# define TLS1_CK_RSA_PSK_WITH_NULL_SHA256 0x030000B8
# define TLS1_CK_RSA_PSK_WITH_NULL_SHA384 0x030000B9
+/* NULL PSK ciphersuites from RFC4785 */
+
+# define TLS1_CK_PSK_WITH_NULL_SHA 0x0300002C
+# define TLS1_CK_DHE_PSK_WITH_NULL_SHA 0x0300002D
+# define TLS1_CK_RSA_PSK_WITH_NULL_SHA 0x0300002E
+
/* AES ciphersuites from RFC3268 */
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+/* CCM ciphersuites from RFC6655 */
+# define TLS1_CK_RSA_WITH_AES_128_CCM 0x0300C09C
+# define TLS1_CK_RSA_WITH_AES_256_CCM 0x0300C09D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM 0x0300C09E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM 0x0300C09F
+# define TLS1_CK_RSA_WITH_AES_128_CCM_8 0x0300C0A0
+# define TLS1_CK_RSA_WITH_AES_256_CCM_8 0x0300C0A1
+# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 0x0300C0A2
+# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 0x0300C0A3
+# define TLS1_CK_PSK_WITH_AES_128_CCM 0x0300C0A4
+# define TLS1_CK_PSK_WITH_AES_256_CCM 0x0300C0A5
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM 0x0300C0A6
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM 0x0300C0A7
+# define TLS1_CK_PSK_WITH_AES_128_CCM_8 0x0300C0A8
+# define TLS1_CK_PSK_WITH_AES_256_CCM_8 0x0300C0A9
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 0x0300C0AA
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 0x0300C0AB
+
+/* CCM ciphersuites from RFC7251 */
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM 0x0300C0AC
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM 0x0300C0AD
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 0x0300C0AE
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 0x0300C0AF
+
/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
# define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
# define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
+/* NULL PSK ciphersuites from RFC4785 */
+
# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA 0x0300C039
# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 0x0300C03A
# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 0x0300C03B
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
+# define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
+# define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
+# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
+# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
+# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
+# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
+# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
+# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
+
/*
* XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
* ciphers names with "EDH" instead of "DHE". Going forward, we should be
# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
+# define TLS1_TXT_PSK_WITH_NULL_SHA "PSK-NULL-SHA"
+# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA "DHE-PSK-NULL-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA "RSA-PSK-NULL-SHA"
+
/* AES ciphersuites from RFC3268 */
# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
+# define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
+
/* SEED ciphersuites from RFC4162 */
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+/* CCM ciphersuites from RFC6655 */
+
+# define TLS1_TXT_RSA_WITH_AES_128_CCM "AES128-CCM"
+# define TLS1_TXT_RSA_WITH_AES_256_CCM "AES256-CCM"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM "DHE-RSA-AES128-CCM"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM "DHE-RSA-AES256-CCM"
+
+# define TLS1_TXT_RSA_WITH_AES_128_CCM_8 "AES128-CCM8"
+# define TLS1_TXT_RSA_WITH_AES_256_CCM_8 "AES256-CCM8"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 "DHE-RSA-AES128-CCM8"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 "DHE-RSA-AES256-CCM8"
+
+# define TLS1_TXT_PSK_WITH_AES_128_CCM "PSK-AES128-CCM"
+# define TLS1_TXT_PSK_WITH_AES_256_CCM "PSK-AES256-CCM"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM "DHE-PSK-AES128-CCM"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM "DHE-PSK-AES256-CCM"
+
+# define TLS1_TXT_PSK_WITH_AES_128_CCM_8 "PSK-AES128-CCM8"
+# define TLS1_TXT_PSK_WITH_AES_256_CCM_8 "PSK-AES256-CCM8"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 "DHE-PSK-AES128-CCM8"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 "DHE-PSK-AES256-CCM8"
+
+/* CCM ciphersuites from RFC7251 */
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM "ECDHE-ECDSA-AES128-CCM"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM "ECDHE-ECDSA-AES256-CCM"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM8"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 "ECDHE-ECDSA-AES256-CCM8"
+
/* ECDH HMAC based ciphersuites from RFC5289 */
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
# define TLS_CT_ECDSA_SIGN 64
# define TLS_CT_RSA_FIXED_ECDH 65
# define TLS_CT_ECDSA_FIXED_ECDH 66
-# define TLS_CT_GOST94_SIGN 21
# define TLS_CT_GOST01_SIGN 22
/*
* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see