From aaa9e92697e16278fb91552f075c020f2b4c26cb Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 17 Apr 2010 18:56:53 +0000 Subject: Clean up ciphersuite handling --- src/ssl/tls_magic.h | 75 ++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 60 insertions(+), 15 deletions(-) (limited to 'src/ssl/tls_magic.h') diff --git a/src/ssl/tls_magic.h b/src/ssl/tls_magic.h index a6ca1f8d6..35a9fc925 100644 --- a/src/ssl/tls_magic.h +++ b/src/ssl/tls_magic.h @@ -1,6 +1,6 @@ /** -* SSL/TLS Protocol Constants -* (C) 2004-2006 Jack Lloyd +* SSL/TLS Protocol Constants +* (C) 2004-2010 Jack Lloyd * * Released under the terms of the Botan license */ @@ -96,19 +96,64 @@ enum Certificate_Type { }; enum Ciphersuite_Code { - RSA_RC4_MD5 = 0x0004, - RSA_RC4_SHA = 0x0005, - RSA_3DES_SHA = 0x000A, - RSA_AES128_SHA = 0x002F, - RSA_AES256_SHA = 0x0035, - - DHE_RSA_3DES_SHA = 0x0016, - DHE_RSA_AES128_SHA = 0x0033, - DHE_RSA_AES256_SHA = 0x0039, - - DHE_DSS_3DES_SHA = 0x0013, - DHE_DSS_AES128_SHA = 0x0032, - DHE_DSS_AES256_SHA = 0x0038 + TLS_RSA_WITH_RC4_128_MD5 = 0x0004, + TLS_RSA_WITH_RC4_128_SHA = 0x0005, + + TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, + + TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, + TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, + TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, + TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, + + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, + TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, + TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, + TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, + TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, + + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, + TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, + TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, + + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, + + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 +}; + +/* +* Form of the ciphersuites broken down by field instead of +* being randomly assigned codepoints. +*/ +enum TLS_Ciphersuite_Algos { + TLS_ALGO_SIGNER_MASK = 0xFF000000, + TLS_ALGO_SIGNER_ANON = 0x01000000, + TLS_ALGO_SIGNER_RSA = 0x02000000, + TLS_ALGO_SIGNER_DSA = 0x03000000, + TLS_ALGO_SIGNER_ECDSA = 0x04000000, + + TLS_ALGO_KEYEXCH_MASK = 0x00FF0000, + TLS_ALGO_KEYEXCH_NOKEX = 0x00010000, + TLS_ALGO_KEYEXCH_RSA = 0x00020000, + TLS_ALGO_KEYEXCH_DH = 0x00030000, + TLS_ALGO_KEYEXCH_ECDH = 0x00040000, + + TLS_ALGO_MAC_MASK = 0x0000FF00, + TLS_ALGO_MAC_MD5 = 0x00000100, + TLS_ALGO_MAC_SHA1 = 0x00000200, + TLS_ALGO_MAC_SHA256 = 0x00000300, + TLS_ALGO_MAC_SHA384 = 0x00000400, + + TLS_ALGO_CIPHER_MASK = 0x000000FF, + TLS_ALGO_CIPHER_RC4_128 = 0x00000001, + TLS_ALGO_CIPHER_3DES_CBC = 0x00000002, + TLS_ALGO_CIPHER_AES128_CBC = 0x00000003, + TLS_ALGO_CIPHER_AES256_CBC = 0x00000004, + TLS_ALGO_CIPHER_SEED_CBC = 0x00000005 }; enum Compression_Algo { -- cgit v1.2.3