SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of
B<cipher>. If the B<cipher> is NULL, it returns "(NONE)". If the B<cipher>
-has no standard name, it returns B<NULL>.
+has no standard name, it returns B<NULL>. If B<cipher> was defined in both
+SSLv3 and TLS, it returns the TLS name.
OPENSSL_cipher_name() returns a pointer to the OpenSSL name of B<stdname>.
If the B<stdname> is NULL, or B<stdname> has no corresponding OpenSSL name,
-it returns "(NONE)".
+it returns "(NONE)". Where both exist, B<stdname> should be the TLS name rather
+than the SSLv3 name.
SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>.
If B<cipher> is NULL, 0 is returned.
# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
/* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
-# define SSL3_RFC_RSA_NULL_MD5 "SSL_RSA_WITH_NULL_MD5"
-# define SSL3_RFC_RSA_NULL_SHA "SSL_RSA_WITH_NULL_SHA"
-# define SSL3_RFC_RSA_DES_192_CBC3_SHA "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
-# define SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
-# define SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
-# define SSL3_RFC_ADH_DES_192_CBC_SHA "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"
-# define SSL3_RFC_RSA_IDEA_128_SHA "SSL_RSA_WITH_IDEA_CBC_SHA"
-# define SSL3_RFC_RSA_RC4_128_MD5 "SSL_RSA_WITH_RC4_128_MD5"
-# define SSL3_RFC_RSA_RC4_128_SHA "SSL_RSA_WITH_RC4_128_SHA"
-# define SSL3_RFC_ADH_RC4_128_MD5 "SSL_DH_anon_WITH_RC4_128_MD5"
+# define SSL3_RFC_RSA_NULL_MD5 "TLS_RSA_WITH_NULL_MD5"
+# define SSL3_RFC_RSA_NULL_SHA "TLS_RSA_WITH_NULL_SHA"
+# define SSL3_RFC_RSA_DES_192_CBC3_SHA "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_ADH_DES_192_CBC_SHA "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_RSA_IDEA_128_SHA "TLS_RSA_WITH_IDEA_CBC_SHA"
+# define SSL3_RFC_RSA_RC4_128_MD5 "TLS_RSA_WITH_RC4_128_MD5"
+# define SSL3_RFC_RSA_RC4_128_SHA "TLS_RSA_WITH_RC4_128_SHA"
+# define SSL3_RFC_ADH_RC4_128_MD5 "TLS_DH_anon_WITH_RC4_128_MD5"
# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
/* Cipher suites */
static ssl_trace_tbl ssl_ciphers_tbl[] = {
- {0x0000, "SSL_NULL_WITH_NULL_NULL"},
- {0x0001, "SSL_RSA_WITH_NULL_MD5"},
- {0x0002, "SSL_RSA_WITH_NULL_SHA"},
- {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"},
- {0x0004, "SSL_RSA_WITH_RC4_128_MD5"},
- {0x0005, "SSL_RSA_WITH_RC4_128_SHA"},
- {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
- {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"},
- {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"},
- {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
- {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"},
- {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
- {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"},
- {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"},
- {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
- {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"},
- {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"},
- {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"},
- {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
- {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"},
- {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"},
+ {0x0000, "TLS_NULL_WITH_NULL_NULL"},
+ {0x0001, "TLS_RSA_WITH_NULL_MD5"},
+ {0x0002, "TLS_RSA_WITH_NULL_SHA"},
+ {0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5"},
+ {0x0004, "TLS_RSA_WITH_RC4_128_MD5"},
+ {0x0005, "TLS_RSA_WITH_RC4_128_SHA"},
+ {0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
+ {0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA"},
+ {0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0009, "TLS_RSA_WITH_DES_CBC_SHA"},
+ {0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA"},
+ {0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
+ {0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA"},
+ {0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA"},
+ {0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
+ {0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA"},
+ {0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"},
+ {0x0018, "TLS_DH_anon_WITH_RC4_128_MD5"},
+ {0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA"},
+ {0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"},
{0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"},
{0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"},
{0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"},
/* Cipher suites, copied from t1_trce.c */
static CIPHER_ID_NAME cipher_names[] = {
- {0x0000, "SSL_NULL_WITH_NULL_NULL"},
- {0x0001, "SSL_RSA_WITH_NULL_MD5"},
- {0x0002, "SSL_RSA_WITH_NULL_SHA"},
- {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"},
- {0x0004, "SSL_RSA_WITH_RC4_128_MD5"},
- {0x0005, "SSL_RSA_WITH_RC4_128_SHA"},
- {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
- {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"},
- {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"},
- {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
- {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"},
- {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
- {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"},
- {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"},
- {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
- {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
- {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"},
- {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
- {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"},
- {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"},
- {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
- {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"},
- {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"},
+ {0x0000, "TLS_NULL_WITH_NULL_NULL"},
+ {0x0001, "TLS_RSA_WITH_NULL_MD5"},
+ {0x0002, "TLS_RSA_WITH_NULL_SHA"},
+ {0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5"},
+ {0x0004, "TLS_RSA_WITH_RC4_128_MD5"},
+ {0x0005, "TLS_RSA_WITH_RC4_128_SHA"},
+ {0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
+ {0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA"},
+ {0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0009, "TLS_RSA_WITH_DES_CBC_SHA"},
+ {0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA"},
+ {0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
+ {0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA"},
+ {0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA"},
+ {0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
+ {0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA"},
+ {0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
+ {0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"},
+ {0x0018, "TLS_DH_anon_WITH_RC4_128_MD5"},
+ {0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
+ {0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA"},
+ {0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"},
{0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"},
{0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"},
{0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"},