Coverage Report

Created: 2023-06-08 06:41

/src/openssl111/ssl/s3_lib.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4
 * Copyright 2005 Nokia. All rights reserved.
5
 *
6
 * Licensed under the OpenSSL license (the "License").  You may not use
7
 * this file except in compliance with the License.  You can obtain a copy
8
 * in the file LICENSE in the source distribution or at
9
 * https://www.openssl.org/source/license.html
10
 */
11
12
#include <stdio.h>
13
#include <openssl/objects.h>
14
#include "internal/nelem.h"
15
#include "ssl_local.h"
16
#include <openssl/md5.h>
17
#include <openssl/dh.h>
18
#include <openssl/rand.h>
19
#include "internal/cryptlib.h"
20
21
450
#define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
22
446
#define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)
23
13
#define SSL3_NUM_SCSVS          OSSL_NELEM(ssl3_scsvs)
24
25
/* TLSv1.3 downgrade protection sentinel values */
26
const unsigned char tls11downgrade[] = {
27
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
28
};
29
const unsigned char tls12downgrade[] = {
30
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
31
};
32
33
/* The list of available TLSv1.3 ciphers */
34
static SSL_CIPHER tls13_ciphers[] = {
35
    {
36
        1,
37
        TLS1_3_RFC_AES_128_GCM_SHA256,
38
        TLS1_3_RFC_AES_128_GCM_SHA256,
39
        TLS1_3_CK_AES_128_GCM_SHA256,
40
        SSL_kANY,
41
        SSL_aANY,
42
        SSL_AES128GCM,
43
        SSL_AEAD,
44
        TLS1_3_VERSION, TLS1_3_VERSION,
45
        0, 0,
46
        SSL_HIGH,
47
        SSL_HANDSHAKE_MAC_SHA256,
48
        128,
49
        128,
50
    }, {
51
        1,
52
        TLS1_3_RFC_AES_256_GCM_SHA384,
53
        TLS1_3_RFC_AES_256_GCM_SHA384,
54
        TLS1_3_CK_AES_256_GCM_SHA384,
55
        SSL_kANY,
56
        SSL_aANY,
57
        SSL_AES256GCM,
58
        SSL_AEAD,
59
        TLS1_3_VERSION, TLS1_3_VERSION,
60
        0, 0,
61
        SSL_HIGH,
62
        SSL_HANDSHAKE_MAC_SHA384,
63
        256,
64
        256,
65
    },
66
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
67
    {
68
        1,
69
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
70
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
71
        TLS1_3_CK_CHACHA20_POLY1305_SHA256,
72
        SSL_kANY,
73
        SSL_aANY,
74
        SSL_CHACHA20POLY1305,
75
        SSL_AEAD,
76
        TLS1_3_VERSION, TLS1_3_VERSION,
77
        0, 0,
78
        SSL_HIGH,
79
        SSL_HANDSHAKE_MAC_SHA256,
80
        256,
81
        256,
82
    },
83
#endif
84
    {
85
        1,
86
        TLS1_3_RFC_AES_128_CCM_SHA256,
87
        TLS1_3_RFC_AES_128_CCM_SHA256,
88
        TLS1_3_CK_AES_128_CCM_SHA256,
89
        SSL_kANY,
90
        SSL_aANY,
91
        SSL_AES128CCM,
92
        SSL_AEAD,
93
        TLS1_3_VERSION, TLS1_3_VERSION,
94
        0, 0,
95
        SSL_NOT_DEFAULT | SSL_HIGH,
96
        SSL_HANDSHAKE_MAC_SHA256,
97
        128,
98
        128,
99
    }, {
100
        1,
101
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
102
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
103
        TLS1_3_CK_AES_128_CCM_8_SHA256,
104
        SSL_kANY,
105
        SSL_aANY,
106
        SSL_AES128CCM8,
107
        SSL_AEAD,
108
        TLS1_3_VERSION, TLS1_3_VERSION,
109
        0, 0,
110
        SSL_NOT_DEFAULT | SSL_HIGH,
111
        SSL_HANDSHAKE_MAC_SHA256,
112
        128,
113
        128,
114
    }
115
};
116
117
/*
118
 * The list of available ciphers, mostly organized into the following
119
 * groups:
120
 *      Always there
121
 *      EC
122
 *      PSK
123
 *      SRP (within that: RSA EC PSK)
124
 *      Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
125
 *      Weak ciphers
126
 */
127
static SSL_CIPHER ssl3_ciphers[] = {
128
    {
129
     1,
130
     SSL3_TXT_RSA_NULL_MD5,
131
     SSL3_RFC_RSA_NULL_MD5,
132
     SSL3_CK_RSA_NULL_MD5,
133
     SSL_kRSA,
134
     SSL_aRSA,
135
     SSL_eNULL,
136
     SSL_MD5,
137
     SSL3_VERSION, TLS1_2_VERSION,
138
     DTLS1_BAD_VER, DTLS1_2_VERSION,
139
     SSL_STRONG_NONE,
140
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
141
     0,
142
     0,
143
     },
144
    {
145
     1,
146
     SSL3_TXT_RSA_NULL_SHA,
147
     SSL3_RFC_RSA_NULL_SHA,
148
     SSL3_CK_RSA_NULL_SHA,
149
     SSL_kRSA,
150
     SSL_aRSA,
151
     SSL_eNULL,
152
     SSL_SHA1,
153
     SSL3_VERSION, TLS1_2_VERSION,
154
     DTLS1_BAD_VER, DTLS1_2_VERSION,
155
     SSL_STRONG_NONE | SSL_FIPS,
156
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
157
     0,
158
     0,
159
     },
160
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
161
    {
162
     1,
163
     SSL3_TXT_RSA_DES_192_CBC3_SHA,
164
     SSL3_RFC_RSA_DES_192_CBC3_SHA,
165
     SSL3_CK_RSA_DES_192_CBC3_SHA,
166
     SSL_kRSA,
167
     SSL_aRSA,
168
     SSL_3DES,
169
     SSL_SHA1,
170
     SSL3_VERSION, TLS1_2_VERSION,
171
     DTLS1_BAD_VER, DTLS1_2_VERSION,
172
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
173
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
174
     112,
175
     168,
176
     },
177
    {
178
     1,
179
     SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
180
     SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
181
     SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
182
     SSL_kDHE,
183
     SSL_aDSS,
184
     SSL_3DES,
185
     SSL_SHA1,
186
     SSL3_VERSION, TLS1_2_VERSION,
187
     DTLS1_BAD_VER, DTLS1_2_VERSION,
188
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
189
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
190
     112,
191
     168,
192
     },
193
    {
194
     1,
195
     SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
196
     SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
197
     SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
198
     SSL_kDHE,
199
     SSL_aRSA,
200
     SSL_3DES,
201
     SSL_SHA1,
202
     SSL3_VERSION, TLS1_2_VERSION,
203
     DTLS1_BAD_VER, DTLS1_2_VERSION,
204
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
205
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
206
     112,
207
     168,
208
     },
209
    {
210
     1,
211
     SSL3_TXT_ADH_DES_192_CBC_SHA,
212
     SSL3_RFC_ADH_DES_192_CBC_SHA,
213
     SSL3_CK_ADH_DES_192_CBC_SHA,
214
     SSL_kDHE,
215
     SSL_aNULL,
216
     SSL_3DES,
217
     SSL_SHA1,
218
     SSL3_VERSION, TLS1_2_VERSION,
219
     DTLS1_BAD_VER, DTLS1_2_VERSION,
220
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
221
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
222
     112,
223
     168,
224
     },
225
#endif
226
    {
227
     1,
228
     TLS1_TXT_RSA_WITH_AES_128_SHA,
229
     TLS1_RFC_RSA_WITH_AES_128_SHA,
230
     TLS1_CK_RSA_WITH_AES_128_SHA,
231
     SSL_kRSA,
232
     SSL_aRSA,
233
     SSL_AES128,
234
     SSL_SHA1,
235
     SSL3_VERSION, TLS1_2_VERSION,
236
     DTLS1_BAD_VER, DTLS1_2_VERSION,
237
     SSL_HIGH | SSL_FIPS,
238
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
239
     128,
240
     128,
241
     },
242
    {
243
     1,
244
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
245
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
246
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
247
     SSL_kDHE,
248
     SSL_aDSS,
249
     SSL_AES128,
250
     SSL_SHA1,
251
     SSL3_VERSION, TLS1_2_VERSION,
252
     DTLS1_BAD_VER, DTLS1_2_VERSION,
253
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
254
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
255
     128,
256
     128,
257
     },
258
    {
259
     1,
260
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
261
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
262
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
263
     SSL_kDHE,
264
     SSL_aRSA,
265
     SSL_AES128,
266
     SSL_SHA1,
267
     SSL3_VERSION, TLS1_2_VERSION,
268
     DTLS1_BAD_VER, DTLS1_2_VERSION,
269
     SSL_HIGH | SSL_FIPS,
270
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
271
     128,
272
     128,
273
     },
274
    {
275
     1,
276
     TLS1_TXT_ADH_WITH_AES_128_SHA,
277
     TLS1_RFC_ADH_WITH_AES_128_SHA,
278
     TLS1_CK_ADH_WITH_AES_128_SHA,
279
     SSL_kDHE,
280
     SSL_aNULL,
281
     SSL_AES128,
282
     SSL_SHA1,
283
     SSL3_VERSION, TLS1_2_VERSION,
284
     DTLS1_BAD_VER, DTLS1_2_VERSION,
285
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
286
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
287
     128,
288
     128,
289
     },
290
    {
291
     1,
292
     TLS1_TXT_RSA_WITH_AES_256_SHA,
293
     TLS1_RFC_RSA_WITH_AES_256_SHA,
294
     TLS1_CK_RSA_WITH_AES_256_SHA,
295
     SSL_kRSA,
296
     SSL_aRSA,
297
     SSL_AES256,
298
     SSL_SHA1,
299
     SSL3_VERSION, TLS1_2_VERSION,
300
     DTLS1_BAD_VER, DTLS1_2_VERSION,
301
     SSL_HIGH | SSL_FIPS,
302
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
303
     256,
304
     256,
305
     },
306
    {
307
     1,
308
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
309
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
310
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
311
     SSL_kDHE,
312
     SSL_aDSS,
313
     SSL_AES256,
314
     SSL_SHA1,
315
     SSL3_VERSION, TLS1_2_VERSION,
316
     DTLS1_BAD_VER, DTLS1_2_VERSION,
317
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
318
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
319
     256,
320
     256,
321
     },
322
    {
323
     1,
324
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
325
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
326
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
327
     SSL_kDHE,
328
     SSL_aRSA,
329
     SSL_AES256,
330
     SSL_SHA1,
331
     SSL3_VERSION, TLS1_2_VERSION,
332
     DTLS1_BAD_VER, DTLS1_2_VERSION,
333
     SSL_HIGH | SSL_FIPS,
334
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
335
     256,
336
     256,
337
     },
338
    {
339
     1,
340
     TLS1_TXT_ADH_WITH_AES_256_SHA,
341
     TLS1_RFC_ADH_WITH_AES_256_SHA,
342
     TLS1_CK_ADH_WITH_AES_256_SHA,
343
     SSL_kDHE,
344
     SSL_aNULL,
345
     SSL_AES256,
346
     SSL_SHA1,
347
     SSL3_VERSION, TLS1_2_VERSION,
348
     DTLS1_BAD_VER, DTLS1_2_VERSION,
349
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
350
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
351
     256,
352
     256,
353
     },
354
    {
355
     1,
356
     TLS1_TXT_RSA_WITH_NULL_SHA256,
357
     TLS1_RFC_RSA_WITH_NULL_SHA256,
358
     TLS1_CK_RSA_WITH_NULL_SHA256,
359
     SSL_kRSA,
360
     SSL_aRSA,
361
     SSL_eNULL,
362
     SSL_SHA256,
363
     TLS1_2_VERSION, TLS1_2_VERSION,
364
     DTLS1_2_VERSION, DTLS1_2_VERSION,
365
     SSL_STRONG_NONE | SSL_FIPS,
366
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
367
     0,
368
     0,
369
     },
370
    {
371
     1,
372
     TLS1_TXT_RSA_WITH_AES_128_SHA256,
373
     TLS1_RFC_RSA_WITH_AES_128_SHA256,
374
     TLS1_CK_RSA_WITH_AES_128_SHA256,
375
     SSL_kRSA,
376
     SSL_aRSA,
377
     SSL_AES128,
378
     SSL_SHA256,
379
     TLS1_2_VERSION, TLS1_2_VERSION,
380
     DTLS1_2_VERSION, DTLS1_2_VERSION,
381
     SSL_HIGH | SSL_FIPS,
382
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
383
     128,
384
     128,
385
     },
386
    {
387
     1,
388
     TLS1_TXT_RSA_WITH_AES_256_SHA256,
389
     TLS1_RFC_RSA_WITH_AES_256_SHA256,
390
     TLS1_CK_RSA_WITH_AES_256_SHA256,
391
     SSL_kRSA,
392
     SSL_aRSA,
393
     SSL_AES256,
394
     SSL_SHA256,
395
     TLS1_2_VERSION, TLS1_2_VERSION,
396
     DTLS1_2_VERSION, DTLS1_2_VERSION,
397
     SSL_HIGH | SSL_FIPS,
398
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
399
     256,
400
     256,
401
     },
402
    {
403
     1,
404
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
405
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
406
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
407
     SSL_kDHE,
408
     SSL_aDSS,
409
     SSL_AES128,
410
     SSL_SHA256,
411
     TLS1_2_VERSION, TLS1_2_VERSION,
412
     DTLS1_2_VERSION, DTLS1_2_VERSION,
413
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
414
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
415
     128,
416
     128,
417
     },
418
    {
419
     1,
420
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
421
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
422
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
423
     SSL_kDHE,
424
     SSL_aRSA,
425
     SSL_AES128,
426
     SSL_SHA256,
427
     TLS1_2_VERSION, TLS1_2_VERSION,
428
     DTLS1_2_VERSION, DTLS1_2_VERSION,
429
     SSL_HIGH | SSL_FIPS,
430
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
431
     128,
432
     128,
433
     },
434
    {
435
     1,
436
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
437
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
438
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
439
     SSL_kDHE,
440
     SSL_aDSS,
441
     SSL_AES256,
442
     SSL_SHA256,
443
     TLS1_2_VERSION, TLS1_2_VERSION,
444
     DTLS1_2_VERSION, DTLS1_2_VERSION,
445
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
446
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
447
     256,
448
     256,
449
     },
450
    {
451
     1,
452
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
453
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
454
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
455
     SSL_kDHE,
456
     SSL_aRSA,
457
     SSL_AES256,
458
     SSL_SHA256,
459
     TLS1_2_VERSION, TLS1_2_VERSION,
460
     DTLS1_2_VERSION, DTLS1_2_VERSION,
461
     SSL_HIGH | SSL_FIPS,
462
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
463
     256,
464
     256,
465
     },
466
    {
467
     1,
468
     TLS1_TXT_ADH_WITH_AES_128_SHA256,
469
     TLS1_RFC_ADH_WITH_AES_128_SHA256,
470
     TLS1_CK_ADH_WITH_AES_128_SHA256,
471
     SSL_kDHE,
472
     SSL_aNULL,
473
     SSL_AES128,
474
     SSL_SHA256,
475
     TLS1_2_VERSION, TLS1_2_VERSION,
476
     DTLS1_2_VERSION, DTLS1_2_VERSION,
477
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
478
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
479
     128,
480
     128,
481
     },
482
    {
483
     1,
484
     TLS1_TXT_ADH_WITH_AES_256_SHA256,
485
     TLS1_RFC_ADH_WITH_AES_256_SHA256,
486
     TLS1_CK_ADH_WITH_AES_256_SHA256,
487
     SSL_kDHE,
488
     SSL_aNULL,
489
     SSL_AES256,
490
     SSL_SHA256,
491
     TLS1_2_VERSION, TLS1_2_VERSION,
492
     DTLS1_2_VERSION, DTLS1_2_VERSION,
493
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
494
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
495
     256,
496
     256,
497
     },
498
    {
499
     1,
500
     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
501
     TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
502
     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
503
     SSL_kRSA,
504
     SSL_aRSA,
505
     SSL_AES128GCM,
506
     SSL_AEAD,
507
     TLS1_2_VERSION, TLS1_2_VERSION,
508
     DTLS1_2_VERSION, DTLS1_2_VERSION,
509
     SSL_HIGH | SSL_FIPS,
510
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
511
     128,
512
     128,
513
     },
514
    {
515
     1,
516
     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
517
     TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
518
     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
519
     SSL_kRSA,
520
     SSL_aRSA,
521
     SSL_AES256GCM,
522
     SSL_AEAD,
523
     TLS1_2_VERSION, TLS1_2_VERSION,
524
     DTLS1_2_VERSION, DTLS1_2_VERSION,
525
     SSL_HIGH | SSL_FIPS,
526
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
527
     256,
528
     256,
529
     },
530
    {
531
     1,
532
     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
533
     TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
534
     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
535
     SSL_kDHE,
536
     SSL_aRSA,
537
     SSL_AES128GCM,
538
     SSL_AEAD,
539
     TLS1_2_VERSION, TLS1_2_VERSION,
540
     DTLS1_2_VERSION, DTLS1_2_VERSION,
541
     SSL_HIGH | SSL_FIPS,
542
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
543
     128,
544
     128,
545
     },
546
    {
547
     1,
548
     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
549
     TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
550
     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
551
     SSL_kDHE,
552
     SSL_aRSA,
553
     SSL_AES256GCM,
554
     SSL_AEAD,
555
     TLS1_2_VERSION, TLS1_2_VERSION,
556
     DTLS1_2_VERSION, DTLS1_2_VERSION,
557
     SSL_HIGH | SSL_FIPS,
558
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
559
     256,
560
     256,
561
     },
562
    {
563
     1,
564
     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
565
     TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
566
     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
567
     SSL_kDHE,
568
     SSL_aDSS,
569
     SSL_AES128GCM,
570
     SSL_AEAD,
571
     TLS1_2_VERSION, TLS1_2_VERSION,
572
     DTLS1_2_VERSION, DTLS1_2_VERSION,
573
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
574
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
575
     128,
576
     128,
577
     },
578
    {
579
     1,
580
     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
581
     TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
582
     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
583
     SSL_kDHE,
584
     SSL_aDSS,
585
     SSL_AES256GCM,
586
     SSL_AEAD,
587
     TLS1_2_VERSION, TLS1_2_VERSION,
588
     DTLS1_2_VERSION, DTLS1_2_VERSION,
589
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
590
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
591
     256,
592
     256,
593
     },
594
    {
595
     1,
596
     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
597
     TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
598
     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
599
     SSL_kDHE,
600
     SSL_aNULL,
601
     SSL_AES128GCM,
602
     SSL_AEAD,
603
     TLS1_2_VERSION, TLS1_2_VERSION,
604
     DTLS1_2_VERSION, DTLS1_2_VERSION,
605
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
606
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
607
     128,
608
     128,
609
     },
610
    {
611
     1,
612
     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
613
     TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
614
     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
615
     SSL_kDHE,
616
     SSL_aNULL,
617
     SSL_AES256GCM,
618
     SSL_AEAD,
619
     TLS1_2_VERSION, TLS1_2_VERSION,
620
     DTLS1_2_VERSION, DTLS1_2_VERSION,
621
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
622
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
623
     256,
624
     256,
625
     },
626
    {
627
     1,
628
     TLS1_TXT_RSA_WITH_AES_128_CCM,
629
     TLS1_RFC_RSA_WITH_AES_128_CCM,
630
     TLS1_CK_RSA_WITH_AES_128_CCM,
631
     SSL_kRSA,
632
     SSL_aRSA,
633
     SSL_AES128CCM,
634
     SSL_AEAD,
635
     TLS1_2_VERSION, TLS1_2_VERSION,
636
     DTLS1_2_VERSION, DTLS1_2_VERSION,
637
     SSL_NOT_DEFAULT | SSL_HIGH,
638
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
639
     128,
640
     128,
641
     },
642
    {
643
     1,
644
     TLS1_TXT_RSA_WITH_AES_256_CCM,
645
     TLS1_RFC_RSA_WITH_AES_256_CCM,
646
     TLS1_CK_RSA_WITH_AES_256_CCM,
647
     SSL_kRSA,
648
     SSL_aRSA,
649
     SSL_AES256CCM,
650
     SSL_AEAD,
651
     TLS1_2_VERSION, TLS1_2_VERSION,
652
     DTLS1_2_VERSION, DTLS1_2_VERSION,
653
     SSL_NOT_DEFAULT | SSL_HIGH,
654
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
655
     256,
656
     256,
657
     },
658
    {
659
     1,
660
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
661
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
662
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
663
     SSL_kDHE,
664
     SSL_aRSA,
665
     SSL_AES128CCM,
666
     SSL_AEAD,
667
     TLS1_2_VERSION, TLS1_2_VERSION,
668
     DTLS1_2_VERSION, DTLS1_2_VERSION,
669
     SSL_NOT_DEFAULT | SSL_HIGH,
670
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
671
     128,
672
     128,
673
     },
674
    {
675
     1,
676
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
677
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
678
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
679
     SSL_kDHE,
680
     SSL_aRSA,
681
     SSL_AES256CCM,
682
     SSL_AEAD,
683
     TLS1_2_VERSION, TLS1_2_VERSION,
684
     DTLS1_2_VERSION, DTLS1_2_VERSION,
685
     SSL_NOT_DEFAULT | SSL_HIGH,
686
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
687
     256,
688
     256,
689
     },
690
    {
691
     1,
692
     TLS1_TXT_RSA_WITH_AES_128_CCM_8,
693
     TLS1_RFC_RSA_WITH_AES_128_CCM_8,
694
     TLS1_CK_RSA_WITH_AES_128_CCM_8,
695
     SSL_kRSA,
696
     SSL_aRSA,
697
     SSL_AES128CCM8,
698
     SSL_AEAD,
699
     TLS1_2_VERSION, TLS1_2_VERSION,
700
     DTLS1_2_VERSION, DTLS1_2_VERSION,
701
     SSL_NOT_DEFAULT | SSL_HIGH,
702
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
703
     128,
704
     128,
705
     },
706
    {
707
     1,
708
     TLS1_TXT_RSA_WITH_AES_256_CCM_8,
709
     TLS1_RFC_RSA_WITH_AES_256_CCM_8,
710
     TLS1_CK_RSA_WITH_AES_256_CCM_8,
711
     SSL_kRSA,
712
     SSL_aRSA,
713
     SSL_AES256CCM8,
714
     SSL_AEAD,
715
     TLS1_2_VERSION, TLS1_2_VERSION,
716
     DTLS1_2_VERSION, DTLS1_2_VERSION,
717
     SSL_NOT_DEFAULT | SSL_HIGH,
718
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
719
     256,
720
     256,
721
     },
722
    {
723
     1,
724
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
725
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
726
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
727
     SSL_kDHE,
728
     SSL_aRSA,
729
     SSL_AES128CCM8,
730
     SSL_AEAD,
731
     TLS1_2_VERSION, TLS1_2_VERSION,
732
     DTLS1_2_VERSION, DTLS1_2_VERSION,
733
     SSL_NOT_DEFAULT | SSL_HIGH,
734
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
735
     128,
736
     128,
737
     },
738
    {
739
     1,
740
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
741
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
742
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
743
     SSL_kDHE,
744
     SSL_aRSA,
745
     SSL_AES256CCM8,
746
     SSL_AEAD,
747
     TLS1_2_VERSION, TLS1_2_VERSION,
748
     DTLS1_2_VERSION, DTLS1_2_VERSION,
749
     SSL_NOT_DEFAULT | SSL_HIGH,
750
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
751
     256,
752
     256,
753
     },
754
    {
755
     1,
756
     TLS1_TXT_PSK_WITH_AES_128_CCM,
757
     TLS1_RFC_PSK_WITH_AES_128_CCM,
758
     TLS1_CK_PSK_WITH_AES_128_CCM,
759
     SSL_kPSK,
760
     SSL_aPSK,
761
     SSL_AES128CCM,
762
     SSL_AEAD,
763
     TLS1_2_VERSION, TLS1_2_VERSION,
764
     DTLS1_2_VERSION, DTLS1_2_VERSION,
765
     SSL_NOT_DEFAULT | SSL_HIGH,
766
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
767
     128,
768
     128,
769
     },
770
    {
771
     1,
772
     TLS1_TXT_PSK_WITH_AES_256_CCM,
773
     TLS1_RFC_PSK_WITH_AES_256_CCM,
774
     TLS1_CK_PSK_WITH_AES_256_CCM,
775
     SSL_kPSK,
776
     SSL_aPSK,
777
     SSL_AES256CCM,
778
     SSL_AEAD,
779
     TLS1_2_VERSION, TLS1_2_VERSION,
780
     DTLS1_2_VERSION, DTLS1_2_VERSION,
781
     SSL_NOT_DEFAULT | SSL_HIGH,
782
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
783
     256,
784
     256,
785
     },
786
    {
787
     1,
788
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
789
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
790
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
791
     SSL_kDHEPSK,
792
     SSL_aPSK,
793
     SSL_AES128CCM,
794
     SSL_AEAD,
795
     TLS1_2_VERSION, TLS1_2_VERSION,
796
     DTLS1_2_VERSION, DTLS1_2_VERSION,
797
     SSL_NOT_DEFAULT | SSL_HIGH,
798
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
799
     128,
800
     128,
801
     },
802
    {
803
     1,
804
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
805
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
806
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
807
     SSL_kDHEPSK,
808
     SSL_aPSK,
809
     SSL_AES256CCM,
810
     SSL_AEAD,
811
     TLS1_2_VERSION, TLS1_2_VERSION,
812
     DTLS1_2_VERSION, DTLS1_2_VERSION,
813
     SSL_NOT_DEFAULT | SSL_HIGH,
814
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
815
     256,
816
     256,
817
     },
818
    {
819
     1,
820
     TLS1_TXT_PSK_WITH_AES_128_CCM_8,
821
     TLS1_RFC_PSK_WITH_AES_128_CCM_8,
822
     TLS1_CK_PSK_WITH_AES_128_CCM_8,
823
     SSL_kPSK,
824
     SSL_aPSK,
825
     SSL_AES128CCM8,
826
     SSL_AEAD,
827
     TLS1_2_VERSION, TLS1_2_VERSION,
828
     DTLS1_2_VERSION, DTLS1_2_VERSION,
829
     SSL_NOT_DEFAULT | SSL_HIGH,
830
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
831
     128,
832
     128,
833
     },
834
    {
835
     1,
836
     TLS1_TXT_PSK_WITH_AES_256_CCM_8,
837
     TLS1_RFC_PSK_WITH_AES_256_CCM_8,
838
     TLS1_CK_PSK_WITH_AES_256_CCM_8,
839
     SSL_kPSK,
840
     SSL_aPSK,
841
     SSL_AES256CCM8,
842
     SSL_AEAD,
843
     TLS1_2_VERSION, TLS1_2_VERSION,
844
     DTLS1_2_VERSION, DTLS1_2_VERSION,
845
     SSL_NOT_DEFAULT | SSL_HIGH,
846
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
847
     256,
848
     256,
849
     },
850
    {
851
     1,
852
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
853
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
854
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
855
     SSL_kDHEPSK,
856
     SSL_aPSK,
857
     SSL_AES128CCM8,
858
     SSL_AEAD,
859
     TLS1_2_VERSION, TLS1_2_VERSION,
860
     DTLS1_2_VERSION, DTLS1_2_VERSION,
861
     SSL_NOT_DEFAULT | SSL_HIGH,
862
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
863
     128,
864
     128,
865
     },
866
    {
867
     1,
868
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
869
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
870
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
871
     SSL_kDHEPSK,
872
     SSL_aPSK,
873
     SSL_AES256CCM8,
874
     SSL_AEAD,
875
     TLS1_2_VERSION, TLS1_2_VERSION,
876
     DTLS1_2_VERSION, DTLS1_2_VERSION,
877
     SSL_NOT_DEFAULT | SSL_HIGH,
878
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
879
     256,
880
     256,
881
     },
882
    {
883
     1,
884
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
885
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
886
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
887
     SSL_kECDHE,
888
     SSL_aECDSA,
889
     SSL_AES128CCM,
890
     SSL_AEAD,
891
     TLS1_2_VERSION, TLS1_2_VERSION,
892
     DTLS1_2_VERSION, DTLS1_2_VERSION,
893
     SSL_NOT_DEFAULT | SSL_HIGH,
894
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
895
     128,
896
     128,
897
     },
898
    {
899
     1,
900
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
901
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
902
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
903
     SSL_kECDHE,
904
     SSL_aECDSA,
905
     SSL_AES256CCM,
906
     SSL_AEAD,
907
     TLS1_2_VERSION, TLS1_2_VERSION,
908
     DTLS1_2_VERSION, DTLS1_2_VERSION,
909
     SSL_NOT_DEFAULT | SSL_HIGH,
910
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
911
     256,
912
     256,
913
     },
914
    {
915
     1,
916
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
917
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
918
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
919
     SSL_kECDHE,
920
     SSL_aECDSA,
921
     SSL_AES128CCM8,
922
     SSL_AEAD,
923
     TLS1_2_VERSION, TLS1_2_VERSION,
924
     DTLS1_2_VERSION, DTLS1_2_VERSION,
925
     SSL_NOT_DEFAULT | SSL_HIGH,
926
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
927
     128,
928
     128,
929
     },
930
    {
931
     1,
932
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
933
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
934
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
935
     SSL_kECDHE,
936
     SSL_aECDSA,
937
     SSL_AES256CCM8,
938
     SSL_AEAD,
939
     TLS1_2_VERSION, TLS1_2_VERSION,
940
     DTLS1_2_VERSION, DTLS1_2_VERSION,
941
     SSL_NOT_DEFAULT | SSL_HIGH,
942
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
943
     256,
944
     256,
945
     },
946
    {
947
     1,
948
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
949
     TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
950
     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
951
     SSL_kECDHE,
952
     SSL_aECDSA,
953
     SSL_eNULL,
954
     SSL_SHA1,
955
     TLS1_VERSION, TLS1_2_VERSION,
956
     DTLS1_BAD_VER, DTLS1_2_VERSION,
957
     SSL_STRONG_NONE | SSL_FIPS,
958
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
959
     0,
960
     0,
961
     },
962
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
963
    {
964
     1,
965
     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
966
     TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
967
     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
968
     SSL_kECDHE,
969
     SSL_aECDSA,
970
     SSL_3DES,
971
     SSL_SHA1,
972
     TLS1_VERSION, TLS1_2_VERSION,
973
     DTLS1_BAD_VER, DTLS1_2_VERSION,
974
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
975
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
976
     112,
977
     168,
978
     },
979
# endif
980
    {
981
     1,
982
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
983
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
984
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
985
     SSL_kECDHE,
986
     SSL_aECDSA,
987
     SSL_AES128,
988
     SSL_SHA1,
989
     TLS1_VERSION, TLS1_2_VERSION,
990
     DTLS1_BAD_VER, DTLS1_2_VERSION,
991
     SSL_HIGH | SSL_FIPS,
992
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
993
     128,
994
     128,
995
     },
996
    {
997
     1,
998
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
999
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1000
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1001
     SSL_kECDHE,
1002
     SSL_aECDSA,
1003
     SSL_AES256,
1004
     SSL_SHA1,
1005
     TLS1_VERSION, TLS1_2_VERSION,
1006
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1007
     SSL_HIGH | SSL_FIPS,
1008
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1009
     256,
1010
     256,
1011
     },
1012
    {
1013
     1,
1014
     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1015
     TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1016
     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1017
     SSL_kECDHE,
1018
     SSL_aRSA,
1019
     SSL_eNULL,
1020
     SSL_SHA1,
1021
     TLS1_VERSION, TLS1_2_VERSION,
1022
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1023
     SSL_STRONG_NONE | SSL_FIPS,
1024
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1025
     0,
1026
     0,
1027
     },
1028
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1029
    {
1030
     1,
1031
     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1032
     TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1033
     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1034
     SSL_kECDHE,
1035
     SSL_aRSA,
1036
     SSL_3DES,
1037
     SSL_SHA1,
1038
     TLS1_VERSION, TLS1_2_VERSION,
1039
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1040
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1041
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1042
     112,
1043
     168,
1044
     },
1045
# endif
1046
    {
1047
     1,
1048
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1049
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1050
     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1051
     SSL_kECDHE,
1052
     SSL_aRSA,
1053
     SSL_AES128,
1054
     SSL_SHA1,
1055
     TLS1_VERSION, TLS1_2_VERSION,
1056
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1057
     SSL_HIGH | SSL_FIPS,
1058
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1059
     128,
1060
     128,
1061
     },
1062
    {
1063
     1,
1064
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1065
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1066
     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1067
     SSL_kECDHE,
1068
     SSL_aRSA,
1069
     SSL_AES256,
1070
     SSL_SHA1,
1071
     TLS1_VERSION, TLS1_2_VERSION,
1072
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1073
     SSL_HIGH | SSL_FIPS,
1074
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1075
     256,
1076
     256,
1077
     },
1078
    {
1079
     1,
1080
     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1081
     TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1082
     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1083
     SSL_kECDHE,
1084
     SSL_aNULL,
1085
     SSL_eNULL,
1086
     SSL_SHA1,
1087
     TLS1_VERSION, TLS1_2_VERSION,
1088
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1089
     SSL_STRONG_NONE | SSL_FIPS,
1090
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1091
     0,
1092
     0,
1093
     },
1094
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1095
    {
1096
     1,
1097
     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1098
     TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1099
     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1100
     SSL_kECDHE,
1101
     SSL_aNULL,
1102
     SSL_3DES,
1103
     SSL_SHA1,
1104
     TLS1_VERSION, TLS1_2_VERSION,
1105
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1106
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1107
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1108
     112,
1109
     168,
1110
     },
1111
# endif
1112
    {
1113
     1,
1114
     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1115
     TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1116
     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1117
     SSL_kECDHE,
1118
     SSL_aNULL,
1119
     SSL_AES128,
1120
     SSL_SHA1,
1121
     TLS1_VERSION, TLS1_2_VERSION,
1122
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1123
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1124
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1125
     128,
1126
     128,
1127
     },
1128
    {
1129
     1,
1130
     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1131
     TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1132
     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1133
     SSL_kECDHE,
1134
     SSL_aNULL,
1135
     SSL_AES256,
1136
     SSL_SHA1,
1137
     TLS1_VERSION, TLS1_2_VERSION,
1138
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1139
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1140
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1141
     256,
1142
     256,
1143
     },
1144
    {
1145
     1,
1146
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1147
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1148
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1149
     SSL_kECDHE,
1150
     SSL_aECDSA,
1151
     SSL_AES128,
1152
     SSL_SHA256,
1153
     TLS1_2_VERSION, TLS1_2_VERSION,
1154
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1155
     SSL_HIGH | SSL_FIPS,
1156
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1157
     128,
1158
     128,
1159
     },
1160
    {
1161
     1,
1162
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1163
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1164
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1165
     SSL_kECDHE,
1166
     SSL_aECDSA,
1167
     SSL_AES256,
1168
     SSL_SHA384,
1169
     TLS1_2_VERSION, TLS1_2_VERSION,
1170
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1171
     SSL_HIGH | SSL_FIPS,
1172
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1173
     256,
1174
     256,
1175
     },
1176
    {
1177
     1,
1178
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1179
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1180
     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1181
     SSL_kECDHE,
1182
     SSL_aRSA,
1183
     SSL_AES128,
1184
     SSL_SHA256,
1185
     TLS1_2_VERSION, TLS1_2_VERSION,
1186
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1187
     SSL_HIGH | SSL_FIPS,
1188
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1189
     128,
1190
     128,
1191
     },
1192
    {
1193
     1,
1194
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1195
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1196
     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1197
     SSL_kECDHE,
1198
     SSL_aRSA,
1199
     SSL_AES256,
1200
     SSL_SHA384,
1201
     TLS1_2_VERSION, TLS1_2_VERSION,
1202
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1203
     SSL_HIGH | SSL_FIPS,
1204
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1205
     256,
1206
     256,
1207
     },
1208
    {
1209
     1,
1210
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1211
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1212
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1213
     SSL_kECDHE,
1214
     SSL_aECDSA,
1215
     SSL_AES128GCM,
1216
     SSL_AEAD,
1217
     TLS1_2_VERSION, TLS1_2_VERSION,
1218
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1219
     SSL_HIGH | SSL_FIPS,
1220
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1221
     128,
1222
     128,
1223
     },
1224
    {
1225
     1,
1226
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1227
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1228
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1229
     SSL_kECDHE,
1230
     SSL_aECDSA,
1231
     SSL_AES256GCM,
1232
     SSL_AEAD,
1233
     TLS1_2_VERSION, TLS1_2_VERSION,
1234
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1235
     SSL_HIGH | SSL_FIPS,
1236
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1237
     256,
1238
     256,
1239
     },
1240
    {
1241
     1,
1242
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1243
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1244
     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1245
     SSL_kECDHE,
1246
     SSL_aRSA,
1247
     SSL_AES128GCM,
1248
     SSL_AEAD,
1249
     TLS1_2_VERSION, TLS1_2_VERSION,
1250
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1251
     SSL_HIGH | SSL_FIPS,
1252
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1253
     128,
1254
     128,
1255
     },
1256
    {
1257
     1,
1258
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1259
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1260
     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1261
     SSL_kECDHE,
1262
     SSL_aRSA,
1263
     SSL_AES256GCM,
1264
     SSL_AEAD,
1265
     TLS1_2_VERSION, TLS1_2_VERSION,
1266
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1267
     SSL_HIGH | SSL_FIPS,
1268
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1269
     256,
1270
     256,
1271
     },
1272
    {
1273
     1,
1274
     TLS1_TXT_PSK_WITH_NULL_SHA,
1275
     TLS1_RFC_PSK_WITH_NULL_SHA,
1276
     TLS1_CK_PSK_WITH_NULL_SHA,
1277
     SSL_kPSK,
1278
     SSL_aPSK,
1279
     SSL_eNULL,
1280
     SSL_SHA1,
1281
     SSL3_VERSION, TLS1_2_VERSION,
1282
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1283
     SSL_STRONG_NONE | SSL_FIPS,
1284
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1285
     0,
1286
     0,
1287
     },
1288
    {
1289
     1,
1290
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1291
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1292
     TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1293
     SSL_kDHEPSK,
1294
     SSL_aPSK,
1295
     SSL_eNULL,
1296
     SSL_SHA1,
1297
     SSL3_VERSION, TLS1_2_VERSION,
1298
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1299
     SSL_STRONG_NONE | SSL_FIPS,
1300
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1301
     0,
1302
     0,
1303
     },
1304
    {
1305
     1,
1306
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1307
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1308
     TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1309
     SSL_kRSAPSK,
1310
     SSL_aRSA,
1311
     SSL_eNULL,
1312
     SSL_SHA1,
1313
     SSL3_VERSION, TLS1_2_VERSION,
1314
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1315
     SSL_STRONG_NONE | SSL_FIPS,
1316
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1317
     0,
1318
     0,
1319
     },
1320
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1321
    {
1322
     1,
1323
     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1324
     TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1325
     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1326
     SSL_kPSK,
1327
     SSL_aPSK,
1328
     SSL_3DES,
1329
     SSL_SHA1,
1330
     SSL3_VERSION, TLS1_2_VERSION,
1331
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1332
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1333
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1334
     112,
1335
     168,
1336
     },
1337
# endif
1338
    {
1339
     1,
1340
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1341
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1342
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1343
     SSL_kPSK,
1344
     SSL_aPSK,
1345
     SSL_AES128,
1346
     SSL_SHA1,
1347
     SSL3_VERSION, TLS1_2_VERSION,
1348
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1349
     SSL_HIGH | SSL_FIPS,
1350
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1351
     128,
1352
     128,
1353
     },
1354
    {
1355
     1,
1356
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1357
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1358
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1359
     SSL_kPSK,
1360
     SSL_aPSK,
1361
     SSL_AES256,
1362
     SSL_SHA1,
1363
     SSL3_VERSION, TLS1_2_VERSION,
1364
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1365
     SSL_HIGH | SSL_FIPS,
1366
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1367
     256,
1368
     256,
1369
     },
1370
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1371
    {
1372
     1,
1373
     TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1374
     TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1375
     TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376
     SSL_kDHEPSK,
1377
     SSL_aPSK,
1378
     SSL_3DES,
1379
     SSL_SHA1,
1380
     SSL3_VERSION, TLS1_2_VERSION,
1381
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1382
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1383
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1384
     112,
1385
     168,
1386
     },
1387
# endif
1388
    {
1389
     1,
1390
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1391
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1392
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1393
     SSL_kDHEPSK,
1394
     SSL_aPSK,
1395
     SSL_AES128,
1396
     SSL_SHA1,
1397
     SSL3_VERSION, TLS1_2_VERSION,
1398
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1399
     SSL_HIGH | SSL_FIPS,
1400
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1401
     128,
1402
     128,
1403
     },
1404
    {
1405
     1,
1406
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1407
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1408
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1409
     SSL_kDHEPSK,
1410
     SSL_aPSK,
1411
     SSL_AES256,
1412
     SSL_SHA1,
1413
     SSL3_VERSION, TLS1_2_VERSION,
1414
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1415
     SSL_HIGH | SSL_FIPS,
1416
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1417
     256,
1418
     256,
1419
     },
1420
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1421
    {
1422
     1,
1423
     TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1424
     TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1425
     TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426
     SSL_kRSAPSK,
1427
     SSL_aRSA,
1428
     SSL_3DES,
1429
     SSL_SHA1,
1430
     SSL3_VERSION, TLS1_2_VERSION,
1431
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1432
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1433
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1434
     112,
1435
     168,
1436
     },
1437
# endif
1438
    {
1439
     1,
1440
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1441
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1442
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1443
     SSL_kRSAPSK,
1444
     SSL_aRSA,
1445
     SSL_AES128,
1446
     SSL_SHA1,
1447
     SSL3_VERSION, TLS1_2_VERSION,
1448
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1449
     SSL_HIGH | SSL_FIPS,
1450
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1451
     128,
1452
     128,
1453
     },
1454
    {
1455
     1,
1456
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1457
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1458
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1459
     SSL_kRSAPSK,
1460
     SSL_aRSA,
1461
     SSL_AES256,
1462
     SSL_SHA1,
1463
     SSL3_VERSION, TLS1_2_VERSION,
1464
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1465
     SSL_HIGH | SSL_FIPS,
1466
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1467
     256,
1468
     256,
1469
     },
1470
    {
1471
     1,
1472
     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1473
     TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1474
     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1475
     SSL_kPSK,
1476
     SSL_aPSK,
1477
     SSL_AES128GCM,
1478
     SSL_AEAD,
1479
     TLS1_2_VERSION, TLS1_2_VERSION,
1480
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1481
     SSL_HIGH | SSL_FIPS,
1482
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1483
     128,
1484
     128,
1485
     },
1486
    {
1487
     1,
1488
     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1489
     TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1490
     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1491
     SSL_kPSK,
1492
     SSL_aPSK,
1493
     SSL_AES256GCM,
1494
     SSL_AEAD,
1495
     TLS1_2_VERSION, TLS1_2_VERSION,
1496
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1497
     SSL_HIGH | SSL_FIPS,
1498
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1499
     256,
1500
     256,
1501
     },
1502
    {
1503
     1,
1504
     TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1505
     TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1506
     TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507
     SSL_kDHEPSK,
1508
     SSL_aPSK,
1509
     SSL_AES128GCM,
1510
     SSL_AEAD,
1511
     TLS1_2_VERSION, TLS1_2_VERSION,
1512
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1513
     SSL_HIGH | SSL_FIPS,
1514
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1515
     128,
1516
     128,
1517
     },
1518
    {
1519
     1,
1520
     TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1521
     TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1522
     TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523
     SSL_kDHEPSK,
1524
     SSL_aPSK,
1525
     SSL_AES256GCM,
1526
     SSL_AEAD,
1527
     TLS1_2_VERSION, TLS1_2_VERSION,
1528
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1529
     SSL_HIGH | SSL_FIPS,
1530
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1531
     256,
1532
     256,
1533
     },
1534
    {
1535
     1,
1536
     TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1537
     TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1538
     TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539
     SSL_kRSAPSK,
1540
     SSL_aRSA,
1541
     SSL_AES128GCM,
1542
     SSL_AEAD,
1543
     TLS1_2_VERSION, TLS1_2_VERSION,
1544
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1545
     SSL_HIGH | SSL_FIPS,
1546
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1547
     128,
1548
     128,
1549
     },
1550
    {
1551
     1,
1552
     TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1553
     TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1554
     TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555
     SSL_kRSAPSK,
1556
     SSL_aRSA,
1557
     SSL_AES256GCM,
1558
     SSL_AEAD,
1559
     TLS1_2_VERSION, TLS1_2_VERSION,
1560
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1561
     SSL_HIGH | SSL_FIPS,
1562
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1563
     256,
1564
     256,
1565
     },
1566
    {
1567
     1,
1568
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1569
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1570
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1571
     SSL_kPSK,
1572
     SSL_aPSK,
1573
     SSL_AES128,
1574
     SSL_SHA256,
1575
     TLS1_VERSION, TLS1_2_VERSION,
1576
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1577
     SSL_HIGH | SSL_FIPS,
1578
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1579
     128,
1580
     128,
1581
     },
1582
    {
1583
     1,
1584
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1585
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1586
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1587
     SSL_kPSK,
1588
     SSL_aPSK,
1589
     SSL_AES256,
1590
     SSL_SHA384,
1591
     TLS1_VERSION, TLS1_2_VERSION,
1592
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1593
     SSL_HIGH | SSL_FIPS,
1594
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1595
     256,
1596
     256,
1597
     },
1598
    {
1599
     1,
1600
     TLS1_TXT_PSK_WITH_NULL_SHA256,
1601
     TLS1_RFC_PSK_WITH_NULL_SHA256,
1602
     TLS1_CK_PSK_WITH_NULL_SHA256,
1603
     SSL_kPSK,
1604
     SSL_aPSK,
1605
     SSL_eNULL,
1606
     SSL_SHA256,
1607
     TLS1_VERSION, TLS1_2_VERSION,
1608
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1609
     SSL_STRONG_NONE | SSL_FIPS,
1610
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1611
     0,
1612
     0,
1613
     },
1614
    {
1615
     1,
1616
     TLS1_TXT_PSK_WITH_NULL_SHA384,
1617
     TLS1_RFC_PSK_WITH_NULL_SHA384,
1618
     TLS1_CK_PSK_WITH_NULL_SHA384,
1619
     SSL_kPSK,
1620
     SSL_aPSK,
1621
     SSL_eNULL,
1622
     SSL_SHA384,
1623
     TLS1_VERSION, TLS1_2_VERSION,
1624
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1625
     SSL_STRONG_NONE | SSL_FIPS,
1626
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1627
     0,
1628
     0,
1629
     },
1630
    {
1631
     1,
1632
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1633
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1634
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635
     SSL_kDHEPSK,
1636
     SSL_aPSK,
1637
     SSL_AES128,
1638
     SSL_SHA256,
1639
     TLS1_VERSION, TLS1_2_VERSION,
1640
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1641
     SSL_HIGH | SSL_FIPS,
1642
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1643
     128,
1644
     128,
1645
     },
1646
    {
1647
     1,
1648
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1649
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1650
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651
     SSL_kDHEPSK,
1652
     SSL_aPSK,
1653
     SSL_AES256,
1654
     SSL_SHA384,
1655
     TLS1_VERSION, TLS1_2_VERSION,
1656
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1657
     SSL_HIGH | SSL_FIPS,
1658
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1659
     256,
1660
     256,
1661
     },
1662
    {
1663
     1,
1664
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1665
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1666
     TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1667
     SSL_kDHEPSK,
1668
     SSL_aPSK,
1669
     SSL_eNULL,
1670
     SSL_SHA256,
1671
     TLS1_VERSION, TLS1_2_VERSION,
1672
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1673
     SSL_STRONG_NONE | SSL_FIPS,
1674
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1675
     0,
1676
     0,
1677
     },
1678
    {
1679
     1,
1680
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1681
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1682
     TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1683
     SSL_kDHEPSK,
1684
     SSL_aPSK,
1685
     SSL_eNULL,
1686
     SSL_SHA384,
1687
     TLS1_VERSION, TLS1_2_VERSION,
1688
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1689
     SSL_STRONG_NONE | SSL_FIPS,
1690
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1691
     0,
1692
     0,
1693
     },
1694
    {
1695
     1,
1696
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1697
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1698
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699
     SSL_kRSAPSK,
1700
     SSL_aRSA,
1701
     SSL_AES128,
1702
     SSL_SHA256,
1703
     TLS1_VERSION, TLS1_2_VERSION,
1704
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1705
     SSL_HIGH | SSL_FIPS,
1706
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1707
     128,
1708
     128,
1709
     },
1710
    {
1711
     1,
1712
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1713
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1714
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715
     SSL_kRSAPSK,
1716
     SSL_aRSA,
1717
     SSL_AES256,
1718
     SSL_SHA384,
1719
     TLS1_VERSION, TLS1_2_VERSION,
1720
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1721
     SSL_HIGH | SSL_FIPS,
1722
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1723
     256,
1724
     256,
1725
     },
1726
    {
1727
     1,
1728
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1729
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1730
     TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1731
     SSL_kRSAPSK,
1732
     SSL_aRSA,
1733
     SSL_eNULL,
1734
     SSL_SHA256,
1735
     TLS1_VERSION, TLS1_2_VERSION,
1736
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1737
     SSL_STRONG_NONE | SSL_FIPS,
1738
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1739
     0,
1740
     0,
1741
     },
1742
    {
1743
     1,
1744
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1745
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1746
     TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1747
     SSL_kRSAPSK,
1748
     SSL_aRSA,
1749
     SSL_eNULL,
1750
     SSL_SHA384,
1751
     TLS1_VERSION, TLS1_2_VERSION,
1752
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1753
     SSL_STRONG_NONE | SSL_FIPS,
1754
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1755
     0,
1756
     0,
1757
     },
1758
#  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1759
    {
1760
     1,
1761
     TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1762
     TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1763
     TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1764
     SSL_kECDHEPSK,
1765
     SSL_aPSK,
1766
     SSL_3DES,
1767
     SSL_SHA1,
1768
     TLS1_VERSION, TLS1_2_VERSION,
1769
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1770
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1771
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1772
     112,
1773
     168,
1774
     },
1775
#  endif
1776
    {
1777
     1,
1778
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1779
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1780
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1781
     SSL_kECDHEPSK,
1782
     SSL_aPSK,
1783
     SSL_AES128,
1784
     SSL_SHA1,
1785
     TLS1_VERSION, TLS1_2_VERSION,
1786
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1787
     SSL_HIGH | SSL_FIPS,
1788
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1789
     128,
1790
     128,
1791
     },
1792
    {
1793
     1,
1794
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1795
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1796
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1797
     SSL_kECDHEPSK,
1798
     SSL_aPSK,
1799
     SSL_AES256,
1800
     SSL_SHA1,
1801
     TLS1_VERSION, TLS1_2_VERSION,
1802
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1803
     SSL_HIGH | SSL_FIPS,
1804
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1805
     256,
1806
     256,
1807
     },
1808
    {
1809
     1,
1810
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1811
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1812
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1813
     SSL_kECDHEPSK,
1814
     SSL_aPSK,
1815
     SSL_AES128,
1816
     SSL_SHA256,
1817
     TLS1_VERSION, TLS1_2_VERSION,
1818
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1819
     SSL_HIGH | SSL_FIPS,
1820
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1821
     128,
1822
     128,
1823
     },
1824
    {
1825
     1,
1826
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1827
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1828
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1829
     SSL_kECDHEPSK,
1830
     SSL_aPSK,
1831
     SSL_AES256,
1832
     SSL_SHA384,
1833
     TLS1_VERSION, TLS1_2_VERSION,
1834
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1835
     SSL_HIGH | SSL_FIPS,
1836
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1837
     256,
1838
     256,
1839
     },
1840
    {
1841
     1,
1842
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1843
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1844
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1845
     SSL_kECDHEPSK,
1846
     SSL_aPSK,
1847
     SSL_eNULL,
1848
     SSL_SHA1,
1849
     TLS1_VERSION, TLS1_2_VERSION,
1850
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1851
     SSL_STRONG_NONE | SSL_FIPS,
1852
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1853
     0,
1854
     0,
1855
     },
1856
    {
1857
     1,
1858
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1859
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1860
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1861
     SSL_kECDHEPSK,
1862
     SSL_aPSK,
1863
     SSL_eNULL,
1864
     SSL_SHA256,
1865
     TLS1_VERSION, TLS1_2_VERSION,
1866
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1867
     SSL_STRONG_NONE | SSL_FIPS,
1868
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1869
     0,
1870
     0,
1871
     },
1872
    {
1873
     1,
1874
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1875
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1876
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1877
     SSL_kECDHEPSK,
1878
     SSL_aPSK,
1879
     SSL_eNULL,
1880
     SSL_SHA384,
1881
     TLS1_VERSION, TLS1_2_VERSION,
1882
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1883
     SSL_STRONG_NONE | SSL_FIPS,
1884
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1885
     0,
1886
     0,
1887
     },
1888
1889
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1890
    {
1891
     1,
1892
     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1893
     TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1894
     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1895
     SSL_kSRP,
1896
     SSL_aSRP,
1897
     SSL_3DES,
1898
     SSL_SHA1,
1899
     SSL3_VERSION, TLS1_2_VERSION,
1900
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1901
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1902
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1903
     112,
1904
     168,
1905
     },
1906
    {
1907
     1,
1908
     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1909
     TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1910
     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1911
     SSL_kSRP,
1912
     SSL_aRSA,
1913
     SSL_3DES,
1914
     SSL_SHA1,
1915
     SSL3_VERSION, TLS1_2_VERSION,
1916
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1917
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1918
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1919
     112,
1920
     168,
1921
     },
1922
    {
1923
     1,
1924
     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1925
     TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1926
     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1927
     SSL_kSRP,
1928
     SSL_aDSS,
1929
     SSL_3DES,
1930
     SSL_SHA1,
1931
     SSL3_VERSION, TLS1_2_VERSION,
1932
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1933
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1934
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1935
     112,
1936
     168,
1937
     },
1938
# endif
1939
    {
1940
     1,
1941
     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1942
     TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1943
     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1944
     SSL_kSRP,
1945
     SSL_aSRP,
1946
     SSL_AES128,
1947
     SSL_SHA1,
1948
     SSL3_VERSION, TLS1_2_VERSION,
1949
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1950
     SSL_HIGH,
1951
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1952
     128,
1953
     128,
1954
     },
1955
    {
1956
     1,
1957
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1958
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1959
     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1960
     SSL_kSRP,
1961
     SSL_aRSA,
1962
     SSL_AES128,
1963
     SSL_SHA1,
1964
     SSL3_VERSION, TLS1_2_VERSION,
1965
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1966
     SSL_HIGH,
1967
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1968
     128,
1969
     128,
1970
     },
1971
    {
1972
     1,
1973
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1974
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1975
     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1976
     SSL_kSRP,
1977
     SSL_aDSS,
1978
     SSL_AES128,
1979
     SSL_SHA1,
1980
     SSL3_VERSION, TLS1_2_VERSION,
1981
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1982
     SSL_NOT_DEFAULT | SSL_HIGH,
1983
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1984
     128,
1985
     128,
1986
     },
1987
    {
1988
     1,
1989
     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1990
     TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1991
     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1992
     SSL_kSRP,
1993
     SSL_aSRP,
1994
     SSL_AES256,
1995
     SSL_SHA1,
1996
     SSL3_VERSION, TLS1_2_VERSION,
1997
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1998
     SSL_HIGH,
1999
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2000
     256,
2001
     256,
2002
     },
2003
    {
2004
     1,
2005
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2006
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2007
     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2008
     SSL_kSRP,
2009
     SSL_aRSA,
2010
     SSL_AES256,
2011
     SSL_SHA1,
2012
     SSL3_VERSION, TLS1_2_VERSION,
2013
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2014
     SSL_HIGH,
2015
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2016
     256,
2017
     256,
2018
     },
2019
    {
2020
     1,
2021
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2022
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2023
     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2024
     SSL_kSRP,
2025
     SSL_aDSS,
2026
     SSL_AES256,
2027
     SSL_SHA1,
2028
     SSL3_VERSION, TLS1_2_VERSION,
2029
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2030
     SSL_NOT_DEFAULT | SSL_HIGH,
2031
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2032
     256,
2033
     256,
2034
     },
2035
2036
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2037
    {
2038
     1,
2039
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2040
     TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2041
     TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2042
     SSL_kDHE,
2043
     SSL_aRSA,
2044
     SSL_CHACHA20POLY1305,
2045
     SSL_AEAD,
2046
     TLS1_2_VERSION, TLS1_2_VERSION,
2047
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2048
     SSL_HIGH,
2049
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2050
     256,
2051
     256,
2052
     },
2053
    {
2054
     1,
2055
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2056
     TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2057
     TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2058
     SSL_kECDHE,
2059
     SSL_aRSA,
2060
     SSL_CHACHA20POLY1305,
2061
     SSL_AEAD,
2062
     TLS1_2_VERSION, TLS1_2_VERSION,
2063
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2064
     SSL_HIGH,
2065
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2066
     256,
2067
     256,
2068
     },
2069
    {
2070
     1,
2071
     TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2072
     TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2073
     TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2074
     SSL_kECDHE,
2075
     SSL_aECDSA,
2076
     SSL_CHACHA20POLY1305,
2077
     SSL_AEAD,
2078
     TLS1_2_VERSION, TLS1_2_VERSION,
2079
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2080
     SSL_HIGH,
2081
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2082
     256,
2083
     256,
2084
     },
2085
    {
2086
     1,
2087
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2088
     TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2089
     TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2090
     SSL_kPSK,
2091
     SSL_aPSK,
2092
     SSL_CHACHA20POLY1305,
2093
     SSL_AEAD,
2094
     TLS1_2_VERSION, TLS1_2_VERSION,
2095
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2096
     SSL_HIGH,
2097
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2098
     256,
2099
     256,
2100
     },
2101
    {
2102
     1,
2103
     TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2104
     TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2105
     TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2106
     SSL_kECDHEPSK,
2107
     SSL_aPSK,
2108
     SSL_CHACHA20POLY1305,
2109
     SSL_AEAD,
2110
     TLS1_2_VERSION, TLS1_2_VERSION,
2111
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2112
     SSL_HIGH,
2113
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2114
     256,
2115
     256,
2116
     },
2117
    {
2118
     1,
2119
     TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2120
     TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2121
     TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2122
     SSL_kDHEPSK,
2123
     SSL_aPSK,
2124
     SSL_CHACHA20POLY1305,
2125
     SSL_AEAD,
2126
     TLS1_2_VERSION, TLS1_2_VERSION,
2127
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2128
     SSL_HIGH,
2129
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2130
     256,
2131
     256,
2132
     },
2133
    {
2134
     1,
2135
     TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2136
     TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2137
     TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2138
     SSL_kRSAPSK,
2139
     SSL_aRSA,
2140
     SSL_CHACHA20POLY1305,
2141
     SSL_AEAD,
2142
     TLS1_2_VERSION, TLS1_2_VERSION,
2143
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2144
     SSL_HIGH,
2145
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2146
     256,
2147
     256,
2148
     },
2149
#endif                          /* !defined(OPENSSL_NO_CHACHA) &&
2150
                                 * !defined(OPENSSL_NO_POLY1305) */
2151
2152
#ifndef OPENSSL_NO_CAMELLIA
2153
    {
2154
     1,
2155
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2156
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2157
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2158
     SSL_kRSA,
2159
     SSL_aRSA,
2160
     SSL_CAMELLIA128,
2161
     SSL_SHA256,
2162
     TLS1_2_VERSION, TLS1_2_VERSION,
2163
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2164
     SSL_NOT_DEFAULT | SSL_HIGH,
2165
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2166
     128,
2167
     128,
2168
     },
2169
    {
2170
     1,
2171
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2172
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2173
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2174
     SSL_kDHE,
2175
     SSL_aDSS,
2176
     SSL_CAMELLIA128,
2177
     SSL_SHA256,
2178
     TLS1_2_VERSION, TLS1_2_VERSION,
2179
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2180
     SSL_NOT_DEFAULT | SSL_HIGH,
2181
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2182
     128,
2183
     128,
2184
     },
2185
    {
2186
     1,
2187
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2188
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2189
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2190
     SSL_kDHE,
2191
     SSL_aRSA,
2192
     SSL_CAMELLIA128,
2193
     SSL_SHA256,
2194
     TLS1_2_VERSION, TLS1_2_VERSION,
2195
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2196
     SSL_NOT_DEFAULT | SSL_HIGH,
2197
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2198
     128,
2199
     128,
2200
     },
2201
    {
2202
     1,
2203
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2204
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2205
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2206
     SSL_kDHE,
2207
     SSL_aNULL,
2208
     SSL_CAMELLIA128,
2209
     SSL_SHA256,
2210
     TLS1_2_VERSION, TLS1_2_VERSION,
2211
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2212
     SSL_NOT_DEFAULT | SSL_HIGH,
2213
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2214
     128,
2215
     128,
2216
     },
2217
    {
2218
     1,
2219
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2220
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2221
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2222
     SSL_kRSA,
2223
     SSL_aRSA,
2224
     SSL_CAMELLIA256,
2225
     SSL_SHA256,
2226
     TLS1_2_VERSION, TLS1_2_VERSION,
2227
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2228
     SSL_NOT_DEFAULT | SSL_HIGH,
2229
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2230
     256,
2231
     256,
2232
     },
2233
    {
2234
     1,
2235
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2236
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2237
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2238
     SSL_kDHE,
2239
     SSL_aDSS,
2240
     SSL_CAMELLIA256,
2241
     SSL_SHA256,
2242
     TLS1_2_VERSION, TLS1_2_VERSION,
2243
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2244
     SSL_NOT_DEFAULT | SSL_HIGH,
2245
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2246
     256,
2247
     256,
2248
     },
2249
    {
2250
     1,
2251
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2252
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2253
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2254
     SSL_kDHE,
2255
     SSL_aRSA,
2256
     SSL_CAMELLIA256,
2257
     SSL_SHA256,
2258
     TLS1_2_VERSION, TLS1_2_VERSION,
2259
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2260
     SSL_NOT_DEFAULT | SSL_HIGH,
2261
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2262
     256,
2263
     256,
2264
     },
2265
    {
2266
     1,
2267
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2268
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2269
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2270
     SSL_kDHE,
2271
     SSL_aNULL,
2272
     SSL_CAMELLIA256,
2273
     SSL_SHA256,
2274
     TLS1_2_VERSION, TLS1_2_VERSION,
2275
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2276
     SSL_NOT_DEFAULT | SSL_HIGH,
2277
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2278
     256,
2279
     256,
2280
     },
2281
    {
2282
     1,
2283
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2284
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2285
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2286
     SSL_kRSA,
2287
     SSL_aRSA,
2288
     SSL_CAMELLIA256,
2289
     SSL_SHA1,
2290
     SSL3_VERSION, TLS1_2_VERSION,
2291
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2292
     SSL_NOT_DEFAULT | SSL_HIGH,
2293
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2294
     256,
2295
     256,
2296
     },
2297
    {
2298
     1,
2299
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2300
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2301
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2302
     SSL_kDHE,
2303
     SSL_aDSS,
2304
     SSL_CAMELLIA256,
2305
     SSL_SHA1,
2306
     SSL3_VERSION, TLS1_2_VERSION,
2307
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2308
     SSL_NOT_DEFAULT | SSL_HIGH,
2309
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2310
     256,
2311
     256,
2312
     },
2313
    {
2314
     1,
2315
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2316
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2317
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2318
     SSL_kDHE,
2319
     SSL_aRSA,
2320
     SSL_CAMELLIA256,
2321
     SSL_SHA1,
2322
     SSL3_VERSION, TLS1_2_VERSION,
2323
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2324
     SSL_NOT_DEFAULT | SSL_HIGH,
2325
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2326
     256,
2327
     256,
2328
     },
2329
    {
2330
     1,
2331
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2332
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2333
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2334
     SSL_kDHE,
2335
     SSL_aNULL,
2336
     SSL_CAMELLIA256,
2337
     SSL_SHA1,
2338
     SSL3_VERSION, TLS1_2_VERSION,
2339
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2340
     SSL_NOT_DEFAULT | SSL_HIGH,
2341
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2342
     256,
2343
     256,
2344
     },
2345
    {
2346
     1,
2347
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2348
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2349
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2350
     SSL_kRSA,
2351
     SSL_aRSA,
2352
     SSL_CAMELLIA128,
2353
     SSL_SHA1,
2354
     SSL3_VERSION, TLS1_2_VERSION,
2355
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2356
     SSL_NOT_DEFAULT | SSL_HIGH,
2357
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2358
     128,
2359
     128,
2360
     },
2361
    {
2362
     1,
2363
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2364
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2365
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2366
     SSL_kDHE,
2367
     SSL_aDSS,
2368
     SSL_CAMELLIA128,
2369
     SSL_SHA1,
2370
     SSL3_VERSION, TLS1_2_VERSION,
2371
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2372
     SSL_NOT_DEFAULT | SSL_HIGH,
2373
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2374
     128,
2375
     128,
2376
     },
2377
    {
2378
     1,
2379
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2380
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2381
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2382
     SSL_kDHE,
2383
     SSL_aRSA,
2384
     SSL_CAMELLIA128,
2385
     SSL_SHA1,
2386
     SSL3_VERSION, TLS1_2_VERSION,
2387
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2388
     SSL_NOT_DEFAULT | SSL_HIGH,
2389
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2390
     128,
2391
     128,
2392
     },
2393
    {
2394
     1,
2395
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2396
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2397
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2398
     SSL_kDHE,
2399
     SSL_aNULL,
2400
     SSL_CAMELLIA128,
2401
     SSL_SHA1,
2402
     SSL3_VERSION, TLS1_2_VERSION,
2403
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2404
     SSL_NOT_DEFAULT | SSL_HIGH,
2405
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2406
     128,
2407
     128,
2408
     },
2409
    {
2410
     1,
2411
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2412
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2413
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2414
     SSL_kECDHE,
2415
     SSL_aECDSA,
2416
     SSL_CAMELLIA128,
2417
     SSL_SHA256,
2418
     TLS1_2_VERSION, TLS1_2_VERSION,
2419
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2420
     SSL_NOT_DEFAULT | SSL_HIGH,
2421
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2422
     128,
2423
     128,
2424
     },
2425
    {
2426
     1,
2427
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2428
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2429
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2430
     SSL_kECDHE,
2431
     SSL_aECDSA,
2432
     SSL_CAMELLIA256,
2433
     SSL_SHA384,
2434
     TLS1_2_VERSION, TLS1_2_VERSION,
2435
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2436
     SSL_NOT_DEFAULT | SSL_HIGH,
2437
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2438
     256,
2439
     256,
2440
     },
2441
    {
2442
     1,
2443
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2444
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2445
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2446
     SSL_kECDHE,
2447
     SSL_aRSA,
2448
     SSL_CAMELLIA128,
2449
     SSL_SHA256,
2450
     TLS1_2_VERSION, TLS1_2_VERSION,
2451
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2452
     SSL_NOT_DEFAULT | SSL_HIGH,
2453
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2454
     128,
2455
     128,
2456
     },
2457
    {
2458
     1,
2459
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2460
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2461
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2462
     SSL_kECDHE,
2463
     SSL_aRSA,
2464
     SSL_CAMELLIA256,
2465
     SSL_SHA384,
2466
     TLS1_2_VERSION, TLS1_2_VERSION,
2467
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2468
     SSL_NOT_DEFAULT | SSL_HIGH,
2469
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2470
     256,
2471
     256,
2472
     },
2473
    {
2474
     1,
2475
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2476
     TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2477
     TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2478
     SSL_kPSK,
2479
     SSL_aPSK,
2480
     SSL_CAMELLIA128,
2481
     SSL_SHA256,
2482
     TLS1_VERSION, TLS1_2_VERSION,
2483
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2484
     SSL_NOT_DEFAULT | SSL_HIGH,
2485
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2486
     128,
2487
     128,
2488
     },
2489
    {
2490
     1,
2491
     TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2492
     TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2493
     TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2494
     SSL_kPSK,
2495
     SSL_aPSK,
2496
     SSL_CAMELLIA256,
2497
     SSL_SHA384,
2498
     TLS1_VERSION, TLS1_2_VERSION,
2499
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2500
     SSL_NOT_DEFAULT | SSL_HIGH,
2501
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2502
     256,
2503
     256,
2504
     },
2505
    {
2506
     1,
2507
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2508
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2509
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2510
     SSL_kDHEPSK,
2511
     SSL_aPSK,
2512
     SSL_CAMELLIA128,
2513
     SSL_SHA256,
2514
     TLS1_VERSION, TLS1_2_VERSION,
2515
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2516
     SSL_NOT_DEFAULT | SSL_HIGH,
2517
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2518
     128,
2519
     128,
2520
     },
2521
    {
2522
     1,
2523
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2524
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2525
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2526
     SSL_kDHEPSK,
2527
     SSL_aPSK,
2528
     SSL_CAMELLIA256,
2529
     SSL_SHA384,
2530
     TLS1_VERSION, TLS1_2_VERSION,
2531
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2532
     SSL_NOT_DEFAULT | SSL_HIGH,
2533
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2534
     256,
2535
     256,
2536
     },
2537
    {
2538
     1,
2539
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2540
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2541
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2542
     SSL_kRSAPSK,
2543
     SSL_aRSA,
2544
     SSL_CAMELLIA128,
2545
     SSL_SHA256,
2546
     TLS1_VERSION, TLS1_2_VERSION,
2547
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2548
     SSL_NOT_DEFAULT | SSL_HIGH,
2549
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2550
     128,
2551
     128,
2552
     },
2553
    {
2554
     1,
2555
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2556
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2557
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2558
     SSL_kRSAPSK,
2559
     SSL_aRSA,
2560
     SSL_CAMELLIA256,
2561
     SSL_SHA384,
2562
     TLS1_VERSION, TLS1_2_VERSION,
2563
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2564
     SSL_NOT_DEFAULT | SSL_HIGH,
2565
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2566
     256,
2567
     256,
2568
     },
2569
    {
2570
     1,
2571
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2572
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2573
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2574
     SSL_kECDHEPSK,
2575
     SSL_aPSK,
2576
     SSL_CAMELLIA128,
2577
     SSL_SHA256,
2578
     TLS1_VERSION, TLS1_2_VERSION,
2579
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2580
     SSL_NOT_DEFAULT | SSL_HIGH,
2581
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2582
     128,
2583
     128,
2584
     },
2585
    {
2586
     1,
2587
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2588
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2589
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2590
     SSL_kECDHEPSK,
2591
     SSL_aPSK,
2592
     SSL_CAMELLIA256,
2593
     SSL_SHA384,
2594
     TLS1_VERSION, TLS1_2_VERSION,
2595
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2596
     SSL_NOT_DEFAULT | SSL_HIGH,
2597
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2598
     256,
2599
     256,
2600
     },
2601
#endif                          /* OPENSSL_NO_CAMELLIA */
2602
2603
#ifndef OPENSSL_NO_GOST
2604
    {
2605
     1,
2606
     "GOST2001-GOST89-GOST89",
2607
     "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2608
     0x3000081,
2609
     SSL_kGOST,
2610
     SSL_aGOST01,
2611
     SSL_eGOST2814789CNT,
2612
     SSL_GOST89MAC,
2613
     TLS1_VERSION, TLS1_2_VERSION,
2614
     0, 0,
2615
     SSL_HIGH,
2616
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2617
     256,
2618
     256,
2619
     },
2620
    {
2621
     1,
2622
     "GOST2001-NULL-GOST94",
2623
     "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2624
     0x3000083,
2625
     SSL_kGOST,
2626
     SSL_aGOST01,
2627
     SSL_eNULL,
2628
     SSL_GOST94,
2629
     TLS1_VERSION, TLS1_2_VERSION,
2630
     0, 0,
2631
     SSL_STRONG_NONE,
2632
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2633
     0,
2634
     0,
2635
     },
2636
    {
2637
     1,
2638
     "GOST2012-GOST8912-GOST8912",
2639
     NULL,
2640
     0x0300ff85,
2641
     SSL_kGOST,
2642
     SSL_aGOST12 | SSL_aGOST01,
2643
     SSL_eGOST2814789CNT12,
2644
     SSL_GOST89MAC12,
2645
     TLS1_VERSION, TLS1_2_VERSION,
2646
     0, 0,
2647
     SSL_HIGH,
2648
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2649
     256,
2650
     256,
2651
     },
2652
    {
2653
     1,
2654
     "GOST2012-NULL-GOST12",
2655
     NULL,
2656
     0x0300ff87,
2657
     SSL_kGOST,
2658
     SSL_aGOST12 | SSL_aGOST01,
2659
     SSL_eNULL,
2660
     SSL_GOST12_256,
2661
     TLS1_VERSION, TLS1_2_VERSION,
2662
     0, 0,
2663
     SSL_STRONG_NONE,
2664
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2665
     0,
2666
     0,
2667
     },
2668
#endif                          /* OPENSSL_NO_GOST */
2669
2670
#ifndef OPENSSL_NO_IDEA
2671
    {
2672
     1,
2673
     SSL3_TXT_RSA_IDEA_128_SHA,
2674
     SSL3_RFC_RSA_IDEA_128_SHA,
2675
     SSL3_CK_RSA_IDEA_128_SHA,
2676
     SSL_kRSA,
2677
     SSL_aRSA,
2678
     SSL_IDEA,
2679
     SSL_SHA1,
2680
     SSL3_VERSION, TLS1_1_VERSION,
2681
     DTLS1_BAD_VER, DTLS1_VERSION,
2682
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2683
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2684
     128,
2685
     128,
2686
     },
2687
#endif
2688
2689
#ifndef OPENSSL_NO_SEED
2690
    {
2691
     1,
2692
     TLS1_TXT_RSA_WITH_SEED_SHA,
2693
     TLS1_RFC_RSA_WITH_SEED_SHA,
2694
     TLS1_CK_RSA_WITH_SEED_SHA,
2695
     SSL_kRSA,
2696
     SSL_aRSA,
2697
     SSL_SEED,
2698
     SSL_SHA1,
2699
     SSL3_VERSION, TLS1_2_VERSION,
2700
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2701
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2702
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2703
     128,
2704
     128,
2705
     },
2706
    {
2707
     1,
2708
     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2709
     TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2710
     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2711
     SSL_kDHE,
2712
     SSL_aDSS,
2713
     SSL_SEED,
2714
     SSL_SHA1,
2715
     SSL3_VERSION, TLS1_2_VERSION,
2716
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2717
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2718
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2719
     128,
2720
     128,
2721
     },
2722
    {
2723
     1,
2724
     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2725
     TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2726
     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2727
     SSL_kDHE,
2728
     SSL_aRSA,
2729
     SSL_SEED,
2730
     SSL_SHA1,
2731
     SSL3_VERSION, TLS1_2_VERSION,
2732
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2733
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2734
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2735
     128,
2736
     128,
2737
     },
2738
    {
2739
     1,
2740
     TLS1_TXT_ADH_WITH_SEED_SHA,
2741
     TLS1_RFC_ADH_WITH_SEED_SHA,
2742
     TLS1_CK_ADH_WITH_SEED_SHA,
2743
     SSL_kDHE,
2744
     SSL_aNULL,
2745
     SSL_SEED,
2746
     SSL_SHA1,
2747
     SSL3_VERSION, TLS1_2_VERSION,
2748
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2749
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2750
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2751
     128,
2752
     128,
2753
     },
2754
#endif                          /* OPENSSL_NO_SEED */
2755
2756
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2757
    {
2758
     1,
2759
     SSL3_TXT_RSA_RC4_128_MD5,
2760
     SSL3_RFC_RSA_RC4_128_MD5,
2761
     SSL3_CK_RSA_RC4_128_MD5,
2762
     SSL_kRSA,
2763
     SSL_aRSA,
2764
     SSL_RC4,
2765
     SSL_MD5,
2766
     SSL3_VERSION, TLS1_2_VERSION,
2767
     0, 0,
2768
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2769
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2770
     128,
2771
     128,
2772
     },
2773
    {
2774
     1,
2775
     SSL3_TXT_RSA_RC4_128_SHA,
2776
     SSL3_RFC_RSA_RC4_128_SHA,
2777
     SSL3_CK_RSA_RC4_128_SHA,
2778
     SSL_kRSA,
2779
     SSL_aRSA,
2780
     SSL_RC4,
2781
     SSL_SHA1,
2782
     SSL3_VERSION, TLS1_2_VERSION,
2783
     0, 0,
2784
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2785
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2786
     128,
2787
     128,
2788
     },
2789
    {
2790
     1,
2791
     SSL3_TXT_ADH_RC4_128_MD5,
2792
     SSL3_RFC_ADH_RC4_128_MD5,
2793
     SSL3_CK_ADH_RC4_128_MD5,
2794
     SSL_kDHE,
2795
     SSL_aNULL,
2796
     SSL_RC4,
2797
     SSL_MD5,
2798
     SSL3_VERSION, TLS1_2_VERSION,
2799
     0, 0,
2800
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2801
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2802
     128,
2803
     128,
2804
     },
2805
    {
2806
     1,
2807
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2808
     TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2809
     TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2810
     SSL_kECDHEPSK,
2811
     SSL_aPSK,
2812
     SSL_RC4,
2813
     SSL_SHA1,
2814
     TLS1_VERSION, TLS1_2_VERSION,
2815
     0, 0,
2816
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2817
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2818
     128,
2819
     128,
2820
     },
2821
    {
2822
     1,
2823
     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2824
     TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2825
     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2826
     SSL_kECDHE,
2827
     SSL_aNULL,
2828
     SSL_RC4,
2829
     SSL_SHA1,
2830
     TLS1_VERSION, TLS1_2_VERSION,
2831
     0, 0,
2832
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2833
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2834
     128,
2835
     128,
2836
     },
2837
    {
2838
     1,
2839
     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2840
     TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2841
     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2842
     SSL_kECDHE,
2843
     SSL_aECDSA,
2844
     SSL_RC4,
2845
     SSL_SHA1,
2846
     TLS1_VERSION, TLS1_2_VERSION,
2847
     0, 0,
2848
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2849
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2850
     128,
2851
     128,
2852
     },
2853
    {
2854
     1,
2855
     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2856
     TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2857
     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2858
     SSL_kECDHE,
2859
     SSL_aRSA,
2860
     SSL_RC4,
2861
     SSL_SHA1,
2862
     TLS1_VERSION, TLS1_2_VERSION,
2863
     0, 0,
2864
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2865
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2866
     128,
2867
     128,
2868
     },
2869
    {
2870
     1,
2871
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
2872
     TLS1_RFC_PSK_WITH_RC4_128_SHA,
2873
     TLS1_CK_PSK_WITH_RC4_128_SHA,
2874
     SSL_kPSK,
2875
     SSL_aPSK,
2876
     SSL_RC4,
2877
     SSL_SHA1,
2878
     SSL3_VERSION, TLS1_2_VERSION,
2879
     0, 0,
2880
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2881
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2882
     128,
2883
     128,
2884
     },
2885
    {
2886
     1,
2887
     TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2888
     TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2889
     TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2890
     SSL_kRSAPSK,
2891
     SSL_aRSA,
2892
     SSL_RC4,
2893
     SSL_SHA1,
2894
     SSL3_VERSION, TLS1_2_VERSION,
2895
     0, 0,
2896
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2897
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2898
     128,
2899
     128,
2900
     },
2901
    {
2902
     1,
2903
     TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2904
     TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2905
     TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2906
     SSL_kDHEPSK,
2907
     SSL_aPSK,
2908
     SSL_RC4,
2909
     SSL_SHA1,
2910
     SSL3_VERSION, TLS1_2_VERSION,
2911
     0, 0,
2912
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2913
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2914
     128,
2915
     128,
2916
     },
2917
#endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2918
2919
#ifndef OPENSSL_NO_ARIA
2920
    {
2921
     1,
2922
     TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2923
     TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2924
     TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2925
     SSL_kRSA,
2926
     SSL_aRSA,
2927
     SSL_ARIA128GCM,
2928
     SSL_AEAD,
2929
     TLS1_2_VERSION, TLS1_2_VERSION,
2930
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2931
     SSL_NOT_DEFAULT | SSL_HIGH,
2932
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2933
     128,
2934
     128,
2935
     },
2936
    {
2937
     1,
2938
     TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2939
     TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2940
     TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2941
     SSL_kRSA,
2942
     SSL_aRSA,
2943
     SSL_ARIA256GCM,
2944
     SSL_AEAD,
2945
     TLS1_2_VERSION, TLS1_2_VERSION,
2946
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2947
     SSL_NOT_DEFAULT | SSL_HIGH,
2948
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2949
     256,
2950
     256,
2951
     },
2952
    {
2953
     1,
2954
     TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2955
     TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2956
     TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2957
     SSL_kDHE,
2958
     SSL_aRSA,
2959
     SSL_ARIA128GCM,
2960
     SSL_AEAD,
2961
     TLS1_2_VERSION, TLS1_2_VERSION,
2962
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2963
     SSL_NOT_DEFAULT | SSL_HIGH,
2964
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2965
     128,
2966
     128,
2967
     },
2968
    {
2969
     1,
2970
     TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2971
     TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2972
     TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2973
     SSL_kDHE,
2974
     SSL_aRSA,
2975
     SSL_ARIA256GCM,
2976
     SSL_AEAD,
2977
     TLS1_2_VERSION, TLS1_2_VERSION,
2978
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2979
     SSL_NOT_DEFAULT | SSL_HIGH,
2980
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2981
     256,
2982
     256,
2983
     },
2984
    {
2985
     1,
2986
     TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2987
     TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2988
     TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2989
     SSL_kDHE,
2990
     SSL_aDSS,
2991
     SSL_ARIA128GCM,
2992
     SSL_AEAD,
2993
     TLS1_2_VERSION, TLS1_2_VERSION,
2994
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2995
     SSL_NOT_DEFAULT | SSL_HIGH,
2996
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2997
     128,
2998
     128,
2999
     },
3000
    {
3001
     1,
3002
     TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3003
     TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3004
     TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3005
     SSL_kDHE,
3006
     SSL_aDSS,
3007
     SSL_ARIA256GCM,
3008
     SSL_AEAD,
3009
     TLS1_2_VERSION, TLS1_2_VERSION,
3010
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3011
     SSL_NOT_DEFAULT | SSL_HIGH,
3012
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3013
     256,
3014
     256,
3015
     },
3016
    {
3017
     1,
3018
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3019
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3020
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3021
     SSL_kECDHE,
3022
     SSL_aECDSA,
3023
     SSL_ARIA128GCM,
3024
     SSL_AEAD,
3025
     TLS1_2_VERSION, TLS1_2_VERSION,
3026
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3027
     SSL_NOT_DEFAULT | SSL_HIGH,
3028
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3029
     128,
3030
     128,
3031
     },
3032
    {
3033
     1,
3034
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3035
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3036
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3037
     SSL_kECDHE,
3038
     SSL_aECDSA,
3039
     SSL_ARIA256GCM,
3040
     SSL_AEAD,
3041
     TLS1_2_VERSION, TLS1_2_VERSION,
3042
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3043
     SSL_NOT_DEFAULT | SSL_HIGH,
3044
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3045
     256,
3046
     256,
3047
     },
3048
    {
3049
     1,
3050
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3051
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3052
     TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3053
     SSL_kECDHE,
3054
     SSL_aRSA,
3055
     SSL_ARIA128GCM,
3056
     SSL_AEAD,
3057
     TLS1_2_VERSION, TLS1_2_VERSION,
3058
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3059
     SSL_NOT_DEFAULT | SSL_HIGH,
3060
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3061
     128,
3062
     128,
3063
     },
3064
    {
3065
     1,
3066
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3067
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3068
     TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3069
     SSL_kECDHE,
3070
     SSL_aRSA,
3071
     SSL_ARIA256GCM,
3072
     SSL_AEAD,
3073
     TLS1_2_VERSION, TLS1_2_VERSION,
3074
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3075
     SSL_NOT_DEFAULT | SSL_HIGH,
3076
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3077
     256,
3078
     256,
3079
     },
3080
    {
3081
     1,
3082
     TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3083
     TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3084
     TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3085
     SSL_kPSK,
3086
     SSL_aPSK,
3087
     SSL_ARIA128GCM,
3088
     SSL_AEAD,
3089
     TLS1_2_VERSION, TLS1_2_VERSION,
3090
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3091
     SSL_NOT_DEFAULT | SSL_HIGH,
3092
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3093
     128,
3094
     128,
3095
     },
3096
    {
3097
     1,
3098
     TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3099
     TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3100
     TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3101
     SSL_kPSK,
3102
     SSL_aPSK,
3103
     SSL_ARIA256GCM,
3104
     SSL_AEAD,
3105
     TLS1_2_VERSION, TLS1_2_VERSION,
3106
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3107
     SSL_NOT_DEFAULT | SSL_HIGH,
3108
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3109
     256,
3110
     256,
3111
     },
3112
    {
3113
     1,
3114
     TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3115
     TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3116
     TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3117
     SSL_kDHEPSK,
3118
     SSL_aPSK,
3119
     SSL_ARIA128GCM,
3120
     SSL_AEAD,
3121
     TLS1_2_VERSION, TLS1_2_VERSION,
3122
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3123
     SSL_NOT_DEFAULT | SSL_HIGH,
3124
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3125
     128,
3126
     128,
3127
     },
3128
    {
3129
     1,
3130
     TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3131
     TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3132
     TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3133
     SSL_kDHEPSK,
3134
     SSL_aPSK,
3135
     SSL_ARIA256GCM,
3136
     SSL_AEAD,
3137
     TLS1_2_VERSION, TLS1_2_VERSION,
3138
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3139
     SSL_NOT_DEFAULT | SSL_HIGH,
3140
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3141
     256,
3142
     256,
3143
     },
3144
    {
3145
     1,
3146
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3147
     TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3148
     TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3149
     SSL_kRSAPSK,
3150
     SSL_aRSA,
3151
     SSL_ARIA128GCM,
3152
     SSL_AEAD,
3153
     TLS1_2_VERSION, TLS1_2_VERSION,
3154
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3155
     SSL_NOT_DEFAULT | SSL_HIGH,
3156
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3157
     128,
3158
     128,
3159
     },
3160
    {
3161
     1,
3162
     TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3163
     TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3164
     TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3165
     SSL_kRSAPSK,
3166
     SSL_aRSA,
3167
     SSL_ARIA256GCM,
3168
     SSL_AEAD,
3169
     TLS1_2_VERSION, TLS1_2_VERSION,
3170
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3171
     SSL_NOT_DEFAULT | SSL_HIGH,
3172
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3173
     256,
3174
     256,
3175
     },
3176
#endif /* OPENSSL_NO_ARIA */
3177
};
3178
3179
/*
3180
 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3181
 * values stuffed into the ciphers field of the wire protocol for signalling
3182
 * purposes.
3183
 */
3184
static SSL_CIPHER ssl3_scsvs[] = {
3185
    {
3186
     0,
3187
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3188
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3189
     SSL3_CK_SCSV,
3190
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3191
    },
3192
    {
3193
     0,
3194
     "TLS_FALLBACK_SCSV",
3195
     "TLS_FALLBACK_SCSV",
3196
     SSL3_CK_FALLBACK_SCSV,
3197
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3198
    },
3199
};
3200
3201
static int cipher_compare(const void *a, const void *b)
3202
1.98k
{
3203
1.98k
    const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3204
1.98k
    const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3205
3206
1.98k
    if (ap->id == bp->id)
3207
0
        return 0;
3208
1.98k
    return ap->id < bp->id ? -1 : 1;
3209
1.98k
}
3210
3211
void ssl_sort_cipher_list(void)
3212
2
{
3213
2
    qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3214
2
          cipher_compare);
3215
2
    qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
3216
2
          cipher_compare);
3217
2
    qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
3218
2
}
3219
3220
static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s,
3221
                                    const char * t, size_t u,
3222
                                    const unsigned char * v, size_t w, int x)
3223
0
{
3224
0
    (void)r;
3225
0
    (void)s;
3226
0
    (void)t;
3227
0
    (void)u;
3228
0
    (void)v;
3229
0
    (void)w;
3230
0
    (void)x;
3231
0
    return ssl_undefined_function(ssl);
3232
0
}
3233
3234
const SSL3_ENC_METHOD SSLv3_enc_data = {
3235
    ssl3_enc,
3236
    n_ssl3_mac,
3237
    ssl3_setup_key_block,
3238
    ssl3_generate_master_secret,
3239
    ssl3_change_cipher_state,
3240
    ssl3_final_finish_mac,
3241
    SSL3_MD_CLIENT_FINISHED_CONST, 4,
3242
    SSL3_MD_SERVER_FINISHED_CONST, 4,
3243
    ssl3_alert_code,
3244
    ssl_undefined_function_1,
3245
    0,
3246
    ssl3_set_handshake_header,
3247
    tls_close_construct_packet,
3248
    ssl3_handshake_write
3249
};
3250
3251
long ssl3_default_timeout(void)
3252
0
{
3253
    /*
3254
     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3255
     * http, the cache would over fill
3256
     */
3257
0
    return (60 * 60 * 2);
3258
0
}
3259
3260
int ssl3_num_ciphers(void)
3261
0
{
3262
0
    return SSL3_NUM_CIPHERS;
3263
0
}
3264
3265
const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3266
0
{
3267
0
    if (u < SSL3_NUM_CIPHERS)
3268
0
        return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3269
0
    else
3270
0
        return NULL;
3271
0
}
3272
3273
int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
3274
0
{
3275
    /* No header in the event of a CCS */
3276
0
    if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3277
0
        return 1;
3278
3279
    /* Set the content type and 3 bytes for the message len */
3280
0
    if (!WPACKET_put_bytes_u8(pkt, htype)
3281
0
            || !WPACKET_start_sub_packet_u24(pkt))
3282
0
        return 0;
3283
3284
0
    return 1;
3285
0
}
3286
3287
int ssl3_handshake_write(SSL *s)
3288
0
{
3289
0
    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3290
0
}
3291
3292
int ssl3_new(SSL *s)
3293
0
{
3294
0
    SSL3_STATE *s3;
3295
3296
0
    if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
3297
0
        goto err;
3298
0
    s->s3 = s3;
3299
3300
0
#ifndef OPENSSL_NO_SRP
3301
0
    if (!SSL_SRP_CTX_init(s))
3302
0
        goto err;
3303
0
#endif
3304
3305
0
    if (!s->method->ssl_clear(s))
3306
0
        return 0;
3307
3308
0
    return 1;
3309
0
 err:
3310
0
    return 0;
3311
0
}
3312
3313
void ssl3_free(SSL *s)
3314
0
{
3315
0
    if (s == NULL || s->s3 == NULL)
3316
0
        return;
3317
3318
0
    ssl3_cleanup_key_block(s);
3319
3320
0
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3321
0
    EVP_PKEY_free(s->s3->peer_tmp);
3322
0
    s->s3->peer_tmp = NULL;
3323
0
    EVP_PKEY_free(s->s3->tmp.pkey);
3324
0
    s->s3->tmp.pkey = NULL;
3325
0
#endif
3326
3327
0
    OPENSSL_free(s->s3->tmp.ctype);
3328
0
    sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3329
0
    OPENSSL_free(s->s3->tmp.ciphers_raw);
3330
0
    OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3331
0
    OPENSSL_free(s->s3->tmp.peer_sigalgs);
3332
0
    OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
3333
0
    ssl3_free_digest_list(s);
3334
0
    OPENSSL_free(s->s3->alpn_selected);
3335
0
    OPENSSL_free(s->s3->alpn_proposed);
3336
3337
0
#ifndef OPENSSL_NO_SRP
3338
0
    SSL_SRP_CTX_free(s);
3339
0
#endif
3340
0
    OPENSSL_clear_free(s->s3, sizeof(*s->s3));
3341
0
    s->s3 = NULL;
3342
0
}
3343
3344
int ssl3_clear(SSL *s)
3345
0
{
3346
0
    ssl3_cleanup_key_block(s);
3347
0
    OPENSSL_free(s->s3->tmp.ctype);
3348
0
    sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3349
0
    OPENSSL_free(s->s3->tmp.ciphers_raw);
3350
0
    OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3351
0
    OPENSSL_free(s->s3->tmp.peer_sigalgs);
3352
0
    OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
3353
3354
0
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3355
0
    EVP_PKEY_free(s->s3->tmp.pkey);
3356
0
    EVP_PKEY_free(s->s3->peer_tmp);
3357
0
#endif                          /* !OPENSSL_NO_EC */
3358
3359
0
    ssl3_free_digest_list(s);
3360
3361
0
    OPENSSL_free(s->s3->alpn_selected);
3362
0
    OPENSSL_free(s->s3->alpn_proposed);
3363
3364
    /* NULL/zero-out everything in the s3 struct */
3365
0
    memset(s->s3, 0, sizeof(*s->s3));
3366
3367
0
    if (!ssl_free_wbio_buffer(s))
3368
0
        return 0;
3369
3370
0
    s->version = SSL3_VERSION;
3371
3372
0
#if !defined(OPENSSL_NO_NEXTPROTONEG)
3373
0
    OPENSSL_free(s->ext.npn);
3374
0
    s->ext.npn = NULL;
3375
0
    s->ext.npn_len = 0;
3376
0
#endif
3377
3378
0
    return 1;
3379
0
}
3380
3381
#ifndef OPENSSL_NO_SRP
3382
static char *srp_password_from_info_cb(SSL *s, void *arg)
3383
0
{
3384
0
    return OPENSSL_strdup(s->srp_ctx.info);
3385
0
}
3386
#endif
3387
3388
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3389
3390
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3391
0
{
3392
0
    int ret = 0;
3393
3394
0
    switch (cmd) {
3395
0
    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3396
0
        break;
3397
0
    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3398
0
        ret = s->s3->num_renegotiations;
3399
0
        break;
3400
0
    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3401
0
        ret = s->s3->num_renegotiations;
3402
0
        s->s3->num_renegotiations = 0;
3403
0
        break;
3404
0
    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3405
0
        ret = s->s3->total_renegotiations;
3406
0
        break;
3407
0
    case SSL_CTRL_GET_FLAGS:
3408
0
        ret = (int)(s->s3->flags);
3409
0
        break;
3410
0
#ifndef OPENSSL_NO_DH
3411
0
    case SSL_CTRL_SET_TMP_DH:
3412
0
        {
3413
0
            DH *dh = (DH *)parg;
3414
0
            EVP_PKEY *pkdh = NULL;
3415
0
            if (dh == NULL) {
3416
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3417
0
                return ret;
3418
0
            }
3419
0
            pkdh = ssl_dh_to_pkey(dh);
3420
0
            if (pkdh == NULL) {
3421
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3422
0
                return 0;
3423
0
            }
3424
0
            if (!ssl_security(s, SSL_SECOP_TMP_DH,
3425
0
                              EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3426
0
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3427
0
                EVP_PKEY_free(pkdh);
3428
0
                return ret;
3429
0
            }
3430
0
            EVP_PKEY_free(s->cert->dh_tmp);
3431
0
            s->cert->dh_tmp = pkdh;
3432
0
            ret = 1;
3433
0
        }
3434
0
        break;
3435
0
    case SSL_CTRL_SET_TMP_DH_CB:
3436
0
        {
3437
0
            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3438
0
            return ret;
3439
0
        }
3440
0
    case SSL_CTRL_SET_DH_AUTO:
3441
0
        s->cert->dh_tmp_auto = larg;
3442
0
        return 1;
3443
0
#endif
3444
0
#ifndef OPENSSL_NO_EC
3445
0
    case SSL_CTRL_SET_TMP_ECDH:
3446
0
        {
3447
0
            const EC_GROUP *group = NULL;
3448
0
            int nid;
3449
3450
0
            if (parg == NULL) {
3451
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3452
0
                return 0;
3453
0
            }
3454
0
            group = EC_KEY_get0_group((const EC_KEY *)parg);
3455
0
            if (group == NULL) {
3456
0
                SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3457
0
                return 0;
3458
0
            }
3459
0
            nid = EC_GROUP_get_curve_name(group);
3460
0
            if (nid == NID_undef)
3461
0
                return 0;
3462
0
            return tls1_set_groups(&s->ext.supportedgroups,
3463
0
                                   &s->ext.supportedgroups_len,
3464
0
                                   &nid, 1);
3465
0
        }
3466
0
        break;
3467
0
#endif                          /* !OPENSSL_NO_EC */
3468
0
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3469
        /*
3470
         * TODO(OpenSSL1.2)
3471
         * This API is only used for a client to set what SNI it will request
3472
         * from the server, but we currently allow it to be used on servers
3473
         * as well, which is a programming error.  Currently we just clear
3474
         * the field in SSL_do_handshake() for server SSLs, but when we can
3475
         * make ABI-breaking changes, we may want to make use of this API
3476
         * an error on server SSLs.
3477
         */
3478
0
        if (larg == TLSEXT_NAMETYPE_host_name) {
3479
0
            size_t len;
3480
3481
0
            OPENSSL_free(s->ext.hostname);
3482
0
            s->ext.hostname = NULL;
3483
3484
0
            ret = 1;
3485
0
            if (parg == NULL)
3486
0
                break;
3487
0
            len = strlen((char *)parg);
3488
0
            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3489
0
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3490
0
                return 0;
3491
0
            }
3492
0
            if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3493
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3494
0
                return 0;
3495
0
            }
3496
0
        } else {
3497
0
            SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3498
0
            return 0;
3499
0
        }
3500
0
        break;
3501
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3502
0
        s->ext.debug_arg = parg;
3503
0
        ret = 1;
3504
0
        break;
3505
3506
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3507
0
        ret = s->ext.status_type;
3508
0
        break;
3509
3510
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3511
0
        s->ext.status_type = larg;
3512
0
        ret = 1;
3513
0
        break;
3514
3515
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3516
0
        *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
3517
0
        ret = 1;
3518
0
        break;
3519
3520
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3521
0
        s->ext.ocsp.exts = parg;
3522
0
        ret = 1;
3523
0
        break;
3524
3525
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3526
0
        *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
3527
0
        ret = 1;
3528
0
        break;
3529
3530
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3531
0
        s->ext.ocsp.ids = parg;
3532
0
        ret = 1;
3533
0
        break;
3534
3535
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3536
0
        *(unsigned char **)parg = s->ext.ocsp.resp;
3537
0
        if (s->ext.ocsp.resp_len == 0
3538
0
                || s->ext.ocsp.resp_len > LONG_MAX)
3539
0
            return -1;
3540
0
        return (long)s->ext.ocsp.resp_len;
3541
3542
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3543
0
        OPENSSL_free(s->ext.ocsp.resp);
3544
0
        s->ext.ocsp.resp = parg;
3545
0
        s->ext.ocsp.resp_len = larg;
3546
0
        ret = 1;
3547
0
        break;
3548
3549
#ifndef OPENSSL_NO_HEARTBEATS
3550
    case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3551
    case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3552
    case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3553
        break;
3554
#endif
3555
3556
0
    case SSL_CTRL_CHAIN:
3557
0
        if (larg)
3558
0
            return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3559
0
        else
3560
0
            return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3561
3562
0
    case SSL_CTRL_CHAIN_CERT:
3563
0
        if (larg)
3564
0
            return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3565
0
        else
3566
0
            return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3567
3568
0
    case SSL_CTRL_GET_CHAIN_CERTS:
3569
0
        *(STACK_OF(X509) **)parg = s->cert->key->chain;
3570
0
        ret = 1;
3571
0
        break;
3572
3573
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
3574
0
        return ssl_cert_select_current(s->cert, (X509 *)parg);
3575
3576
0
    case SSL_CTRL_SET_CURRENT_CERT:
3577
0
        if (larg == SSL_CERT_SET_SERVER) {
3578
0
            const SSL_CIPHER *cipher;
3579
0
            if (!s->server)
3580
0
                return 0;
3581
0
            cipher = s->s3->tmp.new_cipher;
3582
0
            if (cipher == NULL)
3583
0
                return 0;
3584
            /*
3585
             * No certificate for unauthenticated ciphersuites or using SRP
3586
             * authentication
3587
             */
3588
0
            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3589
0
                return 2;
3590
0
            if (s->s3->tmp.cert == NULL)
3591
0
                return 0;
3592
0
            s->cert->key = s->s3->tmp.cert;
3593
0
            return 1;
3594
0
        }
3595
0
        return ssl_cert_set_current(s->cert, larg);
3596
3597
0
#ifndef OPENSSL_NO_EC
3598
0
    case SSL_CTRL_GET_GROUPS:
3599
0
        {
3600
0
            uint16_t *clist;
3601
0
            size_t clistlen;
3602
3603
0
            if (!s->session)
3604
0
                return 0;
3605
0
            clist = s->ext.peer_supportedgroups;
3606
0
            clistlen = s->ext.peer_supportedgroups_len;
3607
0
            if (parg) {
3608
0
                size_t i;
3609
0
                int *cptr = parg;
3610
3611
0
                for (i = 0; i < clistlen; i++) {
3612
0
                    const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]);
3613
3614
0
                    if (cinf != NULL)
3615
0
                        cptr[i] = cinf->nid;
3616
0
                    else
3617
0
                        cptr[i] = TLSEXT_nid_unknown | clist[i];
3618
0
                }
3619
0
            }
3620
0
            return (int)clistlen;
3621
0
        }
3622
3623
0
    case SSL_CTRL_SET_GROUPS:
3624
0
        return tls1_set_groups(&s->ext.supportedgroups,
3625
0
                               &s->ext.supportedgroups_len, parg, larg);
3626
3627
0
    case SSL_CTRL_SET_GROUPS_LIST:
3628
0
        return tls1_set_groups_list(&s->ext.supportedgroups,
3629
0
                                    &s->ext.supportedgroups_len, parg);
3630
3631
0
    case SSL_CTRL_GET_SHARED_GROUP:
3632
0
        {
3633
0
            uint16_t id = tls1_shared_group(s, larg);
3634
3635
0
            if (larg != -1) {
3636
0
                const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
3637
3638
0
                return ginf == NULL ? 0 : ginf->nid;
3639
0
            }
3640
0
            return id;
3641
0
        }
3642
0
#endif
3643
0
    case SSL_CTRL_SET_SIGALGS:
3644
0
        return tls1_set_sigalgs(s->cert, parg, larg, 0);
3645
3646
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3647
0
        return tls1_set_sigalgs_list(s->cert, parg, 0);
3648
3649
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3650
0
        return tls1_set_sigalgs(s->cert, parg, larg, 1);
3651
3652
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3653
0
        return tls1_set_sigalgs_list(s->cert, parg, 1);
3654
3655
0
    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3656
0
        {
3657
0
            const unsigned char **pctype = parg;
3658
0
            if (s->server || !s->s3->tmp.cert_req)
3659
0
                return 0;
3660
0
            if (pctype)
3661
0
                *pctype = s->s3->tmp.ctype;
3662
0
            return s->s3->tmp.ctype_len;
3663
0
        }
3664
3665
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3666
0
        if (!s->server)
3667
0
            return 0;
3668
0
        return ssl3_set_req_cert_type(s->cert, parg, larg);
3669
3670
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3671
0
        return ssl_build_cert_chain(s, NULL, larg);
3672
3673
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3674
0
        return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3675
3676
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3677
0
        return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3678
3679
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
3680
0
        return ssl_cert_get_cert_store(s->cert, parg, 0);
3681
3682
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
3683
0
        return ssl_cert_get_cert_store(s->cert, parg, 1);
3684
3685
0
    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3686
0
        if (s->s3->tmp.peer_sigalg == NULL)
3687
0
            return 0;
3688
0
        *(int *)parg = s->s3->tmp.peer_sigalg->hash;
3689
0
        return 1;
3690
3691
0
    case SSL_CTRL_GET_SIGNATURE_NID:
3692
0
        if (s->s3->tmp.sigalg == NULL)
3693
0
            return 0;
3694
0
        *(int *)parg = s->s3->tmp.sigalg->hash;
3695
0
        return 1;
3696
3697
0
    case SSL_CTRL_GET_PEER_TMP_KEY:
3698
0
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3699
0
        if (s->session == NULL || s->s3->peer_tmp == NULL) {
3700
0
            return 0;
3701
0
        } else {
3702
0
            EVP_PKEY_up_ref(s->s3->peer_tmp);
3703
0
            *(EVP_PKEY **)parg = s->s3->peer_tmp;
3704
0
            return 1;
3705
0
        }
3706
#else
3707
        return 0;
3708
#endif
3709
3710
0
    case SSL_CTRL_GET_TMP_KEY:
3711
0
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3712
0
        if (s->session == NULL || s->s3->tmp.pkey == NULL) {
3713
0
            return 0;
3714
0
        } else {
3715
0
            EVP_PKEY_up_ref(s->s3->tmp.pkey);
3716
0
            *(EVP_PKEY **)parg = s->s3->tmp.pkey;
3717
0
            return 1;
3718
0
        }
3719
#else
3720
        return 0;
3721
#endif
3722
3723
0
#ifndef OPENSSL_NO_EC
3724
0
    case SSL_CTRL_GET_EC_POINT_FORMATS:
3725
0
        {
3726
0
            const unsigned char **pformat = parg;
3727
3728
0
            if (s->ext.peer_ecpointformats == NULL)
3729
0
                return 0;
3730
0
            *pformat = s->ext.peer_ecpointformats;
3731
0
            return (int)s->ext.peer_ecpointformats_len;
3732
0
        }
3733
0
#endif
3734
3735
0
    default:
3736
0
        break;
3737
0
    }
3738
0
    return ret;
3739
0
}
3740
3741
long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3742
0
{
3743
0
    int ret = 0;
3744
3745
0
    switch (cmd) {
3746
0
#ifndef OPENSSL_NO_DH
3747
0
    case SSL_CTRL_SET_TMP_DH_CB:
3748
0
        {
3749
0
            s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3750
0
        }
3751
0
        break;
3752
0
#endif
3753
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3754
0
        s->ext.debug_cb = (void (*)(SSL *, int, int,
3755
0
                                    const unsigned char *, int, void *))fp;
3756
0
        break;
3757
3758
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3759
0
        {
3760
0
            s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3761
0
        }
3762
0
        break;
3763
0
    default:
3764
0
        break;
3765
0
    }
3766
0
    return ret;
3767
0
}
3768
3769
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3770
0
{
3771
0
    switch (cmd) {
3772
0
#ifndef OPENSSL_NO_DH
3773
0
    case SSL_CTRL_SET_TMP_DH:
3774
0
        {
3775
0
            DH *dh = (DH *)parg;
3776
0
            EVP_PKEY *pkdh = NULL;
3777
0
            if (dh == NULL) {
3778
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3779
0
                return 0;
3780
0
            }
3781
0
            pkdh = ssl_dh_to_pkey(dh);
3782
0
            if (pkdh == NULL) {
3783
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3784
0
                return 0;
3785
0
            }
3786
0
            if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
3787
0
                                  EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3788
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3789
0
                EVP_PKEY_free(pkdh);
3790
0
                return 0;
3791
0
            }
3792
0
            EVP_PKEY_free(ctx->cert->dh_tmp);
3793
0
            ctx->cert->dh_tmp = pkdh;
3794
0
            return 1;
3795
0
        }
3796
0
    case SSL_CTRL_SET_TMP_DH_CB:
3797
0
        {
3798
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3799
0
            return 0;
3800
0
        }
3801
0
    case SSL_CTRL_SET_DH_AUTO:
3802
0
        ctx->cert->dh_tmp_auto = larg;
3803
0
        return 1;
3804
0
#endif
3805
0
#ifndef OPENSSL_NO_EC
3806
0
    case SSL_CTRL_SET_TMP_ECDH:
3807
0
        {
3808
0
            const EC_GROUP *group = NULL;
3809
0
            int nid;
3810
3811
0
            if (parg == NULL) {
3812
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3813
0
                return 0;
3814
0
            }
3815
0
            group = EC_KEY_get0_group((const EC_KEY *)parg);
3816
0
            if (group == NULL) {
3817
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
3818
0
                return 0;
3819
0
            }
3820
0
            nid = EC_GROUP_get_curve_name(group);
3821
0
            if (nid == NID_undef)
3822
0
                return 0;
3823
0
            return tls1_set_groups(&ctx->ext.supportedgroups,
3824
0
                                   &ctx->ext.supportedgroups_len,
3825
0
                                   &nid, 1);
3826
0
        }
3827
0
#endif                          /* !OPENSSL_NO_EC */
3828
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3829
0
        ctx->ext.servername_arg = parg;
3830
0
        break;
3831
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3832
0
    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3833
0
        {
3834
0
            unsigned char *keys = parg;
3835
0
            long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3836
0
                                sizeof(ctx->ext.secure->tick_hmac_key) +
3837
0
                                sizeof(ctx->ext.secure->tick_aes_key));
3838
0
            if (keys == NULL)
3839
0
                return tick_keylen;
3840
0
            if (larg != tick_keylen) {
3841
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3842
0
                return 0;
3843
0
            }
3844
0
            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3845
0
                memcpy(ctx->ext.tick_key_name, keys,
3846
0
                       sizeof(ctx->ext.tick_key_name));
3847
0
                memcpy(ctx->ext.secure->tick_hmac_key,
3848
0
                       keys + sizeof(ctx->ext.tick_key_name),
3849
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3850
0
                memcpy(ctx->ext.secure->tick_aes_key,
3851
0
                       keys + sizeof(ctx->ext.tick_key_name) +
3852
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3853
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3854
0
            } else {
3855
0
                memcpy(keys, ctx->ext.tick_key_name,
3856
0
                       sizeof(ctx->ext.tick_key_name));
3857
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
3858
0
                       ctx->ext.secure->tick_hmac_key,
3859
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3860
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3861
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3862
0
                       ctx->ext.secure->tick_aes_key,
3863
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3864
0
            }
3865
0
            return 1;
3866
0
        }
3867
3868
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3869
0
        return ctx->ext.status_type;
3870
3871
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3872
0
        ctx->ext.status_type = larg;
3873
0
        break;
3874
3875
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3876
0
        ctx->ext.status_arg = parg;
3877
0
        return 1;
3878
3879
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3880
0
        *(void**)parg = ctx->ext.status_arg;
3881
0
        break;
3882
3883
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3884
0
        *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3885
0
        break;
3886
3887
0
#ifndef OPENSSL_NO_SRP
3888
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3889
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3890
0
        OPENSSL_free(ctx->srp_ctx.login);
3891
0
        ctx->srp_ctx.login = NULL;
3892
0
        if (parg == NULL)
3893
0
            break;
3894
0
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3895
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3896
0
            return 0;
3897
0
        }
3898
0
        if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3899
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3900
0
            return 0;
3901
0
        }
3902
0
        break;
3903
0
    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3904
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3905
0
            srp_password_from_info_cb;
3906
0
        if (ctx->srp_ctx.info != NULL)
3907
0
            OPENSSL_free(ctx->srp_ctx.info);
3908
0
        if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) {
3909
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3910
0
            return 0;
3911
0
        }
3912
0
        break;
3913
0
    case SSL_CTRL_SET_SRP_ARG:
3914
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3915
0
        ctx->srp_ctx.SRP_cb_arg = parg;
3916
0
        break;
3917
3918
0
    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3919
0
        ctx->srp_ctx.strength = larg;
3920
0
        break;
3921
0
#endif
3922
3923
0
#ifndef OPENSSL_NO_EC
3924
0
    case SSL_CTRL_SET_GROUPS:
3925
0
        return tls1_set_groups(&ctx->ext.supportedgroups,
3926
0
                               &ctx->ext.supportedgroups_len,
3927
0
                               parg, larg);
3928
3929
0
    case SSL_CTRL_SET_GROUPS_LIST:
3930
0
        return tls1_set_groups_list(&ctx->ext.supportedgroups,
3931
0
                                    &ctx->ext.supportedgroups_len,
3932
0
                                    parg);
3933
0
#endif
3934
0
    case SSL_CTRL_SET_SIGALGS:
3935
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3936
3937
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3938
0
        return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3939
3940
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3941
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3942
3943
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3944
0
        return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3945
3946
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3947
0
        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3948
3949
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3950
0
        return ssl_build_cert_chain(NULL, ctx, larg);
3951
3952
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3953
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3954
3955
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3956
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3957
3958
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
3959
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 0);
3960
3961
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
3962
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 1);
3963
3964
        /* A Thawte special :-) */
3965
0
    case SSL_CTRL_EXTRA_CHAIN_CERT:
3966
0
        if (ctx->extra_certs == NULL) {
3967
0
            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3968
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3969
0
                return 0;
3970
0
            }
3971
0
        }
3972
0
        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3973
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3974
0
            return 0;
3975
0
        }
3976
0
        break;
3977
3978
0
    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3979
0
        if (ctx->extra_certs == NULL && larg == 0)
3980
0
            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3981
0
        else
3982
0
            *(STACK_OF(X509) **)parg = ctx->extra_certs;
3983
0
        break;
3984
3985
0
    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3986
0
        sk_X509_pop_free(ctx->extra_certs, X509_free);
3987
0
        ctx->extra_certs = NULL;
3988
0
        break;
3989
3990
0
    case SSL_CTRL_CHAIN:
3991
0
        if (larg)
3992
0
            return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3993
0
        else
3994
0
            return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3995
3996
0
    case SSL_CTRL_CHAIN_CERT:
3997
0
        if (larg)
3998
0
            return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3999
0
        else
4000
0
            return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
4001
4002
0
    case SSL_CTRL_GET_CHAIN_CERTS:
4003
0
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4004
0
        break;
4005
4006
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
4007
0
        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
4008
4009
0
    case SSL_CTRL_SET_CURRENT_CERT:
4010
0
        return ssl_cert_set_current(ctx->cert, larg);
4011
4012
0
    default:
4013
0
        return 0;
4014
0
    }
4015
0
    return 1;
4016
0
}
4017
4018
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
4019
0
{
4020
0
    switch (cmd) {
4021
0
#ifndef OPENSSL_NO_DH
4022
0
    case SSL_CTRL_SET_TMP_DH_CB:
4023
0
        {
4024
0
            ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4025
0
        }
4026
0
        break;
4027
0
#endif
4028
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4029
0
        ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
4030
0
        break;
4031
4032
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4033
0
        ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4034
0
        break;
4035
4036
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4037
0
        ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4038
0
                                             unsigned char *,
4039
0
                                             EVP_CIPHER_CTX *,
4040
0
                                             HMAC_CTX *, int))fp;
4041
0
        break;
4042
4043
0
#ifndef OPENSSL_NO_SRP
4044
0
    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4045
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4046
0
        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4047
0
        break;
4048
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4049
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4050
0
        ctx->srp_ctx.TLS_ext_srp_username_callback =
4051
0
            (int (*)(SSL *, int *, void *))fp;
4052
0
        break;
4053
0
    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4054
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4055
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4056
0
            (char *(*)(SSL *, void *))fp;
4057
0
        break;
4058
0
#endif
4059
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4060
0
        {
4061
0
            ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4062
0
        }
4063
0
        break;
4064
0
    default:
4065
0
        return 0;
4066
0
    }
4067
0
    return 1;
4068
0
}
4069
4070
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4071
448
{
4072
448
    SSL_CIPHER c;
4073
448
    const SSL_CIPHER *cp;
4074
4075
448
    c.id = id;
4076
448
    cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4077
448
    if (cp != NULL)
4078
4
        return cp;
4079
444
    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4080
444
    if (cp != NULL)
4081
433
        return cp;
4082
11
    return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4083
444
}
4084
4085
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4086
0
{
4087
0
    SSL_CIPHER *tbl;
4088
0
    SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs};
4089
0
    size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS,
4090
0
                              SSL3_NUM_SCSVS};
4091
4092
    /* this is not efficient, necessary to optimize this? */
4093
0
    for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4094
0
        for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4095
0
            if (tbl->stdname == NULL)
4096
0
                continue;
4097
0
            if (strcmp(stdname, tbl->stdname) == 0) {
4098
0
                return tbl;
4099
0
            }
4100
0
        }
4101
0
    }
4102
0
    return NULL;
4103
0
}
4104
4105
/*
4106
 * This function needs to check if the ciphers required are actually
4107
 * available
4108
 */
4109
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4110
0
{
4111
0
    return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4112
0
                                 | ((uint32_t)p[0] << 8L)
4113
0
                                 | (uint32_t)p[1]);
4114
0
}
4115
4116
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4117
0
{
4118
0
    if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4119
0
        *len = 0;
4120
0
        return 1;
4121
0
    }
4122
4123
0
    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4124
0
        return 0;
4125
4126
0
    *len = 2;
4127
0
    return 1;
4128
0
}
4129
4130
/*
4131
 * ssl3_choose_cipher - choose a cipher from those offered by the client
4132
 * @s: SSL connection
4133
 * @clnt: ciphers offered by the client
4134
 * @srvr: ciphers enabled on the server?
4135
 *
4136
 * Returns the selected cipher or NULL when no common ciphers.
4137
 */
4138
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4139
                                     STACK_OF(SSL_CIPHER) *srvr)
4140
0
{
4141
0
    const SSL_CIPHER *c, *ret = NULL;
4142
0
    STACK_OF(SSL_CIPHER) *prio, *allow;
4143
0
    int i, ii, ok, prefer_sha256 = 0;
4144
0
    unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4145
0
    const EVP_MD *mdsha256 = EVP_sha256();
4146
0
#ifndef OPENSSL_NO_CHACHA
4147
0
    STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4148
0
#endif
4149
4150
    /* Let's see which ciphers we can support */
4151
4152
    /*
4153
     * Do not set the compare functions, because this may lead to a
4154
     * reordering by "id". We want to keep the original ordering. We may pay
4155
     * a price in performance during sk_SSL_CIPHER_find(), but would have to
4156
     * pay with the price of sk_SSL_CIPHER_dup().
4157
     */
4158
4159
#ifdef CIPHER_DEBUG
4160
    fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
4161
            (void *)srvr);
4162
    for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4163
        c = sk_SSL_CIPHER_value(srvr, i);
4164
        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4165
    }
4166
    fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
4167
            (void *)clnt);
4168
    for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4169
        c = sk_SSL_CIPHER_value(clnt, i);
4170
        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4171
    }
4172
#endif
4173
4174
    /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4175
0
    if (tls1_suiteb(s)) {
4176
0
        prio = srvr;
4177
0
        allow = clnt;
4178
0
    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4179
0
        prio = srvr;
4180
0
        allow = clnt;
4181
0
#ifndef OPENSSL_NO_CHACHA
4182
        /* If ChaCha20 is at the top of the client preference list,
4183
           and there are ChaCha20 ciphers in the server list, then
4184
           temporarily prioritize all ChaCha20 ciphers in the servers list. */
4185
0
        if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4186
0
            c = sk_SSL_CIPHER_value(clnt, 0);
4187
0
            if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4188
                /* ChaCha20 is client preferred, check server... */
4189
0
                int num = sk_SSL_CIPHER_num(srvr);
4190
0
                int found = 0;
4191
0
                for (i = 0; i < num; i++) {
4192
0
                    c = sk_SSL_CIPHER_value(srvr, i);
4193
0
                    if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4194
0
                        found = 1;
4195
0
                        break;
4196
0
                    }
4197
0
                }
4198
0
                if (found) {
4199
0
                    prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4200
                    /* if reserve fails, then there's likely a memory issue */
4201
0
                    if (prio_chacha != NULL) {
4202
                        /* Put all ChaCha20 at the top, starting with the one we just found */
4203
0
                        sk_SSL_CIPHER_push(prio_chacha, c);
4204
0
                        for (i++; i < num; i++) {
4205
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4206
0
                            if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4207
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4208
0
                        }
4209
                        /* Pull in the rest */
4210
0
                        for (i = 0; i < num; i++) {
4211
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4212
0
                            if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4213
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4214
0
                        }
4215
0
                        prio = prio_chacha;
4216
0
                    }
4217
0
                }
4218
0
            }
4219
0
        }
4220
0
# endif
4221
0
    } else {
4222
0
        prio = clnt;
4223
0
        allow = srvr;
4224
0
    }
4225
4226
0
    if (SSL_IS_TLS13(s)) {
4227
0
#ifndef OPENSSL_NO_PSK
4228
0
        int j;
4229
4230
        /*
4231
         * If we allow "old" style PSK callbacks, and we have no certificate (so
4232
         * we're not going to succeed without a PSK anyway), and we're in
4233
         * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4234
         * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4235
         * that.
4236
         */
4237
0
        if (s->psk_server_callback != NULL) {
4238
0
            for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++);
4239
0
            if (j == SSL_PKEY_NUM) {
4240
                /* There are no certificates */
4241
0
                prefer_sha256 = 1;
4242
0
            }
4243
0
        }
4244
0
#endif
4245
0
    } else {
4246
0
        tls1_set_cert_validity(s);
4247
0
        ssl_set_masks(s);
4248
0
    }
4249
4250
0
    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4251
0
        c = sk_SSL_CIPHER_value(prio, i);
4252
4253
        /* Skip ciphers not supported by the protocol version */
4254
0
        if (!SSL_IS_DTLS(s) &&
4255
0
            ((s->version < c->min_tls) || (s->version > c->max_tls)))
4256
0
            continue;
4257
0
        if (SSL_IS_DTLS(s) &&
4258
0
            (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4259
0
             DTLS_VERSION_GT(s->version, c->max_dtls)))
4260
0
            continue;
4261
4262
        /*
4263
         * Since TLS 1.3 ciphersuites can be used with any auth or
4264
         * key exchange scheme skip tests.
4265
         */
4266
0
        if (!SSL_IS_TLS13(s)) {
4267
0
            mask_k = s->s3->tmp.mask_k;
4268
0
            mask_a = s->s3->tmp.mask_a;
4269
0
#ifndef OPENSSL_NO_SRP
4270
0
            if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4271
0
                mask_k |= SSL_kSRP;
4272
0
                mask_a |= SSL_aSRP;
4273
0
            }
4274
0
#endif
4275
4276
0
            alg_k = c->algorithm_mkey;
4277
0
            alg_a = c->algorithm_auth;
4278
4279
0
#ifndef OPENSSL_NO_PSK
4280
            /* with PSK there must be server callback set */
4281
0
            if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4282
0
                continue;
4283
0
#endif                          /* OPENSSL_NO_PSK */
4284
4285
0
            ok = (alg_k & mask_k) && (alg_a & mask_a);
4286
#ifdef CIPHER_DEBUG
4287
            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
4288
                    alg_a, mask_k, mask_a, (void *)c, c->name);
4289
#endif
4290
4291
0
#ifndef OPENSSL_NO_EC
4292
            /*
4293
             * if we are considering an ECC cipher suite that uses an ephemeral
4294
             * EC key check it
4295
             */
4296
0
            if (alg_k & SSL_kECDHE)
4297
0
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
4298
0
#endif                          /* OPENSSL_NO_EC */
4299
4300
0
            if (!ok)
4301
0
                continue;
4302
0
        }
4303
0
        ii = sk_SSL_CIPHER_find(allow, c);
4304
0
        if (ii >= 0) {
4305
            /* Check security callback permits this cipher */
4306
0
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4307
0
                              c->strength_bits, 0, (void *)c))
4308
0
                continue;
4309
0
#if !defined(OPENSSL_NO_EC)
4310
0
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4311
0
                && s->s3->is_probably_safari) {
4312
0
                if (!ret)
4313
0
                    ret = sk_SSL_CIPHER_value(allow, ii);
4314
0
                continue;
4315
0
            }
4316
0
#endif
4317
0
            if (prefer_sha256) {
4318
0
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4319
4320
0
                if (ssl_md(tmp->algorithm2) == mdsha256) {
4321
0
                    ret = tmp;
4322
0
                    break;
4323
0
                }
4324
0
                if (ret == NULL)
4325
0
                    ret = tmp;
4326
0
                continue;
4327
0
            }
4328
0
            ret = sk_SSL_CIPHER_value(allow, ii);
4329
0
            break;
4330
0
        }
4331
0
    }
4332
0
#ifndef OPENSSL_NO_CHACHA
4333
0
    sk_SSL_CIPHER_free(prio_chacha);
4334
0
#endif
4335
0
    return ret;
4336
0
}
4337
4338
int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
4339
0
{
4340
0
    uint32_t alg_k, alg_a = 0;
4341
4342
    /* If we have custom certificate types set, use them */
4343
0
    if (s->cert->ctype)
4344
0
        return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4345
    /* Get mask of algorithms disabled by signature list */
4346
0
    ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4347
4348
0
    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4349
4350
0
#ifndef OPENSSL_NO_GOST
4351
0
    if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4352
0
            return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4353
0
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN)
4354
0
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN);
4355
0
#endif
4356
4357
0
    if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4358
0
#ifndef OPENSSL_NO_DH
4359
0
# ifndef OPENSSL_NO_RSA
4360
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4361
0
            return 0;
4362
0
# endif
4363
0
# ifndef OPENSSL_NO_DSA
4364
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4365
0
            return 0;
4366
0
# endif
4367
0
#endif                          /* !OPENSSL_NO_DH */
4368
0
    }
4369
0
#ifndef OPENSSL_NO_RSA
4370
0
    if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4371
0
        return 0;
4372
0
#endif
4373
0
#ifndef OPENSSL_NO_DSA
4374
0
    if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4375
0
        return 0;
4376
0
#endif
4377
0
#ifndef OPENSSL_NO_EC
4378
    /*
4379
     * ECDSA certs can be used with RSA cipher suites too so we don't
4380
     * need to check for SSL_kECDH or SSL_kECDHE
4381
     */
4382
0
    if (s->version >= TLS1_VERSION
4383
0
            && !(alg_a & SSL_aECDSA)
4384
0
            && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4385
0
        return 0;
4386
0
#endif
4387
0
    return 1;
4388
0
}
4389
4390
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4391
0
{
4392
0
    OPENSSL_free(c->ctype);
4393
0
    c->ctype = NULL;
4394
0
    c->ctype_len = 0;
4395
0
    if (p == NULL || len == 0)
4396
0
        return 1;
4397
0
    if (len > 0xff)
4398
0
        return 0;
4399
0
    c->ctype = OPENSSL_memdup(p, len);
4400
0
    if (c->ctype == NULL)
4401
0
        return 0;
4402
0
    c->ctype_len = len;
4403
0
    return 1;
4404
0
}
4405
4406
int ssl3_shutdown(SSL *s)
4407
0
{
4408
0
    int ret;
4409
4410
    /*
4411
     * Don't do anything much if we have not done the handshake or we don't
4412
     * want to send messages :-)
4413
     */
4414
0
    if (s->quiet_shutdown || SSL_in_before(s)) {
4415
0
        s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4416
0
        return 1;
4417
0
    }
4418
4419
0
    if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4420
0
        s->shutdown |= SSL_SENT_SHUTDOWN;
4421
0
        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4422
        /*
4423
         * our shutdown alert has been sent now, and if it still needs to be
4424
         * written, s->s3->alert_dispatch will be true
4425
         */
4426
0
        if (s->s3->alert_dispatch)
4427
0
            return -1;        /* return WANT_WRITE */
4428
0
    } else if (s->s3->alert_dispatch) {
4429
        /* resend it if not sent */
4430
0
        ret = s->method->ssl_dispatch_alert(s);
4431
0
        if (ret == -1) {
4432
            /*
4433
             * we only get to return -1 here the 2nd/Nth invocation, we must
4434
             * have already signalled return 0 upon a previous invocation,
4435
             * return WANT_WRITE
4436
             */
4437
0
            return ret;
4438
0
        }
4439
0
    } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4440
0
        size_t readbytes;
4441
        /*
4442
         * If we are waiting for a close from our peer, we are closed
4443
         */
4444
0
        s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4445
0
        if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4446
0
            return -1;        /* return WANT_READ */
4447
0
        }
4448
0
    }
4449
4450
0
    if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4451
0
        !s->s3->alert_dispatch)
4452
0
        return 1;
4453
0
    else
4454
0
        return 0;
4455
0
}
4456
4457
int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4458
0
{
4459
0
    clear_sys_error();
4460
0
    if (s->s3->renegotiate)
4461
0
        ssl3_renegotiate_check(s, 0);
4462
4463
0
    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4464
0
                                      written);
4465
0
}
4466
4467
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4468
                              size_t *readbytes)
4469
0
{
4470
0
    int ret;
4471
4472
0
    clear_sys_error();
4473
0
    if (s->s3->renegotiate)
4474
0
        ssl3_renegotiate_check(s, 0);
4475
0
    s->s3->in_read_app_data = 1;
4476
0
    ret =
4477
0
        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4478
0
                                  peek, readbytes);
4479
0
    if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4480
        /*
4481
         * ssl3_read_bytes decided to call s->handshake_func, which called
4482
         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4483
         * actually found application data and thinks that application data
4484
         * makes sense here; so disable handshake processing and try to read
4485
         * application data again.
4486
         */
4487
0
        ossl_statem_set_in_handshake(s, 1);
4488
0
        ret =
4489
0
            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4490
0
                                      len, peek, readbytes);
4491
0
        ossl_statem_set_in_handshake(s, 0);
4492
0
    } else
4493
0
        s->s3->in_read_app_data = 0;
4494
4495
0
    return ret;
4496
0
}
4497
4498
int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4499
0
{
4500
0
    return ssl3_read_internal(s, buf, len, 0, readbytes);
4501
0
}
4502
4503
int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4504
0
{
4505
0
    return ssl3_read_internal(s, buf, len, 1, readbytes);
4506
0
}
4507
4508
int ssl3_renegotiate(SSL *s)
4509
0
{
4510
0
    if (s->handshake_func == NULL)
4511
0
        return 1;
4512
4513
0
    s->s3->renegotiate = 1;
4514
0
    return 1;
4515
0
}
4516
4517
/*
4518
 * Check if we are waiting to do a renegotiation and if so whether now is a
4519
 * good time to do it. If |initok| is true then we are being called from inside
4520
 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4521
 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4522
 * should do a renegotiation now and sets up the state machine for it. Otherwise
4523
 * returns 0.
4524
 */
4525
int ssl3_renegotiate_check(SSL *s, int initok)
4526
0
{
4527
0
    int ret = 0;
4528
4529
0
    if (s->s3->renegotiate) {
4530
0
        if (!RECORD_LAYER_read_pending(&s->rlayer)
4531
0
            && !RECORD_LAYER_write_pending(&s->rlayer)
4532
0
            && (initok || !SSL_in_init(s))) {
4533
            /*
4534
             * if we are the server, and we have sent a 'RENEGOTIATE'
4535
             * message, we need to set the state machine into the renegotiate
4536
             * state.
4537
             */
4538
0
            ossl_statem_set_renegotiate(s);
4539
0
            s->s3->renegotiate = 0;
4540
0
            s->s3->num_renegotiations++;
4541
0
            s->s3->total_renegotiations++;
4542
0
            ret = 1;
4543
0
        }
4544
0
    }
4545
0
    return ret;
4546
0
}
4547
4548
/*
4549
 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4550
 * handshake macs if required.
4551
 *
4552
 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4553
 */
4554
long ssl_get_algorithm2(SSL *s)
4555
0
{
4556
0
    long alg2;
4557
0
    if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
4558
0
        return -1;
4559
0
    alg2 = s->s3->tmp.new_cipher->algorithm2;
4560
0
    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4561
0
        if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4562
0
            return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4563
0
    } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4564
0
        if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4565
0
            return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4566
0
    }
4567
0
    return alg2;
4568
0
}
4569
4570
/*
4571
 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4572
 * failure, 1 on success.
4573
 */
4574
int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4575
                          DOWNGRADE dgrd)
4576
0
{
4577
0
    int send_time = 0, ret;
4578
4579
0
    if (len < 4)
4580
0
        return 0;
4581
0
    if (server)
4582
0
        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4583
0
    else
4584
0
        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4585
0
    if (send_time) {
4586
0
        unsigned long Time = (unsigned long)time(NULL);
4587
0
        unsigned char *p = result;
4588
4589
0
        l2n(Time, p);
4590
0
        ret = RAND_bytes(p, len - 4);
4591
0
    } else {
4592
0
        ret = RAND_bytes(result, len);
4593
0
    }
4594
4595
0
    if (ret > 0) {
4596
0
        if (!ossl_assert(sizeof(tls11downgrade) < len)
4597
0
                || !ossl_assert(sizeof(tls12downgrade) < len))
4598
0
             return 0;
4599
0
        if (dgrd == DOWNGRADE_TO_1_2)
4600
0
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4601
0
                   sizeof(tls12downgrade));
4602
0
        else if (dgrd == DOWNGRADE_TO_1_1)
4603
0
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4604
0
                   sizeof(tls11downgrade));
4605
0
    }
4606
4607
0
    return ret;
4608
0
}
4609
4610
int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4611
                               int free_pms)
4612
0
{
4613
0
    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4614
0
    int ret = 0;
4615
4616
0
    if (alg_k & SSL_PSK) {
4617
0
#ifndef OPENSSL_NO_PSK
4618
0
        unsigned char *pskpms, *t;
4619
0
        size_t psklen = s->s3->tmp.psklen;
4620
0
        size_t pskpmslen;
4621
4622
        /* create PSK premaster_secret */
4623
4624
        /* For plain PSK "other_secret" is psklen zeroes */
4625
0
        if (alg_k & SSL_kPSK)
4626
0
            pmslen = psklen;
4627
4628
0
        pskpmslen = 4 + pmslen + psklen;
4629
0
        pskpms = OPENSSL_malloc(pskpmslen);
4630
0
        if (pskpms == NULL)
4631
0
            goto err;
4632
0
        t = pskpms;
4633
0
        s2n(pmslen, t);
4634
0
        if (alg_k & SSL_kPSK)
4635
0
            memset(t, 0, pmslen);
4636
0
        else
4637
0
            memcpy(t, pms, pmslen);
4638
0
        t += pmslen;
4639
0
        s2n(psklen, t);
4640
0
        memcpy(t, s->s3->tmp.psk, psklen);
4641
4642
0
        OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4643
0
        s->s3->tmp.psk = NULL;
4644
0
        s->s3->tmp.psklen = 0;
4645
0
        if (!s->method->ssl3_enc->generate_master_secret(s,
4646
0
                    s->session->master_key, pskpms, pskpmslen,
4647
0
                    &s->session->master_key_length)) {
4648
0
            OPENSSL_clear_free(pskpms, pskpmslen);
4649
            /* SSLfatal() already called */
4650
0
            goto err;
4651
0
        }
4652
0
        OPENSSL_clear_free(pskpms, pskpmslen);
4653
#else
4654
        /* Should never happen */
4655
        goto err;
4656
#endif
4657
0
    } else {
4658
0
        if (!s->method->ssl3_enc->generate_master_secret(s,
4659
0
                s->session->master_key, pms, pmslen,
4660
0
                &s->session->master_key_length)) {
4661
            /* SSLfatal() already called */
4662
0
            goto err;
4663
0
        }
4664
0
    }
4665
4666
0
    ret = 1;
4667
0
 err:
4668
0
    if (pms) {
4669
0
        if (free_pms)
4670
0
            OPENSSL_clear_free(pms, pmslen);
4671
0
        else
4672
0
            OPENSSL_cleanse(pms, pmslen);
4673
0
    }
4674
0
    if (s->server == 0) {
4675
0
        s->s3->tmp.pms = NULL;
4676
0
        s->s3->tmp.pmslen = 0;
4677
0
    }
4678
0
    return ret;
4679
0
}
4680
4681
/* Generate a private key from parameters */
4682
EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm)
4683
0
{
4684
0
    EVP_PKEY_CTX *pctx = NULL;
4685
0
    EVP_PKEY *pkey = NULL;
4686
4687
0
    if (pm == NULL)
4688
0
        return NULL;
4689
0
    pctx = EVP_PKEY_CTX_new(pm, NULL);
4690
0
    if (pctx == NULL)
4691
0
        goto err;
4692
0
    if (EVP_PKEY_keygen_init(pctx) <= 0)
4693
0
        goto err;
4694
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4695
0
        EVP_PKEY_free(pkey);
4696
0
        pkey = NULL;
4697
0
    }
4698
4699
0
    err:
4700
0
    EVP_PKEY_CTX_free(pctx);
4701
0
    return pkey;
4702
0
}
4703
#ifndef OPENSSL_NO_EC
4704
/* Generate a private key from a group ID */
4705
EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
4706
0
{
4707
0
    EVP_PKEY_CTX *pctx = NULL;
4708
0
    EVP_PKEY *pkey = NULL;
4709
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4710
0
    uint16_t gtype;
4711
4712
0
    if (ginf == NULL) {
4713
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4714
0
                 ERR_R_INTERNAL_ERROR);
4715
0
        goto err;
4716
0
    }
4717
0
    gtype = ginf->flags & TLS_CURVE_TYPE;
4718
0
    if (gtype == TLS_CURVE_CUSTOM)
4719
0
        pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL);
4720
0
    else
4721
0
        pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4722
0
    if (pctx == NULL) {
4723
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4724
0
                 ERR_R_MALLOC_FAILURE);
4725
0
        goto err;
4726
0
    }
4727
0
    if (EVP_PKEY_keygen_init(pctx) <= 0) {
4728
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4729
0
                 ERR_R_EVP_LIB);
4730
0
        goto err;
4731
0
    }
4732
0
    if (gtype != TLS_CURVE_CUSTOM
4733
0
            && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) {
4734
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4735
0
                 ERR_R_EVP_LIB);
4736
0
        goto err;
4737
0
    }
4738
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4739
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4740
0
                 ERR_R_EVP_LIB);
4741
0
        EVP_PKEY_free(pkey);
4742
0
        pkey = NULL;
4743
0
    }
4744
4745
0
 err:
4746
0
    EVP_PKEY_CTX_free(pctx);
4747
0
    return pkey;
4748
0
}
4749
4750
/*
4751
 * Generate parameters from a group ID
4752
 */
4753
EVP_PKEY *ssl_generate_param_group(uint16_t id)
4754
0
{
4755
0
    EVP_PKEY_CTX *pctx = NULL;
4756
0
    EVP_PKEY *pkey = NULL;
4757
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4758
4759
0
    if (ginf == NULL)
4760
0
        goto err;
4761
4762
0
    if ((ginf->flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
4763
0
        pkey = EVP_PKEY_new();
4764
0
        if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid))
4765
0
            return pkey;
4766
0
        EVP_PKEY_free(pkey);
4767
0
        return NULL;
4768
0
    }
4769
4770
0
    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4771
0
    if (pctx == NULL)
4772
0
        goto err;
4773
0
    if (EVP_PKEY_paramgen_init(pctx) <= 0)
4774
0
        goto err;
4775
0
    if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
4776
0
        goto err;
4777
0
    if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4778
0
        EVP_PKEY_free(pkey);
4779
0
        pkey = NULL;
4780
0
    }
4781
4782
0
 err:
4783
0
    EVP_PKEY_CTX_free(pctx);
4784
0
    return pkey;
4785
0
}
4786
#endif
4787
4788
/* Derive secrets for ECDH/DH */
4789
int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4790
0
{
4791
0
    int rv = 0;
4792
0
    unsigned char *pms = NULL;
4793
0
    size_t pmslen = 0;
4794
0
    EVP_PKEY_CTX *pctx;
4795
4796
0
    if (privkey == NULL || pubkey == NULL) {
4797
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4798
0
                 ERR_R_INTERNAL_ERROR);
4799
0
        return 0;
4800
0
    }
4801
4802
0
    pctx = EVP_PKEY_CTX_new(privkey, NULL);
4803
4804
0
    if (EVP_PKEY_derive_init(pctx) <= 0
4805
0
        || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4806
0
        || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4807
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4808
0
                 ERR_R_INTERNAL_ERROR);
4809
0
        goto err;
4810
0
    }
4811
4812
0
    pms = OPENSSL_malloc(pmslen);
4813
0
    if (pms == NULL) {
4814
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4815
0
                 ERR_R_MALLOC_FAILURE);
4816
0
        goto err;
4817
0
    }
4818
4819
0
    if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4820
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4821
0
                 ERR_R_INTERNAL_ERROR);
4822
0
        goto err;
4823
0
    }
4824
4825
0
    if (gensecret) {
4826
        /* SSLfatal() called as appropriate in the below functions */
4827
0
        if (SSL_IS_TLS13(s)) {
4828
            /*
4829
             * If we are resuming then we already generated the early secret
4830
             * when we created the ClientHello, so don't recreate it.
4831
             */
4832
0
            if (!s->hit)
4833
0
                rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4834
0
                                           0,
4835
0
                                           (unsigned char *)&s->early_secret);
4836
0
            else
4837
0
                rv = 1;
4838
4839
0
            rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4840
0
        } else {
4841
0
            rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4842
0
        }
4843
0
    } else {
4844
        /* Save premaster secret */
4845
0
        s->s3->tmp.pms = pms;
4846
0
        s->s3->tmp.pmslen = pmslen;
4847
0
        pms = NULL;
4848
0
        rv = 1;
4849
0
    }
4850
4851
0
 err:
4852
0
    OPENSSL_clear_free(pms, pmslen);
4853
0
    EVP_PKEY_CTX_free(pctx);
4854
0
    return rv;
4855
0
}
4856
4857
#ifndef OPENSSL_NO_DH
4858
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4859
0
{
4860
0
    EVP_PKEY *ret;
4861
0
    if (dh == NULL)
4862
0
        return NULL;
4863
0
    ret = EVP_PKEY_new();
4864
0
    if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4865
0
        EVP_PKEY_free(ret);
4866
0
        return NULL;
4867
0
    }
4868
0
    return ret;
4869
0
}
4870
#endif