2
* Table enumerating all implemented cipher suites
5
* This Source Code Form is subject to the terms of the Mozilla Public
6
* License, v. 2.0. If a copy of the MPL was not distributed with this
7
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8
/* $Id: sslenum.c,v 1.19 2012/04/25 14:50:12 gerv%gerv.net Exp $ */
14
* The ciphers are listed in the following order:
15
* - stronger ciphers before weaker ciphers
16
* - national ciphers before international ciphers
17
* - faster ciphers before slower ciphers
19
* National ciphers such as Camellia are listed before international ciphers
20
* such as AES and RC4 to allow servers that prefer Camellia to negotiate
21
* Camellia without having to disable AES and RC4, which are needed for
22
* interoperability with clients that don't yet implement Camellia.
24
* The ordering of cipher suites in this table must match the ordering in
25
* the cipherSuites table in ssl3con.c.
27
* If new ECC cipher suites are added, also update the ssl3CipherSuite arrays
30
const PRUint16 SSL_ImplementedCiphers[] = {
33
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
34
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
35
#endif /* NSS_ENABLE_ECC */
36
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
37
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
38
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
40
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
41
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
42
#endif /* NSS_ENABLE_ECC */
43
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
44
TLS_RSA_WITH_AES_256_CBC_SHA,
45
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
49
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
50
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
51
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
52
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
53
#endif /* NSS_ENABLE_ECC */
54
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
55
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
56
TLS_DHE_DSS_WITH_RC4_128_SHA,
57
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
58
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
60
TLS_ECDH_RSA_WITH_RC4_128_SHA,
61
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
62
TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
63
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
64
#endif /* NSS_ENABLE_ECC */
65
TLS_RSA_WITH_SEED_CBC_SHA,
66
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
67
SSL_RSA_WITH_RC4_128_SHA,
68
SSL_RSA_WITH_RC4_128_MD5,
69
TLS_RSA_WITH_AES_128_CBC_SHA,
73
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
74
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
75
#endif /* NSS_ENABLE_ECC */
76
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
77
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
79
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
80
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
81
#endif /* NSS_ENABLE_ECC */
82
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
83
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
85
/* 56-bit DES "domestic" cipher suites */
86
SSL_DHE_RSA_WITH_DES_CBC_SHA,
87
SSL_DHE_DSS_WITH_DES_CBC_SHA,
88
SSL_RSA_FIPS_WITH_DES_CBC_SHA,
89
SSL_RSA_WITH_DES_CBC_SHA,
91
/* export ciphersuites with 1024-bit public key exchange keys */
92
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
93
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
95
/* export ciphersuites with 512-bit public key exchange keys */
96
SSL_RSA_EXPORT_WITH_RC4_40_MD5,
97
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
99
/* ciphersuites with no encryption */
100
#ifdef NSS_ENABLE_ECC
101
TLS_ECDHE_ECDSA_WITH_NULL_SHA,
102
TLS_ECDHE_RSA_WITH_NULL_SHA,
103
TLS_ECDH_RSA_WITH_NULL_SHA,
104
TLS_ECDH_ECDSA_WITH_NULL_SHA,
105
#endif /* NSS_ENABLE_ECC */
106
SSL_RSA_WITH_NULL_SHA,
107
SSL_RSA_WITH_NULL_MD5,
109
/* SSL2 cipher suites. */
110
SSL_EN_RC4_128_WITH_MD5,
111
SSL_EN_RC2_128_CBC_WITH_MD5,
112
SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
113
SSL_EN_DES_64_CBC_WITH_MD5,
114
SSL_EN_RC4_128_EXPORT40_WITH_MD5,
115
SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
121
const PRUint16 SSL_NumImplementedCiphers =
122
(sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
125
SSL_GetImplementedCiphers(void)
127
return SSL_ImplementedCiphers;
131
SSL_GetNumImplementedCiphers(void)
133
return SSL_NumImplementedCiphers;