1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Jan Venekamp, <jan@venekamp.net>
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24 #include "curlcheck.h"
25
26 #include "vtls/cipher_suite.h"
27
unit_setup(void)28 static CURLcode unit_setup(void)
29 {
30 return CURLE_OK;
31 }
32
unit_stop(void)33 static void unit_stop(void)
34 {
35 }
36
37 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
38 defined(USE_BEARSSL) || defined(USE_RUSTLS)
39
40 struct test_cs_entry {
41 uint16_t id;
42 const char *rfc;
43 const char *openssl;
44 };
45 static const struct test_cs_entry test_cs_list[] = {
46 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_RUSTLS)
47 { 0x1301, "TLS_AES_128_GCM_SHA256",
48 NULL },
49 { 0x1302, "TLS_AES_256_GCM_SHA384",
50 NULL },
51 { 0x1303, "TLS_CHACHA20_POLY1305_SHA256",
52 NULL },
53 { 0x1304, "TLS_AES_128_CCM_SHA256",
54 NULL },
55 { 0x1305, "TLS_AES_128_CCM_8_SHA256",
56 NULL },
57 #endif
58 { 0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
59 "ECDHE-ECDSA-AES128-GCM-SHA256" },
60 { 0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
61 "ECDHE-ECDSA-AES256-GCM-SHA384" },
62 { 0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
63 "ECDHE-RSA-AES128-GCM-SHA256" },
64 { 0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
65 "ECDHE-RSA-AES256-GCM-SHA384" },
66 { 0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
67 "ECDHE-RSA-CHACHA20-POLY1305" },
68 { 0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
69 "ECDHE-ECDSA-CHACHA20-POLY1305" },
70 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
71 { 0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA",
72 "AES128-SHA" },
73 { 0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA",
74 "AES256-SHA" },
75 { 0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256",
76 "AES128-SHA256" },
77 { 0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256",
78 "AES256-SHA256" },
79 { 0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256",
80 "AES128-GCM-SHA256" },
81 { 0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384",
82 "AES256-GCM-SHA384" },
83 { 0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
84 "ECDH-ECDSA-AES128-SHA" },
85 { 0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
86 "ECDH-ECDSA-AES256-SHA" },
87 { 0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
88 "ECDHE-ECDSA-AES128-SHA" },
89 { 0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
90 "ECDHE-ECDSA-AES256-SHA" },
91 { 0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
92 "ECDH-RSA-AES128-SHA" },
93 { 0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
94 "ECDH-RSA-AES256-SHA" },
95 { 0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
96 "ECDHE-RSA-AES128-SHA" },
97 { 0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
98 "ECDHE-RSA-AES256-SHA" },
99 { 0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
100 "ECDHE-ECDSA-AES128-SHA256" },
101 { 0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
102 "ECDHE-ECDSA-AES256-SHA384" },
103 { 0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
104 "ECDH-ECDSA-AES128-SHA256" },
105 { 0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
106 "ECDH-ECDSA-AES256-SHA384" },
107 { 0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
108 "ECDHE-RSA-AES128-SHA256" },
109 { 0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
110 "ECDHE-RSA-AES256-SHA384" },
111 { 0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
112 "ECDH-RSA-AES128-SHA256" },
113 { 0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
114 "ECDH-RSA-AES256-SHA384" },
115 { 0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
116 "ECDH-ECDSA-AES128-GCM-SHA256" },
117 { 0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
118 "ECDH-ECDSA-AES256-GCM-SHA384" },
119 { 0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
120 "ECDH-RSA-AES128-GCM-SHA256" },
121 { 0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
122 "ECDH-RSA-AES256-GCM-SHA384" },
123 #endif
124 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
125 { 0x0001, "TLS_RSA_WITH_NULL_MD5",
126 "NULL-MD5" },
127 { 0x0002, "TLS_RSA_WITH_NULL_SHA",
128 "NULL-SHA" },
129 { 0x002C, "TLS_PSK_WITH_NULL_SHA",
130 "PSK-NULL-SHA" },
131 { 0x002D, "TLS_DHE_PSK_WITH_NULL_SHA",
132 "DHE-PSK-NULL-SHA" },
133 { 0x002E, "TLS_RSA_PSK_WITH_NULL_SHA",
134 "RSA-PSK-NULL-SHA" },
135 { 0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
136 "DHE-RSA-AES128-SHA" },
137 { 0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
138 "DHE-RSA-AES256-SHA" },
139 { 0x003B, "TLS_RSA_WITH_NULL_SHA256",
140 "NULL-SHA256" },
141 { 0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
142 "DHE-RSA-AES128-SHA256" },
143 { 0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
144 "DHE-RSA-AES256-SHA256" },
145 { 0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA",
146 "PSK-AES128-CBC-SHA" },
147 { 0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA",
148 "PSK-AES256-CBC-SHA" },
149 { 0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
150 "DHE-PSK-AES128-CBC-SHA" },
151 { 0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
152 "DHE-PSK-AES256-CBC-SHA" },
153 { 0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
154 "RSA-PSK-AES128-CBC-SHA" },
155 { 0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA",
156 "RSA-PSK-AES256-CBC-SHA" },
157 { 0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
158 "DHE-RSA-AES128-GCM-SHA256" },
159 { 0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
160 "DHE-RSA-AES256-GCM-SHA384" },
161 { 0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256",
162 "PSK-AES128-GCM-SHA256" },
163 { 0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384",
164 "PSK-AES256-GCM-SHA384" },
165 { 0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256",
166 "DHE-PSK-AES128-GCM-SHA256" },
167 { 0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384",
168 "DHE-PSK-AES256-GCM-SHA384" },
169 { 0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256",
170 "RSA-PSK-AES128-GCM-SHA256" },
171 { 0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384",
172 "RSA-PSK-AES256-GCM-SHA384" },
173 { 0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256",
174 "PSK-AES128-CBC-SHA256" },
175 { 0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384",
176 "PSK-AES256-CBC-SHA384" },
177 { 0x00B0, "TLS_PSK_WITH_NULL_SHA256",
178 "PSK-NULL-SHA256" },
179 { 0x00B1, "TLS_PSK_WITH_NULL_SHA384",
180 "PSK-NULL-SHA384" },
181 { 0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256",
182 "DHE-PSK-AES128-CBC-SHA256" },
183 { 0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384",
184 "DHE-PSK-AES256-CBC-SHA384" },
185 { 0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256",
186 "DHE-PSK-NULL-SHA256" },
187 { 0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384",
188 "DHE-PSK-NULL-SHA384" },
189 { 0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256",
190 "RSA-PSK-AES128-CBC-SHA256" },
191 { 0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384",
192 "RSA-PSK-AES256-CBC-SHA384" },
193 { 0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256",
194 "RSA-PSK-NULL-SHA256" },
195 { 0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384",
196 "RSA-PSK-NULL-SHA384" },
197 { 0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA",
198 "ECDH-ECDSA-NULL-SHA" },
199 { 0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
200 "ECDHE-ECDSA-NULL-SHA" },
201 { 0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA",
202 "ECDH-RSA-NULL-SHA" },
203 { 0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA",
204 "ECDHE-RSA-NULL-SHA" },
205 { 0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA",
206 "ECDHE-PSK-AES128-CBC-SHA" },
207 { 0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA",
208 "ECDHE-PSK-AES256-CBC-SHA" },
209 { 0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256",
210 "PSK-CHACHA20-POLY1305" },
211 #endif
212 #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
213 { 0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
214 "DES-CBC3-SHA" },
215 { 0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
216 "ECDH-ECDSA-DES-CBC3-SHA" },
217 { 0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
218 "ECDHE-ECDSA-DES-CBC3-SHA" },
219 { 0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
220 "ECDH-RSA-DES-CBC3-SHA" },
221 { 0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
222 "ECDHE-RSA-DES-CBC3-SHA" },
223 #endif
224 #if defined(USE_MBEDTLS) || defined(USE_BEARSSL)
225 { 0xC09C, "TLS_RSA_WITH_AES_128_CCM",
226 "AES128-CCM" },
227 { 0xC09D, "TLS_RSA_WITH_AES_256_CCM",
228 "AES256-CCM" },
229 { 0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8",
230 "AES128-CCM8" },
231 { 0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8",
232 "AES256-CCM8" },
233 { 0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM",
234 "ECDHE-ECDSA-AES128-CCM" },
235 { 0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM",
236 "ECDHE-ECDSA-AES256-CCM" },
237 { 0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8",
238 "ECDHE-ECDSA-AES128-CCM8" },
239 { 0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8",
240 "ECDHE-ECDSA-AES256-CCM8" },
241 #endif
242 #if defined(USE_SECTRANSP)
243 { 0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
244 "EXP-RC4-MD5" },
245 { 0x0004, "TLS_RSA_WITH_RC4_128_MD5",
246 "RC4-MD5" },
247 { 0x0005, "TLS_RSA_WITH_RC4_128_SHA",
248 "RC4-SHA" },
249 { 0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
250 "EXP-RC2-CBC-MD5" },
251 { 0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA",
252 "IDEA-CBC-SHA" },
253 { 0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
254 "EXP-DES-CBC-SHA" },
255 { 0x0009, "TLS_RSA_WITH_DES_CBC_SHA",
256 "DES-CBC-SHA" },
257 { 0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
258 "EXP-DH-DSS-DES-CBC-SHA" },
259 { 0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA",
260 "DH-DSS-DES-CBC-SHA" },
261 { 0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
262 "DH-DSS-DES-CBC3-SHA" },
263 { 0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
264 "EXP-DH-RSA-DES-CBC-SHA" },
265 { 0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA",
266 "DH-RSA-DES-CBC-SHA" },
267 { 0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
268 "DH-RSA-DES-CBC3-SHA" },
269 { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
270 "EXP-DHE-DSS-DES-CBC-SHA" },
271 { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
272 "DHE-DSS-DES-CBC-SHA" },
273 { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
274 "DHE-DSS-DES-CBC3-SHA" },
275 { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
276 "EXP-DHE-RSA-DES-CBC-SHA" },
277 { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
278 "DHE-RSA-DES-CBC-SHA" },
279 { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
280 "DHE-RSA-DES-CBC3-SHA" },
281 { 0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
282 "EXP-ADH-RC4-MD5" },
283 { 0x0018, "TLS_DH_anon_WITH_RC4_128_MD5",
284 "ADH-RC4-MD5" },
285 { 0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
286 "EXP-ADH-DES-CBC-SHA" },
287 { 0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA",
288 "ADH-DES-CBC-SHA" },
289 { 0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
290 "ADH-DES-CBC3-SHA" },
291 { 0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
292 "DH-DSS-AES128-SHA" },
293 { 0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
294 "DH-RSA-AES128-SHA" },
295 { 0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
296 "DHE-DSS-AES128-SHA" },
297 { 0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA",
298 "ADH-AES128-SHA" },
299 { 0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
300 "DH-DSS-AES256-SHA" },
301 { 0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
302 "DH-RSA-AES256-SHA" },
303 { 0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
304 "DHE-DSS-AES256-SHA" },
305 { 0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA",
306 "ADH-AES256-SHA" },
307 { 0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
308 "DH-DSS-AES128-SHA256" },
309 { 0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
310 "DH-RSA-AES128-SHA256" },
311 { 0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
312 "DHE-DSS-AES128-SHA256" },
313 { 0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256",
314 "DH-DSS-AES256-SHA256" },
315 { 0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256",
316 "DH-RSA-AES256-SHA256" },
317 { 0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
318 "DHE-DSS-AES256-SHA256" },
319 { 0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
320 "ADH-AES128-SHA256" },
321 { 0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
322 "ADH-AES256-SHA256" },
323 { 0x008A, "TLS_PSK_WITH_RC4_128_SHA",
324 "PSK-RC4-SHA" },
325 { 0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA",
326 "PSK-3DES-EDE-CBC-SHA" },
327 { 0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA",
328 "DHE-PSK-RC4-SHA" },
329 { 0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
330 "DHE-PSK-3DES-EDE-CBC-SHA" },
331 { 0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA",
332 "RSA-PSK-RC4-SHA" },
333 { 0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
334 "RSA-PSK-3DES-EDE-CBC-SHA" },
335 { 0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
336 "DH-RSA-AES128-GCM-SHA256" },
337 { 0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
338 "DH-RSA-AES256-GCM-SHA384" },
339 { 0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
340 "DHE-DSS-AES128-GCM-SHA256" },
341 { 0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
342 "DHE-DSS-AES256-GCM-SHA384" },
343 { 0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
344 "DH-DSS-AES128-GCM-SHA256" },
345 { 0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384",
346 "DH-DSS-AES256-GCM-SHA384" },
347 { 0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
348 "ADH-AES128-GCM-SHA256" },
349 { 0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
350 "ADH-AES256-GCM-SHA384" },
351 { 0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
352 "ECDH-ECDSA-RC4-SHA" },
353 { 0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
354 "ECDHE-ECDSA-RC4-SHA" },
355 { 0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA",
356 "ECDH-RSA-RC4-SHA" },
357 { 0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
358 "ECDHE-RSA-RC4-SHA" },
359 { 0xC015, "TLS_ECDH_anon_WITH_NULL_SHA",
360 "AECDH-NULL-SHA" },
361 { 0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA",
362 "AECDH-RC4-SHA" },
363 { 0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
364 "AECDH-DES-CBC3-SHA" },
365 { 0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
366 "AECDH-AES128-SHA" },
367 { 0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
368 "AECDH-AES256-SHA" },
369 /* Backward compatible aliases (EDH vs DHE) */
370 { 0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
371 "EXP-EDH-DSS-DES-CBC-SHA" },
372 { 0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA",
373 "EDH-DSS-DES-CBC-SHA" },
374 { 0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
375 "EDH-DSS-DES-CBC3-SHA" },
376 { 0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
377 "EXP-EDH-RSA-DES-CBC-SHA" },
378 { 0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA",
379 "EDH-RSA-DES-CBC-SHA" },
380 { 0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
381 "EDH-RSA-DES-CBC3-SHA" },
382 #endif
383 #if defined(USE_MBEDTLS)
384 /* entries marked ns are non-"standard", they are not in OpenSSL */
385 { 0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
386 "CAMELLIA128-SHA" },
387 { 0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",
388 "DHE-RSA-CAMELLIA128-SHA" },
389 { 0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
390 "CAMELLIA256-SHA" },
391 { 0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
392 "DHE-RSA-CAMELLIA256-SHA" },
393 { 0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256",
394 "CAMELLIA128-SHA256" },
395 { 0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
396 "DHE-RSA-CAMELLIA128-SHA256" },
397 { 0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256",
398 "CAMELLIA256-SHA256" },
399 { 0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256",
400 "DHE-RSA-CAMELLIA256-SHA256" },
401 { 0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256",
402 "ECDHE-PSK-AES128-CBC-SHA256" },
403 { 0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384",
404 "ECDHE-PSK-AES256-CBC-SHA384" },
405 { 0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA",
406 "ECDHE-PSK-NULL-SHA" },
407 { 0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256",
408 "ECDHE-PSK-NULL-SHA256" },
409 { 0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384",
410 "ECDHE-PSK-NULL-SHA384" },
411 { 0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256",
412 "ARIA128-SHA256" /* ns */ },
413 { 0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384",
414 "ARIA256-SHA384" /* ns */ },
415 { 0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256",
416 "DHE-RSA-ARIA128-SHA256" /* ns */ },
417 { 0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384",
418 "DHE-RSA-ARIA256-SHA384" /* ns */ },
419 { 0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256",
420 "ECDHE-ECDSA-ARIA128-SHA256" /* ns */ },
421 { 0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384",
422 "ECDHE-ECDSA-ARIA256-SHA384" /* ns */ },
423 { 0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256",
424 "ECDH-ECDSA-ARIA128-SHA256" /* ns */ },
425 { 0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384",
426 "ECDH-ECDSA-ARIA256-SHA384" /* ns */ },
427 { 0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256",
428 "ECDHE-ARIA128-SHA256" /* ns */ },
429 { 0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384",
430 "ECDHE-ARIA256-SHA384" /* ns */ },
431 { 0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256",
432 "ECDH-ARIA128-SHA256" /* ns */ },
433 { 0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384",
434 "ECDH-ARIA256-SHA384" /* ns */ },
435 { 0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256",
436 "ARIA128-GCM-SHA256" },
437 { 0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384",
438 "ARIA256-GCM-SHA384" },
439 { 0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256",
440 "DHE-RSA-ARIA128-GCM-SHA256" },
441 { 0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384",
442 "DHE-RSA-ARIA256-GCM-SHA384" },
443 { 0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",
444 "ECDHE-ECDSA-ARIA128-GCM-SHA256" },
445 { 0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",
446 "ECDHE-ECDSA-ARIA256-GCM-SHA384" },
447 { 0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256",
448 "ECDH-ECDSA-ARIA128-GCM-SHA256" /* ns */ },
449 { 0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384",
450 "ECDH-ECDSA-ARIA256-GCM-SHA384" /* ns */ },
451 { 0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256",
452 "ECDHE-ARIA128-GCM-SHA256" },
453 { 0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384",
454 "ECDHE-ARIA256-GCM-SHA384" },
455 { 0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256",
456 "ECDH-ARIA128-GCM-SHA256" /* ns */ },
457 { 0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384",
458 "ECDH-ARIA256-GCM-SHA384" /* ns */ },
459 { 0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256",
460 "PSK-ARIA128-SHA256" /* ns */ },
461 { 0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384",
462 "PSK-ARIA256-SHA384" /* ns */ },
463 { 0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256",
464 "DHE-PSK-ARIA128-SHA256" /* ns */ },
465 { 0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384",
466 "DHE-PSK-ARIA256-SHA384" /* ns */ },
467 { 0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256",
468 "RSA-PSK-ARIA128-SHA256" /* ns */ },
469 { 0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384",
470 "RSA-PSK-ARIA256-SHA384" /* ns */ },
471 { 0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256",
472 "PSK-ARIA128-GCM-SHA256" },
473 { 0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384",
474 "PSK-ARIA256-GCM-SHA384" },
475 { 0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256",
476 "DHE-PSK-ARIA128-GCM-SHA256" },
477 { 0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384",
478 "DHE-PSK-ARIA256-GCM-SHA384" },
479 { 0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256",
480 "RSA-PSK-ARIA128-GCM-SHA256" },
481 { 0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384",
482 "RSA-PSK-ARIA256-GCM-SHA384" },
483 { 0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256",
484 "ECDHE-PSK-ARIA128-SHA256" /* ns */ },
485 { 0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384",
486 "ECDHE-PSK-ARIA256-SHA384" /* ns */ },
487 { 0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
488 "ECDHE-ECDSA-CAMELLIA128-SHA256" },
489 { 0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
490 "ECDHE-ECDSA-CAMELLIA256-SHA384" },
491 { 0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256",
492 "ECDH-ECDSA-CAMELLIA128-SHA256" /* ns */ },
493 { 0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384",
494 "ECDH-ECDSA-CAMELLIA256-SHA384" /* ns */ },
495 { 0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256",
496 "ECDHE-RSA-CAMELLIA128-SHA256" },
497 { 0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384",
498 "ECDHE-RSA-CAMELLIA256-SHA384" },
499 { 0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256",
500 "ECDH-CAMELLIA128-SHA256" /* ns */ },
501 { 0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384",
502 "ECDH-CAMELLIA256-SHA384" /* ns */ },
503 { 0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256",
504 "CAMELLIA128-GCM-SHA256" /* ns */ },
505 { 0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384",
506 "CAMELLIA256-GCM-SHA384" /* ns */ },
507 { 0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
508 "DHE-RSA-CAMELLIA128-GCM-SHA256" /* ns */ },
509 { 0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
510 "DHE-RSA-CAMELLIA256-GCM-SHA384" /* ns */ },
511 { 0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
512 "ECDHE-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
513 { 0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
514 "ECDHE-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
515 { 0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256",
516 "ECDH-ECDSA-CAMELLIA128-GCM-SHA256" /* ns */ },
517 { 0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384",
518 "ECDH-ECDSA-CAMELLIA256-GCM-SHA384" /* ns */ },
519 { 0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256",
520 "ECDHE-CAMELLIA128-GCM-SHA256" /* ns */ },
521 { 0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384",
522 "ECDHE-CAMELLIA256-GCM-SHA384" /* ns */ },
523 { 0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256",
524 "ECDH-CAMELLIA128-GCM-SHA256" /* ns */ },
525 { 0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384",
526 "ECDH-CAMELLIA256-GCM-SHA384" /* ns */ },
527 { 0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256",
528 "PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
529 { 0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384",
530 "PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
531 { 0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256",
532 "DHE-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
533 { 0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384",
534 "DHE-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
535 { 0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256",
536 "RSA-PSK-CAMELLIA128-GCM-SHA256" /* ns */ },
537 { 0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384",
538 "RSA-PSK-CAMELLIA256-GCM-SHA384" /* ns */ },
539 { 0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256",
540 "PSK-CAMELLIA128-SHA256" },
541 { 0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384",
542 "PSK-CAMELLIA256-SHA384" },
543 { 0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
544 "DHE-PSK-CAMELLIA128-SHA256" },
545 { 0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
546 "DHE-PSK-CAMELLIA256-SHA384" },
547 { 0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256",
548 "RSA-PSK-CAMELLIA128-SHA256" },
549 { 0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384",
550 "RSA-PSK-CAMELLIA256-SHA384" },
551 { 0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256",
552 "ECDHE-PSK-CAMELLIA128-SHA256" },
553 { 0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384",
554 "ECDHE-PSK-CAMELLIA256-SHA384" },
555 { 0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM",
556 "DHE-RSA-AES128-CCM" },
557 { 0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM",
558 "DHE-RSA-AES256-CCM" },
559 { 0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8",
560 "DHE-RSA-AES128-CCM8" },
561 { 0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8",
562 "DHE-RSA-AES256-CCM8" },
563 { 0xC0A4, "TLS_PSK_WITH_AES_128_CCM",
564 "PSK-AES128-CCM" },
565 { 0xC0A5, "TLS_PSK_WITH_AES_256_CCM",
566 "PSK-AES256-CCM" },
567 { 0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM",
568 "DHE-PSK-AES128-CCM" },
569 { 0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM",
570 "DHE-PSK-AES256-CCM" },
571 { 0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8",
572 "PSK-AES128-CCM8" },
573 { 0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8",
574 "PSK-AES256-CCM8" },
575 { 0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8",
576 "DHE-PSK-AES128-CCM8" },
577 { 0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8",
578 "DHE-PSK-AES256-CCM8" },
579 { 0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
580 "DHE-RSA-CHACHA20-POLY1305" },
581 { 0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
582 "ECDHE-PSK-CHACHA20-POLY1305" },
583 { 0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256",
584 "DHE-PSK-CHACHA20-POLY1305" },
585 { 0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256",
586 "RSA-PSK-CHACHA20-POLY1305" },
587 #endif
588 };
589 #define TEST_CS_LIST_LEN (sizeof(test_cs_list) / sizeof(test_cs_list[0]))
590
591 static const char *cs_test_string =
592 "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:"
593 "TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:"
594 "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:"
595 "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:"
596 "ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:"
597 "DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:"
598 "ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:"
599 "ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:"
600 "ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:"
601 "DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:"
602 "AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:"
603 "DES-CBC3-SHA:"
604 ":: GIBBERISH ::"
605 ;
606
607 struct test_str_entry {
608 uint16_t id;
609 const char *str;
610 };
611 static const struct test_str_entry test_str_list[] = {
612 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_RUSTLS)
613 { 0x1301, "TLS_AES_128_GCM_SHA256"},
614 { 0x1302, "TLS_AES_256_GCM_SHA384"},
615 { 0x1303, "TLS_CHACHA20_POLY1305_SHA256"},
616 #else
617 { 0x0000, "TLS_AES_128_GCM_SHA256"},
618 { 0x0000, "TLS_AES_256_GCM_SHA384"},
619 { 0x0000, "TLS_CHACHA20_POLY1305_SHA256"},
620 #endif
621 { 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256"},
622 { 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256"},
623 { 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384"},
624 { 0xC030, "ECDHE-RSA-AES256-GCM-SHA384"},
625 { 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305"},
626 { 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305"},
627 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
628 { 0x009E, "DHE-RSA-AES128-GCM-SHA256"},
629 { 0x009F, "DHE-RSA-AES256-GCM-SHA384"},
630 #else
631 { 0x0000, "DHE-RSA-AES128-GCM-SHA256"},
632 { 0x0000, "DHE-RSA-AES256-GCM-SHA384"},
633 #endif
634 #if defined(USE_MBEDTLS)
635 { 0xCCAA, "DHE-RSA-CHACHA20-POLY1305"},
636 #else
637 { 0x0000, "DHE-RSA-CHACHA20-POLY1305"},
638 #endif
639 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
640 { 0xC023, "ECDHE-ECDSA-AES128-SHA256" },
641 { 0xC027, "ECDHE-RSA-AES128-SHA256" },
642 { 0xC009, "ECDHE-ECDSA-AES128-SHA" },
643 { 0xC013, "ECDHE-RSA-AES128-SHA" },
644 { 0xC024, "ECDHE-ECDSA-AES256-SHA384" },
645 { 0xC028, "ECDHE-RSA-AES256-SHA384" },
646 { 0xC00A, "ECDHE-ECDSA-AES256-SHA" },
647 { 0xC014, "ECDHE-RSA-AES256-SHA" },
648 #else
649 { 0x0000, "ECDHE-ECDSA-AES128-SHA256" },
650 { 0x0000, "ECDHE-RSA-AES128-SHA256" },
651 { 0x0000, "ECDHE-ECDSA-AES128-SHA" },
652 { 0x0000, "ECDHE-RSA-AES128-SHA" },
653 { 0x0000, "ECDHE-ECDSA-AES256-SHA384" },
654 { 0x0000, "ECDHE-RSA-AES256-SHA384" },
655 { 0x0000, "ECDHE-ECDSA-AES256-SHA" },
656 { 0x0000, "ECDHE-RSA-AES256-SHA" },
657 #endif
658 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS)
659 { 0x0067, "DHE-RSA-AES128-SHA256" },
660 { 0x006B, "DHE-RSA-AES256-SHA256" },
661 #else
662 { 0x0000, "DHE-RSA-AES128-SHA256" },
663 { 0x0000, "DHE-RSA-AES256-SHA256" },
664 #endif
665 #if defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || defined(USE_BEARSSL)
666 { 0x009C, "AES128-GCM-SHA256" },
667 { 0x009D, "AES256-GCM-SHA384" },
668 { 0x003C, "AES128-SHA256" },
669 { 0x003D, "AES256-SHA256" },
670 { 0x002F, "AES128-SHA" },
671 { 0x0035, "AES256-SHA" },
672 #else
673 { 0x0000, "AES128-GCM-SHA256" },
674 { 0x0000, "AES256-GCM-SHA384" },
675 { 0x0000, "AES128-SHA256" },
676 { 0x0000, "AES256-SHA256" },
677 { 0x0000, "AES128-SHA" },
678 { 0x0000, "AES256-SHA" },
679 #endif
680 #if defined(USE_SECTRANSP) || defined(USE_BEARSSL)
681 { 0x000A, "DES-CBC3-SHA" },
682 #else
683 { 0x0000, "DES-CBC3-SHA" },
684 #endif
685 { 0x0000, "GIBBERISH" },
686 { 0x0000, "" },
687 };
688 #define TEST_STR_LIST_LEN (sizeof(test_str_list) / sizeof(test_str_list[0]))
689
690 UNITTEST_START
691 {
692 for(size_t i = 0; i < TEST_CS_LIST_LEN; i++) {
693 const struct test_cs_entry *test = &test_cs_list[i];
694 const char *expect;
695 char buf[64] = "";
696 char alt[64] = "";
697 uint16_t id;
698
699 /* test Curl_cipher_suite_lookup_id() for rfc name */
700 if(test->rfc) {
701 id = Curl_cipher_suite_lookup_id(test->rfc, strlen(test->rfc));
702 if(id != test->id) {
703 fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
704 "result = 0x%04x, expected = 0x%04x\n",
705 test->rfc, id, test->id);
706 unitfail++;
707 }
708 }
709
710 /* test Curl_cipher_suite_lookup_id() for OpenSSL name */
711 if(test->openssl) {
712 id = Curl_cipher_suite_lookup_id(test->openssl, strlen(test->openssl));
713 if(id != test->id) {
714 fprintf(stderr, "Curl_cipher_suite_lookup_id FAILED for \"%s\", "
715 "result = 0x%04x, expected = 0x%04x\n",
716 test->openssl, id, test->id);
717 unitfail++;
718 }
719 }
720
721 /* test Curl_cipher_suite_get_str() prefer rfc name */
722 buf[0] = '\0';
723 expect = test->rfc ? test->rfc : test->openssl;
724
725 Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), true);
726
727 if(strcmp(buf, expect) != 0) {
728 fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
729 "result = \"%s\", expected = \"%s\"\n",
730 test->id, buf, expect);
731 unitfail++;
732 }
733
734 /* test Curl_cipher_suite_get_str() prefer OpenSSL name */
735 buf[0] = '\0';
736 expect = test->openssl ? test->openssl : test->rfc;
737
738 Curl_cipher_suite_get_str(test->id, buf, sizeof(buf), false);
739
740 /* suites matched by EDH alias will return the DHE name */
741 if(test->id >= 0x0011 && test->id < 0x0017) {
742 if(memcmp(expect, "EDH-", 4) == 0)
743 expect = (char *) memcpy(strcpy(alt, expect), "DHE-", 4);
744 if(memcmp(expect + 4, "EDH-", 4) == 0)
745 expect = (char *) memcpy(strcpy(alt, expect) + 4, "DHE-", 4) - 4;
746 }
747
748 if(strcmp(buf, expect) != 0) {
749 fprintf(stderr, "Curl_cipher_suite_get_str FAILED for 0x%04x, "
750 "result = \"%s\", expected = \"%s\"\n",
751 test->id, buf, expect);
752 unitfail++;
753 }
754 }
755
756 /* test Curl_cipher_suite_walk_str() */
757 {
758 const char *ptr, *end = cs_test_string;
759 int i = 0;
760 uint16_t id;
761 size_t len;
762
763 for(ptr = cs_test_string; ptr[0] != '\0'; ptr = end) {
764 const struct test_str_entry *test = &test_str_list[i];
765 abort_if(i == TEST_STR_LIST_LEN, "should have been done");
766
767 id = Curl_cipher_suite_walk_str(&ptr, &end);
768 len = end - ptr;
769
770 if(id != test->id) {
771 fprintf(stderr, "Curl_cipher_suite_walk_str FAILED for \"%s\" "
772 "unexpected cipher, "
773 "result = 0x%04x, expected = 0x%04x\n",
774 test->str, id, test->id);
775 unitfail++;
776 }
777 if(len > 64 || strncmp(ptr, test->str, len) != 0) {
778 fprintf(stderr, "Curl_cipher_suite_walk_str ABORT for \"%s\" "
779 "unexpected pointers\n",
780 test->str);
781 unitfail++;
782 goto unit_test_abort;
783 }
784 i++;
785 }
786 }
787 }
788 UNITTEST_STOP
789
790 #else /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
791 defined(USE_BEARSSL) */
792
793 UNITTEST_START
794 UNITTEST_STOP
795
796 #endif /* defined(USE_SECTRANSP) || defined(USE_MBEDTLS) || \
797 defined(USE_BEARSSL) || defined(USE_RUSTLS) */
798
