diff options
| author | Luca Deri <deri@ntop.org> | 2021-05-13 12:37:07 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2021-05-13 12:37:07 +0200 |
| commit | a62be9b8ecd4d3bd885654ee27d7041c005d0121 (patch) | |
| tree | 17dbfe105098a09a0cd44cd360d808ad1edd34bb | |
| parent | 87076dcd5bcadbe9dbd24284429db59368af04a4 (diff) | |
Implemented heuristic to detect Safari and Firefox TLS browsing
| -rw-r--r-- | example/ndpiReader.c | 2 | ||||
| -rw-r--r-- | src/include/ndpi_encryption.h | 408 | ||||
| -rw-r--r-- | src/lib/ndpi_utils.c | 828 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 49 |
4 files changed, 829 insertions, 458 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index ecedfaa1b..b21e2f47c 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -60,6 +60,8 @@ #define ntohl64(x) ( ( (uint64_t)(ntohl( (uint32_t)((x << 32) >> 32) )) << 32) | ntohl( ((uint32_t)(x >> 32)) ) ) #define htonl64(x) ntohl64(x) +#define EURISTICS_CODE 1 + /** Client parameters **/ static char *_pcap_file[MAX_NUM_READER_THREADS]; /**< Ingress pcap file/interfaces */ diff --git a/src/include/ndpi_encryption.h b/src/include/ndpi_encryption.h new file mode 100644 index 000000000..b54de84de --- /dev/null +++ b/src/include/ndpi_encryption.h @@ -0,0 +1,408 @@ +/* + * ndpi_encryption.h + * + * Copyright (C) 2016-21 - ntop.org + * + * nDPI is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * nDPI is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with nDPI. If not, see <http://www.gnu.org/licenses/>. + * + */ + +/* https://wiki.mozilla.org/Security/Cipher_Suites */ +/* https://www.oryx-embedded.com/doc/tls__cipher__suites_8h.html */ + +#define TLS_NULL_WITH_NULL_NULL 0x0000 +#define TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 +#define TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 +#define TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 +#define TLS_RSA_WITH_NULL_MD5 0x0001 +#define TLS_RSA_WITH_NULL_SHA 0x0002 +#define TLS_RSA_WITH_NULL_SHA256 0x003B +#define TLS_RSA_WITH_RC4_128_MD5 0x0004 +#define TLS_RSA_WITH_RC4_128_SHA 0x0005 +#define TLS_RSA_WITH_IDEA_CBC_SHA 0x0007 +#define TLS_RSA_WITH_DES_CBC_SHA 0x0009 +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x000A +#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F +#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 +#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C +#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D +#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C +#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009D +#define TLS_RSA_WITH_AES_128_CCM 0xC09C +#define TLS_RSA_WITH_AES_256_CCM 0xC09D +#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 +#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041 +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084 +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BA +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C0 +#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A +#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B +#define TLS_RSA_WITH_SEED_CBC_SHA 0x0096 +#define TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C +#define TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D +#define TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 +#define TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 +#define TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000E +#define TLS_DH_RSA_WITH_DES_CBC_SHA 0x000F +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 0x003F +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 0x0069 +#define TLS_DH_RSA_WITH_AES_128_GCM_SHA256 0x00A0 +#define TLS_DH_RSA_WITH_AES_256_GCM_SHA384 0x00A1 +#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043 +#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0086 +#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BC +#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C2 +#define TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07E +#define TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07F +#define TLS_DH_RSA_WITH_SEED_CBC_SHA 0x0098 +#define TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 0xC040 +#define TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 0xC041 +#define TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 0xC054 +#define TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 0xC055 +#define TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 +#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x0015 +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B +#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009F +#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E +#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F +#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 +#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0045 +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0088 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x00BE +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x00C4 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C +#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D +#define TLS_DHE_RSA_WITH_SEED_CBC_SHA 0x009A +#define TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 +#define TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 +#define TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 +#define TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 +#define TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA +#define TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000B +#define TLS_DH_DSS_WITH_DES_CBC_SHA 0x000C +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000D +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 0x003E +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 0x0068 +#define TLS_DH_DSS_WITH_AES_128_GCM_SHA256 0x00A4 +#define TLS_DH_DSS_WITH_AES_256_GCM_SHA384 0x00A5 +#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042 +#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0085 +#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x00BB +#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x00C1 +#define TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 0xC082 +#define TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 0xC083 +#define TLS_DH_DSS_WITH_SEED_CBC_SHA 0x0097 +#define TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 0xC03E +#define TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 0xC03F +#define TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 0xC058 +#define TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 0xC059 +#define TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 +#define TLS_DHE_DSS_WITH_DES_CBC_SHA 0x0012 +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 0x0040 +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 0x006A +#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2 +#define TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 0x00A3 +#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0044 +#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0087 +#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x00BD +#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x00C3 +#define TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 0xC080 +#define TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 0xC081 +#define TLS_DHE_DSS_WITH_SEED_CBC_SHA 0x0099 +#define TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 0xC042 +#define TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 0xC043 +#define TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 0xC056 +#define TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 0xC057 +#define TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5 0x0017 +#define TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019 +#define TLS_DH_ANON_WITH_RC4_128_MD5 0x0018 +#define TLS_DH_ANON_WITH_DES_CBC_SHA 0x001A +#define TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA 0x001B +#define TLS_DH_ANON_WITH_AES_128_CBC_SHA 0x0034 +#define TLS_DH_ANON_WITH_AES_256_CBC_SHA 0x003A +#define TLS_DH_ANON_WITH_AES_128_CBC_SHA256 0x006C +#define TLS_DH_ANON_WITH_AES_256_CBC_SHA256 0x006D +#define TLS_DH_ANON_WITH_AES_128_GCM_SHA256 0x00A6 +#define TLS_DH_ANON_WITH_AES_256_GCM_SHA384 0x00A7 +#define TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA 0x0046 +#define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA 0x0089 +#define TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256 0x00BF +#define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256 0x00C5 +#define TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256 0xC084 +#define TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384 0xC085 +#define TLS_DH_ANON_WITH_SEED_CBC_SHA 0x009B +#define TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256 0xC046 +#define TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384 0xC047 +#define TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256 0xC05A +#define TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384 0xC05B +#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B +#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C +#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A +#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 +#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D +#define TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E +#define TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F +#define TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 +#define TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 +#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 +#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 +#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 +#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B +#define TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C +#define TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D +#define TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 +#define TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 +#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 +#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 +#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 +#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 +#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D +#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 +#define TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A +#define TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B +#define TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E +#define TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F +#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 +#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 +#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 +#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B +#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 +#define TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 +#define TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 +#define TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C +#define TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D +#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 +#define TLS_ECDH_ANON_WITH_NULL_SHA 0xC015 +#define TLS_ECDH_ANON_WITH_RC4_128_SHA 0xC016 +#define TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA 0xC017 +#define TLS_ECDH_ANON_WITH_AES_128_CBC_SHA 0xC018 +#define TLS_ECDH_ANON_WITH_AES_256_CBC_SHA 0xC019 +#define TLS_PSK_WITH_NULL_SHA 0x002C +#define TLS_PSK_WITH_NULL_SHA256 0x00B0 +#define TLS_PSK_WITH_NULL_SHA384 0x00B1 +#define TLS_PSK_WITH_RC4_128_SHA 0x008A +#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x008B +#define TLS_PSK_WITH_AES_128_CBC_SHA 0x008C +#define TLS_PSK_WITH_AES_256_CBC_SHA 0x008D +#define TLS_PSK_WITH_AES_128_CBC_SHA256 0x00AE +#define TLS_PSK_WITH_AES_256_CBC_SHA384 0x00AF +#define TLS_PSK_WITH_AES_128_GCM_SHA256 0x00A8 +#define TLS_PSK_WITH_AES_256_GCM_SHA384 0x00A9 +#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 +#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 +#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 +#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 +#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 +#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 +#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E +#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F +#define TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 +#define TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 +#define TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A +#define TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B +#define TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB +#define TLS_RSA_PSK_WITH_NULL_SHA 0x002E +#define TLS_RSA_PSK_WITH_NULL_SHA256 0x00B8 +#define TLS_RSA_PSK_WITH_NULL_SHA384 0x00B9 +#define TLS_RSA_PSK_WITH_RC4_128_SHA 0x0092 +#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x0093 +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x0094 +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x0095 +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0x00B6 +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0x00B7 +#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0x00AC +#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0x00AD +#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 +#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 +#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 +#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 +#define TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 +#define TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 +#define TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E +#define TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F +#define TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE +#define TLS_DHE_PSK_WITH_NULL_SHA 0x002D +#define TLS_DHE_PSK_WITH_NULL_SHA256 0x00B4 +#define TLS_DHE_PSK_WITH_NULL_SHA384 0x00B5 +#define TLS_DHE_PSK_WITH_RC4_128_SHA 0x008E +#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x008F +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x0090 +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x0091 +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0x00B2 +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0x00B3 +#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0x00AA +#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0x00AB +#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 +#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 +#define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA +#define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB +#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 +#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 +#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 +#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 +#define TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 +#define TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 +#define TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C +#define TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D +#define TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD +#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 +#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A +#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B +#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 +#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 +#define TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 0xD001 +#define TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 0xD002 +#define TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 0xD005 +#define TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 0xD003 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B +#define TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 +#define TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 +#define TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC +#define TLS_KRB5_EXPORT_WITH_RC4_40_MD5 0x002B +#define TLS_KRB5_EXPORT_WITH_RC4_40_SHA 0x0028 +#define TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 0x002A +#define TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA 0x0027 +#define TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 0x0029 +#define TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA 0x0026 +#define TLS_KRB5_WITH_RC4_128_MD5 0x0024 +#define TLS_KRB5_WITH_RC4_128_SHA 0x0020 +#define TLS_KRB5_WITH_IDEA_CBC_MD5 0x0025 +#define TLS_KRB5_WITH_IDEA_CBC_SHA 0x0021 +#define TLS_KRB5_WITH_DES_CBC_MD5 0x0022 +#define TLS_KRB5_WITH_DES_CBC_SHA 0x001E +#define TLS_KRB5_WITH_3DES_EDE_CBC_MD5 0x0023 +#define TLS_KRB5_WITH_3DES_EDE_CBC_SHA 0x001F +#define TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0xC01A +#define TLS_SRP_SHA_WITH_AES_128_CBC_SHA 0xC01D +#define TLS_SRP_SHA_WITH_AES_256_CBC_SHA 0xC020 +#define TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0xC01B +#define TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0xC01E +#define TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0xC021 +#define TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0xC01C +#define TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0xC01F +#define TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0xC022 +#define TLS_ECCPWD_WITH_AES_128_GCM_SHA256 0xC0B0 +#define TLS_ECCPWD_WITH_AES_256_GCM_SHA384 0xC0B1 +#define TLS_ECCPWD_WITH_AES_128_CCM_SHA256 0xC0B2 +#define TLS_ECCPWD_WITH_AES_256_CCM_SHA384 0xC0B3 +#define TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC 0xC100 +#define TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC 0xC101 +#define TLS_GOSTR341112_256_WITH_28147_CNT_IMIT 0xC102 +#define TLS_AES_128_GCM_SHA256 0x1301 +#define TLS_AES_256_GCM_SHA384 0x1302 +#define TLS_AES_128_CCM_SHA256 0x1304 +#define TLS_AES_128_CCM_8_SHA256 0x1305 +#define TLS_CHACHA20_POLY1305_SHA256 0x1303 +#define TLS_SM4_GCM_SM3 0x00C6 +#define TLS_SM4_CCM_SM3 0x00C7 +#define TLS_SHA256_SHA256 0xC0B4 +#define TLS_SHA384_SHA384 0xC0B5 +#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF +#define TLS_FALLBACK_SCSV 0x5600 + +/* https://datatracker.ietf.org/doc/html/rfc8701 */ +#define TLS_CIPHER_GREASE_RESERVED_0 0x0A0A +#define TLS_CIPHER_GREASE_RESERVED_1 0x1A1A +#define TLS_CIPHER_GREASE_RESERVED_2 0x2A2A +#define TLS_CIPHER_GREASE_RESERVED_3 0x3A3A +#define TLS_CIPHER_GREASE_RESERVED_4 0x4A4A +#define TLS_CIPHER_GREASE_RESERVED_5 0x5A5A +#define TLS_CIPHER_GREASE_RESERVED_6 0x6A6A +#define TLS_CIPHER_GREASE_RESERVED_7 0x7A7A +#define TLS_CIPHER_GREASE_RESERVED_8 0x8A8A +#define TLS_CIPHER_GREASE_RESERVED_9 0x9A9A +#define TLS_CIPHER_GREASE_RESERVED_A 0xAAAA +#define TLS_CIPHER_GREASE_RESERVED_B 0xBABA +#define TLS_CIPHER_GREASE_RESERVED_C 0xCACA +#define TLS_CIPHER_GREASE_RESERVED_D 0xDADA +#define TLS_CIPHER_GREASE_RESERVED_E 0xEAEA +#define TLS_CIPHER_GREASE_RESERVED_F 0xFAFA + +/* ********************************************** */ + +/* Signature algorithms */ + +#define RSA_PKCS1_SHA1 0x0201 +#define ECDSA_SHA1 0x0203 +#define RSA_PKCS1_SHA256 0x0401 +#define ECDSA_SECP256R1_SHA256 0x0403 +#define RSA_PKCS1_SHA384 0x0501 +#define ECDSA_SECP384R1_SHA384 0x0503 +#define RSA_PKCS1_SHA512 0x0601 +#define ECDSA_SECP521R1_SHA512 0x0603 +#define RSA_PSS_RSAE_SHA256 0x0804 +#define RSA_PSS_RSAE_SHA384 0x0805 +#define RSA_PSS_RSAE_SHA512 0x0806 +#define ED25519 0x0807 +#define ED448 0x0808 +#define RSA_PSS_PSS_SHA256 0x0809 +#define RSA_PSS_PSS_SHA384 0x080A +#define RSA_PSS_PSS_SHA512 0x080B diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 91055f694..905c2ba8c 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -32,6 +32,7 @@ #include "ndpi_config.h" #include "ndpi_api.h" #include "ndpi_includes.h" +#include "ndpi_encryption.h" #include "ahocorasick.h" #include "libcache.h" @@ -326,458 +327,399 @@ int strncasecmp(const char *s1, const char *s2, size_t n) { u_int8_t ndpi_is_safe_ssl_cipher(u_int32_t cipher) { /* https://community.qualys.com/thread/18212-how-does-qualys-determine-the-server-cipher-suites */ - /* INSECURE */ + switch(cipher) { - case 0xc011: return(NDPI_CIPHER_INSECURE); /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */ - case 0x0005: return(NDPI_CIPHER_INSECURE); /* TLS_RSA_WITH_RC4_128_SHA */ - case 0x0004: return(NDPI_CIPHER_INSECURE); /* TLS_RSA_WITH_RC4_128_MD5 */ + /* INSECURE */ + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: return(NDPI_CIPHER_INSECURE); + case TLS_RSA_WITH_RC4_128_SHA: return(NDPI_CIPHER_INSECURE); + case TLS_RSA_WITH_RC4_128_MD5: return(NDPI_CIPHER_INSECURE); + /* WEAK */ - case 0x009d: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_256_GCM_SHA384 */ - case 0x003d: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_256_CBC_SHA256 */ - case 0x0035: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_256_CBC_SHA */ - case 0x0084: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */ - case 0x009c: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_128_GCM_SHA256 */ - case 0x003c: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_128_CBC_SHA256 */ - case 0x002f: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_AES_128_CBC_SHA */ - case 0x0041: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */ - case 0xc012: return(NDPI_CIPHER_WEAK); /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */ - case 0x0016: return(NDPI_CIPHER_WEAK); /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */ - case 0x000a: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */ - case 0x0096: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_SEED_CBC_SHA */ - case 0x0007: return(NDPI_CIPHER_WEAK); /* TLS_RSA_WITH_IDEA_CBC_SHA */ - default: return(NDPI_CIPHER_SAFE); + case TLS_RSA_WITH_AES_256_GCM_SHA384: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_AES_256_CBC_SHA256: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_AES_256_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_AES_128_GCM_SHA256: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_AES_128_CBC_SHA256: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_AES_128_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_SEED_CBC_SHA: return(NDPI_CIPHER_WEAK); + case TLS_RSA_WITH_IDEA_CBC_SHA: return(NDPI_CIPHER_WEAK); + + default: + return(NDPI_CIPHER_SAFE); } } /* ***************************************************** */ -/* - Some values coming from packet-tls-utils.c (wireshark) -*/ const char* ndpi_cipher2str(u_int32_t cipher) { switch(cipher) { - case 0x000000: return("TLS_NULL_WITH_NULL_NULL"); - case 0x000001: return("TLS_RSA_WITH_NULL_MD5"); - case 0x000002: return("TLS_RSA_WITH_NULL_SHA"); - case 0x000003: return("TLS_RSA_EXPORT_WITH_RC4_40_MD5"); - case 0x000004: return("TLS_RSA_WITH_RC4_128_MD5"); - case 0x000005: return("TLS_RSA_WITH_RC4_128_SHA"); - case 0x000006: return("TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"); - case 0x000007: return("TLS_RSA_WITH_IDEA_CBC_SHA"); - case 0x000008: return("TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"); - case 0x000009: return("TLS_RSA_WITH_DES_CBC_SHA"); - case 0x00000a: return("TLS_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00000b: return("TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"); - case 0x00000c: return("TLS_DH_DSS_WITH_DES_CBC_SHA"); - case 0x00000d: return("TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"); - case 0x00000e: return("TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"); - case 0x00000f: return("TLS_DH_RSA_WITH_DES_CBC_SHA"); - case 0x000010: return("TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x000011: return("TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); - case 0x000012: return("TLS_DHE_DSS_WITH_DES_CBC_SHA"); - case 0x000013: return("TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"); - case 0x000014: return("TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"); - case 0x000015: return("TLS_DHE_RSA_WITH_DES_CBC_SHA"); - case 0x000016: return("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x000017: return("TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"); - case 0x000018: return("TLS_DH_anon_WITH_RC4_128_MD5"); - case 0x000019: return("TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"); - case 0x00001a: return("TLS_DH_anon_WITH_DES_CBC_SHA"); - case 0x00001b: return("TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"); - case 0x00001c: return("TLS_FORTEZZA_KEA_WITH_NULL_SHA"); - case 0x00001d: return("TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"); - /* case 0x00001e: return("TLS_FORTEZZA_KEA_WITH_RC4_128_SHA"); */ - case 0x00001E: return("TLS_KRB5_WITH_DES_CBC_SHA"); - case 0x00001F: return("TLS_KRB5_WITH_3DES_EDE_CBC_SHA"); - case 0x000020: return("TLS_KRB5_WITH_RC4_128_SHA"); - case 0x000021: return("TLS_KRB5_WITH_IDEA_CBC_SHA"); - case 0x000022: return("TLS_KRB5_WITH_DES_CBC_MD5"); - case 0x000023: return("TLS_KRB5_WITH_3DES_EDE_CBC_MD5"); - case 0x000024: return("TLS_KRB5_WITH_RC4_128_MD5"); - case 0x000025: return("TLS_KRB5_WITH_IDEA_CBC_MD5"); - case 0x000026: return("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"); - case 0x000027: return("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"); - case 0x000028: return("TLS_KRB5_EXPORT_WITH_RC4_40_SHA"); - case 0x000029: return("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"); - case 0x00002A: return("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"); - case 0x00002B: return("TLS_KRB5_EXPORT_WITH_RC4_40_MD5"); - case 0x00002C: return("TLS_PSK_WITH_NULL_SHA"); - case 0x00002D: return("TLS_DHE_PSK_WITH_NULL_SHA"); - case 0x00002E: return("TLS_RSA_PSK_WITH_NULL_SHA"); - case 0x00002f: return("TLS_RSA_WITH_AES_128_CBC_SHA"); - case 0x000030: return("TLS_DH_DSS_WITH_AES_128_CBC_SHA"); - case 0x000031: return("TLS_DH_RSA_WITH_AES_128_CBC_SHA"); - case 0x000032: return("TLS_DHE_DSS_WITH_AES_128_CBC_SHA"); - case 0x000033: return("TLS_DHE_RSA_WITH_AES_128_CBC_SHA"); - case 0x000034: return("TLS_DH_anon_WITH_AES_128_CBC_SHA"); - case 0x000035: return("TLS_RSA_WITH_AES_256_CBC_SHA"); - case 0x000036: return("TLS_DH_DSS_WITH_AES_256_CBC_SHA"); - case 0x000037: return("TLS_DH_RSA_WITH_AES_256_CBC_SHA"); - case 0x000038: return("TLS_DHE_DSS_WITH_AES_256_CBC_SHA"); - case 0x000039: return("TLS_DHE_RSA_WITH_AES_256_CBC_SHA"); - case 0x00003A: return("TLS_DH_anon_WITH_AES_256_CBC_SHA"); - case 0x00003B: return("TLS_RSA_WITH_NULL_SHA256"); - case 0x00003C: return("TLS_RSA_WITH_AES_128_CBC_SHA256"); - case 0x00003D: return("TLS_RSA_WITH_AES_256_CBC_SHA256"); - case 0x00003E: return("TLS_DH_DSS_WITH_AES_128_CBC_SHA256"); - case 0x00003F: return("TLS_DH_RSA_WITH_AES_128_CBC_SHA256"); - case 0x000040: return("TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"); - case 0x000041: return("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000042: return("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000043: return("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000044: return("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000045: return("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000046: return("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"); - case 0x000047: return("TLS_ECDH_ECDSA_WITH_NULL_SHA"); - case 0x000048: return("TLS_ECDH_ECDSA_WITH_RC4_128_SHA"); - case 0x000049: return("TLS_ECDH_ECDSA_WITH_DES_CBC_SHA"); - case 0x00004A: return("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00004B: return("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"); - case 0x00004C: return("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); - case 0x000060: return("TLS_RSA_EXPORT1024_WITH_RC4_56_MD5"); - case 0x000061: return("TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5"); - case 0x000062: return("TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA"); - case 0x000063: return("TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA"); - case 0x000064: return("TLS_RSA_EXPORT1024_WITH_RC4_56_SHA"); - case 0x000065: return("TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA"); - case 0x000066: return("TLS_DHE_DSS_WITH_RC4_128_SHA"); - case 0x000067: return("TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"); - case 0x000068: return("TLS_DH_DSS_WITH_AES_256_CBC_SHA256"); - case 0x000069: return("TLS_DH_RSA_WITH_AES_256_CBC_SHA256"); - case 0x00006A: return("TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"); - case 0x00006B: return("TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"); - case 0x00006C: return("TLS_DH_anon_WITH_AES_128_CBC_SHA256"); - case 0x00006D: return("TLS_DH_anon_WITH_AES_256_CBC_SHA256"); - case 0x000084: return("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"); - case 0x000085: return("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"); - case 0x000086: return("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"); - case 0x000087: return("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"); - case 0x000088: return("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"); - case 0x000089: return("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"); - case 0x00008A: return("TLS_PSK_WITH_RC4_128_SHA"); - case 0x00008B: return("TLS_PSK_WITH_3DES_EDE_CBC_SHA"); - case 0x00008C: return("TLS_PSK_WITH_AES_128_CBC_SHA"); - case 0x00008D: return("TLS_PSK_WITH_AES_256_CBC_SHA"); - case 0x00008E: return("TLS_DHE_PSK_WITH_RC4_128_SHA"); - case 0x00008F: return("TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"); - case 0x000090: return("TLS_DHE_PSK_WITH_AES_128_CBC_SHA"); - case 0x000091: return("TLS_DHE_PSK_WITH_AES_256_CBC_SHA"); - case 0x000092: return("TLS_RSA_PSK_WITH_RC4_128_SHA"); - case 0x000093: return("TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"); - case 0x000094: return("TLS_RSA_PSK_WITH_AES_128_CBC_SHA"); - case 0x000095: return("TLS_RSA_PSK_WITH_AES_256_CBC_SHA"); - case 0x000096: return("TLS_RSA_WITH_SEED_CBC_SHA"); - case 0x000097: return("TLS_DH_DSS_WITH_SEED_CBC_SHA"); - case 0x000098: return("TLS_DH_RSA_WITH_SEED_CBC_SHA"); - case 0x000099: return("TLS_DHE_DSS_WITH_SEED_CBC_SHA"); - case 0x00009A: return("TLS_DHE_RSA_WITH_SEED_CBC_SHA"); - case 0x00009B: return("TLS_DH_anon_WITH_SEED_CBC_SHA"); - case 0x00009C: return("TLS_RSA_WITH_AES_128_GCM_SHA256"); - case 0x00009D: return("TLS_RSA_WITH_AES_256_GCM_SHA384"); - case 0x00009E: return("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"); - case 0x00009F: return("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"); - case 0x0000A0: return("TLS_DH_RSA_WITH_AES_128_GCM_SHA256"); - case 0x0000A1: return("TLS_DH_RSA_WITH_AES_256_GCM_SHA384"); - case 0x0000A2: return("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"); - case 0x0000A3: return("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"); - case 0x0000A4: return("TLS_DH_DSS_WITH_AES_128_GCM_SHA256"); - case 0x0000A5: return("TLS_DH_DSS_WITH_AES_256_GCM_SHA384"); - case 0x0000A6: return("TLS_DH_anon_WITH_AES_128_GCM_SHA256"); - case 0x0000A7: return("TLS_DH_anon_WITH_AES_256_GCM_SHA384"); - case 0x0000A8: return("TLS_PSK_WITH_AES_128_GCM_SHA256"); - case 0x0000A9: return("TLS_PSK_WITH_AES_256_GCM_SHA384"); - case 0x0000AA: return("TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"); - case 0x0000AB: return("TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"); - case 0x0000AC: return("TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"); - case 0x0000AD: return("TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"); - case 0x0000AE: return("TLS_PSK_WITH_AES_128_CBC_SHA256"); - case 0x0000AF: return("TLS_PSK_WITH_AES_256_CBC_SHA384"); - case 0x0000B0: return("TLS_PSK_WITH_NULL_SHA256"); - case 0x0000B1: return("TLS_PSK_WITH_NULL_SHA384"); - case 0x0000B2: return("TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"); - case 0x0000B3: return("TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"); - case 0x0000B4: return("TLS_DHE_PSK_WITH_NULL_SHA256"); - case 0x0000B5: return("TLS_DHE_PSK_WITH_NULL_SHA384"); - case 0x0000B6: return("TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"); - case 0x0000B7: return("TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"); - case 0x0000B8: return("TLS_RSA_PSK_WITH_NULL_SHA256"); - case 0x0000B9: return("TLS_RSA_PSK_WITH_NULL_SHA384"); - case 0x0000BA: return("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000BB: return("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000BC: return("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000BD: return("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000BE: return("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000BF: return("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"); - case 0x0000C0: return("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000C1: return("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000C2: return("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000C3: return("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000C4: return("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000C5: return("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"); - case 0x0000FF: return("TLS_EMPTY_RENEGOTIATION_INFO_SCSV"); - /* RFC 8701 */ - case 0x0A0A: return("Reserved (GREASE)"); - /* RFC 8446 */ - case 0x1301: return("TLS_AES_128_GCM_SHA256"); - case 0x1302: return("TLS_AES_256_GCM_SHA384"); - case 0x1303: return("TLS_CHACHA20_POLY1305_SHA256"); - case 0x1304: return("TLS_AES_128_CCM_SHA256"); - case 0x1305: return("TLS_AES_128_CCM_8_SHA256"); - /* RFC 8701 */ - case 0x1A1A: return("Reserved (GREASE)"); - case 0x2A2A: return("Reserved (GREASE)"); - case 0x3A3A: return("Reserved (GREASE)"); - case 0x4A4A: return("Reserved (GREASE)"); - /* From RFC 7507 */ - case 0x5600: return("TLS_FALLBACK_SCSV"); - /* RFC 8701 */ - case 0x5A5A: return("Reserved (GREASE)"); - case 0x6A6A: return("Reserved (GREASE)"); - case 0x7A7A: return("Reserved (GREASE)"); - case 0x8A8A: return("Reserved (GREASE)"); - case 0x9A9A: return("Reserved (GREASE)"); - case 0xAAAA: return("Reserved (GREASE)"); - case 0xBABA: return("Reserved (GREASE)"); - - case 0x00c001: return("TLS_ECDH_ECDSA_WITH_NULL_SHA"); - case 0x00c002: return("TLS_ECDH_ECDSA_WITH_RC4_128_SHA"); - case 0x00c003: return("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00c004: return("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"); - case 0x00c005: return("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); - case 0x00c006: return("TLS_ECDHE_ECDSA_WITH_NULL_SHA"); - case 0x00c007: return("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"); - case 0x00c008: return("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00c009: return("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"); - case 0x00c00a: return("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"); - case 0x00c00b: return("TLS_ECDH_RSA_WITH_NULL_SHA"); - case 0x00c00c: return("TLS_ECDH_RSA_WITH_RC4_128_SHA"); - case 0x00c00d: return("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00c00e: return("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"); - case 0x00c00f: return("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"); - case 0x00c010: return("TLS_ECDHE_RSA_WITH_NULL_SHA"); - case 0x00c011: return("TLS_ECDHE_RSA_WITH_RC4_128_SHA"); - case 0x00c012: return("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00c013: return("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"); - case 0x00c014: return("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); - case 0x00c015: return("TLS_ECDH_anon_WITH_NULL_SHA"); - case 0x00c016: return("TLS_ECDH_anon_WITH_RC4_128_SHA"); - case 0x00c017: return("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"); - case 0x00c018: return("TLS_ECDH_anon_WITH_AES_128_CBC_SHA"); - case 0x00c019: return("TLS_ECDH_anon_WITH_AES_256_CBC_SHA"); - case 0x00C01A: return("TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"); - case 0x00C01B: return("TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"); - case 0x00C01C: return("TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"); - case 0x00C01D: return("TLS_SRP_SHA_WITH_AES_128_CBC_SHA"); - case 0x00C01E: return("TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"); - case 0x00C01F: return("TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"); - case 0x00C020: return("TLS_SRP_SHA_WITH_AES_256_CBC_SHA"); - case 0x00C021: return("TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"); - case 0x00C022: return("TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"); - case 0x00C023: return("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"); - case 0x00C024: return("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"); - case 0x00C025: return("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"); - case 0x00C026: return("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"); - case 0x00C027: return("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"); - case 0x00C028: return("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"); - case 0x00C029: return("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"); - case 0x00C02A: return("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"); - case 0x00C02B: return("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"); - case 0x00C02C: return("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"); - case 0x00C02D: return("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"); - case 0x00C02E: return("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"); - case 0x00C02F: return("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"); - case 0x00C030: return("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"); - case 0x00C031: return("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"); - case 0x00C032: return("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"); - case 0x00C033: return("TLS_ECDHE_PSK_WITH_RC4_128_SHA"); - case 0x00C034: return("TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"); - case 0x00C035: return("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"); - case 0x00C036: return("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"); - case 0x00C037: return("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"); - case 0x00C038: return("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"); - case 0x00C039: return("TLS_ECDHE_PSK_WITH_NULL_SHA"); - case 0x00C03A: return("TLS_ECDHE_PSK_WITH_NULL_SHA256"); - case 0x00C03B: return("TLS_ECDHE_PSK_WITH_NULL_SHA384"); - /* RFC 6209 */ - case 0xC03C: return("TLS_RSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC03D: return("TLS_RSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC03E: return("TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"); - case 0xC03F: return("TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"); - case 0xC040: return("TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC041: return("TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC042: return("TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"); - case 0xC043: return("TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"); - case 0xC044: return("TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC045: return("TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC046: return("TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"); - case 0xC047: return("TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"); - case 0xC048: return("TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC049: return("TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC04A: return("TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC04B: return("TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC04C: return("TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC04D: return("TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC04E: return("TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"); - case 0xC04F: return("TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"); - case 0xC050: return("TLS_RSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC051: return("TLS_RSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC052: return("TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC053: return("TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC054: return("TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC055: return("TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC056: return("TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"); - case 0xC057: return("TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"); - case 0xC058: return("TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"); - case 0xC059: return("TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"); - case 0xC05A: return("TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"); - case 0xC05B: return("TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"); - case 0xC05C: return("TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC05D: return("TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC05E: return("TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC05F: return("TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC060: return("TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC061: return("TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC062: return("TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"); - case 0xC063: return("TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"); - case 0xC064: return("TLS_PSK_WITH_ARIA_128_CBC_SHA256"); - case 0xC065: return("TLS_PSK_WITH_ARIA_256_CBC_SHA384"); - case 0xC066: return("TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"); - case 0xC067: return("TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"); - case 0xC068: return("TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"); - case 0xC069: return("TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"); - case 0xC06A: return("TLS_PSK_WITH_ARIA_128_GCM_SHA256"); - case 0xC06B: return("TLS_PSK_WITH_ARIA_256_GCM_SHA384"); - case 0xC06C: return("TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"); - case 0xC06D: return("TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"); - case 0xC06E: return("TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"); - case 0xC06F: return("TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"); - case 0xC070: return("TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"); - case 0xC071: return("TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"); - /* RFC 6367 */ - case 0xC072: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC073: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC074: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC075: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC076: return("TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC077: return("TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC078: return("TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC079: return("TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC07A: return("TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC07B: return("TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC07C: return("TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC07D: return("TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC07E: return("TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC07F: return("TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC080: return("TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC081: return("TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC082: return("TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC083: return("TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC084: return("TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC085: return("TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC086: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC087: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC088: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC089: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC08A: return("TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC08B: return("TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC08C: return("TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC08D: return("TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC08E: return("TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC08F: return("TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC090: return("TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC091: return("TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC092: return("TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"); - case 0xC093: return("TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"); - case 0xC094: return("TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC095: return("TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC096: return("TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC097: return("TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC098: return("TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC099: return("TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"); - case 0xC09A: return("TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"); - case 0xC09B: return("TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"); - /* RFC 6655 */ - case 0xC09C: return("TLS_RSA_WITH_AES_128_CCM"); - case 0xC09D: return("TLS_RSA_WITH_AES_256_CCM"); - case 0xC09E: return("TLS_DHE_RSA_WITH_AES_128_CCM"); - case 0xC09F: return("TLS_DHE_RSA_WITH_AES_256_CCM"); - case 0xC0A0: return("TLS_RSA_WITH_AES_128_CCM_8"); - case 0xC0A1: return("TLS_RSA_WITH_AES_256_CCM_8"); - case 0xC0A2: return("TLS_DHE_RSA_WITH_AES_128_CCM_8"); - case 0xC0A3: return("TLS_DHE_RSA_WITH_AES_256_CCM_8"); - case 0xC0A4: return("TLS_PSK_WITH_AES_128_CCM"); - case 0xC0A5: return("TLS_PSK_WITH_AES_256_CCM"); - case 0xC0A6: return("TLS_DHE_PSK_WITH_AES_128_CCM"); - case 0xC0A7: return("TLS_DHE_PSK_WITH_AES_256_CCM"); - case 0xC0A8: return("TLS_PSK_WITH_AES_128_CCM_8"); - case 0xC0A9: return("TLS_PSK_WITH_AES_256_CCM_8"); - case 0xC0AA: return("TLS_PSK_DHE_WITH_AES_128_CCM_8"); - case 0xC0AB: return("TLS_PSK_DHE_WITH_AES_256_CCM_8"); - /* RFC 7251 */ - case 0xC0AC: return("TLS_ECDHE_ECDSA_WITH_AES_128_CCM"); - case 0xC0AD: return("TLS_ECDHE_ECDSA_WITH_AES_256_CCM"); - case 0xC0AE: return("TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"); - case 0xC0AF: return("TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"); - /* RFC 8492 */ - case 0xC0B0: return("TLS_ECCPWD_WITH_AES_128_GCM_SHA256"); - case 0xC0B1: return("TLS_ECCPWD_WITH_AES_256_GCM_SHA384"); - case 0xC0B2: return("TLS_ECCPWD_WITH_AES_128_CCM_SHA256"); - case 0xC0B3: return("TLS_ECCPWD_WITH_AES_256_CCM_SHA384"); - /* draft-camwinget-tls-ts13-macciphersuites */ - case 0xC0B4: return("TLS_SHA256_SHA256"); - case 0xC0B5: return("TLS_SHA384_SHA384"); - /* https://www.ietf.org/archive/id/draft-cragie-tls-ecjpake-01.txt */ - case 0xC0FF: return("TLS_ECJPAKE_WITH_AES_128_CCM_8"); - /* draft-smyshlyaev-tls12-gost-suites */ - case 0xC100: return("TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"); - case 0xC101: return("TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"); - case 0xC102: return("TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"); - /* draft-smyshlyaev-tls13-gost-suites */ - case 0xC103: return("TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L"); - case 0xC104: return("TLS_GOSTR341112_256_WITH_MAGMA_MGM_L"); - case 0xC105: return("TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S"); - case 0xC106: return("TLS_GOSTR341112_256_WITH_MAGMA_MGM_S"); - /* RFC 8701 */ - case 0xCACA: return("Reserved (GREASE)"); - - case 0x00CC13: return("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CC14: return("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CC15: return("TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCA8: return("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCA9: return("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCAA: return("TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCAB: return("TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCAC: return("TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCAD: return("TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00CCAE: return("TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"); - case 0x00E410: return("TLS_RSA_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E411: return("TLS_RSA_WITH_SALSA20_SHA1"); - case 0x00E412: return("TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E413: return("TLS_ECDHE_RSA_WITH_SALSA20_SHA1"); - case 0x00E414: return("TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E415: return("TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1"); - case 0x00E416: return("TLS_PSK_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E417: return("TLS_PSK_WITH_SALSA20_SHA1"); - case 0x00E418: return("TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E419: return("TLS_ECDHE_PSK_WITH_SALSA20_SHA1"); - case 0x00E41A: return("TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E41B: return("TLS_RSA_PSK_WITH_SALSA20_SHA1"); - case 0x00E41C: return("TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E41D: return("TLS_DHE_PSK_WITH_SALSA20_SHA1"); - case 0x00E41E: return("TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1"); - case 0x00E41F: return("TLS_DHE_RSA_WITH_SALSA20_SHA1"); - case 0x00fefe: return("TLS_RSA_FIPS_WITH_DES_CBC_SHA"); - case 0x00feff: return("TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"); - case 0x00ffe0: return("TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"); - case 0x00ffe1: return("TLS_RSA_FIPS_WITH_DES_CBC_SHA"); - case 0x010080: return("SSL2_RC4_128_WITH_MD5"); - case 0x020080: return("SSL2_RC4_128_EXPORT40_WITH_MD5"); - case 0x030080: return("SSL2_RC2_128_CBC_WITH_MD5"); - case 0x040080: return("SSL2_RC2_128_CBC_EXPORT40_WITH_MD5"); - case 0x050080: return("SSL2_IDEA_128_CBC_WITH_MD5"); - case 0x060040: return("SSL2_DES_64_CBC_WITH_MD5"); - case 0x0700c0: return("SSL2_DES_192_EDE3_CBC_WITH_MD5"); - case 0x080080: return("SSL2_RC4_64_WITH_MD5"); + case TLS_NULL_WITH_NULL_NULL: return("TLS_NULL_WITH_NULL_NULL"); + case TLS_RSA_EXPORT_WITH_RC4_40_MD5: return("TLS_RSA_EXPORT_WITH_RC4_40_MD5"); + case TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5: return("TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"); + case TLS_RSA_EXPORT_WITH_DES40_CBC_SHA: return("TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_RSA_WITH_NULL_MD5: return("TLS_RSA_WITH_NULL_MD5"); + case TLS_RSA_WITH_NULL_SHA: return("TLS_RSA_WITH_NULL_SHA"); + case TLS_RSA_WITH_NULL_SHA256: return("TLS_RSA_WITH_NULL_SHA256"); + case TLS_RSA_WITH_RC4_128_MD5: return("TLS_RSA_WITH_RC4_128_MD5"); + case TLS_RSA_WITH_RC4_128_SHA: return("TLS_RSA_WITH_RC4_128_SHA"); + case TLS_RSA_WITH_IDEA_CBC_SHA: return("TLS_RSA_WITH_IDEA_CBC_SHA"); + case TLS_RSA_WITH_DES_CBC_SHA: return("TLS_RSA_WITH_DES_CBC_SHA"); + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_RSA_WITH_AES_128_CBC_SHA: return("TLS_RSA_WITH_AES_128_CBC_SHA"); + case TLS_RSA_WITH_AES_256_CBC_SHA: return("TLS_RSA_WITH_AES_256_CBC_SHA"); + case TLS_RSA_WITH_AES_128_CBC_SHA256: return("TLS_RSA_WITH_AES_128_CBC_SHA256"); + case TLS_RSA_WITH_AES_256_CBC_SHA256: return("TLS_RSA_WITH_AES_256_CBC_SHA256"); + case TLS_RSA_WITH_AES_128_GCM_SHA256: return("TLS_RSA_WITH_AES_128_GCM_SHA256"); + case TLS_RSA_WITH_AES_256_GCM_SHA384: return("TLS_RSA_WITH_AES_256_GCM_SHA384"); + case TLS_RSA_WITH_AES_128_CCM: return("TLS_RSA_WITH_AES_128_CCM"); + case TLS_RSA_WITH_AES_256_CCM: return("TLS_RSA_WITH_AES_256_CCM"); + case TLS_RSA_WITH_AES_128_CCM_8: return("TLS_RSA_WITH_AES_128_CCM_8"); + case TLS_RSA_WITH_AES_256_CCM_8: return("TLS_RSA_WITH_AES_256_CCM_8"); + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: return("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: return("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_RSA_WITH_SEED_CBC_SHA: return("TLS_RSA_WITH_SEED_CBC_SHA"); + case TLS_RSA_WITH_ARIA_128_CBC_SHA256: return("TLS_RSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_RSA_WITH_ARIA_256_CBC_SHA384: return("TLS_RSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_RSA_WITH_ARIA_128_GCM_SHA256: return("TLS_RSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_RSA_WITH_ARIA_256_GCM_SHA384: return("TLS_RSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: return("TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_DH_RSA_WITH_DES_CBC_SHA: return("TLS_DH_RSA_WITH_DES_CBC_SHA"); + case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_DH_RSA_WITH_AES_128_CBC_SHA: return("TLS_DH_RSA_WITH_AES_128_CBC_SHA"); + case TLS_DH_RSA_WITH_AES_256_CBC_SHA: return("TLS_DH_RSA_WITH_AES_256_CBC_SHA"); + case TLS_DH_RSA_WITH_AES_128_CBC_SHA256: return("TLS_DH_RSA_WITH_AES_128_CBC_SHA256"); + case TLS_DH_RSA_WITH_AES_256_CBC_SHA256: return("TLS_DH_RSA_WITH_AES_256_CBC_SHA256"); + case TLS_DH_RSA_WITH_AES_128_GCM_SHA256: return("TLS_DH_RSA_WITH_AES_128_GCM_SHA256"); + case TLS_DH_RSA_WITH_AES_256_GCM_SHA384: return("TLS_DH_RSA_WITH_AES_256_GCM_SHA384"); + case TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: return("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: return("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DH_RSA_WITH_SEED_CBC_SHA: return("TLS_DH_RSA_WITH_SEED_CBC_SHA"); + case TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: return("TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: return("TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: return("TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: return("TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: return("TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_DHE_RSA_WITH_DES_CBC_SHA: return("TLS_DHE_RSA_WITH_DES_CBC_SHA"); + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: return("TLS_DHE_RSA_WITH_AES_128_CBC_SHA"); + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: return("TLS_DHE_RSA_WITH_AES_256_CBC_SHA"); + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: return("TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"); + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: return("TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"); + case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: return("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"); + case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: return("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"); + case TLS_DHE_RSA_WITH_AES_128_CCM: return("TLS_DHE_RSA_WITH_AES_128_CCM"); + case TLS_DHE_RSA_WITH_AES_256_CCM: return("TLS_DHE_RSA_WITH_AES_256_CCM"); + case TLS_DHE_RSA_WITH_AES_128_CCM_8: return("TLS_DHE_RSA_WITH_AES_128_CCM_8"); + case TLS_DHE_RSA_WITH_AES_256_CCM_8: return("TLS_DHE_RSA_WITH_AES_256_CCM_8"); + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: return("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: return("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DHE_RSA_WITH_SEED_CBC_SHA: return("TLS_DHE_RSA_WITH_SEED_CBC_SHA"); + case TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: return("TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: return("TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: return("TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: return("TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: return("TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: return("TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_DH_DSS_WITH_DES_CBC_SHA: return("TLS_DH_DSS_WITH_DES_CBC_SHA"); + case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: return("TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"); + case TLS_DH_DSS_WITH_AES_128_CBC_SHA: return("TLS_DH_DSS_WITH_AES_128_CBC_SHA"); + case TLS_DH_DSS_WITH_AES_256_CBC_SHA: return("TLS_DH_DSS_WITH_AES_256_CBC_SHA"); + case TLS_DH_DSS_WITH_AES_128_CBC_SHA256: return("TLS_DH_DSS_WITH_AES_128_CBC_SHA256"); + case TLS_DH_DSS_WITH_AES_256_CBC_SHA256: return("TLS_DH_DSS_WITH_AES_256_CBC_SHA256"); + case TLS_DH_DSS_WITH_AES_128_GCM_SHA256: return("TLS_DH_DSS_WITH_AES_128_GCM_SHA256"); + case TLS_DH_DSS_WITH_AES_256_GCM_SHA384: return("TLS_DH_DSS_WITH_AES_256_GCM_SHA384"); + case TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: return("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: return("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DH_DSS_WITH_SEED_CBC_SHA: return("TLS_DH_DSS_WITH_SEED_CBC_SHA"); + case TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: return("TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"); + case TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: return("TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"); + case TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: return("TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"); + case TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: return("TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"); + case TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: return("TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_DHE_DSS_WITH_DES_CBC_SHA: return("TLS_DHE_DSS_WITH_DES_CBC_SHA"); + case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: return("TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"); + case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: return("TLS_DHE_DSS_WITH_AES_128_CBC_SHA"); + case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: return("TLS_DHE_DSS_WITH_AES_256_CBC_SHA"); + case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: return("TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"); + case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: return("TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"); + case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: return("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"); + case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: return("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"); + case TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: return("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: return("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DHE_DSS_WITH_SEED_CBC_SHA: return("TLS_DHE_DSS_WITH_SEED_CBC_SHA"); + case TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: return("TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"); + case TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: return("TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"); + case TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: return("TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"); + case TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: return("TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"); + case TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5: return("TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5"); + case TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA: return("TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA"); + case TLS_DH_ANON_WITH_RC4_128_MD5: return("TLS_DH_ANON_WITH_RC4_128_MD5"); + case TLS_DH_ANON_WITH_DES_CBC_SHA: return("TLS_DH_ANON_WITH_DES_CBC_SHA"); + case TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA: return("TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA"); + case TLS_DH_ANON_WITH_AES_128_CBC_SHA: return("TLS_DH_ANON_WITH_AES_128_CBC_SHA"); + case TLS_DH_ANON_WITH_AES_256_CBC_SHA: return("TLS_DH_ANON_WITH_AES_256_CBC_SHA"); + case TLS_DH_ANON_WITH_AES_128_CBC_SHA256: return("TLS_DH_ANON_WITH_AES_128_CBC_SHA256"); + case TLS_DH_ANON_WITH_AES_256_CBC_SHA256: return("TLS_DH_ANON_WITH_AES_256_CBC_SHA256"); + case TLS_DH_ANON_WITH_AES_128_GCM_SHA256: return("TLS_DH_ANON_WITH_AES_128_GCM_SHA256"); + case TLS_DH_ANON_WITH_AES_256_GCM_SHA384: return("TLS_DH_ANON_WITH_AES_256_GCM_SHA384"); + case TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA: return("TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA"); + case TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA: return("TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA"); + case TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256: return("TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256"); + case TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DH_ANON_WITH_SEED_CBC_SHA: return("TLS_DH_ANON_WITH_SEED_CBC_SHA"); + case TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256: return("TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256"); + case TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384: return("TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384"); + case TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256: return("TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256"); + case TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384: return("TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384"); + case TLS_ECDH_RSA_WITH_NULL_SHA: return("TLS_ECDH_RSA_WITH_NULL_SHA"); + case TLS_ECDH_RSA_WITH_RC4_128_SHA: return("TLS_ECDH_RSA_WITH_RC4_128_SHA"); + case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: return("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"); + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: return("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"); + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: return("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"); + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: return("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"); + case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: return("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"); + case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: return("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"); + case TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: return("TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: return("TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: return("TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: return("TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_ECDHE_RSA_WITH_NULL_SHA: return("TLS_ECDHE_RSA_WITH_NULL_SHA"); + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: return("TLS_ECDHE_RSA_WITH_RC4_128_SHA"); + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: return("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"); + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: return("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: return("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"); + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: return("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"); + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: return("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"); + case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: return("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"); + case TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: return("TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: return("TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: return("TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: return("TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: return("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_ECDH_ECDSA_WITH_NULL_SHA: return("TLS_ECDH_ECDSA_WITH_NULL_SHA"); + case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: return("TLS_ECDH_ECDSA_WITH_RC4_128_SHA"); + case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: return("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"); + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: return("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: return("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"); + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: return("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"); + case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: return("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"); + case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: return("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"); + case TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: return("TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: return("TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: return("TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: return("TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_ECDHE_ECDSA_WITH_NULL_SHA: return("TLS_ECDHE_ECDSA_WITH_NULL_SHA"); + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: return("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"); + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: return("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: return("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"); + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: return("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: return("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"); + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: return("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"); + case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: return("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"); + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM: return("TLS_ECDHE_ECDSA_WITH_AES_128_CCM"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM: return("TLS_ECDHE_ECDSA_WITH_AES_256_CCM"); + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: return("TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: return("TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"); + case TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: return("TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"); + case TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: return("TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"); + case TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: return("TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"); + case TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: return("TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"); + case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: return("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_ECDH_ANON_WITH_NULL_SHA: return("TLS_ECDH_ANON_WITH_NULL_SHA"); + case TLS_ECDH_ANON_WITH_RC4_128_SHA: return("TLS_ECDH_ANON_WITH_RC4_128_SHA"); + case TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDH_ANON_WITH_AES_128_CBC_SHA: return("TLS_ECDH_ANON_WITH_AES_128_CBC_SHA"); + case TLS_ECDH_ANON_WITH_AES_256_CBC_SHA: return("TLS_ECDH_ANON_WITH_AES_256_CBC_SHA"); + case TLS_PSK_WITH_NULL_SHA: return("TLS_PSK_WITH_NULL_SHA"); + case TLS_PSK_WITH_NULL_SHA256: return("TLS_PSK_WITH_NULL_SHA256"); + case TLS_PSK_WITH_NULL_SHA384: return("TLS_PSK_WITH_NULL_SHA384"); + case TLS_PSK_WITH_RC4_128_SHA: return("TLS_PSK_WITH_RC4_128_SHA"); + case TLS_PSK_WITH_3DES_EDE_CBC_SHA: return("TLS_PSK_WITH_3DES_EDE_CBC_SHA"); + case TLS_PSK_WITH_AES_128_CBC_SHA: return("TLS_PSK_WITH_AES_128_CBC_SHA"); + case TLS_PSK_WITH_AES_256_CBC_SHA: return("TLS_PSK_WITH_AES_256_CBC_SHA"); + case TLS_PSK_WITH_AES_128_CBC_SHA256: return("TLS_PSK_WITH_AES_128_CBC_SHA256"); + case TLS_PSK_WITH_AES_256_CBC_SHA384: return("TLS_PSK_WITH_AES_256_CBC_SHA384"); + case TLS_PSK_WITH_AES_128_GCM_SHA256: return("TLS_PSK_WITH_AES_128_GCM_SHA256"); + case TLS_PSK_WITH_AES_256_GCM_SHA384: return("TLS_PSK_WITH_AES_256_GCM_SHA384"); + case TLS_PSK_WITH_AES_128_CCM: return("TLS_PSK_WITH_AES_128_CCM"); + case TLS_PSK_WITH_AES_256_CCM: return("TLS_PSK_WITH_AES_256_CCM"); + case TLS_PSK_WITH_AES_128_CCM_8: return("TLS_PSK_WITH_AES_128_CCM_8"); + case TLS_PSK_WITH_AES_256_CCM_8: return("TLS_PSK_WITH_AES_256_CCM_8"); + case TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_PSK_WITH_ARIA_128_CBC_SHA256: return("TLS_PSK_WITH_ARIA_128_CBC_SHA256"); + case TLS_PSK_WITH_ARIA_256_CBC_SHA384: return("TLS_PSK_WITH_ARIA_256_CBC_SHA384"); + case TLS_PSK_WITH_ARIA_128_GCM_SHA256: return("TLS_PSK_WITH_ARIA_128_GCM_SHA256"); + case TLS_PSK_WITH_ARIA_256_GCM_SHA384: return("TLS_PSK_WITH_ARIA_256_GCM_SHA384"); + case TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: return("TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_RSA_PSK_WITH_NULL_SHA: return("TLS_RSA_PSK_WITH_NULL_SHA"); + case TLS_RSA_PSK_WITH_NULL_SHA256: return("TLS_RSA_PSK_WITH_NULL_SHA256"); + case TLS_RSA_PSK_WITH_NULL_SHA384: return("TLS_RSA_PSK_WITH_NULL_SHA384"); + case TLS_RSA_PSK_WITH_RC4_128_SHA: return("TLS_RSA_PSK_WITH_RC4_128_SHA"); + case TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: return("TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"); + case TLS_RSA_PSK_WITH_AES_128_CBC_SHA: return("TLS_RSA_PSK_WITH_AES_128_CBC_SHA"); + case TLS_RSA_PSK_WITH_AES_256_CBC_SHA: return("TLS_RSA_PSK_WITH_AES_256_CBC_SHA"); + case TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: return("TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"); + case TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: return("TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"); + case TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: return("TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"); + case TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: return("TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"); + case TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: return("TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"); + case TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: return("TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"); + case TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: return("TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"); + case TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: return("TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"); + case TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: return("TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_DHE_PSK_WITH_NULL_SHA: return("TLS_DHE_PSK_WITH_NULL_SHA"); + case TLS_DHE_PSK_WITH_NULL_SHA256: return("TLS_DHE_PSK_WITH_NULL_SHA256"); + case TLS_DHE_PSK_WITH_NULL_SHA384: return("TLS_DHE_PSK_WITH_NULL_SHA384"); + case TLS_DHE_PSK_WITH_RC4_128_SHA: return("TLS_DHE_PSK_WITH_RC4_128_SHA"); + case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: return("TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"); + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA: return("TLS_DHE_PSK_WITH_AES_128_CBC_SHA"); + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA: return("TLS_DHE_PSK_WITH_AES_256_CBC_SHA"); + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: return("TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"); + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: return("TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"); + case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: return("TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"); + case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: return("TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"); + case TLS_DHE_PSK_WITH_AES_128_CCM: return("TLS_DHE_PSK_WITH_AES_128_CCM"); + case TLS_DHE_PSK_WITH_AES_256_CCM: return("TLS_DHE_PSK_WITH_AES_256_CCM"); + case TLS_DHE_PSK_WITH_AES_128_CCM_8: return("TLS_DHE_PSK_WITH_AES_128_CCM_8"); + case TLS_DHE_PSK_WITH_AES_256_CCM_8: return("TLS_DHE_PSK_WITH_AES_256_CCM_8"); + case TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: return("TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256"); + case TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: return("TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384"); + case TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: return("TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"); + case TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: return("TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"); + case TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: return("TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"); + case TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: return("TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"); + case TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: return("TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_ECDHE_PSK_WITH_NULL_SHA: return("TLS_ECDHE_PSK_WITH_NULL_SHA"); + case TLS_ECDHE_PSK_WITH_NULL_SHA256: return("TLS_ECDHE_PSK_WITH_NULL_SHA256"); + case TLS_ECDHE_PSK_WITH_NULL_SHA384: return("TLS_ECDHE_PSK_WITH_NULL_SHA384"); + case TLS_ECDHE_PSK_WITH_RC4_128_SHA: return("TLS_ECDHE_PSK_WITH_RC4_128_SHA"); + case TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: return("TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"); + case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: return("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"); + case TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: return("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"); + case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: return("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"); + case TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: return("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"); + case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: return("TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256"); + case TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: return("TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384"); + case TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: return("TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256"); + case TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: return("TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256"); + case TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: return("TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"); + case TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: return("TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"); + case TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: return("TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"); + case TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: return("TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"); + case TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: return("TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"); + case TLS_KRB5_EXPORT_WITH_RC4_40_MD5: return("TLS_KRB5_EXPORT_WITH_RC4_40_MD5"); + case TLS_KRB5_EXPORT_WITH_RC4_40_SHA: return("TLS_KRB5_EXPORT_WITH_RC4_40_SHA"); + case TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5: return("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"); + case TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA: return("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"); + case TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5: return("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"); + case TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA: return("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"); + case TLS_KRB5_WITH_RC4_128_MD5: return("TLS_KRB5_WITH_RC4_128_MD5"); + case TLS_KRB5_WITH_RC4_128_SHA: return("TLS_KRB5_WITH_RC4_128_SHA"); + case TLS_KRB5_WITH_IDEA_CBC_MD5: return("TLS_KRB5_WITH_IDEA_CBC_MD5"); + case TLS_KRB5_WITH_IDEA_CBC_SHA: return("TLS_KRB5_WITH_IDEA_CBC_SHA"); + case TLS_KRB5_WITH_DES_CBC_MD5: return("TLS_KRB5_WITH_DES_CBC_MD5"); + case TLS_KRB5_WITH_DES_CBC_SHA: return("TLS_KRB5_WITH_DES_CBC_SHA"); + case TLS_KRB5_WITH_3DES_EDE_CBC_MD5: return("TLS_KRB5_WITH_3DES_EDE_CBC_MD5"); + case TLS_KRB5_WITH_3DES_EDE_CBC_SHA: return("TLS_KRB5_WITH_3DES_EDE_CBC_SHA"); + case TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: return("TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"); + case TLS_SRP_SHA_WITH_AES_128_CBC_SHA: return("TLS_SRP_SHA_WITH_AES_128_CBC_SHA"); + case TLS_SRP_SHA_WITH_AES_256_CBC_SHA: return("TLS_SRP_SHA_WITH_AES_256_CBC_SHA"); + case TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: return("TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"); + case TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: return("TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"); + case TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: return("TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"); + case TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: return("TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"); + case TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: return("TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"); + case TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: return("TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"); + case TLS_ECCPWD_WITH_AES_128_GCM_SHA256: return("TLS_ECCPWD_WITH_AES_128_GCM_SHA256"); + case TLS_ECCPWD_WITH_AES_256_GCM_SHA384: return("TLS_ECCPWD_WITH_AES_256_GCM_SHA384"); + case TLS_ECCPWD_WITH_AES_128_CCM_SHA256: return("TLS_ECCPWD_WITH_AES_128_CCM_SHA256"); + case TLS_ECCPWD_WITH_AES_256_CCM_SHA384: return("TLS_ECCPWD_WITH_AES_256_CCM_SHA384"); + case TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC: return("TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"); + case TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC: return("TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"); + case TLS_GOSTR341112_256_WITH_28147_CNT_IMIT: return("TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"); + case TLS_AES_128_GCM_SHA256: return("TLS_AES_128_GCM_SHA256"); + case TLS_AES_256_GCM_SHA384: return("TLS_AES_256_GCM_SHA384"); + case TLS_AES_128_CCM_SHA256: return("TLS_AES_128_CCM_SHA256"); + case TLS_AES_128_CCM_8_SHA256: return("TLS_AES_128_CCM_8_SHA256"); + case TLS_CHACHA20_POLY1305_SHA256: return("TLS_CHACHA20_POLY1305_SHA256"); + case TLS_SM4_GCM_SM3: return("TLS_SM4_GCM_SM3"); + case TLS_SM4_CCM_SM3: return("TLS_SM4_CCM_SM3"); + case TLS_SHA256_SHA256: return("TLS_SHA256_SHA256"); + case TLS_SHA384_SHA384: return("TLS_SHA384_SHA384"); + case TLS_EMPTY_RENEGOTIATION_INFO_SCSV: return("TLS_EMPTY_RENEGOTIATION_INFO_SCSV"); + case TLS_FALLBACK_SCSV: return("TLS_FALLBACK_SCSV"); + case TLS_CIPHER_GREASE_RESERVED_0: return("TLS_CIPHER_GREASE_RESERVED_0"); + case TLS_CIPHER_GREASE_RESERVED_1: return("TLS_CIPHER_GREASE_RESERVED_1"); + case TLS_CIPHER_GREASE_RESERVED_2: return("TLS_CIPHER_GREASE_RESERVED_2"); + case TLS_CIPHER_GREASE_RESERVED_3: return("TLS_CIPHER_GREASE_RESERVED_3"); + case TLS_CIPHER_GREASE_RESERVED_4: return("TLS_CIPHER_GREASE_RESERVED_4"); + case TLS_CIPHER_GREASE_RESERVED_5: return("TLS_CIPHER_GREASE_RESERVED_5"); + case TLS_CIPHER_GREASE_RESERVED_6: return("TLS_CIPHER_GREASE_RESERVED_6"); + case TLS_CIPHER_GREASE_RESERVED_7: return("TLS_CIPHER_GREASE_RESERVED_7"); + case TLS_CIPHER_GREASE_RESERVED_8: return("TLS_CIPHER_GREASE_RESERVED_8"); + case TLS_CIPHER_GREASE_RESERVED_9: return("TLS_CIPHER_GREASE_RESERVED_9"); + case TLS_CIPHER_GREASE_RESERVED_A: return("TLS_CIPHER_GREASE_RESERVED_A"); + case TLS_CIPHER_GREASE_RESERVED_B: return("TLS_CIPHER_GREASE_RESERVED_B"); + case TLS_CIPHER_GREASE_RESERVED_C: return("TLS_CIPHER_GREASE_RESERVED_C"); + case TLS_CIPHER_GREASE_RESERVED_D: return("TLS_CIPHER_GREASE_RESERVED_D"); + case TLS_CIPHER_GREASE_RESERVED_E: return("TLS_CIPHER_GREASE_RESERVED_E"); + case TLS_CIPHER_GREASE_RESERVED_F: return("TLS_CIPHER_GREASE_RESERVED_F"); default: { diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index cb8180166..7c4427a6f 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -25,6 +25,7 @@ #include "ndpi_api.h" #include "ndpi_md5.h" #include "ndpi_sha1.h" +#include "ndpi_encryption.h" extern char *strptime(const char *s, const char *format, struct tm *tm); extern int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, @@ -1437,14 +1438,18 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, } switch(cipher_id) { - case 0x00c008: /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */ - case 0x00C023: /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */ - case 0x00C024: /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */ - case 0x00c012: /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */ - case 0x00C027: /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */ - case 0x00C028: /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */ - case 0x00003C: /* TLS_RSA_WITH_AES_128_CBC_SHA256 */ - case 0x00003D: /* TLS_RSA_WITH_AES_256_CBC_SHA256 */ + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case TLS_RSA_WITH_AES_128_CBC_SHA: + case TLS_RSA_WITH_AES_128_GCM_SHA256: + case TLS_RSA_WITH_AES_256_CBC_SHA: + case TLS_RSA_WITH_AES_256_GCM_SHA384: safari_ciphers++; break; } @@ -1452,8 +1457,8 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, i += 2; } /* for */ - - if(safari_ciphers >= 6) + + if(safari_ciphers == 12) flow->protos.tls_quic_stun.tls_quic.browser_euristics.is_safari_tls = 1; } else { invalid_ja3 = 1; @@ -1643,7 +1648,7 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, #endif } } else if(extension_id == 13 /* signature algorithms */) { - u_int16_t s_offset = offset+extension_offset; + u_int16_t s_offset = offset+extension_offset, safari_signature_algorithms = 0; u_int16_t tot_signature_algorithms_len = ntohs(*((u_int16_t*)&packet->payload[s_offset])); #ifdef DEBUG_TLS @@ -1660,25 +1665,39 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, &packet->payload[s_offset], 2 /* 16 bit */*flow->protos.tls_quic_stun.tls_quic.num_tls_signature_algorithms); #endif - for(i=0; i<tot_signature_algorithms_len; i++) { int rc = snprintf(&ja3.client.signature_algorithms[i*2], sizeof(ja3.client.signature_algorithms)-i*2, "%02X", packet->payload[s_offset+i]); if(rc < 0) break; } - + for(i=0; i<tot_signature_algorithms_len; i+=2) { u_int16_t cipher_id = (u_int16_t)ntohs(*((u_int16_t*)&packet->payload[s_offset+i])); // printf("=>> %04X\n", cipher_id); - if(cipher_id == 0x0603 /* ECDSA_SECP521R1_SHA512 */) { + switch(cipher_id) { + case ECDSA_SECP521R1_SHA512: flow->protos.tls_quic_stun.tls_quic.browser_euristics.is_firefox_tls = 1; break; + + case ECDSA_SECP256R1_SHA256: + case ECDSA_SECP384R1_SHA384: + case RSA_PKCS1_SHA256: + case RSA_PKCS1_SHA384: + case RSA_PKCS1_SHA512: + case RSA_PSS_RSAE_SHA256: + case RSA_PSS_RSAE_SHA384: + case RSA_PSS_RSAE_SHA512: + safari_signature_algorithms++; + break; } } - + if((safari_signature_algorithms != 8) + || flow->protos.tls_quic_stun.tls_quic.browser_euristics.is_firefox_tls) + flow->protos.tls_quic_stun.tls_quic.browser_euristics.is_safari_tls = 0; + ja3.client.signature_algorithms[i*2] = '\0'; #ifdef DEBUG_TLS |