2
0

unit3205.c 31 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Jan Venekamp, <jan@venekamp.net>
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. #include "curlcheck.h"
  25. #include "vtls/cipher_suite.h"
  26. static CURLcode unit_setup(void)
  27. {
  28. return CURLE_OK;
  29. }
  30. static void unit_stop(void)
  31. {
  32. }
  33. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  34. struct test_cs_entry {
  35. uint16_t id;
  36. const char *rfc;
  37. const char *openssl;
  38. };
  39. static const struct test_cs_entry test_cs_list[] = {
  40. { 0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA",
  41. "AES128-SHA" },
  42. { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA",
  43. "AES256-SHA" },
  44. { 0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256",
  45. "AES128-SHA256" },
  46. { 0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256",
  47. "AES256-SHA256" },
  48. { 0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256",
  49. "AES128-GCM-SHA256" },
  50. { 0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384",
  51. "AES256-GCM-SHA384" },
  52. { 0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
  53. "ECDH-ECDSA-AES128-SHA" },
  54. { 0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
  55. "ECDH-ECDSA-AES256-SHA" },
  56. { 0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
  57. "ECDHE-ECDSA-AES128-SHA" },
  58. { 0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
  59. "ECDHE-ECDSA-AES256-SHA" },
  60. { 0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
  61. "ECDH-RSA-AES128-SHA" },
  62. { 0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
  63. "ECDH-RSA-AES256-SHA" },
  64. { 0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
  65. "ECDHE-RSA-AES128-SHA" },
  66. { 0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
  67. "ECDHE-RSA-AES256-SHA" },
  68. { 0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
  69. "ECDHE-ECDSA-AES128-SHA256" },
  70. { 0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
  71. "ECDHE-ECDSA-AES256-SHA384" },
  72. { 0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
  73. "ECDH-ECDSA-AES128-SHA256" },
  74. { 0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
  75. "ECDH-ECDSA-AES256-SHA384" },
  76. { 0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
  77. "ECDHE-RSA-AES128-SHA256" },
  78. { 0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
  79. "ECDHE-RSA-AES256-SHA384" },
  80. { 0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
  81. "ECDH-RSA-AES128-SHA256" },
  82. { 0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
  83. "ECDH-RSA-AES256-SHA384" },
  84. { 0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
  85. "ECDHE-ECDSA-AES128-GCM-SHA256" },
  86. { 0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
  87. "ECDHE-ECDSA-AES256-GCM-SHA384" },
  88. { 0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
  89. "ECDH-ECDSA-AES128-GCM-SHA256" },
  90. { 0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
  91. "ECDH-ECDSA-AES256-GCM-SHA384" },
  92. { 0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
  93. "ECDHE-RSA-AES128-GCM-SHA256" },
  94. { 0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
  95. "ECDHE-RSA-AES256-GCM-SHA384" },
  96. { 0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
  97. "ECDH-RSA-AES128-GCM-SHA256" },
  98. { 0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
  99. "ECDH-RSA-AES256-GCM-SHA384" },
  100. { 0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
  101. "ECDHE-RSA-CHACHA20-POLY1305" },
  102. { 0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
  103. "ECDHE-ECDSA-CHACHA20-POLY1305" },
  104. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  105. { 0x0001, "TLS_RSA_WITH_NULL_MD5",
  106. "NULL-MD5" },
  107. { 0x0002, "TLS_RSA_WITH_NULL_SHA",
  108. "NULL-SHA" },
  109. { 0x002C, "TLS_PSK_WITH_NULL_SHA",
  110. "PSK-NULL-SHA" },
  111. { 0x002D, "TLS_DHE_PSK_WITH_NULL_SHA",
  112. "DHE-PSK-NULL-SHA" },
  113. { 0x002E, "TLS_RSA_PSK_WITH_NULL_SHA",
  114. "RSA-PSK-NULL-SHA" },
  115. { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
  116. "DHE-RSA-AES128-SHA" },
  117. { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
  118. "DHE-RSA-AES256-SHA" },
  119. { 0x003B, "TLS_RSA_WITH_NULL_SHA256",
  120. "NULL-SHA256" },
  121. { 0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
  122. "DHE-RSA-AES128-SHA256" },
  123. { 0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
  124. "DHE-RSA-AES256-SHA256" },
  125. { 0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA",
  126. "PSK-AES128-CBC-SHA" },
  127. { 0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA",
  128. "PSK-AES256-CBC-SHA" },
  129. { 0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
  130. "DHE-PSK-AES128-CBC-SHA" },
  131. { 0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
  132. "DHE-PSK-AES256-CBC-SHA" },
  133. { 0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
  134. "RSA-PSK-AES128-CBC-SHA" },
  135. { 0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
  136. "RSA-PSK-AES256-CBC-SHA" },
  137. { 0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
  138. "DHE-RSA-AES128-GCM-SHA256" },
  139. { 0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
  140. "DHE-RSA-AES256-GCM-SHA384" },
  141. { 0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256",
  142. "PSK-AES128-GCM-SHA256" },
  143. { 0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384",
  144. "PSK-AES256-GCM-SHA384" },
  145. { 0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
  146. "DHE-PSK-AES128-GCM-SHA256" },
  147. { 0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
  148. "DHE-PSK-AES256-GCM-SHA384" },
  149. { 0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
  150. "RSA-PSK-AES128-GCM-SHA256" },
  151. { 0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
  152. "RSA-PSK-AES256-GCM-SHA384" },
  153. { 0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256",
  154. "PSK-AES128-CBC-SHA256" },
  155. { 0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384",
  156. "PSK-AES256-CBC-SHA384" },
  157. { 0x00B0, "TLS_PSK_WITH_NULL_SHA256",
  158. "PSK-NULL-SHA256" },
  159. { 0x00B1, "TLS_PSK_WITH_NULL_SHA384",
  160. "PSK-NULL-SHA384" },
  161. { 0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
  162. "DHE-PSK-AES128-CBC-SHA256" },
  163. { 0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
  164. "DHE-PSK-AES256-CBC-SHA384" },
  165. { 0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256",
  166. "DHE-PSK-NULL-SHA256" },
  167. { 0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384",
  168. "DHE-PSK-NULL-SHA384" },
  169. { 0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
  170. "RSA-PSK-AES128-CBC-SHA256" },
  171. { 0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
  172. "RSA-PSK-AES256-CBC-SHA384" },
  173. { 0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256",
  174. "RSA-PSK-NULL-SHA256" },
  175. { 0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384",
  176. "RSA-PSK-NULL-SHA384" },
  177. { 0x1301, "TLS_AES_128_GCM_SHA256",
  178. NULL },
  179. { 0x1302, "TLS_AES_256_GCM_SHA384",
  180. NULL },
  181. { 0x1303, "TLS_CHACHA20_POLY1305_SHA256",
  182. NULL },
  183. { 0x1304, "TLS_AES_128_CCM_SHA256",
  184. NULL },
  185. { 0x1305, "TLS_AES_128_CCM_8_SHA256",
  186. NULL },
  187. { 0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA",
  188. "ECDH-ECDSA-NULL-SHA" },
  189. { 0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
  190. "ECDHE-ECDSA-NULL-SHA" },
  191. { 0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA",
  192. "ECDH-RSA-NULL-SHA" },
  193. { 0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA",
  194. "ECDHE-RSA-NULL-SHA" },
  195. { 0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
  196. "ECDHE-PSK-AES128-CBC-SHA" },
  197. { 0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
  198. "ECDHE-PSK-AES256-CBC-SHA" },
  199. { 0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
  200. "PSK-CHACHA20-POLY1305" },
  201. #endif
  202. #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
  203. { 0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
  204. "DES-CBC3-SHA" },
  205. { 0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
  206. "ECDH-ECDSA-DES-CBC3-SHA" },
  207. { 0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
  208. "ECDHE-ECDSA-DES-CBC3-SHA" },
  209. { 0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
  210. "ECDH-RSA-DES-CBC3-SHA" },
  211. { 0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
  212. "ECDHE-RSA-DES-CBC3-SHA" },
  213. #endif
  214. #if defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  215. { 0xC09C, "TLS_RSA_WITH_AES_128_CCM",
  216. "AES128-CCM" },
  217. { 0xC09D, "TLS_RSA_WITH_AES_256_CCM",
  218. "AES256-CCM" },
  219. { 0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8",
  220. "AES128-CCM8" },
  221. { 0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8",
  222. "AES256-CCM8" },
  223. { 0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
  224. "ECDHE-ECDSA-AES128-CCM" },
  225. { 0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
  226. "ECDHE-ECDSA-AES256-CCM" },
  227. { 0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
  228. "ECDHE-ECDSA-AES128-CCM8" },
  229. { 0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
  230. "ECDHE-ECDSA-AES256-CCM8" },
  231. #endif
  232. #if defined(USE_SECTRANSP)
  233. { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
  234. "EXP-RC4-MD5" },
  235. { 0x0004, "TLS_RSA_WITH_RC4_128_MD5",
  236. "RC4-MD5" },
  237. { 0x0005, "TLS_RSA_WITH_RC4_128_SHA",
  238. "RC4-SHA" },
  239. { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
  240. "EXP-RC2-CBC-MD5" },
  241. { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA",
  242. "IDEA-CBC-SHA" },
  243. { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
  244. "EXP-DES-CBC-SHA" },
  245. { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA",
  246. "DES-CBC-SHA" },
  247. { 0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
  248. "EXP-DH-DSS-DES-CBC-SHA" },
  249. { 0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA",
  250. "DH-DSS-DES-CBC-SHA" },
  251. { 0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
  252. "DH-DSS-DES-CBC3-SHA" },
  253. { 0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
  254. "EXP-DH-RSA-DES-CBC-SHA" },
  255. { 0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA",
  256. "DH-RSA-DES-CBC-SHA" },
  257. { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
  258. "DH-RSA-DES-CBC3-SHA" },
  259. { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
  260. "EXP-DHE-DSS-DES-CBC-SHA" },
  261. { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
  262. "DHE-DSS-DES-CBC-SHA" },
  263. { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
  264. "DHE-DSS-DES-CBC3-SHA" },
  265. { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
  266. "EXP-DHE-RSA-DES-CBC-SHA" },
  267. { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
  268. "DHE-RSA-DES-CBC-SHA" },
  269. { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
  270. "DHE-RSA-DES-CBC3-SHA" },
  271. { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
  272. "EXP-ADH-RC4-MD5" },
  273. { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5",
  274. "ADH-RC4-MD5" },
  275. { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
  276. "EXP-ADH-DES-CBC-SHA" },
  277. { 0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA",
  278. "ADH-DES-CBC-SHA" },
  279. { 0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
  280. "ADH-DES-CBC3-SHA" },
  281. { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
  282. "DH-DSS-AES128-SHA" },
  283. { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
  284. "DH-RSA-AES128-SHA" },
  285. { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
  286. "DHE-DSS-AES128-SHA" },
  287. { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA",
  288. "ADH-AES128-SHA" },
  289. { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
  290. "DH-DSS-AES256-SHA" },
  291. { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
  292. "DH-RSA-AES256-SHA" },
  293. { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
  294. "DHE-DSS-AES256-SHA" },
  295. { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA",
  296. "ADH-AES256-SHA" },
  297. { 0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
  298. "DH-DSS-AES128-SHA256" },
  299. { 0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
  300. "DH-RSA-AES128-SHA256" },
  301. { 0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
  302. "DHE-DSS-AES128-SHA256" },
  303. { 0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
  304. "DH-DSS-AES256-SHA256" },
  305. { 0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
  306. "DH-RSA-AES256-SHA256" },
  307. { 0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
  308. "DHE-DSS-AES256-SHA256" },
  309. { 0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
  310. "ADH-AES128-SHA256" },
  311. { 0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
  312. "ADH-AES256-SHA256" },
  313. { 0x008A, "TLS_PSK_WITH_RC4_128_SHA",
  314. "PSK-RC4-SHA" },
  315. { 0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
  316. "PSK-3DES-EDE-CBC-SHA" },
  317. { 0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA",
  318. "DHE-PSK-RC4-SHA" },
  319. { 0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
  320. "DHE-PSK-3DES-EDE-CBC-SHA" },
  321. { 0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA",
  322. "RSA-PSK-RC4-SHA" },
  323. { 0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
  324. "RSA-PSK-3DES-EDE-CBC-SHA" },
  325. { 0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
  326. "DH-RSA-AES128-GCM-SHA256" },
  327. { 0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
  328. "DH-RSA-AES256-GCM-SHA384" },
  329. { 0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
  330. "DHE-DSS-AES128-GCM-SHA256" },
  331. { 0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
  332. "DHE-DSS-AES256-GCM-SHA384" },
  333. { 0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
  334. "DH-DSS-AES128-GCM-SHA256" },
  335. { 0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
  336. "DH-DSS-AES256-GCM-SHA384" },
  337. { 0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
  338. "ADH-AES128-GCM-SHA256" },
  339. { 0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
  340. "ADH-AES256-GCM-SHA384" },
  341. { 0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
  342. "ECDH-ECDSA-RC4-SHA" },
  343. { 0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
  344. "ECDHE-ECDSA-RC4-SHA" },
  345. { 0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA",
  346. "ECDH-RSA-RC4-SHA" },
  347. { 0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
  348. "ECDHE-RSA-RC4-SHA" },
  349. { 0xC015, "TLS_ECDH_anon_WITH_NULL_SHA",
  350. "AECDH-NULL-SHA" },
  351. { 0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA",
  352. "AECDH-RC4-SHA" },
  353. { 0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
  354. "AECDH-DES-CBC3-SHA" },
  355. { 0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
  356. "AECDH-AES128-SHA" },
  357. { 0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
  358. "AECDH-AES256-SHA" },
  359. /* Backward compatible aliases (EDH vs DHE) */
  360. { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
  361. "EXP-EDH-DSS-DES-CBC-SHA" },
  362. { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
  363. "EDH-DSS-DES-CBC-SHA" },
  364. { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
  365. "EDH-DSS-DES-CBC3-SHA" },
  366. { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
  367. "EXP-EDH-RSA-DES-CBC-SHA" },
  368. { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
  369. "EDH-RSA-DES-CBC-SHA" },
  370. { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
  371. "EDH-RSA-DES-CBC3-SHA" },
  372. #endif
  373. #if defined(USE_MBEDTLS)
  374. /* entries marked ns are non-"standard", they are not in OpenSSL */
  375. { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
  376. "CAMELLIA128-SHA" },
  377. { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
  378. "DHE-RSA-CAMELLIA128-SHA" },
  379. { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
  380. "CAMELLIA256-SHA" },
  381. { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
  382. "DHE-RSA-CAMELLIA256-SHA" },
  383. { 0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  384. "CAMELLIA128-SHA256" },
  385. { 0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  386. "DHE-RSA-CAMELLIA128-SHA256" },
  387. { 0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
  388. "CAMELLIA256-SHA256" },
  389. { 0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
  390. "DHE-RSA-CAMELLIA256-SHA256" },
  391. { 0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
  392. "ECDHE-PSK-AES128-CBC-SHA256" },
  393. { 0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
  394. "ECDHE-PSK-AES256-CBC-SHA384" },
  395. { 0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA",
  396. "ECDHE-PSK-NULL-SHA" },
  397. { 0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256",
  398. "ECDHE-PSK-NULL-SHA256" },
  399. { 0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384",
  400. "ECDHE-PSK-NULL-SHA384" },
  401. { 0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
  402. "ARIA128-SHA256" /* ns */ },
  403. { 0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
  404. "ARIA256-SHA384" /* ns */ },
  405. { 0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
  406. "DHE-RSA-ARIA128-SHA256" /* ns */ },
  407. { 0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
  408. "DHE-RSA-ARIA256-SHA384" /* ns */ },
  409. { 0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
  410. "ECDHE-ECDSA-ARIA128-SHA256" /* ns */ },
  411. { 0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
  412. "ECDHE-ECDSA-ARIA256-SHA384" /* ns */ },
  413. { 0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
  414. "ECDH-ECDSA-ARIA128-SHA256" /* ns */ },
  415. { 0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
  416. "ECDH-ECDSA-ARIA256-SHA384" /* ns */ },
  417. { 0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
  418. "ECDHE-ARIA128-SHA256" /* ns */ },
  419. { 0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
  420. "ECDHE-ARIA256-SHA384" /* ns */ },
  421. { 0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
  422. "ECDH-ARIA128-SHA256" /* ns */ },
  423. { 0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
  424. "ECDH-ARIA256-SHA384" /* ns */ },
  425. { 0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
  426. "ARIA128-GCM-SHA256" },
  427. { 0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
  428. "ARIA256-GCM-SHA384" },
  429. { 0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
  430. "DHE-RSA-ARIA128-GCM-SHA256" },
  431. { 0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
  432. "DHE-RSA-ARIA256-GCM-SHA384" },
  433. { 0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
  434. "ECDHE-ECDSA-ARIA128-GCM-SHA256" },
  435. { 0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
  436. "ECDHE-ECDSA-ARIA256-GCM-SHA384" },
  437. { 0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
  438. "ECDH-ECDSA-ARIA128-GCM-SHA256" /* ns */ },
  439. { 0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
  440. "ECDH-ECDSA-ARIA256-GCM-SHA384" /* ns */ },
  441. { 0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
  442. "ECDHE-ARIA128-GCM-SHA256" },
  443. { 0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
  444. "ECDHE-ARIA256-GCM-SHA384" },
  445. { 0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
  446. "ECDH-ARIA128-GCM-SHA256" /* ns */ },
  447. { 0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
  448. "ECDH-ARIA256-GCM-SHA384" /* ns */ },
  449. { 0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
  450. "PSK-ARIA128-SHA256" /* ns */ },
  451. { 0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
  452. "PSK-ARIA256-SHA384" /* ns */ },
  453. { 0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
  454. "DHE-PSK-ARIA128-SHA256" /* ns */ },
  455. { 0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
  456. "DHE-PSK-ARIA256-SHA384" /* ns */ },
  457. { 0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
  458. "RSA-PSK-ARIA128-SHA256" /* ns */ },
  459. { 0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
  460. "RSA-PSK-ARIA256-SHA384" /* ns */ },
  461. { 0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
  462. "PSK-ARIA128-GCM-SHA256" },
  463. { 0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
  464. "PSK-ARIA256-GCM-SHA384" },
  465. { 0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
  466. "DHE-PSK-ARIA128-GCM-SHA256" },
  467. { 0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
  468. "DHE-PSK-ARIA256-GCM-SHA384" },
  469. { 0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
  470. "RSA-PSK-ARIA128-GCM-SHA256" },
  471. { 0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
  472. "RSA-PSK-ARIA256-GCM-SHA384" },
  473. { 0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
  474. "ECDHE-PSK-ARIA128-SHA256" /* ns */ },
  475. { 0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
  476. "ECDHE-PSK-ARIA256-SHA384" /* ns */ },
  477. { 0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
  478. "ECDHE-ECDSA-CAMELLIA128-SHA256" },
  479. { 0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
  480. "ECDHE-ECDSA-CAMELLIA256-SHA384" },
  481. { 0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
  482. "ECDH-ECDSA-CAMELLIA128-SHA256" /* ns */ },
  483. { 0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
  484. "ECDH-ECDSA-CAMELLIA256-SHA384" /* ns */ },
  485. { 0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  486. "ECDHE-RSA-CAMELLIA128-SHA256" },
  487. { 0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
  488. "ECDHE-RSA-CAMELLIA256-SHA384" },
  489. { 0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  490. "ECDH-CAMELLIA128-SHA256" /* ns */ },
  491. { 0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
  492. "ECDH-CAMELLIA256-SHA384" /* ns */ },
  493. { 0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  494. "CAMELLIA128-GCM-SHA256" /* ns */ },
  495. { 0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  496. "CAMELLIA256-GCM-SHA384" /* ns */ },
  497. { 0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  498. "DHE-RSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  499. { 0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  500. "DHE-RSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  501. { 0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
  502. "ECDHE-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  503. { 0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
  504. "ECDHE-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  505. { 0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
  506. "ECDH-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  507. { 0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
  508. "ECDH-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  509. { 0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  510. "ECDHE-CAMELLIA128-GCM-SHA256" /* ns */ },
  511. { 0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  512. "ECDHE-CAMELLIA256-GCM-SHA384" /* ns */ },
  513. { 0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  514. "ECDH-CAMELLIA128-GCM-SHA256" /* ns */ },
  515. { 0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  516. "ECDH-CAMELLIA256-GCM-SHA384" /* ns */ },
  517. { 0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  518. "PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  519. { 0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  520. "PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  521. { 0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  522. "DHE-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  523. { 0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  524. "DHE-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  525. { 0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  526. "RSA-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  527. { 0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  528. "RSA-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  529. { 0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  530. "PSK-CAMELLIA128-SHA256" },
  531. { 0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  532. "PSK-CAMELLIA256-SHA384" },
  533. { 0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  534. "DHE-PSK-CAMELLIA128-SHA256" },
  535. { 0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  536. "DHE-PSK-CAMELLIA256-SHA384" },
  537. { 0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  538. "RSA-PSK-CAMELLIA128-SHA256" },
  539. { 0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  540. "RSA-PSK-CAMELLIA256-SHA384" },
  541. { 0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  542. "ECDHE-PSK-CAMELLIA128-SHA256" },
  543. { 0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  544. "ECDHE-PSK-CAMELLIA256-SHA384" },
  545. { 0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM",
  546. "DHE-RSA-AES128-CCM" },
  547. { 0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM",
  548. "DHE-RSA-AES256-CCM" },
  549. { 0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8",
  550. "DHE-RSA-AES128-CCM8" },
  551. { 0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8",
  552. "DHE-RSA-AES256-CCM8" },
  553. { 0xC0A4, "TLS_PSK_WITH_AES_128_CCM",
  554. "PSK-AES128-CCM" },
  555. { 0xC0A5, "TLS_PSK_WITH_AES_256_CCM",
  556. "PSK-AES256-CCM" },
  557. { 0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM",
  558. "DHE-PSK-AES128-CCM" },
  559. { 0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM",
  560. "DHE-PSK-AES256-CCM" },
  561. { 0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8",
  562. "PSK-AES128-CCM8" },
  563. { 0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8",
  564. "PSK-AES256-CCM8" },
  565. { 0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8",
  566. "DHE-PSK-AES128-CCM8" },
  567. { 0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8",
  568. "DHE-PSK-AES256-CCM8" },
  569. { 0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
  570. "DHE-RSA-CHACHA20-POLY1305" },
  571. { 0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
  572. "ECDHE-PSK-CHACHA20-POLY1305" },
  573. { 0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
  574. "DHE-PSK-CHACHA20-POLY1305" },
  575. { 0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
  576. "RSA-PSK-CHACHA20-POLY1305" },
  577. #endif
  578. };
  579. #define TEST_CS_LIST_LEN (sizeof(test_cs_list) / sizeof(test_cs_list[0]))
  580. static const char *cs_test_string =
  581. "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:"
  582. "TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:"
  583. "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:"
  584. "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:"
  585. "ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:"
  586. "DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:"
  587. "ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:"
  588. "ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:"
  589. "ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:"
  590. "DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:"
  591. "AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:"
  592. "DES-CBC3-SHA:"
  593. ":: GIBBERISH ::"
  594. ;
  595. struct test_str_entry {
  596. uint16_t id;
  597. const char *str;
  598. };
  599. static const struct test_str_entry test_str_list[] = {
  600. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  601. { 0x1301, "TLS_AES_128_GCM_SHA256"},
  602. { 0x1302, "TLS_AES_256_GCM_SHA384"},
  603. { 0x1303, "TLS_CHACHA20_POLY1305_SHA256"},
  604. #else
  605. { 0x0000, "TLS_AES_128_GCM_SHA256"},
  606. { 0x0000, "TLS_AES_256_GCM_SHA384"},
  607. { 0x0000, "TLS_CHACHA20_POLY1305_SHA256"},
  608. #endif
  609. { 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256"},
  610. { 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256"},
  611. { 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384"},
  612. { 0xC030, "ECDHE-RSA-AES256-GCM-SHA384"},
  613. { 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305"},
  614. { 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305"},
  615. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  616. { 0x009E, "DHE-RSA-AES128-GCM-SHA256"},
  617. { 0x009F, "DHE-RSA-AES256-GCM-SHA384"},
  618. #else
  619. { 0x0000, "DHE-RSA-AES128-GCM-SHA256"},
  620. { 0x0000, "DHE-RSA-AES256-GCM-SHA384"},
  621. #endif
  622. #if defined(USE_MBEDTLS)
  623. { 0xCCAA, "DHE-RSA-CHACHA20-POLY1305"},
  624. #else
  625. { 0x0000, "DHE-RSA-CHACHA20-POLY1305"},
  626. #endif
  627. { 0xC023, "ECDHE-ECDSA-AES128-SHA256" },
  628. { 0xC027, "ECDHE-RSA-AES128-SHA256" },
  629. { 0xC009, "ECDHE-ECDSA-AES128-SHA" },
  630. { 0xC013, "ECDHE-RSA-AES128-SHA" },
  631. { 0xC024, "ECDHE-ECDSA-AES256-SHA384" },
  632. { 0xC028, "ECDHE-RSA-AES256-SHA384" },
  633. { 0xC00A, "ECDHE-ECDSA-AES256-SHA" },
  634. { 0xC014, "ECDHE-RSA-AES256-SHA" },
  635. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  636. { 0x0067, "DHE-RSA-AES128-SHA256" },
  637. { 0x006B, "DHE-RSA-AES256-SHA256" },
  638. #else
  639. { 0x0000, "DHE-RSA-AES128-SHA256" },
  640. { 0x0000, "DHE-RSA-AES256-SHA256" },
  641. #endif
  642. { 0x009C, "AES128-GCM-SHA256" },
  643. { 0x009D, "AES256-GCM-SHA384" },
  644. { 0x003C, "AES128-SHA256" },
  645. { 0x003D, "AES256-SHA256" },
  646. { 0x002F, "AES128-SHA" },
  647. { 0x0035, "AES256-SHA" },
  648. #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
  649. { 0x000A, "DES-CBC3-SHA" },
  650. #else
  651. { 0x0000, "DES-CBC3-SHA" },
  652. #endif
  653. { 0x0000, "GIBBERISH" },
  654. { 0x0000, "" },
  655. };
  656. #define TEST_STR_LIST_LEN (sizeof(test_str_list) / sizeof(test_str_list[0]))
  657. UNITTEST_START
  658. {
  659. for(size_t i = 0; i < TEST_CS_LIST_LEN; i++) {
  660. const struct test_cs_entry *test = &test_cs_list[i];
  661. const char *expect;
  662. char buf[64] = "";
  663. char alt[64] = "";
  664. uint16_t id;
  665. /* test Curl_cipher_suite_lookup_id() for rfc name */
  666. if(test->rfc) {
  667. id = Curl_cipher_suite_lookup_id(test->rfc, strlen(test->rfc));
  668. if(id != test->id) {
  669. fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
  670. "result = 0x%04x, expected = 0x%04x\n",
  671. test->rfc, id, test->id);
  672. unitfail++;
  673. }
  674. }
  675. /* test Curl_cipher_suite_lookup_id() for OpenSSL name */
  676. if(test->openssl) {
  677. id = Curl_cipher_suite_lookup_id(test->openssl, strlen(test->openssl));
  678. if(id != test->id) {
  679. fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
  680. "result = 0x%04x, expected = 0x%04x\n",
  681. test->openssl, id, test->id);
  682. unitfail++;
  683. }
  684. }
  685. /* test Curl_cipher_suite_get_str() prefer rfc name */
  686. buf[0] = '\0';
  687. expect = test->rfc ? test->rfc : test->openssl;
  688. Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), true);
  689. if(strcmp(buf, expect) != 0) {
  690. fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
  691. "result = \"%s\", expected = \"%s\"\n",
  692. test->id, buf, expect);
  693. unitfail++;
  694. }
  695. /* test Curl_cipher_suite_get_str() prefer OpenSSL name */
  696. buf[0] = '\0';
  697. expect = test->openssl ? test->openssl : test->rfc;
  698. Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), false);
  699. /* suites matched by EDH alias will return the DHE name */
  700. if(test->id >= 0x0011 && test->id < 0x0017) {
  701. if(memcmp(expect, "EDH-", 4) == 0)
  702. expect = (char *) memcpy(strcpy(alt, expect), "DHE-", 4);
  703. if(memcmp(expect + 4, "EDH-", 4) == 0)
  704. expect = (char *) memcpy(strcpy(alt, expect) + 4, "DHE-", 4) - 4;
  705. }
  706. if(strcmp(buf, expect) != 0) {
  707. fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
  708. "result = \"%s\", expected = \"%s\"\n",
  709. test->id, buf, expect);
  710. unitfail++;
  711. }
  712. }
  713. /* test Curl_cipher_suite_walk_str() */
  714. {
  715. const char *ptr, *end = cs_test_string;
  716. int i = 0;
  717. uint16_t id;
  718. size_t len;
  719. for(ptr = cs_test_string; ptr[0] != '\0'; ptr = end) {
  720. const struct test_str_entry *test = &test_str_list[i];
  721. abort_if(i == TEST_STR_LIST_LEN, "should have been done");
  722. id = Curl_cipher_suite_walk_str(&ptr, &end);
  723. len = end - ptr;
  724. if(id != test->id) {
  725. fprintf(stderr, "Curl_cipher_suite_walk_str FAILED for \"%s\" "
  726. "unexpected cipher, "
  727. "result = 0x%04x, expected = 0x%04x\n",
  728. test->str, id, test->id);
  729. unitfail++;
  730. }
  731. if(len > 64 || strncmp(ptr, test->str, len) != 0) {
  732. fprintf(stderr, "Curl_cipher_suite_walk_str ABORT for \"%s\" "
  733. "unexpected pointers\n",
  734. test->str);
  735. unitfail++;
  736. goto unit_test_abort;
  737. }
  738. i++;
  739. }
  740. }
  741. }
  742. UNITTEST_STOP
  743. #else /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
  744. defined(USE_BEARSSL) */
  745. UNITTEST_START
  746. UNITTEST_STOP
  747. #endif /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
  748. defined(USE_BEARSSL) */