2
0

unit3205.c 32 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Jan Venekamp, <jan@venekamp.net>
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. #include "curlcheck.h"
  25. #include "vtls/cipher_suite.h"
  26. static CURLcode unit_setup(void)
  27. {
  28. return CURLE_OK;
  29. }
  30. static void unit_stop(void)
  31. {
  32. }
  33. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
  34. defined(USE_BEARSSL) || defined(USE_RUSTLS)
  35. struct test_cs_entry {
  36. uint16_t id;
  37. const char *rfc;
  38. const char *openssl;
  39. };
  40. static const struct test_cs_entry test_cs_list[] = {
  41. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_RUSTLS)
  42. { 0x1301, "TLS_AES_128_GCM_SHA256",
  43. NULL },
  44. { 0x1302, "TLS_AES_256_GCM_SHA384",
  45. NULL },
  46. { 0x1303, "TLS_CHACHA20_POLY1305_SHA256",
  47. NULL },
  48. { 0x1304, "TLS_AES_128_CCM_SHA256",
  49. NULL },
  50. { 0x1305, "TLS_AES_128_CCM_8_SHA256",
  51. NULL },
  52. #endif
  53. { 0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
  54. "ECDHE-ECDSA-AES128-GCM-SHA256" },
  55. { 0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
  56. "ECDHE-ECDSA-AES256-GCM-SHA384" },
  57. { 0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
  58. "ECDHE-RSA-AES128-GCM-SHA256" },
  59. { 0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
  60. "ECDHE-RSA-AES256-GCM-SHA384" },
  61. { 0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
  62. "ECDHE-RSA-CHACHA20-POLY1305" },
  63. { 0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
  64. "ECDHE-ECDSA-CHACHA20-POLY1305" },
  65. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  66. { 0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA",
  67. "AES128-SHA" },
  68. { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA",
  69. "AES256-SHA" },
  70. { 0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256",
  71. "AES128-SHA256" },
  72. { 0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256",
  73. "AES256-SHA256" },
  74. { 0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256",
  75. "AES128-GCM-SHA256" },
  76. { 0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384",
  77. "AES256-GCM-SHA384" },
  78. { 0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
  79. "ECDH-ECDSA-AES128-SHA" },
  80. { 0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
  81. "ECDH-ECDSA-AES256-SHA" },
  82. { 0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
  83. "ECDHE-ECDSA-AES128-SHA" },
  84. { 0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
  85. "ECDHE-ECDSA-AES256-SHA" },
  86. { 0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
  87. "ECDH-RSA-AES128-SHA" },
  88. { 0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
  89. "ECDH-RSA-AES256-SHA" },
  90. { 0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
  91. "ECDHE-RSA-AES128-SHA" },
  92. { 0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
  93. "ECDHE-RSA-AES256-SHA" },
  94. { 0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
  95. "ECDHE-ECDSA-AES128-SHA256" },
  96. { 0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
  97. "ECDHE-ECDSA-AES256-SHA384" },
  98. { 0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
  99. "ECDH-ECDSA-AES128-SHA256" },
  100. { 0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
  101. "ECDH-ECDSA-AES256-SHA384" },
  102. { 0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
  103. "ECDHE-RSA-AES128-SHA256" },
  104. { 0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
  105. "ECDHE-RSA-AES256-SHA384" },
  106. { 0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
  107. "ECDH-RSA-AES128-SHA256" },
  108. { 0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
  109. "ECDH-RSA-AES256-SHA384" },
  110. { 0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
  111. "ECDH-ECDSA-AES128-GCM-SHA256" },
  112. { 0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
  113. "ECDH-ECDSA-AES256-GCM-SHA384" },
  114. { 0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
  115. "ECDH-RSA-AES128-GCM-SHA256" },
  116. { 0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
  117. "ECDH-RSA-AES256-GCM-SHA384" },
  118. #endif
  119. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  120. { 0x0001, "TLS_RSA_WITH_NULL_MD5",
  121. "NULL-MD5" },
  122. { 0x0002, "TLS_RSA_WITH_NULL_SHA",
  123. "NULL-SHA" },
  124. { 0x002C, "TLS_PSK_WITH_NULL_SHA",
  125. "PSK-NULL-SHA" },
  126. { 0x002D, "TLS_DHE_PSK_WITH_NULL_SHA",
  127. "DHE-PSK-NULL-SHA" },
  128. { 0x002E, "TLS_RSA_PSK_WITH_NULL_SHA",
  129. "RSA-PSK-NULL-SHA" },
  130. { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
  131. "DHE-RSA-AES128-SHA" },
  132. { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
  133. "DHE-RSA-AES256-SHA" },
  134. { 0x003B, "TLS_RSA_WITH_NULL_SHA256",
  135. "NULL-SHA256" },
  136. { 0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
  137. "DHE-RSA-AES128-SHA256" },
  138. { 0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
  139. "DHE-RSA-AES256-SHA256" },
  140. { 0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA",
  141. "PSK-AES128-CBC-SHA" },
  142. { 0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA",
  143. "PSK-AES256-CBC-SHA" },
  144. { 0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
  145. "DHE-PSK-AES128-CBC-SHA" },
  146. { 0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
  147. "DHE-PSK-AES256-CBC-SHA" },
  148. { 0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
  149. "RSA-PSK-AES128-CBC-SHA" },
  150. { 0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
  151. "RSA-PSK-AES256-CBC-SHA" },
  152. { 0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
  153. "DHE-RSA-AES128-GCM-SHA256" },
  154. { 0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
  155. "DHE-RSA-AES256-GCM-SHA384" },
  156. { 0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256",
  157. "PSK-AES128-GCM-SHA256" },
  158. { 0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384",
  159. "PSK-AES256-GCM-SHA384" },
  160. { 0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
  161. "DHE-PSK-AES128-GCM-SHA256" },
  162. { 0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
  163. "DHE-PSK-AES256-GCM-SHA384" },
  164. { 0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
  165. "RSA-PSK-AES128-GCM-SHA256" },
  166. { 0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
  167. "RSA-PSK-AES256-GCM-SHA384" },
  168. { 0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256",
  169. "PSK-AES128-CBC-SHA256" },
  170. { 0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384",
  171. "PSK-AES256-CBC-SHA384" },
  172. { 0x00B0, "TLS_PSK_WITH_NULL_SHA256",
  173. "PSK-NULL-SHA256" },
  174. { 0x00B1, "TLS_PSK_WITH_NULL_SHA384",
  175. "PSK-NULL-SHA384" },
  176. { 0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
  177. "DHE-PSK-AES128-CBC-SHA256" },
  178. { 0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
  179. "DHE-PSK-AES256-CBC-SHA384" },
  180. { 0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256",
  181. "DHE-PSK-NULL-SHA256" },
  182. { 0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384",
  183. "DHE-PSK-NULL-SHA384" },
  184. { 0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
  185. "RSA-PSK-AES128-CBC-SHA256" },
  186. { 0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
  187. "RSA-PSK-AES256-CBC-SHA384" },
  188. { 0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256",
  189. "RSA-PSK-NULL-SHA256" },
  190. { 0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384",
  191. "RSA-PSK-NULL-SHA384" },
  192. { 0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA",
  193. "ECDH-ECDSA-NULL-SHA" },
  194. { 0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
  195. "ECDHE-ECDSA-NULL-SHA" },
  196. { 0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA",
  197. "ECDH-RSA-NULL-SHA" },
  198. { 0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA",
  199. "ECDHE-RSA-NULL-SHA" },
  200. { 0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
  201. "ECDHE-PSK-AES128-CBC-SHA" },
  202. { 0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
  203. "ECDHE-PSK-AES256-CBC-SHA" },
  204. { 0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
  205. "PSK-CHACHA20-POLY1305" },
  206. #endif
  207. #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
  208. { 0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
  209. "DES-CBC3-SHA" },
  210. { 0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
  211. "ECDH-ECDSA-DES-CBC3-SHA" },
  212. { 0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
  213. "ECDHE-ECDSA-DES-CBC3-SHA" },
  214. { 0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
  215. "ECDH-RSA-DES-CBC3-SHA" },
  216. { 0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
  217. "ECDHE-RSA-DES-CBC3-SHA" },
  218. #endif
  219. #if defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  220. { 0xC09C, "TLS_RSA_WITH_AES_128_CCM",
  221. "AES128-CCM" },
  222. { 0xC09D, "TLS_RSA_WITH_AES_256_CCM",
  223. "AES256-CCM" },
  224. { 0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8",
  225. "AES128-CCM8" },
  226. { 0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8",
  227. "AES256-CCM8" },
  228. { 0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
  229. "ECDHE-ECDSA-AES128-CCM" },
  230. { 0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
  231. "ECDHE-ECDSA-AES256-CCM" },
  232. { 0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
  233. "ECDHE-ECDSA-AES128-CCM8" },
  234. { 0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
  235. "ECDHE-ECDSA-AES256-CCM8" },
  236. #endif
  237. #if defined(USE_SECTRANSP)
  238. { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
  239. "EXP-RC4-MD5" },
  240. { 0x0004, "TLS_RSA_WITH_RC4_128_MD5",
  241. "RC4-MD5" },
  242. { 0x0005, "TLS_RSA_WITH_RC4_128_SHA",
  243. "RC4-SHA" },
  244. { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
  245. "EXP-RC2-CBC-MD5" },
  246. { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA",
  247. "IDEA-CBC-SHA" },
  248. { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
  249. "EXP-DES-CBC-SHA" },
  250. { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA",
  251. "DES-CBC-SHA" },
  252. { 0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
  253. "EXP-DH-DSS-DES-CBC-SHA" },
  254. { 0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA",
  255. "DH-DSS-DES-CBC-SHA" },
  256. { 0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
  257. "DH-DSS-DES-CBC3-SHA" },
  258. { 0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
  259. "EXP-DH-RSA-DES-CBC-SHA" },
  260. { 0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA",
  261. "DH-RSA-DES-CBC-SHA" },
  262. { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
  263. "DH-RSA-DES-CBC3-SHA" },
  264. { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
  265. "EXP-DHE-DSS-DES-CBC-SHA" },
  266. { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
  267. "DHE-DSS-DES-CBC-SHA" },
  268. { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
  269. "DHE-DSS-DES-CBC3-SHA" },
  270. { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
  271. "EXP-DHE-RSA-DES-CBC-SHA" },
  272. { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
  273. "DHE-RSA-DES-CBC-SHA" },
  274. { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
  275. "DHE-RSA-DES-CBC3-SHA" },
  276. { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
  277. "EXP-ADH-RC4-MD5" },
  278. { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5",
  279. "ADH-RC4-MD5" },
  280. { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
  281. "EXP-ADH-DES-CBC-SHA" },
  282. { 0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA",
  283. "ADH-DES-CBC-SHA" },
  284. { 0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
  285. "ADH-DES-CBC3-SHA" },
  286. { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
  287. "DH-DSS-AES128-SHA" },
  288. { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
  289. "DH-RSA-AES128-SHA" },
  290. { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
  291. "DHE-DSS-AES128-SHA" },
  292. { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA",
  293. "ADH-AES128-SHA" },
  294. { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
  295. "DH-DSS-AES256-SHA" },
  296. { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
  297. "DH-RSA-AES256-SHA" },
  298. { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
  299. "DHE-DSS-AES256-SHA" },
  300. { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA",
  301. "ADH-AES256-SHA" },
  302. { 0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
  303. "DH-DSS-AES128-SHA256" },
  304. { 0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
  305. "DH-RSA-AES128-SHA256" },
  306. { 0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
  307. "DHE-DSS-AES128-SHA256" },
  308. { 0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
  309. "DH-DSS-AES256-SHA256" },
  310. { 0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
  311. "DH-RSA-AES256-SHA256" },
  312. { 0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
  313. "DHE-DSS-AES256-SHA256" },
  314. { 0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
  315. "ADH-AES128-SHA256" },
  316. { 0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
  317. "ADH-AES256-SHA256" },
  318. { 0x008A, "TLS_PSK_WITH_RC4_128_SHA",
  319. "PSK-RC4-SHA" },
  320. { 0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
  321. "PSK-3DES-EDE-CBC-SHA" },
  322. { 0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA",
  323. "DHE-PSK-RC4-SHA" },
  324. { 0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
  325. "DHE-PSK-3DES-EDE-CBC-SHA" },
  326. { 0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA",
  327. "RSA-PSK-RC4-SHA" },
  328. { 0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
  329. "RSA-PSK-3DES-EDE-CBC-SHA" },
  330. { 0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
  331. "DH-RSA-AES128-GCM-SHA256" },
  332. { 0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
  333. "DH-RSA-AES256-GCM-SHA384" },
  334. { 0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
  335. "DHE-DSS-AES128-GCM-SHA256" },
  336. { 0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
  337. "DHE-DSS-AES256-GCM-SHA384" },
  338. { 0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
  339. "DH-DSS-AES128-GCM-SHA256" },
  340. { 0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
  341. "DH-DSS-AES256-GCM-SHA384" },
  342. { 0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
  343. "ADH-AES128-GCM-SHA256" },
  344. { 0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
  345. "ADH-AES256-GCM-SHA384" },
  346. { 0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
  347. "ECDH-ECDSA-RC4-SHA" },
  348. { 0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
  349. "ECDHE-ECDSA-RC4-SHA" },
  350. { 0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA",
  351. "ECDH-RSA-RC4-SHA" },
  352. { 0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
  353. "ECDHE-RSA-RC4-SHA" },
  354. { 0xC015, "TLS_ECDH_anon_WITH_NULL_SHA",
  355. "AECDH-NULL-SHA" },
  356. { 0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA",
  357. "AECDH-RC4-SHA" },
  358. { 0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
  359. "AECDH-DES-CBC3-SHA" },
  360. { 0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
  361. "AECDH-AES128-SHA" },
  362. { 0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
  363. "AECDH-AES256-SHA" },
  364. /* Backward compatible aliases (EDH vs DHE) */
  365. { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
  366. "EXP-EDH-DSS-DES-CBC-SHA" },
  367. { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
  368. "EDH-DSS-DES-CBC-SHA" },
  369. { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
  370. "EDH-DSS-DES-CBC3-SHA" },
  371. { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
  372. "EXP-EDH-RSA-DES-CBC-SHA" },
  373. { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
  374. "EDH-RSA-DES-CBC-SHA" },
  375. { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
  376. "EDH-RSA-DES-CBC3-SHA" },
  377. #endif
  378. #if defined(USE_MBEDTLS)
  379. /* entries marked ns are non-"standard", they are not in OpenSSL */
  380. { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
  381. "CAMELLIA128-SHA" },
  382. { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
  383. "DHE-RSA-CAMELLIA128-SHA" },
  384. { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
  385. "CAMELLIA256-SHA" },
  386. { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
  387. "DHE-RSA-CAMELLIA256-SHA" },
  388. { 0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  389. "CAMELLIA128-SHA256" },
  390. { 0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  391. "DHE-RSA-CAMELLIA128-SHA256" },
  392. { 0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
  393. "CAMELLIA256-SHA256" },
  394. { 0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
  395. "DHE-RSA-CAMELLIA256-SHA256" },
  396. { 0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
  397. "ECDHE-PSK-AES128-CBC-SHA256" },
  398. { 0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
  399. "ECDHE-PSK-AES256-CBC-SHA384" },
  400. { 0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA",
  401. "ECDHE-PSK-NULL-SHA" },
  402. { 0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256",
  403. "ECDHE-PSK-NULL-SHA256" },
  404. { 0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384",
  405. "ECDHE-PSK-NULL-SHA384" },
  406. { 0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
  407. "ARIA128-SHA256" /* ns */ },
  408. { 0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
  409. "ARIA256-SHA384" /* ns */ },
  410. { 0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
  411. "DHE-RSA-ARIA128-SHA256" /* ns */ },
  412. { 0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
  413. "DHE-RSA-ARIA256-SHA384" /* ns */ },
  414. { 0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
  415. "ECDHE-ECDSA-ARIA128-SHA256" /* ns */ },
  416. { 0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
  417. "ECDHE-ECDSA-ARIA256-SHA384" /* ns */ },
  418. { 0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
  419. "ECDH-ECDSA-ARIA128-SHA256" /* ns */ },
  420. { 0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
  421. "ECDH-ECDSA-ARIA256-SHA384" /* ns */ },
  422. { 0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
  423. "ECDHE-ARIA128-SHA256" /* ns */ },
  424. { 0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
  425. "ECDHE-ARIA256-SHA384" /* ns */ },
  426. { 0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
  427. "ECDH-ARIA128-SHA256" /* ns */ },
  428. { 0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
  429. "ECDH-ARIA256-SHA384" /* ns */ },
  430. { 0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
  431. "ARIA128-GCM-SHA256" },
  432. { 0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
  433. "ARIA256-GCM-SHA384" },
  434. { 0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
  435. "DHE-RSA-ARIA128-GCM-SHA256" },
  436. { 0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
  437. "DHE-RSA-ARIA256-GCM-SHA384" },
  438. { 0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
  439. "ECDHE-ECDSA-ARIA128-GCM-SHA256" },
  440. { 0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
  441. "ECDHE-ECDSA-ARIA256-GCM-SHA384" },
  442. { 0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
  443. "ECDH-ECDSA-ARIA128-GCM-SHA256" /* ns */ },
  444. { 0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
  445. "ECDH-ECDSA-ARIA256-GCM-SHA384" /* ns */ },
  446. { 0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
  447. "ECDHE-ARIA128-GCM-SHA256" },
  448. { 0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
  449. "ECDHE-ARIA256-GCM-SHA384" },
  450. { 0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
  451. "ECDH-ARIA128-GCM-SHA256" /* ns */ },
  452. { 0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
  453. "ECDH-ARIA256-GCM-SHA384" /* ns */ },
  454. { 0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
  455. "PSK-ARIA128-SHA256" /* ns */ },
  456. { 0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
  457. "PSK-ARIA256-SHA384" /* ns */ },
  458. { 0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
  459. "DHE-PSK-ARIA128-SHA256" /* ns */ },
  460. { 0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
  461. "DHE-PSK-ARIA256-SHA384" /* ns */ },
  462. { 0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
  463. "RSA-PSK-ARIA128-SHA256" /* ns */ },
  464. { 0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
  465. "RSA-PSK-ARIA256-SHA384" /* ns */ },
  466. { 0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
  467. "PSK-ARIA128-GCM-SHA256" },
  468. { 0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
  469. "PSK-ARIA256-GCM-SHA384" },
  470. { 0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
  471. "DHE-PSK-ARIA128-GCM-SHA256" },
  472. { 0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
  473. "DHE-PSK-ARIA256-GCM-SHA384" },
  474. { 0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
  475. "RSA-PSK-ARIA128-GCM-SHA256" },
  476. { 0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
  477. "RSA-PSK-ARIA256-GCM-SHA384" },
  478. { 0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
  479. "ECDHE-PSK-ARIA128-SHA256" /* ns */ },
  480. { 0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
  481. "ECDHE-PSK-ARIA256-SHA384" /* ns */ },
  482. { 0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
  483. "ECDHE-ECDSA-CAMELLIA128-SHA256" },
  484. { 0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
  485. "ECDHE-ECDSA-CAMELLIA256-SHA384" },
  486. { 0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
  487. "ECDH-ECDSA-CAMELLIA128-SHA256" /* ns */ },
  488. { 0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
  489. "ECDH-ECDSA-CAMELLIA256-SHA384" /* ns */ },
  490. { 0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  491. "ECDHE-RSA-CAMELLIA128-SHA256" },
  492. { 0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
  493. "ECDHE-RSA-CAMELLIA256-SHA384" },
  494. { 0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
  495. "ECDH-CAMELLIA128-SHA256" /* ns */ },
  496. { 0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
  497. "ECDH-CAMELLIA256-SHA384" /* ns */ },
  498. { 0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  499. "CAMELLIA128-GCM-SHA256" /* ns */ },
  500. { 0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  501. "CAMELLIA256-GCM-SHA384" /* ns */ },
  502. { 0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  503. "DHE-RSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  504. { 0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  505. "DHE-RSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  506. { 0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
  507. "ECDHE-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  508. { 0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
  509. "ECDHE-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  510. { 0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
  511. "ECDH-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
  512. { 0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
  513. "ECDH-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
  514. { 0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  515. "ECDHE-CAMELLIA128-GCM-SHA256" /* ns */ },
  516. { 0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  517. "ECDHE-CAMELLIA256-GCM-SHA384" /* ns */ },
  518. { 0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
  519. "ECDH-CAMELLIA128-GCM-SHA256" /* ns */ },
  520. { 0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
  521. "ECDH-CAMELLIA256-GCM-SHA384" /* ns */ },
  522. { 0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  523. "PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  524. { 0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  525. "PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  526. { 0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  527. "DHE-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  528. { 0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  529. "DHE-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  530. { 0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
  531. "RSA-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
  532. { 0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
  533. "RSA-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
  534. { 0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  535. "PSK-CAMELLIA128-SHA256" },
  536. { 0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  537. "PSK-CAMELLIA256-SHA384" },
  538. { 0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  539. "DHE-PSK-CAMELLIA128-SHA256" },
  540. { 0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  541. "DHE-PSK-CAMELLIA256-SHA384" },
  542. { 0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  543. "RSA-PSK-CAMELLIA128-SHA256" },
  544. { 0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  545. "RSA-PSK-CAMELLIA256-SHA384" },
  546. { 0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
  547. "ECDHE-PSK-CAMELLIA128-SHA256" },
  548. { 0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
  549. "ECDHE-PSK-CAMELLIA256-SHA384" },
  550. { 0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM",
  551. "DHE-RSA-AES128-CCM" },
  552. { 0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM",
  553. "DHE-RSA-AES256-CCM" },
  554. { 0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8",
  555. "DHE-RSA-AES128-CCM8" },
  556. { 0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8",
  557. "DHE-RSA-AES256-CCM8" },
  558. { 0xC0A4, "TLS_PSK_WITH_AES_128_CCM",
  559. "PSK-AES128-CCM" },
  560. { 0xC0A5, "TLS_PSK_WITH_AES_256_CCM",
  561. "PSK-AES256-CCM" },
  562. { 0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM",
  563. "DHE-PSK-AES128-CCM" },
  564. { 0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM",
  565. "DHE-PSK-AES256-CCM" },
  566. { 0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8",
  567. "PSK-AES128-CCM8" },
  568. { 0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8",
  569. "PSK-AES256-CCM8" },
  570. { 0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8",
  571. "DHE-PSK-AES128-CCM8" },
  572. { 0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8",
  573. "DHE-PSK-AES256-CCM8" },
  574. { 0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
  575. "DHE-RSA-CHACHA20-POLY1305" },
  576. { 0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
  577. "ECDHE-PSK-CHACHA20-POLY1305" },
  578. { 0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
  579. "DHE-PSK-CHACHA20-POLY1305" },
  580. { 0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
  581. "RSA-PSK-CHACHA20-POLY1305" },
  582. #endif
  583. };
  584. #define TEST_CS_LIST_LEN (sizeof(test_cs_list) / sizeof(test_cs_list[0]))
  585. static const char *cs_test_string =
  586. "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:"
  587. "TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:"
  588. "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:"
  589. "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:"
  590. "ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:"
  591. "DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:"
  592. "ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:"
  593. "ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:"
  594. "ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:"
  595. "DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:"
  596. "AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:"
  597. "DES-CBC3-SHA:"
  598. ":: GIBBERISH ::"
  599. ;
  600. struct test_str_entry {
  601. uint16_t id;
  602. const char *str;
  603. };
  604. static const struct test_str_entry test_str_list[] = {
  605. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_RUSTLS)
  606. { 0x1301, "TLS_AES_128_GCM_SHA256"},
  607. { 0x1302, "TLS_AES_256_GCM_SHA384"},
  608. { 0x1303, "TLS_CHACHA20_POLY1305_SHA256"},
  609. #else
  610. { 0x0000, "TLS_AES_128_GCM_SHA256"},
  611. { 0x0000, "TLS_AES_256_GCM_SHA384"},
  612. { 0x0000, "TLS_CHACHA20_POLY1305_SHA256"},
  613. #endif
  614. { 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256"},
  615. { 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256"},
  616. { 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384"},
  617. { 0xC030, "ECDHE-RSA-AES256-GCM-SHA384"},
  618. { 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305"},
  619. { 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305"},
  620. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  621. { 0x009E, "DHE-RSA-AES128-GCM-SHA256"},
  622. { 0x009F, "DHE-RSA-AES256-GCM-SHA384"},
  623. #else
  624. { 0x0000, "DHE-RSA-AES128-GCM-SHA256"},
  625. { 0x0000, "DHE-RSA-AES256-GCM-SHA384"},
  626. #endif
  627. #if defined(USE_MBEDTLS)
  628. { 0xCCAA, "DHE-RSA-CHACHA20-POLY1305"},
  629. #else
  630. { 0x0000, "DHE-RSA-CHACHA20-POLY1305"},
  631. #endif
  632. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  633. { 0xC023, "ECDHE-ECDSA-AES128-SHA256" },
  634. { 0xC027, "ECDHE-RSA-AES128-SHA256" },
  635. { 0xC009, "ECDHE-ECDSA-AES128-SHA" },
  636. { 0xC013, "ECDHE-RSA-AES128-SHA" },
  637. { 0xC024, "ECDHE-ECDSA-AES256-SHA384" },
  638. { 0xC028, "ECDHE-RSA-AES256-SHA384" },
  639. { 0xC00A, "ECDHE-ECDSA-AES256-SHA" },
  640. { 0xC014, "ECDHE-RSA-AES256-SHA" },
  641. #else
  642. { 0x0000, "ECDHE-ECDSA-AES128-SHA256" },
  643. { 0x0000, "ECDHE-RSA-AES128-SHA256" },
  644. { 0x0000, "ECDHE-ECDSA-AES128-SHA" },
  645. { 0x0000, "ECDHE-RSA-AES128-SHA" },
  646. { 0x0000, "ECDHE-ECDSA-AES256-SHA384" },
  647. { 0x0000, "ECDHE-RSA-AES256-SHA384" },
  648. { 0x0000, "ECDHE-ECDSA-AES256-SHA" },
  649. { 0x0000, "ECDHE-RSA-AES256-SHA" },
  650. #endif
  651. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
  652. { 0x0067, "DHE-RSA-AES128-SHA256" },
  653. { 0x006B, "DHE-RSA-AES256-SHA256" },
  654. #else
  655. { 0x0000, "DHE-RSA-AES128-SHA256" },
  656. { 0x0000, "DHE-RSA-AES256-SHA256" },
  657. #endif
  658. #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
  659. { 0x009C, "AES128-GCM-SHA256" },
  660. { 0x009D, "AES256-GCM-SHA384" },
  661. { 0x003C, "AES128-SHA256" },
  662. { 0x003D, "AES256-SHA256" },
  663. { 0x002F, "AES128-SHA" },
  664. { 0x0035, "AES256-SHA" },
  665. #else
  666. { 0x0000, "AES128-GCM-SHA256" },
  667. { 0x0000, "AES256-GCM-SHA384" },
  668. { 0x0000, "AES128-SHA256" },
  669. { 0x0000, "AES256-SHA256" },
  670. { 0x0000, "AES128-SHA" },
  671. { 0x0000, "AES256-SHA" },
  672. #endif
  673. #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
  674. { 0x000A, "DES-CBC3-SHA" },
  675. #else
  676. { 0x0000, "DES-CBC3-SHA" },
  677. #endif
  678. { 0x0000, "GIBBERISH" },
  679. { 0x0000, "" },
  680. };
  681. #define TEST_STR_LIST_LEN (sizeof(test_str_list) / sizeof(test_str_list[0]))
  682. UNITTEST_START
  683. {
  684. for(size_t i = 0; i < TEST_CS_LIST_LEN; i++) {
  685. const struct test_cs_entry *test = &test_cs_list[i];
  686. const char *expect;
  687. char buf[64] = "";
  688. char alt[64] = "";
  689. uint16_t id;
  690. /* test Curl_cipher_suite_lookup_id() for rfc name */
  691. if(test->rfc) {
  692. id = Curl_cipher_suite_lookup_id(test->rfc, strlen(test->rfc));
  693. if(id != test->id) {
  694. fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
  695. "result = 0x%04x, expected = 0x%04x\n",
  696. test->rfc, id, test->id);
  697. unitfail++;
  698. }
  699. }
  700. /* test Curl_cipher_suite_lookup_id() for OpenSSL name */
  701. if(test->openssl) {
  702. id = Curl_cipher_suite_lookup_id(test->openssl, strlen(test->openssl));
  703. if(id != test->id) {
  704. fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
  705. "result = 0x%04x, expected = 0x%04x\n",
  706. test->openssl, id, test->id);
  707. unitfail++;
  708. }
  709. }
  710. /* test Curl_cipher_suite_get_str() prefer rfc name */
  711. buf[0] = '\0';
  712. expect = test->rfc ? test->rfc : test->openssl;
  713. Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), true);
  714. if(strcmp(buf, expect) != 0) {
  715. fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
  716. "result = \"%s\", expected = \"%s\"\n",
  717. test->id, buf, expect);
  718. unitfail++;
  719. }
  720. /* test Curl_cipher_suite_get_str() prefer OpenSSL name */
  721. buf[0] = '\0';
  722. expect = test->openssl ? test->openssl : test->rfc;
  723. Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), false);
  724. /* suites matched by EDH alias will return the DHE name */
  725. if(test->id >= 0x0011 && test->id < 0x0017) {
  726. if(memcmp(expect, "EDH-", 4) == 0)
  727. expect = (char *) memcpy(strcpy(alt, expect), "DHE-", 4);
  728. if(memcmp(expect + 4, "EDH-", 4) == 0)
  729. expect = (char *) memcpy(strcpy(alt, expect) + 4, "DHE-", 4) - 4;
  730. }
  731. if(strcmp(buf, expect) != 0) {
  732. fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
  733. "result = \"%s\", expected = \"%s\"\n",
  734. test->id, buf, expect);
  735. unitfail++;
  736. }
  737. }
  738. /* test Curl_cipher_suite_walk_str() */
  739. {
  740. const char *ptr, *end = cs_test_string;
  741. int i = 0;
  742. uint16_t id;
  743. size_t len;
  744. for(ptr = cs_test_string; ptr[0] != '\0'; ptr = end) {
  745. const struct test_str_entry *test = &test_str_list[i];
  746. abort_if(i == TEST_STR_LIST_LEN, "should have been done");
  747. id = Curl_cipher_suite_walk_str(&ptr, &end);
  748. len = end - ptr;
  749. if(id != test->id) {
  750. fprintf(stderr, "Curl_cipher_suite_walk_str FAILED for \"%s\" "
  751. "unexpected cipher, "
  752. "result = 0x%04x, expected = 0x%04x\n",
  753. test->str, id, test->id);
  754. unitfail++;
  755. }
  756. if(len > 64 || strncmp(ptr, test->str, len) != 0) {
  757. fprintf(stderr, "Curl_cipher_suite_walk_str ABORT for \"%s\" "
  758. "unexpected pointers\n",
  759. test->str);
  760. unitfail++;
  761. goto unit_test_abort;
  762. }
  763. i++;
  764. }
  765. }
  766. }
  767. UNITTEST_STOP
  768. #else /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
  769. defined(USE_BEARSSL) */
  770. UNITTEST_START
  771. UNITTEST_STOP
  772. #endif /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
  773. defined(USE_BEARSSL) || defined(USE_RUSTLS) */