/src/gnutls/lib/algorithms/ciphersuites.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (C) 2011-2012 Free Software Foundation, Inc. |
3 | | * Copyright (C) 2017 Red Hat, Inc. |
4 | | * |
5 | | * Author: Nikos Mavrogiannopoulos |
6 | | * |
7 | | * This file is part of GnuTLS. |
8 | | * |
9 | | * The GnuTLS is free software; you can redistribute it and/or |
10 | | * modify it under the terms of the GNU Lesser General Public License |
11 | | * as published by the Free Software Foundation; either version 2.1 of |
12 | | * the License, or (at your option) any later version. |
13 | | * |
14 | | * This library is distributed in the hope that it will be useful, but |
15 | | * WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
17 | | * Lesser General Public License for more details. |
18 | | * |
19 | | * You should have received a copy of the GNU Lesser General Public License |
20 | | * along with this program. If not, see <https://www.gnu.org/licenses/> |
21 | | * |
22 | | */ |
23 | | |
24 | | #include "gnutls_int.h" |
25 | | #include <algorithms.h> |
26 | | #include "errors.h" |
27 | | #include <dh.h> |
28 | | #include <state.h> |
29 | | #include <x509/common.h> |
30 | | #include <auth/cert.h> |
31 | | #include <auth/anon.h> |
32 | | #include <auth/psk.h> |
33 | | #include <ext/safe_renegotiation.h> |
34 | | |
35 | | #ifndef ENABLE_SSL3 |
36 | | # define GNUTLS_SSL3 GNUTLS_TLS1 |
37 | | #endif |
38 | | |
39 | | /* Cipher SUITES */ |
40 | | #define ENTRY( name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version ) \ |
41 | | { #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, GNUTLS_MAC_SHA256} |
42 | | #define ENTRY_PRF( name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, dtls_version, prf ) \ |
43 | | { #name, name, canonical_name, block_algorithm, kx_algorithm, mac_algorithm, min_version, GNUTLS_TLS1_2, dtls_version, GNUTLS_DTLS1_2, prf} |
44 | | #define ENTRY_TLS13( name, canonical_name, block_algorithm, min_version, prf ) \ |
45 | | { #name, name, canonical_name, block_algorithm, 0, GNUTLS_MAC_AEAD, min_version, GNUTLS_TLS1_3, GNUTLS_VERSION_UNKNOWN, GNUTLS_VERSION_UNKNOWN, prf} |
46 | | |
47 | | /* TLS 1.3 ciphersuites */ |
48 | | #define GNUTLS_AES_128_GCM_SHA256 { 0x13, 0x01 } |
49 | | #define GNUTLS_AES_256_GCM_SHA384 { 0x13, 0x02 } |
50 | | #define GNUTLS_CHACHA20_POLY1305_SHA256 { 0x13, 0x03 } |
51 | | #define GNUTLS_AES_128_CCM_SHA256 { 0x13, 0x04 } |
52 | | #define GNUTLS_AES_128_CCM_8_SHA256 { 0x13,0x05 } |
53 | | |
54 | | /* RSA with NULL cipher and MD5 MAC |
55 | | * for test purposes. |
56 | | */ |
57 | | #define GNUTLS_RSA_NULL_MD5 { 0x00, 0x01 } |
58 | | #define GNUTLS_RSA_NULL_SHA1 { 0x00, 0x02 } |
59 | | #define GNUTLS_RSA_NULL_SHA256 { 0x00, 0x3B } |
60 | | |
61 | | /* ANONymous cipher suites. |
62 | | */ |
63 | | |
64 | | #define GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1 { 0x00, 0x1B } |
65 | | #define GNUTLS_DH_ANON_ARCFOUR_128_MD5 { 0x00, 0x18 } |
66 | | |
67 | | /* rfc3268: */ |
68 | | #define GNUTLS_DH_ANON_AES_128_CBC_SHA1 { 0x00, 0x34 } |
69 | | #define GNUTLS_DH_ANON_AES_256_CBC_SHA1 { 0x00, 0x3A } |
70 | | |
71 | | /* rfc4132 */ |
72 | | #define GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1 { 0x00,0x46 } |
73 | | #define GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1 { 0x00,0x89 } |
74 | | |
75 | | /* rfc5932 */ |
76 | | #define GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 { 0x00,0xBA } |
77 | | #define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA256 { 0x00,0xBD } |
78 | | #define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 { 0x00,0xBE } |
79 | | #define GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA256 { 0x00,0xBF } |
80 | | #define GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 { 0x00,0xC0 } |
81 | | #define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA256 { 0x00,0xC3 } |
82 | | #define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 { 0x00,0xC4 } |
83 | | #define GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA256 { 0x00,0xC5 } |
84 | | |
85 | | /* rfc6367 */ |
86 | | #define GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 { 0xC0,0x72 } |
87 | | #define GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 { 0xC0,0x73 } |
88 | | #define GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 { 0xC0,0x76 } |
89 | | #define GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 { 0xC0,0x77 } |
90 | | #define GNUTLS_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x94 } |
91 | | #define GNUTLS_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x95 } |
92 | | #define GNUTLS_DHE_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x96 } |
93 | | #define GNUTLS_DHE_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x97 } |
94 | | #define GNUTLS_RSA_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x98 } |
95 | | #define GNUTLS_RSA_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x99 } |
96 | | #define GNUTLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256 { 0xC0,0x9A } |
97 | | #define GNUTLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384 { 0xC0,0x9B } |
98 | | |
99 | | #define GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 { 0xC0, 0x7A } |
100 | | #define GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 { 0xC0,0x7B } |
101 | | #define GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 { 0xC0,0x7C } |
102 | | #define GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 { 0xC0,0x7D } |
103 | | #define GNUTLS_DHE_DSS_CAMELLIA_128_GCM_SHA256 { 0xC0,0x80 } |
104 | | #define GNUTLS_DHE_DSS_CAMELLIA_256_GCM_SHA384 { 0xC0,0x81 } |
105 | | #define GNUTLS_DH_ANON_CAMELLIA_128_GCM_SHA256 { 0xC0,0x84 } |
106 | | #define GNUTLS_DH_ANON_CAMELLIA_256_GCM_SHA384 { 0xC0,0x85 } |
107 | | #define GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 { 0xC0,0x86 } |
108 | | #define GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 { 0xC0,0x87 } |
109 | | #define GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 { 0xC0,0x8A } |
110 | | #define GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 { 0xC0,0x8B } |
111 | | #define GNUTLS_PSK_CAMELLIA_128_GCM_SHA256 { 0xC0,0x8E } |
112 | | #define GNUTLS_PSK_CAMELLIA_256_GCM_SHA384 { 0xC0,0x8F } |
113 | | #define GNUTLS_DHE_PSK_CAMELLIA_128_GCM_SHA256 { 0xC0,0x90 } |
114 | | #define GNUTLS_DHE_PSK_CAMELLIA_256_GCM_SHA384 { 0xC0,0x91 } |
115 | | #define GNUTLS_RSA_PSK_CAMELLIA_128_GCM_SHA256 { 0xC0,0x92 } |
116 | | #define GNUTLS_RSA_PSK_CAMELLIA_256_GCM_SHA384 { 0xC0,0x93 } |
117 | | |
118 | | #define GNUTLS_DH_ANON_AES_128_CBC_SHA256 { 0x00, 0x6C } |
119 | | #define GNUTLS_DH_ANON_AES_256_CBC_SHA256 { 0x00, 0x6D } |
120 | | |
121 | | /* draft-ietf-tls-chacha20-poly1305-02 */ |
122 | | #define GNUTLS_ECDHE_RSA_CHACHA20_POLY1305 { 0xCC, 0xA8 } |
123 | | #define GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305 { 0xCC, 0xA9 } |
124 | | #define GNUTLS_DHE_RSA_CHACHA20_POLY1305 { 0xCC, 0xAA } |
125 | | |
126 | | #define GNUTLS_PSK_CHACHA20_POLY1305 { 0xCC, 0xAB } |
127 | | #define GNUTLS_ECDHE_PSK_CHACHA20_POLY1305 { 0xCC, 0xAC } |
128 | | #define GNUTLS_DHE_PSK_CHACHA20_POLY1305 { 0xCC, 0xAD } |
129 | | #define GNUTLS_RSA_PSK_CHACHA20_POLY1305 { 0xCC, 0xAE } |
130 | | |
131 | | /* PSK (not in TLS 1.0) |
132 | | * draft-ietf-tls-psk: |
133 | | */ |
134 | | #define GNUTLS_PSK_ARCFOUR_128_SHA1 { 0x00, 0x8A } |
135 | | #define GNUTLS_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x8B } |
136 | | #define GNUTLS_PSK_AES_128_CBC_SHA1 { 0x00, 0x8C } |
137 | | #define GNUTLS_PSK_AES_256_CBC_SHA1 { 0x00, 0x8D } |
138 | | |
139 | | #define GNUTLS_DHE_PSK_ARCFOUR_128_SHA1 { 0x00, 0x8E } |
140 | | #define GNUTLS_DHE_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x8F } |
141 | | #define GNUTLS_DHE_PSK_AES_128_CBC_SHA1 { 0x00, 0x90 } |
142 | | #define GNUTLS_DHE_PSK_AES_256_CBC_SHA1 { 0x00, 0x91 } |
143 | | |
144 | | #define GNUTLS_RSA_PSK_ARCFOUR_128_SHA1 { 0x00, 0x92 } |
145 | | #define GNUTLS_RSA_PSK_3DES_EDE_CBC_SHA1 { 0x00, 0x93 } |
146 | | #define GNUTLS_RSA_PSK_AES_128_CBC_SHA1 { 0x00, 0x94 } |
147 | | #define GNUTLS_RSA_PSK_AES_256_CBC_SHA1 { 0x00, 0x95 } |
148 | | |
149 | | #ifdef ENABLE_SRP |
150 | | /* SRP (rfc5054) |
151 | | */ |
152 | | # define GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1A } |
153 | | # define GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1B } |
154 | | # define GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1 { 0xC0, 0x1C } |
155 | | |
156 | | # define GNUTLS_SRP_SHA_AES_128_CBC_SHA1 { 0xC0, 0x1D } |
157 | | # define GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1 { 0xC0, 0x1E } |
158 | | # define GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1 { 0xC0, 0x1F } |
159 | | |
160 | | # define GNUTLS_SRP_SHA_AES_256_CBC_SHA1 { 0xC0, 0x20 } |
161 | | # define GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1 { 0xC0, 0x21 } |
162 | | # define GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1 { 0xC0, 0x22 } |
163 | | #endif |
164 | | |
165 | | /* RSA |
166 | | */ |
167 | | #define GNUTLS_RSA_ARCFOUR_128_SHA1 { 0x00, 0x05 } |
168 | | #define GNUTLS_RSA_ARCFOUR_128_MD5 { 0x00, 0x04 } |
169 | | #define GNUTLS_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x0A } |
170 | | |
171 | | /* rfc3268: |
172 | | */ |
173 | | #define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F } |
174 | | #define GNUTLS_RSA_AES_256_CBC_SHA1 { 0x00, 0x35 } |
175 | | |
176 | | /* rfc4132 */ |
177 | | #define GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x41 } |
178 | | #define GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x84 } |
179 | | |
180 | | #define GNUTLS_RSA_AES_128_CBC_SHA256 { 0x00, 0x3C } |
181 | | #define GNUTLS_RSA_AES_256_CBC_SHA256 { 0x00, 0x3D } |
182 | | |
183 | | /* DHE DSS |
184 | | */ |
185 | | #define GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1 { 0x00, 0x13 } |
186 | | |
187 | | /* draft-ietf-tls-56-bit-ciphersuites-01: |
188 | | */ |
189 | | #define GNUTLS_DHE_DSS_ARCFOUR_128_SHA1 { 0x00, 0x66 } |
190 | | |
191 | | /* rfc3268: |
192 | | */ |
193 | | #define GNUTLS_DHE_DSS_AES_256_CBC_SHA1 { 0x00, 0x38 } |
194 | | #define GNUTLS_DHE_DSS_AES_128_CBC_SHA1 { 0x00, 0x32 } |
195 | | |
196 | | /* rfc4132 */ |
197 | | #define GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 { 0x00,0x44 } |
198 | | #define GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 { 0x00,0x87 } |
199 | | |
200 | | #define GNUTLS_DHE_DSS_AES_128_CBC_SHA256 { 0x00, 0x40 } |
201 | | #define GNUTLS_DHE_DSS_AES_256_CBC_SHA256 { 0x00, 0x6A } |
202 | | |
203 | | /* DHE RSA |
204 | | */ |
205 | | #define GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x16 } |
206 | | |
207 | | /* rfc3268: |
208 | | */ |
209 | | #define GNUTLS_DHE_RSA_AES_128_CBC_SHA1 { 0x00, 0x33 } |
210 | | #define GNUTLS_DHE_RSA_AES_256_CBC_SHA1 { 0x00, 0x39 } |
211 | | |
212 | | /* rfc4132 */ |
213 | | #define GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 { 0x00,0x45 } |
214 | | #define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 } |
215 | | |
216 | | #define GNUTLS_DHE_RSA_AES_128_CBC_SHA256 { 0x00, 0x67 } |
217 | | #define GNUTLS_DHE_RSA_AES_256_CBC_SHA256 { 0x00, 0x6B } |
218 | | |
219 | | /* GCM: RFC5288 */ |
220 | | #define GNUTLS_RSA_AES_128_GCM_SHA256 { 0x00, 0x9C } |
221 | | #define GNUTLS_DHE_RSA_AES_128_GCM_SHA256 {0x00,0x9E} |
222 | | #define GNUTLS_DHE_DSS_AES_128_GCM_SHA256 {0x00,0xA2} |
223 | | #define GNUTLS_DH_ANON_AES_128_GCM_SHA256 {0x00,0xA6} |
224 | | #define GNUTLS_RSA_AES_256_GCM_SHA384 { 0x00, 0x9D } |
225 | | #define GNUTLS_DHE_RSA_AES_256_GCM_SHA384 {0x00,0x9F} |
226 | | #define GNUTLS_DHE_DSS_AES_256_GCM_SHA384 {0x00,0xA3} |
227 | | #define GNUTLS_DH_ANON_AES_256_GCM_SHA384 {0x00,0xA7} |
228 | | |
229 | | /* CCM: RFC6655/7251 */ |
230 | | #define GNUTLS_RSA_AES_128_CCM { 0xC0, 0x9C } |
231 | | #define GNUTLS_RSA_AES_256_CCM { 0xC0, 0x9D } |
232 | | #define GNUTLS_DHE_RSA_AES_128_CCM {0xC0,0x9E} |
233 | | #define GNUTLS_DHE_RSA_AES_256_CCM {0xC0,0x9F} |
234 | | |
235 | | #define GNUTLS_ECDHE_ECDSA_AES_128_CCM {0xC0,0xAC} |
236 | | #define GNUTLS_ECDHE_ECDSA_AES_256_CCM {0xC0,0xAD} |
237 | | |
238 | | #define GNUTLS_PSK_AES_128_CCM { 0xC0, 0xA4 } |
239 | | #define GNUTLS_PSK_AES_256_CCM { 0xC0, 0xA5 } |
240 | | #define GNUTLS_DHE_PSK_AES_128_CCM {0xC0,0xA6} |
241 | | #define GNUTLS_DHE_PSK_AES_256_CCM {0xC0,0xA7} |
242 | | |
243 | | /* CCM-8: RFC6655/7251 */ |
244 | | #define GNUTLS_RSA_AES_128_CCM_8 { 0xC0, 0xA0 } |
245 | | #define GNUTLS_RSA_AES_256_CCM_8 { 0xC0, 0xA1 } |
246 | | #define GNUTLS_DHE_RSA_AES_128_CCM_8 {0xC0,0xA2} |
247 | | #define GNUTLS_DHE_RSA_AES_256_CCM_8 {0xC0,0xA3} |
248 | | |
249 | | #define GNUTLS_ECDHE_ECDSA_AES_128_CCM_8 {0xC0,0xAE} |
250 | | #define GNUTLS_ECDHE_ECDSA_AES_256_CCM_8 {0xC0,0xAF} |
251 | | |
252 | | #define GNUTLS_PSK_AES_128_CCM_8 { 0xC0, 0xA8 } |
253 | | #define GNUTLS_PSK_AES_256_CCM_8 { 0xC0, 0xA9 } |
254 | | #define GNUTLS_DHE_PSK_AES_128_CCM_8 {0xC0,0xAA} |
255 | | #define GNUTLS_DHE_PSK_AES_256_CCM_8 {0xC0,0xAB} |
256 | | |
257 | | /* RFC 5487 */ |
258 | | /* GCM-PSK */ |
259 | | #define GNUTLS_PSK_AES_128_GCM_SHA256 { 0x00, 0xA8 } |
260 | | #define GNUTLS_DHE_PSK_AES_128_GCM_SHA256 { 0x00, 0xAA } |
261 | | #define GNUTLS_PSK_AES_256_GCM_SHA384 { 0x00, 0xA9 } |
262 | | #define GNUTLS_DHE_PSK_AES_256_GCM_SHA384 { 0x00, 0xAB } |
263 | | |
264 | | #define GNUTLS_PSK_AES_256_CBC_SHA384 { 0x00,0xAF } |
265 | | #define GNUTLS_PSK_NULL_SHA384 { 0x00,0xB1 } |
266 | | #define GNUTLS_DHE_PSK_AES_256_CBC_SHA384 { 0x00,0xB3 } |
267 | | #define GNUTLS_DHE_PSK_NULL_SHA384 { 0x00,0xB5 } |
268 | | |
269 | | #define GNUTLS_PSK_NULL_SHA1 { 0x00,0x2C } |
270 | | #define GNUTLS_DHE_PSK_NULL_SHA1 { 0x00,0x2D } |
271 | | #define GNUTLS_RSA_PSK_NULL_SHA1 { 0x00,0x2E } |
272 | | #define GNUTLS_ECDHE_PSK_NULL_SHA1 { 0xC0,0x39 } |
273 | | |
274 | | #define GNUTLS_RSA_PSK_AES_128_GCM_SHA256 { 0x00,0xAC } |
275 | | #define GNUTLS_RSA_PSK_AES_256_GCM_SHA384 { 0x00,0xAD } |
276 | | #define GNUTLS_RSA_PSK_AES_128_CBC_SHA256 { 0x00,0xB6 } |
277 | | #define GNUTLS_RSA_PSK_AES_256_CBC_SHA384 { 0x00,0xB7 } |
278 | | #define GNUTLS_RSA_PSK_NULL_SHA256 { 0x00,0xB8 } |
279 | | #define GNUTLS_RSA_PSK_NULL_SHA384 { 0x00,0xB9 } |
280 | | |
281 | | /* PSK - SHA256 HMAC */ |
282 | | #define GNUTLS_PSK_AES_128_CBC_SHA256 { 0x00, 0xAE } |
283 | | #define GNUTLS_DHE_PSK_AES_128_CBC_SHA256 { 0x00, 0xB2 } |
284 | | |
285 | | #define GNUTLS_PSK_NULL_SHA256 { 0x00, 0xB0 } |
286 | | #define GNUTLS_DHE_PSK_NULL_SHA256 { 0x00, 0xB4 } |
287 | | |
288 | | /* ECC */ |
289 | | #define GNUTLS_ECDH_ANON_NULL_SHA1 { 0xC0, 0x15 } |
290 | | #define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1 { 0xC0, 0x17 } |
291 | | #define GNUTLS_ECDH_ANON_AES_128_CBC_SHA1 { 0xC0, 0x18 } |
292 | | #define GNUTLS_ECDH_ANON_AES_256_CBC_SHA1 { 0xC0, 0x19 } |
293 | | #define GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1 { 0xC0, 0x16 } |
294 | | |
295 | | /* ECC-RSA */ |
296 | | #define GNUTLS_ECDHE_RSA_NULL_SHA1 { 0xC0, 0x10 } |
297 | | #define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x12 } |
298 | | #define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 { 0xC0, 0x13 } |
299 | | #define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 { 0xC0, 0x14 } |
300 | | #define GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1 { 0xC0, 0x11 } |
301 | | |
302 | | /* ECC-ECDSA */ |
303 | | #define GNUTLS_ECDHE_ECDSA_NULL_SHA1 { 0xC0, 0x06 } |
304 | | #define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x08 } |
305 | | #define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 { 0xC0, 0x09 } |
306 | | #define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 { 0xC0, 0x0A } |
307 | | #define GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1 { 0xC0, 0x07 } |
308 | | |
309 | | /* RFC5289 */ |
310 | | /* ECC with SHA2 */ |
311 | | #define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 {0xC0,0x23} |
312 | | #define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 {0xC0,0x27} |
313 | | #define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 { 0xC0,0x28 } |
314 | | |
315 | | /* ECC with AES-GCM */ |
316 | | #define GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 {0xC0,0x2B} |
317 | | #define GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 {0xC0,0x2F} |
318 | | #define GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 {0xC0,0x30} |
319 | | |
320 | | /* SuiteB */ |
321 | | #define GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 {0xC0,0x2C} |
322 | | #define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 {0xC0,0x24} |
323 | | |
324 | | /* ECC with PSK */ |
325 | | #define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1 { 0xC0, 0x34 } |
326 | | #define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1 { 0xC0, 0x35 } |
327 | | #define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1 { 0xC0, 0x36 } |
328 | | #define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256 { 0xC0, 0x37 } |
329 | | #define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384 { 0xC0, 0x38 } |
330 | | #define GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1 { 0xC0, 0x33 } |
331 | | #define GNUTLS_ECDHE_PSK_NULL_SHA256 { 0xC0, 0x3A } |
332 | | #define GNUTLS_ECDHE_PSK_NULL_SHA384 { 0xC0, 0x3B } |
333 | | |
334 | | /* draft-smyshlyaev-tls12-gost-suites */ |
335 | | #ifdef ENABLE_GOST |
336 | | # define GNUTLS_GOSTR341112_256_28147_CNT_IMIT { 0xc1, 0x02 } |
337 | | #endif |
338 | | |
339 | 0 | #define CIPHER_SUITES_COUNT (sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry_st)-1) |
340 | | |
341 | | /* The following is a potential list of ciphersuites. For the options to be |
342 | | * available, the ciphers and MACs must be available to gnutls as well. |
343 | | */ |
344 | | static const gnutls_cipher_suite_entry_st cs_algorithms[] = { |
345 | | /* TLS 1.3 */ |
346 | | ENTRY_TLS13(GNUTLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", |
347 | | GNUTLS_CIPHER_AES_128_GCM, |
348 | | GNUTLS_TLS1_3, |
349 | | GNUTLS_MAC_SHA256), |
350 | | |
351 | | ENTRY_TLS13(GNUTLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", |
352 | | GNUTLS_CIPHER_AES_256_GCM, |
353 | | GNUTLS_TLS1_3, |
354 | | GNUTLS_MAC_SHA384), |
355 | | |
356 | | ENTRY_TLS13(GNUTLS_CHACHA20_POLY1305_SHA256, |
357 | | "TLS_CHACHA20_POLY1305_SHA256", |
358 | | GNUTLS_CIPHER_CHACHA20_POLY1305, |
359 | | GNUTLS_TLS1_3, |
360 | | GNUTLS_MAC_SHA256), |
361 | | |
362 | | ENTRY_TLS13(GNUTLS_AES_128_CCM_SHA256, "TLS_AES_128_CCM_SHA256", |
363 | | GNUTLS_CIPHER_AES_128_CCM, |
364 | | GNUTLS_TLS1_3, |
365 | | GNUTLS_MAC_SHA256), |
366 | | |
367 | | ENTRY_TLS13(GNUTLS_AES_128_CCM_8_SHA256, "TLS_AES_128_CCM_8_SHA256", |
368 | | GNUTLS_CIPHER_AES_128_CCM_8, |
369 | | GNUTLS_TLS1_3, |
370 | | GNUTLS_MAC_SHA256), |
371 | | |
372 | | /* RSA-NULL */ |
373 | | ENTRY(GNUTLS_RSA_NULL_MD5, "TLS_RSA_WITH_NULL_MD5", |
374 | | GNUTLS_CIPHER_NULL, |
375 | | GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, |
376 | | GNUTLS_DTLS_VERSION_MIN), |
377 | | ENTRY(GNUTLS_RSA_NULL_SHA1, "TLS_RSA_WITH_NULL_SHA", |
378 | | GNUTLS_CIPHER_NULL, |
379 | | GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
380 | | GNUTLS_DTLS_VERSION_MIN), |
381 | | ENTRY(GNUTLS_RSA_NULL_SHA256, "TLS_RSA_WITH_NULL_SHA256", |
382 | | GNUTLS_CIPHER_NULL, |
383 | | GNUTLS_KX_RSA, GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
384 | | GNUTLS_DTLS1_2), |
385 | | |
386 | | /* RSA */ |
387 | | ENTRY(GNUTLS_RSA_ARCFOUR_128_SHA1, "TLS_RSA_WITH_RC4_128_SHA", |
388 | | GNUTLS_CIPHER_ARCFOUR_128, |
389 | | GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
390 | | GNUTLS_VERSION_UNKNOWN), |
391 | | ENTRY(GNUTLS_RSA_ARCFOUR_128_MD5, "TLS_RSA_WITH_RC4_128_MD5", |
392 | | GNUTLS_CIPHER_ARCFOUR_128, |
393 | | GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, |
394 | | GNUTLS_VERSION_UNKNOWN), |
395 | | ENTRY(GNUTLS_RSA_3DES_EDE_CBC_SHA1, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", |
396 | | GNUTLS_CIPHER_3DES_CBC, |
397 | | GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
398 | | GNUTLS_DTLS_VERSION_MIN), |
399 | | ENTRY(GNUTLS_RSA_AES_128_CBC_SHA1, "TLS_RSA_WITH_AES_128_CBC_SHA", |
400 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, |
401 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
402 | | GNUTLS_DTLS_VERSION_MIN), |
403 | | ENTRY(GNUTLS_RSA_AES_256_CBC_SHA1, "TLS_RSA_WITH_AES_256_CBC_SHA", |
404 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, |
405 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
406 | | GNUTLS_DTLS_VERSION_MIN), |
407 | | |
408 | | ENTRY(GNUTLS_RSA_CAMELLIA_128_CBC_SHA256, |
409 | | "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", |
410 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA, |
411 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
412 | | GNUTLS_DTLS1_2), |
413 | | ENTRY(GNUTLS_RSA_CAMELLIA_256_CBC_SHA256, |
414 | | "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", |
415 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, |
416 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
417 | | GNUTLS_DTLS1_2), |
418 | | ENTRY(GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, |
419 | | "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", |
420 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA, |
421 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
422 | | GNUTLS_DTLS_VERSION_MIN), |
423 | | ENTRY(GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, |
424 | | "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", |
425 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, |
426 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
427 | | GNUTLS_DTLS_VERSION_MIN), |
428 | | ENTRY(GNUTLS_RSA_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256", |
429 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, |
430 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
431 | | GNUTLS_DTLS1_2), |
432 | | ENTRY(GNUTLS_RSA_AES_256_CBC_SHA256, "TLS_RSA_WITH_AES_256_CBC_SHA256", |
433 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, |
434 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
435 | | GNUTLS_DTLS1_2), |
436 | | |
437 | | /* GCM */ |
438 | | ENTRY(GNUTLS_RSA_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256", |
439 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA, |
440 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
441 | | GNUTLS_DTLS1_2), |
442 | | ENTRY_PRF(GNUTLS_RSA_AES_256_GCM_SHA384, |
443 | | "TLS_RSA_WITH_AES_256_GCM_SHA384", |
444 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA, |
445 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
446 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
447 | | ENTRY(GNUTLS_RSA_CAMELLIA_128_GCM_SHA256, |
448 | | "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", |
449 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_RSA, |
450 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
451 | | GNUTLS_DTLS1_2), |
452 | | ENTRY_PRF(GNUTLS_RSA_CAMELLIA_256_GCM_SHA384, |
453 | | "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", |
454 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_RSA, |
455 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
456 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
457 | | |
458 | | /* CCM */ |
459 | | ENTRY(GNUTLS_RSA_AES_128_CCM, "TLS_RSA_WITH_AES_128_CCM", |
460 | | GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_RSA, |
461 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
462 | | GNUTLS_DTLS1_2), |
463 | | ENTRY(GNUTLS_RSA_AES_256_CCM, "TLS_RSA_WITH_AES_256_CCM", |
464 | | GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_RSA, |
465 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
466 | | GNUTLS_DTLS1_2), |
467 | | |
468 | | /* CCM_8 */ |
469 | | ENTRY(GNUTLS_RSA_AES_128_CCM_8, "TLS_RSA_WITH_AES_128_CCM_8", |
470 | | GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_RSA, |
471 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
472 | | GNUTLS_DTLS1_2), |
473 | | ENTRY(GNUTLS_RSA_AES_256_CCM_8, "TLS_RSA_WITH_AES_256_CCM_8", |
474 | | GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_RSA, |
475 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
476 | | GNUTLS_DTLS1_2), |
477 | | |
478 | | /* DHE_DSS */ |
479 | | #ifdef ENABLE_DHE |
480 | | ENTRY(GNUTLS_DHE_DSS_ARCFOUR_128_SHA1, "TLS_DHE_DSS_RC4_128_SHA", |
481 | | GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS, |
482 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
483 | | GNUTLS_VERSION_UNKNOWN), |
484 | | ENTRY(GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1, |
485 | | "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", |
486 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS, |
487 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
488 | | GNUTLS_DTLS_VERSION_MIN), |
489 | | ENTRY(GNUTLS_DHE_DSS_AES_128_CBC_SHA1, |
490 | | "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", |
491 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, |
492 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
493 | | GNUTLS_DTLS_VERSION_MIN), |
494 | | ENTRY(GNUTLS_DHE_DSS_AES_256_CBC_SHA1, |
495 | | "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", |
496 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, |
497 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
498 | | GNUTLS_DTLS_VERSION_MIN), |
499 | | ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA256, |
500 | | "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", |
501 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
502 | | GNUTLS_KX_DHE_DSS, |
503 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
504 | | GNUTLS_DTLS1_2), |
505 | | ENTRY(GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA256, |
506 | | "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", |
507 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
508 | | GNUTLS_KX_DHE_DSS, |
509 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
510 | | GNUTLS_DTLS1_2), |
511 | | |
512 | | ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, |
513 | | "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", |
514 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
515 | | GNUTLS_KX_DHE_DSS, |
516 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
517 | | GNUTLS_DTLS_VERSION_MIN), |
518 | | ENTRY(GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, |
519 | | "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", |
520 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
521 | | GNUTLS_KX_DHE_DSS, |
522 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
523 | | GNUTLS_DTLS_VERSION_MIN), |
524 | | ENTRY(GNUTLS_DHE_DSS_AES_128_CBC_SHA256, |
525 | | "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", |
526 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, |
527 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
528 | | GNUTLS_DTLS1_2), |
529 | | ENTRY(GNUTLS_DHE_DSS_AES_256_CBC_SHA256, |
530 | | "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", |
531 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, |
532 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
533 | | GNUTLS_DTLS1_2), |
534 | | /* GCM */ |
535 | | ENTRY(GNUTLS_DHE_DSS_AES_128_GCM_SHA256, |
536 | | "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", |
537 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_DSS, |
538 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
539 | | GNUTLS_DTLS1_2), |
540 | | ENTRY_PRF(GNUTLS_DHE_DSS_AES_256_GCM_SHA384, |
541 | | "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", |
542 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_DSS, |
543 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
544 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
545 | | ENTRY(GNUTLS_DHE_DSS_CAMELLIA_128_GCM_SHA256, |
546 | | "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", |
547 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_DSS, |
548 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
549 | | GNUTLS_DTLS1_2), |
550 | | ENTRY_PRF(GNUTLS_DHE_DSS_CAMELLIA_256_GCM_SHA384, |
551 | | "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", |
552 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_DSS, |
553 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
554 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
555 | | |
556 | | /* DHE_RSA */ |
557 | | ENTRY(GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, |
558 | | "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", |
559 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA, |
560 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
561 | | GNUTLS_DTLS_VERSION_MIN), |
562 | | ENTRY(GNUTLS_DHE_RSA_AES_128_CBC_SHA1, |
563 | | "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", |
564 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, |
565 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
566 | | GNUTLS_DTLS_VERSION_MIN), |
567 | | ENTRY(GNUTLS_DHE_RSA_AES_256_CBC_SHA1, |
568 | | "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", |
569 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, |
570 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
571 | | GNUTLS_DTLS_VERSION_MIN), |
572 | | ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256, |
573 | | "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", |
574 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
575 | | GNUTLS_KX_DHE_RSA, |
576 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
577 | | GNUTLS_DTLS1_2), |
578 | | ENTRY(GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256, |
579 | | "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", |
580 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
581 | | GNUTLS_KX_DHE_RSA, |
582 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
583 | | GNUTLS_DTLS1_2), |
584 | | ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, |
585 | | "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", |
586 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
587 | | GNUTLS_KX_DHE_RSA, |
588 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
589 | | GNUTLS_DTLS_VERSION_MIN), |
590 | | ENTRY(GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, |
591 | | "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", |
592 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
593 | | GNUTLS_KX_DHE_RSA, |
594 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
595 | | GNUTLS_DTLS_VERSION_MIN), |
596 | | ENTRY(GNUTLS_DHE_RSA_AES_128_CBC_SHA256, |
597 | | "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", |
598 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, |
599 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
600 | | GNUTLS_DTLS1_2), |
601 | | ENTRY(GNUTLS_DHE_RSA_AES_256_CBC_SHA256, |
602 | | "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", |
603 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, |
604 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
605 | | GNUTLS_DTLS1_2), |
606 | | /* GCM */ |
607 | | ENTRY(GNUTLS_DHE_RSA_AES_128_GCM_SHA256, |
608 | | "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", |
609 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_RSA, |
610 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
611 | | GNUTLS_DTLS1_2), |
612 | | ENTRY_PRF(GNUTLS_DHE_RSA_AES_256_GCM_SHA384, |
613 | | "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", |
614 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_RSA, |
615 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
616 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
617 | | ENTRY(GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256, |
618 | | "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", |
619 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_RSA, |
620 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
621 | | GNUTLS_DTLS1_2), |
622 | | ENTRY_PRF(GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384, |
623 | | "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", |
624 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_RSA, |
625 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
626 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
627 | | |
628 | | ENTRY(GNUTLS_DHE_RSA_CHACHA20_POLY1305, |
629 | | "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", |
630 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_DHE_RSA, |
631 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), |
632 | | |
633 | | /* CCM */ |
634 | | ENTRY(GNUTLS_DHE_RSA_AES_128_CCM, "TLS_DHE_RSA_WITH_AES_128_CCM", |
635 | | GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_DHE_RSA, |
636 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
637 | | GNUTLS_DTLS1_2), |
638 | | ENTRY(GNUTLS_DHE_RSA_AES_256_CCM, "TLS_DHE_RSA_WITH_AES_256_CCM", |
639 | | GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_DHE_RSA, |
640 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
641 | | GNUTLS_DTLS1_2), |
642 | | ENTRY(GNUTLS_DHE_RSA_AES_128_CCM_8, "TLS_DHE_RSA_WITH_AES_128_CCM_8", |
643 | | GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_DHE_RSA, |
644 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
645 | | GNUTLS_DTLS1_2), |
646 | | ENTRY(GNUTLS_DHE_RSA_AES_256_CCM_8, "TLS_DHE_RSA_WITH_AES_256_CCM_8", |
647 | | GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_DHE_RSA, |
648 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
649 | | GNUTLS_DTLS1_2), |
650 | | |
651 | | #endif /* DHE */ |
652 | | #ifdef ENABLE_ECDHE |
653 | | /* ECC-RSA */ |
654 | | ENTRY(GNUTLS_ECDHE_RSA_NULL_SHA1, "TLS_ECDHE_RSA_WITH_NULL_SHA", |
655 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA, |
656 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
657 | | GNUTLS_DTLS_VERSION_MIN), |
658 | | ENTRY(GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1, |
659 | | "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", |
660 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA, |
661 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
662 | | GNUTLS_DTLS_VERSION_MIN), |
663 | | ENTRY(GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1, |
664 | | "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", |
665 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA, |
666 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
667 | | GNUTLS_DTLS_VERSION_MIN), |
668 | | ENTRY(GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1, |
669 | | "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", |
670 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA, |
671 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
672 | | GNUTLS_DTLS_VERSION_MIN), |
673 | | ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384, |
674 | | "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", |
675 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA, |
676 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
677 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
678 | | ENTRY(GNUTLS_ECDHE_RSA_ARCFOUR_128_SHA1, |
679 | | "TLS_ECDHE_RSA_WITH_RC4_128_SHA", |
680 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_RSA, |
681 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
682 | | GNUTLS_VERSION_UNKNOWN), |
683 | | ENTRY(GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256, |
684 | | "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", |
685 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_RSA, |
686 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
687 | | GNUTLS_DTLS1_2), |
688 | | ENTRY_PRF(GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384, |
689 | | "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", |
690 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_RSA, |
691 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
692 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
693 | | |
694 | | /* ECDHE-ECDSA */ |
695 | | ENTRY(GNUTLS_ECDHE_ECDSA_NULL_SHA1, "TLS_ECDHE_ECDSA_WITH_NULL_SHA", |
696 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA, |
697 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
698 | | GNUTLS_DTLS_VERSION_MIN), |
699 | | ENTRY(GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1, |
700 | | "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", |
701 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA, |
702 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
703 | | GNUTLS_DTLS_VERSION_MIN), |
704 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1, |
705 | | "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", |
706 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA, |
707 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
708 | | GNUTLS_DTLS_VERSION_MIN), |
709 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1, |
710 | | "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", |
711 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA, |
712 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
713 | | GNUTLS_DTLS_VERSION_MIN), |
714 | | ENTRY(GNUTLS_ECDHE_ECDSA_ARCFOUR_128_SHA1, |
715 | | "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", |
716 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_ECDSA, |
717 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
718 | | GNUTLS_VERSION_UNKNOWN), |
719 | | ENTRY(GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256, |
720 | | "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", |
721 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_ECDSA, |
722 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
723 | | GNUTLS_DTLS1_2), |
724 | | ENTRY_PRF(GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384, |
725 | | "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", |
726 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_ECDSA, |
727 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
728 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
729 | | |
730 | | /* More ECC */ |
731 | | |
732 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256, |
733 | | "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", |
734 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA, |
735 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
736 | | GNUTLS_DTLS1_2), |
737 | | ENTRY(GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256, |
738 | | "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", |
739 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA, |
740 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
741 | | GNUTLS_DTLS1_2), |
742 | | ENTRY(GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256, |
743 | | "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", |
744 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ECDHE_ECDSA, |
745 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
746 | | GNUTLS_DTLS1_2), |
747 | | ENTRY_PRF(GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384, |
748 | | "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", |
749 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ECDHE_ECDSA, |
750 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
751 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
752 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256, |
753 | | "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", |
754 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_ECDSA, |
755 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
756 | | GNUTLS_DTLS1_2), |
757 | | ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384, |
758 | | "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", |
759 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_ECDSA, |
760 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
761 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
762 | | ENTRY(GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256, |
763 | | "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", |
764 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ECDHE_RSA, |
765 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
766 | | GNUTLS_DTLS1_2), |
767 | | ENTRY_PRF(GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384, |
768 | | "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", |
769 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ECDHE_RSA, |
770 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
771 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
772 | | ENTRY_PRF(GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384, |
773 | | "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", |
774 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA, |
775 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
776 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
777 | | |
778 | | ENTRY(GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256, |
779 | | "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", |
780 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ECDHE_RSA, |
781 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
782 | | GNUTLS_DTLS1_2), |
783 | | ENTRY_PRF(GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384, |
784 | | "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", |
785 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ECDHE_RSA, |
786 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
787 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
788 | | |
789 | | ENTRY(GNUTLS_ECDHE_RSA_CHACHA20_POLY1305, |
790 | | "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", |
791 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_RSA, |
792 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
793 | | GNUTLS_DTLS1_2), |
794 | | |
795 | | ENTRY(GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305, |
796 | | "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", |
797 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_ECDSA, |
798 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
799 | | GNUTLS_DTLS1_2), |
800 | | |
801 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CCM, |
802 | | "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", |
803 | | GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_ECDHE_ECDSA, |
804 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
805 | | GNUTLS_DTLS1_2), |
806 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CCM, |
807 | | "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", |
808 | | GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_ECDHE_ECDSA, |
809 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
810 | | GNUTLS_DTLS1_2), |
811 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_128_CCM_8, |
812 | | "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", |
813 | | GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_ECDHE_ECDSA, |
814 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
815 | | GNUTLS_DTLS1_2), |
816 | | ENTRY(GNUTLS_ECDHE_ECDSA_AES_256_CCM_8, |
817 | | "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", |
818 | | GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_ECDHE_ECDSA, |
819 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
820 | | GNUTLS_DTLS1_2), |
821 | | #endif |
822 | | #ifdef ENABLE_PSK |
823 | | /* ECC - PSK */ |
824 | | ENTRY(GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1, |
825 | | "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", |
826 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK, |
827 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
828 | | GNUTLS_DTLS_VERSION_MIN), |
829 | | ENTRY(GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1, |
830 | | "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", |
831 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK, |
832 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
833 | | GNUTLS_DTLS_VERSION_MIN), |
834 | | ENTRY(GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1, |
835 | | "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", |
836 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK, |
837 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
838 | | GNUTLS_DTLS_VERSION_MIN), |
839 | | ENTRY(GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256, |
840 | | "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", |
841 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK, |
842 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
843 | | GNUTLS_DTLS1_2), |
844 | | ENTRY_PRF(GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384, |
845 | | "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", |
846 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK, |
847 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
848 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
849 | | ENTRY(GNUTLS_ECDHE_PSK_ARCFOUR_128_SHA1, |
850 | | "TLS_ECDHE_PSK_WITH_RC4_128_SHA", |
851 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ECDHE_PSK, |
852 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
853 | | GNUTLS_VERSION_UNKNOWN), |
854 | | ENTRY(GNUTLS_ECDHE_PSK_NULL_SHA1, "TLS_ECDHE_PSK_WITH_NULL_SHA", |
855 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, |
856 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
857 | | GNUTLS_DTLS_VERSION_MIN), |
858 | | ENTRY(GNUTLS_ECDHE_PSK_NULL_SHA256, "TLS_ECDHE_PSK_WITH_NULL_SHA256", |
859 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, |
860 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
861 | | GNUTLS_DTLS1_2), |
862 | | ENTRY_PRF(GNUTLS_ECDHE_PSK_NULL_SHA384, |
863 | | "TLS_ECDHE_PSK_WITH_NULL_SHA384", |
864 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_PSK, |
865 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1, |
866 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
867 | | ENTRY(GNUTLS_ECDHE_PSK_CAMELLIA_128_CBC_SHA256, |
868 | | "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", |
869 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ECDHE_PSK, |
870 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
871 | | GNUTLS_DTLS1_2), |
872 | | ENTRY_PRF(GNUTLS_ECDHE_PSK_CAMELLIA_256_CBC_SHA384, |
873 | | "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", |
874 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ECDHE_PSK, |
875 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
876 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
877 | | |
878 | | /* PSK */ |
879 | | ENTRY(GNUTLS_PSK_ARCFOUR_128_SHA1, "TLS_PSK_WITH_RC4_128_SHA", |
880 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK, |
881 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
882 | | GNUTLS_VERSION_UNKNOWN), |
883 | | ENTRY(GNUTLS_PSK_3DES_EDE_CBC_SHA1, "TLS_PSK_WITH_3DES_EDE_CBC_SHA", |
884 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK, |
885 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
886 | | GNUTLS_DTLS_VERSION_MIN), |
887 | | ENTRY(GNUTLS_PSK_AES_128_CBC_SHA1, "TLS_PSK_WITH_AES_128_CBC_SHA", |
888 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK, |
889 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
890 | | GNUTLS_DTLS_VERSION_MIN), |
891 | | ENTRY(GNUTLS_PSK_AES_256_CBC_SHA1, "TLS_PSK_WITH_AES_256_CBC_SHA", |
892 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK, |
893 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
894 | | GNUTLS_DTLS_VERSION_MIN), |
895 | | ENTRY(GNUTLS_PSK_AES_128_CBC_SHA256, "TLS_PSK_WITH_AES_128_CBC_SHA256", |
896 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK, |
897 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
898 | | GNUTLS_DTLS1_2), |
899 | | ENTRY_PRF(GNUTLS_PSK_AES_256_GCM_SHA384, |
900 | | "TLS_PSK_WITH_AES_256_GCM_SHA384", |
901 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_PSK, |
902 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
903 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
904 | | ENTRY(GNUTLS_PSK_CAMELLIA_128_GCM_SHA256, |
905 | | "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", |
906 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_PSK, |
907 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
908 | | GNUTLS_DTLS1_2), |
909 | | ENTRY_PRF(GNUTLS_PSK_CAMELLIA_256_GCM_SHA384, |
910 | | "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", |
911 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_PSK, |
912 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
913 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
914 | | |
915 | | ENTRY(GNUTLS_PSK_AES_128_GCM_SHA256, "TLS_PSK_WITH_AES_128_GCM_SHA256", |
916 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_PSK, |
917 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
918 | | GNUTLS_DTLS1_2), |
919 | | ENTRY(GNUTLS_PSK_NULL_SHA1, "TLS_PSK_WITH_NULL_SHA", |
920 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK, |
921 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
922 | | GNUTLS_DTLS_VERSION_MIN), |
923 | | ENTRY(GNUTLS_PSK_NULL_SHA256, "TLS_PSK_WITH_NULL_SHA256", |
924 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK, |
925 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
926 | | GNUTLS_DTLS1_2), |
927 | | ENTRY(GNUTLS_PSK_CAMELLIA_128_CBC_SHA256, |
928 | | "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", |
929 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_PSK, |
930 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
931 | | GNUTLS_DTLS1_2), |
932 | | ENTRY_PRF(GNUTLS_PSK_CAMELLIA_256_CBC_SHA384, |
933 | | "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", |
934 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_PSK, |
935 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
936 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
937 | | |
938 | | ENTRY_PRF(GNUTLS_PSK_AES_256_CBC_SHA384, |
939 | | "TLS_PSK_WITH_AES_256_CBC_SHA384", |
940 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK, |
941 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
942 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
943 | | ENTRY_PRF(GNUTLS_PSK_NULL_SHA384, "TLS_PSK_WITH_NULL_SHA384", |
944 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_PSK, |
945 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
946 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
947 | | |
948 | | /* RSA-PSK */ |
949 | | ENTRY(GNUTLS_RSA_PSK_ARCFOUR_128_SHA1, "TLS_RSA_PSK_WITH_RC4_128_SHA", |
950 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_RSA_PSK, |
951 | | GNUTLS_MAC_SHA1, GNUTLS_TLS1, |
952 | | GNUTLS_VERSION_UNKNOWN), |
953 | | ENTRY(GNUTLS_RSA_PSK_3DES_EDE_CBC_SHA1, |
954 | | "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", |
955 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_RSA_PSK, |
956 | | GNUTLS_MAC_SHA1, GNUTLS_TLS1, |
957 | | GNUTLS_DTLS_VERSION_MIN), |
958 | | ENTRY(GNUTLS_RSA_PSK_AES_128_CBC_SHA1, |
959 | | "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", |
960 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA_PSK, |
961 | | GNUTLS_MAC_SHA1, GNUTLS_TLS1, |
962 | | GNUTLS_DTLS_VERSION_MIN), |
963 | | ENTRY(GNUTLS_RSA_PSK_AES_256_CBC_SHA1, |
964 | | "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", |
965 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK, |
966 | | GNUTLS_MAC_SHA1, GNUTLS_TLS1, |
967 | | GNUTLS_DTLS_VERSION_MIN), |
968 | | ENTRY(GNUTLS_RSA_PSK_CAMELLIA_128_GCM_SHA256, |
969 | | "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", |
970 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_RSA_PSK, |
971 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
972 | | GNUTLS_DTLS1_2), |
973 | | ENTRY_PRF(GNUTLS_RSA_PSK_CAMELLIA_256_GCM_SHA384, |
974 | | "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", |
975 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_RSA_PSK, |
976 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
977 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
978 | | |
979 | | ENTRY(GNUTLS_RSA_PSK_AES_128_GCM_SHA256, |
980 | | "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", |
981 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_RSA_PSK, |
982 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
983 | | GNUTLS_DTLS1_2), |
984 | | ENTRY(GNUTLS_RSA_PSK_AES_128_CBC_SHA256, |
985 | | "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", |
986 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA_PSK, |
987 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
988 | | GNUTLS_DTLS1_2), |
989 | | ENTRY(GNUTLS_RSA_PSK_NULL_SHA1, "TLS_RSA_PSK_WITH_NULL_SHA", |
990 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK, |
991 | | GNUTLS_MAC_SHA1, GNUTLS_TLS1, |
992 | | GNUTLS_DTLS_VERSION_MIN), |
993 | | ENTRY(GNUTLS_RSA_PSK_NULL_SHA256, "TLS_RSA_PSK_WITH_NULL_SHA256", |
994 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK, |
995 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
996 | | GNUTLS_DTLS1_2), |
997 | | ENTRY_PRF(GNUTLS_RSA_PSK_AES_256_GCM_SHA384, |
998 | | "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", |
999 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_RSA_PSK, |
1000 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1001 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1002 | | ENTRY_PRF(GNUTLS_RSA_PSK_AES_256_CBC_SHA384, |
1003 | | "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", |
1004 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA_PSK, |
1005 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1006 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1007 | | ENTRY_PRF(GNUTLS_RSA_PSK_NULL_SHA384, "TLS_RSA_PSK_WITH_NULL_SHA384", |
1008 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_RSA_PSK, |
1009 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1010 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1011 | | ENTRY(GNUTLS_RSA_PSK_CAMELLIA_128_CBC_SHA256, |
1012 | | "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", |
1013 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA_PSK, |
1014 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1015 | | GNUTLS_DTLS1_2), |
1016 | | ENTRY_PRF(GNUTLS_RSA_PSK_CAMELLIA_256_CBC_SHA384, |
1017 | | "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", |
1018 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA_PSK, |
1019 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1020 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1021 | | |
1022 | | /* DHE-PSK */ |
1023 | | ENTRY(GNUTLS_DHE_PSK_ARCFOUR_128_SHA1, "TLS_DHE_PSK_WITH_RC4_128_SHA", |
1024 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK, |
1025 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1026 | | GNUTLS_VERSION_UNKNOWN), |
1027 | | ENTRY(GNUTLS_DHE_PSK_3DES_EDE_CBC_SHA1, |
1028 | | "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", |
1029 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK, |
1030 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1031 | | GNUTLS_DTLS_VERSION_MIN), |
1032 | | ENTRY(GNUTLS_DHE_PSK_AES_128_CBC_SHA1, |
1033 | | "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", |
1034 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK, |
1035 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1036 | | GNUTLS_DTLS_VERSION_MIN), |
1037 | | ENTRY(GNUTLS_DHE_PSK_AES_256_CBC_SHA1, |
1038 | | "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", |
1039 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK, |
1040 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1041 | | GNUTLS_DTLS_VERSION_MIN), |
1042 | | ENTRY(GNUTLS_DHE_PSK_AES_128_CBC_SHA256, |
1043 | | "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", |
1044 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK, |
1045 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1046 | | GNUTLS_DTLS1_2), |
1047 | | ENTRY(GNUTLS_DHE_PSK_AES_128_GCM_SHA256, |
1048 | | "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", |
1049 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_DHE_PSK, |
1050 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1051 | | GNUTLS_DTLS1_2), |
1052 | | ENTRY(GNUTLS_DHE_PSK_NULL_SHA1, "TLS_DHE_PSK_WITH_NULL_SHA", |
1053 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK, |
1054 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1055 | | GNUTLS_DTLS_VERSION_MIN), |
1056 | | ENTRY(GNUTLS_DHE_PSK_NULL_SHA256, "TLS_DHE_PSK_WITH_NULL_SHA256", |
1057 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK, |
1058 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1059 | | GNUTLS_DTLS1_2), |
1060 | | ENTRY_PRF(GNUTLS_DHE_PSK_NULL_SHA384, "TLS_DHE_PSK_WITH_NULL_SHA384", |
1061 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_DHE_PSK, |
1062 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1063 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1064 | | ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_CBC_SHA384, |
1065 | | "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", |
1066 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK, |
1067 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1068 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1069 | | ENTRY_PRF(GNUTLS_DHE_PSK_AES_256_GCM_SHA384, |
1070 | | "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", |
1071 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_PSK, |
1072 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1073 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1074 | | ENTRY(GNUTLS_DHE_PSK_CAMELLIA_128_CBC_SHA256, |
1075 | | "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", |
1076 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_PSK, |
1077 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1078 | | GNUTLS_DTLS1_2), |
1079 | | ENTRY_PRF(GNUTLS_DHE_PSK_CAMELLIA_256_CBC_SHA384, |
1080 | | "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", |
1081 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_PSK, |
1082 | | GNUTLS_MAC_SHA384, GNUTLS_TLS1_2, |
1083 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1084 | | ENTRY(GNUTLS_DHE_PSK_CAMELLIA_128_GCM_SHA256, |
1085 | | "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", |
1086 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_DHE_PSK, |
1087 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1088 | | GNUTLS_DTLS1_2), |
1089 | | ENTRY_PRF(GNUTLS_DHE_PSK_CAMELLIA_256_GCM_SHA384, |
1090 | | "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", |
1091 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_DHE_PSK, |
1092 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1093 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1094 | | |
1095 | | ENTRY(GNUTLS_PSK_AES_128_CCM, "TLS_PSK_WITH_AES_128_CCM", |
1096 | | GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_PSK, |
1097 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1098 | | GNUTLS_DTLS1_2), |
1099 | | ENTRY(GNUTLS_PSK_AES_256_CCM, "TLS_PSK_WITH_AES_256_CCM", |
1100 | | GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_PSK, |
1101 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1102 | | GNUTLS_DTLS1_2), |
1103 | | ENTRY(GNUTLS_DHE_PSK_AES_128_CCM, "TLS_DHE_PSK_WITH_AES_128_CCM", |
1104 | | GNUTLS_CIPHER_AES_128_CCM, GNUTLS_KX_DHE_PSK, |
1105 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1106 | | GNUTLS_DTLS1_2), |
1107 | | ENTRY(GNUTLS_DHE_PSK_AES_256_CCM, "TLS_DHE_PSK_WITH_AES_256_CCM", |
1108 | | GNUTLS_CIPHER_AES_256_CCM, GNUTLS_KX_DHE_PSK, |
1109 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1110 | | GNUTLS_DTLS1_2), |
1111 | | ENTRY(GNUTLS_PSK_AES_128_CCM_8, "TLS_PSK_WITH_AES_128_CCM_8", |
1112 | | GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_PSK, |
1113 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1114 | | GNUTLS_DTLS1_2), |
1115 | | ENTRY(GNUTLS_PSK_AES_256_CCM_8, "TLS_PSK_WITH_AES_256_CCM_8", |
1116 | | GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_PSK, |
1117 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1118 | | GNUTLS_DTLS1_2), |
1119 | | ENTRY(GNUTLS_DHE_PSK_AES_128_CCM_8, "TLS_PSK_DHE_WITH_AES_128_CCM_8", |
1120 | | GNUTLS_CIPHER_AES_128_CCM_8, GNUTLS_KX_DHE_PSK, |
1121 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1122 | | GNUTLS_DTLS1_2), |
1123 | | ENTRY(GNUTLS_DHE_PSK_AES_256_CCM_8, "TLS_PSK_DHE_WITH_AES_256_CCM_8", |
1124 | | GNUTLS_CIPHER_AES_256_CCM_8, GNUTLS_KX_DHE_PSK, |
1125 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1126 | | GNUTLS_DTLS1_2), |
1127 | | ENTRY(GNUTLS_DHE_PSK_CHACHA20_POLY1305, |
1128 | | "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", |
1129 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_DHE_PSK, |
1130 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), |
1131 | | ENTRY(GNUTLS_ECDHE_PSK_CHACHA20_POLY1305, |
1132 | | "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", |
1133 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_ECDHE_PSK, |
1134 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), |
1135 | | |
1136 | | ENTRY(GNUTLS_RSA_PSK_CHACHA20_POLY1305, |
1137 | | "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256", |
1138 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_RSA_PSK, |
1139 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), |
1140 | | |
1141 | | ENTRY(GNUTLS_PSK_CHACHA20_POLY1305, |
1142 | | "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256", |
1143 | | GNUTLS_CIPHER_CHACHA20_POLY1305, GNUTLS_KX_PSK, |
1144 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, GNUTLS_DTLS1_2), |
1145 | | |
1146 | | #endif |
1147 | | #ifdef ENABLE_ANON |
1148 | | /* DH_ANON */ |
1149 | | ENTRY(GNUTLS_DH_ANON_ARCFOUR_128_MD5, "TLS_DH_anon_WITH_RC4_128_MD5", |
1150 | | GNUTLS_CIPHER_ARCFOUR_128, |
1151 | | GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5, |
1152 | | GNUTLS_SSL3, GNUTLS_VERSION_UNKNOWN), |
1153 | | ENTRY(GNUTLS_DH_ANON_3DES_EDE_CBC_SHA1, |
1154 | | "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", |
1155 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH, |
1156 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1157 | | GNUTLS_DTLS_VERSION_MIN), |
1158 | | ENTRY(GNUTLS_DH_ANON_AES_128_CBC_SHA1, |
1159 | | "TLS_DH_anon_WITH_AES_128_CBC_SHA", |
1160 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, |
1161 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1162 | | GNUTLS_DTLS_VERSION_MIN), |
1163 | | ENTRY(GNUTLS_DH_ANON_AES_256_CBC_SHA1, |
1164 | | "TLS_DH_anon_WITH_AES_256_CBC_SHA", |
1165 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, |
1166 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1167 | | GNUTLS_DTLS_VERSION_MIN), |
1168 | | ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA256, |
1169 | | "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", |
1170 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
1171 | | GNUTLS_KX_ANON_DH, |
1172 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1173 | | GNUTLS_DTLS1_2), |
1174 | | ENTRY(GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA256, |
1175 | | "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", |
1176 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
1177 | | GNUTLS_KX_ANON_DH, |
1178 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1179 | | GNUTLS_DTLS1_2), |
1180 | | ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_CBC_SHA1, |
1181 | | "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", |
1182 | | GNUTLS_CIPHER_CAMELLIA_128_CBC, |
1183 | | GNUTLS_KX_ANON_DH, |
1184 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1185 | | GNUTLS_DTLS_VERSION_MIN), |
1186 | | ENTRY(GNUTLS_DH_ANON_CAMELLIA_256_CBC_SHA1, |
1187 | | "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", |
1188 | | GNUTLS_CIPHER_CAMELLIA_256_CBC, |
1189 | | GNUTLS_KX_ANON_DH, |
1190 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1191 | | GNUTLS_DTLS_VERSION_MIN), |
1192 | | ENTRY(GNUTLS_DH_ANON_AES_128_CBC_SHA256, |
1193 | | "TLS_DH_anon_WITH_AES_128_CBC_SHA256", |
1194 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, |
1195 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1196 | | GNUTLS_DTLS1_2), |
1197 | | ENTRY(GNUTLS_DH_ANON_AES_256_CBC_SHA256, |
1198 | | "TLS_DH_anon_WITH_AES_256_CBC_SHA256", |
1199 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, |
1200 | | GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, |
1201 | | GNUTLS_DTLS1_2), |
1202 | | ENTRY(GNUTLS_DH_ANON_AES_128_GCM_SHA256, |
1203 | | "TLS_DH_anon_WITH_AES_128_GCM_SHA256", |
1204 | | GNUTLS_CIPHER_AES_128_GCM, GNUTLS_KX_ANON_DH, |
1205 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1206 | | GNUTLS_DTLS1_2), |
1207 | | ENTRY_PRF(GNUTLS_DH_ANON_AES_256_GCM_SHA384, |
1208 | | "TLS_DH_anon_WITH_AES_256_GCM_SHA384", |
1209 | | GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_ANON_DH, |
1210 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1211 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1212 | | ENTRY(GNUTLS_DH_ANON_CAMELLIA_128_GCM_SHA256, |
1213 | | "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", |
1214 | | GNUTLS_CIPHER_CAMELLIA_128_GCM, GNUTLS_KX_ANON_DH, |
1215 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1216 | | GNUTLS_DTLS1_2), |
1217 | | ENTRY_PRF(GNUTLS_DH_ANON_CAMELLIA_256_GCM_SHA384, |
1218 | | "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", |
1219 | | GNUTLS_CIPHER_CAMELLIA_256_GCM, GNUTLS_KX_ANON_DH, |
1220 | | GNUTLS_MAC_AEAD, GNUTLS_TLS1_2, |
1221 | | GNUTLS_DTLS1_2, GNUTLS_MAC_SHA384), |
1222 | | |
1223 | | /* ECC-ANON */ |
1224 | | ENTRY(GNUTLS_ECDH_ANON_NULL_SHA1, "TLS_ECDH_anon_WITH_NULL_SHA", |
1225 | | GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH, |
1226 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1227 | | GNUTLS_DTLS_VERSION_MIN), |
1228 | | ENTRY(GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1, |
1229 | | "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", |
1230 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH, |
1231 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1232 | | GNUTLS_DTLS_VERSION_MIN), |
1233 | | ENTRY(GNUTLS_ECDH_ANON_AES_128_CBC_SHA1, |
1234 | | "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", |
1235 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH, |
1236 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1237 | | GNUTLS_DTLS_VERSION_MIN), |
1238 | | ENTRY(GNUTLS_ECDH_ANON_AES_256_CBC_SHA1, |
1239 | | "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", |
1240 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH, |
1241 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1242 | | GNUTLS_DTLS_VERSION_MIN), |
1243 | | ENTRY(GNUTLS_ECDH_ANON_ARCFOUR_128_SHA1, |
1244 | | "TLS_ECDH_anon_WITH_RC4_128_SHA", |
1245 | | GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_ANON_ECDH, |
1246 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1247 | | GNUTLS_VERSION_UNKNOWN), |
1248 | | #endif |
1249 | | #ifdef ENABLE_SRP |
1250 | | /* SRP */ |
1251 | | ENTRY(GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1, |
1252 | | "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", |
1253 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP, |
1254 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1255 | | GNUTLS_DTLS_VERSION_MIN), |
1256 | | ENTRY(GNUTLS_SRP_SHA_AES_128_CBC_SHA1, |
1257 | | "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", |
1258 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP, |
1259 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1260 | | GNUTLS_DTLS_VERSION_MIN), |
1261 | | ENTRY(GNUTLS_SRP_SHA_AES_256_CBC_SHA1, |
1262 | | "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", |
1263 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP, |
1264 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1265 | | GNUTLS_DTLS_VERSION_MIN), |
1266 | | |
1267 | | ENTRY(GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1, |
1268 | | "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", |
1269 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS, |
1270 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1271 | | GNUTLS_DTLS_VERSION_MIN), |
1272 | | |
1273 | | ENTRY(GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1, |
1274 | | "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", |
1275 | | GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA, |
1276 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1277 | | GNUTLS_DTLS_VERSION_MIN), |
1278 | | |
1279 | | ENTRY(GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1, |
1280 | | "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", |
1281 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS, |
1282 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1283 | | GNUTLS_DTLS_VERSION_MIN), |
1284 | | |
1285 | | ENTRY(GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1, |
1286 | | "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", |
1287 | | GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA, |
1288 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1289 | | GNUTLS_DTLS_VERSION_MIN), |
1290 | | |
1291 | | ENTRY(GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1, |
1292 | | "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", |
1293 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS, |
1294 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1295 | | GNUTLS_DTLS_VERSION_MIN), |
1296 | | |
1297 | | ENTRY(GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1, |
1298 | | "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", |
1299 | | GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA, |
1300 | | GNUTLS_MAC_SHA1, GNUTLS_SSL3, |
1301 | | GNUTLS_DTLS_VERSION_MIN), |
1302 | | #endif |
1303 | | |
1304 | | #ifdef ENABLE_GOST |
1305 | | ENTRY_PRF(GNUTLS_GOSTR341112_256_28147_CNT_IMIT, |
1306 | | "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT", |
1307 | | GNUTLS_CIPHER_GOST28147_TC26Z_CNT, GNUTLS_KX_VKO_GOST_12, |
1308 | | GNUTLS_MAC_GOST28147_TC26Z_IMIT, GNUTLS_TLS1_2, |
1309 | | GNUTLS_VERSION_UNKNOWN, GNUTLS_MAC_STREEBOG_256), |
1310 | | #endif |
1311 | | |
1312 | | {0, {0, 0}, 0, 0, 0, 0, 0, 0} |
1313 | | }; |
1314 | | |
1315 | 0 | #define CIPHER_SUITE_LOOP(b) { \ |
1316 | 0 | const gnutls_cipher_suite_entry_st *p; \ |
1317 | 0 | for(p = cs_algorithms; p->name != NULL; p++) { b ; } } |
1318 | | |
1319 | | #define CIPHER_SUITE_ALG_LOOP(a, suite) \ |
1320 | 0 | CIPHER_SUITE_LOOP( if( (p->id[0] == suite[0]) && (p->id[1] == suite[1])) { a; break; } ) |
1321 | | |
1322 | | /* Cipher Suite's functions */ |
1323 | | const gnutls_cipher_suite_entry_st *ciphersuite_to_entry(const uint8_t suite[2]) |
1324 | 0 | { |
1325 | 0 | CIPHER_SUITE_ALG_LOOP(return p, suite); |
1326 | 0 | return NULL; |
1327 | 0 | } |
1328 | | |
1329 | | gnutls_kx_algorithm_t _gnutls_cipher_suite_get_kx_algo(const uint8_t suite[2]) |
1330 | 0 | { |
1331 | 0 | gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN; |
1332 | |
|
1333 | 0 | CIPHER_SUITE_ALG_LOOP(ret = p->kx_algorithm, suite); |
1334 | 0 | return ret; |
1335 | |
|
1336 | 0 | } |
1337 | | |
1338 | | const char *_gnutls_cipher_suite_get_name(const uint8_t suite[2]) |
1339 | 0 | { |
1340 | 0 | const char *ret = NULL; |
1341 | | |
1342 | | /* avoid prefix */ |
1343 | 0 | CIPHER_SUITE_ALG_LOOP(ret = p->name + sizeof("GNUTLS_") - 1, suite); |
1344 | |
|
1345 | 0 | return ret; |
1346 | 0 | } |
1347 | | |
1348 | | const gnutls_cipher_suite_entry_st |
1349 | | * cipher_suite_get(gnutls_kx_algorithm_t kx_algorithm, |
1350 | | gnutls_cipher_algorithm_t cipher_algorithm, |
1351 | | gnutls_mac_algorithm_t mac_algorithm) |
1352 | 0 | { |
1353 | 0 | const gnutls_cipher_suite_entry_st *ret = NULL; |
1354 | |
|
1355 | 0 | CIPHER_SUITE_LOOP(if (kx_algorithm == p->kx_algorithm && |
1356 | 0 | cipher_algorithm == p->block_algorithm |
1357 | 0 | && mac_algorithm == p->mac_algorithm) { |
1358 | 0 | ret = p; break;} |
1359 | 0 | ) ; |
1360 | |
|
1361 | 0 | return ret; |
1362 | 0 | } |
1363 | | |
1364 | | /* Returns 0 if the given KX has not the corresponding parameters |
1365 | | * (DH or RSA) set up. Otherwise returns 1. |
1366 | | */ |
1367 | | static unsigned |
1368 | | check_server_dh_params(gnutls_session_t session, |
1369 | | unsigned cred_type, gnutls_kx_algorithm_t kx) |
1370 | 0 | { |
1371 | 0 | unsigned have_dh_params = 0; |
1372 | |
|
1373 | 0 | if (!_gnutls_kx_needs_dh_params(kx)) { |
1374 | 0 | return 1; |
1375 | 0 | } |
1376 | | |
1377 | 0 | if (session->internals.hsk_flags & HSK_HAVE_FFDHE) { |
1378 | | /* if the client has advertized FFDHE then it doesn't matter |
1379 | | * whether we have server DH parameters. They are no good. */ |
1380 | 0 | gnutls_assert(); |
1381 | 0 | return 0; |
1382 | 0 | } |
1383 | | |
1384 | | /* Read the Diffie-Hellman parameters, if any. |
1385 | | */ |
1386 | 0 | if (cred_type == GNUTLS_CRD_CERTIFICATE) { |
1387 | 0 | gnutls_certificate_credentials_t x509_cred = |
1388 | 0 | (gnutls_certificate_credentials_t) |
1389 | 0 | _gnutls_get_cred(session, cred_type); |
1390 | |
|
1391 | 0 | if (x509_cred != NULL |
1392 | 0 | && (x509_cred->dh_params || x509_cred->params_func |
1393 | 0 | || x509_cred->dh_sec_param)) { |
1394 | 0 | have_dh_params = 1; |
1395 | 0 | } |
1396 | |
|
1397 | 0 | #ifdef ENABLE_ANON |
1398 | 0 | } else if (cred_type == GNUTLS_CRD_ANON) { |
1399 | 0 | gnutls_anon_server_credentials_t anon_cred = |
1400 | 0 | (gnutls_anon_server_credentials_t) |
1401 | 0 | _gnutls_get_cred(session, cred_type); |
1402 | |
|
1403 | 0 | if (anon_cred != NULL |
1404 | 0 | && (anon_cred->dh_params || anon_cred->params_func |
1405 | 0 | || anon_cred->dh_sec_param)) { |
1406 | 0 | have_dh_params = 1; |
1407 | 0 | } |
1408 | 0 | #endif |
1409 | 0 | #ifdef ENABLE_PSK |
1410 | 0 | } else if (cred_type == GNUTLS_CRD_PSK) { |
1411 | 0 | gnutls_psk_server_credentials_t psk_cred = |
1412 | 0 | (gnutls_psk_server_credentials_t) |
1413 | 0 | _gnutls_get_cred(session, cred_type); |
1414 | |
|
1415 | 0 | if (psk_cred != NULL |
1416 | 0 | && (psk_cred->dh_params || psk_cred->params_func |
1417 | 0 | || psk_cred->dh_sec_param)) { |
1418 | 0 | have_dh_params = 1; |
1419 | 0 | } |
1420 | 0 | #endif |
1421 | 0 | } else { |
1422 | 0 | return 1; /* no need for params */ |
1423 | 0 | } |
1424 | | |
1425 | 0 | return have_dh_params; |
1426 | 0 | } |
1427 | | |
1428 | | /** |
1429 | | * gnutls_cipher_suite_get_name: |
1430 | | * @kx_algorithm: is a Key exchange algorithm |
1431 | | * @cipher_algorithm: is a cipher algorithm |
1432 | | * @mac_algorithm: is a MAC algorithm |
1433 | | * |
1434 | | * This function returns the ciphersuite name under TLS1.2 or earlier |
1435 | | * versions when provided with individual algorithms. The full cipher suite |
1436 | | * name must be prepended by TLS or SSL depending of the protocol in use. |
1437 | | * |
1438 | | * To get a description of the current ciphersuite across versions, it |
1439 | | * is recommended to use gnutls_session_get_desc(). |
1440 | | * |
1441 | | * Returns: a string that contains the name of a TLS cipher suite, |
1442 | | * specified by the given algorithms, or %NULL. |
1443 | | **/ |
1444 | | const char *gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t |
1445 | | kx_algorithm, |
1446 | | gnutls_cipher_algorithm_t |
1447 | | cipher_algorithm, |
1448 | | gnutls_mac_algorithm_t mac_algorithm) |
1449 | 0 | { |
1450 | 0 | const gnutls_cipher_suite_entry_st *ce; |
1451 | |
|
1452 | 0 | ce = cipher_suite_get(kx_algorithm, cipher_algorithm, mac_algorithm); |
1453 | 0 | if (ce == NULL) |
1454 | 0 | return NULL; |
1455 | 0 | else |
1456 | 0 | return ce->name + sizeof("GNUTLS_") - 1; |
1457 | 0 | } |
1458 | | |
1459 | | /*- |
1460 | | * _gnutls_cipher_suite_get_id: |
1461 | | * @kx_algorithm: is a Key exchange algorithm |
1462 | | * @cipher_algorithm: is a cipher algorithm |
1463 | | * @mac_algorithm: is a MAC algorithm |
1464 | | * @suite: The id to be returned |
1465 | | * |
1466 | | * This function returns the ciphersuite ID in @suite, under TLS1.2 or earlier |
1467 | | * versions when provided with individual algorithms. |
1468 | | * |
1469 | | * Returns: 0 on success or a negative error code otherwise. |
1470 | | -*/ |
1471 | | int |
1472 | | _gnutls_cipher_suite_get_id(gnutls_kx_algorithm_t kx_algorithm, |
1473 | | gnutls_cipher_algorithm_t cipher_algorithm, |
1474 | | gnutls_mac_algorithm_t mac_algorithm, |
1475 | | uint8_t suite[2]) |
1476 | 0 | { |
1477 | 0 | const gnutls_cipher_suite_entry_st *ce; |
1478 | |
|
1479 | 0 | ce = cipher_suite_get(kx_algorithm, cipher_algorithm, mac_algorithm); |
1480 | 0 | if (ce == NULL) |
1481 | 0 | return GNUTLS_E_INVALID_REQUEST; |
1482 | 0 | else { |
1483 | 0 | suite[0] = ce->id[0]; |
1484 | 0 | suite[1] = ce->id[1]; |
1485 | 0 | } |
1486 | 0 | return 0; |
1487 | 0 | } |
1488 | | |
1489 | | /** |
1490 | | * gnutls_cipher_suite_info: |
1491 | | * @idx: index of cipher suite to get information about, starts on 0. |
1492 | | * @cs_id: output buffer with room for 2 bytes, indicating cipher suite value |
1493 | | * @kx: output variable indicating key exchange algorithm, or %NULL. |
1494 | | * @cipher: output variable indicating cipher, or %NULL. |
1495 | | * @mac: output variable indicating MAC algorithm, or %NULL. |
1496 | | * @min_version: output variable indicating TLS protocol version, or %NULL. |
1497 | | * |
1498 | | * Get information about supported cipher suites. Use the function |
1499 | | * iteratively to get information about all supported cipher suites. |
1500 | | * Call with idx=0 to get information about first cipher suite, then |
1501 | | * idx=1 and so on until the function returns NULL. |
1502 | | * |
1503 | | * Returns: the name of @idx cipher suite, and set the information |
1504 | | * about the cipher suite in the output variables. If @idx is out of |
1505 | | * bounds, %NULL is returned. |
1506 | | **/ |
1507 | | const char *gnutls_cipher_suite_info(size_t idx, |
1508 | | unsigned char *cs_id, |
1509 | | gnutls_kx_algorithm_t * kx, |
1510 | | gnutls_cipher_algorithm_t * cipher, |
1511 | | gnutls_mac_algorithm_t * mac, |
1512 | | gnutls_protocol_t * min_version) |
1513 | 0 | { |
1514 | 0 | if (idx >= CIPHER_SUITES_COUNT) |
1515 | 0 | return NULL; |
1516 | | |
1517 | 0 | if (cs_id) |
1518 | 0 | memcpy(cs_id, cs_algorithms[idx].id, 2); |
1519 | 0 | if (kx) |
1520 | 0 | *kx = cs_algorithms[idx].kx_algorithm; |
1521 | 0 | if (cipher) |
1522 | 0 | *cipher = cs_algorithms[idx].block_algorithm; |
1523 | 0 | if (mac) |
1524 | 0 | *mac = cs_algorithms[idx].mac_algorithm; |
1525 | 0 | if (min_version) |
1526 | 0 | *min_version = cs_algorithms[idx].min_version; |
1527 | |
|
1528 | 0 | return cs_algorithms[idx].name + sizeof("GNU") - 1; |
1529 | 0 | } |
1530 | | |
1531 | | #define VERSION_CHECK(entry) \ |
1532 | 0 | if (is_dtls) { \ |
1533 | 0 | if (entry->min_dtls_version == GNUTLS_VERSION_UNKNOWN || \ |
1534 | 0 | version->id < entry->min_dtls_version || \ |
1535 | 0 | version->id > entry->max_dtls_version) \ |
1536 | 0 | continue; \ |
1537 | 0 | } else { \ |
1538 | 0 | if (entry->min_version == GNUTLS_VERSION_UNKNOWN || \ |
1539 | 0 | version->id < entry->min_version || \ |
1540 | 0 | version->id > entry->max_version) \ |
1541 | 0 | continue; \ |
1542 | 0 | } |
1543 | | |
1544 | | #define CIPHER_CHECK(algo) \ |
1545 | 0 | if (session->internals.priorities->force_etm && !have_etm) { \ |
1546 | 0 | const cipher_entry_st *_cipher; \ |
1547 | 0 | _cipher = cipher_to_entry(algo); \ |
1548 | 0 | if (_cipher == NULL || _gnutls_cipher_type(_cipher) == CIPHER_BLOCK) \ |
1549 | 0 | continue; \ |
1550 | 0 | } |
1551 | | |
1552 | | #define KX_SRP_CHECKS(kx, action) \ |
1553 | 0 | if (kx == GNUTLS_KX_SRP_RSA || kx == GNUTLS_KX_SRP_DSS) { \ |
1554 | 0 | if (!_gnutls_get_cred(session, GNUTLS_CRD_SRP)) { \ |
1555 | 0 | action; \ |
1556 | 0 | } \ |
1557 | 0 | } |
1558 | | |
1559 | | static unsigned kx_is_ok(gnutls_session_t session, gnutls_kx_algorithm_t kx, |
1560 | | unsigned cred_type, |
1561 | | const gnutls_group_entry_st ** sgroup) |
1562 | 0 | { |
1563 | 0 | if (_gnutls_kx_is_ecc(kx)) { |
1564 | 0 | if (session->internals.cand_ec_group == NULL) { |
1565 | 0 | return 0; |
1566 | 0 | } else { |
1567 | 0 | *sgroup = session->internals.cand_ec_group; |
1568 | 0 | } |
1569 | 0 | } else if (_gnutls_kx_is_dhe(kx)) { |
1570 | 0 | if (session->internals.cand_dh_group == NULL) { |
1571 | 0 | if (!check_server_dh_params(session, cred_type, kx)) { |
1572 | 0 | return 0; |
1573 | 0 | } |
1574 | 0 | } else { |
1575 | 0 | *sgroup = session->internals.cand_dh_group; |
1576 | 0 | } |
1577 | 0 | } |
1578 | 0 | KX_SRP_CHECKS(kx, return 0); |
1579 | |
|
1580 | 0 | return 1; |
1581 | 0 | } |
1582 | | |
1583 | | /* Called on server-side only */ |
1584 | | int |
1585 | | _gnutls_figure_common_ciphersuite(gnutls_session_t session, |
1586 | | const ciphersuite_list_st * peer_clist, |
1587 | | const gnutls_cipher_suite_entry_st ** ce) |
1588 | 0 | { |
1589 | |
|
1590 | 0 | unsigned int i, j; |
1591 | 0 | int ret; |
1592 | 0 | const version_entry_st *version = get_version(session); |
1593 | 0 | unsigned int is_dtls = IS_DTLS(session); |
1594 | 0 | gnutls_kx_algorithm_t kx; |
1595 | 0 | gnutls_credentials_type_t cred_type = GNUTLS_CRD_CERTIFICATE; /* default for TLS1.3 */ |
1596 | 0 | const gnutls_group_entry_st *sgroup = NULL; |
1597 | 0 | gnutls_ext_priv_data_t epriv; |
1598 | 0 | unsigned have_etm = 0; |
1599 | |
|
1600 | 0 | if (version == NULL) { |
1601 | 0 | return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES); |
1602 | 0 | } |
1603 | | |
1604 | | /* we figure whether etm is negotiated by checking the raw extension data |
1605 | | * because we only set (security_params) EtM to true only after the ciphersuite is |
1606 | | * negotiated. */ |
1607 | 0 | ret = _gnutls_hello_ext_get_priv(session, GNUTLS_EXTENSION_ETM, &epriv); |
1608 | 0 | if (ret >= 0 && ((intptr_t) epriv) != 0) |
1609 | 0 | have_etm = 1; |
1610 | | |
1611 | | /* If we didn't receive the supported_groups extension, then |
1612 | | * we should assume that SECP256R1 is supported; that is required |
1613 | | * by RFC4492, probably to allow SSLv2 hellos negotiate elliptic curve |
1614 | | * ciphersuites */ |
1615 | 0 | if (!version->tls13_sem && session->internals.cand_ec_group == NULL && |
1616 | 0 | !_gnutls_hello_ext_is_present(session, |
1617 | 0 | GNUTLS_EXTENSION_SUPPORTED_GROUPS)) { |
1618 | 0 | session->internals.cand_ec_group = |
1619 | 0 | _gnutls_id_to_group(DEFAULT_EC_GROUP); |
1620 | 0 | } |
1621 | |
|
1622 | 0 | if (session->internals.priorities->server_precedence == 0) { |
1623 | 0 | for (i = 0; i < peer_clist->size; i++) { |
1624 | 0 | _gnutls_debug_log |
1625 | 0 | ("checking %.2x.%.2x (%s) for compatibility\n", |
1626 | 0 | (unsigned)peer_clist->entry[i]->id[0], |
1627 | 0 | (unsigned)peer_clist->entry[i]->id[1], |
1628 | 0 | peer_clist->entry[i]->name); |
1629 | 0 | VERSION_CHECK(peer_clist->entry[i]); |
1630 | |
|
1631 | 0 | kx = peer_clist->entry[i]->kx_algorithm; |
1632 | |
|
1633 | 0 | CIPHER_CHECK(peer_clist->entry[i]->block_algorithm); |
1634 | |
|
1635 | 0 | if (!version->tls13_sem) |
1636 | 0 | cred_type = _gnutls_map_kx_get_cred(kx, 1); |
1637 | |
|
1638 | 0 | for (j = 0; j < session->internals.priorities->cs.size; |
1639 | 0 | j++) { |
1640 | 0 | if (session->internals.priorities-> |
1641 | 0 | cs.entry[j] == peer_clist->entry[i]) { |
1642 | 0 | sgroup = NULL; |
1643 | 0 | if (!kx_is_ok |
1644 | 0 | (session, kx, cred_type, &sgroup)) |
1645 | 0 | continue; |
1646 | | |
1647 | | /* if we have selected PSK, we need a ciphersuites which matches |
1648 | | * the selected binder */ |
1649 | 0 | if (session->internals.hsk_flags & |
1650 | 0 | HSK_PSK_SELECTED) { |
1651 | 0 | if (session->key. |
1652 | 0 | binders[0].prf->id != |
1653 | 0 | session-> |
1654 | 0 | internals.priorities->cs. |
1655 | 0 | entry[j]->prf) |
1656 | 0 | continue; |
1657 | 0 | } else if (cred_type == |
1658 | 0 | GNUTLS_CRD_CERTIFICATE) { |
1659 | 0 | ret = |
1660 | 0 | _gnutls_select_server_cert |
1661 | 0 | (session, |
1662 | 0 | peer_clist->entry[i]); |
1663 | 0 | if (ret < 0) { |
1664 | | /* couldn't select cert with this ciphersuite */ |
1665 | 0 | gnutls_assert(); |
1666 | 0 | break; |
1667 | 0 | } |
1668 | 0 | } |
1669 | | |
1670 | | /* select the group based on the selected ciphersuite */ |
1671 | 0 | if (sgroup) |
1672 | 0 | _gnutls_session_group_set |
1673 | 0 | (session, sgroup); |
1674 | 0 | *ce = peer_clist->entry[i]; |
1675 | 0 | return 0; |
1676 | 0 | } |
1677 | 0 | } |
1678 | 0 | } |
1679 | 0 | } else { |
1680 | 0 | for (j = 0; j < session->internals.priorities->cs.size; j++) { |
1681 | 0 | VERSION_CHECK(session->internals.priorities-> |
1682 | 0 | cs.entry[j]); |
1683 | |
|
1684 | 0 | CIPHER_CHECK(session->internals.priorities-> |
1685 | 0 | cs.entry[j]->block_algorithm); |
1686 | |
|
1687 | 0 | for (i = 0; i < peer_clist->size; i++) { |
1688 | 0 | _gnutls_debug_log |
1689 | 0 | ("checking %.2x.%.2x (%s) for compatibility\n", |
1690 | 0 | (unsigned)peer_clist->entry[i]->id[0], |
1691 | 0 | (unsigned)peer_clist->entry[i]->id[1], |
1692 | 0 | peer_clist->entry[i]->name); |
1693 | |
|
1694 | 0 | if (session->internals.priorities-> |
1695 | 0 | cs.entry[j] == peer_clist->entry[i]) { |
1696 | 0 | sgroup = NULL; |
1697 | 0 | kx = peer_clist->entry[i]->kx_algorithm; |
1698 | |
|
1699 | 0 | if (!version->tls13_sem) |
1700 | 0 | cred_type = |
1701 | 0 | _gnutls_map_kx_get_cred(kx, |
1702 | 0 | 1); |
1703 | |
|
1704 | 0 | if (!kx_is_ok |
1705 | 0 | (session, kx, cred_type, &sgroup)) |
1706 | 0 | break; |
1707 | | |
1708 | | /* if we have selected PSK, we need a ciphersuites which matches |
1709 | | * the selected binder */ |
1710 | 0 | if (session->internals.hsk_flags & |
1711 | 0 | HSK_PSK_SELECTED) { |
1712 | 0 | if (session->key. |
1713 | 0 | binders[0].prf->id != |
1714 | 0 | session-> |
1715 | 0 | internals.priorities->cs. |
1716 | 0 | entry[j]->prf) |
1717 | 0 | break; |
1718 | 0 | } else if (cred_type == |
1719 | 0 | GNUTLS_CRD_CERTIFICATE) { |
1720 | 0 | ret = |
1721 | 0 | _gnutls_select_server_cert |
1722 | 0 | (session, |
1723 | 0 | peer_clist->entry[i]); |
1724 | 0 | if (ret < 0) { |
1725 | | /* couldn't select cert with this ciphersuite */ |
1726 | 0 | gnutls_assert(); |
1727 | 0 | break; |
1728 | 0 | } |
1729 | 0 | } |
1730 | | |
1731 | | /* select the group based on the selected ciphersuite */ |
1732 | 0 | if (sgroup) |
1733 | 0 | _gnutls_session_group_set |
1734 | 0 | (session, sgroup); |
1735 | 0 | *ce = peer_clist->entry[i]; |
1736 | 0 | return 0; |
1737 | 0 | } |
1738 | 0 | } |
1739 | 0 | } |
1740 | |
|
1741 | 0 | } |
1742 | | |
1743 | | /* nothing in common */ |
1744 | | |
1745 | 0 | return gnutls_assert_val(GNUTLS_E_NO_CIPHER_SUITES); |
1746 | 0 | } |
1747 | | |
1748 | | #define CLIENT_VERSION_CHECK(minver, maxver, e) \ |
1749 | 0 | if (is_dtls) { \ |
1750 | 0 | if (e->min_dtls_version > maxver->id) \ |
1751 | 0 | continue; \ |
1752 | 0 | } else { \ |
1753 | 0 | if (e->min_version > maxver->id) \ |
1754 | 0 | continue; \ |
1755 | 0 | } |
1756 | | |
1757 | | #define RESERVED_CIPHERSUITES 4 |
1758 | | int |
1759 | | _gnutls_get_client_ciphersuites(gnutls_session_t session, |
1760 | | gnutls_buffer_st * cdata, |
1761 | | const version_entry_st * vmin, |
1762 | | unsigned add_scsv) |
1763 | 0 | { |
1764 | |
|
1765 | 0 | unsigned int j; |
1766 | 0 | int ret; |
1767 | 0 | unsigned int is_dtls = IS_DTLS(session); |
1768 | 0 | gnutls_kx_algorithm_t kx; |
1769 | 0 | gnutls_credentials_type_t cred_type; |
1770 | 0 | uint8_t cipher_suites[MAX_CIPHERSUITE_SIZE * 2 + RESERVED_CIPHERSUITES]; |
1771 | 0 | unsigned cipher_suites_size = 0; |
1772 | 0 | size_t init_length = cdata->length; |
1773 | 0 | const version_entry_st *vmax; |
1774 | |
|
1775 | 0 | vmax = _gnutls_version_max(session); |
1776 | 0 | if (vmax == NULL) |
1777 | 0 | return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET); |
1778 | | |
1779 | 0 | for (j = 0; j < session->internals.priorities->cs.size; j++) { |
1780 | 0 | CLIENT_VERSION_CHECK(vmin, vmax, |
1781 | 0 | session->internals.priorities-> |
1782 | 0 | cs.entry[j]); |
1783 | |
|
1784 | 0 | kx = session->internals.priorities->cs.entry[j]->kx_algorithm; |
1785 | 0 | if (kx != GNUTLS_KX_UNKNOWN) { /* In TLS 1.3 ciphersuites don't map to credentials */ |
1786 | 0 | cred_type = _gnutls_map_kx_get_cred(kx, 0); |
1787 | |
|
1788 | 0 | if (!session->internals.premaster_set |
1789 | 0 | && _gnutls_get_cred(session, cred_type) == NULL) |
1790 | 0 | continue; |
1791 | | |
1792 | 0 | KX_SRP_CHECKS(kx, continue); |
1793 | 0 | } |
1794 | | |
1795 | 0 | _gnutls_debug_log("Keeping ciphersuite %.2x.%.2x (%s)\n", |
1796 | 0 | (unsigned)session->internals.priorities-> |
1797 | 0 | cs.entry[j]->id[0], |
1798 | 0 | (unsigned)session->internals.priorities-> |
1799 | 0 | cs.entry[j]->id[1], |
1800 | 0 | session->internals.priorities->cs. |
1801 | 0 | entry[j]->name); |
1802 | 0 | cipher_suites[cipher_suites_size] = |
1803 | 0 | session->internals.priorities->cs.entry[j]->id[0]; |
1804 | 0 | cipher_suites[cipher_suites_size + 1] = |
1805 | 0 | session->internals.priorities->cs.entry[j]->id[1]; |
1806 | 0 | cipher_suites_size += 2; |
1807 | |
|
1808 | 0 | if (cipher_suites_size >= MAX_CIPHERSUITE_SIZE * 2) |
1809 | 0 | break; |
1810 | 0 | } |
1811 | | #ifdef ENABLE_SSL3 |
1812 | | if (add_scsv) { |
1813 | | cipher_suites[cipher_suites_size] = 0x00; |
1814 | | cipher_suites[cipher_suites_size + 1] = 0xff; |
1815 | | cipher_suites_size += 2; |
1816 | | |
1817 | | ret = _gnutls_ext_sr_send_cs(session); |
1818 | | if (ret < 0) |
1819 | | return gnutls_assert_val(ret); |
1820 | | |
1821 | | _gnutls_hello_ext_save_sr(session); |
1822 | | } |
1823 | | #endif |
1824 | |
|
1825 | 0 | if (session->internals.priorities->fallback) { |
1826 | 0 | cipher_suites[cipher_suites_size] = GNUTLS_FALLBACK_SCSV_MAJOR; |
1827 | 0 | cipher_suites[cipher_suites_size + 1] = |
1828 | 0 | GNUTLS_FALLBACK_SCSV_MINOR; |
1829 | 0 | cipher_suites_size += 2; |
1830 | 0 | } |
1831 | |
|
1832 | 0 | ret = |
1833 | 0 | _gnutls_buffer_append_data_prefix(cdata, 16, cipher_suites, |
1834 | 0 | cipher_suites_size); |
1835 | 0 | if (ret < 0) |
1836 | 0 | return gnutls_assert_val(ret); |
1837 | | |
1838 | 0 | return cdata->length - init_length; |
1839 | 0 | } |
1840 | | |
1841 | | /** |
1842 | | * gnutls_priority_get_cipher_suite_index: |
1843 | | * @pcache: is a #gnutls_priority_t type. |
1844 | | * @idx: is an index number. |
1845 | | * @sidx: internal index of cipher suite to get information about. |
1846 | | * |
1847 | | * Provides the internal ciphersuite index to be used with |
1848 | | * gnutls_cipher_suite_info(). The index @idx provided is an |
1849 | | * index kept at the priorities structure. It might be that a valid |
1850 | | * priorities index does not correspond to a ciphersuite and in |
1851 | | * that case %GNUTLS_E_UNKNOWN_CIPHER_SUITE will be returned. |
1852 | | * Once the last available index is crossed then |
1853 | | * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned. |
1854 | | * |
1855 | | * Returns: On success it returns %GNUTLS_E_SUCCESS (0), or a negative error value otherwise. |
1856 | | * |
1857 | | * Since: 3.0.9 |
1858 | | **/ |
1859 | | int |
1860 | | gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache, |
1861 | | unsigned int idx, unsigned int *sidx) |
1862 | 0 | { |
1863 | 0 | unsigned int i, j; |
1864 | 0 | unsigned max_tls = 0; |
1865 | 0 | unsigned max_dtls = 0; |
1866 | |
|
1867 | 0 | if (idx >= pcache->cs.size) |
1868 | 0 | return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; |
1869 | | |
1870 | | /* find max_tls and max_dtls */ |
1871 | 0 | for (j = 0; j < pcache->protocol.num_priorities; j++) { |
1872 | 0 | if (pcache->protocol.priorities[j] <= GNUTLS_TLS_VERSION_MAX && |
1873 | 0 | pcache->protocol.priorities[j] >= max_tls) { |
1874 | 0 | max_tls = pcache->protocol.priorities[j]; |
1875 | 0 | } else if (pcache->protocol.priorities[j] <= |
1876 | 0 | GNUTLS_DTLS_VERSION_MAX |
1877 | 0 | && pcache->protocol.priorities[j] >= max_dtls) { |
1878 | 0 | max_dtls = pcache->protocol.priorities[j]; |
1879 | 0 | } |
1880 | 0 | } |
1881 | |
|
1882 | 0 | for (i = 0; i < CIPHER_SUITES_COUNT; i++) { |
1883 | 0 | if (pcache->cs.entry[idx] != &cs_algorithms[i]) |
1884 | 0 | continue; |
1885 | | |
1886 | 0 | *sidx = i; |
1887 | 0 | if (_gnutls_cipher_exists(cs_algorithms[i].block_algorithm) && |
1888 | 0 | _gnutls_mac_exists(cs_algorithms[i].mac_algorithm)) { |
1889 | 0 | if (max_tls >= cs_algorithms[i].min_version) { |
1890 | 0 | return 0; |
1891 | 0 | } else if (max_dtls >= |
1892 | 0 | cs_algorithms[i].min_dtls_version) { |
1893 | 0 | return 0; |
1894 | 0 | } |
1895 | 0 | } else |
1896 | 0 | break; |
1897 | 0 | } |
1898 | | |
1899 | 0 | return GNUTLS_E_UNKNOWN_CIPHER_SUITE; |
1900 | 0 | } |