- /* Cipher 47 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 48 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 49 */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_DES_CBC_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_DES_CBC_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4A */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4B */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4C */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 256,
- 256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 5B */
- /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4B for this */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
- TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 5C */
- /* XXX NOTE: The ECC/TLS draft has a bug and reuses 4C for this */
- {
- 1,
- TLS1_TXT_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
- TLS1_CK_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA,
- SSL_kECDH|SSL_aECDSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4D */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
- TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
- SSL_kECDH|SSL_aRSA|SSL_eNULL|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4E */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
- SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 4F */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_DES_CBC_SHA,
- TLS1_CK_ECDH_RSA_WITH_DES_CBC_SHA,
- SSL_kECDH|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 50 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
- SSL_kECDH|SSL_aRSA|SSL_3DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 51 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 52 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
- TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
- SSL_kECDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 256,
- 256,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 53 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
- TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_40_SHA,
- SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 54 */
- {
- 1,
- TLS1_TXT_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
- TLS1_CK_ECDH_RSA_EXPORT_WITH_RC4_56_SHA,
- SSL_kECDH|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP56,
- 0,
- 56,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 55 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
- TLS1_CK_ECDH_anon_WITH_NULL_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_eNULL|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 0,
- 0,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 56 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
- TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 57 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_DES_CBC_SHA,
- TLS1_CK_ECDH_anon_WITH_DES_CBC_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_LOW,
- 0,
- 56,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 58 */
- {
- 1,
- TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
- TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_3DES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_HIGH,
- 0,
- 168,
- 168,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 59 */
- {
- 1,
- TLS1_TXT_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
- TLS1_CK_ECDH_anon_EXPORT_WITH_DES_40_CBC_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_DES|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 56,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 5A */
- {
- 1,
- TLS1_TXT_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
- TLS1_CK_ECDH_anon_EXPORT_WITH_RC4_40_SHA,
- SSL_kECDHE|SSL_aNULL|SSL_RC4|SSL_SHA|SSL_TLSV1,
- SSL_EXPORT|SSL_EXP40,
- 0,
- 40,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 77 XXX: ECC ciphersuites offering forward secrecy
- * are not yet specified in the ECC/TLS draft but our code
- * allows them to be implemented very easily. To add such
- * a cipher suite, one needs to add two constant definitions
- * to tls1.h and a new structure in this file as shown below. We
- * illustrate the process for the made-up cipher
- * ECDHE-ECDSA-AES128-SHA.
- */
- {
- 1,
- TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE|SSL_aECDSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
- /* Cipher 78 XXX: Another made-up ECC cipher suite that
- * offers forward secrecy (ECDHE-RSA-AES128-SHA).
- */
- {
- 1,
- TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,
- SSL_NOT_EXP|SSL_MEDIUM,
- 0,
- 128,
- 128,
- SSL_ALL_CIPHERS,
- SSL_ALL_STRENGTHS,
- },
-
-#endif /* !OPENSSL_NO_ECDH */
+ /* Cipher C001 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C002 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C003 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C004 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C005 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C006 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C007 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C008 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C009 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00A */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C00B */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+ TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C00C */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00D */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C00E */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C00F */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C010 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C011 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C012 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C013 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C014 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C015 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+ TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_eNULL,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 0,
+ 0,
+ },
+
+ /* Cipher C016 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+ TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_RC4,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C017 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C018 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C019 */
+ {
+ 1,
+ TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+ TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+ SSL_kEECDH,
+ SSL_aNULL,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_SRP
+ /* Cipher C01A */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01B */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01C */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_3DES,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 112,
+ 168,
+ },
+
+ /* Cipher C01D */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01E */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C01F */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES128,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 128,
+ 128,
+ },
+
+ /* Cipher C020 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aSRP,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C021 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+
+ /* Cipher C022 */
+ {
+ 1,
+ TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+ SSL_kSRP,
+ SSL_aDSS,
+ SSL_AES256,
+ SSL_SHA1,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+#endif /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
+
+ /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C023 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C024 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C025 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C026 */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C027 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C028 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C029 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128,
+ SSL_SHA256,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02A */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256,
+ SSL_SHA384,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* GCM based TLS v1.2 ciphersuites from RFC5289 */
+
+ /* Cipher C02B */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02C */
+ {
+ 1,
+ TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aECDSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02D */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C02E */
+ {
+ 1,
+ TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHe,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C02F */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C030 */
+ {
+ 1,
+ TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kEECDH,
+ SSL_aRSA,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+ /* Cipher C031 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES128GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+ 128,
+ 128,
+ },
+
+ /* Cipher C032 */
+ {
+ 1,
+ TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+ SSL_kECDHr,
+ SSL_aECDH,
+ SSL_AES256GCM,
+ SSL_AEAD,
+ SSL_TLSV1_2,
+ SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+ 256,
+ 256,
+ },
+
+#endif /* OPENSSL_NO_ECDH */
+
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+ {
+ 1,
+ "GOST-MD5",
+ 0x0300ff00,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_MD5,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256,
+ },
+ {
+ 1,
+ "GOST-GOST94",
+ 0x0300ff01,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST94,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89MAC",
+ 0x0300ff02,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+ 256,
+ 256},
+ {
+ 1,
+ "GOST-GOST89STREAM",
+ 0x0300ff03,
+ SSL_kRSA,
+ SSL_aRSA,
+ SSL_eGOST2814789CNT,
+ SSL_GOST89MAC,
+ SSL_TLSV1,
+ SSL_NOT_EXP | SSL_HIGH,
+ SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
+ 256,
+ 256},
+#endif