drop TLS_ prefix from ciphersuite and ciphersuite13 constructors

lib/config.ml

@@ -71,43 +71,42 @@ module Ciphers = struct
    * slice and groom those lists. *)
 
   let default13 = [
-    `TLS_AES_128_GCM_SHA256 ;
-    `TLS_AES_256_GCM_SHA384 ;
-    (* `TLS_CHACHA20_POLY1305_SHA256 ; *)
-    `TLS_AES_128_CCM_SHA256 ;
-    (* `TLS_AES_128_CCM_8_SHA256 *)
+    `AES_128_GCM_SHA256 ;
+    `AES_256_GCM_SHA384 ;
+    (* `CHACHA20_POLY1305_SHA256 ; *)
+    `AES_128_CCM_SHA256 ;
   ]
 
   let default = default13 @ [
-    `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ;
-    `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ;
-    `TLS_DHE_RSA_WITH_AES_256_CCM ;
-    `TLS_DHE_RSA_WITH_AES_128_CCM ;
-    `TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ;
-    `TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ;
-    `TLS_DHE_RSA_WITH_AES_256_CBC_SHA ;
-    `TLS_DHE_RSA_WITH_AES_128_CBC_SHA ;
-    `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ;
-    `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ;
-    `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ;
-    `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ;
-    `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ;
-    `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ;
-    `TLS_RSA_WITH_AES_256_GCM_SHA384 ;
-    `TLS_RSA_WITH_AES_128_GCM_SHA256 ;
-    `TLS_RSA_WITH_AES_256_CCM ;
-    `TLS_RSA_WITH_AES_128_CCM ;
-    `TLS_RSA_WITH_AES_256_CBC_SHA256 ;
-    `TLS_RSA_WITH_AES_128_CBC_SHA256 ;
-    `TLS_RSA_WITH_AES_256_CBC_SHA ;
-    `TLS_RSA_WITH_AES_128_CBC_SHA ;
+    `DHE_RSA_WITH_AES_256_GCM_SHA384 ;
+    `DHE_RSA_WITH_AES_128_GCM_SHA256 ;
+    `DHE_RSA_WITH_AES_256_CCM ;
+    `DHE_RSA_WITH_AES_128_CCM ;
+    `DHE_RSA_WITH_AES_256_CBC_SHA256 ;
+    `DHE_RSA_WITH_AES_128_CBC_SHA256 ;
+    `DHE_RSA_WITH_AES_256_CBC_SHA ;
+    `DHE_RSA_WITH_AES_128_CBC_SHA ;
+    `ECDHE_RSA_WITH_AES_128_GCM_SHA256 ;
+    `ECDHE_RSA_WITH_AES_256_GCM_SHA384 ;
+    `ECDHE_RSA_WITH_AES_256_CBC_SHA384 ;
+    `ECDHE_RSA_WITH_AES_128_CBC_SHA256 ;
+    `ECDHE_RSA_WITH_AES_256_CBC_SHA ;
+    `ECDHE_RSA_WITH_AES_128_CBC_SHA ;
+    `RSA_WITH_AES_256_GCM_SHA384 ;
+    `RSA_WITH_AES_128_GCM_SHA256 ;
+    `RSA_WITH_AES_256_CCM ;
+    `RSA_WITH_AES_128_CCM ;
+    `RSA_WITH_AES_256_CBC_SHA256 ;
+    `RSA_WITH_AES_128_CBC_SHA256 ;
+    `RSA_WITH_AES_256_CBC_SHA ;
+    `RSA_WITH_AES_128_CBC_SHA ;
     ]
 
   let supported = default @ [
-    `TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ;
-    `TLS_RSA_WITH_3DES_EDE_CBC_SHA ;
-    `TLS_RSA_WITH_RC4_128_SHA ;
-    `TLS_RSA_WITH_RC4_128_MD5
+    `DHE_RSA_WITH_3DES_EDE_CBC_SHA ;
+    `RSA_WITH_3DES_EDE_CBC_SHA ;
+    `RSA_WITH_RC4_128_SHA ;
+    `RSA_WITH_RC4_128_MD5
     ]
 
   let fs_of = List.filter Ciphersuite.ciphersuite_fs

lib/engine.ml

@@ -461,7 +461,7 @@ let decrement_early_data hs ty buf =
   if ty = Packet.APPLICATION_DATA && early_data hs then
     let cipher = match hs.session with
       | `TLS13 sd::_ -> sd.ciphersuite13
-      | _ -> `TLS_AES_128_GCM_SHA256
+      | _ -> `AES_128_GCM_SHA256
       (* TODO assert and ensure that all early_data states have a cipher  *)
     in
     bytes hs.early_data_left cipher >|= fun early_data_left ->

lib/handshake_common.ml

@@ -107,7 +107,7 @@ let empty_common_session_data = {
 let empty_session = {
   common_session_data = empty_common_session_data ;
   client_version      = `TLS_1_2 ;
-  ciphersuite         = `TLS_DHE_RSA_WITH_AES_256_CBC_SHA ;
+  ciphersuite         = `DHE_RSA_WITH_AES_256_CBC_SHA ;
   group               = Some `FFDHE2048 ;
   renegotiation       = Cstruct.(empty, empty) ;
   session_id          = Cstruct.empty ;

lib/handshake_crypto.ml

@@ -19,10 +19,10 @@ let p_hash (hmac, hmac_n) key seed len =
   expand (hmac ~key seed) len
 
 let prf_mac = function
-  | `TLS_RSA_WITH_AES_256_GCM_SHA384
-  | `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
-  | `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-  | `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 -> (module SHA384 : S)
+  | `RSA_WITH_AES_256_GCM_SHA384
+  | `DHE_RSA_WITH_AES_256_GCM_SHA384
+  | `ECDHE_RSA_WITH_AES_256_GCM_SHA384
+  | `ECDHE_RSA_WITH_AES_256_CBC_SHA384 -> (module SHA384 : S)
   | _ -> (module SHA256 : S)
 
 let pseudo_random_function version cipher len secret label seed =

lib/state.ml

@@ -318,7 +318,7 @@ let common_data_to_epoch common is_server peer_name =
   let epoch : epoch_data =
     { state                  = `Established ;
       protocol_version       = `TLS_1_0 ;
-      ciphersuite            = `TLS_DHE_RSA_WITH_AES_256_CBC_SHA ;
+      ciphersuite            = `DHE_RSA_WITH_AES_256_CBC_SHA ;
       peer_random ;
       peer_certificate       = common.peer_certificate ;
       peer_certificate_chain = common.peer_certificate_chain ;

tests/key_derivation.ml

@@ -11,7 +11,7 @@ let secret0 = Cstruct.of_hex {|
 10 ad f3 00 aa 1f 26 60  e1 b2 2e 10 f1 70 f9 2a
 |}
 
-let cipher = `TLS_AES_128_GCM_SHA256
+let cipher = `AES_128_GCM_SHA256
 let hash = Tls.Ciphersuite.hash13 cipher
 
 let my_secret = ref None

tests/readertests.ml

@@ -1451,7 +1451,7 @@ let good_server_hellos =
           { server_version = `TLS_1_2 ;
             server_random ;
             sessionid = None ;
-            ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+            ciphersuite = `RSA_WITH_RC4_128_MD5 ;
             extensions = []}
         in
         [
@@ -1464,7 +1464,7 @@ let good_server_hellos =
           ([2; 0; 0; 41; 3; 3] @ rand @ [(* session id *) 3; 1; 2; 3; (* cipher *) 0; 4; (* comp *) 0; (* exts *)] , { sh with sessionid = Some (list_to_cstruct [1; 2; 3]) } ) ;
 
           (* ciphersuite *)
-          ([2; 0; 0; 38; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 5; (* comp *) 0; (* exts *)] , { sh with ciphersuite = `TLS_RSA_WITH_RC4_128_SHA } ) ;
+          ([2; 0; 0; 38; 3; 3] @ rand @ [(* session id *) 0; (* cipher *) 0; 5; (* comp *) 0; (* exts *)] , { sh with ciphersuite = `RSA_WITH_RC4_128_SHA } ) ;
 
           (* extensions *)
           (* empty *)
@@ -1502,7 +1502,7 @@ let good_server_hellos =
             0x00; 0x10; 0x00; 0x05; 0x00; 0x03; (* ALPN *)
             0x02; 0x68; 0x32
           ], { sh with
-               ciphersuite = `TLS_RSA_WITH_AES_128_CBC_SHA ;
+               ciphersuite = `RSA_WITH_AES_128_CBC_SHA ;
                server_random = list_to_cstruct [ 0x53; 0x66; 0x2d; 0xf0; 0x1b; 0x61; 0x55; 0x8f; 0x74; 0x2a; 0xbf; 0xf4; 0x99; 0x86; 0x30; 0x99; 0x32; 0xe4; 0xd0; 0x1e; 0x2b; 0xa9; 0x2e; 0x86; 0x7b; 0xeb; 0x03; 0x00; 0xf9; 0x11; 0x3e; 0xc5 ] ;
                sessionid = Some (list_to_cstruct [ 0xd1; 0x54; 0xd9; 0x05; 0x61; 0x41; 0x53; 0x33; 0xb2; 0xf0; 0x13; 0x78; 0x1a; 0x17; 0xb3; 0x1d; 0x09; 0xf6; 0x59; 0x70; 0xfe; 0x5d; 0x58; 0x22; 0xfa; 0x8c; 0x5c; 0x89; 0xe9; 0xa2; 0xb4; 0x70 ]) ;
                extensions = [`Hostname;
@@ -1522,7 +1522,7 @@ let good_server_hellos =
             0x00; 0x00; 0x00; 0x00;
             0xff; 0x01; 0x00; 0x01; 0x00 ],
             { sh with
-              ciphersuite = `TLS_RSA_WITH_AES_128_CBC_SHA ;
+              ciphersuite = `RSA_WITH_AES_128_CBC_SHA ;
               server_random = list_to_cstruct [ 0x53; 0x66; 0x2f; 0xb7; 0x35; 0x3a; 0x42; 0xee; 0x1c; 0xe6; 0xed; 0x63; 0x8a; 0x1d; 0x3d; 0xb3; 0x71; 0x9c; 0xf5; 0x64; 0x45; 0xc5; 0xe9; 0xf4; 0x11; 0x8b; 0x9f; 0x41; 0x5a; 0x5f; 0xf1; 0xf6 ] ;
               sessionid = Some (list_to_cstruct [ 0xdf; 0xe1; 0x09; 0x8a; 0x42; 0xf0; 0x25; 0xc7; 0xbd; 0xe5; 0xe9; 0x02; 0x6a; 0x03; 0xaf; 0xb4; 0x70; 0x80; 0xe9; 0x2f; 0x07; 0x3f; 0x53; 0xd3; 0xc8; 0x97; 0x3f; 0xc4; 0x44; 0x23; 0xf5; 0x94 ] ) ;
               extensions = [`Hostname;

tests/readerwritertests.ml

@@ -446,7 +446,7 @@ let rw_handshake_server_hello_vals =
           { server_version = `TLS_1_2 ;
             server_random ;
             sessionid = None ;
-            ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+            ciphersuite = `RSA_WITH_RC4_128_MD5 ;
             extensions = []}
         in
         [

tests/writertests.ml

@@ -407,23 +407,23 @@ Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WI
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = []
                  } ,
      [2; 0; 0; 38; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *)] ) ;
 
    ( ServerHello { server_version = `TLS_1_1 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = []
                  } ,
      [2; 0; 0; 38; 3; 2] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *)] ) ;
 
    ( ServerHello { server_version = `TLS_1_0 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = []
                  } ,
      [2; 0; 0; 38; 3; 1] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *)] ) ;
@@ -432,15 +432,15 @@ Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WI
    ( ServerHello { server_version = `TLS_1_0 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = Some a_cs ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = []
                  } ,
      [2; 0; 0; 54; 3; 1] @ a_l @ a_l @ (* session id *) [ 16 ] @ a_l @ [(* cipher *) 0; 4; (* comp *) 0; (* exts *)] ) ;
 
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = [`Hostname]
                  } ,
      [2; 0; 0; 44; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *) 0; 4; 0; 0; 0; 0] ) ;
@@ -449,31 +449,31 @@ Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WITH_NULL_NULL;Packet.TLS_NULL_WI
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = [`SecureRenegotiation (Cstruct.create 0)]
                  } ,
      [2; 0; 0; 45; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *) 0; 5; 0xFF; 1; 0; 1; 0] ) ;
 
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = [`Hostname ; `SecureRenegotiation (Cstruct.create 0)]
                  } ,
      [2; 0; 0; 49; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *) 0; 9; 0; 0; 0; 0; 0xFF; 1; 0; 1; 0] ) ;
 
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = [`SecureRenegotiation (Cstruct.create 0); `Hostname ]
                  } ,
      [2; 0; 0; 49; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *) 0; 9; 0xFF; 1; 0; 1; 0; 0; 0; 0; 0] ) ;
 
    ( ServerHello { server_version = `TLS_1_2 ;
                    server_random  = a_cs <+> a_cs ;
                    sessionid = None ;
-                   ciphersuite = `TLS_RSA_WITH_RC4_128_MD5 ;
+                   ciphersuite = `RSA_WITH_RC4_128_MD5 ;
                    extensions = [`ALPN "h2"]
                  } ,
      [2; 0; 0; 49; 3; 3] @ a_l @ a_l @ [(* session id *) 0; (* cipher *) 0; 4; (* comp *) 0; (* exts *) 0; 9; 0; 16; 0; 5; 0; 3; 2; 104; 50] ) ;