remove ARIA, CAMELLIA, KRB5, and EXPORT ciphersuites

there is no plan to ever implement them, no need to keep them around
mirleft · Jun 12, 2020 · 8cfbcfc · 8cfbcfc
1 parent 55493fd
commit 8cfbcfc
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 149 deletions.
diff --git a/lib/packet.ml b/lib/packet.ml
@@ -268,48 +268,25 @@ type any_ciphersuite =
   | TLS_NULL_WITH_NULL_NULL                [@id 0x0000]
   | TLS_RSA_WITH_NULL_MD5                  [@id 0x0001]
   | TLS_RSA_WITH_NULL_SHA                  [@id 0x0002]
-  | TLS_RSA_EXPORT_WITH_RC4_40_MD5         [@id 0x0003]
   | TLS_RSA_WITH_RC4_128_MD5               [@id 0x0004]
   | TLS_RSA_WITH_RC4_128_SHA               [@id 0x0005]
-  | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5     [@id 0x0006]
   | TLS_RSA_WITH_IDEA_CBC_SHA              [@id 0x0007]
-  | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA      [@id 0x0008]
   | TLS_RSA_WITH_DES_CBC_SHA               [@id 0x0009]
   | TLS_RSA_WITH_3DES_EDE_CBC_SHA          [@id 0x000A]
-  | TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA   [@id 0x000B]
   | TLS_DH_DSS_WITH_DES_CBC_SHA            [@id 0x000C]
   | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA       [@id 0x000D]
-  | TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA   [@id 0x000E]
   | TLS_DH_RSA_WITH_DES_CBC_SHA            [@id 0x000F]
   | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA       [@id 0x0010]
-  | TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA  [@id 0x0011]
   | TLS_DHE_DSS_WITH_DES_CBC_SHA           [@id 0x0012]
   | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA      [@id 0x0013]
-  | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA  [@id 0x0014]
   | TLS_DHE_RSA_WITH_DES_CBC_SHA           [@id 0x0015]
   | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA      [@id 0x0016]
-  | TLS_DH_anon_EXPORT_WITH_RC4_40_MD5     [@id 0x0017]
-  | TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA  [@id 0x0019]
   (* MITM deprecated *)
   | TLS_DH_anon_WITH_RC4_128_MD5        [@id 0x0018]
   | TLS_DH_anon_WITH_DES_CBC_SHA        [@id 0x001A]
   | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA   [@id 0x001B]
   | RESERVED_SSL3_1                     [@id 0x001C] (* RFC5246 *)
   | RESERVED_SSL3_2                     [@id 0x001D] (* RFC5246 *)
-  | TLS_KRB5_WITH_DES_CBC_SHA           [@id 0x001E] (* RFC2712 *)
-  | TLS_KRB5_WITH_3DES_EDE_CBC_SHA      [@id 0x001F] (* RFC2712 *)
-  | TLS_KRB5_WITH_RC4_128_SHA           [@id 0x0020] (*RFC2712 RFC6347*)
-  | TLS_KRB5_WITH_IDEA_CBC_SHA          [@id 0x0021] (*RFC2712*)
-  | TLS_KRB5_WITH_DES_CBC_MD5           [@id 0x0022] (*RFC2712*)
-  | TLS_KRB5_WITH_3DES_EDE_CBC_MD5      [@id 0x0023] (*RFC2712*)
-  | TLS_KRB5_WITH_RC4_128_MD5           [@id 0x0024] (*RFC2712, RFC6347*)
-  | TLS_KRB5_WITH_IDEA_CBC_MD5          [@id 0x0025] (*RFC2712*)
-  | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA [@id 0x0026] (*RFC2712*)
-  | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA [@id 0x0027] (*RFC2712*)
-  | TLS_KRB5_EXPORT_WITH_RC4_40_SHA     [@id 0x0028] (*RFC2712, RFC6347*)
-  | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 [@id 0x0029] (*RFC2712*)
-  | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 [@id 0x002A] (*RFC2712*)
-  | TLS_KRB5_EXPORT_WITH_RC4_40_MD5     [@id 0x002B] (*RFC2712, RFC6347*)
   | TLS_PSK_WITH_NULL_SHA               [@id 0x002C] (*RFC4785*)
   | TLS_DHE_PSK_WITH_NULL_SHA           [@id 0x002D] (*RFC4785*)
   | TLS_RSA_PSK_WITH_NULL_SHA           [@id 0x002E] (*RFC4785*)
@@ -333,25 +310,13 @@ type any_ciphersuite =
   | TLS_DH_DSS_WITH_AES_128_CBC_SHA256       [@id 0x003E]
   | TLS_DH_RSA_WITH_AES_128_CBC_SHA256       [@id 0x003F]
   | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      [@id 0x0040]
-  | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        [@id 0x0041] (*RFC5932*)
-  | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA     [@id 0x0042] (*RFC5932*)
-  | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA     [@id 0x0043] (*RFC5932*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA    [@id 0x0044] (*RFC5932*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    [@id 0x0045] (*RFC5932*)
-  | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA    [@id 0x0046] (*RFC5932*)
   | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      [@id 0x0067]
   | TLS_DH_DSS_WITH_AES_256_CBC_SHA256       [@id 0x0068]
   | TLS_DH_RSA_WITH_AES_256_CBC_SHA256       [@id 0x0069]
   | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      [@id 0x006A]
   | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      [@id 0x006B]
   | TLS_DH_anon_WITH_AES_128_CBC_SHA256      [@id 0x006C]
   | TLS_DH_anon_WITH_AES_256_CBC_SHA256      [@id 0x006D]
-  | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        [@id 0x0084] (*RFC5932*)
-  | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA     [@id 0x0085] (*RFC5932*)
-  | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA     [@id 0x0086] (*RFC5932*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA    [@id 0x0087] (*RFC5932*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    [@id 0x0088] (*RFC5932*)
-  | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA    [@id 0x0089] (*RFC5932*)
   | TLS_PSK_WITH_RC4_128_SHA                 [@id 0x008A] (*RFC4279, RFC6347*)
   | TLS_PSK_WITH_3DES_EDE_CBC_SHA            [@id 0x008B] (*RFC4279*)
   | TLS_PSK_WITH_AES_128_CBC_SHA             [@id 0x008C] (*RFC4279*)
@@ -400,18 +365,6 @@ type any_ciphersuite =
   | TLS_RSA_PSK_WITH_AES_256_CBC_SHA384      [@id 0x00B7] (*RFC5487*)
   | TLS_RSA_PSK_WITH_NULL_SHA256             [@id 0x00B8] (*RFC5487*)
   | TLS_RSA_PSK_WITH_NULL_SHA384             [@id 0x00B9] (*RFC5487*)
-  | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256     [@id 0x00BA] (*RFC5932*)
-  | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256  [@id 0x00BB] (*RFC5932*)
-  | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256  [@id 0x00BC] (*RFC5932*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 [@id 0x00BD] (*RFC5932*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 [@id 0x00BE] (*RFC5932*)
-  | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 [@id 0x00BF] (*RFC5932*)
-  | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     [@id 0x00C0] (*RFC5932*)
-  | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256  [@id 0x00C1] (*RFC5932*)
-  | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256  [@id 0x00C2] (*RFC5932*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 [@id 0x00C3] (*RFC5932*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 [@id 0x00C4] (*RFC5932*)
-  | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 [@id 0x00C5] (*RFC5932*)
   | TLS_EMPTY_RENEGOTIATION_INFO_SCSV        [@id 0x00FF] (*RFC5746*)
   | TLS_AES_128_GCM_SHA256                   [@id 0x1301] (*RFC8446*)
   | TLS_AES_256_GCM_SHA384                   [@id 0x1302] (*RFC8446*)
@@ -479,102 +432,6 @@ type any_ciphersuite =
   | TLS_ECDHE_PSK_WITH_NULL_SHA                  [@id 0xC039] (*RFC5489*)
   | TLS_ECDHE_PSK_WITH_NULL_SHA256               [@id 0xC03A] (*RFC5489*)
   | TLS_ECDHE_PSK_WITH_NULL_SHA384               [@id 0xC03B] (*RFC5489*)
-  | TLS_RSA_WITH_ARIA_128_CBC_SHA256             [@id 0xC03C] (*RFC6209*)
-  | TLS_RSA_WITH_ARIA_256_CBC_SHA384             [@id 0xC03D] (*RFC6209*)
-  | TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256          [@id 0xC03E] (*RFC6209*)
-  | TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384          [@id 0xC03F] (*RFC6209*)
-  | TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256          [@id 0xC040] (*RFC6209*)
-  | TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384          [@id 0xC041] (*RFC6209*)
-  | TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256         [@id 0xC042] (*RFC6209*)
-  | TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384         [@id 0xC043] (*RFC6209*)
-  | TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256         [@id 0xC044] (*RFC6209*)
-  | TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384         [@id 0xC045] (*RFC6209*)
-  | TLS_DH_anon_WITH_ARIA_128_CBC_SHA256         [@id 0xC046] (*RFC6209*)
-  | TLS_DH_anon_WITH_ARIA_256_CBC_SHA384         [@id 0xC047] (*RFC6209*)
-  | TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256     [@id 0xC048] (*RFC6209*)
-  | TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384     [@id 0xC049] (*RFC6209*)
-  | TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256      [@id 0xC04A] (*RFC6209*)
-  | TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384      [@id 0xC04B] (*RFC6209*)
-  | TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256       [@id 0xC04C] (*RFC6209*)
-  | TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384       [@id 0xC04D] (*RFC6209*)
-  | TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256        [@id 0xC04E] (*RFC6209*)
-  | TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384        [@id 0xC04F] (*RFC6209*)
-  | TLS_RSA_WITH_ARIA_128_GCM_SHA256             [@id 0xC050] (*RFC6209*)
-  | TLS_RSA_WITH_ARIA_256_GCM_SHA384             [@id 0xC051] (*RFC6209*)
-  | TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256         [@id 0xC052] (*RFC6209*)
-  | TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384         [@id 0xC053] (*RFC6209*)
-  | TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256          [@id 0xC054] (*RFC6209*)
-  | TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384          [@id 0xC055] (*RFC6209*)
-  | TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256         [@id 0xC056] (*RFC6209*)
-  | TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384         [@id 0xC057] (*RFC6209*)
-  | TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256          [@id 0xC058] (*RFC6209*)
-  | TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384          [@id 0xC059] (*RFC6209*)
-  | TLS_DH_anon_WITH_ARIA_128_GCM_SHA256         [@id 0xC05A] (*RFC6209*)
-  | TLS_DH_anon_WITH_ARIA_256_GCM_SHA384         [@id 0xC05B] (*RFC6209*)
-  | TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256     [@id 0xC05C] (*RFC6209*)
-  | TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384     [@id 0xC05D] (*RFC6209*)
-  | TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256      [@id 0xC05E] (*RFC6209*)
-  | TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384      [@id 0xC05F] (*RFC6209*)
-  | TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256       [@id 0xC060] (*RFC6209*)
-  | TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384       [@id 0xC061] (*RFC6209*)
-  | TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256        [@id 0xC062] (*RFC6209*)
-  | TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384        [@id 0xC063] (*RFC6209*)
-  | TLS_PSK_WITH_ARIA_128_CBC_SHA256             [@id 0xC064] (*RFC6209*)
-  | TLS_PSK_WITH_ARIA_256_CBC_SHA384             [@id 0xC065] (*RFC6209*)
-  | TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256         [@id 0xC066] (*RFC6209*)
-  | TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384         [@id 0xC067] (*RFC6209*)
-  | TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256         [@id 0xC068] (*RFC6209*)
-  | TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384         [@id 0xC069] (*RFC6209*)
-  | TLS_PSK_WITH_ARIA_128_GCM_SHA256             [@id 0xC06A] (*RFC6209*)
-  | TLS_PSK_WITH_ARIA_256_GCM_SHA384             [@id 0xC06B] (*RFC6209*)
-  | TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256         [@id 0xC06C] (*RFC6209*)
-  | TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384         [@id 0xC06D] (*RFC6209*)
-  | TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256         [@id 0xC06E] (*RFC6209*)
-  | TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384         [@id 0xC06F] (*RFC6209*)
-  | TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256       [@id 0xC070] (*RFC6209*)
-  | TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384       [@id 0xC071] (*RFC6209*)
-  | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 [@id 0xC072] (*RFC6367*)
-  | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 [@id 0xC073] (*RFC6367*)
-  | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  [@id 0xC074] (*RFC6367*)
-  | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  [@id 0xC075] (*RFC6367*)
-  | TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   [@id 0xC076] (*RFC6367*)
-  | TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   [@id 0xC077] (*RFC6367*)
-  | TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    [@id 0xC078] (*RFC6367*)
-  | TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    [@id 0xC079] (*RFC6367*)
-  | TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256         [@id 0xC07A] (*RFC6367*)
-  | TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384         [@id 0xC07B] (*RFC6367*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256     [@id 0xC07C] (*RFC6367*)
-  | TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384     [@id 0xC07D] (*RFC6367*)
-  | TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256      [@id 0xC07E] (*RFC6367*)
-  | TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384      [@id 0xC07F] (*RFC6367*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256     [@id 0xC080] (*RFC6367*)
-  | TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384     [@id 0xC081] (*RFC6367*)
-  | TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256      [@id 0xC082] (*RFC6367*)
-  | TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384      [@id 0xC083] (*RFC6367*)
-  | TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256     [@id 0xC084] (*RFC6367*)
-  | TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384     [@id 0xC085] (*RFC6367*)
-  | TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 [@id 0xC086] (*RFC6367*)
-  | TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 [@id 0xC087] (*RFC6367*)
-  | TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  [@id 0xC088] (*RFC6367*)
-  | TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  [@id 0xC089] (*RFC6367*)
-  | TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256   [@id 0xC08A] (*RFC6367*)
-  | TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384   [@id 0xC08B] (*RFC6367*)
-  | TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256    [@id 0xC08C] (*RFC6367*)
-  | TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384    [@id 0xC08D] (*RFC6367*)
-  | TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256         [@id 0xC08E] (*RFC6367*)
-  | TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384         [@id 0xC08F] (*RFC6367*)
-  | TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256     [@id 0xC090] (*RFC6367*)
-  | TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384     [@id 0xC091] (*RFC6367*)
-  | TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256     [@id 0xC092] (*RFC6367*)
-  | TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384     [@id 0xC093] (*RFC6367*)
-  | TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256         [@id 0xC094] (*RFC6367*)
-  | TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384         [@id 0xC095] (*RFC6367*)
-  | TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256     [@id 0xC096] (*RFC6367*)
-  | TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384     [@id 0xC097] (*RFC6367*)
-  | TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256     [@id 0xC098] (*RFC6367*)
-  | TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384     [@id 0xC099] (*RFC6367*)
-  | TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   [@id 0xC09A] (*RFC6367*)
-  | TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   [@id 0xC09B] (*RFC6367*)
   | TLS_RSA_WITH_AES_128_CCM                     [@id 0xC09C] (*RFC6655*)
   | TLS_RSA_WITH_AES_256_CCM                     [@id 0xC09D] (*RFC6655*)
   | TLS_DHE_RSA_WITH_AES_128_CCM                 [@id 0xC09E] (*RFC6655*)