Coverage Report

Created: 2025-06-13 06:58

/src/openssl32/ssl/s3_lib.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4
 * Copyright 2005 Nokia. All rights reserved.
5
 *
6
 * Licensed under the Apache License 2.0 (the "License").  You may not use
7
 * this file except in compliance with the License.  You can obtain a copy
8
 * in the file LICENSE in the source distribution or at
9
 * https://www.openssl.org/source/license.html
10
 */
11
12
#include <stdio.h>
13
#include <openssl/objects.h>
14
#include "internal/nelem.h"
15
#include "ssl_local.h"
16
#include <openssl/md5.h>
17
#include <openssl/dh.h>
18
#include <openssl/rand.h>
19
#include <openssl/trace.h>
20
#include <openssl/x509v3.h>
21
#include <openssl/core_names.h>
22
#include "internal/cryptlib.h"
23
24
612k
#define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
25
44.4M
#define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)
26
475k
#define SSL3_NUM_SCSVS          OSSL_NELEM(ssl3_scsvs)
27
28
/* TLSv1.3 downgrade protection sentinel values */
29
const unsigned char tls11downgrade[] = {
30
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
31
};
32
const unsigned char tls12downgrade[] = {
33
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
34
};
35
36
/* The list of available TLSv1.3 ciphers */
37
static SSL_CIPHER tls13_ciphers[] = {
38
    {
39
        1,
40
        TLS1_3_RFC_AES_128_GCM_SHA256,
41
        TLS1_3_RFC_AES_128_GCM_SHA256,
42
        TLS1_3_CK_AES_128_GCM_SHA256,
43
        SSL_kANY,
44
        SSL_aANY,
45
        SSL_AES128GCM,
46
        SSL_AEAD,
47
        TLS1_3_VERSION, TLS1_3_VERSION,
48
        0, 0,
49
        SSL_HIGH,
50
        SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
51
        128,
52
        128,
53
    }, {
54
        1,
55
        TLS1_3_RFC_AES_256_GCM_SHA384,
56
        TLS1_3_RFC_AES_256_GCM_SHA384,
57
        TLS1_3_CK_AES_256_GCM_SHA384,
58
        SSL_kANY,
59
        SSL_aANY,
60
        SSL_AES256GCM,
61
        SSL_AEAD,
62
        TLS1_3_VERSION, TLS1_3_VERSION,
63
        0, 0,
64
        SSL_HIGH,
65
        SSL_HANDSHAKE_MAC_SHA384 | SSL_QUIC,
66
        256,
67
        256,
68
    },
69
    {
70
        1,
71
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
72
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
73
        TLS1_3_CK_CHACHA20_POLY1305_SHA256,
74
        SSL_kANY,
75
        SSL_aANY,
76
        SSL_CHACHA20POLY1305,
77
        SSL_AEAD,
78
        TLS1_3_VERSION, TLS1_3_VERSION,
79
        0, 0,
80
        SSL_HIGH,
81
        SSL_HANDSHAKE_MAC_SHA256 | SSL_QUIC,
82
        256,
83
        256,
84
    },
85
    {
86
        1,
87
        TLS1_3_RFC_AES_128_CCM_SHA256,
88
        TLS1_3_RFC_AES_128_CCM_SHA256,
89
        TLS1_3_CK_AES_128_CCM_SHA256,
90
        SSL_kANY,
91
        SSL_aANY,
92
        SSL_AES128CCM,
93
        SSL_AEAD,
94
        TLS1_3_VERSION, TLS1_3_VERSION,
95
        0, 0,
96
        SSL_NOT_DEFAULT | SSL_HIGH,
97
        SSL_HANDSHAKE_MAC_SHA256,
98
        128,
99
        128,
100
    }, {
101
        1,
102
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
103
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
104
        TLS1_3_CK_AES_128_CCM_8_SHA256,
105
        SSL_kANY,
106
        SSL_aANY,
107
        SSL_AES128CCM8,
108
        SSL_AEAD,
109
        TLS1_3_VERSION, TLS1_3_VERSION,
110
        0, 0,
111
        SSL_NOT_DEFAULT | SSL_MEDIUM,
112
        SSL_HANDSHAKE_MAC_SHA256,
113
        64, /* CCM8 uses a short tag, so we have a low security strength */
114
        128,
115
    }
116
};
117
118
/*
119
 * The list of available ciphers, mostly organized into the following
120
 * groups:
121
 *      Always there
122
 *      EC
123
 *      PSK
124
 *      SRP (within that: RSA EC PSK)
125
 *      Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
126
 *      Weak ciphers
127
 */
128
static SSL_CIPHER ssl3_ciphers[] = {
129
    {
130
     1,
131
     SSL3_TXT_RSA_NULL_MD5,
132
     SSL3_RFC_RSA_NULL_MD5,
133
     SSL3_CK_RSA_NULL_MD5,
134
     SSL_kRSA,
135
     SSL_aRSA,
136
     SSL_eNULL,
137
     SSL_MD5,
138
     SSL3_VERSION, TLS1_2_VERSION,
139
     DTLS1_BAD_VER, DTLS1_2_VERSION,
140
     SSL_STRONG_NONE,
141
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
142
     0,
143
     0,
144
     },
145
    {
146
     1,
147
     SSL3_TXT_RSA_NULL_SHA,
148
     SSL3_RFC_RSA_NULL_SHA,
149
     SSL3_CK_RSA_NULL_SHA,
150
     SSL_kRSA,
151
     SSL_aRSA,
152
     SSL_eNULL,
153
     SSL_SHA1,
154
     SSL3_VERSION, TLS1_2_VERSION,
155
     DTLS1_BAD_VER, DTLS1_2_VERSION,
156
     SSL_STRONG_NONE | SSL_FIPS,
157
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
158
     0,
159
     0,
160
     },
161
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
162
    {
163
     1,
164
     SSL3_TXT_RSA_DES_192_CBC3_SHA,
165
     SSL3_RFC_RSA_DES_192_CBC3_SHA,
166
     SSL3_CK_RSA_DES_192_CBC3_SHA,
167
     SSL_kRSA,
168
     SSL_aRSA,
169
     SSL_3DES,
170
     SSL_SHA1,
171
     SSL3_VERSION, TLS1_2_VERSION,
172
     DTLS1_BAD_VER, DTLS1_2_VERSION,
173
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
174
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
175
     112,
176
     168,
177
     },
178
    {
179
     1,
180
     SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
181
     SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
182
     SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
183
     SSL_kDHE,
184
     SSL_aDSS,
185
     SSL_3DES,
186
     SSL_SHA1,
187
     SSL3_VERSION, TLS1_2_VERSION,
188
     DTLS1_BAD_VER, DTLS1_2_VERSION,
189
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
190
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
191
     112,
192
     168,
193
     },
194
    {
195
     1,
196
     SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
197
     SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
198
     SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
199
     SSL_kDHE,
200
     SSL_aRSA,
201
     SSL_3DES,
202
     SSL_SHA1,
203
     SSL3_VERSION, TLS1_2_VERSION,
204
     DTLS1_BAD_VER, DTLS1_2_VERSION,
205
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
206
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
207
     112,
208
     168,
209
     },
210
    {
211
     1,
212
     SSL3_TXT_ADH_DES_192_CBC_SHA,
213
     SSL3_RFC_ADH_DES_192_CBC_SHA,
214
     SSL3_CK_ADH_DES_192_CBC_SHA,
215
     SSL_kDHE,
216
     SSL_aNULL,
217
     SSL_3DES,
218
     SSL_SHA1,
219
     SSL3_VERSION, TLS1_2_VERSION,
220
     DTLS1_BAD_VER, DTLS1_2_VERSION,
221
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
222
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
223
     112,
224
     168,
225
     },
226
#endif
227
    {
228
     1,
229
     TLS1_TXT_RSA_WITH_AES_128_SHA,
230
     TLS1_RFC_RSA_WITH_AES_128_SHA,
231
     TLS1_CK_RSA_WITH_AES_128_SHA,
232
     SSL_kRSA,
233
     SSL_aRSA,
234
     SSL_AES128,
235
     SSL_SHA1,
236
     SSL3_VERSION, TLS1_2_VERSION,
237
     DTLS1_BAD_VER, DTLS1_2_VERSION,
238
     SSL_HIGH | SSL_FIPS,
239
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
240
     128,
241
     128,
242
     },
243
    {
244
     1,
245
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
246
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
247
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
248
     SSL_kDHE,
249
     SSL_aDSS,
250
     SSL_AES128,
251
     SSL_SHA1,
252
     SSL3_VERSION, TLS1_2_VERSION,
253
     DTLS1_BAD_VER, DTLS1_2_VERSION,
254
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
255
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256
     128,
257
     128,
258
     },
259
    {
260
     1,
261
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
262
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
263
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
264
     SSL_kDHE,
265
     SSL_aRSA,
266
     SSL_AES128,
267
     SSL_SHA1,
268
     SSL3_VERSION, TLS1_2_VERSION,
269
     DTLS1_BAD_VER, DTLS1_2_VERSION,
270
     SSL_HIGH | SSL_FIPS,
271
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
272
     128,
273
     128,
274
     },
275
    {
276
     1,
277
     TLS1_TXT_ADH_WITH_AES_128_SHA,
278
     TLS1_RFC_ADH_WITH_AES_128_SHA,
279
     TLS1_CK_ADH_WITH_AES_128_SHA,
280
     SSL_kDHE,
281
     SSL_aNULL,
282
     SSL_AES128,
283
     SSL_SHA1,
284
     SSL3_VERSION, TLS1_2_VERSION,
285
     DTLS1_BAD_VER, DTLS1_2_VERSION,
286
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
287
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
288
     128,
289
     128,
290
     },
291
    {
292
     1,
293
     TLS1_TXT_RSA_WITH_AES_256_SHA,
294
     TLS1_RFC_RSA_WITH_AES_256_SHA,
295
     TLS1_CK_RSA_WITH_AES_256_SHA,
296
     SSL_kRSA,
297
     SSL_aRSA,
298
     SSL_AES256,
299
     SSL_SHA1,
300
     SSL3_VERSION, TLS1_2_VERSION,
301
     DTLS1_BAD_VER, DTLS1_2_VERSION,
302
     SSL_HIGH | SSL_FIPS,
303
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
304
     256,
305
     256,
306
     },
307
    {
308
     1,
309
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
310
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
311
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
312
     SSL_kDHE,
313
     SSL_aDSS,
314
     SSL_AES256,
315
     SSL_SHA1,
316
     SSL3_VERSION, TLS1_2_VERSION,
317
     DTLS1_BAD_VER, DTLS1_2_VERSION,
318
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
319
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
320
     256,
321
     256,
322
     },
323
    {
324
     1,
325
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
326
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
327
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
328
     SSL_kDHE,
329
     SSL_aRSA,
330
     SSL_AES256,
331
     SSL_SHA1,
332
     SSL3_VERSION, TLS1_2_VERSION,
333
     DTLS1_BAD_VER, DTLS1_2_VERSION,
334
     SSL_HIGH | SSL_FIPS,
335
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
336
     256,
337
     256,
338
     },
339
    {
340
     1,
341
     TLS1_TXT_ADH_WITH_AES_256_SHA,
342
     TLS1_RFC_ADH_WITH_AES_256_SHA,
343
     TLS1_CK_ADH_WITH_AES_256_SHA,
344
     SSL_kDHE,
345
     SSL_aNULL,
346
     SSL_AES256,
347
     SSL_SHA1,
348
     SSL3_VERSION, TLS1_2_VERSION,
349
     DTLS1_BAD_VER, DTLS1_2_VERSION,
350
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
351
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
352
     256,
353
     256,
354
     },
355
    {
356
     1,
357
     TLS1_TXT_RSA_WITH_NULL_SHA256,
358
     TLS1_RFC_RSA_WITH_NULL_SHA256,
359
     TLS1_CK_RSA_WITH_NULL_SHA256,
360
     SSL_kRSA,
361
     SSL_aRSA,
362
     SSL_eNULL,
363
     SSL_SHA256,
364
     TLS1_2_VERSION, TLS1_2_VERSION,
365
     DTLS1_2_VERSION, DTLS1_2_VERSION,
366
     SSL_STRONG_NONE | SSL_FIPS,
367
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
368
     0,
369
     0,
370
     },
371
    {
372
     1,
373
     TLS1_TXT_RSA_WITH_AES_128_SHA256,
374
     TLS1_RFC_RSA_WITH_AES_128_SHA256,
375
     TLS1_CK_RSA_WITH_AES_128_SHA256,
376
     SSL_kRSA,
377
     SSL_aRSA,
378
     SSL_AES128,
379
     SSL_SHA256,
380
     TLS1_2_VERSION, TLS1_2_VERSION,
381
     DTLS1_2_VERSION, DTLS1_2_VERSION,
382
     SSL_HIGH | SSL_FIPS,
383
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
384
     128,
385
     128,
386
     },
387
    {
388
     1,
389
     TLS1_TXT_RSA_WITH_AES_256_SHA256,
390
     TLS1_RFC_RSA_WITH_AES_256_SHA256,
391
     TLS1_CK_RSA_WITH_AES_256_SHA256,
392
     SSL_kRSA,
393
     SSL_aRSA,
394
     SSL_AES256,
395
     SSL_SHA256,
396
     TLS1_2_VERSION, TLS1_2_VERSION,
397
     DTLS1_2_VERSION, DTLS1_2_VERSION,
398
     SSL_HIGH | SSL_FIPS,
399
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
400
     256,
401
     256,
402
     },
403
    {
404
     1,
405
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
406
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
407
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
408
     SSL_kDHE,
409
     SSL_aDSS,
410
     SSL_AES128,
411
     SSL_SHA256,
412
     TLS1_2_VERSION, TLS1_2_VERSION,
413
     DTLS1_2_VERSION, DTLS1_2_VERSION,
414
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
415
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
416
     128,
417
     128,
418
     },
419
    {
420
     1,
421
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
422
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
423
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
424
     SSL_kDHE,
425
     SSL_aRSA,
426
     SSL_AES128,
427
     SSL_SHA256,
428
     TLS1_2_VERSION, TLS1_2_VERSION,
429
     DTLS1_2_VERSION, DTLS1_2_VERSION,
430
     SSL_HIGH | SSL_FIPS,
431
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
432
     128,
433
     128,
434
     },
435
    {
436
     1,
437
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
438
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
439
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
440
     SSL_kDHE,
441
     SSL_aDSS,
442
     SSL_AES256,
443
     SSL_SHA256,
444
     TLS1_2_VERSION, TLS1_2_VERSION,
445
     DTLS1_2_VERSION, DTLS1_2_VERSION,
446
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
447
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
448
     256,
449
     256,
450
     },
451
    {
452
     1,
453
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
454
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
455
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
456
     SSL_kDHE,
457
     SSL_aRSA,
458
     SSL_AES256,
459
     SSL_SHA256,
460
     TLS1_2_VERSION, TLS1_2_VERSION,
461
     DTLS1_2_VERSION, DTLS1_2_VERSION,
462
     SSL_HIGH | SSL_FIPS,
463
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
464
     256,
465
     256,
466
     },
467
    {
468
     1,
469
     TLS1_TXT_ADH_WITH_AES_128_SHA256,
470
     TLS1_RFC_ADH_WITH_AES_128_SHA256,
471
     TLS1_CK_ADH_WITH_AES_128_SHA256,
472
     SSL_kDHE,
473
     SSL_aNULL,
474
     SSL_AES128,
475
     SSL_SHA256,
476
     TLS1_2_VERSION, TLS1_2_VERSION,
477
     DTLS1_2_VERSION, DTLS1_2_VERSION,
478
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
479
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
480
     128,
481
     128,
482
     },
483
    {
484
     1,
485
     TLS1_TXT_ADH_WITH_AES_256_SHA256,
486
     TLS1_RFC_ADH_WITH_AES_256_SHA256,
487
     TLS1_CK_ADH_WITH_AES_256_SHA256,
488
     SSL_kDHE,
489
     SSL_aNULL,
490
     SSL_AES256,
491
     SSL_SHA256,
492
     TLS1_2_VERSION, TLS1_2_VERSION,
493
     DTLS1_2_VERSION, DTLS1_2_VERSION,
494
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
495
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
496
     256,
497
     256,
498
     },
499
    {
500
     1,
501
     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
502
     TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
503
     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
504
     SSL_kRSA,
505
     SSL_aRSA,
506
     SSL_AES128GCM,
507
     SSL_AEAD,
508
     TLS1_2_VERSION, TLS1_2_VERSION,
509
     DTLS1_2_VERSION, DTLS1_2_VERSION,
510
     SSL_HIGH | SSL_FIPS,
511
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
512
     128,
513
     128,
514
     },
515
    {
516
     1,
517
     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
518
     TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
519
     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
520
     SSL_kRSA,
521
     SSL_aRSA,
522
     SSL_AES256GCM,
523
     SSL_AEAD,
524
     TLS1_2_VERSION, TLS1_2_VERSION,
525
     DTLS1_2_VERSION, DTLS1_2_VERSION,
526
     SSL_HIGH | SSL_FIPS,
527
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
528
     256,
529
     256,
530
     },
531
    {
532
     1,
533
     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
534
     TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
535
     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
536
     SSL_kDHE,
537
     SSL_aRSA,
538
     SSL_AES128GCM,
539
     SSL_AEAD,
540
     TLS1_2_VERSION, TLS1_2_VERSION,
541
     DTLS1_2_VERSION, DTLS1_2_VERSION,
542
     SSL_HIGH | SSL_FIPS,
543
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
544
     128,
545
     128,
546
     },
547
    {
548
     1,
549
     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
550
     TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
551
     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
552
     SSL_kDHE,
553
     SSL_aRSA,
554
     SSL_AES256GCM,
555
     SSL_AEAD,
556
     TLS1_2_VERSION, TLS1_2_VERSION,
557
     DTLS1_2_VERSION, DTLS1_2_VERSION,
558
     SSL_HIGH | SSL_FIPS,
559
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
560
     256,
561
     256,
562
     },
563
    {
564
     1,
565
     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
566
     TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
567
     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
568
     SSL_kDHE,
569
     SSL_aDSS,
570
     SSL_AES128GCM,
571
     SSL_AEAD,
572
     TLS1_2_VERSION, TLS1_2_VERSION,
573
     DTLS1_2_VERSION, DTLS1_2_VERSION,
574
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
575
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
576
     128,
577
     128,
578
     },
579
    {
580
     1,
581
     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
582
     TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
583
     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
584
     SSL_kDHE,
585
     SSL_aDSS,
586
     SSL_AES256GCM,
587
     SSL_AEAD,
588
     TLS1_2_VERSION, TLS1_2_VERSION,
589
     DTLS1_2_VERSION, DTLS1_2_VERSION,
590
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
591
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
592
     256,
593
     256,
594
     },
595
    {
596
     1,
597
     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
598
     TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
599
     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
600
     SSL_kDHE,
601
     SSL_aNULL,
602
     SSL_AES128GCM,
603
     SSL_AEAD,
604
     TLS1_2_VERSION, TLS1_2_VERSION,
605
     DTLS1_2_VERSION, DTLS1_2_VERSION,
606
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
607
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
608
     128,
609
     128,
610
     },
611
    {
612
     1,
613
     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
614
     TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
615
     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
616
     SSL_kDHE,
617
     SSL_aNULL,
618
     SSL_AES256GCM,
619
     SSL_AEAD,
620
     TLS1_2_VERSION, TLS1_2_VERSION,
621
     DTLS1_2_VERSION, DTLS1_2_VERSION,
622
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
623
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
624
     256,
625
     256,
626
     },
627
    {
628
     1,
629
     TLS1_TXT_RSA_WITH_AES_128_CCM,
630
     TLS1_RFC_RSA_WITH_AES_128_CCM,
631
     TLS1_CK_RSA_WITH_AES_128_CCM,
632
     SSL_kRSA,
633
     SSL_aRSA,
634
     SSL_AES128CCM,
635
     SSL_AEAD,
636
     TLS1_2_VERSION, TLS1_2_VERSION,
637
     DTLS1_2_VERSION, DTLS1_2_VERSION,
638
     SSL_NOT_DEFAULT | SSL_HIGH,
639
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
640
     128,
641
     128,
642
     },
643
    {
644
     1,
645
     TLS1_TXT_RSA_WITH_AES_256_CCM,
646
     TLS1_RFC_RSA_WITH_AES_256_CCM,
647
     TLS1_CK_RSA_WITH_AES_256_CCM,
648
     SSL_kRSA,
649
     SSL_aRSA,
650
     SSL_AES256CCM,
651
     SSL_AEAD,
652
     TLS1_2_VERSION, TLS1_2_VERSION,
653
     DTLS1_2_VERSION, DTLS1_2_VERSION,
654
     SSL_NOT_DEFAULT | SSL_HIGH,
655
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
656
     256,
657
     256,
658
     },
659
    {
660
     1,
661
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
662
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
663
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
664
     SSL_kDHE,
665
     SSL_aRSA,
666
     SSL_AES128CCM,
667
     SSL_AEAD,
668
     TLS1_2_VERSION, TLS1_2_VERSION,
669
     DTLS1_2_VERSION, DTLS1_2_VERSION,
670
     SSL_NOT_DEFAULT | SSL_HIGH,
671
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
672
     128,
673
     128,
674
     },
675
    {
676
     1,
677
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
678
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
679
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
680
     SSL_kDHE,
681
     SSL_aRSA,
682
     SSL_AES256CCM,
683
     SSL_AEAD,
684
     TLS1_2_VERSION, TLS1_2_VERSION,
685
     DTLS1_2_VERSION, DTLS1_2_VERSION,
686
     SSL_NOT_DEFAULT | SSL_HIGH,
687
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
688
     256,
689
     256,
690
     },
691
    {
692
     1,
693
     TLS1_TXT_RSA_WITH_AES_128_CCM_8,
694
     TLS1_RFC_RSA_WITH_AES_128_CCM_8,
695
     TLS1_CK_RSA_WITH_AES_128_CCM_8,
696
     SSL_kRSA,
697
     SSL_aRSA,
698
     SSL_AES128CCM8,
699
     SSL_AEAD,
700
     TLS1_2_VERSION, TLS1_2_VERSION,
701
     DTLS1_2_VERSION, DTLS1_2_VERSION,
702
     SSL_NOT_DEFAULT | SSL_MEDIUM,
703
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
704
     64, /* CCM8 uses a short tag, so we have a low security strength */
705
     128,
706
     },
707
    {
708
     1,
709
     TLS1_TXT_RSA_WITH_AES_256_CCM_8,
710
     TLS1_RFC_RSA_WITH_AES_256_CCM_8,
711
     TLS1_CK_RSA_WITH_AES_256_CCM_8,
712
     SSL_kRSA,
713
     SSL_aRSA,
714
     SSL_AES256CCM8,
715
     SSL_AEAD,
716
     TLS1_2_VERSION, TLS1_2_VERSION,
717
     DTLS1_2_VERSION, DTLS1_2_VERSION,
718
     SSL_NOT_DEFAULT | SSL_MEDIUM,
719
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
720
     64, /* CCM8 uses a short tag, so we have a low security strength */
721
     256,
722
     },
723
    {
724
     1,
725
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
726
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
727
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
728
     SSL_kDHE,
729
     SSL_aRSA,
730
     SSL_AES128CCM8,
731
     SSL_AEAD,
732
     TLS1_2_VERSION, TLS1_2_VERSION,
733
     DTLS1_2_VERSION, DTLS1_2_VERSION,
734
     SSL_NOT_DEFAULT | SSL_MEDIUM,
735
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
736
     64, /* CCM8 uses a short tag, so we have a low security strength */
737
     128,
738
     },
739
    {
740
     1,
741
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
742
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
743
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
744
     SSL_kDHE,
745
     SSL_aRSA,
746
     SSL_AES256CCM8,
747
     SSL_AEAD,
748
     TLS1_2_VERSION, TLS1_2_VERSION,
749
     DTLS1_2_VERSION, DTLS1_2_VERSION,
750
     SSL_NOT_DEFAULT | SSL_MEDIUM,
751
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
752
     64, /* CCM8 uses a short tag, so we have a low security strength */
753
     256,
754
     },
755
    {
756
     1,
757
     TLS1_TXT_PSK_WITH_AES_128_CCM,
758
     TLS1_RFC_PSK_WITH_AES_128_CCM,
759
     TLS1_CK_PSK_WITH_AES_128_CCM,
760
     SSL_kPSK,
761
     SSL_aPSK,
762
     SSL_AES128CCM,
763
     SSL_AEAD,
764
     TLS1_2_VERSION, TLS1_2_VERSION,
765
     DTLS1_2_VERSION, DTLS1_2_VERSION,
766
     SSL_NOT_DEFAULT | SSL_HIGH,
767
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
768
     128,
769
     128,
770
     },
771
    {
772
     1,
773
     TLS1_TXT_PSK_WITH_AES_256_CCM,
774
     TLS1_RFC_PSK_WITH_AES_256_CCM,
775
     TLS1_CK_PSK_WITH_AES_256_CCM,
776
     SSL_kPSK,
777
     SSL_aPSK,
778
     SSL_AES256CCM,
779
     SSL_AEAD,
780
     TLS1_2_VERSION, TLS1_2_VERSION,
781
     DTLS1_2_VERSION, DTLS1_2_VERSION,
782
     SSL_NOT_DEFAULT | SSL_HIGH,
783
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
784
     256,
785
     256,
786
     },
787
    {
788
     1,
789
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
790
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
791
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
792
     SSL_kDHEPSK,
793
     SSL_aPSK,
794
     SSL_AES128CCM,
795
     SSL_AEAD,
796
     TLS1_2_VERSION, TLS1_2_VERSION,
797
     DTLS1_2_VERSION, DTLS1_2_VERSION,
798
     SSL_NOT_DEFAULT | SSL_HIGH,
799
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
800
     128,
801
     128,
802
     },
803
    {
804
     1,
805
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
806
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
807
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
808
     SSL_kDHEPSK,
809
     SSL_aPSK,
810
     SSL_AES256CCM,
811
     SSL_AEAD,
812
     TLS1_2_VERSION, TLS1_2_VERSION,
813
     DTLS1_2_VERSION, DTLS1_2_VERSION,
814
     SSL_NOT_DEFAULT | SSL_HIGH,
815
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
816
     256,
817
     256,
818
     },
819
    {
820
     1,
821
     TLS1_TXT_PSK_WITH_AES_128_CCM_8,
822
     TLS1_RFC_PSK_WITH_AES_128_CCM_8,
823
     TLS1_CK_PSK_WITH_AES_128_CCM_8,
824
     SSL_kPSK,
825
     SSL_aPSK,
826
     SSL_AES128CCM8,
827
     SSL_AEAD,
828
     TLS1_2_VERSION, TLS1_2_VERSION,
829
     DTLS1_2_VERSION, DTLS1_2_VERSION,
830
     SSL_NOT_DEFAULT | SSL_MEDIUM,
831
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
832
     64, /* CCM8 uses a short tag, so we have a low security strength */
833
     128,
834
     },
835
    {
836
     1,
837
     TLS1_TXT_PSK_WITH_AES_256_CCM_8,
838
     TLS1_RFC_PSK_WITH_AES_256_CCM_8,
839
     TLS1_CK_PSK_WITH_AES_256_CCM_8,
840
     SSL_kPSK,
841
     SSL_aPSK,
842
     SSL_AES256CCM8,
843
     SSL_AEAD,
844
     TLS1_2_VERSION, TLS1_2_VERSION,
845
     DTLS1_2_VERSION, DTLS1_2_VERSION,
846
     SSL_NOT_DEFAULT | SSL_MEDIUM,
847
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
848
     64, /* CCM8 uses a short tag, so we have a low security strength */
849
     256,
850
     },
851
    {
852
     1,
853
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
854
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
855
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
856
     SSL_kDHEPSK,
857
     SSL_aPSK,
858
     SSL_AES128CCM8,
859
     SSL_AEAD,
860
     TLS1_2_VERSION, TLS1_2_VERSION,
861
     DTLS1_2_VERSION, DTLS1_2_VERSION,
862
     SSL_NOT_DEFAULT | SSL_MEDIUM,
863
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
864
     64, /* CCM8 uses a short tag, so we have a low security strength */
865
     128,
866
     },
867
    {
868
     1,
869
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
870
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
871
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
872
     SSL_kDHEPSK,
873
     SSL_aPSK,
874
     SSL_AES256CCM8,
875
     SSL_AEAD,
876
     TLS1_2_VERSION, TLS1_2_VERSION,
877
     DTLS1_2_VERSION, DTLS1_2_VERSION,
878
     SSL_NOT_DEFAULT | SSL_MEDIUM,
879
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
880
     64, /* CCM8 uses a short tag, so we have a low security strength */
881
     256,
882
     },
883
    {
884
     1,
885
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
886
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
887
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
888
     SSL_kECDHE,
889
     SSL_aECDSA,
890
     SSL_AES128CCM,
891
     SSL_AEAD,
892
     TLS1_2_VERSION, TLS1_2_VERSION,
893
     DTLS1_2_VERSION, DTLS1_2_VERSION,
894
     SSL_NOT_DEFAULT | SSL_HIGH,
895
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
896
     128,
897
     128,
898
     },
899
    {
900
     1,
901
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
902
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
903
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
904
     SSL_kECDHE,
905
     SSL_aECDSA,
906
     SSL_AES256CCM,
907
     SSL_AEAD,
908
     TLS1_2_VERSION, TLS1_2_VERSION,
909
     DTLS1_2_VERSION, DTLS1_2_VERSION,
910
     SSL_NOT_DEFAULT | SSL_HIGH,
911
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
912
     256,
913
     256,
914
     },
915
    {
916
     1,
917
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
918
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
919
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
920
     SSL_kECDHE,
921
     SSL_aECDSA,
922
     SSL_AES128CCM8,
923
     SSL_AEAD,
924
     TLS1_2_VERSION, TLS1_2_VERSION,
925
     DTLS1_2_VERSION, DTLS1_2_VERSION,
926
     SSL_NOT_DEFAULT | SSL_MEDIUM,
927
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
928
     64, /* CCM8 uses a short tag, so we have a low security strength */
929
     128,
930
     },
931
    {
932
     1,
933
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
934
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
935
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
936
     SSL_kECDHE,
937
     SSL_aECDSA,
938
     SSL_AES256CCM8,
939
     SSL_AEAD,
940
     TLS1_2_VERSION, TLS1_2_VERSION,
941
     DTLS1_2_VERSION, DTLS1_2_VERSION,
942
     SSL_NOT_DEFAULT | SSL_MEDIUM,
943
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
944
     64, /* CCM8 uses a short tag, so we have a low security strength */
945
     256,
946
     },
947
    {
948
     1,
949
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
950
     TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
951
     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
952
     SSL_kECDHE,
953
     SSL_aECDSA,
954
     SSL_eNULL,
955
     SSL_SHA1,
956
     TLS1_VERSION, TLS1_2_VERSION,
957
     DTLS1_BAD_VER, DTLS1_2_VERSION,
958
     SSL_STRONG_NONE | SSL_FIPS,
959
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
960
     0,
961
     0,
962
     },
963
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
964
    {
965
     1,
966
     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
967
     TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
968
     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
969
     SSL_kECDHE,
970
     SSL_aECDSA,
971
     SSL_3DES,
972
     SSL_SHA1,
973
     TLS1_VERSION, TLS1_2_VERSION,
974
     DTLS1_BAD_VER, DTLS1_2_VERSION,
975
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
976
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
977
     112,
978
     168,
979
     },
980
# endif
981
    {
982
     1,
983
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
984
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
985
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
986
     SSL_kECDHE,
987
     SSL_aECDSA,
988
     SSL_AES128,
989
     SSL_SHA1,
990
     TLS1_VERSION, TLS1_2_VERSION,
991
     DTLS1_BAD_VER, DTLS1_2_VERSION,
992
     SSL_HIGH | SSL_FIPS,
993
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
994
     128,
995
     128,
996
     },
997
    {
998
     1,
999
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1000
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1001
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1002
     SSL_kECDHE,
1003
     SSL_aECDSA,
1004
     SSL_AES256,
1005
     SSL_SHA1,
1006
     TLS1_VERSION, TLS1_2_VERSION,
1007
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1008
     SSL_HIGH | SSL_FIPS,
1009
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1010
     256,
1011
     256,
1012
     },
1013
    {
1014
     1,
1015
     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1016
     TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1017
     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1018
     SSL_kECDHE,
1019
     SSL_aRSA,
1020
     SSL_eNULL,
1021
     SSL_SHA1,
1022
     TLS1_VERSION, TLS1_2_VERSION,
1023
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1024
     SSL_STRONG_NONE | SSL_FIPS,
1025
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1026
     0,
1027
     0,
1028
     },
1029
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1030
    {
1031
     1,
1032
     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1033
     TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1034
     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1035
     SSL_kECDHE,
1036
     SSL_aRSA,
1037
     SSL_3DES,
1038
     SSL_SHA1,
1039
     TLS1_VERSION, TLS1_2_VERSION,
1040
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1041
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1042
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1043
     112,
1044
     168,
1045
     },
1046
# endif
1047
    {
1048
     1,
1049
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1050
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1051
     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1052
     SSL_kECDHE,
1053
     SSL_aRSA,
1054
     SSL_AES128,
1055
     SSL_SHA1,
1056
     TLS1_VERSION, TLS1_2_VERSION,
1057
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1058
     SSL_HIGH | SSL_FIPS,
1059
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1060
     128,
1061
     128,
1062
     },
1063
    {
1064
     1,
1065
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1066
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1067
     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1068
     SSL_kECDHE,
1069
     SSL_aRSA,
1070
     SSL_AES256,
1071
     SSL_SHA1,
1072
     TLS1_VERSION, TLS1_2_VERSION,
1073
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1074
     SSL_HIGH | SSL_FIPS,
1075
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1076
     256,
1077
     256,
1078
     },
1079
    {
1080
     1,
1081
     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1082
     TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1083
     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1084
     SSL_kECDHE,
1085
     SSL_aNULL,
1086
     SSL_eNULL,
1087
     SSL_SHA1,
1088
     TLS1_VERSION, TLS1_2_VERSION,
1089
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1090
     SSL_STRONG_NONE | SSL_FIPS,
1091
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1092
     0,
1093
     0,
1094
     },
1095
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1096
    {
1097
     1,
1098
     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1099
     TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1100
     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1101
     SSL_kECDHE,
1102
     SSL_aNULL,
1103
     SSL_3DES,
1104
     SSL_SHA1,
1105
     TLS1_VERSION, TLS1_2_VERSION,
1106
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1107
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1108
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1109
     112,
1110
     168,
1111
     },
1112
# endif
1113
    {
1114
     1,
1115
     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1116
     TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1117
     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1118
     SSL_kECDHE,
1119
     SSL_aNULL,
1120
     SSL_AES128,
1121
     SSL_SHA1,
1122
     TLS1_VERSION, TLS1_2_VERSION,
1123
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1124
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1125
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1126
     128,
1127
     128,
1128
     },
1129
    {
1130
     1,
1131
     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1132
     TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1133
     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1134
     SSL_kECDHE,
1135
     SSL_aNULL,
1136
     SSL_AES256,
1137
     SSL_SHA1,
1138
     TLS1_VERSION, TLS1_2_VERSION,
1139
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1140
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1141
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1142
     256,
1143
     256,
1144
     },
1145
    {
1146
     1,
1147
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1148
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1149
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1150
     SSL_kECDHE,
1151
     SSL_aECDSA,
1152
     SSL_AES128,
1153
     SSL_SHA256,
1154
     TLS1_2_VERSION, TLS1_2_VERSION,
1155
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1156
     SSL_HIGH | SSL_FIPS,
1157
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1158
     128,
1159
     128,
1160
     },
1161
    {
1162
     1,
1163
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1164
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1165
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1166
     SSL_kECDHE,
1167
     SSL_aECDSA,
1168
     SSL_AES256,
1169
     SSL_SHA384,
1170
     TLS1_2_VERSION, TLS1_2_VERSION,
1171
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1172
     SSL_HIGH | SSL_FIPS,
1173
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1174
     256,
1175
     256,
1176
     },
1177
    {
1178
     1,
1179
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1180
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1181
     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1182
     SSL_kECDHE,
1183
     SSL_aRSA,
1184
     SSL_AES128,
1185
     SSL_SHA256,
1186
     TLS1_2_VERSION, TLS1_2_VERSION,
1187
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1188
     SSL_HIGH | SSL_FIPS,
1189
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1190
     128,
1191
     128,
1192
     },
1193
    {
1194
     1,
1195
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1196
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1197
     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1198
     SSL_kECDHE,
1199
     SSL_aRSA,
1200
     SSL_AES256,
1201
     SSL_SHA384,
1202
     TLS1_2_VERSION, TLS1_2_VERSION,
1203
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1204
     SSL_HIGH | SSL_FIPS,
1205
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1206
     256,
1207
     256,
1208
     },
1209
    {
1210
     1,
1211
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1212
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1213
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1214
     SSL_kECDHE,
1215
     SSL_aECDSA,
1216
     SSL_AES128GCM,
1217
     SSL_AEAD,
1218
     TLS1_2_VERSION, TLS1_2_VERSION,
1219
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1220
     SSL_HIGH | SSL_FIPS,
1221
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1222
     128,
1223
     128,
1224
     },
1225
    {
1226
     1,
1227
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1228
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1229
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1230
     SSL_kECDHE,
1231
     SSL_aECDSA,
1232
     SSL_AES256GCM,
1233
     SSL_AEAD,
1234
     TLS1_2_VERSION, TLS1_2_VERSION,
1235
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1236
     SSL_HIGH | SSL_FIPS,
1237
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1238
     256,
1239
     256,
1240
     },
1241
    {
1242
     1,
1243
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1244
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1245
     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1246
     SSL_kECDHE,
1247
     SSL_aRSA,
1248
     SSL_AES128GCM,
1249
     SSL_AEAD,
1250
     TLS1_2_VERSION, TLS1_2_VERSION,
1251
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1252
     SSL_HIGH | SSL_FIPS,
1253
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1254
     128,
1255
     128,
1256
     },
1257
    {
1258
     1,
1259
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1260
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1261
     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1262
     SSL_kECDHE,
1263
     SSL_aRSA,
1264
     SSL_AES256GCM,
1265
     SSL_AEAD,
1266
     TLS1_2_VERSION, TLS1_2_VERSION,
1267
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1268
     SSL_HIGH | SSL_FIPS,
1269
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1270
     256,
1271
     256,
1272
     },
1273
    {
1274
     1,
1275
     TLS1_TXT_PSK_WITH_NULL_SHA,
1276
     TLS1_RFC_PSK_WITH_NULL_SHA,
1277
     TLS1_CK_PSK_WITH_NULL_SHA,
1278
     SSL_kPSK,
1279
     SSL_aPSK,
1280
     SSL_eNULL,
1281
     SSL_SHA1,
1282
     SSL3_VERSION, TLS1_2_VERSION,
1283
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1284
     SSL_STRONG_NONE | SSL_FIPS,
1285
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1286
     0,
1287
     0,
1288
     },
1289
    {
1290
     1,
1291
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1292
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1293
     TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1294
     SSL_kDHEPSK,
1295
     SSL_aPSK,
1296
     SSL_eNULL,
1297
     SSL_SHA1,
1298
     SSL3_VERSION, TLS1_2_VERSION,
1299
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1300
     SSL_STRONG_NONE | SSL_FIPS,
1301
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1302
     0,
1303
     0,
1304
     },
1305
    {
1306
     1,
1307
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1308
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1309
     TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1310
     SSL_kRSAPSK,
1311
     SSL_aRSA,
1312
     SSL_eNULL,
1313
     SSL_SHA1,
1314
     SSL3_VERSION, TLS1_2_VERSION,
1315
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1316
     SSL_STRONG_NONE | SSL_FIPS,
1317
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1318
     0,
1319
     0,
1320
     },
1321
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1322
    {
1323
     1,
1324
     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1325
     TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1326
     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1327
     SSL_kPSK,
1328
     SSL_aPSK,
1329
     SSL_3DES,
1330
     SSL_SHA1,
1331
     SSL3_VERSION, TLS1_2_VERSION,
1332
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1333
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1334
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1335
     112,
1336
     168,
1337
     },
1338
# endif
1339
    {
1340
     1,
1341
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1342
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1343
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1344
     SSL_kPSK,
1345
     SSL_aPSK,
1346
     SSL_AES128,
1347
     SSL_SHA1,
1348
     SSL3_VERSION, TLS1_2_VERSION,
1349
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1350
     SSL_HIGH | SSL_FIPS,
1351
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1352
     128,
1353
     128,
1354
     },
1355
    {
1356
     1,
1357
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1358
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1359
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1360
     SSL_kPSK,
1361
     SSL_aPSK,
1362
     SSL_AES256,
1363
     SSL_SHA1,
1364
     SSL3_VERSION, TLS1_2_VERSION,
1365
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1366
     SSL_HIGH | SSL_FIPS,
1367
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1368
     256,
1369
     256,
1370
     },
1371
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1372
    {
1373
     1,
1374
     TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1375
     TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376
     TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1377
     SSL_kDHEPSK,
1378
     SSL_aPSK,
1379
     SSL_3DES,
1380
     SSL_SHA1,
1381
     SSL3_VERSION, TLS1_2_VERSION,
1382
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1383
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1384
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1385
     112,
1386
     168,
1387
     },
1388
# endif
1389
    {
1390
     1,
1391
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1392
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1393
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1394
     SSL_kDHEPSK,
1395
     SSL_aPSK,
1396
     SSL_AES128,
1397
     SSL_SHA1,
1398
     SSL3_VERSION, TLS1_2_VERSION,
1399
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1400
     SSL_HIGH | SSL_FIPS,
1401
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1402
     128,
1403
     128,
1404
     },
1405
    {
1406
     1,
1407
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1408
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1409
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1410
     SSL_kDHEPSK,
1411
     SSL_aPSK,
1412
     SSL_AES256,
1413
     SSL_SHA1,
1414
     SSL3_VERSION, TLS1_2_VERSION,
1415
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1416
     SSL_HIGH | SSL_FIPS,
1417
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1418
     256,
1419
     256,
1420
     },
1421
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1422
    {
1423
     1,
1424
     TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1425
     TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426
     TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1427
     SSL_kRSAPSK,
1428
     SSL_aRSA,
1429
     SSL_3DES,
1430
     SSL_SHA1,
1431
     SSL3_VERSION, TLS1_2_VERSION,
1432
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1433
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1434
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1435
     112,
1436
     168,
1437
     },
1438
# endif
1439
    {
1440
     1,
1441
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1442
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1443
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1444
     SSL_kRSAPSK,
1445
     SSL_aRSA,
1446
     SSL_AES128,
1447
     SSL_SHA1,
1448
     SSL3_VERSION, TLS1_2_VERSION,
1449
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1450
     SSL_HIGH | SSL_FIPS,
1451
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1452
     128,
1453
     128,
1454
     },
1455
    {
1456
     1,
1457
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1458
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1459
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1460
     SSL_kRSAPSK,
1461
     SSL_aRSA,
1462
     SSL_AES256,
1463
     SSL_SHA1,
1464
     SSL3_VERSION, TLS1_2_VERSION,
1465
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1466
     SSL_HIGH | SSL_FIPS,
1467
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1468
     256,
1469
     256,
1470
     },
1471
    {
1472
     1,
1473
     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1474
     TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1475
     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1476
     SSL_kPSK,
1477
     SSL_aPSK,
1478
     SSL_AES128GCM,
1479
     SSL_AEAD,
1480
     TLS1_2_VERSION, TLS1_2_VERSION,
1481
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1482
     SSL_HIGH | SSL_FIPS,
1483
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1484
     128,
1485
     128,
1486
     },
1487
    {
1488
     1,
1489
     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1490
     TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1491
     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1492
     SSL_kPSK,
1493
     SSL_aPSK,
1494
     SSL_AES256GCM,
1495
     SSL_AEAD,
1496
     TLS1_2_VERSION, TLS1_2_VERSION,
1497
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1498
     SSL_HIGH | SSL_FIPS,
1499
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1500
     256,
1501
     256,
1502
     },
1503
    {
1504
     1,
1505
     TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1506
     TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507
     TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1508
     SSL_kDHEPSK,
1509
     SSL_aPSK,
1510
     SSL_AES128GCM,
1511
     SSL_AEAD,
1512
     TLS1_2_VERSION, TLS1_2_VERSION,
1513
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1514
     SSL_HIGH | SSL_FIPS,
1515
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1516
     128,
1517
     128,
1518
     },
1519
    {
1520
     1,
1521
     TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1522
     TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523
     TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1524
     SSL_kDHEPSK,
1525
     SSL_aPSK,
1526
     SSL_AES256GCM,
1527
     SSL_AEAD,
1528
     TLS1_2_VERSION, TLS1_2_VERSION,
1529
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1530
     SSL_HIGH | SSL_FIPS,
1531
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1532
     256,
1533
     256,
1534
     },
1535
    {
1536
     1,
1537
     TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1538
     TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539
     TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1540
     SSL_kRSAPSK,
1541
     SSL_aRSA,
1542
     SSL_AES128GCM,
1543
     SSL_AEAD,
1544
     TLS1_2_VERSION, TLS1_2_VERSION,
1545
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1546
     SSL_HIGH | SSL_FIPS,
1547
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1548
     128,
1549
     128,
1550
     },
1551
    {
1552
     1,
1553
     TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1554
     TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555
     TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1556
     SSL_kRSAPSK,
1557
     SSL_aRSA,
1558
     SSL_AES256GCM,
1559
     SSL_AEAD,
1560
     TLS1_2_VERSION, TLS1_2_VERSION,
1561
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1562
     SSL_HIGH | SSL_FIPS,
1563
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1564
     256,
1565
     256,
1566
     },
1567
    {
1568
     1,
1569
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1570
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1571
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1572
     SSL_kPSK,
1573
     SSL_aPSK,
1574
     SSL_AES128,
1575
     SSL_SHA256,
1576
     TLS1_VERSION, TLS1_2_VERSION,
1577
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1578
     SSL_HIGH | SSL_FIPS,
1579
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1580
     128,
1581
     128,
1582
     },
1583
    {
1584
     1,
1585
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1586
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1587
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1588
     SSL_kPSK,
1589
     SSL_aPSK,
1590
     SSL_AES256,
1591
     SSL_SHA384,
1592
     TLS1_VERSION, TLS1_2_VERSION,
1593
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1594
     SSL_HIGH | SSL_FIPS,
1595
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1596
     256,
1597
     256,
1598
     },
1599
    {
1600
     1,
1601
     TLS1_TXT_PSK_WITH_NULL_SHA256,
1602
     TLS1_RFC_PSK_WITH_NULL_SHA256,
1603
     TLS1_CK_PSK_WITH_NULL_SHA256,
1604
     SSL_kPSK,
1605
     SSL_aPSK,
1606
     SSL_eNULL,
1607
     SSL_SHA256,
1608
     TLS1_VERSION, TLS1_2_VERSION,
1609
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1610
     SSL_STRONG_NONE | SSL_FIPS,
1611
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1612
     0,
1613
     0,
1614
     },
1615
    {
1616
     1,
1617
     TLS1_TXT_PSK_WITH_NULL_SHA384,
1618
     TLS1_RFC_PSK_WITH_NULL_SHA384,
1619
     TLS1_CK_PSK_WITH_NULL_SHA384,
1620
     SSL_kPSK,
1621
     SSL_aPSK,
1622
     SSL_eNULL,
1623
     SSL_SHA384,
1624
     TLS1_VERSION, TLS1_2_VERSION,
1625
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1626
     SSL_STRONG_NONE | SSL_FIPS,
1627
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1628
     0,
1629
     0,
1630
     },
1631
    {
1632
     1,
1633
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1634
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1636
     SSL_kDHEPSK,
1637
     SSL_aPSK,
1638
     SSL_AES128,
1639
     SSL_SHA256,
1640
     TLS1_VERSION, TLS1_2_VERSION,
1641
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1642
     SSL_HIGH | SSL_FIPS,
1643
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1644
     128,
1645
     128,
1646
     },
1647
    {
1648
     1,
1649
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1650
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1652
     SSL_kDHEPSK,
1653
     SSL_aPSK,
1654
     SSL_AES256,
1655
     SSL_SHA384,
1656
     TLS1_VERSION, TLS1_2_VERSION,
1657
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1658
     SSL_HIGH | SSL_FIPS,
1659
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1660
     256,
1661
     256,
1662
     },
1663
    {
1664
     1,
1665
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1666
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1667
     TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1668
     SSL_kDHEPSK,
1669
     SSL_aPSK,
1670
     SSL_eNULL,
1671
     SSL_SHA256,
1672
     TLS1_VERSION, TLS1_2_VERSION,
1673
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1674
     SSL_STRONG_NONE | SSL_FIPS,
1675
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1676
     0,
1677
     0,
1678
     },
1679
    {
1680
     1,
1681
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1682
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1683
     TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1684
     SSL_kDHEPSK,
1685
     SSL_aPSK,
1686
     SSL_eNULL,
1687
     SSL_SHA384,
1688
     TLS1_VERSION, TLS1_2_VERSION,
1689
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1690
     SSL_STRONG_NONE | SSL_FIPS,
1691
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1692
     0,
1693
     0,
1694
     },
1695
    {
1696
     1,
1697
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1698
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1700
     SSL_kRSAPSK,
1701
     SSL_aRSA,
1702
     SSL_AES128,
1703
     SSL_SHA256,
1704
     TLS1_VERSION, TLS1_2_VERSION,
1705
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1706
     SSL_HIGH | SSL_FIPS,
1707
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1708
     128,
1709
     128,
1710
     },
1711
    {
1712
     1,
1713
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1714
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1716
     SSL_kRSAPSK,
1717
     SSL_aRSA,
1718
     SSL_AES256,
1719
     SSL_SHA384,
1720
     TLS1_VERSION, TLS1_2_VERSION,
1721
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1722
     SSL_HIGH | SSL_FIPS,
1723
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1724
     256,
1725
     256,
1726
     },
1727
    {
1728
     1,
1729
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1730
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1731
     TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1732
     SSL_kRSAPSK,
1733
     SSL_aRSA,
1734
     SSL_eNULL,
1735
     SSL_SHA256,
1736
     TLS1_VERSION, TLS1_2_VERSION,
1737
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1738
     SSL_STRONG_NONE | SSL_FIPS,
1739
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1740
     0,
1741
     0,
1742
     },
1743
    {
1744
     1,
1745
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1746
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1747
     TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1748
     SSL_kRSAPSK,
1749
     SSL_aRSA,
1750
     SSL_eNULL,
1751
     SSL_SHA384,
1752
     TLS1_VERSION, TLS1_2_VERSION,
1753
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1754
     SSL_STRONG_NONE | SSL_FIPS,
1755
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1756
     0,
1757
     0,
1758
     },
1759
#  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1760
    {
1761
     1,
1762
     TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1763
     TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1764
     TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1765
     SSL_kECDHEPSK,
1766
     SSL_aPSK,
1767
     SSL_3DES,
1768
     SSL_SHA1,
1769
     TLS1_VERSION, TLS1_2_VERSION,
1770
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1771
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1772
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1773
     112,
1774
     168,
1775
     },
1776
#  endif
1777
    {
1778
     1,
1779
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1780
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1781
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1782
     SSL_kECDHEPSK,
1783
     SSL_aPSK,
1784
     SSL_AES128,
1785
     SSL_SHA1,
1786
     TLS1_VERSION, TLS1_2_VERSION,
1787
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1788
     SSL_HIGH | SSL_FIPS,
1789
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1790
     128,
1791
     128,
1792
     },
1793
    {
1794
     1,
1795
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1796
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1797
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1798
     SSL_kECDHEPSK,
1799
     SSL_aPSK,
1800
     SSL_AES256,
1801
     SSL_SHA1,
1802
     TLS1_VERSION, TLS1_2_VERSION,
1803
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1804
     SSL_HIGH | SSL_FIPS,
1805
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1806
     256,
1807
     256,
1808
     },
1809
    {
1810
     1,
1811
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1812
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1813
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1814
     SSL_kECDHEPSK,
1815
     SSL_aPSK,
1816
     SSL_AES128,
1817
     SSL_SHA256,
1818
     TLS1_VERSION, TLS1_2_VERSION,
1819
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1820
     SSL_HIGH | SSL_FIPS,
1821
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1822
     128,
1823
     128,
1824
     },
1825
    {
1826
     1,
1827
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1828
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1829
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1830
     SSL_kECDHEPSK,
1831
     SSL_aPSK,
1832
     SSL_AES256,
1833
     SSL_SHA384,
1834
     TLS1_VERSION, TLS1_2_VERSION,
1835
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1836
     SSL_HIGH | SSL_FIPS,
1837
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1838
     256,
1839
     256,
1840
     },
1841
    {
1842
     1,
1843
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1844
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1845
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1846
     SSL_kECDHEPSK,
1847
     SSL_aPSK,
1848
     SSL_eNULL,
1849
     SSL_SHA1,
1850
     TLS1_VERSION, TLS1_2_VERSION,
1851
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1852
     SSL_STRONG_NONE | SSL_FIPS,
1853
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1854
     0,
1855
     0,
1856
     },
1857
    {
1858
     1,
1859
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1860
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1861
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1862
     SSL_kECDHEPSK,
1863
     SSL_aPSK,
1864
     SSL_eNULL,
1865
     SSL_SHA256,
1866
     TLS1_VERSION, TLS1_2_VERSION,
1867
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1868
     SSL_STRONG_NONE | SSL_FIPS,
1869
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1870
     0,
1871
     0,
1872
     },
1873
    {
1874
     1,
1875
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1876
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1877
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1878
     SSL_kECDHEPSK,
1879
     SSL_aPSK,
1880
     SSL_eNULL,
1881
     SSL_SHA384,
1882
     TLS1_VERSION, TLS1_2_VERSION,
1883
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1884
     SSL_STRONG_NONE | SSL_FIPS,
1885
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1886
     0,
1887
     0,
1888
     },
1889
1890
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1891
    {
1892
     1,
1893
     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1894
     TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1895
     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1896
     SSL_kSRP,
1897
     SSL_aSRP,
1898
     SSL_3DES,
1899
     SSL_SHA1,
1900
     SSL3_VERSION, TLS1_2_VERSION,
1901
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1902
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1903
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1904
     112,
1905
     168,
1906
     },
1907
    {
1908
     1,
1909
     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1910
     TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1911
     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1912
     SSL_kSRP,
1913
     SSL_aRSA,
1914
     SSL_3DES,
1915
     SSL_SHA1,
1916
     SSL3_VERSION, TLS1_2_VERSION,
1917
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1918
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1919
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1920
     112,
1921
     168,
1922
     },
1923
    {
1924
     1,
1925
     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1926
     TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1927
     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1928
     SSL_kSRP,
1929
     SSL_aDSS,
1930
     SSL_3DES,
1931
     SSL_SHA1,
1932
     SSL3_VERSION, TLS1_2_VERSION,
1933
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1934
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1935
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1936
     112,
1937
     168,
1938
     },
1939
# endif
1940
    {
1941
     1,
1942
     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1943
     TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1944
     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1945
     SSL_kSRP,
1946
     SSL_aSRP,
1947
     SSL_AES128,
1948
     SSL_SHA1,
1949
     SSL3_VERSION, TLS1_2_VERSION,
1950
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1951
     SSL_HIGH,
1952
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1953
     128,
1954
     128,
1955
     },
1956
    {
1957
     1,
1958
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1959
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1960
     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1961
     SSL_kSRP,
1962
     SSL_aRSA,
1963
     SSL_AES128,
1964
     SSL_SHA1,
1965
     SSL3_VERSION, TLS1_2_VERSION,
1966
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1967
     SSL_HIGH,
1968
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1969
     128,
1970
     128,
1971
     },
1972
    {
1973
     1,
1974
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1975
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1976
     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1977
     SSL_kSRP,
1978
     SSL_aDSS,
1979
     SSL_AES128,
1980
     SSL_SHA1,
1981
     SSL3_VERSION, TLS1_2_VERSION,
1982
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1983
     SSL_NOT_DEFAULT | SSL_HIGH,
1984
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1985
     128,
1986
     128,
1987
     },
1988
    {
1989
     1,
1990
     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1991
     TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1992
     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1993
     SSL_kSRP,
1994
     SSL_aSRP,
1995
     SSL_AES256,
1996
     SSL_SHA1,
1997
     SSL3_VERSION, TLS1_2_VERSION,
1998
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1999
     SSL_HIGH,
2000
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2001
     256,
2002
     256,
2003
     },
2004
    {
2005
     1,
2006
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2007
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2008
     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2009
     SSL_kSRP,
2010
     SSL_aRSA,
2011
     SSL_AES256,
2012
     SSL_SHA1,
2013
     SSL3_VERSION, TLS1_2_VERSION,
2014
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2015
     SSL_HIGH,
2016
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2017
     256,
2018
     256,
2019
     },
2020
    {
2021
     1,
2022
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2023
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2024
     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2025
     SSL_kSRP,
2026
     SSL_aDSS,
2027
     SSL_AES256,
2028
     SSL_SHA1,
2029
     SSL3_VERSION, TLS1_2_VERSION,
2030
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2031
     SSL_NOT_DEFAULT | SSL_HIGH,
2032
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2033
     256,
2034
     256,
2035
     },
2036
2037
    {
2038
     1,
2039
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2040
     TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2041
     TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2042
     SSL_kDHE,
2043
     SSL_aRSA,
2044
     SSL_CHACHA20POLY1305,
2045
     SSL_AEAD,
2046
     TLS1_2_VERSION, TLS1_2_VERSION,
2047
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2048
     SSL_HIGH,
2049
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2050
     256,
2051
     256,
2052
     },
2053
    {
2054
     1,
2055
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2056
     TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2057
     TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2058
     SSL_kECDHE,
2059
     SSL_aRSA,
2060
     SSL_CHACHA20POLY1305,
2061
     SSL_AEAD,
2062
     TLS1_2_VERSION, TLS1_2_VERSION,
2063
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2064
     SSL_HIGH,
2065
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2066
     256,
2067
     256,
2068
     },
2069
    {
2070
     1,
2071
     TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2072
     TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2073
     TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2074
     SSL_kECDHE,
2075
     SSL_aECDSA,
2076
     SSL_CHACHA20POLY1305,
2077
     SSL_AEAD,
2078
     TLS1_2_VERSION, TLS1_2_VERSION,
2079
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2080
     SSL_HIGH,
2081
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2082
     256,
2083
     256,
2084
     },
2085
    {
2086
     1,
2087
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2088
     TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2089
     TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2090
     SSL_kPSK,
2091
     SSL_aPSK,
2092
     SSL_CHACHA20POLY1305,
2093
     SSL_AEAD,
2094
     TLS1_2_VERSION, TLS1_2_VERSION,
2095
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2096
     SSL_HIGH,
2097
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2098
     256,
2099
     256,
2100
     },
2101
    {
2102
     1,
2103
     TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2104
     TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2105
     TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2106
     SSL_kECDHEPSK,
2107
     SSL_aPSK,
2108
     SSL_CHACHA20POLY1305,
2109
     SSL_AEAD,
2110
     TLS1_2_VERSION, TLS1_2_VERSION,
2111
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2112
     SSL_HIGH,
2113
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2114
     256,
2115
     256,
2116
     },
2117
    {
2118
     1,
2119
     TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2120
     TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2121
     TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2122
     SSL_kDHEPSK,
2123
     SSL_aPSK,
2124
     SSL_CHACHA20POLY1305,
2125
     SSL_AEAD,
2126
     TLS1_2_VERSION, TLS1_2_VERSION,
2127
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2128
     SSL_HIGH,
2129
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2130
     256,
2131
     256,
2132
     },
2133
    {
2134
     1,
2135
     TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2136
     TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2137
     TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2138
     SSL_kRSAPSK,
2139
     SSL_aRSA,
2140
     SSL_CHACHA20POLY1305,
2141
     SSL_AEAD,
2142
     TLS1_2_VERSION, TLS1_2_VERSION,
2143
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2144
     SSL_HIGH,
2145
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2146
     256,
2147
     256,
2148
     },
2149
2150
    {
2151
     1,
2152
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2153
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2154
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2155
     SSL_kRSA,
2156
     SSL_aRSA,
2157
     SSL_CAMELLIA128,
2158
     SSL_SHA256,
2159
     TLS1_2_VERSION, TLS1_2_VERSION,
2160
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2161
     SSL_NOT_DEFAULT | SSL_HIGH,
2162
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2163
     128,
2164
     128,
2165
     },
2166
    {
2167
     1,
2168
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2169
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2170
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2171
     SSL_kDHE,
2172
     SSL_aDSS,
2173
     SSL_CAMELLIA128,
2174
     SSL_SHA256,
2175
     TLS1_2_VERSION, TLS1_2_VERSION,
2176
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2177
     SSL_NOT_DEFAULT | SSL_HIGH,
2178
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2179
     128,
2180
     128,
2181
     },
2182
    {
2183
     1,
2184
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2185
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2186
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2187
     SSL_kDHE,
2188
     SSL_aRSA,
2189
     SSL_CAMELLIA128,
2190
     SSL_SHA256,
2191
     TLS1_2_VERSION, TLS1_2_VERSION,
2192
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2193
     SSL_NOT_DEFAULT | SSL_HIGH,
2194
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2195
     128,
2196
     128,
2197
     },
2198
    {
2199
     1,
2200
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2201
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2202
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2203
     SSL_kDHE,
2204
     SSL_aNULL,
2205
     SSL_CAMELLIA128,
2206
     SSL_SHA256,
2207
     TLS1_2_VERSION, TLS1_2_VERSION,
2208
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2209
     SSL_NOT_DEFAULT | SSL_HIGH,
2210
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2211
     128,
2212
     128,
2213
     },
2214
    {
2215
     1,
2216
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2217
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2218
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2219
     SSL_kRSA,
2220
     SSL_aRSA,
2221
     SSL_CAMELLIA256,
2222
     SSL_SHA256,
2223
     TLS1_2_VERSION, TLS1_2_VERSION,
2224
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2225
     SSL_NOT_DEFAULT | SSL_HIGH,
2226
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2227
     256,
2228
     256,
2229
     },
2230
    {
2231
     1,
2232
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2233
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2234
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2235
     SSL_kDHE,
2236
     SSL_aDSS,
2237
     SSL_CAMELLIA256,
2238
     SSL_SHA256,
2239
     TLS1_2_VERSION, TLS1_2_VERSION,
2240
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2241
     SSL_NOT_DEFAULT | SSL_HIGH,
2242
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2243
     256,
2244
     256,
2245
     },
2246
    {
2247
     1,
2248
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2249
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2250
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2251
     SSL_kDHE,
2252
     SSL_aRSA,
2253
     SSL_CAMELLIA256,
2254
     SSL_SHA256,
2255
     TLS1_2_VERSION, TLS1_2_VERSION,
2256
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2257
     SSL_NOT_DEFAULT | SSL_HIGH,
2258
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2259
     256,
2260
     256,
2261
     },
2262
    {
2263
     1,
2264
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2265
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2266
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2267
     SSL_kDHE,
2268
     SSL_aNULL,
2269
     SSL_CAMELLIA256,
2270
     SSL_SHA256,
2271
     TLS1_2_VERSION, TLS1_2_VERSION,
2272
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2273
     SSL_NOT_DEFAULT | SSL_HIGH,
2274
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2275
     256,
2276
     256,
2277
     },
2278
    {
2279
     1,
2280
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2281
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2282
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2283
     SSL_kRSA,
2284
     SSL_aRSA,
2285
     SSL_CAMELLIA256,
2286
     SSL_SHA1,
2287
     SSL3_VERSION, TLS1_2_VERSION,
2288
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2289
     SSL_NOT_DEFAULT | SSL_HIGH,
2290
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2291
     256,
2292
     256,
2293
     },
2294
    {
2295
     1,
2296
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2297
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2298
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2299
     SSL_kDHE,
2300
     SSL_aDSS,
2301
     SSL_CAMELLIA256,
2302
     SSL_SHA1,
2303
     SSL3_VERSION, TLS1_2_VERSION,
2304
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2305
     SSL_NOT_DEFAULT | SSL_HIGH,
2306
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2307
     256,
2308
     256,
2309
     },
2310
    {
2311
     1,
2312
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2313
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2314
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2315
     SSL_kDHE,
2316
     SSL_aRSA,
2317
     SSL_CAMELLIA256,
2318
     SSL_SHA1,
2319
     SSL3_VERSION, TLS1_2_VERSION,
2320
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2321
     SSL_NOT_DEFAULT | SSL_HIGH,
2322
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2323
     256,
2324
     256,
2325
     },
2326
    {
2327
     1,
2328
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2329
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2330
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2331
     SSL_kDHE,
2332
     SSL_aNULL,
2333
     SSL_CAMELLIA256,
2334
     SSL_SHA1,
2335
     SSL3_VERSION, TLS1_2_VERSION,
2336
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2337
     SSL_NOT_DEFAULT | SSL_HIGH,
2338
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2339
     256,
2340
     256,
2341
     },
2342
    {
2343
     1,
2344
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2345
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2346
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2347
     SSL_kRSA,
2348
     SSL_aRSA,
2349
     SSL_CAMELLIA128,
2350
     SSL_SHA1,
2351
     SSL3_VERSION, TLS1_2_VERSION,
2352
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2353
     SSL_NOT_DEFAULT | SSL_HIGH,
2354
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2355
     128,
2356
     128,
2357
     },
2358
    {
2359
     1,
2360
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2361
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2362
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2363
     SSL_kDHE,
2364
     SSL_aDSS,
2365
     SSL_CAMELLIA128,
2366
     SSL_SHA1,
2367
     SSL3_VERSION, TLS1_2_VERSION,
2368
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2369
     SSL_NOT_DEFAULT | SSL_HIGH,
2370
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2371
     128,
2372
     128,
2373
     },
2374
    {
2375
     1,
2376
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2377
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2378
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2379
     SSL_kDHE,
2380
     SSL_aRSA,
2381
     SSL_CAMELLIA128,
2382
     SSL_SHA1,
2383
     SSL3_VERSION, TLS1_2_VERSION,
2384
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2385
     SSL_NOT_DEFAULT | SSL_HIGH,
2386
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2387
     128,
2388
     128,
2389
     },
2390
    {
2391
     1,
2392
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2393
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2394
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2395
     SSL_kDHE,
2396
     SSL_aNULL,
2397
     SSL_CAMELLIA128,
2398
     SSL_SHA1,
2399
     SSL3_VERSION, TLS1_2_VERSION,
2400
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2401
     SSL_NOT_DEFAULT | SSL_HIGH,
2402
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2403
     128,
2404
     128,
2405
     },
2406
    {
2407
     1,
2408
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2409
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2410
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2411
     SSL_kECDHE,
2412
     SSL_aECDSA,
2413
     SSL_CAMELLIA128,
2414
     SSL_SHA256,
2415
     TLS1_2_VERSION, TLS1_2_VERSION,
2416
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2417
     SSL_NOT_DEFAULT | SSL_HIGH,
2418
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2419
     128,
2420
     128,
2421
     },
2422
    {
2423
     1,
2424
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2425
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2426
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2427
     SSL_kECDHE,
2428
     SSL_aECDSA,
2429
     SSL_CAMELLIA256,
2430
     SSL_SHA384,
2431
     TLS1_2_VERSION, TLS1_2_VERSION,
2432
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2433
     SSL_NOT_DEFAULT | SSL_HIGH,
2434
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2435
     256,
2436
     256,
2437
     },
2438
    {
2439
     1,
2440
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2441
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2442
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2443
     SSL_kECDHE,
2444
     SSL_aRSA,
2445
     SSL_CAMELLIA128,
2446
     SSL_SHA256,
2447
     TLS1_2_VERSION, TLS1_2_VERSION,
2448
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2449
     SSL_NOT_DEFAULT | SSL_HIGH,
2450
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2451
     128,
2452
     128,
2453
     },
2454
    {
2455
     1,
2456
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2457
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2458
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2459
     SSL_kECDHE,
2460
     SSL_aRSA,
2461
     SSL_CAMELLIA256,
2462
     SSL_SHA384,
2463
     TLS1_2_VERSION, TLS1_2_VERSION,
2464
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2465
     SSL_NOT_DEFAULT | SSL_HIGH,
2466
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2467
     256,
2468
     256,
2469
     },
2470
    {
2471
     1,
2472
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2473
     TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2474
     TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2475
     SSL_kPSK,
2476
     SSL_aPSK,
2477
     SSL_CAMELLIA128,
2478
     SSL_SHA256,
2479
     TLS1_VERSION, TLS1_2_VERSION,
2480
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2481
     SSL_NOT_DEFAULT | SSL_HIGH,
2482
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2483
     128,
2484
     128,
2485
     },
2486
    {
2487
     1,
2488
     TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2489
     TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2490
     TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2491
     SSL_kPSK,
2492
     SSL_aPSK,
2493
     SSL_CAMELLIA256,
2494
     SSL_SHA384,
2495
     TLS1_VERSION, TLS1_2_VERSION,
2496
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2497
     SSL_NOT_DEFAULT | SSL_HIGH,
2498
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2499
     256,
2500
     256,
2501
     },
2502
    {
2503
     1,
2504
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2505
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2506
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2507
     SSL_kDHEPSK,
2508
     SSL_aPSK,
2509
     SSL_CAMELLIA128,
2510
     SSL_SHA256,
2511
     TLS1_VERSION, TLS1_2_VERSION,
2512
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2513
     SSL_NOT_DEFAULT | SSL_HIGH,
2514
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2515
     128,
2516
     128,
2517
     },
2518
    {
2519
     1,
2520
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2521
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2522
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2523
     SSL_kDHEPSK,
2524
     SSL_aPSK,
2525
     SSL_CAMELLIA256,
2526
     SSL_SHA384,
2527
     TLS1_VERSION, TLS1_2_VERSION,
2528
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2529
     SSL_NOT_DEFAULT | SSL_HIGH,
2530
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2531
     256,
2532
     256,
2533
     },
2534
    {
2535
     1,
2536
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2537
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2538
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2539
     SSL_kRSAPSK,
2540
     SSL_aRSA,
2541
     SSL_CAMELLIA128,
2542
     SSL_SHA256,
2543
     TLS1_VERSION, TLS1_2_VERSION,
2544
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2545
     SSL_NOT_DEFAULT | SSL_HIGH,
2546
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2547
     128,
2548
     128,
2549
     },
2550
    {
2551
     1,
2552
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2553
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2554
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2555
     SSL_kRSAPSK,
2556
     SSL_aRSA,
2557
     SSL_CAMELLIA256,
2558
     SSL_SHA384,
2559
     TLS1_VERSION, TLS1_2_VERSION,
2560
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2561
     SSL_NOT_DEFAULT | SSL_HIGH,
2562
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2563
     256,
2564
     256,
2565
     },
2566
    {
2567
     1,
2568
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2569
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2570
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2571
     SSL_kECDHEPSK,
2572
     SSL_aPSK,
2573
     SSL_CAMELLIA128,
2574
     SSL_SHA256,
2575
     TLS1_VERSION, TLS1_2_VERSION,
2576
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2577
     SSL_NOT_DEFAULT | SSL_HIGH,
2578
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2579
     128,
2580
     128,
2581
     },
2582
    {
2583
     1,
2584
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2585
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2586
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2587
     SSL_kECDHEPSK,
2588
     SSL_aPSK,
2589
     SSL_CAMELLIA256,
2590
     SSL_SHA384,
2591
     TLS1_VERSION, TLS1_2_VERSION,
2592
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2593
     SSL_NOT_DEFAULT | SSL_HIGH,
2594
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2595
     256,
2596
     256,
2597
     },
2598
2599
#ifndef OPENSSL_NO_GOST
2600
    {
2601
     1,
2602
     "GOST2001-GOST89-GOST89",
2603
     "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2604
     0x3000081,
2605
     SSL_kGOST,
2606
     SSL_aGOST01,
2607
     SSL_eGOST2814789CNT,
2608
     SSL_GOST89MAC,
2609
     TLS1_VERSION, TLS1_2_VERSION,
2610
     0, 0,
2611
     SSL_HIGH,
2612
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2613
     256,
2614
     256,
2615
     },
2616
    {
2617
     1,
2618
     "GOST2001-NULL-GOST94",
2619
     "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2620
     0x3000083,
2621
     SSL_kGOST,
2622
     SSL_aGOST01,
2623
     SSL_eNULL,
2624
     SSL_GOST94,
2625
     TLS1_VERSION, TLS1_2_VERSION,
2626
     0, 0,
2627
     SSL_STRONG_NONE,
2628
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2629
     0,
2630
     0,
2631
     },
2632
    {
2633
     1,
2634
     "IANA-GOST2012-GOST8912-GOST8912",
2635
     NULL,
2636
     0x0300c102,
2637
     SSL_kGOST,
2638
     SSL_aGOST12 | SSL_aGOST01,
2639
     SSL_eGOST2814789CNT12,
2640
     SSL_GOST89MAC12,
2641
     TLS1_VERSION, TLS1_2_VERSION,
2642
     0, 0,
2643
     SSL_HIGH,
2644
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2645
     256,
2646
     256,
2647
     },
2648
    {
2649
     1,
2650
     "LEGACY-GOST2012-GOST8912-GOST8912",
2651
     NULL,
2652
     0x0300ff85,
2653
     SSL_kGOST,
2654
     SSL_aGOST12 | SSL_aGOST01,
2655
     SSL_eGOST2814789CNT12,
2656
     SSL_GOST89MAC12,
2657
     TLS1_VERSION, TLS1_2_VERSION,
2658
     0, 0,
2659
     SSL_HIGH,
2660
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2661
     256,
2662
     256,
2663
     },
2664
    {
2665
     1,
2666
     "GOST2012-NULL-GOST12",
2667
     NULL,
2668
     0x0300ff87,
2669
     SSL_kGOST,
2670
     SSL_aGOST12 | SSL_aGOST01,
2671
     SSL_eNULL,
2672
     SSL_GOST12_256,
2673
     TLS1_VERSION, TLS1_2_VERSION,
2674
     0, 0,
2675
     SSL_STRONG_NONE,
2676
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2677
     0,
2678
     0,
2679
     },
2680
    {
2681
     1,
2682
     "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC",
2683
     NULL,
2684
     0x0300C100,
2685
     SSL_kGOST18,
2686
     SSL_aGOST12,
2687
     SSL_KUZNYECHIK,
2688
     SSL_KUZNYECHIKOMAC,
2689
     TLS1_2_VERSION, TLS1_2_VERSION,
2690
     0, 0,
2691
     SSL_HIGH,
2692
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2693
     256,
2694
     256,
2695
     },
2696
    {
2697
     1,
2698
     "GOST2012-MAGMA-MAGMAOMAC",
2699
     NULL,
2700
     0x0300C101,
2701
     SSL_kGOST18,
2702
     SSL_aGOST12,
2703
     SSL_MAGMA,
2704
     SSL_MAGMAOMAC,
2705
     TLS1_2_VERSION, TLS1_2_VERSION,
2706
     0, 0,
2707
     SSL_HIGH,
2708
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_TLSTREE,
2709
     256,
2710
     256,
2711
     },
2712
#endif                          /* OPENSSL_NO_GOST */
2713
2714
    {
2715
     1,
2716
     SSL3_TXT_RSA_IDEA_128_SHA,
2717
     SSL3_RFC_RSA_IDEA_128_SHA,
2718
     SSL3_CK_RSA_IDEA_128_SHA,
2719
     SSL_kRSA,
2720
     SSL_aRSA,
2721
     SSL_IDEA,
2722
     SSL_SHA1,
2723
     SSL3_VERSION, TLS1_1_VERSION,
2724
     DTLS1_BAD_VER, DTLS1_VERSION,
2725
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2726
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2727
     128,
2728
     128,
2729
     },
2730
2731
    {
2732
     1,
2733
     TLS1_TXT_RSA_WITH_SEED_SHA,
2734
     TLS1_RFC_RSA_WITH_SEED_SHA,
2735
     TLS1_CK_RSA_WITH_SEED_SHA,
2736
     SSL_kRSA,
2737
     SSL_aRSA,
2738
     SSL_SEED,
2739
     SSL_SHA1,
2740
     SSL3_VERSION, TLS1_2_VERSION,
2741
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2742
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2743
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2744
     128,
2745
     128,
2746
     },
2747
    {
2748
     1,
2749
     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2750
     TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2751
     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2752
     SSL_kDHE,
2753
     SSL_aDSS,
2754
     SSL_SEED,
2755
     SSL_SHA1,
2756
     SSL3_VERSION, TLS1_2_VERSION,
2757
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2758
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2759
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2760
     128,
2761
     128,
2762
     },
2763
    {
2764
     1,
2765
     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2766
     TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2767
     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2768
     SSL_kDHE,
2769
     SSL_aRSA,
2770
     SSL_SEED,
2771
     SSL_SHA1,
2772
     SSL3_VERSION, TLS1_2_VERSION,
2773
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2774
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2775
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2776
     128,
2777
     128,
2778
     },
2779
    {
2780
     1,
2781
     TLS1_TXT_ADH_WITH_SEED_SHA,
2782
     TLS1_RFC_ADH_WITH_SEED_SHA,
2783
     TLS1_CK_ADH_WITH_SEED_SHA,
2784
     SSL_kDHE,
2785
     SSL_aNULL,
2786
     SSL_SEED,
2787
     SSL_SHA1,
2788
     SSL3_VERSION, TLS1_2_VERSION,
2789
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2790
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2791
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2792
     128,
2793
     128,
2794
     },
2795
2796
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2797
    {
2798
     1,
2799
     SSL3_TXT_RSA_RC4_128_MD5,
2800
     SSL3_RFC_RSA_RC4_128_MD5,
2801
     SSL3_CK_RSA_RC4_128_MD5,
2802
     SSL_kRSA,
2803
     SSL_aRSA,
2804
     SSL_RC4,
2805
     SSL_MD5,
2806
     SSL3_VERSION, TLS1_2_VERSION,
2807
     0, 0,
2808
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2809
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2810
     80,
2811
     128,
2812
     },
2813
    {
2814
     1,
2815
     SSL3_TXT_RSA_RC4_128_SHA,
2816
     SSL3_RFC_RSA_RC4_128_SHA,
2817
     SSL3_CK_RSA_RC4_128_SHA,
2818
     SSL_kRSA,
2819
     SSL_aRSA,
2820
     SSL_RC4,
2821
     SSL_SHA1,
2822
     SSL3_VERSION, TLS1_2_VERSION,
2823
     0, 0,
2824
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2825
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2826
     80,
2827
     128,
2828
     },
2829
    {
2830
     1,
2831
     SSL3_TXT_ADH_RC4_128_MD5,
2832
     SSL3_RFC_ADH_RC4_128_MD5,
2833
     SSL3_CK_ADH_RC4_128_MD5,
2834
     SSL_kDHE,
2835
     SSL_aNULL,
2836
     SSL_RC4,
2837
     SSL_MD5,
2838
     SSL3_VERSION, TLS1_2_VERSION,
2839
     0, 0,
2840
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2841
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2842
     80,
2843
     128,
2844
     },
2845
    {
2846
     1,
2847
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2848
     TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2849
     TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2850
     SSL_kECDHEPSK,
2851
     SSL_aPSK,
2852
     SSL_RC4,
2853
     SSL_SHA1,
2854
     TLS1_VERSION, TLS1_2_VERSION,
2855
     0, 0,
2856
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2857
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2858
     80,
2859
     128,
2860
     },
2861
    {
2862
     1,
2863
     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2864
     TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2865
     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2866
     SSL_kECDHE,
2867
     SSL_aNULL,
2868
     SSL_RC4,
2869
     SSL_SHA1,
2870
     TLS1_VERSION, TLS1_2_VERSION,
2871
     0, 0,
2872
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2873
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2874
     80,
2875
     128,
2876
     },
2877
    {
2878
     1,
2879
     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2880
     TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2881
     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2882
     SSL_kECDHE,
2883
     SSL_aECDSA,
2884
     SSL_RC4,
2885
     SSL_SHA1,
2886
     TLS1_VERSION, TLS1_2_VERSION,
2887
     0, 0,
2888
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2889
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2890
     80,
2891
     128,
2892
     },
2893
    {
2894
     1,
2895
     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2896
     TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2897
     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2898
     SSL_kECDHE,
2899
     SSL_aRSA,
2900
     SSL_RC4,
2901
     SSL_SHA1,
2902
     TLS1_VERSION, TLS1_2_VERSION,
2903
     0, 0,
2904
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2905
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2906
     80,
2907
     128,
2908
     },
2909
    {
2910
     1,
2911
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
2912
     TLS1_RFC_PSK_WITH_RC4_128_SHA,
2913
     TLS1_CK_PSK_WITH_RC4_128_SHA,
2914
     SSL_kPSK,
2915
     SSL_aPSK,
2916
     SSL_RC4,
2917
     SSL_SHA1,
2918
     SSL3_VERSION, TLS1_2_VERSION,
2919
     0, 0,
2920
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2921
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2922
     80,
2923
     128,
2924
     },
2925
    {
2926
     1,
2927
     TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2928
     TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2929
     TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2930
     SSL_kRSAPSK,
2931
     SSL_aRSA,
2932
     SSL_RC4,
2933
     SSL_SHA1,
2934
     SSL3_VERSION, TLS1_2_VERSION,
2935
     0, 0,
2936
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2937
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2938
     80,
2939
     128,
2940
     },
2941
    {
2942
     1,
2943
     TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2944
     TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2945
     TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2946
     SSL_kDHEPSK,
2947
     SSL_aPSK,
2948
     SSL_RC4,
2949
     SSL_SHA1,
2950
     SSL3_VERSION, TLS1_2_VERSION,
2951
     0, 0,
2952
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2953
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2954
     80,
2955
     128,
2956
     },
2957
#endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2958
2959
    {
2960
     1,
2961
     TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2962
     TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2963
     TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2964
     SSL_kRSA,
2965
     SSL_aRSA,
2966
     SSL_ARIA128GCM,
2967
     SSL_AEAD,
2968
     TLS1_2_VERSION, TLS1_2_VERSION,
2969
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2970
     SSL_NOT_DEFAULT | SSL_HIGH,
2971
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2972
     128,
2973
     128,
2974
     },
2975
    {
2976
     1,
2977
     TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2978
     TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2979
     TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2980
     SSL_kRSA,
2981
     SSL_aRSA,
2982
     SSL_ARIA256GCM,
2983
     SSL_AEAD,
2984
     TLS1_2_VERSION, TLS1_2_VERSION,
2985
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2986
     SSL_NOT_DEFAULT | SSL_HIGH,
2987
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2988
     256,
2989
     256,
2990
     },
2991
    {
2992
     1,
2993
     TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2994
     TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2995
     TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2996
     SSL_kDHE,
2997
     SSL_aRSA,
2998
     SSL_ARIA128GCM,
2999
     SSL_AEAD,
3000
     TLS1_2_VERSION, TLS1_2_VERSION,
3001
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3002
     SSL_NOT_DEFAULT | SSL_HIGH,
3003
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3004
     128,
3005
     128,
3006
     },
3007
    {
3008
     1,
3009
     TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3010
     TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3011
     TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
3012
     SSL_kDHE,
3013
     SSL_aRSA,
3014
     SSL_ARIA256GCM,
3015
     SSL_AEAD,
3016
     TLS1_2_VERSION, TLS1_2_VERSION,
3017
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3018
     SSL_NOT_DEFAULT | SSL_HIGH,
3019
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3020
     256,
3021
     256,
3022
     },
3023
    {
3024
     1,
3025
     TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3026
     TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3027
     TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
3028
     SSL_kDHE,
3029
     SSL_aDSS,
3030
     SSL_ARIA128GCM,
3031
     SSL_AEAD,
3032
     TLS1_2_VERSION, TLS1_2_VERSION,
3033
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3034
     SSL_NOT_DEFAULT | SSL_HIGH,
3035
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3036
     128,
3037
     128,
3038
     },
3039
    {
3040
     1,
3041
     TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3042
     TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3043
     TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3044
     SSL_kDHE,
3045
     SSL_aDSS,
3046
     SSL_ARIA256GCM,
3047
     SSL_AEAD,
3048
     TLS1_2_VERSION, TLS1_2_VERSION,
3049
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3050
     SSL_NOT_DEFAULT | SSL_HIGH,
3051
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3052
     256,
3053
     256,
3054
     },
3055
    {
3056
     1,
3057
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3058
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3059
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3060
     SSL_kECDHE,
3061
     SSL_aECDSA,
3062
     SSL_ARIA128GCM,
3063
     SSL_AEAD,
3064
     TLS1_2_VERSION, TLS1_2_VERSION,
3065
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3066
     SSL_NOT_DEFAULT | SSL_HIGH,
3067
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3068
     128,
3069
     128,
3070
     },
3071
    {
3072
     1,
3073
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3074
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3075
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3076
     SSL_kECDHE,
3077
     SSL_aECDSA,
3078
     SSL_ARIA256GCM,
3079
     SSL_AEAD,
3080
     TLS1_2_VERSION, TLS1_2_VERSION,
3081
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3082
     SSL_NOT_DEFAULT | SSL_HIGH,
3083
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3084
     256,
3085
     256,
3086
     },
3087
    {
3088
     1,
3089
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3090
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3091
     TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3092
     SSL_kECDHE,
3093
     SSL_aRSA,
3094
     SSL_ARIA128GCM,
3095
     SSL_AEAD,
3096
     TLS1_2_VERSION, TLS1_2_VERSION,
3097
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3098
     SSL_NOT_DEFAULT | SSL_HIGH,
3099
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3100
     128,
3101
     128,
3102
     },
3103
    {
3104
     1,
3105
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3106
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3107
     TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3108
     SSL_kECDHE,
3109
     SSL_aRSA,
3110
     SSL_ARIA256GCM,
3111
     SSL_AEAD,
3112
     TLS1_2_VERSION, TLS1_2_VERSION,
3113
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3114
     SSL_NOT_DEFAULT | SSL_HIGH,
3115
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3116
     256,
3117
     256,
3118
     },
3119
    {
3120
     1,
3121
     TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3122
     TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3123
     TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3124
     SSL_kPSK,
3125
     SSL_aPSK,
3126
     SSL_ARIA128GCM,
3127
     SSL_AEAD,
3128
     TLS1_2_VERSION, TLS1_2_VERSION,
3129
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3130
     SSL_NOT_DEFAULT | SSL_HIGH,
3131
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3132
     128,
3133
     128,
3134
     },
3135
    {
3136
     1,
3137
     TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3138
     TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3139
     TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3140
     SSL_kPSK,
3141
     SSL_aPSK,
3142
     SSL_ARIA256GCM,
3143
     SSL_AEAD,
3144
     TLS1_2_VERSION, TLS1_2_VERSION,
3145
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3146
     SSL_NOT_DEFAULT | SSL_HIGH,
3147
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3148
     256,
3149
     256,
3150
     },
3151
    {
3152
     1,
3153
     TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3154
     TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3155
     TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3156
     SSL_kDHEPSK,
3157
     SSL_aPSK,
3158
     SSL_ARIA128GCM,
3159
     SSL_AEAD,
3160
     TLS1_2_VERSION, TLS1_2_VERSION,
3161
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3162
     SSL_NOT_DEFAULT | SSL_HIGH,
3163
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3164
     128,
3165
     128,
3166
     },
3167
    {
3168
     1,
3169
     TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3170
     TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3171
     TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3172
     SSL_kDHEPSK,
3173
     SSL_aPSK,
3174
     SSL_ARIA256GCM,
3175
     SSL_AEAD,
3176
     TLS1_2_VERSION, TLS1_2_VERSION,
3177
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3178
     SSL_NOT_DEFAULT | SSL_HIGH,
3179
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3180
     256,
3181
     256,
3182
     },
3183
    {
3184
     1,
3185
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3186
     TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3187
     TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3188
     SSL_kRSAPSK,
3189
     SSL_aRSA,
3190
     SSL_ARIA128GCM,
3191
     SSL_AEAD,
3192
     TLS1_2_VERSION, TLS1_2_VERSION,
3193
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3194
     SSL_NOT_DEFAULT | SSL_HIGH,
3195
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3196
     128,
3197
     128,
3198
     },
3199
    {
3200
     1,
3201
     TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3202
     TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3203
     TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3204
     SSL_kRSAPSK,
3205
     SSL_aRSA,
3206
     SSL_ARIA256GCM,
3207
     SSL_AEAD,
3208
     TLS1_2_VERSION, TLS1_2_VERSION,
3209
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3210
     SSL_NOT_DEFAULT | SSL_HIGH,
3211
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3212
     256,
3213
     256,
3214
     },
3215
};
3216
3217
/*
3218
 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3219
 * values stuffed into the ciphers field of the wire protocol for signalling
3220
 * purposes.
3221
 */
3222
static SSL_CIPHER ssl3_scsvs[] = {
3223
    {
3224
     0,
3225
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3226
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3227
     SSL3_CK_SCSV,
3228
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3229
    },
3230
    {
3231
     0,
3232
     "TLS_FALLBACK_SCSV",
3233
     "TLS_FALLBACK_SCSV",
3234
     SSL3_CK_FALLBACK_SCSV,
3235
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3236
    },
3237
};
3238
3239
static int cipher_compare(const void *a, const void *b)
3240
38.8k
{
3241
38.8k
    const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3242
38.8k
    const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3243
3244
38.8k
    if (ap->id == bp->id)
3245
0
        return 0;
3246
38.8k
    return ap->id < bp->id ? -1 : 1;
3247
38.8k
}
3248
3249
void ssl_sort_cipher_list(void)
3250
40
{
3251
40
    qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3252
40
          cipher_compare);
3253
40
    qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
3254
40
          cipher_compare);
3255
40
    qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
3256
40
}
3257
3258
static int sslcon_undefined_function_1(SSL_CONNECTION *sc, unsigned char *r,
3259
                                       size_t s, const char *t, size_t u,
3260
                                       const unsigned char *v, size_t w, int x)
3261
0
{
3262
0
    (void)r;
3263
0
    (void)s;
3264
0
    (void)t;
3265
0
    (void)u;
3266
0
    (void)v;
3267
0
    (void)w;
3268
0
    (void)x;
3269
0
    return ssl_undefined_function(SSL_CONNECTION_GET_SSL(sc));
3270
0
}
3271
3272
const SSL3_ENC_METHOD SSLv3_enc_data = {
3273
    ssl3_setup_key_block,
3274
    ssl3_generate_master_secret,
3275
    ssl3_change_cipher_state,
3276
    ssl3_final_finish_mac,
3277
    SSL3_MD_CLIENT_FINISHED_CONST, 4,
3278
    SSL3_MD_SERVER_FINISHED_CONST, 4,
3279
    ssl3_alert_code,
3280
    sslcon_undefined_function_1,
3281
    0,
3282
    ssl3_set_handshake_header,
3283
    tls_close_construct_packet,
3284
    ssl3_handshake_write
3285
};
3286
3287
OSSL_TIME ssl3_default_timeout(void)
3288
0
{
3289
    /*
3290
     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3291
     * http, the cache would over fill
3292
     */
3293
0
    return ossl_seconds2time(60 * 60 * 2);
3294
0
}
3295
3296
int ssl3_num_ciphers(void)
3297
147k
{
3298
147k
    return SSL3_NUM_CIPHERS;
3299
147k
}
3300
3301
const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3302
21.8M
{
3303
21.8M
    if (u < SSL3_NUM_CIPHERS)
3304
21.8M
        return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3305
0
    else
3306
0
        return NULL;
3307
21.8M
}
3308
3309
int ssl3_set_handshake_header(SSL_CONNECTION *s, WPACKET *pkt, int htype)
3310
122k
{
3311
    /* No header in the event of a CCS */
3312
122k
    if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3313
9.66k
        return 1;
3314
3315
    /* Set the content type and 3 bytes for the message len */
3316
112k
    if (!WPACKET_put_bytes_u8(pkt, htype)
3317
112k
            || !WPACKET_start_sub_packet_u24(pkt))
3318
0
        return 0;
3319
3320
112k
    return 1;
3321
112k
}
3322
3323
int ssl3_handshake_write(SSL_CONNECTION *s)
3324
111k
{
3325
111k
    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3326
111k
}
3327
3328
int ssl3_new(SSL *s)
3329
23.8k
{
3330
23.8k
#ifndef OPENSSL_NO_SRP
3331
23.8k
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3332
3333
23.8k
    if (sc == NULL)
3334
0
        return 0;
3335
3336
23.8k
    if (!ssl_srp_ctx_init_intern(sc))
3337
0
        return 0;
3338
23.8k
#endif
3339
3340
23.8k
    if (!s->method->ssl_clear(s))
3341
0
        return 0;
3342
3343
23.8k
    return 1;
3344
23.8k
}
3345
3346
void ssl3_free(SSL *s)
3347
23.8k
{
3348
23.8k
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3349
3350
23.8k
    if (sc == NULL)
3351
0
        return;
3352
3353
23.8k
    ssl3_cleanup_key_block(sc);
3354
3355
23.8k
    EVP_PKEY_free(sc->s3.peer_tmp);
3356
23.8k
    sc->s3.peer_tmp = NULL;
3357
23.8k
    EVP_PKEY_free(sc->s3.tmp.pkey);
3358
23.8k
    sc->s3.tmp.pkey = NULL;
3359
3360
23.8k
    ssl_evp_cipher_free(sc->s3.tmp.new_sym_enc);
3361
23.8k
    ssl_evp_md_free(sc->s3.tmp.new_hash);
3362
3363
23.8k
    OPENSSL_free(sc->s3.tmp.ctype);
3364
23.8k
    sk_X509_NAME_pop_free(sc->s3.tmp.peer_ca_names, X509_NAME_free);
3365
23.8k
    OPENSSL_free(sc->s3.tmp.ciphers_raw);
3366
23.8k
    OPENSSL_clear_free(sc->s3.tmp.pms, sc->s3.tmp.pmslen);
3367
23.8k
    OPENSSL_free(sc->s3.tmp.peer_sigalgs);
3368
23.8k
    OPENSSL_free(sc->s3.tmp.peer_cert_sigalgs);
3369
23.8k
    OPENSSL_free(sc->s3.tmp.valid_flags);
3370
23.8k
    ssl3_free_digest_list(sc);
3371
23.8k
    OPENSSL_free(sc->s3.alpn_selected);
3372
23.8k
    OPENSSL_free(sc->s3.alpn_proposed);
3373
3374
23.8k
#ifndef OPENSSL_NO_PSK
3375
23.8k
    OPENSSL_free(sc->s3.tmp.psk);
3376
23.8k
#endif
3377
3378
23.8k
#ifndef OPENSSL_NO_SRP
3379
23.8k
    ssl_srp_ctx_free_intern(sc);
3380
23.8k
#endif
3381
23.8k
    memset(&sc->s3, 0, sizeof(sc->s3));
3382
23.8k
}
3383
3384
int ssl3_clear(SSL *s)
3385
95.2k
{
3386
95.2k
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3387
95.2k
    int flags;
3388
3389
95.2k
    if (sc == NULL)
3390
0
        return 0;
3391
3392
95.2k
    ssl3_cleanup_key_block(sc);
3393
95.2k
    OPENSSL_free(sc->s3.tmp.ctype);
3394
95.2k
    sk_X509_NAME_pop_free(sc->s3.tmp.peer_ca_names, X509_NAME_free);
3395
95.2k
    OPENSSL_free(sc->s3.tmp.ciphers_raw);
3396
95.2k
    OPENSSL_clear_free(sc->s3.tmp.pms, sc->s3.tmp.pmslen);
3397
95.2k
    OPENSSL_free(sc->s3.tmp.peer_sigalgs);
3398
95.2k
    OPENSSL_free(sc->s3.tmp.peer_cert_sigalgs);
3399
95.2k
    OPENSSL_free(sc->s3.tmp.valid_flags);
3400
3401
95.2k
    EVP_PKEY_free(sc->s3.tmp.pkey);
3402
95.2k
    EVP_PKEY_free(sc->s3.peer_tmp);
3403
3404
95.2k
    ssl3_free_digest_list(sc);
3405
3406
95.2k
    OPENSSL_free(sc->s3.alpn_selected);
3407
95.2k
    OPENSSL_free(sc->s3.alpn_proposed);
3408
3409
    /*
3410
     * NULL/zero-out everything in the s3 struct, but remember if we are doing
3411
     * QUIC.
3412
     */
3413
95.2k
    flags = sc->s3.flags & TLS1_FLAGS_QUIC;
3414
95.2k
    memset(&sc->s3, 0, sizeof(sc->s3));
3415
95.2k
    sc->s3.flags |= flags;
3416
3417
95.2k
    if (!ssl_free_wbio_buffer(sc))
3418
0
        return 0;
3419
3420
95.2k
    sc->version = SSL3_VERSION;
3421
3422
95.2k
#if !defined(OPENSSL_NO_NEXTPROTONEG)
3423
95.2k
    OPENSSL_free(sc->ext.npn);
3424
95.2k
    sc->ext.npn = NULL;
3425
95.2k
    sc->ext.npn_len = 0;
3426
95.2k
#endif
3427
3428
95.2k
    return 1;
3429
95.2k
}
3430
3431
#ifndef OPENSSL_NO_SRP
3432
static char *srp_password_from_info_cb(SSL *s, void *arg)
3433
0
{
3434
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3435
3436
0
    if (sc == NULL)
3437
0
        return NULL;
3438
3439
0
    return OPENSSL_strdup(sc->srp_ctx.info);
3440
0
}
3441
#endif
3442
3443
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3444
3445
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3446
18.4k
{
3447
18.4k
    int ret = 0;
3448
18.4k
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3449
3450
18.4k
    if (sc == NULL)
3451
0
        return ret;
3452
3453
18.4k
    switch (cmd) {
3454
0
    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3455
0
        break;
3456
0
    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3457
0
        ret = sc->s3.num_renegotiations;
3458
0
        break;
3459
0
    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3460
0
        ret = sc->s3.num_renegotiations;
3461
0
        sc->s3.num_renegotiations = 0;
3462
0
        break;
3463
0
    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3464
0
        ret = sc->s3.total_renegotiations;
3465
0
        break;
3466
0
    case SSL_CTRL_GET_FLAGS:
3467
0
        ret = (int)(sc->s3.flags);
3468
0
        break;
3469
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3470
0
    case SSL_CTRL_SET_TMP_DH:
3471
0
        {
3472
0
            EVP_PKEY *pkdh = NULL;
3473
0
            if (parg == NULL) {
3474
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3475
0
                return 0;
3476
0
            }
3477
0
            pkdh = ssl_dh_to_pkey(parg);
3478
0
            if (pkdh == NULL) {
3479
0
                ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
3480
0
                return 0;
3481
0
            }
3482
0
            if (!SSL_set0_tmp_dh_pkey(s, pkdh)) {
3483
0
                EVP_PKEY_free(pkdh);
3484
0
                return 0;
3485
0
            }
3486
0
            return 1;
3487
0
        }
3488
0
        break;
3489
0
    case SSL_CTRL_SET_TMP_DH_CB:
3490
0
        {
3491
0
            ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3492
0
            return ret;
3493
0
        }
3494
0
#endif
3495
0
    case SSL_CTRL_SET_DH_AUTO:
3496
0
        sc->cert->dh_tmp_auto = larg;
3497
0
        return 1;
3498
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3499
0
    case SSL_CTRL_SET_TMP_ECDH:
3500
0
        {
3501
0
            if (parg == NULL) {
3502
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3503
0
                return 0;
3504
0
            }
3505
0
            return ssl_set_tmp_ecdh_groups(&sc->ext.supportedgroups,
3506
0
                                           &sc->ext.supportedgroups_len,
3507
0
                                           parg);
3508
0
        }
3509
0
#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
3510
18.4k
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3511
        /*
3512
         * This API is only used for a client to set what SNI it will request
3513
         * from the server, but we currently allow it to be used on servers
3514
         * as well, which is a programming error.  Currently we just clear
3515
         * the field in SSL_do_handshake() for server SSLs, but when we can
3516
         * make ABI-breaking changes, we may want to make use of this API
3517
         * an error on server SSLs.
3518
         */
3519
18.4k
        if (larg == TLSEXT_NAMETYPE_host_name) {
3520
18.4k
            size_t len;
3521
3522
18.4k
            OPENSSL_free(sc->ext.hostname);
3523
18.4k
            sc->ext.hostname = NULL;
3524
3525
18.4k
            ret = 1;
3526
18.4k
            if (parg == NULL)
3527
0
                break;
3528
18.4k
            len = strlen((char *)parg);
3529
18.4k
            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3530
0
                ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3531
0
                return 0;
3532
0
            }
3533
18.4k
            if ((sc->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3534
0
                ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3535
0
                return 0;
3536
0
            }
3537
18.4k
        } else {
3538
0
            ERR_raise(ERR_LIB_SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3539
0
            return 0;
3540
0
        }
3541
18.4k
        break;
3542
18.4k
    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3543
0
        sc->ext.debug_arg = parg;
3544
0
        ret = 1;
3545
0
        break;
3546
3547
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3548
0
        ret = sc->ext.status_type;
3549
0
        break;
3550
3551
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3552
0
        sc->ext.status_type = larg;
3553
0
        ret = 1;
3554
0
        break;
3555
3556
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3557
0
        *(STACK_OF(X509_EXTENSION) **)parg = sc->ext.ocsp.exts;
3558
0
        ret = 1;
3559
0
        break;
3560
3561
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3562
0
        sc->ext.ocsp.exts = parg;
3563
0
        ret = 1;
3564
0
        break;
3565
3566
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3567
0
        *(STACK_OF(OCSP_RESPID) **)parg = sc->ext.ocsp.ids;
3568
0
        ret = 1;
3569
0
        break;
3570
3571
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3572
0
        sc->ext.ocsp.ids = parg;
3573
0
        ret = 1;
3574
0
        break;
3575
3576
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3577
0
        *(unsigned char **)parg = sc->ext.ocsp.resp;
3578
0
        if (sc->ext.ocsp.resp_len == 0
3579
0
                || sc->ext.ocsp.resp_len > LONG_MAX)
3580
0
            return -1;
3581
0
        return (long)sc->ext.ocsp.resp_len;
3582
3583
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3584
0
        OPENSSL_free(sc->ext.ocsp.resp);
3585
0
        sc->ext.ocsp.resp = parg;
3586
0
        sc->ext.ocsp.resp_len = larg;
3587
0
        ret = 1;
3588
0
        break;
3589
3590
0
    case SSL_CTRL_CHAIN:
3591
0
        if (larg)
3592
0
            return ssl_cert_set1_chain(sc, NULL, (STACK_OF(X509) *)parg);
3593
0
        else
3594
0
            return ssl_cert_set0_chain(sc, NULL, (STACK_OF(X509) *)parg);
3595
3596
0
    case SSL_CTRL_CHAIN_CERT:
3597
0
        if (larg)
3598
0
            return ssl_cert_add1_chain_cert(sc, NULL, (X509 *)parg);
3599
0
        else
3600
0
            return ssl_cert_add0_chain_cert(sc, NULL, (X509 *)parg);
3601
3602
0
    case SSL_CTRL_GET_CHAIN_CERTS:
3603
0
        *(STACK_OF(X509) **)parg = sc->cert->key->chain;
3604
0
        ret = 1;
3605
0
        break;
3606
3607
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
3608
0
        return ssl_cert_select_current(sc->cert, (X509 *)parg);
3609
3610
0
    case SSL_CTRL_SET_CURRENT_CERT:
3611
0
        if (larg == SSL_CERT_SET_SERVER) {
3612
0
            const SSL_CIPHER *cipher;
3613
0
            if (!sc->server)
3614
0
                return 0;
3615
0
            cipher = sc->s3.tmp.new_cipher;
3616
0
            if (cipher == NULL)
3617
0
                return 0;
3618
            /*
3619
             * No certificate for unauthenticated ciphersuites or using SRP
3620
             * authentication
3621
             */
3622
0
            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3623
0
                return 2;
3624
0
            if (sc->s3.tmp.cert == NULL)
3625
0
                return 0;
3626
0
            sc->cert->key = sc->s3.tmp.cert;
3627
0
            return 1;
3628
0
        }
3629
0
        return ssl_cert_set_current(sc->cert, larg);
3630
3631
0
    case SSL_CTRL_GET_GROUPS:
3632
0
        {
3633
0
            uint16_t *clist;
3634
0
            size_t clistlen;
3635
3636
0
            if (!sc->session)
3637
0
                return 0;
3638
0
            clist = sc->ext.peer_supportedgroups;
3639
0
            clistlen = sc->ext.peer_supportedgroups_len;
3640
0
            if (parg) {
3641
0
                size_t i;
3642
0
                int *cptr = parg;
3643
3644
0
                for (i = 0; i < clistlen; i++) {
3645
0
                    const TLS_GROUP_INFO *cinf
3646
0
                        = tls1_group_id_lookup(s->ctx, clist[i]);
3647
3648
0
                    if (cinf != NULL)
3649
0
                        cptr[i] = tls1_group_id2nid(cinf->group_id, 1);
3650
0
                    else
3651
0
                        cptr[i] = TLSEXT_nid_unknown | clist[i];
3652
0
                }
3653
0
            }
3654
0
            return (int)clistlen;
3655
0
        }
3656
3657
0
    case SSL_CTRL_SET_GROUPS:
3658
0
        return tls1_set_groups(&sc->ext.supportedgroups,
3659
0
                               &sc->ext.supportedgroups_len, parg, larg);
3660
3661
0
    case SSL_CTRL_SET_GROUPS_LIST:
3662
0
        return tls1_set_groups_list(s->ctx, &sc->ext.supportedgroups,
3663
0
                                    &sc->ext.supportedgroups_len, parg);
3664
3665
0
    case SSL_CTRL_GET_SHARED_GROUP:
3666
0
        {
3667
0
            uint16_t id = tls1_shared_group(sc, larg);
3668
3669
0
            if (larg != -1)
3670
0
                return tls1_group_id2nid(id, 1);
3671
0
            return id;
3672
0
        }
3673
0
    case SSL_CTRL_GET_NEGOTIATED_GROUP:
3674
0
        {
3675
0
            unsigned int id;
3676
3677
0
            if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
3678
0
                id = sc->s3.group_id;
3679
0
            else
3680
0
                id = sc->session->kex_group;
3681
0
            ret = tls1_group_id2nid(id, 1);
3682
0
            break;
3683
0
        }
3684
0
    case SSL_CTRL_SET_SIGALGS:
3685
0
        return tls1_set_sigalgs(sc->cert, parg, larg, 0);
3686
3687
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3688
0
        return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 0);
3689
3690
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3691
0
        return tls1_set_sigalgs(sc->cert, parg, larg, 1);
3692
3693
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3694
0
        return tls1_set_sigalgs_list(s->ctx, sc->cert, parg, 1);
3695
3696
0
    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3697
0
        {
3698
0
            const unsigned char **pctype = parg;
3699
0
            if (sc->server || !sc->s3.tmp.cert_req)
3700
0
                return 0;
3701
0
            if (pctype)
3702
0
                *pctype = sc->s3.tmp.ctype;
3703
0
            return sc->s3.tmp.ctype_len;
3704
0
        }
3705
3706
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3707
0
        if (!sc->server)
3708
0
            return 0;
3709
0
        return ssl3_set_req_cert_type(sc->cert, parg, larg);
3710
3711
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3712
0
        return ssl_build_cert_chain(sc, NULL, larg);
3713
3714
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3715
0
        return ssl_cert_set_cert_store(sc->cert, parg, 0, larg);
3716
3717
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3718
0
        return ssl_cert_set_cert_store(sc->cert, parg, 1, larg);
3719
3720
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
3721
0
        return ssl_cert_get_cert_store(sc->cert, parg, 0);
3722
3723
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
3724
0
        return ssl_cert_get_cert_store(sc->cert, parg, 1);
3725
3726
0
    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3727
0
        if (sc->s3.tmp.peer_sigalg == NULL)
3728
0
            return 0;
3729
0
        *(int *)parg = sc->s3.tmp.peer_sigalg->hash;
3730
0
        return 1;
3731
3732
0
    case SSL_CTRL_GET_SIGNATURE_NID:
3733
0
        if (sc->s3.tmp.sigalg == NULL)
3734
0
            return 0;
3735
0
        *(int *)parg = sc->s3.tmp.sigalg->hash;
3736
0
        return 1;
3737
3738
0
    case SSL_CTRL_GET_PEER_TMP_KEY:
3739
0
        if (sc->session == NULL || sc->s3.peer_tmp == NULL) {
3740
0
            return 0;
3741
0
        } else {
3742
0
            EVP_PKEY_up_ref(sc->s3.peer_tmp);
3743
0
            *(EVP_PKEY **)parg = sc->s3.peer_tmp;
3744
0
            return 1;
3745
0
        }
3746
3747
0
    case SSL_CTRL_GET_TMP_KEY:
3748
0
        if (sc->session == NULL || sc->s3.tmp.pkey == NULL) {
3749
0
            return 0;
3750
0
        } else {
3751
0
            EVP_PKEY_up_ref(sc->s3.tmp.pkey);
3752
0
            *(EVP_PKEY **)parg = sc->s3.tmp.pkey;
3753
0
            return 1;
3754
0
        }
3755
3756
0
    case SSL_CTRL_GET_EC_POINT_FORMATS:
3757
0
        {
3758
0
            const unsigned char **pformat = parg;
3759
3760
0
            if (sc->ext.peer_ecpointformats == NULL)
3761
0
                return 0;
3762
0
            *pformat = sc->ext.peer_ecpointformats;
3763
0
            return (int)sc->ext.peer_ecpointformats_len;
3764
0
        }
3765
3766
0
    case SSL_CTRL_GET_IANA_GROUPS:
3767
0
        {
3768
0
            if (parg != NULL) {
3769
0
                *(uint16_t **)parg = (uint16_t *)sc->ext.peer_supportedgroups;
3770
0
            }
3771
0
            return (int)sc->ext.peer_supportedgroups_len;
3772
0
        }
3773
3774
0
    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
3775
0
        sc->msg_callback_arg = parg;
3776
0
        return 1;
3777
3778
0
    default:
3779
0
        break;
3780
18.4k
    }
3781
18.4k
    return ret;
3782
18.4k
}
3783
3784
long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3785
0
{
3786
0
    int ret = 0;
3787
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
3788
3789
0
    if (sc == NULL)
3790
0
        return ret;
3791
3792
0
    switch (cmd) {
3793
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3794
0
    case SSL_CTRL_SET_TMP_DH_CB:
3795
0
        sc->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3796
0
        ret = 1;
3797
0
        break;
3798
0
#endif
3799
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3800
0
        sc->ext.debug_cb = (void (*)(SSL *, int, int,
3801
0
                                     const unsigned char *, int, void *))fp;
3802
0
        ret = 1;
3803
0
        break;
3804
3805
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3806
0
        sc->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3807
0
        ret = 1;
3808
0
        break;
3809
3810
0
    case SSL_CTRL_SET_MSG_CALLBACK:
3811
0
        sc->msg_callback = (ossl_msg_cb)fp;
3812
0
        return 1;
3813
0
    default:
3814
0
        break;
3815
0
    }
3816
0
    return ret;
3817
0
}
3818
3819
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3820
0
{
3821
0
    switch (cmd) {
3822
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3823
0
    case SSL_CTRL_SET_TMP_DH:
3824
0
        {
3825
0
            EVP_PKEY *pkdh = NULL;
3826
0
            if (parg == NULL) {
3827
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3828
0
                return 0;
3829
0
            }
3830
0
            pkdh = ssl_dh_to_pkey(parg);
3831
0
            if (pkdh == NULL) {
3832
0
                ERR_raise(ERR_LIB_SSL, ERR_R_DH_LIB);
3833
0
                return 0;
3834
0
            }
3835
0
            if (!SSL_CTX_set0_tmp_dh_pkey(ctx, pkdh)) {
3836
0
                EVP_PKEY_free(pkdh);
3837
0
                return 0;
3838
0
            }
3839
0
            return 1;
3840
0
        }
3841
0
    case SSL_CTRL_SET_TMP_DH_CB:
3842
0
        {
3843
0
            ERR_raise(ERR_LIB_SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3844
0
            return 0;
3845
0
        }
3846
0
#endif
3847
0
    case SSL_CTRL_SET_DH_AUTO:
3848
0
        ctx->cert->dh_tmp_auto = larg;
3849
0
        return 1;
3850
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
3851
0
    case SSL_CTRL_SET_TMP_ECDH:
3852
0
        {
3853
0
            if (parg == NULL) {
3854
0
                ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
3855
0
                return 0;
3856
0
            }
3857
0
            return ssl_set_tmp_ecdh_groups(&ctx->ext.supportedgroups,
3858
0
                                           &ctx->ext.supportedgroups_len,
3859
0
                                           parg);
3860
0
        }
3861
0
#endif                          /* !OPENSSL_NO_DEPRECATED_3_0 */
3862
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3863
0
        ctx->ext.servername_arg = parg;
3864
0
        break;
3865
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3866
0
    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3867
0
        {
3868
0
            unsigned char *keys = parg;
3869
0
            long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3870
0
                                sizeof(ctx->ext.secure->tick_hmac_key) +
3871
0
                                sizeof(ctx->ext.secure->tick_aes_key));
3872
0
            if (keys == NULL)
3873
0
                return tick_keylen;
3874
0
            if (larg != tick_keylen) {
3875
0
                ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3876
0
                return 0;
3877
0
            }
3878
0
            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3879
0
                memcpy(ctx->ext.tick_key_name, keys,
3880
0
                       sizeof(ctx->ext.tick_key_name));
3881
0
                memcpy(ctx->ext.secure->tick_hmac_key,
3882
0
                       keys + sizeof(ctx->ext.tick_key_name),
3883
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3884
0
                memcpy(ctx->ext.secure->tick_aes_key,
3885
0
                       keys + sizeof(ctx->ext.tick_key_name) +
3886
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3887
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3888
0
            } else {
3889
0
                memcpy(keys, ctx->ext.tick_key_name,
3890
0
                       sizeof(ctx->ext.tick_key_name));
3891
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
3892
0
                       ctx->ext.secure->tick_hmac_key,
3893
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3894
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3895
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3896
0
                       ctx->ext.secure->tick_aes_key,
3897
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3898
0
            }
3899
0
            return 1;
3900
0
        }
3901
3902
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3903
0
        return ctx->ext.status_type;
3904
3905
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3906
0
        ctx->ext.status_type = larg;
3907
0
        break;
3908
3909
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3910
0
        ctx->ext.status_arg = parg;
3911
0
        return 1;
3912
3913
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3914
0
        *(void**)parg = ctx->ext.status_arg;
3915
0
        break;
3916
3917
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3918
0
        *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3919
0
        break;
3920
3921
0
#ifndef OPENSSL_NO_SRP
3922
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3923
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3924
0
        OPENSSL_free(ctx->srp_ctx.login);
3925
0
        ctx->srp_ctx.login = NULL;
3926
0
        if (parg == NULL)
3927
0
            break;
3928
0
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3929
0
            ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_SRP_USERNAME);
3930
0
            return 0;
3931
0
        }
3932
0
        if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3933
0
            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3934
0
            return 0;
3935
0
        }
3936
0
        break;
3937
0
    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3938
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3939
0
            srp_password_from_info_cb;
3940
0
        if (ctx->srp_ctx.info != NULL)
3941
0
            OPENSSL_free(ctx->srp_ctx.info);
3942
0
        if ((ctx->srp_ctx.info = OPENSSL_strdup((char *)parg)) == NULL) {
3943
0
            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
3944
0
            return 0;
3945
0
        }
3946
0
        break;
3947
0
    case SSL_CTRL_SET_SRP_ARG:
3948
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3949
0
        ctx->srp_ctx.SRP_cb_arg = parg;
3950
0
        break;
3951
3952
0
    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3953
0
        ctx->srp_ctx.strength = larg;
3954
0
        break;
3955
0
#endif
3956
3957
0
    case SSL_CTRL_SET_GROUPS:
3958
0
        return tls1_set_groups(&ctx->ext.supportedgroups,
3959
0
                               &ctx->ext.supportedgroups_len,
3960
0
                               parg, larg);
3961
3962
0
    case SSL_CTRL_SET_GROUPS_LIST:
3963
0
        return tls1_set_groups_list(ctx, &ctx->ext.supportedgroups,
3964
0
                                    &ctx->ext.supportedgroups_len,
3965
0
                                    parg);
3966
3967
0
    case SSL_CTRL_SET_SIGALGS:
3968
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3969
3970
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3971
0
        return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 0);
3972
3973
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3974
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3975
3976
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3977
0
        return tls1_set_sigalgs_list(ctx, ctx->cert, parg, 1);
3978
3979
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3980
0
        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3981
3982
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3983
0
        return ssl_build_cert_chain(NULL, ctx, larg);
3984
3985
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3986
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3987
3988
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3989
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3990
3991
0
    case SSL_CTRL_GET_VERIFY_CERT_STORE:
3992
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 0);
3993
3994
0
    case SSL_CTRL_GET_CHAIN_CERT_STORE:
3995
0
        return ssl_cert_get_cert_store(ctx->cert, parg, 1);
3996
3997
        /* A Thawte special :-) */
3998
0
    case SSL_CTRL_EXTRA_CHAIN_CERT:
3999
0
        if (ctx->extra_certs == NULL) {
4000
0
            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
4001
0
                ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
4002
0
                return 0;
4003
0
            }
4004
0
        }
4005
0
        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
4006
0
            ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
4007
0
            return 0;
4008
0
        }
4009
0
        break;
4010
4011
0
    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
4012
0
        if (ctx->extra_certs == NULL && larg == 0)
4013
0
            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4014
0
        else
4015
0
            *(STACK_OF(X509) **)parg = ctx->extra_certs;
4016
0
        break;
4017
4018
0
    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
4019
0
        OSSL_STACK_OF_X509_free(ctx->extra_certs);
4020
0
        ctx->extra_certs = NULL;
4021
0
        break;
4022
4023
0
    case SSL_CTRL_CHAIN:
4024
0
        if (larg)
4025
0
            return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4026
0
        else
4027
0
            return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
4028
4029
0
    case SSL_CTRL_CHAIN_CERT:
4030
0
        if (larg)
4031
0
            return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
4032
0
        else
4033
0
            return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
4034
4035
0
    case SSL_CTRL_GET_CHAIN_CERTS:
4036
0
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
4037
0
        break;
4038
4039
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
4040
0
        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
4041
4042
0
    case SSL_CTRL_SET_CURRENT_CERT:
4043
0
        return ssl_cert_set_current(ctx->cert, larg);
4044
4045
0
    default:
4046
0
        return 0;
4047
0
    }
4048
0
    return 1;
4049
0
}
4050
4051
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
4052
0
{
4053
0
    switch (cmd) {
4054
0
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
4055
0
    case SSL_CTRL_SET_TMP_DH_CB:
4056
0
        {
4057
0
            ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
4058
0
        }
4059
0
        break;
4060
0
#endif
4061
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
4062
0
        ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
4063
0
        break;
4064
4065
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4066
0
        ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4067
0
        break;
4068
4069
0
# ifndef OPENSSL_NO_DEPRECATED_3_0
4070
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4071
0
        ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4072
0
                                          unsigned char *,
4073
0
                                          EVP_CIPHER_CTX *,
4074
0
                                          HMAC_CTX *, int))fp;
4075
0
        break;
4076
0
#endif
4077
4078
0
#ifndef OPENSSL_NO_SRP
4079
0
    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4080
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4081
0
        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4082
0
        break;
4083
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4084
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4085
0
        ctx->srp_ctx.TLS_ext_srp_username_callback =
4086
0
            (int (*)(SSL *, int *, void *))fp;
4087
0
        break;
4088
0
    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4089
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4090
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4091
0
            (char *(*)(SSL *, void *))fp;
4092
0
        break;
4093
0
#endif
4094
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4095
0
        {
4096
0
            ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4097
0
        }
4098
0
        break;
4099
0
    default:
4100
0
        return 0;
4101
0
    }
4102
0
    return 1;
4103
0
}
4104
4105
int SSL_CTX_set_tlsext_ticket_key_evp_cb
4106
    (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
4107
                             EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
4108
0
{
4109
0
    ctx->ext.ticket_key_evp_cb = fp;
4110
0
    return 1;
4111
0
}
4112
4113
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4114
374k
{
4115
374k
    SSL_CIPHER c;
4116
374k
    const SSL_CIPHER *cp;
4117
4118
374k
    c.id = id;
4119
374k
    cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4120
374k
    if (cp != NULL)
4121
18.7k
        return cp;
4122
355k
    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4123
355k
    if (cp != NULL)
4124
118k
        return cp;
4125
237k
    return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4126
355k
}
4127
4128
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4129
238k
{
4130
238k
    SSL_CIPHER *tbl;
4131
238k
    SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs};
4132
238k
    size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS,
4133
238k
                              SSL3_NUM_SCSVS};
4134
4135
    /* this is not efficient, necessary to optimize this? */
4136
238k
    for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4137
476k
        for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4138
476k
            if (tbl->stdname == NULL)
4139
0
                continue;
4140
476k
            if (strcmp(stdname, tbl->stdname) == 0) {
4141
238k
                return tbl;
4142
238k
            }
4143
476k
        }
4144
238k
    }
4145
0
    return NULL;
4146
238k
}
4147
4148
/*
4149
 * This function needs to check if the ciphers required are actually
4150
 * available
4151
 */
4152
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4153
371k
{
4154
371k
    return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4155
371k
                                 | ((uint32_t)p[0] << 8L)
4156
371k
                                 | (uint32_t)p[1]);
4157
371k
}
4158
4159
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4160
3.36M
{
4161
3.36M
    if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4162
0
        *len = 0;
4163
0
        return 1;
4164
0
    }
4165
4166
3.36M
    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4167
0
        return 0;
4168
4169
3.36M
    *len = 2;
4170
3.36M
    return 1;
4171
3.36M
}
4172
4173
/*
4174
 * ssl3_choose_cipher - choose a cipher from those offered by the client
4175
 * @s: SSL connection
4176
 * @clnt: ciphers offered by the client
4177
 * @srvr: ciphers enabled on the server?
4178
 *
4179
 * Returns the selected cipher or NULL when no common ciphers.
4180
 */
4181
const SSL_CIPHER *ssl3_choose_cipher(SSL_CONNECTION *s, STACK_OF(SSL_CIPHER) *clnt,
4182
                                     STACK_OF(SSL_CIPHER) *srvr)
4183
10.7k
{
4184
10.7k
    const SSL_CIPHER *c, *ret = NULL;
4185
10.7k
    STACK_OF(SSL_CIPHER) *prio, *allow;
4186
10.7k
    int i, ii, ok, prefer_sha256 = 0;
4187
10.7k
    unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4188
10.7k
    STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4189
4190
    /* Let's see which ciphers we can support */
4191
4192
    /*
4193
     * Do not set the compare functions, because this may lead to a
4194
     * reordering by "id". We want to keep the original ordering. We may pay
4195
     * a price in performance during sk_SSL_CIPHER_find(), but would have to
4196
     * pay with the price of sk_SSL_CIPHER_dup().
4197
     */
4198
4199
10.7k
    OSSL_TRACE_BEGIN(TLS_CIPHER) {
4200
0
        BIO_printf(trc_out, "Server has %d from %p:\n",
4201
0
                   sk_SSL_CIPHER_num(srvr), (void *)srvr);
4202
0
        for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4203
0
            c = sk_SSL_CIPHER_value(srvr, i);
4204
0
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4205
0
        }
4206
0
        BIO_printf(trc_out, "Client sent %d from %p:\n",
4207
0
                   sk_SSL_CIPHER_num(clnt), (void *)clnt);
4208
0
        for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4209
0
            c = sk_SSL_CIPHER_value(clnt, i);
4210
0
            BIO_printf(trc_out, "%p:%s\n", (void *)c, c->name);
4211
0
        }
4212
10.7k
    } OSSL_TRACE_END(TLS_CIPHER);
4213
4214
    /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4215
10.7k
    if (tls1_suiteb(s)) {
4216
0
        prio = srvr;
4217
0
        allow = clnt;
4218
10.7k
    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4219
0
        prio = srvr;
4220
0
        allow = clnt;
4221
4222
        /* If ChaCha20 is at the top of the client preference list,
4223
           and there are ChaCha20 ciphers in the server list, then
4224
           temporarily prioritize all ChaCha20 ciphers in the servers list. */
4225
0
        if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4226
0
            c = sk_SSL_CIPHER_value(clnt, 0);
4227
0
            if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4228
                /* ChaCha20 is client preferred, check server... */
4229
0
                int num = sk_SSL_CIPHER_num(srvr);
4230
0
                int found = 0;
4231
0
                for (i = 0; i < num; i++) {
4232
0
                    c = sk_SSL_CIPHER_value(srvr, i);
4233
0
                    if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4234
0
                        found = 1;
4235
0
                        break;
4236
0
                    }
4237
0
                }
4238
0
                if (found) {
4239
0
                    prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4240
                    /* if reserve fails, then there's likely a memory issue */
4241
0
                    if (prio_chacha != NULL) {
4242
                        /* Put all ChaCha20 at the top, starting with the one we just found */
4243
0
                        sk_SSL_CIPHER_push(prio_chacha, c);
4244
0
                        for (i++; i < num; i++) {
4245
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4246
0
                            if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4247
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4248
0
                        }
4249
                        /* Pull in the rest */
4250
0
                        for (i = 0; i < num; i++) {
4251
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4252
0
                            if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4253
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4254
0
                        }
4255
0
                        prio = prio_chacha;
4256
0
                    }
4257
0
                }
4258
0
            }
4259
0
        }
4260
10.7k
    } else {
4261
10.7k
        prio = clnt;
4262
10.7k
        allow = srvr;
4263
10.7k
    }
4264
4265
10.7k
    if (SSL_CONNECTION_IS_TLS13(s)) {
4266
2.69k
#ifndef OPENSSL_NO_PSK
4267
2.69k
        size_t j;
4268
4269
        /*
4270
         * If we allow "old" style PSK callbacks, and we have no certificate (so
4271
         * we're not going to succeed without a PSK anyway), and we're in
4272
         * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4273
         * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4274
         * that.
4275
         */
4276
2.69k
        if (s->psk_server_callback != NULL) {
4277
0
            for (j = 0; j < s->ssl_pkey_num && !ssl_has_cert(s, j); j++);
4278
0
            if (j == s->ssl_pkey_num) {
4279
                /* There are no certificates */
4280
0
                prefer_sha256 = 1;
4281
0
            }
4282
0
        }
4283
2.69k
#endif
4284
8.06k
    } else {
4285
8.06k
        tls1_set_cert_validity(s);
4286
8.06k
        ssl_set_masks(s);
4287
8.06k
    }
4288
4289
45.0k
    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4290
44.4k
        c = sk_SSL_CIPHER_value(prio, i);
4291
4292
        /* Skip ciphers not supported by the protocol version */
4293
44.4k
        if (!SSL_CONNECTION_IS_DTLS(s) &&
4294
44.4k
            ((s->version < c->min_tls) || (s->version > c->max_tls)))
4295
18.9k
            continue;
4296
25.5k
        if (SSL_CONNECTION_IS_DTLS(s) &&
4297
25.5k
            (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4298
0
             DTLS_VERSION_GT(s->version, c->max_dtls)))
4299
0
            continue;
4300
4301
        /*
4302
         * Since TLS 1.3 ciphersuites can be used with any auth or
4303
         * key exchange scheme skip tests.
4304
         */
4305
25.5k
        if (!SSL_CONNECTION_IS_TLS13(s)) {
4306
22.7k
            mask_k = s->s3.tmp.mask_k;
4307
22.7k
            mask_a = s->s3.tmp.mask_a;
4308
22.7k
#ifndef OPENSSL_NO_SRP
4309
22.7k
            if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4310
0
                mask_k |= SSL_kSRP;
4311
0
                mask_a |= SSL_aSRP;
4312
0
            }
4313
22.7k
#endif
4314
4315
22.7k
            alg_k = c->algorithm_mkey;
4316
22.7k
            alg_a = c->algorithm_auth;
4317
4318
22.7k
#ifndef OPENSSL_NO_PSK
4319
            /* with PSK there must be server callback set */
4320
22.7k
            if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4321
1.53k
                continue;
4322
21.2k
#endif                          /* OPENSSL_NO_PSK */
4323
4324
21.2k
            ok = (alg_k & mask_k) && (alg_a & mask_a);
4325
21.2k
            OSSL_TRACE7(TLS_CIPHER,
4326
21.2k
                        "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
4327
21.2k
                        ok, alg_k, alg_a, mask_k, mask_a, (void *)c, c->name);
4328
4329
            /*
4330
             * if we are considering an ECC cipher suite that uses an ephemeral
4331
             * EC key check it
4332
             */
4333
21.2k
            if (alg_k & SSL_kECDHE)
4334
10.9k
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
4335
4336
21.2k
            if (!ok)
4337
12.4k
                continue;
4338
21.2k
        }
4339
11.5k
        ii = sk_SSL_CIPHER_find(allow, c);
4340
11.5k
        if (ii >= 0) {
4341
            /* Check security callback permits this cipher */
4342
10.1k
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4343
10.1k
                              c->strength_bits, 0, (void *)c))
4344
0
                continue;
4345
4346
10.1k
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4347
10.1k
                && s->s3.is_probably_safari) {
4348
0
                if (!ret)
4349
0
                    ret = sk_SSL_CIPHER_value(allow, ii);
4350
0
                continue;
4351
0
            }
4352
4353
10.1k
            if (prefer_sha256) {
4354
0
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4355
0
                const EVP_MD *md = ssl_md(SSL_CONNECTION_GET_CTX(s),
4356
0
                                          tmp->algorithm2);
4357
4358
0
                if (md != NULL
4359
0
                        && EVP_MD_is_a(md, OSSL_DIGEST_NAME_SHA2_256)) {
4360
0
                    ret = tmp;
4361
0
                    break;
4362
0
                }
4363
0
                if (ret == NULL)
4364
0
                    ret = tmp;
4365
0
                continue;
4366
0
            }
4367
10.1k
            ret = sk_SSL_CIPHER_value(allow, ii);
4368
10.1k
            break;
4369
10.1k
        }
4370
11.5k
    }
4371
4372
10.7k
    sk_SSL_CIPHER_free(prio_chacha);
4373
4374
10.7k
    return ret;
4375
10.7k
}
4376
4377
int ssl3_get_req_cert_type(SSL_CONNECTION *s, WPACKET *pkt)
4378
0
{
4379
0
    uint32_t alg_k, alg_a = 0;
4380
4381
    /* If we have custom certificate types set, use them */
4382
0
    if (s->cert->ctype)
4383
0
        return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4384
    /* Get mask of algorithms disabled by signature list */
4385
0
    ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4386
4387
0
    alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4388
4389
0
#ifndef OPENSSL_NO_GOST
4390
0
    if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4391
0
        if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4392
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4393
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN)
4394
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_SIGN)
4395
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_LEGACY_512_SIGN))
4396
0
            return 0;
4397
4398
0
    if (s->version >= TLS1_2_VERSION && (alg_k & SSL_kGOST18))
4399
0
        if (!WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_SIGN)
4400
0
            || !WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_IANA_512_SIGN))
4401
0
            return 0;
4402
0
#endif
4403
4404
0
    if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4405
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4406
0
            return 0;
4407
0
        if (!(alg_a & SSL_aDSS)
4408
0
                && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4409
0
            return 0;
4410
0
    }
4411
0
    if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4412
0
        return 0;
4413
0
    if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4414
0
        return 0;
4415
4416
    /*
4417
     * ECDSA certs can be used with RSA cipher suites too so we don't
4418
     * need to check for SSL_kECDH or SSL_kECDHE
4419
     */
4420
0
    if (s->version >= TLS1_VERSION
4421
0
            && !(alg_a & SSL_aECDSA)
4422
0
            && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4423
0
        return 0;
4424
4425
0
    return 1;
4426
0
}
4427
4428
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4429
0
{
4430
0
    OPENSSL_free(c->ctype);
4431
0
    c->ctype = NULL;
4432
0
    c->ctype_len = 0;
4433
0
    if (p == NULL || len == 0)
4434
0
        return 1;
4435
0
    if (len > 0xff)
4436
0
        return 0;
4437
0
    c->ctype = OPENSSL_memdup(p, len);
4438
0
    if (c->ctype == NULL)
4439
0
        return 0;
4440
0
    c->ctype_len = len;
4441
0
    return 1;
4442
0
}
4443
4444
int ssl3_shutdown(SSL *s)
4445
0
{
4446
0
    int ret;
4447
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4448
4449
0
    if (sc == NULL)
4450
0
        return 0;
4451
4452
    /*
4453
     * Don't do anything much if we have not done the handshake or we don't
4454
     * want to send messages :-)
4455
     */
4456
0
    if (sc->quiet_shutdown || SSL_in_before(s)) {
4457
0
        sc->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4458
0
        return 1;
4459
0
    }
4460
4461
0
    if (!(sc->shutdown & SSL_SENT_SHUTDOWN)) {
4462
0
        sc->shutdown |= SSL_SENT_SHUTDOWN;
4463
0
        ssl3_send_alert(sc, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4464
        /*
4465
         * our shutdown alert has been sent now, and if it still needs to be
4466
         * written, s->s3.alert_dispatch will be > 0
4467
         */
4468
0
        if (sc->s3.alert_dispatch > 0)
4469
0
            return -1;        /* return WANT_WRITE */
4470
0
    } else if (sc->s3.alert_dispatch > 0) {
4471
        /* resend it if not sent */
4472
0
        ret = s->method->ssl_dispatch_alert(s);
4473
0
        if (ret == -1) {
4474
            /*
4475
             * we only get to return -1 here the 2nd/Nth invocation, we must
4476
             * have already signalled return 0 upon a previous invocation,
4477
             * return WANT_WRITE
4478
             */
4479
0
            return ret;
4480
0
        }
4481
0
    } else if (!(sc->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4482
0
        size_t readbytes;
4483
        /*
4484
         * If we are waiting for a close from our peer, we are closed
4485
         */
4486
0
        s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4487
0
        if (!(sc->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4488
0
            return -1;        /* return WANT_READ */
4489
0
        }
4490
0
    }
4491
4492
0
    if ((sc->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN))
4493
0
            && sc->s3.alert_dispatch == SSL_ALERT_DISPATCH_NONE)
4494
0
        return 1;
4495
0
    else
4496
0
        return 0;
4497
0
}
4498
4499
int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4500
0
{
4501
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4502
4503
0
    if (sc == NULL)
4504
0
        return 0;
4505
4506
0
    clear_sys_error();
4507
0
    if (sc->s3.renegotiate)
4508
0
        ssl3_renegotiate_check(s, 0);
4509
4510
0
    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4511
0
                                      written);
4512
0
}
4513
4514
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4515
                              size_t *readbytes)
4516
6.70M
{
4517
6.70M
    int ret;
4518
6.70M
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4519
4520
6.70M
    if (sc == NULL)
4521
0
        return 0;
4522
4523
6.70M
    clear_sys_error();
4524
6.70M
    if (sc->s3.renegotiate)
4525
0
        ssl3_renegotiate_check(s, 0);
4526
6.70M
    sc->s3.in_read_app_data = 1;
4527
6.70M
    ret =
4528
6.70M
        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4529
6.70M
                                  peek, readbytes);
4530
6.70M
    if ((ret == -1) && (sc->s3.in_read_app_data == 2)) {
4531
        /*
4532
         * ssl3_read_bytes decided to call s->handshake_func, which called
4533
         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4534
         * actually found application data and thinks that application data
4535
         * makes sense here; so disable handshake processing and try to read
4536
         * application data again.
4537
         */
4538
19.3k
        ossl_statem_set_in_handshake(sc, 1);
4539
19.3k
        ret =
4540
19.3k
            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4541
19.3k
                                      len, peek, readbytes);
4542
19.3k
        ossl_statem_set_in_handshake(sc, 0);
4543
19.3k
    } else
4544
6.68M
        sc->s3.in_read_app_data = 0;
4545
4546
6.70M
    return ret;
4547
6.70M
}
4548
4549
int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4550
6.70M
{
4551
6.70M
    return ssl3_read_internal(s, buf, len, 0, readbytes);
4552
6.70M
}
4553
4554
int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4555
0
{
4556
0
    return ssl3_read_internal(s, buf, len, 1, readbytes);
4557
0
}
4558
4559
int ssl3_renegotiate(SSL *s)
4560
557
{
4561
557
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4562
4563
557
    if (sc == NULL)
4564
0
        return 0;
4565
4566
557
    if (sc->handshake_func == NULL)
4567
0
        return 1;
4568
4569
557
    sc->s3.renegotiate = 1;
4570
557
    return 1;
4571
557
}
4572
4573
/*
4574
 * Check if we are waiting to do a renegotiation and if so whether now is a
4575
 * good time to do it. If |initok| is true then we are being called from inside
4576
 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4577
 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4578
 * should do a renegotiation now and sets up the state machine for it. Otherwise
4579
 * returns 0.
4580
 */
4581
int ssl3_renegotiate_check(SSL *s, int initok)
4582
22.5M
{
4583
22.5M
    int ret = 0;
4584
22.5M
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s);
4585
4586
22.5M
    if (sc == NULL)
4587
0
        return 0;
4588
4589
22.5M
    if (sc->s3.renegotiate) {
4590
557
        if (!RECORD_LAYER_read_pending(&sc->rlayer)
4591
557
            && !RECORD_LAYER_write_pending(&sc->rlayer)
4592
557
            && (initok || !SSL_in_init(s))) {
4593
            /*
4594
             * if we are the server, and we have sent a 'RENEGOTIATE'
4595
             * message, we need to set the state machine into the renegotiate
4596
             * state.
4597
             */
4598
557
            ossl_statem_set_renegotiate(sc);
4599
557
            sc->s3.renegotiate = 0;
4600
557
            sc->s3.num_renegotiations++;
4601
557
            sc->s3.total_renegotiations++;
4602
557
            ret = 1;
4603
557
        }
4604
557
    }
4605
22.5M
    return ret;
4606
22.5M
}
4607
4608
/*
4609
 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4610
 * handshake macs if required.
4611
 *
4612
 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4613
 */
4614
long ssl_get_algorithm2(SSL_CONNECTION *s)
4615
214k
{
4616
214k
    long alg2;
4617
214k
    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
4618
4619
214k
    if (s->s3.tmp.new_cipher == NULL)
4620
0
        return -1;
4621
214k
    alg2 = s->s3.tmp.new_cipher->algorithm2;
4622
214k
    if (ssl->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4623
200k
        if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4624
18.2k
            return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4625
200k
    } else if (s->s3.tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4626
0
        if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4627
0
            return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4628
0
    }
4629
196k
    return alg2;
4630
214k
}
4631
4632
/*
4633
 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4634
 * failure, 1 on success.
4635
 */
4636
int ssl_fill_hello_random(SSL_CONNECTION *s, int server,
4637
                          unsigned char *result, size_t len,
4638
                          DOWNGRADE dgrd)
4639
70.9k
{
4640
70.9k
    int send_time = 0, ret;
4641
4642
70.9k
    if (len < 4)
4643
0
        return 0;
4644
70.9k
    if (server)
4645
16.5k
        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4646
54.3k
    else
4647
54.3k
        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4648
70.9k
    if (send_time) {
4649
0
        unsigned long Time = (unsigned long)time(NULL);
4650
0
        unsigned char *p = result;
4651
4652
0
        l2n(Time, p);
4653
0
        ret = RAND_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, p, len - 4, 0);
4654
70.9k
    } else {
4655
70.9k
        ret = RAND_bytes_ex(SSL_CONNECTION_GET_CTX(s)->libctx, result, len, 0);
4656
70.9k
    }
4657
4658
70.9k
    if (ret > 0) {
4659
70.9k
        if (!ossl_assert(sizeof(tls11downgrade) < len)
4660
70.9k
                || !ossl_assert(sizeof(tls12downgrade) < len))
4661
0
             return 0;
4662
70.9k
        if (dgrd == DOWNGRADE_TO_1_2)
4663
7.20k
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4664
7.20k
                   sizeof(tls12downgrade));
4665
63.7k
        else if (dgrd == DOWNGRADE_TO_1_1)
4666
3.82k
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4667
3.82k
                   sizeof(tls11downgrade));
4668
70.9k
    }
4669
4670
70.9k
    return ret;
4671
70.9k
}
4672
4673
int ssl_generate_master_secret(SSL_CONNECTION *s, unsigned char *pms,
4674
                               size_t pmslen, int free_pms)
4675
14.5k
{
4676
14.5k
    unsigned long alg_k = s->s3.tmp.new_cipher->algorithm_mkey;
4677
14.5k
    int ret = 0;
4678
14.5k
    SSL *ssl = SSL_CONNECTION_GET_SSL(s);
4679
4680
14.5k
    if (alg_k & SSL_PSK) {
4681
0
#ifndef OPENSSL_NO_PSK
4682
0
        unsigned char *pskpms, *t;
4683
0
        size_t psklen = s->s3.tmp.psklen;
4684
0
        size_t pskpmslen;
4685
4686
        /* create PSK premaster_secret */
4687
4688
        /* For plain PSK "other_secret" is psklen zeroes */
4689
0
        if (alg_k & SSL_kPSK)
4690
0
            pmslen = psklen;
4691
4692
0
        pskpmslen = 4 + pmslen + psklen;
4693
0
        pskpms = OPENSSL_malloc(pskpmslen);
4694
0
        if (pskpms == NULL)
4695
0
            goto err;
4696
0
        t = pskpms;
4697
0
        s2n(pmslen, t);
4698
0
        if (alg_k & SSL_kPSK)
4699
0
            memset(t, 0, pmslen);
4700
0
        else
4701
0
            memcpy(t, pms, pmslen);
4702
0
        t += pmslen;
4703
0
        s2n(psklen, t);
4704
0
        memcpy(t, s->s3.tmp.psk, psklen);
4705
4706
0
        OPENSSL_clear_free(s->s3.tmp.psk, psklen);
4707
0
        s->s3.tmp.psk = NULL;
4708
0
        s->s3.tmp.psklen = 0;
4709
0
        if (!ssl->method->ssl3_enc->generate_master_secret(s,
4710
0
                    s->session->master_key, pskpms, pskpmslen,
4711
0
                    &s->session->master_key_length)) {
4712
0
            OPENSSL_clear_free(pskpms, pskpmslen);
4713
            /* SSLfatal() already called */
4714
0
            goto err;
4715
0
        }
4716
0
        OPENSSL_clear_free(pskpms, pskpmslen);
4717
#else
4718
        /* Should never happen */
4719
        goto err;
4720
#endif
4721
14.5k
    } else {
4722
14.5k
        if (!ssl->method->ssl3_enc->generate_master_secret(s,
4723
14.5k
                s->session->master_key, pms, pmslen,
4724
14.5k
                &s->session->master_key_length)) {
4725
            /* SSLfatal() already called */
4726
0
            goto err;
4727
0
        }
4728
14.5k
    }
4729
4730
14.5k
    ret = 1;
4731
14.5k
 err:
4732
14.5k
    if (pms) {
4733
14.5k
        if (free_pms)
4734
5.90k
            OPENSSL_clear_free(pms, pmslen);
4735
8.69k
        else
4736
8.69k
            OPENSSL_cleanse(pms, pmslen);
4737
14.5k
    }
4738
14.5k
    if (s->server == 0) {
4739
5.90k
        s->s3.tmp.pms = NULL;
4740
5.90k
        s->s3.tmp.pmslen = 0;
4741
5.90k
    }
4742
14.5k
    return ret;
4743
14.5k
}
4744
4745
/* Generate a private key from parameters */
4746
EVP_PKEY *ssl_generate_pkey(SSL_CONNECTION *s, EVP_PKEY *pm)
4747
7.62k
{
4748
7.62k
    EVP_PKEY_CTX *pctx = NULL;
4749
7.62k
    EVP_PKEY *pkey = NULL;
4750
7.62k
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4751
4752
7.62k
    if (pm == NULL)
4753
0
        return NULL;
4754
7.62k
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pm, sctx->propq);
4755
7.62k
    if (pctx == NULL)
4756
0
        goto err;
4757
7.62k
    if (EVP_PKEY_keygen_init(pctx) <= 0)
4758
0
        goto err;
4759
7.62k
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4760
0
        EVP_PKEY_free(pkey);
4761
0
        pkey = NULL;
4762
0
    }
4763
4764
7.62k
    err:
4765
7.62k
    EVP_PKEY_CTX_free(pctx);
4766
7.62k
    return pkey;
4767
7.62k
}
4768
4769
/* Generate a private key from a group ID */
4770
EVP_PKEY *ssl_generate_pkey_group(SSL_CONNECTION *s, uint16_t id)
4771
74.4k
{
4772
74.4k
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4773
74.4k
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(sctx, id);
4774
74.4k
    EVP_PKEY_CTX *pctx = NULL;
4775
74.4k
    EVP_PKEY *pkey = NULL;
4776
4777
74.4k
    if (ginf == NULL) {
4778
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4779
0
        goto err;
4780
0
    }
4781
4782
74.4k
    pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
4783
74.4k
                                      sctx->propq);
4784
4785
74.4k
    if (pctx == NULL) {
4786
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4787
0
        goto err;
4788
0
    }
4789
74.4k
    if (EVP_PKEY_keygen_init(pctx) <= 0) {
4790
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4791
0
        goto err;
4792
0
    }
4793
74.4k
    if (EVP_PKEY_CTX_set_group_name(pctx, ginf->realname) <= 0) {
4794
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4795
0
        goto err;
4796
0
    }
4797
74.4k
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4798
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4799
0
        EVP_PKEY_free(pkey);
4800
0
        pkey = NULL;
4801
0
    }
4802
4803
74.4k
 err:
4804
74.4k
    EVP_PKEY_CTX_free(pctx);
4805
74.4k
    return pkey;
4806
74.4k
}
4807
4808
/*
4809
 * Generate parameters from a group ID
4810
 */
4811
EVP_PKEY *ssl_generate_param_group(SSL_CONNECTION *s, uint16_t id)
4812
8.92k
{
4813
8.92k
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4814
8.92k
    EVP_PKEY_CTX *pctx = NULL;
4815
8.92k
    EVP_PKEY *pkey = NULL;
4816
8.92k
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(sctx, id);
4817
4818
8.92k
    if (ginf == NULL)
4819
0
        goto err;
4820
4821
8.92k
    pctx = EVP_PKEY_CTX_new_from_name(sctx->libctx, ginf->algorithm,
4822
8.92k
                                      sctx->propq);
4823
4824
8.92k
    if (pctx == NULL)
4825
0
        goto err;
4826
8.92k
    if (EVP_PKEY_paramgen_init(pctx) <= 0)
4827
0
        goto err;
4828
8.92k
    if (EVP_PKEY_CTX_set_group_name(pctx, ginf->realname) <= 0) {
4829
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
4830
0
        goto err;
4831
0
    }
4832
8.92k
    if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4833
0
        EVP_PKEY_free(pkey);
4834
0
        pkey = NULL;
4835
0
    }
4836
4837
8.92k
 err:
4838
8.92k
    EVP_PKEY_CTX_free(pctx);
4839
8.92k
    return pkey;
4840
8.92k
}
4841
4842
/* Generate secrets from pms */
4843
int ssl_gensecret(SSL_CONNECTION *s, unsigned char *pms, size_t pmslen)
4844
16.4k
{
4845
16.4k
    int rv = 0;
4846
4847
    /* SSLfatal() called as appropriate in the below functions */
4848
16.4k
    if (SSL_CONNECTION_IS_TLS13(s)) {
4849
        /*
4850
         * If we are resuming then we already generated the early secret
4851
         * when we created the ClientHello, so don't recreate it.
4852
         */
4853
13.2k
        if (!s->hit)
4854
13.2k
            rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4855
13.2k
                    0,
4856
13.2k
                    (unsigned char *)&s->early_secret);
4857
0
        else
4858
0
            rv = 1;
4859
4860
13.2k
        rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4861
13.2k
    } else {
4862
3.12k
        rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4863
3.12k
    }
4864
4865
16.4k
    return rv;
4866
16.4k
}
4867
4868
/* Derive secrets for ECDH/DH */
4869
int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4870
22.1k
{
4871
22.1k
    int rv = 0;
4872
22.1k
    unsigned char *pms = NULL;
4873
22.1k
    size_t pmslen = 0;
4874
22.1k
    EVP_PKEY_CTX *pctx;
4875
22.1k
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4876
4877
22.1k
    if (privkey == NULL || pubkey == NULL) {
4878
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4879
0
        return 0;
4880
0
    }
4881
4882
22.1k
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, privkey, sctx->propq);
4883
4884
22.1k
    if (EVP_PKEY_derive_init(pctx) <= 0
4885
22.1k
        || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4886
22.1k
        || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4887
354
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4888
354
        goto err;
4889
354
    }
4890
4891
21.7k
    if (SSL_CONNECTION_IS_TLS13(s) &&  EVP_PKEY_is_a(privkey, "DH"))
4892
177
        EVP_PKEY_CTX_set_dh_pad(pctx, 1);
4893
4894
21.7k
    pms = OPENSSL_malloc(pmslen);
4895
21.7k
    if (pms == NULL) {
4896
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
4897
0
        goto err;
4898
0
    }
4899
4900
21.7k
    if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4901
        /*
4902
         * the public key was probably a weak key
4903
         */
4904
42
        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
4905
42
        goto err;
4906
42
    }
4907
4908
21.7k
    if (gensecret) {
4909
        /* SSLfatal() called as appropriate in the below functions */
4910
16.3k
        rv = ssl_gensecret(s, pms, pmslen);
4911
16.3k
    } else {
4912
        /* Save premaster secret */
4913
5.32k
        s->s3.tmp.pms = pms;
4914
5.32k
        s->s3.tmp.pmslen = pmslen;
4915
5.32k
        pms = NULL;
4916
5.32k
        rv = 1;
4917
5.32k
    }
4918
4919
22.1k
 err:
4920
22.1k
    OPENSSL_clear_free(pms, pmslen);
4921
22.1k
    EVP_PKEY_CTX_free(pctx);
4922
22.1k
    return rv;
4923
21.7k
}
4924
4925
/* Decapsulate secrets for KEM */
4926
int ssl_decapsulate(SSL_CONNECTION *s, EVP_PKEY *privkey,
4927
                    const unsigned char *ct, size_t ctlen,
4928
                    int gensecret)
4929
0
{
4930
0
    int rv = 0;
4931
0
    unsigned char *pms = NULL;
4932
0
    size_t pmslen = 0;
4933
0
    EVP_PKEY_CTX *pctx;
4934
0
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4935
4936
0
    if (privkey == NULL) {
4937
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4938
0
        return 0;
4939
0
    }
4940
4941
0
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, privkey, sctx->propq);
4942
4943
0
    if (EVP_PKEY_decapsulate_init(pctx, NULL) <= 0
4944
0
            || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) {
4945
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4946
0
        goto err;
4947
0
    }
4948
4949
0
    pms = OPENSSL_malloc(pmslen);
4950
0
    if (pms == NULL) {
4951
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
4952
0
        goto err;
4953
0
    }
4954
4955
0
    if (EVP_PKEY_decapsulate(pctx, pms, &pmslen, ct, ctlen) <= 0) {
4956
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4957
0
        goto err;
4958
0
    }
4959
4960
0
    if (gensecret) {
4961
        /* SSLfatal() called as appropriate in the below functions */
4962
0
        rv = ssl_gensecret(s, pms, pmslen);
4963
0
    } else {
4964
        /* Save premaster secret */
4965
0
        s->s3.tmp.pms = pms;
4966
0
        s->s3.tmp.pmslen = pmslen;
4967
0
        pms = NULL;
4968
0
        rv = 1;
4969
0
    }
4970
4971
0
 err:
4972
0
    OPENSSL_clear_free(pms, pmslen);
4973
0
    EVP_PKEY_CTX_free(pctx);
4974
0
    return rv;
4975
0
}
4976
4977
int ssl_encapsulate(SSL_CONNECTION *s, EVP_PKEY *pubkey,
4978
                    unsigned char **ctp, size_t *ctlenp,
4979
                    int gensecret)
4980
27
{
4981
27
    int rv = 0;
4982
27
    unsigned char *pms = NULL, *ct = NULL;
4983
27
    size_t pmslen = 0, ctlen = 0;
4984
27
    EVP_PKEY_CTX *pctx;
4985
27
    SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
4986
4987
27
    if (pubkey == NULL) {
4988
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4989
0
        return 0;
4990
0
    }
4991
4992
27
    pctx = EVP_PKEY_CTX_new_from_pkey(sctx->libctx, pubkey, sctx->propq);
4993
4994
27
    if (EVP_PKEY_encapsulate_init(pctx, NULL) <= 0
4995
27
            || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0
4996
27
            || pmslen == 0 || ctlen == 0) {
4997
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
4998
0
        goto err;
4999
0
    }
5000
5001
27
    pms = OPENSSL_malloc(pmslen);
5002
27
    ct = OPENSSL_malloc(ctlen);
5003
27
    if (pms == NULL || ct == NULL) {
5004
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
5005
0
        goto err;
5006
0
    }
5007
5008
27
    if (EVP_PKEY_encapsulate(pctx, ct, &ctlen, pms, &pmslen) <= 0) {
5009
4
        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
5010
4
        goto err;
5011
4
    }
5012
5013
23
    if (gensecret) {
5014
        /* SSLfatal() called as appropriate in the below functions */
5015
0
        rv = ssl_gensecret(s, pms, pmslen);
5016
23
    } else {
5017
        /* Save premaster secret */
5018
23
        s->s3.tmp.pms = pms;
5019
23
        s->s3.tmp.pmslen = pmslen;
5020
23
        pms = NULL;
5021
23
        rv = 1;
5022
23
    }
5023
5024
23
    if (rv > 0) {
5025
        /* Pass ownership of ct to caller */
5026
23
        *ctp = ct;
5027
23
        *ctlenp = ctlen;
5028
23
        ct = NULL;
5029
23
    }
5030
5031
27
 err:
5032
27
    OPENSSL_clear_free(pms, pmslen);
5033
27
    OPENSSL_free(ct);
5034
27
    EVP_PKEY_CTX_free(pctx);
5035
27
    return rv;
5036
23
}
5037
5038
const char *SSL_get0_group_name(SSL *s)
5039
0
{
5040
0
    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
5041
0
    unsigned int id;
5042
5043
0
    if (sc == NULL)
5044
0
        return NULL;
5045
5046
0
    if (SSL_CONNECTION_IS_TLS13(sc) && sc->s3.did_kex)
5047
0
        id = sc->s3.group_id;
5048
0
    else
5049
0
        id = sc->session->kex_group;
5050
5051
0
    return tls1_group_id2name(s->ctx, id);
5052
0
}
5053
5054
0
const char *SSL_group_to_name(SSL *s, int nid) {
5055
0
    int group_id = 0;
5056
0
    const TLS_GROUP_INFO *cinf = NULL;
5057
5058
    /* first convert to real group id for internal and external IDs */
5059
0
    if (nid & TLSEXT_nid_unknown)
5060
0
        group_id = nid & 0xFFFF;
5061
0
    else
5062
0
        group_id = tls1_nid2group_id(nid);
5063
5064
    /* then look up */
5065
0
    cinf = tls1_group_id_lookup(s->ctx, group_id);
5066
5067
0
    if (cinf != NULL)
5068
0
        return cinf->tlsname;
5069
0
    return NULL;
5070
0
}