2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4 * Copyright 2005 Nokia. All rights reserved.
6 * Licensed under the OpenSSL license (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
13 #include <openssl/objects.h>
15 #include <openssl/md5.h>
16 #include <openssl/dh.h>
17 #include <openssl/rand.h>
18 #include "internal/cryptlib.h"
20 #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers)
21 #define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs)
23 /* TLSv1.3 downgrade protection sentinel values */
24 const unsigned char tls11downgrade[] = {
25 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x00
27 const unsigned char tls12downgrade[] = {
28 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44, 0x01
32 * The list of available ciphers, mostly organized into the following
37 * SRP (within that: RSA EC PSK)
38 * Cipher families: Chacha/poly, Camellia, Gost, IDEA, SEED
41 static SSL_CIPHER ssl3_ciphers[] = {
44 SSL3_TXT_RSA_NULL_MD5,
45 SSL3_RFC_RSA_NULL_MD5,
51 SSL3_VERSION, TLS1_2_VERSION,
52 DTLS1_BAD_VER, DTLS1_2_VERSION,
54 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
60 SSL3_TXT_RSA_NULL_SHA,
61 SSL3_RFC_RSA_NULL_SHA,
67 SSL3_VERSION, TLS1_2_VERSION,
68 DTLS1_BAD_VER, DTLS1_2_VERSION,
69 SSL_STRONG_NONE | SSL_FIPS,
70 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
74 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
77 SSL3_TXT_RSA_DES_192_CBC3_SHA,
78 SSL3_RFC_RSA_DES_192_CBC3_SHA,
79 SSL3_CK_RSA_DES_192_CBC3_SHA,
84 SSL3_VERSION, TLS1_2_VERSION,
85 DTLS1_BAD_VER, DTLS1_2_VERSION,
86 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
87 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
93 SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA,
94 SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA,
95 SSL3_CK_DHE_DSS_DES_192_CBC3_SHA,
100 SSL3_VERSION, TLS1_2_VERSION,
101 DTLS1_BAD_VER, DTLS1_2_VERSION,
102 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
103 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
109 SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA,
110 SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA,
111 SSL3_CK_DHE_RSA_DES_192_CBC3_SHA,
116 SSL3_VERSION, TLS1_2_VERSION,
117 DTLS1_BAD_VER, DTLS1_2_VERSION,
118 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
119 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
125 SSL3_TXT_ADH_DES_192_CBC_SHA,
126 SSL3_RFC_ADH_DES_192_CBC_SHA,
127 SSL3_CK_ADH_DES_192_CBC_SHA,
132 SSL3_VERSION, TLS1_2_VERSION,
133 DTLS1_BAD_VER, DTLS1_2_VERSION,
134 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
135 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
142 TLS1_TXT_RSA_WITH_AES_128_SHA,
143 TLS1_RFC_RSA_WITH_AES_128_SHA,
144 TLS1_CK_RSA_WITH_AES_128_SHA,
149 SSL3_VERSION, TLS1_2_VERSION,
150 DTLS1_BAD_VER, DTLS1_2_VERSION,
152 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
158 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
159 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA,
160 TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
165 SSL3_VERSION, TLS1_2_VERSION,
166 DTLS1_BAD_VER, DTLS1_2_VERSION,
167 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
168 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
174 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
175 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA,
176 TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
181 SSL3_VERSION, TLS1_2_VERSION,
182 DTLS1_BAD_VER, DTLS1_2_VERSION,
184 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
190 TLS1_TXT_ADH_WITH_AES_128_SHA,
191 TLS1_RFC_ADH_WITH_AES_128_SHA,
192 TLS1_CK_ADH_WITH_AES_128_SHA,
197 SSL3_VERSION, TLS1_2_VERSION,
198 DTLS1_BAD_VER, DTLS1_2_VERSION,
199 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
200 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
206 TLS1_TXT_RSA_WITH_AES_256_SHA,
207 TLS1_RFC_RSA_WITH_AES_256_SHA,
208 TLS1_CK_RSA_WITH_AES_256_SHA,
213 SSL3_VERSION, TLS1_2_VERSION,
214 DTLS1_BAD_VER, DTLS1_2_VERSION,
216 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
222 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
223 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA,
224 TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
229 SSL3_VERSION, TLS1_2_VERSION,
230 DTLS1_BAD_VER, DTLS1_2_VERSION,
231 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
232 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
238 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
239 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA,
240 TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
245 SSL3_VERSION, TLS1_2_VERSION,
246 DTLS1_BAD_VER, DTLS1_2_VERSION,
248 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
254 TLS1_TXT_ADH_WITH_AES_256_SHA,
255 TLS1_RFC_ADH_WITH_AES_256_SHA,
256 TLS1_CK_ADH_WITH_AES_256_SHA,
261 SSL3_VERSION, TLS1_2_VERSION,
262 DTLS1_BAD_VER, DTLS1_2_VERSION,
263 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
264 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
270 TLS1_TXT_RSA_WITH_NULL_SHA256,
271 TLS1_RFC_RSA_WITH_NULL_SHA256,
272 TLS1_CK_RSA_WITH_NULL_SHA256,
277 TLS1_2_VERSION, TLS1_2_VERSION,
278 DTLS1_2_VERSION, DTLS1_2_VERSION,
279 SSL_STRONG_NONE | SSL_FIPS,
280 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
286 TLS1_TXT_RSA_WITH_AES_128_SHA256,
287 TLS1_RFC_RSA_WITH_AES_128_SHA256,
288 TLS1_CK_RSA_WITH_AES_128_SHA256,
293 TLS1_2_VERSION, TLS1_2_VERSION,
294 DTLS1_2_VERSION, DTLS1_2_VERSION,
296 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
302 TLS1_TXT_RSA_WITH_AES_256_SHA256,
303 TLS1_RFC_RSA_WITH_AES_256_SHA256,
304 TLS1_CK_RSA_WITH_AES_256_SHA256,
309 TLS1_2_VERSION, TLS1_2_VERSION,
310 DTLS1_2_VERSION, DTLS1_2_VERSION,
312 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
318 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
319 TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256,
320 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
325 TLS1_2_VERSION, TLS1_2_VERSION,
326 DTLS1_2_VERSION, DTLS1_2_VERSION,
327 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
328 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
334 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
335 TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256,
336 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
341 TLS1_2_VERSION, TLS1_2_VERSION,
342 DTLS1_2_VERSION, DTLS1_2_VERSION,
344 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
350 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
351 TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256,
352 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
357 TLS1_2_VERSION, TLS1_2_VERSION,
358 DTLS1_2_VERSION, DTLS1_2_VERSION,
359 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
360 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
366 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
367 TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256,
368 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
373 TLS1_2_VERSION, TLS1_2_VERSION,
374 DTLS1_2_VERSION, DTLS1_2_VERSION,
376 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
382 TLS1_TXT_ADH_WITH_AES_128_SHA256,
383 TLS1_RFC_ADH_WITH_AES_128_SHA256,
384 TLS1_CK_ADH_WITH_AES_128_SHA256,
389 TLS1_2_VERSION, TLS1_2_VERSION,
390 DTLS1_2_VERSION, DTLS1_2_VERSION,
391 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
392 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
398 TLS1_TXT_ADH_WITH_AES_256_SHA256,
399 TLS1_RFC_ADH_WITH_AES_256_SHA256,
400 TLS1_CK_ADH_WITH_AES_256_SHA256,
405 TLS1_2_VERSION, TLS1_2_VERSION,
406 DTLS1_2_VERSION, DTLS1_2_VERSION,
407 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
408 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
414 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
415 TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256,
416 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
421 TLS1_2_VERSION, TLS1_2_VERSION,
422 DTLS1_2_VERSION, DTLS1_2_VERSION,
424 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
430 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
431 TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384,
432 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
437 TLS1_2_VERSION, TLS1_2_VERSION,
438 DTLS1_2_VERSION, DTLS1_2_VERSION,
440 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
446 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
447 TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256,
448 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
453 TLS1_2_VERSION, TLS1_2_VERSION,
454 DTLS1_2_VERSION, DTLS1_2_VERSION,
456 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
462 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
463 TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384,
464 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
469 TLS1_2_VERSION, TLS1_2_VERSION,
470 DTLS1_2_VERSION, DTLS1_2_VERSION,
472 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
478 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
479 TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256,
480 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
485 TLS1_2_VERSION, TLS1_2_VERSION,
486 DTLS1_2_VERSION, DTLS1_2_VERSION,
487 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
488 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
494 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
495 TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384,
496 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
501 TLS1_2_VERSION, TLS1_2_VERSION,
502 DTLS1_2_VERSION, DTLS1_2_VERSION,
503 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
504 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
510 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
511 TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256,
512 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
517 TLS1_2_VERSION, TLS1_2_VERSION,
518 DTLS1_2_VERSION, DTLS1_2_VERSION,
519 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
520 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
526 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
527 TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384,
528 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
533 TLS1_2_VERSION, TLS1_2_VERSION,
534 DTLS1_2_VERSION, DTLS1_2_VERSION,
535 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
536 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
542 TLS1_TXT_RSA_WITH_AES_128_CCM,
543 TLS1_RFC_RSA_WITH_AES_128_CCM,
544 TLS1_CK_RSA_WITH_AES_128_CCM,
549 TLS1_2_VERSION, TLS1_2_VERSION,
550 DTLS1_2_VERSION, DTLS1_2_VERSION,
551 SSL_NOT_DEFAULT | SSL_HIGH,
552 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
558 TLS1_TXT_RSA_WITH_AES_256_CCM,
559 TLS1_RFC_RSA_WITH_AES_256_CCM,
560 TLS1_CK_RSA_WITH_AES_256_CCM,
565 TLS1_2_VERSION, TLS1_2_VERSION,
566 DTLS1_2_VERSION, DTLS1_2_VERSION,
567 SSL_NOT_DEFAULT | SSL_HIGH,
568 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
574 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM,
575 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM,
576 TLS1_CK_DHE_RSA_WITH_AES_128_CCM,
581 TLS1_2_VERSION, TLS1_2_VERSION,
582 DTLS1_2_VERSION, DTLS1_2_VERSION,
583 SSL_NOT_DEFAULT | SSL_HIGH,
584 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
590 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM,
591 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM,
592 TLS1_CK_DHE_RSA_WITH_AES_256_CCM,
597 TLS1_2_VERSION, TLS1_2_VERSION,
598 DTLS1_2_VERSION, DTLS1_2_VERSION,
599 SSL_NOT_DEFAULT | SSL_HIGH,
600 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
606 TLS1_TXT_RSA_WITH_AES_128_CCM_8,
607 TLS1_RFC_RSA_WITH_AES_128_CCM_8,
608 TLS1_CK_RSA_WITH_AES_128_CCM_8,
613 TLS1_2_VERSION, TLS1_2_VERSION,
614 DTLS1_2_VERSION, DTLS1_2_VERSION,
615 SSL_NOT_DEFAULT | SSL_HIGH,
616 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
622 TLS1_TXT_RSA_WITH_AES_256_CCM_8,
623 TLS1_RFC_RSA_WITH_AES_256_CCM_8,
624 TLS1_CK_RSA_WITH_AES_256_CCM_8,
629 TLS1_2_VERSION, TLS1_2_VERSION,
630 DTLS1_2_VERSION, DTLS1_2_VERSION,
631 SSL_NOT_DEFAULT | SSL_HIGH,
632 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
638 TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8,
639 TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8,
640 TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8,
645 TLS1_2_VERSION, TLS1_2_VERSION,
646 DTLS1_2_VERSION, DTLS1_2_VERSION,
647 SSL_NOT_DEFAULT | SSL_HIGH,
648 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
654 TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8,
655 TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8,
656 TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8,
661 TLS1_2_VERSION, TLS1_2_VERSION,
662 DTLS1_2_VERSION, DTLS1_2_VERSION,
663 SSL_NOT_DEFAULT | SSL_HIGH,
664 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
670 TLS1_TXT_PSK_WITH_AES_128_CCM,
671 TLS1_RFC_PSK_WITH_AES_128_CCM,
672 TLS1_CK_PSK_WITH_AES_128_CCM,
677 TLS1_2_VERSION, TLS1_2_VERSION,
678 DTLS1_2_VERSION, DTLS1_2_VERSION,
679 SSL_NOT_DEFAULT | SSL_HIGH,
680 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
686 TLS1_TXT_PSK_WITH_AES_256_CCM,
687 TLS1_RFC_PSK_WITH_AES_256_CCM,
688 TLS1_CK_PSK_WITH_AES_256_CCM,
693 TLS1_2_VERSION, TLS1_2_VERSION,
694 DTLS1_2_VERSION, DTLS1_2_VERSION,
695 SSL_NOT_DEFAULT | SSL_HIGH,
696 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
702 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM,
703 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM,
704 TLS1_CK_DHE_PSK_WITH_AES_128_CCM,
709 TLS1_2_VERSION, TLS1_2_VERSION,
710 DTLS1_2_VERSION, DTLS1_2_VERSION,
711 SSL_NOT_DEFAULT | SSL_HIGH,
712 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
718 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM,
719 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM,
720 TLS1_CK_DHE_PSK_WITH_AES_256_CCM,
725 TLS1_2_VERSION, TLS1_2_VERSION,
726 DTLS1_2_VERSION, DTLS1_2_VERSION,
727 SSL_NOT_DEFAULT | SSL_HIGH,
728 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
734 TLS1_TXT_PSK_WITH_AES_128_CCM_8,
735 TLS1_RFC_PSK_WITH_AES_128_CCM_8,
736 TLS1_CK_PSK_WITH_AES_128_CCM_8,
741 TLS1_2_VERSION, TLS1_2_VERSION,
742 DTLS1_2_VERSION, DTLS1_2_VERSION,
743 SSL_NOT_DEFAULT | SSL_HIGH,
744 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
750 TLS1_TXT_PSK_WITH_AES_256_CCM_8,
751 TLS1_RFC_PSK_WITH_AES_256_CCM_8,
752 TLS1_CK_PSK_WITH_AES_256_CCM_8,
757 TLS1_2_VERSION, TLS1_2_VERSION,
758 DTLS1_2_VERSION, DTLS1_2_VERSION,
759 SSL_NOT_DEFAULT | SSL_HIGH,
760 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
766 TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8,
767 TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8,
768 TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8,
773 TLS1_2_VERSION, TLS1_2_VERSION,
774 DTLS1_2_VERSION, DTLS1_2_VERSION,
775 SSL_NOT_DEFAULT | SSL_HIGH,
776 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
782 TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8,
783 TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8,
784 TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8,
789 TLS1_2_VERSION, TLS1_2_VERSION,
790 DTLS1_2_VERSION, DTLS1_2_VERSION,
791 SSL_NOT_DEFAULT | SSL_HIGH,
792 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
798 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM,
799 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM,
800 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM,
805 TLS1_2_VERSION, TLS1_2_VERSION,
806 DTLS1_2_VERSION, DTLS1_2_VERSION,
807 SSL_NOT_DEFAULT | SSL_HIGH,
808 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
814 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM,
815 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM,
816 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM,
821 TLS1_2_VERSION, TLS1_2_VERSION,
822 DTLS1_2_VERSION, DTLS1_2_VERSION,
823 SSL_NOT_DEFAULT | SSL_HIGH,
824 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
830 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8,
831 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8,
832 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8,
837 TLS1_2_VERSION, TLS1_2_VERSION,
838 DTLS1_2_VERSION, DTLS1_2_VERSION,
839 SSL_NOT_DEFAULT | SSL_HIGH,
840 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
846 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8,
847 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8,
848 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8,
853 TLS1_2_VERSION, TLS1_2_VERSION,
854 DTLS1_2_VERSION, DTLS1_2_VERSION,
855 SSL_NOT_DEFAULT | SSL_HIGH,
856 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
862 TLS1_3_TXT_AES_128_GCM_SHA256,
863 TLS1_3_RFC_AES_128_GCM_SHA256,
864 TLS1_3_CK_AES_128_GCM_SHA256,
868 TLS1_3_VERSION, TLS1_3_VERSION,
872 SSL_HANDSHAKE_MAC_SHA256,
878 TLS1_3_TXT_AES_256_GCM_SHA384,
879 TLS1_3_RFC_AES_256_GCM_SHA384,
880 TLS1_3_CK_AES_256_GCM_SHA384,
885 TLS1_3_VERSION, TLS1_3_VERSION,
888 SSL_HANDSHAKE_MAC_SHA384,
892 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
895 TLS1_3_TXT_CHACHA20_POLY1305_SHA256,
896 TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
897 TLS1_3_CK_CHACHA20_POLY1305_SHA256,
900 SSL_CHACHA20POLY1305,
902 TLS1_3_VERSION, TLS1_3_VERSION,
905 SSL_HANDSHAKE_MAC_SHA256,
912 TLS1_3_TXT_AES_128_CCM_SHA256,
913 TLS1_3_RFC_AES_128_CCM_SHA256,
914 TLS1_3_CK_AES_128_CCM_SHA256,
919 TLS1_3_VERSION, TLS1_3_VERSION,
921 SSL_NOT_DEFAULT | SSL_HIGH,
922 SSL_HANDSHAKE_MAC_SHA256,
928 TLS1_3_TXT_AES_128_CCM_8_SHA256,
929 TLS1_3_RFC_AES_128_CCM_8_SHA256,
930 TLS1_3_CK_AES_128_CCM_8_SHA256,
935 TLS1_3_VERSION, TLS1_3_VERSION,
937 SSL_NOT_DEFAULT | SSL_HIGH,
938 SSL_HANDSHAKE_MAC_SHA256,
943 #ifndef OPENSSL_NO_EC
946 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
947 TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA,
948 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
953 TLS1_VERSION, TLS1_2_VERSION,
954 DTLS1_BAD_VER, DTLS1_2_VERSION,
955 SSL_STRONG_NONE | SSL_FIPS,
956 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
960 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
963 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
964 TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
965 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
970 TLS1_VERSION, TLS1_2_VERSION,
971 DTLS1_BAD_VER, DTLS1_2_VERSION,
972 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
973 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
980 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
981 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
982 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
987 TLS1_VERSION, TLS1_2_VERSION,
988 DTLS1_BAD_VER, DTLS1_2_VERSION,
990 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
996 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
997 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
998 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1003 TLS1_VERSION, TLS1_2_VERSION,
1004 DTLS1_BAD_VER, DTLS1_2_VERSION,
1005 SSL_HIGH | SSL_FIPS,
1006 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1012 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1013 TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA,
1014 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1019 TLS1_VERSION, TLS1_2_VERSION,
1020 DTLS1_BAD_VER, DTLS1_2_VERSION,
1021 SSL_STRONG_NONE | SSL_FIPS,
1022 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1026 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1029 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1030 TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1031 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1036 TLS1_VERSION, TLS1_2_VERSION,
1037 DTLS1_BAD_VER, DTLS1_2_VERSION,
1038 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1039 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1046 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1047 TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1048 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1053 TLS1_VERSION, TLS1_2_VERSION,
1054 DTLS1_BAD_VER, DTLS1_2_VERSION,
1055 SSL_HIGH | SSL_FIPS,
1056 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1062 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1063 TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1064 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1069 TLS1_VERSION, TLS1_2_VERSION,
1070 DTLS1_BAD_VER, DTLS1_2_VERSION,
1071 SSL_HIGH | SSL_FIPS,
1072 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1078 TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1079 TLS1_RFC_ECDH_anon_WITH_NULL_SHA,
1080 TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1085 TLS1_VERSION, TLS1_2_VERSION,
1086 DTLS1_BAD_VER, DTLS1_2_VERSION,
1087 SSL_STRONG_NONE | SSL_FIPS,
1088 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1092 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1095 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1096 TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA,
1097 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1102 TLS1_VERSION, TLS1_2_VERSION,
1103 DTLS1_BAD_VER, DTLS1_2_VERSION,
1104 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1105 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1112 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1113 TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA,
1114 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1119 TLS1_VERSION, TLS1_2_VERSION,
1120 DTLS1_BAD_VER, DTLS1_2_VERSION,
1121 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1122 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1128 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1129 TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA,
1130 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1135 TLS1_VERSION, TLS1_2_VERSION,
1136 DTLS1_BAD_VER, DTLS1_2_VERSION,
1137 SSL_NOT_DEFAULT | SSL_HIGH | SSL_FIPS,
1138 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1144 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1145 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256,
1146 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1151 TLS1_2_VERSION, TLS1_2_VERSION,
1152 DTLS1_2_VERSION, DTLS1_2_VERSION,
1153 SSL_HIGH | SSL_FIPS,
1154 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1160 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1161 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384,
1162 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1167 TLS1_2_VERSION, TLS1_2_VERSION,
1168 DTLS1_2_VERSION, DTLS1_2_VERSION,
1169 SSL_HIGH | SSL_FIPS,
1170 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1176 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1177 TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256,
1178 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1183 TLS1_2_VERSION, TLS1_2_VERSION,
1184 DTLS1_2_VERSION, DTLS1_2_VERSION,
1185 SSL_HIGH | SSL_FIPS,
1186 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1192 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
1193 TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384,
1194 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
1199 TLS1_2_VERSION, TLS1_2_VERSION,
1200 DTLS1_2_VERSION, DTLS1_2_VERSION,
1201 SSL_HIGH | SSL_FIPS,
1202 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1208 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1209 TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1210 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
1215 TLS1_2_VERSION, TLS1_2_VERSION,
1216 DTLS1_2_VERSION, DTLS1_2_VERSION,
1217 SSL_HIGH | SSL_FIPS,
1218 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1224 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1225 TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1226 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
1231 TLS1_2_VERSION, TLS1_2_VERSION,
1232 DTLS1_2_VERSION, DTLS1_2_VERSION,
1233 SSL_HIGH | SSL_FIPS,
1234 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1240 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1241 TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1242 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
1247 TLS1_2_VERSION, TLS1_2_VERSION,
1248 DTLS1_2_VERSION, DTLS1_2_VERSION,
1249 SSL_HIGH | SSL_FIPS,
1250 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1256 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1257 TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1258 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
1263 TLS1_2_VERSION, TLS1_2_VERSION,
1264 DTLS1_2_VERSION, DTLS1_2_VERSION,
1265 SSL_HIGH | SSL_FIPS,
1266 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1270 #endif /* OPENSSL_NO_EC */
1272 #ifndef OPENSSL_NO_PSK
1275 TLS1_TXT_PSK_WITH_NULL_SHA,
1276 TLS1_RFC_PSK_WITH_NULL_SHA,
1277 TLS1_CK_PSK_WITH_NULL_SHA,
1282 SSL3_VERSION, TLS1_2_VERSION,
1283 DTLS1_BAD_VER, DTLS1_2_VERSION,
1284 SSL_STRONG_NONE | SSL_FIPS,
1285 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1291 TLS1_TXT_DHE_PSK_WITH_NULL_SHA,
1292 TLS1_RFC_DHE_PSK_WITH_NULL_SHA,
1293 TLS1_CK_DHE_PSK_WITH_NULL_SHA,
1298 SSL3_VERSION, TLS1_2_VERSION,
1299 DTLS1_BAD_VER, DTLS1_2_VERSION,
1300 SSL_STRONG_NONE | SSL_FIPS,
1301 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1307 TLS1_TXT_RSA_PSK_WITH_NULL_SHA,
1308 TLS1_RFC_RSA_PSK_WITH_NULL_SHA,
1309 TLS1_CK_RSA_PSK_WITH_NULL_SHA,
1314 SSL3_VERSION, TLS1_2_VERSION,
1315 DTLS1_BAD_VER, DTLS1_2_VERSION,
1316 SSL_STRONG_NONE | SSL_FIPS,
1317 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1321 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1324 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1325 TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA,
1326 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1331 SSL3_VERSION, TLS1_2_VERSION,
1332 DTLS1_BAD_VER, DTLS1_2_VERSION,
1333 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1334 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1341 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1342 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA,
1343 TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1348 SSL3_VERSION, TLS1_2_VERSION,
1349 DTLS1_BAD_VER, DTLS1_2_VERSION,
1350 SSL_HIGH | SSL_FIPS,
1351 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1357 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1358 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA,
1359 TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1364 SSL3_VERSION, TLS1_2_VERSION,
1365 DTLS1_BAD_VER, DTLS1_2_VERSION,
1366 SSL_HIGH | SSL_FIPS,
1367 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1371 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1374 TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1375 TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1376 TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
1381 SSL3_VERSION, TLS1_2_VERSION,
1382 DTLS1_BAD_VER, DTLS1_2_VERSION,
1383 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1384 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1391 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
1392 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA,
1393 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
1398 SSL3_VERSION, TLS1_2_VERSION,
1399 DTLS1_BAD_VER, DTLS1_2_VERSION,
1400 SSL_HIGH | SSL_FIPS,
1401 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1407 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
1408 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA,
1409 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
1414 SSL3_VERSION, TLS1_2_VERSION,
1415 DTLS1_BAD_VER, DTLS1_2_VERSION,
1416 SSL_HIGH | SSL_FIPS,
1417 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1421 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1424 TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1425 TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1426 TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
1431 SSL3_VERSION, TLS1_2_VERSION,
1432 DTLS1_BAD_VER, DTLS1_2_VERSION,
1433 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1434 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1441 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
1442 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA,
1443 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
1448 SSL3_VERSION, TLS1_2_VERSION,
1449 DTLS1_BAD_VER, DTLS1_2_VERSION,
1450 SSL_HIGH | SSL_FIPS,
1451 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1457 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
1458 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA,
1459 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
1464 SSL3_VERSION, TLS1_2_VERSION,
1465 DTLS1_BAD_VER, DTLS1_2_VERSION,
1466 SSL_HIGH | SSL_FIPS,
1467 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1473 TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256,
1474 TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256,
1475 TLS1_CK_PSK_WITH_AES_128_GCM_SHA256,
1480 TLS1_2_VERSION, TLS1_2_VERSION,
1481 DTLS1_2_VERSION, DTLS1_2_VERSION,
1482 SSL_HIGH | SSL_FIPS,
1483 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1489 TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384,
1490 TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384,
1491 TLS1_CK_PSK_WITH_AES_256_GCM_SHA384,
1496 TLS1_2_VERSION, TLS1_2_VERSION,
1497 DTLS1_2_VERSION, DTLS1_2_VERSION,
1498 SSL_HIGH | SSL_FIPS,
1499 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1505 TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
1506 TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256,
1507 TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
1512 TLS1_2_VERSION, TLS1_2_VERSION,
1513 DTLS1_2_VERSION, DTLS1_2_VERSION,
1514 SSL_HIGH | SSL_FIPS,
1515 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1521 TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
1522 TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384,
1523 TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
1528 TLS1_2_VERSION, TLS1_2_VERSION,
1529 DTLS1_2_VERSION, DTLS1_2_VERSION,
1530 SSL_HIGH | SSL_FIPS,
1531 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1537 TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
1538 TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256,
1539 TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
1544 TLS1_2_VERSION, TLS1_2_VERSION,
1545 DTLS1_2_VERSION, DTLS1_2_VERSION,
1546 SSL_HIGH | SSL_FIPS,
1547 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
1553 TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
1554 TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384,
1555 TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
1560 TLS1_2_VERSION, TLS1_2_VERSION,
1561 DTLS1_2_VERSION, DTLS1_2_VERSION,
1562 SSL_HIGH | SSL_FIPS,
1563 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1569 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
1570 TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256,
1571 TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
1576 TLS1_VERSION, TLS1_2_VERSION,
1577 DTLS1_BAD_VER, DTLS1_2_VERSION,
1578 SSL_HIGH | SSL_FIPS,
1579 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1585 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
1586 TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384,
1587 TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
1592 TLS1_VERSION, TLS1_2_VERSION,
1593 DTLS1_BAD_VER, DTLS1_2_VERSION,
1594 SSL_HIGH | SSL_FIPS,
1595 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1601 TLS1_TXT_PSK_WITH_NULL_SHA256,
1602 TLS1_RFC_PSK_WITH_NULL_SHA256,
1603 TLS1_CK_PSK_WITH_NULL_SHA256,
1608 TLS1_VERSION, TLS1_2_VERSION,
1609 DTLS1_BAD_VER, DTLS1_2_VERSION,
1610 SSL_STRONG_NONE | SSL_FIPS,
1611 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1617 TLS1_TXT_PSK_WITH_NULL_SHA384,
1618 TLS1_RFC_PSK_WITH_NULL_SHA384,
1619 TLS1_CK_PSK_WITH_NULL_SHA384,
1624 TLS1_VERSION, TLS1_2_VERSION,
1625 DTLS1_BAD_VER, DTLS1_2_VERSION,
1626 SSL_STRONG_NONE | SSL_FIPS,
1627 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1633 TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
1634 TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256,
1635 TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
1640 TLS1_VERSION, TLS1_2_VERSION,
1641 DTLS1_BAD_VER, DTLS1_2_VERSION,
1642 SSL_HIGH | SSL_FIPS,
1643 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1649 TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
1650 TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384,
1651 TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
1656 TLS1_VERSION, TLS1_2_VERSION,
1657 DTLS1_BAD_VER, DTLS1_2_VERSION,
1658 SSL_HIGH | SSL_FIPS,
1659 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1665 TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
1666 TLS1_RFC_DHE_PSK_WITH_NULL_SHA256,
1667 TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
1672 TLS1_VERSION, TLS1_2_VERSION,
1673 DTLS1_BAD_VER, DTLS1_2_VERSION,
1674 SSL_STRONG_NONE | SSL_FIPS,
1675 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1681 TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
1682 TLS1_RFC_DHE_PSK_WITH_NULL_SHA384,
1683 TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
1688 TLS1_VERSION, TLS1_2_VERSION,
1689 DTLS1_BAD_VER, DTLS1_2_VERSION,
1690 SSL_STRONG_NONE | SSL_FIPS,
1691 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1697 TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
1698 TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256,
1699 TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
1704 TLS1_VERSION, TLS1_2_VERSION,
1705 DTLS1_BAD_VER, DTLS1_2_VERSION,
1706 SSL_HIGH | SSL_FIPS,
1707 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1713 TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
1714 TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384,
1715 TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
1720 TLS1_VERSION, TLS1_2_VERSION,
1721 DTLS1_BAD_VER, DTLS1_2_VERSION,
1722 SSL_HIGH | SSL_FIPS,
1723 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1729 TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
1730 TLS1_RFC_RSA_PSK_WITH_NULL_SHA256,
1731 TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
1736 TLS1_VERSION, TLS1_2_VERSION,
1737 DTLS1_BAD_VER, DTLS1_2_VERSION,
1738 SSL_STRONG_NONE | SSL_FIPS,
1739 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1745 TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
1746 TLS1_RFC_RSA_PSK_WITH_NULL_SHA384,
1747 TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
1752 TLS1_VERSION, TLS1_2_VERSION,
1753 DTLS1_BAD_VER, DTLS1_2_VERSION,
1754 SSL_STRONG_NONE | SSL_FIPS,
1755 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1759 # ifndef OPENSSL_NO_EC
1760 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1763 TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1764 TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1765 TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
1770 TLS1_VERSION, TLS1_2_VERSION,
1771 DTLS1_BAD_VER, DTLS1_2_VERSION,
1772 SSL_NOT_DEFAULT | SSL_MEDIUM | SSL_FIPS,
1773 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1780 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1781 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1782 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
1787 TLS1_VERSION, TLS1_2_VERSION,
1788 DTLS1_BAD_VER, DTLS1_2_VERSION,
1789 SSL_HIGH | SSL_FIPS,
1790 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1796 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1797 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1798 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
1803 TLS1_VERSION, TLS1_2_VERSION,
1804 DTLS1_BAD_VER, DTLS1_2_VERSION,
1805 SSL_HIGH | SSL_FIPS,
1806 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1812 TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1813 TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1814 TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
1819 TLS1_VERSION, TLS1_2_VERSION,
1820 DTLS1_BAD_VER, DTLS1_2_VERSION,
1821 SSL_HIGH | SSL_FIPS,
1822 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1828 TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1829 TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1830 TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
1835 TLS1_VERSION, TLS1_2_VERSION,
1836 DTLS1_BAD_VER, DTLS1_2_VERSION,
1837 SSL_HIGH | SSL_FIPS,
1838 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1844 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
1845 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA,
1846 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
1851 TLS1_VERSION, TLS1_2_VERSION,
1852 DTLS1_BAD_VER, DTLS1_2_VERSION,
1853 SSL_STRONG_NONE | SSL_FIPS,
1854 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1860 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
1861 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256,
1862 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
1867 TLS1_VERSION, TLS1_2_VERSION,
1868 DTLS1_BAD_VER, DTLS1_2_VERSION,
1869 SSL_STRONG_NONE | SSL_FIPS,
1870 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1876 TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
1877 TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384,
1878 TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
1883 TLS1_VERSION, TLS1_2_VERSION,
1884 DTLS1_BAD_VER, DTLS1_2_VERSION,
1885 SSL_STRONG_NONE | SSL_FIPS,
1886 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
1890 # endif /* OPENSSL_NO_EC */
1891 #endif /* OPENSSL_NO_PSK */
1893 #ifndef OPENSSL_NO_SRP
1894 # ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
1897 TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1898 TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1899 TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
1904 SSL3_VERSION, TLS1_2_VERSION,
1905 DTLS1_BAD_VER, DTLS1_2_VERSION,
1906 SSL_NOT_DEFAULT | SSL_MEDIUM,
1907 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1913 TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1914 TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1915 TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
1920 SSL3_VERSION, TLS1_2_VERSION,
1921 DTLS1_BAD_VER, DTLS1_2_VERSION,
1922 SSL_NOT_DEFAULT | SSL_MEDIUM,
1923 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1929 TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1930 TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1931 TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
1936 SSL3_VERSION, TLS1_2_VERSION,
1937 DTLS1_BAD_VER, DTLS1_2_VERSION,
1938 SSL_NOT_DEFAULT | SSL_MEDIUM,
1939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1946 TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
1947 TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA,
1948 TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
1953 SSL3_VERSION, TLS1_2_VERSION,
1954 DTLS1_BAD_VER, DTLS1_2_VERSION,
1956 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1962 TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1963 TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1964 TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
1969 SSL3_VERSION, TLS1_2_VERSION,
1970 DTLS1_BAD_VER, DTLS1_2_VERSION,
1972 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1978 TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1979 TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1980 TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
1985 SSL3_VERSION, TLS1_2_VERSION,
1986 DTLS1_BAD_VER, DTLS1_2_VERSION,
1987 SSL_NOT_DEFAULT | SSL_HIGH,
1988 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
1994 TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
1995 TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA,
1996 TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2001 SSL3_VERSION, TLS1_2_VERSION,
2002 DTLS1_BAD_VER, DTLS1_2_VERSION,
2004 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2010 TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2011 TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2012 TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2017 SSL3_VERSION, TLS1_2_VERSION,
2018 DTLS1_BAD_VER, DTLS1_2_VERSION,
2020 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2026 TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2027 TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2028 TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2033 SSL3_VERSION, TLS1_2_VERSION,
2034 DTLS1_BAD_VER, DTLS1_2_VERSION,
2035 SSL_NOT_DEFAULT | SSL_HIGH,
2036 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2040 #endif /* OPENSSL_NO_SRP */
2042 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
2043 # ifndef OPENSSL_NO_RSA
2046 TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
2047 TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305,
2048 TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305,
2051 SSL_CHACHA20POLY1305,
2053 TLS1_2_VERSION, TLS1_2_VERSION,
2054 DTLS1_2_VERSION, DTLS1_2_VERSION,
2056 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2060 # endif /* OPENSSL_NO_RSA */
2062 # ifndef OPENSSL_NO_EC
2065 TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2066 TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2067 TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
2070 SSL_CHACHA20POLY1305,
2072 TLS1_2_VERSION, TLS1_2_VERSION,
2073 DTLS1_2_VERSION, DTLS1_2_VERSION,
2075 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2081 TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2082 TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2083 TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
2086 SSL_CHACHA20POLY1305,
2088 TLS1_2_VERSION, TLS1_2_VERSION,
2089 DTLS1_2_VERSION, DTLS1_2_VERSION,
2091 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2095 # endif /* OPENSSL_NO_EC */
2097 # ifndef OPENSSL_NO_PSK
2100 TLS1_TXT_PSK_WITH_CHACHA20_POLY1305,
2101 TLS1_RFC_PSK_WITH_CHACHA20_POLY1305,
2102 TLS1_CK_PSK_WITH_CHACHA20_POLY1305,
2105 SSL_CHACHA20POLY1305,
2107 TLS1_2_VERSION, TLS1_2_VERSION,
2108 DTLS1_2_VERSION, DTLS1_2_VERSION,
2110 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2116 TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2117 TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2118 TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305,
2121 SSL_CHACHA20POLY1305,
2123 TLS1_2_VERSION, TLS1_2_VERSION,
2124 DTLS1_2_VERSION, DTLS1_2_VERSION,
2126 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2132 TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305,
2133 TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305,
2134 TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305,
2137 SSL_CHACHA20POLY1305,
2139 TLS1_2_VERSION, TLS1_2_VERSION,
2140 DTLS1_2_VERSION, DTLS1_2_VERSION,
2142 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2148 TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305,
2149 TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305,
2150 TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305,
2153 SSL_CHACHA20POLY1305,
2155 TLS1_2_VERSION, TLS1_2_VERSION,
2156 DTLS1_2_VERSION, DTLS1_2_VERSION,
2158 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2162 # endif /* OPENSSL_NO_PSK */
2163 #endif /* !defined(OPENSSL_NO_CHACHA) &&
2164 * !defined(OPENSSL_NO_POLY1305) */
2166 #ifndef OPENSSL_NO_CAMELLIA
2169 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2170 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2171 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2176 TLS1_2_VERSION, TLS1_2_VERSION,
2177 DTLS1_2_VERSION, DTLS1_2_VERSION,
2178 SSL_NOT_DEFAULT | SSL_HIGH,
2179 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2185 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2186 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2187 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
2192 TLS1_2_VERSION, TLS1_2_VERSION,
2193 DTLS1_2_VERSION, DTLS1_2_VERSION,
2194 SSL_NOT_DEFAULT | SSL_HIGH,
2195 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2201 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2202 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2203 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2208 TLS1_2_VERSION, TLS1_2_VERSION,
2209 DTLS1_2_VERSION, DTLS1_2_VERSION,
2210 SSL_NOT_DEFAULT | SSL_HIGH,
2211 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2217 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2218 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2219 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
2224 TLS1_2_VERSION, TLS1_2_VERSION,
2225 DTLS1_2_VERSION, DTLS1_2_VERSION,
2226 SSL_NOT_DEFAULT | SSL_HIGH,
2227 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2233 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2234 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2235 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2240 TLS1_2_VERSION, TLS1_2_VERSION,
2241 DTLS1_2_VERSION, DTLS1_2_VERSION,
2242 SSL_NOT_DEFAULT | SSL_HIGH,
2243 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2249 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2250 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2251 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
2256 TLS1_2_VERSION, TLS1_2_VERSION,
2257 DTLS1_2_VERSION, DTLS1_2_VERSION,
2258 SSL_NOT_DEFAULT | SSL_HIGH,
2259 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2265 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2266 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2267 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
2272 TLS1_2_VERSION, TLS1_2_VERSION,
2273 DTLS1_2_VERSION, DTLS1_2_VERSION,
2274 SSL_NOT_DEFAULT | SSL_HIGH,
2275 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2281 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2282 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2283 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
2288 TLS1_2_VERSION, TLS1_2_VERSION,
2289 DTLS1_2_VERSION, DTLS1_2_VERSION,
2290 SSL_NOT_DEFAULT | SSL_HIGH,
2291 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2297 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
2298 TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA,
2299 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
2304 SSL3_VERSION, TLS1_2_VERSION,
2305 DTLS1_BAD_VER, DTLS1_2_VERSION,
2306 SSL_NOT_DEFAULT | SSL_HIGH,
2307 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2313 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2314 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2315 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
2320 SSL3_VERSION, TLS1_2_VERSION,
2321 DTLS1_BAD_VER, DTLS1_2_VERSION,
2322 SSL_NOT_DEFAULT | SSL_HIGH,
2323 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2329 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2330 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2331 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
2336 SSL3_VERSION, TLS1_2_VERSION,
2337 DTLS1_BAD_VER, DTLS1_2_VERSION,
2338 SSL_NOT_DEFAULT | SSL_HIGH,
2339 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2345 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
2346 TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA,
2347 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
2352 SSL3_VERSION, TLS1_2_VERSION,
2353 DTLS1_BAD_VER, DTLS1_2_VERSION,
2354 SSL_NOT_DEFAULT | SSL_HIGH,
2355 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2361 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
2362 TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA,
2363 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
2368 SSL3_VERSION, TLS1_2_VERSION,
2369 DTLS1_BAD_VER, DTLS1_2_VERSION,
2370 SSL_NOT_DEFAULT | SSL_HIGH,
2371 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2377 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2378 TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2379 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
2384 SSL3_VERSION, TLS1_2_VERSION,
2385 DTLS1_BAD_VER, DTLS1_2_VERSION,
2386 SSL_NOT_DEFAULT | SSL_HIGH,
2387 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2393 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2394 TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2395 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
2400 SSL3_VERSION, TLS1_2_VERSION,
2401 DTLS1_BAD_VER, DTLS1_2_VERSION,
2402 SSL_NOT_DEFAULT | SSL_HIGH,
2403 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2409 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
2410 TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA,
2411 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
2416 SSL3_VERSION, TLS1_2_VERSION,
2417 DTLS1_BAD_VER, DTLS1_2_VERSION,
2418 SSL_NOT_DEFAULT | SSL_HIGH,
2419 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2424 # ifndef OPENSSL_NO_EC
2427 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2428 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2429 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
2434 TLS1_2_VERSION, TLS1_2_VERSION,
2435 DTLS1_2_VERSION, DTLS1_2_VERSION,
2436 SSL_NOT_DEFAULT | SSL_HIGH,
2437 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2443 TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2444 TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2445 TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
2450 TLS1_2_VERSION, TLS1_2_VERSION,
2451 DTLS1_2_VERSION, DTLS1_2_VERSION,
2452 SSL_NOT_DEFAULT | SSL_HIGH,
2453 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2459 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2460 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2461 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
2466 TLS1_2_VERSION, TLS1_2_VERSION,
2467 DTLS1_2_VERSION, DTLS1_2_VERSION,
2468 SSL_NOT_DEFAULT | SSL_HIGH,
2469 SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
2475 TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2476 TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2477 TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
2482 TLS1_2_VERSION, TLS1_2_VERSION,
2483 DTLS1_2_VERSION, DTLS1_2_VERSION,
2484 SSL_NOT_DEFAULT | SSL_HIGH,
2485 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2489 # endif /* OPENSSL_NO_EC */
2491 # ifndef OPENSSL_NO_PSK
2494 TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2495 TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2496 TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2501 TLS1_VERSION, TLS1_2_VERSION,
2502 DTLS1_BAD_VER, DTLS1_2_VERSION,
2503 SSL_NOT_DEFAULT | SSL_HIGH,
2504 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2510 TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2511 TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2512 TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2517 TLS1_VERSION, TLS1_2_VERSION,
2518 DTLS1_BAD_VER, DTLS1_2_VERSION,
2519 SSL_NOT_DEFAULT | SSL_HIGH,
2520 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2526 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2527 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2528 TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2533 TLS1_VERSION, TLS1_2_VERSION,
2534 DTLS1_BAD_VER, DTLS1_2_VERSION,
2535 SSL_NOT_DEFAULT | SSL_HIGH,
2536 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2542 TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2543 TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2544 TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2549 TLS1_VERSION, TLS1_2_VERSION,
2550 DTLS1_BAD_VER, DTLS1_2_VERSION,
2551 SSL_NOT_DEFAULT | SSL_HIGH,
2552 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2558 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2559 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2560 TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2565 TLS1_VERSION, TLS1_2_VERSION,
2566 DTLS1_BAD_VER, DTLS1_2_VERSION,
2567 SSL_NOT_DEFAULT | SSL_HIGH,
2568 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2574 TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2575 TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2576 TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2581 TLS1_VERSION, TLS1_2_VERSION,
2582 DTLS1_BAD_VER, DTLS1_2_VERSION,
2583 SSL_NOT_DEFAULT | SSL_HIGH,
2584 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2590 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2591 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2592 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
2597 TLS1_VERSION, TLS1_2_VERSION,
2598 DTLS1_BAD_VER, DTLS1_2_VERSION,
2599 SSL_NOT_DEFAULT | SSL_HIGH,
2600 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2606 TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2607 TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2608 TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
2613 TLS1_VERSION, TLS1_2_VERSION,
2614 DTLS1_BAD_VER, DTLS1_2_VERSION,
2615 SSL_NOT_DEFAULT | SSL_HIGH,
2616 SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
2620 # endif /* OPENSSL_NO_PSK */
2622 #endif /* OPENSSL_NO_CAMELLIA */
2624 #ifndef OPENSSL_NO_GOST
2627 "GOST2001-GOST89-GOST89",
2628 "TLS_GOSTR341001_WITH_28147_CNT_IMIT",
2632 SSL_eGOST2814789CNT,
2634 TLS1_VERSION, TLS1_2_VERSION,
2637 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
2643 "GOST2001-NULL-GOST94",
2644 "TLS_GOSTR341001_WITH_NULL_GOSTR3411",
2650 TLS1_VERSION, TLS1_2_VERSION,
2653 SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
2659 "GOST2012-GOST8912-GOST8912",
2663 SSL_aGOST12 | SSL_aGOST01,
2664 SSL_eGOST2814789CNT12,
2666 TLS1_VERSION, TLS1_2_VERSION,
2669 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2675 "GOST2012-NULL-GOST12",
2679 SSL_aGOST12 | SSL_aGOST01,
2682 TLS1_VERSION, TLS1_2_VERSION,
2685 SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
2689 #endif /* OPENSSL_NO_GOST */
2691 #ifndef OPENSSL_NO_IDEA
2694 SSL3_TXT_RSA_IDEA_128_SHA,
2695 SSL3_RFC_RSA_IDEA_128_SHA,
2696 SSL3_CK_RSA_IDEA_128_SHA,
2701 SSL3_VERSION, TLS1_1_VERSION,
2702 DTLS1_BAD_VER, DTLS1_VERSION,
2703 SSL_NOT_DEFAULT | SSL_MEDIUM,
2704 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2710 #ifndef OPENSSL_NO_SEED
2713 TLS1_TXT_RSA_WITH_SEED_SHA,
2714 TLS1_RFC_RSA_WITH_SEED_SHA,
2715 TLS1_CK_RSA_WITH_SEED_SHA,
2720 SSL3_VERSION, TLS1_2_VERSION,
2721 DTLS1_BAD_VER, DTLS1_2_VERSION,
2722 SSL_NOT_DEFAULT | SSL_MEDIUM,
2723 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2729 TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
2730 TLS1_RFC_DHE_DSS_WITH_SEED_SHA,
2731 TLS1_CK_DHE_DSS_WITH_SEED_SHA,
2736 SSL3_VERSION, TLS1_2_VERSION,
2737 DTLS1_BAD_VER, DTLS1_2_VERSION,
2738 SSL_NOT_DEFAULT | SSL_MEDIUM,
2739 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2745 TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
2746 TLS1_RFC_DHE_RSA_WITH_SEED_SHA,
2747 TLS1_CK_DHE_RSA_WITH_SEED_SHA,
2752 SSL3_VERSION, TLS1_2_VERSION,
2753 DTLS1_BAD_VER, DTLS1_2_VERSION,
2754 SSL_NOT_DEFAULT | SSL_MEDIUM,
2755 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2761 TLS1_TXT_ADH_WITH_SEED_SHA,
2762 TLS1_RFC_ADH_WITH_SEED_SHA,
2763 TLS1_CK_ADH_WITH_SEED_SHA,
2768 SSL3_VERSION, TLS1_2_VERSION,
2769 DTLS1_BAD_VER, DTLS1_2_VERSION,
2770 SSL_NOT_DEFAULT | SSL_MEDIUM,
2771 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2775 #endif /* OPENSSL_NO_SEED */
2777 #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
2780 SSL3_TXT_RSA_RC4_128_MD5,
2781 SSL3_RFC_RSA_RC4_128_MD5,
2782 SSL3_CK_RSA_RC4_128_MD5,
2787 SSL3_VERSION, TLS1_2_VERSION,
2789 SSL_NOT_DEFAULT | SSL_MEDIUM,
2790 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2796 SSL3_TXT_RSA_RC4_128_SHA,
2797 SSL3_RFC_RSA_RC4_128_SHA,
2798 SSL3_CK_RSA_RC4_128_SHA,
2803 SSL3_VERSION, TLS1_2_VERSION,
2805 SSL_NOT_DEFAULT | SSL_MEDIUM,
2806 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2812 SSL3_TXT_ADH_RC4_128_MD5,
2813 SSL3_RFC_ADH_RC4_128_MD5,
2814 SSL3_CK_ADH_RC4_128_MD5,
2819 SSL3_VERSION, TLS1_2_VERSION,
2821 SSL_NOT_DEFAULT | SSL_MEDIUM,
2822 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2827 # ifndef OPENSSL_NO_EC
2830 TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
2831 TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA,
2832 TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
2837 TLS1_VERSION, TLS1_2_VERSION,
2839 SSL_NOT_DEFAULT | SSL_MEDIUM,
2840 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2846 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2847 TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA,
2848 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2853 TLS1_VERSION, TLS1_2_VERSION,
2855 SSL_NOT_DEFAULT | SSL_MEDIUM,
2856 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2862 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2863 TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA,
2864 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2869 TLS1_VERSION, TLS1_2_VERSION,
2871 SSL_NOT_DEFAULT | SSL_MEDIUM,
2872 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2878 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2879 TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA,
2880 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2885 TLS1_VERSION, TLS1_2_VERSION,
2887 SSL_NOT_DEFAULT | SSL_MEDIUM,
2888 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2892 # endif /* OPENSSL_NO_EC */
2894 # ifndef OPENSSL_NO_PSK
2897 TLS1_TXT_PSK_WITH_RC4_128_SHA,
2898 TLS1_RFC_PSK_WITH_RC4_128_SHA,
2899 TLS1_CK_PSK_WITH_RC4_128_SHA,
2904 SSL3_VERSION, TLS1_2_VERSION,
2906 SSL_NOT_DEFAULT | SSL_MEDIUM,
2907 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2913 TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
2914 TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA,
2915 TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
2920 SSL3_VERSION, TLS1_2_VERSION,
2922 SSL_NOT_DEFAULT | SSL_MEDIUM,
2923 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2929 TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
2930 TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA,
2931 TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
2936 SSL3_VERSION, TLS1_2_VERSION,
2938 SSL_NOT_DEFAULT | SSL_MEDIUM,
2939 SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
2943 # endif /* OPENSSL_NO_PSK */
2945 #endif /* OPENSSL_NO_WEAK_SSL_CIPHERS */
2950 * The list of known Signalling Cipher-Suite Value "ciphers", non-valid
2951 * values stuffed into the ciphers field of the wire protocol for signalling
2954 static SSL_CIPHER ssl3_scsvs[] = {
2957 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
2958 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
2960 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
2964 "TLS_FALLBACK_SCSV",
2965 "TLS_FALLBACK_SCSV",
2966 SSL3_CK_FALLBACK_SCSV,
2967 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
2971 static int cipher_compare(const void *a, const void *b)
2973 const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
2974 const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
2976 if (ap->id == bp->id)
2978 return ap->id < bp->id ? -1 : 1;
2981 void ssl_sort_cipher_list(void)
2983 qsort(ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof ssl3_ciphers[0],
2985 qsort(ssl3_scsvs, SSL3_NUM_SCSVS, sizeof ssl3_scsvs[0], cipher_compare);
2988 const SSL3_ENC_METHOD SSLv3_enc_data = {
2991 ssl3_setup_key_block,
2992 ssl3_generate_master_secret,
2993 ssl3_change_cipher_state,
2994 ssl3_final_finish_mac,
2995 SSL3_MD_CLIENT_FINISHED_CONST, 4,
2996 SSL3_MD_SERVER_FINISHED_CONST, 4,
2998 (int (*)(SSL *, unsigned char *, size_t, const char *,
2999 size_t, const unsigned char *, size_t,
3000 int use_context))ssl_undefined_function,
3002 ssl3_set_handshake_header,
3003 tls_close_construct_packet,
3004 ssl3_handshake_write
3007 long ssl3_default_timeout(void)
3010 * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
3011 * http, the cache would over fill
3013 return (60 * 60 * 2);
3016 int ssl3_num_ciphers(void)
3018 return (SSL3_NUM_CIPHERS);
3021 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
3023 if (u < SSL3_NUM_CIPHERS)
3024 return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
3029 int ssl3_set_handshake_header(SSL *s, WPACKET *pkt, int htype)
3031 /* No header in the event of a CCS */
3032 if (htype == SSL3_MT_CHANGE_CIPHER_SPEC)
3035 /* Set the content type and 3 bytes for the message len */
3036 if (!WPACKET_put_bytes_u8(pkt, htype)
3037 || !WPACKET_start_sub_packet_u24(pkt))
3043 int ssl3_handshake_write(SSL *s)
3045 return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
3048 int ssl3_new(SSL *s)
3052 if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
3056 #ifndef OPENSSL_NO_SRP
3057 if (!SSL_SRP_CTX_init(s))
3061 if (!s->method->ssl_clear(s))
3069 void ssl3_free(SSL *s)
3071 if (s == NULL || s->s3 == NULL)
3074 ssl3_cleanup_key_block(s);
3076 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3077 EVP_PKEY_free(s->s3->peer_tmp);
3078 s->s3->peer_tmp = NULL;
3079 EVP_PKEY_free(s->s3->tmp.pkey);
3080 s->s3->tmp.pkey = NULL;
3083 OPENSSL_free(s->s3->tmp.ctype);
3084 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3085 OPENSSL_free(s->s3->tmp.ciphers_raw);
3086 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3087 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3088 ssl3_free_digest_list(s);
3089 OPENSSL_free(s->s3->alpn_selected);
3090 OPENSSL_free(s->s3->alpn_proposed);
3092 #ifndef OPENSSL_NO_SRP
3093 SSL_SRP_CTX_free(s);
3095 OPENSSL_clear_free(s->s3, sizeof(*s->s3));
3099 int ssl3_clear(SSL *s)
3101 ssl3_cleanup_key_block(s);
3102 OPENSSL_free(s->s3->tmp.ctype);
3103 sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
3104 OPENSSL_free(s->s3->tmp.ciphers_raw);
3105 OPENSSL_clear_free(s->s3->tmp.pms, s->s3->tmp.pmslen);
3106 OPENSSL_free(s->s3->tmp.peer_sigalgs);
3108 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
3109 EVP_PKEY_free(s->s3->tmp.pkey);
3110 EVP_PKEY_free(s->s3->peer_tmp);
3111 #endif /* !OPENSSL_NO_EC */
3113 ssl3_free_digest_list(s);
3115 OPENSSL_free(s->s3->alpn_selected);
3116 OPENSSL_free(s->s3->alpn_proposed);
3118 /* NULL/zero-out everything in the s3 struct */
3119 memset(s->s3, 0, sizeof(*s->s3));
3121 if (!ssl_free_wbio_buffer(s))
3124 s->version = SSL3_VERSION;
3126 #if !defined(OPENSSL_NO_NEXTPROTONEG)
3127 OPENSSL_free(s->ext.npn);
3135 #ifndef OPENSSL_NO_SRP
3136 static char *srp_password_from_info_cb(SSL *s, void *arg)
3138 return OPENSSL_strdup(s->srp_ctx.info);
3142 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3144 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3149 case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3151 case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3152 ret = s->s3->num_renegotiations;
3154 case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3155 ret = s->s3->num_renegotiations;
3156 s->s3->num_renegotiations = 0;
3158 case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3159 ret = s->s3->total_renegotiations;
3161 case SSL_CTRL_GET_FLAGS:
3162 ret = (int)(s->s3->flags);
3164 #ifndef OPENSSL_NO_DH
3165 case SSL_CTRL_SET_TMP_DH:
3167 DH *dh = (DH *)parg;
3168 EVP_PKEY *pkdh = NULL;
3170 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3173 pkdh = ssl_dh_to_pkey(dh);
3175 SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3178 if (!ssl_security(s, SSL_SECOP_TMP_DH,
3179 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3180 SSLerr(SSL_F_SSL3_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3181 EVP_PKEY_free(pkdh);
3184 EVP_PKEY_free(s->cert->dh_tmp);
3185 s->cert->dh_tmp = pkdh;
3189 case SSL_CTRL_SET_TMP_DH_CB:
3191 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3194 case SSL_CTRL_SET_DH_AUTO:
3195 s->cert->dh_tmp_auto = larg;
3198 #ifndef OPENSSL_NO_EC
3199 case SSL_CTRL_SET_TMP_ECDH:
3201 const EC_GROUP *group = NULL;
3205 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3208 group = EC_KEY_get0_group((const EC_KEY *)parg);
3209 if (group == NULL) {
3210 SSLerr(SSL_F_SSL3_CTRL, EC_R_MISSING_PARAMETERS);
3213 nid = EC_GROUP_get_curve_name(group);
3214 if (nid == NID_undef)
3216 return tls1_set_groups(&s->ext.supportedgroups,
3217 &s->ext.supportedgroups_len,
3221 #endif /* !OPENSSL_NO_EC */
3222 case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3223 if (larg == TLSEXT_NAMETYPE_host_name) {
3226 OPENSSL_free(s->ext.hostname);
3227 s->ext.hostname = NULL;
3232 len = strlen((char *)parg);
3233 if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
3234 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3237 if ((s->ext.hostname = OPENSSL_strdup((char *)parg)) == NULL) {
3238 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3242 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3246 case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3247 s->ext.debug_arg = parg;
3251 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3252 ret = s->ext.status_type;
3255 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3256 s->ext.status_type = larg;
3260 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3261 *(STACK_OF(X509_EXTENSION) **)parg = s->ext.ocsp.exts;
3265 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3266 s->ext.ocsp.exts = parg;
3270 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3271 *(STACK_OF(OCSP_RESPID) **)parg = s->ext.ocsp.ids;
3275 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3276 s->ext.ocsp.ids = parg;
3280 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3281 *(unsigned char **)parg = s->ext.ocsp.resp;
3282 if (s->ext.ocsp.resp_len == 0
3283 || s->ext.ocsp.resp_len > LONG_MAX)
3285 return (long)s->ext.ocsp.resp_len;
3287 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3288 OPENSSL_free(s->ext.ocsp.resp);
3289 s->ext.ocsp.resp = parg;
3290 s->ext.ocsp.resp_len = larg;
3294 #ifndef OPENSSL_NO_HEARTBEATS
3295 case SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT:
3296 case SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING:
3297 case SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS:
3301 case SSL_CTRL_CHAIN:
3303 return ssl_cert_set1_chain(s, NULL, (STACK_OF(X509) *)parg);
3305 return ssl_cert_set0_chain(s, NULL, (STACK_OF(X509) *)parg);
3307 case SSL_CTRL_CHAIN_CERT:
3309 return ssl_cert_add1_chain_cert(s, NULL, (X509 *)parg);
3311 return ssl_cert_add0_chain_cert(s, NULL, (X509 *)parg);
3313 case SSL_CTRL_GET_CHAIN_CERTS:
3314 *(STACK_OF(X509) **)parg = s->cert->key->chain;
3317 case SSL_CTRL_SELECT_CURRENT_CERT:
3318 return ssl_cert_select_current(s->cert, (X509 *)parg);
3320 case SSL_CTRL_SET_CURRENT_CERT:
3321 if (larg == SSL_CERT_SET_SERVER) {
3322 const SSL_CIPHER *cipher;
3325 cipher = s->s3->tmp.new_cipher;
3329 * No certificate for unauthenticated ciphersuites or using SRP
3332 if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
3334 if (s->s3->tmp.cert == NULL)
3336 s->cert->key = s->s3->tmp.cert;
3339 return ssl_cert_set_current(s->cert, larg);
3341 #ifndef OPENSSL_NO_EC
3342 case SSL_CTRL_GET_GROUPS:
3344 unsigned char *clist;
3349 clist = s->session->ext.supportedgroups;
3350 clistlen = s->session->ext.supportedgroups_len / 2;
3354 unsigned int cid, nid;
3355 for (i = 0; i < clistlen; i++) {
3357 /* TODO(TLS1.3): Handle DH groups here */
3358 nid = tls1_ec_curve_id2nid(cid, NULL);
3362 cptr[i] = TLSEXT_nid_unknown | cid;
3365 return (int)clistlen;
3368 case SSL_CTRL_SET_GROUPS:
3369 return tls1_set_groups(&s->ext.supportedgroups,
3370 &s->ext.supportedgroups_len, parg, larg);
3372 case SSL_CTRL_SET_GROUPS_LIST:
3373 return tls1_set_groups_list(&s->ext.supportedgroups,
3374 &s->ext.supportedgroups_len, parg);
3376 case SSL_CTRL_GET_SHARED_GROUP:
3377 return tls1_shared_group(s, larg);
3380 case SSL_CTRL_SET_SIGALGS:
3381 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3383 case SSL_CTRL_SET_SIGALGS_LIST:
3384 return tls1_set_sigalgs_list(s->cert, parg, 0);
3386 case SSL_CTRL_SET_CLIENT_SIGALGS:
3387 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3389 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3390 return tls1_set_sigalgs_list(s->cert, parg, 1);
3392 case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3394 const unsigned char **pctype = parg;
3395 if (s->server || !s->s3->tmp.cert_req)
3398 *pctype = s->s3->tmp.ctype;
3399 return s->s3->tmp.ctype_len;
3402 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3405 return ssl3_set_req_cert_type(s->cert, parg, larg);
3407 case SSL_CTRL_BUILD_CERT_CHAIN:
3408 return ssl_build_cert_chain(s, NULL, larg);
3410 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3411 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3413 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3414 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3416 case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3417 if (s->s3->tmp.peer_sigalg == NULL)
3419 *(int *)parg = s->s3->tmp.peer_sigalg->hash;
3422 case SSL_CTRL_GET_SERVER_TMP_KEY:
3423 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
3424 if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
3427 EVP_PKEY_up_ref(s->s3->peer_tmp);
3428 *(EVP_PKEY **)parg = s->s3->peer_tmp;
3434 #ifndef OPENSSL_NO_EC
3435 case SSL_CTRL_GET_EC_POINT_FORMATS:
3437 SSL_SESSION *sess = s->session;
3438 const unsigned char **pformat = parg;
3440 if (sess == NULL || sess->ext.ecpointformats == NULL)
3442 *pformat = sess->ext.ecpointformats;
3443 return (int)sess->ext.ecpointformats_len;
3453 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
3458 #ifndef OPENSSL_NO_DH
3459 case SSL_CTRL_SET_TMP_DH_CB:
3461 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3465 case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3466 s->ext.debug_cb = (void (*)(SSL *, int, int,
3467 const unsigned char *, int, void *))fp;
3470 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3472 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3481 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3484 #ifndef OPENSSL_NO_DH
3485 case SSL_CTRL_SET_TMP_DH:
3487 DH *dh = (DH *)parg;
3488 EVP_PKEY *pkdh = NULL;
3490 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3493 pkdh = ssl_dh_to_pkey(dh);
3495 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3498 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
3499 EVP_PKEY_security_bits(pkdh), 0, pkdh)) {
3500 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_DH_KEY_TOO_SMALL);
3501 EVP_PKEY_free(pkdh);
3504 EVP_PKEY_free(ctx->cert->dh_tmp);
3505 ctx->cert->dh_tmp = pkdh;
3508 case SSL_CTRL_SET_TMP_DH_CB:
3510 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3513 case SSL_CTRL_SET_DH_AUTO:
3514 ctx->cert->dh_tmp_auto = larg;
3517 #ifndef OPENSSL_NO_EC
3518 case SSL_CTRL_SET_TMP_ECDH:
3520 const EC_GROUP *group = NULL;
3524 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3527 group = EC_KEY_get0_group((const EC_KEY *)parg);
3528 if (group == NULL) {
3529 SSLerr(SSL_F_SSL3_CTX_CTRL, EC_R_MISSING_PARAMETERS);
3532 nid = EC_GROUP_get_curve_name(group);
3533 if (nid == NID_undef)
3535 return tls1_set_groups(&ctx->ext.supportedgroups,
3536 &ctx->ext.supportedgroups_len,
3539 #endif /* !OPENSSL_NO_EC */
3540 case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3541 ctx->ext.servername_arg = parg;
3543 case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3544 case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3546 unsigned char *keys = parg;
3547 long tick_keylen = (sizeof(ctx->ext.tick_key_name) +
3548 sizeof(ctx->ext.tick_hmac_key) +
3549 sizeof(ctx->ext.tick_aes_key));
3552 if (larg != tick_keylen) {
3553 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3556 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
3557 memcpy(ctx->ext.tick_key_name, keys,
3558 sizeof(ctx->ext.tick_key_name));
3559 memcpy(ctx->ext.tick_hmac_key,
3560 keys + sizeof(ctx->ext.tick_key_name),
3561 sizeof(ctx->ext.tick_hmac_key));
3562 memcpy(ctx->ext.tick_aes_key,
3563 keys + sizeof(ctx->ext.tick_key_name) +
3564 sizeof(ctx->ext.tick_hmac_key),
3565 sizeof(ctx->ext.tick_aes_key));
3567 memcpy(keys, ctx->ext.tick_key_name,
3568 sizeof(ctx->ext.tick_key_name));
3569 memcpy(keys + sizeof(ctx->ext.tick_key_name),
3570 ctx->ext.tick_hmac_key,
3571 sizeof(ctx->ext.tick_hmac_key));
3572 memcpy(keys + sizeof(ctx->ext.tick_key_name) +
3573 sizeof(ctx->ext.tick_hmac_key),
3574 ctx->ext.tick_aes_key,
3575 sizeof(ctx->ext.tick_aes_key));
3580 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
3581 return ctx->ext.status_type;
3583 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3584 ctx->ext.status_type = larg;
3587 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3588 ctx->ext.status_arg = parg;
3591 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
3592 *(void**)parg = ctx->ext.status_arg;
3595 case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
3596 *(int (**)(SSL*, void*))parg = ctx->ext.status_cb;
3599 #ifndef OPENSSL_NO_SRP
3600 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3601 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3602 OPENSSL_free(ctx->srp_ctx.login);
3603 ctx->srp_ctx.login = NULL;
3606 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
3607 SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3610 if ((ctx->srp_ctx.login = OPENSSL_strdup((char *)parg)) == NULL) {
3611 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3615 case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3616 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3617 srp_password_from_info_cb;
3618 if (ctx->srp_ctx.info != NULL)
3619 OPENSSL_free(ctx->srp_ctx.info);
3620 if ((ctx->srp_ctx.info = BUF_strdup((char *)parg)) == NULL) {
3621 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3625 case SSL_CTRL_SET_SRP_ARG:
3626 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3627 ctx->srp_ctx.SRP_cb_arg = parg;
3630 case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3631 ctx->srp_ctx.strength = larg;
3635 #ifndef OPENSSL_NO_EC
3636 case SSL_CTRL_SET_GROUPS:
3637 return tls1_set_groups(&ctx->ext.supportedgroups,
3638 &ctx->ext.supportedgroups_len,
3641 case SSL_CTRL_SET_GROUPS_LIST:
3642 return tls1_set_groups_list(&ctx->ext.supportedgroups,
3643 &ctx->ext.supportedgroups_len,
3646 case SSL_CTRL_SET_SIGALGS:
3647 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3649 case SSL_CTRL_SET_SIGALGS_LIST:
3650 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3652 case SSL_CTRL_SET_CLIENT_SIGALGS:
3653 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3655 case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3656 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3658 case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3659 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3661 case SSL_CTRL_BUILD_CERT_CHAIN:
3662 return ssl_build_cert_chain(NULL, ctx, larg);
3664 case SSL_CTRL_SET_VERIFY_CERT_STORE:
3665 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3667 case SSL_CTRL_SET_CHAIN_CERT_STORE:
3668 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3670 /* A Thawte special :-) */
3671 case SSL_CTRL_EXTRA_CHAIN_CERT:
3672 if (ctx->extra_certs == NULL) {
3673 if ((ctx->extra_certs = sk_X509_new_null()) == NULL) {
3674 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3678 if (!sk_X509_push(ctx->extra_certs, (X509 *)parg)) {
3679 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_MALLOC_FAILURE);
3684 case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3685 if (ctx->extra_certs == NULL && larg == 0)
3686 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3688 *(STACK_OF(X509) **)parg = ctx->extra_certs;
3691 case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3692 sk_X509_pop_free(ctx->extra_certs, X509_free);
3693 ctx->extra_certs = NULL;
3696 case SSL_CTRL_CHAIN:
3698 return ssl_cert_set1_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3700 return ssl_cert_set0_chain(NULL, ctx, (STACK_OF(X509) *)parg);
3702 case SSL_CTRL_CHAIN_CERT:
3704 return ssl_cert_add1_chain_cert(NULL, ctx, (X509 *)parg);
3706 return ssl_cert_add0_chain_cert(NULL, ctx, (X509 *)parg);
3708 case SSL_CTRL_GET_CHAIN_CERTS:
3709 *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
3712 case SSL_CTRL_SELECT_CURRENT_CERT:
3713 return ssl_cert_select_current(ctx->cert, (X509 *)parg);
3715 case SSL_CTRL_SET_CURRENT_CERT:
3716 return ssl_cert_set_current(ctx->cert, larg);
3724 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
3727 #ifndef OPENSSL_NO_DH
3728 case SSL_CTRL_SET_TMP_DH_CB:
3730 ctx->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3734 case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3735 ctx->ext.servername_cb = (int (*)(SSL *, int *, void *))fp;
3738 case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3739 ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
3742 case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3743 ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
3746 HMAC_CTX *, int))fp;
3749 #ifndef OPENSSL_NO_SRP
3750 case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3751 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3752 ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
3754 case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3755 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3756 ctx->srp_ctx.TLS_ext_srp_username_callback =
3757 (int (*)(SSL *, int *, void *))fp;
3759 case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3760 ctx->srp_ctx.srp_Mask |= SSL_kSRP;
3761 ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
3762 (char *(*)(SSL *, void *))fp;
3765 case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3767 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3776 const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
3779 const SSL_CIPHER *cp;
3782 cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3785 return OBJ_bsearch_ssl_cipher_id(&c, ssl3_scsvs, SSL3_NUM_SCSVS);
3788 const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname)
3790 SSL_CIPHER *c = NULL;
3791 SSL_CIPHER *tbl = ssl3_ciphers;
3794 /* this is not efficient, necessary to optimize this? */
3795 for (i = 0; i < SSL3_NUM_CIPHERS; i++, tbl++) {
3796 if (tbl->stdname == NULL)
3798 if (strcmp(stdname, tbl->stdname) == 0) {
3805 for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) {
3806 if (strcmp(stdname, tbl->stdname) == 0) {
3816 * This function needs to check if the ciphers required are actually
3819 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3821 return ssl3_get_cipher_by_id(SSL3_CK_CIPHERSUITE_FLAG
3822 | ((uint32_t)p[0] << 8L)
3826 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
3828 if ((c->id & 0xff000000) != SSL3_CK_CIPHERSUITE_FLAG) {
3833 if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
3841 * ssl3_choose_cipher - choose a cipher from those offered by the client
3842 * @s: SSL connection
3843 * @clnt: ciphers offered by the client
3844 * @srvr: ciphers enabled on the server?
3846 * Returns the selected cipher or NULL when no common ciphers.
3848 const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3849 STACK_OF(SSL_CIPHER) *srvr)
3851 const SSL_CIPHER *c, *ret = NULL;
3852 STACK_OF(SSL_CIPHER) *prio, *allow;
3854 unsigned long alg_k = 0, alg_a = 0, mask_k = 0, mask_a = 0;
3856 /* Let's see which ciphers we can support */
3859 * Do not set the compare functions, because this may lead to a
3860 * reordering by "id". We want to keep the original ordering. We may pay
3861 * a price in performance during sk_SSL_CIPHER_find(), but would have to
3862 * pay with the price of sk_SSL_CIPHER_dup().
3866 fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
3868 for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
3869 c = sk_SSL_CIPHER_value(srvr, i);
3870 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3872 fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
3874 for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
3875 c = sk_SSL_CIPHER_value(clnt, i);
3876 fprintf(stderr, "%p:%s\n", (void *)c, c->name);
3880 if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
3888 if (!SSL_IS_TLS13(s)) {
3889 tls1_set_cert_validity(s);
3893 for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
3894 c = sk_SSL_CIPHER_value(prio, i);
3896 /* Skip ciphers not supported by the protocol version */
3897 if (!SSL_IS_DTLS(s) &&
3898 ((s->version < c->min_tls) || (s->version > c->max_tls)))
3900 if (SSL_IS_DTLS(s) &&
3901 (DTLS_VERSION_LT(s->version, c->min_dtls) ||
3902 DTLS_VERSION_GT(s->version, c->max_dtls)))
3906 * Since TLS 1.3 ciphersuites can be used with any auth or
3907 * key exchange scheme skip tests.
3909 if (!SSL_IS_TLS13(s)) {
3910 mask_k = s->s3->tmp.mask_k;
3911 mask_a = s->s3->tmp.mask_a;
3912 #ifndef OPENSSL_NO_SRP
3913 if (s->srp_ctx.srp_Mask & SSL_kSRP) {
3919 alg_k = c->algorithm_mkey;
3920 alg_a = c->algorithm_auth;
3922 #ifndef OPENSSL_NO_PSK
3923 /* with PSK there must be server callback set */
3924 if ((alg_k & SSL_PSK) && s->psk_server_callback == NULL)
3926 #endif /* OPENSSL_NO_PSK */
3928 ok = (alg_k & mask_k) && (alg_a & mask_a);
3930 fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
3931 alg_a, mask_k, mask_a, (void *)c, c->name);
3934 #ifndef OPENSSL_NO_EC
3936 * if we are considering an ECC cipher suite that uses an ephemeral
3939 if (alg_k & SSL_kECDHE)
3940 ok = ok && tls1_check_ec_tmp_key(s, c->id);
3941 #endif /* OPENSSL_NO_EC */
3946 ii = sk_SSL_CIPHER_find(allow, c);
3948 /* Check security callback permits this cipher */
3949 if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
3950 c->strength_bits, 0, (void *)c))
3952 #if !defined(OPENSSL_NO_EC)
3953 if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
3954 && s->s3->is_probably_safari) {
3956 ret = sk_SSL_CIPHER_value(allow, ii);
3960 ret = sk_SSL_CIPHER_value(allow, ii);
3967 int ssl3_get_req_cert_type(SSL *s, WPACKET *pkt)
3969 uint32_t alg_k, alg_a = 0;
3971 /* If we have custom certificate types set, use them */
3973 return WPACKET_memcpy(pkt, s->cert->ctype, s->cert->ctype_len);
3974 /* Get mask of algorithms disabled by signature list */
3975 ssl_set_sig_mask(&alg_a, s, SSL_SECOP_SIGALG_MASK);
3977 alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
3979 #ifndef OPENSSL_NO_GOST
3980 if (s->version >= TLS1_VERSION && (alg_k & SSL_kGOST))
3981 return WPACKET_put_bytes_u8(pkt, TLS_CT_GOST01_SIGN)
3982 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_SIGN)
3983 && WPACKET_put_bytes_u8(pkt, TLS_CT_GOST12_512_SIGN);
3986 if ((s->version == SSL3_VERSION) && (alg_k & SSL_kDHE)) {
3987 #ifndef OPENSSL_NO_DH
3988 # ifndef OPENSSL_NO_RSA
3989 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_EPHEMERAL_DH))
3992 # ifndef OPENSSL_NO_DSA
3993 if (!WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_EPHEMERAL_DH))
3996 #endif /* !OPENSSL_NO_DH */
3998 #ifndef OPENSSL_NO_RSA
3999 if (!(alg_a & SSL_aRSA) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_RSA_SIGN))
4002 #ifndef OPENSSL_NO_DSA
4003 if (!(alg_a & SSL_aDSS) && !WPACKET_put_bytes_u8(pkt, SSL3_CT_DSS_SIGN))
4006 #ifndef OPENSSL_NO_EC
4008 * ECDSA certs can be used with RSA cipher suites too so we don't
4009 * need to check for SSL_kECDH or SSL_kECDHE
4011 if (s->version >= TLS1_VERSION
4012 && !(alg_a & SSL_aECDSA)
4013 && !WPACKET_put_bytes_u8(pkt, TLS_CT_ECDSA_SIGN))
4019 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4021 OPENSSL_free(c->ctype);
4024 if (p == NULL || len == 0)
4028 c->ctype = OPENSSL_memdup(p, len);
4029 if (c->ctype == NULL)
4035 int ssl3_shutdown(SSL *s)
4040 * Don't do anything much if we have not done the handshake or we don't
4041 * want to send messages :-)
4043 if (s->quiet_shutdown || SSL_in_before(s)) {
4044 s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
4048 if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
4049 s->shutdown |= SSL_SENT_SHUTDOWN;
4050 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
4052 * our shutdown alert has been sent now, and if it still needs to be
4053 * written, s->s3->alert_dispatch will be true
4055 if (s->s3->alert_dispatch)
4056 return (-1); /* return WANT_WRITE */
4057 } else if (s->s3->alert_dispatch) {
4058 /* resend it if not sent */
4059 ret = s->method->ssl_dispatch_alert(s);
4062 * we only get to return -1 here the 2nd/Nth invocation, we must
4063 * have already signalled return 0 upon a previous invocation,
4068 } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4071 * If we are waiting for a close from our peer, we are closed
4073 s->method->ssl_read_bytes(s, 0, NULL, NULL, 0, 0, &readbytes);
4074 if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
4075 return -1; /* return WANT_READ */
4079 if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
4080 !s->s3->alert_dispatch)
4086 int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written)
4089 if (s->s3->renegotiate)
4090 ssl3_renegotiate_check(s, 0);
4092 return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
4096 static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek,
4102 if (s->s3->renegotiate)
4103 ssl3_renegotiate_check(s, 0);
4104 s->s3->in_read_app_data = 1;
4106 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf, len,
4108 if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
4110 * ssl3_read_bytes decided to call s->handshake_func, which called
4111 * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
4112 * actually found application data and thinks that application data
4113 * makes sense here; so disable handshake processing and try to read
4114 * application data again.
4116 ossl_statem_set_in_handshake(s, 1);
4118 s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, NULL, buf,
4119 len, peek, readbytes);
4120 ossl_statem_set_in_handshake(s, 0);
4122 s->s3->in_read_app_data = 0;
4127 int ssl3_read(SSL *s, void *buf, size_t len, size_t *readbytes)
4129 return ssl3_read_internal(s, buf, len, 0, readbytes);
4132 int ssl3_peek(SSL *s, void *buf, size_t len, size_t *readbytes)
4134 return ssl3_read_internal(s, buf, len, 1, readbytes);
4137 int ssl3_renegotiate(SSL *s)
4139 if (s->handshake_func == NULL)
4142 s->s3->renegotiate = 1;
4147 * Check if we are waiting to do a renegotiation and if so whether now is a
4148 * good time to do it. If |initok| is true then we are being called from inside
4149 * the state machine so ignore the result of SSL_in_init(s). Otherwise we
4150 * should not do a renegotiation if SSL_in_init(s) is true. Returns 1 if we
4151 * should do a renegotiation now and sets up the state machine for it. Otherwise
4154 int ssl3_renegotiate_check(SSL *s, int initok)
4158 if (s->s3->renegotiate) {
4159 if (!RECORD_LAYER_read_pending(&s->rlayer)
4160 && !RECORD_LAYER_write_pending(&s->rlayer)
4161 && (initok || !SSL_in_init(s))) {
4163 * if we are the server, and we have sent a 'RENEGOTIATE'
4164 * message, we need to set the state machine into the renegotiate
4167 ossl_statem_set_renegotiate(s);
4168 s->s3->renegotiate = 0;
4169 s->s3->num_renegotiations++;
4170 s->s3->total_renegotiations++;
4178 * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
4179 * handshake macs if required.
4181 * If PSK and using SHA384 for TLS < 1.2 switch to default.
4183 long ssl_get_algorithm2(SSL *s)
4186 if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
4188 alg2 = s->s3->tmp.new_cipher->algorithm2;
4189 if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF) {
4190 if (alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
4191 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4192 } else if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) {
4193 if (alg2 == (SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384))
4194 return SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF;
4200 * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
4201 * failure, 1 on success.
4203 int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
4206 int send_time = 0, ret;
4211 send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
4213 send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
4215 unsigned long Time = (unsigned long)time(NULL);
4216 unsigned char *p = result;
4219 ret = ssl_randbytes(s, p, len - 4);
4221 ret = ssl_randbytes(s, result, len);
4223 #ifndef OPENSSL_NO_TLS13DOWNGRADE
4225 if (!ossl_assert(sizeof(tls11downgrade) < len)
4226 || !ossl_assert(sizeof(tls12downgrade) < len))
4228 if (dgrd == DOWNGRADE_TO_1_2)
4229 memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
4230 sizeof(tls12downgrade));
4231 else if (dgrd == DOWNGRADE_TO_1_1)
4232 memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
4233 sizeof(tls11downgrade));
4239 int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen,
4242 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4245 if (alg_k & SSL_PSK) {
4246 #ifndef OPENSSL_NO_PSK
4247 unsigned char *pskpms, *t;
4248 size_t psklen = s->s3->tmp.psklen;
4251 /* create PSK premaster_secret */
4253 /* For plain PSK "other_secret" is psklen zeroes */
4254 if (alg_k & SSL_kPSK)
4257 pskpmslen = 4 + pmslen + psklen;
4258 pskpms = OPENSSL_malloc(pskpmslen);
4263 if (alg_k & SSL_kPSK)
4264 memset(t, 0, pmslen);
4266 memcpy(t, pms, pmslen);
4269 memcpy(t, s->s3->tmp.psk, psklen);
4271 OPENSSL_clear_free(s->s3->tmp.psk, psklen);
4272 s->s3->tmp.psk = NULL;
4273 if (!s->method->ssl3_enc->generate_master_secret(s,
4274 s->session->master_key,pskpms, pskpmslen,
4275 &s->session->master_key_length))
4277 OPENSSL_clear_free(pskpms, pskpmslen);
4279 /* Should never happen */
4283 if (!s->method->ssl3_enc->generate_master_secret(s,
4284 s->session->master_key, pms, pmslen,
4285 &s->session->master_key_length))
4293 OPENSSL_clear_free(pms, pmslen);
4295 OPENSSL_cleanse(pms, pmslen);
4298 s->s3->tmp.pms = NULL;
4302 /* Generate a private key from parameters */
4303 EVP_PKEY *ssl_generate_pkey(EVP_PKEY *pm)
4305 EVP_PKEY_CTX *pctx = NULL;
4306 EVP_PKEY *pkey = NULL;
4310 pctx = EVP_PKEY_CTX_new(pm, NULL);
4313 if (EVP_PKEY_keygen_init(pctx) <= 0)
4315 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4316 EVP_PKEY_free(pkey);
4321 EVP_PKEY_CTX_free(pctx);
4324 #ifndef OPENSSL_NO_EC
4325 /* Generate a private key a curve ID */
4326 EVP_PKEY *ssl_generate_pkey_curve(int id)
4328 EVP_PKEY_CTX *pctx = NULL;
4329 EVP_PKEY *pkey = NULL;
4330 unsigned int curve_flags;
4331 int nid = tls1_ec_curve_id2nid(id, &curve_flags);
4335 if ((curve_flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {
4336 pctx = EVP_PKEY_CTX_new_id(nid, NULL);
4339 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
4343 if (EVP_PKEY_keygen_init(pctx) <= 0)
4345 if (nid != 0 && EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, nid) <= 0)
4347 if (EVP_PKEY_keygen(pctx, &pkey) <= 0) {
4348 EVP_PKEY_free(pkey);
4353 EVP_PKEY_CTX_free(pctx);
4358 /* Derive secrets for ECDH/DH */
4359 int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret)
4362 unsigned char *pms = NULL;
4366 if (privkey == NULL || pubkey == NULL)
4369 pctx = EVP_PKEY_CTX_new(privkey, NULL);
4371 if (EVP_PKEY_derive_init(pctx) <= 0
4372 || EVP_PKEY_derive_set_peer(pctx, pubkey) <= 0
4373 || EVP_PKEY_derive(pctx, NULL, &pmslen) <= 0) {
4377 pms = OPENSSL_malloc(pmslen);
4381 if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0)
4385 if (SSL_IS_TLS13(s)) {
4387 * If we are resuming then we already generated the early secret
4388 * when we created the ClientHello, so don't recreate it.
4391 rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
4393 (unsigned char *)&s->early_secret);
4397 rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
4399 rv = ssl_generate_master_secret(s, pms, pmslen, 0);
4402 /* Save premaster secret */
4403 s->s3->tmp.pms = pms;
4404 s->s3->tmp.pmslen = pmslen;
4410 OPENSSL_clear_free(pms, pmslen);
4411 EVP_PKEY_CTX_free(pctx);
4415 #ifndef OPENSSL_NO_DH
4416 EVP_PKEY *ssl_dh_to_pkey(DH *dh)
4421 ret = EVP_PKEY_new();
4422 if (EVP_PKEY_set1_DH(ret, dh) <= 0) {
projects / openssl.git / blob