966 * They are listed in preference order, most preferred first, using |
966 * They are listed in preference order, most preferred first, using |
967 * the following criteria: |
967 * the following criteria: |
968 * 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be |
968 * 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be |
969 * changed later, see below). |
969 * changed later, see below). |
970 * 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM), |
970 * 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM), |
971 * AES_128(GCM), AES_256, AES_128, RC-4, 3DES-EDE. |
971 * AES_128(GCM), AES_256, AES_128, 3DES-EDE, RC-4. |
972 * 3. Prefer the stronger MAC algorithm, in the order of SHA384, |
972 * 3. Prefer the stronger MAC algorithm, in the order of SHA384, |
973 * SHA256, SHA, MD5. |
973 * SHA256, SHA, MD5. |
974 * 4. Prefer the better performance of key exchange and digital |
974 * 4. Prefer the better performance of key exchange and digital |
975 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
975 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
976 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS. |
976 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS. |
1085 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", |
1085 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", |
1086 0x0033, --p, K_DHE_RSA, B_AES_128, T); |
1086 0x0033, --p, K_DHE_RSA, B_AES_128, T); |
1087 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", |
1087 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", |
1088 0x0032, --p, K_DHE_DSS, B_AES_128, T); |
1088 0x0032, --p, K_DHE_DSS, B_AES_128, T); |
1089 |
1089 |
1090 // RC-4 |
|
1091 add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", |
|
1092 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N); |
|
1093 add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", |
|
1094 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N); |
|
1095 add("SSL_RSA_WITH_RC4_128_SHA", |
|
1096 0x0005, --p, K_RSA, B_RC4_128, N); |
|
1097 add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", |
|
1098 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N); |
|
1099 add("TLS_ECDH_RSA_WITH_RC4_128_SHA", |
|
1100 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N); |
|
1101 |
|
1102 // 3DES_EDE |
1090 // 3DES_EDE |
1103 add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", |
1091 add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", |
1104 0xC008, --p, K_ECDHE_ECDSA, B_3DES, T); |
1092 0xC008, --p, K_ECDHE_ECDSA, B_3DES, T); |
1105 add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", |
1093 add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", |
1106 0xC012, --p, K_ECDHE_RSA, B_3DES, T); |
1094 0xC012, --p, K_ECDHE_RSA, B_3DES, T); |
1113 add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", |
1101 add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", |
1114 0x0016, --p, K_DHE_RSA, B_3DES, T); |
1102 0x0016, --p, K_DHE_RSA, B_3DES, T); |
1115 add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", |
1103 add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", |
1116 0x0013, --p, K_DHE_DSS, B_3DES, N); |
1104 0x0013, --p, K_DHE_DSS, B_3DES, N); |
1117 |
1105 |
|
1106 // RC-4 |
|
1107 add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", |
|
1108 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N); |
|
1109 add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", |
|
1110 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N); |
|
1111 add("SSL_RSA_WITH_RC4_128_SHA", |
|
1112 0x0005, --p, K_RSA, B_RC4_128, N); |
|
1113 add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", |
|
1114 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N); |
|
1115 add("TLS_ECDH_RSA_WITH_RC4_128_SHA", |
|
1116 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N); |
1118 add("SSL_RSA_WITH_RC4_128_MD5", |
1117 add("SSL_RSA_WITH_RC4_128_MD5", |
1119 0x0004, --p, K_RSA, B_RC4_128, N); |
1118 0x0004, --p, K_RSA, B_RC4_128, N); |
1120 |
1119 |
1121 // Renegotiation protection request Signalling Cipher Suite Value (SCSV) |
1120 // Renegotiation protection request Signalling Cipher Suite Value (SCSV) |
1122 add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", |
1121 add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", |
1132 * so we put KRB5 based cipher suites at the end of the supported |
1131 * so we put KRB5 based cipher suites at the end of the supported |
1133 * list. |
1132 * list. |
1134 * 2. If a cipher suite has been obsoleted, we put it at the end of |
1133 * 2. If a cipher suite has been obsoleted, we put it at the end of |
1135 * the list. |
1134 * the list. |
1136 * 3. Prefer the stronger bulk cipher, in the order of AES_256, |
1135 * 3. Prefer the stronger bulk cipher, in the order of AES_256, |
1137 * AES_128, RC-4, 3DES-EDE, DES, RC4_40, DES40, NULL. |
1136 * AES_128, 3DES-EDE, RC-4, DES, DES40, RC4_40, NULL. |
1138 * 4. Prefer the stronger MAC algorithm, in the order of SHA384, |
1137 * 4. Prefer the stronger MAC algorithm, in the order of SHA384, |
1139 * SHA256, SHA, MD5. |
1138 * SHA256, SHA, MD5. |
1140 * 5. Prefer the better performance of key exchange and digital |
1139 * 5. Prefer the better performance of key exchange and digital |
1141 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
1140 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
1142 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS, anonymous. |
1141 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS, anonymous. |
1160 add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", |
1159 add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", |
1161 0xC018, --p, K_ECDH_ANON, B_AES_128, N); |
1160 0xC018, --p, K_ECDH_ANON, B_AES_128, N); |
1162 add("TLS_DH_anon_WITH_AES_128_CBC_SHA", |
1161 add("TLS_DH_anon_WITH_AES_128_CBC_SHA", |
1163 0x0034, --p, K_DH_ANON, B_AES_128, N); |
1162 0x0034, --p, K_DH_ANON, B_AES_128, N); |
1164 |
1163 |
|
1164 add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", |
|
1165 0xC017, --p, K_ECDH_ANON, B_3DES, N); |
|
1166 add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", |
|
1167 0x001b, --p, K_DH_ANON, B_3DES, N); |
|
1168 |
1165 add("TLS_ECDH_anon_WITH_RC4_128_SHA", |
1169 add("TLS_ECDH_anon_WITH_RC4_128_SHA", |
1166 0xC016, --p, K_ECDH_ANON, B_RC4_128, N); |
1170 0xC016, --p, K_ECDH_ANON, B_RC4_128, N); |
1167 add("SSL_DH_anon_WITH_RC4_128_MD5", |
1171 add("SSL_DH_anon_WITH_RC4_128_MD5", |
1168 0x0018, --p, K_DH_ANON, B_RC4_128, N); |
1172 0x0018, --p, K_DH_ANON, B_RC4_128, N); |
1169 |
1173 |
1170 add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", |
1174 // weak cipher suites obsoleted in TLS 1.2 |
1171 0xC017, --p, K_ECDH_ANON, B_3DES, N); |
1175 add("SSL_RSA_WITH_DES_CBC_SHA", |
1172 add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", |
1176 0x0009, --p, K_RSA, B_DES, N, tls12); |
1173 0x001b, --p, K_DH_ANON, B_3DES, N); |
1177 add("SSL_DHE_RSA_WITH_DES_CBC_SHA", |
|
1178 0x0015, --p, K_DHE_RSA, B_DES, N, tls12); |
|
1179 add("SSL_DHE_DSS_WITH_DES_CBC_SHA", |
|
1180 0x0012, --p, K_DHE_DSS, B_DES, N, tls12); |
|
1181 add("SSL_DH_anon_WITH_DES_CBC_SHA", |
|
1182 0x001a, --p, K_DH_ANON, B_DES, N, tls12); |
|
1183 |
|
1184 // weak cipher suites obsoleted in TLS 1.1 |
|
1185 add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", |
|
1186 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11); |
|
1187 add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", |
|
1188 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11); |
|
1189 add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", |
|
1190 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11); |
|
1191 add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", |
|
1192 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11); |
|
1193 |
|
1194 add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", |
|
1195 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11); |
|
1196 add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", |
|
1197 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11); |
1174 |
1198 |
1175 add("TLS_RSA_WITH_NULL_SHA256", |
1199 add("TLS_RSA_WITH_NULL_SHA256", |
1176 0x003b, --p, K_RSA, B_NULL, N, max, tls12, P_SHA256); |
1200 0x003b, --p, K_RSA, B_NULL, N, max, tls12, P_SHA256); |
1177 add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", |
1201 add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", |
1178 0xC006, --p, K_ECDHE_ECDSA, B_NULL, N); |
1202 0xC006, --p, K_ECDHE_ECDSA, B_NULL, N); |
1187 add("TLS_ECDH_anon_WITH_NULL_SHA", |
1211 add("TLS_ECDH_anon_WITH_NULL_SHA", |
1188 0xC015, --p, K_ECDH_ANON, B_NULL, N); |
1212 0xC015, --p, K_ECDH_ANON, B_NULL, N); |
1189 add("SSL_RSA_WITH_NULL_MD5", |
1213 add("SSL_RSA_WITH_NULL_MD5", |
1190 0x0001, --p, K_RSA, B_NULL, N); |
1214 0x0001, --p, K_RSA, B_NULL, N); |
1191 |
1215 |
1192 // weak cipher suites obsoleted in TLS 1.2 |
|
1193 add("SSL_RSA_WITH_DES_CBC_SHA", |
|
1194 0x0009, --p, K_RSA, B_DES, N, tls12); |
|
1195 add("SSL_DHE_RSA_WITH_DES_CBC_SHA", |
|
1196 0x0015, --p, K_DHE_RSA, B_DES, N, tls12); |
|
1197 add("SSL_DHE_DSS_WITH_DES_CBC_SHA", |
|
1198 0x0012, --p, K_DHE_DSS, B_DES, N, tls12); |
|
1199 add("SSL_DH_anon_WITH_DES_CBC_SHA", |
|
1200 0x001a, --p, K_DH_ANON, B_DES, N, tls12); |
|
1201 |
|
1202 // weak cipher suites obsoleted in TLS 1.1 |
|
1203 add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", |
|
1204 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11); |
|
1205 add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", |
|
1206 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11); |
|
1207 |
|
1208 add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", |
|
1209 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11); |
|
1210 add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", |
|
1211 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11); |
|
1212 add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", |
|
1213 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11); |
|
1214 add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", |
|
1215 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11); |
|
1216 |
|
1217 // Supported Kerberos ciphersuites from RFC2712 |
1216 // Supported Kerberos ciphersuites from RFC2712 |
|
1217 add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", |
|
1218 0x001f, --p, K_KRB5, B_3DES, N); |
|
1219 add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", |
|
1220 0x0023, --p, K_KRB5, B_3DES, N); |
1218 add("TLS_KRB5_WITH_RC4_128_SHA", |
1221 add("TLS_KRB5_WITH_RC4_128_SHA", |
1219 0x0020, --p, K_KRB5, B_RC4_128, N); |
1222 0x0020, --p, K_KRB5, B_RC4_128, N); |
1220 add("TLS_KRB5_WITH_RC4_128_MD5", |
1223 add("TLS_KRB5_WITH_RC4_128_MD5", |
1221 0x0024, --p, K_KRB5, B_RC4_128, N); |
1224 0x0024, --p, K_KRB5, B_RC4_128, N); |
1222 add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", |
|
1223 0x001f, --p, K_KRB5, B_3DES, N); |
|
1224 add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", |
|
1225 0x0023, --p, K_KRB5, B_3DES, N); |
|
1226 add("TLS_KRB5_WITH_DES_CBC_SHA", |
1225 add("TLS_KRB5_WITH_DES_CBC_SHA", |
1227 0x001e, --p, K_KRB5, B_DES, N, tls12); |
1226 0x001e, --p, K_KRB5, B_DES, N, tls12); |
1228 add("TLS_KRB5_WITH_DES_CBC_MD5", |
1227 add("TLS_KRB5_WITH_DES_CBC_MD5", |
1229 0x0022, --p, K_KRB5, B_DES, N, tls12); |
1228 0x0022, --p, K_KRB5, B_DES, N, tls12); |
|
1229 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", |
|
1230 0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); |
|
1231 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", |
|
1232 0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); |
1230 add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", |
1233 add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", |
1231 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); |
1234 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); |
1232 add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", |
1235 add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", |
1233 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); |
1236 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); |
1234 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", |
|
1235 0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); |
|
1236 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", |
|
1237 0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); |
|
1238 |
1237 |
1239 /* |
1238 /* |
1240 * Other values from the TLS Cipher Suite Registry, as of August 2010. |
1239 * Other values from the TLS Cipher Suite Registry, as of August 2010. |
1241 * |
1240 * |
1242 * http://www.iana.org/assignments/tls-parameters/tls-parameters.xml |
1241 * http://www.iana.org/assignments/tls-parameters/tls-parameters.xml |