1
2
3 """
4 Nicely formatted cipher suite definitions for TLS
5
6 A list of cipher suites in the form of CipherSuite objects.
7 These are supposed to be immutable; don't mess with them.
8 """
12 """
13 Encapsulates a cipher suite.
14
15 Members/args:
16 * code: two-byte ID code, as int
17 * kx: key exchange algorithm, e.g. 'RSA' or 'DHE'
18 * auth: authentication algorithm, e.g. 'RSA' or 'DSS'
19 * cipher: stream or block cipher algorithm, e.g. 'AES_128'
20 * mode: mode of operation for block ciphers, e.g. 'CBC' or 'GCM'
21 * mac: message authentication code algorithm, e.g. 'MD5' or 'SHA256'
22 * name: cipher suite name as defined in the RFCs,
23 e.g. 'TLS_RSA_WITH_RC4_40_MD5', can be generated by default from the
24 other parameters
25 * encoding: encoding algorithm, defaults to cipher+mode
26 Additional members:
27 * kx_auth: kx+auth algorithm, as 'KeyExchangeAlgorithm' in RFCs
28 """
29
30 - def __init__(self, code, kx, auth, cipher, mode, mac, name=None, encoding=None):
31 self.code = code
32
33
34 self._kx = kx.rstrip()
35 self._auth = auth.rstrip()
36 self.cipher = cipher.rstrip()
37 self.mode = mode.rstrip()
38 self.mac = mac.rstrip()
39 self._name = name
40 self._encoding = encoding
41
42 @property
44 if self._kx == '':
45 return self._auth
46 else:
47 return self._kx
48
49 @property
51 if self._auth == '':
52 return self._kx
53 else:
54 return self._auth
55
56 @property
58 if self._auth == '':
59 return self._kx
60 elif self._kx == '':
61 return self._auth
62 else:
63 return self._kx + '_' + self._auth
64
65 @property
67 if self._encoding is None:
68 if self.mode == '':
69 return self.cipher
70 else:
71 return self.cipher + '_' + self.mode
72 else:
73 return self._encoding
74
75 @property
77 if self._name is None:
78 if self.mac == '':
79 return 'TLS_' + self.kx_auth + '_WITH_' + self.encoding
80 else:
81 return 'TLS_' + self.kx_auth + '_WITH_' + self.encoding + '_' + self.mac
82 else:
83 return self._name
84
86 return 'CipherSuite(%s)' % self.name
87
88 MAC_SIZES = {
89 'MD5': 16,
90 'SHA': 20,
91 'SHA256': 32,
92 'SHA384': 48,
93 }
94
95
96
97 BLOCK_SIZES = {
98 'AES_128': 16,
99 'AES_256': 16,
100 }
101
102 @property
104 """In bytes. Default to 0."""
105 return self.MAC_SIZES.get(self.mac, 0)
106
107 @property
109 """In bytes. Default to 1."""
110 return self.BLOCK_SIZES.get(self.cipher, 1)
111
112
113
114
115 CIPHERSUITES = [
116
117 CipherSuite(0x00ff, 'NULL', ' ', 'NULL ', ' ', 'NULL',
118 'TLS_EMPTY_RENEGOTIATION_INFO'),
119
120 CipherSuite(0x5600, '', ' ', '', '', '',
121 'TLS_FALLBACK'),
122 CipherSuite(0xffff, '', ' ', '', '', '',
123 'UNKNOWN_CIPHER'),
124
125
126 CipherSuite(0x0000, 'NULL', ' ', 'NULL ', ' ', 'NULL'),
127
128 CipherSuite(0x0001, 'RSA', ' ', 'NULL ', ' ', 'MD5'),
129 CipherSuite(0x0002, 'RSA', ' ', 'NULL ', ' ', 'SHA'),
130 CipherSuite(0x0003, 'RSA_EXPORT', ' ', 'RC4_40 ', ' ', 'MD5'),
131 CipherSuite(0x0004, 'RSA', ' ', 'RC4_128 ', ' ', 'MD5'),
132 CipherSuite(0x0005, 'RSA', ' ', 'RC4_128 ', ' ', 'SHA'),
133 CipherSuite(0x0006, 'RSA_EXPORT', ' ', 'RC2_40 ', 'CBC ', 'MD5',
134 encoding='RC2_CBC_40'),
135 CipherSuite(0x0007, 'RSA', ' ', 'IDEA ', 'CBC ', 'SHA'),
136 CipherSuite(0x0008, 'RSA_EXPORT', ' ', 'DES40 ', 'CBC ', 'SHA'),
137 CipherSuite(0x0009, 'RSA', ' ', 'DES ', 'CBC ', 'SHA'),
138 CipherSuite(0x000a, 'RSA', ' ', '3DES_EDE', 'CBC ', 'SHA'),
139
140 CipherSuite(0x000b, 'DH', 'DSS_EXPORT', 'DES40 ', 'CBC ', 'SHA'),
141 CipherSuite(0x000c, 'DH', 'DSS ', 'DES ', 'CBC ', 'SHA'),
142 CipherSuite(0x000d, 'DH', 'DSS ', '3DES_EDE', 'CBC ', 'SHA'),
143 CipherSuite(0x000e, 'DH', 'RSA_EXPORT', 'DES40 ', 'CBC ', 'SHA'),
144 CipherSuite(0x000f, 'DH', 'RSA ', 'DES ', 'CBC ', 'SHA'),
145 CipherSuite(0x0010, 'DH', 'RSA ', '3DES_EDE', 'CBC ', 'SHA'),
146 CipherSuite(0x0011, 'DHE', 'DSS_EXPORT', 'DES40 ', 'CBC ', 'SHA'),
147 CipherSuite(0x0012, 'DHE', 'DSS ', 'DES ', 'CBC ', 'SHA'),
148 CipherSuite(0x0013, 'DHE', 'DSS ', '3DES_EDE', 'CBC ', 'SHA'),
149 CipherSuite(0x0014, 'DHE', 'RSA_EXPORT', 'DES40 ', 'CBC ', 'SHA'),
150 CipherSuite(0x0015, 'DHE', 'RSA ', 'DES ', 'CBC ', 'SHA'),
151 CipherSuite(0x0016, 'DHE', 'RSA ', '3DES_EDE', 'CBC ', 'SHA'),
152
153 CipherSuite(0x0017, 'DH', 'anon_EXPORT', 'RC4_40 ', ' ', 'MD5'),
154 CipherSuite(0x0018, 'DH', 'anon ', 'RC4_128 ', ' ', 'MD5'),
155 CipherSuite(0x0019, 'DH', 'anon_EXPORT', 'DES40 ', 'CBC ', 'SHA'),
156 CipherSuite(0x001a, 'DH', 'anon ', 'DES ', 'CBC ', 'SHA'),
157 CipherSuite(0x001b, 'DH', 'anon ', '3DES_EDE', 'CBC ', 'SHA'),
158
159
160
161
162
163 CipherSuite(0x001e, 'KRB5', ' ', 'DES ', 'CBC ', 'SHA'),
164 CipherSuite(0x001f, 'KRB5', ' ', '3DES_EDE', 'CBC ', 'SHA'),
165 CipherSuite(0x0020, 'KRB5', ' ', 'RC4_128 ', ' ', 'SHA'),
166 CipherSuite(0x0021, 'KRB5', ' ', 'IDEA ', 'CBC ', 'SHA'),
167 CipherSuite(0x0022, 'KRB5', ' ', 'DES ', 'CBC ', 'MD5'),
168 CipherSuite(0x0023, 'KRB5', ' ', '3DES_EDE', 'CBC ', 'MD5'),
169 CipherSuite(0x0024, 'KRB5', ' ', 'RC4_128 ', ' ', 'MD5'),
170 CipherSuite(0x0025, 'KRB5', ' ', 'IDEA ', 'CBC ', 'MD5'),
171
172 CipherSuite(0x0026, 'KRB5_EXPORT', ' ', 'DES40 ', 'CBC ', 'SHA',
173 encoding='DES_CBC_40'),
174 CipherSuite(0x0027, 'KRB5_EXPORT', ' ', 'RC2_40 ', 'CBC ', 'SHA',
175 encoding='RC2_CBC_40'),
176 CipherSuite(0x0028, 'KRB5_EXPORT', ' ', 'RC4_40 ', ' ', 'SHA'),
177 CipherSuite(0x0029, 'KRB5_EXPORT', ' ', 'DES40 ', 'CBC ', 'MD5',
178 encoding='DES_CBC_40'),
179 CipherSuite(0x002a, 'KRB5_EXPORT', ' ', 'RC2_40 ', 'CBC ', 'MD5',
180 encoding='RC2_CBC_40'),
181 CipherSuite(0x002b, 'KRB5_EXPORT', ' ', 'RC4_40 ', ' ', 'MD5'),
182
183
184 CipherSuite(0x002c, ' ', 'PSK ', 'NULL ', ' ', 'SHA'),
185 CipherSuite(0x002d, 'DHE ', 'PSK ', 'NULL ', ' ', 'SHA'),
186 CipherSuite(0x002e, 'RSA ', 'PSK ', 'NULL ', ' ', 'SHA'),
187
188
189 CipherSuite(0x002f, 'RSA ', ' ', 'AES_128 ', 'CBC ', 'SHA'),
190 CipherSuite(0x0030, 'DH ', 'DSS ', 'AES_128 ', 'CBC ', 'SHA'),
191 CipherSuite(0x0031, 'DH ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA'),
192 CipherSuite(0x0032, 'DHE ', 'DSS ', 'AES_128 ', 'CBC ', 'SHA'),
193 CipherSuite(0x0033, 'DHE ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA'),
194 CipherSuite(0x0034, 'DH ', 'anon ', 'AES_128 ', 'CBC ', 'SHA'),
195
196 CipherSuite(0x0035, 'RSA ', ' ', 'AES_256 ', 'CBC ', 'SHA'),
197 CipherSuite(0x0036, 'DH ', 'DSS ', 'AES_256 ', 'CBC ', 'SHA'),
198 CipherSuite(0x0037, 'DH ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA'),
199 CipherSuite(0x0038, 'DHE ', 'DSS ', 'AES_256 ', 'CBC ', 'SHA'),
200 CipherSuite(0x0039, 'DHE ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA'),
201 CipherSuite(0x003a, 'DH ', 'anon ', 'AES_256 ', 'CBC ', 'SHA'),
202
203
204 CipherSuite(0x003b, 'RSA ', ' ', 'NULL ', ' ', 'SHA256'),
205 CipherSuite(0x003c, 'RSA ', ' ', 'AES_128 ', 'CBC ', 'SHA256'),
206 CipherSuite(0x003d, 'RSA ', ' ', 'AES_256 ', 'CBC ', 'SHA256'),
207 CipherSuite(0x003e, 'DH ', 'DSS ', 'AES_128 ', 'CBC ', 'SHA256'),
208 CipherSuite(0x003f, 'DH ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA256'),
209 CipherSuite(0x0040, 'DHE ', 'DSS ', 'AES_128 ', 'CBC ', 'SHA256'),
210
211
212 CipherSuite(0x0041, 'RSA ', ' ', 'CAMELLIA_128', 'CBC', 'SHA'),
213 CipherSuite(0x0042, 'DH ', 'DSS ', 'CAMELLIA_128', 'CBC', 'SHA'),
214 CipherSuite(0x0043, 'DH ', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA'),
215 CipherSuite(0x0044, 'DHE ', 'DSS ', 'CAMELLIA_128', 'CBC', 'SHA'),
216 CipherSuite(0x0045, 'DHE ', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA'),
217 CipherSuite(0x0046, 'DH ', 'anon ', 'CAMELLIA_128', 'CBC', 'SHA'),
218
219
220
221
222
223
224 CipherSuite(0x0067, 'DHE ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA256'),
225 CipherSuite(0x0068, 'DH ', 'DSS ', 'AES_256 ', 'CBC ', 'SHA256'),
226 CipherSuite(0x0069, 'DH ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA256'),
227 CipherSuite(0x006a, 'DHE ', 'DSS ', 'AES_256 ', 'CBC ', 'SHA256'),
228 CipherSuite(0x006b, 'DHE ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA256'),
229 CipherSuite(0x006c, 'DH ', 'anon ', 'AES_128 ', 'CBC ', 'SHA256'),
230 CipherSuite(0x006d, 'DH ', 'anon ', 'AES_256 ', 'CBC ', 'SHA256'),
231
232
233
234
235 CipherSuite(0x0084, 'RSA ', ' ', 'CAMELLIA_256', 'CBC', 'SHA'),
236 CipherSuite(0x0085, 'DH ', 'DSS ', 'CAMELLIA_256', 'CBC', 'SHA'),
237 CipherSuite(0x0086, 'DH ', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA'),
238 CipherSuite(0x0087, 'DHE ', 'DSS ', 'CAMELLIA_256', 'CBC', 'SHA'),
239 CipherSuite(0x0088, 'DHE ', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA'),
240 CipherSuite(0x0089, 'DH ', 'anon ', 'CAMELLIA_256', 'CBC', 'SHA'),
241
242
243 CipherSuite(0x008a, ' ', 'PSK ', 'RC4_128 ', ' ', 'SHA'),
244 CipherSuite(0x008b, ' ', 'PSK ', '3DES_EDE', 'CBC ', 'SHA'),
245 CipherSuite(0x008c, ' ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA'),
246 CipherSuite(0x008d, ' ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA'),
247 CipherSuite(0x008e, 'DHE ', 'PSK ', 'RC4_128 ', ' ', 'SHA'),
248 CipherSuite(0x008f, 'DHE ', 'PSK ', '3DES_EDE', 'CBC ', 'SHA'),
249 CipherSuite(0x0090, 'DHE ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA'),
250 CipherSuite(0x0091, 'DHE ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA'),
251 CipherSuite(0x0092, 'RSA ', 'PSK ', 'RC4_128 ', ' ', 'SHA'),
252 CipherSuite(0x0093, 'RSA ', 'PSK ', '3DES_EDE', 'CBC ', 'SHA'),
253 CipherSuite(0x0094, 'RSA ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA'),
254 CipherSuite(0x0095, 'RSA ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA'),
255
256
257 CipherSuite(0x0096, 'RSA ', ' ', 'SEED ', 'CBC ', 'SHA'),
258 CipherSuite(0x0097, 'DH ', 'DSS ', 'SEED ', 'CBC ', 'SHA'),
259 CipherSuite(0x0098, 'DH ', 'RSA ', 'SEED ', 'CBC ', 'SHA'),
260 CipherSuite(0x0099, 'DHE ', 'DSS ', 'SEED ', 'CBC ', 'SHA'),
261 CipherSuite(0x009a, 'DHE ', 'RSA ', 'SEED ', 'CBC ', 'SHA'),
262 CipherSuite(0x009b, 'DH ', 'anon ', 'SEED ', 'CBC ', 'SHA'),
263
264
265 CipherSuite(0x009c, 'RSA ', ' ', 'AES_128 ', 'GCM ', 'SHA256'),
266 CipherSuite(0x009d, 'RSA ', ' ', 'AES_256 ', 'GCM ', 'SHA384'),
267 CipherSuite(0x009e, 'DHE ', 'RSA ', 'AES_128 ', 'GCM ', 'SHA256'),
268 CipherSuite(0x009f, 'DHE ', 'RSA ', 'AES_256 ', 'GCM ', 'SHA384'),
269 CipherSuite(0x00a0, 'DH ', 'RSA ', 'AES_128 ', 'GCM ', 'SHA256'),
270 CipherSuite(0x00a1, 'DH ', 'RSA ', 'AES_256 ', 'GCM ', 'SHA384'),
271 CipherSuite(0x00a2, 'DHE ', 'DSS ', 'AES_128 ', 'GCM ', 'SHA256'),
272 CipherSuite(0x00a3, 'DHE ', 'DSS ', 'AES_256 ', 'GCM ', 'SHA384'),
273 CipherSuite(0x00a4, 'DH ', 'DSS ', 'AES_128 ', 'GCM ', 'SHA256'),
274 CipherSuite(0x00a5, 'DH ', 'DSS ', 'AES_256 ', 'GCM ', 'SHA384'),
275 CipherSuite(0x00a6, 'DH ', 'anon ', 'AES_128 ', 'GCM ', 'SHA256'),
276 CipherSuite(0x00a7, 'DH ', 'anon ', 'AES_256 ', 'GCM ', 'SHA384'),
277
278
279 CipherSuite(0x00a8, ' ', 'PSK ', 'AES_128 ', 'GCM ', 'SHA256'),
280 CipherSuite(0x00a9, ' ', 'PSK ', 'AES_256 ', 'GCM ', 'SHA384'),
281 CipherSuite(0x00aa, 'DHE ', 'PSK ', 'AES_128 ', 'GCM ', 'SHA256'),
282 CipherSuite(0x00ab, 'DHE ', 'PSK ', 'AES_256 ', 'GCM ', 'SHA384'),
283 CipherSuite(0x00ac, 'RSA ', 'PSK ', 'AES_128 ', 'GCM ', 'SHA256'),
284 CipherSuite(0x00ad, 'RSA ', 'PSK ', 'AES_256 ', 'GCM ', 'SHA384'),
285
286 CipherSuite(0x00ae, ' ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA256'),
287 CipherSuite(0x00af, ' ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA384'),
288 CipherSuite(0x00b0, ' ', 'PSK ', 'NULL ', ' ', 'SHA256'),
289 CipherSuite(0x00b1, ' ', 'PSK ', 'NULL ', ' ', 'SHA384'),
290
291 CipherSuite(0x00b2, 'DHE ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA256'),
292 CipherSuite(0x00b3, 'DHE ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA384'),
293 CipherSuite(0x00b4, 'DHE ', 'PSK ', 'NULL ', ' ', 'SHA256'),
294 CipherSuite(0x00b5, 'DHE ', 'PSK ', 'NULL ', ' ', 'SHA384'),
295
296 CipherSuite(0x00b6, 'RSA ', 'PSK ', 'AES_128 ', 'CBC ', 'SHA256'),
297 CipherSuite(0x00b7, 'RSA ', 'PSK ', 'AES_256 ', 'CBC ', 'SHA384'),
298 CipherSuite(0x00b8, 'RSA ', 'PSK ', 'NULL ', ' ', 'SHA256'),
299 CipherSuite(0x00b9, 'RSA ', 'PSK ', 'NULL ', ' ', 'SHA384'),
300
301
302 CipherSuite(0x00ba, 'RSA ', ' ', 'CAMELLIA_128', 'CBC', 'SHA256'),
303 CipherSuite(0x00bb, 'DH ', 'DSS ', 'CAMELLIA_128', 'CBC', 'SHA256'),
304 CipherSuite(0x00bc, 'DH ', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
305 CipherSuite(0x00bd, 'DHE ', 'DSS ', 'CAMELLIA_128', 'CBC', 'SHA256'),
306 CipherSuite(0x00be, 'DHE ', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
307 CipherSuite(0x00bf, 'DH ', 'anon ', 'CAMELLIA_128', 'CBC', 'SHA256'),
308
309 CipherSuite(0x00c0, 'RSA ', ' ', 'CAMELLIA_256', 'CBC', 'SHA256'),
310 CipherSuite(0x00c1, 'DH ', 'DSS ', 'CAMELLIA_256', 'CBC', 'SHA256'),
311 CipherSuite(0x00c2, 'DH ', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA256'),
312 CipherSuite(0x00c3, 'DHE ', 'DSS ', 'CAMELLIA_256', 'CBC', 'SHA256'),
313 CipherSuite(0x00c4, 'DHE ', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA256'),
314 CipherSuite(0x00c5, 'DH ', 'anon ', 'CAMELLIA_256', 'CBC', 'SHA256'),
315
316
317 CipherSuite(0xc001, 'ECDH ', 'ECDSA ', 'NULL ', ' ', 'SHA'),
318 CipherSuite(0xc002, 'ECDH ', 'ECDSA ', 'RC4_128 ', ' ', 'SHA'),
319 CipherSuite(0xc003, 'ECDH ', 'ECDSA ', '3DES_EDE', 'CBC ', 'SHA'),
320 CipherSuite(0xc004, 'ECDH ', 'ECDSA ', 'AES_128 ', 'CBC ', 'SHA'),
321 CipherSuite(0xc005, 'ECDH ', 'ECDSA ', 'AES_256 ', 'CBC ', 'SHA'),
322
323 CipherSuite(0xc006, 'ECDHE', 'ECDSA ', 'NULL ', ' ', 'SHA'),
324 CipherSuite(0xc007, 'ECDHE', 'ECDSA ', 'RC4_128 ', ' ', 'SHA'),
325 CipherSuite(0xc008, 'ECDHE', 'ECDSA ', '3DES_EDE', 'CBC ', 'SHA'),
326 CipherSuite(0xc009, 'ECDHE', 'ECDSA ', 'AES_128 ', 'CBC ', 'SHA'),
327 CipherSuite(0xc00a, 'ECDHE', 'ECDSA ', 'AES_256 ', 'CBC ', 'SHA'),
328
329 CipherSuite(0xc00b, 'ECDH ', 'RSA ', 'NULL ', ' ', 'SHA'),
330 CipherSuite(0xc00c, 'ECDH ', 'RSA ', 'RC4_128 ', ' ', 'SHA'),
331 CipherSuite(0xc00d, 'ECDH ', 'RSA ', '3DES_EDE', 'CBC ', 'SHA'),
332 CipherSuite(0xc00e, 'ECDH ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA'),
333 CipherSuite(0xc00f, 'ECDH ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA'),
334
335 CipherSuite(0xc010, 'ECDHE', 'RSA ', 'NULL ', ' ', 'SHA'),
336 CipherSuite(0xc011, 'ECDHE', 'RSA ', 'RC4_128 ', ' ', 'SHA'),
337 CipherSuite(0xc012, 'ECDHE', 'RSA ', '3DES_EDE', 'CBC ', 'SHA'),
338 CipherSuite(0xc013, 'ECDHE', 'RSA ', 'AES_128 ', 'CBC ', 'SHA'),
339 CipherSuite(0xc014, 'ECDHE', 'RSA ', 'AES_256 ', 'CBC ', 'SHA'),
340
341 CipherSuite(0xc015, 'ECDH ', 'anon ', 'NULL ', ' ', 'SHA'),
342 CipherSuite(0xc016, 'ECDH ', 'anon ', 'RC4_128 ', ' ', 'SHA'),
343 CipherSuite(0xc017, 'ECDH ', 'anon ', '3DES_EDE', 'CBC ', 'SHA'),
344 CipherSuite(0xc018, 'ECDH ', 'anon ', 'AES_128 ', 'CBC ', 'SHA'),
345 CipherSuite(0xc019, 'ECDH ', 'anon ', 'AES_256 ', 'CBC ', 'SHA'),
346
347
348 CipherSuite(0xc01a, 'SRP_SHA', ' ', '3DES_EDE', 'CBC ', 'SHA'),
349 CipherSuite(0xc01b, 'SRP_SHA', 'RSA ', '3DES_EDE', 'CBC ', 'SHA'),
350 CipherSuite(0xc01c, 'SRP_SHA', 'DSS ', '3DES_EDE', 'CBC ', 'SHA'),
351 CipherSuite(0xc01d, 'SRP_SHA', ' ', 'AES_128 ', 'CBC ', 'SHA'),
352 CipherSuite(0xc01e, 'SRP_SHA', 'RSA ', 'AES_128 ', 'CBC ', 'SHA'),
353 CipherSuite(0xc01f, 'SRP_SHA', 'DSS ', 'AES_128 ', 'CBC ', 'SHA'),
354 CipherSuite(0xc020, 'SRP_SHA', ' ', 'AES_256 ', 'CBC ', 'SHA'),
355 CipherSuite(0xc021, 'SRP_SHA', 'RSA ', 'AES_256 ', 'CBC ', 'SHA'),
356 CipherSuite(0xc022, 'SRP_SHA', 'DSS ', 'AES_256 ', 'CBC ', 'SHA'),
357
358
359 CipherSuite(0xc023, 'ECDHE', 'ECDSA ', 'AES_128 ', 'CBC ', 'SHA256'),
360 CipherSuite(0xc024, 'ECDHE', 'ECDSA ', 'AES_256 ', 'CBC ', 'SHA384'),
361 CipherSuite(0xc025, 'ECDH ', 'ECDSA ', 'AES_128 ', 'CBC ', 'SHA256'),
362 CipherSuite(0xc026, 'ECDH ', 'ECDSA ', 'AES_256 ', 'CBC ', 'SHA384'),
363 CipherSuite(0xc027, 'ECDHE', 'RSA ', 'AES_128 ', 'CBC ', 'SHA256'),
364 CipherSuite(0xc028, 'ECDHE', 'RSA ', 'AES_256 ', 'CBC ', 'SHA384'),
365 CipherSuite(0xc029, 'ECDH ', 'RSA ', 'AES_128 ', 'CBC ', 'SHA256'),
366 CipherSuite(0xc02a, 'ECDH ', 'RSA ', 'AES_256 ', 'CBC ', 'SHA384'),
367
368 CipherSuite(0xc02b, 'ECDHE', 'ECDSA ', 'AES_128 ', 'GCM ', 'SHA256'),
369 CipherSuite(0xc02c, 'ECDHE', 'ECDSA ', 'AES_256 ', 'GCM ', 'SHA384'),
370 CipherSuite(0xc02d, 'ECDH ', 'ECDSA ', 'AES_128 ', 'GCM ', 'SHA256'),
371 CipherSuite(0xc02e, 'ECDH ', 'ECDSA ', 'AES_256 ', 'GCM ', 'SHA384'),
372 CipherSuite(0xc02f, 'ECDHE', 'RSA ', 'AES_128 ', 'GCM ', 'SHA256'),
373 CipherSuite(0xc030, 'ECDHE', 'RSA ', 'AES_256 ', 'GCM ', 'SHA384'),
374 CipherSuite(0xc031, 'ECDH ', 'RSA ', 'AES_128 ', 'GCM ', 'SHA256'),
375 CipherSuite(0xc032, 'ECDH ', 'RSA ', 'AES_256 ', 'GCM ', 'SHA384'),
376
377
378 CipherSuite(0xc033, 'ECDHE', 'PSK ', 'RC4_128 ', ' ', 'SHA'),
379 CipherSuite(0xc034, 'ECDHE', 'PSK ', '3DES_EDE', 'CBC ', 'SHA'),
380 CipherSuite(0xc035, 'ECDHE', 'PSK ', 'AES_128 ', 'CBC ', 'SHA'),
381 CipherSuite(0xc036, 'ECDHE', 'PSK ', 'AES_256 ', 'CBC ', 'SHA'),
382 CipherSuite(0xc037, 'ECDHE', 'PSK ', 'AES_128 ', 'CBC ', 'SHA256'),
383 CipherSuite(0xc038, 'ECDHE', 'PSK ', 'AES_256 ', 'CBC ', 'SHA384'),
384 CipherSuite(0xc039, 'ECDHE', 'PSK ', 'NULL ', ' ', 'SHA'),
385 CipherSuite(0xc03a, 'ECDHE', 'PSK ', 'NULL ', ' ', 'SHA256'),
386 CipherSuite(0xc03b, 'ECDHE', 'PSK ', 'NULL ', ' ', 'SHA384'),
387
388
389 CipherSuite(0xc03c, 'RSA ', ' ', 'ARIA_128', 'CBC ', 'SHA256'),
390 CipherSuite(0xc03d, 'RSA ', ' ', 'ARIA_256', 'CBC ', 'SHA384'),
391 CipherSuite(0xc03e, 'DH ', 'DSS ', 'ARIA_128', 'CBC ', 'SHA256'),
392 CipherSuite(0xc03f, 'DH ', 'DSS ', 'ARIA_256', 'CBC ', 'SHA384'),
393 CipherSuite(0xc040, 'DH ', 'RSA ', 'ARIA_128', 'CBC ', 'SHA256'),
394 CipherSuite(0xc041, 'DH ', 'RSA ', 'ARIA_256', 'CBC ', 'SHA384'),
395 CipherSuite(0xc042, 'DHE ', 'DSS ', 'ARIA_128', 'CBC ', 'SHA256'),
396 CipherSuite(0xc043, 'DHE ', 'DSS ', 'ARIA_256', 'CBC ', 'SHA384'),
397 CipherSuite(0xc044, 'DHE ', 'RSA ', 'ARIA_128', 'CBC ', 'SHA256'),
398 CipherSuite(0xc045, 'DHE ', 'RSA ', 'ARIA_256', 'CBC ', 'SHA384'),
399 CipherSuite(0xc046, 'DH ', 'anon ', 'ARIA_128', 'CBC ', 'SHA256'),
400 CipherSuite(0xc047, 'DH ', 'anon ', 'ARIA_256', 'CBC ', 'SHA384'),
401
402 CipherSuite(0xc048, 'ECDHE', 'ECDSA ', 'ARIA_128', 'CBC ', 'SHA256'),
403 CipherSuite(0xc049, 'ECDHE', 'ECDSA ', 'ARIA_256', 'CBC ', 'SHA384'),
404 CipherSuite(0xc04a, 'ECDH ', 'ECDSA ', 'ARIA_128', 'CBC ', 'SHA256'),
405 CipherSuite(0xc04b, 'ECDH ', 'ECDSA ', 'ARIA_256', 'CBC ', 'SHA384'),
406 CipherSuite(0xc04c, 'ECDHE', 'RSA ', 'ARIA_128', 'CBC ', 'SHA256'),
407 CipherSuite(0xc04d, 'ECDHE', 'RSA ', 'ARIA_256', 'CBC ', 'SHA384'),
408 CipherSuite(0xc04e, 'ECDH ', 'RSA ', 'ARIA_128', 'CBC ', 'SHA256'),
409 CipherSuite(0xc04f, 'ECDH ', 'RSA ', 'ARIA_256', 'CBC ', 'SHA384'),
410
411 CipherSuite(0xc050, 'RSA ', ' ', 'ARIA_128', 'GCM ', 'SHA256'),
412 CipherSuite(0xc051, 'RSA ', ' ', 'ARIA_256', 'GCM ', 'SHA384'),
413 CipherSuite(0xc052, 'DHE ', 'RSA ', 'ARIA_128', 'GCM ', 'SHA256'),
414 CipherSuite(0xc053, 'DHE ', 'RSA ', 'ARIA_256', 'GCM ', 'SHA384'),
415 CipherSuite(0xc054, 'DH ', 'RSA ', 'ARIA_128', 'GCM ', 'SHA256'),
416 CipherSuite(0xc055, 'DH ', 'RSA ', 'ARIA_256', 'GCM ', 'SHA384'),
417 CipherSuite(0xc056, 'DHE ', 'DSS ', 'ARIA_128', 'GCM ', 'SHA256'),
418 CipherSuite(0xc057, 'DHE ', 'DSS ', 'ARIA_256', 'GCM ', 'SHA384'),
419 CipherSuite(0xc058, 'DH ', 'DSS ', 'ARIA_128', 'GCM ', 'SHA256'),
420 CipherSuite(0xc059, 'DH ', 'DSS ', 'ARIA_256', 'GCM ', 'SHA384'),
421 CipherSuite(0xc05a, 'DH ', 'anon ', 'ARIA_128', 'GCM ', 'SHA256'),
422 CipherSuite(0xc05b, 'DH ', 'anon ', 'ARIA_256', 'GCM ', 'SHA384'),
423
424 CipherSuite(0xc05c, 'ECDHE', 'ECDSA ', 'ARIA_128', 'GCM ', 'SHA256'),
425 CipherSuite(0xc05d, 'ECDHE', 'ECDSA ', 'ARIA_256', 'GCM ', 'SHA384'),
426 CipherSuite(0xc05e, 'ECDH ', 'ECDSA ', 'ARIA_128', 'GCM ', 'SHA256'),
427 CipherSuite(0xc05f, 'ECDH ', 'ECDSA ', 'ARIA_256', 'GCM ', 'SHA384'),
428 CipherSuite(0xc060, 'ECDHE', 'RSA ', 'ARIA_128', 'GCM ', 'SHA256'),
429 CipherSuite(0xc061, 'ECDHE', 'RSA ', 'ARIA_256', 'GCM ', 'SHA384'),
430 CipherSuite(0xc062, 'ECDH ', 'RSA ', 'ARIA_128', 'GCM ', 'SHA256'),
431 CipherSuite(0xc063, 'ECDH ', 'RSA ', 'ARIA_256', 'GCM ', 'SHA384'),
432
433 CipherSuite(0xc064, ' ', 'PSK ', 'ARIA_128', 'CBC ', 'SHA256'),
434 CipherSuite(0xc065, ' ', 'PSK ', 'ARIA_256', 'CBC ', 'SHA384'),
435 CipherSuite(0xc066, 'DHE ', 'PSK ', 'ARIA_128', 'CBC ', 'SHA256'),
436 CipherSuite(0xc067, 'DHE ', 'PSK ', 'ARIA_256', 'CBC ', 'SHA384'),
437 CipherSuite(0xc068, 'RSA ', 'PSK ', 'ARIA_128', 'CBC ', 'SHA256'),
438 CipherSuite(0xc069, 'RSA ', 'PSK ', 'ARIA_256', 'CBC ', 'SHA384'),
439 CipherSuite(0xc06a, ' ', 'PSK ', 'ARIA_128', 'GCM ', 'SHA256'),
440 CipherSuite(0xc06b, ' ', 'PSK ', 'ARIA_256', 'GCM ', 'SHA384'),
441 CipherSuite(0xc06c, 'DHE ', 'PSK ', 'ARIA_128', 'GCM ', 'SHA256'),
442 CipherSuite(0xc06d, 'DHE ', 'PSK ', 'ARIA_256', 'GCM ', 'SHA384'),
443 CipherSuite(0xc06e, 'RSA ', 'PSK ', 'ARIA_128', 'GCM ', 'SHA256'),
444 CipherSuite(0xc06f, 'RSA ', 'PSK ', 'ARIA_256', 'GCM ', 'SHA384'),
445 CipherSuite(0xc070, 'ECDHE', 'PSK ', 'ARIA_128', 'GCM ', 'SHA256'),
446 CipherSuite(0xc071, 'ECDHE', 'PSK ', 'ARIA_256', 'GCM ', 'SHA384'),
447
448
449 CipherSuite(0xc072, 'ECDHE', 'ECDSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
450 CipherSuite(0xc073, 'ECDHE', 'ECDSA ', 'CAMELLIA_256', 'CBC', 'SHA384'),
451 CipherSuite(0xc074, 'ECDH ', 'ECDSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
452 CipherSuite(0xc075, 'ECDH ', 'ECDSA ', 'CAMELLIA_256', 'CBC', 'SHA384'),
453 CipherSuite(0xc076, 'ECDHE', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
454 CipherSuite(0xc077, 'ECDHE', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA384'),
455 CipherSuite(0xc078, 'ECDH ', 'RSA ', 'CAMELLIA_128', 'CBC', 'SHA256'),
456 CipherSuite(0xc079, 'ECDH ', 'RSA ', 'CAMELLIA_256', 'CBC', 'SHA384'),
457
458 CipherSuite(0xc07a, 'RSA ', ' ', 'CAMELLIA_128', 'GCM', 'SHA256'),
459 CipherSuite(0xc07b, 'RSA ', ' ', 'CAMELLIA_256', 'GCM', 'SHA384'),
460 CipherSuite(0xc07c, 'DHE ', 'RSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
461 CipherSuite(0xc07d, 'DHE ', 'RSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
462 CipherSuite(0xc07e, 'DH ', 'RSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
463 CipherSuite(0xc07f, 'DH ', 'RSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
464 CipherSuite(0xc080, 'DHE ', 'DSS ', 'CAMELLIA_128', 'GCM', 'SHA256'),
465 CipherSuite(0xc081, 'DHE ', 'DSS ', 'CAMELLIA_256', 'GCM', 'SHA384'),
466 CipherSuite(0xc082, 'DH ', 'DSS ', 'CAMELLIA_128', 'GCM', 'SHA256'),
467 CipherSuite(0xc083, 'DH ', 'DSS ', 'CAMELLIA_256', 'GCM', 'SHA384'),
468 CipherSuite(0xc084, 'DH ', 'anon ', 'CAMELLIA_128', 'GCM', 'SHA256'),
469 CipherSuite(0xc085, 'DH ', 'anon ', 'CAMELLIA_256', 'GCM', 'SHA384'),
470
471 CipherSuite(0xc086, 'ECDHE', 'ECDSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
472 CipherSuite(0xc087, 'ECDHE', 'ECDSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
473 CipherSuite(0xc088, 'ECDH ', 'ECDSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
474 CipherSuite(0xc089, 'ECDH ', 'ECDSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
475 CipherSuite(0xc08a, 'ECDHE', 'RSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
476 CipherSuite(0xc08b, 'ECDHE', 'RSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
477 CipherSuite(0xc08c, 'ECDH ', 'RSA ', 'CAMELLIA_128', 'GCM', 'SHA256'),
478 CipherSuite(0xc08d, 'ECDH ', 'RSA ', 'CAMELLIA_256', 'GCM', 'SHA384'),
479
480 CipherSuite(0xc08e, ' ', 'PSK ', 'CAMELLIA_128', 'GCM', 'SHA256'),
481 CipherSuite(0xc08f, ' ', 'PSK ', 'CAMELLIA_256', 'GCM', 'SHA384'),
482 CipherSuite(0xc090, 'DHE ', 'PSK ', 'CAMELLIA_128', 'GCM', 'SHA256'),
483 CipherSuite(0xc091, 'DHE ', 'PSK ', 'CAMELLIA_256', 'GCM', 'SHA384'),
484 CipherSuite(0xc092, 'RSA ', 'PSK ', 'CAMELLIA_128', 'GCM', 'SHA256'),
485 CipherSuite(0xc093, 'RSA ', 'PSK ', 'CAMELLIA_256', 'GCM', 'SHA384'),
486 CipherSuite(0xc094, ' ', 'PSK ', 'CAMELLIA_128', 'CBC', 'SHA256'),
487 CipherSuite(0xc095, ' ', 'PSK ', 'CAMELLIA_256', 'CBC', 'SHA384'),
488 CipherSuite(0xc096, 'DHE ', 'PSK ', 'CAMELLIA_128', 'CBC', 'SHA256'),
489 CipherSuite(0xc097, 'DHE ', 'PSK ', 'CAMELLIA_256', 'CBC', 'SHA384'),
490 CipherSuite(0xc098, 'RSA ', 'PSK ', 'CAMELLIA_128', 'CBC', 'SHA256'),
491 CipherSuite(0xc099, 'RSA ', 'PSK ', 'CAMELLIA_256', 'CBC', 'SHA384'),
492 CipherSuite(0xc09a, 'ECDHE', 'PSK ', 'CAMELLIA_128', 'CBC', 'SHA256'),
493 CipherSuite(0xc09b, 'ECDHE', 'PSK ', 'CAMELLIA_256', 'CBC', 'SHA384'),
494
495
496 CipherSuite(0xc09c, 'RSA ', ' ', 'AES_128 ', 'CCM ', ''),
497 CipherSuite(0xc09d, 'RSA ', ' ', 'AES_256 ', 'CCM ', ''),
498 CipherSuite(0xc09e, 'DHE ', 'RSA ', 'AES_128 ', 'CCM ', ''),
499 CipherSuite(0xc09f, 'DHE ', 'RSA ', 'AES_256 ', 'CCM ', ''),
500 CipherSuite(0xc0a0, 'RSA ', ' ', 'AES_128 ', 'CCM_8', ''),
501 CipherSuite(0xc0a1, 'RSA ', ' ', 'AES_256 ', 'CCM_8', ''),
502 CipherSuite(0xc0a2, 'DHE ', 'RSA ', 'AES_128 ', 'CCM_8', ''),
503 CipherSuite(0xc0a3, 'DHE ', 'RSA ', 'AES_256 ', 'CCM_8', ''),
504
505 CipherSuite(0xc0a4, ' ', 'PSK ', 'AES_128 ', 'CCM ', ''),
506 CipherSuite(0xc0a5, ' ', 'PSK ', 'AES_256 ', 'CCM ', ''),
507 CipherSuite(0xc0a6, 'DHE ', 'PSK ', 'AES_128 ', 'CCM ', ''),
508 CipherSuite(0xc0a7, 'DHE ', 'PSK ', 'AES_256 ', 'CCM ', ''),
509 CipherSuite(0xc0a8, ' ', 'PSK ', 'AES_128 ', 'CCM_8', ''),
510 CipherSuite(0xc0a9, ' ', 'PSK ', 'AES_256 ', 'CCM_8', ''),
511 CipherSuite(0xc0aa, 'DHE ', 'PSK ', 'AES_128 ', 'CCM_8', ''),
512 CipherSuite(0xc0ab, 'DHE ', 'PSK ', 'AES_256 ', 'CCM_8', ''),
513
514
515 CipherSuite(0xc0ac, 'ECDHE', 'ECDSA ', 'AES_128 ', 'CCM ', ''),
516 CipherSuite(0xc0ad, 'ECDHE', 'ECDSA ', 'AES_256 ', 'CCM ', ''),
517 CipherSuite(0xc0ae, 'ECDHE', 'ECDSA ', 'AES_128 ', 'CCM_8', ''),
518 CipherSuite(0xc0af, 'ECDHE', 'ECDSA ', 'AES_256 ', 'CCM_8', ''),
519
520
521
522
523 CipherSuite(0xcca8, 'ECDHE', 'RSA ', 'CHACHA20', 'POLY1305', 'SHA256'),
524 CipherSuite(0xcca9, 'ECDHE', 'ECDSA ', 'CHACHA20', 'POLY1305', 'SHA256'),
525 CipherSuite(0xccaa, 'DHE ', 'RSA ', 'CHACHA20', 'POLY1305', 'SHA256'),
526
527 CipherSuite(0xccab, ' ', 'PSK ', 'CHACHA20', 'POLY1305', 'SHA256'),
528 CipherSuite(0xccac, 'ECDHE', 'PSK ', 'CHACHA20', 'POLY1305', 'SHA256'),
529 CipherSuite(0xccad, 'DHE ', 'PSK ', 'CHACHA20', 'POLY1305', 'SHA256'),
530 CipherSuite(0xccae, 'RSA ', 'PSK ', 'CHACHA20', 'POLY1305', 'SHA256'),
531
532
533
534
535 ]
536
537 BY_CODE = dict(
538 (cipher.code, cipher) for cipher in CIPHERSUITES)
539
540
541 BY_NAME_DICT = None
547
548 NULL_SUITE = BY_CODE[0x0000]
552
583
614
616
617
618 assert (BY_CODE[0x00ff].name == 'TLS_EMPTY_RENEGOTIATION_INFO')
619
620 assert (BY_CODE[0x0026].name == 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA')
621
622
623 assert (BY_CODE[0x0005].name == 'TLS_RSA_WITH_RC4_128_SHA')
624 assert (BY_CODE[0x0021].name == 'TLS_KRB5_WITH_IDEA_CBC_SHA')
625 assert (BY_CODE[0x002d].name == 'TLS_DHE_PSK_WITH_NULL_SHA')
626 assert (BY_CODE[0x0034].name == 'TLS_DH_anon_WITH_AES_128_CBC_SHA')
627 assert (BY_CODE[0x003c].name == 'TLS_RSA_WITH_AES_128_CBC_SHA256')
628 assert (BY_CODE[0x0042].name == 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA')
629 assert (BY_CODE[0x006a].name == 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256')
630 assert (BY_CODE[0x0084].name == 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA')
631 assert (BY_CODE[0x0091].name == 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA')
632 assert (BY_CODE[0x0098].name == 'TLS_DH_RSA_WITH_SEED_CBC_SHA')
633 assert (BY_CODE[0x00ab].name == 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384')
634 assert (BY_CODE[0x00b0].name == 'TLS_PSK_WITH_NULL_SHA256')
635 assert (BY_CODE[0x00bb].name == 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256')
636 assert (BY_CODE[0xc008].name == 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA')
637 assert (BY_CODE[0xc016].name == 'TLS_ECDH_anon_WITH_RC4_128_SHA')
638 assert (BY_CODE[0xc01d].name == 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA')
639 assert (BY_CODE[0xc027].name == 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256')
640 assert (BY_CODE[0xc036].name == 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA')
641 assert (BY_CODE[0xc045].name == 'TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384')
642 assert (BY_CODE[0xc052].name == 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256')
643 assert (BY_CODE[0xc068].name == 'TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256')
644 assert (BY_CODE[0xc074].name == 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256')
645 assert (BY_CODE[0xc08d].name == 'TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384')
646 assert (BY_CODE[0xc09d].name == 'TLS_RSA_WITH_AES_256_CCM')
647 assert (BY_CODE[0xc0a2].name == 'TLS_DHE_RSA_WITH_AES_128_CCM_8')
648 assert (BY_CODE[0xc0ad].name == 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM')
649 assert (BY_CODE[0xcca8].name == 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256')
650 assert (BY_CODE[0xccae].name == 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256')
651