diff --git a/src/ciphersuites.c b/src/ciphersuites.c
index 5efa416..af751c8 100644
--- a/src/ciphersuites.c
+++ b/src/ciphersuites.c
@@ -1,1453 +1,1452 @@
/* ciphersuites.c - cipher suite helpers
* Copyright (C) 2006-2014, Brainspark B.V.
* Copyright (C) 2014 g10 code GmbH
*
* This file is part of NTBTLS
*
* NTBTLS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* NTBTLS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*
* This file was part of PolarSSL (http://www.polarssl.org). Former
* Lead Maintainer: Paul Bakker .
* Please do not file bug reports to them but to the address given in
* the file AUTHORS in the top directory of NTBTLS.
*/
#include
#include
#include
#include "ntbtls-int.h"
#include "ciphersuites.h"
/*
* This structure is used for storing ciphersuite information
*/
struct _ntbtls_ciphersuite_s
{
int tlsid;
const char *name;
cipher_algo_t cipher;
cipher_mode_t ciphermode;
mac_algo_t mac;
key_exchange_type_t key_exchange;
unsigned char flags;
unsigned char min_major_ver;
unsigned char min_minor_ver;
unsigned char max_major_ver;
unsigned char max_minor_ver;
};
/*
* Ordered from most preferred to least preferred in terms of security.
*
* Current rule:
* 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
* 2. By key length and cipher:
* AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
* 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
* 4. By hash function used when relevant
* 5. By key exchange/auth again: EC > non-EC
*/
static const int ciphersuite_preference[] = {
/* All AES-256 ephemeral suites */
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
TLS_DHE_RSA_WITH_AES_256_CCM,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
TLS_DHE_RSA_WITH_AES_256_CCM_8,
/* All CAMELLIA-256 ephemeral suites */
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
/* All AES-128 ephemeral suites */
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
TLS_DHE_RSA_WITH_AES_128_CCM,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
TLS_DHE_RSA_WITH_AES_128_CCM_8,
/* All CAMELLIA-128 ephemeral suites */
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
/* All remaining >= 128-bit ephemeral suites */
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
/* The PSK ephemeral suites */
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
TLS_DHE_PSK_WITH_AES_256_CCM,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
TLS_DHE_PSK_WITH_AES_256_CCM_8,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
TLS_DHE_PSK_WITH_AES_128_CCM,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_DHE_PSK_WITH_AES_128_CCM_8,
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
/* All AES-256 suites */
TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_256_CCM,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_256_CCM_8,
/* All CAMELLIA-256 suites */
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
/* All AES-128 suites */
TLS_RSA_WITH_AES_128_GCM_SHA256,
TLS_RSA_WITH_AES_128_CCM,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_128_CCM_8,
/* All CAMELLIA-128 suites */
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
/* All remaining >= 128-bit suites */
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
/* The RSA PSK suites */
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
/* The PSK suites */
TLS_PSK_WITH_AES_256_GCM_SHA384,
TLS_PSK_WITH_AES_256_CCM,
TLS_PSK_WITH_AES_256_CBC_SHA384,
TLS_PSK_WITH_AES_256_CBC_SHA,
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
TLS_PSK_WITH_AES_256_CCM_8,
TLS_PSK_WITH_AES_128_GCM_SHA256,
TLS_PSK_WITH_AES_128_CCM,
TLS_PSK_WITH_AES_128_CBC_SHA256,
TLS_PSK_WITH_AES_128_CBC_SHA,
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
TLS_PSK_WITH_AES_128_CCM_8,
TLS_PSK_WITH_3DES_EDE_CBC_SHA,
0
};
static const struct _ntbtls_ciphersuite_s ciphersuite_definitions[] = {
{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
"TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
"TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
"TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
"TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
"TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
"TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
"TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
"TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
"TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
"TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
"TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
"TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
"TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
"TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
"TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
"TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
"TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
"TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
"TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_256_CCM,
"TLS-DHE-RSA-WITH-AES-256-CCM",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_256_CCM_8,
"TLS-DHE-RSA-WITH-AES-256-CCM-8",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_128_CCM,
"TLS-DHE-RSA-WITH-AES-128-CCM",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_AES_128_CCM_8,
"TLS-DHE-RSA-WITH-AES-128-CCM-8",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
"TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
"TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
"TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_256_GCM_SHA384,
"TLS-RSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_128_GCM_SHA256,
"TLS-RSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_128_CBC_SHA256,
"TLS-RSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_256_CBC_SHA256,
"TLS-RSA-WITH-AES-256-CBC-SHA256",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_128_CBC_SHA,
"TLS-RSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_256_CBC_SHA,
"TLS-RSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_256_CCM,
"TLS-RSA-WITH-AES-256-CCM",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_256_CCM_8,
"TLS-RSA-WITH-AES-256-CCM-8",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_128_CCM,
"TLS-RSA-WITH-AES-128-CCM",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_AES_128_CCM_8,
"TLS-RSA-WITH-AES-128-CCM-8",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
"TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
"TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
"TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS-RSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
"TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
"TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
"TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
"TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
"TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_RSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
"TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
"TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
"TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
"TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
"TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
"TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
"TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDH_ECDSA,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_128_GCM_SHA256,
"TLS-PSK-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_256_GCM_SHA384,
"TLS-PSK-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_128_CBC_SHA256,
"TLS-PSK-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_256_CBC_SHA384,
"TLS-PSK-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_128_CBC_SHA,
"TLS-PSK-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_256_CBC_SHA,
"TLS-PSK-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_256_CCM,
"TLS-PSK-WITH-AES-256-CCM",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_256_CCM_8,
"TLS-PSK-WITH-AES-256-CCM-8",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_128_CCM,
"TLS-PSK-WITH-AES-128-CCM",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_AES_128_CCM_8,
"TLS-PSK-WITH-AES-128-CCM-8",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS-PSK-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
"TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
"TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
"TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
"TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_256_CCM,
"TLS-DHE-PSK-WITH-AES-256-CCM",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_256_CCM_8,
"TLS-DHE-PSK-WITH-AES-256-CCM-8",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_128_CCM,
"TLS-DHE-PSK-WITH-AES-128-CCM",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_AES_128_CCM_8,
"TLS-DHE-PSK-WITH-AES-128-CCM-8",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
CIPHERSUITE_FLAG_SHORT_TAG,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_DHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
"TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
"TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_ECDHE_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
"TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
"TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
"TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
"TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
"TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
"TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
"TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA256,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
"TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MAC_HMAC_SHA384,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
"TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MAC_HMAC_SHA1,
KEY_EXCHANGE_RSA_PSK,
0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
{0, "", 0, 0, 0, 0, 0, 0, 0, 0}
};
static int supported_ciphersuites[DIM (ciphersuite_definitions)];
static int supported_init = 0;
/* Return an array with all supported cipher suites. */
const int *
_ntbtls_ciphersuite_list (void)
{
/*
* On initial call filter out all ciphersuites not supported by current
* build based on presence in the ciphersuite_definitions.
*/
//FIXME: We need to check that algorithms are enabled in libgcrypt
// and we need to protect this with a mutex.
if (!supported_init)
{
ciphersuite_t suite;
int i, j;
for (i=j=0; (ciphersuite_preference[i]
&& j < DIM(ciphersuite_definitions)-1); i++)
{
if ((suite = _ntbtls_ciphersuite_from_id (ciphersuite_preference[i])))
{
/*FIXME: CCM are not yet ready for us - disable. */
if (suite->ciphermode != GCRY_CIPHER_MODE_CCM
&& suite->key_exchange != KEY_EXCHANGE_ECDH_RSA
- && suite->key_exchange != KEY_EXCHANGE_ECDHE_ECDSA
&& suite->key_exchange != KEY_EXCHANGE_ECDH_ECDSA)
supported_ciphersuites[j++] = ciphersuite_preference[i];
}
}
supported_ciphersuites[j] = 0;
supported_init = 1;
}
return supported_ciphersuites;
}
ciphersuite_t
_ntbtls_ciphersuite_from_id (int suite_id)
{
ciphersuite_t suite;
for (suite = ciphersuite_definitions; suite->tlsid; suite++)
if (suite->tlsid == suite_id)
return suite;
return NULL;
}
const char *
_ntbtls_ciphersuite_get_name (int suite_id)
{
ciphersuite_t suite;
suite = _ntbtls_ciphersuite_from_id (suite_id);
return suite? suite->name : "unknown";
}
cipher_algo_t
_ntbtls_ciphersuite_get_cipher (ciphersuite_t suite, cipher_mode_t *r_mode)
{
if (!suite)
return 0;
*r_mode = suite->ciphermode;
return suite->cipher;
}
mac_algo_t
_ntbtls_ciphersuite_get_mac (ciphersuite_t suite)
{
return suite? suite->mac : 0;
}
key_exchange_type_t
_ntbtls_ciphersuite_get_kex (ciphersuite_t suite)
{
return suite? suite->key_exchange : 0;
}
unsigned int
_ntbtls_ciphersuite_get_flags (ciphersuite_t suite)
{
return suite? suite->flags : 0;
}
pk_algo_t
_ntbtls_ciphersuite_get_sig_pk_alg (ciphersuite_t suite)
{
if (!suite)
return 0;
switch (suite->key_exchange)
{
case KEY_EXCHANGE_RSA:
case KEY_EXCHANGE_DHE_RSA:
case KEY_EXCHANGE_ECDHE_RSA:
case KEY_EXCHANGE_RSA_PSK:
return GCRY_PK_RSA;
case KEY_EXCHANGE_ECDHE_ECDSA:
return GCRY_PK_ECC; /* Actually ECDSA */
case KEY_EXCHANGE_ECDH_RSA:
case KEY_EXCHANGE_ECDH_ECDSA:
return GCRY_PK_ECC;
default:
return 0;
}
}
int
_ntbtls_ciphersuite_version_ok (ciphersuite_t suite,
int min_minor_ver, int max_minor_ver)
{
if (!suite)
return 0;
return (suite->min_minor_ver <= max_minor_ver
&& suite->max_minor_ver >= min_minor_ver);
}
int
_ntbtls_ciphersuite_uses_ec (ciphersuite_t suite)
{
if (!suite)
return 0;
switch (suite->key_exchange)
{
case KEY_EXCHANGE_ECDHE_RSA:
case KEY_EXCHANGE_ECDHE_ECDSA:
case KEY_EXCHANGE_ECDHE_PSK:
case KEY_EXCHANGE_ECDH_RSA:
case KEY_EXCHANGE_ECDH_ECDSA:
return 1;
default:
return 0;
}
}
int
_ntbtls_ciphersuite_uses_psk (ciphersuite_t suite)
{
if (!suite)
return 0;
switch (suite->key_exchange)
{
case KEY_EXCHANGE_PSK:
case KEY_EXCHANGE_RSA_PSK:
case KEY_EXCHANGE_DHE_PSK:
case KEY_EXCHANGE_ECDHE_PSK:
return 1;
default:
return 0;
}
}
diff --git a/src/pkglue.c b/src/pkglue.c
index 45f388b..af8cf92 100644
--- a/src/pkglue.c
+++ b/src/pkglue.c
@@ -1,210 +1,286 @@
/* pkglue.c - Public key fucntions
* Copyright (C) 2014 g10 Code GmbH
*
* This file is part of NTBTLS
*
* NTBTLS is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* NTBTLS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include
#include
#include "ntbtls-int.h"
static const char *
md_alg_string (md_algo_t md_alg)
{
switch (md_alg)
{
case GCRY_MD_SHA1: return "sha1";
case GCRY_MD_SHA224: return "sha224";
case GCRY_MD_SHA256: return "sha256";
case GCRY_MD_SHA384: return "sha384";
case GCRY_MD_SHA512: return "sha512";
case GCRY_MD_RMD160: return "rmd160";
default: return NULL;
}
}
/* Return the public key algorithm id from the S-expression PKEY.
FIXME: libgcrypt should provide such a function. Note that this
implementation uses the names as used by libksba. */
static pk_algo_t
pk_algo_from_sexp (gcry_sexp_t pkey)
{
gcry_sexp_t l1, l2;
const char *name;
size_t n;
pk_algo_t algo;
l1 = gcry_sexp_find_token (pkey, "public-key", 0);
if (!l1)
return 0; /* Not found. */
l2 = gcry_sexp_cadr (l1);
gcry_sexp_release (l1);
name = gcry_sexp_nth_data (l2, 0, &n);
if (!name)
algo = 0; /* Not found. */
else if (n==3 && !memcmp (name, "rsa", 3))
algo = GCRY_PK_RSA;
else if (n==3 && !memcmp (name, "dsa", 3))
algo = GCRY_PK_DSA;
else if (n==3 && !memcmp (name, "ecc", 3))
algo = GCRY_PK_ECC;
else if (n==13 && !memcmp (name, "ambiguous-rsa", 13))
algo = GCRY_PK_RSA;
else
algo = 0;
gcry_sexp_release (l2);
return algo;
}
gpg_error_t
_ntbtls_pk_verify (x509_cert_t chain, pk_algo_t pk_alg, md_algo_t md_alg,
const unsigned char *hash, size_t hashlen,
const unsigned char *sig, size_t siglen)
{
gpg_error_t err;
gcry_sexp_t s_pk = NULL;
gcry_sexp_t s_hash = NULL;
gcry_sexp_t s_sig = NULL;
const char *md_alg_str;
if (!chain ||!md_alg || !hashlen || !sig || !siglen)
return gpg_error (GPG_ERR_INV_ARG);
md_alg_str = md_alg_string (md_alg);
if (!md_alg_str)
return gpg_error (GPG_ERR_DIGEST_ALGO);
/* Get the public key from the first certificate. */
err = _ntbtls_x509_get_pk (chain, 0, &s_pk);
if (err)
goto leave;
/* Check the Public key algorithm. */
{
pk_algo_t alg;
alg = pk_algo_from_sexp (s_pk);
if (!alg)
err = gpg_error (GPG_ERR_PUBKEY_ALGO);
else if (alg != pk_alg)
err = gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO); /* Does not match. */
if (err)
goto leave;
}
- /* Put the hash into an s-expression. */
- err = gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash %s %b))",
- md_alg_str, (int)hashlen, hash);
- if (err)
- goto leave;
-
- /* Put the signature into an s-expression. */
+ /* Put the hash and the signature into s-expressions. */
switch (pk_alg)
{
case GCRY_PK_RSA:
- err = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%b)))",
- (int)siglen, sig);
+ err = gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash %s %b))",
+ md_alg_str, (int)hashlen, hash);
+ if (!err)
+ err = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%b)))",
+ (int)siglen, sig);
break;
- /* case GCRY_PK_DSA: */
- /* err = gcry_sexp_build (&s_sig, NULL, "(sig-val(dsa(r%m)(s%m)))", */
- /* data[0], data[1]); */
- /* break; */
+ case GCRY_PK_ECC:
+ {
+ unsigned int qbits0, qbits;
+ const unsigned char *r, *s;
+ int rlen, slen;
+
+ qbits0 = gcry_pk_get_nbits (s_pk);
+ qbits = qbits0 == 521? 512 : qbits0;
+
+ if ((qbits%8))
+ {
+ debug_msg (1, "qbits are not a multiple of 8 bits");
+ err = gpg_error (GPG_ERR_INTERNAL);
+ goto leave;
+ }
+
+ if (qbits < 224)
+ {
+ debug_msg (1, "key uses an unsafe (%u bit) hash\n", qbits0);
+ err = gpg_error (GPG_ERR_UNUSABLE_PUBKEY);
+ goto leave;
+ }
- /* case PUBKEY_PK_ECC: */
- /* err = gcry_sexp_build (&s_sig, NULL, "(sig-val(ecdsa(r%m)(s%m)))", */
- /* data[0], data[1]); */
- /* break; */
+ if (hashlen < qbits/8)
+ {
+ debug_msg (1, "a %u bit hash is not valid for a %u bit ECC key",
+ (unsigned int)hashlen*8, qbits);
+ err = gpg_error (GPG_ERR_DIGEST_ALGO);
+ goto leave;
+ }
+
+ if (hashlen > qbits/8)
+ hashlen = qbits/8; /* Truncate. */
+
+ err = gcry_sexp_build (&s_hash, NULL, "(data (flags raw)(value %b))",
+ (int)hashlen, hash);
+ if (err)
+ goto leave;
+ /* 3045 -- SEQUENCE with length 0x45
+ * 0220 -- INTEGER with length 0x20
+ * 3045bcceccda9464c1d340a225e55e3d045e17ce004c0508a2cd61dd
+ * 23a63ba6
+ * 0221 -- INTEGER with length 0x21 (due to 0x00 prefix)
+ * 00e39b404793be76e87089ff3b5c306246a9f8cb52d94c77c624c3bf
+ * 118e2418e8
+ */
+ if (siglen < 6 || sig[0] != 0x30 || sig[1] != siglen - 2
+ || sig[2] != 0x02)
+ {
+ err = gpg_error (GPG_ERR_INV_BER);
+ goto leave;
+ }
+ siglen -= 2;
+ sig += 2;
+ rlen = sig[1];
+ if ((rlen != 32 && rlen != 33
+ && rlen != 48 && rlen != 49
+ && rlen != 64 && rlen != 65)
+ || (rlen + 2 > siglen))
+ {
+ /* The signature length is not 256, 384 or 512 bit. The
+ * odd values are to handle an extra zero prefix. Or
+ * the length is larger than the entire frame. */
+ err = gpg_error (GPG_ERR_INV_LENGTH);
+ goto leave;
+ }
+ r = sig + 2;
+ sig = r + rlen;
+ siglen -= rlen + 2;
+ if (siglen < 3 || sig[0] != 0x02)
+ {
+ err = gpg_error (GPG_ERR_INV_BER);
+ goto leave;
+ }
+ siglen -= 2;
+ slen = sig[1];
+ if ((slen > siglen) || ((rlen & ~1) != (slen & ~1)))
+ {
+ /* The length of S does not match the length of R. Or
+ * the length is larger than the entire frame. */
+ err = gpg_error (GPG_ERR_INV_LENGTH);
+ goto leave;
+ }
+ s = sig + 2;
+ err = gcry_sexp_build (&s_sig, NULL, "(sig-val(ecdsa(r%b)(s%b)))",
+ rlen, r, slen, s);
+ }
+ break;
default:
err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
break;
}
if (err)
goto leave;
debug_sxp (4, "sig ", s_sig);
debug_sxp (4, "hash", s_hash);
debug_sxp (4, "pk ", s_pk);
-
err = gcry_pk_verify (s_sig, s_hash, s_pk);
-
+ debug_msg (4, "res=%d", err);
leave:
gcry_sexp_release (s_pk);
gcry_sexp_release (s_hash);
gcry_sexp_release (s_sig);
return err;
}
+
gpg_error_t
_ntbtls_pk_encrypt (x509_cert_t chain,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize)
{
gpg_error_t err;
gcry_sexp_t s_pk = NULL;
gcry_sexp_t s_data = NULL;
gcry_sexp_t s_ciph = NULL;
size_t len;
const char *data;
/* Get the public key from the first certificate. */
err = _ntbtls_x509_get_pk (chain, 0, &s_pk);
if (err)
return err;
err = gcry_sexp_build (&s_data, NULL, "(data (flags pkcs1) (value %b))",
(int)ilen, input);
if (err)
{
gcry_sexp_release (s_pk);
return err;
}
err = gcry_pk_encrypt (&s_ciph, s_data, s_pk);
gcry_sexp_release (s_data);
s_data = NULL;
gcry_sexp_release (s_pk);
s_pk = NULL;
if (err)
return err;
s_data = gcry_sexp_find_token (s_ciph, "a", 0);
data = gcry_sexp_nth_data (s_data, 1, &len);
if (data == NULL)
err = gpg_error (GPG_ERR_BAD_MPI);
else if (osize < len)
err = gpg_error (GPG_ERR_TOO_SHORT);
else
{
*olen = len;
memcpy (output, data, len);
}
gcry_sexp_release (s_data);
gcry_sexp_release (s_ciph);
return err;
}