mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-25 09:00:22 +00:00
981 lines
55 KiB
C++
981 lines
55 KiB
C++
/*
|
|
* Copyright (c) 2020, Ali Mohammad Pur <mpfard@serenityos.org>
|
|
* Copyright (c) 2023, stelar7 <dudedbz@gmail.com>
|
|
*
|
|
* SPDX-License-Identifier: BSD-2-Clause
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <AK/Types.h>
|
|
|
|
namespace TLS {
|
|
|
|
#define _ENUM_KEY(name) name,
|
|
#define _ENUM_KEY_VALUE(name, value) name = value,
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-5
|
|
#define __ENUM_CONTENT_TYPES \
|
|
_ENUM_KEY_VALUE(CHANGE_CIPHER_SPEC, 20) \
|
|
_ENUM_KEY_VALUE(ALERT, 21) \
|
|
_ENUM_KEY_VALUE(HANDSHAKE, 22) \
|
|
_ENUM_KEY_VALUE(APPLICATION_DATA, 23) \
|
|
_ENUM_KEY_VALUE(HEARTBEAT, 24) \
|
|
_ENUM_KEY_VALUE(TLS12_CID, 25) \
|
|
_ENUM_KEY_VALUE(ACK, 26)
|
|
|
|
enum class ContentType : u8 {
|
|
__ENUM_CONTENT_TYPES
|
|
};
|
|
|
|
#define __ENUM_PROTOCOL_VERSIONS \
|
|
_ENUM_KEY_VALUE(VERSION_1_3, 0x0304) \
|
|
_ENUM_KEY_VALUE(VERSION_1_2, 0x0303) \
|
|
_ENUM_KEY_VALUE(VERSION_1_1, 0x0302) \
|
|
_ENUM_KEY_VALUE(VERSION_1_0, 0x0301) \
|
|
_ENUM_KEY_VALUE(GREASE_0, 0x0A0A) \
|
|
_ENUM_KEY_VALUE(GREASE_1, 0x1A1A) \
|
|
_ENUM_KEY_VALUE(GREASE_2, 0x2A2A) \
|
|
_ENUM_KEY_VALUE(GREASE_3, 0x3A3A) \
|
|
_ENUM_KEY_VALUE(GREASE_4, 0x4A4A) \
|
|
_ENUM_KEY_VALUE(GREASE_5, 0x5A5A) \
|
|
_ENUM_KEY_VALUE(GREASE_6, 0x6A6A) \
|
|
_ENUM_KEY_VALUE(GREASE_7, 0x7A7A) \
|
|
_ENUM_KEY_VALUE(GREASE_8, 0x8A8A) \
|
|
_ENUM_KEY_VALUE(GREASE_9, 0x9A9A) \
|
|
_ENUM_KEY_VALUE(GREASE_A, 0xAAAA) \
|
|
_ENUM_KEY_VALUE(GREASE_B, 0xBABA) \
|
|
_ENUM_KEY_VALUE(GREASE_C, 0xCACA) \
|
|
_ENUM_KEY_VALUE(GREASE_D, 0xDADA) \
|
|
_ENUM_KEY_VALUE(GREASE_E, 0xEAEA) \
|
|
_ENUM_KEY_VALUE(GREASE_F, 0xFAFA)
|
|
|
|
enum class ProtocolVersion : u16 {
|
|
__ENUM_PROTOCOL_VERSIONS
|
|
};
|
|
|
|
#define __ENUM_ALERT_LEVELS \
|
|
_ENUM_KEY_VALUE(WARNING, 1) \
|
|
_ENUM_KEY_VALUE(FATAL, 2)
|
|
|
|
enum class AlertLevel : u8 {
|
|
__ENUM_ALERT_LEVELS
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7
|
|
#define __ENUM_HANDSHAKE_TYPES \
|
|
_ENUM_KEY_VALUE(HELLO_REQUEST_RESERVED, 0) \
|
|
_ENUM_KEY_VALUE(CLIENT_HELLO, 1) \
|
|
_ENUM_KEY_VALUE(SERVER_HELLO, 2) \
|
|
_ENUM_KEY_VALUE(HELLO_VERIFY_REQUEST_RESERVED, 3) \
|
|
_ENUM_KEY_VALUE(NEW_SESSION_TICKET, 4) \
|
|
_ENUM_KEY_VALUE(END_OF_EARLY_DATA, 5) \
|
|
_ENUM_KEY_VALUE(HELLO_RETRY_REQUEST_RESERVED, 6) \
|
|
_ENUM_KEY_VALUE(ENCRYPTED_EXTENSIONS, 8) \
|
|
_ENUM_KEY_VALUE(REQUEST_CONNECTION_ID, 9) \
|
|
_ENUM_KEY_VALUE(NEW_CONNECTION_ID, 10) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE, 11) \
|
|
_ENUM_KEY_VALUE(SERVER_KEY_EXCHANGE_RESERVED, 12) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_REQUEST, 13) \
|
|
_ENUM_KEY_VALUE(SERVER_HELLO_DONE_RESERVED, 14) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_VERIFY, 15) \
|
|
_ENUM_KEY_VALUE(CLIENT_KEY_EXCHANGE_RESERVED, 16) \
|
|
_ENUM_KEY_VALUE(FINISHED, 20) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_URL_RESERVED, 21) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_STATUS_RESERVED, 22) \
|
|
_ENUM_KEY_VALUE(SUPPLEMENTAL_DATA_RESERVED, 23) \
|
|
_ENUM_KEY_VALUE(KEY_UPDATE, 24) \
|
|
_ENUM_KEY_VALUE(COMPRESSED_CERTIFICATE, 25) \
|
|
_ENUM_KEY_VALUE(EKT_KEY, 26) \
|
|
_ENUM_KEY_VALUE(MESSAGE_HASH, 254)
|
|
|
|
enum class HandshakeType : u8 {
|
|
__ENUM_HANDSHAKE_TYPES
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-1
|
|
#define __ENUM_EXTENSION_TYPES \
|
|
_ENUM_KEY_VALUE(SERVER_NAME, 0) \
|
|
_ENUM_KEY_VALUE(MAX_FRAGMENT_LENGTH, 1) \
|
|
_ENUM_KEY_VALUE(CLIENT_CERTIFICATE_URL, 2) \
|
|
_ENUM_KEY_VALUE(TRUSTED_CA_KEYS, 3) \
|
|
_ENUM_KEY_VALUE(TRUNCATED_HMAC, 4) \
|
|
_ENUM_KEY_VALUE(STATUS_REQUEST, 5) \
|
|
_ENUM_KEY_VALUE(USER_MAPPING, 6) \
|
|
_ENUM_KEY_VALUE(CLIENT_AUTHZ, 7) \
|
|
_ENUM_KEY_VALUE(SERVER_AUTHZ, 8) \
|
|
_ENUM_KEY_VALUE(CERT_TYPE, 9) \
|
|
_ENUM_KEY_VALUE(SUPPORTED_GROUPS, 10) \
|
|
_ENUM_KEY_VALUE(EC_POINT_FORMATS, 11) \
|
|
_ENUM_KEY_VALUE(SRP, 12) \
|
|
_ENUM_KEY_VALUE(SIGNATURE_ALGORITHMS, 13) \
|
|
_ENUM_KEY_VALUE(USE_SRTP, 14) \
|
|
_ENUM_KEY_VALUE(HEARTBEAT, 15) \
|
|
_ENUM_KEY_VALUE(APPLICATION_LAYER_PROTOCOL_NEGOTIATION, 16) \
|
|
_ENUM_KEY_VALUE(STATUS_REQUEST_V2, 17) \
|
|
_ENUM_KEY_VALUE(SIGNED_CERTIFICATE_TIMESTAMP, 18) \
|
|
_ENUM_KEY_VALUE(CLIENT_CERTIFICATE_TYPE, 19) \
|
|
_ENUM_KEY_VALUE(SERVER_CERTIFICATE_TYPE, 20) \
|
|
_ENUM_KEY_VALUE(PADDING, 21) \
|
|
_ENUM_KEY_VALUE(ENCRYPT_THEN_MAC, 22) \
|
|
_ENUM_KEY_VALUE(EXTENDED_MASTER_SECRET, 23) \
|
|
_ENUM_KEY_VALUE(TOKEN_BINDING, 24) \
|
|
_ENUM_KEY_VALUE(CACHED_INFO, 25) \
|
|
_ENUM_KEY_VALUE(TLS_LTS, 26) \
|
|
_ENUM_KEY_VALUE(COMPRESS_CERTIFICATE, 27) \
|
|
_ENUM_KEY_VALUE(RECORD_SIZE_LIMIT, 28) \
|
|
_ENUM_KEY_VALUE(PWD_PROTECT, 29) \
|
|
_ENUM_KEY_VALUE(PWD_CLEAR, 30) \
|
|
_ENUM_KEY_VALUE(PASSWORD_SALT, 31) \
|
|
_ENUM_KEY_VALUE(TICKET_PINNING, 32) \
|
|
_ENUM_KEY_VALUE(TLS_CERT_WITH_EXTERN_PSK, 33) \
|
|
_ENUM_KEY_VALUE(DELEGATED_CREDENTIALS, 34) \
|
|
_ENUM_KEY_VALUE(SESSION_TICKET, 35) \
|
|
_ENUM_KEY_VALUE(TLMSP, 36) \
|
|
_ENUM_KEY_VALUE(TLMSP_PROXYING, 37) \
|
|
_ENUM_KEY_VALUE(TLMSP_DELEGATE, 38) \
|
|
_ENUM_KEY_VALUE(SUPPORTED_EKT_CIPHERS, 39) \
|
|
_ENUM_KEY_VALUE(PRE_SHARED_KEY, 41) \
|
|
_ENUM_KEY_VALUE(EARLY_DATA, 42) \
|
|
_ENUM_KEY_VALUE(SUPPORTED_VERSIONS, 43) \
|
|
_ENUM_KEY_VALUE(COOKIE, 44) \
|
|
_ENUM_KEY_VALUE(PSK_KEY_EXCHANGE_MODES, 45) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_AUTHORITIES, 47) \
|
|
_ENUM_KEY_VALUE(OID_FILTERS, 48) \
|
|
_ENUM_KEY_VALUE(POST_HANDSHAKE_AUTH, 49) \
|
|
_ENUM_KEY_VALUE(SIGNATURE_ALGORITHMS_CERT, 50) \
|
|
_ENUM_KEY_VALUE(KEY_SHARE, 51) \
|
|
_ENUM_KEY_VALUE(TRANSPARENCY_INFO, 52) \
|
|
_ENUM_KEY_VALUE(CONNECTION_ID_DEPRECATED, 53) \
|
|
_ENUM_KEY_VALUE(CONNECTION_ID, 54) \
|
|
_ENUM_KEY_VALUE(EXTERNAL_ID_HASH, 55) \
|
|
_ENUM_KEY_VALUE(EXTERNAL_SESSION_ID, 56) \
|
|
_ENUM_KEY_VALUE(QUIC_TRANSPORT_PARAMETERS, 57) \
|
|
_ENUM_KEY_VALUE(TICKET_REQUEST, 58) \
|
|
_ENUM_KEY_VALUE(DNSSEC_CHAIN, 59) \
|
|
_ENUM_KEY_VALUE(RENEGOTIATION_INFO, 65281)
|
|
|
|
enum class ExtensionType : u16 {
|
|
__ENUM_EXTENSION_TYPES
|
|
};
|
|
|
|
#define __ENUM_NAME_TYPES \
|
|
_ENUM_KEY_VALUE(HOST_NAME, 0)
|
|
|
|
enum class NameType : u8 {
|
|
__ENUM_NAME_TYPES
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-10
|
|
#define __ENUM_EC_CURVE_TYPES \
|
|
_ENUM_KEY_VALUE(EXPLICIT_PRIME, 1) \
|
|
_ENUM_KEY_VALUE(EXPLICIT_CHAR2, 2) \
|
|
_ENUM_KEY_VALUE(NAMED_CURVE, 3)
|
|
|
|
enum class ECCurveType : u8 {
|
|
__ENUM_EC_CURVE_TYPES
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
|
|
#define __ENUM_SUPPORTED_GROUPS \
|
|
_ENUM_KEY_VALUE(SECT163K1, 0x0001) \
|
|
_ENUM_KEY_VALUE(SECT163R1, 0x0002) \
|
|
_ENUM_KEY_VALUE(SECT163R2, 0x0003) \
|
|
_ENUM_KEY_VALUE(SECT193R1, 0x0004) \
|
|
_ENUM_KEY_VALUE(SECT193R2, 0x0005) \
|
|
_ENUM_KEY_VALUE(SECT233K1, 0x0006) \
|
|
_ENUM_KEY_VALUE(SECT233R1, 0x0007) \
|
|
_ENUM_KEY_VALUE(SECT239K1, 0x0008) \
|
|
_ENUM_KEY_VALUE(SECT283K1, 0x0009) \
|
|
_ENUM_KEY_VALUE(SECT283R1, 0x000a) \
|
|
_ENUM_KEY_VALUE(SECT409K1, 0x000b) \
|
|
_ENUM_KEY_VALUE(SECT409R1, 0x000c) \
|
|
_ENUM_KEY_VALUE(SECT571K1, 0x000d) \
|
|
_ENUM_KEY_VALUE(SECT571R1, 0x000e) \
|
|
_ENUM_KEY_VALUE(SECP160K1, 0x000f) \
|
|
_ENUM_KEY_VALUE(SECP160R1, 0x0010) \
|
|
_ENUM_KEY_VALUE(SECP160R2, 0x0011) \
|
|
_ENUM_KEY_VALUE(SECP192K1, 0x0012) \
|
|
_ENUM_KEY_VALUE(SECP192R1, 0x0013) \
|
|
_ENUM_KEY_VALUE(SECP224K1, 0x0014) \
|
|
_ENUM_KEY_VALUE(SECP224R1, 0x0015) \
|
|
_ENUM_KEY_VALUE(SECP256K1, 0x0016) \
|
|
_ENUM_KEY_VALUE(SECP256R1, 0x0017) \
|
|
_ENUM_KEY_VALUE(SECP384R1, 0x0018) \
|
|
_ENUM_KEY_VALUE(SECP521R1, 0x0019) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP256R1, 0x001a) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP384R1, 0x001b) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP512R1, 0x001c) \
|
|
_ENUM_KEY_VALUE(X25519, 0x001d) \
|
|
_ENUM_KEY_VALUE(X448, 0x001e) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP256R1TLS13, 0x001f) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP384R1TLS13, 0x0020) \
|
|
_ENUM_KEY_VALUE(BRAINPOOLP512R1TLS13, 0x0021) \
|
|
_ENUM_KEY_VALUE(GC256A, 0x0022) \
|
|
_ENUM_KEY_VALUE(GC256B, 0x0023) \
|
|
_ENUM_KEY_VALUE(GC256C, 0x0024) \
|
|
_ENUM_KEY_VALUE(GC256D, 0x0025) \
|
|
_ENUM_KEY_VALUE(GC512A, 0x0026) \
|
|
_ENUM_KEY_VALUE(GC512B, 0x0027) \
|
|
_ENUM_KEY_VALUE(GC512C, 0x0028) \
|
|
_ENUM_KEY_VALUE(CURVESM2, 0x0029) \
|
|
_ENUM_KEY_VALUE(FFDHE2048, 0x0100) \
|
|
_ENUM_KEY_VALUE(FFDHE3072, 0x0101) \
|
|
_ENUM_KEY_VALUE(FFDHE4096, 0x0102) \
|
|
_ENUM_KEY_VALUE(FFDHE6144, 0x0103) \
|
|
_ENUM_KEY_VALUE(FFDHE8192, 0x0104) \
|
|
_ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_PRIME_CURVES, 0xff01) \
|
|
_ENUM_KEY_VALUE(ARBITRARY_EXPLICIT_CHAR2_CURVES, 0xff02) \
|
|
_ENUM_KEY_VALUE(GREASE_0, 0x0A0A) \
|
|
_ENUM_KEY_VALUE(GREASE_1, 0x1A1A) \
|
|
_ENUM_KEY_VALUE(GREASE_2, 0x2A2A) \
|
|
_ENUM_KEY_VALUE(GREASE_3, 0x3A3A) \
|
|
_ENUM_KEY_VALUE(GREASE_4, 0x4A4A) \
|
|
_ENUM_KEY_VALUE(GREASE_5, 0x5A5A) \
|
|
_ENUM_KEY_VALUE(GREASE_6, 0x6A6A) \
|
|
_ENUM_KEY_VALUE(GREASE_7, 0x7A7A) \
|
|
_ENUM_KEY_VALUE(GREASE_8, 0x8A8A) \
|
|
_ENUM_KEY_VALUE(GREASE_9, 0x9A9A) \
|
|
_ENUM_KEY_VALUE(GREASE_A, 0xAAAA) \
|
|
_ENUM_KEY_VALUE(GREASE_B, 0xBABA) \
|
|
_ENUM_KEY_VALUE(GREASE_C, 0xCACA) \
|
|
_ENUM_KEY_VALUE(GREASE_D, 0xDADA) \
|
|
_ENUM_KEY_VALUE(GREASE_E, 0xEAEA) \
|
|
_ENUM_KEY_VALUE(GREASE_F, 0xFAFA)
|
|
|
|
enum class SupportedGroup : u16 {
|
|
__ENUM_SUPPORTED_GROUPS
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-9
|
|
#define __ENUM_EC_POINT_FORMATS \
|
|
_ENUM_KEY_VALUE(UNCOMPRESSED, 0) \
|
|
_ENUM_KEY_VALUE(ANSIX962_COMPRESSED_PRIME, 1) \
|
|
_ENUM_KEY_VALUE(ANSIX962_COMPRESSED_CHAR2, 2)
|
|
|
|
enum class ECPointFormat : u8 {
|
|
__ENUM_EC_POINT_FORMATS
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
|
|
#define __ENUM_SIGNATURE_ALGORITHM \
|
|
_ENUM_KEY_VALUE(ANONYMOUS, 0) \
|
|
_ENUM_KEY_VALUE(RSA, 1) \
|
|
_ENUM_KEY_VALUE(DSA, 2) \
|
|
_ENUM_KEY_VALUE(ECDSA, 3) \
|
|
_ENUM_KEY_VALUE(ED25519, 7) \
|
|
_ENUM_KEY_VALUE(ED448, 8) \
|
|
_ENUM_KEY_VALUE(GOSTR34102012_256, 64) \
|
|
_ENUM_KEY_VALUE(GOSTR34102012_512, 65)
|
|
|
|
enum class SignatureAlgorithm : u8 {
|
|
__ENUM_SIGNATURE_ALGORITHM
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
|
|
#define __ENUM_HASH_ALGORITHM \
|
|
_ENUM_KEY_VALUE(NONE, 0) \
|
|
_ENUM_KEY_VALUE(MD5, 1) \
|
|
_ENUM_KEY_VALUE(SHA1, 2) \
|
|
_ENUM_KEY_VALUE(SHA224, 3) \
|
|
_ENUM_KEY_VALUE(SHA256, 4) \
|
|
_ENUM_KEY_VALUE(SHA384, 5) \
|
|
_ENUM_KEY_VALUE(SHA512, 6) \
|
|
_ENUM_KEY_VALUE(INTRINSIC, 8)
|
|
|
|
enum class HashAlgorithm : u8 {
|
|
__ENUM_HASH_ALGORITHM
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
|
|
#define __ENUM_CIPHER_SUITES \
|
|
_ENUM_KEY_VALUE(TLS_NULL_WITH_NULL_NULL, 0x0000) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_NULL_MD5, 0x0001) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_NULL_SHA, 0x0002) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_EXPORT_WITH_RC4_40_MD5, 0x0003) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_RC4_128_MD5, 0x0004) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_RC4_128_SHA, 0x0005) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, 0x0006) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_IDEA_CBC_SHA, 0x0007) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, 0x0008) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_DES_CBC_SHA, 0x0009) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_3DES_EDE_CBC_SHA, 0x000A) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, 0x000B) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_DES_CBC_SHA, 0x000C) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA, 0x000D) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, 0x000E) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_DES_CBC_SHA, 0x000F) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA, 0x0010) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, 0x0011) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_DES_CBC_SHA, 0x0012) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, 0x0013) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, 0x0014) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_DES_CBC_SHA, 0x0015) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 0x0016) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_EXPORT_WITH_RC4_40_MD5, 0x0017) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_RC4_128_MD5, 0x0018) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, 0x0019) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_DES_CBC_SHA, 0x001A) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, 0x001B) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_DES_CBC_SHA, 0x001E) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_3DES_EDE_CBC_SHA, 0x001F) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_RC4_128_SHA, 0x0020) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_IDEA_CBC_SHA, 0x0021) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_DES_CBC_MD5, 0x0022) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_3DES_EDE_CBC_MD5, 0x0023) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_RC4_128_MD5, 0x0024) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_WITH_IDEA_CBC_MD5, 0x0025) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, 0x0026) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA, 0x0027) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_RC4_40_SHA, 0x0028) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, 0x0029) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5, 0x002A) \
|
|
_ENUM_KEY_VALUE(TLS_KRB5_EXPORT_WITH_RC4_40_MD5, 0x002B) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_NULL_SHA, 0x002C) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_NULL_SHA, 0x002D) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_NULL_SHA, 0x002E) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_128_CBC_SHA, 0x002F) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_128_CBC_SHA, 0x0030) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_128_CBC_SHA, 0x0031) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 0x0032) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 0x0033) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_128_CBC_SHA, 0x0034) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_256_CBC_SHA, 0x0035) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_256_CBC_SHA, 0x0036) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_256_CBC_SHA, 0x0037) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 0x0038) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 0x0039) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_256_CBC_SHA, 0x003A) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_NULL_SHA256, 0x003B) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_128_CBC_SHA256, 0x003C) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_256_CBC_SHA256, 0x003D) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_128_CBC_SHA256, 0x003E) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_128_CBC_SHA256, 0x003F) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, 0x0040) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 0x0041) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA, 0x0042) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA, 0x0043) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 0x0044) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 0x0045) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA, 0x0046) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 0x0067) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_256_CBC_SHA256, 0x0068) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_256_CBC_SHA256, 0x0069) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, 0x006A) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 0x006B) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_128_CBC_SHA256, 0x006C) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_256_CBC_SHA256, 0x006D) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 0x0084) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA, 0x0085) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA, 0x0086) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, 0x0087) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 0x0088) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA, 0x0089) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_RC4_128_SHA, 0x008A) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_3DES_EDE_CBC_SHA, 0x008B) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_128_CBC_SHA, 0x008C) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_256_CBC_SHA, 0x008D) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_RC4_128_SHA, 0x008E) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 0x008F) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_128_CBC_SHA, 0x0090) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_256_CBC_SHA, 0x0091) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_RC4_128_SHA, 0x0092) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 0x0093) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_128_CBC_SHA, 0x0094) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_256_CBC_SHA, 0x0095) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_SEED_CBC_SHA, 0x0096) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_SEED_CBC_SHA, 0x0097) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_SEED_CBC_SHA, 0x0098) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_SEED_CBC_SHA, 0x0099) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_SEED_CBC_SHA, 0x009A) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_SEED_CBC_SHA, 0x009B) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_128_GCM_SHA256, 0x009C) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_256_GCM_SHA384, 0x009D) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 0x009E) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 0x009F) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_128_GCM_SHA256, 0x00A0) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_AES_256_GCM_SHA384, 0x00A1) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, 0x00A2) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, 0x00A3) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_128_GCM_SHA256, 0x00A4) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_AES_256_GCM_SHA384, 0x00A5) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_128_GCM_SHA256, 0x00A6) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_AES_256_GCM_SHA384, 0x00A7) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_128_GCM_SHA256, 0x00A8) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_256_GCM_SHA384, 0x00A9) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, 0x00AA) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, 0x00AB) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, 0x00AC) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, 0x00AD) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_128_CBC_SHA256, 0x00AE) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_256_CBC_SHA384, 0x00AF) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_NULL_SHA256, 0x00B0) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_NULL_SHA384, 0x00B1) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, 0x00B2) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, 0x00B3) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_NULL_SHA256, 0x00B4) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_NULL_SHA384, 0x00B5) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, 0x00B6) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, 0x00B7) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_NULL_SHA256, 0x00B8) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_NULL_SHA384, 0x00B9) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, 0x00BA) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256, 0x00BB) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256, 0x00BC) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256, 0x00BD) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 0x00BE) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256, 0x00BF) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, 0x00C0) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256, 0x00C1) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256, 0x00C2) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256, 0x00C3) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 0x00C4) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, 0x00C5) \
|
|
_ENUM_KEY_VALUE(TLS_SM4_GCM_SM3, 0x00C6) \
|
|
_ENUM_KEY_VALUE(TLS_SM4_CCM_SM3, 0x00C7) \
|
|
_ENUM_KEY_VALUE(TLS_EMPTY_RENEGOTIATION_INFO_SCSV, 0x00FF) \
|
|
_ENUM_KEY_VALUE(TLS_AES_128_GCM_SHA256, 0x1301) \
|
|
_ENUM_KEY_VALUE(TLS_AES_256_GCM_SHA384, 0x1302) \
|
|
_ENUM_KEY_VALUE(TLS_CHACHA20_POLY1305_SHA256, 0x1303) \
|
|
_ENUM_KEY_VALUE(TLS_AES_128_CCM_SHA256, 0x1304) \
|
|
_ENUM_KEY_VALUE(TLS_AES_128_CCM_8_SHA256, 0x1305) \
|
|
_ENUM_KEY_VALUE(TLS_FALLBACK_SCSV, 0x5600) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_NULL_SHA, 0xC001) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_RC4_128_SHA, 0xC002) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, 0xC003) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 0xC004) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 0xC005) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_NULL_SHA, 0xC006) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 0xC007) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 0xC008) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 0xC009) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 0xC00A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_NULL_SHA, 0xC00B) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_RC4_128_SHA, 0xC00C) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, 0xC00D) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, 0xC00E) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, 0xC00F) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_NULL_SHA, 0xC010) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_RC4_128_SHA, 0xC011) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 0xC012) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 0xC013) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 0xC014) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_anon_WITH_NULL_SHA, 0xC015) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_anon_WITH_RC4_128_SHA, 0xC016) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, 0xC017) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_anon_WITH_AES_128_CBC_SHA, 0xC018) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_anon_WITH_AES_256_CBC_SHA, 0xC019) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA, 0xC01A) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA, 0xC01B) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, 0xC01C) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_WITH_AES_128_CBC_SHA, 0xC01D) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, 0xC01E) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, 0xC01F) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_WITH_AES_256_CBC_SHA, 0xC020) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, 0xC021) \
|
|
_ENUM_KEY_VALUE(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, 0xC022) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0xC023) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 0xC024) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, 0xC025) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, 0xC026) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0xC027) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 0xC028) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, 0xC029) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, 0xC02A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0xC02B) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0xC02C) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 0xC02D) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 0xC02E) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0xC02F) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 0xC030) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, 0xC031) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, 0xC032) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_RC4_128_SHA, 0xC033) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 0xC034) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 0xC035) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 0xC036) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0xC037) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 0xC038) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_NULL_SHA, 0xC039) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_NULL_SHA256, 0xC03A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_NULL_SHA384, 0xC03B) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_ARIA_128_CBC_SHA256, 0xC03C) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_ARIA_256_CBC_SHA384, 0xC03D) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256, 0xC03E) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384, 0xC03F) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256, 0xC040) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384, 0xC041) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256, 0xC042) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384, 0xC043) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 0xC044) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 0xC045) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_ARIA_128_CBC_SHA256, 0xC046) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_ARIA_256_CBC_SHA384, 0xC047) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 0xC048) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 0xC049) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 0xC04A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 0xC04B) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 0xC04C) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 0xC04D) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 0xC04E) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 0xC04F) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_ARIA_128_GCM_SHA256, 0xC050) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_ARIA_256_GCM_SHA384, 0xC051) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 0xC052) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 0xC053) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256, 0xC054) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384, 0xC055) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256, 0xC056) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384, 0xC057) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256, 0xC058) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384, 0xC059) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_ARIA_128_GCM_SHA256, 0xC05A) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_ARIA_256_GCM_SHA384, 0xC05B) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 0xC05C) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 0xC05D) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 0xC05E) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 0xC05F) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 0xC060) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 0xC061) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 0xC062) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 0xC063) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_ARIA_128_CBC_SHA256, 0xC064) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_ARIA_256_CBC_SHA384, 0xC065) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 0xC066) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 0xC067) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 0xC068) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 0xC069) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_ARIA_128_GCM_SHA256, 0xC06A) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_ARIA_256_GCM_SHA384, 0xC06B) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 0xC06C) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 0xC06D) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 0xC06E) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 0xC06F) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 0xC070) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 0xC071) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 0xC072) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 0xC073) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 0xC074) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 0xC075) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 0xC076) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 0xC077) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, 0xC078) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, 0xC079) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC07A) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC07B) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC07C) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC07D) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC07E) \
|
|
_ENUM_KEY_VALUE(TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC07F) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256, 0xC080) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384, 0xC081) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256, 0xC082) \
|
|
_ENUM_KEY_VALUE(TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384, 0xC083) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256, 0xC084) \
|
|
_ENUM_KEY_VALUE(TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384, 0xC085) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC086) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC087) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC088) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC089) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC08A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC08B) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, 0xC08C) \
|
|
_ENUM_KEY_VALUE(TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, 0xC08D) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, 0xC08E) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, 0xC08F) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, 0xC090) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, 0xC091) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, 0xC092) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, 0xC093) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, 0xC094) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, 0xC095) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 0xC096) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 0xC097) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 0xC098) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 0xC099) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 0xC09A) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 0xC09B) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_128_CCM, 0xC09C) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_256_CCM, 0xC09D) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_128_CCM, 0xC09E) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_256_CCM, 0xC09F) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_128_CCM_8, 0xC0A0) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_WITH_AES_256_CCM_8, 0xC0A1) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_128_CCM_8, 0xC0A2) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_AES_256_CCM_8, 0xC0A3) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_128_CCM, 0xC0A4) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_256_CCM, 0xC0A5) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_128_CCM, 0xC0A6) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_AES_256_CCM, 0xC0A7) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_128_CCM_8, 0xC0A8) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_AES_256_CCM_8, 0xC0A9) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_DHE_WITH_AES_128_CCM_8, 0xC0AA) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_DHE_WITH_AES_256_CCM_8, 0xC0AB) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 0xC0AC) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_256_CCM, 0xC0AD) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0xC0AE) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, 0xC0AF) \
|
|
_ENUM_KEY_VALUE(TLS_ECCPWD_WITH_AES_128_GCM_SHA256, 0xC0B0) \
|
|
_ENUM_KEY_VALUE(TLS_ECCPWD_WITH_AES_256_GCM_SHA384, 0xC0B1) \
|
|
_ENUM_KEY_VALUE(TLS_ECCPWD_WITH_AES_128_CCM_SHA256, 0xC0B2) \
|
|
_ENUM_KEY_VALUE(TLS_ECCPWD_WITH_AES_256_CCM_SHA384, 0xC0B3) \
|
|
_ENUM_KEY_VALUE(TLS_SHA256_SHA256, 0xC0B4) \
|
|
_ENUM_KEY_VALUE(TLS_SHA384_SHA384, 0xC0B5) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC, 0xC100) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC, 0xC101) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_28147_CNT_IMIT, 0xC102) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L, 0xC103) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_MAGMA_MGM_L, 0xC104) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S, 0xC105) \
|
|
_ENUM_KEY_VALUE(TLS_GOSTR341112_256_WITH_MAGMA_MGM_S, 0xC106) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 0xCCA8) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 0xCCA9) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 0xCCAA) \
|
|
_ENUM_KEY_VALUE(TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 0xCCAB) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 0xCCAC) \
|
|
_ENUM_KEY_VALUE(TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 0xCCAD) \
|
|
_ENUM_KEY_VALUE(TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 0xCCAE) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, 0xD001) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, 0xD002) \
|
|
_ENUM_KEY_VALUE(TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256, 0xD003) \
|
|
_ENUM_KEY_VALUE(GREASE_0, 0x0A0A) \
|
|
_ENUM_KEY_VALUE(GREASE_1, 0x1A1A) \
|
|
_ENUM_KEY_VALUE(GREASE_2, 0x2A2A) \
|
|
_ENUM_KEY_VALUE(GREASE_3, 0x3A3A) \
|
|
_ENUM_KEY_VALUE(GREASE_4, 0x4A4A) \
|
|
_ENUM_KEY_VALUE(GREASE_5, 0x5A5A) \
|
|
_ENUM_KEY_VALUE(GREASE_6, 0x6A6A) \
|
|
_ENUM_KEY_VALUE(GREASE_7, 0x7A7A) \
|
|
_ENUM_KEY_VALUE(GREASE_8, 0x8A8A) \
|
|
_ENUM_KEY_VALUE(GREASE_9, 0x9A9A) \
|
|
_ENUM_KEY_VALUE(GREASE_A, 0xAAAA) \
|
|
_ENUM_KEY_VALUE(GREASE_B, 0xBABA) \
|
|
_ENUM_KEY_VALUE(GREASE_C, 0xCACA) \
|
|
_ENUM_KEY_VALUE(GREASE_D, 0XDADA) \
|
|
_ENUM_KEY_VALUE(GREASE_E, 0xEAEA) \
|
|
_ENUM_KEY_VALUE(GREASE_F, 0xFAFA)
|
|
|
|
enum class CipherSuite : u16 {
|
|
__ENUM_CIPHER_SUITES
|
|
};
|
|
|
|
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-6
|
|
#define __ENUM_ALERT_DESCRIPTIONS \
|
|
_ENUM_KEY_VALUE(CLOSE_NOTIFY, 0) \
|
|
_ENUM_KEY_VALUE(UNEXPECTED_MESSAGE, 10) \
|
|
_ENUM_KEY_VALUE(BAD_RECORD_MAC, 20) \
|
|
_ENUM_KEY_VALUE(DECRYPTION_FAILED_RESERVED, 21) \
|
|
_ENUM_KEY_VALUE(RECORD_OVERFLOW, 22) \
|
|
_ENUM_KEY_VALUE(DECOMPRESSION_FAILURE_RESERVED, 30) \
|
|
_ENUM_KEY_VALUE(HANDSHAKE_FAILURE, 40) \
|
|
_ENUM_KEY_VALUE(NO_CERTIFICATE_RESERVED, 41) \
|
|
_ENUM_KEY_VALUE(BAD_CERTIFICATE, 42) \
|
|
_ENUM_KEY_VALUE(UNSUPPORTED_CERTIFICATE, 43) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_REVOKED, 44) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_EXPIRED, 45) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_UNKNOWN, 46) \
|
|
_ENUM_KEY_VALUE(ILLEGAL_PARAMETER, 47) \
|
|
_ENUM_KEY_VALUE(UNKNOWN_CA, 48) \
|
|
_ENUM_KEY_VALUE(ACCESS_DENIED, 49) \
|
|
_ENUM_KEY_VALUE(DECODE_ERROR, 50) \
|
|
_ENUM_KEY_VALUE(DECRYPT_ERROR, 51) \
|
|
_ENUM_KEY_VALUE(TOO_MANY_CIDS_REQUESTED, 52) \
|
|
_ENUM_KEY_VALUE(EXPORT_RESTRICTION_RESERVED, 60) \
|
|
_ENUM_KEY_VALUE(PROTOCOL_VERSION, 70) \
|
|
_ENUM_KEY_VALUE(INSUFFICIENT_SECURITY, 71) \
|
|
_ENUM_KEY_VALUE(INTERNAL_ERROR, 80) \
|
|
_ENUM_KEY_VALUE(INAPPROPRIATE_FALLBACK, 86) \
|
|
_ENUM_KEY_VALUE(USER_CANCELED, 90) \
|
|
_ENUM_KEY_VALUE(NO_RENEGOTIATION_RESERVED, 100) \
|
|
_ENUM_KEY_VALUE(MISSING_EXTENSION, 109) \
|
|
_ENUM_KEY_VALUE(UNSUPPORTED_EXTENSION, 110) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_UNOBTAINABLE_RESERVED, 111) \
|
|
_ENUM_KEY_VALUE(UNRECOGNIZED_NAME, 112) \
|
|
_ENUM_KEY_VALUE(BAD_CERTIFICATE_STATUS_RESPONSE, 113) \
|
|
_ENUM_KEY_VALUE(BAD_CERTIFICATE_HASH_VALUE_RESERVED, 114) \
|
|
_ENUM_KEY_VALUE(UNKNOWN_PSK_IDENTITY, 115) \
|
|
_ENUM_KEY_VALUE(CERTIFICATE_REQUIRED, 116) \
|
|
_ENUM_KEY_VALUE(NO_APPLICATION_PROTOCOL, 120)
|
|
|
|
enum class AlertDescription : u8 {
|
|
__ENUM_ALERT_DESCRIPTIONS
|
|
};
|
|
|
|
#undef _ENUM_KEY
|
|
#undef _ENUM_KEY_VALUE
|
|
|
|
constexpr static StringView enum_to_string(CipherSuite descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case CipherSuite::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_CIPHER_SUITES
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView enum_to_string(ExtensionType descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case ExtensionType::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_EXTENSION_TYPES
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView enum_to_string(ContentType descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case ContentType::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_CONTENT_TYPES
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView enum_to_string(ProtocolVersion descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case ProtocolVersion::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_PROTOCOL_VERSIONS
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView enum_to_string(HandshakeType descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case HandshakeType::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_HANDSHAKE_TYPES
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView enum_to_string(SignatureAlgorithm descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case SignatureAlgorithm::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_SIGNATURE_ALGORITHM
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
constexpr static StringView enum_to_string(AlertDescription descriptor)
|
|
{
|
|
#define _ENUM_KEY_VALUE(name, value) \
|
|
case AlertDescription::name: \
|
|
return #name##sv;
|
|
|
|
switch (descriptor) {
|
|
__ENUM_ALERT_DESCRIPTIONS
|
|
}
|
|
|
|
return "Unknown"sv;
|
|
#undef _ENUM_KEY_VALUE
|
|
}
|
|
|
|
constexpr static StringView const enum_to_value(AlertDescription descriptor)
|
|
{
|
|
switch (descriptor) {
|
|
case AlertDescription::UNEXPECTED_MESSAGE:
|
|
return "An inappropriate message was received. "
|
|
"This alert is always fatal and should never be observed in communication between proper implementations."sv;
|
|
|
|
case AlertDescription::BAD_RECORD_MAC:
|
|
return "This alert is returned if a record is received with an incorrect MAC. "
|
|
"This alert also MUST be returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: "
|
|
"either it wasn't an even multiple of the block length, "
|
|
"or its padding values, when checked, weren't correct. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::DECRYPTION_FAILED_RESERVED:
|
|
return "This alert MAY be returned if a TLSCiphertext decrypted in an invalid way: "
|
|
"either it wasn't an even multiple of the block length, "
|
|
"or its padding values, when checked, weren't correct. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::RECORD_OVERFLOW:
|
|
return "A TLSCiphertext record was received that had a length more than 2^14 + 2048 bytes, "
|
|
"or a record decrypted to a TLSCompressed record with more than 2^14 + 1024 bytes. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::DECOMPRESSION_FAILURE_RESERVED:
|
|
return "The decompression function received improper input (e.g., data that would expand to excessive length). "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::HANDSHAKE_FAILURE:
|
|
return "Reception of a handshake_failure alert message indicates that the sender "
|
|
"was unable to negotiate an acceptable set of security parameters given the options available. "
|
|
"This is a fatal error."sv;
|
|
|
|
case AlertDescription::NO_CERTIFICATE_RESERVED:
|
|
return "This alert was used in SSLv3 but not in TLS. It should not be sent by compliant implementations."sv;
|
|
|
|
case AlertDescription::BAD_CERTIFICATE:
|
|
return "A certificate was corrupt, contained signatures that did not verify correctly, etc."sv;
|
|
|
|
case AlertDescription::UNSUPPORTED_CERTIFICATE:
|
|
return "A certificate was of an unsupported type."sv;
|
|
|
|
case AlertDescription::CERTIFICATE_REVOKED:
|
|
return "A certificate was revoked by its signer."sv;
|
|
|
|
case AlertDescription::CERTIFICATE_EXPIRED:
|
|
return "A certificate has expired or is not currently valid."sv;
|
|
|
|
case AlertDescription::CERTIFICATE_UNKNOWN:
|
|
return "Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable."sv;
|
|
|
|
case AlertDescription::ILLEGAL_PARAMETER:
|
|
return "A field in the handshake was out of range or inconsistent with other fields. "
|
|
"This is always fatal."sv;
|
|
|
|
case AlertDescription::UNKNOWN_CA:
|
|
return "A valid certificate chain or partial chain was received, but the certificate was not accepted "
|
|
"because the CA certificate could not be located "
|
|
"or couldn't be matched with a known, trusted CA. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::ACCESS_DENIED:
|
|
return "A valid certificate was received, but when access control was applied, "
|
|
"the sender decided not to proceed with negotiation. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::DECODE_ERROR:
|
|
return "A message could not be decoded because some field was out of the specified range "
|
|
"or the length of the message was incorrect. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::DECRYPT_ERROR:
|
|
return "A handshake cryptographic operation failed, "
|
|
"including being unable to correctly verify a signature, "
|
|
"decrypt a key exchange, or validate a finished message."sv;
|
|
|
|
case AlertDescription::EXPORT_RESTRICTION_RESERVED:
|
|
return "This alert was used in TLS 1.0 but not TLS 1.1."sv;
|
|
|
|
case AlertDescription::PROTOCOL_VERSION:
|
|
return "The protocol version the client has attempted to negotiate is recognized but not supported. "
|
|
"(For example, old protocol versions might be avoided for security reasons). "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::INSUFFICIENT_SECURITY:
|
|
return "Returned instead of handshake_failure when a negotiation has failed"
|
|
"specifically because the server requires ciphers more secure than those supported by the client."
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::INTERNAL_ERROR:
|
|
return "An internal error unrelated to the peer "
|
|
"or the correctness of the protocol (such as a memory allocation failure) "
|
|
"makes it impossible to continue. "
|
|
"This message is always fatal."sv;
|
|
|
|
case AlertDescription::USER_CANCELED:
|
|
return "This handshake is being canceled for some reason unrelated to a protocol failure. "
|
|
"If the user cancels an operation after the handshake is complete, "
|
|
"just closing the connection by sending a close_notify is more appropriate. "
|
|
"This alert should be followed by a close_notify. "
|
|
"This message is generally a warning."sv;
|
|
|
|
case AlertDescription::NO_RENEGOTIATION_RESERVED:
|
|
return "Sent by the client in response to a hello request "
|
|
"or by the server in response to a client hello after initial handshaking. "
|
|
"Either of these would normally lead to renegotiation; "
|
|
"when that is not appropriate, the recipient should respond with this alert. "
|
|
"At that point, the original requester can decide whether to proceed with the connection. "
|
|
"One case where this would be appropriate is where a server has spawned a process to satisfy a request; "
|
|
"the process might receive security parameters(key length, authentication, etc.) at startup "
|
|
"and it might be difficult to communicate changes to these parameters after that point. "
|
|
"This message is always a warning."sv;
|
|
|
|
case AlertDescription::CLOSE_NOTIFY:
|
|
return "This alert notifies the recipient that the sender will not send any more messages on this connection. "
|
|
"Any data received after a closure alert has been received MUST be ignored."sv;
|
|
|
|
case AlertDescription::INAPPROPRIATE_FALLBACK:
|
|
return "Sent by a server in response to an invalid connection retry attempt from a client (see [RFC7507])."sv;
|
|
|
|
case AlertDescription::MISSING_EXTENSION:
|
|
return "Sent by endpoints that receive a handshake message not containing an extension "
|
|
"that is mandatory to send for the offered TLS version or other negotiated parameters."sv;
|
|
|
|
case AlertDescription::CERTIFICATE_REQUIRED:
|
|
return "Sent by servers when a client certificate is desired but none was provided by the client."sv;
|
|
|
|
case AlertDescription::NO_APPLICATION_PROTOCOL:
|
|
return "Sent by servers when a client \"application_layer_protocol_negotiation\" extension "
|
|
"advertises only protocols that the server does not support (see [RFC7301])."sv;
|
|
|
|
case AlertDescription::UNSUPPORTED_EXTENSION:
|
|
return "Sent by endpoints receiving any handshake message containing an extension known to be prohibited "
|
|
"for inclusion in the given handshake message, "
|
|
"or including any extensions in a ServerHello "
|
|
"or Certificate not first offered in the corresponding ClientHello or CertificateRequest."sv;
|
|
|
|
case AlertDescription::CERTIFICATE_UNOBTAINABLE_RESERVED:
|
|
return "If a server is unable to obtain certificates in a given CertificateURL, "
|
|
"it MUST send a fatal certificate_unobtainable(111) alert "
|
|
"if it requires the certificates to complete the handshake."sv;
|
|
|
|
case AlertDescription::TOO_MANY_CIDS_REQUESTED:
|
|
return "Endpoints MAY handle an excessive number of RequestConnectionId messages by terminating the connection."sv;
|
|
|
|
case AlertDescription::UNRECOGNIZED_NAME:
|
|
return "The ServerNameList MUST NOT contain more than one name of the same name_type. "
|
|
"If the server understood the ClientHello extension but does not recognize the server name, "
|
|
"the server SHOULD take one of two actions: "
|
|
"either abort the handshake by sending a fatal-level unrecognized_name(112) alert or continue the handshake. "
|
|
"It is NOT RECOMMENDED to send a warning-level unrecognized_name(112) alert, "
|
|
"because the client's behavior in response to warning-level alerts is unpredictable."sv;
|
|
|
|
case AlertDescription::BAD_CERTIFICATE_STATUS_RESPONSE:
|
|
return "Clients requesting an OCSP response and receiving an OCSP response "
|
|
"in a \"CertificateStatus\" message MUST check the OCSP response "
|
|
"and abort the handshake if the response is not satisfactory. "
|
|
"This alert is always fatal."sv;
|
|
|
|
case AlertDescription::BAD_CERTIFICATE_HASH_VALUE_RESERVED:
|
|
return "The server MUST check that the SHA-1 hash of the contents of the object retrieved from that URL "
|
|
"(after decoding any MIME Content-Transfer-Encoding) matches the given hash. "
|
|
"If any retrieved object does not have the correct SHA-1 hash, "
|
|
"the server MUST abort the handshake. "
|
|
"This alert is always fatal."sv;
|
|
|
|
case AlertDescription::UNKNOWN_PSK_IDENTITY:
|
|
return "If the server does not recognize the PSK identity, it MAY respond with this message."
|
|
"Alternatively, if the server wishes to hide the fact that the PSK identity was not known, "
|
|
"it MAY continue the protocol as if the PSK identity existed but the key was incorrect: "
|
|
"that is, respond with a \"DECRYPT_ERROR\" alert."sv;
|
|
}
|
|
|
|
return "Unknown alert"sv;
|
|
}
|
|
|
|
}
|