diff options
-rw-r--r-- | src/tls/tls_policy.cpp | 7 | ||||
-rw-r--r-- | src/tls/tls_suite_info.cpp | 73 |
2 files changed, 62 insertions, 18 deletions
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 59f3ce50c..a2c0d01f8 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -23,7 +23,8 @@ std::vector<std::string> Policy::allowed_ciphers() const allowed.push_back("AES-128"); allowed.push_back("3DES"); allowed.push_back("ARC4"); - // Note that Camellia and SEED are not included by default + //allowed.push_back("Camellia"); + //allowed.push_back("SEED"); return allowed; } @@ -37,7 +38,7 @@ std::vector<std::string> Policy::allowed_hashes() const allowed.push_back("SHA-256"); allowed.push_back("SHA-224"); allowed.push_back("SHA-1"); - // Note that MD5 is not included by default + //allowed.push_back("MD5"); return allowed; } @@ -64,7 +65,7 @@ std::vector<std::string> Policy::allowed_signature_methods() const allowed.push_back("ECDSA"); allowed.push_back("RSA"); allowed.push_back("DSA"); - allowed.push_back(""); + //allowed.push_back(""); return allowed; } diff --git a/src/tls/tls_suite_info.cpp b/src/tls/tls_suite_info.cpp index 12cf818b2..0b76842af 100644 --- a/src/tls/tls_suite_info.cpp +++ b/src/tls/tls_suite_info.cpp @@ -13,13 +13,12 @@ namespace TLS { Ciphersuite Ciphersuite::by_id(u16bit suite) { + // Automatically generated by a Python script from the IANA values + switch(suite) { - - // Automatically generated by a Python script from the IANA values - case 0x0013: // DHE_DSS_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("DSA", "DH", "SHA-1", "TripleDES", 24); + return Ciphersuite("DSA", "DH", "SHA-1", "3DES", 24); case 0x0032: // DHE_DSS_WITH_AES_128_CBC_SHA return Ciphersuite("DSA", "DH", "SHA-1", "AES-128", 16); @@ -52,7 +51,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("DSA", "DH", "SHA-1", "SEED", 16); case 0x008F: // DHE_PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "DHE_PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "DHE_PSK", "SHA-1", "3DES", 24); case 0x0090: // DHE_PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-128", 16); @@ -76,7 +75,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "DHE_PSK", "SHA-1", "ARC4", 16); case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "DH", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "DH", "SHA-1", "3DES", 24); case 0x0033: // DHE_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "DH", "SHA-1", "AES-128", 16); @@ -105,8 +104,41 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) case 0x009A: // DHE_RSA_WITH_SEED_CBC_SHA return Ciphersuite("RSA", "DH", "SHA-1", "SEED", 16); + case 0x001B: // DH_anon_WITH_3DES_EDE_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "3DES", 24); + + case 0x0034: // DH_anon_WITH_AES_128_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "AES-128", 16); + + case 0x006C: // DH_anon_WITH_AES_128_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "AES-128", 16); + + case 0x003A: // DH_anon_WITH_AES_256_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "AES-256", 32); + + case 0x006D: // DH_anon_WITH_AES_256_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "AES-256", 32); + + case 0x0046: // DH_anon_WITH_CAMELLIA_128_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "Camellia", 16); + + case 0x00BF: // DH_anon_WITH_CAMELLIA_128_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "Camellia", 16); + + case 0x0089: // DH_anon_WITH_CAMELLIA_256_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "Camellia", 32); + + case 0x00C5: // DH_anon_WITH_CAMELLIA_256_CBC_SHA256 + return Ciphersuite("", "DH", "SHA-256", "Camellia", 32); + + case 0x0018: // DH_anon_WITH_RC4_128_MD5 + return Ciphersuite("", "DH", "MD5", "ARC4", 16); + + case 0x009B: // DH_anon_WITH_SEED_CBC_SHA + return Ciphersuite("", "DH", "SHA-1", "SEED", 16); + case 0xC008: // ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("ECDSA", "ECDH", "SHA-1", "TripleDES", 24); + return Ciphersuite("ECDSA", "ECDH", "SHA-1", "3DES", 24); case 0xC009: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA return Ciphersuite("ECDSA", "ECDH", "SHA-1", "AES-128", 16); @@ -130,7 +162,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("ECDSA", "ECDH", "SHA-1", "ARC4", 16); case 0xC034: // ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "ECDHE_PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "3DES", 24); case 0xC035: // ECDHE_PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-128", 16); @@ -154,7 +186,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "ECDHE_PSK", "SHA-1", "ARC4", 16); case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "ECDH", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "ECDH", "SHA-1", "3DES", 24); case 0xC013: // ECDHE_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "ECDH", "SHA-1", "AES-128", 16); @@ -177,8 +209,20 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) case 0xC011: // ECDHE_RSA_WITH_RC4_128_SHA return Ciphersuite("RSA", "ECDH", "SHA-1", "ARC4", 16); + case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "3DES", 24); + + case 0xC018: // ECDH_anon_WITH_AES_128_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "AES-128", 16); + + case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA + return Ciphersuite("", "ECDH", "SHA-1", "AES-256", 32); + + case 0xC016: // ECDH_anon_WITH_RC4_128_SHA + return Ciphersuite("", "ECDH", "SHA-1", "ARC4", 16); + case 0x008B: // PSK_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "PSK", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "PSK", "SHA-1", "3DES", 24); case 0x008C: // PSK_WITH_AES_128_CBC_SHA return Ciphersuite("", "PSK", "SHA-1", "AES-128", 16); @@ -202,7 +246,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("", "PSK", "SHA-1", "ARC4", 16); case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "RSA", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "RSA", "SHA-1", "3DES", 24); case 0x002F: // RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "RSA", "SHA-1", "AES-128", 16); @@ -238,7 +282,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("RSA", "RSA", "SHA-1", "SEED", 16); case 0xC01C: // SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01F: // SRP_SHA_DSS_WITH_AES_128_CBC_SHA return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "AES-128", 16); @@ -247,7 +291,7 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("DSA", "SRP_SHA", "SHA-1", "AES-256", 32); case 0xC01B: // SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01E: // SRP_SHA_RSA_WITH_AES_128_CBC_SHA return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "AES-128", 16); @@ -256,14 +300,13 @@ Ciphersuite Ciphersuite::by_id(u16bit suite) return Ciphersuite("RSA", "SRP_SHA", "SHA-1", "AES-256", 32); case 0xC01A: // SRP_SHA_WITH_3DES_EDE_CBC_SHA - return Ciphersuite("", "SRP_SHA", "SHA-1", "TripleDES", 24); + return Ciphersuite("", "SRP_SHA", "SHA-1", "3DES", 24); case 0xC01D: // SRP_SHA_WITH_AES_128_CBC_SHA return Ciphersuite("", "SRP_SHA", "SHA-1", "AES-128", 16); case 0xC020: // SRP_SHA_WITH_AES_256_CBC_SHA return Ciphersuite("", "SRP_SHA", "SHA-1", "AES-256", 32); - } return Ciphersuite(); // some unknown ciphersuite |