Add RFC4279, RFC5487 and RFC5489 ciphersuites. (ea6114c6) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

include/openssl/tls1.h

+60 −4

Original line number	Diff line number	Diff line
		@@ -419,6 +419,29 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA 0x03000094
		# define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA 0x03000095

		/* PSK ciphersuites from 5487 */
		# define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 0x030000A8
		# define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 0x030000A9
		# define TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 0x030000AA
		# define TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 0x030000AB
		# define TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 0x030000AC
		# define TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 0x030000AD

		# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 0x030000AE
		# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 0x030000AF
		# define TLS1_CK_PSK_WITH_NULL_SHA256 0x030000B0
		# define TLS1_CK_PSK_WITH_NULL_SHA384 0x030000B1

		# define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 0x030000B2
		# define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 0x030000B3
		# define TLS1_CK_DHE_PSK_WITH_NULL_SHA256 0x030000B4
		# define TLS1_CK_DHE_PSK_WITH_NULL_SHA384 0x030000B5

		# define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 0x030000B6
		# define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 0x030000B7
		# define TLS1_CK_RSA_PSK_WITH_NULL_SHA256 0x030000B8
		# define TLS1_CK_RSA_PSK_WITH_NULL_SHA384 0x030000B9

		/* AES ciphersuites from RFC3268 */

		# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
		@@ -490,10 +513,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
		# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7

		/* TLS v1.2 PSK GCM ciphersuites from RFC5487 */
		# define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 0x030000A8
		# define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 0x030000A9

		/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
		# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
		@@ -581,6 +600,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
		# define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036

		# define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
		# define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038

		# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA 0x0300C039
		# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 0x0300C03A
		# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 0x0300C03B

		/* Camellia-CBC ciphersuites from RFC6367 */
		# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
		# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
		@@ -666,6 +692,29 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA "RSA-PSK-AES128-CBC-SHA"
		# define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA "RSA-PSK-AES256-CBC-SHA"

		/* PSK ciphersuites from RFC 5487 */
		# define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
		# define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
		# define TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 "DHE-PSK-AES128-GCM-SHA256"
		# define TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 "DHE-PSK-AES256-GCM-SHA384"
		# define TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 "RSA-PSK-AES128-GCM-SHA256"
		# define TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 "RSA-PSK-AES256-GCM-SHA384"

		# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 "PSK-AES128-CBC-SHA256"
		# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 "PSK-AES256-CBC-SHA384"
		# define TLS1_TXT_PSK_WITH_NULL_SHA256 "PSK-NULL-SHA256"
		# define TLS1_TXT_PSK_WITH_NULL_SHA384 "PSK-NULL-SHA384"

		# define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 "DHE-PSK-AES128-CBC-SHA256"
		# define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 "DHE-PSK-AES256-CBC-SHA384"
		# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 "DHE-PSK-NULL-SHA256"
		# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 "DHE-PSK-NULL-SHA384"

		# define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 "RSA-PSK-AES128-CBC-SHA256"
		# define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 "RSA-PSK-AES256-CBC-SHA384"
		# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 "RSA-PSK-NULL-SHA256"
		# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 "RSA-PSK-NULL-SHA384"

		/* SRP ciphersuite from RFC 5054 */
		# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
		# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
		@@ -775,6 +824,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
		# define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
		# define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"

		# define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-AES128-CBC-SHA256"
		# define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-AES256-CBC-SHA384"

		# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA "ECDHE-PSK-NULL-SHA"
		# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 "ECDHE-PSK-NULL-SHA256"
		# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 "ECDHE-PSK-NULL-SHA384"

		/* Camellia-CBC ciphersuites from RFC6367 */
		# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
		# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"

ssl/s3_lib.c

+532 −1

Original line number	Diff line number	Diff line
		@@ -1253,6 +1253,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		#endif /* OPENSSL_NO_CAMELLIA */

		#ifndef OPENSSL_NO_PSK
		/* PSK ciphersuites from RFC 4279 */
		/* Cipher 8A */
		{
		1,
		@@ -1316,6 +1317,134 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		256,
		256,
		},

		/* Cipher 8E */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA,
		TLS1_CK_DHE_PSK_WITH_RC4_128_SHA,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_RC4,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_MEDIUM,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher 8F */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
		TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_3DES,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		112,
		168,
		},

		/* Cipher 90 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA,
		TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES128,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher 91 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA,
		TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES256,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		256,
		256,
		},

		/* Cipher 92 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA,
		TLS1_CK_RSA_PSK_WITH_RC4_128_SHA,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_RC4,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_MEDIUM,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher 93 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
		TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_3DES,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		112,
		168,
		},

		/* Cipher 94 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA,
		TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES128,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher 95 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA,
		TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES256,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		256,
		256,
		},
		#endif /* OPENSSL_NO_PSK */

		#ifndef OPENSSL_NO_SEED
		@@ -1613,6 +1742,8 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		256,
		},
		#ifndef OPENSSL_NO_PSK
		/* PSK ciphersuites from RFC5487 */

		/* Cipher A8 */
		{
		1,
		@@ -1645,7 +1776,262 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		256,
		},

		#endif
		/* Cipher AA */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256,
		TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES128GCM,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		128,
		128,
		},

		/* Cipher AB */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384,
		TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES256GCM,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher AC */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256,
		TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES128GCM,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA256 \| TLS1_PRF_SHA256,
		128,
		128,
		},

		/* Cipher AD */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384,
		TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES256GCM,
		SSL_AEAD,
		SSL_TLSV1_2,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher AE */
		{
		1,
		TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256,
		TLS1_CK_PSK_WITH_AES_128_CBC_SHA256,
		SSL_kPSK,
		SSL_aPSK,
		SSL_AES128,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher AF */
		{
		1,
		TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384,
		TLS1_CK_PSK_WITH_AES_256_CBC_SHA384,
		SSL_kPSK,
		SSL_aPSK,
		SSL_AES256,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher B0 */
		{
		1,
		TLS1_TXT_PSK_WITH_NULL_SHA256,
		TLS1_CK_PSK_WITH_NULL_SHA256,
		SSL_kPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		0,
		0,
		},

		/* Cipher B1 */
		{
		1,
		TLS1_TXT_PSK_WITH_NULL_SHA384,
		TLS1_CK_PSK_WITH_NULL_SHA384,
		SSL_kPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		0,
		0,
		},

		/* Cipher B2 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256,
		TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES128,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher B3 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384,
		TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_AES256,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher B4 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_NULL_SHA256,
		TLS1_CK_DHE_PSK_WITH_NULL_SHA256,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		0,
		0,
		},

		/* Cipher B5 */
		{
		1,
		TLS1_TXT_DHE_PSK_WITH_NULL_SHA384,
		TLS1_CK_DHE_PSK_WITH_NULL_SHA384,
		SSL_kDHEPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		0,
		0,
		},

		/* Cipher B6 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256,
		TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES128,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher B7 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384,
		TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_AES256,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher B8 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_NULL_SHA256,
		TLS1_CK_RSA_PSK_WITH_NULL_SHA256,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_eNULL,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		0,
		0,
		},

		/* Cipher B9 */
		{
		1,
		TLS1_TXT_RSA_PSK_WITH_NULL_SHA384,
		TLS1_CK_RSA_PSK_WITH_NULL_SHA384,
		SSL_kRSAPSK,
		SSL_aRSA,
		SSL_eNULL,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		0,
		0,
		},
		#endif /* OPENSSL_NO_PSK */

		#ifndef OPENSSL_NO_CAMELLIA
		/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
		@@ -2669,6 +3055,151 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
		256,
		},

		/* PSK ciphersuites from RFC 5489 */
		/* Cipher C033 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA,
		TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_RC4,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_MEDIUM,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher C034 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
		TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_3DES,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		112,
		168,
		},

		/* Cipher C035 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
		TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_AES128,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher C036 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
		TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_AES256,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		256,
		256,
		},

		/* Cipher C037 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
		TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_AES128,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		128,
		128,
		},

		/* Cipher C038 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
		TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_AES256,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_HIGH \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		256,
		256,
		},

		/* Cipher C039 */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA,
		TLS1_CK_ECDHE_PSK_WITH_NULL_SHA,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA1,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		0,
		0,
		},

		/* Cipher C03A */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256,
		TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA256,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_DEFAULT \| TLS1_PRF,
		0,
		0,
		},

		/* Cipher C03B */
		{
		1,
		TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384,
		TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384,
		SSL_kECDHEPSK,
		SSL_aPSK,
		SSL_eNULL,
		SSL_SHA384,
		SSL_TLSV1,
		SSL_NOT_EXP \| SSL_STRONG_NONE \| SSL_FIPS,
		SSL_HANDSHAKE_MAC_SHA384 \| TLS1_PRF_SHA384,
		0,
		0,
		},

		# ifndef OPENSSL_NO_CAMELLIA
		{ /* Cipher C072 */
		1,