1 /* Transport Security Layer (TLS)
\r
2 * Copyright (c) 2003 Carlos Guzmán Álvarez
\r
4 * Permission is hereby granted, free of charge, to any person
\r
5 * obtaining a copy of this software and associated documentation
\r
6 * files (the "Software"), to deal in the Software without restriction,
\r
7 * including without limitation the rights to use, copy, modify, merge,
\r
8 * publish, distribute, sublicense, and/or sell copies of the Software,
\r
9 * and to permit persons to whom the Software is furnished to do so,
\r
10 * subject to the following conditions:
\r
12 * The above copyright notice and this permission notice shall be included
\r
13 * in all copies or substantial portions of the Software.
\r
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
\r
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
\r
17 * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
\r
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
\r
19 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
\r
20 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
\r
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
\r
22 * DEALINGS IN THE SOFTWARE.
\r
27 namespace Mono.Security.Protocol.Tls
\r
29 internal class TlsCipherSuiteFactory
\r
31 public static TlsCipherSuiteCollection GetSupportedCiphers(TlsProtocol protocol)
\r
35 case TlsProtocol.Tls1:
\r
36 return TlsCipherSuiteFactory.GetTls1SupportedCiphers();
\r
38 case TlsProtocol.Ssl3:
\r
39 return TlsCipherSuiteFactory.GetSsl3SupportedCiphers();
\r
42 throw new NotSupportedException();
\r
46 #region PRIVATE_STATIC_METHODS
\r
48 private static TlsCipherSuiteCollection GetTls1SupportedCiphers()
\r
50 TlsCipherSuiteCollection scs = new TlsCipherSuiteCollection(TlsProtocol.Tls1);
\r
52 // Supported ciphers
\r
53 // scs.Add((0x00 << 0x08) | 0x06, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "RC2", "MD5", true, true, 5, 16, 40, 8, 8);
\r
54 scs.Add((0x00 << 0x08) | 0x35, "TLS_RSA_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
55 scs.Add((0x00 << 0x08) | 0x2F, "TLS_RSA_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 16, 16);
\r
56 scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
57 scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
58 scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", "RC4", "SHA1", false, false, 16, 16, 128, 0, 0);
\r
59 scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
61 // Default CipherSuite
\r
62 // scs.Add(0, "TLS_NULL_WITH_NULL_NULL", "", "", true, false, 0, 0, 0, 0, 0);
\r
64 // RSA Cipher Suites
\r
65 // scs.Add((0x00 << 0x08) | 0x01, "TLS_RSA_WITH_NULL_MD5", "", "MD5", true, false, 0, 0, 0, 0, 0);
\r
66 // scs.Add((0x00 << 0x08) | 0x02, "TLS_RSA_WITH_NULL_SHA", "", "SHA1", true, false, 0, 0, 0, 0, 0);
\r
67 // scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", "RC4", "MD5", true, false, 5, 16, 40, 0, 0);
\r
68 // scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", "RC4", "SHA1", false, false, 16, 16, 128, 0, 0);
\r
69 // scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
70 // scs.Add((0x00 << 0x08) | 0x06, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "RC2", "MD5", true, true, 5, 16, 40, 8, 8);
\r
71 // scs.Add((0x00 << 0x08) | 0x07, "TLS_RSA_WITH_IDEA_CBC_SHA", "IDEA", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
72 // scs.Add((0x00 << 0x08) | 0x08, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
73 // scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
74 // scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
76 // Diffie-Hellman Cipher Suites
\r
77 // scs.Add((0x00 << 0x08) | 0x0B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
78 // scs.Add((0x00 << 0x08) | 0x0C, "TLS_DH_DSS_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
79 // scs.Add((0x00 << 0x08) | 0x0D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
80 // scs.Add((0x00 << 0x08) | 0x0E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
81 // scs.Add((0x00 << 0x08) | 0x0F, "TLS_DH_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
82 // scs.Add((0x00 << 0x08) | 0x10, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
83 // scs.Add((0x00 << 0x08) | 0x11, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
84 // scs.Add((0x00 << 0x08) | 0x12, "TLS_DHE_DSS_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
85 // scs.Add((0x00 << 0x08) | 0x13, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
86 // scs.Add((0x00 << 0x08) | 0x14, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
87 // scs.Add((0x00 << 0x08) | 0x15, "TLS_DHE_RSA_WITH_DES_CBC_SHA", "SHA1", "DES", false, true, 8, 8, 56, 8, 8);
\r
88 // scs.Add((0x00 << 0x08) | 0x16, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
90 // Anonymous Diffie-Hellman Cipher Suites
\r
91 // scs.Add((0x00 << 0x08) | 0x17, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", "RC4", "MD5", true, false, 5, 16, 40, 0, 0);
\r
92 // scs.Add((0x00 << 0x08) | 0x18, "TLS_DH_anon_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
93 // scs.Add((0x00 << 0x08) | 0x19, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", false, true, 5, 8, 40, 8, 8);
\r
94 // scs.Add((0x00 << 0x08) | 0x1A, "TLS_DH_anon_WITH_DES_CBC_SHA", "DES4", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
95 // scs.Add((0x00 << 0x08) | 0x1B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
99 // Ref: RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt)
\r
101 // scs.Add((0x00 << 0x08) | 0x2F, "TLS_RSA_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 16, 16);
\r
102 // scs.Add((0x00 << 0x08) | 0x30, "TLS_DH_DSS_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
103 // scs.Add((0x00 << 0x08) | 0x31, "TLS_DH_RSA_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
104 // scs.Add((0x00 << 0x08) | 0x32, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
105 // scs.Add((0x00 << 0x08) | 0x33, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
106 // scs.Add((0x00 << 0x08) | 0x34, "TLS_DH_anon_WITH_AES_128_CBC_SHA", "Rijndael", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
108 // scs.Add((0x00 << 0x08) | 0x35, "TLS_RSA_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
109 // scs.Add((0x00 << 0x08) | 0x36, "TLS_DH_DSS_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
110 // scs.Add((0x00 << 0x08) | 0x37, "TLS_DH_RSA_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
111 // scs.Add((0x00 << 0x08) | 0x38, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
112 // scs.Add((0x00 << 0x08) | 0x39, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
113 // scs.Add((0x00 << 0x08) | 0x3A, "TLS_DH_anon_WITH_AES_256_CBC_SHA", "Rijndael", "SHA1", false, true, 32, 32, 256, 16, 16);
\r
118 private static TlsCipherSuiteCollection GetSsl3SupportedCiphers()
\r
120 TlsCipherSuiteCollection scs = new TlsCipherSuiteCollection(TlsProtocol.Ssl3);
\r
122 // Supported ciphers
\r
123 scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
124 scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
125 scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", "RC4", "SHA1", false, false, 16, 16, 128, 0, 0);
\r
126 scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
128 // Default CipherSuite
\r
129 // scs.Add(0, "SSL_NULL_WITH_NULL_NULL", "", "", true, false, 0, 0, 0, 0, 0);
\r
131 // RSA Cipher Suites
\r
132 // scs.Add((0x00 << 0x08) | 0x01, "SSL_RSA_WITH_NULL_MD5", "", "MD5", true, false, 0, 0, 0, 0, 0);
\r
133 // scs.Add((0x00 << 0x08) | 0x02, "SSL_RSA_WITH_NULL_SHA", "", "SHA1", true, false, 0, 0, 0, 0, 0);
\r
134 // scs.Add((0x00 << 0x08) | 0x03, "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "RC4", "MD5", true, false, 5, 16, 40, 0, 0);
\r
135 // scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", "RC4", "SHA1", false, false, 16, 16, 128, 0, 0);
\r
136 // scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
137 // scs.Add((0x00 << 0x08) | 0x06, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "RC2", "MD5", true, true, 5, 16, 40, 8, 8);
\r
138 // scs.Add((0x00 << 0x08) | 0x07, "SSL_RSA_WITH_IDEA_CBC_SHA", "IDEA", "SHA1", false, true, 16, 16, 128, 8, 8);
\r
139 // scs.Add((0x00 << 0x08) | 0x08, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
140 // scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
141 // scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
143 // Diffie-Hellman Cipher Suites
\r
144 // scs.Add((0x00 << 0x08) | 0x0B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
145 // scs.Add((0x00 << 0x08) | 0x0C, "SSL_DH_DSS_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
146 // scs.Add((0x00 << 0x08) | 0x0D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
147 // scs.Add((0x00 << 0x08) | 0x0E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
148 // scs.Add((0x00 << 0x08) | 0x0F, "SSL_DH_RSA_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
149 // scs.Add((0x00 << 0x08) | 0x10, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
150 // scs.Add((0x00 << 0x08) | 0x11, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
151 // scs.Add((0x00 << 0x08) | 0x12, "SSL_DHE_DSS_WITH_DES_CBC_SHA", "DES", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
152 // scs.Add((0x00 << 0x08) | 0x13, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
153 // scs.Add((0x00 << 0x08) | 0x14, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", true, true, 5, 8, 40, 8, 8);
\r
154 // scs.Add((0x00 << 0x08) | 0x15, "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SHA1", "DES", false, true, 8, 8, 56, 8, 8);
\r
155 // scs.Add((0x00 << 0x08) | 0x16, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
157 // Anonymous Diffie-Hellman Cipher Suites
\r
158 // scs.Add((0x00 << 0x08) | 0x17, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "RC4", "MD5", true, false, 5, 16, 40, 0, 0);
\r
159 // scs.Add((0x00 << 0x08) | 0x18, "SSL_DH_anon_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
\r
160 // scs.Add((0x00 << 0x08) | 0x19, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA1", false, true, 5, 8, 40, 8, 8);
\r
161 // scs.Add((0x00 << 0x08) | 0x1A, "SSL_DH_anon_WITH_DES_CBC_SHA", "DES4", "SHA1", false, true, 8, 8, 56, 8, 8);
\r
162 // scs.Add((0x00 << 0x08) | 0x1B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA1", false, true, 24, 24, 168, 8, 8);
\r
projects / mono.git / blob