Mercurial > repos > rliterman > csp2

annotate CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/include/openssl/tls1.h @ 69:33d812a61356

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 17:55:14 -0400
parents
children
rev   line source
jpayne@69 1 /*
jpayne@69 2 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
jpayne@69 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
jpayne@69 4 * Copyright 2005 Nokia. All rights reserved.
jpayne@69 5 *
jpayne@69 6 * Licensed under the OpenSSL license (the "License"). You may not use
jpayne@69 7 * this file except in compliance with the License. You can obtain a copy
jpayne@69 8 * in the file LICENSE in the source distribution or at
jpayne@69 9 * https://www.openssl.org/source/license.html
jpayne@69 10 */
jpayne@69 11
jpayne@69 12 #ifndef HEADER_TLS1_H
jpayne@69 13 # define HEADER_TLS1_H
jpayne@69 14
jpayne@69 15 # include <openssl/buffer.h>
jpayne@69 16 # include <openssl/x509.h>
jpayne@69 17
jpayne@69 18 #ifdef __cplusplus
jpayne@69 19 extern "C" {
jpayne@69 20 #endif
jpayne@69 21
jpayne@69 22 /* Default security level if not overridden at config time */
jpayne@69 23 # ifndef OPENSSL_TLS_SECURITY_LEVEL
jpayne@69 24 # define OPENSSL_TLS_SECURITY_LEVEL 1
jpayne@69 25 # endif
jpayne@69 26
jpayne@69 27 # define TLS1_VERSION 0x0301
jpayne@69 28 # define TLS1_1_VERSION 0x0302
jpayne@69 29 # define TLS1_2_VERSION 0x0303
jpayne@69 30 # define TLS1_3_VERSION 0x0304
jpayne@69 31 # define TLS_MAX_VERSION TLS1_3_VERSION
jpayne@69 32
jpayne@69 33 /* Special value for method supporting multiple versions */
jpayne@69 34 # define TLS_ANY_VERSION 0x10000
jpayne@69 35
jpayne@69 36 # define TLS1_VERSION_MAJOR 0x03
jpayne@69 37 # define TLS1_VERSION_MINOR 0x01
jpayne@69 38
jpayne@69 39 # define TLS1_1_VERSION_MAJOR 0x03
jpayne@69 40 # define TLS1_1_VERSION_MINOR 0x02
jpayne@69 41
jpayne@69 42 # define TLS1_2_VERSION_MAJOR 0x03
jpayne@69 43 # define TLS1_2_VERSION_MINOR 0x03
jpayne@69 44
jpayne@69 45 # define TLS1_get_version(s) \
jpayne@69 46 ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
jpayne@69 47
jpayne@69 48 # define TLS1_get_client_version(s) \
jpayne@69 49 ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
jpayne@69 50
jpayne@69 51 # define TLS1_AD_DECRYPTION_FAILED 21
jpayne@69 52 # define TLS1_AD_RECORD_OVERFLOW 22
jpayne@69 53 # define TLS1_AD_UNKNOWN_CA 48/* fatal */
jpayne@69 54 # define TLS1_AD_ACCESS_DENIED 49/* fatal */
jpayne@69 55 # define TLS1_AD_DECODE_ERROR 50/* fatal */
jpayne@69 56 # define TLS1_AD_DECRYPT_ERROR 51
jpayne@69 57 # define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
jpayne@69 58 # define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
jpayne@69 59 # define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
jpayne@69 60 # define TLS1_AD_INTERNAL_ERROR 80/* fatal */
jpayne@69 61 # define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
jpayne@69 62 # define TLS1_AD_USER_CANCELLED 90
jpayne@69 63 # define TLS1_AD_NO_RENEGOTIATION 100
jpayne@69 64 /* TLSv1.3 alerts */
jpayne@69 65 # define TLS13_AD_MISSING_EXTENSION 109 /* fatal */
jpayne@69 66 # define TLS13_AD_CERTIFICATE_REQUIRED 116 /* fatal */
jpayne@69 67 /* codes 110-114 are from RFC3546 */
jpayne@69 68 # define TLS1_AD_UNSUPPORTED_EXTENSION 110
jpayne@69 69 # define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
jpayne@69 70 # define TLS1_AD_UNRECOGNIZED_NAME 112
jpayne@69 71 # define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
jpayne@69 72 # define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
jpayne@69 73 # define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
jpayne@69 74 # define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
jpayne@69 75
jpayne@69 76 /* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
jpayne@69 77 # define TLSEXT_TYPE_server_name 0
jpayne@69 78 # define TLSEXT_TYPE_max_fragment_length 1
jpayne@69 79 # define TLSEXT_TYPE_client_certificate_url 2
jpayne@69 80 # define TLSEXT_TYPE_trusted_ca_keys 3
jpayne@69 81 # define TLSEXT_TYPE_truncated_hmac 4
jpayne@69 82 # define TLSEXT_TYPE_status_request 5
jpayne@69 83 /* ExtensionType values from RFC4681 */
jpayne@69 84 # define TLSEXT_TYPE_user_mapping 6
jpayne@69 85 /* ExtensionType values from RFC5878 */
jpayne@69 86 # define TLSEXT_TYPE_client_authz 7
jpayne@69 87 # define TLSEXT_TYPE_server_authz 8
jpayne@69 88 /* ExtensionType values from RFC6091 */
jpayne@69 89 # define TLSEXT_TYPE_cert_type 9
jpayne@69 90
jpayne@69 91 /* ExtensionType values from RFC4492 */
jpayne@69 92 /*
jpayne@69 93 * Prior to TLSv1.3 the supported_groups extension was known as
jpayne@69 94 * elliptic_curves
jpayne@69 95 */
jpayne@69 96 # define TLSEXT_TYPE_supported_groups 10
jpayne@69 97 # define TLSEXT_TYPE_elliptic_curves TLSEXT_TYPE_supported_groups
jpayne@69 98 # define TLSEXT_TYPE_ec_point_formats 11
jpayne@69 99
jpayne@69 100
jpayne@69 101 /* ExtensionType value from RFC5054 */
jpayne@69 102 # define TLSEXT_TYPE_srp 12
jpayne@69 103
jpayne@69 104 /* ExtensionType values from RFC5246 */
jpayne@69 105 # define TLSEXT_TYPE_signature_algorithms 13
jpayne@69 106
jpayne@69 107 /* ExtensionType value from RFC5764 */
jpayne@69 108 # define TLSEXT_TYPE_use_srtp 14
jpayne@69 109
jpayne@69 110 /* ExtensionType value from RFC5620 */
jpayne@69 111 # define TLSEXT_TYPE_heartbeat 15
jpayne@69 112
jpayne@69 113 /* ExtensionType value from RFC7301 */
jpayne@69 114 # define TLSEXT_TYPE_application_layer_protocol_negotiation 16
jpayne@69 115
jpayne@69 116 /*
jpayne@69 117 * Extension type for Certificate Transparency
jpayne@69 118 * https://tools.ietf.org/html/rfc6962#section-3.3.1
jpayne@69 119 */
jpayne@69 120 # define TLSEXT_TYPE_signed_certificate_timestamp 18
jpayne@69 121
jpayne@69 122 /*
jpayne@69 123 * ExtensionType value for TLS padding extension.
jpayne@69 124 * http://tools.ietf.org/html/draft-agl-tls-padding
jpayne@69 125 */
jpayne@69 126 # define TLSEXT_TYPE_padding 21
jpayne@69 127
jpayne@69 128 /* ExtensionType value from RFC7366 */
jpayne@69 129 # define TLSEXT_TYPE_encrypt_then_mac 22
jpayne@69 130
jpayne@69 131 /* ExtensionType value from RFC7627 */
jpayne@69 132 # define TLSEXT_TYPE_extended_master_secret 23
jpayne@69 133
jpayne@69 134 /* ExtensionType value from RFC4507 */
jpayne@69 135 # define TLSEXT_TYPE_session_ticket 35
jpayne@69 136
jpayne@69 137 /* As defined for TLS1.3 */
jpayne@69 138 # define TLSEXT_TYPE_psk 41
jpayne@69 139 # define TLSEXT_TYPE_early_data 42
jpayne@69 140 # define TLSEXT_TYPE_supported_versions 43
jpayne@69 141 # define TLSEXT_TYPE_cookie 44
jpayne@69 142 # define TLSEXT_TYPE_psk_kex_modes 45
jpayne@69 143 # define TLSEXT_TYPE_certificate_authorities 47
jpayne@69 144 # define TLSEXT_TYPE_post_handshake_auth 49
jpayne@69 145 # define TLSEXT_TYPE_signature_algorithms_cert 50
jpayne@69 146 # define TLSEXT_TYPE_key_share 51
jpayne@69 147
jpayne@69 148 /* Temporary extension type */
jpayne@69 149 # define TLSEXT_TYPE_renegotiate 0xff01
jpayne@69 150
jpayne@69 151 # ifndef OPENSSL_NO_NEXTPROTONEG
jpayne@69 152 /* This is not an IANA defined extension number */
jpayne@69 153 # define TLSEXT_TYPE_next_proto_neg 13172
jpayne@69 154 # endif
jpayne@69 155
jpayne@69 156 /* NameType value from RFC3546 */
jpayne@69 157 # define TLSEXT_NAMETYPE_host_name 0
jpayne@69 158 /* status request value from RFC3546 */
jpayne@69 159 # define TLSEXT_STATUSTYPE_ocsp 1
jpayne@69 160
jpayne@69 161 /* ECPointFormat values from RFC4492 */
jpayne@69 162 # define TLSEXT_ECPOINTFORMAT_first 0
jpayne@69 163 # define TLSEXT_ECPOINTFORMAT_uncompressed 0
jpayne@69 164 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
jpayne@69 165 # define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
jpayne@69 166 # define TLSEXT_ECPOINTFORMAT_last 2
jpayne@69 167
jpayne@69 168 /* Signature and hash algorithms from RFC5246 */
jpayne@69 169 # define TLSEXT_signature_anonymous 0
jpayne@69 170 # define TLSEXT_signature_rsa 1
jpayne@69 171 # define TLSEXT_signature_dsa 2
jpayne@69 172 # define TLSEXT_signature_ecdsa 3
jpayne@69 173 # define TLSEXT_signature_gostr34102001 237
jpayne@69 174 # define TLSEXT_signature_gostr34102012_256 238
jpayne@69 175 # define TLSEXT_signature_gostr34102012_512 239
jpayne@69 176
jpayne@69 177 /* Total number of different signature algorithms */
jpayne@69 178 # define TLSEXT_signature_num 7
jpayne@69 179
jpayne@69 180 # define TLSEXT_hash_none 0
jpayne@69 181 # define TLSEXT_hash_md5 1
jpayne@69 182 # define TLSEXT_hash_sha1 2
jpayne@69 183 # define TLSEXT_hash_sha224 3
jpayne@69 184 # define TLSEXT_hash_sha256 4
jpayne@69 185 # define TLSEXT_hash_sha384 5
jpayne@69 186 # define TLSEXT_hash_sha512 6
jpayne@69 187 # define TLSEXT_hash_gostr3411 237
jpayne@69 188 # define TLSEXT_hash_gostr34112012_256 238
jpayne@69 189 # define TLSEXT_hash_gostr34112012_512 239
jpayne@69 190
jpayne@69 191 /* Total number of different digest algorithms */
jpayne@69 192
jpayne@69 193 # define TLSEXT_hash_num 10
jpayne@69 194
jpayne@69 195 /* Flag set for unrecognised algorithms */
jpayne@69 196 # define TLSEXT_nid_unknown 0x1000000
jpayne@69 197
jpayne@69 198 /* ECC curves */
jpayne@69 199
jpayne@69 200 # define TLSEXT_curve_P_256 23
jpayne@69 201 # define TLSEXT_curve_P_384 24
jpayne@69 202
jpayne@69 203 /* OpenSSL value to disable maximum fragment length extension */
jpayne@69 204 # define TLSEXT_max_fragment_length_DISABLED 0
jpayne@69 205 /* Allowed values for max fragment length extension */
jpayne@69 206 # define TLSEXT_max_fragment_length_512 1
jpayne@69 207 # define TLSEXT_max_fragment_length_1024 2
jpayne@69 208 # define TLSEXT_max_fragment_length_2048 3
jpayne@69 209 # define TLSEXT_max_fragment_length_4096 4
jpayne@69 210
jpayne@69 211 int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
jpayne@69 212 int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
jpayne@69 213
jpayne@69 214 # define TLSEXT_MAXLEN_host_name 255
jpayne@69 215
jpayne@69 216 __owur const char *SSL_get_servername(const SSL *s, const int type);
jpayne@69 217 __owur int SSL_get_servername_type(const SSL *s);
jpayne@69 218 /*
jpayne@69 219 * SSL_export_keying_material exports a value derived from the master secret,
jpayne@69 220 * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
jpayne@69 221 * optional context. (Since a zero length context is allowed, the |use_context|
jpayne@69 222 * flag controls whether a context is included.) It returns 1 on success and
jpayne@69 223 * 0 or -1 otherwise.
jpayne@69 224 */
jpayne@69 225 __owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
jpayne@69 226 const char *label, size_t llen,
jpayne@69 227 const unsigned char *context,
jpayne@69 228 size_t contextlen, int use_context);
jpayne@69 229
jpayne@69 230 /*
jpayne@69 231 * SSL_export_keying_material_early exports a value derived from the
jpayne@69 232 * early exporter master secret, as specified in
jpayne@69 233 * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
jpayne@69 234 * |olen| bytes to |out| given a label and optional context. It
jpayne@69 235 * returns 1 on success and 0 otherwise.
jpayne@69 236 */
jpayne@69 237 __owur int SSL_export_keying_material_early(SSL *s, unsigned char *out,
jpayne@69 238 size_t olen, const char *label,
jpayne@69 239 size_t llen,
jpayne@69 240 const unsigned char *context,
jpayne@69 241 size_t contextlen);
jpayne@69 242
jpayne@69 243 int SSL_get_peer_signature_type_nid(const SSL *s, int *pnid);
jpayne@69 244 int SSL_get_signature_type_nid(const SSL *s, int *pnid);
jpayne@69 245
jpayne@69 246 int SSL_get_sigalgs(SSL *s, int idx,
jpayne@69 247 int *psign, int *phash, int *psignandhash,
jpayne@69 248 unsigned char *rsig, unsigned char *rhash);
jpayne@69 249
jpayne@69 250 int SSL_get_shared_sigalgs(SSL *s, int idx,
jpayne@69 251 int *psign, int *phash, int *psignandhash,
jpayne@69 252 unsigned char *rsig, unsigned char *rhash);
jpayne@69 253
jpayne@69 254 __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
jpayne@69 255
jpayne@69 256 # define SSL_set_tlsext_host_name(s,name) \
jpayne@69 257 SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,\
jpayne@69 258 (void *)name)
jpayne@69 259
jpayne@69 260 # define SSL_set_tlsext_debug_callback(ssl, cb) \
jpayne@69 261 SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
jpayne@69 262 (void (*)(void))cb)
jpayne@69 263
jpayne@69 264 # define SSL_set_tlsext_debug_arg(ssl, arg) \
jpayne@69 265 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
jpayne@69 266
jpayne@69 267 # define SSL_get_tlsext_status_type(ssl) \
jpayne@69 268 SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
jpayne@69 269
jpayne@69 270 # define SSL_set_tlsext_status_type(ssl, type) \
jpayne@69 271 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
jpayne@69 272
jpayne@69 273 # define SSL_get_tlsext_status_exts(ssl, arg) \
jpayne@69 274 SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
jpayne@69 275
jpayne@69 276 # define SSL_set_tlsext_status_exts(ssl, arg) \
jpayne@69 277 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
jpayne@69 278
jpayne@69 279 # define SSL_get_tlsext_status_ids(ssl, arg) \
jpayne@69 280 SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
jpayne@69 281
jpayne@69 282 # define SSL_set_tlsext_status_ids(ssl, arg) \
jpayne@69 283 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
jpayne@69 284
jpayne@69 285 # define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
jpayne@69 286 SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
jpayne@69 287
jpayne@69 288 # define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
jpayne@69 289 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
jpayne@69 290
jpayne@69 291 # define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
jpayne@69 292 SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
jpayne@69 293 (void (*)(void))cb)
jpayne@69 294
jpayne@69 295 # define SSL_TLSEXT_ERR_OK 0
jpayne@69 296 # define SSL_TLSEXT_ERR_ALERT_WARNING 1
jpayne@69 297 # define SSL_TLSEXT_ERR_ALERT_FATAL 2
jpayne@69 298 # define SSL_TLSEXT_ERR_NOACK 3
jpayne@69 299
jpayne@69 300 # define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
jpayne@69 301 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
jpayne@69 302
jpayne@69 303 # define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
jpayne@69 304 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
jpayne@69 305 # define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
jpayne@69 306 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
jpayne@69 307
jpayne@69 308 # define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
jpayne@69 309 SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
jpayne@69 310 # define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
jpayne@69 311 SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
jpayne@69 312 (void (*)(void))cb)
jpayne@69 313
jpayne@69 314 # define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
jpayne@69 315 SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
jpayne@69 316 # define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
jpayne@69 317 SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
jpayne@69 318
jpayne@69 319 # define SSL_CTX_set_tlsext_status_type(ssl, type) \
jpayne@69 320 SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
jpayne@69 321
jpayne@69 322 # define SSL_CTX_get_tlsext_status_type(ssl) \
jpayne@69 323 SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
jpayne@69 324
jpayne@69 325 # define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
jpayne@69 326 SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
jpayne@69 327 (void (*)(void))cb)
jpayne@69 328
jpayne@69 329 # ifndef OPENSSL_NO_HEARTBEATS
jpayne@69 330 # define SSL_DTLSEXT_HB_ENABLED 0x01
jpayne@69 331 # define SSL_DTLSEXT_HB_DONT_SEND_REQUESTS 0x02
jpayne@69 332 # define SSL_DTLSEXT_HB_DONT_RECV_REQUESTS 0x04
jpayne@69 333 # define SSL_get_dtlsext_heartbeat_pending(ssl) \
jpayne@69 334 SSL_ctrl(ssl,SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING,0,NULL)
jpayne@69 335 # define SSL_set_dtlsext_heartbeat_no_requests(ssl, arg) \
jpayne@69 336 SSL_ctrl(ssl,SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
jpayne@69 337
jpayne@69 338 # if OPENSSL_API_COMPAT < 0x10100000L
jpayne@69 339 # define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT \
jpayne@69 340 SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT
jpayne@69 341 # define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING \
jpayne@69 342 SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING
jpayne@69 343 # define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS \
jpayne@69 344 SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS
jpayne@69 345 # define SSL_TLSEXT_HB_ENABLED \
jpayne@69 346 SSL_DTLSEXT_HB_ENABLED
jpayne@69 347 # define SSL_TLSEXT_HB_DONT_SEND_REQUESTS \
jpayne@69 348 SSL_DTLSEXT_HB_DONT_SEND_REQUESTS
jpayne@69 349 # define SSL_TLSEXT_HB_DONT_RECV_REQUESTS \
jpayne@69 350 SSL_DTLSEXT_HB_DONT_RECV_REQUESTS
jpayne@69 351 # define SSL_get_tlsext_heartbeat_pending(ssl) \
jpayne@69 352 SSL_get_dtlsext_heartbeat_pending(ssl)
jpayne@69 353 # define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
jpayne@69 354 SSL_set_dtlsext_heartbeat_no_requests(ssl,arg)
jpayne@69 355 # endif
jpayne@69 356 # endif
jpayne@69 357
jpayne@69 358 /* PSK ciphersuites from 4279 */
jpayne@69 359 # define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
jpayne@69 360 # define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
jpayne@69 361 # define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
jpayne@69 362 # define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
jpayne@69 363 # define TLS1_CK_DHE_PSK_WITH_RC4_128_SHA 0x0300008E
jpayne@69 364 # define TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008F
jpayne@69 365 # define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA 0x03000090
jpayne@69 366 # define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA 0x03000091
jpayne@69 367 # define TLS1_CK_RSA_PSK_WITH_RC4_128_SHA 0x03000092
jpayne@69 368 # define TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x03000093
jpayne@69 369 # define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA 0x03000094
jpayne@69 370 # define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA 0x03000095
jpayne@69 371
jpayne@69 372 /* PSK ciphersuites from 5487 */
jpayne@69 373 # define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 0x030000A8
jpayne@69 374 # define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 0x030000A9
jpayne@69 375 # define TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 0x030000AA
jpayne@69 376 # define TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 0x030000AB
jpayne@69 377 # define TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 0x030000AC
jpayne@69 378 # define TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 0x030000AD
jpayne@69 379 # define TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 0x030000AE
jpayne@69 380 # define TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 0x030000AF
jpayne@69 381 # define TLS1_CK_PSK_WITH_NULL_SHA256 0x030000B0
jpayne@69 382 # define TLS1_CK_PSK_WITH_NULL_SHA384 0x030000B1
jpayne@69 383 # define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 0x030000B2
jpayne@69 384 # define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 0x030000B3
jpayne@69 385 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA256 0x030000B4
jpayne@69 386 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA384 0x030000B5
jpayne@69 387 # define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 0x030000B6
jpayne@69 388 # define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 0x030000B7
jpayne@69 389 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA256 0x030000B8
jpayne@69 390 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA384 0x030000B9
jpayne@69 391
jpayne@69 392 /* NULL PSK ciphersuites from RFC4785 */
jpayne@69 393 # define TLS1_CK_PSK_WITH_NULL_SHA 0x0300002C
jpayne@69 394 # define TLS1_CK_DHE_PSK_WITH_NULL_SHA 0x0300002D
jpayne@69 395 # define TLS1_CK_RSA_PSK_WITH_NULL_SHA 0x0300002E
jpayne@69 396
jpayne@69 397 /* AES ciphersuites from RFC3268 */
jpayne@69 398 # define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
jpayne@69 399 # define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
jpayne@69 400 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
jpayne@69 401 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
jpayne@69 402 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
jpayne@69 403 # define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
jpayne@69 404 # define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
jpayne@69 405 # define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
jpayne@69 406 # define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
jpayne@69 407 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
jpayne@69 408 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
jpayne@69 409 # define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
jpayne@69 410
jpayne@69 411 /* TLS v1.2 ciphersuites */
jpayne@69 412 # define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
jpayne@69 413 # define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
jpayne@69 414 # define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
jpayne@69 415 # define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
jpayne@69 416 # define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
jpayne@69 417 # define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
jpayne@69 418
jpayne@69 419 /* Camellia ciphersuites from RFC4132 */
jpayne@69 420 # define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
jpayne@69 421 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
jpayne@69 422 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
jpayne@69 423 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
jpayne@69 424 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
jpayne@69 425 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
jpayne@69 426
jpayne@69 427 /* TLS v1.2 ciphersuites */
jpayne@69 428 # define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
jpayne@69 429 # define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
jpayne@69 430 # define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
jpayne@69 431 # define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
jpayne@69 432 # define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
jpayne@69 433 # define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
jpayne@69 434 # define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
jpayne@69 435
jpayne@69 436 /* Camellia ciphersuites from RFC4132 */
jpayne@69 437 # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
jpayne@69 438 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
jpayne@69 439 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
jpayne@69 440 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
jpayne@69 441 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
jpayne@69 442 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
jpayne@69 443
jpayne@69 444 /* SEED ciphersuites from RFC4162 */
jpayne@69 445 # define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
jpayne@69 446 # define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
jpayne@69 447 # define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
jpayne@69 448 # define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
jpayne@69 449 # define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
jpayne@69 450 # define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
jpayne@69 451
jpayne@69 452 /* TLS v1.2 GCM ciphersuites from RFC5288 */
jpayne@69 453 # define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
jpayne@69 454 # define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
jpayne@69 455 # define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
jpayne@69 456 # define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
jpayne@69 457 # define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
jpayne@69 458 # define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
jpayne@69 459 # define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
jpayne@69 460 # define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
jpayne@69 461 # define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
jpayne@69 462 # define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
jpayne@69 463 # define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
jpayne@69 464 # define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
jpayne@69 465
jpayne@69 466 /* CCM ciphersuites from RFC6655 */
jpayne@69 467 # define TLS1_CK_RSA_WITH_AES_128_CCM 0x0300C09C
jpayne@69 468 # define TLS1_CK_RSA_WITH_AES_256_CCM 0x0300C09D
jpayne@69 469 # define TLS1_CK_DHE_RSA_WITH_AES_128_CCM 0x0300C09E
jpayne@69 470 # define TLS1_CK_DHE_RSA_WITH_AES_256_CCM 0x0300C09F
jpayne@69 471 # define TLS1_CK_RSA_WITH_AES_128_CCM_8 0x0300C0A0
jpayne@69 472 # define TLS1_CK_RSA_WITH_AES_256_CCM_8 0x0300C0A1
jpayne@69 473 # define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 0x0300C0A2
jpayne@69 474 # define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 0x0300C0A3
jpayne@69 475 # define TLS1_CK_PSK_WITH_AES_128_CCM 0x0300C0A4
jpayne@69 476 # define TLS1_CK_PSK_WITH_AES_256_CCM 0x0300C0A5
jpayne@69 477 # define TLS1_CK_DHE_PSK_WITH_AES_128_CCM 0x0300C0A6
jpayne@69 478 # define TLS1_CK_DHE_PSK_WITH_AES_256_CCM 0x0300C0A7
jpayne@69 479 # define TLS1_CK_PSK_WITH_AES_128_CCM_8 0x0300C0A8
jpayne@69 480 # define TLS1_CK_PSK_WITH_AES_256_CCM_8 0x0300C0A9
jpayne@69 481 # define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 0x0300C0AA
jpayne@69 482 # define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 0x0300C0AB
jpayne@69 483
jpayne@69 484 /* CCM ciphersuites from RFC7251 */
jpayne@69 485 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM 0x0300C0AC
jpayne@69 486 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM 0x0300C0AD
jpayne@69 487 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 0x0300C0AE
jpayne@69 488 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 0x0300C0AF
jpayne@69 489
jpayne@69 490 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
jpayne@69 491 # define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
jpayne@69 492 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
jpayne@69 493 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
jpayne@69 494 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
jpayne@69 495 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
jpayne@69 496 # define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
jpayne@69 497
jpayne@69 498 # define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
jpayne@69 499 # define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
jpayne@69 500 # define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
jpayne@69 501 # define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
jpayne@69 502 # define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
jpayne@69 503 # define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
jpayne@69 504
jpayne@69 505 /* ECC ciphersuites from RFC4492 */
jpayne@69 506 # define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
jpayne@69 507 # define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
jpayne@69 508 # define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
jpayne@69 509 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
jpayne@69 510 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
jpayne@69 511
jpayne@69 512 # define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
jpayne@69 513 # define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
jpayne@69 514 # define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
jpayne@69 515 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
jpayne@69 516 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
jpayne@69 517
jpayne@69 518 # define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
jpayne@69 519 # define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
jpayne@69 520 # define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
jpayne@69 521 # define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
jpayne@69 522 # define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
jpayne@69 523
jpayne@69 524 # define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
jpayne@69 525 # define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
jpayne@69 526 # define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
jpayne@69 527 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
jpayne@69 528 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
jpayne@69 529
jpayne@69 530 # define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
jpayne@69 531 # define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
jpayne@69 532 # define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
jpayne@69 533 # define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
jpayne@69 534 # define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
jpayne@69 535
jpayne@69 536 /* SRP ciphersuites from RFC 5054 */
jpayne@69 537 # define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
jpayne@69 538 # define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
jpayne@69 539 # define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
jpayne@69 540 # define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
jpayne@69 541 # define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
jpayne@69 542 # define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
jpayne@69 543 # define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
jpayne@69 544 # define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
jpayne@69 545 # define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
jpayne@69 546
jpayne@69 547 /* ECDH HMAC based ciphersuites from RFC5289 */
jpayne@69 548 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
jpayne@69 549 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
jpayne@69 550 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
jpayne@69 551 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
jpayne@69 552 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
jpayne@69 553 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
jpayne@69 554 # define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
jpayne@69 555 # define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
jpayne@69 556
jpayne@69 557 /* ECDH GCM based ciphersuites from RFC5289 */
jpayne@69 558 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
jpayne@69 559 # define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
jpayne@69 560 # define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
jpayne@69 561 # define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
jpayne@69 562 # define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
jpayne@69 563 # define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
jpayne@69 564 # define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
jpayne@69 565 # define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
jpayne@69 566
jpayne@69 567 /* ECDHE PSK ciphersuites from RFC5489 */
jpayne@69 568 # define TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA 0x0300C033
jpayne@69 569 # define TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300C034
jpayne@69 570 # define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
jpayne@69 571 # define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036
jpayne@69 572
jpayne@69 573 # define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
jpayne@69 574 # define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
jpayne@69 575
jpayne@69 576 /* NULL PSK ciphersuites from RFC4785 */
jpayne@69 577 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA 0x0300C039
jpayne@69 578 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 0x0300C03A
jpayne@69 579 # define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 0x0300C03B
jpayne@69 580
jpayne@69 581 /* Camellia-CBC ciphersuites from RFC6367 */
jpayne@69 582 # define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
jpayne@69 583 # define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
jpayne@69 584 # define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
jpayne@69 585 # define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
jpayne@69 586 # define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
jpayne@69 587 # define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
jpayne@69 588 # define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
jpayne@69 589 # define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
jpayne@69 590
jpayne@69 591 # define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
jpayne@69 592 # define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
jpayne@69 593 # define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
jpayne@69 594 # define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
jpayne@69 595 # define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
jpayne@69 596 # define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
jpayne@69 597 # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
jpayne@69 598 # define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
jpayne@69 599
jpayne@69 600 /* draft-ietf-tls-chacha20-poly1305-03 */
jpayne@69 601 # define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
jpayne@69 602 # define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
jpayne@69 603 # define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
jpayne@69 604 # define TLS1_CK_PSK_WITH_CHACHA20_POLY1305 0x0300CCAB
jpayne@69 605 # define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAC
jpayne@69 606 # define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
jpayne@69 607 # define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
jpayne@69 608
jpayne@69 609 /* TLS v1.3 ciphersuites */
jpayne@69 610 # define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
jpayne@69 611 # define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
jpayne@69 612 # define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303
jpayne@69 613 # define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304
jpayne@69 614 # define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305
jpayne@69 615
jpayne@69 616 /* Aria ciphersuites from RFC6209 */
jpayne@69 617 # define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C050
jpayne@69 618 # define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C051
jpayne@69 619 # define TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C052
jpayne@69 620 # define TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C053
jpayne@69 621 # define TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C054
jpayne@69 622 # define TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C055
jpayne@69 623 # define TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C056
jpayne@69 624 # define TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C057
jpayne@69 625 # define TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C058
jpayne@69 626 # define TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C059
jpayne@69 627 # define TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 0x0300C05A
jpayne@69 628 # define TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 0x0300C05B
jpayne@69 629 # define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05C
jpayne@69 630 # define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05D
jpayne@69 631 # define TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05E
jpayne@69 632 # define TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05F
jpayne@69 633 # define TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C060
jpayne@69 634 # define TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C061
jpayne@69 635 # define TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C062
jpayne@69 636 # define TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C063
jpayne@69 637 # define TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06A
jpayne@69 638 # define TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06B
jpayne@69 639 # define TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06C
jpayne@69 640 # define TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06D
jpayne@69 641 # define TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06E
jpayne@69 642 # define TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06F
jpayne@69 643
jpayne@69 644 /* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
jpayne@69 645 # define TLS1_RFC_RSA_WITH_AES_128_SHA "TLS_RSA_WITH_AES_128_CBC_SHA"
jpayne@69 646 # define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
jpayne@69 647 # define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
jpayne@69 648 # define TLS1_RFC_ADH_WITH_AES_128_SHA "TLS_DH_anon_WITH_AES_128_CBC_SHA"
jpayne@69 649 # define TLS1_RFC_RSA_WITH_AES_256_SHA "TLS_RSA_WITH_AES_256_CBC_SHA"
jpayne@69 650 # define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
jpayne@69 651 # define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
jpayne@69 652 # define TLS1_RFC_ADH_WITH_AES_256_SHA "TLS_DH_anon_WITH_AES_256_CBC_SHA"
jpayne@69 653 # define TLS1_RFC_RSA_WITH_NULL_SHA256 "TLS_RSA_WITH_NULL_SHA256"
jpayne@69 654 # define TLS1_RFC_RSA_WITH_AES_128_SHA256 "TLS_RSA_WITH_AES_128_CBC_SHA256"
jpayne@69 655 # define TLS1_RFC_RSA_WITH_AES_256_SHA256 "TLS_RSA_WITH_AES_256_CBC_SHA256"
jpayne@69 656 # define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
jpayne@69 657 # define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
jpayne@69 658 # define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
jpayne@69 659 # define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
jpayne@69 660 # define TLS1_RFC_ADH_WITH_AES_128_SHA256 "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
jpayne@69 661 # define TLS1_RFC_ADH_WITH_AES_256_SHA256 "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
jpayne@69 662 # define TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 "TLS_RSA_WITH_AES_128_GCM_SHA256"
jpayne@69 663 # define TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 "TLS_RSA_WITH_AES_256_GCM_SHA384"
jpayne@69 664 # define TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
jpayne@69 665 # define TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
jpayne@69 666 # define TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"
jpayne@69 667 # define TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"
jpayne@69 668 # define TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
jpayne@69 669 # define TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
jpayne@69 670 # define TLS1_RFC_RSA_WITH_AES_128_CCM "TLS_RSA_WITH_AES_128_CCM"
jpayne@69 671 # define TLS1_RFC_RSA_WITH_AES_256_CCM "TLS_RSA_WITH_AES_256_CCM"
jpayne@69 672 # define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM "TLS_DHE_RSA_WITH_AES_128_CCM"
jpayne@69 673 # define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM "TLS_DHE_RSA_WITH_AES_256_CCM"
jpayne@69 674 # define TLS1_RFC_RSA_WITH_AES_128_CCM_8 "TLS_RSA_WITH_AES_128_CCM_8"
jpayne@69 675 # define TLS1_RFC_RSA_WITH_AES_256_CCM_8 "TLS_RSA_WITH_AES_256_CCM_8"
jpayne@69 676 # define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 "TLS_DHE_RSA_WITH_AES_128_CCM_8"
jpayne@69 677 # define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 "TLS_DHE_RSA_WITH_AES_256_CCM_8"
jpayne@69 678 # define TLS1_RFC_PSK_WITH_AES_128_CCM "TLS_PSK_WITH_AES_128_CCM"
jpayne@69 679 # define TLS1_RFC_PSK_WITH_AES_256_CCM "TLS_PSK_WITH_AES_256_CCM"
jpayne@69 680 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM "TLS_DHE_PSK_WITH_AES_128_CCM"
jpayne@69 681 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM "TLS_DHE_PSK_WITH_AES_256_CCM"
jpayne@69 682 # define TLS1_RFC_PSK_WITH_AES_128_CCM_8 "TLS_PSK_WITH_AES_128_CCM_8"
jpayne@69 683 # define TLS1_RFC_PSK_WITH_AES_256_CCM_8 "TLS_PSK_WITH_AES_256_CCM_8"
jpayne@69 684 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 "TLS_PSK_DHE_WITH_AES_128_CCM_8"
jpayne@69 685 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 "TLS_PSK_DHE_WITH_AES_256_CCM_8"
jpayne@69 686 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"
jpayne@69 687 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"
jpayne@69 688 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"
jpayne@69 689 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"
jpayne@69 690 # define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
jpayne@69 691 # define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
jpayne@69 692 # define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
jpayne@69 693 # define TLS1_3_RFC_AES_128_CCM_SHA256 "TLS_AES_128_CCM_SHA256"
jpayne@69 694 # define TLS1_3_RFC_AES_128_CCM_8_SHA256 "TLS_AES_128_CCM_8_SHA256"
jpayne@69 695 # define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
jpayne@69 696 # define TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
jpayne@69 697 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
jpayne@69 698 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
jpayne@69 699 # define TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA "TLS_ECDHE_RSA_WITH_NULL_SHA"
jpayne@69 700 # define TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
jpayne@69 701 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
jpayne@69 702 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
jpayne@69 703 # define TLS1_RFC_ECDH_anon_WITH_NULL_SHA "TLS_ECDH_anon_WITH_NULL_SHA"
jpayne@69 704 # define TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
jpayne@69 705 # define TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
jpayne@69 706 # define TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
jpayne@69 707 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
jpayne@69 708 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
jpayne@69 709 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
jpayne@69 710 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
jpayne@69 711 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
jpayne@69 712 # define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
jpayne@69 713 # define TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
jpayne@69 714 # define TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
jpayne@69 715 # define TLS1_RFC_PSK_WITH_NULL_SHA "TLS_PSK_WITH_NULL_SHA"
jpayne@69 716 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA "TLS_DHE_PSK_WITH_NULL_SHA"
jpayne@69 717 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA "TLS_RSA_PSK_WITH_NULL_SHA"
jpayne@69 718 # define TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
jpayne@69 719 # define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA "TLS_PSK_WITH_AES_128_CBC_SHA"
jpayne@69 720 # define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA "TLS_PSK_WITH_AES_256_CBC_SHA"
jpayne@69 721 # define TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
jpayne@69 722 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
jpayne@69 723 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
jpayne@69 724 # define TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
jpayne@69 725 # define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
jpayne@69 726 # define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
jpayne@69 727 # define TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 "TLS_PSK_WITH_AES_128_GCM_SHA256"
jpayne@69 728 # define TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 "TLS_PSK_WITH_AES_256_GCM_SHA384"
jpayne@69 729 # define TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"
jpayne@69 730 # define TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"
jpayne@69 731 # define TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
jpayne@69 732 # define TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
jpayne@69 733 # define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 "TLS_PSK_WITH_AES_128_CBC_SHA256"
jpayne@69 734 # define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 "TLS_PSK_WITH_AES_256_CBC_SHA384"
jpayne@69 735 # define TLS1_RFC_PSK_WITH_NULL_SHA256 "TLS_PSK_WITH_NULL_SHA256"
jpayne@69 736 # define TLS1_RFC_PSK_WITH_NULL_SHA384 "TLS_PSK_WITH_NULL_SHA384"
jpayne@69 737 # define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
jpayne@69 738 # define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
jpayne@69 739 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 "TLS_DHE_PSK_WITH_NULL_SHA256"
jpayne@69 740 # define TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 "TLS_DHE_PSK_WITH_NULL_SHA384"
jpayne@69 741 # define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
jpayne@69 742 # define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
jpayne@69 743 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 "TLS_RSA_PSK_WITH_NULL_SHA256"
jpayne@69 744 # define TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 "TLS_RSA_PSK_WITH_NULL_SHA384"
jpayne@69 745 # define TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
jpayne@69 746 # define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
jpayne@69 747 # define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
jpayne@69 748 # define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
jpayne@69 749 # define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
jpayne@69 750 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA "TLS_ECDHE_PSK_WITH_NULL_SHA"
jpayne@69 751 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 "TLS_ECDHE_PSK_WITH_NULL_SHA256"
jpayne@69 752 # define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 "TLS_ECDHE_PSK_WITH_NULL_SHA384"
jpayne@69 753 # define TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
jpayne@69 754 # define TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
jpayne@69 755 # define TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
jpayne@69 756 # define TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
jpayne@69 757 # define TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
jpayne@69 758 # define TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
jpayne@69 759 # define TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
jpayne@69 760 # define TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
jpayne@69 761 # define TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
jpayne@69 762 # define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 763 # define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 764 # define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 765 # define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 766 # define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 767 # define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 768 # define TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
jpayne@69 769 # define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 770 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 771 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 772 # define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 773 # define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
jpayne@69 774 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
jpayne@69 775 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
jpayne@69 776 # define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
jpayne@69 777 # define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
jpayne@69 778 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
jpayne@69 779 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
jpayne@69 780 # define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
jpayne@69 781 # define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
jpayne@69 782 # define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
jpayne@69 783 # define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
jpayne@69 784 # define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
jpayne@69 785 # define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 786 # define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 787 # define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 788 # define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 789 # define TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 790 # define TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 791 # define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 792 # define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 793 # define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 794 # define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 795 # define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
jpayne@69 796 # define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
jpayne@69 797 # define TLS1_RFC_RSA_WITH_SEED_SHA "TLS_RSA_WITH_SEED_CBC_SHA"
jpayne@69 798 # define TLS1_RFC_DHE_DSS_WITH_SEED_SHA "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
jpayne@69 799 # define TLS1_RFC_DHE_RSA_WITH_SEED_SHA "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
jpayne@69 800 # define TLS1_RFC_ADH_WITH_SEED_SHA "TLS_DH_anon_WITH_SEED_CBC_SHA"
jpayne@69 801 # define TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
jpayne@69 802 # define TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA "TLS_ECDH_anon_WITH_RC4_128_SHA"
jpayne@69 803 # define TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
jpayne@69 804 # define TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
jpayne@69 805 # define TLS1_RFC_PSK_WITH_RC4_128_SHA "TLS_PSK_WITH_RC4_128_SHA"
jpayne@69 806 # define TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA "TLS_RSA_PSK_WITH_RC4_128_SHA"
jpayne@69 807 # define TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA "TLS_DHE_PSK_WITH_RC4_128_SHA"
jpayne@69 808 # define TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 809 # define TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 810 # define TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 811 # define TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 812 # define TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 813 # define TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 814 # define TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"
jpayne@69 815 # define TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"
jpayne@69 816 # define TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
jpayne@69 817 # define TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
jpayne@69 818 # define TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
jpayne@69 819 # define TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
jpayne@69 820 # define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 821 # define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 822 # define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 823 # define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 824 # define TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 825 # define TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 826 # define TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
jpayne@69 827 # define TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
jpayne@69 828 # define TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
jpayne@69 829 # define TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
jpayne@69 830 # define TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"
jpayne@69 831 # define TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"
jpayne@69 832 # define TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
jpayne@69 833 # define TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
jpayne@69 834
jpayne@69 835
jpayne@69 836 /*
jpayne@69 837 * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
jpayne@69 838 * ciphers names with "EDH" instead of "DHE". Going forward, we should be
jpayne@69 839 * using DHE everywhere, though we may indefinitely maintain aliases for
jpayne@69 840 * users or configurations that used "EDH"
jpayne@69 841 */
jpayne@69 842 # define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
jpayne@69 843
jpayne@69 844 # define TLS1_TXT_PSK_WITH_NULL_SHA "PSK-NULL-SHA"
jpayne@69 845 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA "DHE-PSK-NULL-SHA"
jpayne@69 846 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA "RSA-PSK-NULL-SHA"
jpayne@69 847
jpayne@69 848 /* AES ciphersuites from RFC3268 */
jpayne@69 849 # define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
jpayne@69 850 # define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
jpayne@69 851 # define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
jpayne@69 852 # define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
jpayne@69 853 # define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
jpayne@69 854 # define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
jpayne@69 855
jpayne@69 856 # define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
jpayne@69 857 # define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
jpayne@69 858 # define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
jpayne@69 859 # define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
jpayne@69 860 # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
jpayne@69 861 # define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
jpayne@69 862
jpayne@69 863 /* ECC ciphersuites from RFC4492 */
jpayne@69 864 # define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
jpayne@69 865 # define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
jpayne@69 866 # define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
jpayne@69 867 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
jpayne@69 868 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
jpayne@69 869
jpayne@69 870 # define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
jpayne@69 871 # define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
jpayne@69 872 # define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
jpayne@69 873 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
jpayne@69 874 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
jpayne@69 875
jpayne@69 876 # define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
jpayne@69 877 # define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
jpayne@69 878 # define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
jpayne@69 879 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
jpayne@69 880 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
jpayne@69 881
jpayne@69 882 # define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
jpayne@69 883 # define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
jpayne@69 884 # define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
jpayne@69 885 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
jpayne@69 886 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
jpayne@69 887
jpayne@69 888 # define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
jpayne@69 889 # define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
jpayne@69 890 # define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
jpayne@69 891 # define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
jpayne@69 892 # define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
jpayne@69 893
jpayne@69 894 /* PSK ciphersuites from RFC 4279 */
jpayne@69 895 # define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
jpayne@69 896 # define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
jpayne@69 897 # define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
jpayne@69 898 # define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
jpayne@69 899
jpayne@69 900 # define TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA "DHE-PSK-RC4-SHA"
jpayne@69 901 # define TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA "DHE-PSK-3DES-EDE-CBC-SHA"
jpayne@69 902 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA "DHE-PSK-AES128-CBC-SHA"
jpayne@69 903 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA "DHE-PSK-AES256-CBC-SHA"
jpayne@69 904 # define TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA "RSA-PSK-RC4-SHA"
jpayne@69 905 # define TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA "RSA-PSK-3DES-EDE-CBC-SHA"
jpayne@69 906 # define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA "RSA-PSK-AES128-CBC-SHA"
jpayne@69 907 # define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA "RSA-PSK-AES256-CBC-SHA"
jpayne@69 908
jpayne@69 909 /* PSK ciphersuites from RFC 5487 */
jpayne@69 910 # define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
jpayne@69 911 # define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
jpayne@69 912 # define TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 "DHE-PSK-AES128-GCM-SHA256"
jpayne@69 913 # define TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 "DHE-PSK-AES256-GCM-SHA384"
jpayne@69 914 # define TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 "RSA-PSK-AES128-GCM-SHA256"
jpayne@69 915 # define TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 "RSA-PSK-AES256-GCM-SHA384"
jpayne@69 916
jpayne@69 917 # define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 "PSK-AES128-CBC-SHA256"
jpayne@69 918 # define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 "PSK-AES256-CBC-SHA384"
jpayne@69 919 # define TLS1_TXT_PSK_WITH_NULL_SHA256 "PSK-NULL-SHA256"
jpayne@69 920 # define TLS1_TXT_PSK_WITH_NULL_SHA384 "PSK-NULL-SHA384"
jpayne@69 921
jpayne@69 922 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 "DHE-PSK-AES128-CBC-SHA256"
jpayne@69 923 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 "DHE-PSK-AES256-CBC-SHA384"
jpayne@69 924 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 "DHE-PSK-NULL-SHA256"
jpayne@69 925 # define TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 "DHE-PSK-NULL-SHA384"
jpayne@69 926
jpayne@69 927 # define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 "RSA-PSK-AES128-CBC-SHA256"
jpayne@69 928 # define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 "RSA-PSK-AES256-CBC-SHA384"
jpayne@69 929 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 "RSA-PSK-NULL-SHA256"
jpayne@69 930 # define TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 "RSA-PSK-NULL-SHA384"
jpayne@69 931
jpayne@69 932 /* SRP ciphersuite from RFC 5054 */
jpayne@69 933 # define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
jpayne@69 934 # define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
jpayne@69 935 # define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
jpayne@69 936 # define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
jpayne@69 937 # define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
jpayne@69 938 # define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
jpayne@69 939 # define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
jpayne@69 940 # define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
jpayne@69 941 # define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
jpayne@69 942
jpayne@69 943 /* Camellia ciphersuites from RFC4132 */
jpayne@69 944 # define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
jpayne@69 945 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
jpayne@69 946 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
jpayne@69 947 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
jpayne@69 948 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
jpayne@69 949 # define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
jpayne@69 950
jpayne@69 951 # define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
jpayne@69 952 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
jpayne@69 953 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
jpayne@69 954 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
jpayne@69 955 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
jpayne@69 956 # define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
jpayne@69 957
jpayne@69 958 /* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
jpayne@69 959 # define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
jpayne@69 960 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
jpayne@69 961 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
jpayne@69 962 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
jpayne@69 963 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
jpayne@69 964 # define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
jpayne@69 965
jpayne@69 966 # define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
jpayne@69 967 # define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
jpayne@69 968 # define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
jpayne@69 969 # define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
jpayne@69 970 # define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
jpayne@69 971 # define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
jpayne@69 972
jpayne@69 973 # define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
jpayne@69 974 # define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
jpayne@69 975 # define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
jpayne@69 976 # define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
jpayne@69 977 # define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
jpayne@69 978 # define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
jpayne@69 979 # define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
jpayne@69 980 # define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
jpayne@69 981
jpayne@69 982 /* SEED ciphersuites from RFC4162 */
jpayne@69 983 # define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
jpayne@69 984 # define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
jpayne@69 985 # define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
jpayne@69 986 # define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
jpayne@69 987 # define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
jpayne@69 988 # define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
jpayne@69 989
jpayne@69 990 /* TLS v1.2 ciphersuites */
jpayne@69 991 # define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
jpayne@69 992 # define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
jpayne@69 993 # define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
jpayne@69 994 # define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
jpayne@69 995 # define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
jpayne@69 996 # define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
jpayne@69 997 # define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
jpayne@69 998 # define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
jpayne@69 999 # define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
jpayne@69 1000 # define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
jpayne@69 1001 # define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
jpayne@69 1002 # define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
jpayne@69 1003 # define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
jpayne@69 1004
jpayne@69 1005 /* TLS v1.2 GCM ciphersuites from RFC5288 */
jpayne@69 1006 # define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
jpayne@69 1007 # define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
jpayne@69 1008 # define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
jpayne@69 1009 # define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
jpayne@69 1010 # define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
jpayne@69 1011 # define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
jpayne@69 1012 # define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
jpayne@69 1013 # define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
jpayne@69 1014 # define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
jpayne@69 1015 # define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
jpayne@69 1016 # define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
jpayne@69 1017 # define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
jpayne@69 1018
jpayne@69 1019 /* CCM ciphersuites from RFC6655 */
jpayne@69 1020 # define TLS1_TXT_RSA_WITH_AES_128_CCM "AES128-CCM"
jpayne@69 1021 # define TLS1_TXT_RSA_WITH_AES_256_CCM "AES256-CCM"
jpayne@69 1022 # define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM "DHE-RSA-AES128-CCM"
jpayne@69 1023 # define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM "DHE-RSA-AES256-CCM"
jpayne@69 1024
jpayne@69 1025 # define TLS1_TXT_RSA_WITH_AES_128_CCM_8 "AES128-CCM8"
jpayne@69 1026 # define TLS1_TXT_RSA_WITH_AES_256_CCM_8 "AES256-CCM8"
jpayne@69 1027 # define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 "DHE-RSA-AES128-CCM8"
jpayne@69 1028 # define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 "DHE-RSA-AES256-CCM8"
jpayne@69 1029
jpayne@69 1030 # define TLS1_TXT_PSK_WITH_AES_128_CCM "PSK-AES128-CCM"
jpayne@69 1031 # define TLS1_TXT_PSK_WITH_AES_256_CCM "PSK-AES256-CCM"
jpayne@69 1032 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM "DHE-PSK-AES128-CCM"
jpayne@69 1033 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM "DHE-PSK-AES256-CCM"
jpayne@69 1034
jpayne@69 1035 # define TLS1_TXT_PSK_WITH_AES_128_CCM_8 "PSK-AES128-CCM8"
jpayne@69 1036 # define TLS1_TXT_PSK_WITH_AES_256_CCM_8 "PSK-AES256-CCM8"
jpayne@69 1037 # define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 "DHE-PSK-AES128-CCM8"
jpayne@69 1038 # define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 "DHE-PSK-AES256-CCM8"
jpayne@69 1039
jpayne@69 1040 /* CCM ciphersuites from RFC7251 */
jpayne@69 1041 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM "ECDHE-ECDSA-AES128-CCM"
jpayne@69 1042 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM "ECDHE-ECDSA-AES256-CCM"
jpayne@69 1043 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM8"
jpayne@69 1044 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 "ECDHE-ECDSA-AES256-CCM8"
jpayne@69 1045
jpayne@69 1046 /* ECDH HMAC based ciphersuites from RFC5289 */
jpayne@69 1047 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
jpayne@69 1048 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
jpayne@69 1049 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
jpayne@69 1050 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
jpayne@69 1051 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
jpayne@69 1052 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
jpayne@69 1053 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
jpayne@69 1054 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
jpayne@69 1055
jpayne@69 1056 /* ECDH GCM based ciphersuites from RFC5289 */
jpayne@69 1057 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
jpayne@69 1058 # define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
jpayne@69 1059 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
jpayne@69 1060 # define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
jpayne@69 1061 # define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
jpayne@69 1062 # define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
jpayne@69 1063 # define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
jpayne@69 1064 # define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
jpayne@69 1065
jpayne@69 1066 /* TLS v1.2 PSK GCM ciphersuites from RFC5487 */
jpayne@69 1067 # define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
jpayne@69 1068 # define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
jpayne@69 1069
jpayne@69 1070 /* ECDHE PSK ciphersuites from RFC 5489 */
jpayne@69 1071 # define TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA "ECDHE-PSK-RC4-SHA"
jpayne@69 1072 # define TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "ECDHE-PSK-3DES-EDE-CBC-SHA"
jpayne@69 1073 # define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
jpayne@69 1074 # define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
jpayne@69 1075
jpayne@69 1076 # define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-AES128-CBC-SHA256"
jpayne@69 1077 # define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-AES256-CBC-SHA384"
jpayne@69 1078
jpayne@69 1079 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA "ECDHE-PSK-NULL-SHA"
jpayne@69 1080 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 "ECDHE-PSK-NULL-SHA256"
jpayne@69 1081 # define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 "ECDHE-PSK-NULL-SHA384"
jpayne@69 1082
jpayne@69 1083 /* Camellia-CBC ciphersuites from RFC6367 */
jpayne@69 1084 # define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
jpayne@69 1085 # define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
jpayne@69 1086 # define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256"
jpayne@69 1087 # define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384"
jpayne@69 1088 # define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256"
jpayne@69 1089 # define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384"
jpayne@69 1090 # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
jpayne@69 1091 # define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
jpayne@69 1092
jpayne@69 1093 /* draft-ietf-tls-chacha20-poly1305-03 */
jpayne@69 1094 # define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
jpayne@69 1095 # define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
jpayne@69 1096 # define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
jpayne@69 1097 # define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 "PSK-CHACHA20-POLY1305"
jpayne@69 1098 # define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 "ECDHE-PSK-CHACHA20-POLY1305"
jpayne@69 1099 # define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
jpayne@69 1100 # define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
jpayne@69 1101
jpayne@69 1102 /* Aria ciphersuites from RFC6209 */
jpayne@69 1103 # define TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 "ARIA128-GCM-SHA256"
jpayne@69 1104 # define TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 "ARIA256-GCM-SHA384"
jpayne@69 1105 # define TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "DHE-RSA-ARIA128-GCM-SHA256"
jpayne@69 1106 # define TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "DHE-RSA-ARIA256-GCM-SHA384"
jpayne@69 1107 # define TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 "DH-RSA-ARIA128-GCM-SHA256"
jpayne@69 1108 # define TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 "DH-RSA-ARIA256-GCM-SHA384"
jpayne@69 1109 # define TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "DHE-DSS-ARIA128-GCM-SHA256"
jpayne@69 1110 # define TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "DHE-DSS-ARIA256-GCM-SHA384"
jpayne@69 1111 # define TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 "DH-DSS-ARIA128-GCM-SHA256"
jpayne@69 1112 # define TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 "DH-DSS-ARIA256-GCM-SHA384"
jpayne@69 1113 # define TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 "ADH-ARIA128-GCM-SHA256"
jpayne@69 1114 # define TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 "ADH-ARIA256-GCM-SHA384"
jpayne@69 1115 # define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ECDSA-ARIA128-GCM-SHA256"
jpayne@69 1116 # define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ECDSA-ARIA256-GCM-SHA384"
jpayne@69 1117 # define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ECDSA-ARIA128-GCM-SHA256"
jpayne@69 1118 # define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ECDSA-ARIA256-GCM-SHA384"
jpayne@69 1119 # define TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ARIA128-GCM-SHA256"
jpayne@69 1120 # define TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ARIA256-GCM-SHA384"
jpayne@69 1121 # define TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ARIA128-GCM-SHA256"
jpayne@69 1122 # define TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ARIA256-GCM-SHA384"
jpayne@69 1123 # define TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 "PSK-ARIA128-GCM-SHA256"
jpayne@69 1124 # define TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 "PSK-ARIA256-GCM-SHA384"
jpayne@69 1125 # define TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "DHE-PSK-ARIA128-GCM-SHA256"
jpayne@69 1126 # define TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "DHE-PSK-ARIA256-GCM-SHA384"
jpayne@69 1127 # define TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "RSA-PSK-ARIA128-GCM-SHA256"
jpayne@69 1128 # define TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "RSA-PSK-ARIA256-GCM-SHA384"
jpayne@69 1129
jpayne@69 1130 # define TLS_CT_RSA_SIGN 1
jpayne@69 1131 # define TLS_CT_DSS_SIGN 2
jpayne@69 1132 # define TLS_CT_RSA_FIXED_DH 3
jpayne@69 1133 # define TLS_CT_DSS_FIXED_DH 4
jpayne@69 1134 # define TLS_CT_ECDSA_SIGN 64
jpayne@69 1135 # define TLS_CT_RSA_FIXED_ECDH 65
jpayne@69 1136 # define TLS_CT_ECDSA_FIXED_ECDH 66
jpayne@69 1137 # define TLS_CT_GOST01_SIGN 22
jpayne@69 1138 # define TLS_CT_GOST12_SIGN 238
jpayne@69 1139 # define TLS_CT_GOST12_512_SIGN 239
jpayne@69 1140
jpayne@69 1141 /*
jpayne@69 1142 * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
jpayne@69 1143 * comment there)
jpayne@69 1144 */
jpayne@69 1145 # define TLS_CT_NUMBER 10
jpayne@69 1146
jpayne@69 1147 # if defined(SSL3_CT_NUMBER)
jpayne@69 1148 # if TLS_CT_NUMBER != SSL3_CT_NUMBER
jpayne@69 1149 # error "SSL/TLS CT_NUMBER values do not match"
jpayne@69 1150 # endif
jpayne@69 1151 # endif
jpayne@69 1152
jpayne@69 1153 # define TLS1_FINISH_MAC_LENGTH 12
jpayne@69 1154
jpayne@69 1155 # define TLS_MD_MAX_CONST_SIZE 22
jpayne@69 1156 # define TLS_MD_CLIENT_FINISH_CONST "client finished"
jpayne@69 1157 # define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
jpayne@69 1158 # define TLS_MD_SERVER_FINISH_CONST "server finished"
jpayne@69 1159 # define TLS_MD_SERVER_FINISH_CONST_SIZE 15
jpayne@69 1160 # define TLS_MD_KEY_EXPANSION_CONST "key expansion"
jpayne@69 1161 # define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
jpayne@69 1162 # define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
jpayne@69 1163 # define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
jpayne@69 1164 # define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
jpayne@69 1165 # define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
jpayne@69 1166 # define TLS_MD_IV_BLOCK_CONST "IV block"
jpayne@69 1167 # define TLS_MD_IV_BLOCK_CONST_SIZE 8
jpayne@69 1168 # define TLS_MD_MASTER_SECRET_CONST "master secret"
jpayne@69 1169 # define TLS_MD_MASTER_SECRET_CONST_SIZE 13
jpayne@69 1170 # define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret"
jpayne@69 1171 # define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22
jpayne@69 1172
jpayne@69 1173 # ifdef CHARSET_EBCDIC
jpayne@69 1174 # undef TLS_MD_CLIENT_FINISH_CONST
jpayne@69 1175 /*
jpayne@69 1176 * client finished
jpayne@69 1177 */
jpayne@69 1178 # define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
jpayne@69 1179
jpayne@69 1180 # undef TLS_MD_SERVER_FINISH_CONST
jpayne@69 1181 /*
jpayne@69 1182 * server finished
jpayne@69 1183 */
jpayne@69 1184 # define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
jpayne@69 1185
jpayne@69 1186 # undef TLS_MD_SERVER_WRITE_KEY_CONST
jpayne@69 1187 /*
jpayne@69 1188 * server write key
jpayne@69 1189 */
jpayne@69 1190 # define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
jpayne@69 1191
jpayne@69 1192 # undef TLS_MD_KEY_EXPANSION_CONST
jpayne@69 1193 /*
jpayne@69 1194 * key expansion
jpayne@69 1195 */
jpayne@69 1196 # define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
jpayne@69 1197
jpayne@69 1198 # undef TLS_MD_CLIENT_WRITE_KEY_CONST
jpayne@69 1199 /*
jpayne@69 1200 * client write key
jpayne@69 1201 */
jpayne@69 1202 # define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
jpayne@69 1203
jpayne@69 1204 # undef TLS_MD_SERVER_WRITE_KEY_CONST
jpayne@69 1205 /*
jpayne@69 1206 * server write key
jpayne@69 1207 */
jpayne@69 1208 # define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
jpayne@69 1209
jpayne@69 1210 # undef TLS_MD_IV_BLOCK_CONST
jpayne@69 1211 /*
jpayne@69 1212 * IV block
jpayne@69 1213 */
jpayne@69 1214 # define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
jpayne@69 1215
jpayne@69 1216 # undef TLS_MD_MASTER_SECRET_CONST
jpayne@69 1217 /*
jpayne@69 1218 * master secret
jpayne@69 1219 */
jpayne@69 1220 # define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
jpayne@69 1221 # undef TLS_MD_EXTENDED_MASTER_SECRET_CONST
jpayne@69 1222 /*
jpayne@69 1223 * extended master secret
jpayne@69 1224 */
jpayne@69 1225 # define TLS_MD_EXTENDED_MASTER_SECRET_CONST "\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
jpayne@69 1226 # endif
jpayne@69 1227
jpayne@69 1228 /* TLS Session Ticket extension struct */
jpayne@69 1229 struct tls_session_ticket_ext_st {
jpayne@69 1230 unsigned short length;
jpayne@69 1231 void *data;
jpayne@69 1232 };
jpayne@69 1233
jpayne@69 1234 #ifdef __cplusplus
jpayne@69 1235 }
jpayne@69 1236 #endif
jpayne@69 1237 #endif