#endif
#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers
-** 20000107 VRS: And the first shall be last,
-** in hopes of avoiding the lynx ssl renegotiation problem.
-*/
+/* The Kerberos ciphers*/
/* Cipher 1E */
{
1,
},
#endif /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SEED
+ /* SEED ciphersuites from RFC4162 */
+
+ /* Cipher 96 */
+ {
+ 1,
+ TLS1_TXT_RSA_WITH_SEED_SHA,
+ TLS1_CK_RSA_WITH_SEED_SHA,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+ /* Cipher 97 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+ TLS1_CK_DH_DSS_WITH_SEED_SHA,
+ SSL_kDHd,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+ /* Cipher 98 */
+ {
+ 0, /* not implemented (non-ephemeral DH) */
+ TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+ TLS1_CK_DH_RSA_WITH_SEED_SHA,
+ SSL_kDHr,
+ SSL_aDH,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+ /* Cipher 99 */
+ {
+ 1,
+ TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+ TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aDSS,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9A */
+ {
+ 1,
+ TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+ TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aRSA,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+ /* Cipher 9B */
+ {
+ 1,
+ TLS1_TXT_ADH_WITH_SEED_SHA,
+ TLS1_CK_ADH_WITH_SEED_SHA,
+ SSL_kEDH,
+ SSL_aNULL,
+ SSL_SEED,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_MEDIUM,
+ 0,
+ 128,
+ 128,
+ },
+
+#endif /* OPENSSL_NO_SEED */
+
#ifndef OPENSSL_NO_ECDH
/* Cipher C001 */
{
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_STRONG_NONE,
0,
0,
0,
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_STRONG_NONE,
0,
0,
0,
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_STRONG_NONE,
0,
0,
0,
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_STRONG_NONE,
0,
0,
0,
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
SSL_eNULL,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_STRONG_NONE,
0,
0,
0,
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP,
+ SSL_NOT_EXP|SSL_MEDIUM,
0,
128,
128,
},
#endif /* OPENSSL_NO_ECDH */
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+ {
+ 1,
+ "GOST-MD5",
+ 0x0300ff00,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ 0,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "GOST-GOST94",
+ 0x0300ff01,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ 0,
+ 256,
+ 256
+ },
+ {
+ 1,
+ "GOST-GOST89MAC",
+ 0x0300ff02,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ 0,
+ 256,
+ 256
+ },
+ {
+ 1,
+ "GOST-GOST89STREAM",
+ 0x0300ff03,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP|SSL_HIGH,
+ TLS1_STREAM_MAC,
+ 256,
+ 256
+ },
+#endif
+
/* end of list */
};