include/openssl/tls1.h

0001 /*
0002  * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
0003  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
0004  * Copyright 2005 Nokia. All rights reserved.
0005  *
0006  * Licensed under the Apache License 2.0 (the "License").  You may not use
0007  * this file except in compliance with the License.  You can obtain a copy
0008  * in the file LICENSE in the source distribution or at
0009  * https://www.openssl.org/source/license.html
0010  */
0011
0012 #ifndef OPENSSL_TLS1_H
0013 #define OPENSSL_TLS1_H
0014 #pragma once
0015
0016 #include <openssl/macros.h>
0017 #ifndef OPENSSL_NO_DEPRECATED_3_0
0018 #define HEADER_TLS1_H
0019 #endif
0020
0021 #include <openssl/buffer.h>
0022 #include <openssl/x509.h>
0023 #include <openssl/prov_ssl.h>
0024
0025 #ifdef __cplusplus
0026 extern "C" {
0027 #endif
0028
0029 /* Default security level if not overridden at config time */
0030 #ifndef OPENSSL_TLS_SECURITY_LEVEL
0031 #define OPENSSL_TLS_SECURITY_LEVEL 2
0032 #endif
0033
0034 /* TLS*_VERSION constants are defined in prov_ssl.h */
0035 #ifndef OPENSSL_NO_DEPRECATED_3_0
0036 #define TLS_MAX_VERSION TLS1_3_VERSION
0037 #endif
0038
0039 /* Special value for method supporting multiple versions */
0040 #define TLS_ANY_VERSION 0x10000
0041
0042 #define TLS1_VERSION_MAJOR 0x03
0043 #define TLS1_VERSION_MINOR 0x01
0044
0045 #define TLS1_1_VERSION_MAJOR 0x03
0046 #define TLS1_1_VERSION_MINOR 0x02
0047
0048 #define TLS1_2_VERSION_MAJOR 0x03
0049 #define TLS1_2_VERSION_MINOR 0x03
0050
0051 #define TLS1_get_version(s) \
0052     ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
0053
0054 #define TLS1_get_client_version(s) \
0055     ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
0056
0057 #define TLS1_AD_DECRYPTION_FAILED 21
0058 #define TLS1_AD_RECORD_OVERFLOW 22
0059 #define TLS1_AD_UNKNOWN_CA 48 /* fatal */
0060 #define TLS1_AD_ACCESS_DENIED 49 /* fatal */
0061 #define TLS1_AD_DECODE_ERROR 50 /* fatal */
0062 #define TLS1_AD_DECRYPT_ERROR 51
0063 #define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
0064 #define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
0065 #define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
0066 #define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
0067 #define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */
0068 #define TLS1_AD_USER_CANCELLED 90
0069 #define TLS1_AD_NO_RENEGOTIATION 100
0070 /* TLSv1.3 alerts */
0071 #define TLS13_AD_MISSING_EXTENSION 109 /* fatal */
0072 #define TLS13_AD_CERTIFICATE_REQUIRED 116 /* fatal */
0073 /* codes 110-114 are from RFC3546 */
0074 #define TLS1_AD_UNSUPPORTED_EXTENSION 110
0075 #define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
0076 #define TLS1_AD_UNRECOGNIZED_NAME 112
0077 #define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
0078 #define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
0079 #define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
0080 #define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
0081
0082 /* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
0083 #define TLSEXT_TYPE_server_name 0
0084 #define TLSEXT_TYPE_max_fragment_length 1
0085 #define TLSEXT_TYPE_client_certificate_url 2
0086 #define TLSEXT_TYPE_trusted_ca_keys 3
0087 #define TLSEXT_TYPE_truncated_hmac 4
0088 #define TLSEXT_TYPE_status_request 5
0089 /* ExtensionType values from RFC4681 */
0090 #define TLSEXT_TYPE_user_mapping 6
0091 /* ExtensionType values from RFC5878 */
0092 #define TLSEXT_TYPE_client_authz 7
0093 #define TLSEXT_TYPE_server_authz 8
0094 /* ExtensionType values from RFC6091 */
0095 #define TLSEXT_TYPE_cert_type 9
0096
0097 /* ExtensionType values from RFC4492 */
0098 /*
0099  * Prior to TLSv1.3 the supported_groups extension was known as
0100  * elliptic_curves
0101  */
0102 #define TLSEXT_TYPE_supported_groups 10
0103 #define TLSEXT_TYPE_elliptic_curves TLSEXT_TYPE_supported_groups
0104 #define TLSEXT_TYPE_ec_point_formats 11
0105
0106 /* ExtensionType value from RFC5054 */
0107 #define TLSEXT_TYPE_srp 12
0108
0109 /* ExtensionType values from RFC5246 */
0110 #define TLSEXT_TYPE_signature_algorithms 13
0111
0112 /* ExtensionType value from RFC5764 */
0113 #define TLSEXT_TYPE_use_srtp 14
0114
0115 /* ExtensionType value from RFC7301 */
0116 #define TLSEXT_TYPE_application_layer_protocol_negotiation 16
0117
0118 /*
0119  * Extension type for Certificate Transparency
0120  * https://tools.ietf.org/html/rfc6962#section-3.3.1
0121  */
0122 #define TLSEXT_TYPE_signed_certificate_timestamp 18
0123
0124 /*
0125  * Extension type for Raw Public Keys
0126  * https://tools.ietf.org/html/rfc7250
0127  * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
0128  */
0129 #define TLSEXT_TYPE_client_cert_type 19
0130 #define TLSEXT_TYPE_server_cert_type 20
0131
0132 /*
0133  * ExtensionType value for TLS padding extension.
0134  * http://tools.ietf.org/html/draft-agl-tls-padding
0135  */
0136 #define TLSEXT_TYPE_padding 21
0137
0138 /* ExtensionType value from RFC7366 */
0139 #define TLSEXT_TYPE_encrypt_then_mac 22
0140
0141 /* ExtensionType value from RFC7627 */
0142 #define TLSEXT_TYPE_extended_master_secret 23
0143
0144 /* ExtensionType value from RFC8879 */
0145 #define TLSEXT_TYPE_compress_certificate 27
0146
0147 /* ExtensionType value from RFC4507 */
0148 #define TLSEXT_TYPE_session_ticket 35
0149
0150 /* As defined for TLS1.3 */
0151 #define TLSEXT_TYPE_psk 41
0152 #define TLSEXT_TYPE_early_data 42
0153 #define TLSEXT_TYPE_supported_versions 43
0154 #define TLSEXT_TYPE_cookie 44
0155 #define TLSEXT_TYPE_psk_kex_modes 45
0156 #define TLSEXT_TYPE_certificate_authorities 47
0157 #define TLSEXT_TYPE_post_handshake_auth 49
0158 #define TLSEXT_TYPE_signature_algorithms_cert 50
0159 #define TLSEXT_TYPE_key_share 51
0160 #define TLSEXT_TYPE_quic_transport_parameters 57
0161
0162 /* Temporary extension type */
0163 #define TLSEXT_TYPE_renegotiate 0xff01
0164
0165 #ifndef OPENSSL_NO_NEXTPROTONEG
0166 /* This is not an IANA defined extension number */
0167 #define TLSEXT_TYPE_next_proto_neg 13172
0168 #endif
0169
0170 /* NameType value from RFC3546 */
0171 #define TLSEXT_NAMETYPE_host_name 0
0172 /* status request value from RFC3546 */
0173 #define TLSEXT_STATUSTYPE_ocsp 1
0174
0175 /* ECPointFormat values from RFC4492 */
0176 #define TLSEXT_ECPOINTFORMAT_first 0
0177 #define TLSEXT_ECPOINTFORMAT_uncompressed 0
0178 #define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
0179 #define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
0180 #define TLSEXT_ECPOINTFORMAT_last 2
0181
0182 /* Signature and hash algorithms from RFC5246 */
0183 #define TLSEXT_signature_anonymous 0
0184 #define TLSEXT_signature_rsa 1
0185 #define TLSEXT_signature_dsa 2
0186 #define TLSEXT_signature_ecdsa 3
0187 #define TLSEXT_signature_gostr34102001 237
0188 #define TLSEXT_signature_gostr34102012_256 238
0189 #define TLSEXT_signature_gostr34102012_512 239
0190
0191 /* Total number of different signature algorithms */
0192 #define TLSEXT_signature_num 7
0193
0194 #define TLSEXT_hash_none 0
0195 #define TLSEXT_hash_md5 1
0196 #define TLSEXT_hash_sha1 2
0197 #define TLSEXT_hash_sha224 3
0198 #define TLSEXT_hash_sha256 4
0199 #define TLSEXT_hash_sha384 5
0200 #define TLSEXT_hash_sha512 6
0201 #define TLSEXT_hash_gostr3411 237
0202 #define TLSEXT_hash_gostr34112012_256 238
0203 #define TLSEXT_hash_gostr34112012_512 239
0204
0205 /* Total number of different digest algorithms */
0206
0207 #define TLSEXT_hash_num 10
0208
0209 /* Possible compression values from RFC8879 */
0210 /* Not defined in RFC8879, but used internally for no-compression */
0211 #define TLSEXT_comp_cert_none 0
0212 #define TLSEXT_comp_cert_zlib 1
0213 #define TLSEXT_comp_cert_brotli 2
0214 #define TLSEXT_comp_cert_zstd 3
0215 /* one more than the number of defined values - used as size of 0-terminated array */
0216 #define TLSEXT_comp_cert_limit 4
0217
0218 /* Flag set for unrecognised algorithms */
0219 #define TLSEXT_nid_unknown 0x1000000
0220
0221 /* ECC curves */
0222
0223 #define TLSEXT_curve_P_256 23
0224 #define TLSEXT_curve_P_384 24
0225
0226 /* OpenSSL value to disable maximum fragment length extension */
0227 #define TLSEXT_max_fragment_length_DISABLED 0
0228 /* Allowed values for max fragment length extension */
0229 #define TLSEXT_max_fragment_length_512 1
0230 #define TLSEXT_max_fragment_length_1024 2
0231 #define TLSEXT_max_fragment_length_2048 3
0232 #define TLSEXT_max_fragment_length_4096 4
0233 /* OpenSSL value for unset maximum fragment length extension */
0234 #define TLSEXT_max_fragment_length_UNSPECIFIED 255
0235
0236 /*
0237  * TLS Certificate Type (for RFC7250)
0238  * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3
0239  */
0240 #define TLSEXT_cert_type_x509 0
0241 #define TLSEXT_cert_type_pgp 1 /* recognized, but not supported */
0242 #define TLSEXT_cert_type_rpk 2
0243 #define TLSEXT_cert_type_1609dot2 3 /* recognized, but not supported */
0244
0245 int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
0246 int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
0247
0248 #define TLSEXT_MAXLEN_host_name 255
0249
0250 __owur const char *SSL_get_servername(const SSL *s, const int type);
0251 __owur int SSL_get_servername_type(const SSL *s);
0252 /*
0253  * SSL_export_keying_material exports a value derived from the master secret,
0254  * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
0255  * optional context. (Since a zero length context is allowed, the |use_context|
0256  * flag controls whether a context is included.) It returns 1 on success and
0257  * 0 or -1 otherwise.
0258  */
0259 __owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
0260     const char *label, size_t llen,
0261     const unsigned char *context,
0262     size_t contextlen, int use_context);
0263
0264 /*
0265  * SSL_export_keying_material_early exports a value derived from the
0266  * early exporter master secret, as specified in
0267  * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
0268  * |olen| bytes to |out| given a label and optional context. It
0269  * returns 1 on success and 0 otherwise.
0270  */
0271 __owur int SSL_export_keying_material_early(SSL *s, unsigned char *out,
0272     size_t olen, const char *label,
0273     size_t llen,
0274     const unsigned char *context,
0275     size_t contextlen);
0276
0277 int SSL_get_peer_signature_type_nid(const SSL *s, int *pnid);
0278 int SSL_get_signature_type_nid(const SSL *s, int *pnid);
0279
0280 int SSL_get_sigalgs(SSL *s, int idx,
0281     int *psign, int *phash, int *psignandhash,
0282     unsigned char *rsig, unsigned char *rhash);
0283
0284 char *SSL_get1_builtin_sigalgs(OSSL_LIB_CTX *libctx);
0285
0286 int SSL_get_shared_sigalgs(SSL *s, int idx,
0287     int *psign, int *phash, int *psignandhash,
0288     unsigned char *rsig, unsigned char *rhash);
0289
0290 __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
0291
0292 #define SSL_set_tlsext_host_name(s, name)                                \
0293     SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, \
0294         (void *)name)
0295
0296 #define SSL_set_tlsext_debug_callback(ssl, cb)           \
0297     SSL_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_DEBUG_CB, \
0298         (void (*)(void))cb)
0299
0300 #define SSL_set_tlsext_debug_arg(ssl, arg) \
0301     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_DEBUG_ARG, 0, arg)
0302
0303 #define SSL_get_tlsext_status_type(ssl) \
0304     SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE, 0, NULL)
0305
0306 #define SSL_set_tlsext_status_type(ssl, type) \
0307     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type, NULL)
0308
0309 #define SSL_get_tlsext_status_exts(ssl, arg) \
0310     SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS, 0, arg)
0311
0312 #define SSL_set_tlsext_status_exts(ssl, arg) \
0313     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS, 0, arg)
0314
0315 #define SSL_get_tlsext_status_ids(ssl, arg) \
0316     SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS, 0, arg)
0317
0318 #define SSL_set_tlsext_status_ids(ssl, arg) \
0319     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS, 0, arg)
0320
0321 #define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
0322     SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, 0, arg)
0323
0324 #define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
0325     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, arglen, arg)
0326
0327 #define SSL_get0_tlsext_status_ocsp_resp_ex(ssl, arg) \
0328     SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP_EX, 0, arg)
0329
0330 #define SSL_set0_tlsext_status_ocsp_resp_ex(ssl, arg) \
0331     SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP_EX, 0, arg)
0332
0333 #define SSL_CTX_set_tlsext_servername_callback(ctx, cb)           \
0334     SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, \
0335         (void (*)(void))cb)
0336
0337 #define SSL_TLSEXT_ERR_OK 0
0338 #define SSL_TLSEXT_ERR_ALERT_WARNING 1
0339 #define SSL_TLSEXT_ERR_ALERT_FATAL 2
0340 #define SSL_TLSEXT_ERR_NOACK 3
0341
0342 #define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
0343     SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, arg)
0344
0345 #define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
0346     SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_TICKET_KEYS, keylen, keys)
0347 #define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
0348     SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_TICKET_KEYS, keylen, keys)
0349
0350 #define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
0351     SSL_CTX_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, (void *)cb)
0352 #define SSL_CTX_set_tlsext_status_cb(ssl, cb)                     \
0353     SSL_CTX_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, \
0354         (void (*)(void))cb)
0355
0356 #define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
0357     SSL_CTX_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg)
0358 #define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
0359     SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg)
0360
0361 #define SSL_CTX_set_tlsext_status_type(ssl, type) \
0362     SSL_CTX_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type, NULL)
0363
0364 #define SSL_CTX_get_tlsext_status_type(ssl) \
0365     SSL_CTX_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE, 0, NULL)
0366
0367 #ifndef OPENSSL_NO_DEPRECATED_3_0
0368 #define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb)                 \
0369     SSL_CTX_callback_ctrl(ssl, SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB, \
0370         (void (*)(void))cb)
0371 #endif
0372 int SSL_CTX_set_tlsext_ticket_key_evp_cb(SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *, EVP_CIPHER_CTX *, EVP_MAC_CTX *, int));
0373
0374 /* PSK ciphersuites from 4279 */
0375 #define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
0376 #define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
0377 #define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
0378 #define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
0379 #define TLS1_CK_DHE_PSK_WITH_RC4_128_SHA 0x0300008E
0380 #define TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008F
0381 #define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA 0x03000090
0382 #define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA 0x03000091
0383 #define TLS1_CK_RSA_PSK_WITH_RC4_128_SHA 0x03000092
0384 #define TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x03000093
0385 #define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA 0x03000094
0386 #define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA 0x03000095
0387
0388 /* PSK ciphersuites from 5487 */
0389 #define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 0x030000A8
0390 #define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 0x030000A9
0391 #define TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 0x030000AA
0392 #define TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 0x030000AB
0393 #define TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 0x030000AC
0394 #define TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 0x030000AD
0395 #define TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 0x030000AE
0396 #define TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 0x030000AF
0397 #define TLS1_CK_PSK_WITH_NULL_SHA256 0x030000B0
0398 #define TLS1_CK_PSK_WITH_NULL_SHA384 0x030000B1
0399 #define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 0x030000B2
0400 #define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 0x030000B3
0401 #define TLS1_CK_DHE_PSK_WITH_NULL_SHA256 0x030000B4
0402 #define TLS1_CK_DHE_PSK_WITH_NULL_SHA384 0x030000B5
0403 #define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 0x030000B6
0404 #define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 0x030000B7
0405 #define TLS1_CK_RSA_PSK_WITH_NULL_SHA256 0x030000B8
0406 #define TLS1_CK_RSA_PSK_WITH_NULL_SHA384 0x030000B9
0407
0408 /* NULL PSK ciphersuites from RFC4785 */
0409 #define TLS1_CK_PSK_WITH_NULL_SHA 0x0300002C
0410 #define TLS1_CK_DHE_PSK_WITH_NULL_SHA 0x0300002D
0411 #define TLS1_CK_RSA_PSK_WITH_NULL_SHA 0x0300002E
0412
0413 /* AES ciphersuites from RFC3268 */
0414 #define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
0415 #define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
0416 #define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
0417 #define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
0418 #define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
0419 #define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
0420 #define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
0421 #define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
0422 #define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
0423 #define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
0424 #define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
0425 #define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
0426
0427 /* TLS v1.2 ciphersuites */
0428 #define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
0429 #define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
0430 #define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
0431 #define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
0432 #define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
0433 #define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
0434
0435 /* Camellia ciphersuites from RFC4132 */
0436 #define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
0437 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
0438 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
0439 #define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
0440 #define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
0441 #define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
0442
0443 /* TLS v1.2 ciphersuites */
0444 #define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
0445 #define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
0446 #define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
0447 #define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
0448 #define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
0449 #define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
0450 #define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
0451
0452 /* Camellia ciphersuites from RFC4132 */
0453 #define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
0454 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
0455 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
0456 #define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
0457 #define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
0458 #define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
0459
0460 /* SEED ciphersuites from RFC4162 */
0461 #define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
0462 #define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
0463 #define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
0464 #define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
0465 #define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
0466 #define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
0467
0468 /* TLS v1.2 GCM ciphersuites from RFC5288 */
0469 #define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
0470 #define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
0471 #define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
0472 #define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
0473 #define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
0474 #define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
0475 #define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
0476 #define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
0477 #define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
0478 #define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
0479 #define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
0480 #define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
0481
0482 /* CCM ciphersuites from RFC6655 */
0483 #define TLS1_CK_RSA_WITH_AES_128_CCM 0x0300C09C
0484 #define TLS1_CK_RSA_WITH_AES_256_CCM 0x0300C09D
0485 #define TLS1_CK_DHE_RSA_WITH_AES_128_CCM 0x0300C09E
0486 #define TLS1_CK_DHE_RSA_WITH_AES_256_CCM 0x0300C09F
0487 #define TLS1_CK_RSA_WITH_AES_128_CCM_8 0x0300C0A0
0488 #define TLS1_CK_RSA_WITH_AES_256_CCM_8 0x0300C0A1
0489 #define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 0x0300C0A2
0490 #define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 0x0300C0A3
0491 #define TLS1_CK_PSK_WITH_AES_128_CCM 0x0300C0A4
0492 #define TLS1_CK_PSK_WITH_AES_256_CCM 0x0300C0A5
0493 #define TLS1_CK_DHE_PSK_WITH_AES_128_CCM 0x0300C0A6
0494 #define TLS1_CK_DHE_PSK_WITH_AES_256_CCM 0x0300C0A7
0495 #define TLS1_CK_PSK_WITH_AES_128_CCM_8 0x0300C0A8
0496 #define TLS1_CK_PSK_WITH_AES_256_CCM_8 0x0300C0A9
0497 #define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 0x0300C0AA
0498 #define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 0x0300C0AB
0499
0500 /* CCM ciphersuites from RFC7251 */
0501 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM 0x0300C0AC
0502 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM 0x0300C0AD
0503 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 0x0300C0AE
0504 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 0x0300C0AF
0505
0506 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
0507 #define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
0508 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
0509 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
0510 #define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
0511 #define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
0512 #define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
0513
0514 #define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
0515 #define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
0516 #define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
0517 #define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
0518 #define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
0519 #define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
0520
0521 /* ECC ciphersuites from RFC4492 */
0522 #define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
0523 #define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
0524 #define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
0525 #define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
0526 #define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
0527
0528 #define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
0529 #define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
0530 #define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
0531 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
0532 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
0533
0534 #define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
0535 #define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
0536 #define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
0537 #define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
0538 #define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
0539
0540 #define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
0541 #define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
0542 #define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
0543 #define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
0544 #define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
0545
0546 #define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
0547 #define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
0548 #define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
0549 #define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
0550 #define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
0551
0552 /* SRP ciphersuites from RFC 5054 */
0553 #define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
0554 #define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
0555 #define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
0556 #define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
0557 #define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
0558 #define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
0559 #define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
0560 #define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
0561 #define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
0562
0563 /* ECDH HMAC based ciphersuites from RFC5289 */
0564 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
0565 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
0566 #define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
0567 #define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
0568 #define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
0569 #define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
0570 #define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
0571 #define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
0572
0573 /* ECDH GCM based ciphersuites from RFC5289 */
0574 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
0575 #define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
0576 #define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
0577 #define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
0578 #define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
0579 #define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
0580 #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
0581 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
0582
0583 /* ECDHE PSK ciphersuites from RFC5489 */
0584 #define TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA 0x0300C033
0585 #define TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300C034
0586 #define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
0587 #define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036
0588
0589 #define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
0590 #define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
0591
0592 /* NULL PSK ciphersuites from RFC4785 */
0593 #define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA 0x0300C039
0594 #define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 0x0300C03A
0595 #define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 0x0300C03B
0596
0597 /* Camellia-CBC ciphersuites from RFC6367 */
0598 #define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
0599 #define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
0600 #define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
0601 #define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
0602 #define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
0603 #define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
0604 #define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
0605 #define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
0606
0607 #define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
0608 #define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
0609 #define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
0610 #define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
0611 #define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
0612 #define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
0613 #define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
0614 #define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
0615
0616 /* draft-ietf-tls-chacha20-poly1305-03 */
0617 #define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
0618 #define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
0619 #define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
0620 #define TLS1_CK_PSK_WITH_CHACHA20_POLY1305 0x0300CCAB
0621 #define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAC
0622 #define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
0623 #define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
0624
0625 /* TLS v1.3 ciphersuites */
0626 #define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
0627 #define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
0628 #define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303
0629 #define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304
0630 #define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305
0631
0632 /* Integrity-only ciphersuites from RFC 9150 */
0633 #define TLS1_3_CK_SHA256_SHA256 0x0300C0B4
0634 #define TLS1_3_CK_SHA384_SHA384 0x0300C0B5
0635
0636 /* Aria ciphersuites from RFC6209 */
0637 #define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C050
0638 #define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C051
0639 #define TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C052
0640 #define TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C053
0641 #define TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C054
0642 #define TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C055
0643 #define TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C056
0644 #define TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C057
0645 #define TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C058
0646 #define TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C059
0647 #define TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 0x0300C05A
0648 #define TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 0x0300C05B
0649 #define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05C
0650 #define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05D
0651 #define TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05E
0652 #define TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05F
0653 #define TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C060
0654 #define TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C061
0655 #define TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C062
0656 #define TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C063
0657 #define TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06A
0658 #define TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06B
0659 #define TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06C
0660 #define TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06D
0661 #define TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06E
0662 #define TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06F
0663
0664 /* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
0665 #define TLS1_RFC_RSA_WITH_AES_128_SHA "TLS_RSA_WITH_AES_128_CBC_SHA"
0666 #define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
0667 #define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
0668 #define TLS1_RFC_ADH_WITH_AES_128_SHA "TLS_DH_anon_WITH_AES_128_CBC_SHA"
0669 #define TLS1_RFC_RSA_WITH_AES_256_SHA "TLS_RSA_WITH_AES_256_CBC_SHA"
0670 #define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
0671 #define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
0672 #define TLS1_RFC_ADH_WITH_AES_256_SHA "TLS_DH_anon_WITH_AES_256_CBC_SHA"
0673 #define TLS1_RFC_RSA_WITH_NULL_SHA256 "TLS_RSA_WITH_NULL_SHA256"
0674 #define TLS1_RFC_RSA_WITH_AES_128_SHA256 "TLS_RSA_WITH_AES_128_CBC_SHA256"
0675 #define TLS1_RFC_RSA_WITH_AES_256_SHA256 "TLS_RSA_WITH_AES_256_CBC_SHA256"
0676 #define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
0677 #define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
0678 #define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
0679 #define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
0680 #define TLS1_RFC_ADH_WITH_AES_128_SHA256 "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
0681 #define TLS1_RFC_ADH_WITH_AES_256_SHA256 "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
0682 #define TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 "TLS_RSA_WITH_AES_128_GCM_SHA256"
0683 #define TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 "TLS_RSA_WITH_AES_256_GCM_SHA384"
0684 #define TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
0685 #define TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
0686 #define TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"
0687 #define TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"
0688 #define TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
0689 #define TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
0690 #define TLS1_RFC_RSA_WITH_AES_128_CCM "TLS_RSA_WITH_AES_128_CCM"
0691 #define TLS1_RFC_RSA_WITH_AES_256_CCM "TLS_RSA_WITH_AES_256_CCM"
0692 #define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM "TLS_DHE_RSA_WITH_AES_128_CCM"
0693 #define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM "TLS_DHE_RSA_WITH_AES_256_CCM"
0694 #define TLS1_RFC_RSA_WITH_AES_128_CCM_8 "TLS_RSA_WITH_AES_128_CCM_8"
0695 #define TLS1_RFC_RSA_WITH_AES_256_CCM_8 "TLS_RSA_WITH_AES_256_CCM_8"
0696 #define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 "TLS_DHE_RSA_WITH_AES_128_CCM_8"
0697 #define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 "TLS_DHE_RSA_WITH_AES_256_CCM_8"
0698 #define TLS1_RFC_PSK_WITH_AES_128_CCM "TLS_PSK_WITH_AES_128_CCM"
0699 #define TLS1_RFC_PSK_WITH_AES_256_CCM "TLS_PSK_WITH_AES_256_CCM"
0700 #define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM "TLS_DHE_PSK_WITH_AES_128_CCM"
0701 #define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM "TLS_DHE_PSK_WITH_AES_256_CCM"
0702 #define TLS1_RFC_PSK_WITH_AES_128_CCM_8 "TLS_PSK_WITH_AES_128_CCM_8"
0703 #define TLS1_RFC_PSK_WITH_AES_256_CCM_8 "TLS_PSK_WITH_AES_256_CCM_8"
0704 #define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 "TLS_PSK_DHE_WITH_AES_128_CCM_8"
0705 #define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 "TLS_PSK_DHE_WITH_AES_256_CCM_8"
0706 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"
0707 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"
0708 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"
0709 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"
0710 #define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
0711 #define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
0712 #define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
0713 #define TLS1_3_RFC_SHA256_SHA256 "TLS_SHA256_SHA256"
0714 #define TLS1_3_RFC_SHA384_SHA384 "TLS_SHA384_SHA384"
0715 #define TLS1_3_RFC_AES_128_CCM_SHA256 "TLS_AES_128_CCM_SHA256"
0716 #define TLS1_3_RFC_AES_128_CCM_8_SHA256 "TLS_AES_128_CCM_8_SHA256"
0717 #define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
0718 #define TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
0719 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
0720 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
0721 #define TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA "TLS_ECDHE_RSA_WITH_NULL_SHA"
0722 #define TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
0723 #define TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
0724 #define TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
0725 #define TLS1_RFC_ECDH_anon_WITH_NULL_SHA "TLS_ECDH_anon_WITH_NULL_SHA"
0726 #define TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
0727 #define TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
0728 #define TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
0729 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
0730 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
0731 #define TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
0732 #define TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
0733 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
0734 #define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
0735 #define TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
0736 #define TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
0737 #define TLS1_RFC_PSK_WITH_NULL_SHA "TLS_PSK_WITH_NULL_SHA"
0738 #define TLS1_RFC_DHE_PSK_WITH_NULL_SHA "TLS_DHE_PSK_WITH_NULL_SHA"
0739 #define TLS1_RFC_RSA_PSK_WITH_NULL_SHA "TLS_RSA_PSK_WITH_NULL_SHA"
0740 #define TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
0741 #define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA "TLS_PSK_WITH_AES_128_CBC_SHA"
0742 #define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA "TLS_PSK_WITH_AES_256_CBC_SHA"
0743 #define TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
0744 #define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
0745 #define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
0746 #define TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
0747 #define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
0748 #define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
0749 #define TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 "TLS_PSK_WITH_AES_128_GCM_SHA256"
0750 #define TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 "TLS_PSK_WITH_AES_256_GCM_SHA384"
0751 #define TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"
0752 #define TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"
0753 #define TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
0754 #define TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
0755 #define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 "TLS_PSK_WITH_AES_128_CBC_SHA256"
0756 #define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 "TLS_PSK_WITH_AES_256_CBC_SHA384"
0757 #define TLS1_RFC_PSK_WITH_NULL_SHA256 "TLS_PSK_WITH_NULL_SHA256"
0758 #define TLS1_RFC_PSK_WITH_NULL_SHA384 "TLS_PSK_WITH_NULL_SHA384"
0759 #define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
0760 #define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
0761 #define TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 "TLS_DHE_PSK_WITH_NULL_SHA256"
0762 #define TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 "TLS_DHE_PSK_WITH_NULL_SHA384"
0763 #define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
0764 #define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
0765 #define TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 "TLS_RSA_PSK_WITH_NULL_SHA256"
0766 #define TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 "TLS_RSA_PSK_WITH_NULL_SHA384"
0767 #define TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
0768 #define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
0769 #define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
0770 #define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
0771 #define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
0772 #define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA "TLS_ECDHE_PSK_WITH_NULL_SHA"
0773 #define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 "TLS_ECDHE_PSK_WITH_NULL_SHA256"
0774 #define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 "TLS_ECDHE_PSK_WITH_NULL_SHA384"
0775 #define TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
0776 #define TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
0777 #define TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
0778 #define TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
0779 #define TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
0780 #define TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
0781 #define TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
0782 #define TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
0783 #define TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
0784 #define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
0785 #define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
0786 #define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
0787 #define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
0788 #define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
0789 #define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
0790 #define TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
0791 #define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0792 #define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
0793 #define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0794 #define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
0795 #define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
0796 #define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
0797 #define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
0798 #define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
0799 #define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
0800 #define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
0801 #define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
0802 #define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
0803 #define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
0804 #define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
0805 #define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
0806 #define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
0807 #define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
0808 #define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
0809 #define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0810 #define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
0811 #define TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0812 #define TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0813 #define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0814 #define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0815 #define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0816 #define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0817 #define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0818 #define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0819 #define TLS1_RFC_RSA_WITH_SEED_SHA "TLS_RSA_WITH_SEED_CBC_SHA"
0820 #define TLS1_RFC_DHE_DSS_WITH_SEED_SHA "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
0821 #define TLS1_RFC_DHE_RSA_WITH_SEED_SHA "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
0822 #define TLS1_RFC_ADH_WITH_SEED_SHA "TLS_DH_anon_WITH_SEED_CBC_SHA"
0823 #define TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
0824 #define TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA "TLS_ECDH_anon_WITH_RC4_128_SHA"
0825 #define TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
0826 #define TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
0827 #define TLS1_RFC_PSK_WITH_RC4_128_SHA "TLS_PSK_WITH_RC4_128_SHA"
0828 #define TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA "TLS_RSA_PSK_WITH_RC4_128_SHA"
0829 #define TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA "TLS_DHE_PSK_WITH_RC4_128_SHA"
0830 #define TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
0831 #define TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
0832 #define TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"
0833 #define TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"
0834 #define TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
0835 #define TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
0836 #define TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"
0837 #define TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"
0838 #define TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
0839 #define TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
0840 #define TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
0841 #define TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
0842 #define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"
0843 #define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"
0844 #define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
0845 #define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
0846 #define TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"
0847 #define TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"
0848 #define TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
0849 #define TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
0850 #define TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
0851 #define TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
0852 #define TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"
0853 #define TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"
0854 #define TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
0855 #define TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
0856
0857 /*
0858  * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
0859  * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
0860  * using DHE everywhere, though we may indefinitely maintain aliases for
0861  * users or configurations that used "EDH"
0862  */
0863 #define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
0864
0865 #define TLS1_TXT_PSK_WITH_NULL_SHA "PSK-NULL-SHA"
0866 #define TLS1_TXT_DHE_PSK_WITH_NULL_SHA "DHE-PSK-NULL-SHA"
0867 #define TLS1_TXT_RSA_PSK_WITH_NULL_SHA "RSA-PSK-NULL-SHA"
0868
0869 /* AES ciphersuites from RFC3268 */
0870 #define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
0871 #define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
0872 #define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
0873 #define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
0874 #define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
0875 #define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
0876
0877 #define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
0878 #define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
0879 #define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
0880 #define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
0881 #define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
0882 #define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
0883
0884 /* ECC ciphersuites from RFC4492 */
0885 #define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
0886 #define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
0887 #define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
0888 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
0889 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
0890
0891 #define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
0892 #define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
0893 #define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
0894 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
0895 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
0896
0897 #define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
0898 #define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
0899 #define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
0900 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
0901 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
0902
0903 #define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
0904 #define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
0905 #define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
0906 #define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
0907 #define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
0908
0909 #define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
0910 #define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
0911 #define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
0912 #define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
0913 #define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
0914
0915 /* PSK ciphersuites from RFC 4279 */
0916 #define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
0917 #define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
0918 #define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
0919 #define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
0920
0921 #define TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA "DHE-PSK-RC4-SHA"
0922 #define TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA "DHE-PSK-3DES-EDE-CBC-SHA"
0923 #define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA "DHE-PSK-AES128-CBC-SHA"
0924 #define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA "DHE-PSK-AES256-CBC-SHA"
0925 #define TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA "RSA-PSK-RC4-SHA"
0926 #define TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA "RSA-PSK-3DES-EDE-CBC-SHA"
0927 #define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA "RSA-PSK-AES128-CBC-SHA"
0928 #define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA "RSA-PSK-AES256-CBC-SHA"
0929
0930 /* PSK ciphersuites from RFC 5487 */
0931 #define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
0932 #define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
0933 #define TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 "DHE-PSK-AES128-GCM-SHA256"
0934 #define TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 "DHE-PSK-AES256-GCM-SHA384"
0935 #define TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 "RSA-PSK-AES128-GCM-SHA256"
0936 #define TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 "RSA-PSK-AES256-GCM-SHA384"
0937
0938 #define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 "PSK-AES128-CBC-SHA256"
0939 #define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 "PSK-AES256-CBC-SHA384"
0940 #define TLS1_TXT_PSK_WITH_NULL_SHA256 "PSK-NULL-SHA256"
0941 #define TLS1_TXT_PSK_WITH_NULL_SHA384 "PSK-NULL-SHA384"
0942
0943 #define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 "DHE-PSK-AES128-CBC-SHA256"
0944 #define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 "DHE-PSK-AES256-CBC-SHA384"
0945 #define TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 "DHE-PSK-NULL-SHA256"
0946 #define TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 "DHE-PSK-NULL-SHA384"
0947
0948 #define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 "RSA-PSK-AES128-CBC-SHA256"
0949 #define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 "RSA-PSK-AES256-CBC-SHA384"
0950 #define TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 "RSA-PSK-NULL-SHA256"
0951 #define TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 "RSA-PSK-NULL-SHA384"
0952
0953 /* SRP ciphersuite from RFC 5054 */
0954 #define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
0955 #define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
0956 #define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
0957 #define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
0958 #define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
0959 #define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
0960 #define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
0961 #define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
0962 #define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
0963
0964 /* Camellia ciphersuites from RFC4132 */
0965 #define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
0966 #define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
0967 #define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
0968 #define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
0969 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
0970 #define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
0971
0972 #define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
0973 #define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
0974 #define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
0975 #define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
0976 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
0977 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
0978
0979 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
0980 #define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
0981 #define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
0982 #define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
0983 #define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
0984 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
0985 #define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
0986
0987 #define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
0988 #define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
0989 #define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
0990 #define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
0991 #define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
0992 #define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
0993
0994 #define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
0995 #define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
0996 #define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
0997 #define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
0998 #define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
0999 #define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
1000 #define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
1001 #define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
1002
1003 /* SEED ciphersuites from RFC4162 */
1004 #define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
1005 #define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
1006 #define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
1007 #define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
1008 #define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
1009 #define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
1010
1011 /* TLS v1.2 ciphersuites */
1012 #define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
1013 #define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
1014 #define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
1015 #define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
1016 #define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
1017 #define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
1018 #define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
1019 #define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
1020 #define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
1021 #define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
1022 #define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
1023 #define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
1024 #define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
1025
1026 /* TLS v1.2 GCM ciphersuites from RFC5288 */
1027 #define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
1028 #define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
1029 #define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
1030 #define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
1031 #define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
1032 #define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
1033 #define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
1034 #define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
1035 #define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
1036 #define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
1037 #define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
1038 #define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
1039
1040 /* CCM ciphersuites from RFC6655 */
1041 #define TLS1_TXT_RSA_WITH_AES_128_CCM "AES128-CCM"
1042 #define TLS1_TXT_RSA_WITH_AES_256_CCM "AES256-CCM"
1043 #define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM "DHE-RSA-AES128-CCM"
1044 #define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM "DHE-RSA-AES256-CCM"
1045
1046 #define TLS1_TXT_RSA_WITH_AES_128_CCM_8 "AES128-CCM8"
1047 #define TLS1_TXT_RSA_WITH_AES_256_CCM_8 "AES256-CCM8"
1048 #define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 "DHE-RSA-AES128-CCM8"
1049 #define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 "DHE-RSA-AES256-CCM8"
1050
1051 #define TLS1_TXT_PSK_WITH_AES_128_CCM "PSK-AES128-CCM"
1052 #define TLS1_TXT_PSK_WITH_AES_256_CCM "PSK-AES256-CCM"
1053 #define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM "DHE-PSK-AES128-CCM"
1054 #define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM "DHE-PSK-AES256-CCM"
1055
1056 #define TLS1_TXT_PSK_WITH_AES_128_CCM_8 "PSK-AES128-CCM8"
1057 #define TLS1_TXT_PSK_WITH_AES_256_CCM_8 "PSK-AES256-CCM8"
1058 #define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 "DHE-PSK-AES128-CCM8"
1059 #define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 "DHE-PSK-AES256-CCM8"
1060
1061 /* CCM ciphersuites from RFC7251 */
1062 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM "ECDHE-ECDSA-AES128-CCM"
1063 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM "ECDHE-ECDSA-AES256-CCM"
1064 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM8"
1065 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 "ECDHE-ECDSA-AES256-CCM8"
1066
1067 /* ECDH HMAC based ciphersuites from RFC5289 */
1068 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
1069 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
1070 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
1071 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
1072 #define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
1073 #define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
1074 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
1075 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
1076
1077 /* ECDH GCM based ciphersuites from RFC5289 */
1078 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
1079 #define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
1080 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
1081 #define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
1082 #define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
1083 #define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
1084 #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
1085 #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
1086
1087 /* TLS v1.2 PSK GCM ciphersuites from RFC5487 */
1088 #define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
1089 #define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
1090
1091 /* ECDHE PSK ciphersuites from RFC 5489 */
1092 #define TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA "ECDHE-PSK-RC4-SHA"
1093 #define TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "ECDHE-PSK-3DES-EDE-CBC-SHA"
1094 #define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
1095 #define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
1096
1097 #define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-AES128-CBC-SHA256"
1098 #define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-AES256-CBC-SHA384"
1099
1100 #define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA "ECDHE-PSK-NULL-SHA"
1101 #define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 "ECDHE-PSK-NULL-SHA256"
1102 #define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 "ECDHE-PSK-NULL-SHA384"
1103
1104 /* Camellia-CBC ciphersuites from RFC6367 */
1105 #define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
1106 #define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
1107 #define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256"
1108 #define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384"
1109 #define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256"
1110 #define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384"
1111 #define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
1112 #define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
1113
1114 /* draft-ietf-tls-chacha20-poly1305-03 */
1115 #define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
1116 #define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
1117 #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
1118 #define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 "PSK-CHACHA20-POLY1305"
1119 #define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 "ECDHE-PSK-CHACHA20-POLY1305"
1120 #define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
1121 #define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
1122
1123 /* Aria ciphersuites from RFC6209 */
1124 #define TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 "ARIA128-GCM-SHA256"
1125 #define TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 "ARIA256-GCM-SHA384"
1126 #define TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "DHE-RSA-ARIA128-GCM-SHA256"
1127 #define TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "DHE-RSA-ARIA256-GCM-SHA384"
1128 #define TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 "DH-RSA-ARIA128-GCM-SHA256"
1129 #define TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 "DH-RSA-ARIA256-GCM-SHA384"
1130 #define TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "DHE-DSS-ARIA128-GCM-SHA256"
1131 #define TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "DHE-DSS-ARIA256-GCM-SHA384"
1132 #define TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 "DH-DSS-ARIA128-GCM-SHA256"
1133 #define TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 "DH-DSS-ARIA256-GCM-SHA384"
1134 #define TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 "ADH-ARIA128-GCM-SHA256"
1135 #define TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 "ADH-ARIA256-GCM-SHA384"
1136 #define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ECDSA-ARIA128-GCM-SHA256"
1137 #define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ECDSA-ARIA256-GCM-SHA384"
1138 #define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ECDSA-ARIA128-GCM-SHA256"
1139 #define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ECDSA-ARIA256-GCM-SHA384"
1140 #define TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ARIA128-GCM-SHA256"
1141 #define TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ARIA256-GCM-SHA384"
1142 #define TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ARIA128-GCM-SHA256"
1143 #define TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ARIA256-GCM-SHA384"
1144 #define TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 "PSK-ARIA128-GCM-SHA256"
1145 #define TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 "PSK-ARIA256-GCM-SHA384"
1146 #define TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "DHE-PSK-ARIA128-GCM-SHA256"
1147 #define TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "DHE-PSK-ARIA256-GCM-SHA384"
1148 #define TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "RSA-PSK-ARIA128-GCM-SHA256"
1149 #define TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "RSA-PSK-ARIA256-GCM-SHA384"
1150
1151 #define TLS_CT_RSA_SIGN 1
1152 #define TLS_CT_DSS_SIGN 2
1153 #define TLS_CT_RSA_FIXED_DH 3
1154 #define TLS_CT_DSS_FIXED_DH 4
1155 #define TLS_CT_ECDSA_SIGN 64
1156 #define TLS_CT_RSA_FIXED_ECDH 65
1157 #define TLS_CT_ECDSA_FIXED_ECDH 66
1158 #define TLS_CT_GOST01_SIGN 22
1159 #define TLS_CT_GOST12_IANA_SIGN 67
1160 #define TLS_CT_GOST12_IANA_512_SIGN 68
1161 #define TLS_CT_GOST12_LEGACY_SIGN 238
1162 #define TLS_CT_GOST12_LEGACY_512_SIGN 239
1163
1164 #ifndef OPENSSL_NO_DEPRECATED_3_0
1165 #define TLS_CT_GOST12_SIGN TLS_CT_GOST12_LEGACY_SIGN
1166 #define TLS_CT_GOST12_512_SIGN TLS_CT_GOST12_LEGACY_512_SIGN
1167 #endif
1168
1169 /*
1170  * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
1171  * comment there)
1172  */
1173 #define TLS_CT_NUMBER 12
1174
1175 #if defined(SSL3_CT_NUMBER)
1176 #if TLS_CT_NUMBER != SSL3_CT_NUMBER
1177 #error "SSL/TLS CT_NUMBER values do not match"
1178 #endif
1179 #endif
1180
1181 #define TLS1_FINISH_MAC_LENGTH 12
1182
1183 #define TLS_MD_MAX_CONST_SIZE 22
1184
1185 /* ASCII: "client finished", in hex for EBCDIC compatibility */
1186 #define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
1187 #define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
1188 /* ASCII: "server finished", in hex for EBCDIC compatibility */
1189 #define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
1190 #define TLS_MD_SERVER_FINISH_CONST_SIZE 15
1191 /* ASCII: "server write key", in hex for EBCDIC compatibility */
1192 #define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1193 #define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
1194 /* ASCII: "key expansion", in hex for EBCDIC compatibility */
1195 #define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
1196 #define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
1197 /* ASCII: "client write key", in hex for EBCDIC compatibility */
1198 #define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1199 #define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
1200 /* ASCII: "server write key", in hex for EBCDIC compatibility */
1201 #define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1202 #define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
1203 /* ASCII: "IV block", in hex for EBCDIC compatibility */
1204 #define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
1205 #define TLS_MD_IV_BLOCK_CONST_SIZE 8
1206 /* ASCII: "master secret", in hex for EBCDIC compatibility */
1207 #define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
1208 #define TLS_MD_MASTER_SECRET_CONST_SIZE 13
1209 /* ASCII: "extended master secret", in hex for EBCDIC compatibility */
1210 #define TLS_MD_EXTENDED_MASTER_SECRET_CONST "\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
1211 #define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22
1212
1213 /* TLS Session Ticket extension struct */
1214 struct tls_session_ticket_ext_st {
1215     unsigned short length;
1216     void *data;
1217 };
1218
1219 #ifdef __cplusplus
1220 }
1221 #endif
1222 #endif