mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 09:40:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Removed redundant mode checks

Browse Source 
As anything below (D)TLS 1.2 is no longer supported, checks for the
minor version will always be true, and have therefore been removed

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
This commit is contained in:
Joe Subbiani 2021-08-10 10:41:13 +01:00 committed by Manuel Pégourié-Gonnard
parent 6c242a01f7
commit 9f84761c66
1 changed files with 191 additions and 251 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

442
tests/compat.sh
View File

@ -245,24 +245,17 @@ add_common_ciphersuites()
case $TYPE in case $TYPE in
"ECDSA") "ECDSA")
if [ `minor_ver "$MODE"` -gt 0 ] CIPHERS="$CIPHERS \
then TLS-ECDHE-ECDSA-WITH-NULL-SHA \
CIPHERS="$CIPHERS \ TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-NULL-SHA \ TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \ TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
" TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
fi TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
if [ `minor_ver "$MODE"` -ge 3 ] TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
then "
CIPHERS="$CIPHERS \
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
"
fi
;; ;;
"RSA") "RSA")
@ -279,34 +272,27 @@ add_common_ciphersuites()
TLS-RSA-WITH-3DES-EDE-CBC-SHA \ TLS-RSA-WITH-3DES-EDE-CBC-SHA \
TLS-RSA-WITH-NULL-MD5 \ TLS-RSA-WITH-NULL-MD5 \
TLS-RSA-WITH-NULL-SHA \ TLS-RSA-WITH-NULL-SHA \
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
TLS-ECDHE-RSA-WITH-NULL-SHA \
TLS-RSA-WITH-AES-128-CBC-SHA256 \
TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
TLS-RSA-WITH-AES-256-CBC-SHA256 \
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
TLS-RSA-WITH-AES-128-GCM-SHA256 \
TLS-RSA-WITH-AES-256-GCM-SHA384 \
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
TLS-RSA-WITH-NULL-SHA256 \
" "
if [ `minor_ver "$MODE"` -gt 0 ]
then
CIPHERS="$CIPHERS \
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
TLS-ECDHE-RSA-WITH-NULL-SHA \
"
fi
if [ `minor_ver "$MODE"` -ge 3 ]
then
CIPHERS="$CIPHERS \
TLS-RSA-WITH-AES-128-CBC-SHA256 \
TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
TLS-RSA-WITH-AES-256-CBC-SHA256 \
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
TLS-RSA-WITH-AES-128-GCM-SHA256 \
TLS-RSA-WITH-AES-256-GCM-SHA384 \
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
TLS-RSA-WITH-NULL-SHA256 \
"
fi
;; ;;
"PSK") "PSK")
@ -347,62 +333,48 @@ add_openssl_ciphersuites()
case $TYPE in case $TYPE in
"ECDSA") "ECDSA")
if [ `minor_ver "$MODE"` -gt 0 ] CIPHERS="$CIPHERS \
then TLS-ECDH-ECDSA-WITH-NULL-SHA \
CIPHERS="$CIPHERS \ TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
TLS-ECDH-ECDSA-WITH-NULL-SHA \ TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \ TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
" TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
fi TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
if [ `minor_ver "$MODE"` -ge 3 ] TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
then TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
CIPHERS="$CIPHERS \ TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ "
TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
"
fi
;; ;;
"RSA") "RSA")
CIPHERS="$CIPHERS \ CIPHERS="$CIPHERS \
TLS-RSA-WITH-DES-CBC-SHA \ TLS-RSA-WITH-DES-CBC-SHA \
TLS-DHE-RSA-WITH-DES-CBC-SHA \ TLS-DHE-RSA-WITH-DES-CBC-SHA \
TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
" "
if [ `minor_ver "$MODE"` -ge 3 ]
then
CIPHERS="$CIPHERS \
TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-RSA-WITH-ARIA-256-GCM-SHA384 \
TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
"
fi
;; ;;
"PSK") "PSK")
if [ `minor_ver "$MODE"` -ge 3 ] CIPHERS="$CIPHERS \
then TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \
CIPHERS="$CIPHERS \ TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ TLS-PSK-WITH-ARIA-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ TLS-PSK-WITH-ARIA-128-GCM-SHA256 \
TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \
TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \ TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ "
TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
"
fi
;; ;;
esac esac
@ -424,115 +396,101 @@ add_gnutls_ciphersuites()
case $TYPE in case $TYPE in
"ECDSA") "ECDSA")
if [ `minor_ver "$MODE"` -ge 3 ] CIPHERS="$CIPHERS \
then TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
CIPHERS="$CIPHERS \ TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ TLS-ECDHE-ECDSA-WITH-AES-128-CCM \
TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ "
TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
"
fi
;; ;;
"RSA") "RSA")
if [ `minor_ver "$MODE"` -ge 3 ] CIPHERS="$CIPHERS \
then TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
CIPHERS="$CIPHERS \ TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ TLS-RSA-WITH-AES-128-CCM \
TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ TLS-RSA-WITH-AES-256-CCM \
TLS-RSA-WITH-AES-128-CCM \ TLS-DHE-RSA-WITH-AES-128-CCM \
TLS-RSA-WITH-AES-256-CCM \ TLS-DHE-RSA-WITH-AES-256-CCM \
TLS-DHE-RSA-WITH-AES-128-CCM \ TLS-RSA-WITH-AES-128-CCM-8 \
TLS-DHE-RSA-WITH-AES-256-CCM \ TLS-RSA-WITH-AES-256-CCM-8 \
TLS-RSA-WITH-AES-128-CCM-8 \ TLS-DHE-RSA-WITH-AES-128-CCM-8 \
TLS-RSA-WITH-AES-256-CCM-8 \ TLS-DHE-RSA-WITH-AES-256-CCM-8 \
TLS-DHE-RSA-WITH-AES-128-CCM-8 \ "
TLS-DHE-RSA-WITH-AES-256-CCM-8 \
"
fi
;; ;;
"PSK") "PSK")
CIPHERS="$CIPHERS \ CIPHERS="$CIPHERS \
TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-ECDHE-PSK-WITH-NULL-SHA384 \
TLS-ECDHE-PSK-WITH-NULL-SHA256 \
TLS-PSK-WITH-AES-128-CBC-SHA256 \
TLS-PSK-WITH-AES-256-CBC-SHA384 \
TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
TLS-PSK-WITH-NULL-SHA256 \
TLS-PSK-WITH-NULL-SHA384 \
TLS-DHE-PSK-WITH-NULL-SHA256 \
TLS-DHE-PSK-WITH-NULL-SHA384 \
TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-NULL-SHA256 \
TLS-RSA-PSK-WITH-NULL-SHA384 \
TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-PSK-WITH-AES-128-GCM-SHA256 \
TLS-PSK-WITH-AES-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
TLS-PSK-WITH-AES-128-CCM \
TLS-PSK-WITH-AES-256-CCM \
TLS-DHE-PSK-WITH-AES-128-CCM \
TLS-DHE-PSK-WITH-AES-256-CCM \
TLS-PSK-WITH-AES-128-CCM-8 \
TLS-PSK-WITH-AES-256-CCM-8 \
TLS-DHE-PSK-WITH-AES-128-CCM-8 \
TLS-DHE-PSK-WITH-AES-256-CCM-8 \
TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
" "
if [ `minor_ver "$MODE"` -gt 0 ]
then
CIPHERS="$CIPHERS \
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
"
fi
if [ `minor_ver "$MODE"` -ge 3 ]
then
CIPHERS="$CIPHERS \
TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-ECDHE-PSK-WITH-NULL-SHA384 \
TLS-ECDHE-PSK-WITH-NULL-SHA256 \
TLS-PSK-WITH-AES-128-CBC-SHA256 \
TLS-PSK-WITH-AES-256-CBC-SHA384 \
TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
TLS-PSK-WITH-NULL-SHA256 \
TLS-PSK-WITH-NULL-SHA384 \
TLS-DHE-PSK-WITH-NULL-SHA256 \
TLS-DHE-PSK-WITH-NULL-SHA384 \
TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-NULL-SHA256 \
TLS-RSA-PSK-WITH-NULL-SHA384 \
TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-PSK-WITH-AES-128-GCM-SHA256 \
TLS-PSK-WITH-AES-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
TLS-PSK-WITH-AES-128-CCM \
TLS-PSK-WITH-AES-256-CCM \
TLS-DHE-PSK-WITH-AES-128-CCM \
TLS-DHE-PSK-WITH-AES-256-CCM \
TLS-PSK-WITH-AES-128-CCM-8 \
TLS-PSK-WITH-AES-256-CCM-8 \
TLS-DHE-PSK-WITH-AES-128-CCM-8 \
TLS-DHE-PSK-WITH-AES-256-CCM-8 \
TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
"
fi
;; ;;
esac esac
@ -551,71 +509,53 @@ add_mbedtls_ciphersuites()
case $TYPE in case $TYPE in
"ECDSA") "ECDSA")
if [ `minor_ver "$MODE"` -gt 0 ] M_CIPHERS="$M_CIPHERS \
then TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
M_CIPHERS="$M_CIPHERS \ TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
" TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
fi TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \
if [ `minor_ver "$MODE"` -ge 3 ] TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
then TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
M_CIPHERS="$M_CIPHERS \ TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \
TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \ "
TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \
"
fi
;; ;;
"RSA") "RSA")
if [ `minor_ver "$MODE"` -ge 3 ] M_CIPHERS="$M_CIPHERS \
then TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \
M_CIPHERS="$M_CIPHERS \ TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \ TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \
TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \ TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \
TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \ TLS-RSA-WITH-ARIA-256-CBC-SHA384 \
TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \ TLS-RSA-WITH-ARIA-128-CBC-SHA256 \
TLS-RSA-WITH-ARIA-256-CBC-SHA384 \ "
TLS-RSA-WITH-ARIA-128-CBC-SHA256 \
"
fi
;; ;;
"PSK") "PSK")
# *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15
M_CIPHERS="$M_CIPHERS \ M_CIPHERS="$M_CIPHERS \
TLS-PSK-WITH-NULL-SHA \ TLS-PSK-WITH-NULL-SHA \
TLS-DHE-PSK-WITH-NULL-SHA \ TLS-DHE-PSK-WITH-NULL-SHA \
TLS-ECDHE-PSK-WITH-NULL-SHA \
TLS-RSA-PSK-WITH-NULL-SHA \
TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \
" "
if [ `minor_ver "$MODE"` -gt 0 ]
then
M_CIPHERS="$M_CIPHERS \
TLS-ECDHE-PSK-WITH-NULL-SHA \
TLS-RSA-PSK-WITH-NULL-SHA \
"
fi
if [ `minor_ver "$MODE"` -ge 3 ]
then
M_CIPHERS="$M_CIPHERS \
TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \
TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \
TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \
"
fi
;; ;;
esac esac
} }