Back to home page

EIC code displayed by LXR
 
 

    

File indexing completed on 2025-01-18 10:05:51 

0001 /*
0002  * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
0003  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
0004  * Copyright 2005 Nokia. All rights reserved.
0005  *
0006  * Licensed under the Apache License 2.0 (the "License").  You may not use
0007  * this file except in compliance with the License.  You can obtain a copy
0008  * in the file LICENSE in the source distribution or at
0009  * https://www.openssl.org/source/license.html
0010  */
0011 
0012 #ifndef OPENSSL_TLS1_H
0013 # define OPENSSL_TLS1_H
0014 # pragma once
0015 
0016 # include <openssl/macros.h>
0017 # ifndef OPENSSL_NO_DEPRECATED_3_0
0018 #  define HEADER_TLS1_H
0019 # endif
0020 
0021 # include <openssl/buffer.h>
0022 # include <openssl/x509.h>
0023 # include <openssl/prov_ssl.h>
0024 
0025 #ifdef  __cplusplus
0026 extern "C" {
0027 #endif
0028 
0029 /* Default security level if not overridden at config time */
0030 # ifndef OPENSSL_TLS_SECURITY_LEVEL
0031 #  define OPENSSL_TLS_SECURITY_LEVEL 2
0032 # endif
0033 
0034 /* TLS*_VERSION constants are defined in prov_ssl.h */
0035 # ifndef OPENSSL_NO_DEPRECATED_3_0
0036 #  define TLS_MAX_VERSION                TLS1_3_VERSION
0037 # endif
0038 
0039 /* Special value for method supporting multiple versions */
0040 # define TLS_ANY_VERSION                 0x10000
0041 
0042 # define TLS1_VERSION_MAJOR              0x03
0043 # define TLS1_VERSION_MINOR              0x01
0044 
0045 # define TLS1_1_VERSION_MAJOR            0x03
0046 # define TLS1_1_VERSION_MINOR            0x02
0047 
0048 # define TLS1_2_VERSION_MAJOR            0x03
0049 # define TLS1_2_VERSION_MINOR            0x03
0050 
0051 # define TLS1_get_version(s) \
0052         ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
0053 
0054 # define TLS1_get_client_version(s) \
0055         ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
0056 
0057 # define TLS1_AD_DECRYPTION_FAILED       21
0058 # define TLS1_AD_RECORD_OVERFLOW         22
0059 # define TLS1_AD_UNKNOWN_CA              48/* fatal */
0060 # define TLS1_AD_ACCESS_DENIED           49/* fatal */
0061 # define TLS1_AD_DECODE_ERROR            50/* fatal */
0062 # define TLS1_AD_DECRYPT_ERROR           51
0063 # define TLS1_AD_EXPORT_RESTRICTION      60/* fatal */
0064 # define TLS1_AD_PROTOCOL_VERSION        70/* fatal */
0065 # define TLS1_AD_INSUFFICIENT_SECURITY   71/* fatal */
0066 # define TLS1_AD_INTERNAL_ERROR          80/* fatal */
0067 # define TLS1_AD_INAPPROPRIATE_FALLBACK  86/* fatal */
0068 # define TLS1_AD_USER_CANCELLED          90
0069 # define TLS1_AD_NO_RENEGOTIATION        100
0070 /* TLSv1.3 alerts */
0071 # define TLS13_AD_MISSING_EXTENSION      109 /* fatal */
0072 # define TLS13_AD_CERTIFICATE_REQUIRED   116 /* fatal */
0073 /* codes 110-114 are from RFC3546 */
0074 # define TLS1_AD_UNSUPPORTED_EXTENSION   110
0075 # define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
0076 # define TLS1_AD_UNRECOGNIZED_NAME       112
0077 # define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
0078 # define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
0079 # define TLS1_AD_UNKNOWN_PSK_IDENTITY    115/* fatal */
0080 # define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
0081 
0082 /* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
0083 # define TLSEXT_TYPE_server_name                 0
0084 # define TLSEXT_TYPE_max_fragment_length         1
0085 # define TLSEXT_TYPE_client_certificate_url      2
0086 # define TLSEXT_TYPE_trusted_ca_keys             3
0087 # define TLSEXT_TYPE_truncated_hmac              4
0088 # define TLSEXT_TYPE_status_request              5
0089 /* ExtensionType values from RFC4681 */
0090 # define TLSEXT_TYPE_user_mapping                6
0091 /* ExtensionType values from RFC5878 */
0092 # define TLSEXT_TYPE_client_authz                7
0093 # define TLSEXT_TYPE_server_authz                8
0094 /* ExtensionType values from RFC6091 */
0095 # define TLSEXT_TYPE_cert_type           9
0096 
0097 /* ExtensionType values from RFC4492 */
0098 /*
0099  * Prior to TLSv1.3 the supported_groups extension was known as
0100  * elliptic_curves
0101  */
0102 # define TLSEXT_TYPE_supported_groups            10
0103 # define TLSEXT_TYPE_elliptic_curves             TLSEXT_TYPE_supported_groups
0104 # define TLSEXT_TYPE_ec_point_formats            11
0105 
0106 
0107 /* ExtensionType value from RFC5054 */
0108 # define TLSEXT_TYPE_srp                         12
0109 
0110 /* ExtensionType values from RFC5246 */
0111 # define TLSEXT_TYPE_signature_algorithms        13
0112 
0113 /* ExtensionType value from RFC5764 */
0114 # define TLSEXT_TYPE_use_srtp    14
0115 
0116 /* ExtensionType value from RFC7301 */
0117 # define TLSEXT_TYPE_application_layer_protocol_negotiation 16
0118 
0119 /*
0120  * Extension type for Certificate Transparency
0121  * https://tools.ietf.org/html/rfc6962#section-3.3.1
0122  */
0123 # define TLSEXT_TYPE_signed_certificate_timestamp    18
0124 
0125 /*
0126  * Extension type for Raw Public Keys
0127  * https://tools.ietf.org/html/rfc7250
0128  * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
0129  */
0130 # define TLSEXT_TYPE_client_cert_type   19
0131 # define TLSEXT_TYPE_server_cert_type   20
0132 
0133 /*
0134  * ExtensionType value for TLS padding extension.
0135  * http://tools.ietf.org/html/draft-agl-tls-padding
0136  */
0137 # define TLSEXT_TYPE_padding     21
0138 
0139 /* ExtensionType value from RFC7366 */
0140 # define TLSEXT_TYPE_encrypt_then_mac    22
0141 
0142 /* ExtensionType value from RFC7627 */
0143 # define TLSEXT_TYPE_extended_master_secret      23
0144 
0145 /* ExtensionType value from RFC8879 */
0146 # define TLSEXT_TYPE_compress_certificate        27
0147 
0148 /* ExtensionType value from RFC4507 */
0149 # define TLSEXT_TYPE_session_ticket              35
0150 
0151 /* As defined for TLS1.3 */
0152 # define TLSEXT_TYPE_psk                         41
0153 # define TLSEXT_TYPE_early_data                  42
0154 # define TLSEXT_TYPE_supported_versions          43
0155 # define TLSEXT_TYPE_cookie                      44
0156 # define TLSEXT_TYPE_psk_kex_modes               45
0157 # define TLSEXT_TYPE_certificate_authorities     47
0158 # define TLSEXT_TYPE_post_handshake_auth         49
0159 # define TLSEXT_TYPE_signature_algorithms_cert   50
0160 # define TLSEXT_TYPE_key_share                   51
0161 # define TLSEXT_TYPE_quic_transport_parameters   57
0162 
0163 /* Temporary extension type */
0164 # define TLSEXT_TYPE_renegotiate                 0xff01
0165 
0166 # ifndef OPENSSL_NO_NEXTPROTONEG
0167 /* This is not an IANA defined extension number */
0168 #  define TLSEXT_TYPE_next_proto_neg              13172
0169 # endif
0170 
0171 /* NameType value from RFC3546 */
0172 # define TLSEXT_NAMETYPE_host_name 0
0173 /* status request value from RFC3546 */
0174 # define TLSEXT_STATUSTYPE_ocsp 1
0175 
0176 /* ECPointFormat values from RFC4492 */
0177 # define TLSEXT_ECPOINTFORMAT_first                      0
0178 # define TLSEXT_ECPOINTFORMAT_uncompressed               0
0179 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime  1
0180 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2  2
0181 # define TLSEXT_ECPOINTFORMAT_last                       2
0182 
0183 /* Signature and hash algorithms from RFC5246 */
0184 # define TLSEXT_signature_anonymous                      0
0185 # define TLSEXT_signature_rsa                            1
0186 # define TLSEXT_signature_dsa                            2
0187 # define TLSEXT_signature_ecdsa                          3
0188 # define TLSEXT_signature_gostr34102001                  237
0189 # define TLSEXT_signature_gostr34102012_256              238
0190 # define TLSEXT_signature_gostr34102012_512              239
0191 
0192 /* Total number of different signature algorithms */
0193 # define TLSEXT_signature_num                            7
0194 
0195 # define TLSEXT_hash_none                                0
0196 # define TLSEXT_hash_md5                                 1
0197 # define TLSEXT_hash_sha1                                2
0198 # define TLSEXT_hash_sha224                              3
0199 # define TLSEXT_hash_sha256                              4
0200 # define TLSEXT_hash_sha384                              5
0201 # define TLSEXT_hash_sha512                              6
0202 # define TLSEXT_hash_gostr3411                           237
0203 # define TLSEXT_hash_gostr34112012_256                   238
0204 # define TLSEXT_hash_gostr34112012_512                   239
0205 
0206 /* Total number of different digest algorithms */
0207 
0208 # define TLSEXT_hash_num                                 10
0209 
0210 /* Possible compression values from RFC8879 */
0211 /* Not defined in RFC8879, but used internally for no-compression */
0212 # define TLSEXT_comp_cert_none                            0
0213 # define TLSEXT_comp_cert_zlib                            1
0214 # define TLSEXT_comp_cert_brotli                          2
0215 # define TLSEXT_comp_cert_zstd                            3
0216 /* one more than the number of defined values - used as size of 0-terminated array */
0217 # define TLSEXT_comp_cert_limit                           4
0218 
0219 /* Flag set for unrecognised algorithms */
0220 # define TLSEXT_nid_unknown                              0x1000000
0221 
0222 /* ECC curves */
0223 
0224 # define TLSEXT_curve_P_256                              23
0225 # define TLSEXT_curve_P_384                              24
0226 
0227 /* OpenSSL value to disable maximum fragment length extension */
0228 # define TLSEXT_max_fragment_length_DISABLED    0
0229 /* Allowed values for max fragment length extension */
0230 # define TLSEXT_max_fragment_length_512         1
0231 # define TLSEXT_max_fragment_length_1024        2
0232 # define TLSEXT_max_fragment_length_2048        3
0233 # define TLSEXT_max_fragment_length_4096        4
0234 /* OpenSSL value for unset maximum fragment length extension */
0235 # define TLSEXT_max_fragment_length_UNSPECIFIED 255
0236 
0237 /*
0238  * TLS Certificate Type (for RFC7250)
0239  * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3
0240  */
0241 # define TLSEXT_cert_type_x509         0
0242 # define TLSEXT_cert_type_pgp          1 /* recognized, but not supported */
0243 # define TLSEXT_cert_type_rpk          2
0244 # define TLSEXT_cert_type_1609dot2     3 /* recognized, but not supported */
0245 
0246 int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
0247 int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
0248 
0249 # define TLSEXT_MAXLEN_host_name 255
0250 
0251 __owur const char *SSL_get_servername(const SSL *s, const int type);
0252 __owur int SSL_get_servername_type(const SSL *s);
0253 /*
0254  * SSL_export_keying_material exports a value derived from the master secret,
0255  * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
0256  * optional context. (Since a zero length context is allowed, the |use_context|
0257  * flag controls whether a context is included.) It returns 1 on success and
0258  * 0 or -1 otherwise.
0259  */
0260 __owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
0261                                       const char *label, size_t llen,
0262                                       const unsigned char *context,
0263                                       size_t contextlen, int use_context);
0264 
0265 /*
0266  * SSL_export_keying_material_early exports a value derived from the
0267  * early exporter master secret, as specified in
0268  * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
0269  * |olen| bytes to |out| given a label and optional context. It
0270  * returns 1 on success and 0 otherwise.
0271  */
0272 __owur int SSL_export_keying_material_early(SSL *s, unsigned char *out,
0273                                             size_t olen, const char *label,
0274                                             size_t llen,
0275                                             const unsigned char *context,
0276                                             size_t contextlen);
0277 
0278 int SSL_get_peer_signature_type_nid(const SSL *s, int *pnid);
0279 int SSL_get_signature_type_nid(const SSL *s, int *pnid);
0280 
0281 int SSL_get_sigalgs(SSL *s, int idx,
0282                     int *psign, int *phash, int *psignandhash,
0283                     unsigned char *rsig, unsigned char *rhash);
0284 
0285 char *SSL_get1_builtin_sigalgs(OSSL_LIB_CTX *libctx);
0286 
0287 int SSL_get_shared_sigalgs(SSL *s, int idx,
0288                            int *psign, int *phash, int *psignandhash,
0289                            unsigned char *rsig, unsigned char *rhash);
0290 
0291 __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
0292 
0293 # define SSL_set_tlsext_host_name(s,name) \
0294         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,\
0295                 (void *)name)
0296 
0297 # define SSL_set_tlsext_debug_callback(ssl, cb) \
0298         SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
0299                 (void (*)(void))cb)
0300 
0301 # define SSL_set_tlsext_debug_arg(ssl, arg) \
0302         SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
0303 
0304 # define SSL_get_tlsext_status_type(ssl) \
0305         SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
0306 
0307 # define SSL_set_tlsext_status_type(ssl, type) \
0308         SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
0309 
0310 # define SSL_get_tlsext_status_exts(ssl, arg) \
0311         SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
0312 
0313 # define SSL_set_tlsext_status_exts(ssl, arg) \
0314         SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
0315 
0316 # define SSL_get_tlsext_status_ids(ssl, arg) \
0317         SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
0318 
0319 # define SSL_set_tlsext_status_ids(ssl, arg) \
0320         SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
0321 
0322 # define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
0323         SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
0324 
0325 # define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
0326         SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
0327 
0328 # define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
0329         SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
0330                 (void (*)(void))cb)
0331 
0332 # define SSL_TLSEXT_ERR_OK 0
0333 # define SSL_TLSEXT_ERR_ALERT_WARNING 1
0334 # define SSL_TLSEXT_ERR_ALERT_FATAL 2
0335 # define SSL_TLSEXT_ERR_NOACK 3
0336 
0337 # define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
0338         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
0339 
0340 # define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
0341         SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
0342 # define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
0343         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
0344 
0345 # define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
0346         SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
0347 # define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
0348         SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
0349                 (void (*)(void))cb)
0350 
0351 # define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
0352         SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
0353 # define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
0354         SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
0355 
0356 # define SSL_CTX_set_tlsext_status_type(ssl, type) \
0357         SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
0358 
0359 # define SSL_CTX_get_tlsext_status_type(ssl) \
0360         SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
0361 
0362 # ifndef OPENSSL_NO_DEPRECATED_3_0
0363 #  define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
0364         SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
0365                 (void (*)(void))cb)
0366 # endif
0367 int SSL_CTX_set_tlsext_ticket_key_evp_cb
0368     (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
0369                              EVP_CIPHER_CTX *, EVP_MAC_CTX *, int));
0370 
0371 /* PSK ciphersuites from 4279 */
0372 # define TLS1_CK_PSK_WITH_RC4_128_SHA                    0x0300008A
0373 # define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA               0x0300008B
0374 # define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
0375 # define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
0376 # define TLS1_CK_DHE_PSK_WITH_RC4_128_SHA                0x0300008E
0377 # define TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA           0x0300008F
0378 # define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA            0x03000090
0379 # define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA            0x03000091
0380 # define TLS1_CK_RSA_PSK_WITH_RC4_128_SHA                0x03000092
0381 # define TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA           0x03000093
0382 # define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA            0x03000094
0383 # define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA            0x03000095
0384 
0385 /* PSK ciphersuites from 5487 */
0386 # define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256             0x030000A8
0387 # define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384             0x030000A9
0388 # define TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256         0x030000AA
0389 # define TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384         0x030000AB
0390 # define TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256         0x030000AC
0391 # define TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384         0x030000AD
0392 # define TLS1_CK_PSK_WITH_AES_128_CBC_SHA256             0x030000AE
0393 # define TLS1_CK_PSK_WITH_AES_256_CBC_SHA384             0x030000AF
0394 # define TLS1_CK_PSK_WITH_NULL_SHA256                    0x030000B0
0395 # define TLS1_CK_PSK_WITH_NULL_SHA384                    0x030000B1
0396 # define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256         0x030000B2
0397 # define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384         0x030000B3
0398 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA256                0x030000B4
0399 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA384                0x030000B5
0400 # define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256         0x030000B6
0401 # define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384         0x030000B7
0402 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA256                0x030000B8
0403 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA384                0x030000B9
0404 
0405 /* NULL PSK ciphersuites from RFC4785 */
0406 # define TLS1_CK_PSK_WITH_NULL_SHA                       0x0300002C
0407 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA                   0x0300002D
0408 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA                   0x0300002E
0409 
0410 /* AES ciphersuites from RFC3268 */
0411 # define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
0412 # define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
0413 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
0414 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
0415 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
0416 # define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
0417 # define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
0418 # define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
0419 # define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
0420 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
0421 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
0422 # define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
0423 
0424 /* TLS v1.2 ciphersuites */
0425 # define TLS1_CK_RSA_WITH_NULL_SHA256                    0x0300003B
0426 # define TLS1_CK_RSA_WITH_AES_128_SHA256                 0x0300003C
0427 # define TLS1_CK_RSA_WITH_AES_256_SHA256                 0x0300003D
0428 # define TLS1_CK_DH_DSS_WITH_AES_128_SHA256              0x0300003E
0429 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA256              0x0300003F
0430 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256             0x03000040
0431 
0432 /* Camellia ciphersuites from RFC4132 */
0433 # define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA           0x03000041
0434 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA        0x03000042
0435 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA        0x03000043
0436 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA       0x03000044
0437 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA       0x03000045
0438 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA           0x03000046
0439 
0440 /* TLS v1.2 ciphersuites */
0441 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256             0x03000067
0442 # define TLS1_CK_DH_DSS_WITH_AES_256_SHA256              0x03000068
0443 # define TLS1_CK_DH_RSA_WITH_AES_256_SHA256              0x03000069
0444 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256             0x0300006A
0445 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256             0x0300006B
0446 # define TLS1_CK_ADH_WITH_AES_128_SHA256                 0x0300006C
0447 # define TLS1_CK_ADH_WITH_AES_256_SHA256                 0x0300006D
0448 
0449 /* Camellia ciphersuites from RFC4132 */
0450 # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA           0x03000084
0451 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085
0452 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086
0453 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA       0x03000087
0454 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA       0x03000088
0455 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA           0x03000089
0456 
0457 /* SEED ciphersuites from RFC4162 */
0458 # define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
0459 # define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
0460 # define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
0461 # define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
0462 # define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
0463 # define TLS1_CK_ADH_WITH_SEED_SHA                       0x0300009B
0464 
0465 /* TLS v1.2 GCM ciphersuites from RFC5288 */
0466 # define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256             0x0300009C
0467 # define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384             0x0300009D
0468 # define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256         0x0300009E
0469 # define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384         0x0300009F
0470 # define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256          0x030000A0
0471 # define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384          0x030000A1
0472 # define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256         0x030000A2
0473 # define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384         0x030000A3
0474 # define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256          0x030000A4
0475 # define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384          0x030000A5
0476 # define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
0477 # define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
0478 
0479 /* CCM ciphersuites from RFC6655 */
0480 # define TLS1_CK_RSA_WITH_AES_128_CCM                    0x0300C09C
0481 # define TLS1_CK_RSA_WITH_AES_256_CCM                    0x0300C09D
0482 # define TLS1_CK_DHE_RSA_WITH_AES_128_CCM                0x0300C09E
0483 # define TLS1_CK_DHE_RSA_WITH_AES_256_CCM                0x0300C09F
0484 # define TLS1_CK_RSA_WITH_AES_128_CCM_8                  0x0300C0A0
0485 # define TLS1_CK_RSA_WITH_AES_256_CCM_8                  0x0300C0A1
0486 # define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8              0x0300C0A2
0487 # define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8              0x0300C0A3
0488 # define TLS1_CK_PSK_WITH_AES_128_CCM                    0x0300C0A4
0489 # define TLS1_CK_PSK_WITH_AES_256_CCM                    0x0300C0A5
0490 # define TLS1_CK_DHE_PSK_WITH_AES_128_CCM                0x0300C0A6
0491 # define TLS1_CK_DHE_PSK_WITH_AES_256_CCM                0x0300C0A7
0492 # define TLS1_CK_PSK_WITH_AES_128_CCM_8                  0x0300C0A8
0493 # define TLS1_CK_PSK_WITH_AES_256_CCM_8                  0x0300C0A9
0494 # define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8              0x0300C0AA
0495 # define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8              0x0300C0AB
0496 
0497 /* CCM ciphersuites from RFC7251 */
0498 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM            0x0300C0AC
0499 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM            0x0300C0AD
0500 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8          0x0300C0AE
0501 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8          0x0300C0AF
0502 
0503 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
0504 # define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256                0x030000BA
0505 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256             0x030000BB
0506 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256             0x030000BC
0507 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256            0x030000BD
0508 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256            0x030000BE
0509 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256                0x030000BF
0510 
0511 # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256                0x030000C0
0512 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256             0x030000C1
0513 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256             0x030000C2
0514 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256            0x030000C3
0515 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256            0x030000C4
0516 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256                0x030000C5
0517 
0518 /* ECC ciphersuites from RFC4492 */
0519 # define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
0520 # define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
0521 # define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
0522 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
0523 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
0524 
0525 # define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
0526 # define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
0527 # define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
0528 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
0529 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
0530 
0531 # define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
0532 # define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
0533 # define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
0534 # define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
0535 # define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
0536 
0537 # define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
0538 # define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
0539 # define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
0540 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
0541 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
0542 
0543 # define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
0544 # define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
0545 # define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
0546 # define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
0547 # define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
0548 
0549 /* SRP ciphersuites from RFC 5054 */
0550 # define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA           0x0300C01A
0551 # define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA       0x0300C01B
0552 # define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA       0x0300C01C
0553 # define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA            0x0300C01D
0554 # define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA        0x0300C01E
0555 # define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA        0x0300C01F
0556 # define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA            0x0300C020
0557 # define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA        0x0300C021
0558 # define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA        0x0300C022
0559 
0560 /* ECDH HMAC based ciphersuites from RFC5289 */
0561 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256         0x0300C023
0562 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384         0x0300C024
0563 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256          0x0300C025
0564 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384          0x0300C026
0565 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256           0x0300C027
0566 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384           0x0300C028
0567 # define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256            0x0300C029
0568 # define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384            0x0300C02A
0569 
0570 /* ECDH GCM based ciphersuites from RFC5289 */
0571 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256     0x0300C02B
0572 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384     0x0300C02C
0573 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256      0x0300C02D
0574 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384      0x0300C02E
0575 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256       0x0300C02F
0576 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384       0x0300C030
0577 # define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
0578 # define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
0579 
0580 /* ECDHE PSK ciphersuites from RFC5489 */
0581 # define TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA              0x0300C033
0582 # define TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA         0x0300C034
0583 # define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA          0x0300C035
0584 # define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA          0x0300C036
0585 
0586 # define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256       0x0300C037
0587 # define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384       0x0300C038
0588 
0589 /* NULL PSK ciphersuites from RFC4785 */
0590 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA                 0x0300C039
0591 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256              0x0300C03A
0592 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384              0x0300C03B
0593 
0594 /* Camellia-CBC ciphersuites from RFC6367 */
0595 # define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
0596 # define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
0597 # define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  0x0300C074
0598 # define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  0x0300C075
0599 # define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0x0300C076
0600 # define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0x0300C077
0601 # define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    0x0300C078
0602 # define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    0x0300C079
0603 
0604 # define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256         0x0300C094
0605 # define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384         0x0300C095
0606 # define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256     0x0300C096
0607 # define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384     0x0300C097
0608 # define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256     0x0300C098
0609 # define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384     0x0300C099
0610 # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   0x0300C09A
0611 # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   0x0300C09B
0612 
0613 /* draft-ietf-tls-chacha20-poly1305-03 */
0614 # define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305         0x0300CCA8
0615 # define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305       0x0300CCA9
0616 # define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305           0x0300CCAA
0617 # define TLS1_CK_PSK_WITH_CHACHA20_POLY1305               0x0300CCAB
0618 # define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305         0x0300CCAC
0619 # define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305           0x0300CCAD
0620 # define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305           0x0300CCAE
0621 
0622 /* TLS v1.3 ciphersuites */
0623 # define TLS1_3_CK_AES_128_GCM_SHA256                     0x03001301
0624 # define TLS1_3_CK_AES_256_GCM_SHA384                     0x03001302
0625 # define TLS1_3_CK_CHACHA20_POLY1305_SHA256               0x03001303
0626 # define TLS1_3_CK_AES_128_CCM_SHA256                     0x03001304
0627 # define TLS1_3_CK_AES_128_CCM_8_SHA256                   0x03001305
0628 
0629 /* Integrity-only ciphersuites from RFC 9150 */
0630 # define TLS1_3_CK_SHA256_SHA256                          0x0300C0B4
0631 # define TLS1_3_CK_SHA384_SHA384                          0x0300C0B5
0632 
0633 /* Aria ciphersuites from RFC6209 */
0634 # define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256             0x0300C050
0635 # define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384             0x0300C051
0636 # define TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256         0x0300C052
0637 # define TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384         0x0300C053
0638 # define TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256          0x0300C054
0639 # define TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384          0x0300C055
0640 # define TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256         0x0300C056
0641 # define TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384         0x0300C057
0642 # define TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256          0x0300C058
0643 # define TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384          0x0300C059
0644 # define TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256         0x0300C05A
0645 # define TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384         0x0300C05B
0646 # define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256     0x0300C05C
0647 # define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384     0x0300C05D
0648 # define TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256      0x0300C05E
0649 # define TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384      0x0300C05F
0650 # define TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256       0x0300C060
0651 # define TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384       0x0300C061
0652 # define TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256        0x0300C062
0653 # define TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384        0x0300C063
0654 # define TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256             0x0300C06A
0655 # define TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384             0x0300C06B
0656 # define TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256         0x0300C06C
0657 # define TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384         0x0300C06D
0658 # define TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256         0x0300C06E
0659 # define TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384         0x0300C06F
0660 
0661 /* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
0662 # define TLS1_RFC_RSA_WITH_AES_128_SHA                   "TLS_RSA_WITH_AES_128_CBC_SHA"
0663 # define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA               "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
0664 # define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA               "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
0665 # define TLS1_RFC_ADH_WITH_AES_128_SHA                   "TLS_DH_anon_WITH_AES_128_CBC_SHA"
0666 # define TLS1_RFC_RSA_WITH_AES_256_SHA                   "TLS_RSA_WITH_AES_256_CBC_SHA"
0667 # define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA               "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
0668 # define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA               "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
0669 # define TLS1_RFC_ADH_WITH_AES_256_SHA                   "TLS_DH_anon_WITH_AES_256_CBC_SHA"
0670 # define TLS1_RFC_RSA_WITH_NULL_SHA256                   "TLS_RSA_WITH_NULL_SHA256"
0671 # define TLS1_RFC_RSA_WITH_AES_128_SHA256                "TLS_RSA_WITH_AES_128_CBC_SHA256"
0672 # define TLS1_RFC_RSA_WITH_AES_256_SHA256                "TLS_RSA_WITH_AES_256_CBC_SHA256"
0673 # define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
0674 # define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
0675 # define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
0676 # define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
0677 # define TLS1_RFC_ADH_WITH_AES_128_SHA256                "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
0678 # define TLS1_RFC_ADH_WITH_AES_256_SHA256                "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
0679 # define TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256            "TLS_RSA_WITH_AES_128_GCM_SHA256"
0680 # define TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384            "TLS_RSA_WITH_AES_256_GCM_SHA384"
0681 # define TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
0682 # define TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384        "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
0683 # define TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"
0684 # define TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384        "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"
0685 # define TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256            "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
0686 # define TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384            "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
0687 # define TLS1_RFC_RSA_WITH_AES_128_CCM                   "TLS_RSA_WITH_AES_128_CCM"
0688 # define TLS1_RFC_RSA_WITH_AES_256_CCM                   "TLS_RSA_WITH_AES_256_CCM"
0689 # define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM               "TLS_DHE_RSA_WITH_AES_128_CCM"
0690 # define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM               "TLS_DHE_RSA_WITH_AES_256_CCM"
0691 # define TLS1_RFC_RSA_WITH_AES_128_CCM_8                 "TLS_RSA_WITH_AES_128_CCM_8"
0692 # define TLS1_RFC_RSA_WITH_AES_256_CCM_8                 "TLS_RSA_WITH_AES_256_CCM_8"
0693 # define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8             "TLS_DHE_RSA_WITH_AES_128_CCM_8"
0694 # define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8             "TLS_DHE_RSA_WITH_AES_256_CCM_8"
0695 # define TLS1_RFC_PSK_WITH_AES_128_CCM                   "TLS_PSK_WITH_AES_128_CCM"
0696 # define TLS1_RFC_PSK_WITH_AES_256_CCM                   "TLS_PSK_WITH_AES_256_CCM"
0697 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM               "TLS_DHE_PSK_WITH_AES_128_CCM"
0698 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM               "TLS_DHE_PSK_WITH_AES_256_CCM"
0699 # define TLS1_RFC_PSK_WITH_AES_128_CCM_8                 "TLS_PSK_WITH_AES_128_CCM_8"
0700 # define TLS1_RFC_PSK_WITH_AES_256_CCM_8                 "TLS_PSK_WITH_AES_256_CCM_8"
0701 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8             "TLS_PSK_DHE_WITH_AES_128_CCM_8"
0702 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8             "TLS_PSK_DHE_WITH_AES_256_CCM_8"
0703 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM           "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"
0704 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM           "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"
0705 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8         "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"
0706 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8         "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"
0707 # define TLS1_3_RFC_AES_128_GCM_SHA256                   "TLS_AES_128_GCM_SHA256"
0708 # define TLS1_3_RFC_AES_256_GCM_SHA384                   "TLS_AES_256_GCM_SHA384"
0709 # define TLS1_3_RFC_CHACHA20_POLY1305_SHA256             "TLS_CHACHA20_POLY1305_SHA256"
0710 # define TLS1_3_RFC_SHA256_SHA256                        "TLS_SHA256_SHA256"
0711 # define TLS1_3_RFC_SHA384_SHA384                        "TLS_SHA384_SHA384"
0712 # define TLS1_3_RFC_AES_128_CCM_SHA256                   "TLS_AES_128_CCM_SHA256"
0713 # define TLS1_3_RFC_AES_128_CCM_8_SHA256                 "TLS_AES_128_CCM_8_SHA256"
0714 # define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA              "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
0715 # define TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
0716 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
0717 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
0718 # define TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA                "TLS_ECDHE_RSA_WITH_NULL_SHA"
0719 # define TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
0720 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
0721 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA         "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
0722 # define TLS1_RFC_ECDH_anon_WITH_NULL_SHA                "TLS_ECDH_anon_WITH_NULL_SHA"
0723 # define TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA        "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
0724 # define TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA         "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
0725 # define TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA         "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
0726 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
0727 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
0728 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256          "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
0729 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384          "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
0730 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
0731 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
0732 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
0733 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
0734 # define TLS1_RFC_PSK_WITH_NULL_SHA                      "TLS_PSK_WITH_NULL_SHA"
0735 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA                  "TLS_DHE_PSK_WITH_NULL_SHA"
0736 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA                  "TLS_RSA_PSK_WITH_NULL_SHA"
0737 # define TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA              "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
0738 # define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA               "TLS_PSK_WITH_AES_128_CBC_SHA"
0739 # define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA               "TLS_PSK_WITH_AES_256_CBC_SHA"
0740 # define TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA          "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
0741 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA           "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
0742 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA           "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
0743 # define TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA          "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
0744 # define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA           "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
0745 # define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA           "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
0746 # define TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256            "TLS_PSK_WITH_AES_128_GCM_SHA256"
0747 # define TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384            "TLS_PSK_WITH_AES_256_GCM_SHA384"
0748 # define TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256        "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"
0749 # define TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384        "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"
0750 # define TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256        "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
0751 # define TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384        "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
0752 # define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256            "TLS_PSK_WITH_AES_128_CBC_SHA256"
0753 # define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384            "TLS_PSK_WITH_AES_256_CBC_SHA384"
0754 # define TLS1_RFC_PSK_WITH_NULL_SHA256                   "TLS_PSK_WITH_NULL_SHA256"
0755 # define TLS1_RFC_PSK_WITH_NULL_SHA384                   "TLS_PSK_WITH_NULL_SHA384"
0756 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256        "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
0757 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384        "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
0758 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA256               "TLS_DHE_PSK_WITH_NULL_SHA256"
0759 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA384               "TLS_DHE_PSK_WITH_NULL_SHA384"
0760 # define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256        "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
0761 # define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384        "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
0762 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA256               "TLS_RSA_PSK_WITH_NULL_SHA256"
0763 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA384               "TLS_RSA_PSK_WITH_NULL_SHA384"
0764 # define TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA        "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
0765 # define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA         "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
0766 # define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA         "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
0767 # define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256      "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
0768 # define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384      "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
0769 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA                "TLS_ECDHE_PSK_WITH_NULL_SHA"
0770 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256             "TLS_ECDHE_PSK_WITH_NULL_SHA256"
0771 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384             "TLS_ECDHE_PSK_WITH_NULL_SHA384"
0772 # define TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA          "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
0773 # define TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA      "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
0774 # define TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA      "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
0775 # define TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA           "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
0776 # define TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA       "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
0777 # define TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA       "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
0778 # define TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA           "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
0779 # define TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA       "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
0780 # define TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA       "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
0781 # define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305         "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
0782 # define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305       "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
0783 # define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305     "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
0784 # define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305             "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
0785 # define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305       "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
0786 # define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305         "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
0787 # define TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305         "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
0788 # define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256       "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0789 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256   "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
0790 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0791 # define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256       "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
0792 # define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256       "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
0793 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256   "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
0794 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256   "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
0795 # define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256       "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
0796 # define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA          "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
0797 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA      "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
0798 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
0799 # define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA          "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
0800 # define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA          "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
0801 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA      "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
0802 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA      "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
0803 # define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA          "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
0804 # define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
0805 # define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
0806 # define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
0807 # define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
0808 # define TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256       "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0809 # define TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384       "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0810 # define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0811 # define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0812 # define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256   "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0813 # define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384   "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0814 # define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
0815 # define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
0816 # define TLS1_RFC_RSA_WITH_SEED_SHA                      "TLS_RSA_WITH_SEED_CBC_SHA"
0817 # define TLS1_RFC_DHE_DSS_WITH_SEED_SHA                  "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
0818 # define TLS1_RFC_DHE_RSA_WITH_SEED_SHA                  "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
0819 # define TLS1_RFC_ADH_WITH_SEED_SHA                      "TLS_DH_anon_WITH_SEED_CBC_SHA"
0820 # define TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA             "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
0821 # define TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA             "TLS_ECDH_anon_WITH_RC4_128_SHA"
0822 # define TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA           "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
0823 # define TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA             "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
0824 # define TLS1_RFC_PSK_WITH_RC4_128_SHA                   "TLS_PSK_WITH_RC4_128_SHA"
0825 # define TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA               "TLS_RSA_PSK_WITH_RC4_128_SHA"
0826 # define TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA               "TLS_DHE_PSK_WITH_RC4_128_SHA"
0827 # define TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256           "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
0828 # define TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384           "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
0829 # define TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256       "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"
0830 # define TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384       "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"
0831 # define TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256        "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
0832 # define TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384        "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
0833 # define TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256       "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"
0834 # define TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384       "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"
0835 # define TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256        "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
0836 # define TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384        "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
0837 # define TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256       "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
0838 # define TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384       "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
0839 # define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256   "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"
0840 # define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384   "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"
0841 # define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256    "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
0842 # define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384    "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
0843 # define TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256     "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"
0844 # define TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384     "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"
0845 # define TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256      "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
0846 # define TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384      "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
0847 # define TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256           "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
0848 # define TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384           "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
0849 # define TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256       "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"
0850 # define TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384       "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"
0851 # define TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256       "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
0852 # define TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384       "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
0853 
0854 
0855 /*
0856  * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
0857  * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
0858  * using DHE everywhere, though we may indefinitely maintain aliases for
0859  * users or configurations that used "EDH"
0860  */
0861 # define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA               "DHE-DSS-RC4-SHA"
0862 
0863 # define TLS1_TXT_PSK_WITH_NULL_SHA                      "PSK-NULL-SHA"
0864 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA                  "DHE-PSK-NULL-SHA"
0865 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA                  "RSA-PSK-NULL-SHA"
0866 
0867 /* AES ciphersuites from RFC3268 */
0868 # define TLS1_TXT_RSA_WITH_AES_128_SHA                   "AES128-SHA"
0869 # define TLS1_TXT_DH_DSS_WITH_AES_128_SHA                "DH-DSS-AES128-SHA"
0870 # define TLS1_TXT_DH_RSA_WITH_AES_128_SHA                "DH-RSA-AES128-SHA"
0871 # define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA               "DHE-DSS-AES128-SHA"
0872 # define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA               "DHE-RSA-AES128-SHA"
0873 # define TLS1_TXT_ADH_WITH_AES_128_SHA                   "ADH-AES128-SHA"
0874 
0875 # define TLS1_TXT_RSA_WITH_AES_256_SHA                   "AES256-SHA"
0876 # define TLS1_TXT_DH_DSS_WITH_AES_256_SHA                "DH-DSS-AES256-SHA"
0877 # define TLS1_TXT_DH_RSA_WITH_AES_256_SHA                "DH-RSA-AES256-SHA"
0878 # define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA               "DHE-DSS-AES256-SHA"
0879 # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
0880 # define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
0881 
0882 /* ECC ciphersuites from RFC4492 */
0883 # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
0884 # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
0885 # define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
0886 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
0887 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
0888 
0889 # define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
0890 # define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
0891 # define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
0892 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
0893 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
0894 
0895 # define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
0896 # define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
0897 # define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
0898 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
0899 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
0900 
0901 # define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
0902 # define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
0903 # define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
0904 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
0905 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
0906 
0907 # define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
0908 # define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
0909 # define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
0910 # define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
0911 # define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
0912 
0913 /* PSK ciphersuites from RFC 4279 */
0914 # define TLS1_TXT_PSK_WITH_RC4_128_SHA                   "PSK-RC4-SHA"
0915 # define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA              "PSK-3DES-EDE-CBC-SHA"
0916 # define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA               "PSK-AES128-CBC-SHA"
0917 # define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA               "PSK-AES256-CBC-SHA"
0918 
0919 # define TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA               "DHE-PSK-RC4-SHA"
0920 # define TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA          "DHE-PSK-3DES-EDE-CBC-SHA"
0921 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA           "DHE-PSK-AES128-CBC-SHA"
0922 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA           "DHE-PSK-AES256-CBC-SHA"
0923 # define TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA               "RSA-PSK-RC4-SHA"
0924 # define TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA          "RSA-PSK-3DES-EDE-CBC-SHA"
0925 # define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA           "RSA-PSK-AES128-CBC-SHA"
0926 # define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA           "RSA-PSK-AES256-CBC-SHA"
0927 
0928 /* PSK ciphersuites from RFC 5487 */
0929 # define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256            "PSK-AES128-GCM-SHA256"
0930 # define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384            "PSK-AES256-GCM-SHA384"
0931 # define TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256        "DHE-PSK-AES128-GCM-SHA256"
0932 # define TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384        "DHE-PSK-AES256-GCM-SHA384"
0933 # define TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256        "RSA-PSK-AES128-GCM-SHA256"
0934 # define TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384        "RSA-PSK-AES256-GCM-SHA384"
0935 
0936 # define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256            "PSK-AES128-CBC-SHA256"
0937 # define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384            "PSK-AES256-CBC-SHA384"
0938 # define TLS1_TXT_PSK_WITH_NULL_SHA256                   "PSK-NULL-SHA256"
0939 # define TLS1_TXT_PSK_WITH_NULL_SHA384                   "PSK-NULL-SHA384"
0940 
0941 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256        "DHE-PSK-AES128-CBC-SHA256"
0942 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384        "DHE-PSK-AES256-CBC-SHA384"
0943 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA256               "DHE-PSK-NULL-SHA256"
0944 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA384               "DHE-PSK-NULL-SHA384"
0945 
0946 # define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256        "RSA-PSK-AES128-CBC-SHA256"
0947 # define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384        "RSA-PSK-AES256-CBC-SHA384"
0948 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA256               "RSA-PSK-NULL-SHA256"
0949 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA384               "RSA-PSK-NULL-SHA384"
0950 
0951 /* SRP ciphersuite from RFC 5054 */
0952 # define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA          "SRP-3DES-EDE-CBC-SHA"
0953 # define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA      "SRP-RSA-3DES-EDE-CBC-SHA"
0954 # define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA      "SRP-DSS-3DES-EDE-CBC-SHA"
0955 # define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA           "SRP-AES-128-CBC-SHA"
0956 # define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA       "SRP-RSA-AES-128-CBC-SHA"
0957 # define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA       "SRP-DSS-AES-128-CBC-SHA"
0958 # define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA           "SRP-AES-256-CBC-SHA"
0959 # define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA       "SRP-RSA-AES-256-CBC-SHA"
0960 # define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA       "SRP-DSS-AES-256-CBC-SHA"
0961 
0962 /* Camellia ciphersuites from RFC4132 */
0963 # define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA          "CAMELLIA128-SHA"
0964 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA       "DH-DSS-CAMELLIA128-SHA"
0965 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA       "DH-RSA-CAMELLIA128-SHA"
0966 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA      "DHE-DSS-CAMELLIA128-SHA"
0967 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA      "DHE-RSA-CAMELLIA128-SHA"
0968 # define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA          "ADH-CAMELLIA128-SHA"
0969 
0970 # define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA          "CAMELLIA256-SHA"
0971 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA       "DH-DSS-CAMELLIA256-SHA"
0972 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA       "DH-RSA-CAMELLIA256-SHA"
0973 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA      "DHE-DSS-CAMELLIA256-SHA"
0974 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
0975 # define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
0976 
0977 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
0978 # define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256               "CAMELLIA128-SHA256"
0979 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256            "DH-DSS-CAMELLIA128-SHA256"
0980 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256            "DH-RSA-CAMELLIA128-SHA256"
0981 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256           "DHE-DSS-CAMELLIA128-SHA256"
0982 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256           "DHE-RSA-CAMELLIA128-SHA256"
0983 # define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256               "ADH-CAMELLIA128-SHA256"
0984 
0985 # define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256               "CAMELLIA256-SHA256"
0986 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256            "DH-DSS-CAMELLIA256-SHA256"
0987 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256            "DH-RSA-CAMELLIA256-SHA256"
0988 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256           "DHE-DSS-CAMELLIA256-SHA256"
0989 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256           "DHE-RSA-CAMELLIA256-SHA256"
0990 # define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256               "ADH-CAMELLIA256-SHA256"
0991 
0992 # define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256               "PSK-CAMELLIA128-SHA256"
0993 # define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384               "PSK-CAMELLIA256-SHA384"
0994 # define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256           "DHE-PSK-CAMELLIA128-SHA256"
0995 # define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384           "DHE-PSK-CAMELLIA256-SHA384"
0996 # define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256           "RSA-PSK-CAMELLIA128-SHA256"
0997 # define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384           "RSA-PSK-CAMELLIA256-SHA384"
0998 # define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256         "ECDHE-PSK-CAMELLIA128-SHA256"
0999 # define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384         "ECDHE-PSK-CAMELLIA256-SHA384"
1000 
1001 /* SEED ciphersuites from RFC4162 */
1002 # define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
1003 # define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
1004 # define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
1005 # define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
1006 # define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
1007 # define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
1008 
1009 /* TLS v1.2 ciphersuites */
1010 # define TLS1_TXT_RSA_WITH_NULL_SHA256                   "NULL-SHA256"
1011 # define TLS1_TXT_RSA_WITH_AES_128_SHA256                "AES128-SHA256"
1012 # define TLS1_TXT_RSA_WITH_AES_256_SHA256                "AES256-SHA256"
1013 # define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256             "DH-DSS-AES128-SHA256"
1014 # define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256             "DH-RSA-AES128-SHA256"
1015 # define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256            "DHE-DSS-AES128-SHA256"
1016 # define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256            "DHE-RSA-AES128-SHA256"
1017 # define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256             "DH-DSS-AES256-SHA256"
1018 # define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256             "DH-RSA-AES256-SHA256"
1019 # define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256            "DHE-DSS-AES256-SHA256"
1020 # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256            "DHE-RSA-AES256-SHA256"
1021 # define TLS1_TXT_ADH_WITH_AES_128_SHA256                "ADH-AES128-SHA256"
1022 # define TLS1_TXT_ADH_WITH_AES_256_SHA256                "ADH-AES256-SHA256"
1023 
1024 /* TLS v1.2 GCM ciphersuites from RFC5288 */
1025 # define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256            "AES128-GCM-SHA256"
1026 # define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384            "AES256-GCM-SHA384"
1027 # define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256        "DHE-RSA-AES128-GCM-SHA256"
1028 # define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384        "DHE-RSA-AES256-GCM-SHA384"
1029 # define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256         "DH-RSA-AES128-GCM-SHA256"
1030 # define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384         "DH-RSA-AES256-GCM-SHA384"
1031 # define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256        "DHE-DSS-AES128-GCM-SHA256"
1032 # define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384        "DHE-DSS-AES256-GCM-SHA384"
1033 # define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256         "DH-DSS-AES128-GCM-SHA256"
1034 # define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384         "DH-DSS-AES256-GCM-SHA384"
1035 # define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256            "ADH-AES128-GCM-SHA256"
1036 # define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384            "ADH-AES256-GCM-SHA384"
1037 
1038 /* CCM ciphersuites from RFC6655 */
1039 # define TLS1_TXT_RSA_WITH_AES_128_CCM                   "AES128-CCM"
1040 # define TLS1_TXT_RSA_WITH_AES_256_CCM                   "AES256-CCM"
1041 # define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM               "DHE-RSA-AES128-CCM"
1042 # define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM               "DHE-RSA-AES256-CCM"
1043 
1044 # define TLS1_TXT_RSA_WITH_AES_128_CCM_8                 "AES128-CCM8"
1045 # define TLS1_TXT_RSA_WITH_AES_256_CCM_8                 "AES256-CCM8"
1046 # define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8             "DHE-RSA-AES128-CCM8"
1047 # define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8             "DHE-RSA-AES256-CCM8"
1048 
1049 # define TLS1_TXT_PSK_WITH_AES_128_CCM                   "PSK-AES128-CCM"
1050 # define TLS1_TXT_PSK_WITH_AES_256_CCM                   "PSK-AES256-CCM"
1051 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM               "DHE-PSK-AES128-CCM"
1052 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM               "DHE-PSK-AES256-CCM"
1053 
1054 # define TLS1_TXT_PSK_WITH_AES_128_CCM_8                 "PSK-AES128-CCM8"
1055 # define TLS1_TXT_PSK_WITH_AES_256_CCM_8                 "PSK-AES256-CCM8"
1056 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8             "DHE-PSK-AES128-CCM8"
1057 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8             "DHE-PSK-AES256-CCM8"
1058 
1059 /* CCM ciphersuites from RFC7251 */
1060 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM       "ECDHE-ECDSA-AES128-CCM"
1061 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM       "ECDHE-ECDSA-AES256-CCM"
1062 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8     "ECDHE-ECDSA-AES128-CCM8"
1063 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8     "ECDHE-ECDSA-AES256-CCM8"
1064 
1065 /* ECDH HMAC based ciphersuites from RFC5289 */
1066 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256    "ECDHE-ECDSA-AES128-SHA256"
1067 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384    "ECDHE-ECDSA-AES256-SHA384"
1068 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256     "ECDH-ECDSA-AES128-SHA256"
1069 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384     "ECDH-ECDSA-AES256-SHA384"
1070 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256      "ECDHE-RSA-AES128-SHA256"
1071 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384      "ECDHE-RSA-AES256-SHA384"
1072 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256       "ECDH-RSA-AES128-SHA256"
1073 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384       "ECDH-RSA-AES256-SHA384"
1074 
1075 /* ECDH GCM based ciphersuites from RFC5289 */
1076 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    "ECDHE-ECDSA-AES128-GCM-SHA256"
1077 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    "ECDHE-ECDSA-AES256-GCM-SHA384"
1078 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256     "ECDH-ECDSA-AES128-GCM-SHA256"
1079 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384     "ECDH-ECDSA-AES256-GCM-SHA384"
1080 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256      "ECDHE-RSA-AES128-GCM-SHA256"
1081 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384      "ECDHE-RSA-AES256-GCM-SHA384"
1082 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
1083 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
1084 
1085 /* TLS v1.2 PSK GCM ciphersuites from RFC5487 */
1086 # define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256            "PSK-AES128-GCM-SHA256"
1087 # define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384            "PSK-AES256-GCM-SHA384"
1088 
1089 /* ECDHE PSK ciphersuites from RFC 5489 */
1090 # define TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA               "ECDHE-PSK-RC4-SHA"
1091 # define TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA          "ECDHE-PSK-3DES-EDE-CBC-SHA"
1092 # define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA           "ECDHE-PSK-AES128-CBC-SHA"
1093 # define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA           "ECDHE-PSK-AES256-CBC-SHA"
1094 
1095 # define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256        "ECDHE-PSK-AES128-CBC-SHA256"
1096 # define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384        "ECDHE-PSK-AES256-CBC-SHA384"
1097 
1098 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA                  "ECDHE-PSK-NULL-SHA"
1099 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256               "ECDHE-PSK-NULL-SHA256"
1100 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384               "ECDHE-PSK-NULL-SHA384"
1101 
1102 /* Camellia-CBC ciphersuites from RFC6367 */
1103 # define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
1104 # define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
1105 # define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  "ECDH-ECDSA-CAMELLIA128-SHA256"
1106 # define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  "ECDH-ECDSA-CAMELLIA256-SHA384"
1107 # define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   "ECDHE-RSA-CAMELLIA128-SHA256"
1108 # define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   "ECDHE-RSA-CAMELLIA256-SHA384"
1109 # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    "ECDH-RSA-CAMELLIA128-SHA256"
1110 # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    "ECDH-RSA-CAMELLIA256-SHA384"
1111 
1112 /* draft-ietf-tls-chacha20-poly1305-03 */
1113 # define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305         "ECDHE-RSA-CHACHA20-POLY1305"
1114 # define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305       "ECDHE-ECDSA-CHACHA20-POLY1305"
1115 # define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305           "DHE-RSA-CHACHA20-POLY1305"
1116 # define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305               "PSK-CHACHA20-POLY1305"
1117 # define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305         "ECDHE-PSK-CHACHA20-POLY1305"
1118 # define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305           "DHE-PSK-CHACHA20-POLY1305"
1119 # define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305           "RSA-PSK-CHACHA20-POLY1305"
1120 
1121 /* Aria ciphersuites from RFC6209 */
1122 # define TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256             "ARIA128-GCM-SHA256"
1123 # define TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384             "ARIA256-GCM-SHA384"
1124 # define TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256         "DHE-RSA-ARIA128-GCM-SHA256"
1125 # define TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384         "DHE-RSA-ARIA256-GCM-SHA384"
1126 # define TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256          "DH-RSA-ARIA128-GCM-SHA256"
1127 # define TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384          "DH-RSA-ARIA256-GCM-SHA384"
1128 # define TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256         "DHE-DSS-ARIA128-GCM-SHA256"
1129 # define TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384         "DHE-DSS-ARIA256-GCM-SHA384"
1130 # define TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256          "DH-DSS-ARIA128-GCM-SHA256"
1131 # define TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384          "DH-DSS-ARIA256-GCM-SHA384"
1132 # define TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256         "ADH-ARIA128-GCM-SHA256"
1133 # define TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384         "ADH-ARIA256-GCM-SHA384"
1134 # define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256     "ECDHE-ECDSA-ARIA128-GCM-SHA256"
1135 # define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384     "ECDHE-ECDSA-ARIA256-GCM-SHA384"
1136 # define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256      "ECDH-ECDSA-ARIA128-GCM-SHA256"
1137 # define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384      "ECDH-ECDSA-ARIA256-GCM-SHA384"
1138 # define TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256       "ECDHE-ARIA128-GCM-SHA256"
1139 # define TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384       "ECDHE-ARIA256-GCM-SHA384"
1140 # define TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256        "ECDH-ARIA128-GCM-SHA256"
1141 # define TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384        "ECDH-ARIA256-GCM-SHA384"
1142 # define TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256             "PSK-ARIA128-GCM-SHA256"
1143 # define TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384             "PSK-ARIA256-GCM-SHA384"
1144 # define TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256         "DHE-PSK-ARIA128-GCM-SHA256"
1145 # define TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384         "DHE-PSK-ARIA256-GCM-SHA384"
1146 # define TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256         "RSA-PSK-ARIA128-GCM-SHA256"
1147 # define TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384         "RSA-PSK-ARIA256-GCM-SHA384"
1148 
1149 # define TLS_CT_RSA_SIGN                 1
1150 # define TLS_CT_DSS_SIGN                 2
1151 # define TLS_CT_RSA_FIXED_DH             3
1152 # define TLS_CT_DSS_FIXED_DH             4
1153 # define TLS_CT_ECDSA_SIGN               64
1154 # define TLS_CT_RSA_FIXED_ECDH           65
1155 # define TLS_CT_ECDSA_FIXED_ECDH         66
1156 # define TLS_CT_GOST01_SIGN              22
1157 # define TLS_CT_GOST12_IANA_SIGN         67
1158 # define TLS_CT_GOST12_IANA_512_SIGN     68
1159 # define TLS_CT_GOST12_LEGACY_SIGN       238
1160 # define TLS_CT_GOST12_LEGACY_512_SIGN   239
1161 
1162 # ifndef OPENSSL_NO_DEPRECATED_3_0
1163 #  define TLS_CT_GOST12_SIGN TLS_CT_GOST12_LEGACY_SIGN
1164 #  define TLS_CT_GOST12_512_SIGN TLS_CT_GOST12_LEGACY_512_SIGN
1165 # endif
1166 
1167 /*
1168  * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
1169  * comment there)
1170  */
1171 # define TLS_CT_NUMBER                   12
1172 
1173 # if defined(SSL3_CT_NUMBER)
1174 #  if TLS_CT_NUMBER != SSL3_CT_NUMBER
1175 #    error "SSL/TLS CT_NUMBER values do not match"
1176 #  endif
1177 # endif
1178 
1179 # define TLS1_FINISH_MAC_LENGTH          12
1180 
1181 # define TLS_MD_MAX_CONST_SIZE                     22
1182 
1183 /* ASCII: "client finished", in hex for EBCDIC compatibility */
1184 # define TLS_MD_CLIENT_FINISH_CONST                "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
1185 # define TLS_MD_CLIENT_FINISH_CONST_SIZE           15
1186 /* ASCII: "server finished", in hex for EBCDIC compatibility */
1187 # define TLS_MD_SERVER_FINISH_CONST                "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
1188 # define TLS_MD_SERVER_FINISH_CONST_SIZE           15
1189 /* ASCII: "server write key", in hex for EBCDIC compatibility */
1190 # define TLS_MD_SERVER_WRITE_KEY_CONST             "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1191 # define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE        16
1192 /* ASCII: "key expansion", in hex for EBCDIC compatibility */
1193 # define TLS_MD_KEY_EXPANSION_CONST                "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
1194 # define TLS_MD_KEY_EXPANSION_CONST_SIZE           13
1195 /* ASCII: "client write key", in hex for EBCDIC compatibility */
1196 # define TLS_MD_CLIENT_WRITE_KEY_CONST             "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1197 # define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE        16
1198 /* ASCII: "server write key", in hex for EBCDIC compatibility */
1199 # define TLS_MD_SERVER_WRITE_KEY_CONST             "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
1200 # define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE        16
1201 /* ASCII: "IV block", in hex for EBCDIC compatibility */
1202 # define TLS_MD_IV_BLOCK_CONST                     "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
1203 # define TLS_MD_IV_BLOCK_CONST_SIZE                8
1204 /* ASCII: "master secret", in hex for EBCDIC compatibility */
1205 # define TLS_MD_MASTER_SECRET_CONST                "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
1206 # define TLS_MD_MASTER_SECRET_CONST_SIZE           13
1207 /* ASCII: "extended master secret", in hex for EBCDIC compatibility */
1208 # define TLS_MD_EXTENDED_MASTER_SECRET_CONST       "\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
1209 # define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE  22
1210 
1211 /* TLS Session Ticket extension struct */
1212 struct tls_session_ticket_ext_st {
1213     unsigned short length;
1214     void *data;
1215 };
1216 
1217 #ifdef  __cplusplus
1218 }
1219 #endif
1220 #endif
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.3.7 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!