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1644 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1645 1646 
     128,
     128,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1647 1648 1649 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1650 
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1651 
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1652 1653 1654 
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
     SSL_kDHEPSK,
     SSL_aPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1655 
     SSL_AES256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1656 1657 
     SSL_SHA384,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1658 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1659 1660 
     SSL_HIGH | SSL_FIPS,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1661 1662 1663 1664 1665 
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1666 
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1667 
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1668 1669 1670 1671 
     TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1672 
     SSL_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1673 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1674 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1675 1676 1677 1678 
     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1679 1680 1681 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1682 
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1683 
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1684 1685 1686 1687 
     TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1688 
     SSL_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1689 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1690 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1691 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1692 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1693 1694 
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1695 1696 1697 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1698 
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1699 
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1700 1701 
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1702 1703 1704 
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1705 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1706 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1707 
     SSL_HIGH | SSL_FIPS,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1708 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1709 1710 1711 1712 1713 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1714 
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1715 
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1716 1717 
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1718 1719 1720 
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1721 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1722 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1723 
     SSL_HIGH | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1724 1725 1726 1727 1728 1729 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1730 
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1731 
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1732 1733 
     TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1734 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1735 1736 1737 
     SSL_eNULL,
     SSL_SHA256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1738 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1739 1740 1741 1742 
     SSL_STRONG_NONE | SSL_FIPS,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1743 1744 1745 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1746 
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1747 
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1748 1749 
     TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
     SSL_kRSAPSK,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1750 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1751 1752 1753 
     SSL_eNULL,
     SSL_SHA384,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1754 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1755 
     SSL_STRONG_NONE | SSL_FIPS,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
1756 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1757 1758 
     0,
     0,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1759 
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1760 
#  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1761 1762 1763 
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1764 
     TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1765 1766 1767 1768 1769 
     TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_3DES,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1770 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1771 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1772 
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1773 1774 1775 1776 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1777 
#  endif
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1778 1779 1780 
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1781 
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1782 1783 1784 1785 1786 
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_AES128,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1787 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1788 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1789 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1790 1791 1792 1793 1794 1795 1796 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1797 
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1798 1799 1800 1801 1802 
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_AES256,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1803 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1804 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1805 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1806 1807 1808 1809 1810 1811 1812 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1813 
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1814 1815 1816 1817 1818 
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_AES128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1819 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1820 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1821 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1822 1823 1824 1825 1826 1827 1828 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1829 
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1830 1831 1832 1833 1834 
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_AES256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1835 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1836 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Remove support for all 40 and 56 bit ciphers.  
Kurt Roeckx 已提交
1837 
     SSL_HIGH | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1838 1839 1840 1841 1842 1843 1844 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1845 
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1846 1847 1848 1849 1850 
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
1851 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1852 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1853 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1854 1855 1856 1857 1858 1859 1860 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1861 
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1862 1863 1864 1865 1866 
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1867 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1868 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1869 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1870 1871 1872 1873 1874 1875 1876 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     0,
     0,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1877 
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1878 1879 1880 1881 1882 
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_eNULL,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
1883 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1884 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
K
Don't mark the eNULL ciphers as non-default.  
Kurt Roeckx 已提交
1885 
     SSL_STRONG_NONE | SSL_FIPS,
D
Add RFC4279, RFC5487 and RFC5489 ciphersuites.  
Dr. Stephen Henson 已提交
1886 1887 1888 1889 1890 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     0,
     0,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1891 
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1892 1893 1894 
    {
     1,
     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1895 
     TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1896 1897 1898 1899 1900 1901 
     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
     SSL_kSRP,
     SSL_aSRP,
     SSL_3DES,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1902 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1903 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1904 1905 1906 1907 1908 1909 1910 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1911 
     TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1912 1913 1914 1915 1916 1917 
     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
     SSL_kSRP,
     SSL_aRSA,
     SSL_3DES,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1918 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Put DES into "not default" category.  
Rich Salz 已提交
1919 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1920 1921 1922 1923 1924 1925 1926 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1927 
     TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1928 1929 1930 1931 1932 1933 
     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
     SSL_kSRP,
     SSL_aDSS,
     SSL_3DES,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1934 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Move 3DES from HIGH to MEDIUM  
Rich Salz 已提交
1935 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1936 1937 1938 1939 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     112,
     168,
     },
R
To avoid SWEET32 attack, move 3DES to weak  
Rich Salz 已提交
1940 
# endif
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1941 1942 1943 
    {
     1,
     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1944 
     TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1945 1946 1947 1948 1949 1950 
     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
     SSL_kSRP,
     SSL_aSRP,
     SSL_AES128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1951 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1952 1953 1954 1955 1956 1957 1958 1959 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1960 
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1961 1962 1963 1964 1965 1966 
     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
     SSL_kSRP,
     SSL_aRSA,
     SSL_AES128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1967 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1968 1969 1970 1971 1972 1973 1974 1975 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1976 
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1977 1978 1979 1980 1981 1982 
     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
     SSL_kSRP,
     SSL_aDSS,
     SSL_AES128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1983 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1984 1985 1986 1987 1988 1989 1990 1991 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
1992 
     TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
1993 1994 1995 1996 1997 1998 
     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
     SSL_kSRP,
     SSL_aSRP,
     SSL_AES256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
1999 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2000 2001 2002 2003 2004 2005 2006 2007 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2008 
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2009 2010 2011 2012 2013 2014 
     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
     SSL_kSRP,
     SSL_aRSA,
     SSL_AES256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2015 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2016 2017 2018 2019 2020 2021 2022 2023 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2024 
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2025 2026 2027 2028 2029 2030 
     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
     SSL_kSRP,
     SSL_aDSS,
     SSL_AES256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2031 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },

#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2042 
     TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 
     TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
     SSL_kDHE,
     SSL_aRSA,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2058 
     TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 
     TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2074 
     TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 
     TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2090 
     TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 
     TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
     SSL_kPSK,
     SSL_aPSK,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2106 
     TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 
     TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2122 
     TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 
     TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2138 
     TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 
     TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_CHACHA20POLY1305,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
E
Indent ssl/  
Emilia Kasper 已提交
2151 2152 
#endif                          /* !defined(OPENSSL_NO_CHACHA) &&
                                 * !defined(OPENSSL_NO_POLY1305) */
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2153 2154 2155 2156 2157 

#ifndef OPENSSL_NO_CAMELLIA
    {
     1,
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2158 
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2174 
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kEDH,
     SSL_aDSS,
     SSL_CAMELLIA128,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2190 
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kEDH,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2206 
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kEDH,
     SSL_aNULL,
     SSL_CAMELLIA128,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2222 
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2238 
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
     SSL_kEDH,
     SSL_aDSS,
     SSL_CAMELLIA256,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2254 
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
     SSL_kEDH,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2270 
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
     SSL_kEDH,
     SSL_aNULL,
     SSL_CAMELLIA256,
     SSL_SHA256,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2286 
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2287 2288 2289 2290 2291 2292 
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2293 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2294 2295 2296 2297 2298 2299 2300 2301 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2302 
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2303 2304 2305 2306 2307 2308 
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_CAMELLIA256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2309 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2310 2311 2312 2313 2314 2315 2316 2317 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2318 
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2319 2320 2321 2322 2323 2324 
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2325 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2326 2327 2328 2329 2330 2331 2332 2333 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2334 
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2335 2336 2337 2338 2339 2340 
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_CAMELLIA256,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2341 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2342 2343 2344 2345 2346 2347 2348 2349 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2350 
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2351 2352 2353 2354 2355 2356 
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2357 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2358 2359 2360 2361 2362 2363 2364 2365 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2366 
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2367 2368 2369 2370 2371 2372 
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_CAMELLIA128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2373 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2374 2375 2376 2377 2378 2379 2380 2381 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2382 
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2383 2384 2385 2386 2387 2388 
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2389 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2390 2391 2392 2393 2394 2395 2396 2397 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2398 
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2399 2400 2401 2402 2403 2404 
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_CAMELLIA128,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2405 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2406 2407 2408 2409 2410 2411 
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
    {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2412 2413 
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2414 
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2415 2416 2417 2418 2419 
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_CAMELLIA128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2420 2421 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2422 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2423 2424 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2425 2426 
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2427 
    {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2428 2429 
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2430 
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2431 2432 2433 2434 2435 
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_CAMELLIA256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2436 2437 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2438 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2439 2440 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2441 2442 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2443 
    {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2444 2445 
     1,
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2446 
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2447 2448 2449 2450 2451 
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2452 2453 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2454 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2455 2456 
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2457 2458 
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2459 
    {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2460 2461 
     1,
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2462 
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2463 2464 2465 2466 2467 
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2468 2469 
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2470 
     SSL_NOT_DEFAULT | SSL_HIGH,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
2471 2472 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2473 2474 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2475 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2476 2477 
     1,
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2478 
     TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2479 2480 2481 2482 2483 
     TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kPSK,
     SSL_aPSK,
     SSL_CAMELLIA128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2484 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2485 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2486 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2487 2488 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2489 2490 
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2491 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2492 2493 
     1,
     TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2494 
     TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2495 2496 2497 2498 2499 
     TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kPSK,
     SSL_aPSK,
     SSL_CAMELLIA256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2500 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2501 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2502 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2503 2504 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2505 2506 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2507 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2508 2509 
     1,
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2510 
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2511 2512 2513 2514 2515 
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_CAMELLIA128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2516 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2517 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2518 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2519 2520 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2521 2522 
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2523 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2524 2525 
     1,
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2526 
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2527 2528 2529 2530 2531 
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_CAMELLIA256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2532 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2533 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2534 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2535 2536 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2537 2538 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2539 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2540 2541 
     1,
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2542 
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2543 2544 2545 2546 2547 
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_CAMELLIA128,
     SSL_SHA256,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2548 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2549 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2550 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2551 2552 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2553 2554 
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2555 
    {
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2556 2557 
     1,
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2558 
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2559 2560 2561 2562 2563 
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_CAMELLIA256,
     SSL_SHA384,
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
2564 
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2565 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2566 
     SSL_NOT_DEFAULT | SSL_HIGH,
D
CAMELLIA PSK ciphersuites from RFC6367  
Dr. Stephen Henson 已提交
2567 2568 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2569 2570 
     256,
     },
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2571 2572 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2573 
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2574 
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2575 2576 
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
     SSL_kECDHEPSK,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2577 
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2578 2579 2580 
     SSL_CAMELLIA128,
     SSL_SHA256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2581 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2582 
     SSL_NOT_DEFAULT | SSL_HIGH,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2583 
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2584 
     128,
E
Indent ssl/  
Emilia Kasper 已提交
2585 2586 
     128,
     },
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2587 2588 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2589 
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2590 
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2591 2592 
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     SSL_kECDHEPSK,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2593 
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2594 2595 2596 
     SSL_CAMELLIA256,
     SSL_SHA384,
     TLS1_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2597 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
E
Rework the default cipherlist.  
Emilia Kasper 已提交
2598 
     SSL_NOT_DEFAULT | SSL_HIGH,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2599 
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2600 
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2601 2602 2603 
     256,
     },
#endif                          /* OPENSSL_NO_CAMELLIA */
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2604
P
RT4458: Fix #ifndef line for GOST  
Pauli 已提交
2605 
#ifndef OPENSSL_NO_GOST
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2606 2607 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2608 
     "GOST2001-GOST89-GOST89",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2609 
     "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2610 2611 2612 2613 2614 2615 
     0x3000081,
     SSL_kGOST,
     SSL_aGOST01,
     SSL_eGOST2814789CNT,
     SSL_GOST89MAC,
     TLS1_VERSION, TLS1_2_VERSION,
D
Don't use GOST ciphersuites with DTLS.  
Dmitry Belyavsky 已提交
2616 
     0, 0,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2617 2618 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2619 
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2620 2621 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2622 2623 2624 
    {
     1,
     "GOST2001-NULL-GOST94",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2625 
     "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2626 2627 2628 2629 2630 2631 
     0x3000083,
     SSL_kGOST,
     SSL_aGOST01,
     SSL_eNULL,
     SSL_GOST94,
     TLS1_VERSION, TLS1_2_VERSION,
D
Don't use GOST ciphersuites with DTLS.  
Dmitry Belyavsky 已提交
2632 
     0, 0,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2633 2634 2635 
     SSL_STRONG_NONE,
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
     0,
E
Indent ssl/  
Emilia Kasper 已提交
2636 2637 
     0,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2638 2639 
    {
     1,
N
TLS Cipher Suite 0xC102 Support  
Nikolay Morozov 已提交
2640 2641 2642 2643 2644 2645 2646 2647 2648 2649 2650 2651 2652 2653 2654 2655 2656 
     "IANA-GOST2012-GOST8912-GOST8912",
     NULL,
     0x0300c102,
     SSL_kGOST,
     SSL_aGOST12 | SSL_aGOST01,
     SSL_eGOST2814789CNT12,
     SSL_GOST89MAC12,
     TLS1_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
     256,
     256,
     },
    {
     1,
     "LEGACY-GOST2012-GOST8912-GOST8912",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2657 
     NULL,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2658 2659 2660 2661 2662 2663 
     0x0300ff85,
     SSL_kGOST,
     SSL_aGOST12 | SSL_aGOST01,
     SSL_eGOST2814789CNT12,
     SSL_GOST89MAC12,
     TLS1_VERSION, TLS1_2_VERSION,
D
Don't use GOST ciphersuites with DTLS.  
Dmitry Belyavsky 已提交
2664 
     0, 0,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2665 2666 
     SSL_HIGH,
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2667 
     256,
E
Indent ssl/  
Emilia Kasper 已提交
2668 2669 
     256,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2670 2671 2672 
    {
     1,
     "GOST2012-NULL-GOST12",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2673 
     NULL,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2674 2675 2676 2677 2678 2679 
     0x0300ff87,
     SSL_kGOST,
     SSL_aGOST12 | SSL_aGOST01,
     SSL_eNULL,
     SSL_GOST12_256,
     TLS1_VERSION, TLS1_2_VERSION,
D
Don't use GOST ciphersuites with DTLS.  
Dmitry Belyavsky 已提交
2680 
     0, 0,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2681 2682 2683 
     SSL_STRONG_NONE,
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
     0,
E
Indent ssl/  
Emilia Kasper 已提交
2684 2685 2686 
     0,
     },
#endif                          /* OPENSSL_NO_GOST */
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2687
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2688 
#ifndef OPENSSL_NO_IDEA
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2689 2690 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2691 
     SSL3_TXT_RSA_IDEA_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2692 
     SSL3_RFC_RSA_IDEA_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2693 2694 2695 2696 2697 2698 
     SSL3_CK_RSA_IDEA_128_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_IDEA,
     SSL_SHA1,
     SSL3_VERSION, TLS1_1_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2699 
     DTLS1_BAD_VER, DTLS1_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2700 2701 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2702 2703 2704 
     128,
     128,
     },
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2705 
#endif
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2706
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2707 
#ifndef OPENSSL_NO_SEED
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2708 2709 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2710 
     TLS1_TXT_RSA_WITH_SEED_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2711 
     TLS1_RFC_RSA_WITH_SEED_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2712 2713 2714 2715 2716 2717 
     TLS1_CK_RSA_WITH_SEED_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_SEED,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2718 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2719 2720 2721 2722 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2723 2724 2725 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2726 
     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2727 
     TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2728 2729 2730 2731 2732 2733 
     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
     SSL_kDHE,
     SSL_aDSS,
     SSL_SEED,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2734 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2735 2736 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2737 2738 2739 2740 2741 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2742 
     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2743 
     TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2744 2745 2746 2747 2748 2749 
     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
     SSL_kDHE,
     SSL_aRSA,
     SSL_SEED,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2750 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2751 2752 2753 2754 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2755 2756 2757 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2758 
     TLS1_TXT_ADH_WITH_SEED_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2759 
     TLS1_RFC_ADH_WITH_SEED_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2760 2761 2762 2763 2764 2765 
     TLS1_CK_ADH_WITH_SEED_SHA,
     SSL_kDHE,
     SSL_aNULL,
     SSL_SEED,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
D
Fix cipher support for DTLS1_BAD_VER  
David Woodhouse 已提交
2766 
     DTLS1_BAD_VER, DTLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2767 2768 
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2769 2770 2771 
     128,
     128,
     },
E
Indent ssl/  
Emilia Kasper 已提交
2772 
#endif                          /* OPENSSL_NO_SEED */
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2773
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2774 2775 2776 2777 
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
    {
     1,
     SSL3_TXT_RSA_RC4_128_MD5,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2778 
     SSL3_RFC_RSA_RC4_128_MD5,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 
     SSL3_CK_RSA_RC4_128_MD5,
     SSL_kRSA,
     SSL_aRSA,
     SSL_RC4,
     SSL_MD5,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
     },
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2791 2792 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2793 
     SSL3_TXT_RSA_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2794 
     SSL3_RFC_RSA_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 
     SSL3_CK_RSA_RC4_128_SHA,
     SSL_kRSA,
     SSL_aRSA,
     SSL_RC4,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2806 2807 2808 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2809 
     SSL3_TXT_ADH_RC4_128_MD5,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2810 
     SSL3_RFC_ADH_RC4_128_MD5,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2811 2812 2813 2814 2815 2816 2817 2818 2819 
     SSL3_CK_ADH_RC4_128_MD5,
     SSL_kDHE,
     SSL_aNULL,
     SSL_RC4,
     SSL_MD5,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2820 2821 2822 2823 2824 
     128,
     128,
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2825 
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2826 
     TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2827 2828 2829 2830 2831 
     TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
     SSL_kECDHEPSK,
     SSL_aPSK,
     SSL_RC4,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
2832 
     TLS1_VERSION, TLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2833 2834 2835 2836 2837 
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
D
Add CCM ciphersuites from RFC6655 and RFC7251  
Dr. Stephen Henson 已提交
2838 
     },
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2839 2840 
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2841 
     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2842 
     TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2843 
     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2844 
     SSL_kECDHE,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2845 2846 2847 
     SSL_aNULL,
     SSL_RC4,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
2848 
     TLS1_VERSION, TLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2849 2850 2851 2852 2853 
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2854 2855 2856 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2857 
     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2858 
     TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2859 
     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2860 2861 
     SSL_kECDHE,
     SSL_aECDSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2862 2863 
     SSL_RC4,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
2864 
     TLS1_VERSION, TLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2865 2866 2867 2868 2869 
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2870 2871 2872 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2873 
     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2874 
     TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2875 2876 
     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
     SSL_kECDHE,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2877 
     SSL_aRSA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2878 2879 
     SSL_RC4,
     SSL_SHA1,
T
Remove ECDH(E) ciphers from SSLv3  
Todd Short 已提交
2880 
     TLS1_VERSION, TLS1_2_VERSION,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2881 2882 2883 2884 2885 
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2886 2887 2888 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2889 
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2890 
     TLS1_RFC_PSK_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2891 
     TLS1_CK_PSK_WITH_RC4_128_SHA,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2892 2893 
     SSL_kPSK,
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2894 2895 2896 2897 2898 2899 2900 2901 
     SSL_RC4,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2902 2903 2904 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2905 
     TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2906 
     TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2907 2908 2909 2910 2911 2912 2913 2914 2915 2916 2917 
     TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_RC4,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2918 2919 2920 
     },
    {
     1,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2921 
     TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
2922 
     TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2923 
     TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2924 2925 
     SSL_kDHEPSK,
     SSL_aPSK,
R
Sort cipher-list at runtime.  
Rich Salz 已提交
2926 2927 2928 2929 2930 2931 2932 2933 
     SSL_RC4,
     SSL_SHA1,
     SSL3_VERSION, TLS1_2_VERSION,
     0, 0,
     SSL_NOT_DEFAULT | SSL_MEDIUM,
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
     128,
     128,
A
Wire ChaCha20-Poly1305 to TLS.  
Andy Polyakov 已提交
2934 
     },
E
Indent ssl/  
Emilia Kasper 已提交
2935 
#endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */
D
Patch containing TLS implementation for GOST 2012  
Dmitry Belyavsky 已提交
2936
J
Implement Aria GCM/CCM Modes and TLS cipher suites  
Jon Spillett 已提交
2937 2938 2939 2940 2941 2942 2943 2944 2945 2946 2947 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 2971 2972 2973 2974 2975 2976 2977 2978 2979 2980 2981 2982 2983 2984 2985 2986 2987 2988 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026 3027 3028 3029 3030 3031 3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143 3144 3145 3146 3147 3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 3161 3162 3163 3164 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175 3176 3177 3178 3179 3180 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 
#ifndef OPENSSL_NO_ARIA
    {
     1,
     TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
     SSL_kRSA,
     SSL_aRSA,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
     SSL_kRSA,
     SSL_aRSA,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
     SSL_kDHE,
     SSL_aRSA,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
     SSL_kDHE,
     SSL_aRSA,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
     SSL_kDHE,
     SSL_aDSS,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
     SSL_kDHE,
     SSL_aDSS,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
     SSL_kECDHE,
     SSL_aECDSA,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
     SSL_kECDHE,
     SSL_aRSA,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
     SSL_kPSK,
     SSL_aPSK,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
     SSL_kPSK,
     SSL_aPSK,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
     SSL_kDHEPSK,
     SSL_aPSK,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
    {
     1,
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
     TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_ARIA128GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
     128,
     128,
     },
    {
     1,
     TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
     TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
     SSL_kRSAPSK,
     SSL_aRSA,
     SSL_ARIA256GCM,
     SSL_AEAD,
     TLS1_2_VERSION, TLS1_2_VERSION,
     DTLS1_2_VERSION, DTLS1_2_VERSION,
     SSL_NOT_DEFAULT | SSL_HIGH,
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
     256,
     256,
     },
#endif /* OPENSSL_NO_ARIA */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3195 3196 
};
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
3197 3198 3199 3200 3201 3202 3203 3204 3205 
/*
 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
 * values stuffed into the ciphers field of the wire protocol for signalling
 * purposes.
 */
static SSL_CIPHER ssl3_scsvs[] = {
    {
     0,
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
3206 
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
3207 3208 3209 3210 3211 3212 
     SSL3_CK_SCSV,
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    },
    {
     0,
     "TLS_FALLBACK_SCSV",
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
3213 
     "TLS_FALLBACK_SCSV",
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
3214 3215 3216 3217 3218 
     SSL3_CK_FALLBACK_SCSV,
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    },
};
R
Sort cipher-list at runtime.  
Rich Salz 已提交
3219 3220 3221 3222 3223 
static int cipher_compare(const void *a, const void *b)
{
    const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
    const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
R
Fix cipher_compare  
Richard Levitte 已提交
3224 3225 3226 
    if (ap->id == bp->id)
        return 0;
    return ap->id < bp->id ? -1 : 1;
R
Sort cipher-list at runtime.  
Rich Salz 已提交
3227 3228 3229 3230 
}

void ssl_sort_cipher_list(void)
{
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
3231 3232 
    qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
          cipher_compare);
R
Consistent formatting for sizeof(foo)  
Rich Salz 已提交
3233 
    qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
R
Sort cipher-list at runtime.  
Rich Salz 已提交
3234 
          cipher_compare);
R
Consistent formatting for sizeof(foo)  
Rich Salz 已提交
3235 
    qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
R
Sort cipher-list at runtime.  
Rich Salz 已提交
3236 3237 
}
B
Fix invalid function type casts.  
Bernd Edlinger 已提交
3238 3239 3240 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 
static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s,
                                    const char * t, size_t u,
                                    const unsigned char * v, size_t w, int x)
{
    (void)r;
    (void)s;
    (void)t;
    (void)u;
    (void)v;
    (void)w;
    (void)x;
    return ssl_undefined_function(ssl);
}
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3252 3253 3254 3255 3256 3257 3258 3259 3260 3261 
const SSL3_ENC_METHOD SSLv3_enc_data = {
    ssl3_enc,
    n_ssl3_mac,
    ssl3_setup_key_block,
    ssl3_generate_master_secret,
    ssl3_change_cipher_state,
    ssl3_final_finish_mac,
    SSL3_MD_CLIENT_FINISHED_CONST, 4,
    SSL3_MD_SERVER_FINISHED_CONST, 4,
    ssl3_alert_code,
B
Fix invalid function type casts.  
Bernd Edlinger 已提交
3262 
    ssl_undefined_function_1,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3263 
    0,
M
Rename ssl_set_handshake_header2()  
Matt Caswell 已提交
3264 
    ssl3_set_handshake_header,
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
3265 
    tls_close_construct_packet,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3266 3267 
    ssl3_handshake_write
};
R
Import of old SSLeay release: SSLeay 0.9.0b  
Ralf S. Engelschall 已提交
3268
D
Initialize SSL_METHOD structures at compile time. This removes the need  
Dr. Stephen Henson 已提交
3269 
long ssl3_default_timeout(void)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3270 3271 3272 3273 3274 3275 3276 
{
    /*
     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
     * http, the cache would over fill
     */
    return (60 * 60 * 2);
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3277
U
Change functions to ANSI C.  
Ulf Möller 已提交
3278 
int ssl3_num_ciphers(void)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3279 
{
K
Remove parentheses of return.  
KaoruToda 已提交
3280 
    return SSL3_NUM_CIPHERS;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3281 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3282
B
Type-checked (and modern C compliant) OBJ_bsearch.  
Ben Laurie 已提交
3283 
const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3284 3285 
{
    if (u < SSL3_NUM_CIPHERS)
K
Remove parentheses of return.  
KaoruToda 已提交
3286 
        return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3287 
    else
K
Remove parentheses of return.  
KaoruToda 已提交
3288 
        return NULL;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3289 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3290
M
Rename ssl_set_handshake_header2()  
Matt Caswell 已提交
3291 
int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
3292 
{
M
Harmonise setting the header and closing construction  
Matt Caswell 已提交
3293 3294 3295 3296 
    /* No header in the event of a CCS */
    if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
        return 1;
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
3297 
    /* Set the content type and 3 bytes for the message len */
M
Convert WPACKET_put_bytes to use convenience macros  
Matt Caswell 已提交
3298 
    if (!WPACKET_put_bytes_u8(pkt, htype)
M
Address WPACKET review comments  
Matt Caswell 已提交
3299 
            || !WPACKET_start_sub_packet_u24(pkt))
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
3300 3301 3302 3303 3304 
        return 0;

    return 1;
}
D
DTLS revision.  
Dr. Stephen Henson 已提交
3305 
int ssl3_handshake_write(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3306 3307 3308 
{
    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
}
D
DTLS revision.  
Dr. Stephen Henson 已提交
3309
U
Change functions to ANSI C.  
Ulf Möller 已提交
3310 
int ssl3_new(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3311 
{
B
Add SRP support.  
Ben Laurie 已提交
3312 
#ifndef OPENSSL_NO_SRP
V
Code style: space after 'if'  
Viktor Dukhovni 已提交
3313 
    if (!SSL_SRP_CTX_init(s))
M
Fix no-srp  
Matt Caswell 已提交
3314 
        return 0;
B
Add SRP support.  
Ben Laurie 已提交
3315 
#endif
M
Convert existing usage of assert() to ossl_assert() in libssl  
Matt Caswell 已提交
3316 3317 3318 3319 

    if (!s->method->ssl_clear(s))
        return 0;
M
Fix some style issues in returns  
Matt Caswell 已提交
3320 
    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3321 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3322
U
Change functions to ANSI C.  
Ulf Möller 已提交
3323 
void ssl3_free(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3324 
{
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3325 
    if (s == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3326 
        return;
B
Accept NULL in *_free.  
Ben Laurie 已提交
3327
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3328 
    ssl3_cleanup_key_block(s);
D
Remove peer temp keys from SESS_CERT  
Dr. Stephen Henson 已提交
3329
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3330 
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3331 3332 3333 3334 
    EVP_PKEY_free(s->s3.peer_tmp);
    s->s3.peer_tmp = NULL;
    EVP_PKEY_free(s->s3.tmp.pkey);
    s->s3.tmp.pkey = NULL;
B
ECC ciphersuite support  
Bodo Möller 已提交
3335 3336 
#endif
M
Explicitly fetch ciphers and digests in libssl  
Matt Caswell 已提交
3337 3338 3339 
    ssl_evp_cipher_free(s->s3.tmp.new_sym_enc);
    ssl_evp_md_free(s->s3.tmp.new_hash);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3340 3341 3342 3343 3344 3345 
    OPENSSL_free(s->s3.tmp.ctype);
    sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free);
    OPENSSL_free(s->s3.tmp.ciphers_raw);
    OPENSSL_clear_free(s->s3.tmp.pms, s->s3.tmp.pmslen);
    OPENSSL_free(s->s3.tmp.peer_sigalgs);
    OPENSSL_free(s->s3.tmp.peer_cert_sigalgs);
D
remove unnecessary NULL checks  
Dr. Stephen Henson 已提交
3346 
    ssl3_free_digest_list(s);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3347 3348 
    OPENSSL_free(s->s3.alpn_selected);
    OPENSSL_free(s->s3.alpn_proposed);
A
Support ALPN.  
Adam Langley 已提交
3349
B
Add SRP support.  
Ben Laurie 已提交
3350 
#ifndef OPENSSL_NO_SRP
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3351 
    SSL_SRP_CTX_free(s);
B
Add SRP support.  
Ben Laurie 已提交
3352 
#endif
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3353 
    memset(&s->s3, 0, sizeof(s->s3));
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3354 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3355
M
Convert existing usage of assert() to ossl_assert() in libssl  
Matt Caswell 已提交
3356 
int ssl3_clear(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3357 3358 
{
    ssl3_cleanup_key_block(s);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3359 3360 3361 3362 3363 3364 
    OPENSSL_free(s->s3.tmp.ctype);
    sk_X509_NAME_pop_free(s->s3.tmp.peer_ca_names, X509_NAME_free);
    OPENSSL_free(s->s3.tmp.ciphers_raw);
    OPENSSL_clear_free(s->s3.tmp.pms, s->s3.tmp.pmslen);
    OPENSSL_free(s->s3.tmp.peer_sigalgs);
    OPENSSL_free(s->s3.tmp.peer_cert_sigalgs);
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3365
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3366 
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3367 3368 
    EVP_PKEY_free(s->s3.tmp.pkey);
    EVP_PKEY_free(s->s3.peer_tmp);
E
Indent ssl/  
Emilia Kasper 已提交
3369 
#endif                          /* !OPENSSL_NO_EC */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3370
D
remove unnecessary NULL checks  
Dr. Stephen Henson 已提交
3371 
    ssl3_free_digest_list(s);
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3372
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3373 3374 
    OPENSSL_free(s->s3.alpn_selected);
    OPENSSL_free(s->s3.alpn_proposed);
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3375
T
GH787: Fix ALPN  
Todd Short 已提交
3376 
    /* NULL/zero-out everything in the s3 struct */
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3377 
    memset(&s->s3, 0, sizeof(s->s3));
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3378
M
Convert existing usage of assert() to ossl_assert() in libssl  
Matt Caswell 已提交
3379 3380 
    if (!ssl_free_wbio_buffer(s))
        return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3381 3382 

    s->version = SSL3_VERSION;
B
Add Next Protocol Negotiation.  
Ben Laurie 已提交
3383
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3384 
#if !defined(OPENSSL_NO_NEXTPROTONEG)
R
Move extension data into sub-structs  
Rich Salz 已提交
3385 3386 3387 
    OPENSSL_free(s->ext.npn);
    s->ext.npn = NULL;
    s->ext.npn_len = 0;
B
Add Next Protocol Negotiation.  
Ben Laurie 已提交
3388 
#endif
M
Convert existing usage of assert() to ossl_assert() in libssl  
Matt Caswell 已提交
3389 3390 

    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3391 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3392
B
Add SRP support.  
Ben Laurie 已提交
3393 
#ifndef OPENSSL_NO_SRP
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3394 3395 
static char *srp_password_from_info_cb(SSL *s, void *arg)
{
R
Rename some BUF_xxx to OPENSSL_xxx  
Rich Salz 已提交
3396 
    return OPENSSL_strdup(s->srp_ctx.info);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3397 
}
B
Add SRP support.  
Ben Laurie 已提交
3398 3399 
#endif
E
Indent ssl/  
Emilia Kasper 已提交
3400 
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
D
Add new ctrl to retrieve client certificate types, print out  
Dr. Stephen Henson 已提交
3401
B
New functions SSL[_CTX]_set_msg_callback().  
Bodo Möller 已提交
3402 
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3403 3404 
{
    int ret = 0;
R
Import of old SSLeay release: SSLeay 0.9.0b  
Ralf S. Engelschall 已提交
3405
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3406 3407 3408 3409 
    switch (cmd) {
    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
        break;
    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3410 
        ret = s->s3.num_renegotiations;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3411 3412 
        break;
    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3413 3414 
        ret = s->s3.num_renegotiations;
        s->s3.num_renegotiations = 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3415 3416 
        break;
    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3417 
        ret = s->s3.total_renegotiations;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3418 3419 
        break;
    case SSL_CTRL_GET_FLAGS:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3420 
        ret = (int)(s->s3.flags);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3421 
        break;
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
3422 
#ifndef OPENSSL_NO_DH
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3423 3424 3425 
    case SSL_CTRL_SET_TMP_DH:
        {
            DH *dh = (DH *)parg;
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3426 
            EVP_PKEY *pkdh = NULL;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3427 3428 
            if (dh == NULL) {
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
A
Add SSL_CTX_set_tmp_ecdh.pod  
Antoine Salon 已提交
3429 
                return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3430 
            }
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3431 3432 3433 3434 3435 
            pkdh = ssl_dh_to_pkey(dh);
            if (pkdh == NULL) {
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
                return 0;
            }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3436 
            if (!ssl_security(s, SSL_SECOP_TMP_DH,
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3437 
                              EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3438 
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3439 
                EVP_PKEY_free(pkdh);
A
Add SSL_CTX_set_tmp_ecdh.pod  
Antoine Salon 已提交
3440 
                return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3441 
            }
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3442 3443 
            EVP_PKEY_free(s->cert->dh_tmp);
            s->cert->dh_tmp = pkdh;
A
Add SSL_CTX_set_tmp_ecdh.pod  
Antoine Salon 已提交
3444 
            return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3445 3446 3447 3448 3449 
        }
        break;
    case SSL_CTRL_SET_TMP_DH_CB:
        {
            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
K
Remove parentheses of return.  
KaoruToda 已提交
3450 
            return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3451 3452 3453 3454 
        }
    case SSL_CTRL_SET_DH_AUTO:
        s->cert->dh_tmp_auto = larg;
        return 1;
R
Move the registration of callback functions to special functions  
Richard Levitte 已提交
3455 
#endif
R
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC  
Rich Salz 已提交
3456 
#ifndef OPENSSL_NO_EC
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3457 3458 
    case SSL_CTRL_SET_TMP_ECDH:
        {
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3459 3460 
            const EC_GROUP *group = NULL;
            int nid;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3461 3462 3463 

            if (parg == NULL) {
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3464 
                return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3465 
            }
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3466 3467 3468 3469 
            group = EC_KEY_get0_group((const EC_KEY *)parg);
            if (group == NULL) {
                SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
                return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3470 
            }
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3471 3472 3473 
            nid = EC_GROUP_get_curve_name(group);
            if (nid == NID_undef)
                return 0;
R
Move extension data into sub-structs  
Rich Salz 已提交
3474 3475 
            return tls1_set_groups(&s->ext.supportedgroups,
                                   &s->ext.supportedgroups_len,
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3476 
                                   &nid, 1);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3477 3478 
        }
        break;
R
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC  
Rich Salz 已提交
3479 
#endif                          /* !OPENSSL_NO_EC */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3480 
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
B
Add TODO comment for a nonsensical public API  
Benjamin Kaduk 已提交
3481 3482 3483 3484 3485 3486 3487 3488 3489 
        /*
         * TODO(OpenSSL1.2)
         * This API is only used for a client to set what SNI it will request
         * from the server, but we currently allow it to be used on servers
         * as well, which is a programming error.  Currently we just clear
         * the field in SSL_do_handshake() for server SSLs, but when we can
         * make ABI-breaking changes, we may want to make use of this API
         * an error on server SSLs.
         */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3490 
        if (larg == TLSEXT_NAMETYPE_host_name) {
V
Empty SNI names are not valid  
Viktor Dukhovni 已提交
3491 3492 
            size_t len;
R
Move extension data into sub-structs  
Rich Salz 已提交
3493 3494 
            OPENSSL_free(s->ext.hostname);
            s->ext.hostname = NULL;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3495 3496 3497 3498 

            ret = 1;
            if (parg == NULL)
                break;
V
Empty SNI names are not valid  
Viktor Dukhovni 已提交
3499 3500 
            len = strlen((char *)parg);
            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3501 3502 3503 
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
                return 0;
            }
R
Move extension data into sub-structs  
Rich Salz 已提交
3504 
            if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3505 3506 3507 3508 3509 3510 3511 3512 3513 
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
                return 0;
            }
        } else {
            SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
            return 0;
        }
        break;
    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
R
Move extension data into sub-structs  
Rich Salz 已提交
3514 
        s->ext.debug_arg = parg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3515 3516 3517 
        ret = 1;
        break;
A
Add SSL_get_tlsext_status_type() method  
Alessandro Ghedini 已提交
3518 
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
R
Move extension data into sub-structs  
Rich Salz 已提交
3519 
        ret = s->ext.status_type;
A
Add SSL_get_tlsext_status_type() method  
Alessandro Ghedini 已提交
3520 3521 
        break;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3522 
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
R
Move extension data into sub-structs  
Rich Salz 已提交
3523 
        s->ext.status_type = larg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3524 3525 3526 3527 
        ret = 1;
        break;

    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3528 
        *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3529 3530 3531 3532 
        ret = 1;
        break;

    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3533 
        s->ext.ocsp.exts = parg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3534 3535 3536 3537 
        ret = 1;
        break;

    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3538 
        *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3539 3540 3541 3542 
        ret = 1;
        break;

    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3543 
        s->ext.ocsp.ids = parg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3544 3545 3546 3547 
        ret = 1;
        break;

    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
R
Move extension data into sub-structs  
Rich Salz 已提交
3548 3549 3550 
        *(unsigned char **)parg = s->ext.ocsp.resp;
        if (s->ext.ocsp.resp_len == 0
                || s->ext.ocsp.resp_len > LONG_MAX)
M
Fix some missed size_t updates  
Matt Caswell 已提交
3551 
            return -1;
R
Move extension data into sub-structs  
Rich Salz 已提交
3552 
        return (long)s->ext.ocsp.resp_len;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3553 3554 

    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
R
Move extension data into sub-structs  
Rich Salz 已提交
3555 3556 3557 
        OPENSSL_free(s->ext.ocsp.resp);
        s->ext.ocsp.resp = parg;
        s->ext.ocsp.resp_len = larg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3558 3559 3560 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 
        ret = 1;
        break;

    case SSL_CTRL_CHAIN:
        if (larg)
            return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
        else
            return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);

    case SSL_CTRL_CHAIN_CERT:
        if (larg)
            return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
        else
            return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);

    case SSL_CTRL_GET_CHAIN_CERTS:
        *(STACK_OF(X509) **)parg = s->cert->key->chain;
M
Fix the return value for SSL_get0_chain_certs()  
Matt Caswell 已提交
3575 
        ret = 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3576 3577 3578 3579 3580 3581 3582 3583 3584 3585 
        break;

    case SSL_CTRL_SELECT_CURRENT_CERT:
        return ssl_cert_select_current(s->cert, (X509 *)parg);

    case SSL_CTRL_SET_CURRENT_CERT:
        if (larg == SSL_CERT_SET_SERVER) {
            const SSL_CIPHER *cipher;
            if (!s->server)
                return 0;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3586 
            cipher = s->s3.tmp.new_cipher;
D
Use cert_index and sigalg  
Dr. Stephen Henson 已提交
3587 
            if (cipher == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3588 3589 3590 3591 3592 3593 3594 
                return 0;
            /*
             * No certificate for unauthenticated ciphersuites or using SRP
             * authentication
             */
            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
                return 2;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3595 
            if (s->s3.tmp.cert == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3596 
                return 0;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3597 
            s->cert->key = s->s3.tmp.cert;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3598 3599 3600 
            return 1;
        }
        return ssl_cert_set_current(s->cert, larg);
D
New ctrl to set current certificate.  
Dr. Stephen Henson 已提交
3601
M
Fix no-ec with no-dh  
Matt Caswell 已提交
3602 
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3603 
    case SSL_CTRL_GET_GROUPS:
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3604 
        {
D
Store groups as uint16_t  
Dr. Stephen Henson 已提交
3605 
            uint16_t *clist;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3606 
            size_t clistlen;
R
Move extension data into sub-structs  
Rich Salz 已提交
3607
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3608 3609 
            if (!s->session)
                return 0;
M
Fix a race condition in supported groups handling  
Matt Caswell 已提交
3610 3611 
            clist = s->ext.peer_supportedgroups;
            clistlen = s->ext.peer_supportedgroups_len;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3612 3613 3614 
            if (parg) {
                size_t i;
                int *cptr = parg;
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
3615
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3616 
                for (i = 0; i < clistlen; i++) {
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
3617 3618 3619 3620 
                    const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]);

                    if (cinf != NULL)
                        cptr[i] = cinf->nid;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3621 
                    else
D
Store groups as uint16_t  
Dr. Stephen Henson 已提交
3622 
                        cptr[i] = TLSEXT_nid_unknown | clist[i];
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3623 3624 3625 3626 3627 
                }
            }
            return (int)clistlen;
        }
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3628 
    case SSL_CTRL_SET_GROUPS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3629 3630 
        return tls1_set_groups(&s->ext.supportedgroups,
                               &s->ext.supportedgroups_len, parg, larg);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3631
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3632 
    case SSL_CTRL_SET_GROUPS_LIST:
R
Move extension data into sub-structs  
Rich Salz 已提交
3633 3634 
        return tls1_set_groups_list(&s->ext.supportedgroups,
                                    &s->ext.supportedgroups_len, parg);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3635
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3636 
    case SSL_CTRL_GET_SHARED_GROUP:
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
3637 3638 
        {
            uint16_t id = tls1_shared_group(s, larg);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3639
R
API to get negotiated key exchange algorithm in TLS1.3  
raja-ashok 已提交
3640 3641 
            if (larg != -1)
                return tls1_group_id2nid(id);
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
3642 3643 
            return id;
        }
R
API to get negotiated key exchange algorithm in TLS1.3  
raja-ashok 已提交
3644 3645 3646 
    case SSL_CTRL_GET_NEGOTIATED_GROUP:
        ret = tls1_group_id2nid(s->s3.group_id);
        break;
M
Fix no-ec with no-dh  
Matt Caswell 已提交
3647 
#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
M
Allow TLSv1.3 in a no-ec build  
Matt Caswell 已提交
3648
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 
    case SSL_CTRL_SET_SIGALGS:
        return tls1_set_sigalgs(s->cert, parg, larg, 0);

    case SSL_CTRL_SET_SIGALGS_LIST:
        return tls1_set_sigalgs_list(s->cert, parg, 0);

    case SSL_CTRL_SET_CLIENT_SIGALGS:
        return tls1_set_sigalgs(s->cert, parg, larg, 1);

    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
        return tls1_set_sigalgs_list(s->cert, parg, 1);

    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
        {
            const unsigned char **pctype = parg;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3664 
            if (s->server || !s->s3.tmp.cert_req)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3665 3666 
                return 0;
            if (pctype)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3667 3668 
                *pctype = s->s3.tmp.ctype;
            return s->s3.tmp.ctype_len;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3669 3670 3671 3672 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 
        }

    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
        if (!s->server)
            return 0;
        return ssl3_set_req_cert_type(s->cert, parg, larg);

    case SSL_CTRL_BUILD_CERT_CHAIN:
        return ssl_build_cert_chain(s, NULL, larg);

    case SSL_CTRL_SET_VERIFY_CERT_STORE:
        return ssl_cert_set_cert_store(s->cert, parg, 0, larg);

    case SSL_CTRL_SET_CHAIN_CERT_STORE:
        return ssl_cert_set_cert_store(s->cert, parg, 1, larg);

    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3686 
        if (s->s3.tmp.peer_sigalg == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3687 
            return 0;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3688 
        *(int *)parg = s->s3.tmp.peer_sigalg->hash;
D
Store table entry to peer signature algorithm.  
Dr. Stephen Henson 已提交
3689 
        return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3690
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3691 
    case SSL_CTRL_GET_SIGNATURE_NID:
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3692 
        if (s->s3.tmp.sigalg == NULL)
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3693 
            return 0;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3694 
        *(int *)parg = s->s3.tmp.sigalg->hash;
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3695 3696 3697 
        return 1;

    case SSL_CTRL_GET_PEER_TMP_KEY:
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3698 
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3699 
        if (s->session == NULL || s->s3.peer_tmp == NULL) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3700 
            return 0;
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3701 
        } else {
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3702 3703 
            EVP_PKEY_up_ref(s->s3.peer_tmp);
            *(EVP_PKEY **)parg = s->s3.peer_tmp;
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3704 
            return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3705 
        }
D
EVP_PKEY DH client support.  
Dr. Stephen Henson 已提交
3706 3707 3708 
#else
        return 0;
#endif
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3709 3710 3711 

    case SSL_CTRL_GET_TMP_KEY:
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3712 
        if (s->session == NULL || s->s3.tmp.pkey == NULL) {
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3713 3714 
            return 0;
        } else {
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
3715 3716 
            EVP_PKEY_up_ref(s->s3.tmp.pkey);
            *(EVP_PKEY **)parg = s->s3.tmp.pkey;
V
Added missing signature algorithm reflection functions  
Viktor Dukhovni 已提交
3717 3718 3719 3720 3721 3722 
            return 1;
        }
#else
        return 0;
#endif
D
Make no-ec compilation work.  
Dr. Stephen Henson 已提交
3723 
#ifndef OPENSSL_NO_EC
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3724 3725 3726 
    case SSL_CTRL_GET_EC_POINT_FORMATS:
        {
            const unsigned char **pformat = parg;
R
Move extension data into sub-structs  
Rich Salz 已提交
3727
M
Following the previous 2 commits also move ecpointformats out of session  
Matt Caswell 已提交
3728 
            if (s->ext.peer_ecpointformats == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3729 
                return 0;
M
Following the previous 2 commits also move ecpointformats out of session  
Matt Caswell 已提交
3730 3731 
            *pformat = s->ext.peer_ecpointformats;
            return (int)s->ext.peer_ecpointformats_len;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3732 
        }
D
Make no-ec compilation work.  
Dr. Stephen Henson 已提交
3733 
#endif
B
Support TLS_FALLBACK_SCSV.  
Bodo Moeller 已提交
3734
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3735 3736 3737 
    default:
        break;
    }
K
Remove parentheses of return.  
KaoruToda 已提交
3738 
    return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3739 3740 3741 3742 3743 
}

long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
{
    int ret = 0;
R
Move the registration of callback functions to special functions  
Richard Levitte 已提交
3744
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3745 
    switch (cmd) {
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
3746 
#ifndef OPENSSL_NO_DH
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3747 3748 3749 3750 3751 
    case SSL_CTRL_SET_TMP_DH_CB:
        {
            s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
        }
        break;
D
RFC4507 (including RFC4507bis) TLS stateless session resumption support  
Dr. Stephen Henson 已提交
3752 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3753 
    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
R
Move extension data into sub-structs  
Rich Salz 已提交
3754 
        s->ext.debug_cb = (void (*)(SSL *, int, int,
R
Review comments  
Rich Salz 已提交
3755 
                                    const unsigned char *, int, void *))fp;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3756 
        break;
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3757
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3758 3759 3760 3761 3762 3763 3764 3765 
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
        {
            s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
        }
        break;
    default:
        break;
    }
K
Remove parentheses of return.  
KaoruToda 已提交
3766 
    return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3767 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3768
B
New functions SSL[_CTX]_set_msg_callback().  
Bodo Möller 已提交
3769 
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3770 3771 
{
    switch (cmd) {
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
3772 
#ifndef OPENSSL_NO_DH
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3773 3774 
    case SSL_CTRL_SET_TMP_DH:
        {
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3775 3776 3777 3778 
            DH *dh = (DH *)parg;
            EVP_PKEY *pkdh = NULL;
            if (dh == NULL) {
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3779 3780 
                return 0;
            }
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3781 3782 3783 
            pkdh = ssl_dh_to_pkey(dh);
            if (pkdh == NULL) {
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3784 3785 
                return 0;
            }
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3786 3787 3788 3789 
            if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
                                  EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
                EVP_PKEY_free(pkdh);
A
Add SSL_CTX_set_tmp_ecdh.pod  
Antoine Salon 已提交
3790 
                return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3791 
            }
D
Server side EVP_PKEY DH support  
Dr. Stephen Henson 已提交
3792 3793 
            EVP_PKEY_free(ctx->cert->dh_tmp);
            ctx->cert->dh_tmp = pkdh;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3794 3795 3796 3797 3798 
            return 1;
        }
    case SSL_CTRL_SET_TMP_DH_CB:
        {
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
K
Remove parentheses of return.  
KaoruToda 已提交
3799 
            return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3800 3801 3802 3803 
        }
    case SSL_CTRL_SET_DH_AUTO:
        ctx->cert->dh_tmp_auto = larg;
        return 1;
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
3804 
#endif
R
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC  
Rich Salz 已提交
3805 
#ifndef OPENSSL_NO_EC
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3806 3807 
    case SSL_CTRL_SET_TMP_ECDH:
        {
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3808 3809 
            const EC_GROUP *group = NULL;
            int nid;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3810 3811 

            if (parg == NULL) {
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3812 
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3813 3814 
                return 0;
            }
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3815 3816 3817 
            group = EC_KEY_get0_group((const EC_KEY *)parg);
            if (group == NULL) {
                SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3818 3819 
                return 0;
            }
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3820 3821 3822 
            nid = EC_GROUP_get_curve_name(group);
            if (nid == NID_undef)
                return 0;
R
Move extension data into sub-structs  
Rich Salz 已提交
3823 3824 
            return tls1_set_groups(&ctx->ext.supportedgroups,
                                   &ctx->ext.supportedgroups_len,
K
Make SSL_{CTX}_set_tmp_ecdh() call SSL_{CTX_}set1_curves()  
Kurt Roeckx 已提交
3825 
                                   &nid, 1);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3826 
        }
R
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC  
Rich Salz 已提交
3827 
#endif                          /* !OPENSSL_NO_EC */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3828 
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
R
Move extension data into sub-structs  
Rich Salz 已提交
3829 
        ctx->ext.servername_arg = parg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3830 3831 3832 3833 3834 
        break;
    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
        {
            unsigned char *keys = parg;
R
Move extension data into sub-structs  
Rich Salz 已提交
3835 
            long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
T
Place ticket keys into secure memory  
Todd Short 已提交
3836 3837 
                                sizeof(ctx->ext.secure->tick_hmac_key) +
                                sizeof(ctx->ext.secure->tick_aes_key));
K
session tickets: use more sizeof  
Kurt Roeckx 已提交
3838 
            if (keys == NULL)
R
Move extension data into sub-structs  
Rich Salz 已提交
3839 3840 
                return tick_keylen;
            if (larg != tick_keylen) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3841 3842 3843 3844 
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
                return 0;
            }
            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
R
Move extension data into sub-structs  
Rich Salz 已提交
3845 3846 
                memcpy(ctx->ext.tick_key_name, keys,
                       sizeof(ctx->ext.tick_key_name));
T
Place ticket keys into secure memory  
Todd Short 已提交
3847 
                memcpy(ctx->ext.secure->tick_hmac_key,
R
Move extension data into sub-structs  
Rich Salz 已提交
3848 
                       keys + sizeof(ctx->ext.tick_key_name),
T
Place ticket keys into secure memory  
Todd Short 已提交
3849 3850 
                       sizeof(ctx->ext.secure->tick_hmac_key));
                memcpy(ctx->ext.secure->tick_aes_key,
R
Move extension data into sub-structs  
Rich Salz 已提交
3851 
                       keys + sizeof(ctx->ext.tick_key_name) +
T
Place ticket keys into secure memory  
Todd Short 已提交
3852 3853 
                       sizeof(ctx->ext.secure->tick_hmac_key),
                       sizeof(ctx->ext.secure->tick_aes_key));
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3854 
            } else {
R
Move extension data into sub-structs  
Rich Salz 已提交
3855 3856 3857 
                memcpy(keys, ctx->ext.tick_key_name,
                       sizeof(ctx->ext.tick_key_name));
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
T
Place ticket keys into secure memory  
Todd Short 已提交
3858 3859 
                       ctx->ext.secure->tick_hmac_key,
                       sizeof(ctx->ext.secure->tick_hmac_key));
R
Move extension data into sub-structs  
Rich Salz 已提交
3860 
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
T
Place ticket keys into secure memory  
Todd Short 已提交
3861 3862 3863 
                       sizeof(ctx->ext.secure->tick_hmac_key),
                       ctx->ext.secure->tick_aes_key,
                       sizeof(ctx->ext.secure->tick_aes_key));
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3864 3865 3866 3867 
            }
            return 1;
        }
M
Add SSL_CTX_get_tlsext_status_type()  
Matt Caswell 已提交
3868 
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
R
Move extension data into sub-structs  
Rich Salz 已提交
3869 
        return ctx->ext.status_type;
M
Add SSL_CTX_get_tlsext_status_type()  
Matt Caswell 已提交
3870
J
Propagate tlsext_status_type from SSL_CTX to SSL  
jfigus 已提交
3871 
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
R
Move extension data into sub-structs  
Rich Salz 已提交
3872 
        ctx->ext.status_type = larg;
J
Propagate tlsext_status_type from SSL_CTX to SSL  
jfigus 已提交
3873 3874 
        break;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3875 
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
R
Move extension data into sub-structs  
Rich Salz 已提交
3876 
        ctx->ext.status_arg = parg;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3877 3878 
        return 1;
R
Add missing session id and tlsext_status accessors  
Remi Gacogne 已提交
3879 
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
R
Move extension data into sub-structs  
Rich Salz 已提交
3880 
        *(void**)parg = ctx->ext.status_arg;
R
Add missing session id and tlsext_status accessors  
Remi Gacogne 已提交
3881 3882 3883 
        break;

    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
R
Move extension data into sub-structs  
Rich Salz 已提交
3884 
        *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
R
Add missing session id and tlsext_status accessors  
Remi Gacogne 已提交
3885 3886 
        break;
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3887 
#ifndef OPENSSL_NO_SRP
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3888 3889 
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
R
free null cleanup finale  
Rich Salz 已提交
3890 
        OPENSSL_free(ctx->srp_ctx.login);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3891 3892 3893 
        ctx->srp_ctx.login = NULL;
        if (parg == NULL)
            break;
E
Indent ssl/  
Emilia Kasper 已提交
3894 
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3895 3896 3897 
            SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
            return 0;
        }
R
Rename some BUF_xxx to OPENSSL_xxx  
Rich Salz 已提交
3898 
        if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3899 3900 3901 3902 3903 3904 3905 
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
            return 0;
        }
        break;
    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
            srp_password_from_info_cb;
D
Make SRP_CTX.info ownership and lifetime be the same as SRP_CTX.login.  
Diego Santa Cruz 已提交
3906 3907 
        if (ctx->srp_ctx.info != NULL)
            OPENSSL_free(ctx->srp_ctx.info);
R
Replace BUF_ string function calls with OPENSSL_ ones  
Rich Salz 已提交
3908 
        if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) {
D
Make SRP_CTX.info ownership and lifetime be the same as SRP_CTX.login.  
Diego Santa Cruz 已提交
3909 3910 3911 
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
            return 0;
        }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3912 3913 3914 3915 3916 3917 3918 3919 3920 
        break;
    case SSL_CTRL_SET_SRP_ARG:
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
        ctx->srp_ctx.SRP_cb_arg = parg;
        break;

    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
        ctx->srp_ctx.strength = larg;
        break;
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
3921 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3922
M
Fix no-ec with no-dh  
Matt Caswell 已提交
3923 
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3924 
    case SSL_CTRL_SET_GROUPS:
R
Move extension data into sub-structs  
Rich Salz 已提交
3925 3926 
        return tls1_set_groups(&ctx->ext.supportedgroups,
                               &ctx->ext.supportedgroups_len,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3927 3928 
                               parg, larg);
M
Rename the Elliptic Curves extension to supported_groups  
Matt Caswell 已提交
3929 
    case SSL_CTRL_SET_GROUPS_LIST:
R
Move extension data into sub-structs  
Rich Salz 已提交
3930 3931 
        return tls1_set_groups_list(&ctx->ext.supportedgroups,
                                    &ctx->ext.supportedgroups_len,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3932 
                                    parg);
M
Fix no-ec with no-dh  
Matt Caswell 已提交
3933 
#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
M
Allow TLSv1.3 in a no-ec build  
Matt Caswell 已提交
3934
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 
    case SSL_CTRL_SET_SIGALGS:
        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);

    case SSL_CTRL_SET_SIGALGS_LIST:
        return tls1_set_sigalgs_list(ctx->cert, parg, 0);

    case SSL_CTRL_SET_CLIENT_SIGALGS:
        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);

    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
        return tls1_set_sigalgs_list(ctx->cert, parg, 1);

    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
        return ssl3_set_req_cert_type(ctx->cert, parg, larg);

    case SSL_CTRL_BUILD_CERT_CHAIN:
        return ssl_build_cert_chain(NULL, ctx, larg);

    case SSL_CTRL_SET_VERIFY_CERT_STORE:
        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);

    case SSL_CTRL_SET_CHAIN_CERT_STORE:
        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);

        /* A Thawte special :-) */
    case SSL_CTRL_EXTRA_CHAIN_CERT:
        if (ctx->extra_certs == NULL) {
F
Add checks on sk_TYPE_push() returned result  
FdaSilvaYY 已提交
3962 3963 3964 3965 3966 
            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
                return 0;
            }
        }
M
Explicitly cache X509v3 extensions in libssl  
Matt Caswell 已提交
3967 3968 3969 3970 
        if (!X509v3_cache_extensions((X509 *)parg, ctx->libctx, ctx->propq)) {
            SSLerr(0, ERR_LIB_X509);
            return 0;
        }
F
Add checks on sk_TYPE_push() returned result  
FdaSilvaYY 已提交
3971 3972 3973 
        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
            return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 
        }
        break;

    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
        if (ctx->extra_certs == NULL && larg == 0)
            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
        else
            *(STACK_OF(X509) **)parg = ctx->extra_certs;
        break;

    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
R
free NULL cleanup 5a  
Rich Salz 已提交
3985 3986 
        sk_X509_pop_free(ctx->extra_certs, X509_free);
        ctx->extra_certs = NULL;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 
        break;

    case SSL_CTRL_CHAIN:
        if (larg)
            return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
        else
            return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);

    case SSL_CTRL_CHAIN_CERT:
        if (larg)
            return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
        else
            return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);

    case SSL_CTRL_GET_CHAIN_CERTS:
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
        break;

    case SSL_CTRL_SELECT_CURRENT_CERT:
        return ssl_cert_select_current(ctx->cert, (X509 *)parg);

    case SSL_CTRL_SET_CURRENT_CERT:
        return ssl_cert_set_current(ctx->cert, larg);

    default:
K
Remove parentheses of return.  
KaoruToda 已提交
4012 
        return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4013 
    }
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4014 
    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4015 4016 4017 4018 4019 
}

long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
{
    switch (cmd) {
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
4020 
#ifndef OPENSSL_NO_DH
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4021 4022 
    case SSL_CTRL_SET_TMP_DH_CB:
        {
M
Fix compile failure  
Matt Caswell 已提交
4023 
            ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4024 4025 
        }
        break;
B
Support TLS extensions (specifically, HostName)  
Bodo Möller 已提交
4026 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4027 
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
R
Move extension data into sub-structs  
Rich Salz 已提交
4028 
        ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4029 4030 4031 
        break;

    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
R
Move extension data into sub-structs  
Rich Salz 已提交
4032 
        ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4033 4034 
        break;
P
TLS: use EVP for HMAC throughout libssl.  
Pauli 已提交
4035 
# ifndef OPENSSL_NO_DEPRECATED_3_0
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4036 
    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
R
Move extension data into sub-structs  
Rich Salz 已提交
4037 
        ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4038 4039 4040 4041 
                                             unsigned char *,
                                             EVP_CIPHER_CTX *,
                                             HMAC_CTX *, int))fp;
        break;
P
TLS: use EVP for HMAC throughout libssl.  
Pauli 已提交
4042 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4043
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
4044 
#ifndef OPENSSL_NO_SRP
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4045 4046 4047 4048 4049 4050 4051 4052 4053 4054 4055 4056 4057 4058 
    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
        break;
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
        ctx->srp_ctx.TLS_ext_srp_username_callback =
            (int (*)(SSL *, int *, void *))fp;
        break;
    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
            (char *(*)(SSL *, void *))fp;
        break;
B
Implement the Opaque PRF Input TLS extension  
Bodo Möller 已提交
4059 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4060 4061 4062 4063 4064 4065 
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
        {
            ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
        }
        break;
    default:
K
Remove parentheses of return.  
KaoruToda 已提交
4066 
        return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4067 
    }
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4068 
    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4069 
}
B
Implement the Opaque PRF Input TLS extension  
Bodo Möller 已提交
4070
P
TLS: use EVP for HMAC throughout libssl.  
Pauli 已提交
4071 4072 4073 4074 4075 4076 4077 4078 
int SSL_CTX_set_tlsext_ticket_key_evp_cb
    (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
                             EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
{
    ctx->ext.ticket_key_evp_cb = fp;
    return 1;
}
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4079 4080 4081 
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
{
    SSL_CIPHER c;
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
4082 
    const SSL_CIPHER *cp;
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4083 4084 

    c.id = id;
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
4085 4086 4087 
    cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
    if (cp != NULL)
        return cp;
B
Add more first-class support for SCSVS  
Benjamin Kaduk 已提交
4088 4089 4090 4091 
    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
    if (cp != NULL)
        return cp;
    return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4092 4093 
}
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
4094 4095 
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
{
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
4096 4097 4098 
    SSL_CIPHER *c = NULL, *tbl;
    SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers};
    size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS};
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
4099
X
Fix typos in files in ssl directory  
Xiaoyin Liu 已提交
4100 
    /* this is not efficient, necessary to optimize this? */
M
Split configuration of TLSv1.3 ciphers from older ciphers  
Matt Caswell 已提交
4101 4102 4103 4104 4105 4106 4107 4108 
    for (j = 0; j < OSSL_NELEM(alltabs); j++) {
        for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
            if (tbl->stdname == NULL)
                continue;
            if (strcmp(stdname, tbl->stdname) == 0) {
                c = tbl;
                break;
            }
P
Support converting cipher name to RFC name and vice versa  
Paul Yang 已提交
4109 4110 4111 4112 4113 4114 4115 4116 4117 4118 4119 4120 4121 4122 
        }
    }
    if (c == NULL) {
        tbl = ssl3_scsvs;
        for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) {
            if (strcmp(stdname, tbl->stdname) == 0) {
                c = tbl;
                break;
            }
        }
    }
    return c;
}
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4123 4124 4125 4126 
/*
 * This function needs to check if the ciphers required are actually
 * available
 */
B
Type-checked (and modern C compliant) OBJ_bsearch.  
Ben Laurie 已提交
4127 
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4128 
{
M
Miscellaneous style tweaks based on feedback received  
Matt Caswell 已提交
4129 
    return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4130 4131 
                                 | ((uint32_t)p[0] << 8L)
                                 | (uint32_t)p[1]);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4132 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4133
M
Rename PACKETW to WPACKET  
Matt Caswell 已提交
4134 
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
4135 
{
M
Move the SSL3_CK_CIPHERSUITE_FLAG out of public header  
Matt Caswell 已提交
4136 
    if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
4137 4138 4139 4140 
        *len = 0;
        return 1;
    }
M
Convert WPACKET_put_bytes to use convenience macros  
Matt Caswell 已提交
4141 
    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
M
Convert tls_construct_client_hello() to use PACKETW  
Matt Caswell 已提交
4142 4143 4144 4145 4146 4147 
        return 0;

    *len = 2;
    return 1;
}
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
4148 4149 4150 4151 4152 4153 4154 4155 
/*
 * ssl3_choose_cipher - choose a cipher from those offered by the client
 * @s: SSL connection
 * @clnt: ciphers offered by the client
 * @srvr: ciphers enabled on the server?
 *
 * Returns the selected cipher or NULL when no common ciphers.
 */
D
Fix declarations and constification for inline stack.  
Dr. Stephen Henson 已提交
4156 
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
E
Indent ssl/  
Emilia Kasper 已提交
4157 
                                     STACK_OF(SSL_CIPHER) *srvr)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4158 
{
D
Fix declarations and constification for inline stack.  
Dr. Stephen Henson 已提交
4159 
    const SSL_CIPHER *c, *ret = NULL;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4160 
    STACK_OF(SSL_CIPHER) *prio, *allow;
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4161 
    int i, ii, ok, prefer_sha256 = 0;
M
Move ciphersuite selection before session resumption in TLSv1.3  
Matt Caswell 已提交
4162 
    unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
T
Use ChaCha only if prioritized by clnt  
Todd Short 已提交
4163 4164 4165 
#ifndef OPENSSL_NO_CHACHA
    STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
#endif
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4166
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4167 
    /* Let's see which ciphers we can support */
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4168
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4169 4170 4171 4172 4173 4174 
    /*
     * Do not set the compare functions, because this may lead to a
     * reordering by "id". We want to keep the original ordering. We may pay
     * a price in performance during sk_SSL_CIPHER_find(), but would have to
     * pay with the price of sk_SSL_CIPHER_dup().
     */
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4175
R
Adapt CIPHER_DEBUG to the new generic trace API  
Richard Levitte 已提交
4176 4177 4178 4179 4180 4181 4182 4183 4184 4185 4186 4187 4188 4189 
    OSSL_TRACE_BEGIN(TLS_CIPHER) {
        BIO_printf(trc_out, "Server has %d from %p:\n",
                   sk_SSL_CIPHER_num(srvr), (void *)srvr);
        for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
            c = sk_SSL_CIPHER_value(srvr, i);
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
        }
        BIO_printf(trc_out, "Client sent %d from %p:\n",
                   sk_SSL_CIPHER_num(clnt), (void *)clnt);
        for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
            c = sk_SSL_CIPHER_value(clnt, i);
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
        }
    } OSSL_TRACE_END(TLS_CIPHER);
B
Fix export ciphersuites, again.  
Ben Laurie 已提交
4190
T
Use ChaCha only if prioritized by clnt  
Todd Short 已提交
4191 4192 4193 4194 4195 
    /* SUITE-B takes precedence over server preference and ChaCha priortiy */
    if (tls1_suiteb(s)) {
        prio = srvr;
        allow = clnt;
    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4196 4197 
        prio = srvr;
        allow = clnt;
T
Use ChaCha only if prioritized by clnt  
Todd Short 已提交
4198 4199 4200 4201 4202 4203 4204 4205 4206 4207 4208 4209 4210 4211 4212 4213 4214 4215 
#ifndef OPENSSL_NO_CHACHA
        /* If ChaCha20 is at the top of the client preference list,
           and there are ChaCha20 ciphers in the server list, then
           temporarily prioritize all ChaCha20 ciphers in the servers list. */
        if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
            c = sk_SSL_CIPHER_value(clnt, 0);
            if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
                /* ChaCha20 is client preferred, check server... */
                int num = sk_SSL_CIPHER_num(srvr);
                int found = 0;
                for (i = 0; i < num; i++) {
                    c = sk_SSL_CIPHER_value(srvr, i);
                    if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
                        found = 1;
                        break;
                    }
                }
                if (found) {
T
Add sk_new_reserve support  
Todd Short 已提交
4216 
                    prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
T
Use ChaCha only if prioritized by clnt  
Todd Short 已提交
4217 4218 4219 4220 4221 4222 4223 4224 4225 4226 4227 4228 4229 4230 4231 4232 4233 4234 4235 4236 4237 
                    /* if reserve fails, then there's likely a memory issue */
                    if (prio_chacha != NULL) {
                        /* Put all ChaCha20 at the top, starting with the one we just found */
                        sk_SSL_CIPHER_push(prio_chacha, c);
                        for (i++; i < num; i++) {
                            c = sk_SSL_CIPHER_value(srvr, i);
                            if (c->algorithm_enc == SSL_CHACHA20POLY1305)
                                sk_SSL_CIPHER_push(prio_chacha, c);
                        }
                        /* Pull in the rest */
                        for (i = 0; i < num; i++) {
                            c = sk_SSL_CIPHER_value(srvr, i);
                            if (c->algorithm_enc != SSL_CHACHA20POLY1305)
                                sk_SSL_CIPHER_push(prio_chacha, c);
                        }
                        prio = prio_chacha;
                    }
                }
            }
        }
# endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4238 4239 4240 4241 4242 
    } else {
        prio = clnt;
        allow = srvr;
    }
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4243 
    if (SSL_IS_TLS13(s)) {
M
Fix no-psk  
Matt Caswell 已提交
4244 
#ifndef OPENSSL_NO_PSK
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4245 4246 4247 4248 4249 4250 4251 4252 4253 4254 4255 4256 4257 4258 4259 4260 
        int j;

        /*
         * If we allow "old" style PSK callbacks, and we have no certificate (so
         * we're not going to succeed without a PSK anyway), and we're in
         * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
         * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
         * that.
         */
        if (s->psk_server_callback != NULL) {
            for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++);
            if (j == SSL_PKEY_NUM) {
                /* There are no certificates */
                prefer_sha256 = 1;
            }
        }
M
Fix no-psk  
Matt Caswell 已提交
4261 
#endif
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4262 
    } else {
M
Move ciphersuite selection before session resumption in TLSv1.3  
Matt Caswell 已提交
4263 4264 4265 
        tls1_set_cert_validity(s);
        ssl_set_masks(s);
    }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4266 4267 4268 4269 

    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
        c = sk_SSL_CIPHER_value(prio, i);
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
4270 4271 
        /* Skip ciphers not supported by the protocol version */
        if (!SSL_IS_DTLS(s) &&
E
Indent ssl/  
Emilia Kasper 已提交
4272 
            ((s->version < c->min_tls) || (s->version > c->max_tls)))
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4273 
            continue;
K
Add support for minimum and maximum protocol version supported by a cipher  
Kurt Roeckx 已提交
4274 
        if (SSL_IS_DTLS(s) &&
E
Indent ssl/  
Emilia Kasper 已提交
4275 4276 
            (DTLS_VERSION_LT(s->version, c->min_dtls) ||
             DTLS_VERSION_GT(s->version, c->max_dtls)))
D
Don't alow TLS v1.0 ciphersuites for SSLv3  
Dr. Stephen Henson 已提交
4277 
            continue;
M
Allow the server to change the ciphersuite on resume  
Matt Caswell 已提交
4278
M
Move ciphersuite selection before session resumption in TLSv1.3  
Matt Caswell 已提交
4279 4280 4281 4282 4283 
        /*
         * Since TLS 1.3 ciphersuites can be used with any auth or
         * key exchange scheme skip tests.
         */
        if (!SSL_IS_TLS13(s)) {
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4284 4285 
            mask_k = s->s3.tmp.mask_k;
            mask_a = s->s3.tmp.mask_a;
B
Add SRP support.  
Ben Laurie 已提交
4286 
#ifndef OPENSSL_NO_SRP
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4287 4288 4289 4290 
            if (s->srp_ctx.srp_Mask & SSL_kSRP) {
                mask_k |= SSL_kSRP;
                mask_a |= SSL_aSRP;
            }
B
Add SRP support.  
Ben Laurie 已提交
4291 
#endif
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4292
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4293 4294 
            alg_k = c->algorithm_mkey;
            alg_a = c->algorithm_auth;
B
Reorganize the data used for SSL ciphersuite pattern matching.  
Bodo Möller 已提交
4295
N
add initial support for RFC 4279 PSK SSL ciphersuites  
Nils Larsch 已提交
4296 
#ifndef OPENSSL_NO_PSK
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4297 4298 4299 
            /* with PSK there must be server callback set */
            if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
                continue;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4300 4301 
#endif                          /* OPENSSL_NO_PSK */
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4302 
            ok = (alg_k & mask_k) && (alg_a & mask_a);
R
Adapt CIPHER_DEBUG to the new generic trace API  
Richard Levitte 已提交
4303 4304 4305 
            OSSL_TRACE7(TLS_CIPHER,
                        "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
                        ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4306
E
Indent ssl/  
Emilia Kasper 已提交
4307 
#ifndef OPENSSL_NO_EC
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4308 4309 4310 4311 4312 4313 
            /*
             * if we are considering an ECC cipher suite that uses an ephemeral
             * EC key check it
             */
            if (alg_k & SSL_kECDHE)
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
E
Indent ssl/  
Emilia Kasper 已提交
4314 
#endif                          /* OPENSSL_NO_EC */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4315
D
Don't filter TLS 1.3 ciphersuites by signing or key exchange algorithm  
Dr. Stephen Henson 已提交
4316 4317 4318 
            if (!ok)
                continue;
        }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4319 4320 4321 4322 
        ii = sk_SSL_CIPHER_find(allow, c);
        if (ii >= 0) {
            /* Check security callback permits this cipher */
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
D
Fix declarations and constification for inline stack.  
Dr. Stephen Henson 已提交
4323 
                              c->strength_bits, 0, (void *)c))
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4324 
                continue;
M
Remove support for OPENSSL_NO_TLSEXT  
Matt Caswell 已提交
4325 
#if !defined(OPENSSL_NO_EC)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4326 
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4327 
                && s->s3.is_probably_safari) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4328 4329 4330 4331 
                if (!ret)
                    ret = sk_SSL_CIPHER_value(allow, ii);
                continue;
            }
R
Fix compilation with no-ec and/or no-tlsext.  
Rob Stradling 已提交
4332 
#endif
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4333 4334 4335 
            if (prefer_sha256) {
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
M
Explicitly fetch ciphers and digests in libssl  
Matt Caswell 已提交
4336 4337 4338 4339 4340 4341 
                /*
                 * TODO: When there are no more legacy digests we can just use
                 * OSSL_DIGEST_NAME_SHA2_256 instead of calling OBJ_nid2sn
                 */
                if (EVP_MD_is_a(ssl_md(s->ctx, tmp->algorithm2),
                                       OBJ_nid2sn(NID_sha256))) {
M
Prefer SHA-256 ciphersuites if using old style PSKs  
Matt Caswell 已提交
4342 4343 4344 4345 4346 4347 4348 
                    ret = tmp;
                    break;
                }
                if (ret == NULL)
                    ret = tmp;
                continue;
            }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4349 4350 4351 4352 
            ret = sk_SSL_CIPHER_value(allow, ii);
            break;
        }
    }
T
Use ChaCha only if prioritized by clnt  
Todd Short 已提交
4353 4354 4355 
#ifndef OPENSSL_NO_CHACHA
    sk_SSL_CIPHER_free(prio_chacha);
#endif
K
Remove parentheses of return.  
KaoruToda 已提交
4356 
    return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4357 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4358
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4359 
int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4360 
{
D
Use uint32_t and int32_t for SSL_CIPHER structure.  
Dr. Stephen Henson 已提交
4361 
    uint32_t alg_k, alg_a = 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4362 4363 

    /* If we have custom certificate types set, use them */
D
Tidy up certificate type handling.  
Dr. Stephen Henson 已提交
4364 4365 
    if (s->cert->ctype)
        return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4366 4367 4368 
    /* Get mask of algorithms disabled by signature list */
    ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4369 
    alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4370
D
Update from 1.0.0-stable.  
Dr. Stephen Henson 已提交
4371 
#ifndef OPENSSL_NO_GOST
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4372 4373 
    if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
            return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
N
GOST2012 TLS ClientCertificateType Identifiers support  
Nikolay Morozov 已提交
4374 4375 4376 4377 
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN)
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_SIGN)
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_512_SIGN);
D
Update from 1.0.0-stable.  
Dr. Stephen Henson 已提交
4378 4379 
#endif
D
Remove fixed DH ciphersuites.  
Dr. Stephen Henson 已提交
4380 
    if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
4381 
#ifndef OPENSSL_NO_DH
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4382 
# ifndef OPENSSL_NO_RSA
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4383 4384 
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
            return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4385 4386 
# endif
# ifndef OPENSSL_NO_DSA
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4387 4388 
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
            return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4389 4390 
# endif
#endif                          /* !OPENSSL_NO_DH */
B
Fix no-dh.  
Ben Laurie 已提交
4391 
    }
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
4392 
#ifndef OPENSSL_NO_RSA
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4393 4394 
    if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
        return 0;
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4395 
#endif
R
Use new-style system-id macros everywhere possible. I hope I haven't  
Richard Levitte 已提交
4396 
#ifndef OPENSSL_NO_DSA
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4397 4398 
    if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
        return 0;
R
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)  
Ralf S. Engelschall 已提交
4399 
#endif
R
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC  
Rich Salz 已提交
4400 
#ifndef OPENSSL_NO_EC
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4401 
    /*
D
Remove ECDH client auth code.  
Dr. Stephen Henson 已提交
4402 
     * ECDSA certs can be used with RSA cipher suites too so we don't
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4403 4404 
     * need to check for SSL_kECDH or SSL_kECDHE
     */
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4405 4406 4407 4408 
    if (s->version >= TLS1_VERSION
            && !(alg_a & SSL_aECDSA)
            && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
        return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4409 
#endif
M
Convert CertificateRequest construction to WPACKET  
Matt Caswell 已提交
4410 
    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4411 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4412
D
Add new ctrl to retrieve client certificate types, print out  
Dr. Stephen Henson 已提交
4413 
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4414 
{
D
Tidy up certificate type handling.  
Dr. Stephen Henson 已提交
4415 4416 4417 4418 
    OPENSSL_free(c->ctype);
    c->ctype = NULL;
    c->ctype_len = 0;
    if (p == NULL || len == 0)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4419 4420 4421 
        return 1;
    if (len > 0xff)
        return 0;
D
Tidy up certificate type handling.  
Dr. Stephen Henson 已提交
4422 4423 
    c->ctype = OPENSSL_memdup(p, len);
    if (c->ctype == NULL)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4424 
        return 0;
D
Tidy up certificate type handling.  
Dr. Stephen Henson 已提交
4425 
    c->ctype_len = len;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4426 4427 
    return 1;
}
D
Add new ctrl to retrieve client certificate types, print out  
Dr. Stephen Henson 已提交
4428
U
Change functions to ANSI C.  
Ulf Möller 已提交
4429 
int ssl3_shutdown(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4430 4431 4432 4433 4434 4435 4436 
{
    int ret;

    /*
     * Don't do anything much if we have not done the handshake or we don't
     * want to send messages :-)
     */
M
Remove extraneous parens  
Matt Caswell 已提交
4437 
    if (s->quiet_shutdown || SSL_in_before(s)) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4438 
        s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4439 
        return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4440 4441 4442 4443 4444 4445 4446 
    }

    if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
        s->shutdown |= SSL_SENT_SHUTDOWN;
        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
        /*
         * our shutdown alert has been sent now, and if it still needs to be
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4447 
         * written, s->s3.alert_dispatch will be true
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4448 
         */
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4449 
        if (s->s3.alert_dispatch)
K
Remove parentheses of return.  
KaoruToda 已提交
4450 
            return -1;        /* return WANT_WRITE */
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4451 
    } else if (s->s3.alert_dispatch) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4452 4453 4454 4455 4456 
        /* resend it if not sent */
        ret = s->method->ssl_dispatch_alert(s);
        if (ret == -1) {
            /*
             * we only get to return -1 here the 2nd/Nth invocation, we must
F
various spelling fixes  
FdaSilvaYY 已提交
4457 
             * have already signalled return 0 upon a previous invocation,
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4458 4459 
             * return WANT_WRITE
             */
K
Remove parentheses of return.  
KaoruToda 已提交
4460 
            return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4461 4462 
        }
    } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4463 
        size_t readbytes;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4464 4465 4466 
        /*
         * If we are waiting for a close from our peer, we are closed
         */
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4467 
        s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4468 
        if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
M
Further libssl size_t-ify of reading  
Matt Caswell 已提交
4469 
            return -1;        /* return WANT_READ */
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4470 4471 4472 4473 
        }
    }

    if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4474 
        !s->s3.alert_dispatch)
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4475 
        return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4476 
    else
K
Remove parentheses of return.  
KaoruToda 已提交
4477 
        return 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4478 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4479
M
Convert libssl writing for size_t  
Matt Caswell 已提交
4480 
int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4481 4482 
{
    clear_sys_error();
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4483 
    if (s->s3.renegotiate)
M
Move state machine knowledge out of the record layer  
Matt Caswell 已提交
4484 
        ssl3_renegotiate_check(s, 0);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4485
M
Convert libssl writing for size_t  
Matt Caswell 已提交
4486 4487 
    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
                                      written);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4488 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4489
M
Further libssl size_t-ify of reading  
Matt Caswell 已提交
4490 
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4491 
                              size_t *readbytes)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4492 4493 4494 4495 
{
    int ret;

    clear_sys_error();
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4496 
    if (s->s3.renegotiate)
M
Move state machine knowledge out of the record layer  
Matt Caswell 已提交
4497 
        ssl3_renegotiate_check(s, 0);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4498 
    s->s3.in_read_app_data = 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4499 
    ret =
M
Move TLS CCS processing into the state machine  
Matt Caswell 已提交
4500 
        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4501 
                                  peek, readbytes);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4502 
    if ((ret == -1) && (s->s3.in_read_app_data == 2)) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4503 4504 4505 4506 4507 4508 4509 
        /*
         * ssl3_read_bytes decided to call s->handshake_func, which called
         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
         * actually found application data and thinks that application data
         * makes sense here; so disable handshake processing and try to read
         * application data again.
         */
M
Move in_handshake into STATEM  
Matt Caswell 已提交
4510 
        ossl_statem_set_in_handshake(s, 1);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4511 
        ret =
M
Move TLS CCS processing into the state machine  
Matt Caswell 已提交
4512 
            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4513 
                                      len, peek, readbytes);
M
Move in_handshake into STATEM  
Matt Caswell 已提交
4514 
        ossl_statem_set_in_handshake(s, 0);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4515 
    } else
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4516 
        s->s3.in_read_app_data = 0;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4517
M
Further libssl size_t-ify of reading  
Matt Caswell 已提交
4518 
    return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4519 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4520
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4521 
int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4522 
{
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4523 
    return ssl3_read_internal(s, buf, len, 0, readbytes);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4524 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4525
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4526 
int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4527 
{
M
Rename all "read" variables with "readbytes"  
Matt Caswell 已提交
4528 
    return ssl3_read_internal(s, buf, len, 1, readbytes);
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4529 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4530
U
Change functions to ANSI C.  
Ulf Möller 已提交
4531 
int ssl3_renegotiate(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4532 4533 
{
    if (s->handshake_func == NULL)
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4534 
        return 1;
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4535
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4536 
    s->s3.renegotiate = 1;
K
Since return is inconsistent, I removed unnecessary parentheses and  
KaoruToda 已提交
4537 
    return 1;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4538 
}
R
Import of old SSLeay release: SSLeay 0.8.1b  
Ralf S. Engelschall 已提交
4539
M
Move state machine knowledge out of the record layer  
Matt Caswell 已提交
4540 4541 4542 4543 4544 4545 4546 4547 4548 
/*
 * Check if we are waiting to do a renegotiation and if so whether now is a
 * good time to do it. If |initok| is true then we are being called from inside
 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
 * should do a renegotiation now and sets up the state machine for it. Otherwise
 * returns 0.
 */
int ssl3_renegotiate_check(SSL *s, int initok)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4549 4550 4551 
{
    int ret = 0;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4552 
    if (s->s3.renegotiate) {
M
Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and  
Matt Caswell 已提交
4553 4554 
        if (!RECORD_LAYER_read_pending(&s->rlayer)
            && !RECORD_LAYER_write_pending(&s->rlayer)
M
Move state machine knowledge out of the record layer  
Matt Caswell 已提交
4555 
            && (initok || !SSL_in_init(s))) {
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4556 4557 
            /*
             * if we are the server, and we have sent a 'RENEGOTIATE'
M
Remove redundant code  
Matt Caswell 已提交
4558 4559 
             * message, we need to set the state machine into the renegotiate
             * state.
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4560 
             */
M
Change statem prefix to ossl_statem  
Matt Caswell 已提交
4561 
            ossl_statem_set_renegotiate(s);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4562 4563 4564 
            s->s3.renegotiate = 0;
            s->s3.num_renegotiations++;
            s->s3.total_renegotiations++;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4565 4566 4567 
            ret = 1;
        }
    }
M
Move state machine knowledge out of the record layer  
Matt Caswell 已提交
4568 
    return ret;
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4569 4570 
}
R
Import of old SSLeay release: SSLeay 0.9.0b  
Ralf S. Engelschall 已提交
4571 
/*
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4572 4573 
 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
 * handshake macs if required.
D
PSK PRF correction.  
Dr. Stephen Henson 已提交
4574 4575 
 *
 * If PSK and using SHA384 for TLS < 1.2 switch to default.
D
Initial incomplete TLS v1.2 support. New ciphersuites added, new version  
Dr. Stephen Henson 已提交
4576 4577 
 */
long ssl_get_algorithm2(SSL *s)
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4578 
{
D
Sanity check in ssl_get_algorithm2().  
Dr. Stephen Henson 已提交
4579 
    long alg2;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4580 
    if (s->s3.tmp.new_cipher == NULL)
D
Sanity check in ssl_get_algorithm2().  
Dr. Stephen Henson 已提交
4581 
        return -1;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4582 
    alg2 = s->s3.tmp.new_cipher->algorithm2;
D
PSK PRF correction.  
Dr. Stephen Henson 已提交
4583 4584 4585 
    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
        if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
            return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4586 
    } else if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) {
D
PSK PRF correction.  
Dr. Stephen Henson 已提交
4587 4588 4589 
        if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
            return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
    }
M
Run util/openssl-format-source -v -c .  
Matt Caswell 已提交
4590 4591 
    return alg2;
}
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
4592 4593 4594 4595 4596 

/*
 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
 * failure, 1 on success.
 */
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4597 4598 
int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
                          DOWNGRADE dgrd)
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
4599 
{
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4600 
    int send_time = 0, ret;
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
4601 4602 4603 4604 4605 4606 4607 4608 4609 4610 

    if (len < 4)
        return 0;
    if (server)
        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
    else
        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
    if (send_time) {
        unsigned long Time = (unsigned long)time(NULL);
        unsigned char *p = result;
R
Add a DRBG to each SSL object  
Rich Salz 已提交
4611
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
4612 
        l2n(Time, p);
M
Make sure we use RAND_bytes_ex and RAND_priv_bytes_ex in libssl  
Matt Caswell 已提交
4613 
        ret = RAND_bytes_ex(s->ctx->libctx, p, len - 4);
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4614 
    } else {
M
Make sure we use RAND_bytes_ex and RAND_priv_bytes_ex in libssl  
Matt Caswell 已提交
4615 
        ret = RAND_bytes_ex(s->ctx->libctx, result, len);
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4616 
    }
M
Turn on TLSv1.3 downgrade protection by default  
Matt Caswell 已提交
4617
K
Don't use a ssl specific DRBG anymore  
Kurt Roeckx 已提交
4618 
    if (ret > 0) {
M
Convert existing usage of assert() to ossl_assert() in libssl  
Matt Caswell 已提交
4619 4620 4621 
        if (!ossl_assert(sizeof(tls11downgrade) < len)
                || !ossl_assert(sizeof(tls12downgrade) < len))
             return 0;
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4622 4623 4624 4625 4626 4627 4628 
        if (dgrd == DOWNGRADE_TO_1_2)
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
                   sizeof(tls12downgrade));
        else if (dgrd == DOWNGRADE_TO_1_1)
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
                   sizeof(tls11downgrade));
    }
M
Turn on TLSv1.3 downgrade protection by default  
Matt Caswell 已提交
4629
M
Add server side support for TLSv1.3 downgrade mechanism  
Matt Caswell 已提交
4630 
    return ret;
M
Version negotiation rewrite cleanup  
Matt Caswell 已提交
4631 
}
D
Use single master secret generation function.  
Dr. Stephen Henson 已提交
4632 4633 4634 4635 

int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
                               int free_pms)
{
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4636 
    unsigned long alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4637 4638 
    int ret = 0;
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4639 
    if (alg_k & SSL_PSK) {
M
Split out PSK preamble and RSA from process CKE code  
Matt Caswell 已提交
4640 
#ifndef OPENSSL_NO_PSK
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4641 
        unsigned char *pskpms, *t;
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4642 
        size_t psklen = s->s3.tmp.psklen;
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4643 4644 4645 4646 4647 4648 4649 4650 4651 4652 
        size_t pskpmslen;

        /* create PSK premaster_secret */

        /* For plain PSK "other_secret" is psklen zeroes */
        if (alg_k & SSL_kPSK)
            pmslen = psklen;

        pskpmslen = 4 + pmslen + psklen;
        pskpms = OPENSSL_malloc(pskpmslen);
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4653 
        if (pskpms == NULL)
D
Free and cleanse pms on error  
Dr. Stephen Henson 已提交
4654 
            goto err;
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4655 4656 4657 4658 4659 4660 4661 4662 
        t = pskpms;
        s2n(pmslen, t);
        if (alg_k & SSL_kPSK)
            memset(t, 0, pmslen);
        else
            memcpy(t, pms, pmslen);
        t += pmslen;
        s2n(psklen, t);
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4663 
        memcpy(t, s->s3.tmp.psk, psklen);
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4664
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4665 4666 
        OPENSSL_clear_free(s->s3.tmp.psk, psklen);
        s->s3.tmp.psk = NULL;
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4667 
        if (!s->method->ssl3_enc->generate_master_secret(s,
B
Fix whitespace nit in ssl_generate_master_secret()  
Benjamin Kaduk 已提交
4668 
                    s->session->master_key, pskpms, pskpmslen,
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4669 
                    &s->session->master_key_length)) {
M
Fix a mem leak on error in the PSK code  
Matt Caswell 已提交
4670 
            OPENSSL_clear_free(pskpms, pskpmslen);
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4671 
            /* SSLfatal() already called */
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4672 
            goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4673 
        }
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4674 
        OPENSSL_clear_free(pskpms, pskpmslen);
M
Split out PSK preamble and RSA from process CKE code  
Matt Caswell 已提交
4675 4676 4677 
#else
        /* Should never happen */
        goto err;
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4678 
#endif
M
Split out PSK preamble and RSA from process CKE code  
Matt Caswell 已提交
4679 
    } else {
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4680 4681 
        if (!s->method->ssl3_enc->generate_master_secret(s,
                s->session->master_key, pms, pmslen,
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4682 4683 
                &s->session->master_key_length)) {
            /* SSLfatal() already called */
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4684 
            goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4685 
        }
M
Split out PSK preamble and RSA from process CKE code  
Matt Caswell 已提交
4686 4687 
    }
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4688 
    ret = 1;
M
Split out PSK preamble and RSA from process CKE code  
Matt Caswell 已提交
4689 
 err:
D
PSK premaster secret derivation.  
Dr. Stephen Henson 已提交
4690 4691 4692 4693 4694 4695 
    if (pms) {
        if (free_pms)
            OPENSSL_clear_free(pms, pmslen);
        else
            OPENSSL_cleanse(pms, pmslen);
    }
D
Use single master secret generation function.  
Dr. Stephen Henson 已提交
4696 
    if (s->server == 0)
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4697 
        s->s3.tmp.pms = NULL;
M
Convert master_secret_size code to size_t  
Matt Caswell 已提交
4698 
    return ret;
D
Use single master secret generation function.  
Dr. Stephen Henson 已提交
4699 
}
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4700
D
Fix no-ec  
Dr. Stephen Henson 已提交
4701 
/* Generate a private key from parameters */
M
Use the OPENSSL_CTX and property query string in EVP_PKEY_CTX  
Matt Caswell 已提交
4702 
EVP_PKEY *ssl_generate_pkey(SSL *s, EVP_PKEY *pm)
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4703 4704 4705 
{
    EVP_PKEY_CTX *pctx = NULL;
    EVP_PKEY *pkey = NULL;
D
Fix no-ec  
Dr. Stephen Henson 已提交
4706 4707 4708 

    if (pm == NULL)
        return NULL;
M
Use the OPENSSL_CTX and property query string in EVP_PKEY_CTX  
Matt Caswell 已提交
4709 
    pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pm, s->ctx->propq);
D
Fix no-ec  
Dr. Stephen Henson 已提交
4710 4711 4712 4713 4714 4715 4716 4717 4718 4719 4720 4721 4722 
    if (pctx == NULL)
        goto err;
    if (EVP_PKEY_keygen_init(pctx) <= 0)
        goto err;
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
        EVP_PKEY_free(pkey);
        pkey = NULL;
    }

    err:
    EVP_PKEY_CTX_free(pctx);
    return pkey;
}
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4723
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
4724 
/* Generate a private key from a group ID */
M
Fix no-ec with no-dh  
Matt Caswell 已提交
4725 
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4726 
EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
D
Fix no-ec  
Dr. Stephen Henson 已提交
4727 
{
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4728 
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
D
Fix no-ec  
Dr. Stephen Henson 已提交
4729 4730 
    EVP_PKEY_CTX *pctx = NULL;
    EVP_PKEY *pkey = NULL;
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
4731 
    uint16_t gtype;
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4732 4733 4734 
# ifndef OPENSSL_NO_DH
    DH *dh = NULL;
# endif
D
Fix no-ec  
Dr. Stephen Henson 已提交
4735
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4736 4737 4738 
    if (ginf == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
                 ERR_R_INTERNAL_ERROR);
D
Fix no-ec  
Dr. Stephen Henson 已提交
4739 
        goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4740 
    }
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4741 
    gtype = ginf->flags & TLS_GROUP_TYPE;
M
Use the OPENSSL_CTX and property query string in EVP_PKEY_CTX  
Matt Caswell 已提交
4742 4743 4744 4745 4746 
    /*
     * TODO(3.0): Convert these EVP_PKEY_CTX_new_id calls to ones that take
     * s->ctx->libctx and s->ctx->propq when keygen has been updated to be
     * provider aware.
     */
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4747 4748 
# ifndef OPENSSL_NO_DH
    if (gtype == TLS_GROUP_FFDHE)
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4749 4750 4751 
#  if 0
        pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "DH", s->ctx->propq);
#  else
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4752 
        pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL);
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4753 
#  endif
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4754 
#  ifndef OPENSSL_NO_EC
D
Replace tls1_ec_curve_id2nid.  
Dr. Stephen Henson 已提交
4755 
    else
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4756 4757 
#  endif /* OPENSSL_NO_EC */
# endif /* OPENSSL_NO_DH */
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4758 4759 
# ifndef OPENSSL_NO_EC
    {
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4760 4761 4762 4763 
        /*
         * TODO(3.0): When provider based EC key gen is present we can enable
         * this code.
         */
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4764 4765 4766 
        if (gtype == TLS_GROUP_CURVE_CUSTOM)
            pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL);
        else
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4767 4768 4769 4770 
#  if 0
            pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, "EC",
                                              s->ctx->propq);
#  else
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4771 
            pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4772 4773 
#  endif
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4774 
    }
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4775 
# endif /* OPENSSL_NO_EC */
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4776 4777 4778 
    if (pctx == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
                 ERR_R_MALLOC_FAILURE);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4779 
        goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4780 4781 4782 4783 
    }
    if (EVP_PKEY_keygen_init(pctx) <= 0) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
                 ERR_R_EVP_LIB);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4784 
        goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4785 
    }
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4786 4787 4788 4789 4790 4791 
# ifndef OPENSSL_NO_DH
    if (gtype == TLS_GROUP_FFDHE) {
        if ((pkey = EVP_PKEY_new()) == NULL
                || (dh = DH_new_by_nid(ginf->nid)) == NULL
                || !EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh)) {
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
P
Deprecate the low level Diffie-Hellman functions.  
Pauli 已提交
4792 
                     ERR_R_EVP_LIB);
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4793 4794 4795 4796 4797 4798 4799 
            DH_free(dh);
            EVP_PKEY_free(pkey);
            pkey = NULL;
            goto err;
        }
        if (EVP_PKEY_CTX_set_dh_nid(pctx, ginf->nid) <= 0) {
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
P
Deprecate the low level Diffie-Hellman functions.  
Pauli 已提交
4800 
                     ERR_R_EVP_LIB);
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4801 4802 4803 4804 4805 4806 4807 4808 4809 4810 4811 4812 4813 4814 4815 4816 4817 
            EVP_PKEY_free(pkey);
            pkey = NULL;
            goto err;
        }
    }
#  ifndef OPENSSL_NO_EC
    else
#  endif
# endif
# ifndef OPENSSL_NO_EC
    {
        if (gtype != TLS_GROUP_CURVE_CUSTOM
                && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) {
            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
                     ERR_R_EVP_LIB);
            goto err;
        }
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4818 
    }
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4819 
# endif
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4820 
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4821 4822 
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
                 ERR_R_EVP_LIB);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4823 4824 4825 4826 
        EVP_PKEY_free(pkey);
        pkey = NULL;
    }
E
Indent ssl/  
Emilia Kasper 已提交
4827 
 err:
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4828 4829 4830 
    EVP_PKEY_CTX_free(pctx);
    return pkey;
}
M
Fix no-ec with no-dh  
Matt Caswell 已提交
4831 
#endif
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4832 4833 4834 4835 

/*
 * Generate parameters from a group ID
 */
P
Deprecate the low level Diffie-Hellman functions.  
Pauli 已提交
4836 
EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id)
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4837 4838 4839 4840 
{
    EVP_PKEY_CTX *pctx = NULL;
    EVP_PKEY *pkey = NULL;
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4841 4842 4843 
#if 0
    const char *pkey_ctx_name;
#else
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4844 
    int pkey_ctx_id;
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4845 
#endif
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4846 4847 4848 4849 

    if (ginf == NULL)
        goto err;
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4850 
    if ((ginf->flags & TLS_GROUP_TYPE) == TLS_GROUP_CURVE_CUSTOM) {
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4851 4852 4853 4854 4855 4856 4857 
        pkey = EVP_PKEY_new();
        if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid))
            return pkey;
        EVP_PKEY_free(pkey);
        return NULL;
    }
M
Use the OPENSSL_CTX and property query string in EVP_PKEY_CTX  
Matt Caswell 已提交
4858 4859 4860 4861 4862 
    /*
     * TODO(3.0): Convert this EVP_PKEY_CTX_new_id call to one that takes
     * s->ctx->libctx and s->ctx->propq when paramgen has been updated to be
     * provider aware.
     */
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4863 4864 4865 4866 4867 
#if 0
    pkey_ctx_name = (ginf->flags & TLS_GROUP_FFDHE) != 0 ? "DH" : "EC";
    pctx = EVP_PKEY_CTX_new_from_name(s->ctx->libctx, pkey_ctx_name,
                                      s->ctx->propq);
#else
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4868 4869 4870 
    pkey_ctx_id = (ginf->flags & TLS_GROUP_FFDHE)
                        ? EVP_PKEY_DH : EVP_PKEY_EC;
    pctx = EVP_PKEY_CTX_new_id(pkey_ctx_id, NULL);
M
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl  
Matt Caswell 已提交
4871 4872 
#endif
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4873 4874 4875 4876 
    if (pctx == NULL)
        goto err;
    if (EVP_PKEY_paramgen_init(pctx) <= 0)
        goto err;
M
Fix no-dh  
Matt Caswell 已提交
4877 
# ifndef OPENSSL_NO_DH
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4878 4879 4880 4881 4882 4883 4884 4885 4886 4887 4888 4889 4890 4891 
    if (ginf->flags & TLS_GROUP_FFDHE) {
        if (EVP_PKEY_CTX_set_dh_nid(pctx, ginf->nid) <= 0)
            goto err;
    }
#  ifndef OPENSSL_NO_EC
    else
#  endif
# endif
# ifndef OPENSSL_NO_EC
    {
        if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
            goto err;
    }
# endif
D
New function ssl_generate_param_group  
Dr. Stephen Henson 已提交
4892 4893 4894 4895 4896 4897 4898 4899 4900 
    if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
        EVP_PKEY_free(pkey);
        pkey = NULL;
    }

 err:
    EVP_PKEY_CTX_free(pctx);
    return pkey;
}
E
Indent ssl/  
Emilia Kasper 已提交
4901
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4902 4903 
/* Derive secrets for ECDH/DH */
int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4904 4905 4906 4907 4908 4909 
{
    int rv = 0;
    unsigned char *pms = NULL;
    size_t pmslen = 0;
    EVP_PKEY_CTX *pctx;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4910 4911 4912 
    if (privkey == NULL || pubkey == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
                 ERR_R_INTERNAL_ERROR);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4913 
        return 0;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4914 
    }
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4915
M
Use the OPENSSL_CTX and property query string in EVP_PKEY_CTX  
Matt Caswell 已提交
4916 
    pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4917 4918 4919 4920 

    if (EVP_PKEY_derive_init(pctx) <= 0
        || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
        || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4921 4922 
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
                 ERR_R_INTERNAL_ERROR);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4923 4924 4925 
        goto err;
    }
M
Fix no-dh  
Matt Caswell 已提交
4926 
#ifndef OPENSSL_NO_DH
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4927 4928 
    if (SSL_IS_TLS13(s) &&  EVP_PKEY_id(privkey) == EVP_PKEY_DH)
        EVP_PKEY_CTX_set_dh_pad(pctx, 1);
M
Fix no-dh  
Matt Caswell 已提交
4929 
#endif
R
TLS1.3 FFDHE Support  
raja-ashok 已提交
4930
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4931 
    pms = OPENSSL_malloc(pmslen);
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4932 4933 4934 
    if (pms == NULL) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
                 ERR_R_MALLOC_FAILURE);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4935 
        goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4936 
    }
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4937
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4938 4939 4940 
    if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
                 ERR_R_INTERNAL_ERROR);
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4941 
        goto err;
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4942 
    }
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4943
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4944 
    if (gensecret) {
M
Convert the state machine code to use SSLfatal()  
Matt Caswell 已提交
4945 
        /* SSLfatal() called as appropriate in the below functions */
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4946 4947 
        if (SSL_IS_TLS13(s)) {
            /*
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4948 4949 
             * If we are resuming then we already generated the early secret
             * when we created the ClientHello, so don't recreate it.
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4950 
             */
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4951 4952 4953 4954 
            if (!s->hit)
                rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
                                           0,
                                           (unsigned char *)&s->early_secret);
M
Implement server side of PSK extension construction  
Matt Caswell 已提交
4955 4956 4957 
            else
                rv = 1;
M
Construct the client side psk extension for TLSv1.3  
Matt Caswell 已提交
4958 
            rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4959 
        } else {
M
Make sure we free and cleanse the pms value in all code paths  
Matt Caswell 已提交
4960 
            rv = ssl_generate_master_secret(s, pms, pmslen, 0);
M
Update state machine to be closer to TLS1.3  
Matt Caswell 已提交
4961 
        }
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4962 
    } else {
M
Start using the key_share data to derive the PMS  
Matt Caswell 已提交
4963 
        /* Save premaster secret */
T
Collapse ssl3_state_st (s3) into ssl_st  
Todd Short 已提交
4964 4965 
        s->s3.tmp.pms = pms;
        s->s3.tmp.pmslen = pmslen;
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4966 4967 4968 4969 
        pms = NULL;
        rv = 1;
    }
E
Indent ssl/  
Emilia Kasper 已提交
4970 
 err:
D
Add ECDH/DH utility functions.  
Dr. Stephen Henson 已提交
4971 4972 4973 4974 
    OPENSSL_clear_free(pms, pmslen);
    EVP_PKEY_CTX_free(pctx);
    return rv;
}
D
utility function  
Dr. Stephen Henson 已提交
4975
B
Fix no-dh.  
Ben Laurie 已提交
4976 
#ifndef OPENSSL_NO_DH
D
utility function  
Dr. Stephen Henson 已提交
4977 4978 4979 4980 4981 4982 4983 4984 4985 4986 4987 4988 
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
{
    EVP_PKEY *ret;
    if (dh == NULL)
        return NULL;
    ret = EVP_PKEY_new();
    if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
        EVP_PKEY_free(ret);
        return NULL;
    }
    return ret;
}
B
Fix no-dh.  
Ben Laurie 已提交
4989 
#endif