diff --git a/apps/enc.c b/apps/enc.c index 95aae9afb..e53cf3b41 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -442,6 +442,9 @@ bad: if (cipher != NULL) { + /* Note that str is NULL if a key was passed on the command + * line, so we get no salt in that case. Is this a bug? + */ if (str != NULL) { /* Salt handling: if encrypting generate a salt and diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index bb78c6816..02b3579b8 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -150,7 +150,10 @@ void OpenSSL_add_all_ciphers(void) #ifndef NO_RIJNDAEL for(i=0 ; i < 3 ; ++i) for(j=0 ; j < 3 ; ++j) + { EVP_add_cipher(EVP_rijndael_ecb(i,j)); + EVP_add_cipher(EVP_rijndael_cbc(i,j)); + } #endif PKCS12_PBE_add(); PKCS5_PBE_add(); diff --git a/crypto/evp/e_rd.c b/crypto/evp/e_rd.c index 78122edc7..c2888aa05 100644 --- a/crypto/evp/e_rd.c +++ b/crypto/evp/e_rd.c @@ -56,15 +56,22 @@ static EVP_CIPHER rd_cipher[3][3]; static int anSizes[]={16,24,32}; -static int anNIDs[3][3]= +static int anECBNIDs[3][3]= { { NID_rijndael_ecb_k128_b128,NID_rijndael_ecb_k192_b128,NID_rijndael_ecb_k256_b128 }, { NID_rijndael_ecb_k128_b192,NID_rijndael_ecb_k192_b192,NID_rijndael_ecb_k256_b192 }, { NID_rijndael_ecb_k128_b256,NID_rijndael_ecb_k192_b256,NID_rijndael_ecb_k256_b256 } }; -static int rd_init_ecb(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int anCBCNIDs[3][3]= + { + { NID_rd128_cbc_b128,NID_rd192_cbc_b128,NID_rd256_cbc_b128 }, + { NID_rd128_cbc_b192,NID_rd192_cbc_b192,NID_rd256_cbc_b192 }, + { NID_rd128_cbc_b256,NID_rd192_cbc_b256,NID_rd256_cbc_b256 } + }; + +static int rd_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) { RIJNDAEL_KEY *k=&ctx->c.rijndael; @@ -98,6 +105,39 @@ static int rd_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out, return 1; } +static int rd_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl) + { + int n; + unsigned char tmp[16]; + + while(inl > 0) + { + if(ctx->c.rijndael.enc) + { + for(n=0 ; n < 16 ; ++n) + tmp[n]=in[n]^ctx->c.rijndael.iv[n]; + rijndaelEncrypt(tmp,out,ctx->c.rijndael.keySched, + ctx->c.rijndael.rounds); + memcpy(ctx->c.rijndael.iv,out,16); + } + else + { + rijndaelDecrypt(in,out,ctx->c.rijndael.keySched, + ctx->c.rijndael.rounds); + for(n=0 ; n < 16 ; ++n) + out[n]^=ctx->c.rijndael.iv[n]; + memcpy(ctx->c.rijndael.iv,in,16); + } + inl-=16; + in+=16; + out+=16; + } + assert(inl == 0); + + return 1; + } + EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength) { EVP_CIPHER *c; @@ -117,15 +157,47 @@ EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength) memset(c,'\0',sizeof *c); - c->nid=anNIDs[nBlockLength][nKeyLength]; + c->nid=anECBNIDs[nBlockLength][nKeyLength]; c->block_size=anSizes[nBlockLength]; c->key_len=anSizes[nKeyLength]; c->iv_len=16; c->flags=EVP_CIPH_ECB_MODE; - c->init=rd_init_ecb; + c->init=rd_init; c->do_cipher=rd_cipher_ecb; c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)); return c; } + +EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength) + { + EVP_CIPHER *c; + + if(nBlockLength < 0 || nBlockLength > 2) + { + EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_BLOCK_LENGTH); + return NULL; + } + if(nKeyLength < 0 || nKeyLength > 2) + { + EVPerr(EVP_F_EVP_RIJNDAEL,EVP_R_BAD_KEY_LENGTH); + return NULL; + } + + c=&rd_cipher[nKeyLength][nBlockLength]; + + memset(c,'\0',sizeof *c); + + c->nid=anCBCNIDs[nBlockLength][nKeyLength]; + c->block_size=anSizes[nBlockLength]; + c->key_len=anSizes[nKeyLength]; + c->iv_len=16; + c->flags=EVP_CIPH_CBC_MODE; + c->init=rd_init; + c->do_cipher=rd_cipher_cbc; + c->ctx_size=sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.rijndael)); + + return c; + } diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 60578f9d5..e8b4de48d 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -707,6 +707,7 @@ EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); #endif #ifndef NO_RIJNDAEL EVP_CIPHER *EVP_rijndael_ecb(int nBlockLength,int nKeyLength); +EVP_CIPHER *EVP_rijndael_cbc(int nBlockLength,int nKeyLength); #endif void OpenSSL_add_all_algorithms(void); diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index b10da2d9b..5c5b5aaf1 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,9 +61,9 @@ * perl obj_dat.pl objects.h obj_dat.h */ -#define NUM_NID 405 -#define NUM_SN 401 -#define NUM_LN 401 +#define NUM_NID 417 +#define NUM_SN 410 +#define NUM_LN 410 #define NUM_OBJ 366 static unsigned char lvalues[2896]={ @@ -1066,6 +1066,18 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ NID_rijndael_ecb_k192_b256,0,NULL}, {"RIJNDAEL-ECB-K256-B256","rijndael-ecb-k256-b256", NID_rijndael_ecb_k256_b256,0,NULL}, +{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL}, +{NULL,NULL,NID_undef,0,NULL}, +{"RD128-CBC-B128","rd128-cbc-b128",NID_rd128_cbc_b128,0,NULL}, +{"RD192-CBC-B128","rd192-cbc-b128",NID_rd192_cbc_b128,0,NULL}, +{"RD256-CBC-B128","rd256-cbc-b128",NID_rd256_cbc_b128,0,NULL}, +{"RD128-CBC-B192","rd128-cbc-b192",NID_rd128_cbc_b192,0,NULL}, +{"RD192-CBC-B192","rd192-cbc-b192",NID_rd192_cbc_b192,0,NULL}, +{"RD256-CBC-B192","rd256-cbc-b192",NID_rd256_cbc_b192,0,NULL}, +{"RD128-CBC-B256","rd128-cbc-b256",NID_rd128_cbc_b256,0,NULL}, +{"RD192-CBC-B256","rd192-cbc-b256",NID_rd192_cbc_b256,0,NULL}, +{"RD256-CBC-B256","rd256-cbc-b256",NID_rd256_cbc_b256,0,NULL}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -1155,6 +1167,15 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[122]),/* "RC5-CFB" */ &(nid_objs[121]),/* "RC5-ECB" */ &(nid_objs[123]),/* "RC5-OFB" */ +&(nid_objs[408]),/* "RD128-CBC-B128" */ +&(nid_objs[411]),/* "RD128-CBC-B192" */ +&(nid_objs[414]),/* "RD128-CBC-B256" */ +&(nid_objs[409]),/* "RD192-CBC-B128" */ +&(nid_objs[412]),/* "RD192-CBC-B192" */ +&(nid_objs[415]),/* "RD192-CBC-B256" */ +&(nid_objs[410]),/* "RD256-CBC-B128" */ +&(nid_objs[413]),/* "RD256-CBC-B192" */ +&(nid_objs[416]),/* "RD256-CBC-B256" */ &(nid_objs[396]),/* "RIJNDAEL-ECB-K128-B128" */ &(nid_objs[399]),/* "RIJNDAEL-ECB-K128-B192" */ &(nid_objs[402]),/* "RIJNDAEL-ECB-K128-B256" */ @@ -1834,6 +1855,15 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[122]),/* "rc5-cfb" */ &(nid_objs[121]),/* "rc5-ecb" */ &(nid_objs[123]),/* "rc5-ofb" */ +&(nid_objs[408]),/* "rd128-cbc-b128" */ +&(nid_objs[411]),/* "rd128-cbc-b192" */ +&(nid_objs[414]),/* "rd128-cbc-b256" */ +&(nid_objs[409]),/* "rd192-cbc-b128" */ +&(nid_objs[412]),/* "rd192-cbc-b192" */ +&(nid_objs[415]),/* "rd192-cbc-b256" */ +&(nid_objs[410]),/* "rd256-cbc-b128" */ +&(nid_objs[413]),/* "rd256-cbc-b192" */ +&(nid_objs[416]),/* "rd256-cbc-b256" */ &(nid_objs[396]),/* "rijndael-ecb-k128-b128" */ &(nid_objs[399]),/* "rijndael-ecb-k128-b192" */ &(nid_objs[402]),/* "rijndael-ecb-k128-b256" */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 308528f9c..ccfea00d8 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -1833,3 +1833,39 @@ #define LN_rijndael_ecb_k256_b256 "rijndael-ecb-k256-b256" #define NID_rijndael_ecb_k256_b256 404 +#define SN_rd128_cbc_b128 "RD128-CBC-B128" +#define LN_rd128_cbc_b128 "rd128-cbc-b128" +#define NID_rd128_cbc_b128 408 + +#define SN_rd192_cbc_b128 "RD192-CBC-B128" +#define LN_rd192_cbc_b128 "rd192-cbc-b128" +#define NID_rd192_cbc_b128 409 + +#define SN_rd256_cbc_b128 "RD256-CBC-B128" +#define LN_rd256_cbc_b128 "rd256-cbc-b128" +#define NID_rd256_cbc_b128 410 + +#define SN_rd128_cbc_b192 "RD128-CBC-B192" +#define LN_rd128_cbc_b192 "rd128-cbc-b192" +#define NID_rd128_cbc_b192 411 + +#define SN_rd192_cbc_b192 "RD192-CBC-B192" +#define LN_rd192_cbc_b192 "rd192-cbc-b192" +#define NID_rd192_cbc_b192 412 + +#define SN_rd256_cbc_b192 "RD256-CBC-B192" +#define LN_rd256_cbc_b192 "rd256-cbc-b192" +#define NID_rd256_cbc_b192 413 + +#define SN_rd128_cbc_b256 "RD128-CBC-B256" +#define LN_rd128_cbc_b256 "rd128-cbc-b256" +#define NID_rd128_cbc_b256 414 + +#define SN_rd192_cbc_b256 "RD192-CBC-B256" +#define LN_rd192_cbc_b256 "rd192-cbc-b256" +#define NID_rd192_cbc_b256 415 + +#define SN_rd256_cbc_b256 "RD256-CBC-B256" +#define LN_rd256_cbc_b256 "rd256-cbc-b256" +#define NID_rd256_cbc_b256 416 + diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 94e13b44e..9196462b1 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -402,3 +402,15 @@ rijndael_ecb_k256_b192 401 rijndael_ecb_k128_b256 402 rijndael_ecb_k192_b256 403 rijndael_ecb_k256_b256 404 +rd128_cbc 405 +rd192_cbc 406 +rd256_cbc 407 +rd128_cbc_b128 408 +rd192_cbc_b128 409 +rd256_cbc_b128 410 +rd128_cbc_b192 411 +rd192_cbc_b192 412 +rd256_cbc_b192 413 +rd128_cbc_b256 414 +rd192_cbc_b256 415 +rd256_cbc_b256 416 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index d4ee20db3..d110ad6c6 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -601,3 +601,12 @@ enterprises 1466 344 : dcobject : dcObject : RIJNDAEL-ECB-K128-B256: rijndael-ecb-k128-b256 : RIJNDAEL-ECB-K192-B256: rijndael-ecb-k192-b256 : RIJNDAEL-ECB-K256-B256: rijndael-ecb-k256-b256 + : RD128-CBC-B128 : rd128-cbc-b128 + : RD192-CBC-B128 : rd192-cbc-b128 + : RD256-CBC-B128 : rd256-cbc-b128 + : RD128-CBC-B192 : rd128-cbc-b192 + : RD192-CBC-B192 : rd192-cbc-b192 + : RD256-CBC-B192 : rd256-cbc-b192 + : RD128-CBC-B256 : rd128-cbc-b256 + : RD192-CBC-B256 : rd192-cbc-b256 + : RD256-CBC-B256 : rd256-cbc-b256 diff --git a/crypto/rijndael/Makefile.ssl b/crypto/rijndael/Makefile.ssl index 6ed8aa3c0..368a82c5b 100644 --- a/crypto/rijndael/Makefile.ssl +++ b/crypto/rijndael/Makefile.ssl @@ -20,7 +20,7 @@ RD_ENC= rd_enc.o # or use #DES_ENC= bx86-elf.o -CFLAGS= $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL +CFLAGS= -mpentiumpro $(INCLUDES) $(CFLAG) -DINTERMEDIATE_VALUE_KAT -DBINARY_KEY_MATERIAL -O3 -fexpensive-optimizations -funroll-loops -fforce-addr GENERAL=Makefile #TEST=rijndael-test-fst.c table.128 table.192 table.256 @@ -45,6 +45,8 @@ lib: $(LIBOBJ) $(RANLIB) $(LIB) @touch lib +$(LIBOBJ): $(LIBSRC) + files: $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 47768cc28..c4239f3ca 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -708,6 +708,19 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS }, + /* Cipher ?? */ + { + 1, + TLS1_TXT_RSA_WITH_RD_128_SHA, + TLS1_CK_RSA_WITH_RD_128_SHA, + SSL_kRSA|SSL_aRSA|SSL_RD|SSL_SHA |SSL_TLSV1, + SSL_NOT_EXP|SSL_HIGH, + 0, + 128, + 128, + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, #endif /* end of list */ diff --git a/ssl/ssl.h b/ssl/ssl.h index 55f32724f..c976a866f 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -153,6 +153,7 @@ extern "C" { #define SSL_TXT_RC4 "RC4" #define SSL_TXT_RC2 "RC2" #define SSL_TXT_IDEA "IDEA" +#define SSL_TXT_RD "RD" #define SSL_TXT_MD5 "MD5" #define SSL_TXT_SHA1 "SHA1" #define SSL_TXT_SHA "SHA" diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index dde8918fe..52d127ed6 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -63,6 +63,8 @@ int SSL_library_init(void) { + int k; + #ifndef NO_DES EVP_add_cipher(EVP_des_cbc()); EVP_add_cipher(EVP_des_ede3_cbc()); @@ -75,7 +77,9 @@ int SSL_library_init(void) #endif #ifndef NO_RC2 EVP_add_cipher(EVP_rc2_cbc()); -#endif +#endif + for(k=0 ; k < 2 ; ++k) + EVP_add_cipher(EVP_rijndael_cbc(0,k)); #ifndef NO_MD2 EVP_add_digest(EVP_md2()); @@ -96,7 +100,6 @@ int SSL_library_init(void) EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1"); EVP_add_digest_alias(SN_dsaWithSHA1,"dss1"); #endif - /* If you want support for phased out ciphers, add the following */ #if 0 EVP_add_digest(EVP_sha()); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a196d5e57..cb9a72532 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -68,7 +68,10 @@ #define SSL_ENC_IDEA_IDX 4 #define SSL_ENC_eFZA_IDX 5 #define SSL_ENC_NULL_IDX 6 -#define SSL_ENC_NUM_IDX 7 +#define SSL_ENC_RD128_IDX 7 +#define SSL_ENC_RD192_IDX 8 +#define SSL_ENC_RD256_IDX 9 +#define SSL_ENC_NUM_IDX 10 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ NULL,NULL,NULL,NULL,NULL,NULL, @@ -124,6 +127,7 @@ static const SSL_CIPHER cipher_aliases[]={ {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, + {0,SSL_TXT_RD, 0,SSL_RD, 0,0,0,0,SSL_ENC_MASK,0}, {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0}, {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0}, @@ -163,6 +167,12 @@ static void load_ciphers(void) EVP_get_cipherbyname(SN_rc2_cbc); ssl_cipher_methods[SSL_ENC_IDEA_IDX]= EVP_get_cipherbyname(SN_idea_cbc); + ssl_cipher_methods[SSL_ENC_RD128_IDX]= + EVP_get_cipherbyname(SN_rd128_cbc_b128); + ssl_cipher_methods[SSL_ENC_RD192_IDX]= + EVP_get_cipherbyname(SN_rd192_cbc_b128); + ssl_cipher_methods[SSL_ENC_RD256_IDX]= + EVP_get_cipherbyname(SN_rd256_cbc_b128); ssl_digest_methods[SSL_MD_MD5_IDX]= EVP_get_digestbyname(SN_md5); @@ -223,6 +233,15 @@ int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc, case SSL_eNULL: i=SSL_ENC_NULL_IDX; break; + case SSL_RD: + switch(c->alg_bits) + { + case 128: i=SSL_ENC_RD128_IDX; break; + case 192: i=SSL_ENC_RD192_IDX; break; + case 256: i=SSL_ENC_RD256_IDX; break; + default: i=-1; break; + } + break; default: i= -1; break; @@ -308,6 +327,7 @@ static unsigned long ssl_cipher_get_disabled(void) mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0; + mask |= (ssl_cipher_methods[SSL_ENC_RD128_IDX] == NULL) ? SSL_RD:0; mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; @@ -979,6 +999,15 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) case SSL_eNULL: enc="None"; break; + case SSL_RD: + switch(cipher->strength_bits == 128) + { + case 128: enc="Rijndael(128)"; break; + case 192: enc="Rijndael(192)"; break; + case 256: enc="Rijndael(256)"; break; + default: enc="Rijndael(???)"; break; + } + break; default: enc="unknown"; break; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 58bcd1b7e..3ab23ded2 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -251,7 +251,7 @@ #define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) #define SSL_KRB5 (SSL_kKRB5|SSL_aKRB5) -#define SSL_ENC_MASK 0x0007F000L +#define SSL_ENC_MASK 0x0087F000L #define SSL_DES 0x00001000L #define SSL_3DES 0x00002000L #define SSL_RC4 0x00004000L @@ -259,6 +259,7 @@ #define SSL_IDEA 0x00010000L #define SSL_eFZA 0x00020000L #define SSL_eNULL 0x00040000L +#define SSL_RD 0x00800000L #define SSL_MAC_MASK 0x00180000L #define SSL_MD5 0x00080000L diff --git a/ssl/tls1.h b/ssl/tls1.h index cf92ae034..0ee820761 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -95,6 +95,8 @@ extern "C" { #define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064 #define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065 #define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 + /* not yet real */ +#define TLS1_CK_RSA_WITH_RD_128_SHA 0x03000067 /* XXX * Inconsistency alert: @@ -110,6 +112,8 @@ extern "C" { #define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA" #define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" #define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" + /* Not yet real */ +#define TLS1_TXT_RSA_WITH_RD_128_SHA "RD128-SHA" #define TLS_CT_RSA_SIGN 1