summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-05-23 16:33:34 +0000
committerjsing <>2014-05-23 16:33:34 +0000
commitf45c42a424db08b181a298910b787cb0925af5b5 (patch)
tree0c4e38e76c989bf49bbb958d0d77f96259fbc775 /src
parentfdff2df5269b78a0c99c761b7f95d9a2cf78cb08 (diff)
downloadopenbsd-f45c42a424db08b181a298910b787cb0925af5b5.tar.gz
openbsd-f45c42a424db08b181a298910b787cb0925af5b5.tar.bz2
openbsd-f45c42a424db08b181a298910b787cb0925af5b5.zip
Clean up the SSL cipher initialisation and use C99 initialisers for
clarity, grepability and to protect from future field reordering/removal. ok miod@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/s3_lib.c3421
-rw-r--r--src/lib/libssl/src/ssl/s3_lib.c3421
2 files changed, 3424 insertions, 3418 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 0bb74760f2..f14cbd0c99 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -168,725 +168,725 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
168/* list of available SSLv3 ciphers (sorted by id) */ 168/* list of available SSLv3 ciphers (sorted by id) */
169SSL_CIPHER ssl3_ciphers[] = { 169SSL_CIPHER ssl3_ciphers[] = {
170 170
171/* The RSA ciphers */ 171 /* The RSA ciphers */
172/* Cipher 01 */ 172 /* Cipher 01 */
173 { 173 {
174 1, 174 .valid = 1,
175 SSL3_TXT_RSA_NULL_MD5, 175 .name = SSL3_TXT_RSA_NULL_MD5,
176 SSL3_CK_RSA_NULL_MD5, 176 .id = SSL3_CK_RSA_NULL_MD5,
177 SSL_kRSA, 177 .algorithm_mkey = SSL_kRSA,
178 SSL_aRSA, 178 .algorithm_auth = SSL_aRSA,
179 SSL_eNULL, 179 .algorithm_enc = SSL_eNULL,
180 SSL_MD5, 180 .algorithm_mac = SSL_MD5,
181 SSL_SSLV3, 181 .algorithm_ssl = SSL_SSLV3,
182 SSL_NOT_EXP|SSL_STRONG_NONE, 182 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
183 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 183 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
184 0, 184 .strength_bits = 0,
185 0, 185 .alg_bits = 0,
186 }, 186 },
187 187
188/* Cipher 02 */ 188 /* Cipher 02 */
189 { 189 {
190 1, 190 .valid = 1,
191 SSL3_TXT_RSA_NULL_SHA, 191 .name = SSL3_TXT_RSA_NULL_SHA,
192 SSL3_CK_RSA_NULL_SHA, 192 .id = SSL3_CK_RSA_NULL_SHA,
193 SSL_kRSA, 193 .algorithm_mkey = SSL_kRSA,
194 SSL_aRSA, 194 .algorithm_auth = SSL_aRSA,
195 SSL_eNULL, 195 .algorithm_enc = SSL_eNULL,
196 SSL_SHA1, 196 .algorithm_mac = SSL_SHA1,
197 SSL_SSLV3, 197 .algorithm_ssl = SSL_SSLV3,
198 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 198 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
199 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 199 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
200 0, 200 .strength_bits = 0,
201 0, 201 .alg_bits = 0,
202 }, 202 },
203 203
204/* Cipher 03 */ 204 /* Cipher 03 */
205 { 205 {
206 1, 206 .valid = 1,
207 SSL3_TXT_RSA_RC4_40_MD5, 207 .name = SSL3_TXT_RSA_RC4_40_MD5,
208 SSL3_CK_RSA_RC4_40_MD5, 208 .id = SSL3_CK_RSA_RC4_40_MD5,
209 SSL_kRSA, 209 .algorithm_mkey = SSL_kRSA,
210 SSL_aRSA, 210 .algorithm_auth = SSL_aRSA,
211 SSL_RC4, 211 .algorithm_enc = SSL_RC4,
212 SSL_MD5, 212 .algorithm_mac = SSL_MD5,
213 SSL_SSLV3, 213 .algorithm_ssl = SSL_SSLV3,
214 SSL_EXPORT|SSL_EXP40, 214 .algo_strength = SSL_EXPORT|SSL_EXP40,
215 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 215 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
216 40, 216 .strength_bits = 40,
217 128, 217 .alg_bits = 128,
218 }, 218 },
219 219
220/* Cipher 04 */ 220 /* Cipher 04 */
221 { 221 {
222 1, 222 .valid = 1,
223 SSL3_TXT_RSA_RC4_128_MD5, 223 .name = SSL3_TXT_RSA_RC4_128_MD5,
224 SSL3_CK_RSA_RC4_128_MD5, 224 .id = SSL3_CK_RSA_RC4_128_MD5,
225 SSL_kRSA, 225 .algorithm_mkey = SSL_kRSA,
226 SSL_aRSA, 226 .algorithm_auth = SSL_aRSA,
227 SSL_RC4, 227 .algorithm_enc = SSL_RC4,
228 SSL_MD5, 228 .algorithm_mac = SSL_MD5,
229 SSL_SSLV3, 229 .algorithm_ssl = SSL_SSLV3,
230 SSL_NOT_EXP|SSL_MEDIUM, 230 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
231 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 231 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
232 128, 232 .strength_bits = 128,
233 128, 233 .alg_bits = 128,
234 }, 234 },
235 235
236/* Cipher 05 */ 236 /* Cipher 05 */
237 { 237 {
238 1, 238 .valid = 1,
239 SSL3_TXT_RSA_RC4_128_SHA, 239 .name = SSL3_TXT_RSA_RC4_128_SHA,
240 SSL3_CK_RSA_RC4_128_SHA, 240 .id = SSL3_CK_RSA_RC4_128_SHA,
241 SSL_kRSA, 241 .algorithm_mkey = SSL_kRSA,
242 SSL_aRSA, 242 .algorithm_auth = SSL_aRSA,
243 SSL_RC4, 243 .algorithm_enc = SSL_RC4,
244 SSL_SHA1, 244 .algorithm_mac = SSL_SHA1,
245 SSL_SSLV3, 245 .algorithm_ssl = SSL_SSLV3,
246 SSL_NOT_EXP|SSL_MEDIUM, 246 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
247 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 247 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
248 128, 248 .strength_bits = 128,
249 128, 249 .alg_bits = 128,
250 }, 250 },
251 251
252/* Cipher 06 */ 252 /* Cipher 06 */
253 { 253 {
254 1, 254 .valid = 1,
255 SSL3_TXT_RSA_RC2_40_MD5, 255 .name = SSL3_TXT_RSA_RC2_40_MD5,
256 SSL3_CK_RSA_RC2_40_MD5, 256 .id = SSL3_CK_RSA_RC2_40_MD5,
257 SSL_kRSA, 257 .algorithm_mkey = SSL_kRSA,
258 SSL_aRSA, 258 .algorithm_auth = SSL_aRSA,
259 SSL_RC2, 259 .algorithm_enc = SSL_RC2,
260 SSL_MD5, 260 .algorithm_mac = SSL_MD5,
261 SSL_SSLV3, 261 .algorithm_ssl = SSL_SSLV3,
262 SSL_EXPORT|SSL_EXP40, 262 .algo_strength = SSL_EXPORT|SSL_EXP40,
263 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 263 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
264 40, 264 .strength_bits = 40,
265 128, 265 .alg_bits = 128,
266 }, 266 },
267 267
268/* Cipher 07 */ 268 /* Cipher 07 */
269#ifndef OPENSSL_NO_IDEA 269#ifndef OPENSSL_NO_IDEA
270 { 270 {
271 1, 271 .valid = 1,
272 SSL3_TXT_RSA_IDEA_128_SHA, 272 .name = SSL3_TXT_RSA_IDEA_128_SHA,
273 SSL3_CK_RSA_IDEA_128_SHA, 273 .id = SSL3_CK_RSA_IDEA_128_SHA,
274 SSL_kRSA, 274 .algorithm_mkey = SSL_kRSA,
275 SSL_aRSA, 275 .algorithm_auth = SSL_aRSA,
276 SSL_IDEA, 276 .algorithm_enc = SSL_IDEA,
277 SSL_SHA1, 277 .algorithm_mac = SSL_SHA1,
278 SSL_SSLV3, 278 .algorithm_ssl = SSL_SSLV3,
279 SSL_NOT_EXP|SSL_MEDIUM, 279 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
280 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 280 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
281 128, 281 .strength_bits = 128,
282 128, 282 .alg_bits = 128,
283 }, 283 },
284#endif 284#endif
285 285
286/* Cipher 08 */ 286 /* Cipher 08 */
287 { 287 {
288 1, 288 .valid = 1,
289 SSL3_TXT_RSA_DES_40_CBC_SHA, 289 .name = SSL3_TXT_RSA_DES_40_CBC_SHA,
290 SSL3_CK_RSA_DES_40_CBC_SHA, 290 .id = SSL3_CK_RSA_DES_40_CBC_SHA,
291 SSL_kRSA, 291 .algorithm_mkey = SSL_kRSA,
292 SSL_aRSA, 292 .algorithm_auth = SSL_aRSA,
293 SSL_DES, 293 .algorithm_enc = SSL_DES,
294 SSL_SHA1, 294 .algorithm_mac = SSL_SHA1,
295 SSL_SSLV3, 295 .algorithm_ssl = SSL_SSLV3,
296 SSL_EXPORT|SSL_EXP40, 296 .algo_strength = SSL_EXPORT|SSL_EXP40,
297 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 297 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
298 40, 298 .strength_bits = 40,
299 56, 299 .alg_bits = 56,
300 }, 300 },
301 301
302/* Cipher 09 */ 302 /* Cipher 09 */
303 { 303 {
304 1, 304 .valid = 1,
305 SSL3_TXT_RSA_DES_64_CBC_SHA, 305 .name = SSL3_TXT_RSA_DES_64_CBC_SHA,
306 SSL3_CK_RSA_DES_64_CBC_SHA, 306 .id = SSL3_CK_RSA_DES_64_CBC_SHA,
307 SSL_kRSA, 307 .algorithm_mkey = SSL_kRSA,
308 SSL_aRSA, 308 .algorithm_auth = SSL_aRSA,
309 SSL_DES, 309 .algorithm_enc = SSL_DES,
310 SSL_SHA1, 310 .algorithm_mac = SSL_SHA1,
311 SSL_SSLV3, 311 .algorithm_ssl = SSL_SSLV3,
312 SSL_NOT_EXP|SSL_LOW, 312 .algo_strength = SSL_NOT_EXP|SSL_LOW,
313 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 313 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
314 56, 314 .strength_bits = 56,
315 56, 315 .alg_bits = 56,
316 }, 316 },
317 317
318/* Cipher 0A */ 318 /* Cipher 0A */
319 { 319 {
320 1, 320 .valid = 1,
321 SSL3_TXT_RSA_DES_192_CBC3_SHA, 321 .name = SSL3_TXT_RSA_DES_192_CBC3_SHA,
322 SSL3_CK_RSA_DES_192_CBC3_SHA, 322 .id = SSL3_CK_RSA_DES_192_CBC3_SHA,
323 SSL_kRSA, 323 .algorithm_mkey = SSL_kRSA,
324 SSL_aRSA, 324 .algorithm_auth = SSL_aRSA,
325 SSL_3DES, 325 .algorithm_enc = SSL_3DES,
326 SSL_SHA1, 326 .algorithm_mac = SSL_SHA1,
327 SSL_SSLV3, 327 .algorithm_ssl = SSL_SSLV3,
328 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 328 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
329 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 329 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
330 168, 330 .strength_bits = 168,
331 168, 331 .alg_bits = 168,
332 }, 332 },
333 333
334/* The DH ciphers */ 334 /* The DH ciphers */
335/* Cipher 0B */ 335 /* Cipher 0B */
336 { 336 {
337 0, 337 .valid = 0,
338 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 338 .name = SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
339 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 339 .id = SSL3_CK_DH_DSS_DES_40_CBC_SHA,
340 SSL_kDHd, 340 .algorithm_mkey = SSL_kDHd,
341 SSL_aDH, 341 .algorithm_auth = SSL_aDH,
342 SSL_DES, 342 .algorithm_enc = SSL_DES,
343 SSL_SHA1, 343 .algorithm_mac = SSL_SHA1,
344 SSL_SSLV3, 344 .algorithm_ssl = SSL_SSLV3,
345 SSL_EXPORT|SSL_EXP40, 345 .algo_strength = SSL_EXPORT|SSL_EXP40,
346 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 346 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
347 40, 347 .strength_bits = 40,
348 56, 348 .alg_bits = 56,
349 }, 349 },
350 350
351/* Cipher 0C */ 351 /* Cipher 0C */
352 { 352 {
353 0, /* not implemented (non-ephemeral DH) */ 353 .valid = 0, /* not implemented (non-ephemeral DH) */
354 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 354 .name = SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
355 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 355 .id = SSL3_CK_DH_DSS_DES_64_CBC_SHA,
356 SSL_kDHd, 356 .algorithm_mkey = SSL_kDHd,
357 SSL_aDH, 357 .algorithm_auth = SSL_aDH,
358 SSL_DES, 358 .algorithm_enc = SSL_DES,
359 SSL_SHA1, 359 .algorithm_mac = SSL_SHA1,
360 SSL_SSLV3, 360 .algorithm_ssl = SSL_SSLV3,
361 SSL_NOT_EXP|SSL_LOW, 361 .algo_strength = SSL_NOT_EXP|SSL_LOW,
362 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 362 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
363 56, 363 .strength_bits = 56,
364 56, 364 .alg_bits = 56,
365 }, 365 },
366 366
367/* Cipher 0D */ 367 /* Cipher 0D */
368 { 368 {
369 0, /* not implemented (non-ephemeral DH) */ 369 .valid = 0, /* not implemented (non-ephemeral DH) */
370 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 370 .name = SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
371 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 371 .id = SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
372 SSL_kDHd, 372 .algorithm_mkey = SSL_kDHd,
373 SSL_aDH, 373 .algorithm_auth = SSL_aDH,
374 SSL_3DES, 374 .algorithm_enc = SSL_3DES,
375 SSL_SHA1, 375 .algorithm_mac = SSL_SHA1,
376 SSL_SSLV3, 376 .algorithm_ssl = SSL_SSLV3,
377 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 377 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
378 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 378 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
379 168, 379 .strength_bits = 168,
380 168, 380 .alg_bits = 168,
381 }, 381 },
382 382
383/* Cipher 0E */ 383 /* Cipher 0E */
384 { 384 {
385 0, /* not implemented (non-ephemeral DH) */ 385 .valid = 0, /* not implemented (non-ephemeral DH) */
386 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 386 .name = SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
387 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 387 .id = SSL3_CK_DH_RSA_DES_40_CBC_SHA,
388 SSL_kDHr, 388 .algorithm_mkey = SSL_kDHr,
389 SSL_aDH, 389 .algorithm_auth = SSL_aDH,
390 SSL_DES, 390 .algorithm_enc = SSL_DES,
391 SSL_SHA1, 391 .algorithm_mac = SSL_SHA1,
392 SSL_SSLV3, 392 .algorithm_ssl = SSL_SSLV3,
393 SSL_EXPORT|SSL_EXP40, 393 .algo_strength = SSL_EXPORT|SSL_EXP40,
394 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 394 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
395 40, 395 .strength_bits = 40,
396 56, 396 .alg_bits = 56,
397 }, 397 },
398 398
399/* Cipher 0F */ 399 /* Cipher 0F */
400 { 400 {
401 0, /* not implemented (non-ephemeral DH) */ 401 .valid = 0, /* not implemented (non-ephemeral DH) */
402 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 402 .name = SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
403 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 403 .id = SSL3_CK_DH_RSA_DES_64_CBC_SHA,
404 SSL_kDHr, 404 .algorithm_mkey = SSL_kDHr,
405 SSL_aDH, 405 .algorithm_auth = SSL_aDH,
406 SSL_DES, 406 .algorithm_enc = SSL_DES,
407 SSL_SHA1, 407 .algorithm_mac = SSL_SHA1,
408 SSL_SSLV3, 408 .algorithm_ssl = SSL_SSLV3,
409 SSL_NOT_EXP|SSL_LOW, 409 .algo_strength = SSL_NOT_EXP|SSL_LOW,
410 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 410 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
411 56, 411 .strength_bits = 56,
412 56, 412 .alg_bits = 56,
413 }, 413 },
414 414
415/* Cipher 10 */ 415 /* Cipher 10 */
416 { 416 {
417 0, /* not implemented (non-ephemeral DH) */ 417 .valid = 0, /* not implemented (non-ephemeral DH) */
418 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 418 .name = SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
419 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 419 .id = SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
420 SSL_kDHr, 420 .algorithm_mkey = SSL_kDHr,
421 SSL_aDH, 421 .algorithm_auth = SSL_aDH,
422 SSL_3DES, 422 .algorithm_enc = SSL_3DES,
423 SSL_SHA1, 423 .algorithm_mac = SSL_SHA1,
424 SSL_SSLV3, 424 .algorithm_ssl = SSL_SSLV3,
425 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 425 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
426 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 426 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
427 168, 427 .strength_bits = 168,
428 168, 428 .alg_bits = 168,
429 }, 429 },
430 430
431/* The Ephemeral DH ciphers */ 431 /* The Ephemeral DH ciphers */
432/* Cipher 11 */ 432 /* Cipher 11 */
433 { 433 {
434 1, 434 .valid = 1,
435 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 435 .name = SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
436 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 436 .id = SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
437 SSL_kEDH, 437 .algorithm_mkey = SSL_kEDH,
438 SSL_aDSS, 438 .algorithm_auth = SSL_aDSS,
439 SSL_DES, 439 .algorithm_enc = SSL_DES,
440 SSL_SHA1, 440 .algorithm_mac = SSL_SHA1,
441 SSL_SSLV3, 441 .algorithm_ssl = SSL_SSLV3,
442 SSL_EXPORT|SSL_EXP40, 442 .algo_strength = SSL_EXPORT|SSL_EXP40,
443 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 443 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
444 40, 444 .strength_bits = 40,
445 56, 445 .alg_bits = 56,
446 }, 446 },
447 447
448/* Cipher 12 */ 448 /* Cipher 12 */
449 { 449 {
450 1, 450 .valid = 1,
451 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 451 .name = SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
452 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 452 .id = SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
453 SSL_kEDH, 453 .algorithm_mkey = SSL_kEDH,
454 SSL_aDSS, 454 .algorithm_auth = SSL_aDSS,
455 SSL_DES, 455 .algorithm_enc = SSL_DES,
456 SSL_SHA1, 456 .algorithm_mac = SSL_SHA1,
457 SSL_SSLV3, 457 .algorithm_ssl = SSL_SSLV3,
458 SSL_NOT_EXP|SSL_LOW, 458 .algo_strength = SSL_NOT_EXP|SSL_LOW,
459 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 459 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
460 56, 460 .strength_bits = 56,
461 56, 461 .alg_bits = 56,
462 }, 462 },
463 463
464/* Cipher 13 */ 464 /* Cipher 13 */
465 { 465 {
466 1, 466 .valid = 1,
467 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 467 .name = SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
468 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 468 .id = SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
469 SSL_kEDH, 469 .algorithm_mkey = SSL_kEDH,
470 SSL_aDSS, 470 .algorithm_auth = SSL_aDSS,
471 SSL_3DES, 471 .algorithm_enc = SSL_3DES,
472 SSL_SHA1, 472 .algorithm_mac = SSL_SHA1,
473 SSL_SSLV3, 473 .algorithm_ssl = SSL_SSLV3,
474 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 474 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
475 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 475 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
476 168, 476 .strength_bits = 168,
477 168, 477 .alg_bits = 168,
478 }, 478 },
479 479
480/* Cipher 14 */ 480 /* Cipher 14 */
481 { 481 {
482 1, 482 .valid = 1,
483 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 483 .name = SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
484 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 484 .id = SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
485 SSL_kEDH, 485 .algorithm_mkey = SSL_kEDH,
486 SSL_aRSA, 486 .algorithm_auth = SSL_aRSA,
487 SSL_DES, 487 .algorithm_enc = SSL_DES,
488 SSL_SHA1, 488 .algorithm_mac = SSL_SHA1,
489 SSL_SSLV3, 489 .algorithm_ssl = SSL_SSLV3,
490 SSL_EXPORT|SSL_EXP40, 490 .algo_strength = SSL_EXPORT|SSL_EXP40,
491 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 491 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
492 40, 492 .strength_bits = 40,
493 56, 493 .alg_bits = 56,
494 }, 494 },
495 495
496/* Cipher 15 */ 496 /* Cipher 15 */
497 { 497 {
498 1, 498 .valid = 1,
499 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 499 .name = SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
500 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 500 .id = SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
501 SSL_kEDH, 501 .algorithm_mkey = SSL_kEDH,
502 SSL_aRSA, 502 .algorithm_auth = SSL_aRSA,
503 SSL_DES, 503 .algorithm_enc = SSL_DES,
504 SSL_SHA1, 504 .algorithm_mac = SSL_SHA1,
505 SSL_SSLV3, 505 .algorithm_ssl = SSL_SSLV3,
506 SSL_NOT_EXP|SSL_LOW, 506 .algo_strength = SSL_NOT_EXP|SSL_LOW,
507 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 507 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
508 56, 508 .strength_bits = 56,
509 56, 509 .alg_bits = 56,
510 }, 510 },
511 511
512/* Cipher 16 */ 512 /* Cipher 16 */
513 { 513 {
514 1, 514 .valid = 1,
515 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 515 .name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
516 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 516 .id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
517 SSL_kEDH, 517 .algorithm_mkey = SSL_kEDH,
518 SSL_aRSA, 518 .algorithm_auth = SSL_aRSA,
519 SSL_3DES, 519 .algorithm_enc = SSL_3DES,
520 SSL_SHA1, 520 .algorithm_mac = SSL_SHA1,
521 SSL_SSLV3, 521 .algorithm_ssl = SSL_SSLV3,
522 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 522 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
523 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 523 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
524 168, 524 .strength_bits = 168,
525 168, 525 .alg_bits = 168,
526 }, 526 },
527 527
528/* Cipher 17 */ 528 /* Cipher 17 */
529 { 529 {
530 1, 530 .valid = 1,
531 SSL3_TXT_ADH_RC4_40_MD5, 531 .name = SSL3_TXT_ADH_RC4_40_MD5,
532 SSL3_CK_ADH_RC4_40_MD5, 532 .id = SSL3_CK_ADH_RC4_40_MD5,
533 SSL_kEDH, 533 .algorithm_mkey = SSL_kEDH,
534 SSL_aNULL, 534 .algorithm_auth = SSL_aNULL,
535 SSL_RC4, 535 .algorithm_enc = SSL_RC4,
536 SSL_MD5, 536 .algorithm_mac = SSL_MD5,
537 SSL_SSLV3, 537 .algorithm_ssl = SSL_SSLV3,
538 SSL_EXPORT|SSL_EXP40, 538 .algo_strength = SSL_EXPORT|SSL_EXP40,
539 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 539 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
540 40, 540 .strength_bits = 40,
541 128, 541 .alg_bits = 128,
542 }, 542 },
543 543
544/* Cipher 18 */ 544 /* Cipher 18 */
545 { 545 {
546 1, 546 .valid = 1,
547 SSL3_TXT_ADH_RC4_128_MD5, 547 .name = SSL3_TXT_ADH_RC4_128_MD5,
548 SSL3_CK_ADH_RC4_128_MD5, 548 .id = SSL3_CK_ADH_RC4_128_MD5,
549 SSL_kEDH, 549 .algorithm_mkey = SSL_kEDH,
550 SSL_aNULL, 550 .algorithm_auth = SSL_aNULL,
551 SSL_RC4, 551 .algorithm_enc = SSL_RC4,
552 SSL_MD5, 552 .algorithm_mac = SSL_MD5,
553 SSL_SSLV3, 553 .algorithm_ssl = SSL_SSLV3,
554 SSL_NOT_EXP|SSL_MEDIUM, 554 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
555 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 555 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
556 128, 556 .strength_bits = 128,
557 128, 557 .alg_bits = 128,
558 }, 558 },
559 559
560/* Cipher 19 */ 560 /* Cipher 19 */
561 { 561 {
562 1, 562 .valid = 1,
563 SSL3_TXT_ADH_DES_40_CBC_SHA, 563 .name = SSL3_TXT_ADH_DES_40_CBC_SHA,
564 SSL3_CK_ADH_DES_40_CBC_SHA, 564 .id = SSL3_CK_ADH_DES_40_CBC_SHA,
565 SSL_kEDH, 565 .algorithm_mkey = SSL_kEDH,
566 SSL_aNULL, 566 .algorithm_auth = SSL_aNULL,
567 SSL_DES, 567 .algorithm_enc = SSL_DES,
568 SSL_SHA1, 568 .algorithm_mac = SSL_SHA1,
569 SSL_SSLV3, 569 .algorithm_ssl = SSL_SSLV3,
570 SSL_EXPORT|SSL_EXP40, 570 .algo_strength = SSL_EXPORT|SSL_EXP40,
571 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 571 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
572 40, 572 .strength_bits = 40,
573 128, 573 .alg_bits = 128,
574 }, 574 },
575 575
576/* Cipher 1A */ 576 /* Cipher 1A */
577 { 577 {
578 1, 578 .valid = 1,
579 SSL3_TXT_ADH_DES_64_CBC_SHA, 579 .name = SSL3_TXT_ADH_DES_64_CBC_SHA,
580 SSL3_CK_ADH_DES_64_CBC_SHA, 580 .id = SSL3_CK_ADH_DES_64_CBC_SHA,
581 SSL_kEDH, 581 .algorithm_mkey = SSL_kEDH,
582 SSL_aNULL, 582 .algorithm_auth = SSL_aNULL,
583 SSL_DES, 583 .algorithm_enc = SSL_DES,
584 SSL_SHA1, 584 .algorithm_mac = SSL_SHA1,
585 SSL_SSLV3, 585 .algorithm_ssl = SSL_SSLV3,
586 SSL_NOT_EXP|SSL_LOW, 586 .algo_strength = SSL_NOT_EXP|SSL_LOW,
587 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 587 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
588 56, 588 .strength_bits = 56,
589 56, 589 .alg_bits = 56,
590 }, 590 },
591 591
592/* Cipher 1B */ 592 /* Cipher 1B */
593 { 593 {
594 1, 594 .valid = 1,
595 SSL3_TXT_ADH_DES_192_CBC_SHA, 595 .name = SSL3_TXT_ADH_DES_192_CBC_SHA,
596 SSL3_CK_ADH_DES_192_CBC_SHA, 596 .id = SSL3_CK_ADH_DES_192_CBC_SHA,
597 SSL_kEDH, 597 .algorithm_mkey = SSL_kEDH,
598 SSL_aNULL, 598 .algorithm_auth = SSL_aNULL,
599 SSL_3DES, 599 .algorithm_enc = SSL_3DES,
600 SSL_SHA1, 600 .algorithm_mac = SSL_SHA1,
601 SSL_SSLV3, 601 .algorithm_ssl = SSL_SSLV3,
602 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 602 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
603 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 603 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
604 168, 604 .strength_bits = 168,
605 168, 605 .alg_bits = 168,
606 }, 606 },
607 607
608/* New AES ciphersuites */ 608 /* New AES ciphersuites */
609/* Cipher 2F */ 609 /* Cipher 2F */
610 { 610 {
611 1, 611 .valid = 1,
612 TLS1_TXT_RSA_WITH_AES_128_SHA, 612 .name = TLS1_TXT_RSA_WITH_AES_128_SHA,
613 TLS1_CK_RSA_WITH_AES_128_SHA, 613 .id = TLS1_CK_RSA_WITH_AES_128_SHA,
614 SSL_kRSA, 614 .algorithm_mkey = SSL_kRSA,
615 SSL_aRSA, 615 .algorithm_auth = SSL_aRSA,
616 SSL_AES128, 616 .algorithm_enc = SSL_AES128,
617 SSL_SHA1, 617 .algorithm_mac = SSL_SHA1,
618 SSL_TLSV1, 618 .algorithm_ssl = SSL_TLSV1,
619 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 619 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
620 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 620 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
621 128, 621 .strength_bits = 128,
622 128, 622 .alg_bits = 128,
623 }, 623 },
624/* Cipher 30 */ 624 /* Cipher 30 */
625 { 625 {
626 0, 626 .valid = 0,
627 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 627 .name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
628 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 628 .id = TLS1_CK_DH_DSS_WITH_AES_128_SHA,
629 SSL_kDHd, 629 .algorithm_mkey = SSL_kDHd,
630 SSL_aDH, 630 .algorithm_auth = SSL_aDH,
631 SSL_AES128, 631 .algorithm_enc = SSL_AES128,
632 SSL_SHA1, 632 .algorithm_mac = SSL_SHA1,
633 SSL_TLSV1, 633 .algorithm_ssl = SSL_TLSV1,
634 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 634 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
635 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 635 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
636 128, 636 .strength_bits = 128,
637 128, 637 .alg_bits = 128,
638 }, 638 },
639/* Cipher 31 */ 639 /* Cipher 31 */
640 { 640 {
641 0, 641 .valid = 0,
642 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 642 .name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
643 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 643 .id = TLS1_CK_DH_RSA_WITH_AES_128_SHA,
644 SSL_kDHr, 644 .algorithm_mkey = SSL_kDHr,
645 SSL_aDH, 645 .algorithm_auth = SSL_aDH,
646 SSL_AES128, 646 .algorithm_enc = SSL_AES128,
647 SSL_SHA1, 647 .algorithm_mac = SSL_SHA1,
648 SSL_TLSV1, 648 .algorithm_ssl = SSL_TLSV1,
649 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 649 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
650 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 650 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
651 128, 651 .strength_bits = 128,
652 128, 652 .alg_bits = 128,
653 }, 653 },
654/* Cipher 32 */ 654 /* Cipher 32 */
655 { 655 {
656 1, 656 .valid = 1,
657 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 657 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
658 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 658 .id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
659 SSL_kEDH, 659 .algorithm_mkey = SSL_kEDH,
660 SSL_aDSS, 660 .algorithm_auth = SSL_aDSS,
661 SSL_AES128, 661 .algorithm_enc = SSL_AES128,
662 SSL_SHA1, 662 .algorithm_mac = SSL_SHA1,
663 SSL_TLSV1, 663 .algorithm_ssl = SSL_TLSV1,
664 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 664 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
665 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 665 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
666 128, 666 .strength_bits = 128,
667 128, 667 .alg_bits = 128,
668 }, 668 },
669/* Cipher 33 */ 669 /* Cipher 33 */
670 { 670 {
671 1, 671 .valid = 1,
672 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 672 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
673 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 673 .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
674 SSL_kEDH, 674 .algorithm_mkey = SSL_kEDH,
675 SSL_aRSA, 675 .algorithm_auth = SSL_aRSA,
676 SSL_AES128, 676 .algorithm_enc = SSL_AES128,
677 SSL_SHA1, 677 .algorithm_mac = SSL_SHA1,
678 SSL_TLSV1, 678 .algorithm_ssl = SSL_TLSV1,
679 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 679 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
680 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 680 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
681 128, 681 .strength_bits = 128,
682 128, 682 .alg_bits = 128,
683 }, 683 },
684/* Cipher 34 */ 684 /* Cipher 34 */
685 { 685 {
686 1, 686 .valid = 1,
687 TLS1_TXT_ADH_WITH_AES_128_SHA, 687 .name = TLS1_TXT_ADH_WITH_AES_128_SHA,
688 TLS1_CK_ADH_WITH_AES_128_SHA, 688 .id = TLS1_CK_ADH_WITH_AES_128_SHA,
689 SSL_kEDH, 689 .algorithm_mkey = SSL_kEDH,
690 SSL_aNULL, 690 .algorithm_auth = SSL_aNULL,
691 SSL_AES128, 691 .algorithm_enc = SSL_AES128,
692 SSL_SHA1, 692 .algorithm_mac = SSL_SHA1,
693 SSL_TLSV1, 693 .algorithm_ssl = SSL_TLSV1,
694 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 694 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
695 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 695 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
696 128, 696 .strength_bits = 128,
697 128, 697 .alg_bits = 128,
698 }, 698 },
699 699
700/* Cipher 35 */ 700 /* Cipher 35 */
701 { 701 {
702 1, 702 .valid = 1,
703 TLS1_TXT_RSA_WITH_AES_256_SHA, 703 .name = TLS1_TXT_RSA_WITH_AES_256_SHA,
704 TLS1_CK_RSA_WITH_AES_256_SHA, 704 .id = TLS1_CK_RSA_WITH_AES_256_SHA,
705 SSL_kRSA, 705 .algorithm_mkey = SSL_kRSA,
706 SSL_aRSA, 706 .algorithm_auth = SSL_aRSA,
707 SSL_AES256, 707 .algorithm_enc = SSL_AES256,
708 SSL_SHA1, 708 .algorithm_mac = SSL_SHA1,
709 SSL_TLSV1, 709 .algorithm_ssl = SSL_TLSV1,
710 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 710 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
711 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 711 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
712 256, 712 .strength_bits = 256,
713 256, 713 .alg_bits = 256,
714 }, 714 },
715/* Cipher 36 */ 715 /* Cipher 36 */
716 { 716 {
717 0, 717 .valid = 0,
718 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 718 .name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
719 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 719 .id = TLS1_CK_DH_DSS_WITH_AES_256_SHA,
720 SSL_kDHd, 720 .algorithm_mkey = SSL_kDHd,
721 SSL_aDH, 721 .algorithm_auth = SSL_aDH,
722 SSL_AES256, 722 .algorithm_enc = SSL_AES256,
723 SSL_SHA1, 723 .algorithm_mac = SSL_SHA1,
724 SSL_TLSV1, 724 .algorithm_ssl = SSL_TLSV1,
725 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 725 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
726 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 726 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
727 256, 727 .strength_bits = 256,
728 256, 728 .alg_bits = 256,
729 }, 729 },
730 730
731/* Cipher 37 */ 731 /* Cipher 37 */
732 { 732 {
733 0, /* not implemented (non-ephemeral DH) */ 733 .valid = 0, /* not implemented (non-ephemeral DH) */
734 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 734 .name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
735 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 735 .id = TLS1_CK_DH_RSA_WITH_AES_256_SHA,
736 SSL_kDHr, 736 .algorithm_mkey = SSL_kDHr,
737 SSL_aDH, 737 .algorithm_auth = SSL_aDH,
738 SSL_AES256, 738 .algorithm_enc = SSL_AES256,
739 SSL_SHA1, 739 .algorithm_mac = SSL_SHA1,
740 SSL_TLSV1, 740 .algorithm_ssl = SSL_TLSV1,
741 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 741 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
742 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 742 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
743 256, 743 .strength_bits = 256,
744 256, 744 .alg_bits = 256,
745 }, 745 },
746 746
747/* Cipher 38 */ 747 /* Cipher 38 */
748 { 748 {
749 1, 749 .valid = 1,
750 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 750 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
751 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 751 .id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
752 SSL_kEDH, 752 .algorithm_mkey = SSL_kEDH,
753 SSL_aDSS, 753 .algorithm_auth = SSL_aDSS,
754 SSL_AES256, 754 .algorithm_enc = SSL_AES256,
755 SSL_SHA1, 755 .algorithm_mac = SSL_SHA1,
756 SSL_TLSV1, 756 .algorithm_ssl = SSL_TLSV1,
757 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 757 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
758 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 758 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
759 256, 759 .strength_bits = 256,
760 256, 760 .alg_bits = 256,
761 }, 761 },
762 762
763/* Cipher 39 */ 763 /* Cipher 39 */
764 { 764 {
765 1, 765 .valid = 1,
766 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 766 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
767 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 767 .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
768 SSL_kEDH, 768 .algorithm_mkey = SSL_kEDH,
769 SSL_aRSA, 769 .algorithm_auth = SSL_aRSA,
770 SSL_AES256, 770 .algorithm_enc = SSL_AES256,
771 SSL_SHA1, 771 .algorithm_mac = SSL_SHA1,
772 SSL_TLSV1, 772 .algorithm_ssl = SSL_TLSV1,
773 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 773 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
774 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 774 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
775 256, 775 .strength_bits = 256,
776 256, 776 .alg_bits = 256,
777 }, 777 },
778 778
779 /* Cipher 3A */ 779 /* Cipher 3A */
780 { 780 {
781 1, 781 .valid = 1,
782 TLS1_TXT_ADH_WITH_AES_256_SHA, 782 .name = TLS1_TXT_ADH_WITH_AES_256_SHA,
783 TLS1_CK_ADH_WITH_AES_256_SHA, 783 .id = TLS1_CK_ADH_WITH_AES_256_SHA,
784 SSL_kEDH, 784 .algorithm_mkey = SSL_kEDH,
785 SSL_aNULL, 785 .algorithm_auth = SSL_aNULL,
786 SSL_AES256, 786 .algorithm_enc = SSL_AES256,
787 SSL_SHA1, 787 .algorithm_mac = SSL_SHA1,
788 SSL_TLSV1, 788 .algorithm_ssl = SSL_TLSV1,
789 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 789 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
790 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 790 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
791 256, 791 .strength_bits = 256,
792 256, 792 .alg_bits = 256,
793 }, 793 },
794 794
795 /* TLS v1.2 ciphersuites */ 795 /* TLS v1.2 ciphersuites */
796 /* Cipher 3B */ 796 /* Cipher 3B */
797 { 797 {
798 1, 798 .valid = 1,
799 TLS1_TXT_RSA_WITH_NULL_SHA256, 799 .name = TLS1_TXT_RSA_WITH_NULL_SHA256,
800 TLS1_CK_RSA_WITH_NULL_SHA256, 800 .id = TLS1_CK_RSA_WITH_NULL_SHA256,
801 SSL_kRSA, 801 .algorithm_mkey = SSL_kRSA,
802 SSL_aRSA, 802 .algorithm_auth = SSL_aRSA,
803 SSL_eNULL, 803 .algorithm_enc = SSL_eNULL,
804 SSL_SHA256, 804 .algorithm_mac = SSL_SHA256,
805 SSL_TLSV1_2, 805 .algorithm_ssl = SSL_TLSV1_2,
806 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 806 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
807 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 807 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
808 0, 808 .strength_bits = 0,
809 0, 809 .alg_bits = 0,
810 }, 810 },
811 811
812 /* Cipher 3C */ 812 /* Cipher 3C */
813 { 813 {
814 1, 814 .valid = 1,
815 TLS1_TXT_RSA_WITH_AES_128_SHA256, 815 .name = TLS1_TXT_RSA_WITH_AES_128_SHA256,
816 TLS1_CK_RSA_WITH_AES_128_SHA256, 816 .id = TLS1_CK_RSA_WITH_AES_128_SHA256,
817 SSL_kRSA, 817 .algorithm_mkey = SSL_kRSA,
818 SSL_aRSA, 818 .algorithm_auth = SSL_aRSA,
819 SSL_AES128, 819 .algorithm_enc = SSL_AES128,
820 SSL_SHA256, 820 .algorithm_mac = SSL_SHA256,
821 SSL_TLSV1_2, 821 .algorithm_ssl = SSL_TLSV1_2,
822 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 822 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
823 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 823 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
824 128, 824 .strength_bits = 128,
825 128, 825 .alg_bits = 128,
826 }, 826 },
827 827
828 /* Cipher 3D */ 828 /* Cipher 3D */
829 { 829 {
830 1, 830 .valid = 1,
831 TLS1_TXT_RSA_WITH_AES_256_SHA256, 831 .name = TLS1_TXT_RSA_WITH_AES_256_SHA256,
832 TLS1_CK_RSA_WITH_AES_256_SHA256, 832 .id = TLS1_CK_RSA_WITH_AES_256_SHA256,
833 SSL_kRSA, 833 .algorithm_mkey = SSL_kRSA,
834 SSL_aRSA, 834 .algorithm_auth = SSL_aRSA,
835 SSL_AES256, 835 .algorithm_enc = SSL_AES256,
836 SSL_SHA256, 836 .algorithm_mac = SSL_SHA256,
837 SSL_TLSV1_2, 837 .algorithm_ssl = SSL_TLSV1_2,
838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 838 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
839 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 839 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
840 256, 840 .strength_bits = 256,
841 256, 841 .alg_bits = 256,
842 }, 842 },
843 843
844 /* Cipher 3E */ 844 /* Cipher 3E */
845 { 845 {
846 0, /* not implemented (non-ephemeral DH) */ 846 .valid = 0, /* not implemented (non-ephemeral DH) */
847 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 847 .name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
848 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 848 .id = TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
849 SSL_kDHd, 849 .algorithm_mkey = SSL_kDHd,
850 SSL_aDH, 850 .algorithm_auth = SSL_aDH,
851 SSL_AES128, 851 .algorithm_enc = SSL_AES128,
852 SSL_SHA256, 852 .algorithm_mac = SSL_SHA256,
853 SSL_TLSV1_2, 853 .algorithm_ssl = SSL_TLSV1_2,
854 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 854 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
855 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 855 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
856 128, 856 .strength_bits = 128,
857 128, 857 .alg_bits = 128,
858 }, 858 },
859 859
860 /* Cipher 3F */ 860 /* Cipher 3F */
861 { 861 {
862 0, /* not implemented (non-ephemeral DH) */ 862 .valid = 0, /* not implemented (non-ephemeral DH) */
863 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 863 .name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
864 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 864 .id = TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
865 SSL_kDHr, 865 .algorithm_mkey = SSL_kDHr,
866 SSL_aDH, 866 .algorithm_auth = SSL_aDH,
867 SSL_AES128, 867 .algorithm_enc = SSL_AES128,
868 SSL_SHA256, 868 .algorithm_mac = SSL_SHA256,
869 SSL_TLSV1_2, 869 .algorithm_ssl = SSL_TLSV1_2,
870 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 870 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
871 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 871 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
872 128, 872 .strength_bits = 128,
873 128, 873 .alg_bits = 128,
874 }, 874 },
875 875
876 /* Cipher 40 */ 876 /* Cipher 40 */
877 { 877 {
878 1, 878 .valid = 1,
879 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 879 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
880 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 880 .id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
881 SSL_kEDH, 881 .algorithm_mkey = SSL_kEDH,
882 SSL_aDSS, 882 .algorithm_auth = SSL_aDSS,
883 SSL_AES128, 883 .algorithm_enc = SSL_AES128,
884 SSL_SHA256, 884 .algorithm_mac = SSL_SHA256,
885 SSL_TLSV1_2, 885 .algorithm_ssl = SSL_TLSV1_2,
886 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 886 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
887 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 887 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
888 128, 888 .strength_bits = 128,
889 128, 889 .alg_bits = 128,
890 }, 890 },
891 891
892#ifndef OPENSSL_NO_CAMELLIA 892#ifndef OPENSSL_NO_CAMELLIA
@@ -894,271 +894,273 @@ SSL_CIPHER ssl3_ciphers[] = {
894 894
895 /* Cipher 41 */ 895 /* Cipher 41 */
896 { 896 {
897 1, 897 .valid = 1,
898 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 898 .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
899 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 899 .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
900 SSL_kRSA, 900 .algorithm_mkey = SSL_kRSA,
901 SSL_aRSA, 901 .algorithm_auth = SSL_aRSA,
902 SSL_CAMELLIA128, 902 .algorithm_enc = SSL_CAMELLIA128,
903 SSL_SHA1, 903 .algorithm_mac = SSL_SHA1,
904 SSL_TLSV1, 904 .algorithm_ssl = SSL_TLSV1,
905 SSL_NOT_EXP|SSL_HIGH, 905 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
906 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 906 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
907 128, 907 .strength_bits = 128,
908 128, 908 .alg_bits = 128,
909 }, 909 },
910 910
911 /* Cipher 42 */ 911 /* Cipher 42 */
912 { 912 {
913 0, /* not implemented (non-ephemeral DH) */ 913 .valid = 0, /* not implemented (non-ephemeral DH) */
914 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 914 .name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
915 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 915 .id = TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
916 SSL_kDHd, 916 .algorithm_mkey = SSL_kDHd,
917 SSL_aDH, 917 .algorithm_auth = SSL_aDH,
918 SSL_CAMELLIA128, 918 .algorithm_enc = SSL_CAMELLIA128,
919 SSL_SHA1, 919 .algorithm_mac = SSL_SHA1,
920 SSL_TLSV1, 920 .algorithm_ssl = SSL_TLSV1,
921 SSL_NOT_EXP|SSL_HIGH, 921 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
922 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 922 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
923 128, 923 .strength_bits = 128,
924 128, 924 .alg_bits = 128,
925 }, 925 },
926 926
927 /* Cipher 43 */ 927 /* Cipher 43 */
928 { 928 {
929 0, /* not implemented (non-ephemeral DH) */ 929 .valid = 0, /* not implemented (non-ephemeral DH) */
930 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 930 .name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
931 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 931 .id = TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
932 SSL_kDHr, 932 .algorithm_mkey = SSL_kDHr,
933 SSL_aDH, 933 .algorithm_auth = SSL_aDH,
934 SSL_CAMELLIA128, 934 .algorithm_enc = SSL_CAMELLIA128,
935 SSL_SHA1, 935 .algorithm_mac = SSL_SHA1,
936 SSL_TLSV1, 936 .algorithm_ssl = SSL_TLSV1,
937 SSL_NOT_EXP|SSL_HIGH, 937 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
938 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 938 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
939 128, 939 .strength_bits = 128,
940 128, 940 .alg_bits = 128,
941 }, 941 },
942 942
943 /* Cipher 44 */ 943 /* Cipher 44 */
944 { 944 {
945 1, 945 .valid = 1,
946 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 946 .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
947 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 947 .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
948 SSL_kEDH, 948 .algorithm_mkey = SSL_kEDH,
949 SSL_aDSS, 949 .algorithm_auth = SSL_aDSS,
950 SSL_CAMELLIA128, 950 .algorithm_enc = SSL_CAMELLIA128,
951 SSL_SHA1, 951 .algorithm_mac = SSL_SHA1,
952 SSL_TLSV1, 952 .algorithm_ssl = SSL_TLSV1,
953 SSL_NOT_EXP|SSL_HIGH, 953 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
954 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 954 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
955 128, 955 .strength_bits = 128,
956 128, 956 .alg_bits = 128,
957 }, 957 },
958 958
959 /* Cipher 45 */ 959 /* Cipher 45 */
960 { 960 {
961 1, 961 .valid = 1,
962 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 962 .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
963 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 963 .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
964 SSL_kEDH, 964 .algorithm_mkey = SSL_kEDH,
965 SSL_aRSA, 965 .algorithm_auth = SSL_aRSA,
966 SSL_CAMELLIA128, 966 .algorithm_enc = SSL_CAMELLIA128,
967 SSL_SHA1, 967 .algorithm_mac = SSL_SHA1,
968 SSL_TLSV1, 968 .algorithm_ssl = SSL_TLSV1,
969 SSL_NOT_EXP|SSL_HIGH, 969 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
970 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 970 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
971 128, 971 .strength_bits = 128,
972 128, 972 .alg_bits = 128,
973 }, 973 },
974 974
975 /* Cipher 46 */ 975 /* Cipher 46 */
976 { 976 {
977 1, 977 .valid = 1,
978 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 978 .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
979 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 979 .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
980 SSL_kEDH, 980 .algorithm_mkey = SSL_kEDH,
981 SSL_aNULL, 981 .algorithm_auth = SSL_aNULL,
982 SSL_CAMELLIA128, 982 .algorithm_enc = SSL_CAMELLIA128,
983 SSL_SHA1, 983 .algorithm_mac = SSL_SHA1,
984 SSL_TLSV1, 984 .algorithm_ssl = SSL_TLSV1,
985 SSL_NOT_EXP|SSL_HIGH, 985 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
986 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 986 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
987 128, 987 .strength_bits = 128,
988 128, 988 .alg_bits = 128,
989 }, 989 },
990#endif /* OPENSSL_NO_CAMELLIA */ 990#endif /* OPENSSL_NO_CAMELLIA */
991 991
992 /* TLS v1.2 ciphersuites */ 992 /* TLS v1.2 ciphersuites */
993 /* Cipher 67 */ 993 /* Cipher 67 */
994 { 994 {
995 1, 995 .valid = 1,
996 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 996 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
997 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 997 .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
998 SSL_kEDH, 998 .algorithm_mkey = SSL_kEDH,
999 SSL_aRSA, 999 .algorithm_auth = SSL_aRSA,
1000 SSL_AES128, 1000 .algorithm_enc = SSL_AES128,
1001 SSL_SHA256, 1001 .algorithm_mac = SSL_SHA256,
1002 SSL_TLSV1_2, 1002 .algorithm_ssl = SSL_TLSV1_2,
1003 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1003 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1004 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1004 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1005 128, 1005 .strength_bits = 128,
1006 128, 1006 .alg_bits = 128,
1007 }, 1007 },
1008 1008
1009 /* Cipher 68 */ 1009 /* Cipher 68 */
1010 { 1010 {
1011 0, /* not implemented (non-ephemeral DH) */ 1011 .valid = 0, /* not implemented (non-ephemeral DH) */
1012 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1012 .name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1013 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1013 .id = TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1014 SSL_kDHd, 1014 .algorithm_mkey = SSL_kDHd,
1015 SSL_aDH, 1015 .algorithm_auth = SSL_aDH,
1016 SSL_AES256, 1016 .algorithm_enc = SSL_AES256,
1017 SSL_SHA256, 1017 .algorithm_mac = SSL_SHA256,
1018 SSL_TLSV1_2, 1018 .algorithm_ssl = SSL_TLSV1_2,
1019 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1019 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1020 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1020 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1021 256, 1021 .strength_bits = 256,
1022 256, 1022 .alg_bits = 256,
1023 }, 1023 },
1024 1024
1025 /* Cipher 69 */ 1025 /* Cipher 69 */
1026 { 1026 {
1027 0, /* not implemented (non-ephemeral DH) */ 1027 .valid = 0, /* not implemented (non-ephemeral DH) */
1028 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1028 .name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1029 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1029 .id = TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1030 SSL_kDHr, 1030 .algorithm_mkey = SSL_kDHr,
1031 SSL_aDH, 1031 .algorithm_auth = SSL_aDH,
1032 SSL_AES256, 1032 .algorithm_enc = SSL_AES256,
1033 SSL_SHA256, 1033 .algorithm_mac = SSL_SHA256,
1034 SSL_TLSV1_2, 1034 .algorithm_ssl = SSL_TLSV1_2,
1035 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1035 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1036 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1036 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1037 256, 1037 .strength_bits = 256,
1038 256, 1038 .alg_bits = 256,
1039 }, 1039 },
1040 1040
1041 /* Cipher 6A */ 1041 /* Cipher 6A */
1042 { 1042 {
1043 1, 1043 .valid = 1,
1044 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1044 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1045 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1045 .id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1046 SSL_kEDH, 1046 .algorithm_mkey = SSL_kEDH,
1047 SSL_aDSS, 1047 .algorithm_auth = SSL_aDSS,
1048 SSL_AES256, 1048 .algorithm_enc = SSL_AES256,
1049 SSL_SHA256, 1049 .algorithm_mac = SSL_SHA256,
1050 SSL_TLSV1_2, 1050 .algorithm_ssl = SSL_TLSV1_2,
1051 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1051 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1052 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1052 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1053 256, 1053 .strength_bits = 256,
1054 256, 1054 .alg_bits = 256,
1055 }, 1055 },
1056 1056
1057 /* Cipher 6B */ 1057 /* Cipher 6B */
1058 { 1058 {
1059 1, 1059 .valid = 1,
1060 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1060 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1061 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1061 .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1062 SSL_kEDH, 1062 .algorithm_mkey = SSL_kEDH,
1063 SSL_aRSA, 1063 .algorithm_auth = SSL_aRSA,
1064 SSL_AES256, 1064 .algorithm_enc = SSL_AES256,
1065 SSL_SHA256, 1065 .algorithm_mac = SSL_SHA256,
1066 SSL_TLSV1_2, 1066 .algorithm_ssl = SSL_TLSV1_2,
1067 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1067 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1068 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1068 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1069 256, 1069 .strength_bits = 256,
1070 256, 1070 .alg_bits = 256,
1071 }, 1071 },
1072 1072
1073 /* Cipher 6C */ 1073 /* Cipher 6C */
1074 { 1074 {
1075 1, 1075 .valid = 1,
1076 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1076 .name = TLS1_TXT_ADH_WITH_AES_128_SHA256,
1077 TLS1_CK_ADH_WITH_AES_128_SHA256, 1077 .id = TLS1_CK_ADH_WITH_AES_128_SHA256,
1078 SSL_kEDH, 1078 .algorithm_mkey = SSL_kEDH,
1079 SSL_aNULL, 1079 .algorithm_auth = SSL_aNULL,
1080 SSL_AES128, 1080 .algorithm_enc = SSL_AES128,
1081 SSL_SHA256, 1081 .algorithm_mac = SSL_SHA256,
1082 SSL_TLSV1_2, 1082 .algorithm_ssl = SSL_TLSV1_2,
1083 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1083 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1084 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1084 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1085 128, 1085 .strength_bits = 128,
1086 128, 1086 .alg_bits = 128,
1087 }, 1087 },
1088 1088
1089 /* Cipher 6D */ 1089 /* Cipher 6D */
1090 { 1090 {
1091 1, 1091 .valid = 1,
1092 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1092 .name = TLS1_TXT_ADH_WITH_AES_256_SHA256,
1093 TLS1_CK_ADH_WITH_AES_256_SHA256, 1093 .id = TLS1_CK_ADH_WITH_AES_256_SHA256,
1094 SSL_kEDH, 1094 .algorithm_mkey = SSL_kEDH,
1095 SSL_aNULL, 1095 .algorithm_auth = SSL_aNULL,
1096 SSL_AES256, 1096 .algorithm_enc = SSL_AES256,
1097 SSL_SHA256, 1097 .algorithm_mac = SSL_SHA256,
1098 SSL_TLSV1_2, 1098 .algorithm_ssl = SSL_TLSV1_2,
1099 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1099 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1100 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1100 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1101 256, 1101 .strength_bits = 256,
1102 256, 1102 .alg_bits = 256,
1103 }, 1103 },
1104 1104
1105 /* GOST Ciphersuites */ 1105 /* GOST Ciphersuites */
1106 1106
1107 { 1107 {
1108 1, 1108 .valid = 1,
1109 "GOST94-GOST89-GOST89", 1109 .name = "GOST94-GOST89-GOST89",
1110 0x3000080, 1110 .id = 0x3000080,
1111 SSL_kGOST, 1111 .algorithm_mkey = SSL_kGOST,
1112 SSL_aGOST94, 1112 .algorithm_auth = SSL_aGOST94,
1113 SSL_eGOST2814789CNT, 1113 .algorithm_enc = SSL_eGOST2814789CNT,
1114 SSL_GOST89MAC, 1114 .algorithm_mac = SSL_GOST89MAC,
1115 SSL_TLSV1, 1115 .algorithm_ssl = SSL_TLSV1,
1116 SSL_NOT_EXP|SSL_HIGH, 1116 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1117 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1117 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
1118 256, 1118 TLS1_STREAM_MAC,
1119 256 1119 .strength_bits = 256,
1120 }, 1120 .alg_bits = 256
1121 { 1121 },
1122 1, 1122 {
1123 "GOST2001-GOST89-GOST89", 1123 .valid = 1,
1124 0x3000081, 1124 .name = "GOST2001-GOST89-GOST89",
1125 SSL_kGOST, 1125 .id = 0x3000081,
1126 SSL_aGOST01, 1126 .algorithm_mkey = SSL_kGOST,
1127 SSL_eGOST2814789CNT, 1127 .algorithm_auth = SSL_aGOST01,
1128 SSL_GOST89MAC, 1128 .algorithm_enc = SSL_eGOST2814789CNT,
1129 SSL_TLSV1, 1129 .algorithm_mac = SSL_GOST89MAC,
1130 SSL_NOT_EXP|SSL_HIGH, 1130 .algorithm_ssl = SSL_TLSV1,
1131 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1131 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1132 256, 1132 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
1133 256 1133 TLS1_STREAM_MAC,
1134 }, 1134 .strength_bits = 256,
1135 { 1135 .alg_bits = 256
1136 1, 1136 },
1137 "GOST94-NULL-GOST94", 1137 {
1138 0x3000082, 1138 .valid = 1,
1139 SSL_kGOST, 1139 .name = "GOST94-NULL-GOST94",
1140 SSL_aGOST94, 1140 .id = 0x3000082,
1141 SSL_eNULL, 1141 .algorithm_mkey = SSL_kGOST,
1142 SSL_GOST94, 1142 .algorithm_auth = SSL_aGOST94,
1143 SSL_TLSV1, 1143 .algorithm_enc = SSL_eNULL,
1144 SSL_NOT_EXP|SSL_STRONG_NONE, 1144 .algorithm_mac = SSL_GOST94,
1145 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1145 .algorithm_ssl = SSL_TLSV1,
1146 0, 1146 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
1147 0 1147 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1148 }, 1148 .strength_bits = 0,
1149 { 1149 .alg_bits = 0
1150 1, 1150 },
1151 "GOST2001-NULL-GOST94", 1151 {
1152 0x3000083, 1152 .valid = 1,
1153 SSL_kGOST, 1153 .name = "GOST2001-NULL-GOST94",
1154 SSL_aGOST01, 1154 .id = 0x3000083,
1155 SSL_eNULL, 1155 .algorithm_mkey = SSL_kGOST,
1156 SSL_GOST94, 1156 .algorithm_auth = SSL_aGOST01,
1157 SSL_TLSV1, 1157 .algorithm_enc = SSL_eNULL,
1158 SSL_NOT_EXP|SSL_STRONG_NONE, 1158 .algorithm_mac = SSL_GOST94,
1159 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1159 .algorithm_ssl = SSL_TLSV1,
1160 0, 1160 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
1161 0 1161 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1162 .strength_bits = 0,
1163 .alg_bits = 0
1162 }, 1164 },
1163 1165
1164#ifndef OPENSSL_NO_CAMELLIA 1166#ifndef OPENSSL_NO_CAMELLIA
@@ -1166,163 +1168,164 @@ SSL_CIPHER ssl3_ciphers[] = {
1166 1168
1167 /* Cipher 84 */ 1169 /* Cipher 84 */
1168 { 1170 {
1169 1, 1171 .valid = 1,
1170 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1172 .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1171 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1173 .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1172 SSL_kRSA, 1174 .algorithm_mkey = SSL_kRSA,
1173 SSL_aRSA, 1175 .algorithm_auth = SSL_aRSA,
1174 SSL_CAMELLIA256, 1176 .algorithm_enc = SSL_CAMELLIA256,
1175 SSL_SHA1, 1177 .algorithm_mac = SSL_SHA1,
1176 SSL_TLSV1, 1178 .algorithm_ssl = SSL_TLSV1,
1177 SSL_NOT_EXP|SSL_HIGH, 1179 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1178 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1180 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1179 256, 1181 .strength_bits = 256,
1180 256, 1182 .alg_bits = 256,
1181 }, 1183 },
1184
1182 /* Cipher 85 */ 1185 /* Cipher 85 */
1183 { 1186 {
1184 0, /* not implemented (non-ephemeral DH) */ 1187 .valid = 0, /* not implemented (non-ephemeral DH) */
1185 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1188 .name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1186 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1189 .id = TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1187 SSL_kDHd, 1190 .algorithm_mkey = SSL_kDHd,
1188 SSL_aDH, 1191 .algorithm_auth = SSL_aDH,
1189 SSL_CAMELLIA256, 1192 .algorithm_enc = SSL_CAMELLIA256,
1190 SSL_SHA1, 1193 .algorithm_mac = SSL_SHA1,
1191 SSL_TLSV1, 1194 .algorithm_ssl = SSL_TLSV1,
1192 SSL_NOT_EXP|SSL_HIGH, 1195 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1193 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1196 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1194 256, 1197 .strength_bits = 256,
1195 256, 1198 .alg_bits = 256,
1196 }, 1199 },
1197 1200
1198 /* Cipher 86 */ 1201 /* Cipher 86 */
1199 { 1202 {
1200 0, /* not implemented (non-ephemeral DH) */ 1203 .valid = 0, /* not implemented (non-ephemeral DH) */
1201 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1204 .name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1202 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1205 .id = TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1203 SSL_kDHr, 1206 .algorithm_mkey = SSL_kDHr,
1204 SSL_aDH, 1207 .algorithm_auth = SSL_aDH,
1205 SSL_CAMELLIA256, 1208 .algorithm_enc = SSL_CAMELLIA256,
1206 SSL_SHA1, 1209 .algorithm_mac = SSL_SHA1,
1207 SSL_TLSV1, 1210 .algorithm_ssl = SSL_TLSV1,
1208 SSL_NOT_EXP|SSL_HIGH, 1211 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1209 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1212 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1210 256, 1213 .strength_bits = 256,
1211 256, 1214 .alg_bits = 256,
1212 }, 1215 },
1213 1216
1214 /* Cipher 87 */ 1217 /* Cipher 87 */
1215 { 1218 {
1216 1, 1219 .valid = 1,
1217 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1220 .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1218 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1221 .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1219 SSL_kEDH, 1222 .algorithm_mkey = SSL_kEDH,
1220 SSL_aDSS, 1223 .algorithm_auth = SSL_aDSS,
1221 SSL_CAMELLIA256, 1224 .algorithm_enc = SSL_CAMELLIA256,
1222 SSL_SHA1, 1225 .algorithm_mac = SSL_SHA1,
1223 SSL_TLSV1, 1226 .algorithm_ssl = SSL_TLSV1,
1224 SSL_NOT_EXP|SSL_HIGH, 1227 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1225 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1228 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1226 256, 1229 .strength_bits = 256,
1227 256, 1230 .alg_bits = 256,
1228 }, 1231 },
1229 1232
1230 /* Cipher 88 */ 1233 /* Cipher 88 */
1231 { 1234 {
1232 1, 1235 .valid = 1,
1233 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1236 .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1234 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1237 .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1235 SSL_kEDH, 1238 .algorithm_mkey = SSL_kEDH,
1236 SSL_aRSA, 1239 .algorithm_auth = SSL_aRSA,
1237 SSL_CAMELLIA256, 1240 .algorithm_enc = SSL_CAMELLIA256,
1238 SSL_SHA1, 1241 .algorithm_mac = SSL_SHA1,
1239 SSL_TLSV1, 1242 .algorithm_ssl = SSL_TLSV1,
1240 SSL_NOT_EXP|SSL_HIGH, 1243 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1241 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1244 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1242 256, 1245 .strength_bits = 256,
1243 256, 1246 .alg_bits = 256,
1244 }, 1247 },
1245 1248
1246 /* Cipher 89 */ 1249 /* Cipher 89 */
1247 { 1250 {
1248 1, 1251 .valid = 1,
1249 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1252 .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1250 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1253 .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1251 SSL_kEDH, 1254 .algorithm_mkey = SSL_kEDH,
1252 SSL_aNULL, 1255 .algorithm_auth = SSL_aNULL,
1253 SSL_CAMELLIA256, 1256 .algorithm_enc = SSL_CAMELLIA256,
1254 SSL_SHA1, 1257 .algorithm_mac = SSL_SHA1,
1255 SSL_TLSV1, 1258 .algorithm_ssl = SSL_TLSV1,
1256 SSL_NOT_EXP|SSL_HIGH, 1259 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1257 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1260 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1258 256, 1261 .strength_bits = 256,
1259 256, 1262 .alg_bits = 256,
1260 }, 1263 },
1261#endif /* OPENSSL_NO_CAMELLIA */ 1264#endif /* OPENSSL_NO_CAMELLIA */
1262 1265
1263#ifndef OPENSSL_NO_PSK 1266#ifndef OPENSSL_NO_PSK
1264 /* Cipher 8A */ 1267 /* Cipher 8A */
1265 { 1268 {
1266 1, 1269 .valid = 1,
1267 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1270 .name = TLS1_TXT_PSK_WITH_RC4_128_SHA,
1268 TLS1_CK_PSK_WITH_RC4_128_SHA, 1271 .id = TLS1_CK_PSK_WITH_RC4_128_SHA,
1269 SSL_kPSK, 1272 .algorithm_mkey = SSL_kPSK,
1270 SSL_aPSK, 1273 .algorithm_auth = SSL_aPSK,
1271 SSL_RC4, 1274 .algorithm_enc = SSL_RC4,
1272 SSL_SHA1, 1275 .algorithm_mac = SSL_SHA1,
1273 SSL_TLSV1, 1276 .algorithm_ssl = SSL_TLSV1,
1274 SSL_NOT_EXP|SSL_MEDIUM, 1277 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1275 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1278 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1276 128, 1279 .strength_bits = 128,
1277 128, 1280 .alg_bits = 128,
1278 }, 1281 },
1279 1282
1280 /* Cipher 8B */ 1283 /* Cipher 8B */
1281 { 1284 {
1282 1, 1285 .valid = 1,
1283 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1286 .name = TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1284 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1287 .id = TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1285 SSL_kPSK, 1288 .algorithm_mkey = SSL_kPSK,
1286 SSL_aPSK, 1289 .algorithm_auth = SSL_aPSK,
1287 SSL_3DES, 1290 .algorithm_enc = SSL_3DES,
1288 SSL_SHA1, 1291 .algorithm_mac = SSL_SHA1,
1289 SSL_TLSV1, 1292 .algorithm_ssl = SSL_TLSV1,
1290 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1293 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1291 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1294 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1292 168, 1295 .strength_bits = 168,
1293 168, 1296 .alg_bits = 168,
1294 }, 1297 },
1295 1298
1296 /* Cipher 8C */ 1299 /* Cipher 8C */
1297 { 1300 {
1298 1, 1301 .valid = 1,
1299 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1302 .name = TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1300 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1303 .id = TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1301 SSL_kPSK, 1304 .algorithm_mkey = SSL_kPSK,
1302 SSL_aPSK, 1305 .algorithm_auth = SSL_aPSK,
1303 SSL_AES128, 1306 .algorithm_enc = SSL_AES128,
1304 SSL_SHA1, 1307 .algorithm_mac = SSL_SHA1,
1305 SSL_TLSV1, 1308 .algorithm_ssl = SSL_TLSV1,
1306 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1309 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1307 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1310 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1308 128, 1311 .strength_bits = 128,
1309 128, 1312 .alg_bits = 128,
1310 }, 1313 },
1311 1314
1312 /* Cipher 8D */ 1315 /* Cipher 8D */
1313 { 1316 {
1314 1, 1317 .valid = 1,
1315 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1318 .name = TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1316 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1319 .id = TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1317 SSL_kPSK, 1320 .algorithm_mkey = SSL_kPSK,
1318 SSL_aPSK, 1321 .algorithm_auth = SSL_aPSK,
1319 SSL_AES256, 1322 .algorithm_enc = SSL_AES256,
1320 SSL_SHA1, 1323 .algorithm_mac = SSL_SHA1,
1321 SSL_TLSV1, 1324 .algorithm_ssl = SSL_TLSV1,
1322 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1325 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1323 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1326 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1324 256, 1327 .strength_bits = 256,
1325 256, 1328 .alg_bits = 256,
1326 }, 1329 },
1327#endif /* OPENSSL_NO_PSK */ 1330#endif /* OPENSSL_NO_PSK */
1328 1331
@@ -1330,595 +1333,595 @@ SSL_CIPHER ssl3_ciphers[] = {
1330 1333
1331 /* Cipher 9C */ 1334 /* Cipher 9C */
1332 { 1335 {
1333 1, 1336 .valid = 1,
1334 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1337 .name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1335 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1338 .id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1336 SSL_kRSA, 1339 .algorithm_mkey = SSL_kRSA,
1337 SSL_aRSA, 1340 .algorithm_auth = SSL_aRSA,
1338 SSL_AES128GCM, 1341 .algorithm_enc = SSL_AES128GCM,
1339 SSL_AEAD, 1342 .algorithm_mac = SSL_AEAD,
1340 SSL_TLSV1_2, 1343 .algorithm_ssl = SSL_TLSV1_2,
1341 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1344 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1342 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1345 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1343 128, 1346 .strength_bits = 128,
1344 128, 1347 .alg_bits = 128,
1345 }, 1348 },
1346 1349
1347 /* Cipher 9D */ 1350 /* Cipher 9D */
1348 { 1351 {
1349 1, 1352 .valid = 1,
1350 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1353 .name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1351 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1354 .id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1352 SSL_kRSA, 1355 .algorithm_mkey = SSL_kRSA,
1353 SSL_aRSA, 1356 .algorithm_auth = SSL_aRSA,
1354 SSL_AES256GCM, 1357 .algorithm_enc = SSL_AES256GCM,
1355 SSL_AEAD, 1358 .algorithm_mac = SSL_AEAD,
1356 SSL_TLSV1_2, 1359 .algorithm_ssl = SSL_TLSV1_2,
1357 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1360 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1358 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1361 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1359 256, 1362 .strength_bits = 256,
1360 256, 1363 .alg_bits = 256,
1361 }, 1364 },
1362 1365
1363 /* Cipher 9E */ 1366 /* Cipher 9E */
1364 { 1367 {
1365 1, 1368 .valid = 1,
1366 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1369 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1367 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1370 .id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1368 SSL_kEDH, 1371 .algorithm_mkey = SSL_kEDH,
1369 SSL_aRSA, 1372 .algorithm_auth = SSL_aRSA,
1370 SSL_AES128GCM, 1373 .algorithm_enc = SSL_AES128GCM,
1371 SSL_AEAD, 1374 .algorithm_mac = SSL_AEAD,
1372 SSL_TLSV1_2, 1375 .algorithm_ssl = SSL_TLSV1_2,
1373 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1376 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1374 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1377 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1375 128, 1378 .strength_bits = 128,
1376 128, 1379 .alg_bits = 128,
1377 }, 1380 },
1378 1381
1379 /* Cipher 9F */ 1382 /* Cipher 9F */
1380 { 1383 {
1381 1, 1384 .valid = 1,
1382 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1385 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1383 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1386 .id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1384 SSL_kEDH, 1387 .algorithm_mkey = SSL_kEDH,
1385 SSL_aRSA, 1388 .algorithm_auth = SSL_aRSA,
1386 SSL_AES256GCM, 1389 .algorithm_enc = SSL_AES256GCM,
1387 SSL_AEAD, 1390 .algorithm_mac = SSL_AEAD,
1388 SSL_TLSV1_2, 1391 .algorithm_ssl = SSL_TLSV1_2,
1389 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1392 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1390 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1393 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1391 256, 1394 .strength_bits = 256,
1392 256, 1395 .alg_bits = 256,
1393 }, 1396 },
1394 1397
1395 /* Cipher A0 */ 1398 /* Cipher A0 */
1396 { 1399 {
1397 0, 1400 .valid = 0,
1398 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1401 .name = TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1399 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1402 .id = TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1400 SSL_kDHr, 1403 .algorithm_mkey = SSL_kDHr,
1401 SSL_aDH, 1404 .algorithm_auth = SSL_aDH,
1402 SSL_AES128GCM, 1405 .algorithm_enc = SSL_AES128GCM,
1403 SSL_AEAD, 1406 .algorithm_mac = SSL_AEAD,
1404 SSL_TLSV1_2, 1407 .algorithm_ssl = SSL_TLSV1_2,
1405 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1408 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1406 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1409 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1407 128, 1410 .strength_bits = 128,
1408 128, 1411 .alg_bits = 128,
1409 }, 1412 },
1410 1413
1411 /* Cipher A1 */ 1414 /* Cipher A1 */
1412 { 1415 {
1413 0, 1416 .valid = 0,
1414 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1417 .name = TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1415 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1418 .id = TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1416 SSL_kDHr, 1419 .algorithm_mkey = SSL_kDHr,
1417 SSL_aDH, 1420 .algorithm_auth = SSL_aDH,
1418 SSL_AES256GCM, 1421 .algorithm_enc = SSL_AES256GCM,
1419 SSL_AEAD, 1422 .algorithm_mac = SSL_AEAD,
1420 SSL_TLSV1_2, 1423 .algorithm_ssl = SSL_TLSV1_2,
1421 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1424 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1422 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1425 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1423 256, 1426 .strength_bits = 256,
1424 256, 1427 .alg_bits = 256,
1425 }, 1428 },
1426 1429
1427 /* Cipher A2 */ 1430 /* Cipher A2 */
1428 { 1431 {
1429 1, 1432 .valid = 1,
1430 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1433 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1431 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1434 .id = TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1432 SSL_kEDH, 1435 .algorithm_mkey = SSL_kEDH,
1433 SSL_aDSS, 1436 .algorithm_auth = SSL_aDSS,
1434 SSL_AES128GCM, 1437 .algorithm_enc = SSL_AES128GCM,
1435 SSL_AEAD, 1438 .algorithm_mac = SSL_AEAD,
1436 SSL_TLSV1_2, 1439 .algorithm_ssl = SSL_TLSV1_2,
1437 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1440 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1438 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1441 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1439 128, 1442 .strength_bits = 128,
1440 128, 1443 .alg_bits = 128,
1441 }, 1444 },
1442 1445
1443 /* Cipher A3 */ 1446 /* Cipher A3 */
1444 { 1447 {
1445 1, 1448 .valid = 1,
1446 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1449 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1447 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1450 .id = TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1448 SSL_kEDH, 1451 .algorithm_mkey = SSL_kEDH,
1449 SSL_aDSS, 1452 .algorithm_auth = SSL_aDSS,
1450 SSL_AES256GCM, 1453 .algorithm_enc = SSL_AES256GCM,
1451 SSL_AEAD, 1454 .algorithm_mac = SSL_AEAD,
1452 SSL_TLSV1_2, 1455 .algorithm_ssl = SSL_TLSV1_2,
1453 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1456 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1454 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1457 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1455 256, 1458 .strength_bits = 256,
1456 256, 1459 .alg_bits = 256,
1457 }, 1460 },
1458 1461
1459 /* Cipher A4 */ 1462 /* Cipher A4 */
1460 { 1463 {
1461 0, 1464 .valid = 0,
1462 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1465 .name = TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1463 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1466 .id = TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1464 SSL_kDHd, 1467 .algorithm_mkey = SSL_kDHd,
1465 SSL_aDH, 1468 .algorithm_auth = SSL_aDH,
1466 SSL_AES128GCM, 1469 .algorithm_enc = SSL_AES128GCM,
1467 SSL_AEAD, 1470 .algorithm_mac = SSL_AEAD,
1468 SSL_TLSV1_2, 1471 .algorithm_ssl = SSL_TLSV1_2,
1469 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1472 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1470 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1473 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1471 128, 1474 .strength_bits = 128,
1472 128, 1475 .alg_bits = 128,
1473 }, 1476 },
1474 1477
1475 /* Cipher A5 */ 1478 /* Cipher A5 */
1476 { 1479 {
1477 0, 1480 .valid = 0,
1478 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1481 .name = TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1479 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1482 .id = TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1480 SSL_kDHd, 1483 .algorithm_mkey = SSL_kDHd,
1481 SSL_aDH, 1484 .algorithm_auth = SSL_aDH,
1482 SSL_AES256GCM, 1485 .algorithm_enc = SSL_AES256GCM,
1483 SSL_AEAD, 1486 .algorithm_mac = SSL_AEAD,
1484 SSL_TLSV1_2, 1487 .algorithm_ssl = SSL_TLSV1_2,
1485 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1488 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1486 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1489 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1487 256, 1490 .strength_bits = 256,
1488 256, 1491 .alg_bits = 256,
1489 }, 1492 },
1490 1493
1491 /* Cipher A6 */ 1494 /* Cipher A6 */
1492 { 1495 {
1493 1, 1496 .valid = 1,
1494 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 1497 .name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1495 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 1498 .id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1496 SSL_kEDH, 1499 .algorithm_mkey = SSL_kEDH,
1497 SSL_aNULL, 1500 .algorithm_auth = SSL_aNULL,
1498 SSL_AES128GCM, 1501 .algorithm_enc = SSL_AES128GCM,
1499 SSL_AEAD, 1502 .algorithm_mac = SSL_AEAD,
1500 SSL_TLSV1_2, 1503 .algorithm_ssl = SSL_TLSV1_2,
1501 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1504 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1502 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1505 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1503 128, 1506 .strength_bits = 128,
1504 128, 1507 .alg_bits = 128,
1505 }, 1508 },
1506 1509
1507 /* Cipher A7 */ 1510 /* Cipher A7 */
1508 { 1511 {
1509 1, 1512 .valid = 1,
1510 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 1513 .name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
1511 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 1514 .id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
1512 SSL_kEDH, 1515 .algorithm_mkey = SSL_kEDH,
1513 SSL_aNULL, 1516 .algorithm_auth = SSL_aNULL,
1514 SSL_AES256GCM, 1517 .algorithm_enc = SSL_AES256GCM,
1515 SSL_AEAD, 1518 .algorithm_mac = SSL_AEAD,
1516 SSL_TLSV1_2, 1519 .algorithm_ssl = SSL_TLSV1_2,
1517 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1520 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1518 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1521 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1519 256, 1522 .strength_bits = 256,
1520 256, 1523 .alg_bits = 256,
1521 }, 1524 },
1522 1525
1523#ifndef OPENSSL_NO_ECDH 1526#ifndef OPENSSL_NO_ECDH
1524 /* Cipher C001 */ 1527 /* Cipher C001 */
1525 { 1528 {
1526 1, 1529 .valid = 1,
1527 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 1530 .name = TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1528 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 1531 .id = TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1529 SSL_kECDHe, 1532 .algorithm_mkey = SSL_kECDHe,
1530 SSL_aECDH, 1533 .algorithm_auth = SSL_aECDH,
1531 SSL_eNULL, 1534 .algorithm_enc = SSL_eNULL,
1532 SSL_SHA1, 1535 .algorithm_mac = SSL_SHA1,
1533 SSL_TLSV1, 1536 .algorithm_ssl = SSL_TLSV1,
1534 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1537 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1535 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1538 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1536 0, 1539 .strength_bits = 0,
1537 0, 1540 .alg_bits = 0,
1538 }, 1541 },
1539 1542
1540 /* Cipher C002 */ 1543 /* Cipher C002 */
1541 { 1544 {
1542 1, 1545 .valid = 1,
1543 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 1546 .name = TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1544 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 1547 .id = TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1545 SSL_kECDHe, 1548 .algorithm_mkey = SSL_kECDHe,
1546 SSL_aECDH, 1549 .algorithm_auth = SSL_aECDH,
1547 SSL_RC4, 1550 .algorithm_enc = SSL_RC4,
1548 SSL_SHA1, 1551 .algorithm_mac = SSL_SHA1,
1549 SSL_TLSV1, 1552 .algorithm_ssl = SSL_TLSV1,
1550 SSL_NOT_EXP|SSL_MEDIUM, 1553 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1551 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1554 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1552 128, 1555 .strength_bits = 128,
1553 128, 1556 .alg_bits = 128,
1554 }, 1557 },
1555 1558
1556 /* Cipher C003 */ 1559 /* Cipher C003 */
1557 { 1560 {
1558 1, 1561 .valid = 1,
1559 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1562 .name = TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1560 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1563 .id = TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1561 SSL_kECDHe, 1564 .algorithm_mkey = SSL_kECDHe,
1562 SSL_aECDH, 1565 .algorithm_auth = SSL_aECDH,
1563 SSL_3DES, 1566 .algorithm_enc = SSL_3DES,
1564 SSL_SHA1, 1567 .algorithm_mac = SSL_SHA1,
1565 SSL_TLSV1, 1568 .algorithm_ssl = SSL_TLSV1,
1566 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1569 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1567 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1570 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1568 168, 1571 .strength_bits = 168,
1569 168, 1572 .alg_bits = 168,
1570 }, 1573 },
1571 1574
1572 /* Cipher C004 */ 1575 /* Cipher C004 */
1573 { 1576 {
1574 1, 1577 .valid = 1,
1575 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1578 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1576 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1579 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1577 SSL_kECDHe, 1580 .algorithm_mkey = SSL_kECDHe,
1578 SSL_aECDH, 1581 .algorithm_auth = SSL_aECDH,
1579 SSL_AES128, 1582 .algorithm_enc = SSL_AES128,
1580 SSL_SHA1, 1583 .algorithm_mac = SSL_SHA1,
1581 SSL_TLSV1, 1584 .algorithm_ssl = SSL_TLSV1,
1582 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1585 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1583 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1586 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1584 128, 1587 .strength_bits = 128,
1585 128, 1588 .alg_bits = 128,
1586 }, 1589 },
1587 1590
1588 /* Cipher C005 */ 1591 /* Cipher C005 */
1589 { 1592 {
1590 1, 1593 .valid = 1,
1591 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1594 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1592 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1595 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1593 SSL_kECDHe, 1596 .algorithm_mkey = SSL_kECDHe,
1594 SSL_aECDH, 1597 .algorithm_auth = SSL_aECDH,
1595 SSL_AES256, 1598 .algorithm_enc = SSL_AES256,
1596 SSL_SHA1, 1599 .algorithm_mac = SSL_SHA1,
1597 SSL_TLSV1, 1600 .algorithm_ssl = SSL_TLSV1,
1598 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1601 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1599 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1602 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1600 256, 1603 .strength_bits = 256,
1601 256, 1604 .alg_bits = 256,
1602 }, 1605 },
1603 1606
1604 /* Cipher C006 */ 1607 /* Cipher C006 */
1605 { 1608 {
1606 1, 1609 .valid = 1,
1607 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 1610 .name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1608 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 1611 .id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1609 SSL_kEECDH, 1612 .algorithm_mkey = SSL_kEECDH,
1610 SSL_aECDSA, 1613 .algorithm_auth = SSL_aECDSA,
1611 SSL_eNULL, 1614 .algorithm_enc = SSL_eNULL,
1612 SSL_SHA1, 1615 .algorithm_mac = SSL_SHA1,
1613 SSL_TLSV1, 1616 .algorithm_ssl = SSL_TLSV1,
1614 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1617 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1615 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1618 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1616 0, 1619 .strength_bits = 0,
1617 0, 1620 .alg_bits = 0,
1618 }, 1621 },
1619 1622
1620 /* Cipher C007 */ 1623 /* Cipher C007 */
1621 { 1624 {
1622 1, 1625 .valid = 1,
1623 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 1626 .name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1624 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 1627 .id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1625 SSL_kEECDH, 1628 .algorithm_mkey = SSL_kEECDH,
1626 SSL_aECDSA, 1629 .algorithm_auth = SSL_aECDSA,
1627 SSL_RC4, 1630 .algorithm_enc = SSL_RC4,
1628 SSL_SHA1, 1631 .algorithm_mac = SSL_SHA1,
1629 SSL_TLSV1, 1632 .algorithm_ssl = SSL_TLSV1,
1630 SSL_NOT_EXP|SSL_MEDIUM, 1633 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1631 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1634 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1632 128, 1635 .strength_bits = 128,
1633 128, 1636 .alg_bits = 128,
1634 }, 1637 },
1635 1638
1636 /* Cipher C008 */ 1639 /* Cipher C008 */
1637 { 1640 {
1638 1, 1641 .valid = 1,
1639 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1642 .name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1640 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1643 .id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1641 SSL_kEECDH, 1644 .algorithm_mkey = SSL_kEECDH,
1642 SSL_aECDSA, 1645 .algorithm_auth = SSL_aECDSA,
1643 SSL_3DES, 1646 .algorithm_enc = SSL_3DES,
1644 SSL_SHA1, 1647 .algorithm_mac = SSL_SHA1,
1645 SSL_TLSV1, 1648 .algorithm_ssl = SSL_TLSV1,
1646 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1649 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1647 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1650 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1648 168, 1651 .strength_bits = 168,
1649 168, 1652 .alg_bits = 168,
1650 }, 1653 },
1651 1654
1652 /* Cipher C009 */ 1655 /* Cipher C009 */
1653 { 1656 {
1654 1, 1657 .valid = 1,
1655 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1658 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1656 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1659 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1657 SSL_kEECDH, 1660 .algorithm_mkey = SSL_kEECDH,
1658 SSL_aECDSA, 1661 .algorithm_auth = SSL_aECDSA,
1659 SSL_AES128, 1662 .algorithm_enc = SSL_AES128,
1660 SSL_SHA1, 1663 .algorithm_mac = SSL_SHA1,
1661 SSL_TLSV1, 1664 .algorithm_ssl = SSL_TLSV1,
1662 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1665 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1663 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1666 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1664 128, 1667 .strength_bits = 128,
1665 128, 1668 .alg_bits = 128,
1666 }, 1669 },
1667 1670
1668 /* Cipher C00A */ 1671 /* Cipher C00A */
1669 { 1672 {
1670 1, 1673 .valid = 1,
1671 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1674 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1672 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1675 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1673 SSL_kEECDH, 1676 .algorithm_mkey = SSL_kEECDH,
1674 SSL_aECDSA, 1677 .algorithm_auth = SSL_aECDSA,
1675 SSL_AES256, 1678 .algorithm_enc = SSL_AES256,
1676 SSL_SHA1, 1679 .algorithm_mac = SSL_SHA1,
1677 SSL_TLSV1, 1680 .algorithm_ssl = SSL_TLSV1,
1678 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1681 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1679 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1682 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1680 256, 1683 .strength_bits = 256,
1681 256, 1684 .alg_bits = 256,
1682 }, 1685 },
1683 1686
1684 /* Cipher C00B */ 1687 /* Cipher C00B */
1685 { 1688 {
1686 1, 1689 .valid = 1,
1687 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 1690 .name = TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1688 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 1691 .id = TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1689 SSL_kECDHr, 1692 .algorithm_mkey = SSL_kECDHr,
1690 SSL_aECDH, 1693 .algorithm_auth = SSL_aECDH,
1691 SSL_eNULL, 1694 .algorithm_enc = SSL_eNULL,
1692 SSL_SHA1, 1695 .algorithm_mac = SSL_SHA1,
1693 SSL_TLSV1, 1696 .algorithm_ssl = SSL_TLSV1,
1694 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1697 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1695 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1698 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1696 0, 1699 .strength_bits = 0,
1697 0, 1700 .alg_bits = 0,
1698 }, 1701 },
1699 1702
1700 /* Cipher C00C */ 1703 /* Cipher C00C */
1701 { 1704 {
1702 1, 1705 .valid = 1,
1703 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 1706 .name = TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1704 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 1707 .id = TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1705 SSL_kECDHr, 1708 .algorithm_mkey = SSL_kECDHr,
1706 SSL_aECDH, 1709 .algorithm_auth = SSL_aECDH,
1707 SSL_RC4, 1710 .algorithm_enc = SSL_RC4,
1708 SSL_SHA1, 1711 .algorithm_mac = SSL_SHA1,
1709 SSL_TLSV1, 1712 .algorithm_ssl = SSL_TLSV1,
1710 SSL_NOT_EXP|SSL_MEDIUM, 1713 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1711 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1714 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1712 128, 1715 .strength_bits = 128,
1713 128, 1716 .alg_bits = 128,
1714 }, 1717 },
1715 1718
1716 /* Cipher C00D */ 1719 /* Cipher C00D */
1717 { 1720 {
1718 1, 1721 .valid = 1,
1719 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1722 .name = TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1720 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1723 .id = TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1721 SSL_kECDHr, 1724 .algorithm_mkey = SSL_kECDHr,
1722 SSL_aECDH, 1725 .algorithm_auth = SSL_aECDH,
1723 SSL_3DES, 1726 .algorithm_enc = SSL_3DES,
1724 SSL_SHA1, 1727 .algorithm_mac = SSL_SHA1,
1725 SSL_TLSV1, 1728 .algorithm_ssl = SSL_TLSV1,
1726 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1729 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1727 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1730 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1728 168, 1731 .strength_bits = 168,
1729 168, 1732 .alg_bits = 168,
1730 }, 1733 },
1731 1734
1732 /* Cipher C00E */ 1735 /* Cipher C00E */
1733 { 1736 {
1734 1, 1737 .valid = 1,
1735 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 1738 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1736 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 1739 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1737 SSL_kECDHr, 1740 .algorithm_mkey = SSL_kECDHr,
1738 SSL_aECDH, 1741 .algorithm_auth = SSL_aECDH,
1739 SSL_AES128, 1742 .algorithm_enc = SSL_AES128,
1740 SSL_SHA1, 1743 .algorithm_mac = SSL_SHA1,
1741 SSL_TLSV1, 1744 .algorithm_ssl = SSL_TLSV1,
1742 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1745 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1743 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1746 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1744 128, 1747 .strength_bits = 128,
1745 128, 1748 .alg_bits = 128,
1746 }, 1749 },
1747 1750
1748 /* Cipher C00F */ 1751 /* Cipher C00F */
1749 { 1752 {
1750 1, 1753 .valid = 1,
1751 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 1754 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1752 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 1755 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1753 SSL_kECDHr, 1756 .algorithm_mkey = SSL_kECDHr,
1754 SSL_aECDH, 1757 .algorithm_auth = SSL_aECDH,
1755 SSL_AES256, 1758 .algorithm_enc = SSL_AES256,
1756 SSL_SHA1, 1759 .algorithm_mac = SSL_SHA1,
1757 SSL_TLSV1, 1760 .algorithm_ssl = SSL_TLSV1,
1758 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1761 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1759 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1762 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1760 256, 1763 .strength_bits = 256,
1761 256, 1764 .alg_bits = 256,
1762 }, 1765 },
1763 1766
1764 /* Cipher C010 */ 1767 /* Cipher C010 */
1765 { 1768 {
1766 1, 1769 .valid = 1,
1767 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 1770 .name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1768 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 1771 .id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1769 SSL_kEECDH, 1772 .algorithm_mkey = SSL_kEECDH,
1770 SSL_aRSA, 1773 .algorithm_auth = SSL_aRSA,
1771 SSL_eNULL, 1774 .algorithm_enc = SSL_eNULL,
1772 SSL_SHA1, 1775 .algorithm_mac = SSL_SHA1,
1773 SSL_TLSV1, 1776 .algorithm_ssl = SSL_TLSV1,
1774 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1777 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1775 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1778 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1776 0, 1779 .strength_bits = 0,
1777 0, 1780 .alg_bits = 0,
1778 }, 1781 },
1779 1782
1780 /* Cipher C011 */ 1783 /* Cipher C011 */
1781 { 1784 {
1782 1, 1785 .valid = 1,
1783 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 1786 .name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
1784 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 1787 .id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
1785 SSL_kEECDH, 1788 .algorithm_mkey = SSL_kEECDH,
1786 SSL_aRSA, 1789 .algorithm_auth = SSL_aRSA,
1787 SSL_RC4, 1790 .algorithm_enc = SSL_RC4,
1788 SSL_SHA1, 1791 .algorithm_mac = SSL_SHA1,
1789 SSL_TLSV1, 1792 .algorithm_ssl = SSL_TLSV1,
1790 SSL_NOT_EXP|SSL_MEDIUM, 1793 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1791 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1794 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1792 128, 1795 .strength_bits = 128,
1793 128, 1796 .alg_bits = 128,
1794 }, 1797 },
1795 1798
1796 /* Cipher C012 */ 1799 /* Cipher C012 */
1797 { 1800 {
1798 1, 1801 .valid = 1,
1799 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1802 .name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1800 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1803 .id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1801 SSL_kEECDH, 1804 .algorithm_mkey = SSL_kEECDH,
1802 SSL_aRSA, 1805 .algorithm_auth = SSL_aRSA,
1803 SSL_3DES, 1806 .algorithm_enc = SSL_3DES,
1804 SSL_SHA1, 1807 .algorithm_mac = SSL_SHA1,
1805 SSL_TLSV1, 1808 .algorithm_ssl = SSL_TLSV1,
1806 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1809 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1807 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1810 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1808 168, 1811 .strength_bits = 168,
1809 168, 1812 .alg_bits = 168,
1810 }, 1813 },
1811 1814
1812 /* Cipher C013 */ 1815 /* Cipher C013 */
1813 { 1816 {
1814 1, 1817 .valid = 1,
1815 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1818 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1816 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1819 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1817 SSL_kEECDH, 1820 .algorithm_mkey = SSL_kEECDH,
1818 SSL_aRSA, 1821 .algorithm_auth = SSL_aRSA,
1819 SSL_AES128, 1822 .algorithm_enc = SSL_AES128,
1820 SSL_SHA1, 1823 .algorithm_mac = SSL_SHA1,
1821 SSL_TLSV1, 1824 .algorithm_ssl = SSL_TLSV1,
1822 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1825 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1823 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1826 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1824 128, 1827 .strength_bits = 128,
1825 128, 1828 .alg_bits = 128,
1826 }, 1829 },
1827 1830
1828 /* Cipher C014 */ 1831 /* Cipher C014 */
1829 { 1832 {
1830 1, 1833 .valid = 1,
1831 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1834 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1832 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1835 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1833 SSL_kEECDH, 1836 .algorithm_mkey = SSL_kEECDH,
1834 SSL_aRSA, 1837 .algorithm_auth = SSL_aRSA,
1835 SSL_AES256, 1838 .algorithm_enc = SSL_AES256,
1836 SSL_SHA1, 1839 .algorithm_mac = SSL_SHA1,
1837 SSL_TLSV1, 1840 .algorithm_ssl = SSL_TLSV1,
1838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1841 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1842 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1840 256, 1843 .strength_bits = 256,
1841 256, 1844 .alg_bits = 256,
1842 }, 1845 },
1843 1846
1844 /* Cipher C015 */ 1847 /* Cipher C015 */
1845 { 1848 {
1846 1, 1849 .valid = 1,
1847 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 1850 .name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1848 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 1851 .id = TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1849 SSL_kEECDH, 1852 .algorithm_mkey = SSL_kEECDH,
1850 SSL_aNULL, 1853 .algorithm_auth = SSL_aNULL,
1851 SSL_eNULL, 1854 .algorithm_enc = SSL_eNULL,
1852 SSL_SHA1, 1855 .algorithm_mac = SSL_SHA1,
1853 SSL_TLSV1, 1856 .algorithm_ssl = SSL_TLSV1,
1854 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1857 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1855 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1858 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1856 0, 1859 .strength_bits = 0,
1857 0, 1860 .alg_bits = 0,
1858 }, 1861 },
1859 1862
1860 /* Cipher C016 */ 1863 /* Cipher C016 */
1861 { 1864 {
1862 1, 1865 .valid = 1,
1863 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 1866 .name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1864 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 1867 .id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1865 SSL_kEECDH, 1868 .algorithm_mkey = SSL_kEECDH,
1866 SSL_aNULL, 1869 .algorithm_auth = SSL_aNULL,
1867 SSL_RC4, 1870 .algorithm_enc = SSL_RC4,
1868 SSL_SHA1, 1871 .algorithm_mac = SSL_SHA1,
1869 SSL_TLSV1, 1872 .algorithm_ssl = SSL_TLSV1,
1870 SSL_NOT_EXP|SSL_MEDIUM, 1873 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1871 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1874 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1872 128, 1875 .strength_bits = 128,
1873 128, 1876 .alg_bits = 128,
1874 }, 1877 },
1875 1878
1876 /* Cipher C017 */ 1879 /* Cipher C017 */
1877 { 1880 {
1878 1, 1881 .valid = 1,
1879 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 1882 .name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1880 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 1883 .id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1881 SSL_kEECDH, 1884 .algorithm_mkey = SSL_kEECDH,
1882 SSL_aNULL, 1885 .algorithm_auth = SSL_aNULL,
1883 SSL_3DES, 1886 .algorithm_enc = SSL_3DES,
1884 SSL_SHA1, 1887 .algorithm_mac = SSL_SHA1,
1885 SSL_TLSV1, 1888 .algorithm_ssl = SSL_TLSV1,
1886 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1889 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1887 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1890 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1888 168, 1891 .strength_bits = 168,
1889 168, 1892 .alg_bits = 168,
1890 }, 1893 },
1891 1894
1892 /* Cipher C018 */ 1895 /* Cipher C018 */
1893 { 1896 {
1894 1, 1897 .valid = 1,
1895 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 1898 .name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1896 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 1899 .id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1897 SSL_kEECDH, 1900 .algorithm_mkey = SSL_kEECDH,
1898 SSL_aNULL, 1901 .algorithm_auth = SSL_aNULL,
1899 SSL_AES128, 1902 .algorithm_enc = SSL_AES128,
1900 SSL_SHA1, 1903 .algorithm_mac = SSL_SHA1,
1901 SSL_TLSV1, 1904 .algorithm_ssl = SSL_TLSV1,
1902 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1905 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1906 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1904 128, 1907 .strength_bits = 128,
1905 128, 1908 .alg_bits = 128,
1906 }, 1909 },
1907 1910
1908 /* Cipher C019 */ 1911 /* Cipher C019 */
1909 { 1912 {
1910 1, 1913 .valid = 1,
1911 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 1914 .name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1912 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 1915 .id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1913 SSL_kEECDH, 1916 .algorithm_mkey = SSL_kEECDH,
1914 SSL_aNULL, 1917 .algorithm_auth = SSL_aNULL,
1915 SSL_AES256, 1918 .algorithm_enc = SSL_AES256,
1916 SSL_SHA1, 1919 .algorithm_mac = SSL_SHA1,
1917 SSL_TLSV1, 1920 .algorithm_ssl = SSL_TLSV1,
1918 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1921 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1919 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1922 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1920 256, 1923 .strength_bits = 256,
1921 256, 1924 .alg_bits = 256,
1922 }, 1925 },
1923#endif /* OPENSSL_NO_ECDH */ 1926#endif /* OPENSSL_NO_ECDH */
1924 1927
@@ -1928,326 +1931,326 @@ SSL_CIPHER ssl3_ciphers[] = {
1928 1931
1929 /* Cipher C023 */ 1932 /* Cipher C023 */
1930 { 1933 {
1931 1, 1934 .valid = 1,
1932 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 1935 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1933 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 1936 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1934 SSL_kEECDH, 1937 .algorithm_mkey = SSL_kEECDH,
1935 SSL_aECDSA, 1938 .algorithm_auth = SSL_aECDSA,
1936 SSL_AES128, 1939 .algorithm_enc = SSL_AES128,
1937 SSL_SHA256, 1940 .algorithm_mac = SSL_SHA256,
1938 SSL_TLSV1_2, 1941 .algorithm_ssl = SSL_TLSV1_2,
1939 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1942 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1940 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1943 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1941 128, 1944 .strength_bits = 128,
1942 128, 1945 .alg_bits = 128,
1943 }, 1946 },
1944 1947
1945 /* Cipher C024 */ 1948 /* Cipher C024 */
1946 { 1949 {
1947 1, 1950 .valid = 1,
1948 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 1951 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1949 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 1952 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1950 SSL_kEECDH, 1953 .algorithm_mkey = SSL_kEECDH,
1951 SSL_aECDSA, 1954 .algorithm_auth = SSL_aECDSA,
1952 SSL_AES256, 1955 .algorithm_enc = SSL_AES256,
1953 SSL_SHA384, 1956 .algorithm_mac = SSL_SHA384,
1954 SSL_TLSV1_2, 1957 .algorithm_ssl = SSL_TLSV1_2,
1955 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1958 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1956 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1959 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1957 256, 1960 .strength_bits = 256,
1958 256, 1961 .alg_bits = 256,
1959 }, 1962 },
1960 1963
1961 /* Cipher C025 */ 1964 /* Cipher C025 */
1962 { 1965 {
1963 1, 1966 .valid = 1,
1964 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 1967 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
1965 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 1968 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
1966 SSL_kECDHe, 1969 .algorithm_mkey = SSL_kECDHe,
1967 SSL_aECDH, 1970 .algorithm_auth = SSL_aECDH,
1968 SSL_AES128, 1971 .algorithm_enc = SSL_AES128,
1969 SSL_SHA256, 1972 .algorithm_mac = SSL_SHA256,
1970 SSL_TLSV1_2, 1973 .algorithm_ssl = SSL_TLSV1_2,
1971 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1974 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1972 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1975 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1973 128, 1976 .strength_bits = 128,
1974 128, 1977 .alg_bits = 128,
1975 }, 1978 },
1976 1979
1977 /* Cipher C026 */ 1980 /* Cipher C026 */
1978 { 1981 {
1979 1, 1982 .valid = 1,
1980 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 1983 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
1981 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 1984 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
1982 SSL_kECDHe, 1985 .algorithm_mkey = SSL_kECDHe,
1983 SSL_aECDH, 1986 .algorithm_auth = SSL_aECDH,
1984 SSL_AES256, 1987 .algorithm_enc = SSL_AES256,
1985 SSL_SHA384, 1988 .algorithm_mac = SSL_SHA384,
1986 SSL_TLSV1_2, 1989 .algorithm_ssl = SSL_TLSV1_2,
1987 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1990 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1988 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1991 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1989 256, 1992 .strength_bits = 256,
1990 256, 1993 .alg_bits = 256,
1991 }, 1994 },
1992 1995
1993 /* Cipher C027 */ 1996 /* Cipher C027 */
1994 { 1997 {
1995 1, 1998 .valid = 1,
1996 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 1999 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1997 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2000 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1998 SSL_kEECDH, 2001 .algorithm_mkey = SSL_kEECDH,
1999 SSL_aRSA, 2002 .algorithm_auth = SSL_aRSA,
2000 SSL_AES128, 2003 .algorithm_enc = SSL_AES128,
2001 SSL_SHA256, 2004 .algorithm_mac = SSL_SHA256,
2002 SSL_TLSV1_2, 2005 .algorithm_ssl = SSL_TLSV1_2,
2003 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2006 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2004 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2007 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2005 128, 2008 .strength_bits = 128,
2006 128, 2009 .alg_bits = 128,
2007 }, 2010 },
2008 2011
2009 /* Cipher C028 */ 2012 /* Cipher C028 */
2010 { 2013 {
2011 1, 2014 .valid = 1,
2012 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2015 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2013 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2016 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2014 SSL_kEECDH, 2017 .algorithm_mkey = SSL_kEECDH,
2015 SSL_aRSA, 2018 .algorithm_auth = SSL_aRSA,
2016 SSL_AES256, 2019 .algorithm_enc = SSL_AES256,
2017 SSL_SHA384, 2020 .algorithm_mac = SSL_SHA384,
2018 SSL_TLSV1_2, 2021 .algorithm_ssl = SSL_TLSV1_2,
2019 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2022 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2020 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2023 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2021 256, 2024 .strength_bits = 256,
2022 256, 2025 .alg_bits = 256,
2023 }, 2026 },
2024 2027
2025 /* Cipher C029 */ 2028 /* Cipher C029 */
2026 { 2029 {
2027 1, 2030 .valid = 1,
2028 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2031 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2029 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2032 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2030 SSL_kECDHr, 2033 .algorithm_mkey = SSL_kECDHr,
2031 SSL_aECDH, 2034 .algorithm_auth = SSL_aECDH,
2032 SSL_AES128, 2035 .algorithm_enc = SSL_AES128,
2033 SSL_SHA256, 2036 .algorithm_mac = SSL_SHA256,
2034 SSL_TLSV1_2, 2037 .algorithm_ssl = SSL_TLSV1_2,
2035 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2038 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2036 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2039 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2037 128, 2040 .strength_bits = 128,
2038 128, 2041 .alg_bits = 128,
2039 }, 2042 },
2040 2043
2041 /* Cipher C02A */ 2044 /* Cipher C02A */
2042 { 2045 {
2043 1, 2046 .valid = 1,
2044 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2047 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2045 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2048 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2046 SSL_kECDHr, 2049 .algorithm_mkey = SSL_kECDHr,
2047 SSL_aECDH, 2050 .algorithm_auth = SSL_aECDH,
2048 SSL_AES256, 2051 .algorithm_enc = SSL_AES256,
2049 SSL_SHA384, 2052 .algorithm_mac = SSL_SHA384,
2050 SSL_TLSV1_2, 2053 .algorithm_ssl = SSL_TLSV1_2,
2051 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2054 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2052 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2055 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2053 256, 2056 .strength_bits = 256,
2054 256, 2057 .alg_bits = 256,
2055 }, 2058 },
2056 2059
2057 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2060 /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2058 2061
2059 /* Cipher C02B */ 2062 /* Cipher C02B */
2060 { 2063 {
2061 1, 2064 .valid = 1,
2062 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2065 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2063 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2066 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2064 SSL_kEECDH, 2067 .algorithm_mkey = SSL_kEECDH,
2065 SSL_aECDSA, 2068 .algorithm_auth = SSL_aECDSA,
2066 SSL_AES128GCM, 2069 .algorithm_enc = SSL_AES128GCM,
2067 SSL_AEAD, 2070 .algorithm_mac = SSL_AEAD,
2068 SSL_TLSV1_2, 2071 .algorithm_ssl = SSL_TLSV1_2,
2069 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2072 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2070 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2073 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2071 128, 2074 .strength_bits = 128,
2072 128, 2075 .alg_bits = 128,
2073 }, 2076 },
2074 2077
2075 /* Cipher C02C */ 2078 /* Cipher C02C */
2076 { 2079 {
2077 1, 2080 .valid = 1,
2078 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2081 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2079 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2082 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2080 SSL_kEECDH, 2083 .algorithm_mkey = SSL_kEECDH,
2081 SSL_aECDSA, 2084 .algorithm_auth = SSL_aECDSA,
2082 SSL_AES256GCM, 2085 .algorithm_enc = SSL_AES256GCM,
2083 SSL_AEAD, 2086 .algorithm_mac = SSL_AEAD,
2084 SSL_TLSV1_2, 2087 .algorithm_ssl = SSL_TLSV1_2,
2085 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2088 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2086 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2089 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2087 256, 2090 .strength_bits = 256,
2088 256, 2091 .alg_bits = 256,
2089 }, 2092 },
2090 2093
2091 /* Cipher C02D */ 2094 /* Cipher C02D */
2092 { 2095 {
2093 1, 2096 .valid = 1,
2094 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2097 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2095 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2098 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2096 SSL_kECDHe, 2099 .algorithm_mkey = SSL_kECDHe,
2097 SSL_aECDH, 2100 .algorithm_auth = SSL_aECDH,
2098 SSL_AES128GCM, 2101 .algorithm_enc = SSL_AES128GCM,
2099 SSL_AEAD, 2102 .algorithm_mac = SSL_AEAD,
2100 SSL_TLSV1_2, 2103 .algorithm_ssl = SSL_TLSV1_2,
2101 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2104 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2102 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2105 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2103 128, 2106 .strength_bits = 128,
2104 128, 2107 .alg_bits = 128,
2105 }, 2108 },
2106 2109
2107 /* Cipher C02E */ 2110 /* Cipher C02E */
2108 { 2111 {
2109 1, 2112 .valid = 1,
2110 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2113 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2111 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2114 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2112 SSL_kECDHe, 2115 .algorithm_mkey = SSL_kECDHe,
2113 SSL_aECDH, 2116 .algorithm_auth = SSL_aECDH,
2114 SSL_AES256GCM, 2117 .algorithm_enc = SSL_AES256GCM,
2115 SSL_AEAD, 2118 .algorithm_mac = SSL_AEAD,
2116 SSL_TLSV1_2, 2119 .algorithm_ssl = SSL_TLSV1_2,
2117 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2120 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2118 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2121 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2119 256, 2122 .strength_bits = 256,
2120 256, 2123 .alg_bits = 256,
2121 }, 2124 },
2122 2125
2123 /* Cipher C02F */ 2126 /* Cipher C02F */
2124 { 2127 {
2125 1, 2128 .valid = 1,
2126 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2129 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2127 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2130 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2128 SSL_kEECDH, 2131 .algorithm_mkey = SSL_kEECDH,
2129 SSL_aRSA, 2132 .algorithm_auth = SSL_aRSA,
2130 SSL_AES128GCM, 2133 .algorithm_enc = SSL_AES128GCM,
2131 SSL_AEAD, 2134 .algorithm_mac = SSL_AEAD,
2132 SSL_TLSV1_2, 2135 .algorithm_ssl = SSL_TLSV1_2,
2133 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2136 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2134 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2137 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2135 128, 2138 .strength_bits = 128,
2136 128, 2139 .alg_bits = 128,
2137 }, 2140 },
2138 2141
2139 /* Cipher C030 */ 2142 /* Cipher C030 */
2140 { 2143 {
2141 1, 2144 .valid = 1,
2142 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2145 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2143 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2146 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2144 SSL_kEECDH, 2147 .algorithm_mkey = SSL_kEECDH,
2145 SSL_aRSA, 2148 .algorithm_auth = SSL_aRSA,
2146 SSL_AES256GCM, 2149 .algorithm_enc = SSL_AES256GCM,
2147 SSL_AEAD, 2150 .algorithm_mac = SSL_AEAD,
2148 SSL_TLSV1_2, 2151 .algorithm_ssl = SSL_TLSV1_2,
2149 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2152 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2150 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2153 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2151 256, 2154 .strength_bits = 256,
2152 256, 2155 .alg_bits = 256,
2153 }, 2156 },
2154 2157
2155 /* Cipher C031 */ 2158 /* Cipher C031 */
2156 { 2159 {
2157 1, 2160 .valid = 1,
2158 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2161 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2159 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2162 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2160 SSL_kECDHr, 2163 .algorithm_mkey = SSL_kECDHr,
2161 SSL_aECDH, 2164 .algorithm_auth = SSL_aECDH,
2162 SSL_AES128GCM, 2165 .algorithm_enc = SSL_AES128GCM,
2163 SSL_AEAD, 2166 .algorithm_mac = SSL_AEAD,
2164 SSL_TLSV1_2, 2167 .algorithm_ssl = SSL_TLSV1_2,
2165 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2168 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2166 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2169 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2167 128, 2170 .strength_bits = 128,
2168 128, 2171 .alg_bits = 128,
2169 }, 2172 },
2170 2173
2171 /* Cipher C032 */ 2174 /* Cipher C032 */
2172 { 2175 {
2173 1, 2176 .valid = 1,
2174 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2177 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2175 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2178 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2176 SSL_kECDHr, 2179 .algorithm_mkey = SSL_kECDHr,
2177 SSL_aECDH, 2180 .algorithm_auth = SSL_aECDH,
2178 SSL_AES256GCM, 2181 .algorithm_enc = SSL_AES256GCM,
2179 SSL_AEAD, 2182 .algorithm_mac = SSL_AEAD,
2180 SSL_TLSV1_2, 2183 .algorithm_ssl = SSL_TLSV1_2,
2181 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2184 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2182 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2185 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2183 256, 2186 .strength_bits = 256,
2184 256, 2187 .alg_bits = 256,
2185 }, 2188 },
2186 2189
2187#endif /* OPENSSL_NO_ECDH */ 2190#endif /* OPENSSL_NO_ECDH */
2188 2191
2189 2192
2190#ifdef TEMP_GOST_TLS 2193#ifdef TEMP_GOST_TLS
2191/* Cipher FF00 */ 2194 /* Cipher FF00 */
2192 { 2195 {
2193 1, 2196 .valid = 1,
2194 "GOST-MD5", 2197 .name = "GOST-MD5",
2195 0x0300ff00, 2198 .id = 0x0300ff00,
2196 SSL_kRSA, 2199 .algorithm_mkey = SSL_kRSA,
2197 SSL_aRSA, 2200 .algorithm_auth = SSL_aRSA,
2198 SSL_eGOST2814789CNT, 2201 .algorithm_enc = SSL_eGOST2814789CNT,
2199 SSL_MD5, 2202 .algorithm_mac = SSL_MD5,
2200 SSL_TLSV1, 2203 .algorithm_ssl = SSL_TLSV1,
2201 SSL_NOT_EXP|SSL_HIGH, 2204 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2202 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2205 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2203 256, 2206 .strength_bits = 256,
2204 256, 2207 .alg_bits = 256,
2205 }, 2208 },
2206 { 2209 {
2207 1, 2210 .valid = 1,
2208 "GOST-GOST94", 2211 .name = "GOST-GOST94",
2209 0x0300ff01, 2212 .id = 0x0300ff01,
2210 SSL_kRSA, 2213 .algorithm_mkey = SSL_kRSA,
2211 SSL_aRSA, 2214 .algorithm_auth = SSL_aRSA,
2212 SSL_eGOST2814789CNT, 2215 .algorithm_enc = SSL_eGOST2814789CNT,
2213 SSL_GOST94, 2216 .algorithm_mac = SSL_GOST94,
2214 SSL_TLSV1, 2217 .algorithm_ssl = SSL_TLSV1,
2215 SSL_NOT_EXP|SSL_HIGH, 2218 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2216 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2219 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2217 256, 2220 .strength_bits = 256,
2218 256 2221 .alg_bits = 256
2219 }, 2222 },
2220 { 2223 {
2221 1, 2224 .valid = 1,
2222 "GOST-GOST89MAC", 2225 .name = "GOST-GOST89MAC",
2223 0x0300ff02, 2226 .id = 0x0300ff02,
2224 SSL_kRSA, 2227 .algorithm_mkey = SSL_kRSA,
2225 SSL_aRSA, 2228 .algorithm_auth = SSL_aRSA,
2226 SSL_eGOST2814789CNT, 2229 .algorithm_enc = SSL_eGOST2814789CNT,
2227 SSL_GOST89MAC, 2230 .algorithm_mac = SSL_GOST89MAC,
2228 SSL_TLSV1, 2231 .algorithm_ssl = SSL_TLSV1,
2229 SSL_NOT_EXP|SSL_HIGH, 2232 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2230 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2233 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2231 256, 2234 .strength_bits = 256,
2232 256 2235 .alg_bits = 256
2233 }, 2236 },
2234 { 2237 {
2235 1, 2238 .valid = 1,
2236 "GOST-GOST89STREAM", 2239 .name = "GOST-GOST89STREAM",
2237 0x0300ff03, 2240 .id = 0x0300ff03,
2238 SSL_kRSA, 2241 .algorithm_mkey = SSL_kRSA,
2239 SSL_aRSA, 2242 .algorithm_auth = SSL_aRSA,
2240 SSL_eGOST2814789CNT, 2243 .algorithm_enc = SSL_eGOST2814789CNT,
2241 SSL_GOST89MAC, 2244 .algorithm_mac = SSL_GOST89MAC,
2242 SSL_TLSV1, 2245 .algorithm_ssl = SSL_TLSV1,
2243 SSL_NOT_EXP|SSL_HIGH, 2246 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2244 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2247 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|
2245 256, 2248 TLS1_STREAM_MAC,
2246 256 2249 .strength_bits = 256,
2250 .alg_bits = 256
2247 }, 2251 },
2248#endif 2252#endif
2249 2253 /* end of list */
2250/* end of list */
2251}; 2254};
2252 2255
2253SSL3_ENC_METHOD SSLv3_enc_data = { 2256SSL3_ENC_METHOD SSLv3_enc_data = {
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 0bb74760f2..f14cbd0c99 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -168,725 +168,725 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
168/* list of available SSLv3 ciphers (sorted by id) */ 168/* list of available SSLv3 ciphers (sorted by id) */
169SSL_CIPHER ssl3_ciphers[] = { 169SSL_CIPHER ssl3_ciphers[] = {
170 170
171/* The RSA ciphers */ 171 /* The RSA ciphers */
172/* Cipher 01 */ 172 /* Cipher 01 */
173 { 173 {
174 1, 174 .valid = 1,
175 SSL3_TXT_RSA_NULL_MD5, 175 .name = SSL3_TXT_RSA_NULL_MD5,
176 SSL3_CK_RSA_NULL_MD5, 176 .id = SSL3_CK_RSA_NULL_MD5,
177 SSL_kRSA, 177 .algorithm_mkey = SSL_kRSA,
178 SSL_aRSA, 178 .algorithm_auth = SSL_aRSA,
179 SSL_eNULL, 179 .algorithm_enc = SSL_eNULL,
180 SSL_MD5, 180 .algorithm_mac = SSL_MD5,
181 SSL_SSLV3, 181 .algorithm_ssl = SSL_SSLV3,
182 SSL_NOT_EXP|SSL_STRONG_NONE, 182 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
183 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 183 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
184 0, 184 .strength_bits = 0,
185 0, 185 .alg_bits = 0,
186 }, 186 },
187 187
188/* Cipher 02 */ 188 /* Cipher 02 */
189 { 189 {
190 1, 190 .valid = 1,
191 SSL3_TXT_RSA_NULL_SHA, 191 .name = SSL3_TXT_RSA_NULL_SHA,
192 SSL3_CK_RSA_NULL_SHA, 192 .id = SSL3_CK_RSA_NULL_SHA,
193 SSL_kRSA, 193 .algorithm_mkey = SSL_kRSA,
194 SSL_aRSA, 194 .algorithm_auth = SSL_aRSA,
195 SSL_eNULL, 195 .algorithm_enc = SSL_eNULL,
196 SSL_SHA1, 196 .algorithm_mac = SSL_SHA1,
197 SSL_SSLV3, 197 .algorithm_ssl = SSL_SSLV3,
198 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 198 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
199 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 199 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
200 0, 200 .strength_bits = 0,
201 0, 201 .alg_bits = 0,
202 }, 202 },
203 203
204/* Cipher 03 */ 204 /* Cipher 03 */
205 { 205 {
206 1, 206 .valid = 1,
207 SSL3_TXT_RSA_RC4_40_MD5, 207 .name = SSL3_TXT_RSA_RC4_40_MD5,
208 SSL3_CK_RSA_RC4_40_MD5, 208 .id = SSL3_CK_RSA_RC4_40_MD5,
209 SSL_kRSA, 209 .algorithm_mkey = SSL_kRSA,
210 SSL_aRSA, 210 .algorithm_auth = SSL_aRSA,
211 SSL_RC4, 211 .algorithm_enc = SSL_RC4,
212 SSL_MD5, 212 .algorithm_mac = SSL_MD5,
213 SSL_SSLV3, 213 .algorithm_ssl = SSL_SSLV3,
214 SSL_EXPORT|SSL_EXP40, 214 .algo_strength = SSL_EXPORT|SSL_EXP40,
215 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 215 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
216 40, 216 .strength_bits = 40,
217 128, 217 .alg_bits = 128,
218 }, 218 },
219 219
220/* Cipher 04 */ 220 /* Cipher 04 */
221 { 221 {
222 1, 222 .valid = 1,
223 SSL3_TXT_RSA_RC4_128_MD5, 223 .name = SSL3_TXT_RSA_RC4_128_MD5,
224 SSL3_CK_RSA_RC4_128_MD5, 224 .id = SSL3_CK_RSA_RC4_128_MD5,
225 SSL_kRSA, 225 .algorithm_mkey = SSL_kRSA,
226 SSL_aRSA, 226 .algorithm_auth = SSL_aRSA,
227 SSL_RC4, 227 .algorithm_enc = SSL_RC4,
228 SSL_MD5, 228 .algorithm_mac = SSL_MD5,
229 SSL_SSLV3, 229 .algorithm_ssl = SSL_SSLV3,
230 SSL_NOT_EXP|SSL_MEDIUM, 230 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
231 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 231 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
232 128, 232 .strength_bits = 128,
233 128, 233 .alg_bits = 128,
234 }, 234 },
235 235
236/* Cipher 05 */ 236 /* Cipher 05 */
237 { 237 {
238 1, 238 .valid = 1,
239 SSL3_TXT_RSA_RC4_128_SHA, 239 .name = SSL3_TXT_RSA_RC4_128_SHA,
240 SSL3_CK_RSA_RC4_128_SHA, 240 .id = SSL3_CK_RSA_RC4_128_SHA,
241 SSL_kRSA, 241 .algorithm_mkey = SSL_kRSA,
242 SSL_aRSA, 242 .algorithm_auth = SSL_aRSA,
243 SSL_RC4, 243 .algorithm_enc = SSL_RC4,
244 SSL_SHA1, 244 .algorithm_mac = SSL_SHA1,
245 SSL_SSLV3, 245 .algorithm_ssl = SSL_SSLV3,
246 SSL_NOT_EXP|SSL_MEDIUM, 246 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
247 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 247 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
248 128, 248 .strength_bits = 128,
249 128, 249 .alg_bits = 128,
250 }, 250 },
251 251
252/* Cipher 06 */ 252 /* Cipher 06 */
253 { 253 {
254 1, 254 .valid = 1,
255 SSL3_TXT_RSA_RC2_40_MD5, 255 .name = SSL3_TXT_RSA_RC2_40_MD5,
256 SSL3_CK_RSA_RC2_40_MD5, 256 .id = SSL3_CK_RSA_RC2_40_MD5,
257 SSL_kRSA, 257 .algorithm_mkey = SSL_kRSA,
258 SSL_aRSA, 258 .algorithm_auth = SSL_aRSA,
259 SSL_RC2, 259 .algorithm_enc = SSL_RC2,
260 SSL_MD5, 260 .algorithm_mac = SSL_MD5,
261 SSL_SSLV3, 261 .algorithm_ssl = SSL_SSLV3,
262 SSL_EXPORT|SSL_EXP40, 262 .algo_strength = SSL_EXPORT|SSL_EXP40,
263 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 263 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
264 40, 264 .strength_bits = 40,
265 128, 265 .alg_bits = 128,
266 }, 266 },
267 267
268/* Cipher 07 */ 268 /* Cipher 07 */
269#ifndef OPENSSL_NO_IDEA 269#ifndef OPENSSL_NO_IDEA
270 { 270 {
271 1, 271 .valid = 1,
272 SSL3_TXT_RSA_IDEA_128_SHA, 272 .name = SSL3_TXT_RSA_IDEA_128_SHA,
273 SSL3_CK_RSA_IDEA_128_SHA, 273 .id = SSL3_CK_RSA_IDEA_128_SHA,
274 SSL_kRSA, 274 .algorithm_mkey = SSL_kRSA,
275 SSL_aRSA, 275 .algorithm_auth = SSL_aRSA,
276 SSL_IDEA, 276 .algorithm_enc = SSL_IDEA,
277 SSL_SHA1, 277 .algorithm_mac = SSL_SHA1,
278 SSL_SSLV3, 278 .algorithm_ssl = SSL_SSLV3,
279 SSL_NOT_EXP|SSL_MEDIUM, 279 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
280 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 280 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
281 128, 281 .strength_bits = 128,
282 128, 282 .alg_bits = 128,
283 }, 283 },
284#endif 284#endif
285 285
286/* Cipher 08 */ 286 /* Cipher 08 */
287 { 287 {
288 1, 288 .valid = 1,
289 SSL3_TXT_RSA_DES_40_CBC_SHA, 289 .name = SSL3_TXT_RSA_DES_40_CBC_SHA,
290 SSL3_CK_RSA_DES_40_CBC_SHA, 290 .id = SSL3_CK_RSA_DES_40_CBC_SHA,
291 SSL_kRSA, 291 .algorithm_mkey = SSL_kRSA,
292 SSL_aRSA, 292 .algorithm_auth = SSL_aRSA,
293 SSL_DES, 293 .algorithm_enc = SSL_DES,
294 SSL_SHA1, 294 .algorithm_mac = SSL_SHA1,
295 SSL_SSLV3, 295 .algorithm_ssl = SSL_SSLV3,
296 SSL_EXPORT|SSL_EXP40, 296 .algo_strength = SSL_EXPORT|SSL_EXP40,
297 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 297 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
298 40, 298 .strength_bits = 40,
299 56, 299 .alg_bits = 56,
300 }, 300 },
301 301
302/* Cipher 09 */ 302 /* Cipher 09 */
303 { 303 {
304 1, 304 .valid = 1,
305 SSL3_TXT_RSA_DES_64_CBC_SHA, 305 .name = SSL3_TXT_RSA_DES_64_CBC_SHA,
306 SSL3_CK_RSA_DES_64_CBC_SHA, 306 .id = SSL3_CK_RSA_DES_64_CBC_SHA,
307 SSL_kRSA, 307 .algorithm_mkey = SSL_kRSA,
308 SSL_aRSA, 308 .algorithm_auth = SSL_aRSA,
309 SSL_DES, 309 .algorithm_enc = SSL_DES,
310 SSL_SHA1, 310 .algorithm_mac = SSL_SHA1,
311 SSL_SSLV3, 311 .algorithm_ssl = SSL_SSLV3,
312 SSL_NOT_EXP|SSL_LOW, 312 .algo_strength = SSL_NOT_EXP|SSL_LOW,
313 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 313 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
314 56, 314 .strength_bits = 56,
315 56, 315 .alg_bits = 56,
316 }, 316 },
317 317
318/* Cipher 0A */ 318 /* Cipher 0A */
319 { 319 {
320 1, 320 .valid = 1,
321 SSL3_TXT_RSA_DES_192_CBC3_SHA, 321 .name = SSL3_TXT_RSA_DES_192_CBC3_SHA,
322 SSL3_CK_RSA_DES_192_CBC3_SHA, 322 .id = SSL3_CK_RSA_DES_192_CBC3_SHA,
323 SSL_kRSA, 323 .algorithm_mkey = SSL_kRSA,
324 SSL_aRSA, 324 .algorithm_auth = SSL_aRSA,
325 SSL_3DES, 325 .algorithm_enc = SSL_3DES,
326 SSL_SHA1, 326 .algorithm_mac = SSL_SHA1,
327 SSL_SSLV3, 327 .algorithm_ssl = SSL_SSLV3,
328 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 328 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
329 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 329 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
330 168, 330 .strength_bits = 168,
331 168, 331 .alg_bits = 168,
332 }, 332 },
333 333
334/* The DH ciphers */ 334 /* The DH ciphers */
335/* Cipher 0B */ 335 /* Cipher 0B */
336 { 336 {
337 0, 337 .valid = 0,
338 SSL3_TXT_DH_DSS_DES_40_CBC_SHA, 338 .name = SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
339 SSL3_CK_DH_DSS_DES_40_CBC_SHA, 339 .id = SSL3_CK_DH_DSS_DES_40_CBC_SHA,
340 SSL_kDHd, 340 .algorithm_mkey = SSL_kDHd,
341 SSL_aDH, 341 .algorithm_auth = SSL_aDH,
342 SSL_DES, 342 .algorithm_enc = SSL_DES,
343 SSL_SHA1, 343 .algorithm_mac = SSL_SHA1,
344 SSL_SSLV3, 344 .algorithm_ssl = SSL_SSLV3,
345 SSL_EXPORT|SSL_EXP40, 345 .algo_strength = SSL_EXPORT|SSL_EXP40,
346 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 346 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
347 40, 347 .strength_bits = 40,
348 56, 348 .alg_bits = 56,
349 }, 349 },
350 350
351/* Cipher 0C */ 351 /* Cipher 0C */
352 { 352 {
353 0, /* not implemented (non-ephemeral DH) */ 353 .valid = 0, /* not implemented (non-ephemeral DH) */
354 SSL3_TXT_DH_DSS_DES_64_CBC_SHA, 354 .name = SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
355 SSL3_CK_DH_DSS_DES_64_CBC_SHA, 355 .id = SSL3_CK_DH_DSS_DES_64_CBC_SHA,
356 SSL_kDHd, 356 .algorithm_mkey = SSL_kDHd,
357 SSL_aDH, 357 .algorithm_auth = SSL_aDH,
358 SSL_DES, 358 .algorithm_enc = SSL_DES,
359 SSL_SHA1, 359 .algorithm_mac = SSL_SHA1,
360 SSL_SSLV3, 360 .algorithm_ssl = SSL_SSLV3,
361 SSL_NOT_EXP|SSL_LOW, 361 .algo_strength = SSL_NOT_EXP|SSL_LOW,
362 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 362 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
363 56, 363 .strength_bits = 56,
364 56, 364 .alg_bits = 56,
365 }, 365 },
366 366
367/* Cipher 0D */ 367 /* Cipher 0D */
368 { 368 {
369 0, /* not implemented (non-ephemeral DH) */ 369 .valid = 0, /* not implemented (non-ephemeral DH) */
370 SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, 370 .name = SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
371 SSL3_CK_DH_DSS_DES_192_CBC3_SHA, 371 .id = SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
372 SSL_kDHd, 372 .algorithm_mkey = SSL_kDHd,
373 SSL_aDH, 373 .algorithm_auth = SSL_aDH,
374 SSL_3DES, 374 .algorithm_enc = SSL_3DES,
375 SSL_SHA1, 375 .algorithm_mac = SSL_SHA1,
376 SSL_SSLV3, 376 .algorithm_ssl = SSL_SSLV3,
377 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 377 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
378 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 378 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
379 168, 379 .strength_bits = 168,
380 168, 380 .alg_bits = 168,
381 }, 381 },
382 382
383/* Cipher 0E */ 383 /* Cipher 0E */
384 { 384 {
385 0, /* not implemented (non-ephemeral DH) */ 385 .valid = 0, /* not implemented (non-ephemeral DH) */
386 SSL3_TXT_DH_RSA_DES_40_CBC_SHA, 386 .name = SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
387 SSL3_CK_DH_RSA_DES_40_CBC_SHA, 387 .id = SSL3_CK_DH_RSA_DES_40_CBC_SHA,
388 SSL_kDHr, 388 .algorithm_mkey = SSL_kDHr,
389 SSL_aDH, 389 .algorithm_auth = SSL_aDH,
390 SSL_DES, 390 .algorithm_enc = SSL_DES,
391 SSL_SHA1, 391 .algorithm_mac = SSL_SHA1,
392 SSL_SSLV3, 392 .algorithm_ssl = SSL_SSLV3,
393 SSL_EXPORT|SSL_EXP40, 393 .algo_strength = SSL_EXPORT|SSL_EXP40,
394 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 394 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
395 40, 395 .strength_bits = 40,
396 56, 396 .alg_bits = 56,
397 }, 397 },
398 398
399/* Cipher 0F */ 399 /* Cipher 0F */
400 { 400 {
401 0, /* not implemented (non-ephemeral DH) */ 401 .valid = 0, /* not implemented (non-ephemeral DH) */
402 SSL3_TXT_DH_RSA_DES_64_CBC_SHA, 402 .name = SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
403 SSL3_CK_DH_RSA_DES_64_CBC_SHA, 403 .id = SSL3_CK_DH_RSA_DES_64_CBC_SHA,
404 SSL_kDHr, 404 .algorithm_mkey = SSL_kDHr,
405 SSL_aDH, 405 .algorithm_auth = SSL_aDH,
406 SSL_DES, 406 .algorithm_enc = SSL_DES,
407 SSL_SHA1, 407 .algorithm_mac = SSL_SHA1,
408 SSL_SSLV3, 408 .algorithm_ssl = SSL_SSLV3,
409 SSL_NOT_EXP|SSL_LOW, 409 .algo_strength = SSL_NOT_EXP|SSL_LOW,
410 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 410 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
411 56, 411 .strength_bits = 56,
412 56, 412 .alg_bits = 56,
413 }, 413 },
414 414
415/* Cipher 10 */ 415 /* Cipher 10 */
416 { 416 {
417 0, /* not implemented (non-ephemeral DH) */ 417 .valid = 0, /* not implemented (non-ephemeral DH) */
418 SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, 418 .name = SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
419 SSL3_CK_DH_RSA_DES_192_CBC3_SHA, 419 .id = SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
420 SSL_kDHr, 420 .algorithm_mkey = SSL_kDHr,
421 SSL_aDH, 421 .algorithm_auth = SSL_aDH,
422 SSL_3DES, 422 .algorithm_enc = SSL_3DES,
423 SSL_SHA1, 423 .algorithm_mac = SSL_SHA1,
424 SSL_SSLV3, 424 .algorithm_ssl = SSL_SSLV3,
425 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 425 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
426 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 426 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
427 168, 427 .strength_bits = 168,
428 168, 428 .alg_bits = 168,
429 }, 429 },
430 430
431/* The Ephemeral DH ciphers */ 431 /* The Ephemeral DH ciphers */
432/* Cipher 11 */ 432 /* Cipher 11 */
433 { 433 {
434 1, 434 .valid = 1,
435 SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, 435 .name = SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
436 SSL3_CK_EDH_DSS_DES_40_CBC_SHA, 436 .id = SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
437 SSL_kEDH, 437 .algorithm_mkey = SSL_kEDH,
438 SSL_aDSS, 438 .algorithm_auth = SSL_aDSS,
439 SSL_DES, 439 .algorithm_enc = SSL_DES,
440 SSL_SHA1, 440 .algorithm_mac = SSL_SHA1,
441 SSL_SSLV3, 441 .algorithm_ssl = SSL_SSLV3,
442 SSL_EXPORT|SSL_EXP40, 442 .algo_strength = SSL_EXPORT|SSL_EXP40,
443 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 443 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
444 40, 444 .strength_bits = 40,
445 56, 445 .alg_bits = 56,
446 }, 446 },
447 447
448/* Cipher 12 */ 448 /* Cipher 12 */
449 { 449 {
450 1, 450 .valid = 1,
451 SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, 451 .name = SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
452 SSL3_CK_EDH_DSS_DES_64_CBC_SHA, 452 .id = SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
453 SSL_kEDH, 453 .algorithm_mkey = SSL_kEDH,
454 SSL_aDSS, 454 .algorithm_auth = SSL_aDSS,
455 SSL_DES, 455 .algorithm_enc = SSL_DES,
456 SSL_SHA1, 456 .algorithm_mac = SSL_SHA1,
457 SSL_SSLV3, 457 .algorithm_ssl = SSL_SSLV3,
458 SSL_NOT_EXP|SSL_LOW, 458 .algo_strength = SSL_NOT_EXP|SSL_LOW,
459 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 459 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
460 56, 460 .strength_bits = 56,
461 56, 461 .alg_bits = 56,
462 }, 462 },
463 463
464/* Cipher 13 */ 464 /* Cipher 13 */
465 { 465 {
466 1, 466 .valid = 1,
467 SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, 467 .name = SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
468 SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, 468 .id = SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
469 SSL_kEDH, 469 .algorithm_mkey = SSL_kEDH,
470 SSL_aDSS, 470 .algorithm_auth = SSL_aDSS,
471 SSL_3DES, 471 .algorithm_enc = SSL_3DES,
472 SSL_SHA1, 472 .algorithm_mac = SSL_SHA1,
473 SSL_SSLV3, 473 .algorithm_ssl = SSL_SSLV3,
474 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 474 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
475 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 475 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
476 168, 476 .strength_bits = 168,
477 168, 477 .alg_bits = 168,
478 }, 478 },
479 479
480/* Cipher 14 */ 480 /* Cipher 14 */
481 { 481 {
482 1, 482 .valid = 1,
483 SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, 483 .name = SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
484 SSL3_CK_EDH_RSA_DES_40_CBC_SHA, 484 .id = SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
485 SSL_kEDH, 485 .algorithm_mkey = SSL_kEDH,
486 SSL_aRSA, 486 .algorithm_auth = SSL_aRSA,
487 SSL_DES, 487 .algorithm_enc = SSL_DES,
488 SSL_SHA1, 488 .algorithm_mac = SSL_SHA1,
489 SSL_SSLV3, 489 .algorithm_ssl = SSL_SSLV3,
490 SSL_EXPORT|SSL_EXP40, 490 .algo_strength = SSL_EXPORT|SSL_EXP40,
491 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 491 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
492 40, 492 .strength_bits = 40,
493 56, 493 .alg_bits = 56,
494 }, 494 },
495 495
496/* Cipher 15 */ 496 /* Cipher 15 */
497 { 497 {
498 1, 498 .valid = 1,
499 SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, 499 .name = SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
500 SSL3_CK_EDH_RSA_DES_64_CBC_SHA, 500 .id = SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
501 SSL_kEDH, 501 .algorithm_mkey = SSL_kEDH,
502 SSL_aRSA, 502 .algorithm_auth = SSL_aRSA,
503 SSL_DES, 503 .algorithm_enc = SSL_DES,
504 SSL_SHA1, 504 .algorithm_mac = SSL_SHA1,
505 SSL_SSLV3, 505 .algorithm_ssl = SSL_SSLV3,
506 SSL_NOT_EXP|SSL_LOW, 506 .algo_strength = SSL_NOT_EXP|SSL_LOW,
507 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 507 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
508 56, 508 .strength_bits = 56,
509 56, 509 .alg_bits = 56,
510 }, 510 },
511 511
512/* Cipher 16 */ 512 /* Cipher 16 */
513 { 513 {
514 1, 514 .valid = 1,
515 SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, 515 .name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
516 SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, 516 .id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
517 SSL_kEDH, 517 .algorithm_mkey = SSL_kEDH,
518 SSL_aRSA, 518 .algorithm_auth = SSL_aRSA,
519 SSL_3DES, 519 .algorithm_enc = SSL_3DES,
520 SSL_SHA1, 520 .algorithm_mac = SSL_SHA1,
521 SSL_SSLV3, 521 .algorithm_ssl = SSL_SSLV3,
522 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 522 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
523 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 523 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
524 168, 524 .strength_bits = 168,
525 168, 525 .alg_bits = 168,
526 }, 526 },
527 527
528/* Cipher 17 */ 528 /* Cipher 17 */
529 { 529 {
530 1, 530 .valid = 1,
531 SSL3_TXT_ADH_RC4_40_MD5, 531 .name = SSL3_TXT_ADH_RC4_40_MD5,
532 SSL3_CK_ADH_RC4_40_MD5, 532 .id = SSL3_CK_ADH_RC4_40_MD5,
533 SSL_kEDH, 533 .algorithm_mkey = SSL_kEDH,
534 SSL_aNULL, 534 .algorithm_auth = SSL_aNULL,
535 SSL_RC4, 535 .algorithm_enc = SSL_RC4,
536 SSL_MD5, 536 .algorithm_mac = SSL_MD5,
537 SSL_SSLV3, 537 .algorithm_ssl = SSL_SSLV3,
538 SSL_EXPORT|SSL_EXP40, 538 .algo_strength = SSL_EXPORT|SSL_EXP40,
539 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 539 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
540 40, 540 .strength_bits = 40,
541 128, 541 .alg_bits = 128,
542 }, 542 },
543 543
544/* Cipher 18 */ 544 /* Cipher 18 */
545 { 545 {
546 1, 546 .valid = 1,
547 SSL3_TXT_ADH_RC4_128_MD5, 547 .name = SSL3_TXT_ADH_RC4_128_MD5,
548 SSL3_CK_ADH_RC4_128_MD5, 548 .id = SSL3_CK_ADH_RC4_128_MD5,
549 SSL_kEDH, 549 .algorithm_mkey = SSL_kEDH,
550 SSL_aNULL, 550 .algorithm_auth = SSL_aNULL,
551 SSL_RC4, 551 .algorithm_enc = SSL_RC4,
552 SSL_MD5, 552 .algorithm_mac = SSL_MD5,
553 SSL_SSLV3, 553 .algorithm_ssl = SSL_SSLV3,
554 SSL_NOT_EXP|SSL_MEDIUM, 554 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
555 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 555 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
556 128, 556 .strength_bits = 128,
557 128, 557 .alg_bits = 128,
558 }, 558 },
559 559
560/* Cipher 19 */ 560 /* Cipher 19 */
561 { 561 {
562 1, 562 .valid = 1,
563 SSL3_TXT_ADH_DES_40_CBC_SHA, 563 .name = SSL3_TXT_ADH_DES_40_CBC_SHA,
564 SSL3_CK_ADH_DES_40_CBC_SHA, 564 .id = SSL3_CK_ADH_DES_40_CBC_SHA,
565 SSL_kEDH, 565 .algorithm_mkey = SSL_kEDH,
566 SSL_aNULL, 566 .algorithm_auth = SSL_aNULL,
567 SSL_DES, 567 .algorithm_enc = SSL_DES,
568 SSL_SHA1, 568 .algorithm_mac = SSL_SHA1,
569 SSL_SSLV3, 569 .algorithm_ssl = SSL_SSLV3,
570 SSL_EXPORT|SSL_EXP40, 570 .algo_strength = SSL_EXPORT|SSL_EXP40,
571 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 571 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
572 40, 572 .strength_bits = 40,
573 128, 573 .alg_bits = 128,
574 }, 574 },
575 575
576/* Cipher 1A */ 576 /* Cipher 1A */
577 { 577 {
578 1, 578 .valid = 1,
579 SSL3_TXT_ADH_DES_64_CBC_SHA, 579 .name = SSL3_TXT_ADH_DES_64_CBC_SHA,
580 SSL3_CK_ADH_DES_64_CBC_SHA, 580 .id = SSL3_CK_ADH_DES_64_CBC_SHA,
581 SSL_kEDH, 581 .algorithm_mkey = SSL_kEDH,
582 SSL_aNULL, 582 .algorithm_auth = SSL_aNULL,
583 SSL_DES, 583 .algorithm_enc = SSL_DES,
584 SSL_SHA1, 584 .algorithm_mac = SSL_SHA1,
585 SSL_SSLV3, 585 .algorithm_ssl = SSL_SSLV3,
586 SSL_NOT_EXP|SSL_LOW, 586 .algo_strength = SSL_NOT_EXP|SSL_LOW,
587 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 587 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
588 56, 588 .strength_bits = 56,
589 56, 589 .alg_bits = 56,
590 }, 590 },
591 591
592/* Cipher 1B */ 592 /* Cipher 1B */
593 { 593 {
594 1, 594 .valid = 1,
595 SSL3_TXT_ADH_DES_192_CBC_SHA, 595 .name = SSL3_TXT_ADH_DES_192_CBC_SHA,
596 SSL3_CK_ADH_DES_192_CBC_SHA, 596 .id = SSL3_CK_ADH_DES_192_CBC_SHA,
597 SSL_kEDH, 597 .algorithm_mkey = SSL_kEDH,
598 SSL_aNULL, 598 .algorithm_auth = SSL_aNULL,
599 SSL_3DES, 599 .algorithm_enc = SSL_3DES,
600 SSL_SHA1, 600 .algorithm_mac = SSL_SHA1,
601 SSL_SSLV3, 601 .algorithm_ssl = SSL_SSLV3,
602 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 602 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
603 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 603 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
604 168, 604 .strength_bits = 168,
605 168, 605 .alg_bits = 168,
606 }, 606 },
607 607
608/* New AES ciphersuites */ 608 /* New AES ciphersuites */
609/* Cipher 2F */ 609 /* Cipher 2F */
610 { 610 {
611 1, 611 .valid = 1,
612 TLS1_TXT_RSA_WITH_AES_128_SHA, 612 .name = TLS1_TXT_RSA_WITH_AES_128_SHA,
613 TLS1_CK_RSA_WITH_AES_128_SHA, 613 .id = TLS1_CK_RSA_WITH_AES_128_SHA,
614 SSL_kRSA, 614 .algorithm_mkey = SSL_kRSA,
615 SSL_aRSA, 615 .algorithm_auth = SSL_aRSA,
616 SSL_AES128, 616 .algorithm_enc = SSL_AES128,
617 SSL_SHA1, 617 .algorithm_mac = SSL_SHA1,
618 SSL_TLSV1, 618 .algorithm_ssl = SSL_TLSV1,
619 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 619 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
620 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 620 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
621 128, 621 .strength_bits = 128,
622 128, 622 .alg_bits = 128,
623 }, 623 },
624/* Cipher 30 */ 624 /* Cipher 30 */
625 { 625 {
626 0, 626 .valid = 0,
627 TLS1_TXT_DH_DSS_WITH_AES_128_SHA, 627 .name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
628 TLS1_CK_DH_DSS_WITH_AES_128_SHA, 628 .id = TLS1_CK_DH_DSS_WITH_AES_128_SHA,
629 SSL_kDHd, 629 .algorithm_mkey = SSL_kDHd,
630 SSL_aDH, 630 .algorithm_auth = SSL_aDH,
631 SSL_AES128, 631 .algorithm_enc = SSL_AES128,
632 SSL_SHA1, 632 .algorithm_mac = SSL_SHA1,
633 SSL_TLSV1, 633 .algorithm_ssl = SSL_TLSV1,
634 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 634 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
635 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 635 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
636 128, 636 .strength_bits = 128,
637 128, 637 .alg_bits = 128,
638 }, 638 },
639/* Cipher 31 */ 639 /* Cipher 31 */
640 { 640 {
641 0, 641 .valid = 0,
642 TLS1_TXT_DH_RSA_WITH_AES_128_SHA, 642 .name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
643 TLS1_CK_DH_RSA_WITH_AES_128_SHA, 643 .id = TLS1_CK_DH_RSA_WITH_AES_128_SHA,
644 SSL_kDHr, 644 .algorithm_mkey = SSL_kDHr,
645 SSL_aDH, 645 .algorithm_auth = SSL_aDH,
646 SSL_AES128, 646 .algorithm_enc = SSL_AES128,
647 SSL_SHA1, 647 .algorithm_mac = SSL_SHA1,
648 SSL_TLSV1, 648 .algorithm_ssl = SSL_TLSV1,
649 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 649 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
650 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 650 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
651 128, 651 .strength_bits = 128,
652 128, 652 .alg_bits = 128,
653 }, 653 },
654/* Cipher 32 */ 654 /* Cipher 32 */
655 { 655 {
656 1, 656 .valid = 1,
657 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, 657 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
658 TLS1_CK_DHE_DSS_WITH_AES_128_SHA, 658 .id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
659 SSL_kEDH, 659 .algorithm_mkey = SSL_kEDH,
660 SSL_aDSS, 660 .algorithm_auth = SSL_aDSS,
661 SSL_AES128, 661 .algorithm_enc = SSL_AES128,
662 SSL_SHA1, 662 .algorithm_mac = SSL_SHA1,
663 SSL_TLSV1, 663 .algorithm_ssl = SSL_TLSV1,
664 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 664 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
665 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 665 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
666 128, 666 .strength_bits = 128,
667 128, 667 .alg_bits = 128,
668 }, 668 },
669/* Cipher 33 */ 669 /* Cipher 33 */
670 { 670 {
671 1, 671 .valid = 1,
672 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, 672 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
673 TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 673 .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
674 SSL_kEDH, 674 .algorithm_mkey = SSL_kEDH,
675 SSL_aRSA, 675 .algorithm_auth = SSL_aRSA,
676 SSL_AES128, 676 .algorithm_enc = SSL_AES128,
677 SSL_SHA1, 677 .algorithm_mac = SSL_SHA1,
678 SSL_TLSV1, 678 .algorithm_ssl = SSL_TLSV1,
679 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 679 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
680 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 680 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
681 128, 681 .strength_bits = 128,
682 128, 682 .alg_bits = 128,
683 }, 683 },
684/* Cipher 34 */ 684 /* Cipher 34 */
685 { 685 {
686 1, 686 .valid = 1,
687 TLS1_TXT_ADH_WITH_AES_128_SHA, 687 .name = TLS1_TXT_ADH_WITH_AES_128_SHA,
688 TLS1_CK_ADH_WITH_AES_128_SHA, 688 .id = TLS1_CK_ADH_WITH_AES_128_SHA,
689 SSL_kEDH, 689 .algorithm_mkey = SSL_kEDH,
690 SSL_aNULL, 690 .algorithm_auth = SSL_aNULL,
691 SSL_AES128, 691 .algorithm_enc = SSL_AES128,
692 SSL_SHA1, 692 .algorithm_mac = SSL_SHA1,
693 SSL_TLSV1, 693 .algorithm_ssl = SSL_TLSV1,
694 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 694 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
695 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 695 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
696 128, 696 .strength_bits = 128,
697 128, 697 .alg_bits = 128,
698 }, 698 },
699 699
700/* Cipher 35 */ 700 /* Cipher 35 */
701 { 701 {
702 1, 702 .valid = 1,
703 TLS1_TXT_RSA_WITH_AES_256_SHA, 703 .name = TLS1_TXT_RSA_WITH_AES_256_SHA,
704 TLS1_CK_RSA_WITH_AES_256_SHA, 704 .id = TLS1_CK_RSA_WITH_AES_256_SHA,
705 SSL_kRSA, 705 .algorithm_mkey = SSL_kRSA,
706 SSL_aRSA, 706 .algorithm_auth = SSL_aRSA,
707 SSL_AES256, 707 .algorithm_enc = SSL_AES256,
708 SSL_SHA1, 708 .algorithm_mac = SSL_SHA1,
709 SSL_TLSV1, 709 .algorithm_ssl = SSL_TLSV1,
710 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 710 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
711 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 711 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
712 256, 712 .strength_bits = 256,
713 256, 713 .alg_bits = 256,
714 }, 714 },
715/* Cipher 36 */ 715 /* Cipher 36 */
716 { 716 {
717 0, 717 .valid = 0,
718 TLS1_TXT_DH_DSS_WITH_AES_256_SHA, 718 .name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
719 TLS1_CK_DH_DSS_WITH_AES_256_SHA, 719 .id = TLS1_CK_DH_DSS_WITH_AES_256_SHA,
720 SSL_kDHd, 720 .algorithm_mkey = SSL_kDHd,
721 SSL_aDH, 721 .algorithm_auth = SSL_aDH,
722 SSL_AES256, 722 .algorithm_enc = SSL_AES256,
723 SSL_SHA1, 723 .algorithm_mac = SSL_SHA1,
724 SSL_TLSV1, 724 .algorithm_ssl = SSL_TLSV1,
725 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 725 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
726 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 726 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
727 256, 727 .strength_bits = 256,
728 256, 728 .alg_bits = 256,
729 }, 729 },
730 730
731/* Cipher 37 */ 731 /* Cipher 37 */
732 { 732 {
733 0, /* not implemented (non-ephemeral DH) */ 733 .valid = 0, /* not implemented (non-ephemeral DH) */
734 TLS1_TXT_DH_RSA_WITH_AES_256_SHA, 734 .name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
735 TLS1_CK_DH_RSA_WITH_AES_256_SHA, 735 .id = TLS1_CK_DH_RSA_WITH_AES_256_SHA,
736 SSL_kDHr, 736 .algorithm_mkey = SSL_kDHr,
737 SSL_aDH, 737 .algorithm_auth = SSL_aDH,
738 SSL_AES256, 738 .algorithm_enc = SSL_AES256,
739 SSL_SHA1, 739 .algorithm_mac = SSL_SHA1,
740 SSL_TLSV1, 740 .algorithm_ssl = SSL_TLSV1,
741 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 741 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
742 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 742 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
743 256, 743 .strength_bits = 256,
744 256, 744 .alg_bits = 256,
745 }, 745 },
746 746
747/* Cipher 38 */ 747 /* Cipher 38 */
748 { 748 {
749 1, 749 .valid = 1,
750 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, 750 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
751 TLS1_CK_DHE_DSS_WITH_AES_256_SHA, 751 .id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
752 SSL_kEDH, 752 .algorithm_mkey = SSL_kEDH,
753 SSL_aDSS, 753 .algorithm_auth = SSL_aDSS,
754 SSL_AES256, 754 .algorithm_enc = SSL_AES256,
755 SSL_SHA1, 755 .algorithm_mac = SSL_SHA1,
756 SSL_TLSV1, 756 .algorithm_ssl = SSL_TLSV1,
757 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 757 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
758 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 758 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
759 256, 759 .strength_bits = 256,
760 256, 760 .alg_bits = 256,
761 }, 761 },
762 762
763/* Cipher 39 */ 763 /* Cipher 39 */
764 { 764 {
765 1, 765 .valid = 1,
766 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, 766 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
767 TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 767 .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
768 SSL_kEDH, 768 .algorithm_mkey = SSL_kEDH,
769 SSL_aRSA, 769 .algorithm_auth = SSL_aRSA,
770 SSL_AES256, 770 .algorithm_enc = SSL_AES256,
771 SSL_SHA1, 771 .algorithm_mac = SSL_SHA1,
772 SSL_TLSV1, 772 .algorithm_ssl = SSL_TLSV1,
773 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 773 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
774 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 774 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
775 256, 775 .strength_bits = 256,
776 256, 776 .alg_bits = 256,
777 }, 777 },
778 778
779 /* Cipher 3A */ 779 /* Cipher 3A */
780 { 780 {
781 1, 781 .valid = 1,
782 TLS1_TXT_ADH_WITH_AES_256_SHA, 782 .name = TLS1_TXT_ADH_WITH_AES_256_SHA,
783 TLS1_CK_ADH_WITH_AES_256_SHA, 783 .id = TLS1_CK_ADH_WITH_AES_256_SHA,
784 SSL_kEDH, 784 .algorithm_mkey = SSL_kEDH,
785 SSL_aNULL, 785 .algorithm_auth = SSL_aNULL,
786 SSL_AES256, 786 .algorithm_enc = SSL_AES256,
787 SSL_SHA1, 787 .algorithm_mac = SSL_SHA1,
788 SSL_TLSV1, 788 .algorithm_ssl = SSL_TLSV1,
789 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 789 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
790 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 790 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
791 256, 791 .strength_bits = 256,
792 256, 792 .alg_bits = 256,
793 }, 793 },
794 794
795 /* TLS v1.2 ciphersuites */ 795 /* TLS v1.2 ciphersuites */
796 /* Cipher 3B */ 796 /* Cipher 3B */
797 { 797 {
798 1, 798 .valid = 1,
799 TLS1_TXT_RSA_WITH_NULL_SHA256, 799 .name = TLS1_TXT_RSA_WITH_NULL_SHA256,
800 TLS1_CK_RSA_WITH_NULL_SHA256, 800 .id = TLS1_CK_RSA_WITH_NULL_SHA256,
801 SSL_kRSA, 801 .algorithm_mkey = SSL_kRSA,
802 SSL_aRSA, 802 .algorithm_auth = SSL_aRSA,
803 SSL_eNULL, 803 .algorithm_enc = SSL_eNULL,
804 SSL_SHA256, 804 .algorithm_mac = SSL_SHA256,
805 SSL_TLSV1_2, 805 .algorithm_ssl = SSL_TLSV1_2,
806 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 806 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
807 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 807 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
808 0, 808 .strength_bits = 0,
809 0, 809 .alg_bits = 0,
810 }, 810 },
811 811
812 /* Cipher 3C */ 812 /* Cipher 3C */
813 { 813 {
814 1, 814 .valid = 1,
815 TLS1_TXT_RSA_WITH_AES_128_SHA256, 815 .name = TLS1_TXT_RSA_WITH_AES_128_SHA256,
816 TLS1_CK_RSA_WITH_AES_128_SHA256, 816 .id = TLS1_CK_RSA_WITH_AES_128_SHA256,
817 SSL_kRSA, 817 .algorithm_mkey = SSL_kRSA,
818 SSL_aRSA, 818 .algorithm_auth = SSL_aRSA,
819 SSL_AES128, 819 .algorithm_enc = SSL_AES128,
820 SSL_SHA256, 820 .algorithm_mac = SSL_SHA256,
821 SSL_TLSV1_2, 821 .algorithm_ssl = SSL_TLSV1_2,
822 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 822 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
823 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 823 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
824 128, 824 .strength_bits = 128,
825 128, 825 .alg_bits = 128,
826 }, 826 },
827 827
828 /* Cipher 3D */ 828 /* Cipher 3D */
829 { 829 {
830 1, 830 .valid = 1,
831 TLS1_TXT_RSA_WITH_AES_256_SHA256, 831 .name = TLS1_TXT_RSA_WITH_AES_256_SHA256,
832 TLS1_CK_RSA_WITH_AES_256_SHA256, 832 .id = TLS1_CK_RSA_WITH_AES_256_SHA256,
833 SSL_kRSA, 833 .algorithm_mkey = SSL_kRSA,
834 SSL_aRSA, 834 .algorithm_auth = SSL_aRSA,
835 SSL_AES256, 835 .algorithm_enc = SSL_AES256,
836 SSL_SHA256, 836 .algorithm_mac = SSL_SHA256,
837 SSL_TLSV1_2, 837 .algorithm_ssl = SSL_TLSV1_2,
838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 838 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
839 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 839 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
840 256, 840 .strength_bits = 256,
841 256, 841 .alg_bits = 256,
842 }, 842 },
843 843
844 /* Cipher 3E */ 844 /* Cipher 3E */
845 { 845 {
846 0, /* not implemented (non-ephemeral DH) */ 846 .valid = 0, /* not implemented (non-ephemeral DH) */
847 TLS1_TXT_DH_DSS_WITH_AES_128_SHA256, 847 .name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
848 TLS1_CK_DH_DSS_WITH_AES_128_SHA256, 848 .id = TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
849 SSL_kDHd, 849 .algorithm_mkey = SSL_kDHd,
850 SSL_aDH, 850 .algorithm_auth = SSL_aDH,
851 SSL_AES128, 851 .algorithm_enc = SSL_AES128,
852 SSL_SHA256, 852 .algorithm_mac = SSL_SHA256,
853 SSL_TLSV1_2, 853 .algorithm_ssl = SSL_TLSV1_2,
854 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 854 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
855 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 855 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
856 128, 856 .strength_bits = 128,
857 128, 857 .alg_bits = 128,
858 }, 858 },
859 859
860 /* Cipher 3F */ 860 /* Cipher 3F */
861 { 861 {
862 0, /* not implemented (non-ephemeral DH) */ 862 .valid = 0, /* not implemented (non-ephemeral DH) */
863 TLS1_TXT_DH_RSA_WITH_AES_128_SHA256, 863 .name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
864 TLS1_CK_DH_RSA_WITH_AES_128_SHA256, 864 .id = TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
865 SSL_kDHr, 865 .algorithm_mkey = SSL_kDHr,
866 SSL_aDH, 866 .algorithm_auth = SSL_aDH,
867 SSL_AES128, 867 .algorithm_enc = SSL_AES128,
868 SSL_SHA256, 868 .algorithm_mac = SSL_SHA256,
869 SSL_TLSV1_2, 869 .algorithm_ssl = SSL_TLSV1_2,
870 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 870 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
871 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 871 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
872 128, 872 .strength_bits = 128,
873 128, 873 .alg_bits = 128,
874 }, 874 },
875 875
876 /* Cipher 40 */ 876 /* Cipher 40 */
877 { 877 {
878 1, 878 .valid = 1,
879 TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256, 879 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
880 TLS1_CK_DHE_DSS_WITH_AES_128_SHA256, 880 .id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
881 SSL_kEDH, 881 .algorithm_mkey = SSL_kEDH,
882 SSL_aDSS, 882 .algorithm_auth = SSL_aDSS,
883 SSL_AES128, 883 .algorithm_enc = SSL_AES128,
884 SSL_SHA256, 884 .algorithm_mac = SSL_SHA256,
885 SSL_TLSV1_2, 885 .algorithm_ssl = SSL_TLSV1_2,
886 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 886 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
887 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 887 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
888 128, 888 .strength_bits = 128,
889 128, 889 .alg_bits = 128,
890 }, 890 },
891 891
892#ifndef OPENSSL_NO_CAMELLIA 892#ifndef OPENSSL_NO_CAMELLIA
@@ -894,271 +894,273 @@ SSL_CIPHER ssl3_ciphers[] = {
894 894
895 /* Cipher 41 */ 895 /* Cipher 41 */
896 { 896 {
897 1, 897 .valid = 1,
898 TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA, 898 .name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
899 TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA, 899 .id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
900 SSL_kRSA, 900 .algorithm_mkey = SSL_kRSA,
901 SSL_aRSA, 901 .algorithm_auth = SSL_aRSA,
902 SSL_CAMELLIA128, 902 .algorithm_enc = SSL_CAMELLIA128,
903 SSL_SHA1, 903 .algorithm_mac = SSL_SHA1,
904 SSL_TLSV1, 904 .algorithm_ssl = SSL_TLSV1,
905 SSL_NOT_EXP|SSL_HIGH, 905 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
906 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 906 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
907 128, 907 .strength_bits = 128,
908 128, 908 .alg_bits = 128,
909 }, 909 },
910 910
911 /* Cipher 42 */ 911 /* Cipher 42 */
912 { 912 {
913 0, /* not implemented (non-ephemeral DH) */ 913 .valid = 0, /* not implemented (non-ephemeral DH) */
914 TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 914 .name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
915 TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 915 .id = TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
916 SSL_kDHd, 916 .algorithm_mkey = SSL_kDHd,
917 SSL_aDH, 917 .algorithm_auth = SSL_aDH,
918 SSL_CAMELLIA128, 918 .algorithm_enc = SSL_CAMELLIA128,
919 SSL_SHA1, 919 .algorithm_mac = SSL_SHA1,
920 SSL_TLSV1, 920 .algorithm_ssl = SSL_TLSV1,
921 SSL_NOT_EXP|SSL_HIGH, 921 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
922 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 922 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
923 128, 923 .strength_bits = 128,
924 128, 924 .alg_bits = 128,
925 }, 925 },
926 926
927 /* Cipher 43 */ 927 /* Cipher 43 */
928 { 928 {
929 0, /* not implemented (non-ephemeral DH) */ 929 .valid = 0, /* not implemented (non-ephemeral DH) */
930 TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 930 .name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
931 TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 931 .id = TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
932 SSL_kDHr, 932 .algorithm_mkey = SSL_kDHr,
933 SSL_aDH, 933 .algorithm_auth = SSL_aDH,
934 SSL_CAMELLIA128, 934 .algorithm_enc = SSL_CAMELLIA128,
935 SSL_SHA1, 935 .algorithm_mac = SSL_SHA1,
936 SSL_TLSV1, 936 .algorithm_ssl = SSL_TLSV1,
937 SSL_NOT_EXP|SSL_HIGH, 937 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
938 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 938 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
939 128, 939 .strength_bits = 128,
940 128, 940 .alg_bits = 128,
941 }, 941 },
942 942
943 /* Cipher 44 */ 943 /* Cipher 44 */
944 { 944 {
945 1, 945 .valid = 1,
946 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 946 .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
947 TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 947 .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
948 SSL_kEDH, 948 .algorithm_mkey = SSL_kEDH,
949 SSL_aDSS, 949 .algorithm_auth = SSL_aDSS,
950 SSL_CAMELLIA128, 950 .algorithm_enc = SSL_CAMELLIA128,
951 SSL_SHA1, 951 .algorithm_mac = SSL_SHA1,
952 SSL_TLSV1, 952 .algorithm_ssl = SSL_TLSV1,
953 SSL_NOT_EXP|SSL_HIGH, 953 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
954 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 954 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
955 128, 955 .strength_bits = 128,
956 128, 956 .alg_bits = 128,
957 }, 957 },
958 958
959 /* Cipher 45 */ 959 /* Cipher 45 */
960 { 960 {
961 1, 961 .valid = 1,
962 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 962 .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
963 TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 963 .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
964 SSL_kEDH, 964 .algorithm_mkey = SSL_kEDH,
965 SSL_aRSA, 965 .algorithm_auth = SSL_aRSA,
966 SSL_CAMELLIA128, 966 .algorithm_enc = SSL_CAMELLIA128,
967 SSL_SHA1, 967 .algorithm_mac = SSL_SHA1,
968 SSL_TLSV1, 968 .algorithm_ssl = SSL_TLSV1,
969 SSL_NOT_EXP|SSL_HIGH, 969 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
970 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 970 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
971 128, 971 .strength_bits = 128,
972 128, 972 .alg_bits = 128,
973 }, 973 },
974 974
975 /* Cipher 46 */ 975 /* Cipher 46 */
976 { 976 {
977 1, 977 .valid = 1,
978 TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA, 978 .name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
979 TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA, 979 .id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
980 SSL_kEDH, 980 .algorithm_mkey = SSL_kEDH,
981 SSL_aNULL, 981 .algorithm_auth = SSL_aNULL,
982 SSL_CAMELLIA128, 982 .algorithm_enc = SSL_CAMELLIA128,
983 SSL_SHA1, 983 .algorithm_mac = SSL_SHA1,
984 SSL_TLSV1, 984 .algorithm_ssl = SSL_TLSV1,
985 SSL_NOT_EXP|SSL_HIGH, 985 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
986 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 986 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
987 128, 987 .strength_bits = 128,
988 128, 988 .alg_bits = 128,
989 }, 989 },
990#endif /* OPENSSL_NO_CAMELLIA */ 990#endif /* OPENSSL_NO_CAMELLIA */
991 991
992 /* TLS v1.2 ciphersuites */ 992 /* TLS v1.2 ciphersuites */
993 /* Cipher 67 */ 993 /* Cipher 67 */
994 { 994 {
995 1, 995 .valid = 1,
996 TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256, 996 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
997 TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 997 .id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
998 SSL_kEDH, 998 .algorithm_mkey = SSL_kEDH,
999 SSL_aRSA, 999 .algorithm_auth = SSL_aRSA,
1000 SSL_AES128, 1000 .algorithm_enc = SSL_AES128,
1001 SSL_SHA256, 1001 .algorithm_mac = SSL_SHA256,
1002 SSL_TLSV1_2, 1002 .algorithm_ssl = SSL_TLSV1_2,
1003 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1003 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1004 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1004 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1005 128, 1005 .strength_bits = 128,
1006 128, 1006 .alg_bits = 128,
1007 }, 1007 },
1008 1008
1009 /* Cipher 68 */ 1009 /* Cipher 68 */
1010 { 1010 {
1011 0, /* not implemented (non-ephemeral DH) */ 1011 .valid = 0, /* not implemented (non-ephemeral DH) */
1012 TLS1_TXT_DH_DSS_WITH_AES_256_SHA256, 1012 .name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1013 TLS1_CK_DH_DSS_WITH_AES_256_SHA256, 1013 .id = TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1014 SSL_kDHd, 1014 .algorithm_mkey = SSL_kDHd,
1015 SSL_aDH, 1015 .algorithm_auth = SSL_aDH,
1016 SSL_AES256, 1016 .algorithm_enc = SSL_AES256,
1017 SSL_SHA256, 1017 .algorithm_mac = SSL_SHA256,
1018 SSL_TLSV1_2, 1018 .algorithm_ssl = SSL_TLSV1_2,
1019 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1019 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1020 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1020 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1021 256, 1021 .strength_bits = 256,
1022 256, 1022 .alg_bits = 256,
1023 }, 1023 },
1024 1024
1025 /* Cipher 69 */ 1025 /* Cipher 69 */
1026 { 1026 {
1027 0, /* not implemented (non-ephemeral DH) */ 1027 .valid = 0, /* not implemented (non-ephemeral DH) */
1028 TLS1_TXT_DH_RSA_WITH_AES_256_SHA256, 1028 .name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1029 TLS1_CK_DH_RSA_WITH_AES_256_SHA256, 1029 .id = TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1030 SSL_kDHr, 1030 .algorithm_mkey = SSL_kDHr,
1031 SSL_aDH, 1031 .algorithm_auth = SSL_aDH,
1032 SSL_AES256, 1032 .algorithm_enc = SSL_AES256,
1033 SSL_SHA256, 1033 .algorithm_mac = SSL_SHA256,
1034 SSL_TLSV1_2, 1034 .algorithm_ssl = SSL_TLSV1_2,
1035 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1035 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1036 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1036 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1037 256, 1037 .strength_bits = 256,
1038 256, 1038 .alg_bits = 256,
1039 }, 1039 },
1040 1040
1041 /* Cipher 6A */ 1041 /* Cipher 6A */
1042 { 1042 {
1043 1, 1043 .valid = 1,
1044 TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256, 1044 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1045 TLS1_CK_DHE_DSS_WITH_AES_256_SHA256, 1045 .id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1046 SSL_kEDH, 1046 .algorithm_mkey = SSL_kEDH,
1047 SSL_aDSS, 1047 .algorithm_auth = SSL_aDSS,
1048 SSL_AES256, 1048 .algorithm_enc = SSL_AES256,
1049 SSL_SHA256, 1049 .algorithm_mac = SSL_SHA256,
1050 SSL_TLSV1_2, 1050 .algorithm_ssl = SSL_TLSV1_2,
1051 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1051 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1052 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1052 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1053 256, 1053 .strength_bits = 256,
1054 256, 1054 .alg_bits = 256,
1055 }, 1055 },
1056 1056
1057 /* Cipher 6B */ 1057 /* Cipher 6B */
1058 { 1058 {
1059 1, 1059 .valid = 1,
1060 TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256, 1060 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1061 TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 1061 .id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1062 SSL_kEDH, 1062 .algorithm_mkey = SSL_kEDH,
1063 SSL_aRSA, 1063 .algorithm_auth = SSL_aRSA,
1064 SSL_AES256, 1064 .algorithm_enc = SSL_AES256,
1065 SSL_SHA256, 1065 .algorithm_mac = SSL_SHA256,
1066 SSL_TLSV1_2, 1066 .algorithm_ssl = SSL_TLSV1_2,
1067 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1067 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1068 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1068 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1069 256, 1069 .strength_bits = 256,
1070 256, 1070 .alg_bits = 256,
1071 }, 1071 },
1072 1072
1073 /* Cipher 6C */ 1073 /* Cipher 6C */
1074 { 1074 {
1075 1, 1075 .valid = 1,
1076 TLS1_TXT_ADH_WITH_AES_128_SHA256, 1076 .name = TLS1_TXT_ADH_WITH_AES_128_SHA256,
1077 TLS1_CK_ADH_WITH_AES_128_SHA256, 1077 .id = TLS1_CK_ADH_WITH_AES_128_SHA256,
1078 SSL_kEDH, 1078 .algorithm_mkey = SSL_kEDH,
1079 SSL_aNULL, 1079 .algorithm_auth = SSL_aNULL,
1080 SSL_AES128, 1080 .algorithm_enc = SSL_AES128,
1081 SSL_SHA256, 1081 .algorithm_mac = SSL_SHA256,
1082 SSL_TLSV1_2, 1082 .algorithm_ssl = SSL_TLSV1_2,
1083 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1083 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1084 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1084 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1085 128, 1085 .strength_bits = 128,
1086 128, 1086 .alg_bits = 128,
1087 }, 1087 },
1088 1088
1089 /* Cipher 6D */ 1089 /* Cipher 6D */
1090 { 1090 {
1091 1, 1091 .valid = 1,
1092 TLS1_TXT_ADH_WITH_AES_256_SHA256, 1092 .name = TLS1_TXT_ADH_WITH_AES_256_SHA256,
1093 TLS1_CK_ADH_WITH_AES_256_SHA256, 1093 .id = TLS1_CK_ADH_WITH_AES_256_SHA256,
1094 SSL_kEDH, 1094 .algorithm_mkey = SSL_kEDH,
1095 SSL_aNULL, 1095 .algorithm_auth = SSL_aNULL,
1096 SSL_AES256, 1096 .algorithm_enc = SSL_AES256,
1097 SSL_SHA256, 1097 .algorithm_mac = SSL_SHA256,
1098 SSL_TLSV1_2, 1098 .algorithm_ssl = SSL_TLSV1_2,
1099 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1099 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1100 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1100 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1101 256, 1101 .strength_bits = 256,
1102 256, 1102 .alg_bits = 256,
1103 }, 1103 },
1104 1104
1105 /* GOST Ciphersuites */ 1105 /* GOST Ciphersuites */
1106 1106
1107 { 1107 {
1108 1, 1108 .valid = 1,
1109 "GOST94-GOST89-GOST89", 1109 .name = "GOST94-GOST89-GOST89",
1110 0x3000080, 1110 .id = 0x3000080,
1111 SSL_kGOST, 1111 .algorithm_mkey = SSL_kGOST,
1112 SSL_aGOST94, 1112 .algorithm_auth = SSL_aGOST94,
1113 SSL_eGOST2814789CNT, 1113 .algorithm_enc = SSL_eGOST2814789CNT,
1114 SSL_GOST89MAC, 1114 .algorithm_mac = SSL_GOST89MAC,
1115 SSL_TLSV1, 1115 .algorithm_ssl = SSL_TLSV1,
1116 SSL_NOT_EXP|SSL_HIGH, 1116 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1117 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1117 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
1118 256, 1118 TLS1_STREAM_MAC,
1119 256 1119 .strength_bits = 256,
1120 }, 1120 .alg_bits = 256
1121 { 1121 },
1122 1, 1122 {
1123 "GOST2001-GOST89-GOST89", 1123 .valid = 1,
1124 0x3000081, 1124 .name = "GOST2001-GOST89-GOST89",
1125 SSL_kGOST, 1125 .id = 0x3000081,
1126 SSL_aGOST01, 1126 .algorithm_mkey = SSL_kGOST,
1127 SSL_eGOST2814789CNT, 1127 .algorithm_auth = SSL_aGOST01,
1128 SSL_GOST89MAC, 1128 .algorithm_enc = SSL_eGOST2814789CNT,
1129 SSL_TLSV1, 1129 .algorithm_mac = SSL_GOST89MAC,
1130 SSL_NOT_EXP|SSL_HIGH, 1130 .algorithm_ssl = SSL_TLSV1,
1131 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC, 1131 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1132 256, 1132 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
1133 256 1133 TLS1_STREAM_MAC,
1134 }, 1134 .strength_bits = 256,
1135 { 1135 .alg_bits = 256
1136 1, 1136 },
1137 "GOST94-NULL-GOST94", 1137 {
1138 0x3000082, 1138 .valid = 1,
1139 SSL_kGOST, 1139 .name = "GOST94-NULL-GOST94",
1140 SSL_aGOST94, 1140 .id = 0x3000082,
1141 SSL_eNULL, 1141 .algorithm_mkey = SSL_kGOST,
1142 SSL_GOST94, 1142 .algorithm_auth = SSL_aGOST94,
1143 SSL_TLSV1, 1143 .algorithm_enc = SSL_eNULL,
1144 SSL_NOT_EXP|SSL_STRONG_NONE, 1144 .algorithm_mac = SSL_GOST94,
1145 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1145 .algorithm_ssl = SSL_TLSV1,
1146 0, 1146 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
1147 0 1147 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1148 }, 1148 .strength_bits = 0,
1149 { 1149 .alg_bits = 0
1150 1, 1150 },
1151 "GOST2001-NULL-GOST94", 1151 {
1152 0x3000083, 1152 .valid = 1,
1153 SSL_kGOST, 1153 .name = "GOST2001-NULL-GOST94",
1154 SSL_aGOST01, 1154 .id = 0x3000083,
1155 SSL_eNULL, 1155 .algorithm_mkey = SSL_kGOST,
1156 SSL_GOST94, 1156 .algorithm_auth = SSL_aGOST01,
1157 SSL_TLSV1, 1157 .algorithm_enc = SSL_eNULL,
1158 SSL_NOT_EXP|SSL_STRONG_NONE, 1158 .algorithm_mac = SSL_GOST94,
1159 SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, 1159 .algorithm_ssl = SSL_TLSV1,
1160 0, 1160 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
1161 0 1161 .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1162 .strength_bits = 0,
1163 .alg_bits = 0
1162 }, 1164 },
1163 1165
1164#ifndef OPENSSL_NO_CAMELLIA 1166#ifndef OPENSSL_NO_CAMELLIA
@@ -1166,163 +1168,164 @@ SSL_CIPHER ssl3_ciphers[] = {
1166 1168
1167 /* Cipher 84 */ 1169 /* Cipher 84 */
1168 { 1170 {
1169 1, 1171 .valid = 1,
1170 TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA, 1172 .name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1171 TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA, 1173 .id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1172 SSL_kRSA, 1174 .algorithm_mkey = SSL_kRSA,
1173 SSL_aRSA, 1175 .algorithm_auth = SSL_aRSA,
1174 SSL_CAMELLIA256, 1176 .algorithm_enc = SSL_CAMELLIA256,
1175 SSL_SHA1, 1177 .algorithm_mac = SSL_SHA1,
1176 SSL_TLSV1, 1178 .algorithm_ssl = SSL_TLSV1,
1177 SSL_NOT_EXP|SSL_HIGH, 1179 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1178 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1180 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1179 256, 1181 .strength_bits = 256,
1180 256, 1182 .alg_bits = 256,
1181 }, 1183 },
1184
1182 /* Cipher 85 */ 1185 /* Cipher 85 */
1183 { 1186 {
1184 0, /* not implemented (non-ephemeral DH) */ 1187 .valid = 0, /* not implemented (non-ephemeral DH) */
1185 TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1188 .name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1186 TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 1189 .id = TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1187 SSL_kDHd, 1190 .algorithm_mkey = SSL_kDHd,
1188 SSL_aDH, 1191 .algorithm_auth = SSL_aDH,
1189 SSL_CAMELLIA256, 1192 .algorithm_enc = SSL_CAMELLIA256,
1190 SSL_SHA1, 1193 .algorithm_mac = SSL_SHA1,
1191 SSL_TLSV1, 1194 .algorithm_ssl = SSL_TLSV1,
1192 SSL_NOT_EXP|SSL_HIGH, 1195 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1193 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1196 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1194 256, 1197 .strength_bits = 256,
1195 256, 1198 .alg_bits = 256,
1196 }, 1199 },
1197 1200
1198 /* Cipher 86 */ 1201 /* Cipher 86 */
1199 { 1202 {
1200 0, /* not implemented (non-ephemeral DH) */ 1203 .valid = 0, /* not implemented (non-ephemeral DH) */
1201 TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1204 .name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1202 TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 1205 .id = TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1203 SSL_kDHr, 1206 .algorithm_mkey = SSL_kDHr,
1204 SSL_aDH, 1207 .algorithm_auth = SSL_aDH,
1205 SSL_CAMELLIA256, 1208 .algorithm_enc = SSL_CAMELLIA256,
1206 SSL_SHA1, 1209 .algorithm_mac = SSL_SHA1,
1207 SSL_TLSV1, 1210 .algorithm_ssl = SSL_TLSV1,
1208 SSL_NOT_EXP|SSL_HIGH, 1211 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1209 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1212 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1210 256, 1213 .strength_bits = 256,
1211 256, 1214 .alg_bits = 256,
1212 }, 1215 },
1213 1216
1214 /* Cipher 87 */ 1217 /* Cipher 87 */
1215 { 1218 {
1216 1, 1219 .valid = 1,
1217 TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1220 .name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1218 TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 1221 .id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1219 SSL_kEDH, 1222 .algorithm_mkey = SSL_kEDH,
1220 SSL_aDSS, 1223 .algorithm_auth = SSL_aDSS,
1221 SSL_CAMELLIA256, 1224 .algorithm_enc = SSL_CAMELLIA256,
1222 SSL_SHA1, 1225 .algorithm_mac = SSL_SHA1,
1223 SSL_TLSV1, 1226 .algorithm_ssl = SSL_TLSV1,
1224 SSL_NOT_EXP|SSL_HIGH, 1227 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1225 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1228 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1226 256, 1229 .strength_bits = 256,
1227 256, 1230 .alg_bits = 256,
1228 }, 1231 },
1229 1232
1230 /* Cipher 88 */ 1233 /* Cipher 88 */
1231 { 1234 {
1232 1, 1235 .valid = 1,
1233 TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1236 .name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1234 TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 1237 .id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1235 SSL_kEDH, 1238 .algorithm_mkey = SSL_kEDH,
1236 SSL_aRSA, 1239 .algorithm_auth = SSL_aRSA,
1237 SSL_CAMELLIA256, 1240 .algorithm_enc = SSL_CAMELLIA256,
1238 SSL_SHA1, 1241 .algorithm_mac = SSL_SHA1,
1239 SSL_TLSV1, 1242 .algorithm_ssl = SSL_TLSV1,
1240 SSL_NOT_EXP|SSL_HIGH, 1243 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1241 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1244 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1242 256, 1245 .strength_bits = 256,
1243 256, 1246 .alg_bits = 256,
1244 }, 1247 },
1245 1248
1246 /* Cipher 89 */ 1249 /* Cipher 89 */
1247 { 1250 {
1248 1, 1251 .valid = 1,
1249 TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA, 1252 .name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1250 TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA, 1253 .id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1251 SSL_kEDH, 1254 .algorithm_mkey = SSL_kEDH,
1252 SSL_aNULL, 1255 .algorithm_auth = SSL_aNULL,
1253 SSL_CAMELLIA256, 1256 .algorithm_enc = SSL_CAMELLIA256,
1254 SSL_SHA1, 1257 .algorithm_mac = SSL_SHA1,
1255 SSL_TLSV1, 1258 .algorithm_ssl = SSL_TLSV1,
1256 SSL_NOT_EXP|SSL_HIGH, 1259 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
1257 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1260 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1258 256, 1261 .strength_bits = 256,
1259 256, 1262 .alg_bits = 256,
1260 }, 1263 },
1261#endif /* OPENSSL_NO_CAMELLIA */ 1264#endif /* OPENSSL_NO_CAMELLIA */
1262 1265
1263#ifndef OPENSSL_NO_PSK 1266#ifndef OPENSSL_NO_PSK
1264 /* Cipher 8A */ 1267 /* Cipher 8A */
1265 { 1268 {
1266 1, 1269 .valid = 1,
1267 TLS1_TXT_PSK_WITH_RC4_128_SHA, 1270 .name = TLS1_TXT_PSK_WITH_RC4_128_SHA,
1268 TLS1_CK_PSK_WITH_RC4_128_SHA, 1271 .id = TLS1_CK_PSK_WITH_RC4_128_SHA,
1269 SSL_kPSK, 1272 .algorithm_mkey = SSL_kPSK,
1270 SSL_aPSK, 1273 .algorithm_auth = SSL_aPSK,
1271 SSL_RC4, 1274 .algorithm_enc = SSL_RC4,
1272 SSL_SHA1, 1275 .algorithm_mac = SSL_SHA1,
1273 SSL_TLSV1, 1276 .algorithm_ssl = SSL_TLSV1,
1274 SSL_NOT_EXP|SSL_MEDIUM, 1277 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1275 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1278 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1276 128, 1279 .strength_bits = 128,
1277 128, 1280 .alg_bits = 128,
1278 }, 1281 },
1279 1282
1280 /* Cipher 8B */ 1283 /* Cipher 8B */
1281 { 1284 {
1282 1, 1285 .valid = 1,
1283 TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA, 1286 .name = TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1284 TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA, 1287 .id = TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1285 SSL_kPSK, 1288 .algorithm_mkey = SSL_kPSK,
1286 SSL_aPSK, 1289 .algorithm_auth = SSL_aPSK,
1287 SSL_3DES, 1290 .algorithm_enc = SSL_3DES,
1288 SSL_SHA1, 1291 .algorithm_mac = SSL_SHA1,
1289 SSL_TLSV1, 1292 .algorithm_ssl = SSL_TLSV1,
1290 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1293 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1291 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1294 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1292 168, 1295 .strength_bits = 168,
1293 168, 1296 .alg_bits = 168,
1294 }, 1297 },
1295 1298
1296 /* Cipher 8C */ 1299 /* Cipher 8C */
1297 { 1300 {
1298 1, 1301 .valid = 1,
1299 TLS1_TXT_PSK_WITH_AES_128_CBC_SHA, 1302 .name = TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1300 TLS1_CK_PSK_WITH_AES_128_CBC_SHA, 1303 .id = TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1301 SSL_kPSK, 1304 .algorithm_mkey = SSL_kPSK,
1302 SSL_aPSK, 1305 .algorithm_auth = SSL_aPSK,
1303 SSL_AES128, 1306 .algorithm_enc = SSL_AES128,
1304 SSL_SHA1, 1307 .algorithm_mac = SSL_SHA1,
1305 SSL_TLSV1, 1308 .algorithm_ssl = SSL_TLSV1,
1306 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1309 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1307 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1310 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1308 128, 1311 .strength_bits = 128,
1309 128, 1312 .alg_bits = 128,
1310 }, 1313 },
1311 1314
1312 /* Cipher 8D */ 1315 /* Cipher 8D */
1313 { 1316 {
1314 1, 1317 .valid = 1,
1315 TLS1_TXT_PSK_WITH_AES_256_CBC_SHA, 1318 .name = TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1316 TLS1_CK_PSK_WITH_AES_256_CBC_SHA, 1319 .id = TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1317 SSL_kPSK, 1320 .algorithm_mkey = SSL_kPSK,
1318 SSL_aPSK, 1321 .algorithm_auth = SSL_aPSK,
1319 SSL_AES256, 1322 .algorithm_enc = SSL_AES256,
1320 SSL_SHA1, 1323 .algorithm_mac = SSL_SHA1,
1321 SSL_TLSV1, 1324 .algorithm_ssl = SSL_TLSV1,
1322 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1325 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1323 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1326 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1324 256, 1327 .strength_bits = 256,
1325 256, 1328 .alg_bits = 256,
1326 }, 1329 },
1327#endif /* OPENSSL_NO_PSK */ 1330#endif /* OPENSSL_NO_PSK */
1328 1331
@@ -1330,595 +1333,595 @@ SSL_CIPHER ssl3_ciphers[] = {
1330 1333
1331 /* Cipher 9C */ 1334 /* Cipher 9C */
1332 { 1335 {
1333 1, 1336 .valid = 1,
1334 TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256, 1337 .name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1335 TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 1338 .id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1336 SSL_kRSA, 1339 .algorithm_mkey = SSL_kRSA,
1337 SSL_aRSA, 1340 .algorithm_auth = SSL_aRSA,
1338 SSL_AES128GCM, 1341 .algorithm_enc = SSL_AES128GCM,
1339 SSL_AEAD, 1342 .algorithm_mac = SSL_AEAD,
1340 SSL_TLSV1_2, 1343 .algorithm_ssl = SSL_TLSV1_2,
1341 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1344 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1342 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1345 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1343 128, 1346 .strength_bits = 128,
1344 128, 1347 .alg_bits = 128,
1345 }, 1348 },
1346 1349
1347 /* Cipher 9D */ 1350 /* Cipher 9D */
1348 { 1351 {
1349 1, 1352 .valid = 1,
1350 TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384, 1353 .name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1351 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 1354 .id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1352 SSL_kRSA, 1355 .algorithm_mkey = SSL_kRSA,
1353 SSL_aRSA, 1356 .algorithm_auth = SSL_aRSA,
1354 SSL_AES256GCM, 1357 .algorithm_enc = SSL_AES256GCM,
1355 SSL_AEAD, 1358 .algorithm_mac = SSL_AEAD,
1356 SSL_TLSV1_2, 1359 .algorithm_ssl = SSL_TLSV1_2,
1357 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1360 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1358 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1361 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1359 256, 1362 .strength_bits = 256,
1360 256, 1363 .alg_bits = 256,
1361 }, 1364 },
1362 1365
1363 /* Cipher 9E */ 1366 /* Cipher 9E */
1364 { 1367 {
1365 1, 1368 .valid = 1,
1366 TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256, 1369 .name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1367 TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 1370 .id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1368 SSL_kEDH, 1371 .algorithm_mkey = SSL_kEDH,
1369 SSL_aRSA, 1372 .algorithm_auth = SSL_aRSA,
1370 SSL_AES128GCM, 1373 .algorithm_enc = SSL_AES128GCM,
1371 SSL_AEAD, 1374 .algorithm_mac = SSL_AEAD,
1372 SSL_TLSV1_2, 1375 .algorithm_ssl = SSL_TLSV1_2,
1373 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1376 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1374 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1377 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1375 128, 1378 .strength_bits = 128,
1376 128, 1379 .alg_bits = 128,
1377 }, 1380 },
1378 1381
1379 /* Cipher 9F */ 1382 /* Cipher 9F */
1380 { 1383 {
1381 1, 1384 .valid = 1,
1382 TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384, 1385 .name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1383 TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 1386 .id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1384 SSL_kEDH, 1387 .algorithm_mkey = SSL_kEDH,
1385 SSL_aRSA, 1388 .algorithm_auth = SSL_aRSA,
1386 SSL_AES256GCM, 1389 .algorithm_enc = SSL_AES256GCM,
1387 SSL_AEAD, 1390 .algorithm_mac = SSL_AEAD,
1388 SSL_TLSV1_2, 1391 .algorithm_ssl = SSL_TLSV1_2,
1389 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1392 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1390 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1393 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1391 256, 1394 .strength_bits = 256,
1392 256, 1395 .alg_bits = 256,
1393 }, 1396 },
1394 1397
1395 /* Cipher A0 */ 1398 /* Cipher A0 */
1396 { 1399 {
1397 0, 1400 .valid = 0,
1398 TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256, 1401 .name = TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1399 TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256, 1402 .id = TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1400 SSL_kDHr, 1403 .algorithm_mkey = SSL_kDHr,
1401 SSL_aDH, 1404 .algorithm_auth = SSL_aDH,
1402 SSL_AES128GCM, 1405 .algorithm_enc = SSL_AES128GCM,
1403 SSL_AEAD, 1406 .algorithm_mac = SSL_AEAD,
1404 SSL_TLSV1_2, 1407 .algorithm_ssl = SSL_TLSV1_2,
1405 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1408 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1406 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1409 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1407 128, 1410 .strength_bits = 128,
1408 128, 1411 .alg_bits = 128,
1409 }, 1412 },
1410 1413
1411 /* Cipher A1 */ 1414 /* Cipher A1 */
1412 { 1415 {
1413 0, 1416 .valid = 0,
1414 TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384, 1417 .name = TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1415 TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384, 1418 .id = TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1416 SSL_kDHr, 1419 .algorithm_mkey = SSL_kDHr,
1417 SSL_aDH, 1420 .algorithm_auth = SSL_aDH,
1418 SSL_AES256GCM, 1421 .algorithm_enc = SSL_AES256GCM,
1419 SSL_AEAD, 1422 .algorithm_mac = SSL_AEAD,
1420 SSL_TLSV1_2, 1423 .algorithm_ssl = SSL_TLSV1_2,
1421 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1424 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1422 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1425 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1423 256, 1426 .strength_bits = 256,
1424 256, 1427 .alg_bits = 256,
1425 }, 1428 },
1426 1429
1427 /* Cipher A2 */ 1430 /* Cipher A2 */
1428 { 1431 {
1429 1, 1432 .valid = 1,
1430 TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256, 1433 .name = TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1431 TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256, 1434 .id = TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1432 SSL_kEDH, 1435 .algorithm_mkey = SSL_kEDH,
1433 SSL_aDSS, 1436 .algorithm_auth = SSL_aDSS,
1434 SSL_AES128GCM, 1437 .algorithm_enc = SSL_AES128GCM,
1435 SSL_AEAD, 1438 .algorithm_mac = SSL_AEAD,
1436 SSL_TLSV1_2, 1439 .algorithm_ssl = SSL_TLSV1_2,
1437 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1440 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1438 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1441 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1439 128, 1442 .strength_bits = 128,
1440 128, 1443 .alg_bits = 128,
1441 }, 1444 },
1442 1445
1443 /* Cipher A3 */ 1446 /* Cipher A3 */
1444 { 1447 {
1445 1, 1448 .valid = 1,
1446 TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384, 1449 .name = TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1447 TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384, 1450 .id = TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1448 SSL_kEDH, 1451 .algorithm_mkey = SSL_kEDH,
1449 SSL_aDSS, 1452 .algorithm_auth = SSL_aDSS,
1450 SSL_AES256GCM, 1453 .algorithm_enc = SSL_AES256GCM,
1451 SSL_AEAD, 1454 .algorithm_mac = SSL_AEAD,
1452 SSL_TLSV1_2, 1455 .algorithm_ssl = SSL_TLSV1_2,
1453 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1456 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1454 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1457 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1455 256, 1458 .strength_bits = 256,
1456 256, 1459 .alg_bits = 256,
1457 }, 1460 },
1458 1461
1459 /* Cipher A4 */ 1462 /* Cipher A4 */
1460 { 1463 {
1461 0, 1464 .valid = 0,
1462 TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256, 1465 .name = TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1463 TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256, 1466 .id = TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1464 SSL_kDHd, 1467 .algorithm_mkey = SSL_kDHd,
1465 SSL_aDH, 1468 .algorithm_auth = SSL_aDH,
1466 SSL_AES128GCM, 1469 .algorithm_enc = SSL_AES128GCM,
1467 SSL_AEAD, 1470 .algorithm_mac = SSL_AEAD,
1468 SSL_TLSV1_2, 1471 .algorithm_ssl = SSL_TLSV1_2,
1469 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1472 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1470 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1473 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1471 128, 1474 .strength_bits = 128,
1472 128, 1475 .alg_bits = 128,
1473 }, 1476 },
1474 1477
1475 /* Cipher A5 */ 1478 /* Cipher A5 */
1476 { 1479 {
1477 0, 1480 .valid = 0,
1478 TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384, 1481 .name = TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1479 TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384, 1482 .id = TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1480 SSL_kDHd, 1483 .algorithm_mkey = SSL_kDHd,
1481 SSL_aDH, 1484 .algorithm_auth = SSL_aDH,
1482 SSL_AES256GCM, 1485 .algorithm_enc = SSL_AES256GCM,
1483 SSL_AEAD, 1486 .algorithm_mac = SSL_AEAD,
1484 SSL_TLSV1_2, 1487 .algorithm_ssl = SSL_TLSV1_2,
1485 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1488 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1486 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1489 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1487 256, 1490 .strength_bits = 256,
1488 256, 1491 .alg_bits = 256,
1489 }, 1492 },
1490 1493
1491 /* Cipher A6 */ 1494 /* Cipher A6 */
1492 { 1495 {
1493 1, 1496 .valid = 1,
1494 TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256, 1497 .name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1495 TLS1_CK_ADH_WITH_AES_128_GCM_SHA256, 1498 .id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1496 SSL_kEDH, 1499 .algorithm_mkey = SSL_kEDH,
1497 SSL_aNULL, 1500 .algorithm_auth = SSL_aNULL,
1498 SSL_AES128GCM, 1501 .algorithm_enc = SSL_AES128GCM,
1499 SSL_AEAD, 1502 .algorithm_mac = SSL_AEAD,
1500 SSL_TLSV1_2, 1503 .algorithm_ssl = SSL_TLSV1_2,
1501 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1504 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1502 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1505 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1503 128, 1506 .strength_bits = 128,
1504 128, 1507 .alg_bits = 128,
1505 }, 1508 },
1506 1509
1507 /* Cipher A7 */ 1510 /* Cipher A7 */
1508 { 1511 {
1509 1, 1512 .valid = 1,
1510 TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384, 1513 .name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
1511 TLS1_CK_ADH_WITH_AES_256_GCM_SHA384, 1514 .id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
1512 SSL_kEDH, 1515 .algorithm_mkey = SSL_kEDH,
1513 SSL_aNULL, 1516 .algorithm_auth = SSL_aNULL,
1514 SSL_AES256GCM, 1517 .algorithm_enc = SSL_AES256GCM,
1515 SSL_AEAD, 1518 .algorithm_mac = SSL_AEAD,
1516 SSL_TLSV1_2, 1519 .algorithm_ssl = SSL_TLSV1_2,
1517 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1520 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1518 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1521 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1519 256, 1522 .strength_bits = 256,
1520 256, 1523 .alg_bits = 256,
1521 }, 1524 },
1522 1525
1523#ifndef OPENSSL_NO_ECDH 1526#ifndef OPENSSL_NO_ECDH
1524 /* Cipher C001 */ 1527 /* Cipher C001 */
1525 { 1528 {
1526 1, 1529 .valid = 1,
1527 TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA, 1530 .name = TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1528 TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA, 1531 .id = TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1529 SSL_kECDHe, 1532 .algorithm_mkey = SSL_kECDHe,
1530 SSL_aECDH, 1533 .algorithm_auth = SSL_aECDH,
1531 SSL_eNULL, 1534 .algorithm_enc = SSL_eNULL,
1532 SSL_SHA1, 1535 .algorithm_mac = SSL_SHA1,
1533 SSL_TLSV1, 1536 .algorithm_ssl = SSL_TLSV1,
1534 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1537 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1535 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1538 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1536 0, 1539 .strength_bits = 0,
1537 0, 1540 .alg_bits = 0,
1538 }, 1541 },
1539 1542
1540 /* Cipher C002 */ 1543 /* Cipher C002 */
1541 { 1544 {
1542 1, 1545 .valid = 1,
1543 TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA, 1546 .name = TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1544 TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA, 1547 .id = TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1545 SSL_kECDHe, 1548 .algorithm_mkey = SSL_kECDHe,
1546 SSL_aECDH, 1549 .algorithm_auth = SSL_aECDH,
1547 SSL_RC4, 1550 .algorithm_enc = SSL_RC4,
1548 SSL_SHA1, 1551 .algorithm_mac = SSL_SHA1,
1549 SSL_TLSV1, 1552 .algorithm_ssl = SSL_TLSV1,
1550 SSL_NOT_EXP|SSL_MEDIUM, 1553 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1551 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1554 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1552 128, 1555 .strength_bits = 128,
1553 128, 1556 .alg_bits = 128,
1554 }, 1557 },
1555 1558
1556 /* Cipher C003 */ 1559 /* Cipher C003 */
1557 { 1560 {
1558 1, 1561 .valid = 1,
1559 TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1562 .name = TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1560 TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA, 1563 .id = TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1561 SSL_kECDHe, 1564 .algorithm_mkey = SSL_kECDHe,
1562 SSL_aECDH, 1565 .algorithm_auth = SSL_aECDH,
1563 SSL_3DES, 1566 .algorithm_enc = SSL_3DES,
1564 SSL_SHA1, 1567 .algorithm_mac = SSL_SHA1,
1565 SSL_TLSV1, 1568 .algorithm_ssl = SSL_TLSV1,
1566 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1569 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1567 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1570 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1568 168, 1571 .strength_bits = 168,
1569 168, 1572 .alg_bits = 168,
1570 }, 1573 },
1571 1574
1572 /* Cipher C004 */ 1575 /* Cipher C004 */
1573 { 1576 {
1574 1, 1577 .valid = 1,
1575 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1578 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1576 TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 1579 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1577 SSL_kECDHe, 1580 .algorithm_mkey = SSL_kECDHe,
1578 SSL_aECDH, 1581 .algorithm_auth = SSL_aECDH,
1579 SSL_AES128, 1582 .algorithm_enc = SSL_AES128,
1580 SSL_SHA1, 1583 .algorithm_mac = SSL_SHA1,
1581 SSL_TLSV1, 1584 .algorithm_ssl = SSL_TLSV1,
1582 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1585 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1583 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1586 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1584 128, 1587 .strength_bits = 128,
1585 128, 1588 .alg_bits = 128,
1586 }, 1589 },
1587 1590
1588 /* Cipher C005 */ 1591 /* Cipher C005 */
1589 { 1592 {
1590 1, 1593 .valid = 1,
1591 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1594 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1592 TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 1595 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1593 SSL_kECDHe, 1596 .algorithm_mkey = SSL_kECDHe,
1594 SSL_aECDH, 1597 .algorithm_auth = SSL_aECDH,
1595 SSL_AES256, 1598 .algorithm_enc = SSL_AES256,
1596 SSL_SHA1, 1599 .algorithm_mac = SSL_SHA1,
1597 SSL_TLSV1, 1600 .algorithm_ssl = SSL_TLSV1,
1598 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1601 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1599 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1602 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1600 256, 1603 .strength_bits = 256,
1601 256, 1604 .alg_bits = 256,
1602 }, 1605 },
1603 1606
1604 /* Cipher C006 */ 1607 /* Cipher C006 */
1605 { 1608 {
1606 1, 1609 .valid = 1,
1607 TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA, 1610 .name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1608 TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA, 1611 .id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1609 SSL_kEECDH, 1612 .algorithm_mkey = SSL_kEECDH,
1610 SSL_aECDSA, 1613 .algorithm_auth = SSL_aECDSA,
1611 SSL_eNULL, 1614 .algorithm_enc = SSL_eNULL,
1612 SSL_SHA1, 1615 .algorithm_mac = SSL_SHA1,
1613 SSL_TLSV1, 1616 .algorithm_ssl = SSL_TLSV1,
1614 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1617 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1615 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1618 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1616 0, 1619 .strength_bits = 0,
1617 0, 1620 .alg_bits = 0,
1618 }, 1621 },
1619 1622
1620 /* Cipher C007 */ 1623 /* Cipher C007 */
1621 { 1624 {
1622 1, 1625 .valid = 1,
1623 TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA, 1626 .name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1624 TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA, 1627 .id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1625 SSL_kEECDH, 1628 .algorithm_mkey = SSL_kEECDH,
1626 SSL_aECDSA, 1629 .algorithm_auth = SSL_aECDSA,
1627 SSL_RC4, 1630 .algorithm_enc = SSL_RC4,
1628 SSL_SHA1, 1631 .algorithm_mac = SSL_SHA1,
1629 SSL_TLSV1, 1632 .algorithm_ssl = SSL_TLSV1,
1630 SSL_NOT_EXP|SSL_MEDIUM, 1633 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1631 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1634 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1632 128, 1635 .strength_bits = 128,
1633 128, 1636 .alg_bits = 128,
1634 }, 1637 },
1635 1638
1636 /* Cipher C008 */ 1639 /* Cipher C008 */
1637 { 1640 {
1638 1, 1641 .valid = 1,
1639 TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1642 .name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1640 TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA, 1643 .id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1641 SSL_kEECDH, 1644 .algorithm_mkey = SSL_kEECDH,
1642 SSL_aECDSA, 1645 .algorithm_auth = SSL_aECDSA,
1643 SSL_3DES, 1646 .algorithm_enc = SSL_3DES,
1644 SSL_SHA1, 1647 .algorithm_mac = SSL_SHA1,
1645 SSL_TLSV1, 1648 .algorithm_ssl = SSL_TLSV1,
1646 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1649 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1647 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1650 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1648 168, 1651 .strength_bits = 168,
1649 168, 1652 .alg_bits = 168,
1650 }, 1653 },
1651 1654
1652 /* Cipher C009 */ 1655 /* Cipher C009 */
1653 { 1656 {
1654 1, 1657 .valid = 1,
1655 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1658 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1656 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 1659 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1657 SSL_kEECDH, 1660 .algorithm_mkey = SSL_kEECDH,
1658 SSL_aECDSA, 1661 .algorithm_auth = SSL_aECDSA,
1659 SSL_AES128, 1662 .algorithm_enc = SSL_AES128,
1660 SSL_SHA1, 1663 .algorithm_mac = SSL_SHA1,
1661 SSL_TLSV1, 1664 .algorithm_ssl = SSL_TLSV1,
1662 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1665 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1663 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1666 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1664 128, 1667 .strength_bits = 128,
1665 128, 1668 .alg_bits = 128,
1666 }, 1669 },
1667 1670
1668 /* Cipher C00A */ 1671 /* Cipher C00A */
1669 { 1672 {
1670 1, 1673 .valid = 1,
1671 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1674 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1672 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 1675 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1673 SSL_kEECDH, 1676 .algorithm_mkey = SSL_kEECDH,
1674 SSL_aECDSA, 1677 .algorithm_auth = SSL_aECDSA,
1675 SSL_AES256, 1678 .algorithm_enc = SSL_AES256,
1676 SSL_SHA1, 1679 .algorithm_mac = SSL_SHA1,
1677 SSL_TLSV1, 1680 .algorithm_ssl = SSL_TLSV1,
1678 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1681 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1679 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1682 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1680 256, 1683 .strength_bits = 256,
1681 256, 1684 .alg_bits = 256,
1682 }, 1685 },
1683 1686
1684 /* Cipher C00B */ 1687 /* Cipher C00B */
1685 { 1688 {
1686 1, 1689 .valid = 1,
1687 TLS1_TXT_ECDH_RSA_WITH_NULL_SHA, 1690 .name = TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1688 TLS1_CK_ECDH_RSA_WITH_NULL_SHA, 1691 .id = TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1689 SSL_kECDHr, 1692 .algorithm_mkey = SSL_kECDHr,
1690 SSL_aECDH, 1693 .algorithm_auth = SSL_aECDH,
1691 SSL_eNULL, 1694 .algorithm_enc = SSL_eNULL,
1692 SSL_SHA1, 1695 .algorithm_mac = SSL_SHA1,
1693 SSL_TLSV1, 1696 .algorithm_ssl = SSL_TLSV1,
1694 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1697 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1695 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1698 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1696 0, 1699 .strength_bits = 0,
1697 0, 1700 .alg_bits = 0,
1698 }, 1701 },
1699 1702
1700 /* Cipher C00C */ 1703 /* Cipher C00C */
1701 { 1704 {
1702 1, 1705 .valid = 1,
1703 TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA, 1706 .name = TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
1704 TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA, 1707 .id = TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
1705 SSL_kECDHr, 1708 .algorithm_mkey = SSL_kECDHr,
1706 SSL_aECDH, 1709 .algorithm_auth = SSL_aECDH,
1707 SSL_RC4, 1710 .algorithm_enc = SSL_RC4,
1708 SSL_SHA1, 1711 .algorithm_mac = SSL_SHA1,
1709 SSL_TLSV1, 1712 .algorithm_ssl = SSL_TLSV1,
1710 SSL_NOT_EXP|SSL_MEDIUM, 1713 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1711 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1714 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1712 128, 1715 .strength_bits = 128,
1713 128, 1716 .alg_bits = 128,
1714 }, 1717 },
1715 1718
1716 /* Cipher C00D */ 1719 /* Cipher C00D */
1717 { 1720 {
1718 1, 1721 .valid = 1,
1719 TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1722 .name = TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1720 TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA, 1723 .id = TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
1721 SSL_kECDHr, 1724 .algorithm_mkey = SSL_kECDHr,
1722 SSL_aECDH, 1725 .algorithm_auth = SSL_aECDH,
1723 SSL_3DES, 1726 .algorithm_enc = SSL_3DES,
1724 SSL_SHA1, 1727 .algorithm_mac = SSL_SHA1,
1725 SSL_TLSV1, 1728 .algorithm_ssl = SSL_TLSV1,
1726 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1729 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1727 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1730 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1728 168, 1731 .strength_bits = 168,
1729 168, 1732 .alg_bits = 168,
1730 }, 1733 },
1731 1734
1732 /* Cipher C00E */ 1735 /* Cipher C00E */
1733 { 1736 {
1734 1, 1737 .valid = 1,
1735 TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA, 1738 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
1736 TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA, 1739 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
1737 SSL_kECDHr, 1740 .algorithm_mkey = SSL_kECDHr,
1738 SSL_aECDH, 1741 .algorithm_auth = SSL_aECDH,
1739 SSL_AES128, 1742 .algorithm_enc = SSL_AES128,
1740 SSL_SHA1, 1743 .algorithm_mac = SSL_SHA1,
1741 SSL_TLSV1, 1744 .algorithm_ssl = SSL_TLSV1,
1742 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1745 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1743 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1746 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1744 128, 1747 .strength_bits = 128,
1745 128, 1748 .alg_bits = 128,
1746 }, 1749 },
1747 1750
1748 /* Cipher C00F */ 1751 /* Cipher C00F */
1749 { 1752 {
1750 1, 1753 .valid = 1,
1751 TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA, 1754 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
1752 TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA, 1755 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
1753 SSL_kECDHr, 1756 .algorithm_mkey = SSL_kECDHr,
1754 SSL_aECDH, 1757 .algorithm_auth = SSL_aECDH,
1755 SSL_AES256, 1758 .algorithm_enc = SSL_AES256,
1756 SSL_SHA1, 1759 .algorithm_mac = SSL_SHA1,
1757 SSL_TLSV1, 1760 .algorithm_ssl = SSL_TLSV1,
1758 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1761 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1759 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1762 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1760 256, 1763 .strength_bits = 256,
1761 256, 1764 .alg_bits = 256,
1762 }, 1765 },
1763 1766
1764 /* Cipher C010 */ 1767 /* Cipher C010 */
1765 { 1768 {
1766 1, 1769 .valid = 1,
1767 TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA, 1770 .name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
1768 TLS1_CK_ECDHE_RSA_WITH_NULL_SHA, 1771 .id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
1769 SSL_kEECDH, 1772 .algorithm_mkey = SSL_kEECDH,
1770 SSL_aRSA, 1773 .algorithm_auth = SSL_aRSA,
1771 SSL_eNULL, 1774 .algorithm_enc = SSL_eNULL,
1772 SSL_SHA1, 1775 .algorithm_mac = SSL_SHA1,
1773 SSL_TLSV1, 1776 .algorithm_ssl = SSL_TLSV1,
1774 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1777 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1775 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1778 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1776 0, 1779 .strength_bits = 0,
1777 0, 1780 .alg_bits = 0,
1778 }, 1781 },
1779 1782
1780 /* Cipher C011 */ 1783 /* Cipher C011 */
1781 { 1784 {
1782 1, 1785 .valid = 1,
1783 TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA, 1786 .name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
1784 TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 1787 .id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
1785 SSL_kEECDH, 1788 .algorithm_mkey = SSL_kEECDH,
1786 SSL_aRSA, 1789 .algorithm_auth = SSL_aRSA,
1787 SSL_RC4, 1790 .algorithm_enc = SSL_RC4,
1788 SSL_SHA1, 1791 .algorithm_mac = SSL_SHA1,
1789 SSL_TLSV1, 1792 .algorithm_ssl = SSL_TLSV1,
1790 SSL_NOT_EXP|SSL_MEDIUM, 1793 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1791 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1794 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1792 128, 1795 .strength_bits = 128,
1793 128, 1796 .alg_bits = 128,
1794 }, 1797 },
1795 1798
1796 /* Cipher C012 */ 1799 /* Cipher C012 */
1797 { 1800 {
1798 1, 1801 .valid = 1,
1799 TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1802 .name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1800 TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA, 1803 .id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
1801 SSL_kEECDH, 1804 .algorithm_mkey = SSL_kEECDH,
1802 SSL_aRSA, 1805 .algorithm_auth = SSL_aRSA,
1803 SSL_3DES, 1806 .algorithm_enc = SSL_3DES,
1804 SSL_SHA1, 1807 .algorithm_mac = SSL_SHA1,
1805 SSL_TLSV1, 1808 .algorithm_ssl = SSL_TLSV1,
1806 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1809 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1807 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1810 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1808 168, 1811 .strength_bits = 168,
1809 168, 1812 .alg_bits = 168,
1810 }, 1813 },
1811 1814
1812 /* Cipher C013 */ 1815 /* Cipher C013 */
1813 { 1816 {
1814 1, 1817 .valid = 1,
1815 TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1818 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1816 TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 1819 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
1817 SSL_kEECDH, 1820 .algorithm_mkey = SSL_kEECDH,
1818 SSL_aRSA, 1821 .algorithm_auth = SSL_aRSA,
1819 SSL_AES128, 1822 .algorithm_enc = SSL_AES128,
1820 SSL_SHA1, 1823 .algorithm_mac = SSL_SHA1,
1821 SSL_TLSV1, 1824 .algorithm_ssl = SSL_TLSV1,
1822 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1825 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1823 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1826 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1824 128, 1827 .strength_bits = 128,
1825 128, 1828 .alg_bits = 128,
1826 }, 1829 },
1827 1830
1828 /* Cipher C014 */ 1831 /* Cipher C014 */
1829 { 1832 {
1830 1, 1833 .valid = 1,
1831 TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1834 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1832 TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 1835 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
1833 SSL_kEECDH, 1836 .algorithm_mkey = SSL_kEECDH,
1834 SSL_aRSA, 1837 .algorithm_auth = SSL_aRSA,
1835 SSL_AES256, 1838 .algorithm_enc = SSL_AES256,
1836 SSL_SHA1, 1839 .algorithm_mac = SSL_SHA1,
1837 SSL_TLSV1, 1840 .algorithm_ssl = SSL_TLSV1,
1838 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1841 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1842 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1840 256, 1843 .strength_bits = 256,
1841 256, 1844 .alg_bits = 256,
1842 }, 1845 },
1843 1846
1844 /* Cipher C015 */ 1847 /* Cipher C015 */
1845 { 1848 {
1846 1, 1849 .valid = 1,
1847 TLS1_TXT_ECDH_anon_WITH_NULL_SHA, 1850 .name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
1848 TLS1_CK_ECDH_anon_WITH_NULL_SHA, 1851 .id = TLS1_CK_ECDH_anon_WITH_NULL_SHA,
1849 SSL_kEECDH, 1852 .algorithm_mkey = SSL_kEECDH,
1850 SSL_aNULL, 1853 .algorithm_auth = SSL_aNULL,
1851 SSL_eNULL, 1854 .algorithm_enc = SSL_eNULL,
1852 SSL_SHA1, 1855 .algorithm_mac = SSL_SHA1,
1853 SSL_TLSV1, 1856 .algorithm_ssl = SSL_TLSV1,
1854 SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, 1857 .algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1855 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1858 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1856 0, 1859 .strength_bits = 0,
1857 0, 1860 .alg_bits = 0,
1858 }, 1861 },
1859 1862
1860 /* Cipher C016 */ 1863 /* Cipher C016 */
1861 { 1864 {
1862 1, 1865 .valid = 1,
1863 TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA, 1866 .name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
1864 TLS1_CK_ECDH_anon_WITH_RC4_128_SHA, 1867 .id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
1865 SSL_kEECDH, 1868 .algorithm_mkey = SSL_kEECDH,
1866 SSL_aNULL, 1869 .algorithm_auth = SSL_aNULL,
1867 SSL_RC4, 1870 .algorithm_enc = SSL_RC4,
1868 SSL_SHA1, 1871 .algorithm_mac = SSL_SHA1,
1869 SSL_TLSV1, 1872 .algorithm_ssl = SSL_TLSV1,
1870 SSL_NOT_EXP|SSL_MEDIUM, 1873 .algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
1871 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1874 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1872 128, 1875 .strength_bits = 128,
1873 128, 1876 .alg_bits = 128,
1874 }, 1877 },
1875 1878
1876 /* Cipher C017 */ 1879 /* Cipher C017 */
1877 { 1880 {
1878 1, 1881 .valid = 1,
1879 TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA, 1882 .name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
1880 TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA, 1883 .id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
1881 SSL_kEECDH, 1884 .algorithm_mkey = SSL_kEECDH,
1882 SSL_aNULL, 1885 .algorithm_auth = SSL_aNULL,
1883 SSL_3DES, 1886 .algorithm_enc = SSL_3DES,
1884 SSL_SHA1, 1887 .algorithm_mac = SSL_SHA1,
1885 SSL_TLSV1, 1888 .algorithm_ssl = SSL_TLSV1,
1886 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1889 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1887 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1890 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1888 168, 1891 .strength_bits = 168,
1889 168, 1892 .alg_bits = 168,
1890 }, 1893 },
1891 1894
1892 /* Cipher C018 */ 1895 /* Cipher C018 */
1893 { 1896 {
1894 1, 1897 .valid = 1,
1895 TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA, 1898 .name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
1896 TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA, 1899 .id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
1897 SSL_kEECDH, 1900 .algorithm_mkey = SSL_kEECDH,
1898 SSL_aNULL, 1901 .algorithm_auth = SSL_aNULL,
1899 SSL_AES128, 1902 .algorithm_enc = SSL_AES128,
1900 SSL_SHA1, 1903 .algorithm_mac = SSL_SHA1,
1901 SSL_TLSV1, 1904 .algorithm_ssl = SSL_TLSV1,
1902 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1905 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1906 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1904 128, 1907 .strength_bits = 128,
1905 128, 1908 .alg_bits = 128,
1906 }, 1909 },
1907 1910
1908 /* Cipher C019 */ 1911 /* Cipher C019 */
1909 { 1912 {
1910 1, 1913 .valid = 1,
1911 TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA, 1914 .name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
1912 TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA, 1915 .id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
1913 SSL_kEECDH, 1916 .algorithm_mkey = SSL_kEECDH,
1914 SSL_aNULL, 1917 .algorithm_auth = SSL_aNULL,
1915 SSL_AES256, 1918 .algorithm_enc = SSL_AES256,
1916 SSL_SHA1, 1919 .algorithm_mac = SSL_SHA1,
1917 SSL_TLSV1, 1920 .algorithm_ssl = SSL_TLSV1,
1918 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1921 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1919 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 1922 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1920 256, 1923 .strength_bits = 256,
1921 256, 1924 .alg_bits = 256,
1922 }, 1925 },
1923#endif /* OPENSSL_NO_ECDH */ 1926#endif /* OPENSSL_NO_ECDH */
1924 1927
@@ -1928,326 +1931,326 @@ SSL_CIPHER ssl3_ciphers[] = {
1928 1931
1929 /* Cipher C023 */ 1932 /* Cipher C023 */
1930 { 1933 {
1931 1, 1934 .valid = 1,
1932 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256, 1935 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
1933 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 1936 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
1934 SSL_kEECDH, 1937 .algorithm_mkey = SSL_kEECDH,
1935 SSL_aECDSA, 1938 .algorithm_auth = SSL_aECDSA,
1936 SSL_AES128, 1939 .algorithm_enc = SSL_AES128,
1937 SSL_SHA256, 1940 .algorithm_mac = SSL_SHA256,
1938 SSL_TLSV1_2, 1941 .algorithm_ssl = SSL_TLSV1_2,
1939 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1942 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1940 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1943 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1941 128, 1944 .strength_bits = 128,
1942 128, 1945 .alg_bits = 128,
1943 }, 1946 },
1944 1947
1945 /* Cipher C024 */ 1948 /* Cipher C024 */
1946 { 1949 {
1947 1, 1950 .valid = 1,
1948 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384, 1951 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
1949 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 1952 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
1950 SSL_kEECDH, 1953 .algorithm_mkey = SSL_kEECDH,
1951 SSL_aECDSA, 1954 .algorithm_auth = SSL_aECDSA,
1952 SSL_AES256, 1955 .algorithm_enc = SSL_AES256,
1953 SSL_SHA384, 1956 .algorithm_mac = SSL_SHA384,
1954 SSL_TLSV1_2, 1957 .algorithm_ssl = SSL_TLSV1_2,
1955 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1958 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1956 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1959 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1957 256, 1960 .strength_bits = 256,
1958 256, 1961 .alg_bits = 256,
1959 }, 1962 },
1960 1963
1961 /* Cipher C025 */ 1964 /* Cipher C025 */
1962 { 1965 {
1963 1, 1966 .valid = 1,
1964 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256, 1967 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
1965 TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256, 1968 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
1966 SSL_kECDHe, 1969 .algorithm_mkey = SSL_kECDHe,
1967 SSL_aECDH, 1970 .algorithm_auth = SSL_aECDH,
1968 SSL_AES128, 1971 .algorithm_enc = SSL_AES128,
1969 SSL_SHA256, 1972 .algorithm_mac = SSL_SHA256,
1970 SSL_TLSV1_2, 1973 .algorithm_ssl = SSL_TLSV1_2,
1971 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1974 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1972 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 1975 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1973 128, 1976 .strength_bits = 128,
1974 128, 1977 .alg_bits = 128,
1975 }, 1978 },
1976 1979
1977 /* Cipher C026 */ 1980 /* Cipher C026 */
1978 { 1981 {
1979 1, 1982 .valid = 1,
1980 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384, 1983 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
1981 TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384, 1984 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
1982 SSL_kECDHe, 1985 .algorithm_mkey = SSL_kECDHe,
1983 SSL_aECDH, 1986 .algorithm_auth = SSL_aECDH,
1984 SSL_AES256, 1987 .algorithm_enc = SSL_AES256,
1985 SSL_SHA384, 1988 .algorithm_mac = SSL_SHA384,
1986 SSL_TLSV1_2, 1989 .algorithm_ssl = SSL_TLSV1_2,
1987 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 1990 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1988 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 1991 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1989 256, 1992 .strength_bits = 256,
1990 256, 1993 .alg_bits = 256,
1991 }, 1994 },
1992 1995
1993 /* Cipher C027 */ 1996 /* Cipher C027 */
1994 { 1997 {
1995 1, 1998 .valid = 1,
1996 TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256, 1999 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
1997 TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 2000 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
1998 SSL_kEECDH, 2001 .algorithm_mkey = SSL_kEECDH,
1999 SSL_aRSA, 2002 .algorithm_auth = SSL_aRSA,
2000 SSL_AES128, 2003 .algorithm_enc = SSL_AES128,
2001 SSL_SHA256, 2004 .algorithm_mac = SSL_SHA256,
2002 SSL_TLSV1_2, 2005 .algorithm_ssl = SSL_TLSV1_2,
2003 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2006 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2004 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2007 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2005 128, 2008 .strength_bits = 128,
2006 128, 2009 .alg_bits = 128,
2007 }, 2010 },
2008 2011
2009 /* Cipher C028 */ 2012 /* Cipher C028 */
2010 { 2013 {
2011 1, 2014 .valid = 1,
2012 TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384, 2015 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2013 TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 2016 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2014 SSL_kEECDH, 2017 .algorithm_mkey = SSL_kEECDH,
2015 SSL_aRSA, 2018 .algorithm_auth = SSL_aRSA,
2016 SSL_AES256, 2019 .algorithm_enc = SSL_AES256,
2017 SSL_SHA384, 2020 .algorithm_mac = SSL_SHA384,
2018 SSL_TLSV1_2, 2021 .algorithm_ssl = SSL_TLSV1_2,
2019 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2022 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2020 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2023 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2021 256, 2024 .strength_bits = 256,
2022 256, 2025 .alg_bits = 256,
2023 }, 2026 },
2024 2027
2025 /* Cipher C029 */ 2028 /* Cipher C029 */
2026 { 2029 {
2027 1, 2030 .valid = 1,
2028 TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256, 2031 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2029 TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256, 2032 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2030 SSL_kECDHr, 2033 .algorithm_mkey = SSL_kECDHr,
2031 SSL_aECDH, 2034 .algorithm_auth = SSL_aECDH,
2032 SSL_AES128, 2035 .algorithm_enc = SSL_AES128,
2033 SSL_SHA256, 2036 .algorithm_mac = SSL_SHA256,
2034 SSL_TLSV1_2, 2037 .algorithm_ssl = SSL_TLSV1_2,
2035 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2038 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2036 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2039 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2037 128, 2040 .strength_bits = 128,
2038 128, 2041 .alg_bits = 128,
2039 }, 2042 },
2040 2043
2041 /* Cipher C02A */ 2044 /* Cipher C02A */
2042 { 2045 {
2043 1, 2046 .valid = 1,
2044 TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384, 2047 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2045 TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384, 2048 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2046 SSL_kECDHr, 2049 .algorithm_mkey = SSL_kECDHr,
2047 SSL_aECDH, 2050 .algorithm_auth = SSL_aECDH,
2048 SSL_AES256, 2051 .algorithm_enc = SSL_AES256,
2049 SSL_SHA384, 2052 .algorithm_mac = SSL_SHA384,
2050 SSL_TLSV1_2, 2053 .algorithm_ssl = SSL_TLSV1_2,
2051 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2054 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2052 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2055 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2053 256, 2056 .strength_bits = 256,
2054 256, 2057 .alg_bits = 256,
2055 }, 2058 },
2056 2059
2057 /* GCM based TLS v1.2 ciphersuites from RFC5289 */ 2060 /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2058 2061
2059 /* Cipher C02B */ 2062 /* Cipher C02B */
2060 { 2063 {
2061 1, 2064 .valid = 1,
2062 TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2065 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2063 TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 2066 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2064 SSL_kEECDH, 2067 .algorithm_mkey = SSL_kEECDH,
2065 SSL_aECDSA, 2068 .algorithm_auth = SSL_aECDSA,
2066 SSL_AES128GCM, 2069 .algorithm_enc = SSL_AES128GCM,
2067 SSL_AEAD, 2070 .algorithm_mac = SSL_AEAD,
2068 SSL_TLSV1_2, 2071 .algorithm_ssl = SSL_TLSV1_2,
2069 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2072 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2070 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2073 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2071 128, 2074 .strength_bits = 128,
2072 128, 2075 .alg_bits = 128,
2073 }, 2076 },
2074 2077
2075 /* Cipher C02C */ 2078 /* Cipher C02C */
2076 { 2079 {
2077 1, 2080 .valid = 1,
2078 TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2081 .name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2079 TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 2082 .id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2080 SSL_kEECDH, 2083 .algorithm_mkey = SSL_kEECDH,
2081 SSL_aECDSA, 2084 .algorithm_auth = SSL_aECDSA,
2082 SSL_AES256GCM, 2085 .algorithm_enc = SSL_AES256GCM,
2083 SSL_AEAD, 2086 .algorithm_mac = SSL_AEAD,
2084 SSL_TLSV1_2, 2087 .algorithm_ssl = SSL_TLSV1_2,
2085 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2088 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2086 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2089 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2087 256, 2090 .strength_bits = 256,
2088 256, 2091 .alg_bits = 256,
2089 }, 2092 },
2090 2093
2091 /* Cipher C02D */ 2094 /* Cipher C02D */
2092 { 2095 {
2093 1, 2096 .valid = 1,
2094 TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2097 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2095 TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 2098 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2096 SSL_kECDHe, 2099 .algorithm_mkey = SSL_kECDHe,
2097 SSL_aECDH, 2100 .algorithm_auth = SSL_aECDH,
2098 SSL_AES128GCM, 2101 .algorithm_enc = SSL_AES128GCM,
2099 SSL_AEAD, 2102 .algorithm_mac = SSL_AEAD,
2100 SSL_TLSV1_2, 2103 .algorithm_ssl = SSL_TLSV1_2,
2101 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2104 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2102 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2105 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2103 128, 2106 .strength_bits = 128,
2104 128, 2107 .alg_bits = 128,
2105 }, 2108 },
2106 2109
2107 /* Cipher C02E */ 2110 /* Cipher C02E */
2108 { 2111 {
2109 1, 2112 .valid = 1,
2110 TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2113 .name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2111 TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 2114 .id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2112 SSL_kECDHe, 2115 .algorithm_mkey = SSL_kECDHe,
2113 SSL_aECDH, 2116 .algorithm_auth = SSL_aECDH,
2114 SSL_AES256GCM, 2117 .algorithm_enc = SSL_AES256GCM,
2115 SSL_AEAD, 2118 .algorithm_mac = SSL_AEAD,
2116 SSL_TLSV1_2, 2119 .algorithm_ssl = SSL_TLSV1_2,
2117 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2120 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2118 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2121 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2119 256, 2122 .strength_bits = 256,
2120 256, 2123 .alg_bits = 256,
2121 }, 2124 },
2122 2125
2123 /* Cipher C02F */ 2126 /* Cipher C02F */
2124 { 2127 {
2125 1, 2128 .valid = 1,
2126 TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2129 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2127 TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 2130 .id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2128 SSL_kEECDH, 2131 .algorithm_mkey = SSL_kEECDH,
2129 SSL_aRSA, 2132 .algorithm_auth = SSL_aRSA,
2130 SSL_AES128GCM, 2133 .algorithm_enc = SSL_AES128GCM,
2131 SSL_AEAD, 2134 .algorithm_mac = SSL_AEAD,
2132 SSL_TLSV1_2, 2135 .algorithm_ssl = SSL_TLSV1_2,
2133 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2136 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2134 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2137 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2135 128, 2138 .strength_bits = 128,
2136 128, 2139 .alg_bits = 128,
2137 }, 2140 },
2138 2141
2139 /* Cipher C030 */ 2142 /* Cipher C030 */
2140 { 2143 {
2141 1, 2144 .valid = 1,
2142 TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2145 .name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2143 TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 2146 .id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2144 SSL_kEECDH, 2147 .algorithm_mkey = SSL_kEECDH,
2145 SSL_aRSA, 2148 .algorithm_auth = SSL_aRSA,
2146 SSL_AES256GCM, 2149 .algorithm_enc = SSL_AES256GCM,
2147 SSL_AEAD, 2150 .algorithm_mac = SSL_AEAD,
2148 SSL_TLSV1_2, 2151 .algorithm_ssl = SSL_TLSV1_2,
2149 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2152 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2150 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2153 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2151 256, 2154 .strength_bits = 256,
2152 256, 2155 .alg_bits = 256,
2153 }, 2156 },
2154 2157
2155 /* Cipher C031 */ 2158 /* Cipher C031 */
2156 { 2159 {
2157 1, 2160 .valid = 1,
2158 TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2161 .name = TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2159 TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256, 2162 .id = TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2160 SSL_kECDHr, 2163 .algorithm_mkey = SSL_kECDHr,
2161 SSL_aECDH, 2164 .algorithm_auth = SSL_aECDH,
2162 SSL_AES128GCM, 2165 .algorithm_enc = SSL_AES128GCM,
2163 SSL_AEAD, 2166 .algorithm_mac = SSL_AEAD,
2164 SSL_TLSV1_2, 2167 .algorithm_ssl = SSL_TLSV1_2,
2165 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2168 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2166 SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256, 2169 .algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2167 128, 2170 .strength_bits = 128,
2168 128, 2171 .alg_bits = 128,
2169 }, 2172 },
2170 2173
2171 /* Cipher C032 */ 2174 /* Cipher C032 */
2172 { 2175 {
2173 1, 2176 .valid = 1,
2174 TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2177 .name = TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2175 TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384, 2178 .id = TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2176 SSL_kECDHr, 2179 .algorithm_mkey = SSL_kECDHr,
2177 SSL_aECDH, 2180 .algorithm_auth = SSL_aECDH,
2178 SSL_AES256GCM, 2181 .algorithm_enc = SSL_AES256GCM,
2179 SSL_AEAD, 2182 .algorithm_mac = SSL_AEAD,
2180 SSL_TLSV1_2, 2183 .algorithm_ssl = SSL_TLSV1_2,
2181 SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, 2184 .algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2182 SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384, 2185 .algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2183 256, 2186 .strength_bits = 256,
2184 256, 2187 .alg_bits = 256,
2185 }, 2188 },
2186 2189
2187#endif /* OPENSSL_NO_ECDH */ 2190#endif /* OPENSSL_NO_ECDH */
2188 2191
2189 2192
2190#ifdef TEMP_GOST_TLS 2193#ifdef TEMP_GOST_TLS
2191/* Cipher FF00 */ 2194 /* Cipher FF00 */
2192 { 2195 {
2193 1, 2196 .valid = 1,
2194 "GOST-MD5", 2197 .name = "GOST-MD5",
2195 0x0300ff00, 2198 .id = 0x0300ff00,
2196 SSL_kRSA, 2199 .algorithm_mkey = SSL_kRSA,
2197 SSL_aRSA, 2200 .algorithm_auth = SSL_aRSA,
2198 SSL_eGOST2814789CNT, 2201 .algorithm_enc = SSL_eGOST2814789CNT,
2199 SSL_MD5, 2202 .algorithm_mac = SSL_MD5,
2200 SSL_TLSV1, 2203 .algorithm_ssl = SSL_TLSV1,
2201 SSL_NOT_EXP|SSL_HIGH, 2204 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2202 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2205 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2203 256, 2206 .strength_bits = 256,
2204 256, 2207 .alg_bits = 256,
2205 }, 2208 },
2206 { 2209 {
2207 1, 2210 .valid = 1,
2208 "GOST-GOST94", 2211 .name = "GOST-GOST94",
2209 0x0300ff01, 2212 .id = 0x0300ff01,
2210 SSL_kRSA, 2213 .algorithm_mkey = SSL_kRSA,
2211 SSL_aRSA, 2214 .algorithm_auth = SSL_aRSA,
2212 SSL_eGOST2814789CNT, 2215 .algorithm_enc = SSL_eGOST2814789CNT,
2213 SSL_GOST94, 2216 .algorithm_mac = SSL_GOST94,
2214 SSL_TLSV1, 2217 .algorithm_ssl = SSL_TLSV1,
2215 SSL_NOT_EXP|SSL_HIGH, 2218 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2216 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2219 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2217 256, 2220 .strength_bits = 256,
2218 256 2221 .alg_bits = 256
2219 }, 2222 },
2220 { 2223 {
2221 1, 2224 .valid = 1,
2222 "GOST-GOST89MAC", 2225 .name = "GOST-GOST89MAC",
2223 0x0300ff02, 2226 .id = 0x0300ff02,
2224 SSL_kRSA, 2227 .algorithm_mkey = SSL_kRSA,
2225 SSL_aRSA, 2228 .algorithm_auth = SSL_aRSA,
2226 SSL_eGOST2814789CNT, 2229 .algorithm_enc = SSL_eGOST2814789CNT,
2227 SSL_GOST89MAC, 2230 .algorithm_mac = SSL_GOST89MAC,
2228 SSL_TLSV1, 2231 .algorithm_ssl = SSL_TLSV1,
2229 SSL_NOT_EXP|SSL_HIGH, 2232 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2230 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF, 2233 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2231 256, 2234 .strength_bits = 256,
2232 256 2235 .alg_bits = 256
2233 }, 2236 },
2234 { 2237 {
2235 1, 2238 .valid = 1,
2236 "GOST-GOST89STREAM", 2239 .name = "GOST-GOST89STREAM",
2237 0x0300ff03, 2240 .id = 0x0300ff03,
2238 SSL_kRSA, 2241 .algorithm_mkey = SSL_kRSA,
2239 SSL_aRSA, 2242 .algorithm_auth = SSL_aRSA,
2240 SSL_eGOST2814789CNT, 2243 .algorithm_enc = SSL_eGOST2814789CNT,
2241 SSL_GOST89MAC, 2244 .algorithm_mac = SSL_GOST89MAC,
2242 SSL_TLSV1, 2245 .algorithm_ssl = SSL_TLSV1,
2243 SSL_NOT_EXP|SSL_HIGH, 2246 .algo_strength = SSL_NOT_EXP|SSL_HIGH,
2244 SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC, 2247 .algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|
2245 256, 2248 TLS1_STREAM_MAC,
2246 256 2249 .strength_bits = 256,
2250 .alg_bits = 256
2247 }, 2251 },
2248#endif 2252#endif
2249 2253 /* end of list */
2250/* end of list */
2251}; 2254};
2252 2255
2253SSL3_ENC_METHOD SSLv3_enc_data = { 2256SSL3_ENC_METHOD SSLv3_enc_data = {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:32:58 +0000