CipherSuite.h
1 /* 2 * Copyright (c) 1999-2002,2005-2007,2010-2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 /* 25 * CipherSuite.h - SSL Cipher Suite definitions. 26 */ 27 28 #ifndef _SECURITY_CIPHERSUITE_H_ 29 #define _SECURITY_CIPHERSUITE_H_ 30 31 #include <TargetConditionals.h> 32 #include <stdint.h> 33 #include <CoreFoundation/CFBase.h> /* CF_ENUM */ 34 35 /* 36 * Defined as enum for debugging, but in the protocol 37 * it is actually exactly two bytes 38 */ 39 #if ((TARGET_OS_IPHONE && !TARGET_OS_MACCATALYST) || (TARGET_OS_OSX && TARGET_CPU_ARM64)) 40 /* 16-bit value on iOS */ 41 typedef uint16_t SSLCipherSuite; 42 #else 43 /* 32-bit value elsewhere */ 44 typedef uint32_t SSLCipherSuite; 45 #endif 46 47 CF_ENUM(SSLCipherSuite) 48 { SSL_NULL_WITH_NULL_NULL = 0x0000, 49 SSL_RSA_WITH_NULL_MD5 = 0x0001, 50 SSL_RSA_WITH_NULL_SHA = 0x0002, 51 SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003, 52 SSL_RSA_WITH_RC4_128_MD5 = 0x0004, 53 SSL_RSA_WITH_RC4_128_SHA = 0x0005, 54 SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006, 55 SSL_RSA_WITH_IDEA_CBC_SHA = 0x0007, 56 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008, 57 SSL_RSA_WITH_DES_CBC_SHA = 0x0009, 58 SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, 59 SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B, 60 SSL_DH_DSS_WITH_DES_CBC_SHA = 0x000C, 61 SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D, 62 SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E, 63 SSL_DH_RSA_WITH_DES_CBC_SHA = 0x000F, 64 SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010, 65 SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011, 66 SSL_DHE_DSS_WITH_DES_CBC_SHA = 0x0012, 67 SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, 68 SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014, 69 SSL_DHE_RSA_WITH_DES_CBC_SHA = 0x0015, 70 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, 71 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017, 72 SSL_DH_anon_WITH_RC4_128_MD5 = 0x0018, 73 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019, 74 SSL_DH_anon_WITH_DES_CBC_SHA = 0x001A, 75 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, 76 SSL_FORTEZZA_DMS_WITH_NULL_SHA = 0x001C, 77 SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = 0x001D, 78 79 /* TLS addenda using AES, per RFC 3268 */ 80 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, 81 TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030, 82 TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031, 83 TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, 84 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, 85 TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034, 86 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, 87 TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036, 88 TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037, 89 TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, 90 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, 91 TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A, 92 93 /* ECDSA addenda, RFC 4492 */ 94 TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001, 95 TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002, 96 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003, 97 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004, 98 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005, 99 TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006, 100 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, 101 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, 102 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, 103 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, 104 TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B, 105 TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C, 106 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D, 107 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E, 108 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F, 109 TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010, 110 TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, 111 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, 112 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, 113 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, 114 TLS_ECDH_anon_WITH_NULL_SHA = 0xC015, 115 TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016, 116 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017, 117 TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018, 118 TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019, 119 120 /* ECDHE_PSK Cipher Suites for Transport Layer Security (TLS), RFC 5489 */ 121 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035, 122 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036, 123 124 /* ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS), RFC 7905 */ 125 TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB, 126 127 /* TLS 1.2 addenda, RFC 5246 */ 128 129 /* Initial state. */ 130 TLS_NULL_WITH_NULL_NULL = 0x0000, 131 132 /* Server provided RSA certificate for key exchange. */ 133 TLS_RSA_WITH_NULL_MD5 = 0x0001, 134 TLS_RSA_WITH_NULL_SHA = 0x0002, 135 TLS_RSA_WITH_RC4_128_MD5 = 0x0004, 136 TLS_RSA_WITH_RC4_128_SHA = 0x0005, 137 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, 138 TLS_RSA_WITH_NULL_SHA256 = 0x003B, 139 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, 140 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, 141 142 /* Server-authenticated (and optionally client-authenticated) Diffie-Hellman. */ 143 TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D, 144 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010, 145 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, 146 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, 147 TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E, 148 TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F, 149 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, 150 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, 151 TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068, 152 TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069, 153 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, 154 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, 155 156 /* Completely anonymous Diffie-Hellman */ 157 TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018, 158 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, 159 TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C, 160 TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D, 161 162 /* Addendum from RFC 4279, TLS PSK */ 163 TLS_PSK_WITH_RC4_128_SHA = 0x008A, 164 TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, 165 TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, 166 TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, 167 TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E, 168 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F, 169 TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, 170 TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, 171 TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092, 172 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093, 173 TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094, 174 TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095, 175 176 /* RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption */ 177 TLS_PSK_WITH_NULL_SHA = 0x002C, 178 TLS_DHE_PSK_WITH_NULL_SHA = 0x002D, 179 TLS_RSA_PSK_WITH_NULL_SHA = 0x002E, 180 181 /* Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites for TLS. */ 182 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C, 183 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D, 184 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E, 185 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F, 186 TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0, 187 TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1, 188 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2, 189 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3, 190 TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4, 191 TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5, 192 TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6, 193 TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7, 194 195 /* RFC 5487 - PSK with SHA-256/384 and AES GCM */ 196 TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8, 197 TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9, 198 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA, 199 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB, 200 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC, 201 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD, 202 203 TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE, 204 TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF, 205 TLS_PSK_WITH_NULL_SHA256 = 0x00B0, 206 TLS_PSK_WITH_NULL_SHA384 = 0x00B1, 207 208 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2, 209 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3, 210 TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4, 211 TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5, 212 213 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6, 214 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7, 215 TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8, 216 TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9, 217 218 /* TLS 1.3 standard cipher suites for ChaCha20+Poly1305. 219 Note: TLS 1.3 ciphersuites do not specify the key exchange 220 algorithm -- they only specify the symmetric ciphers. */ 221 TLS_AES_128_GCM_SHA256 = 0x1301, 222 TLS_AES_256_GCM_SHA384 = 0x1302, 223 TLS_CHACHA20_POLY1305_SHA256 = 0x1303, 224 TLS_AES_128_CCM_SHA256 = 0x1304, 225 TLS_AES_128_CCM_8_SHA256 = 0x1305, 226 227 /* Addenda from rfc 5289 Elliptic Curve Cipher Suites with 228 HMAC SHA-256/384. */ 229 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, 230 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, 231 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025, 232 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026, 233 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, 234 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, 235 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029, 236 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A, 237 238 /* Addenda from rfc 5289 Elliptic Curve Cipher Suites with 239 SHA-256/384 and AES Galois Counter Mode (GCM) */ 240 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B, 241 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C, 242 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D, 243 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E, 244 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F, 245 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030, 246 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031, 247 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032, 248 249 /* Addenda from rfc 7905 ChaCha20-Poly1305 Cipher Suites for 250 Transport Layer Security (TLS). */ 251 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8, 252 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9, 253 254 /* RFC 5746 - Secure Renegotiation */ 255 TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF, 256 257 /* Tags for SSL 2 cipher kinds which are not specified 258 * for SSL 3. */ 259 SSL_RSA_WITH_RC2_CBC_MD5 = 0xFF80, 260 SSL_RSA_WITH_IDEA_CBC_MD5 = 0xFF81, 261 SSL_RSA_WITH_DES_CBC_MD5 = 0xFF82, 262 SSL_RSA_WITH_3DES_EDE_CBC_MD5 = 0xFF83, 263 SSL_NO_SUCH_CIPHERSUITE = 0xFFFF 264 }; 265 266 /* 267 * Convenience ciphersuite groups that collate ciphersuites of comparable security 268 * properties into a single alias. 269 */ 270 typedef CF_ENUM(int, SSLCiphersuiteGroup) { 271 kSSLCiphersuiteGroupDefault, 272 kSSLCiphersuiteGroupCompatibility, 273 kSSLCiphersuiteGroupLegacy, 274 kSSLCiphersuiteGroupATS, 275 kSSLCiphersuiteGroupATSCompatibility, 276 }; 277 278 #endif /* !_SECURITY_CIPHERSUITE_H_ */