Add draft python tool to translate MBed ciphersuites
Created 2 functions
- translate_gnu()
- translate_ossl()
Each function takes a parameter `m_cipher` (expected in the MBedTLS naming
standard), and through a series of edge cases/replaces, modifies the
ciphersuite name to match the GNU and OpenSSL naming conventions respectively.
This will serve as to maintain a single list that can be translated, rather
than maintaining 3 lists for OpenSSL and GNU also.
This commit serves as a checkpoint, and the program will be cleaned up in the
future.
The program currently runs a series of tests to check every given ciphersuite name
combination in compat.sh to ensure they are translated correctly.
Some OpenSSL names appear to have typos and as such have been corrected in
this program until I have recieved more information. The errors were commented
out to keep note of.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
diff --git a/translate_ciphers.py b/translate_ciphers.py
new file mode 100644
index 0000000..cf0be72
--- /dev/null
+++ b/translate_ciphers.py
@@ -0,0 +1,485 @@
+
+def translate_gnu(m_cipher):
+
+ m_cipher = "+" + m_cipher[4:]
+ m_cipher = m_cipher.replace("-WITH-", ":+")
+ m_cipher = m_cipher.replace("-EDE", "")
+ if m_cipher.split("-")[-1] == "SHA":
+ m_cipher = m_cipher+"1"
+
+
+ if m_cipher.split("-")[-1] == "8" or m_cipher.split("-")[-1] == "CCM":
+ m_cipher = m_cipher+":+AEAD"
+ else:
+ index=m_cipher.rindex("-")
+ m_cipher = m_cipher[:index]+":+"+m_cipher[index+1:]
+ m_cipher = m_cipher.replace("GCM:+SHA256", "GCM:+AEAD")
+ m_cipher = m_cipher.replace("GCM:+SHA384", "GCM:+AEAD")
+
+ return m_cipher
+
+def translate_ossl(m_cipher):
+ m_cipher = m_cipher[4:]
+ m_cipher = m_cipher.replace("-WITH", "")
+ m_cipher = m_cipher.replace("AES-", "AES")
+ m_cipher = m_cipher.replace("CAMELLIA-", "CAMELLIA")
+ m_cipher = m_cipher.replace("ARIA-", "ARIA")
+
+ m_cipher = m_cipher.replace("-EDE", "")
+
+ m_cipher = m_cipher.replace("3DES-CBC", "DES-CBC3")
+ try:
+ index = m_cipher.rindex("CBC")
+ if m_cipher[index-4:index-1] != "DES":
+ m_cipher = m_cipher.replace("CBC-", "")
+ except:
+ pass
+
+ if m_cipher[:4] == "RSA-":
+ m_cipher = m_cipher[4:]
+
+ m_cipher = m_cipher.replace("ECDHE-RSA-ARIA", "ECDHE-ARIA")
+
+ try:
+ index = m_cipher.rindex("POLY1305")
+ m_cipher=m_cipher[:index+8]
+ except Exception as e:
+ pass#print(e)
+
+ return m_cipher
+
+def test_all_common():
+ m_ciphers = [
+ "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
+ "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
+ "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
+ "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
+
+ "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
+ "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
+ "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
+ "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
+
+ "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
+ "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
+ "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
+ "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
+ "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
+ "TLS-RSA-WITH-AES-256-CBC-SHA",
+ "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
+ "TLS-RSA-WITH-AES-128-CBC-SHA",
+ "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
+ "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
+ "TLS-RSA-WITH-NULL-MD5",
+ "TLS-RSA-WITH-NULL-SHA",
+
+ "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
+ "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
+ "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
+ "TLS-ECDHE-RSA-WITH-NULL-SHA",
+
+ "TLS-RSA-WITH-AES-128-CBC-SHA256",
+ "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
+ "TLS-RSA-WITH-AES-256-CBC-SHA256",
+ "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
+ "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
+ "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
+ "TLS-RSA-WITH-AES-128-GCM-SHA256",
+ "TLS-RSA-WITH-AES-256-GCM-SHA384",
+ "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
+ "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
+ "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
+ "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
+
+ "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
+ "TLS-PSK-WITH-AES-128-CBC-SHA",
+ "TLS-PSK-WITH-AES-256-CBC-SHA",
+ ]
+ g_ciphers = [
+ "+ECDHE-ECDSA:+NULL:+SHA1",
+ "+ECDHE-ECDSA:+3DES-CBC:+SHA1",
+ "+ECDHE-ECDSA:+AES-128-CBC:+SHA1",
+ "+ECDHE-ECDSA:+AES-256-CBC:+SHA1",
+
+ "+ECDHE-ECDSA:+AES-128-CBC:+SHA256",
+ "+ECDHE-ECDSA:+AES-256-CBC:+SHA384",
+ "+ECDHE-ECDSA:+AES-128-GCM:+AEAD",
+ "+ECDHE-ECDSA:+AES-256-GCM:+AEAD",
+
+ "+DHE-RSA:+AES-128-CBC:+SHA1",
+ "+DHE-RSA:+AES-256-CBC:+SHA1",
+ "+DHE-RSA:+CAMELLIA-128-CBC:+SHA1",
+ "+DHE-RSA:+CAMELLIA-256-CBC:+SHA1",
+ "+DHE-RSA:+3DES-CBC:+SHA1",
+ "+RSA:+AES-256-CBC:+SHA1",
+ "+RSA:+CAMELLIA-256-CBC:+SHA1",
+ "+RSA:+AES-128-CBC:+SHA1",
+ "+RSA:+CAMELLIA-128-CBC:+SHA1",
+ "+RSA:+3DES-CBC:+SHA1",
+ "+RSA:+NULL:+MD5",
+ "+RSA:+NULL:+SHA1",
+
+ "+ECDHE-RSA:+AES-128-CBC:+SHA1",
+ "+ECDHE-RSA:+AES-256-CBC:+SHA1",
+ "+ECDHE-RSA:+3DES-CBC:+SHA1",
+ "+ECDHE-RSA:+NULL:+SHA1",
+
+ "+RSA:+AES-128-CBC:+SHA256",
+ "+DHE-RSA:+AES-128-CBC:+SHA256",
+ "+RSA:+AES-256-CBC:+SHA256",
+ "+DHE-RSA:+AES-256-CBC:+SHA256",
+ "+ECDHE-RSA:+AES-128-CBC:+SHA256",
+ "+ECDHE-RSA:+AES-256-CBC:+SHA384",
+ "+RSA:+AES-128-GCM:+AEAD",
+ "+RSA:+AES-256-GCM:+AEAD",
+ "+DHE-RSA:+AES-128-GCM:+AEAD",
+ "+DHE-RSA:+AES-256-GCM:+AEAD",
+ "+ECDHE-RSA:+AES-128-GCM:+AEAD",
+ "+ECDHE-RSA:+AES-256-GCM:+AEAD",
+
+ "+PSK:+3DES-CBC:+SHA1",
+ "+PSK:+AES-128-CBC:+SHA1",
+ "+PSK:+AES-256-CBC:+SHA1",
+ ]
+ o_ciphers = [
+ "ECDHE-ECDSA-NULL-SHA",
+ "ECDHE-ECDSA-DES-CBC3-SHA",
+ "ECDHE-ECDSA-AES128-SHA",
+ "ECDHE-ECDSA-AES256-SHA",
+
+ "ECDHE-ECDSA-AES128-SHA256",
+ "ECDHE-ECDSA-AES256-SHA384",
+ "ECDHE-ECDSA-AES128-GCM-SHA256",
+ "ECDHE-ECDSA-AES256-GCM-SHA384",
+
+ "DHE-RSA-AES128-SHA",
+ "DHE-RSA-AES256-SHA",
+ "DHE-RSA-CAMELLIA128-SHA",
+ "DHE-RSA-CAMELLIA256-SHA",
+ #"EDH-RSA-DES-CBC3-SHA",
+ "DHE-RSA-DES-CBC3-SHA",
+ "AES256-SHA",
+ "CAMELLIA256-SHA",
+ "AES128-SHA",
+ "CAMELLIA128-SHA",
+ "DES-CBC3-SHA",
+ "NULL-MD5",
+ "NULL-SHA",
+
+ "ECDHE-RSA-AES128-SHA",
+ "ECDHE-RSA-AES256-SHA",
+ "ECDHE-RSA-DES-CBC3-SHA",
+ "ECDHE-RSA-NULL-SHA",
+
+ #"NULL-SHA256",
+ "AES128-SHA256",
+ "DHE-RSA-AES128-SHA256",
+ "AES256-SHA256",
+ "DHE-RSA-AES256-SHA256",
+ "ECDHE-RSA-AES128-SHA256",
+ "ECDHE-RSA-AES256-SHA384",
+ "AES128-GCM-SHA256",
+ "AES256-GCM-SHA384",
+ "DHE-RSA-AES128-GCM-SHA256",
+ "DHE-RSA-AES256-GCM-SHA384",
+ "ECDHE-RSA-AES128-GCM-SHA256",
+ "ECDHE-RSA-AES256-GCM-SHA384",
+
+ #"PSK-3DES-EDE-CBC-SHA",
+ #"PSK-AES128-CBC-SHA",
+ #"PSK-AES256-CBC-SHA",
+
+ "PSK-DES-CBC3-SHA",
+ "PSK-AES128-SHA",
+ "PSK-AES256-SHA",
+ ]
+
+ for i in range(len(m_ciphers)):
+
+ g = translate_gnu(m_ciphers[i])
+ if g!=g_ciphers[i]:
+ print("GNU", i)
+ print("new".ljust(10), g)
+ print("original".ljust(10), g_ciphers[i])
+ # break
+
+
+ o = translate_ossl(m_ciphers[i])
+ if o!=o_ciphers[i]:
+ print("OpenSSL", i)
+ print("new".ljust(10), o)
+ print("original".ljust(10), o_ciphers[i])
+ # break
+
+def test_mbed_ossl_common():
+ m_ciphers = [
+ "TLS-ECDH-ECDSA-WITH-NULL-SHA",
+ "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
+ "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
+ "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
+
+ "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
+ "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
+ "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
+ "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
+ "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
+ "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
+ "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
+
+ "TLS-RSA-WITH-DES-CBC-SHA",
+ "TLS-DHE-RSA-WITH-DES-CBC-SHA",
+
+ "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
+ "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
+ "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
+ "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
+ "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
+ "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
+ "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
+ "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
+
+ "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
+ "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
+ "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
+ "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
+ "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
+ ]
+ o_ciphers = [
+ "ECDH-ECDSA-NULL-SHA",
+ "ECDH-ECDSA-DES-CBC3-SHA",
+ "ECDH-ECDSA-AES128-SHA",
+ "ECDH-ECDSA-AES256-SHA",
+
+ "ECDH-ECDSA-AES128-SHA256",
+ "ECDH-ECDSA-AES256-SHA384",
+ "ECDH-ECDSA-AES128-GCM-SHA256",
+ "ECDH-ECDSA-AES256-GCM-SHA384",
+ "ECDHE-ECDSA-ARIA256-GCM-SHA384",
+ "ECDHE-ECDSA-ARIA128-GCM-SHA256",
+ "ECDHE-ECDSA-CHACHA20-POLY1305",
+
+ "DES-CBC-SHA",
+ #"EDH-RSA-DES-CBC-SHA",
+ "DHE-RSA-DES-CBC-SHA",
+
+ "ECDHE-ARIA256-GCM-SHA384",
+ "DHE-RSA-ARIA256-GCM-SHA384",
+ "ARIA256-GCM-SHA384",
+ "ECDHE-ARIA128-GCM-SHA256",
+ "DHE-RSA-ARIA128-GCM-SHA256",
+ "ARIA128-GCM-SHA256",
+ "DHE-RSA-CHACHA20-POLY1305",
+ "ECDHE-RSA-CHACHA20-POLY1305",
+
+ "DHE-PSK-ARIA256-GCM-SHA384",
+ "DHE-PSK-ARIA128-GCM-SHA256",
+ "PSK-ARIA256-GCM-SHA384",
+ "PSK-ARIA128-GCM-SHA256",
+ "PSK-CHACHA20-POLY1305",
+ "ECDHE-PSK-CHACHA20-POLY1305",
+ "DHE-PSK-CHACHA20-POLY1305",
+ ]
+
+ for i in range(len(m_ciphers)):
+
+ o = translate_ossl(m_ciphers[i])
+ if o!=o_ciphers[i]:
+ print("OpenSSL", i)
+ print("new".ljust(10), o)
+ print("original".ljust(10), o_ciphers[i])
+ # break
+
+def test_mbed_gnu_common():
+ m_ciphers = [
+ "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
+ "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
+ "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
+ "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
+
+ "TLS-RSA-WITH-NULL-SHA256",
+
+ "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
+ "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
+ "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-RSA-WITH-AES-128-CCM",
+ "TLS-RSA-WITH-AES-256-CCM",
+ "TLS-DHE-RSA-WITH-AES-128-CCM",
+ "TLS-DHE-RSA-WITH-AES-256-CCM",
+ "TLS-RSA-WITH-AES-128-CCM-8",
+ "TLS-RSA-WITH-AES-256-CCM-8",
+ "TLS-DHE-RSA-WITH-AES-128-CCM-8",
+ "TLS-DHE-RSA-WITH-AES-256-CCM-8",
+
+ "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
+ "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
+ "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
+
+ "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
+ "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
+ "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
+ "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
+ "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
+ "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
+
+ "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
+ "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
+ "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-ECDHE-PSK-WITH-NULL-SHA384",
+ "TLS-ECDHE-PSK-WITH-NULL-SHA256",
+ "TLS-PSK-WITH-AES-128-CBC-SHA256",
+ "TLS-PSK-WITH-AES-256-CBC-SHA384",
+ "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
+ "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
+ "TLS-PSK-WITH-NULL-SHA256",
+ "TLS-PSK-WITH-NULL-SHA384",
+ "TLS-DHE-PSK-WITH-NULL-SHA256",
+ "TLS-DHE-PSK-WITH-NULL-SHA384",
+ "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
+ "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
+ "TLS-RSA-PSK-WITH-NULL-SHA256",
+ "TLS-RSA-PSK-WITH-NULL-SHA384",
+ "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+ "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+ "TLS-PSK-WITH-AES-128-GCM-SHA256",
+ "TLS-PSK-WITH-AES-256-GCM-SHA384",
+ "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
+ "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
+ "TLS-PSK-WITH-AES-128-CCM",
+ "TLS-PSK-WITH-AES-256-CCM",
+ "TLS-DHE-PSK-WITH-AES-128-CCM",
+ "TLS-DHE-PSK-WITH-AES-256-CCM",
+ "TLS-PSK-WITH-AES-128-CCM-8",
+ "TLS-PSK-WITH-AES-256-CCM-8",
+ "TLS-DHE-PSK-WITH-AES-128-CCM-8",
+ "TLS-DHE-PSK-WITH-AES-256-CCM-8",
+ "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+ "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+ "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
+ "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
+ ]
+ g_ciphers = [
+ "+ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256",
+ "+ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384",
+ "+ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD",
+ "+ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD",
+ "+ECDHE-ECDSA:+AES-128-CCM:+AEAD",
+ "+ECDHE-ECDSA:+AES-256-CCM:+AEAD",
+ "+ECDHE-ECDSA:+AES-128-CCM-8:+AEAD",
+ "+ECDHE-ECDSA:+AES-256-CCM-8:+AEAD",
+
+ "+RSA:+NULL:+SHA256",
+
+ "+ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256",
+ "+ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384",
+ "+RSA:+CAMELLIA-128-CBC:+SHA256",
+ "+RSA:+CAMELLIA-256-CBC:+SHA256",
+ "+DHE-RSA:+CAMELLIA-128-CBC:+SHA256",
+ "+DHE-RSA:+CAMELLIA-256-CBC:+SHA256",
+ "+ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD",
+ "+ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD",
+ "+DHE-RSA:+CAMELLIA-128-GCM:+AEAD",
+ "+DHE-RSA:+CAMELLIA-256-GCM:+AEAD",
+ "+RSA:+CAMELLIA-128-GCM:+AEAD",
+ "+RSA:+CAMELLIA-256-GCM:+AEAD",
+ "+RSA:+AES-128-CCM:+AEAD",
+ "+RSA:+AES-256-CCM:+AEAD",
+ "+DHE-RSA:+AES-128-CCM:+AEAD",
+ "+DHE-RSA:+AES-256-CCM:+AEAD",
+ "+RSA:+AES-128-CCM-8:+AEAD",
+ "+RSA:+AES-256-CCM-8:+AEAD",
+ "+DHE-RSA:+AES-128-CCM-8:+AEAD",
+ "+DHE-RSA:+AES-256-CCM-8:+AEAD",
+
+ "+DHE-PSK:+3DES-CBC:+SHA1",
+ "+DHE-PSK:+AES-128-CBC:+SHA1",
+ "+DHE-PSK:+AES-256-CBC:+SHA1",
+
+ "+ECDHE-PSK:+AES-256-CBC:+SHA1",
+ "+ECDHE-PSK:+AES-128-CBC:+SHA1",
+ "+ECDHE-PSK:+3DES-CBC:+SHA1",
+ "+RSA-PSK:+3DES-CBC:+SHA1",
+ "+RSA-PSK:+AES-256-CBC:+SHA1",
+ "+RSA-PSK:+AES-128-CBC:+SHA1",
+
+ "+ECDHE-PSK:+AES-256-CBC:+SHA384",
+ "+ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384",
+ "+ECDHE-PSK:+AES-128-CBC:+SHA256",
+ "+ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256",
+ "+ECDHE-PSK:+NULL:+SHA384",
+ "+ECDHE-PSK:+NULL:+SHA256",
+ "+PSK:+AES-128-CBC:+SHA256",
+ "+PSK:+AES-256-CBC:+SHA384",
+ "+DHE-PSK:+AES-128-CBC:+SHA256",
+ "+DHE-PSK:+AES-256-CBC:+SHA384",
+ "+PSK:+NULL:+SHA256",
+ "+PSK:+NULL:+SHA384",
+ "+DHE-PSK:+NULL:+SHA256",
+ "+DHE-PSK:+NULL:+SHA384",
+ "+RSA-PSK:+AES-256-CBC:+SHA384",
+ "+RSA-PSK:+AES-128-CBC:+SHA256",
+ "+RSA-PSK:+NULL:+SHA256",
+ "+RSA-PSK:+NULL:+SHA384",
+ "+DHE-PSK:+CAMELLIA-128-CBC:+SHA256",
+ "+DHE-PSK:+CAMELLIA-256-CBC:+SHA384",
+ "+PSK:+CAMELLIA-128-CBC:+SHA256",
+ "+PSK:+CAMELLIA-256-CBC:+SHA384",
+ "+RSA-PSK:+CAMELLIA-256-CBC:+SHA384",
+ "+RSA-PSK:+CAMELLIA-128-CBC:+SHA256",
+ "+PSK:+AES-128-GCM:+AEAD",
+ "+PSK:+AES-256-GCM:+AEAD",
+ "+DHE-PSK:+AES-128-GCM:+AEAD",
+ "+DHE-PSK:+AES-256-GCM:+AEAD",
+ "+PSK:+AES-128-CCM:+AEAD",
+ "+PSK:+AES-256-CCM:+AEAD",
+ "+DHE-PSK:+AES-128-CCM:+AEAD",
+ "+DHE-PSK:+AES-256-CCM:+AEAD",
+ "+PSK:+AES-128-CCM-8:+AEAD",
+ "+PSK:+AES-256-CCM-8:+AEAD",
+ "+DHE-PSK:+AES-128-CCM-8:+AEAD",
+ "+DHE-PSK:+AES-256-CCM-8:+AEAD",
+ "+RSA-PSK:+CAMELLIA-128-GCM:+AEAD",
+ "+RSA-PSK:+CAMELLIA-256-GCM:+AEAD",
+ "+PSK:+CAMELLIA-128-GCM:+AEAD",
+ "+PSK:+CAMELLIA-256-GCM:+AEAD",
+ "+DHE-PSK:+CAMELLIA-128-GCM:+AEAD",
+ "+DHE-PSK:+CAMELLIA-256-GCM:+AEAD",
+ "+RSA-PSK:+AES-256-GCM:+AEAD",
+ "+RSA-PSK:+AES-128-GCM:+AEAD",
+ ]
+
+ for i in range(len(m_ciphers)):
+
+ g = translate_gnu(m_ciphers[i])
+ if g!=g_ciphers[i]:
+ print("GNU", i)
+ print("new".ljust(10), g)
+ print("original".ljust(10), g_ciphers[i])
+ # break
+
+test_all_common()
+test_mbed_ossl_common()
+test_mbed_gnu_common()
\ No newline at end of file