43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
EXP-EDH-DSS-DES-CBC-SHA
EXP-DES-CBC-SHA
EXP-RC2-CBC-MD5
EXP-RC4-MD5
}
set ::EXPECTEDCIPHERS(openssl) {
AES128-SHA
AES256-SHA
DES-CBC-SHA
DES-CBC3-SHA
DHE-DSS-AES128-SHA
DHE-DSS-AES256-SHA
DHE-DSS-RC4-SHA
DHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
EDH-DSS-DES-CBC-SHA
EDH-DSS-DES-CBC3-SHA
EDH-RSA-DES-CBC-SHA
EDH-RSA-DES-CBC3-SHA
EXP-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
EXP-EDH-RSA-DES-CBC-SHA
EXP-RC2-CBC-MD5
EXP-RC4-MD5
EXP1024-DES-CBC-SHA
EXP1024-DHE-DSS-DES-CBC-SHA
EXP1024-DHE-DSS-RC4-SHA
EXP1024-RC2-CBC-MD5
EXP1024-RC4-MD5
EXP1024-RC4-SHA
IDEA-CBC-SHA
RC4-MD5
RC4-SHA
}
set ::EXPECTEDCIPHERS(openssl0.9.8) {
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
|
>
>
>
|
>
|
|
<
|
|
<
|
>
>
>
>
|
>
|
>
|
|
>
|
|
>
>
>
>
>
|
>
>
>
>
|
|
|
>
>
>
|
|
|
<
|
|
>
>
>
>
|
>
>
|
>
|
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
EXP-EDH-DSS-DES-CBC-SHA
EXP-DES-CBC-SHA
EXP-RC2-CBC-MD5
EXP-RC4-MD5
}
set ::EXPECTEDCIPHERS(openssl) {
ECDHE-RSA-AES256-SHA
DHE-PSK-AES256-CCM
DHE-PSK-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
DHE-PSK-AES256-GCM-SHA384
AES256-SHA256
ECDHE-PSK-CHACHA20-POLY1305
ECDHE-ECDSA-AES128-SHA256
AES256-CCM
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
PSK-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-PSK-AES256-CBC-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
AES128-SHA
PSK-AES256-GCM-SHA384
PSK-AES128-CBC-SHA
ECDHE-RSA-AES128-SHA
AES128-GCM-SHA256
ECDHE-PSK-AES128-CBC-SHA256
AES256-GCM-SHA384
TLS_AES_128_GCM_SHA256
DHE-RSA-AES128-SHA256
DHE-PSK-CHACHA20-POLY1305
DHE-PSK-AES128-CCM
TLS_AES_256_GCM_SHA384
DHE-RSA-AES256-CCM
DHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-CCM
PSK-AES256-CCM
DHE-RSA-AES256-GCM-SHA384
AES128-CCM
ECDHE-RSA-CHACHA20-POLY1305
DHE-PSK-AES256-CBC-SHA
DHE-RSA-AES128-SHA
ECDHE-ECDSA-CHACHA20-POLY1305
PSK-CHACHA20-POLY1305
DHE-PSK-AES128-CBC-SHA256
ECDHE-ECDSA-AES128-SHA
ECDHE-PSK-AES128-CBC-SHA
AES128-SHA256
PSK-AES128-CBC-SHA256
DHE-RSA-CHACHA20-POLY1305
DHE-RSA-AES128-CCM
DHE-RSA-AES256-SHA256
ECDHE-ECDSA-AES128-CCM
PSK-AES128-CCM
TLS_CHACHA20_POLY1305_SHA256
DHE-PSK-AES128-CBC-SHA
AES256-SHA
PSK-AES256-CBC-SHA
}
set ::EXPECTEDCIPHERS(openssl0.9.8) {
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
|
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
test ciphers-1.2 {Tls::ciphers for tls1} {rsabsafe} {
# This will fail if you compiled against OpenSSL.
# Change the constraint setting above.
listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers tls1]
} {}
test ciphers-1.3 {Tls::ciphers for ssl3} {openssl} {
# This will fail if you compiled against RSA bsafe or with a
# different set of defines than the default.
# Change the constraint setting above.
listcompare $::EXPECTEDCIPHERS(openssl$version) [tls::ciphers ssl3]
} {}
# This version of the test is correct for OpenSSL only.
# An equivalent test for the RSA BSAFE SSL-C is earlier in this file.
test ciphers-1.4 {Tls::ciphers for tls1} {openssl} {
# This will fail if you compiled against RSA bsafe or with a
# different set of defines than the default.
|
|
<
<
<
|
<
>
|
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
test ciphers-1.2 {Tls::ciphers for tls1} {rsabsafe} {
# This will fail if you compiled against OpenSSL.
# Change the constraint setting above.
listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers tls1]
} {}
test ciphers-1.3 {Tls::ciphers for ssl3} -constraints openssl -body {
tls::ciphers ssl3
} -returnCodes 1 -result {protocol not supported}
# This version of the test is correct for OpenSSL only.
# An equivalent test for the RSA BSAFE SSL-C is earlier in this file.
test ciphers-1.4 {Tls::ciphers for tls1} {openssl} {
# This will fail if you compiled against RSA bsafe or with a
# different set of defines than the default.
|