Lines Matching defs:cipher
159 const char *alias_name; /* Alias name is the same as OpenSSL cipher name */
161 bool weak; /* Flag to mark cipher as weak based on previous implementation
165 /* Macro to initialize st_cipher data structure: stringify id to name, cipher
172 Macro to initialize st_cipher data structure with name, code (IANA cipher
173 number/id value), and 'weak' suite flag. The first 28 cipher suite numbers
175 0x001B. They have different names though. The first 4 letters of the cipher
177 the same for both SSL and TLS cipher suite name.
181 for 12 of the first 28 ciphers. Those 12 TLS cipher codes match to
182 corresponding SSL enum value and represent the same cipher suite. Therefore
183 we'll use the SSL enum value for those cipher suites because it is defined
188 with both TLS and SSL names. Their cipher numbers are assigned based on the
189 SDK enum value for the SSL cipher, which matches to IANA TLS number.
226 and we do not filter out those cipher suites.
240 If you add a new cipher, please maintain order by number, i.e.
242 cipher suite IANA number
245 /* SSL version 3.0 and initial TLS 1.0 cipher suites.
583 /* TLS 1.3 standard cipher suites for ChaCha20+Poly1305.
586 Cipher alias name matches to OpenSSL cipher name, and for
589 NULL, /* The OpenSSL cipher name matches to the IANA name */
592 NULL, /* The OpenSSL cipher name matches to the IANA name */
595 NULL, /* The OpenSSL cipher name matches to the IANA name */
598 NULL, /* The OpenSSL cipher name matches to the IANA name */
601 NULL, /* The OpenSSL cipher name matches to the IANA name */
768 /* Tags for SSL 2 cipher kinds which are not specified for SSL 3.
909 CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher)
912 optimization and instead of loop directly get SSL name by cipher number.
915 if(cipher <= SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA) {
916 return ciphertable[cipher].name;
921 if(ciphertable[i].num == cipher) {
1450 /* If the cipher is not in our list, assume it is a new one
1452 if cipher suite is not in the list, it was considered strong enough */
1458 /* Return whether character is a cipher list separator. */
1483 /* Disable cipher suites that ST supports but are not safe. These ciphers
1515 ciphers (cipher suite 0xC001 through 0xC032) simply do not work.
1569 /* Find last position of a cipher in the ciphers string */
1575 /* IANA cipher names start with the TLS_ or SSL_ prefix.
1576 If the 4th symbol of the cipher is '_' we look for a cipher in the
1578 Otherwise, we try to match cipher by an alias. */
1582 /* Iterate through the cipher table and look for the cipher, starting
1583 the cipher number 0x01 because the 0x00 is not the real cipher */
1596 /* Compare a part of the string between separators with a cipher name
1597 in the table and make sure we matched the whole cipher name */
1607 /* It would be more human-readable if we print the wrong cipher name
1610 Also, we do not modify an original cipher list string. We just point
1611 to positions where cipher starts and ends in the cipher list string.
1614 failf(data, "SSL: cipher string \"%s\" contains unsupported cipher name"
1628 /* All cipher suites in the list are found. Report to logs as-is */
1629 infof(data, "SSL: Setting cipher suites list \"%s\"", ciphers);
2034 /* We want to enable 1/n-1 when using a CBC cipher unless the user
2519 SSLCipherSuite cipher;
2565 failf(data, "A bad SSL cipher suite was encountered");
2658 failf(data, "Could not negotiate an SSL cipher suite with the server");
2767 (void)SSLGetNegotiatedCipher(backend->ssl_ctx, &cipher);
2772 TLSCipherNameForNumber(cipher));
2776 TLSCipherNameForNumber(cipher));
2780 TLSCipherNameForNumber(cipher));
2785 TLSCipherNameForNumber(cipher));
2789 TLSCipherNameForNumber(cipher));
2795 TLSCipherNameForNumber(cipher));