Coverage Report

Created: 2018-08-29 13:53

/src/openssl/ssl/s3_lib.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4
 * Copyright 2005 Nokia. All rights reserved.
5
 *
6
 * Licensed under the OpenSSL license (the "License").  You may not use
7
 * this file except in compliance with the License.  You can obtain a copy
8
 * in the file LICENSE in the source distribution or at
9
 * https://www.openssl.org/source/license.html
10
 */
11
12
#include <stdio.h>
13
#include <openssl/objects.h>
14
#include "internal/nelem.h"
15
#include "ssl_locl.h"
16
#include <openssl/md5.h>
17
#include <openssl/dh.h>
18
#include <openssl/rand.h>
19
#include "internal/cryptlib.h"
20
21
0
#define TLS13_NUM_CIPHERS       OSSL_NELEM(tls13_ciphers)
22
0
#define SSL3_NUM_CIPHERS        OSSL_NELEM(ssl3_ciphers)
23
0
#define SSL3_NUM_SCSVS          OSSL_NELEM(ssl3_scsvs)
24
25
/* TLSv1.3 downgrade protection sentinel values */
26
const unsigned char tls11downgrade[] = {
27
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
28
};
29
const unsigned char tls12downgrade[] = {
30
    0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
31
};
32
33
/* The list of available TLSv1.3 ciphers */
34
static SSL_CIPHER tls13_ciphers[] = {
35
    {
36
        1,
37
        TLS1_3_RFC_AES_128_GCM_SHA256,
38
        TLS1_3_RFC_AES_128_GCM_SHA256,
39
        TLS1_3_CK_AES_128_GCM_SHA256,
40
        SSL_kANY,
41
        SSL_aANY,
42
        SSL_AES128GCM,
43
        SSL_AEAD,
44
        TLS1_3_VERSION, TLS1_3_VERSION,
45
        0, 0,
46
        SSL_HIGH,
47
        SSL_HANDSHAKE_MAC_SHA256,
48
        128,
49
        128,
50
    }, {
51
        1,
52
        TLS1_3_RFC_AES_256_GCM_SHA384,
53
        TLS1_3_RFC_AES_256_GCM_SHA384,
54
        TLS1_3_CK_AES_256_GCM_SHA384,
55
        SSL_kANY,
56
        SSL_aANY,
57
        SSL_AES256GCM,
58
        SSL_AEAD,
59
        TLS1_3_VERSION, TLS1_3_VERSION,
60
        0, 0,
61
        SSL_HIGH,
62
        SSL_HANDSHAKE_MAC_SHA384,
63
        256,
64
        256,
65
    },
66
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
67
    {
68
        1,
69
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
70
        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
71
        TLS1_3_CK_CHACHA20_POLY1305_SHA256,
72
        SSL_kANY,
73
        SSL_aANY,
74
        SSL_CHACHA20POLY1305,
75
        SSL_AEAD,
76
        TLS1_3_VERSION, TLS1_3_VERSION,
77
        0, 0,
78
        SSL_HIGH,
79
        SSL_HANDSHAKE_MAC_SHA256,
80
        256,
81
        256,
82
    },
83
#endif
84
    {
85
        1,
86
        TLS1_3_RFC_AES_128_CCM_SHA256,
87
        TLS1_3_RFC_AES_128_CCM_SHA256,
88
        TLS1_3_CK_AES_128_CCM_SHA256,
89
        SSL_kANY,
90
        SSL_aANY,
91
        SSL_AES128CCM,
92
        SSL_AEAD,
93
        TLS1_3_VERSION, TLS1_3_VERSION,
94
        0, 0,
95
        SSL_NOT_DEFAULT | SSL_HIGH,
96
        SSL_HANDSHAKE_MAC_SHA256,
97
        128,
98
        128,
99
    }, {
100
        1,
101
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
102
        TLS1_3_RFC_AES_128_CCM_8_SHA256,
103
        TLS1_3_CK_AES_128_CCM_8_SHA256,
104
        SSL_kANY,
105
        SSL_aANY,
106
        SSL_AES128CCM8,
107
        SSL_AEAD,
108
        TLS1_3_VERSION, TLS1_3_VERSION,
109
        0, 0,
110
        SSL_NOT_DEFAULT | SSL_HIGH,
111
        SSL_HANDSHAKE_MAC_SHA256,
112
        128,
113
        128,
114
    }
115
};
116
117
/*
118
 * The list of available ciphers, mostly organized into the following
119
 * groups:
120
 *      Always there
121
 *      EC
122
 *      PSK
123
 *      SRP (within that: RSA EC PSK)
124
 *      Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
125
 *      Weak ciphers
126
 */
127
static SSL_CIPHER ssl3_ciphers[] = {
128
    {
129
     1,
130
     SSL3_TXT_RSA_NULL_MD5,
131
     SSL3_RFC_RSA_NULL_MD5,
132
     SSL3_CK_RSA_NULL_MD5,
133
     SSL_kRSA,
134
     SSL_aRSA,
135
     SSL_eNULL,
136
     SSL_MD5,
137
     SSL3_VERSION, TLS1_2_VERSION,
138
     DTLS1_BAD_VER, DTLS1_2_VERSION,
139
     SSL_STRONG_NONE,
140
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
141
     0,
142
     0,
143
     },
144
    {
145
     1,
146
     SSL3_TXT_RSA_NULL_SHA,
147
     SSL3_RFC_RSA_NULL_SHA,
148
     SSL3_CK_RSA_NULL_SHA,
149
     SSL_kRSA,
150
     SSL_aRSA,
151
     SSL_eNULL,
152
     SSL_SHA1,
153
     SSL3_VERSION, TLS1_2_VERSION,
154
     DTLS1_BAD_VER, DTLS1_2_VERSION,
155
     SSL_STRONG_NONE | SSL_FIPS,
156
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
157
     0,
158
     0,
159
     },
160
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
161
    {
162
     1,
163
     SSL3_TXT_RSA_DES_192_CBC3_SHA,
164
     SSL3_RFC_RSA_DES_192_CBC3_SHA,
165
     SSL3_CK_RSA_DES_192_CBC3_SHA,
166
     SSL_kRSA,
167
     SSL_aRSA,
168
     SSL_3DES,
169
     SSL_SHA1,
170
     SSL3_VERSION, TLS1_2_VERSION,
171
     DTLS1_BAD_VER, DTLS1_2_VERSION,
172
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
173
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
174
     112,
175
     168,
176
     },
177
    {
178
     1,
179
     SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
180
     SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
181
     SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
182
     SSL_kDHE,
183
     SSL_aDSS,
184
     SSL_3DES,
185
     SSL_SHA1,
186
     SSL3_VERSION, TLS1_2_VERSION,
187
     DTLS1_BAD_VER, DTLS1_2_VERSION,
188
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
189
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
190
     112,
191
     168,
192
     },
193
    {
194
     1,
195
     SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
196
     SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
197
     SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
198
     SSL_kDHE,
199
     SSL_aRSA,
200
     SSL_3DES,
201
     SSL_SHA1,
202
     SSL3_VERSION, TLS1_2_VERSION,
203
     DTLS1_BAD_VER, DTLS1_2_VERSION,
204
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
205
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
206
     112,
207
     168,
208
     },
209
    {
210
     1,
211
     SSL3_TXT_ADH_DES_192_CBC_SHA,
212
     SSL3_RFC_ADH_DES_192_CBC_SHA,
213
     SSL3_CK_ADH_DES_192_CBC_SHA,
214
     SSL_kDHE,
215
     SSL_aNULL,
216
     SSL_3DES,
217
     SSL_SHA1,
218
     SSL3_VERSION, TLS1_2_VERSION,
219
     DTLS1_BAD_VER, DTLS1_2_VERSION,
220
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
221
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
222
     112,
223
     168,
224
     },
225
#endif
226
    {
227
     1,
228
     TLS1_TXT_RSA_WITH_AES_128_SHA,
229
     TLS1_RFC_RSA_WITH_AES_128_SHA,
230
     TLS1_CK_RSA_WITH_AES_128_SHA,
231
     SSL_kRSA,
232
     SSL_aRSA,
233
     SSL_AES128,
234
     SSL_SHA1,
235
     SSL3_VERSION, TLS1_2_VERSION,
236
     DTLS1_BAD_VER, DTLS1_2_VERSION,
237
     SSL_HIGH | SSL_FIPS,
238
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
239
     128,
240
     128,
241
     },
242
    {
243
     1,
244
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
245
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
246
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
247
     SSL_kDHE,
248
     SSL_aDSS,
249
     SSL_AES128,
250
     SSL_SHA1,
251
     SSL3_VERSION, TLS1_2_VERSION,
252
     DTLS1_BAD_VER, DTLS1_2_VERSION,
253
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
254
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
255
     128,
256
     128,
257
     },
258
    {
259
     1,
260
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
261
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
262
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
263
     SSL_kDHE,
264
     SSL_aRSA,
265
     SSL_AES128,
266
     SSL_SHA1,
267
     SSL3_VERSION, TLS1_2_VERSION,
268
     DTLS1_BAD_VER, DTLS1_2_VERSION,
269
     SSL_HIGH | SSL_FIPS,
270
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
271
     128,
272
     128,
273
     },
274
    {
275
     1,
276
     TLS1_TXT_ADH_WITH_AES_128_SHA,
277
     TLS1_RFC_ADH_WITH_AES_128_SHA,
278
     TLS1_CK_ADH_WITH_AES_128_SHA,
279
     SSL_kDHE,
280
     SSL_aNULL,
281
     SSL_AES128,
282
     SSL_SHA1,
283
     SSL3_VERSION, TLS1_2_VERSION,
284
     DTLS1_BAD_VER, DTLS1_2_VERSION,
285
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
286
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
287
     128,
288
     128,
289
     },
290
    {
291
     1,
292
     TLS1_TXT_RSA_WITH_AES_256_SHA,
293
     TLS1_RFC_RSA_WITH_AES_256_SHA,
294
     TLS1_CK_RSA_WITH_AES_256_SHA,
295
     SSL_kRSA,
296
     SSL_aRSA,
297
     SSL_AES256,
298
     SSL_SHA1,
299
     SSL3_VERSION, TLS1_2_VERSION,
300
     DTLS1_BAD_VER, DTLS1_2_VERSION,
301
     SSL_HIGH | SSL_FIPS,
302
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
303
     256,
304
     256,
305
     },
306
    {
307
     1,
308
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
309
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
310
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
311
     SSL_kDHE,
312
     SSL_aDSS,
313
     SSL_AES256,
314
     SSL_SHA1,
315
     SSL3_VERSION, TLS1_2_VERSION,
316
     DTLS1_BAD_VER, DTLS1_2_VERSION,
317
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
318
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
319
     256,
320
     256,
321
     },
322
    {
323
     1,
324
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
325
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
326
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
327
     SSL_kDHE,
328
     SSL_aRSA,
329
     SSL_AES256,
330
     SSL_SHA1,
331
     SSL3_VERSION, TLS1_2_VERSION,
332
     DTLS1_BAD_VER, DTLS1_2_VERSION,
333
     SSL_HIGH | SSL_FIPS,
334
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
335
     256,
336
     256,
337
     },
338
    {
339
     1,
340
     TLS1_TXT_ADH_WITH_AES_256_SHA,
341
     TLS1_RFC_ADH_WITH_AES_256_SHA,
342
     TLS1_CK_ADH_WITH_AES_256_SHA,
343
     SSL_kDHE,
344
     SSL_aNULL,
345
     SSL_AES256,
346
     SSL_SHA1,
347
     SSL3_VERSION, TLS1_2_VERSION,
348
     DTLS1_BAD_VER, DTLS1_2_VERSION,
349
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
350
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
351
     256,
352
     256,
353
     },
354
    {
355
     1,
356
     TLS1_TXT_RSA_WITH_NULL_SHA256,
357
     TLS1_RFC_RSA_WITH_NULL_SHA256,
358
     TLS1_CK_RSA_WITH_NULL_SHA256,
359
     SSL_kRSA,
360
     SSL_aRSA,
361
     SSL_eNULL,
362
     SSL_SHA256,
363
     TLS1_2_VERSION, TLS1_2_VERSION,
364
     DTLS1_2_VERSION, DTLS1_2_VERSION,
365
     SSL_STRONG_NONE | SSL_FIPS,
366
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
367
     0,
368
     0,
369
     },
370
    {
371
     1,
372
     TLS1_TXT_RSA_WITH_AES_128_SHA256,
373
     TLS1_RFC_RSA_WITH_AES_128_SHA256,
374
     TLS1_CK_RSA_WITH_AES_128_SHA256,
375
     SSL_kRSA,
376
     SSL_aRSA,
377
     SSL_AES128,
378
     SSL_SHA256,
379
     TLS1_2_VERSION, TLS1_2_VERSION,
380
     DTLS1_2_VERSION, DTLS1_2_VERSION,
381
     SSL_HIGH | SSL_FIPS,
382
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
383
     128,
384
     128,
385
     },
386
    {
387
     1,
388
     TLS1_TXT_RSA_WITH_AES_256_SHA256,
389
     TLS1_RFC_RSA_WITH_AES_256_SHA256,
390
     TLS1_CK_RSA_WITH_AES_256_SHA256,
391
     SSL_kRSA,
392
     SSL_aRSA,
393
     SSL_AES256,
394
     SSL_SHA256,
395
     TLS1_2_VERSION, TLS1_2_VERSION,
396
     DTLS1_2_VERSION, DTLS1_2_VERSION,
397
     SSL_HIGH | SSL_FIPS,
398
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
399
     256,
400
     256,
401
     },
402
    {
403
     1,
404
     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
405
     TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
406
     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
407
     SSL_kDHE,
408
     SSL_aDSS,
409
     SSL_AES128,
410
     SSL_SHA256,
411
     TLS1_2_VERSION, TLS1_2_VERSION,
412
     DTLS1_2_VERSION, DTLS1_2_VERSION,
413
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
414
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
415
     128,
416
     128,
417
     },
418
    {
419
     1,
420
     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
421
     TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
422
     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
423
     SSL_kDHE,
424
     SSL_aRSA,
425
     SSL_AES128,
426
     SSL_SHA256,
427
     TLS1_2_VERSION, TLS1_2_VERSION,
428
     DTLS1_2_VERSION, DTLS1_2_VERSION,
429
     SSL_HIGH | SSL_FIPS,
430
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
431
     128,
432
     128,
433
     },
434
    {
435
     1,
436
     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
437
     TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
438
     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
439
     SSL_kDHE,
440
     SSL_aDSS,
441
     SSL_AES256,
442
     SSL_SHA256,
443
     TLS1_2_VERSION, TLS1_2_VERSION,
444
     DTLS1_2_VERSION, DTLS1_2_VERSION,
445
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
446
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
447
     256,
448
     256,
449
     },
450
    {
451
     1,
452
     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
453
     TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
454
     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
455
     SSL_kDHE,
456
     SSL_aRSA,
457
     SSL_AES256,
458
     SSL_SHA256,
459
     TLS1_2_VERSION, TLS1_2_VERSION,
460
     DTLS1_2_VERSION, DTLS1_2_VERSION,
461
     SSL_HIGH | SSL_FIPS,
462
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
463
     256,
464
     256,
465
     },
466
    {
467
     1,
468
     TLS1_TXT_ADH_WITH_AES_128_SHA256,
469
     TLS1_RFC_ADH_WITH_AES_128_SHA256,
470
     TLS1_CK_ADH_WITH_AES_128_SHA256,
471
     SSL_kDHE,
472
     SSL_aNULL,
473
     SSL_AES128,
474
     SSL_SHA256,
475
     TLS1_2_VERSION, TLS1_2_VERSION,
476
     DTLS1_2_VERSION, DTLS1_2_VERSION,
477
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
478
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
479
     128,
480
     128,
481
     },
482
    {
483
     1,
484
     TLS1_TXT_ADH_WITH_AES_256_SHA256,
485
     TLS1_RFC_ADH_WITH_AES_256_SHA256,
486
     TLS1_CK_ADH_WITH_AES_256_SHA256,
487
     SSL_kDHE,
488
     SSL_aNULL,
489
     SSL_AES256,
490
     SSL_SHA256,
491
     TLS1_2_VERSION, TLS1_2_VERSION,
492
     DTLS1_2_VERSION, DTLS1_2_VERSION,
493
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
494
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
495
     256,
496
     256,
497
     },
498
    {
499
     1,
500
     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
501
     TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
502
     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
503
     SSL_kRSA,
504
     SSL_aRSA,
505
     SSL_AES128GCM,
506
     SSL_AEAD,
507
     TLS1_2_VERSION, TLS1_2_VERSION,
508
     DTLS1_2_VERSION, DTLS1_2_VERSION,
509
     SSL_HIGH | SSL_FIPS,
510
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
511
     128,
512
     128,
513
     },
514
    {
515
     1,
516
     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
517
     TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
518
     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
519
     SSL_kRSA,
520
     SSL_aRSA,
521
     SSL_AES256GCM,
522
     SSL_AEAD,
523
     TLS1_2_VERSION, TLS1_2_VERSION,
524
     DTLS1_2_VERSION, DTLS1_2_VERSION,
525
     SSL_HIGH | SSL_FIPS,
526
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
527
     256,
528
     256,
529
     },
530
    {
531
     1,
532
     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
533
     TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
534
     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
535
     SSL_kDHE,
536
     SSL_aRSA,
537
     SSL_AES128GCM,
538
     SSL_AEAD,
539
     TLS1_2_VERSION, TLS1_2_VERSION,
540
     DTLS1_2_VERSION, DTLS1_2_VERSION,
541
     SSL_HIGH | SSL_FIPS,
542
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
543
     128,
544
     128,
545
     },
546
    {
547
     1,
548
     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
549
     TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
550
     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
551
     SSL_kDHE,
552
     SSL_aRSA,
553
     SSL_AES256GCM,
554
     SSL_AEAD,
555
     TLS1_2_VERSION, TLS1_2_VERSION,
556
     DTLS1_2_VERSION, DTLS1_2_VERSION,
557
     SSL_HIGH | SSL_FIPS,
558
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
559
     256,
560
     256,
561
     },
562
    {
563
     1,
564
     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
565
     TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
566
     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
567
     SSL_kDHE,
568
     SSL_aDSS,
569
     SSL_AES128GCM,
570
     SSL_AEAD,
571
     TLS1_2_VERSION, TLS1_2_VERSION,
572
     DTLS1_2_VERSION, DTLS1_2_VERSION,
573
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
574
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
575
     128,
576
     128,
577
     },
578
    {
579
     1,
580
     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
581
     TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
582
     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
583
     SSL_kDHE,
584
     SSL_aDSS,
585
     SSL_AES256GCM,
586
     SSL_AEAD,
587
     TLS1_2_VERSION, TLS1_2_VERSION,
588
     DTLS1_2_VERSION, DTLS1_2_VERSION,
589
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
590
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
591
     256,
592
     256,
593
     },
594
    {
595
     1,
596
     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
597
     TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
598
     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
599
     SSL_kDHE,
600
     SSL_aNULL,
601
     SSL_AES128GCM,
602
     SSL_AEAD,
603
     TLS1_2_VERSION, TLS1_2_VERSION,
604
     DTLS1_2_VERSION, DTLS1_2_VERSION,
605
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
606
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
607
     128,
608
     128,
609
     },
610
    {
611
     1,
612
     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
613
     TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
614
     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
615
     SSL_kDHE,
616
     SSL_aNULL,
617
     SSL_AES256GCM,
618
     SSL_AEAD,
619
     TLS1_2_VERSION, TLS1_2_VERSION,
620
     DTLS1_2_VERSION, DTLS1_2_VERSION,
621
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
622
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
623
     256,
624
     256,
625
     },
626
    {
627
     1,
628
     TLS1_TXT_RSA_WITH_AES_128_CCM,
629
     TLS1_RFC_RSA_WITH_AES_128_CCM,
630
     TLS1_CK_RSA_WITH_AES_128_CCM,
631
     SSL_kRSA,
632
     SSL_aRSA,
633
     SSL_AES128CCM,
634
     SSL_AEAD,
635
     TLS1_2_VERSION, TLS1_2_VERSION,
636
     DTLS1_2_VERSION, DTLS1_2_VERSION,
637
     SSL_NOT_DEFAULT | SSL_HIGH,
638
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
639
     128,
640
     128,
641
     },
642
    {
643
     1,
644
     TLS1_TXT_RSA_WITH_AES_256_CCM,
645
     TLS1_RFC_RSA_WITH_AES_256_CCM,
646
     TLS1_CK_RSA_WITH_AES_256_CCM,
647
     SSL_kRSA,
648
     SSL_aRSA,
649
     SSL_AES256CCM,
650
     SSL_AEAD,
651
     TLS1_2_VERSION, TLS1_2_VERSION,
652
     DTLS1_2_VERSION, DTLS1_2_VERSION,
653
     SSL_NOT_DEFAULT | SSL_HIGH,
654
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
655
     256,
656
     256,
657
     },
658
    {
659
     1,
660
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
661
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
662
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
663
     SSL_kDHE,
664
     SSL_aRSA,
665
     SSL_AES128CCM,
666
     SSL_AEAD,
667
     TLS1_2_VERSION, TLS1_2_VERSION,
668
     DTLS1_2_VERSION, DTLS1_2_VERSION,
669
     SSL_NOT_DEFAULT | SSL_HIGH,
670
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
671
     128,
672
     128,
673
     },
674
    {
675
     1,
676
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
677
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
678
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
679
     SSL_kDHE,
680
     SSL_aRSA,
681
     SSL_AES256CCM,
682
     SSL_AEAD,
683
     TLS1_2_VERSION, TLS1_2_VERSION,
684
     DTLS1_2_VERSION, DTLS1_2_VERSION,
685
     SSL_NOT_DEFAULT | SSL_HIGH,
686
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
687
     256,
688
     256,
689
     },
690
    {
691
     1,
692
     TLS1_TXT_RSA_WITH_AES_128_CCM_8,
693
     TLS1_RFC_RSA_WITH_AES_128_CCM_8,
694
     TLS1_CK_RSA_WITH_AES_128_CCM_8,
695
     SSL_kRSA,
696
     SSL_aRSA,
697
     SSL_AES128CCM8,
698
     SSL_AEAD,
699
     TLS1_2_VERSION, TLS1_2_VERSION,
700
     DTLS1_2_VERSION, DTLS1_2_VERSION,
701
     SSL_NOT_DEFAULT | SSL_HIGH,
702
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
703
     128,
704
     128,
705
     },
706
    {
707
     1,
708
     TLS1_TXT_RSA_WITH_AES_256_CCM_8,
709
     TLS1_RFC_RSA_WITH_AES_256_CCM_8,
710
     TLS1_CK_RSA_WITH_AES_256_CCM_8,
711
     SSL_kRSA,
712
     SSL_aRSA,
713
     SSL_AES256CCM8,
714
     SSL_AEAD,
715
     TLS1_2_VERSION, TLS1_2_VERSION,
716
     DTLS1_2_VERSION, DTLS1_2_VERSION,
717
     SSL_NOT_DEFAULT | SSL_HIGH,
718
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
719
     256,
720
     256,
721
     },
722
    {
723
     1,
724
     TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
725
     TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
726
     TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
727
     SSL_kDHE,
728
     SSL_aRSA,
729
     SSL_AES128CCM8,
730
     SSL_AEAD,
731
     TLS1_2_VERSION, TLS1_2_VERSION,
732
     DTLS1_2_VERSION, DTLS1_2_VERSION,
733
     SSL_NOT_DEFAULT | SSL_HIGH,
734
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
735
     128,
736
     128,
737
     },
738
    {
739
     1,
740
     TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
741
     TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
742
     TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
743
     SSL_kDHE,
744
     SSL_aRSA,
745
     SSL_AES256CCM8,
746
     SSL_AEAD,
747
     TLS1_2_VERSION, TLS1_2_VERSION,
748
     DTLS1_2_VERSION, DTLS1_2_VERSION,
749
     SSL_NOT_DEFAULT | SSL_HIGH,
750
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
751
     256,
752
     256,
753
     },
754
    {
755
     1,
756
     TLS1_TXT_PSK_WITH_AES_128_CCM,
757
     TLS1_RFC_PSK_WITH_AES_128_CCM,
758
     TLS1_CK_PSK_WITH_AES_128_CCM,
759
     SSL_kPSK,
760
     SSL_aPSK,
761
     SSL_AES128CCM,
762
     SSL_AEAD,
763
     TLS1_2_VERSION, TLS1_2_VERSION,
764
     DTLS1_2_VERSION, DTLS1_2_VERSION,
765
     SSL_NOT_DEFAULT | SSL_HIGH,
766
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
767
     128,
768
     128,
769
     },
770
    {
771
     1,
772
     TLS1_TXT_PSK_WITH_AES_256_CCM,
773
     TLS1_RFC_PSK_WITH_AES_256_CCM,
774
     TLS1_CK_PSK_WITH_AES_256_CCM,
775
     SSL_kPSK,
776
     SSL_aPSK,
777
     SSL_AES256CCM,
778
     SSL_AEAD,
779
     TLS1_2_VERSION, TLS1_2_VERSION,
780
     DTLS1_2_VERSION, DTLS1_2_VERSION,
781
     SSL_NOT_DEFAULT | SSL_HIGH,
782
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
783
     256,
784
     256,
785
     },
786
    {
787
     1,
788
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
789
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
790
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
791
     SSL_kDHEPSK,
792
     SSL_aPSK,
793
     SSL_AES128CCM,
794
     SSL_AEAD,
795
     TLS1_2_VERSION, TLS1_2_VERSION,
796
     DTLS1_2_VERSION, DTLS1_2_VERSION,
797
     SSL_NOT_DEFAULT | SSL_HIGH,
798
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
799
     128,
800
     128,
801
     },
802
    {
803
     1,
804
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
805
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
806
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
807
     SSL_kDHEPSK,
808
     SSL_aPSK,
809
     SSL_AES256CCM,
810
     SSL_AEAD,
811
     TLS1_2_VERSION, TLS1_2_VERSION,
812
     DTLS1_2_VERSION, DTLS1_2_VERSION,
813
     SSL_NOT_DEFAULT | SSL_HIGH,
814
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
815
     256,
816
     256,
817
     },
818
    {
819
     1,
820
     TLS1_TXT_PSK_WITH_AES_128_CCM_8,
821
     TLS1_RFC_PSK_WITH_AES_128_CCM_8,
822
     TLS1_CK_PSK_WITH_AES_128_CCM_8,
823
     SSL_kPSK,
824
     SSL_aPSK,
825
     SSL_AES128CCM8,
826
     SSL_AEAD,
827
     TLS1_2_VERSION, TLS1_2_VERSION,
828
     DTLS1_2_VERSION, DTLS1_2_VERSION,
829
     SSL_NOT_DEFAULT | SSL_HIGH,
830
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
831
     128,
832
     128,
833
     },
834
    {
835
     1,
836
     TLS1_TXT_PSK_WITH_AES_256_CCM_8,
837
     TLS1_RFC_PSK_WITH_AES_256_CCM_8,
838
     TLS1_CK_PSK_WITH_AES_256_CCM_8,
839
     SSL_kPSK,
840
     SSL_aPSK,
841
     SSL_AES256CCM8,
842
     SSL_AEAD,
843
     TLS1_2_VERSION, TLS1_2_VERSION,
844
     DTLS1_2_VERSION, DTLS1_2_VERSION,
845
     SSL_NOT_DEFAULT | SSL_HIGH,
846
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
847
     256,
848
     256,
849
     },
850
    {
851
     1,
852
     TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
853
     TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
854
     TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
855
     SSL_kDHEPSK,
856
     SSL_aPSK,
857
     SSL_AES128CCM8,
858
     SSL_AEAD,
859
     TLS1_2_VERSION, TLS1_2_VERSION,
860
     DTLS1_2_VERSION, DTLS1_2_VERSION,
861
     SSL_NOT_DEFAULT | SSL_HIGH,
862
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
863
     128,
864
     128,
865
     },
866
    {
867
     1,
868
     TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
869
     TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
870
     TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
871
     SSL_kDHEPSK,
872
     SSL_aPSK,
873
     SSL_AES256CCM8,
874
     SSL_AEAD,
875
     TLS1_2_VERSION, TLS1_2_VERSION,
876
     DTLS1_2_VERSION, DTLS1_2_VERSION,
877
     SSL_NOT_DEFAULT | SSL_HIGH,
878
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
879
     256,
880
     256,
881
     },
882
    {
883
     1,
884
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
885
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
886
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
887
     SSL_kECDHE,
888
     SSL_aECDSA,
889
     SSL_AES128CCM,
890
     SSL_AEAD,
891
     TLS1_2_VERSION, TLS1_2_VERSION,
892
     DTLS1_2_VERSION, DTLS1_2_VERSION,
893
     SSL_NOT_DEFAULT | SSL_HIGH,
894
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
895
     128,
896
     128,
897
     },
898
    {
899
     1,
900
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
901
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
902
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
903
     SSL_kECDHE,
904
     SSL_aECDSA,
905
     SSL_AES256CCM,
906
     SSL_AEAD,
907
     TLS1_2_VERSION, TLS1_2_VERSION,
908
     DTLS1_2_VERSION, DTLS1_2_VERSION,
909
     SSL_NOT_DEFAULT | SSL_HIGH,
910
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
911
     256,
912
     256,
913
     },
914
    {
915
     1,
916
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
917
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
918
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
919
     SSL_kECDHE,
920
     SSL_aECDSA,
921
     SSL_AES128CCM8,
922
     SSL_AEAD,
923
     TLS1_2_VERSION, TLS1_2_VERSION,
924
     DTLS1_2_VERSION, DTLS1_2_VERSION,
925
     SSL_NOT_DEFAULT | SSL_HIGH,
926
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
927
     128,
928
     128,
929
     },
930
    {
931
     1,
932
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
933
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
934
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
935
     SSL_kECDHE,
936
     SSL_aECDSA,
937
     SSL_AES256CCM8,
938
     SSL_AEAD,
939
     TLS1_2_VERSION, TLS1_2_VERSION,
940
     DTLS1_2_VERSION, DTLS1_2_VERSION,
941
     SSL_NOT_DEFAULT | SSL_HIGH,
942
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
943
     256,
944
     256,
945
     },
946
    {
947
     1,
948
     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
949
     TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
950
     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
951
     SSL_kECDHE,
952
     SSL_aECDSA,
953
     SSL_eNULL,
954
     SSL_SHA1,
955
     TLS1_VERSION, TLS1_2_VERSION,
956
     DTLS1_BAD_VER, DTLS1_2_VERSION,
957
     SSL_STRONG_NONE | SSL_FIPS,
958
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
959
     0,
960
     0,
961
     },
962
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
963
    {
964
     1,
965
     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
966
     TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
967
     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
968
     SSL_kECDHE,
969
     SSL_aECDSA,
970
     SSL_3DES,
971
     SSL_SHA1,
972
     TLS1_VERSION, TLS1_2_VERSION,
973
     DTLS1_BAD_VER, DTLS1_2_VERSION,
974
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
975
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
976
     112,
977
     168,
978
     },
979
# endif
980
    {
981
     1,
982
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
983
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
984
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
985
     SSL_kECDHE,
986
     SSL_aECDSA,
987
     SSL_AES128,
988
     SSL_SHA1,
989
     TLS1_VERSION, TLS1_2_VERSION,
990
     DTLS1_BAD_VER, DTLS1_2_VERSION,
991
     SSL_HIGH | SSL_FIPS,
992
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
993
     128,
994
     128,
995
     },
996
    {
997
     1,
998
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
999
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1000
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1001
     SSL_kECDHE,
1002
     SSL_aECDSA,
1003
     SSL_AES256,
1004
     SSL_SHA1,
1005
     TLS1_VERSION, TLS1_2_VERSION,
1006
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1007
     SSL_HIGH | SSL_FIPS,
1008
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1009
     256,
1010
     256,
1011
     },
1012
    {
1013
     1,
1014
     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1015
     TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1016
     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1017
     SSL_kECDHE,
1018
     SSL_aRSA,
1019
     SSL_eNULL,
1020
     SSL_SHA1,
1021
     TLS1_VERSION, TLS1_2_VERSION,
1022
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1023
     SSL_STRONG_NONE | SSL_FIPS,
1024
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1025
     0,
1026
     0,
1027
     },
1028
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1029
    {
1030
     1,
1031
     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1032
     TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1033
     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1034
     SSL_kECDHE,
1035
     SSL_aRSA,
1036
     SSL_3DES,
1037
     SSL_SHA1,
1038
     TLS1_VERSION, TLS1_2_VERSION,
1039
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1040
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1041
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1042
     112,
1043
     168,
1044
     },
1045
# endif
1046
    {
1047
     1,
1048
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1049
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1050
     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1051
     SSL_kECDHE,
1052
     SSL_aRSA,
1053
     SSL_AES128,
1054
     SSL_SHA1,
1055
     TLS1_VERSION, TLS1_2_VERSION,
1056
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1057
     SSL_HIGH | SSL_FIPS,
1058
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1059
     128,
1060
     128,
1061
     },
1062
    {
1063
     1,
1064
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1065
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1066
     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1067
     SSL_kECDHE,
1068
     SSL_aRSA,
1069
     SSL_AES256,
1070
     SSL_SHA1,
1071
     TLS1_VERSION, TLS1_2_VERSION,
1072
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1073
     SSL_HIGH | SSL_FIPS,
1074
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1075
     256,
1076
     256,
1077
     },
1078
    {
1079
     1,
1080
     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1081
     TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1082
     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1083
     SSL_kECDHE,
1084
     SSL_aNULL,
1085
     SSL_eNULL,
1086
     SSL_SHA1,
1087
     TLS1_VERSION, TLS1_2_VERSION,
1088
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1089
     SSL_STRONG_NONE | SSL_FIPS,
1090
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1091
     0,
1092
     0,
1093
     },
1094
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1095
    {
1096
     1,
1097
     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1098
     TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1099
     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1100
     SSL_kECDHE,
1101
     SSL_aNULL,
1102
     SSL_3DES,
1103
     SSL_SHA1,
1104
     TLS1_VERSION, TLS1_2_VERSION,
1105
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1106
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1107
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1108
     112,
1109
     168,
1110
     },
1111
# endif
1112
    {
1113
     1,
1114
     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1115
     TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1116
     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1117
     SSL_kECDHE,
1118
     SSL_aNULL,
1119
     SSL_AES128,
1120
     SSL_SHA1,
1121
     TLS1_VERSION, TLS1_2_VERSION,
1122
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1123
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1124
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1125
     128,
1126
     128,
1127
     },
1128
    {
1129
     1,
1130
     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1131
     TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1132
     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1133
     SSL_kECDHE,
1134
     SSL_aNULL,
1135
     SSL_AES256,
1136
     SSL_SHA1,
1137
     TLS1_VERSION, TLS1_2_VERSION,
1138
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1139
     SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1140
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1141
     256,
1142
     256,
1143
     },
1144
    {
1145
     1,
1146
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1147
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1148
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1149
     SSL_kECDHE,
1150
     SSL_aECDSA,
1151
     SSL_AES128,
1152
     SSL_SHA256,
1153
     TLS1_2_VERSION, TLS1_2_VERSION,
1154
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1155
     SSL_HIGH | SSL_FIPS,
1156
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1157
     128,
1158
     128,
1159
     },
1160
    {
1161
     1,
1162
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1163
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1164
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1165
     SSL_kECDHE,
1166
     SSL_aECDSA,
1167
     SSL_AES256,
1168
     SSL_SHA384,
1169
     TLS1_2_VERSION, TLS1_2_VERSION,
1170
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1171
     SSL_HIGH | SSL_FIPS,
1172
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1173
     256,
1174
     256,
1175
     },
1176
    {
1177
     1,
1178
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1179
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1180
     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1181
     SSL_kECDHE,
1182
     SSL_aRSA,
1183
     SSL_AES128,
1184
     SSL_SHA256,
1185
     TLS1_2_VERSION, TLS1_2_VERSION,
1186
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1187
     SSL_HIGH | SSL_FIPS,
1188
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1189
     128,
1190
     128,
1191
     },
1192
    {
1193
     1,
1194
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1195
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1196
     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1197
     SSL_kECDHE,
1198
     SSL_aRSA,
1199
     SSL_AES256,
1200
     SSL_SHA384,
1201
     TLS1_2_VERSION, TLS1_2_VERSION,
1202
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1203
     SSL_HIGH | SSL_FIPS,
1204
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1205
     256,
1206
     256,
1207
     },
1208
    {
1209
     1,
1210
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1211
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1212
     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1213
     SSL_kECDHE,
1214
     SSL_aECDSA,
1215
     SSL_AES128GCM,
1216
     SSL_AEAD,
1217
     TLS1_2_VERSION, TLS1_2_VERSION,
1218
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1219
     SSL_HIGH | SSL_FIPS,
1220
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1221
     128,
1222
     128,
1223
     },
1224
    {
1225
     1,
1226
     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1227
     TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1228
     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1229
     SSL_kECDHE,
1230
     SSL_aECDSA,
1231
     SSL_AES256GCM,
1232
     SSL_AEAD,
1233
     TLS1_2_VERSION, TLS1_2_VERSION,
1234
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1235
     SSL_HIGH | SSL_FIPS,
1236
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1237
     256,
1238
     256,
1239
     },
1240
    {
1241
     1,
1242
     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1243
     TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1244
     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1245
     SSL_kECDHE,
1246
     SSL_aRSA,
1247
     SSL_AES128GCM,
1248
     SSL_AEAD,
1249
     TLS1_2_VERSION, TLS1_2_VERSION,
1250
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1251
     SSL_HIGH | SSL_FIPS,
1252
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1253
     128,
1254
     128,
1255
     },
1256
    {
1257
     1,
1258
     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1259
     TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1260
     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1261
     SSL_kECDHE,
1262
     SSL_aRSA,
1263
     SSL_AES256GCM,
1264
     SSL_AEAD,
1265
     TLS1_2_VERSION, TLS1_2_VERSION,
1266
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1267
     SSL_HIGH | SSL_FIPS,
1268
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1269
     256,
1270
     256,
1271
     },
1272
    {
1273
     1,
1274
     TLS1_TXT_PSK_WITH_NULL_SHA,
1275
     TLS1_RFC_PSK_WITH_NULL_SHA,
1276
     TLS1_CK_PSK_WITH_NULL_SHA,
1277
     SSL_kPSK,
1278
     SSL_aPSK,
1279
     SSL_eNULL,
1280
     SSL_SHA1,
1281
     SSL3_VERSION, TLS1_2_VERSION,
1282
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1283
     SSL_STRONG_NONE | SSL_FIPS,
1284
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1285
     0,
1286
     0,
1287
     },
1288
    {
1289
     1,
1290
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1291
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1292
     TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1293
     SSL_kDHEPSK,
1294
     SSL_aPSK,
1295
     SSL_eNULL,
1296
     SSL_SHA1,
1297
     SSL3_VERSION, TLS1_2_VERSION,
1298
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1299
     SSL_STRONG_NONE | SSL_FIPS,
1300
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1301
     0,
1302
     0,
1303
     },
1304
    {
1305
     1,
1306
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1307
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1308
     TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1309
     SSL_kRSAPSK,
1310
     SSL_aRSA,
1311
     SSL_eNULL,
1312
     SSL_SHA1,
1313
     SSL3_VERSION, TLS1_2_VERSION,
1314
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1315
     SSL_STRONG_NONE | SSL_FIPS,
1316
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1317
     0,
1318
     0,
1319
     },
1320
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1321
    {
1322
     1,
1323
     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1324
     TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1325
     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1326
     SSL_kPSK,
1327
     SSL_aPSK,
1328
     SSL_3DES,
1329
     SSL_SHA1,
1330
     SSL3_VERSION, TLS1_2_VERSION,
1331
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1332
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1333
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1334
     112,
1335
     168,
1336
     },
1337
# endif
1338
    {
1339
     1,
1340
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1341
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1342
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1343
     SSL_kPSK,
1344
     SSL_aPSK,
1345
     SSL_AES128,
1346
     SSL_SHA1,
1347
     SSL3_VERSION, TLS1_2_VERSION,
1348
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1349
     SSL_HIGH | SSL_FIPS,
1350
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1351
     128,
1352
     128,
1353
     },
1354
    {
1355
     1,
1356
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1357
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1358
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1359
     SSL_kPSK,
1360
     SSL_aPSK,
1361
     SSL_AES256,
1362
     SSL_SHA1,
1363
     SSL3_VERSION, TLS1_2_VERSION,
1364
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1365
     SSL_HIGH | SSL_FIPS,
1366
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1367
     256,
1368
     256,
1369
     },
1370
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1371
    {
1372
     1,
1373
     TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1374
     TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1375
     TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376
     SSL_kDHEPSK,
1377
     SSL_aPSK,
1378
     SSL_3DES,
1379
     SSL_SHA1,
1380
     SSL3_VERSION, TLS1_2_VERSION,
1381
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1382
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1383
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1384
     112,
1385
     168,
1386
     },
1387
# endif
1388
    {
1389
     1,
1390
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1391
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1392
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1393
     SSL_kDHEPSK,
1394
     SSL_aPSK,
1395
     SSL_AES128,
1396
     SSL_SHA1,
1397
     SSL3_VERSION, TLS1_2_VERSION,
1398
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1399
     SSL_HIGH | SSL_FIPS,
1400
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1401
     128,
1402
     128,
1403
     },
1404
    {
1405
     1,
1406
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1407
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1408
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1409
     SSL_kDHEPSK,
1410
     SSL_aPSK,
1411
     SSL_AES256,
1412
     SSL_SHA1,
1413
     SSL3_VERSION, TLS1_2_VERSION,
1414
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1415
     SSL_HIGH | SSL_FIPS,
1416
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1417
     256,
1418
     256,
1419
     },
1420
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1421
    {
1422
     1,
1423
     TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1424
     TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1425
     TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426
     SSL_kRSAPSK,
1427
     SSL_aRSA,
1428
     SSL_3DES,
1429
     SSL_SHA1,
1430
     SSL3_VERSION, TLS1_2_VERSION,
1431
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1432
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1433
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1434
     112,
1435
     168,
1436
     },
1437
# endif
1438
    {
1439
     1,
1440
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1441
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1442
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1443
     SSL_kRSAPSK,
1444
     SSL_aRSA,
1445
     SSL_AES128,
1446
     SSL_SHA1,
1447
     SSL3_VERSION, TLS1_2_VERSION,
1448
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1449
     SSL_HIGH | SSL_FIPS,
1450
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1451
     128,
1452
     128,
1453
     },
1454
    {
1455
     1,
1456
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1457
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1458
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1459
     SSL_kRSAPSK,
1460
     SSL_aRSA,
1461
     SSL_AES256,
1462
     SSL_SHA1,
1463
     SSL3_VERSION, TLS1_2_VERSION,
1464
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1465
     SSL_HIGH | SSL_FIPS,
1466
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1467
     256,
1468
     256,
1469
     },
1470
    {
1471
     1,
1472
     TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1473
     TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1474
     TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1475
     SSL_kPSK,
1476
     SSL_aPSK,
1477
     SSL_AES128GCM,
1478
     SSL_AEAD,
1479
     TLS1_2_VERSION, TLS1_2_VERSION,
1480
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1481
     SSL_HIGH | SSL_FIPS,
1482
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1483
     128,
1484
     128,
1485
     },
1486
    {
1487
     1,
1488
     TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1489
     TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1490
     TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1491
     SSL_kPSK,
1492
     SSL_aPSK,
1493
     SSL_AES256GCM,
1494
     SSL_AEAD,
1495
     TLS1_2_VERSION, TLS1_2_VERSION,
1496
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1497
     SSL_HIGH | SSL_FIPS,
1498
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1499
     256,
1500
     256,
1501
     },
1502
    {
1503
     1,
1504
     TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1505
     TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1506
     TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507
     SSL_kDHEPSK,
1508
     SSL_aPSK,
1509
     SSL_AES128GCM,
1510
     SSL_AEAD,
1511
     TLS1_2_VERSION, TLS1_2_VERSION,
1512
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1513
     SSL_HIGH | SSL_FIPS,
1514
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1515
     128,
1516
     128,
1517
     },
1518
    {
1519
     1,
1520
     TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1521
     TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1522
     TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523
     SSL_kDHEPSK,
1524
     SSL_aPSK,
1525
     SSL_AES256GCM,
1526
     SSL_AEAD,
1527
     TLS1_2_VERSION, TLS1_2_VERSION,
1528
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1529
     SSL_HIGH | SSL_FIPS,
1530
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1531
     256,
1532
     256,
1533
     },
1534
    {
1535
     1,
1536
     TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1537
     TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1538
     TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539
     SSL_kRSAPSK,
1540
     SSL_aRSA,
1541
     SSL_AES128GCM,
1542
     SSL_AEAD,
1543
     TLS1_2_VERSION, TLS1_2_VERSION,
1544
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1545
     SSL_HIGH | SSL_FIPS,
1546
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1547
     128,
1548
     128,
1549
     },
1550
    {
1551
     1,
1552
     TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1553
     TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1554
     TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555
     SSL_kRSAPSK,
1556
     SSL_aRSA,
1557
     SSL_AES256GCM,
1558
     SSL_AEAD,
1559
     TLS1_2_VERSION, TLS1_2_VERSION,
1560
     DTLS1_2_VERSION, DTLS1_2_VERSION,
1561
     SSL_HIGH | SSL_FIPS,
1562
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1563
     256,
1564
     256,
1565
     },
1566
    {
1567
     1,
1568
     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1569
     TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1570
     TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1571
     SSL_kPSK,
1572
     SSL_aPSK,
1573
     SSL_AES128,
1574
     SSL_SHA256,
1575
     TLS1_VERSION, TLS1_2_VERSION,
1576
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1577
     SSL_HIGH | SSL_FIPS,
1578
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1579
     128,
1580
     128,
1581
     },
1582
    {
1583
     1,
1584
     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1585
     TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1586
     TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1587
     SSL_kPSK,
1588
     SSL_aPSK,
1589
     SSL_AES256,
1590
     SSL_SHA384,
1591
     TLS1_VERSION, TLS1_2_VERSION,
1592
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1593
     SSL_HIGH | SSL_FIPS,
1594
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1595
     256,
1596
     256,
1597
     },
1598
    {
1599
     1,
1600
     TLS1_TXT_PSK_WITH_NULL_SHA256,
1601
     TLS1_RFC_PSK_WITH_NULL_SHA256,
1602
     TLS1_CK_PSK_WITH_NULL_SHA256,
1603
     SSL_kPSK,
1604
     SSL_aPSK,
1605
     SSL_eNULL,
1606
     SSL_SHA256,
1607
     TLS1_VERSION, TLS1_2_VERSION,
1608
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1609
     SSL_STRONG_NONE | SSL_FIPS,
1610
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1611
     0,
1612
     0,
1613
     },
1614
    {
1615
     1,
1616
     TLS1_TXT_PSK_WITH_NULL_SHA384,
1617
     TLS1_RFC_PSK_WITH_NULL_SHA384,
1618
     TLS1_CK_PSK_WITH_NULL_SHA384,
1619
     SSL_kPSK,
1620
     SSL_aPSK,
1621
     SSL_eNULL,
1622
     SSL_SHA384,
1623
     TLS1_VERSION, TLS1_2_VERSION,
1624
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1625
     SSL_STRONG_NONE | SSL_FIPS,
1626
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1627
     0,
1628
     0,
1629
     },
1630
    {
1631
     1,
1632
     TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1633
     TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1634
     TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635
     SSL_kDHEPSK,
1636
     SSL_aPSK,
1637
     SSL_AES128,
1638
     SSL_SHA256,
1639
     TLS1_VERSION, TLS1_2_VERSION,
1640
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1641
     SSL_HIGH | SSL_FIPS,
1642
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1643
     128,
1644
     128,
1645
     },
1646
    {
1647
     1,
1648
     TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1649
     TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1650
     TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651
     SSL_kDHEPSK,
1652
     SSL_aPSK,
1653
     SSL_AES256,
1654
     SSL_SHA384,
1655
     TLS1_VERSION, TLS1_2_VERSION,
1656
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1657
     SSL_HIGH | SSL_FIPS,
1658
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1659
     256,
1660
     256,
1661
     },
1662
    {
1663
     1,
1664
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1665
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1666
     TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1667
     SSL_kDHEPSK,
1668
     SSL_aPSK,
1669
     SSL_eNULL,
1670
     SSL_SHA256,
1671
     TLS1_VERSION, TLS1_2_VERSION,
1672
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1673
     SSL_STRONG_NONE | SSL_FIPS,
1674
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1675
     0,
1676
     0,
1677
     },
1678
    {
1679
     1,
1680
     TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1681
     TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1682
     TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1683
     SSL_kDHEPSK,
1684
     SSL_aPSK,
1685
     SSL_eNULL,
1686
     SSL_SHA384,
1687
     TLS1_VERSION, TLS1_2_VERSION,
1688
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1689
     SSL_STRONG_NONE | SSL_FIPS,
1690
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1691
     0,
1692
     0,
1693
     },
1694
    {
1695
     1,
1696
     TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1697
     TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1698
     TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699
     SSL_kRSAPSK,
1700
     SSL_aRSA,
1701
     SSL_AES128,
1702
     SSL_SHA256,
1703
     TLS1_VERSION, TLS1_2_VERSION,
1704
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1705
     SSL_HIGH | SSL_FIPS,
1706
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1707
     128,
1708
     128,
1709
     },
1710
    {
1711
     1,
1712
     TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1713
     TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1714
     TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715
     SSL_kRSAPSK,
1716
     SSL_aRSA,
1717
     SSL_AES256,
1718
     SSL_SHA384,
1719
     TLS1_VERSION, TLS1_2_VERSION,
1720
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1721
     SSL_HIGH | SSL_FIPS,
1722
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1723
     256,
1724
     256,
1725
     },
1726
    {
1727
     1,
1728
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1729
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1730
     TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1731
     SSL_kRSAPSK,
1732
     SSL_aRSA,
1733
     SSL_eNULL,
1734
     SSL_SHA256,
1735
     TLS1_VERSION, TLS1_2_VERSION,
1736
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1737
     SSL_STRONG_NONE | SSL_FIPS,
1738
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1739
     0,
1740
     0,
1741
     },
1742
    {
1743
     1,
1744
     TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1745
     TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1746
     TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1747
     SSL_kRSAPSK,
1748
     SSL_aRSA,
1749
     SSL_eNULL,
1750
     SSL_SHA384,
1751
     TLS1_VERSION, TLS1_2_VERSION,
1752
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1753
     SSL_STRONG_NONE | SSL_FIPS,
1754
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1755
     0,
1756
     0,
1757
     },
1758
#  ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1759
    {
1760
     1,
1761
     TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1762
     TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1763
     TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1764
     SSL_kECDHEPSK,
1765
     SSL_aPSK,
1766
     SSL_3DES,
1767
     SSL_SHA1,
1768
     TLS1_VERSION, TLS1_2_VERSION,
1769
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1770
     SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1771
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1772
     112,
1773
     168,
1774
     },
1775
#  endif
1776
    {
1777
     1,
1778
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1779
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1780
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1781
     SSL_kECDHEPSK,
1782
     SSL_aPSK,
1783
     SSL_AES128,
1784
     SSL_SHA1,
1785
     TLS1_VERSION, TLS1_2_VERSION,
1786
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1787
     SSL_HIGH | SSL_FIPS,
1788
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1789
     128,
1790
     128,
1791
     },
1792
    {
1793
     1,
1794
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1795
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1796
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1797
     SSL_kECDHEPSK,
1798
     SSL_aPSK,
1799
     SSL_AES256,
1800
     SSL_SHA1,
1801
     TLS1_VERSION, TLS1_2_VERSION,
1802
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1803
     SSL_HIGH | SSL_FIPS,
1804
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1805
     256,
1806
     256,
1807
     },
1808
    {
1809
     1,
1810
     TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1811
     TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1812
     TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1813
     SSL_kECDHEPSK,
1814
     SSL_aPSK,
1815
     SSL_AES128,
1816
     SSL_SHA256,
1817
     TLS1_VERSION, TLS1_2_VERSION,
1818
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1819
     SSL_HIGH | SSL_FIPS,
1820
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1821
     128,
1822
     128,
1823
     },
1824
    {
1825
     1,
1826
     TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1827
     TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1828
     TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1829
     SSL_kECDHEPSK,
1830
     SSL_aPSK,
1831
     SSL_AES256,
1832
     SSL_SHA384,
1833
     TLS1_VERSION, TLS1_2_VERSION,
1834
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1835
     SSL_HIGH | SSL_FIPS,
1836
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1837
     256,
1838
     256,
1839
     },
1840
    {
1841
     1,
1842
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1843
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1844
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1845
     SSL_kECDHEPSK,
1846
     SSL_aPSK,
1847
     SSL_eNULL,
1848
     SSL_SHA1,
1849
     TLS1_VERSION, TLS1_2_VERSION,
1850
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1851
     SSL_STRONG_NONE | SSL_FIPS,
1852
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1853
     0,
1854
     0,
1855
     },
1856
    {
1857
     1,
1858
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1859
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1860
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1861
     SSL_kECDHEPSK,
1862
     SSL_aPSK,
1863
     SSL_eNULL,
1864
     SSL_SHA256,
1865
     TLS1_VERSION, TLS1_2_VERSION,
1866
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1867
     SSL_STRONG_NONE | SSL_FIPS,
1868
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1869
     0,
1870
     0,
1871
     },
1872
    {
1873
     1,
1874
     TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1875
     TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1876
     TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1877
     SSL_kECDHEPSK,
1878
     SSL_aPSK,
1879
     SSL_eNULL,
1880
     SSL_SHA384,
1881
     TLS1_VERSION, TLS1_2_VERSION,
1882
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1883
     SSL_STRONG_NONE | SSL_FIPS,
1884
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1885
     0,
1886
     0,
1887
     },
1888
1889
# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1890
    {
1891
     1,
1892
     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1893
     TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1894
     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1895
     SSL_kSRP,
1896
     SSL_aSRP,
1897
     SSL_3DES,
1898
     SSL_SHA1,
1899
     SSL3_VERSION, TLS1_2_VERSION,
1900
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1901
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1902
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1903
     112,
1904
     168,
1905
     },
1906
    {
1907
     1,
1908
     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1909
     TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1910
     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1911
     SSL_kSRP,
1912
     SSL_aRSA,
1913
     SSL_3DES,
1914
     SSL_SHA1,
1915
     SSL3_VERSION, TLS1_2_VERSION,
1916
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1917
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1918
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1919
     112,
1920
     168,
1921
     },
1922
    {
1923
     1,
1924
     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1925
     TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1926
     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1927
     SSL_kSRP,
1928
     SSL_aDSS,
1929
     SSL_3DES,
1930
     SSL_SHA1,
1931
     SSL3_VERSION, TLS1_2_VERSION,
1932
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1933
     SSL_NOT_DEFAULT | SSL_MEDIUM,
1934
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1935
     112,
1936
     168,
1937
     },
1938
# endif
1939
    {
1940
     1,
1941
     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1942
     TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1943
     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1944
     SSL_kSRP,
1945
     SSL_aSRP,
1946
     SSL_AES128,
1947
     SSL_SHA1,
1948
     SSL3_VERSION, TLS1_2_VERSION,
1949
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1950
     SSL_HIGH,
1951
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1952
     128,
1953
     128,
1954
     },
1955
    {
1956
     1,
1957
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1958
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1959
     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1960
     SSL_kSRP,
1961
     SSL_aRSA,
1962
     SSL_AES128,
1963
     SSL_SHA1,
1964
     SSL3_VERSION, TLS1_2_VERSION,
1965
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1966
     SSL_HIGH,
1967
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1968
     128,
1969
     128,
1970
     },
1971
    {
1972
     1,
1973
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1974
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1975
     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1976
     SSL_kSRP,
1977
     SSL_aDSS,
1978
     SSL_AES128,
1979
     SSL_SHA1,
1980
     SSL3_VERSION, TLS1_2_VERSION,
1981
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1982
     SSL_NOT_DEFAULT | SSL_HIGH,
1983
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1984
     128,
1985
     128,
1986
     },
1987
    {
1988
     1,
1989
     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1990
     TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1991
     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
1992
     SSL_kSRP,
1993
     SSL_aSRP,
1994
     SSL_AES256,
1995
     SSL_SHA1,
1996
     SSL3_VERSION, TLS1_2_VERSION,
1997
     DTLS1_BAD_VER, DTLS1_2_VERSION,
1998
     SSL_HIGH,
1999
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2000
     256,
2001
     256,
2002
     },
2003
    {
2004
     1,
2005
     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2006
     TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2007
     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2008
     SSL_kSRP,
2009
     SSL_aRSA,
2010
     SSL_AES256,
2011
     SSL_SHA1,
2012
     SSL3_VERSION, TLS1_2_VERSION,
2013
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2014
     SSL_HIGH,
2015
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2016
     256,
2017
     256,
2018
     },
2019
    {
2020
     1,
2021
     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2022
     TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2023
     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2024
     SSL_kSRP,
2025
     SSL_aDSS,
2026
     SSL_AES256,
2027
     SSL_SHA1,
2028
     SSL3_VERSION, TLS1_2_VERSION,
2029
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2030
     SSL_NOT_DEFAULT | SSL_HIGH,
2031
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2032
     256,
2033
     256,
2034
     },
2035
2036
#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2037
    {
2038
     1,
2039
     TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2040
     TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2041
     TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2042
     SSL_kDHE,
2043
     SSL_aRSA,
2044
     SSL_CHACHA20POLY1305,
2045
     SSL_AEAD,
2046
     TLS1_2_VERSION, TLS1_2_VERSION,
2047
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2048
     SSL_HIGH,
2049
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2050
     256,
2051
     256,
2052
     },
2053
    {
2054
     1,
2055
     TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2056
     TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2057
     TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2058
     SSL_kECDHE,
2059
     SSL_aRSA,
2060
     SSL_CHACHA20POLY1305,
2061
     SSL_AEAD,
2062
     TLS1_2_VERSION, TLS1_2_VERSION,
2063
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2064
     SSL_HIGH,
2065
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2066
     256,
2067
     256,
2068
     },
2069
    {
2070
     1,
2071
     TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2072
     TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2073
     TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2074
     SSL_kECDHE,
2075
     SSL_aECDSA,
2076
     SSL_CHACHA20POLY1305,
2077
     SSL_AEAD,
2078
     TLS1_2_VERSION, TLS1_2_VERSION,
2079
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2080
     SSL_HIGH,
2081
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2082
     256,
2083
     256,
2084
     },
2085
    {
2086
     1,
2087
     TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2088
     TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2089
     TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2090
     SSL_kPSK,
2091
     SSL_aPSK,
2092
     SSL_CHACHA20POLY1305,
2093
     SSL_AEAD,
2094
     TLS1_2_VERSION, TLS1_2_VERSION,
2095
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2096
     SSL_HIGH,
2097
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2098
     256,
2099
     256,
2100
     },
2101
    {
2102
     1,
2103
     TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2104
     TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2105
     TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2106
     SSL_kECDHEPSK,
2107
     SSL_aPSK,
2108
     SSL_CHACHA20POLY1305,
2109
     SSL_AEAD,
2110
     TLS1_2_VERSION, TLS1_2_VERSION,
2111
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2112
     SSL_HIGH,
2113
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2114
     256,
2115
     256,
2116
     },
2117
    {
2118
     1,
2119
     TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2120
     TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2121
     TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2122
     SSL_kDHEPSK,
2123
     SSL_aPSK,
2124
     SSL_CHACHA20POLY1305,
2125
     SSL_AEAD,
2126
     TLS1_2_VERSION, TLS1_2_VERSION,
2127
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2128
     SSL_HIGH,
2129
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2130
     256,
2131
     256,
2132
     },
2133
    {
2134
     1,
2135
     TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2136
     TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2137
     TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2138
     SSL_kRSAPSK,
2139
     SSL_aRSA,
2140
     SSL_CHACHA20POLY1305,
2141
     SSL_AEAD,
2142
     TLS1_2_VERSION, TLS1_2_VERSION,
2143
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2144
     SSL_HIGH,
2145
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2146
     256,
2147
     256,
2148
     },
2149
#endif                          /* !defined(OPENSSL_NO_CHACHA) &&
2150
                                 * !defined(OPENSSL_NO_POLY1305) */
2151
2152
#ifndef OPENSSL_NO_CAMELLIA
2153
    {
2154
     1,
2155
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2156
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2157
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2158
     SSL_kRSA,
2159
     SSL_aRSA,
2160
     SSL_CAMELLIA128,
2161
     SSL_SHA256,
2162
     TLS1_2_VERSION, TLS1_2_VERSION,
2163
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2164
     SSL_NOT_DEFAULT | SSL_HIGH,
2165
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2166
     128,
2167
     128,
2168
     },
2169
    {
2170
     1,
2171
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2172
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2173
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2174
     SSL_kEDH,
2175
     SSL_aDSS,
2176
     SSL_CAMELLIA128,
2177
     SSL_SHA256,
2178
     TLS1_2_VERSION, TLS1_2_VERSION,
2179
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2180
     SSL_NOT_DEFAULT | SSL_HIGH,
2181
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2182
     128,
2183
     128,
2184
     },
2185
    {
2186
     1,
2187
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2188
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2189
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2190
     SSL_kEDH,
2191
     SSL_aRSA,
2192
     SSL_CAMELLIA128,
2193
     SSL_SHA256,
2194
     TLS1_2_VERSION, TLS1_2_VERSION,
2195
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2196
     SSL_NOT_DEFAULT | SSL_HIGH,
2197
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2198
     128,
2199
     128,
2200
     },
2201
    {
2202
     1,
2203
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2204
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2205
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2206
     SSL_kEDH,
2207
     SSL_aNULL,
2208
     SSL_CAMELLIA128,
2209
     SSL_SHA256,
2210
     TLS1_2_VERSION, TLS1_2_VERSION,
2211
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2212
     SSL_NOT_DEFAULT | SSL_HIGH,
2213
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2214
     128,
2215
     128,
2216
     },
2217
    {
2218
     1,
2219
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2220
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2221
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2222
     SSL_kRSA,
2223
     SSL_aRSA,
2224
     SSL_CAMELLIA256,
2225
     SSL_SHA256,
2226
     TLS1_2_VERSION, TLS1_2_VERSION,
2227
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2228
     SSL_NOT_DEFAULT | SSL_HIGH,
2229
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2230
     256,
2231
     256,
2232
     },
2233
    {
2234
     1,
2235
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2236
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2237
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2238
     SSL_kEDH,
2239
     SSL_aDSS,
2240
     SSL_CAMELLIA256,
2241
     SSL_SHA256,
2242
     TLS1_2_VERSION, TLS1_2_VERSION,
2243
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2244
     SSL_NOT_DEFAULT | SSL_HIGH,
2245
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2246
     256,
2247
     256,
2248
     },
2249
    {
2250
     1,
2251
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2252
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2253
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2254
     SSL_kEDH,
2255
     SSL_aRSA,
2256
     SSL_CAMELLIA256,
2257
     SSL_SHA256,
2258
     TLS1_2_VERSION, TLS1_2_VERSION,
2259
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2260
     SSL_NOT_DEFAULT | SSL_HIGH,
2261
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2262
     256,
2263
     256,
2264
     },
2265
    {
2266
     1,
2267
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2268
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2269
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2270
     SSL_kEDH,
2271
     SSL_aNULL,
2272
     SSL_CAMELLIA256,
2273
     SSL_SHA256,
2274
     TLS1_2_VERSION, TLS1_2_VERSION,
2275
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2276
     SSL_NOT_DEFAULT | SSL_HIGH,
2277
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2278
     256,
2279
     256,
2280
     },
2281
    {
2282
     1,
2283
     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2284
     TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2285
     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2286
     SSL_kRSA,
2287
     SSL_aRSA,
2288
     SSL_CAMELLIA256,
2289
     SSL_SHA1,
2290
     SSL3_VERSION, TLS1_2_VERSION,
2291
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2292
     SSL_NOT_DEFAULT | SSL_HIGH,
2293
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2294
     256,
2295
     256,
2296
     },
2297
    {
2298
     1,
2299
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2300
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2301
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2302
     SSL_kDHE,
2303
     SSL_aDSS,
2304
     SSL_CAMELLIA256,
2305
     SSL_SHA1,
2306
     SSL3_VERSION, TLS1_2_VERSION,
2307
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2308
     SSL_NOT_DEFAULT | SSL_HIGH,
2309
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2310
     256,
2311
     256,
2312
     },
2313
    {
2314
     1,
2315
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2316
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2317
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2318
     SSL_kDHE,
2319
     SSL_aRSA,
2320
     SSL_CAMELLIA256,
2321
     SSL_SHA1,
2322
     SSL3_VERSION, TLS1_2_VERSION,
2323
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2324
     SSL_NOT_DEFAULT | SSL_HIGH,
2325
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2326
     256,
2327
     256,
2328
     },
2329
    {
2330
     1,
2331
     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2332
     TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2333
     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2334
     SSL_kDHE,
2335
     SSL_aNULL,
2336
     SSL_CAMELLIA256,
2337
     SSL_SHA1,
2338
     SSL3_VERSION, TLS1_2_VERSION,
2339
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2340
     SSL_NOT_DEFAULT | SSL_HIGH,
2341
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2342
     256,
2343
     256,
2344
     },
2345
    {
2346
     1,
2347
     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2348
     TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2349
     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2350
     SSL_kRSA,
2351
     SSL_aRSA,
2352
     SSL_CAMELLIA128,
2353
     SSL_SHA1,
2354
     SSL3_VERSION, TLS1_2_VERSION,
2355
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2356
     SSL_NOT_DEFAULT | SSL_HIGH,
2357
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2358
     128,
2359
     128,
2360
     },
2361
    {
2362
     1,
2363
     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2364
     TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2365
     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2366
     SSL_kDHE,
2367
     SSL_aDSS,
2368
     SSL_CAMELLIA128,
2369
     SSL_SHA1,
2370
     SSL3_VERSION, TLS1_2_VERSION,
2371
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2372
     SSL_NOT_DEFAULT | SSL_HIGH,
2373
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2374
     128,
2375
     128,
2376
     },
2377
    {
2378
     1,
2379
     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2380
     TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2381
     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2382
     SSL_kDHE,
2383
     SSL_aRSA,
2384
     SSL_CAMELLIA128,
2385
     SSL_SHA1,
2386
     SSL3_VERSION, TLS1_2_VERSION,
2387
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2388
     SSL_NOT_DEFAULT | SSL_HIGH,
2389
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2390
     128,
2391
     128,
2392
     },
2393
    {
2394
     1,
2395
     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2396
     TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2397
     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2398
     SSL_kDHE,
2399
     SSL_aNULL,
2400
     SSL_CAMELLIA128,
2401
     SSL_SHA1,
2402
     SSL3_VERSION, TLS1_2_VERSION,
2403
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2404
     SSL_NOT_DEFAULT | SSL_HIGH,
2405
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2406
     128,
2407
     128,
2408
     },
2409
    {
2410
     1,
2411
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2412
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2413
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2414
     SSL_kECDHE,
2415
     SSL_aECDSA,
2416
     SSL_CAMELLIA128,
2417
     SSL_SHA256,
2418
     TLS1_2_VERSION, TLS1_2_VERSION,
2419
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2420
     SSL_NOT_DEFAULT | SSL_HIGH,
2421
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2422
     128,
2423
     128,
2424
     },
2425
    {
2426
     1,
2427
     TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2428
     TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2429
     TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2430
     SSL_kECDHE,
2431
     SSL_aECDSA,
2432
     SSL_CAMELLIA256,
2433
     SSL_SHA384,
2434
     TLS1_2_VERSION, TLS1_2_VERSION,
2435
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2436
     SSL_NOT_DEFAULT | SSL_HIGH,
2437
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2438
     256,
2439
     256,
2440
     },
2441
    {
2442
     1,
2443
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2444
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2445
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2446
     SSL_kECDHE,
2447
     SSL_aRSA,
2448
     SSL_CAMELLIA128,
2449
     SSL_SHA256,
2450
     TLS1_2_VERSION, TLS1_2_VERSION,
2451
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2452
     SSL_NOT_DEFAULT | SSL_HIGH,
2453
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2454
     128,
2455
     128,
2456
     },
2457
    {
2458
     1,
2459
     TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2460
     TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2461
     TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2462
     SSL_kECDHE,
2463
     SSL_aRSA,
2464
     SSL_CAMELLIA256,
2465
     SSL_SHA384,
2466
     TLS1_2_VERSION, TLS1_2_VERSION,
2467
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2468
     SSL_NOT_DEFAULT | SSL_HIGH,
2469
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2470
     256,
2471
     256,
2472
     },
2473
    {
2474
     1,
2475
     TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2476
     TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2477
     TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2478
     SSL_kPSK,
2479
     SSL_aPSK,
2480
     SSL_CAMELLIA128,
2481
     SSL_SHA256,
2482
     TLS1_VERSION, TLS1_2_VERSION,
2483
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2484
     SSL_NOT_DEFAULT | SSL_HIGH,
2485
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2486
     128,
2487
     128,
2488
     },
2489
    {
2490
     1,
2491
     TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2492
     TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2493
     TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2494
     SSL_kPSK,
2495
     SSL_aPSK,
2496
     SSL_CAMELLIA256,
2497
     SSL_SHA384,
2498
     TLS1_VERSION, TLS1_2_VERSION,
2499
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2500
     SSL_NOT_DEFAULT | SSL_HIGH,
2501
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2502
     256,
2503
     256,
2504
     },
2505
    {
2506
     1,
2507
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2508
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2509
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2510
     SSL_kDHEPSK,
2511
     SSL_aPSK,
2512
     SSL_CAMELLIA128,
2513
     SSL_SHA256,
2514
     TLS1_VERSION, TLS1_2_VERSION,
2515
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2516
     SSL_NOT_DEFAULT | SSL_HIGH,
2517
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2518
     128,
2519
     128,
2520
     },
2521
    {
2522
     1,
2523
     TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2524
     TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2525
     TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2526
     SSL_kDHEPSK,
2527
     SSL_aPSK,
2528
     SSL_CAMELLIA256,
2529
     SSL_SHA384,
2530
     TLS1_VERSION, TLS1_2_VERSION,
2531
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2532
     SSL_NOT_DEFAULT | SSL_HIGH,
2533
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2534
     256,
2535
     256,
2536
     },
2537
    {
2538
     1,
2539
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2540
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2541
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2542
     SSL_kRSAPSK,
2543
     SSL_aRSA,
2544
     SSL_CAMELLIA128,
2545
     SSL_SHA256,
2546
     TLS1_VERSION, TLS1_2_VERSION,
2547
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2548
     SSL_NOT_DEFAULT | SSL_HIGH,
2549
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2550
     128,
2551
     128,
2552
     },
2553
    {
2554
     1,
2555
     TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2556
     TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2557
     TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2558
     SSL_kRSAPSK,
2559
     SSL_aRSA,
2560
     SSL_CAMELLIA256,
2561
     SSL_SHA384,
2562
     TLS1_VERSION, TLS1_2_VERSION,
2563
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2564
     SSL_NOT_DEFAULT | SSL_HIGH,
2565
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2566
     256,
2567
     256,
2568
     },
2569
    {
2570
     1,
2571
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2572
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2573
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2574
     SSL_kECDHEPSK,
2575
     SSL_aPSK,
2576
     SSL_CAMELLIA128,
2577
     SSL_SHA256,
2578
     TLS1_VERSION, TLS1_2_VERSION,
2579
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2580
     SSL_NOT_DEFAULT | SSL_HIGH,
2581
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2582
     128,
2583
     128,
2584
     },
2585
    {
2586
     1,
2587
     TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2588
     TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2589
     TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2590
     SSL_kECDHEPSK,
2591
     SSL_aPSK,
2592
     SSL_CAMELLIA256,
2593
     SSL_SHA384,
2594
     TLS1_VERSION, TLS1_2_VERSION,
2595
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2596
     SSL_NOT_DEFAULT | SSL_HIGH,
2597
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2598
     256,
2599
     256,
2600
     },
2601
#endif                          /* OPENSSL_NO_CAMELLIA */
2602
2603
#ifndef OPENSSL_NO_GOST
2604
    {
2605
     1,
2606
     "GOST2001-GOST89-GOST89",
2607
     "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2608
     0x3000081,
2609
     SSL_kGOST,
2610
     SSL_aGOST01,
2611
     SSL_eGOST2814789CNT,
2612
     SSL_GOST89MAC,
2613
     TLS1_VERSION, TLS1_2_VERSION,
2614
     0, 0,
2615
     SSL_HIGH,
2616
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2617
     256,
2618
     256,
2619
     },
2620
    {
2621
     1,
2622
     "GOST2001-NULL-GOST94",
2623
     "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2624
     0x3000083,
2625
     SSL_kGOST,
2626
     SSL_aGOST01,
2627
     SSL_eNULL,
2628
     SSL_GOST94,
2629
     TLS1_VERSION, TLS1_2_VERSION,
2630
     0, 0,
2631
     SSL_STRONG_NONE,
2632
     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2633
     0,
2634
     0,
2635
     },
2636
    {
2637
     1,
2638
     "GOST2012-GOST8912-GOST8912",
2639
     NULL,
2640
     0x0300ff85,
2641
     SSL_kGOST,
2642
     SSL_aGOST12 | SSL_aGOST01,
2643
     SSL_eGOST2814789CNT12,
2644
     SSL_GOST89MAC12,
2645
     TLS1_VERSION, TLS1_2_VERSION,
2646
     0, 0,
2647
     SSL_HIGH,
2648
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2649
     256,
2650
     256,
2651
     },
2652
    {
2653
     1,
2654
     "GOST2012-NULL-GOST12",
2655
     NULL,
2656
     0x0300ff87,
2657
     SSL_kGOST,
2658
     SSL_aGOST12 | SSL_aGOST01,
2659
     SSL_eNULL,
2660
     SSL_GOST12_256,
2661
     TLS1_VERSION, TLS1_2_VERSION,
2662
     0, 0,
2663
     SSL_STRONG_NONE,
2664
     SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2665
     0,
2666
     0,
2667
     },
2668
#endif                          /* OPENSSL_NO_GOST */
2669
2670
#ifndef OPENSSL_NO_IDEA
2671
    {
2672
     1,
2673
     SSL3_TXT_RSA_IDEA_128_SHA,
2674
     SSL3_RFC_RSA_IDEA_128_SHA,
2675
     SSL3_CK_RSA_IDEA_128_SHA,
2676
     SSL_kRSA,
2677
     SSL_aRSA,
2678
     SSL_IDEA,
2679
     SSL_SHA1,
2680
     SSL3_VERSION, TLS1_1_VERSION,
2681
     DTLS1_BAD_VER, DTLS1_VERSION,
2682
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2683
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2684
     128,
2685
     128,
2686
     },
2687
#endif
2688
2689
#ifndef OPENSSL_NO_SEED
2690
    {
2691
     1,
2692
     TLS1_TXT_RSA_WITH_SEED_SHA,
2693
     TLS1_RFC_RSA_WITH_SEED_SHA,
2694
     TLS1_CK_RSA_WITH_SEED_SHA,
2695
     SSL_kRSA,
2696
     SSL_aRSA,
2697
     SSL_SEED,
2698
     SSL_SHA1,
2699
     SSL3_VERSION, TLS1_2_VERSION,
2700
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2701
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2702
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2703
     128,
2704
     128,
2705
     },
2706
    {
2707
     1,
2708
     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2709
     TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2710
     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2711
     SSL_kDHE,
2712
     SSL_aDSS,
2713
     SSL_SEED,
2714
     SSL_SHA1,
2715
     SSL3_VERSION, TLS1_2_VERSION,
2716
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2717
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2718
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2719
     128,
2720
     128,
2721
     },
2722
    {
2723
     1,
2724
     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2725
     TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2726
     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2727
     SSL_kDHE,
2728
     SSL_aRSA,
2729
     SSL_SEED,
2730
     SSL_SHA1,
2731
     SSL3_VERSION, TLS1_2_VERSION,
2732
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2733
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2734
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2735
     128,
2736
     128,
2737
     },
2738
    {
2739
     1,
2740
     TLS1_TXT_ADH_WITH_SEED_SHA,
2741
     TLS1_RFC_ADH_WITH_SEED_SHA,
2742
     TLS1_CK_ADH_WITH_SEED_SHA,
2743
     SSL_kDHE,
2744
     SSL_aNULL,
2745
     SSL_SEED,
2746
     SSL_SHA1,
2747
     SSL3_VERSION, TLS1_2_VERSION,
2748
     DTLS1_BAD_VER, DTLS1_2_VERSION,
2749
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2750
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2751
     128,
2752
     128,
2753
     },
2754
#endif                          /* OPENSSL_NO_SEED */
2755
2756
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2757
    {
2758
     1,
2759
     SSL3_TXT_RSA_RC4_128_MD5,
2760
     SSL3_RFC_RSA_RC4_128_MD5,
2761
     SSL3_CK_RSA_RC4_128_MD5,
2762
     SSL_kRSA,
2763
     SSL_aRSA,
2764
     SSL_RC4,
2765
     SSL_MD5,
2766
     SSL3_VERSION, TLS1_2_VERSION,
2767
     0, 0,
2768
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2769
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2770
     128,
2771
     128,
2772
     },
2773
    {
2774
     1,
2775
     SSL3_TXT_RSA_RC4_128_SHA,
2776
     SSL3_RFC_RSA_RC4_128_SHA,
2777
     SSL3_CK_RSA_RC4_128_SHA,
2778
     SSL_kRSA,
2779
     SSL_aRSA,
2780
     SSL_RC4,
2781
     SSL_SHA1,
2782
     SSL3_VERSION, TLS1_2_VERSION,
2783
     0, 0,
2784
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2785
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2786
     128,
2787
     128,
2788
     },
2789
    {
2790
     1,
2791
     SSL3_TXT_ADH_RC4_128_MD5,
2792
     SSL3_RFC_ADH_RC4_128_MD5,
2793
     SSL3_CK_ADH_RC4_128_MD5,
2794
     SSL_kDHE,
2795
     SSL_aNULL,
2796
     SSL_RC4,
2797
     SSL_MD5,
2798
     SSL3_VERSION, TLS1_2_VERSION,
2799
     0, 0,
2800
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2801
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2802
     128,
2803
     128,
2804
     },
2805
    {
2806
     1,
2807
     TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2808
     TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2809
     TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2810
     SSL_kECDHEPSK,
2811
     SSL_aPSK,
2812
     SSL_RC4,
2813
     SSL_SHA1,
2814
     TLS1_VERSION, TLS1_2_VERSION,
2815
     0, 0,
2816
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2817
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2818
     128,
2819
     128,
2820
     },
2821
    {
2822
     1,
2823
     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2824
     TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2825
     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2826
     SSL_kECDHE,
2827
     SSL_aNULL,
2828
     SSL_RC4,
2829
     SSL_SHA1,
2830
     TLS1_VERSION, TLS1_2_VERSION,
2831
     0, 0,
2832
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2833
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2834
     128,
2835
     128,
2836
     },
2837
    {
2838
     1,
2839
     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2840
     TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2841
     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2842
     SSL_kECDHE,
2843
     SSL_aECDSA,
2844
     SSL_RC4,
2845
     SSL_SHA1,
2846
     TLS1_VERSION, TLS1_2_VERSION,
2847
     0, 0,
2848
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2849
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2850
     128,
2851
     128,
2852
     },
2853
    {
2854
     1,
2855
     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2856
     TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2857
     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2858
     SSL_kECDHE,
2859
     SSL_aRSA,
2860
     SSL_RC4,
2861
     SSL_SHA1,
2862
     TLS1_VERSION, TLS1_2_VERSION,
2863
     0, 0,
2864
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2865
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2866
     128,
2867
     128,
2868
     },
2869
    {
2870
     1,
2871
     TLS1_TXT_PSK_WITH_RC4_128_SHA,
2872
     TLS1_RFC_PSK_WITH_RC4_128_SHA,
2873
     TLS1_CK_PSK_WITH_RC4_128_SHA,
2874
     SSL_kPSK,
2875
     SSL_aPSK,
2876
     SSL_RC4,
2877
     SSL_SHA1,
2878
     SSL3_VERSION, TLS1_2_VERSION,
2879
     0, 0,
2880
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2881
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2882
     128,
2883
     128,
2884
     },
2885
    {
2886
     1,
2887
     TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2888
     TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2889
     TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2890
     SSL_kRSAPSK,
2891
     SSL_aRSA,
2892
     SSL_RC4,
2893
     SSL_SHA1,
2894
     SSL3_VERSION, TLS1_2_VERSION,
2895
     0, 0,
2896
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2897
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2898
     128,
2899
     128,
2900
     },
2901
    {
2902
     1,
2903
     TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2904
     TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2905
     TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2906
     SSL_kDHEPSK,
2907
     SSL_aPSK,
2908
     SSL_RC4,
2909
     SSL_SHA1,
2910
     SSL3_VERSION, TLS1_2_VERSION,
2911
     0, 0,
2912
     SSL_NOT_DEFAULT | SSL_MEDIUM,
2913
     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2914
     128,
2915
     128,
2916
     },
2917
#endif                          /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2918
2919
#ifndef OPENSSL_NO_ARIA
2920
    {
2921
     1,
2922
     TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256,
2923
     TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256,
2924
     TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256,
2925
     SSL_kRSA,
2926
     SSL_aRSA,
2927
     SSL_ARIA128GCM,
2928
     SSL_AEAD,
2929
     TLS1_2_VERSION, TLS1_2_VERSION,
2930
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2931
     SSL_NOT_DEFAULT | SSL_HIGH,
2932
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2933
     128,
2934
     128,
2935
     },
2936
    {
2937
     1,
2938
     TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384,
2939
     TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384,
2940
     TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384,
2941
     SSL_kRSA,
2942
     SSL_aRSA,
2943
     SSL_ARIA256GCM,
2944
     SSL_AEAD,
2945
     TLS1_2_VERSION, TLS1_2_VERSION,
2946
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2947
     SSL_NOT_DEFAULT | SSL_HIGH,
2948
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2949
     256,
2950
     256,
2951
     },
2952
    {
2953
     1,
2954
     TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2955
     TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2956
     TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2957
     SSL_kDHE,
2958
     SSL_aRSA,
2959
     SSL_ARIA128GCM,
2960
     SSL_AEAD,
2961
     TLS1_2_VERSION, TLS1_2_VERSION,
2962
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2963
     SSL_NOT_DEFAULT | SSL_HIGH,
2964
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2965
     128,
2966
     128,
2967
     },
2968
    {
2969
     1,
2970
     TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2971
     TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2972
     TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2973
     SSL_kDHE,
2974
     SSL_aRSA,
2975
     SSL_ARIA256GCM,
2976
     SSL_AEAD,
2977
     TLS1_2_VERSION, TLS1_2_VERSION,
2978
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2979
     SSL_NOT_DEFAULT | SSL_HIGH,
2980
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2981
     256,
2982
     256,
2983
     },
2984
    {
2985
     1,
2986
     TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2987
     TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2988
     TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256,
2989
     SSL_kDHE,
2990
     SSL_aDSS,
2991
     SSL_ARIA128GCM,
2992
     SSL_AEAD,
2993
     TLS1_2_VERSION, TLS1_2_VERSION,
2994
     DTLS1_2_VERSION, DTLS1_2_VERSION,
2995
     SSL_NOT_DEFAULT | SSL_HIGH,
2996
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2997
     128,
2998
     128,
2999
     },
3000
    {
3001
     1,
3002
     TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3003
     TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3004
     TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384,
3005
     SSL_kDHE,
3006
     SSL_aDSS,
3007
     SSL_ARIA256GCM,
3008
     SSL_AEAD,
3009
     TLS1_2_VERSION, TLS1_2_VERSION,
3010
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3011
     SSL_NOT_DEFAULT | SSL_HIGH,
3012
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3013
     256,
3014
     256,
3015
     },
3016
    {
3017
     1,
3018
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3019
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3020
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
3021
     SSL_kECDHE,
3022
     SSL_aECDSA,
3023
     SSL_ARIA128GCM,
3024
     SSL_AEAD,
3025
     TLS1_2_VERSION, TLS1_2_VERSION,
3026
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3027
     SSL_NOT_DEFAULT | SSL_HIGH,
3028
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3029
     128,
3030
     128,
3031
     },
3032
    {
3033
     1,
3034
     TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3035
     TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3036
     TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
3037
     SSL_kECDHE,
3038
     SSL_aECDSA,
3039
     SSL_ARIA256GCM,
3040
     SSL_AEAD,
3041
     TLS1_2_VERSION, TLS1_2_VERSION,
3042
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3043
     SSL_NOT_DEFAULT | SSL_HIGH,
3044
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3045
     256,
3046
     256,
3047
     },
3048
    {
3049
     1,
3050
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3051
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3052
     TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
3053
     SSL_kECDHE,
3054
     SSL_aRSA,
3055
     SSL_ARIA128GCM,
3056
     SSL_AEAD,
3057
     TLS1_2_VERSION, TLS1_2_VERSION,
3058
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3059
     SSL_NOT_DEFAULT | SSL_HIGH,
3060
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3061
     128,
3062
     128,
3063
     },
3064
    {
3065
     1,
3066
     TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3067
     TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3068
     TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
3069
     SSL_kECDHE,
3070
     SSL_aRSA,
3071
     SSL_ARIA256GCM,
3072
     SSL_AEAD,
3073
     TLS1_2_VERSION, TLS1_2_VERSION,
3074
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3075
     SSL_NOT_DEFAULT | SSL_HIGH,
3076
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3077
     256,
3078
     256,
3079
     },
3080
    {
3081
     1,
3082
     TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256,
3083
     TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256,
3084
     TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256,
3085
     SSL_kPSK,
3086
     SSL_aPSK,
3087
     SSL_ARIA128GCM,
3088
     SSL_AEAD,
3089
     TLS1_2_VERSION, TLS1_2_VERSION,
3090
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3091
     SSL_NOT_DEFAULT | SSL_HIGH,
3092
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3093
     128,
3094
     128,
3095
     },
3096
    {
3097
     1,
3098
     TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384,
3099
     TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384,
3100
     TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384,
3101
     SSL_kPSK,
3102
     SSL_aPSK,
3103
     SSL_ARIA256GCM,
3104
     SSL_AEAD,
3105
     TLS1_2_VERSION, TLS1_2_VERSION,
3106
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3107
     SSL_NOT_DEFAULT | SSL_HIGH,
3108
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3109
     256,
3110
     256,
3111
     },
3112
    {
3113
     1,
3114
     TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3115
     TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3116
     TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
3117
     SSL_kDHEPSK,
3118
     SSL_aPSK,
3119
     SSL_ARIA128GCM,
3120
     SSL_AEAD,
3121
     TLS1_2_VERSION, TLS1_2_VERSION,
3122
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3123
     SSL_NOT_DEFAULT | SSL_HIGH,
3124
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3125
     128,
3126
     128,
3127
     },
3128
    {
3129
     1,
3130
     TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3131
     TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3132
     TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
3133
     SSL_kDHEPSK,
3134
     SSL_aPSK,
3135
     SSL_ARIA256GCM,
3136
     SSL_AEAD,
3137
     TLS1_2_VERSION, TLS1_2_VERSION,
3138
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3139
     SSL_NOT_DEFAULT | SSL_HIGH,
3140
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3141
     256,
3142
     256,
3143
     },
3144
    {
3145
     1,
3146
     TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3147
     TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3148
     TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
3149
     SSL_kRSAPSK,
3150
     SSL_aRSA,
3151
     SSL_ARIA128GCM,
3152
     SSL_AEAD,
3153
     TLS1_2_VERSION, TLS1_2_VERSION,
3154
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3155
     SSL_NOT_DEFAULT | SSL_HIGH,
3156
     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
3157
     128,
3158
     128,
3159
     },
3160
    {
3161
     1,
3162
     TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3163
     TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3164
     TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
3165
     SSL_kRSAPSK,
3166
     SSL_aRSA,
3167
     SSL_ARIA256GCM,
3168
     SSL_AEAD,
3169
     TLS1_2_VERSION, TLS1_2_VERSION,
3170
     DTLS1_2_VERSION, DTLS1_2_VERSION,
3171
     SSL_NOT_DEFAULT | SSL_HIGH,
3172
     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
3173
     256,
3174
     256,
3175
     },
3176
#endif /* OPENSSL_NO_ARIA */
3177
};
3178
3179
/*
3180
 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
3181
 * values stuffed into the ciphers field of the wire protocol for signalling
3182
 * purposes.
3183
 */
3184
static SSL_CIPHER ssl3_scsvs[] = {
3185
    {
3186
     0,
3187
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3188
     "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
3189
     SSL3_CK_SCSV,
3190
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3191
    },
3192
    {
3193
     0,
3194
     "TLS_FALLBACK_SCSV",
3195
     "TLS_FALLBACK_SCSV",
3196
     SSL3_CK_FALLBACK_SCSV,
3197
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
3198
    },
3199
};
3200
3201
static int cipher_compare(const void *a, const void *b)
3202
0
{
3203
0
    const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
3204
0
    const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
3205
0
3206
0
    if (ap->id == bp->id)
3207
0
        return 0;
3208
0
    return ap->id < bp->id ? -1 : 1;
3209
0
}
3210
3211
void ssl_sort_cipher_list(void)
3212
0
{
3213
0
    qsort(tls13_ciphers, TLS13_NUM_CIPHERS, sizeof(tls13_ciphers[0]),
3214
0
          cipher_compare);
3215
0
    qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(ssl3_ciphers[0]),
3216
0
          cipher_compare);
3217
0
    qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof(ssl3_scsvs[0]), cipher_compare);
3218
0
}
3219
3220
static int ssl_undefined_function_1(SSL *ssl, unsigned char *r, size_t s,
3221
                                    const char * t, size_t u,
3222
                                    const unsigned char * v, size_t w, int x)
3223
0
{
3224
0
    (void)r;
3225
0
    (void)s;
3226
0
    (void)t;
3227
0
    (void)u;
3228
0
    (void)v;
3229
0
    (void)w;
3230
0
    (void)x;
3231
0
    return ssl_undefined_function(ssl);
3232
0
}
3233
3234
const SSL3_ENC_METHOD SSLv3_enc_data = {
3235
    ssl3_enc,
3236
    n_ssl3_mac,
3237
    ssl3_setup_key_block,
3238
    ssl3_generate_master_secret,
3239
    ssl3_change_cipher_state,
3240
    ssl3_final_finish_mac,
3241
    SSL3_MD_CLIENT_FINISHED_CONST, 4,
3242
    SSL3_MD_SERVER_FINISHED_CONST, 4,
3243
    ssl3_alert_code,
3244
    ssl_undefined_function_1,
3245
    0,
3246
    ssl3_set_handshake_header,
3247
    tls_close_construct_packet,
3248
    ssl3_handshake_write
3249
};
3250
3251
long ssl3_default_timeout(void)
3252
0
{
3253
0
    /*
3254
0
     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3255
0
     * http, the cache would over fill
3256
0
     */
3257
0
    return (60 * 60 * 2);
3258
0
}
3259
3260
int ssl3_num_ciphers(void)
3261
0
{
3262
0
    return SSL3_NUM_CIPHERS;
3263
0
}
3264
3265
const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3266
0
{
3267
0
    if (u < SSL3_NUM_CIPHERS)
3268
0
        return &(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]);
3269
0
    else
3270
0
        return NULL;
3271
0
}
3272
3273
int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
3274
0
{
3275
0
    /* No header in the event of a CCS */
3276
0
    if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3277
0
        return 1;
3278
0
3279
0
    /* Set the content type and 3 bytes for the message len */
3280
0
    if (!WPACKET_put_bytes_u8(pkt, htype)
3281
0
            || !WPACKET_start_sub_packet_u24(pkt))
3282
0
        return 0;
3283
0
3284
0
    return 1;
3285
0
}
3286
3287
int ssl3_handshake_write(SSL *s)
3288
0
{
3289
0
    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3290
0
}
3291
3292
int ssl3_new(SSL *s)
3293
0
{
3294
0
    SSL3_STATE *s3;
3295
0
3296
0
    if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
3297
0
        goto err;
3298
0
    s->s3 = s3;
3299
0
3300
0
#ifndef OPENSSL_NO_SRP
3301
0
    if (!SSL_SRP_CTX_init(s))
3302
0
        goto err;
3303
0
#endif
3304
0
3305
0
    if (!s->method->ssl_clear(s))
3306
0
        return 0;
3307
0
3308
0
    return 1;
3309
0
 err:
3310
0
    return 0;
3311
0
}
3312
3313
void ssl3_free(SSL *s)
3314
0
{
3315
0
    if (s == NULL || s->s3 == NULL)
3316
0
        return;
3317
0
3318
0
    ssl3_cleanup_key_block(s);
3319
0
3320
0
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3321
0
    EVP_PKEY_free(s->s3->peer_tmp);
3322
0
    s->s3->peer_tmp = NULL;
3323
0
    EVP_PKEY_free(s->s3->tmp.pkey);
3324
0
    s->s3->tmp.pkey = NULL;
3325
0
#endif
3326
0
3327
0
    OPENSSL_free(s->s3->tmp.ctype);
3328
0
    sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3329
0
    OPENSSL_free(s->s3->tmp.ciphers_raw);
3330
0
    OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3331
0
    OPENSSL_free(s->s3->tmp.peer_sigalgs);
3332
0
    OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
3333
0
    ssl3_free_digest_list(s);
3334
0
    OPENSSL_free(s->s3->alpn_selected);
3335
0
    OPENSSL_free(s->s3->alpn_proposed);
3336
0
3337
0
#ifndef OPENSSL_NO_SRP
3338
0
    SSL_SRP_CTX_free(s);
3339
0
#endif
3340
0
    OPENSSL_clear_free(s->s3, sizeof(*s->s3));
3341
0
    s->s3 = NULL;
3342
0
}
3343
3344
int ssl3_clear(SSL *s)
3345
0
{
3346
0
    ssl3_cleanup_key_block(s);
3347
0
    OPENSSL_free(s->s3->tmp.ctype);
3348
0
    sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3349
0
    OPENSSL_free(s->s3->tmp.ciphers_raw);
3350
0
    OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3351
0
    OPENSSL_free(s->s3->tmp.peer_sigalgs);
3352
0
    OPENSSL_free(s->s3->tmp.peer_cert_sigalgs);
3353
0
3354
0
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3355
0
    EVP_PKEY_free(s->s3->tmp.pkey);
3356
0
    EVP_PKEY_free(s->s3->peer_tmp);
3357
0
#endif                          /* !OPENSSL_NO_EC */
3358
0
3359
0
    ssl3_free_digest_list(s);
3360
0
3361
0
    OPENSSL_free(s->s3->alpn_selected);
3362
0
    OPENSSL_free(s->s3->alpn_proposed);
3363
0
3364
0
    /* NULL/zero-out everything in the s3 struct */
3365
0
    memset(s->s3, 0, sizeof(*s->s3));
3366
0
3367
0
    if (!ssl_free_wbio_buffer(s))
3368
0
        return 0;
3369
0
3370
0
    s->version = SSL3_VERSION;
3371
0
3372
0
#if !defined(OPENSSL_NO_NEXTPROTONEG)
3373
0
    OPENSSL_free(s->ext.npn);
3374
0
    s->ext.npn = NULL;
3375
0
    s->ext.npn_len = 0;
3376
0
#endif
3377
0
3378
0
    return 1;
3379
0
}
3380
3381
#ifndef OPENSSL_NO_SRP
3382
static char *srp_password_from_info_cb(SSL *s, void *arg)
3383
0
{
3384
0
    return OPENSSL_strdup(s->srp_ctx.info);
3385
0
}
3386
#endif
3387
3388
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3389
3390
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3391
0
{
3392
0
    int ret = 0;
3393
0
3394
0
    switch (cmd) {
3395
0
    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3396
0
        break;
3397
0
    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3398
0
        ret = s->s3->num_renegotiations;
3399
0
        break;
3400
0
    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3401
0
        ret = s->s3->num_renegotiations;
3402
0
        s->s3->num_renegotiations = 0;
3403
0
        break;
3404
0
    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3405
0
        ret = s->s3->total_renegotiations;
3406
0
        break;
3407
0
    case SSL_CTRL_GET_FLAGS:
3408
0
        ret = (int)(s->s3->flags);
3409
0
        break;
3410
0
#ifndef OPENSSL_NO_DH
3411
0
    case SSL_CTRL_SET_TMP_DH:
3412
0
        {
3413
0
            DH *dh = (DH *)parg;
3414
0
            EVP_PKEY *pkdh = NULL;
3415
0
            if (dh == NULL) {
3416
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3417
0
                return ret;
3418
0
            }
3419
0
            pkdh = ssl_dh_to_pkey(dh);
3420
0
            if (pkdh == NULL) {
3421
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3422
0
                return 0;
3423
0
            }
3424
0
            if (!ssl_security(s, SSL_SECOP_TMP_DH,
3425
0
                              EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3426
0
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3427
0
                EVP_PKEY_free(pkdh);
3428
0
                return ret;
3429
0
            }
3430
0
            EVP_PKEY_free(s->cert->dh_tmp);
3431
0
            s->cert->dh_tmp = pkdh;
3432
0
            ret = 1;
3433
0
        }
3434
0
        break;
3435
0
    case SSL_CTRL_SET_TMP_DH_CB:
3436
0
        {
3437
0
            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3438
0
            return ret;
3439
0
        }
3440
0
    case SSL_CTRL_SET_DH_AUTO:
3441
0
        s->cert->dh_tmp_auto = larg;
3442
0
        return 1;
3443
0
#endif
3444
0
#ifndef OPENSSL_NO_EC
3445
0
    case SSL_CTRL_SET_TMP_ECDH:
3446
0
        {
3447
0
            const EC_GROUP *group = NULL;
3448
0
            int nid;
3449
0
3450
0
            if (parg == NULL) {
3451
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3452
0
                return 0;
3453
0
            }
3454
0
            group = EC_KEY_get0_group((const EC_KEY *)parg);
3455
0
            if (group == NULL) {
3456
0
                SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3457
0
                return 0;
3458
0
            }
3459
0
            nid = EC_GROUP_get_curve_name(group);
3460
0
            if (nid == NID_undef)
3461
0
                return 0;
3462
0
            return tls1_set_groups(&s->ext.supportedgroups,
3463
0
                                   &s->ext.supportedgroups_len,
3464
0
                                   &nid, 1);
3465
0
        }
3466
0
        break;
3467
0
#endif                          /* !OPENSSL_NO_EC */
3468
0
    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3469
0
        /*
3470
0
         * TODO(OpenSSL1.2)
3471
0
         * This API is only used for a client to set what SNI it will request
3472
0
         * from the server, but we currently allow it to be used on servers
3473
0
         * as well, which is a programming error.  Currently we just clear
3474
0
         * the field in SSL_do_handshake() for server SSLs, but when we can
3475
0
         * make ABI-breaking changes, we may want to make use of this API
3476
0
         * an error on server SSLs.
3477
0
         */
3478
0
        if (larg == TLSEXT_NAMETYPE_host_name) {
3479
0
            size_t len;
3480
0
3481
0
            OPENSSL_free(s->ext.hostname);
3482
0
            s->ext.hostname = NULL;
3483
0
3484
0
            ret = 1;
3485
0
            if (parg == NULL)
3486
0
                break;
3487
0
            len = strlen((char *)parg);
3488
0
            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3489
0
                SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3490
0
                return 0;
3491
0
            }
3492
0
            if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3493
0
                SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3494
0
                return 0;
3495
0
            }
3496
0
        } else {
3497
0
            SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3498
0
            return 0;
3499
0
        }
3500
0
        break;
3501
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3502
0
        s->ext.debug_arg = parg;
3503
0
        ret = 1;
3504
0
        break;
3505
0
3506
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3507
0
        ret = s->ext.status_type;
3508
0
        break;
3509
0
3510
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3511
0
        s->ext.status_type = larg;
3512
0
        ret = 1;
3513
0
        break;
3514
0
3515
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3516
0
        *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
3517
0
        ret = 1;
3518
0
        break;
3519
0
3520
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3521
0
        s->ext.ocsp.exts = parg;
3522
0
        ret = 1;
3523
0
        break;
3524
0
3525
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3526
0
        *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
3527
0
        ret = 1;
3528
0
        break;
3529
0
3530
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3531
0
        s->ext.ocsp.ids = parg;
3532
0
        ret = 1;
3533
0
        break;
3534
0
3535
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3536
0
        *(unsigned char **)parg = s->ext.ocsp.resp;
3537
0
        if (s->ext.ocsp.resp_len == 0
3538
0
                || s->ext.ocsp.resp_len > LONG_MAX)
3539
0
            return -1;
3540
0
        return (long)s->ext.ocsp.resp_len;
3541
0
3542
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3543
0
        OPENSSL_free(s->ext.ocsp.resp);
3544
0
        s->ext.ocsp.resp = parg;
3545
0
        s->ext.ocsp.resp_len = larg;
3546
0
        ret = 1;
3547
0
        break;
3548
0
3549
#ifndef OPENSSL_NO_HEARTBEATS
3550
    case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3551
    case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3552
    case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3553
        break;
3554
#endif
3555
3556
0
    case SSL_CTRL_CHAIN:
3557
0
        if (larg)
3558
0
            return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3559
0
        else
3560
0
            return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3561
0
3562
0
    case SSL_CTRL_CHAIN_CERT:
3563
0
        if (larg)
3564
0
            return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3565
0
        else
3566
0
            return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3567
0
3568
0
    case SSL_CTRL_GET_CHAIN_CERTS:
3569
0
        *(STACK_OF(X509) **)parg = s->cert->key->chain;
3570
0
        break;
3571
0
3572
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
3573
0
        return ssl_cert_select_current(s->cert, (X509 *)parg);
3574
0
3575
0
    case SSL_CTRL_SET_CURRENT_CERT:
3576
0
        if (larg == SSL_CERT_SET_SERVER) {
3577
0
            const SSL_CIPHER *cipher;
3578
0
            if (!s->server)
3579
0
                return 0;
3580
0
            cipher = s->s3->tmp.new_cipher;
3581
0
            if (cipher == NULL)
3582
0
                return 0;
3583
0
            /*
3584
0
             * No certificate for unauthenticated ciphersuites or using SRP
3585
0
             * authentication
3586
0
             */
3587
0
            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3588
0
                return 2;
3589
0
            if (s->s3->tmp.cert == NULL)
3590
0
                return 0;
3591
0
            s->cert->key = s->s3->tmp.cert;
3592
0
            return 1;
3593
0
        }
3594
0
        return ssl_cert_set_current(s->cert, larg);
3595
0
3596
0
#ifndef OPENSSL_NO_EC
3597
0
    case SSL_CTRL_GET_GROUPS:
3598
0
        {
3599
0
            uint16_t *clist;
3600
0
            size_t clistlen;
3601
0
3602
0
            if (!s->session)
3603
0
                return 0;
3604
0
            clist = s->session->ext.supportedgroups;
3605
0
            clistlen = s->session->ext.supportedgroups_len;
3606
0
            if (parg) {
3607
0
                size_t i;
3608
0
                int *cptr = parg;
3609
0
3610
0
                for (i = 0; i < clistlen; i++) {
3611
0
                    const TLS_GROUP_INFO *cinf = tls1_group_id_lookup(clist[i]);
3612
0
3613
0
                    if (cinf != NULL)
3614
0
                        cptr[i] = cinf->nid;
3615
0
                    else
3616
0
                        cptr[i] = TLSEXT_nid_unknown | clist[i];
3617
0
                }
3618
0
            }
3619
0
            return (int)clistlen;
3620
0
        }
3621
0
3622
0
    case SSL_CTRL_SET_GROUPS:
3623
0
        return tls1_set_groups(&s->ext.supportedgroups,
3624
0
                               &s->ext.supportedgroups_len, parg, larg);
3625
0
3626
0
    case SSL_CTRL_SET_GROUPS_LIST:
3627
0
        return tls1_set_groups_list(&s->ext.supportedgroups,
3628
0
                                    &s->ext.supportedgroups_len, parg);
3629
0
3630
0
    case SSL_CTRL_GET_SHARED_GROUP:
3631
0
        {
3632
0
            uint16_t id = tls1_shared_group(s, larg);
3633
0
3634
0
            if (larg != -1) {
3635
0
                const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
3636
0
3637
0
                return ginf == NULL ? 0 : ginf->nid;
3638
0
            }
3639
0
            return id;
3640
0
        }
3641
0
#endif
3642
0
    case SSL_CTRL_SET_SIGALGS:
3643
0
        return tls1_set_sigalgs(s->cert, parg, larg, 0);
3644
0
3645
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3646
0
        return tls1_set_sigalgs_list(s->cert, parg, 0);
3647
0
3648
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3649
0
        return tls1_set_sigalgs(s->cert, parg, larg, 1);
3650
0
3651
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3652
0
        return tls1_set_sigalgs_list(s->cert, parg, 1);
3653
0
3654
0
    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3655
0
        {
3656
0
            const unsigned char **pctype = parg;
3657
0
            if (s->server || !s->s3->tmp.cert_req)
3658
0
                return 0;
3659
0
            if (pctype)
3660
0
                *pctype = s->s3->tmp.ctype;
3661
0
            return s->s3->tmp.ctype_len;
3662
0
        }
3663
0
3664
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3665
0
        if (!s->server)
3666
0
            return 0;
3667
0
        return ssl3_set_req_cert_type(s->cert, parg, larg);
3668
0
3669
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3670
0
        return ssl_build_cert_chain(s, NULL, larg);
3671
0
3672
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3673
0
        return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3674
0
3675
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3676
0
        return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3677
0
3678
0
    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3679
0
        if (s->s3->tmp.peer_sigalg == NULL)
3680
0
            return 0;
3681
0
        *(int *)parg = s->s3->tmp.peer_sigalg->hash;
3682
0
        return 1;
3683
0
3684
0
    case SSL_CTRL_GET_SERVER_TMP_KEY:
3685
0
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3686
0
        if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
3687
0
            return 0;
3688
0
        } else {
3689
0
            EVP_PKEY_up_ref(s->s3->peer_tmp);
3690
0
            *(EVP_PKEY **)parg = s->s3->peer_tmp;
3691
0
            return 1;
3692
0
        }
3693
#else
3694
        return 0;
3695
#endif
3696
#ifndef OPENSSL_NO_EC
3697
0
    case SSL_CTRL_GET_EC_POINT_FORMATS:
3698
0
        {
3699
0
            SSL_SESSION *sess = s->session;
3700
0
            const unsigned char **pformat = parg;
3701
0
3702
0
            if (sess == NULL || sess->ext.ecpointformats == NULL)
3703
0
                return 0;
3704
0
            *pformat = sess->ext.ecpointformats;
3705
0
            return (int)sess->ext.ecpointformats_len;
3706
0
        }
3707
0
#endif
3708
0
3709
0
    default:
3710
0
        break;
3711
0
    }
3712
0
    return ret;
3713
0
}
3714
3715
long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3716
0
{
3717
0
    int ret = 0;
3718
0
3719
0
    switch (cmd) {
3720
0
#ifndef OPENSSL_NO_DH
3721
0
    case SSL_CTRL_SET_TMP_DH_CB:
3722
0
        {
3723
0
            s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3724
0
        }
3725
0
        break;
3726
0
#endif
3727
0
    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3728
0
        s->ext.debug_cb = (void (*)(SSL *, int, int,
3729
0
                                    const unsigned char *, int, void *))fp;
3730
0
        break;
3731
0
3732
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3733
0
        {
3734
0
            s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3735
0
        }
3736
0
        break;
3737
0
    default:
3738
0
        break;
3739
0
    }
3740
0
    return ret;
3741
0
}
3742
3743
long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3744
0
{
3745
0
    switch (cmd) {
3746
0
#ifndef OPENSSL_NO_DH
3747
0
    case SSL_CTRL_SET_TMP_DH:
3748
0
        {
3749
0
            DH *dh = (DH *)parg;
3750
0
            EVP_PKEY *pkdh = NULL;
3751
0
            if (dh == NULL) {
3752
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3753
0
                return 0;
3754
0
            }
3755
0
            pkdh = ssl_dh_to_pkey(dh);
3756
0
            if (pkdh == NULL) {
3757
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3758
0
                return 0;
3759
0
            }
3760
0
            if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
3761
0
                                  EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3762
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3763
0
                EVP_PKEY_free(pkdh);
3764
0
                return 1;
3765
0
            }
3766
0
            EVP_PKEY_free(ctx->cert->dh_tmp);
3767
0
            ctx->cert->dh_tmp = pkdh;
3768
0
            return 1;
3769
0
        }
3770
0
    case SSL_CTRL_SET_TMP_DH_CB:
3771
0
        {
3772
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3773
0
            return 0;
3774
0
        }
3775
0
    case SSL_CTRL_SET_DH_AUTO:
3776
0
        ctx->cert->dh_tmp_auto = larg;
3777
0
        return 1;
3778
0
#endif
3779
0
#ifndef OPENSSL_NO_EC
3780
0
    case SSL_CTRL_SET_TMP_ECDH:
3781
0
        {
3782
0
            const EC_GROUP *group = NULL;
3783
0
            int nid;
3784
0
3785
0
            if (parg == NULL) {
3786
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3787
0
                return 0;
3788
0
            }
3789
0
            group = EC_KEY_get0_group((const EC_KEY *)parg);
3790
0
            if (group == NULL) {
3791
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
3792
0
                return 0;
3793
0
            }
3794
0
            nid = EC_GROUP_get_curve_name(group);
3795
0
            if (nid == NID_undef)
3796
0
                return 0;
3797
0
            return tls1_set_groups(&ctx->ext.supportedgroups,
3798
0
                                   &ctx->ext.supportedgroups_len,
3799
0
                                   &nid, 1);
3800
0
        }
3801
0
#endif                          /* !OPENSSL_NO_EC */
3802
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3803
0
        ctx->ext.servername_arg = parg;
3804
0
        break;
3805
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3806
0
    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3807
0
        {
3808
0
            unsigned char *keys = parg;
3809
0
            long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3810
0
                                sizeof(ctx->ext.secure->tick_hmac_key) +
3811
0
                                sizeof(ctx->ext.secure->tick_aes_key));
3812
0
            if (keys == NULL)
3813
0
                return tick_keylen;
3814
0
            if (larg != tick_keylen) {
3815
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3816
0
                return 0;
3817
0
            }
3818
0
            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3819
0
                memcpy(ctx->ext.tick_key_name, keys,
3820
0
                       sizeof(ctx->ext.tick_key_name));
3821
0
                memcpy(ctx->ext.secure->tick_hmac_key,
3822
0
                       keys + sizeof(ctx->ext.tick_key_name),
3823
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3824
0
                memcpy(ctx->ext.secure->tick_aes_key,
3825
0
                       keys + sizeof(ctx->ext.tick_key_name) +
3826
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3827
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3828
0
            } else {
3829
0
                memcpy(keys, ctx->ext.tick_key_name,
3830
0
                       sizeof(ctx->ext.tick_key_name));
3831
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
3832
0
                       ctx->ext.secure->tick_hmac_key,
3833
0
                       sizeof(ctx->ext.secure->tick_hmac_key));
3834
0
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3835
0
                       sizeof(ctx->ext.secure->tick_hmac_key),
3836
0
                       ctx->ext.secure->tick_aes_key,
3837
0
                       sizeof(ctx->ext.secure->tick_aes_key));
3838
0
            }
3839
0
            return 1;
3840
0
        }
3841
0
3842
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3843
0
        return ctx->ext.status_type;
3844
0
3845
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3846
0
        ctx->ext.status_type = larg;
3847
0
        break;
3848
0
3849
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3850
0
        ctx->ext.status_arg = parg;
3851
0
        return 1;
3852
0
3853
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3854
0
        *(void**)parg = ctx->ext.status_arg;
3855
0
        break;
3856
0
3857
0
    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3858
0
        *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3859
0
        break;
3860
0
3861
0
#ifndef OPENSSL_NO_SRP
3862
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3863
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3864
0
        OPENSSL_free(ctx->srp_ctx.login);
3865
0
        ctx->srp_ctx.login = NULL;
3866
0
        if (parg == NULL)
3867
0
            break;
3868
0
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3869
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3870
0
            return 0;
3871
0
        }
3872
0
        if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3873
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3874
0
            return 0;
3875
0
        }
3876
0
        break;
3877
0
    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3878
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3879
0
            srp_password_from_info_cb;
3880
0
        if (ctx->srp_ctx.info != NULL)
3881
0
            OPENSSL_free(ctx->srp_ctx.info);
3882
0
        if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) {
3883
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3884
0
            return 0;
3885
0
        }
3886
0
        break;
3887
0
    case SSL_CTRL_SET_SRP_ARG:
3888
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3889
0
        ctx->srp_ctx.SRP_cb_arg = parg;
3890
0
        break;
3891
0
3892
0
    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3893
0
        ctx->srp_ctx.strength = larg;
3894
0
        break;
3895
0
#endif
3896
0
3897
0
#ifndef OPENSSL_NO_EC
3898
0
    case SSL_CTRL_SET_GROUPS:
3899
0
        return tls1_set_groups(&ctx->ext.supportedgroups,
3900
0
                               &ctx->ext.supportedgroups_len,
3901
0
                               parg, larg);
3902
0
3903
0
    case SSL_CTRL_SET_GROUPS_LIST:
3904
0
        return tls1_set_groups_list(&ctx->ext.supportedgroups,
3905
0
                                    &ctx->ext.supportedgroups_len,
3906
0
                                    parg);
3907
0
#endif
3908
0
    case SSL_CTRL_SET_SIGALGS:
3909
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3910
0
3911
0
    case SSL_CTRL_SET_SIGALGS_LIST:
3912
0
        return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3913
0
3914
0
    case SSL_CTRL_SET_CLIENT_SIGALGS:
3915
0
        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3916
0
3917
0
    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3918
0
        return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3919
0
3920
0
    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3921
0
        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3922
0
3923
0
    case SSL_CTRL_BUILD_CERT_CHAIN:
3924
0
        return ssl_build_cert_chain(NULL, ctx, larg);
3925
0
3926
0
    case SSL_CTRL_SET_VERIFY_CERT_STORE:
3927
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3928
0
3929
0
    case SSL_CTRL_SET_CHAIN_CERT_STORE:
3930
0
        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3931
0
3932
0
        /* A Thawte special :-) */
3933
0
    case SSL_CTRL_EXTRA_CHAIN_CERT:
3934
0
        if (ctx->extra_certs == NULL) {
3935
0
            if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3936
0
                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3937
0
                return 0;
3938
0
            }
3939
0
        }
3940
0
        if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3941
0
            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3942
0
            return 0;
3943
0
        }
3944
0
        break;
3945
0
3946
0
    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3947
0
        if (ctx->extra_certs == NULL && larg == 0)
3948
0
            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3949
0
        else
3950
0
            *(STACK_OF(X509) **)parg = ctx->extra_certs;
3951
0
        break;
3952
0
3953
0
    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3954
0
        sk_X509_pop_free(ctx->extra_certs, X509_free);
3955
0
        ctx->extra_certs = NULL;
3956
0
        break;
3957
0
3958
0
    case SSL_CTRL_CHAIN:
3959
0
        if (larg)
3960
0
            return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3961
0
        else
3962
0
            return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3963
0
3964
0
    case SSL_CTRL_CHAIN_CERT:
3965
0
        if (larg)
3966
0
            return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3967
0
        else
3968
0
            return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
3969
0
3970
0
    case SSL_CTRL_GET_CHAIN_CERTS:
3971
0
        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3972
0
        break;
3973
0
3974
0
    case SSL_CTRL_SELECT_CURRENT_CERT:
3975
0
        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
3976
0
3977
0
    case SSL_CTRL_SET_CURRENT_CERT:
3978
0
        return ssl_cert_set_current(ctx->cert, larg);
3979
0
3980
0
    default:
3981
0
        return 0;
3982
0
    }
3983
0
    return 1;
3984
0
}
3985
3986
long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3987
0
{
3988
0
    switch (cmd) {
3989
0
#ifndef OPENSSL_NO_DH
3990
0
    case SSL_CTRL_SET_TMP_DH_CB:
3991
0
        {
3992
0
            ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3993
0
        }
3994
0
        break;
3995
0
#endif
3996
0
    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3997
0
        ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
3998
0
        break;
3999
0
4000
0
    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4001
0
        ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
4002
0
        break;
4003
0
4004
0
    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4005
0
        ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
4006
0
                                             unsigned char *,
4007
0
                                             EVP_CIPHER_CTX *,
4008
0
                                             HMAC_CTX *, int))fp;
4009
0
        break;
4010
0
4011
0
#ifndef OPENSSL_NO_SRP
4012
0
    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4013
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4014
0
        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
4015
0
        break;
4016
0
    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4017
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4018
0
        ctx->srp_ctx.TLS_ext_srp_username_callback =
4019
0
            (int (*)(SSL *, int *, void *))fp;
4020
0
        break;
4021
0
    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4022
0
        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
4023
0
        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
4024
0
            (char *(*)(SSL *, void *))fp;
4025
0
        break;
4026
0
#endif
4027
0
    case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
4028
0
        {
4029
0
            ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4030
0
        }
4031
0
        break;
4032
0
    default:
4033
0
        return 0;
4034
0
    }
4035
0
    return 1;
4036
0
}
4037
4038
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
4039
0
{
4040
0
    SSL_CIPHER c;
4041
0
    const SSL_CIPHER *cp;
4042
0
4043
0
    c.id = id;
4044
0
    cp = OBJ_bsearch_ssl_cipher_id(&c, tls13_ciphers, TLS13_NUM_CIPHERS);
4045
0
    if (cp != NULL)
4046
0
        return cp;
4047
0
    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4048
0
    if (cp != NULL)
4049
0
        return cp;
4050
0
    return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
4051
0
}
4052
4053
const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
4054
0
{
4055
0
    SSL_CIPHER *c = NULL, *tbl;
4056
0
    SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers};
4057
0
    size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS};
4058
0
4059
0
    /* this is not efficient, necessary to optimize this? */
4060
0
    for (j = 0; j < OSSL_NELEM(alltabs); j++) {
4061
0
        for (i = 0, tbl = alltabs[j]; i < tblsize[j]; i++, tbl++) {
4062
0
            if (tbl->stdname == NULL)
4063
0
                continue;
4064
0
            if (strcmp(stdname, tbl->stdname) == 0) {
4065
0
                c = tbl;
4066
0
                break;
4067
0
            }
4068
0
        }
4069
0
    }
4070
0
    if (c == NULL) {
4071
0
        tbl = ssl3_scsvs;
4072
0
        for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) {
4073
0
            if (strcmp(stdname, tbl->stdname) == 0) {
4074
0
                c = tbl;
4075
0
                break;
4076
0
            }
4077
0
        }
4078
0
    }
4079
0
    return c;
4080
0
}
4081
4082
/*
4083
 * This function needs to check if the ciphers required are actually
4084
 * available
4085
 */
4086
const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4087
0
{
4088
0
    return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
4089
0
                                 | ((uint32_t)p[0] << 8L)
4090
0
                                 | (uint32_t)p[1]);
4091
0
}
4092
4093
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
4094
0
{
4095
0
    if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
4096
0
        *len = 0;
4097
0
        return 1;
4098
0
    }
4099
0
4100
0
    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
4101
0
        return 0;
4102
0
4103
0
    *len = 2;
4104
0
    return 1;
4105
0
}
4106
4107
/*
4108
 * ssl3_choose_cipher - choose a cipher from those offered by the client
4109
 * @s: SSL connection
4110
 * @clnt: ciphers offered by the client
4111
 * @srvr: ciphers enabled on the server?
4112
 *
4113
 * Returns the selected cipher or NULL when no common ciphers.
4114
 */
4115
const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4116
                                     STACK_OF(SSL_CIPHER) *srvr)
4117
0
{
4118
0
    const SSL_CIPHER *c, *ret = NULL;
4119
0
    STACK_OF(SSL_CIPHER) *prio, *allow;
4120
0
    int i, ii, ok, prefer_sha256 = 0;
4121
0
    unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
4122
0
    const EVP_MD *mdsha256 = EVP_sha256();
4123
0
#ifndef OPENSSL_NO_CHACHA
4124
0
    STACK_OF(SSL_CIPHER) *prio_chacha = NULL;
4125
0
#endif
4126
0
4127
0
    /* Let's see which ciphers we can support */
4128
0
4129
0
    /*
4130
0
     * Do not set the compare functions, because this may lead to a
4131
0
     * reordering by "id". We want to keep the original ordering. We may pay
4132
0
     * a price in performance during sk_SSL_CIPHER_find(), but would have to
4133
0
     * pay with the price of sk_SSL_CIPHER_dup().
4134
0
     */
4135
0
4136
#ifdef CIPHER_DEBUG
4137
    fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
4138
            (void *)srvr);
4139
    for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
4140
        c = sk_SSL_CIPHER_value(srvr, i);
4141
        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4142
    }
4143
    fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
4144
            (void *)clnt);
4145
    for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
4146
        c = sk_SSL_CIPHER_value(clnt, i);
4147
        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
4148
    }
4149
#endif
4150
4151
0
    /* SUITE-B takes precedence over server preference and ChaCha priortiy */
4152
0
    if (tls1_suiteb(s)) {
4153
0
        prio = srvr;
4154
0
        allow = clnt;
4155
0
    } else if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
4156
0
        prio = srvr;
4157
0
        allow = clnt;
4158
0
#ifndef OPENSSL_NO_CHACHA
4159
0
        /* If ChaCha20 is at the top of the client preference list,
4160
0
           and there are ChaCha20 ciphers in the server list, then
4161
0
           temporarily prioritize all ChaCha20 ciphers in the servers list. */
4162
0
        if (s->options & SSL_OP_PRIORITIZE_CHACHA && sk_SSL_CIPHER_num(clnt) > 0) {
4163
0
            c = sk_SSL_CIPHER_value(clnt, 0);
4164
0
            if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4165
0
                /* ChaCha20 is client preferred, check server... */
4166
0
                int num = sk_SSL_CIPHER_num(srvr);
4167
0
                int found = 0;
4168
0
                for (i = 0; i < num; i++) {
4169
0
                    c = sk_SSL_CIPHER_value(srvr, i);
4170
0
                    if (c->algorithm_enc == SSL_CHACHA20POLY1305) {
4171
0
                        found = 1;
4172
0
                        break;
4173
0
                    }
4174
0
                }
4175
0
                if (found) {
4176
0
                    prio_chacha = sk_SSL_CIPHER_new_reserve(NULL, num);
4177
0
                    /* if reserve fails, then there's likely a memory issue */
4178
0
                    if (prio_chacha != NULL) {
4179
0
                        /* Put all ChaCha20 at the top, starting with the one we just found */
4180
0
                        sk_SSL_CIPHER_push(prio_chacha, c);
4181
0
                        for (i++; i < num; i++) {
4182
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4183
0
                            if (c->algorithm_enc == SSL_CHACHA20POLY1305)
4184
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4185
0
                        }
4186
0
                        /* Pull in the rest */
4187
0
                        for (i = 0; i < num; i++) {
4188
0
                            c = sk_SSL_CIPHER_value(srvr, i);
4189
0
                            if (c->algorithm_enc != SSL_CHACHA20POLY1305)
4190
0
                                sk_SSL_CIPHER_push(prio_chacha, c);
4191
0
                        }
4192
0
                        prio = prio_chacha;
4193
0
                    }
4194
0
                }
4195
0
            }
4196
0
        }
4197
0
# endif
4198
0
    } else {
4199
0
        prio = clnt;
4200
0
        allow = srvr;
4201
0
    }
4202
0
4203
0
    if (SSL_IS_TLS13(s)) {
4204
0
#ifndef OPENSSL_NO_PSK
4205
0
        int j;
4206
0
4207
0
        /*
4208
0
         * If we allow "old" style PSK callbacks, and we have no certificate (so
4209
0
         * we're not going to succeed without a PSK anyway), and we're in
4210
0
         * TLSv1.3 then the default hash for a PSK is SHA-256 (as per the
4211
0
         * TLSv1.3 spec). Therefore we should prioritise ciphersuites using
4212
0
         * that.
4213
0
         */
4214
0
        if (s->psk_server_callback != NULL) {
4215
0
            for (j = 0; j < SSL_PKEY_NUM && !ssl_has_cert(s, j); j++);
4216
0
            if (j == SSL_PKEY_NUM) {
4217
0
                /* There are no certificates */
4218
0
                prefer_sha256 = 1;
4219
0
            }
4220
0
        }
4221
0
#endif
4222
0
    } else {
4223
0
        tls1_set_cert_validity(s);
4224
0
        ssl_set_masks(s);
4225
0
    }
4226
0
4227
0
    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
4228
0
        c = sk_SSL_CIPHER_value(prio, i);
4229
0
4230
0
        /* Skip ciphers not supported by the protocol version */
4231
0
        if (!SSL_IS_DTLS(s) &&
4232
0
            ((s->version < c->min_tls) || (s->version > c->max_tls)))
4233
0
            continue;
4234
0
        if (SSL_IS_DTLS(s) &&
4235
0
            (DTLS_VERSION_LT(s->version, c->min_dtls) ||
4236
0
             DTLS_VERSION_GT(s->version, c->max_dtls)))
4237
0
            continue;
4238
0
4239
0
        /*
4240
0
         * Since TLS 1.3 ciphersuites can be used with any auth or
4241
0
         * key exchange scheme skip tests.
4242
0
         */
4243
0
        if (!SSL_IS_TLS13(s)) {
4244
0
            mask_k = s->s3->tmp.mask_k;
4245
0
            mask_a = s->s3->tmp.mask_a;
4246
0
#ifndef OPENSSL_NO_SRP
4247
0
            if (s->srp_ctx.srp_Mask & SSL_kSRP) {
4248
0
                mask_k |= SSL_kSRP;
4249
0
                mask_a |= SSL_aSRP;
4250
0
            }
4251
0
#endif
4252
0
4253
0
            alg_k = c->algorithm_mkey;
4254
0
            alg_a = c->algorithm_auth;
4255
0
4256
0
#ifndef OPENSSL_NO_PSK
4257
0
            /* with PSK there must be server callback set */
4258
0
            if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
4259
0
                continue;
4260
0
#endif                          /* OPENSSL_NO_PSK */
4261
0
4262
0
            ok = (alg_k & mask_k) && (alg_a & mask_a);
4263
#ifdef CIPHER_DEBUG
4264
            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
4265
                    alg_a, mask_k, mask_a, (void *)c, c->name);
4266
#endif
4267
4268
0
#ifndef OPENSSL_NO_EC
4269
0
            /*
4270
0
             * if we are considering an ECC cipher suite that uses an ephemeral
4271
0
             * EC key check it
4272
0
             */
4273
0
            if (alg_k & SSL_kECDHE)
4274
0
                ok = ok && tls1_check_ec_tmp_key(s, c->id);
4275
0
#endif                          /* OPENSSL_NO_EC */
4276
0
4277
0
            if (!ok)
4278
0
                continue;
4279
0
        }
4280
0
        ii = sk_SSL_CIPHER_find(allow, c);
4281
0
        if (ii >= 0) {
4282
0
            /* Check security callback permits this cipher */
4283
0
            if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
4284
0
                              c->strength_bits, 0, (void *)c))
4285
0
                continue;
4286
0
#if !defined(OPENSSL_NO_EC)
4287
0
            if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
4288
0
                && s->s3->is_probably_safari) {
4289
0
                if (!ret)
4290
0
                    ret = sk_SSL_CIPHER_value(allow, ii);
4291
0
                continue;
4292
0
            }
4293
0
#endif
4294
0
            if (prefer_sha256) {
4295
0
                const SSL_CIPHER *tmp = sk_SSL_CIPHER_value(allow, ii);
4296
0
4297
0
                if (ssl_md(tmp->algorithm2) == mdsha256) {
4298
0
                    ret = tmp;
4299
0
                    break;
4300
0
                }
4301
0
                if (ret == NULL)
4302
0
                    ret = tmp;
4303
0
                continue;
4304
0
            }
4305
0
            ret = sk_SSL_CIPHER_value(allow, ii);
4306
0
            break;
4307
0
        }
4308
0
    }
4309
0
#ifndef OPENSSL_NO_CHACHA
4310
0
    sk_SSL_CIPHER_free(prio_chacha);
4311
0
#endif
4312
0
    return ret;
4313
0
}
4314
4315
int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
4316
0
{
4317
0
    uint32_t alg_k, alg_a = 0;
4318
0
4319
0
    /* If we have custom certificate types set, use them */
4320
0
    if (s->cert->ctype)
4321
0
        return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
4322
0
    /* Get mask of algorithms disabled by signature list */
4323
0
    ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
4324
0
4325
0
    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4326
0
4327
0
#ifndef OPENSSL_NO_GOST
4328
0
    if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
4329
0
            return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
4330
0
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN)
4331
0
                    && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN);
4332
0
#endif
4333
0
4334
0
    if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
4335
0
#ifndef OPENSSL_NO_DH
4336
0
# ifndef OPENSSL_NO_RSA
4337
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
4338
0
            return 0;
4339
0
# endif
4340
0
# ifndef OPENSSL_NO_DSA
4341
0
        if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
4342
0
            return 0;
4343
0
# endif
4344
0
#endif                          /* !OPENSSL_NO_DH */
4345
0
    }
4346
0
#ifndef OPENSSL_NO_RSA
4347
0
    if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4348
0
        return 0;
4349
0
#endif
4350
0
#ifndef OPENSSL_NO_DSA
4351
0
    if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4352
0
        return 0;
4353
0
#endif
4354
0
#ifndef OPENSSL_NO_EC
4355
0
    /*
4356
0
     * ECDSA certs can be used with RSA cipher suites too so we don't
4357
0
     * need to check for SSL_kECDH or SSL_kECDHE
4358
0
     */
4359
0
    if (s->version >= TLS1_VERSION
4360
0
            && !(alg_a & SSL_aECDSA)
4361
0
            && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4362
0
        return 0;
4363
0
#endif
4364
0
    return 1;
4365
0
}
4366
4367
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4368
0
{
4369
0
    OPENSSL_free(c->ctype);
4370
0
    c->ctype = NULL;
4371
0
    c->ctype_len = 0;
4372
0
    if (p == NULL || len == 0)
4373
0
        return 1;
4374
0
    if (len > 0xff)
4375
0
        return 0;
4376
0
    c->ctype = OPENSSL_memdup(p, len);
4377
0
    if (c->ctype == NULL)
4378
0
        return 0;
4379
0
    c->ctype_len = len;
4380
0
    return 1;
4381
0
}
4382
4383
int ssl3_shutdown(SSL *s)
4384
0
{
4385
0
    int ret;
4386
0
4387
0
    /*
4388
0
     * Don't do anything much if we have not done the handshake or we don't
4389
0
     * want to send messages :-)
4390
0
     */
4391
0
    if (s->quiet_shutdown || SSL_in_before(s)) {
4392
0
        s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4393
0
        return 1;
4394
0
    }
4395
0
4396
0
    if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4397
0
        s->shutdown |= SSL_SENT_SHUTDOWN;
4398
0
        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4399
0
        /*
4400
0
         * our shutdown alert has been sent now, and if it still needs to be
4401
0
         * written, s->s3->alert_dispatch will be true
4402
0
         */
4403
0
        if (s->s3->alert_dispatch)
4404
0
            return -1;        /* return WANT_WRITE */
4405
0
    } else if (s->s3->alert_dispatch) {
4406
0
        /* resend it if not sent */
4407
0
        ret = s->method->ssl_dispatch_alert(s);
4408
0
        if (ret == -1) {
4409
0
            /*
4410
0
             * we only get to return -1 here the 2nd/Nth invocation, we must
4411
0
             * have already signalled return 0 upon a previous invocation,
4412
0
             * return WANT_WRITE
4413
0
             */
4414
0
            return ret;
4415
0
        }
4416
0
    } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4417
0
        size_t readbytes;
4418
0
        /*
4419
0
         * If we are waiting for a close from our peer, we are closed
4420
0
         */
4421
0
        s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4422
0
        if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4423
0
            return -1;        /* return WANT_READ */
4424
0
        }
4425
0
    }
4426
0
4427
0
    if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4428
0
        !s->s3->alert_dispatch)
4429
0
        return 1;
4430
0
    else
4431
0
        return 0;
4432
0
}
4433
4434
int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4435
0
{
4436
0
    clear_sys_error();
4437
0
    if (s->s3->renegotiate)
4438
0
        ssl3_renegotiate_check(s, 0);
4439
0
4440
0
    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4441
0
                                      written);
4442
0
}
4443
4444
static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4445
                              size_t *readbytes)
4446
0
{
4447
0
    int ret;
4448
0
4449
0
    clear_sys_error();
4450
0
    if (s->s3->renegotiate)
4451
0
        ssl3_renegotiate_check(s, 0);
4452
0
    s->s3->in_read_app_data = 1;
4453
0
    ret =
4454
0
        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4455
0
                                  peek, readbytes);
4456
0
    if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4457
0
        /*
4458
0
         * ssl3_read_bytes decided to call s->handshake_func, which called
4459
0
         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4460
0
         * actually found application data and thinks that application data
4461
0
         * makes sense here; so disable handshake processing and try to read
4462
0
         * application data again.
4463
0
         */
4464
0
        ossl_statem_set_in_handshake(s, 1);
4465
0
        ret =
4466
0
            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4467
0
                                      len, peek, readbytes);
4468
0
        ossl_statem_set_in_handshake(s, 0);
4469
0
    } else
4470
0
        s->s3->in_read_app_data = 0;
4471
0
4472
0
    return ret;
4473
0
}
4474
4475
int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4476
0
{
4477
0
    return ssl3_read_internal(s, buf, len, 0, readbytes);
4478
0
}
4479
4480
int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4481
0
{
4482
0
    return ssl3_read_internal(s, buf, len, 1, readbytes);
4483
0
}
4484
4485
int ssl3_renegotiate(SSL *s)
4486
0
{
4487
0
    if (s->handshake_func == NULL)
4488
0
        return 1;
4489
0
4490
0
    s->s3->renegotiate = 1;
4491
0
    return 1;
4492
0
}
4493
4494
/*
4495
 * Check if we are waiting to do a renegotiation and if so whether now is a
4496
 * good time to do it. If |initok| is true then we are being called from inside
4497
 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4498
 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4499
 * should do a renegotiation now and sets up the state machine for it. Otherwise
4500
 * returns 0.
4501
 */
4502
int ssl3_renegotiate_check(SSL *s, int initok)
4503
0
{
4504
0
    int ret = 0;
4505
0
4506
0
    if (s->s3->renegotiate) {
4507
0
        if (!RECORD_LAYER_read_pending(&s->rlayer)
4508
0
            && !RECORD_LAYER_write_pending(&s->rlayer)
4509
0
            && (initok || !SSL_in_init(s))) {
4510
0
            /*
4511
0
             * if we are the server, and we have sent a 'RENEGOTIATE'
4512
0
             * message, we need to set the state machine into the renegotiate
4513
0
             * state.
4514
0
             */
4515
0
            ossl_statem_set_renegotiate(s);
4516
0
            s->s3->renegotiate = 0;
4517
0
            s->s3->num_renegotiations++;
4518
0
            s->s3->total_renegotiations++;
4519
0
            ret = 1;
4520
0
        }
4521
0
    }
4522
0
    return ret;
4523
0
}
4524
4525
/*
4526
 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4527
 * handshake macs if required.
4528
 *
4529
 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4530
 */
4531
long ssl_get_algorithm2(SSL *s)
4532
0
{
4533
0
    long alg2;
4534
0
    if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
4535
0
        return -1;
4536
0
    alg2 = s->s3->tmp.new_cipher->algorithm2;
4537
0
    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4538
0
        if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4539
0
            return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4540
0
    } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4541
0
        if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4542
0
            return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4543
0
    }
4544
0
    return alg2;
4545
0
}
4546
4547
/*
4548
 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4549
 * failure, 1 on success.
4550
 */
4551
int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4552
                          DOWNGRADE dgrd)
4553
0
{
4554
0
    int send_time = 0, ret;
4555
0
4556
0
    if (len < 4)
4557
0
        return 0;
4558
0
    if (server)
4559
0
        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4560
0
    else
4561
0
        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4562
0
    if (send_time) {
4563
0
        unsigned long Time = (unsigned long)time(NULL);
4564
0
        unsigned char *p = result;
4565
0
4566
0
        l2n(Time, p);
4567
0
        ret = RAND_bytes(p, len - 4);
4568
0
    } else {
4569
0
        ret = RAND_bytes(result, len);
4570
0
    }
4571
0
4572
0
    if (ret > 0) {
4573
0
        if (!ossl_assert(sizeof(tls11downgrade) < len)
4574
0
                || !ossl_assert(sizeof(tls12downgrade) < len))
4575
0
             return 0;
4576
0
        if (dgrd == DOWNGRADE_TO_1_2)
4577
0
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4578
0
                   sizeof(tls12downgrade));
4579
0
        else if (dgrd == DOWNGRADE_TO_1_1)
4580
0
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4581
0
                   sizeof(tls11downgrade));
4582
0
    }
4583
0
4584
0
    return ret;
4585
0
}
4586
4587
int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4588
                               int free_pms)
4589
0
{
4590
0
    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4591
0
    int ret = 0;
4592
0
4593
0
    if (alg_k & SSL_PSK) {
4594
0
#ifndef OPENSSL_NO_PSK
4595
0
        unsigned char *pskpms, *t;
4596
0
        size_t psklen = s->s3->tmp.psklen;
4597
0
        size_t pskpmslen;
4598
0
4599
0
        /* create PSK premaster_secret */
4600
0
4601
0
        /* For plain PSK "other_secret" is psklen zeroes */
4602
0
        if (alg_k & SSL_kPSK)
4603
0
            pmslen = psklen;
4604
0
4605
0
        pskpmslen = 4 + pmslen + psklen;
4606
0
        pskpms = OPENSSL_malloc(pskpmslen);
4607
0
        if (pskpms == NULL)
4608
0
            goto err;
4609
0
        t = pskpms;
4610
0
        s2n(pmslen, t);
4611
0
        if (alg_k & SSL_kPSK)
4612
0
            memset(t, 0, pmslen);
4613
0
        else
4614
0
            memcpy(t, pms, pmslen);
4615
0
        t += pmslen;
4616
0
        s2n(psklen, t);
4617
0
        memcpy(t, s->s3->tmp.psk, psklen);
4618
0
4619
0
        OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4620
0
        s->s3->tmp.psk = NULL;
4621
0
        if (!s->method->ssl3_enc->generate_master_secret(s,
4622
0
                    s->session->master_key,pskpms, pskpmslen,
4623
0
                    &s->session->master_key_length)) {
4624
0
            /* SSLfatal() already called */
4625
0
            goto err;
4626
0
        }
4627
0
        OPENSSL_clear_free(pskpms, pskpmslen);
4628
#else
4629
        /* Should never happen */
4630
        goto err;
4631
#endif
4632
0
    } else {
4633
0
        if (!s->method->ssl3_enc->generate_master_secret(s,
4634
0
                s->session->master_key, pms, pmslen,
4635
0
                &s->session->master_key_length)) {
4636
0
            /* SSLfatal() already called */
4637
0
            goto err;
4638
0
        }
4639
0
    }
4640
0
4641
0
    ret = 1;
4642
0
 err:
4643
0
    if (pms) {
4644
0
        if (free_pms)
4645
0
            OPENSSL_clear_free(pms, pmslen);
4646
0
        else
4647
0
            OPENSSL_cleanse(pms, pmslen);
4648
0
    }
4649
0
    if (s->server == 0)
4650
0
        s->s3->tmp.pms = NULL;
4651
0
    return ret;
4652
0
}
4653
4654
/* Generate a private key from parameters */
4655
EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm)
4656
0
{
4657
0
    EVP_PKEY_CTX *pctx = NULL;
4658
0
    EVP_PKEY *pkey = NULL;
4659
0
4660
0
    if (pm == NULL)
4661
0
        return NULL;
4662
0
    pctx = EVP_PKEY_CTX_new(pm, NULL);
4663
0
    if (pctx == NULL)
4664
0
        goto err;
4665
0
    if (EVP_PKEY_keygen_init(pctx) <= 0)
4666
0
        goto err;
4667
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4668
0
        EVP_PKEY_free(pkey);
4669
0
        pkey = NULL;
4670
0
    }
4671
0
4672
0
    err:
4673
0
    EVP_PKEY_CTX_free(pctx);
4674
0
    return pkey;
4675
0
}
4676
#ifndef OPENSSL_NO_EC
4677
/* Generate a private key from a group ID */
4678
EVP_PKEY *ssl_generate_pkey_group(SSL *s, uint16_t id)
4679
0
{
4680
0
    EVP_PKEY_CTX *pctx = NULL;
4681
0
    EVP_PKEY *pkey = NULL;
4682
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4683
0
    uint16_t gtype;
4684
0
4685
0
    if (ginf == NULL) {
4686
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4687
0
                 ERR_R_INTERNAL_ERROR);
4688
0
        goto err;
4689
0
    }
4690
0
    gtype = ginf->flags & TLS_CURVE_TYPE;
4691
0
    if (gtype == TLS_CURVE_CUSTOM)
4692
0
        pctx = EVP_PKEY_CTX_new_id(ginf->nid, NULL);
4693
0
    else
4694
0
        pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4695
0
    if (pctx == NULL) {
4696
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4697
0
                 ERR_R_MALLOC_FAILURE);
4698
0
        goto err;
4699
0
    }
4700
0
    if (EVP_PKEY_keygen_init(pctx) <= 0) {
4701
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4702
0
                 ERR_R_EVP_LIB);
4703
0
        goto err;
4704
0
    }
4705
0
    if (gtype != TLS_CURVE_CUSTOM
4706
0
            && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0) {
4707
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4708
0
                 ERR_R_EVP_LIB);
4709
0
        goto err;
4710
0
    }
4711
0
    if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4712
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GENERATE_PKEY_GROUP,
4713
0
                 ERR_R_EVP_LIB);
4714
0
        EVP_PKEY_free(pkey);
4715
0
        pkey = NULL;
4716
0
    }
4717
0
4718
0
 err:
4719
0
    EVP_PKEY_CTX_free(pctx);
4720
0
    return pkey;
4721
0
}
4722
4723
/*
4724
 * Generate parameters from a group ID
4725
 */
4726
EVP_PKEY *ssl_generate_param_group(uint16_t id)
4727
0
{
4728
0
    EVP_PKEY_CTX *pctx = NULL;
4729
0
    EVP_PKEY *pkey = NULL;
4730
0
    const TLS_GROUP_INFO *ginf = tls1_group_id_lookup(id);
4731
0
4732
0
    if (ginf == NULL)
4733
0
        goto err;
4734
0
4735
0
    if ((ginf->flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
4736
0
        pkey = EVP_PKEY_new();
4737
0
        if (pkey != NULL && EVP_PKEY_set_type(pkey, ginf->nid))
4738
0
            return pkey;
4739
0
        EVP_PKEY_free(pkey);
4740
0
        return NULL;
4741
0
    }
4742
0
4743
0
    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4744
0
    if (pctx == NULL)
4745
0
        goto err;
4746
0
    if (EVP_PKEY_paramgen_init(pctx) <= 0)
4747
0
        goto err;
4748
0
    if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ginf->nid) <= 0)
4749
0
        goto err;
4750
0
    if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) {
4751
0
        EVP_PKEY_free(pkey);
4752
0
        pkey = NULL;
4753
0
    }
4754
0
4755
0
 err:
4756
0
    EVP_PKEY_CTX_free(pctx);
4757
0
    return pkey;
4758
0
}
4759
#endif
4760
4761
/* Derive secrets for ECDH/DH */
4762
int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4763
0
{
4764
0
    int rv = 0;
4765
0
    unsigned char *pms = NULL;
4766
0
    size_t pmslen = 0;
4767
0
    EVP_PKEY_CTX *pctx;
4768
0
4769
0
    if (privkey == NULL || pubkey == NULL) {
4770
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4771
0
                 ERR_R_INTERNAL_ERROR);
4772
0
        return 0;
4773
0
    }
4774
0
4775
0
    pctx = EVP_PKEY_CTX_new(privkey, NULL);
4776
0
4777
0
    if (EVP_PKEY_derive_init(pctx) <= 0
4778
0
        || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4779
0
        || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4780
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4781
0
                 ERR_R_INTERNAL_ERROR);
4782
0
        goto err;
4783
0
    }
4784
0
4785
0
    pms = OPENSSL_malloc(pmslen);
4786
0
    if (pms == NULL) {
4787
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4788
0
                 ERR_R_MALLOC_FAILURE);
4789
0
        goto err;
4790
0
    }
4791
0
4792
0
    if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
4793
0
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DERIVE,
4794
0
                 ERR_R_INTERNAL_ERROR);
4795
0
        goto err;
4796
0
    }
4797
0
4798
0
    if (gensecret) {
4799
0
        /* SSLfatal() called as appropriate in the below functions */
4800
0
        if (SSL_IS_TLS13(s)) {
4801
0
            /*
4802
0
             * If we are resuming then we already generated the early secret
4803
0
             * when we created the ClientHello, so don't recreate it.
4804
0
             */
4805
0
            if (!s->hit)
4806
0
                rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4807
0
                                           0,
4808
0
                                           (unsigned char *)&s->early_secret);
4809
0
            else
4810
0
                rv = 1;
4811
0
4812
0
            rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4813
0
        } else {
4814
0
            rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4815
0
        }
4816
0
    } else {
4817
0
        /* Save premaster secret */
4818
0
        s->s3->tmp.pms = pms;
4819
0
        s->s3->tmp.pmslen = pmslen;
4820
0
        pms = NULL;
4821
0
        rv = 1;
4822
0
    }
4823
0
4824
0
 err:
4825
0
    OPENSSL_clear_free(pms, pmslen);
4826
0
    EVP_PKEY_CTX_free(pctx);
4827
0
    return rv;
4828
0
}
4829
4830
#ifndef OPENSSL_NO_DH
4831
EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4832
0
{
4833
0
    EVP_PKEY *ret;
4834
0
    if (dh == NULL)
4835
0
        return NULL;
4836
0
    ret = EVP_PKEY_new();
4837
0
    if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
4838
0
        EVP_PKEY_free(ret);
4839
0
        return NULL;
4840
0
    }
4841
0
    return ret;
4842
0
}
4843
#endif