Home | History | Annotate | Download | only in ssl
      1 /* ssl/s3_lib.c */
      2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com)
      3  * All rights reserved.
      4  *
      5  * This package is an SSL implementation written
      6  * by Eric Young (eay (at) cryptsoft.com).
      7  * The implementation was written so as to conform with Netscapes SSL.
      8  *
      9  * This library is free for commercial and non-commercial use as long as
     10  * the following conditions are aheared to.  The following conditions
     11  * apply to all code found in this distribution, be it the RC4, RSA,
     12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
     13  * included with this distribution is covered by the same copyright terms
     14  * except that the holder is Tim Hudson (tjh (at) cryptsoft.com).
     15  *
     16  * Copyright remains Eric Young's, and as such any Copyright notices in
     17  * the code are not to be removed.
     18  * If this package is used in a product, Eric Young should be given attribution
     19  * as the author of the parts of the library used.
     20  * This can be in the form of a textual message at program startup or
     21  * in documentation (online or textual) provided with the package.
     22  *
     23  * Redistribution and use in source and binary forms, with or without
     24  * modification, are permitted provided that the following conditions
     25  * are met:
     26  * 1. Redistributions of source code must retain the copyright
     27  *    notice, this list of conditions and the following disclaimer.
     28  * 2. Redistributions in binary form must reproduce the above copyright
     29  *    notice, this list of conditions and the following disclaimer in the
     30  *    documentation and/or other materials provided with the distribution.
     31  * 3. All advertising materials mentioning features or use of this software
     32  *    must display the following acknowledgement:
     33  *    "This product includes cryptographic software written by
     34  *     Eric Young (eay (at) cryptsoft.com)"
     35  *    The word 'cryptographic' can be left out if the rouines from the library
     36  *    being used are not cryptographic related :-).
     37  * 4. If you include any Windows specific code (or a derivative thereof) from
     38  *    the apps directory (application code) you must include an acknowledgement:
     39  *    "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)"
     40  *
     41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
     42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     51  * SUCH DAMAGE.
     52  *
     53  * The licence and distribution terms for any publically available version or
     54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
     55  * copied and put under another distribution licence
     56  * [including the GNU Public Licence.]
     57  */
     58 /* ====================================================================
     59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
     60  *
     61  * Redistribution and use in source and binary forms, with or without
     62  * modification, are permitted provided that the following conditions
     63  * are met:
     64  *
     65  * 1. Redistributions of source code must retain the above copyright
     66  *    notice, this list of conditions and the following disclaimer.
     67  *
     68  * 2. Redistributions in binary form must reproduce the above copyright
     69  *    notice, this list of conditions and the following disclaimer in
     70  *    the documentation and/or other materials provided with the
     71  *    distribution.
     72  *
     73  * 3. All advertising materials mentioning features or use of this
     74  *    software must display the following acknowledgment:
     75  *    "This product includes software developed by the OpenSSL Project
     76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
     77  *
     78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
     79  *    endorse or promote products derived from this software without
     80  *    prior written permission. For written permission, please contact
     81  *    openssl-core (at) openssl.org.
     82  *
     83  * 5. Products derived from this software may not be called "OpenSSL"
     84  *    nor may "OpenSSL" appear in their names without prior written
     85  *    permission of the OpenSSL Project.
     86  *
     87  * 6. Redistributions of any form whatsoever must retain the following
     88  *    acknowledgment:
     89  *    "This product includes software developed by the OpenSSL Project
     90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
     91  *
     92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
     93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
     96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    103  * OF THE POSSIBILITY OF SUCH DAMAGE.
    104  * ====================================================================
    105  *
    106  * This product includes cryptographic software written by Eric Young
    107  * (eay (at) cryptsoft.com).  This product includes software written by Tim
    108  * Hudson (tjh (at) cryptsoft.com).
    109  *
    110  */
    111 /* ====================================================================
    112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
    113  *
    114  * Portions of the attached software ("Contribution") are developed by
    115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
    116  *
    117  * The Contribution is licensed pursuant to the OpenSSL open source
    118  * license provided above.
    119  *
    120  * ECC cipher suite support in OpenSSL originally written by
    121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
    122  *
    123  */
    124 /* ====================================================================
    125  * Copyright 2005 Nokia. All rights reserved.
    126  *
    127  * The portions of the attached software ("Contribution") is developed by
    128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
    129  * license.
    130  *
    131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
    132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
    133  * support (see RFC 4279) to OpenSSL.
    134  *
    135  * No patent licenses or other rights except those expressly stated in
    136  * the OpenSSL open source license shall be deemed granted or received
    137  * expressly, by implication, estoppel, or otherwise.
    138  *
    139  * No assurances are provided by Nokia that the Contribution does not
    140  * infringe the patent or other intellectual property rights of any third
    141  * party or that the license provides you with all the necessary rights
    142  * to make use of the Contribution.
    143  *
    144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
    145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
    146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
    147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
    148  * OTHERWISE.
    149  */
    150 
    151 #include <stdio.h>
    152 #include <openssl/objects.h>
    153 #include "ssl_locl.h"
    154 #include "kssl_lcl.h"
    155 #ifndef OPENSSL_NO_TLSEXT
    156 #ifndef OPENSSL_NO_EC
    157 #include "../crypto/ec/ec_lcl.h"
    158 #endif /* OPENSSL_NO_EC */
    159 #endif /* OPENSSL_NO_TLSEXT */
    160 #include <openssl/md5.h>
    161 #ifndef OPENSSL_NO_DH
    162 #include <openssl/dh.h>
    163 #endif
    164 
    165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
    166 
    167 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
    168 
    169 /* list of available SSLv3 ciphers (sorted by id) */
    170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
    171 
    172 /* The RSA ciphers */
    173 /* Cipher 01 */
    174 	{
    175 	1,
    176 	SSL3_TXT_RSA_NULL_MD5,
    177 	SSL3_CK_RSA_NULL_MD5,
    178 	SSL_kRSA,
    179 	SSL_aRSA,
    180 	SSL_eNULL,
    181 	SSL_MD5,
    182 	SSL_SSLV3,
    183 	SSL_NOT_EXP|SSL_STRONG_NONE,
    184 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    185 	0,
    186 	0,
    187 	},
    188 
    189 /* Cipher 02 */
    190 	{
    191 	1,
    192 	SSL3_TXT_RSA_NULL_SHA,
    193 	SSL3_CK_RSA_NULL_SHA,
    194 	SSL_kRSA,
    195 	SSL_aRSA,
    196 	SSL_eNULL,
    197 	SSL_SHA1,
    198 	SSL_SSLV3,
    199 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
    200 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    201 	0,
    202 	0,
    203 	},
    204 
    205 /* Cipher 03 */
    206 	{
    207 	1,
    208 	SSL3_TXT_RSA_RC4_40_MD5,
    209 	SSL3_CK_RSA_RC4_40_MD5,
    210 	SSL_kRSA,
    211 	SSL_aRSA,
    212 	SSL_RC4,
    213 	SSL_MD5,
    214 	SSL_SSLV3,
    215 	SSL_EXPORT|SSL_EXP40,
    216 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    217 	40,
    218 	128,
    219 	},
    220 
    221 /* Cipher 04 */
    222 	{
    223 	1,
    224 	SSL3_TXT_RSA_RC4_128_MD5,
    225 	SSL3_CK_RSA_RC4_128_MD5,
    226 	SSL_kRSA,
    227 	SSL_aRSA,
    228 	SSL_RC4,
    229 	SSL_MD5,
    230 	SSL_SSLV3,
    231 	SSL_NOT_EXP|SSL_MEDIUM,
    232 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    233 	128,
    234 	128,
    235 	},
    236 
    237 /* Cipher 05 */
    238 	{
    239 	1,
    240 	SSL3_TXT_RSA_RC4_128_SHA,
    241 	SSL3_CK_RSA_RC4_128_SHA,
    242 	SSL_kRSA,
    243 	SSL_aRSA,
    244 	SSL_RC4,
    245 	SSL_SHA1,
    246 	SSL_SSLV3,
    247 	SSL_NOT_EXP|SSL_MEDIUM,
    248 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    249 	128,
    250 	128,
    251 	},
    252 
    253 /* Cipher 06 */
    254 	{
    255 	1,
    256 	SSL3_TXT_RSA_RC2_40_MD5,
    257 	SSL3_CK_RSA_RC2_40_MD5,
    258 	SSL_kRSA,
    259 	SSL_aRSA,
    260 	SSL_RC2,
    261 	SSL_MD5,
    262 	SSL_SSLV3,
    263 	SSL_EXPORT|SSL_EXP40,
    264 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    265 	40,
    266 	128,
    267 	},
    268 
    269 /* Cipher 07 */
    270 #ifndef OPENSSL_NO_IDEA
    271 	{
    272 	1,
    273 	SSL3_TXT_RSA_IDEA_128_SHA,
    274 	SSL3_CK_RSA_IDEA_128_SHA,
    275 	SSL_kRSA,
    276 	SSL_aRSA,
    277 	SSL_IDEA,
    278 	SSL_SHA1,
    279 	SSL_SSLV3,
    280 	SSL_NOT_EXP|SSL_MEDIUM,
    281 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    282 	128,
    283 	128,
    284 	},
    285 #endif
    286 
    287 /* Cipher 08 */
    288 	{
    289 	1,
    290 	SSL3_TXT_RSA_DES_40_CBC_SHA,
    291 	SSL3_CK_RSA_DES_40_CBC_SHA,
    292 	SSL_kRSA,
    293 	SSL_aRSA,
    294 	SSL_DES,
    295 	SSL_SHA1,
    296 	SSL_SSLV3,
    297 	SSL_EXPORT|SSL_EXP40,
    298 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    299 	40,
    300 	56,
    301 	},
    302 
    303 /* Cipher 09 */
    304 	{
    305 	1,
    306 	SSL3_TXT_RSA_DES_64_CBC_SHA,
    307 	SSL3_CK_RSA_DES_64_CBC_SHA,
    308 	SSL_kRSA,
    309 	SSL_aRSA,
    310 	SSL_DES,
    311 	SSL_SHA1,
    312 	SSL_SSLV3,
    313 	SSL_NOT_EXP|SSL_LOW,
    314 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    315 	56,
    316 	56,
    317 	},
    318 
    319 /* Cipher 0A */
    320 	{
    321 	1,
    322 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
    323 	SSL3_CK_RSA_DES_192_CBC3_SHA,
    324 	SSL_kRSA,
    325 	SSL_aRSA,
    326 	SSL_3DES,
    327 	SSL_SHA1,
    328 	SSL_SSLV3,
    329 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    330 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    331 	168,
    332 	168,
    333 	},
    334 
    335 /* The DH ciphers */
    336 /* Cipher 0B */
    337 	{
    338 	0,
    339 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
    340 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
    341 	SSL_kDHd,
    342 	SSL_aDH,
    343 	SSL_DES,
    344 	SSL_SHA1,
    345 	SSL_SSLV3,
    346 	SSL_EXPORT|SSL_EXP40,
    347 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    348 	40,
    349 	56,
    350 	},
    351 
    352 /* Cipher 0C */
    353 	{
    354 	0, /* not implemented (non-ephemeral DH) */
    355 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
    356 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
    357 	SSL_kDHd,
    358 	SSL_aDH,
    359 	SSL_DES,
    360 	SSL_SHA1,
    361 	SSL_SSLV3,
    362 	SSL_NOT_EXP|SSL_LOW,
    363 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    364 	56,
    365 	56,
    366 	},
    367 
    368 /* Cipher 0D */
    369 	{
    370 	0, /* not implemented (non-ephemeral DH) */
    371 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
    372 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
    373 	SSL_kDHd,
    374 	SSL_aDH,
    375 	SSL_3DES,
    376 	SSL_SHA1,
    377 	SSL_SSLV3,
    378 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    379 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    380 	168,
    381 	168,
    382 	},
    383 
    384 /* Cipher 0E */
    385 	{
    386 	0, /* not implemented (non-ephemeral DH) */
    387 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
    388 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
    389 	SSL_kDHr,
    390 	SSL_aDH,
    391 	SSL_DES,
    392 	SSL_SHA1,
    393 	SSL_SSLV3,
    394 	SSL_EXPORT|SSL_EXP40,
    395 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    396 	40,
    397 	56,
    398 	},
    399 
    400 /* Cipher 0F */
    401 	{
    402 	0, /* not implemented (non-ephemeral DH) */
    403 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
    404 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
    405 	SSL_kDHr,
    406 	SSL_aDH,
    407 	SSL_DES,
    408 	SSL_SHA1,
    409 	SSL_SSLV3,
    410 	SSL_NOT_EXP|SSL_LOW,
    411 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    412 	56,
    413 	56,
    414 	},
    415 
    416 /* Cipher 10 */
    417 	{
    418 	0, /* not implemented (non-ephemeral DH) */
    419 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
    420 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
    421 	SSL_kDHr,
    422 	SSL_aDH,
    423 	SSL_3DES,
    424 	SSL_SHA1,
    425 	SSL_SSLV3,
    426 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    427 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    428 	168,
    429 	168,
    430 	},
    431 
    432 /* The Ephemeral DH ciphers */
    433 /* Cipher 11 */
    434 	{
    435 	1,
    436 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
    437 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
    438 	SSL_kEDH,
    439 	SSL_aDSS,
    440 	SSL_DES,
    441 	SSL_SHA1,
    442 	SSL_SSLV3,
    443 	SSL_EXPORT|SSL_EXP40,
    444 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    445 	40,
    446 	56,
    447 	},
    448 
    449 /* Cipher 12 */
    450 	{
    451 	1,
    452 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
    453 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
    454 	SSL_kEDH,
    455 	SSL_aDSS,
    456 	SSL_DES,
    457 	SSL_SHA1,
    458 	SSL_SSLV3,
    459 	SSL_NOT_EXP|SSL_LOW,
    460 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    461 	56,
    462 	56,
    463 	},
    464 
    465 /* Cipher 13 */
    466 	{
    467 	1,
    468 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
    469 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
    470 	SSL_kEDH,
    471 	SSL_aDSS,
    472 	SSL_3DES,
    473 	SSL_SHA1,
    474 	SSL_SSLV3,
    475 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    476 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    477 	168,
    478 	168,
    479 	},
    480 
    481 /* Cipher 14 */
    482 	{
    483 	1,
    484 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
    485 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
    486 	SSL_kEDH,
    487 	SSL_aRSA,
    488 	SSL_DES,
    489 	SSL_SHA1,
    490 	SSL_SSLV3,
    491 	SSL_EXPORT|SSL_EXP40,
    492 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    493 	40,
    494 	56,
    495 	},
    496 
    497 /* Cipher 15 */
    498 	{
    499 	1,
    500 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
    501 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
    502 	SSL_kEDH,
    503 	SSL_aRSA,
    504 	SSL_DES,
    505 	SSL_SHA1,
    506 	SSL_SSLV3,
    507 	SSL_NOT_EXP|SSL_LOW,
    508 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    509 	56,
    510 	56,
    511 	},
    512 
    513 /* Cipher 16 */
    514 	{
    515 	1,
    516 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
    517 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
    518 	SSL_kEDH,
    519 	SSL_aRSA,
    520 	SSL_3DES,
    521 	SSL_SHA1,
    522 	SSL_SSLV3,
    523 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    524 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    525 	168,
    526 	168,
    527 	},
    528 
    529 /* Cipher 17 */
    530 	{
    531 	1,
    532 	SSL3_TXT_ADH_RC4_40_MD5,
    533 	SSL3_CK_ADH_RC4_40_MD5,
    534 	SSL_kEDH,
    535 	SSL_aNULL,
    536 	SSL_RC4,
    537 	SSL_MD5,
    538 	SSL_SSLV3,
    539 	SSL_EXPORT|SSL_EXP40,
    540 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    541 	40,
    542 	128,
    543 	},
    544 
    545 /* Cipher 18 */
    546 	{
    547 	1,
    548 	SSL3_TXT_ADH_RC4_128_MD5,
    549 	SSL3_CK_ADH_RC4_128_MD5,
    550 	SSL_kEDH,
    551 	SSL_aNULL,
    552 	SSL_RC4,
    553 	SSL_MD5,
    554 	SSL_SSLV3,
    555 	SSL_NOT_EXP|SSL_MEDIUM,
    556 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    557 	128,
    558 	128,
    559 	},
    560 
    561 /* Cipher 19 */
    562 	{
    563 	1,
    564 	SSL3_TXT_ADH_DES_40_CBC_SHA,
    565 	SSL3_CK_ADH_DES_40_CBC_SHA,
    566 	SSL_kEDH,
    567 	SSL_aNULL,
    568 	SSL_DES,
    569 	SSL_SHA1,
    570 	SSL_SSLV3,
    571 	SSL_EXPORT|SSL_EXP40,
    572 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    573 	40,
    574 	128,
    575 	},
    576 
    577 /* Cipher 1A */
    578 	{
    579 	1,
    580 	SSL3_TXT_ADH_DES_64_CBC_SHA,
    581 	SSL3_CK_ADH_DES_64_CBC_SHA,
    582 	SSL_kEDH,
    583 	SSL_aNULL,
    584 	SSL_DES,
    585 	SSL_SHA1,
    586 	SSL_SSLV3,
    587 	SSL_NOT_EXP|SSL_LOW,
    588 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    589 	56,
    590 	56,
    591 	},
    592 
    593 /* Cipher 1B */
    594 	{
    595 	1,
    596 	SSL3_TXT_ADH_DES_192_CBC_SHA,
    597 	SSL3_CK_ADH_DES_192_CBC_SHA,
    598 	SSL_kEDH,
    599 	SSL_aNULL,
    600 	SSL_3DES,
    601 	SSL_SHA1,
    602 	SSL_SSLV3,
    603 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    604 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    605 	168,
    606 	168,
    607 	},
    608 
    609 /* Fortezza ciphersuite from SSL 3.0 spec */
    610 #if 0
    611 /* Cipher 1C */
    612 	{
    613 	0,
    614 	SSL3_TXT_FZA_DMS_NULL_SHA,
    615 	SSL3_CK_FZA_DMS_NULL_SHA,
    616 	SSL_kFZA,
    617 	SSL_aFZA,
    618 	SSL_eNULL,
    619 	SSL_SHA1,
    620 	SSL_SSLV3,
    621 	SSL_NOT_EXP|SSL_STRONG_NONE,
    622 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    623 	0,
    624 	0,
    625 	},
    626 
    627 /* Cipher 1D */
    628 	{
    629 	0,
    630 	SSL3_TXT_FZA_DMS_FZA_SHA,
    631 	SSL3_CK_FZA_DMS_FZA_SHA,
    632 	SSL_kFZA,
    633 	SSL_aFZA,
    634 	SSL_eFZA,
    635 	SSL_SHA1,
    636 	SSL_SSLV3,
    637 	SSL_NOT_EXP|SSL_STRONG_NONE,
    638 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    639 	0,
    640 	0,
    641 	},
    642 
    643 /* Cipher 1E */
    644 	{
    645 	0,
    646 	SSL3_TXT_FZA_DMS_RC4_SHA,
    647 	SSL3_CK_FZA_DMS_RC4_SHA,
    648 	SSL_kFZA,
    649 	SSL_aFZA,
    650 	SSL_RC4,
    651 	SSL_SHA1,
    652 	SSL_SSLV3,
    653 	SSL_NOT_EXP|SSL_MEDIUM,
    654 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    655 	128,
    656 	128,
    657 	},
    658 #endif
    659 
    660 #ifndef OPENSSL_NO_KRB5
    661 /* The Kerberos ciphers*/
    662 /* Cipher 1E */
    663 	{
    664 	1,
    665 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
    666 	SSL3_CK_KRB5_DES_64_CBC_SHA,
    667 	SSL_kKRB5,
    668 	SSL_aKRB5,
    669 	SSL_DES,
    670 	SSL_SHA1,
    671 	SSL_SSLV3,
    672 	SSL_NOT_EXP|SSL_LOW,
    673 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    674 	56,
    675 	56,
    676 	},
    677 
    678 /* Cipher 1F */
    679 	{
    680 	1,
    681 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
    682 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
    683 	SSL_kKRB5,
    684 	SSL_aKRB5,
    685 	SSL_3DES,
    686 	SSL_SHA1,
    687 	SSL_SSLV3,
    688 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    689 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    690 	168,
    691 	168,
    692 	},
    693 
    694 /* Cipher 20 */
    695 	{
    696 	1,
    697 	SSL3_TXT_KRB5_RC4_128_SHA,
    698 	SSL3_CK_KRB5_RC4_128_SHA,
    699 	SSL_kKRB5,
    700 	SSL_aKRB5,
    701 	SSL_RC4,
    702 	SSL_SHA1,
    703 	SSL_SSLV3,
    704 	SSL_NOT_EXP|SSL_MEDIUM,
    705 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    706 	128,
    707 	128,
    708 	},
    709 
    710 /* Cipher 21 */
    711 	{
    712 	1,
    713 	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
    714 	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
    715 	SSL_kKRB5,
    716 	SSL_aKRB5,
    717 	SSL_IDEA,
    718 	SSL_SHA1,
    719 	SSL_SSLV3,
    720 	SSL_NOT_EXP|SSL_MEDIUM,
    721 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    722 	128,
    723 	128,
    724 	},
    725 
    726 /* Cipher 22 */
    727 	{
    728 	1,
    729 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
    730 	SSL3_CK_KRB5_DES_64_CBC_MD5,
    731 	SSL_kKRB5,
    732 	SSL_aKRB5,
    733 	SSL_DES,
    734 	SSL_MD5,
    735 	SSL_SSLV3,
    736 	SSL_NOT_EXP|SSL_LOW,
    737 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    738 	56,
    739 	56,
    740 	},
    741 
    742 /* Cipher 23 */
    743 	{
    744 	1,
    745 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
    746 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
    747 	SSL_kKRB5,
    748 	SSL_aKRB5,
    749 	SSL_3DES,
    750 	SSL_MD5,
    751 	SSL_SSLV3,
    752 	SSL_NOT_EXP|SSL_HIGH,
    753 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    754 	168,
    755 	168,
    756 	},
    757 
    758 /* Cipher 24 */
    759 	{
    760 	1,
    761 	SSL3_TXT_KRB5_RC4_128_MD5,
    762 	SSL3_CK_KRB5_RC4_128_MD5,
    763 	SSL_kKRB5,
    764 	SSL_aKRB5,
    765 	SSL_RC4,
    766 	SSL_MD5,
    767 	SSL_SSLV3,
    768 	SSL_NOT_EXP|SSL_MEDIUM,
    769 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    770 	128,
    771 	128,
    772 	},
    773 
    774 /* Cipher 25 */
    775 	{
    776 	1,
    777 	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
    778 	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
    779 	SSL_kKRB5,
    780 	SSL_aKRB5,
    781 	SSL_IDEA,
    782 	SSL_MD5,
    783 	SSL_SSLV3,
    784 	SSL_NOT_EXP|SSL_MEDIUM,
    785 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    786 	128,
    787 	128,
    788 	},
    789 
    790 /* Cipher 26 */
    791 	{
    792 	1,
    793 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
    794 	SSL3_CK_KRB5_DES_40_CBC_SHA,
    795 	SSL_kKRB5,
    796 	SSL_aKRB5,
    797 	SSL_DES,
    798 	SSL_SHA1,
    799 	SSL_SSLV3,
    800 	SSL_EXPORT|SSL_EXP40,
    801 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    802 	40,
    803 	56,
    804 	},
    805 
    806 /* Cipher 27 */
    807 	{
    808 	1,
    809 	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
    810 	SSL3_CK_KRB5_RC2_40_CBC_SHA,
    811 	SSL_kKRB5,
    812 	SSL_aKRB5,
    813 	SSL_RC2,
    814 	SSL_SHA1,
    815 	SSL_SSLV3,
    816 	SSL_EXPORT|SSL_EXP40,
    817 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    818 	40,
    819 	128,
    820 	},
    821 
    822 /* Cipher 28 */
    823 	{
    824 	1,
    825 	SSL3_TXT_KRB5_RC4_40_SHA,
    826 	SSL3_CK_KRB5_RC4_40_SHA,
    827 	SSL_kKRB5,
    828 	SSL_aKRB5,
    829 	SSL_RC4,
    830 	SSL_SHA1,
    831 	SSL_SSLV3,
    832 	SSL_EXPORT|SSL_EXP40,
    833 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    834 	40,
    835 	128,
    836 	},
    837 
    838 /* Cipher 29 */
    839 	{
    840 	1,
    841 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
    842 	SSL3_CK_KRB5_DES_40_CBC_MD5,
    843 	SSL_kKRB5,
    844 	SSL_aKRB5,
    845 	SSL_DES,
    846 	SSL_MD5,
    847 	SSL_SSLV3,
    848 	SSL_EXPORT|SSL_EXP40,
    849 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    850 	40,
    851 	56,
    852 	},
    853 
    854 /* Cipher 2A */
    855 	{
    856 	1,
    857 	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
    858 	SSL3_CK_KRB5_RC2_40_CBC_MD5,
    859 	SSL_kKRB5,
    860 	SSL_aKRB5,
    861 	SSL_RC2,
    862 	SSL_MD5,
    863 	SSL_SSLV3,
    864 	SSL_EXPORT|SSL_EXP40,
    865 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    866 	40,
    867 	128,
    868 	},
    869 
    870 /* Cipher 2B */
    871 	{
    872 	1,
    873 	SSL3_TXT_KRB5_RC4_40_MD5,
    874 	SSL3_CK_KRB5_RC4_40_MD5,
    875 	SSL_kKRB5,
    876 	SSL_aKRB5,
    877 	SSL_RC4,
    878 	SSL_MD5,
    879 	SSL_SSLV3,
    880 	SSL_EXPORT|SSL_EXP40,
    881 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    882 	40,
    883 	128,
    884 	},
    885 #endif	/* OPENSSL_NO_KRB5 */
    886 
    887 /* New AES ciphersuites */
    888 /* Cipher 2F */
    889 	{
    890 	1,
    891 	TLS1_TXT_RSA_WITH_AES_128_SHA,
    892 	TLS1_CK_RSA_WITH_AES_128_SHA,
    893 	SSL_kRSA,
    894 	SSL_aRSA,
    895 	SSL_AES128,
    896 	SSL_SHA1,
    897 	SSL_TLSV1,
    898 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    899 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    900 	128,
    901 	128,
    902 	},
    903 /* Cipher 30 */
    904 	{
    905 	0,
    906 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
    907 	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
    908 	SSL_kDHd,
    909 	SSL_aDH,
    910 	SSL_AES128,
    911 	SSL_SHA1,
    912 	SSL_TLSV1,
    913 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    914 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    915 	128,
    916 	128,
    917 	},
    918 /* Cipher 31 */
    919 	{
    920 	0,
    921 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
    922 	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
    923 	SSL_kDHr,
    924 	SSL_aDH,
    925 	SSL_AES128,
    926 	SSL_SHA1,
    927 	SSL_TLSV1,
    928 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    929 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    930 	128,
    931 	128,
    932 	},
    933 /* Cipher 32 */
    934 	{
    935 	1,
    936 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
    937 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
    938 	SSL_kEDH,
    939 	SSL_aDSS,
    940 	SSL_AES128,
    941 	SSL_SHA1,
    942 	SSL_TLSV1,
    943 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    944 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    945 	128,
    946 	128,
    947 	},
    948 /* Cipher 33 */
    949 	{
    950 	1,
    951 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
    952 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
    953 	SSL_kEDH,
    954 	SSL_aRSA,
    955 	SSL_AES128,
    956 	SSL_SHA1,
    957 	SSL_TLSV1,
    958 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    959 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    960 	128,
    961 	128,
    962 	},
    963 /* Cipher 34 */
    964 	{
    965 	1,
    966 	TLS1_TXT_ADH_WITH_AES_128_SHA,
    967 	TLS1_CK_ADH_WITH_AES_128_SHA,
    968 	SSL_kEDH,
    969 	SSL_aNULL,
    970 	SSL_AES128,
    971 	SSL_SHA1,
    972 	SSL_TLSV1,
    973 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    974 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    975 	128,
    976 	128,
    977 	},
    978 
    979 /* Cipher 35 */
    980 	{
    981 	1,
    982 	TLS1_TXT_RSA_WITH_AES_256_SHA,
    983 	TLS1_CK_RSA_WITH_AES_256_SHA,
    984 	SSL_kRSA,
    985 	SSL_aRSA,
    986 	SSL_AES256,
    987 	SSL_SHA1,
    988 	SSL_TLSV1,
    989 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    990 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    991 	256,
    992 	256,
    993 	},
    994 /* Cipher 36 */
    995 	{
    996 	0,
    997 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
    998 	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
    999 	SSL_kDHd,
   1000 	SSL_aDH,
   1001 	SSL_AES256,
   1002 	SSL_SHA1,
   1003 	SSL_TLSV1,
   1004 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1005 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1006 	256,
   1007 	256,
   1008 	},
   1009 
   1010 /* Cipher 37 */
   1011 	{
   1012 	0, /* not implemented (non-ephemeral DH) */
   1013 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
   1014 	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
   1015 	SSL_kDHr,
   1016 	SSL_aDH,
   1017 	SSL_AES256,
   1018 	SSL_SHA1,
   1019 	SSL_TLSV1,
   1020 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1021 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1022 	256,
   1023 	256,
   1024 	},
   1025 
   1026 /* Cipher 38 */
   1027 	{
   1028 	1,
   1029 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
   1030 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
   1031 	SSL_kEDH,
   1032 	SSL_aDSS,
   1033 	SSL_AES256,
   1034 	SSL_SHA1,
   1035 	SSL_TLSV1,
   1036 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1037 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1038 	256,
   1039 	256,
   1040 	},
   1041 
   1042 /* Cipher 39 */
   1043 	{
   1044 	1,
   1045 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
   1046 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
   1047 	SSL_kEDH,
   1048 	SSL_aRSA,
   1049 	SSL_AES256,
   1050 	SSL_SHA1,
   1051 	SSL_TLSV1,
   1052 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1053 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1054 	256,
   1055 	256,
   1056 	},
   1057 
   1058 	/* Cipher 3A */
   1059 	{
   1060 	1,
   1061 	TLS1_TXT_ADH_WITH_AES_256_SHA,
   1062 	TLS1_CK_ADH_WITH_AES_256_SHA,
   1063 	SSL_kEDH,
   1064 	SSL_aNULL,
   1065 	SSL_AES256,
   1066 	SSL_SHA1,
   1067 	SSL_TLSV1,
   1068 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1069 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1070 	256,
   1071 	256,
   1072 	},
   1073 
   1074 	/* TLS v1.2 ciphersuites */
   1075 	/* Cipher 3B */
   1076 	{
   1077 	1,
   1078 	TLS1_TXT_RSA_WITH_NULL_SHA256,
   1079 	TLS1_CK_RSA_WITH_NULL_SHA256,
   1080 	SSL_kRSA,
   1081 	SSL_aRSA,
   1082 	SSL_eNULL,
   1083 	SSL_SHA256,
   1084 	SSL_TLSV1_2,
   1085 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   1086 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1087 	0,
   1088 	0,
   1089 	},
   1090 
   1091 	/* Cipher 3C */
   1092 	{
   1093 	1,
   1094 	TLS1_TXT_RSA_WITH_AES_128_SHA256,
   1095 	TLS1_CK_RSA_WITH_AES_128_SHA256,
   1096 	SSL_kRSA,
   1097 	SSL_aRSA,
   1098 	SSL_AES128,
   1099 	SSL_SHA256,
   1100 	SSL_TLSV1_2,
   1101 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1102 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1103 	128,
   1104 	128,
   1105 	},
   1106 
   1107 	/* Cipher 3D */
   1108 	{
   1109 	1,
   1110 	TLS1_TXT_RSA_WITH_AES_256_SHA256,
   1111 	TLS1_CK_RSA_WITH_AES_256_SHA256,
   1112 	SSL_kRSA,
   1113 	SSL_aRSA,
   1114 	SSL_AES256,
   1115 	SSL_SHA256,
   1116 	SSL_TLSV1_2,
   1117 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1118 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1119 	256,
   1120 	256,
   1121 	},
   1122 
   1123 	/* Cipher 3E */
   1124 	{
   1125 	0, /* not implemented (non-ephemeral DH) */
   1126 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
   1127 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
   1128 	SSL_kDHd,
   1129 	SSL_aDH,
   1130 	SSL_AES128,
   1131 	SSL_SHA256,
   1132 	SSL_TLSV1_2,
   1133 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1134 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1135 	128,
   1136 	128,
   1137 	},
   1138 
   1139 	/* Cipher 3F */
   1140 	{
   1141 	0, /* not implemented (non-ephemeral DH) */
   1142 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
   1143 	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
   1144 	SSL_kDHr,
   1145 	SSL_aDH,
   1146 	SSL_AES128,
   1147 	SSL_SHA256,
   1148 	SSL_TLSV1_2,
   1149 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1150 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1151 	128,
   1152 	128,
   1153 	},
   1154 
   1155 	/* Cipher 40 */
   1156 	{
   1157 	1,
   1158 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
   1159 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
   1160 	SSL_kEDH,
   1161 	SSL_aDSS,
   1162 	SSL_AES128,
   1163 	SSL_SHA256,
   1164 	SSL_TLSV1_2,
   1165 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1166 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1167 	128,
   1168 	128,
   1169 	},
   1170 
   1171 #ifndef OPENSSL_NO_CAMELLIA
   1172 	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
   1173 
   1174 	/* Cipher 41 */
   1175 	{
   1176 	1,
   1177 	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1178 	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1179 	SSL_kRSA,
   1180 	SSL_aRSA,
   1181 	SSL_CAMELLIA128,
   1182 	SSL_SHA1,
   1183 	SSL_TLSV1,
   1184 	SSL_NOT_EXP|SSL_HIGH,
   1185 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1186 	128,
   1187 	128,
   1188 	},
   1189 
   1190 	/* Cipher 42 */
   1191 	{
   1192 	0, /* not implemented (non-ephemeral DH) */
   1193 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1194 	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1195 	SSL_kDHd,
   1196 	SSL_aDH,
   1197 	SSL_CAMELLIA128,
   1198 	SSL_SHA1,
   1199 	SSL_TLSV1,
   1200 	SSL_NOT_EXP|SSL_HIGH,
   1201 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1202 	128,
   1203 	128,
   1204 	},
   1205 
   1206 	/* Cipher 43 */
   1207 	{
   1208 	0, /* not implemented (non-ephemeral DH) */
   1209 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1210 	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1211 	SSL_kDHr,
   1212 	SSL_aDH,
   1213 	SSL_CAMELLIA128,
   1214 	SSL_SHA1,
   1215 	SSL_TLSV1,
   1216 	SSL_NOT_EXP|SSL_HIGH,
   1217 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1218 	128,
   1219 	128,
   1220 	},
   1221 
   1222 	/* Cipher 44 */
   1223 	{
   1224 	1,
   1225 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1226 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1227 	SSL_kEDH,
   1228 	SSL_aDSS,
   1229 	SSL_CAMELLIA128,
   1230 	SSL_SHA1,
   1231 	SSL_TLSV1,
   1232 	SSL_NOT_EXP|SSL_HIGH,
   1233 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1234 	128,
   1235 	128,
   1236 	},
   1237 
   1238 	/* Cipher 45 */
   1239 	{
   1240 	1,
   1241 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1242 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1243 	SSL_kEDH,
   1244 	SSL_aRSA,
   1245 	SSL_CAMELLIA128,
   1246 	SSL_SHA1,
   1247 	SSL_TLSV1,
   1248 	SSL_NOT_EXP|SSL_HIGH,
   1249 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1250 	128,
   1251 	128,
   1252 	},
   1253 
   1254 	/* Cipher 46 */
   1255 	{
   1256 	1,
   1257 	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
   1258 	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
   1259 	SSL_kEDH,
   1260 	SSL_aNULL,
   1261 	SSL_CAMELLIA128,
   1262 	SSL_SHA1,
   1263 	SSL_TLSV1,
   1264 	SSL_NOT_EXP|SSL_HIGH,
   1265 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1266 	128,
   1267 	128,
   1268 	},
   1269 #endif /* OPENSSL_NO_CAMELLIA */
   1270 
   1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
   1272 	/* New TLS Export CipherSuites from expired ID */
   1273 #if 0
   1274 	/* Cipher 60 */
   1275 	{
   1276 	1,
   1277 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
   1278 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
   1279 	SSL_kRSA,
   1280 	SSL_aRSA,
   1281 	SSL_RC4,
   1282 	SSL_MD5,
   1283 	SSL_TLSV1,
   1284 	SSL_EXPORT|SSL_EXP56,
   1285 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1286 	56,
   1287 	128,
   1288 	},
   1289 
   1290 	/* Cipher 61 */
   1291 	{
   1292 	1,
   1293 	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
   1294 	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
   1295 	SSL_kRSA,
   1296 	SSL_aRSA,
   1297 	SSL_RC2,
   1298 	SSL_MD5,
   1299 	SSL_TLSV1,
   1300 	SSL_EXPORT|SSL_EXP56,
   1301 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1302 	56,
   1303 	128,
   1304 	},
   1305 #endif
   1306 
   1307 	/* Cipher 62 */
   1308 	{
   1309 	1,
   1310 	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
   1311 	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
   1312 	SSL_kRSA,
   1313 	SSL_aRSA,
   1314 	SSL_DES,
   1315 	SSL_SHA1,
   1316 	SSL_TLSV1,
   1317 	SSL_EXPORT|SSL_EXP56,
   1318 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1319 	56,
   1320 	56,
   1321 	},
   1322 
   1323 	/* Cipher 63 */
   1324 	{
   1325 	1,
   1326 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
   1327 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
   1328 	SSL_kEDH,
   1329 	SSL_aDSS,
   1330 	SSL_DES,
   1331 	SSL_SHA1,
   1332 	SSL_TLSV1,
   1333 	SSL_EXPORT|SSL_EXP56,
   1334 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1335 	56,
   1336 	56,
   1337 	},
   1338 
   1339 	/* Cipher 64 */
   1340 	{
   1341 	1,
   1342 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
   1343 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
   1344 	SSL_kRSA,
   1345 	SSL_aRSA,
   1346 	SSL_RC4,
   1347 	SSL_SHA1,
   1348 	SSL_TLSV1,
   1349 	SSL_EXPORT|SSL_EXP56,
   1350 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1351 	56,
   1352 	128,
   1353 	},
   1354 
   1355 	/* Cipher 65 */
   1356 	{
   1357 	1,
   1358 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
   1359 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
   1360 	SSL_kEDH,
   1361 	SSL_aDSS,
   1362 	SSL_RC4,
   1363 	SSL_SHA1,
   1364 	SSL_TLSV1,
   1365 	SSL_EXPORT|SSL_EXP56,
   1366 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1367 	56,
   1368 	128,
   1369 	},
   1370 
   1371 	/* Cipher 66 */
   1372 	{
   1373 	1,
   1374 	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
   1375 	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
   1376 	SSL_kEDH,
   1377 	SSL_aDSS,
   1378 	SSL_RC4,
   1379 	SSL_SHA1,
   1380 	SSL_TLSV1,
   1381 	SSL_NOT_EXP|SSL_MEDIUM,
   1382 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1383 	128,
   1384 	128,
   1385 	},
   1386 #endif
   1387 
   1388 	/* TLS v1.2 ciphersuites */
   1389 	/* Cipher 67 */
   1390 	{
   1391 	1,
   1392 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
   1393 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
   1394 	SSL_kEDH,
   1395 	SSL_aRSA,
   1396 	SSL_AES128,
   1397 	SSL_SHA256,
   1398 	SSL_TLSV1_2,
   1399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1401 	128,
   1402 	128,
   1403 	},
   1404 
   1405 	/* Cipher 68 */
   1406 	{
   1407 	0, /* not implemented (non-ephemeral DH) */
   1408 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
   1409 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
   1410 	SSL_kDHd,
   1411 	SSL_aDH,
   1412 	SSL_AES256,
   1413 	SSL_SHA256,
   1414 	SSL_TLSV1_2,
   1415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1417 	256,
   1418 	256,
   1419 	},
   1420 
   1421 	/* Cipher 69 */
   1422 	{
   1423 	0, /* not implemented (non-ephemeral DH) */
   1424 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
   1425 	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
   1426 	SSL_kDHr,
   1427 	SSL_aDH,
   1428 	SSL_AES256,
   1429 	SSL_SHA256,
   1430 	SSL_TLSV1_2,
   1431 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1432 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1433 	256,
   1434 	256,
   1435 	},
   1436 
   1437 	/* Cipher 6A */
   1438 	{
   1439 	1,
   1440 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
   1441 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
   1442 	SSL_kEDH,
   1443 	SSL_aDSS,
   1444 	SSL_AES256,
   1445 	SSL_SHA256,
   1446 	SSL_TLSV1_2,
   1447 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1448 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1449 	256,
   1450 	256,
   1451 	},
   1452 
   1453 	/* Cipher 6B */
   1454 	{
   1455 	1,
   1456 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
   1457 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
   1458 	SSL_kEDH,
   1459 	SSL_aRSA,
   1460 	SSL_AES256,
   1461 	SSL_SHA256,
   1462 	SSL_TLSV1_2,
   1463 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1464 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1465 	256,
   1466 	256,
   1467 	},
   1468 
   1469 	/* Cipher 6C */
   1470 	{
   1471 	1,
   1472 	TLS1_TXT_ADH_WITH_AES_128_SHA256,
   1473 	TLS1_CK_ADH_WITH_AES_128_SHA256,
   1474 	SSL_kEDH,
   1475 	SSL_aNULL,
   1476 	SSL_AES128,
   1477 	SSL_SHA256,
   1478 	SSL_TLSV1_2,
   1479 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1480 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1481 	128,
   1482 	128,
   1483 	},
   1484 
   1485 	/* Cipher 6D */
   1486 	{
   1487 	1,
   1488 	TLS1_TXT_ADH_WITH_AES_256_SHA256,
   1489 	TLS1_CK_ADH_WITH_AES_256_SHA256,
   1490 	SSL_kEDH,
   1491 	SSL_aNULL,
   1492 	SSL_AES256,
   1493 	SSL_SHA256,
   1494 	SSL_TLSV1_2,
   1495 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1496 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1497 	256,
   1498 	256,
   1499 	},
   1500 
   1501 	/* GOST Ciphersuites */
   1502 
   1503 	{
   1504 	1,
   1505 	"GOST94-GOST89-GOST89",
   1506 	0x3000080,
   1507 	SSL_kGOST,
   1508 	SSL_aGOST94,
   1509 	SSL_eGOST2814789CNT,
   1510 	SSL_GOST89MAC,
   1511 	SSL_TLSV1,
   1512 	SSL_NOT_EXP|SSL_HIGH,
   1513 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
   1514 	256,
   1515 	256
   1516 	},
   1517 	{
   1518 	1,
   1519 	"GOST2001-GOST89-GOST89",
   1520 	0x3000081,
   1521 	SSL_kGOST,
   1522 	SSL_aGOST01,
   1523 	SSL_eGOST2814789CNT,
   1524 	SSL_GOST89MAC,
   1525 	SSL_TLSV1,
   1526 	SSL_NOT_EXP|SSL_HIGH,
   1527 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
   1528 	256,
   1529 	256
   1530 	},
   1531 	{
   1532 	1,
   1533 	"GOST94-NULL-GOST94",
   1534 	0x3000082,
   1535 	SSL_kGOST,
   1536 	SSL_aGOST94,
   1537 	SSL_eNULL,
   1538 	SSL_GOST94,
   1539 	SSL_TLSV1,
   1540 	SSL_NOT_EXP|SSL_STRONG_NONE,
   1541 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
   1542 	0,
   1543 	0
   1544 	},
   1545 	{
   1546 	1,
   1547 	"GOST2001-NULL-GOST94",
   1548 	0x3000083,
   1549 	SSL_kGOST,
   1550 	SSL_aGOST01,
   1551 	SSL_eNULL,
   1552 	SSL_GOST94,
   1553 	SSL_TLSV1,
   1554 	SSL_NOT_EXP|SSL_STRONG_NONE,
   1555 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
   1556 	0,
   1557 	0
   1558 	},
   1559 
   1560 #ifndef OPENSSL_NO_CAMELLIA
   1561 	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
   1562 
   1563 	/* Cipher 84 */
   1564 	{
   1565 	1,
   1566 	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1567 	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1568 	SSL_kRSA,
   1569 	SSL_aRSA,
   1570 	SSL_CAMELLIA256,
   1571 	SSL_SHA1,
   1572 	SSL_TLSV1,
   1573 	SSL_NOT_EXP|SSL_HIGH,
   1574 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1575 	256,
   1576 	256,
   1577 	},
   1578 	/* Cipher 85 */
   1579 	{
   1580 	0, /* not implemented (non-ephemeral DH) */
   1581 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1582 	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1583 	SSL_kDHd,
   1584 	SSL_aDH,
   1585 	SSL_CAMELLIA256,
   1586 	SSL_SHA1,
   1587 	SSL_TLSV1,
   1588 	SSL_NOT_EXP|SSL_HIGH,
   1589 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1590 	256,
   1591 	256,
   1592 	},
   1593 
   1594 	/* Cipher 86 */
   1595 	{
   1596 	0, /* not implemented (non-ephemeral DH) */
   1597 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1598 	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1599 	SSL_kDHr,
   1600 	SSL_aDH,
   1601 	SSL_CAMELLIA256,
   1602 	SSL_SHA1,
   1603 	SSL_TLSV1,
   1604 	SSL_NOT_EXP|SSL_HIGH,
   1605 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1606 	256,
   1607 	256,
   1608 	},
   1609 
   1610 	/* Cipher 87 */
   1611 	{
   1612 	1,
   1613 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1614 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1615 	SSL_kEDH,
   1616 	SSL_aDSS,
   1617 	SSL_CAMELLIA256,
   1618 	SSL_SHA1,
   1619 	SSL_TLSV1,
   1620 	SSL_NOT_EXP|SSL_HIGH,
   1621 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1622 	256,
   1623 	256,
   1624 	},
   1625 
   1626 	/* Cipher 88 */
   1627 	{
   1628 	1,
   1629 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1630 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1631 	SSL_kEDH,
   1632 	SSL_aRSA,
   1633 	SSL_CAMELLIA256,
   1634 	SSL_SHA1,
   1635 	SSL_TLSV1,
   1636 	SSL_NOT_EXP|SSL_HIGH,
   1637 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1638 	256,
   1639 	256,
   1640 	},
   1641 
   1642 	/* Cipher 89 */
   1643 	{
   1644 	1,
   1645 	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
   1646 	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
   1647 	SSL_kEDH,
   1648 	SSL_aNULL,
   1649 	SSL_CAMELLIA256,
   1650 	SSL_SHA1,
   1651 	SSL_TLSV1,
   1652 	SSL_NOT_EXP|SSL_HIGH,
   1653 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1654 	256,
   1655 	256,
   1656 	},
   1657 #endif /* OPENSSL_NO_CAMELLIA */
   1658 
   1659 #ifndef OPENSSL_NO_PSK
   1660 	/* Cipher 8A */
   1661 	{
   1662 	1,
   1663 	TLS1_TXT_PSK_WITH_RC4_128_SHA,
   1664 	TLS1_CK_PSK_WITH_RC4_128_SHA,
   1665 	SSL_kPSK,
   1666 	SSL_aPSK,
   1667 	SSL_RC4,
   1668 	SSL_SHA1,
   1669 	SSL_TLSV1,
   1670 	SSL_NOT_EXP|SSL_MEDIUM,
   1671 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1672 	128,
   1673 	128,
   1674 	},
   1675 
   1676 	/* Cipher 8B */
   1677 	{
   1678 	1,
   1679 	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
   1680 	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
   1681 	SSL_kPSK,
   1682 	SSL_aPSK,
   1683 	SSL_3DES,
   1684 	SSL_SHA1,
   1685 	SSL_TLSV1,
   1686 	SSL_NOT_EXP|SSL_HIGH,
   1687 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1688 	168,
   1689 	168,
   1690 	},
   1691 
   1692 	/* Cipher 8C */
   1693 	{
   1694 	1,
   1695 	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
   1696 	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
   1697 	SSL_kPSK,
   1698 	SSL_aPSK,
   1699 	SSL_AES128,
   1700 	SSL_SHA1,
   1701 	SSL_TLSV1,
   1702 	SSL_NOT_EXP|SSL_HIGH,
   1703 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1704 	128,
   1705 	128,
   1706 	},
   1707 
   1708 	/* Cipher 8D */
   1709 	{
   1710 	1,
   1711 	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
   1712 	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
   1713 	SSL_kPSK,
   1714 	SSL_aPSK,
   1715 	SSL_AES256,
   1716 	SSL_SHA1,
   1717 	SSL_TLSV1,
   1718 	SSL_NOT_EXP|SSL_HIGH,
   1719 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1720 	256,
   1721 	256,
   1722 	},
   1723 #endif  /* OPENSSL_NO_PSK */
   1724 
   1725 #ifndef OPENSSL_NO_SEED
   1726 	/* SEED ciphersuites from RFC4162 */
   1727 
   1728 	/* Cipher 96 */
   1729 	{
   1730 	1,
   1731 	TLS1_TXT_RSA_WITH_SEED_SHA,
   1732 	TLS1_CK_RSA_WITH_SEED_SHA,
   1733 	SSL_kRSA,
   1734 	SSL_aRSA,
   1735 	SSL_SEED,
   1736 	SSL_SHA1,
   1737 	SSL_TLSV1,
   1738 	SSL_NOT_EXP|SSL_MEDIUM,
   1739 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1740 	128,
   1741 	128,
   1742 	},
   1743 
   1744 	/* Cipher 97 */
   1745 	{
   1746 	0, /* not implemented (non-ephemeral DH) */
   1747 	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
   1748 	TLS1_CK_DH_DSS_WITH_SEED_SHA,
   1749 	SSL_kDHd,
   1750 	SSL_aDH,
   1751 	SSL_SEED,
   1752 	SSL_SHA1,
   1753 	SSL_TLSV1,
   1754 	SSL_NOT_EXP|SSL_MEDIUM,
   1755 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1756 	128,
   1757 	128,
   1758 	},
   1759 
   1760 	/* Cipher 98 */
   1761 	{
   1762 	0, /* not implemented (non-ephemeral DH) */
   1763 	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
   1764 	TLS1_CK_DH_RSA_WITH_SEED_SHA,
   1765 	SSL_kDHr,
   1766 	SSL_aDH,
   1767 	SSL_SEED,
   1768 	SSL_SHA1,
   1769 	SSL_TLSV1,
   1770 	SSL_NOT_EXP|SSL_MEDIUM,
   1771 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1772 	128,
   1773 	128,
   1774 	},
   1775 
   1776 	/* Cipher 99 */
   1777 	{
   1778 	1,
   1779 	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
   1780 	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
   1781 	SSL_kEDH,
   1782 	SSL_aDSS,
   1783 	SSL_SEED,
   1784 	SSL_SHA1,
   1785 	SSL_TLSV1,
   1786 	SSL_NOT_EXP|SSL_MEDIUM,
   1787 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1788 	128,
   1789 	128,
   1790 	},
   1791 
   1792 	/* Cipher 9A */
   1793 	{
   1794 	1,
   1795 	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
   1796 	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
   1797 	SSL_kEDH,
   1798 	SSL_aRSA,
   1799 	SSL_SEED,
   1800 	SSL_SHA1,
   1801 	SSL_TLSV1,
   1802 	SSL_NOT_EXP|SSL_MEDIUM,
   1803 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1804 	128,
   1805 	128,
   1806 	},
   1807 
   1808 	/* Cipher 9B */
   1809 	{
   1810 	1,
   1811 	TLS1_TXT_ADH_WITH_SEED_SHA,
   1812 	TLS1_CK_ADH_WITH_SEED_SHA,
   1813 	SSL_kEDH,
   1814 	SSL_aNULL,
   1815 	SSL_SEED,
   1816 	SSL_SHA1,
   1817 	SSL_TLSV1,
   1818 	SSL_NOT_EXP|SSL_MEDIUM,
   1819 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1820 	128,
   1821 	128,
   1822 	},
   1823 
   1824 #endif /* OPENSSL_NO_SEED */
   1825 
   1826 	/* GCM ciphersuites from RFC5288 */
   1827 
   1828 	/* Cipher 9C */
   1829 	{
   1830 	1,
   1831 	TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
   1832 	TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
   1833 	SSL_kRSA,
   1834 	SSL_aRSA,
   1835 	SSL_AES128GCM,
   1836 	SSL_AEAD,
   1837 	SSL_TLSV1_2,
   1838 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1839 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1840 	128,
   1841 	128,
   1842 	},
   1843 
   1844 	/* Cipher 9D */
   1845 	{
   1846 	1,
   1847 	TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
   1848 	TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
   1849 	SSL_kRSA,
   1850 	SSL_aRSA,
   1851 	SSL_AES256GCM,
   1852 	SSL_AEAD,
   1853 	SSL_TLSV1_2,
   1854 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1855 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1856 	256,
   1857 	256,
   1858 	},
   1859 
   1860 	/* Cipher 9E */
   1861 	{
   1862 	1,
   1863 	TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
   1864 	TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
   1865 	SSL_kEDH,
   1866 	SSL_aRSA,
   1867 	SSL_AES128GCM,
   1868 	SSL_AEAD,
   1869 	SSL_TLSV1_2,
   1870 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1871 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1872 	128,
   1873 	128,
   1874 	},
   1875 
   1876 	/* Cipher 9F */
   1877 	{
   1878 	1,
   1879 	TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
   1880 	TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
   1881 	SSL_kEDH,
   1882 	SSL_aRSA,
   1883 	SSL_AES256GCM,
   1884 	SSL_AEAD,
   1885 	SSL_TLSV1_2,
   1886 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1887 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1888 	256,
   1889 	256,
   1890 	},
   1891 
   1892 	/* Cipher A0 */
   1893 	{
   1894 	0,
   1895 	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
   1896 	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
   1897 	SSL_kDHr,
   1898 	SSL_aDH,
   1899 	SSL_AES128GCM,
   1900 	SSL_AEAD,
   1901 	SSL_TLSV1_2,
   1902 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1903 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1904 	128,
   1905 	128,
   1906 	},
   1907 
   1908 	/* Cipher A1 */
   1909 	{
   1910 	0,
   1911 	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
   1912 	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
   1913 	SSL_kDHr,
   1914 	SSL_aDH,
   1915 	SSL_AES256GCM,
   1916 	SSL_AEAD,
   1917 	SSL_TLSV1_2,
   1918 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1919 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1920 	256,
   1921 	256,
   1922 	},
   1923 
   1924 	/* Cipher A2 */
   1925 	{
   1926 	1,
   1927 	TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
   1928 	TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
   1929 	SSL_kEDH,
   1930 	SSL_aDSS,
   1931 	SSL_AES128GCM,
   1932 	SSL_AEAD,
   1933 	SSL_TLSV1_2,
   1934 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1935 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1936 	128,
   1937 	128,
   1938 	},
   1939 
   1940 	/* Cipher A3 */
   1941 	{
   1942 	1,
   1943 	TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
   1944 	TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
   1945 	SSL_kEDH,
   1946 	SSL_aDSS,
   1947 	SSL_AES256GCM,
   1948 	SSL_AEAD,
   1949 	SSL_TLSV1_2,
   1950 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1951 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1952 	256,
   1953 	256,
   1954 	},
   1955 
   1956 	/* Cipher A4 */
   1957 	{
   1958 	0,
   1959 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
   1960 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
   1961 	SSL_kDHd,
   1962 	SSL_aDH,
   1963 	SSL_AES128GCM,
   1964 	SSL_AEAD,
   1965 	SSL_TLSV1_2,
   1966 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1967 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1968 	128,
   1969 	128,
   1970 	},
   1971 
   1972 	/* Cipher A5 */
   1973 	{
   1974 	0,
   1975 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
   1976 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
   1977 	SSL_kDHd,
   1978 	SSL_aDH,
   1979 	SSL_AES256GCM,
   1980 	SSL_AEAD,
   1981 	SSL_TLSV1_2,
   1982 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1983 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1984 	256,
   1985 	256,
   1986 	},
   1987 
   1988 	/* Cipher A6 */
   1989 	{
   1990 	1,
   1991 	TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
   1992 	TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
   1993 	SSL_kEDH,
   1994 	SSL_aNULL,
   1995 	SSL_AES128GCM,
   1996 	SSL_AEAD,
   1997 	SSL_TLSV1_2,
   1998 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1999 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2000 	128,
   2001 	128,
   2002 	},
   2003 
   2004 	/* Cipher A7 */
   2005 	{
   2006 	1,
   2007 	TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
   2008 	TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
   2009 	SSL_kEDH,
   2010 	SSL_aNULL,
   2011 	SSL_AES256GCM,
   2012 	SSL_AEAD,
   2013 	SSL_TLSV1_2,
   2014 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2015 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2016 	256,
   2017 	256,
   2018 	},
   2019 
   2020 #ifndef OPENSSL_NO_ECDH
   2021 	/* Cipher C001 */
   2022 	{
   2023 	1,
   2024 	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
   2025 	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
   2026 	SSL_kECDHe,
   2027 	SSL_aECDH,
   2028 	SSL_eNULL,
   2029 	SSL_SHA1,
   2030 	SSL_TLSV1,
   2031 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2032 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2033 	0,
   2034 	0,
   2035 	},
   2036 
   2037 	/* Cipher C002 */
   2038 	{
   2039 	1,
   2040 	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
   2041 	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
   2042 	SSL_kECDHe,
   2043 	SSL_aECDH,
   2044 	SSL_RC4,
   2045 	SSL_SHA1,
   2046 	SSL_TLSV1,
   2047 	SSL_NOT_EXP|SSL_MEDIUM,
   2048 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2049 	128,
   2050 	128,
   2051 	},
   2052 
   2053 	/* Cipher C003 */
   2054 	{
   2055 	1,
   2056 	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
   2057 	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
   2058 	SSL_kECDHe,
   2059 	SSL_aECDH,
   2060 	SSL_3DES,
   2061 	SSL_SHA1,
   2062 	SSL_TLSV1,
   2063 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2064 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2065 	168,
   2066 	168,
   2067 	},
   2068 
   2069 	/* Cipher C004 */
   2070 	{
   2071 	1,
   2072 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
   2073 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
   2074 	SSL_kECDHe,
   2075 	SSL_aECDH,
   2076 	SSL_AES128,
   2077 	SSL_SHA1,
   2078 	SSL_TLSV1,
   2079 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2080 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2081 	128,
   2082 	128,
   2083 	},
   2084 
   2085 	/* Cipher C005 */
   2086 	{
   2087 	1,
   2088 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
   2089 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
   2090 	SSL_kECDHe,
   2091 	SSL_aECDH,
   2092 	SSL_AES256,
   2093 	SSL_SHA1,
   2094 	SSL_TLSV1,
   2095 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2096 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2097 	256,
   2098 	256,
   2099 	},
   2100 
   2101 	/* Cipher C006 */
   2102 	{
   2103 	1,
   2104 	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
   2105 	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
   2106 	SSL_kEECDH,
   2107 	SSL_aECDSA,
   2108 	SSL_eNULL,
   2109 	SSL_SHA1,
   2110 	SSL_TLSV1,
   2111 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2112 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2113 	0,
   2114 	0,
   2115 	},
   2116 
   2117 	/* Cipher C007 */
   2118 	{
   2119 	1,
   2120 	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
   2121 	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
   2122 	SSL_kEECDH,
   2123 	SSL_aECDSA,
   2124 	SSL_RC4,
   2125 	SSL_SHA1,
   2126 	SSL_TLSV1,
   2127 	SSL_NOT_EXP|SSL_MEDIUM,
   2128 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2129 	128,
   2130 	128,
   2131 	},
   2132 
   2133 	/* Cipher C008 */
   2134 	{
   2135 	1,
   2136 	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
   2137 	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
   2138 	SSL_kEECDH,
   2139 	SSL_aECDSA,
   2140 	SSL_3DES,
   2141 	SSL_SHA1,
   2142 	SSL_TLSV1,
   2143 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2144 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2145 	168,
   2146 	168,
   2147 	},
   2148 
   2149 	/* Cipher C009 */
   2150 	{
   2151 	1,
   2152 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
   2153 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
   2154 	SSL_kEECDH,
   2155 	SSL_aECDSA,
   2156 	SSL_AES128,
   2157 	SSL_SHA1,
   2158 	SSL_TLSV1,
   2159 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2160 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2161 	128,
   2162 	128,
   2163 	},
   2164 
   2165 	/* Cipher C00A */
   2166 	{
   2167 	1,
   2168 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
   2169 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
   2170 	SSL_kEECDH,
   2171 	SSL_aECDSA,
   2172 	SSL_AES256,
   2173 	SSL_SHA1,
   2174 	SSL_TLSV1,
   2175 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2176 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2177 	256,
   2178 	256,
   2179 	},
   2180 
   2181 	/* Cipher C00B */
   2182 	{
   2183 	1,
   2184 	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
   2185 	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
   2186 	SSL_kECDHr,
   2187 	SSL_aECDH,
   2188 	SSL_eNULL,
   2189 	SSL_SHA1,
   2190 	SSL_TLSV1,
   2191 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2192 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2193 	0,
   2194 	0,
   2195 	},
   2196 
   2197 	/* Cipher C00C */
   2198 	{
   2199 	1,
   2200 	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
   2201 	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
   2202 	SSL_kECDHr,
   2203 	SSL_aECDH,
   2204 	SSL_RC4,
   2205 	SSL_SHA1,
   2206 	SSL_TLSV1,
   2207 	SSL_NOT_EXP|SSL_MEDIUM,
   2208 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2209 	128,
   2210 	128,
   2211 	},
   2212 
   2213 	/* Cipher C00D */
   2214 	{
   2215 	1,
   2216 	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
   2217 	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
   2218 	SSL_kECDHr,
   2219 	SSL_aECDH,
   2220 	SSL_3DES,
   2221 	SSL_SHA1,
   2222 	SSL_TLSV1,
   2223 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2224 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2225 	168,
   2226 	168,
   2227 	},
   2228 
   2229 	/* Cipher C00E */
   2230 	{
   2231 	1,
   2232 	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
   2233 	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
   2234 	SSL_kECDHr,
   2235 	SSL_aECDH,
   2236 	SSL_AES128,
   2237 	SSL_SHA1,
   2238 	SSL_TLSV1,
   2239 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2240 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2241 	128,
   2242 	128,
   2243 	},
   2244 
   2245 	/* Cipher C00F */
   2246 	{
   2247 	1,
   2248 	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
   2249 	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
   2250 	SSL_kECDHr,
   2251 	SSL_aECDH,
   2252 	SSL_AES256,
   2253 	SSL_SHA1,
   2254 	SSL_TLSV1,
   2255 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2256 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2257 	256,
   2258 	256,
   2259 	},
   2260 
   2261 	/* Cipher C010 */
   2262 	{
   2263 	1,
   2264 	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
   2265 	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
   2266 	SSL_kEECDH,
   2267 	SSL_aRSA,
   2268 	SSL_eNULL,
   2269 	SSL_SHA1,
   2270 	SSL_TLSV1,
   2271 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2272 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2273 	0,
   2274 	0,
   2275 	},
   2276 
   2277 	/* Cipher C011 */
   2278 	{
   2279 	1,
   2280 	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
   2281 	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
   2282 	SSL_kEECDH,
   2283 	SSL_aRSA,
   2284 	SSL_RC4,
   2285 	SSL_SHA1,
   2286 	SSL_TLSV1,
   2287 	SSL_NOT_EXP|SSL_MEDIUM,
   2288 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2289 	128,
   2290 	128,
   2291 	},
   2292 
   2293 	/* Cipher C012 */
   2294 	{
   2295 	1,
   2296 	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
   2297 	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
   2298 	SSL_kEECDH,
   2299 	SSL_aRSA,
   2300 	SSL_3DES,
   2301 	SSL_SHA1,
   2302 	SSL_TLSV1,
   2303 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2304 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2305 	168,
   2306 	168,
   2307 	},
   2308 
   2309 	/* Cipher C013 */
   2310 	{
   2311 	1,
   2312 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   2313 	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   2314 	SSL_kEECDH,
   2315 	SSL_aRSA,
   2316 	SSL_AES128,
   2317 	SSL_SHA1,
   2318 	SSL_TLSV1,
   2319 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2320 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2321 	128,
   2322 	128,
   2323 	},
   2324 
   2325 	/* Cipher C014 */
   2326 	{
   2327 	1,
   2328 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
   2329 	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
   2330 	SSL_kEECDH,
   2331 	SSL_aRSA,
   2332 	SSL_AES256,
   2333 	SSL_SHA1,
   2334 	SSL_TLSV1,
   2335 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2336 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2337 	256,
   2338 	256,
   2339 	},
   2340 
   2341 	/* Cipher C015 */
   2342 	{
   2343 	1,
   2344 	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
   2345 	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
   2346 	SSL_kEECDH,
   2347 	SSL_aNULL,
   2348 	SSL_eNULL,
   2349 	SSL_SHA1,
   2350 	SSL_TLSV1,
   2351 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2352 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2353 	0,
   2354 	0,
   2355 	},
   2356 
   2357 	/* Cipher C016 */
   2358 	{
   2359 	1,
   2360 	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
   2361 	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
   2362 	SSL_kEECDH,
   2363 	SSL_aNULL,
   2364 	SSL_RC4,
   2365 	SSL_SHA1,
   2366 	SSL_TLSV1,
   2367 	SSL_NOT_EXP|SSL_MEDIUM,
   2368 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2369 	128,
   2370 	128,
   2371 	},
   2372 
   2373 	/* Cipher C017 */
   2374 	{
   2375 	1,
   2376 	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
   2377 	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
   2378 	SSL_kEECDH,
   2379 	SSL_aNULL,
   2380 	SSL_3DES,
   2381 	SSL_SHA1,
   2382 	SSL_TLSV1,
   2383 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2384 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2385 	168,
   2386 	168,
   2387 	},
   2388 
   2389 	/* Cipher C018 */
   2390 	{
   2391 	1,
   2392 	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
   2393 	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
   2394 	SSL_kEECDH,
   2395 	SSL_aNULL,
   2396 	SSL_AES128,
   2397 	SSL_SHA1,
   2398 	SSL_TLSV1,
   2399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2401 	128,
   2402 	128,
   2403 	},
   2404 
   2405 	/* Cipher C019 */
   2406 	{
   2407 	1,
   2408 	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
   2409 	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
   2410 	SSL_kEECDH,
   2411 	SSL_aNULL,
   2412 	SSL_AES256,
   2413 	SSL_SHA1,
   2414 	SSL_TLSV1,
   2415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2417 	256,
   2418 	256,
   2419 	},
   2420 #endif	/* OPENSSL_NO_ECDH */
   2421 
   2422 #ifndef OPENSSL_NO_SRP
   2423 	/* Cipher C01A */
   2424 	{
   2425 	1,
   2426 	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
   2427 	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
   2428 	SSL_kSRP,
   2429 	SSL_aNULL,
   2430 	SSL_3DES,
   2431 	SSL_SHA1,
   2432 	SSL_TLSV1,
   2433 	SSL_NOT_EXP|SSL_HIGH,
   2434 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2435 	168,
   2436 	168,
   2437 	},
   2438 
   2439 	/* Cipher C01B */
   2440 	{
   2441 	1,
   2442 	TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
   2443 	TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
   2444 	SSL_kSRP,
   2445 	SSL_aRSA,
   2446 	SSL_3DES,
   2447 	SSL_SHA1,
   2448 	SSL_TLSV1,
   2449 	SSL_NOT_EXP|SSL_HIGH,
   2450 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2451 	168,
   2452 	168,
   2453 	},
   2454 
   2455 	/* Cipher C01C */
   2456 	{
   2457 	1,
   2458 	TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
   2459 	TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
   2460 	SSL_kSRP,
   2461 	SSL_aDSS,
   2462 	SSL_3DES,
   2463 	SSL_SHA1,
   2464 	SSL_TLSV1,
   2465 	SSL_NOT_EXP|SSL_HIGH,
   2466 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2467 	168,
   2468 	168,
   2469 	},
   2470 
   2471 	/* Cipher C01D */
   2472 	{
   2473 	1,
   2474 	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
   2475 	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
   2476 	SSL_kSRP,
   2477 	SSL_aNULL,
   2478 	SSL_AES128,
   2479 	SSL_SHA1,
   2480 	SSL_TLSV1,
   2481 	SSL_NOT_EXP|SSL_HIGH,
   2482 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2483 	128,
   2484 	128,
   2485 	},
   2486 
   2487 	/* Cipher C01E */
   2488 	{
   2489 	1,
   2490 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
   2491 	TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
   2492 	SSL_kSRP,
   2493 	SSL_aRSA,
   2494 	SSL_AES128,
   2495 	SSL_SHA1,
   2496 	SSL_TLSV1,
   2497 	SSL_NOT_EXP|SSL_HIGH,
   2498 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2499 	128,
   2500 	128,
   2501 	},
   2502 
   2503 	/* Cipher C01F */
   2504 	{
   2505 	1,
   2506 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
   2507 	TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
   2508 	SSL_kSRP,
   2509 	SSL_aDSS,
   2510 	SSL_AES128,
   2511 	SSL_SHA1,
   2512 	SSL_TLSV1,
   2513 	SSL_NOT_EXP|SSL_HIGH,
   2514 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2515 	128,
   2516 	128,
   2517 	},
   2518 
   2519 	/* Cipher C020 */
   2520 	{
   2521 	1,
   2522 	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
   2523 	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
   2524 	SSL_kSRP,
   2525 	SSL_aNULL,
   2526 	SSL_AES256,
   2527 	SSL_SHA1,
   2528 	SSL_TLSV1,
   2529 	SSL_NOT_EXP|SSL_HIGH,
   2530 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2531 	256,
   2532 	256,
   2533 	},
   2534 
   2535 	/* Cipher C021 */
   2536 	{
   2537 	1,
   2538 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
   2539 	TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
   2540 	SSL_kSRP,
   2541 	SSL_aRSA,
   2542 	SSL_AES256,
   2543 	SSL_SHA1,
   2544 	SSL_TLSV1,
   2545 	SSL_NOT_EXP|SSL_HIGH,
   2546 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2547 	256,
   2548 	256,
   2549 	},
   2550 
   2551 	/* Cipher C022 */
   2552 	{
   2553 	1,
   2554 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
   2555 	TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
   2556 	SSL_kSRP,
   2557 	SSL_aDSS,
   2558 	SSL_AES256,
   2559 	SSL_SHA1,
   2560 	SSL_TLSV1,
   2561 	SSL_NOT_EXP|SSL_HIGH,
   2562 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2563 	256,
   2564 	256,
   2565 	},
   2566 #endif  /* OPENSSL_NO_SRP */
   2567 #ifndef OPENSSL_NO_ECDH
   2568 
   2569 	/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
   2570 
   2571 	/* Cipher C023 */
   2572 	{
   2573 	1,
   2574 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
   2575 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
   2576 	SSL_kEECDH,
   2577 	SSL_aECDSA,
   2578 	SSL_AES128,
   2579 	SSL_SHA256,
   2580 	SSL_TLSV1_2,
   2581 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2582 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2583 	128,
   2584 	128,
   2585 	},
   2586 
   2587 	/* Cipher C024 */
   2588 	{
   2589 	1,
   2590 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
   2591 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
   2592 	SSL_kEECDH,
   2593 	SSL_aECDSA,
   2594 	SSL_AES256,
   2595 	SSL_SHA384,
   2596 	SSL_TLSV1_2,
   2597 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2598 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2599 	256,
   2600 	256,
   2601 	},
   2602 
   2603 	/* Cipher C025 */
   2604 	{
   2605 	1,
   2606 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
   2607 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
   2608 	SSL_kECDHe,
   2609 	SSL_aECDH,
   2610 	SSL_AES128,
   2611 	SSL_SHA256,
   2612 	SSL_TLSV1_2,
   2613 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2614 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2615 	128,
   2616 	128,
   2617 	},
   2618 
   2619 	/* Cipher C026 */
   2620 	{
   2621 	1,
   2622 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
   2623 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
   2624 	SSL_kECDHe,
   2625 	SSL_aECDH,
   2626 	SSL_AES256,
   2627 	SSL_SHA384,
   2628 	SSL_TLSV1_2,
   2629 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2630 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2631 	256,
   2632 	256,
   2633 	},
   2634 
   2635 	/* Cipher C027 */
   2636 	{
   2637 	1,
   2638 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
   2639 	TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
   2640 	SSL_kEECDH,
   2641 	SSL_aRSA,
   2642 	SSL_AES128,
   2643 	SSL_SHA256,
   2644 	SSL_TLSV1_2,
   2645 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2646 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2647 	128,
   2648 	128,
   2649 	},
   2650 
   2651 	/* Cipher C028 */
   2652 	{
   2653 	1,
   2654 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
   2655 	TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
   2656 	SSL_kEECDH,
   2657 	SSL_aRSA,
   2658 	SSL_AES256,
   2659 	SSL_SHA384,
   2660 	SSL_TLSV1_2,
   2661 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2662 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2663 	256,
   2664 	256,
   2665 	},
   2666 
   2667 	/* Cipher C029 */
   2668 	{
   2669 	1,
   2670 	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
   2671 	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
   2672 	SSL_kECDHr,
   2673 	SSL_aECDH,
   2674 	SSL_AES128,
   2675 	SSL_SHA256,
   2676 	SSL_TLSV1_2,
   2677 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2678 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2679 	128,
   2680 	128,
   2681 	},
   2682 
   2683 	/* Cipher C02A */
   2684 	{
   2685 	1,
   2686 	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
   2687 	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
   2688 	SSL_kECDHr,
   2689 	SSL_aECDH,
   2690 	SSL_AES256,
   2691 	SSL_SHA384,
   2692 	SSL_TLSV1_2,
   2693 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2694 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2695 	256,
   2696 	256,
   2697 	},
   2698 
   2699 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
   2700 
   2701 	/* Cipher C02B */
   2702 	{
   2703 	1,
   2704 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
   2705 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
   2706 	SSL_kEECDH,
   2707 	SSL_aECDSA,
   2708 	SSL_AES128GCM,
   2709 	SSL_AEAD,
   2710 	SSL_TLSV1_2,
   2711 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2712 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2713 	128,
   2714 	128,
   2715 	},
   2716 
   2717 	/* Cipher C02C */
   2718 	{
   2719 	1,
   2720 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
   2721 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
   2722 	SSL_kEECDH,
   2723 	SSL_aECDSA,
   2724 	SSL_AES256GCM,
   2725 	SSL_AEAD,
   2726 	SSL_TLSV1_2,
   2727 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2728 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2729 	256,
   2730 	256,
   2731 	},
   2732 
   2733 	/* Cipher C02D */
   2734 	{
   2735 	1,
   2736 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
   2737 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
   2738 	SSL_kECDHe,
   2739 	SSL_aECDH,
   2740 	SSL_AES128GCM,
   2741 	SSL_AEAD,
   2742 	SSL_TLSV1_2,
   2743 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2744 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2745 	128,
   2746 	128,
   2747 	},
   2748 
   2749 	/* Cipher C02E */
   2750 	{
   2751 	1,
   2752 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
   2753 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
   2754 	SSL_kECDHe,
   2755 	SSL_aECDH,
   2756 	SSL_AES256GCM,
   2757 	SSL_AEAD,
   2758 	SSL_TLSV1_2,
   2759 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2760 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2761 	256,
   2762 	256,
   2763 	},
   2764 
   2765 	/* Cipher C02F */
   2766 	{
   2767 	1,
   2768 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
   2769 	TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
   2770 	SSL_kEECDH,
   2771 	SSL_aRSA,
   2772 	SSL_AES128GCM,
   2773 	SSL_AEAD,
   2774 	SSL_TLSV1_2,
   2775 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2776 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2777 	128,
   2778 	128,
   2779 	},
   2780 
   2781 	/* Cipher C030 */
   2782 	{
   2783 	1,
   2784 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
   2785 	TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
   2786 	SSL_kEECDH,
   2787 	SSL_aRSA,
   2788 	SSL_AES256GCM,
   2789 	SSL_AEAD,
   2790 	SSL_TLSV1_2,
   2791 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2792 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2793 	256,
   2794 	256,
   2795 	},
   2796 
   2797 	/* Cipher C031 */
   2798 	{
   2799 	1,
   2800 	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
   2801 	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
   2802 	SSL_kECDHr,
   2803 	SSL_aECDH,
   2804 	SSL_AES128GCM,
   2805 	SSL_AEAD,
   2806 	SSL_TLSV1_2,
   2807 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2808 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2809 	128,
   2810 	128,
   2811 	},
   2812 
   2813 	/* Cipher C032 */
   2814 	{
   2815 	1,
   2816 	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
   2817 	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
   2818 	SSL_kECDHr,
   2819 	SSL_aECDH,
   2820 	SSL_AES256GCM,
   2821 	SSL_AEAD,
   2822 	SSL_TLSV1_2,
   2823 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2824 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2825 	256,
   2826 	256,
   2827 	},
   2828 
   2829 #endif /* OPENSSL_NO_ECDH */
   2830 
   2831 
   2832 #ifdef TEMP_GOST_TLS
   2833 /* Cipher FF00 */
   2834 	{
   2835 	1,
   2836 	"GOST-MD5",
   2837 	0x0300ff00,
   2838 	SSL_kRSA,
   2839 	SSL_aRSA,
   2840 	SSL_eGOST2814789CNT,
   2841 	SSL_MD5,
   2842 	SSL_TLSV1,
   2843 	SSL_NOT_EXP|SSL_HIGH,
   2844 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2845 	256,
   2846 	256,
   2847 	},
   2848 	{
   2849 	1,
   2850 	"GOST-GOST94",
   2851 	0x0300ff01,
   2852 	SSL_kRSA,
   2853 	SSL_aRSA,
   2854 	SSL_eGOST2814789CNT,
   2855 	SSL_GOST94,
   2856 	SSL_TLSV1,
   2857 	SSL_NOT_EXP|SSL_HIGH,
   2858 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2859 	256,
   2860 	256
   2861 	},
   2862 	{
   2863 	1,
   2864 	"GOST-GOST89MAC",
   2865 	0x0300ff02,
   2866 	SSL_kRSA,
   2867 	SSL_aRSA,
   2868 	SSL_eGOST2814789CNT,
   2869 	SSL_GOST89MAC,
   2870 	SSL_TLSV1,
   2871 	SSL_NOT_EXP|SSL_HIGH,
   2872 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2873 	256,
   2874 	256
   2875 	},
   2876 	{
   2877 	1,
   2878 	"GOST-GOST89STREAM",
   2879 	0x0300ff03,
   2880 	SSL_kRSA,
   2881 	SSL_aRSA,
   2882 	SSL_eGOST2814789CNT,
   2883 	SSL_GOST89MAC,
   2884 	SSL_TLSV1,
   2885 	SSL_NOT_EXP|SSL_HIGH,
   2886 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
   2887 	256,
   2888 	256
   2889 	},
   2890 #endif
   2891 
   2892 /* end of list */
   2893 	};
   2894 
   2895 SSL3_ENC_METHOD SSLv3_enc_data={
   2896 	ssl3_enc,
   2897 	n_ssl3_mac,
   2898 	ssl3_setup_key_block,
   2899 	ssl3_generate_master_secret,
   2900 	ssl3_change_cipher_state,
   2901 	ssl3_final_finish_mac,
   2902 	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
   2903 	ssl3_cert_verify_mac,
   2904 	SSL3_MD_CLIENT_FINISHED_CONST,4,
   2905 	SSL3_MD_SERVER_FINISHED_CONST,4,
   2906 	ssl3_alert_code,
   2907 	(int (*)(SSL *, unsigned char *, size_t, const char *,
   2908 		 size_t, const unsigned char *, size_t,
   2909 		 int use_context))ssl_undefined_function,
   2910 	};
   2911 
   2912 long ssl3_default_timeout(void)
   2913 	{
   2914 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
   2915 	 * is way too long for http, the cache would over fill */
   2916 	return(60*60*2);
   2917 	}
   2918 
   2919 int ssl3_num_ciphers(void)
   2920 	{
   2921 	return(SSL3_NUM_CIPHERS);
   2922 	}
   2923 
   2924 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
   2925 	{
   2926 	if (u < SSL3_NUM_CIPHERS)
   2927 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
   2928 	else
   2929 		return(NULL);
   2930 	}
   2931 
   2932 int ssl3_pending(const SSL *s)
   2933 	{
   2934 	if (s->rstate == SSL_ST_READ_BODY)
   2935 		return 0;
   2936 
   2937 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
   2938 	}
   2939 
   2940 int ssl3_new(SSL *s)
   2941 	{
   2942 	SSL3_STATE *s3;
   2943 
   2944 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
   2945 	memset(s3,0,sizeof *s3);
   2946 	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
   2947 	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
   2948 
   2949 	s->s3=s3;
   2950 
   2951 #ifndef OPENSSL_NO_SRP
   2952 	SSL_SRP_CTX_init(s);
   2953 #endif
   2954 #if !defined(OPENSSL_NO_TLSEXT)
   2955 	s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled;
   2956 	if (s->ctx->tlsext_channel_id_private)
   2957 		s->tlsext_channel_id_private = EVP_PKEY_dup(s->ctx->tlsext_channel_id_private);
   2958 #endif
   2959 	s->method->ssl_clear(s);
   2960 	return(1);
   2961 err:
   2962 	return(0);
   2963 	}
   2964 
   2965 void ssl3_free(SSL *s)
   2966 	{
   2967 	if(s == NULL)
   2968 	    return;
   2969 
   2970 #ifdef TLSEXT_TYPE_opaque_prf_input
   2971 	if (s->s3->client_opaque_prf_input != NULL)
   2972 		OPENSSL_free(s->s3->client_opaque_prf_input);
   2973 	if (s->s3->server_opaque_prf_input != NULL)
   2974 		OPENSSL_free(s->s3->server_opaque_prf_input);
   2975 #endif
   2976 
   2977 	ssl3_cleanup_key_block(s);
   2978 	if (s->s3->rbuf.buf != NULL)
   2979 		ssl3_release_read_buffer(s);
   2980 	if (s->s3->wbuf.buf != NULL)
   2981 		ssl3_release_write_buffer(s);
   2982 	if (s->s3->rrec.comp != NULL)
   2983 		OPENSSL_free(s->s3->rrec.comp);
   2984 #ifndef OPENSSL_NO_DH
   2985 	if (s->s3->tmp.dh != NULL)
   2986 		DH_free(s->s3->tmp.dh);
   2987 #endif
   2988 #ifndef OPENSSL_NO_ECDH
   2989 	if (s->s3->tmp.ecdh != NULL)
   2990 		EC_KEY_free(s->s3->tmp.ecdh);
   2991 #endif
   2992 
   2993 	if (s->s3->tmp.ca_names != NULL)
   2994 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
   2995 	if (s->s3->handshake_buffer) {
   2996 		BIO_free(s->s3->handshake_buffer);
   2997 	}
   2998 	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
   2999 #ifndef OPENSSL_NO_SRP
   3000 	SSL_SRP_CTX_free(s);
   3001 #endif
   3002 	OPENSSL_cleanse(s->s3,sizeof *s->s3);
   3003 	OPENSSL_free(s->s3);
   3004 	s->s3=NULL;
   3005 	}
   3006 
   3007 void ssl3_clear(SSL *s)
   3008 	{
   3009 	unsigned char *rp,*wp;
   3010 	size_t rlen, wlen;
   3011 	int init_extra;
   3012 
   3013 #ifdef TLSEXT_TYPE_opaque_prf_input
   3014 	if (s->s3->client_opaque_prf_input != NULL)
   3015 		OPENSSL_free(s->s3->client_opaque_prf_input);
   3016 	s->s3->client_opaque_prf_input = NULL;
   3017 	if (s->s3->server_opaque_prf_input != NULL)
   3018 		OPENSSL_free(s->s3->server_opaque_prf_input);
   3019 	s->s3->server_opaque_prf_input = NULL;
   3020 #endif
   3021 
   3022 	ssl3_cleanup_key_block(s);
   3023 	if (s->s3->tmp.ca_names != NULL)
   3024 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
   3025 
   3026 	if (s->s3->rrec.comp != NULL)
   3027 		{
   3028 		OPENSSL_free(s->s3->rrec.comp);
   3029 		s->s3->rrec.comp=NULL;
   3030 		}
   3031 #ifndef OPENSSL_NO_DH
   3032 	if (s->s3->tmp.dh != NULL)
   3033 		{
   3034 		DH_free(s->s3->tmp.dh);
   3035 		s->s3->tmp.dh = NULL;
   3036 		}
   3037 #endif
   3038 #ifndef OPENSSL_NO_ECDH
   3039 	if (s->s3->tmp.ecdh != NULL)
   3040 		{
   3041 		EC_KEY_free(s->s3->tmp.ecdh);
   3042 		s->s3->tmp.ecdh = NULL;
   3043 		}
   3044 #endif
   3045 
   3046 	rp = s->s3->rbuf.buf;
   3047 	wp = s->s3->wbuf.buf;
   3048 	rlen = s->s3->rbuf.len;
   3049  	wlen = s->s3->wbuf.len;
   3050 	init_extra = s->s3->init_extra;
   3051 	if (s->s3->handshake_buffer) {
   3052 		BIO_free(s->s3->handshake_buffer);
   3053 		s->s3->handshake_buffer = NULL;
   3054 	}
   3055 	if (s->s3->handshake_dgst) {
   3056 		ssl3_free_digest_list(s);
   3057 	}
   3058 	memset(s->s3,0,sizeof *s->s3);
   3059 	s->s3->rbuf.buf = rp;
   3060 	s->s3->wbuf.buf = wp;
   3061 	s->s3->rbuf.len = rlen;
   3062  	s->s3->wbuf.len = wlen;
   3063 	s->s3->init_extra = init_extra;
   3064 
   3065 	ssl_free_wbio_buffer(s);
   3066 
   3067 	s->packet_length=0;
   3068 	s->s3->renegotiate=0;
   3069 	s->s3->total_renegotiations=0;
   3070 	s->s3->num_renegotiations=0;
   3071 	s->s3->in_read_app_data=0;
   3072 	s->version=SSL3_VERSION;
   3073 
   3074 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
   3075 	if (s->next_proto_negotiated)
   3076 		{
   3077 		OPENSSL_free(s->next_proto_negotiated);
   3078 		s->next_proto_negotiated = NULL;
   3079 		s->next_proto_negotiated_len = 0;
   3080 		}
   3081 #endif
   3082 
   3083 #if !defined(OPENSSL_NO_TLSEXT)
   3084 	s->s3->tlsext_channel_id_valid = 0;
   3085 #endif
   3086 	}
   3087 
   3088 #ifndef OPENSSL_NO_SRP
   3089 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
   3090 	{
   3091 	return BUF_strdup(s->srp_ctx.info) ;
   3092 	}
   3093 #endif
   3094 
   3095 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
   3096 	{
   3097 	int ret=0;
   3098 
   3099 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
   3100 	if (
   3101 #ifndef OPENSSL_NO_RSA
   3102 	    cmd == SSL_CTRL_SET_TMP_RSA ||
   3103 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
   3104 #endif
   3105 #ifndef OPENSSL_NO_DSA
   3106 	    cmd == SSL_CTRL_SET_TMP_DH ||
   3107 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
   3108 #endif
   3109 		0)
   3110 		{
   3111 		if (!ssl_cert_inst(&s->cert))
   3112 		    	{
   3113 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
   3114 			return(0);
   3115 			}
   3116 		}
   3117 #endif
   3118 
   3119 	switch (cmd)
   3120 		{
   3121 	case SSL_CTRL_GET_SESSION_REUSED:
   3122 		ret=s->hit;
   3123 		break;
   3124 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
   3125 		break;
   3126 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
   3127 		ret=s->s3->num_renegotiations;
   3128 		break;
   3129 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
   3130 		ret=s->s3->num_renegotiations;
   3131 		s->s3->num_renegotiations=0;
   3132 		break;
   3133 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
   3134 		ret=s->s3->total_renegotiations;
   3135 		break;
   3136 	case SSL_CTRL_GET_FLAGS:
   3137 		ret=(int)(s->s3->flags);
   3138 		break;
   3139 #ifndef OPENSSL_NO_RSA
   3140 	case SSL_CTRL_NEED_TMP_RSA:
   3141 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
   3142 		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
   3143 		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
   3144 			ret = 1;
   3145 		break;
   3146 	case SSL_CTRL_SET_TMP_RSA:
   3147 		{
   3148 			RSA *rsa = (RSA *)parg;
   3149 			if (rsa == NULL)
   3150 				{
   3151 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3152 				return(ret);
   3153 				}
   3154 			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
   3155 				{
   3156 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
   3157 				return(ret);
   3158 				}
   3159 			if (s->cert->rsa_tmp != NULL)
   3160 				RSA_free(s->cert->rsa_tmp);
   3161 			s->cert->rsa_tmp = rsa;
   3162 			ret = 1;
   3163 		}
   3164 		break;
   3165 	case SSL_CTRL_SET_TMP_RSA_CB:
   3166 		{
   3167 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3168 		return(ret);
   3169 		}
   3170 		break;
   3171 #endif
   3172 #ifndef OPENSSL_NO_DH
   3173 	case SSL_CTRL_SET_TMP_DH:
   3174 		{
   3175 			DH *dh = (DH *)parg;
   3176 			if (dh == NULL)
   3177 				{
   3178 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3179 				return(ret);
   3180 				}
   3181 			if ((dh = DHparams_dup(dh)) == NULL)
   3182 				{
   3183 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
   3184 				return(ret);
   3185 				}
   3186 			if (!(s->options & SSL_OP_SINGLE_DH_USE))
   3187 				{
   3188 				if (!DH_generate_key(dh))
   3189 					{
   3190 					DH_free(dh);
   3191 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
   3192 					return(ret);
   3193 					}
   3194 				}
   3195 			if (s->cert->dh_tmp != NULL)
   3196 				DH_free(s->cert->dh_tmp);
   3197 			s->cert->dh_tmp = dh;
   3198 			ret = 1;
   3199 		}
   3200 		break;
   3201 	case SSL_CTRL_SET_TMP_DH_CB:
   3202 		{
   3203 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3204 		return(ret);
   3205 		}
   3206 		break;
   3207 #endif
   3208 #ifndef OPENSSL_NO_ECDH
   3209 	case SSL_CTRL_SET_TMP_ECDH:
   3210 		{
   3211 		EC_KEY *ecdh = NULL;
   3212 
   3213 		if (parg == NULL)
   3214 			{
   3215 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3216 			return(ret);
   3217 			}
   3218 		if (!EC_KEY_up_ref((EC_KEY *)parg))
   3219 			{
   3220 			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
   3221 			return(ret);
   3222 			}
   3223 		ecdh = (EC_KEY *)parg;
   3224 		if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
   3225 			{
   3226 			if (!EC_KEY_generate_key(ecdh))
   3227 				{
   3228 				EC_KEY_free(ecdh);
   3229 				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
   3230 				return(ret);
   3231 				}
   3232 			}
   3233 		if (s->cert->ecdh_tmp != NULL)
   3234 			EC_KEY_free(s->cert->ecdh_tmp);
   3235 		s->cert->ecdh_tmp = ecdh;
   3236 		ret = 1;
   3237 		}
   3238 		break;
   3239 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3240 		{
   3241 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3242 		return(ret);
   3243 		}
   3244 		break;
   3245 #endif /* !OPENSSL_NO_ECDH */
   3246 #ifndef OPENSSL_NO_TLSEXT
   3247 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
   3248  		if (larg == TLSEXT_NAMETYPE_host_name)
   3249 			{
   3250 			if (s->tlsext_hostname != NULL)
   3251 				OPENSSL_free(s->tlsext_hostname);
   3252 			s->tlsext_hostname = NULL;
   3253 
   3254 			ret = 1;
   3255 			if (parg == NULL)
   3256 				break;
   3257 			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
   3258 				{
   3259 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
   3260 				return 0;
   3261 				}
   3262 			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
   3263 				{
   3264 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
   3265 				return 0;
   3266 				}
   3267 			}
   3268 		else
   3269 			{
   3270 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
   3271 			return 0;
   3272 			}
   3273  		break;
   3274 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
   3275 		s->tlsext_debug_arg=parg;
   3276 		ret = 1;
   3277 		break;
   3278 
   3279 #ifdef TLSEXT_TYPE_opaque_prf_input
   3280 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
   3281 		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
   3282 		                   * (including the cert chain and everything) */
   3283 			{
   3284 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
   3285 			break;
   3286 			}
   3287 		if (s->tlsext_opaque_prf_input != NULL)
   3288 			OPENSSL_free(s->tlsext_opaque_prf_input);
   3289 		if ((size_t)larg == 0)
   3290 			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
   3291 		else
   3292 			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
   3293 		if (s->tlsext_opaque_prf_input != NULL)
   3294 			{
   3295 			s->tlsext_opaque_prf_input_len = (size_t)larg;
   3296 			ret = 1;
   3297 			}
   3298 		else
   3299 			s->tlsext_opaque_prf_input_len = 0;
   3300 		break;
   3301 #endif
   3302 
   3303 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
   3304 		s->tlsext_status_type=larg;
   3305 		ret = 1;
   3306 		break;
   3307 
   3308 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
   3309 		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
   3310 		ret = 1;
   3311 		break;
   3312 
   3313 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
   3314 		s->tlsext_ocsp_exts = parg;
   3315 		ret = 1;
   3316 		break;
   3317 
   3318 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
   3319 		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
   3320 		ret = 1;
   3321 		break;
   3322 
   3323 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
   3324 		s->tlsext_ocsp_ids = parg;
   3325 		ret = 1;
   3326 		break;
   3327 
   3328 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
   3329 		*(unsigned char **)parg = s->tlsext_ocsp_resp;
   3330 		return s->tlsext_ocsp_resplen;
   3331 
   3332 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
   3333 		if (s->tlsext_ocsp_resp)
   3334 			OPENSSL_free(s->tlsext_ocsp_resp);
   3335 		s->tlsext_ocsp_resp = parg;
   3336 		s->tlsext_ocsp_resplen = larg;
   3337 		ret = 1;
   3338 		break;
   3339 
   3340 #ifndef OPENSSL_NO_HEARTBEATS
   3341 	case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
   3342 		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
   3343 			ret = dtls1_heartbeat(s);
   3344 		else
   3345 			ret = tls1_heartbeat(s);
   3346 		break;
   3347 
   3348 	case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
   3349 		ret = s->tlsext_hb_pending;
   3350 		break;
   3351 
   3352 	case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
   3353 		if (larg)
   3354 			s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
   3355 		else
   3356 			s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
   3357 		ret = 1;
   3358 		break;
   3359 #endif
   3360 	case SSL_CTRL_CHANNEL_ID:
   3361 		if (!s->server)
   3362 			break;
   3363 		s->tlsext_channel_id_enabled = 1;
   3364 		ret = 1;
   3365 		break;
   3366 
   3367 	case SSL_CTRL_SET_CHANNEL_ID:
   3368 		if (s->server)
   3369 			break;
   3370 		s->tlsext_channel_id_enabled = 1;
   3371 		if (EVP_PKEY_bits(parg) != 256)
   3372 			{
   3373 			SSLerr(SSL_F_SSL3_CTRL,SSL_R_CHANNEL_ID_NOT_P256);
   3374 			break;
   3375 			}
   3376 		if (s->tlsext_channel_id_private)
   3377 			EVP_PKEY_free(s->tlsext_channel_id_private);
   3378 		s->tlsext_channel_id_private = (EVP_PKEY*) parg;
   3379 		ret = 1;
   3380 		break;
   3381 
   3382 	case SSL_CTRL_GET_CHANNEL_ID:
   3383 		if (!s->server)
   3384 			break;
   3385 		if (!s->s3->tlsext_channel_id_valid)
   3386 			break;
   3387 		memcpy(parg, s->s3->tlsext_channel_id, larg < 64 ? larg : 64);
   3388 		return 64;
   3389 
   3390 #endif /* !OPENSSL_NO_TLSEXT */
   3391 	default:
   3392 		break;
   3393 		}
   3394 	return(ret);
   3395 	}
   3396 
   3397 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
   3398 	{
   3399 	int ret=0;
   3400 
   3401 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
   3402 	if (
   3403 #ifndef OPENSSL_NO_RSA
   3404 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
   3405 #endif
   3406 #ifndef OPENSSL_NO_DSA
   3407 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
   3408 #endif
   3409 		0)
   3410 		{
   3411 		if (!ssl_cert_inst(&s->cert))
   3412 			{
   3413 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
   3414 			return(0);
   3415 			}
   3416 		}
   3417 #endif
   3418 
   3419 	switch (cmd)
   3420 		{
   3421 #ifndef OPENSSL_NO_RSA
   3422 	case SSL_CTRL_SET_TMP_RSA_CB:
   3423 		{
   3424 		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
   3425 		}
   3426 		break;
   3427 #endif
   3428 #ifndef OPENSSL_NO_DH
   3429 	case SSL_CTRL_SET_TMP_DH_CB:
   3430 		{
   3431 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
   3432 		}
   3433 		break;
   3434 #endif
   3435 #ifndef OPENSSL_NO_ECDH
   3436 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3437 		{
   3438 		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
   3439 		}
   3440 		break;
   3441 #endif
   3442 #ifndef OPENSSL_NO_TLSEXT
   3443 	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
   3444 		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
   3445 					unsigned char *, int, void *))fp;
   3446 		break;
   3447 #endif
   3448 	default:
   3449 		break;
   3450 		}
   3451 	return(ret);
   3452 	}
   3453 
   3454 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
   3455 	{
   3456 	CERT *cert;
   3457 
   3458 	cert=ctx->cert;
   3459 
   3460 	switch (cmd)
   3461 		{
   3462 #ifndef OPENSSL_NO_RSA
   3463 	case SSL_CTRL_NEED_TMP_RSA:
   3464 		if (	(cert->rsa_tmp == NULL) &&
   3465 			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
   3466 			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
   3467 			)
   3468 			return(1);
   3469 		else
   3470 			return(0);
   3471 		/* break; */
   3472 	case SSL_CTRL_SET_TMP_RSA:
   3473 		{
   3474 		RSA *rsa;
   3475 		int i;
   3476 
   3477 		rsa=(RSA *)parg;
   3478 		i=1;
   3479 		if (rsa == NULL)
   3480 			i=0;
   3481 		else
   3482 			{
   3483 			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
   3484 				i=0;
   3485 			}
   3486 		if (!i)
   3487 			{
   3488 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
   3489 			return(0);
   3490 			}
   3491 		else
   3492 			{
   3493 			if (cert->rsa_tmp != NULL)
   3494 				RSA_free(cert->rsa_tmp);
   3495 			cert->rsa_tmp=rsa;
   3496 			return(1);
   3497 			}
   3498 		}
   3499 		/* break; */
   3500 	case SSL_CTRL_SET_TMP_RSA_CB:
   3501 		{
   3502 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3503 		return(0);
   3504 		}
   3505 		break;
   3506 #endif
   3507 #ifndef OPENSSL_NO_DH
   3508 	case SSL_CTRL_SET_TMP_DH:
   3509 		{
   3510 		DH *new=NULL,*dh;
   3511 
   3512 		dh=(DH *)parg;
   3513 		if ((new=DHparams_dup(dh)) == NULL)
   3514 			{
   3515 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
   3516 			return 0;
   3517 			}
   3518 		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
   3519 			{
   3520 			if (!DH_generate_key(new))
   3521 				{
   3522 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
   3523 				DH_free(new);
   3524 				return 0;
   3525 				}
   3526 			}
   3527 		if (cert->dh_tmp != NULL)
   3528 			DH_free(cert->dh_tmp);
   3529 		cert->dh_tmp=new;
   3530 		return 1;
   3531 		}
   3532 		/*break; */
   3533 	case SSL_CTRL_SET_TMP_DH_CB:
   3534 		{
   3535 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3536 		return(0);
   3537 		}
   3538 		break;
   3539 #endif
   3540 #ifndef OPENSSL_NO_ECDH
   3541 	case SSL_CTRL_SET_TMP_ECDH:
   3542 		{
   3543 		EC_KEY *ecdh = NULL;
   3544 
   3545 		if (parg == NULL)
   3546 			{
   3547 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
   3548 			return 0;
   3549 			}
   3550 		ecdh = EC_KEY_dup((EC_KEY *)parg);
   3551 		if (ecdh == NULL)
   3552 			{
   3553 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
   3554 			return 0;
   3555 			}
   3556 		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
   3557 			{
   3558 			if (!EC_KEY_generate_key(ecdh))
   3559 				{
   3560 				EC_KEY_free(ecdh);
   3561 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
   3562 				return 0;
   3563 				}
   3564 			}
   3565 
   3566 		if (cert->ecdh_tmp != NULL)
   3567 			{
   3568 			EC_KEY_free(cert->ecdh_tmp);
   3569 			}
   3570 		cert->ecdh_tmp = ecdh;
   3571 		return 1;
   3572 		}
   3573 		/* break; */
   3574 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3575 		{
   3576 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3577 		return(0);
   3578 		}
   3579 		break;
   3580 #endif /* !OPENSSL_NO_ECDH */
   3581 #ifndef OPENSSL_NO_TLSEXT
   3582 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
   3583 		ctx->tlsext_servername_arg=parg;
   3584 		break;
   3585 	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
   3586 	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
   3587 		{
   3588 		unsigned char *keys = parg;
   3589 		if (!keys)
   3590 			return 48;
   3591 		if (larg != 48)
   3592 			{
   3593 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
   3594 			return 0;
   3595 			}
   3596 		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
   3597 			{
   3598 			memcpy(ctx->tlsext_tick_key_name, keys, 16);
   3599 			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
   3600 			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
   3601 			}
   3602 		else
   3603 			{
   3604 			memcpy(keys, ctx->tlsext_tick_key_name, 16);
   3605 			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
   3606 			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
   3607 			}
   3608 		return 1;
   3609 		}
   3610 	case SSL_CTRL_CHANNEL_ID:
   3611 		/* must be called on a server */
   3612 		if (ctx->method->ssl_accept == ssl_undefined_function)
   3613 			return 0;
   3614 		ctx->tlsext_channel_id_enabled=1;
   3615 		return 1;
   3616 
   3617 #ifdef TLSEXT_TYPE_opaque_prf_input
   3618 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
   3619 		ctx->tlsext_opaque_prf_input_callback_arg = parg;
   3620 		return 1;
   3621 #endif
   3622 
   3623 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
   3624 		ctx->tlsext_status_arg=parg;
   3625 		return 1;
   3626 		break;
   3627 
   3628 #ifndef OPENSSL_NO_SRP
   3629 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
   3630 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3631 		if (ctx->srp_ctx.login != NULL)
   3632 			OPENSSL_free(ctx->srp_ctx.login);
   3633 		ctx->srp_ctx.login = NULL;
   3634 		if (parg == NULL)
   3635 			break;
   3636 		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
   3637 			{
   3638 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
   3639 			return 0;
   3640 			}
   3641 		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
   3642 			{
   3643 			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
   3644 			return 0;
   3645 			}
   3646 		break;
   3647 	case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
   3648 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
   3649 		ctx->srp_ctx.info=parg;
   3650 		break;
   3651 	case SSL_CTRL_SET_SRP_ARG:
   3652 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3653 		ctx->srp_ctx.SRP_cb_arg=parg;
   3654 		break;
   3655 
   3656 	case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
   3657 		ctx->srp_ctx.strength=larg;
   3658 		break;
   3659 #endif
   3660 #endif /* !OPENSSL_NO_TLSEXT */
   3661 
   3662 	/* A Thawte special :-) */
   3663 	case SSL_CTRL_EXTRA_CHAIN_CERT:
   3664 		if (ctx->extra_certs == NULL)
   3665 			{
   3666 			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
   3667 				return(0);
   3668 			}
   3669 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
   3670 		break;
   3671 
   3672 	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
   3673 		*(STACK_OF(X509) **)parg =  ctx->extra_certs;
   3674 		break;
   3675 
   3676 	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
   3677 		if (ctx->extra_certs)
   3678 			{
   3679 			sk_X509_pop_free(ctx->extra_certs, X509_free);
   3680 			ctx->extra_certs = NULL;
   3681 			}
   3682 		break;
   3683 
   3684 	case SSL_CTRL_SET_CHANNEL_ID:
   3685 		ctx->tlsext_channel_id_enabled = 1;
   3686 		if (EVP_PKEY_bits(parg) != 256)
   3687 			{
   3688 			SSLerr(SSL_F_SSL3_CTX_CTRL,SSL_R_CHANNEL_ID_NOT_P256);
   3689 			break;
   3690 			}
   3691 		if (ctx->tlsext_channel_id_private)
   3692 			EVP_PKEY_free(ctx->tlsext_channel_id_private);
   3693 		ctx->tlsext_channel_id_private = (EVP_PKEY*) parg;
   3694 		break;
   3695 
   3696 	default:
   3697 		return(0);
   3698 		}
   3699 	return(1);
   3700 	}
   3701 
   3702 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
   3703 	{
   3704 	CERT *cert;
   3705 
   3706 	cert=ctx->cert;
   3707 
   3708 	switch (cmd)
   3709 		{
   3710 #ifndef OPENSSL_NO_RSA
   3711 	case SSL_CTRL_SET_TMP_RSA_CB:
   3712 		{
   3713 		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
   3714 		}
   3715 		break;
   3716 #endif
   3717 #ifndef OPENSSL_NO_DH
   3718 	case SSL_CTRL_SET_TMP_DH_CB:
   3719 		{
   3720 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
   3721 		}
   3722 		break;
   3723 #endif
   3724 #ifndef OPENSSL_NO_ECDH
   3725 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3726 		{
   3727 		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
   3728 		}
   3729 		break;
   3730 #endif
   3731 #ifndef OPENSSL_NO_TLSEXT
   3732 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
   3733 		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
   3734 		break;
   3735 
   3736 #ifdef TLSEXT_TYPE_opaque_prf_input
   3737 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
   3738 		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
   3739 		break;
   3740 #endif
   3741 
   3742 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
   3743 		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
   3744 		break;
   3745 
   3746 	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
   3747 		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
   3748 						unsigned char *,
   3749 						EVP_CIPHER_CTX *,
   3750 						HMAC_CTX *, int))fp;
   3751 		break;
   3752 
   3753 #ifndef OPENSSL_NO_SRP
   3754 	case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
   3755 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3756 		ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
   3757 		break;
   3758 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
   3759 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3760 		ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
   3761 		break;
   3762 	case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
   3763 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3764 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
   3765 		break;
   3766 #endif
   3767 #endif
   3768 	default:
   3769 		return(0);
   3770 		}
   3771 	return(1);
   3772 	}
   3773 
   3774 /* This function needs to check if the ciphers required are actually
   3775  * available */
   3776 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
   3777 	{
   3778 	SSL_CIPHER c;
   3779 	const SSL_CIPHER *cp;
   3780 	unsigned long id;
   3781 
   3782 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
   3783 	c.id=id;
   3784 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
   3785 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
   3786 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
   3787 #endif
   3788 	if (cp == NULL || cp->valid == 0)
   3789 		return NULL;
   3790 	else
   3791 		return cp;
   3792 	}
   3793 
   3794 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
   3795 	{
   3796 	long l;
   3797 
   3798 	if (p != NULL)
   3799 		{
   3800 		l=c->id;
   3801 		if ((l & 0xff000000) != 0x03000000) return(0);
   3802 		p[0]=((unsigned char)(l>> 8L))&0xFF;
   3803 		p[1]=((unsigned char)(l     ))&0xFF;
   3804 		}
   3805 	return(2);
   3806 	}
   3807 
   3808 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
   3809 	     STACK_OF(SSL_CIPHER) *srvr)
   3810 	{
   3811 	SSL_CIPHER *c,*ret=NULL;
   3812 	STACK_OF(SSL_CIPHER) *prio, *allow;
   3813 	int i,ii,ok;
   3814 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
   3815 	unsigned int j;
   3816 	int ec_ok, ec_nid;
   3817 	unsigned char ec_search1 = 0, ec_search2 = 0;
   3818 #endif
   3819 	CERT *cert;
   3820 	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
   3821 
   3822 	/* Let's see which ciphers we can support */
   3823 	cert=s->cert;
   3824 
   3825 #if 0
   3826 	/* Do not set the compare functions, because this may lead to a
   3827 	 * reordering by "id". We want to keep the original ordering.
   3828 	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
   3829 	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
   3830 	 */
   3831 	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
   3832 	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
   3833 #endif
   3834 
   3835 #ifdef CIPHER_DEBUG
   3836 	printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
   3837 	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
   3838 		{
   3839 		c=sk_SSL_CIPHER_value(srvr,i);
   3840 		printf("%p:%s\n",(void *)c,c->name);
   3841 		}
   3842 	printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
   3843 	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
   3844 	    {
   3845 	    c=sk_SSL_CIPHER_value(clnt,i);
   3846 	    printf("%p:%s\n",(void *)c,c->name);
   3847 	    }
   3848 #endif
   3849 
   3850 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
   3851 		{
   3852 		prio = srvr;
   3853 		allow = clnt;
   3854 		}
   3855 	else
   3856 		{
   3857 		prio = clnt;
   3858 		allow = srvr;
   3859 		}
   3860 
   3861 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
   3862 		{
   3863 		c=sk_SSL_CIPHER_value(prio,i);
   3864 
   3865 		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
   3866 		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
   3867 			(TLS1_get_version(s) < TLS1_2_VERSION))
   3868 			continue;
   3869 
   3870 		ssl_set_cert_masks(cert,c);
   3871 		mask_k = cert->mask_k;
   3872 		mask_a = cert->mask_a;
   3873 		emask_k = cert->export_mask_k;
   3874 		emask_a = cert->export_mask_a;
   3875 #ifndef OPENSSL_NO_SRP
   3876 		mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
   3877 		emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
   3878 #endif
   3879 
   3880 #ifdef KSSL_DEBUG
   3881 /*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
   3882 #endif    /* KSSL_DEBUG */
   3883 
   3884 		alg_k=c->algorithm_mkey;
   3885 		alg_a=c->algorithm_auth;
   3886 
   3887 #ifndef OPENSSL_NO_KRB5
   3888 		if (alg_k & SSL_kKRB5)
   3889 			{
   3890 			if ( !kssl_keytab_is_available(s->kssl_ctx) )
   3891 			    continue;
   3892 			}
   3893 #endif /* OPENSSL_NO_KRB5 */
   3894 #ifndef OPENSSL_NO_PSK
   3895 		/* with PSK there must be server callback set */
   3896 		if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
   3897 			continue;
   3898 #endif /* OPENSSL_NO_PSK */
   3899 
   3900 		if (SSL_C_IS_EXPORT(c))
   3901 			{
   3902 			ok = (alg_k & emask_k) && (alg_a & emask_a);
   3903 #ifdef CIPHER_DEBUG
   3904 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
   3905 			       (void *)c,c->name);
   3906 #endif
   3907 			}
   3908 		else
   3909 			{
   3910 			ok = (alg_k & mask_k) && (alg_a & mask_a);
   3911 #ifdef CIPHER_DEBUG
   3912 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
   3913 			       c->name);
   3914 #endif
   3915 			}
   3916 
   3917 #ifndef OPENSSL_NO_TLSEXT
   3918 #ifndef OPENSSL_NO_EC
   3919 		if (
   3920 			/* if we are considering an ECC cipher suite that uses our certificate */
   3921 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
   3922 			/* and we have an ECC certificate */
   3923 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
   3924 			/* and the client specified a Supported Point Formats extension */
   3925 			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
   3926 			/* and our certificate's point is compressed */
   3927 			&& (
   3928 				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
   3929 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
   3930 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
   3931 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
   3932 				&& (
   3933 					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
   3934 					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
   3935 					)
   3936 				)
   3937 		)
   3938 			{
   3939 			ec_ok = 0;
   3940 			/* if our certificate's curve is over a field type that the client does not support
   3941 			 * then do not allow this cipher suite to be negotiated */
   3942 			if (
   3943 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
   3944 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
   3945 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
   3946 				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
   3947 			)
   3948 				{
   3949 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
   3950 					{
   3951 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
   3952 						{
   3953 						ec_ok = 1;
   3954 						break;
   3955 						}
   3956 					}
   3957 				}
   3958 			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
   3959 				{
   3960 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
   3961 					{
   3962 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
   3963 						{
   3964 						ec_ok = 1;
   3965 						break;
   3966 						}
   3967 					}
   3968 				}
   3969 			ok = ok && ec_ok;
   3970 			}
   3971 		if (
   3972 			/* if we are considering an ECC cipher suite that uses our certificate */
   3973 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
   3974 			/* and we have an ECC certificate */
   3975 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
   3976 			/* and the client specified an EllipticCurves extension */
   3977 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
   3978 		)
   3979 			{
   3980 			ec_ok = 0;
   3981 			if (
   3982 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
   3983 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
   3984 			)
   3985 				{
   3986 				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
   3987 				if ((ec_nid == 0)
   3988 					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
   3989 				)
   3990 					{
   3991 					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
   3992 						{
   3993 						ec_search1 = 0xFF;
   3994 						ec_search2 = 0x01;
   3995 						}
   3996 					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
   3997 						{
   3998 						ec_search1 = 0xFF;
   3999 						ec_search2 = 0x02;
   4000 						}
   4001 					}
   4002 				else
   4003 					{
   4004 					ec_search1 = 0x00;
   4005 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
   4006 					}
   4007 				if ((ec_search1 != 0) || (ec_search2 != 0))
   4008 					{
   4009 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
   4010 						{
   4011 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
   4012 							{
   4013 							ec_ok = 1;
   4014 							break;
   4015 							}
   4016 						}
   4017 					}
   4018 				}
   4019 			ok = ok && ec_ok;
   4020 			}
   4021 		if (
   4022 			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
   4023 			(alg_k & SSL_kEECDH)
   4024 			/* and we have an ephemeral EC key */
   4025 			&& (s->cert->ecdh_tmp != NULL)
   4026 			/* and the client specified an EllipticCurves extension */
   4027 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
   4028 		)
   4029 			{
   4030 			ec_ok = 0;
   4031 			if (s->cert->ecdh_tmp->group != NULL)
   4032 				{
   4033 				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
   4034 				if ((ec_nid == 0)
   4035 					&& (s->cert->ecdh_tmp->group->meth != NULL)
   4036 				)
   4037 					{
   4038 					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
   4039 						{
   4040 						ec_search1 = 0xFF;
   4041 						ec_search2 = 0x01;
   4042 						}
   4043 					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
   4044 						{
   4045 						ec_search1 = 0xFF;
   4046 						ec_search2 = 0x02;
   4047 						}
   4048 					}
   4049 				else
   4050 					{
   4051 					ec_search1 = 0x00;
   4052 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
   4053 					}
   4054 				if ((ec_search1 != 0) || (ec_search2 != 0))
   4055 					{
   4056 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
   4057 						{
   4058 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
   4059 							{
   4060 							ec_ok = 1;
   4061 							break;
   4062 							}
   4063 						}
   4064 					}
   4065 				}
   4066 			ok = ok && ec_ok;
   4067 			}
   4068 #endif /* OPENSSL_NO_EC */
   4069 #endif /* OPENSSL_NO_TLSEXT */
   4070 
   4071 		if (!ok) continue;
   4072 		ii=sk_SSL_CIPHER_find(allow,c);
   4073 		if (ii >= 0)
   4074 			{
   4075 			ret=sk_SSL_CIPHER_value(allow,ii);
   4076 			break;
   4077 			}
   4078 		}
   4079 	return(ret);
   4080 	}
   4081 
   4082 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
   4083 	{
   4084 	int ret=0;
   4085 	unsigned long alg_k;
   4086 
   4087 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
   4088 
   4089 #ifndef OPENSSL_NO_GOST
   4090 	if (s->version >= TLS1_VERSION)
   4091 		{
   4092 		if (alg_k & SSL_kGOST)
   4093 			{
   4094 			p[ret++]=TLS_CT_GOST94_SIGN;
   4095 			p[ret++]=TLS_CT_GOST01_SIGN;
   4096 			return(ret);
   4097 			}
   4098 		}
   4099 #endif
   4100 
   4101 #ifndef OPENSSL_NO_DH
   4102 	if (alg_k & (SSL_kDHr|SSL_kEDH))
   4103 		{
   4104 #  ifndef OPENSSL_NO_RSA
   4105 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
   4106 #  endif
   4107 #  ifndef OPENSSL_NO_DSA
   4108 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
   4109 #  endif
   4110 		}
   4111 	if ((s->version == SSL3_VERSION) &&
   4112 		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
   4113 		{
   4114 #  ifndef OPENSSL_NO_RSA
   4115 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
   4116 #  endif
   4117 #  ifndef OPENSSL_NO_DSA
   4118 		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
   4119 #  endif
   4120 		}
   4121 #endif /* !OPENSSL_NO_DH */
   4122 #ifndef OPENSSL_NO_RSA
   4123 	p[ret++]=SSL3_CT_RSA_SIGN;
   4124 #endif
   4125 #ifndef OPENSSL_NO_DSA
   4126 	p[ret++]=SSL3_CT_DSS_SIGN;
   4127 #endif
   4128 #ifndef OPENSSL_NO_ECDH
   4129 	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
   4130 		{
   4131 		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
   4132 		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
   4133 		}
   4134 #endif
   4135 
   4136 #ifndef OPENSSL_NO_ECDSA
   4137 	/* ECDSA certs can be used with RSA cipher suites as well
   4138 	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
   4139 	 */
   4140 	if (s->version >= TLS1_VERSION)
   4141 		{
   4142 		p[ret++]=TLS_CT_ECDSA_SIGN;
   4143 		}
   4144 #endif
   4145 	return(ret);
   4146 	}
   4147 
   4148 int ssl3_shutdown(SSL *s)
   4149 	{
   4150 	int ret;
   4151 
   4152 	/* Don't do anything much if we have not done the handshake or
   4153 	 * we don't want to send messages :-) */
   4154 	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
   4155 		{
   4156 		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
   4157 		return(1);
   4158 		}
   4159 
   4160 	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
   4161 		{
   4162 		s->shutdown|=SSL_SENT_SHUTDOWN;
   4163 #if 1
   4164 		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
   4165 #endif
   4166 		/* our shutdown alert has been sent now, and if it still needs
   4167 	 	 * to be written, s->s3->alert_dispatch will be true */
   4168 	 	if (s->s3->alert_dispatch)
   4169 	 		return(-1);	/* return WANT_WRITE */
   4170 		}
   4171 	else if (s->s3->alert_dispatch)
   4172 		{
   4173 		/* resend it if not sent */
   4174 #if 1
   4175 		ret=s->method->ssl_dispatch_alert(s);
   4176 		if(ret == -1)
   4177 			{
   4178 			/* we only get to return -1 here the 2nd/Nth
   4179 			 * invocation, we must  have already signalled
   4180 			 * return 0 upon a previous invoation,
   4181 			 * return WANT_WRITE */
   4182 			return(ret);
   4183 			}
   4184 #endif
   4185 		}
   4186 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
   4187 		{
   4188 		/* If we are waiting for a close from our peer, we are closed */
   4189 		s->method->ssl_read_bytes(s,0,NULL,0,0);
   4190 		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
   4191 			{
   4192 			return(-1);	/* return WANT_READ */
   4193 			}
   4194 		}
   4195 
   4196 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
   4197 		!s->s3->alert_dispatch)
   4198 		return(1);
   4199 	else
   4200 		return(0);
   4201 	}
   4202 
   4203 int ssl3_write(SSL *s, const void *buf, int len)
   4204 	{
   4205 	int ret,n;
   4206 
   4207 #if 0
   4208 	if (s->shutdown & SSL_SEND_SHUTDOWN)
   4209 		{
   4210 		s->rwstate=SSL_NOTHING;
   4211 		return(0);
   4212 		}
   4213 #endif
   4214 	clear_sys_error();
   4215 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
   4216 
   4217 	/* This is an experimental flag that sends the
   4218 	 * last handshake message in the same packet as the first
   4219 	 * use data - used to see if it helps the TCP protocol during
   4220 	 * session-id reuse */
   4221 	/* The second test is because the buffer may have been removed */
   4222 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
   4223 		{
   4224 		/* First time through, we write into the buffer */
   4225 		if (s->s3->delay_buf_pop_ret == 0)
   4226 			{
   4227 			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
   4228 					     buf,len);
   4229 			if (ret <= 0) return(ret);
   4230 
   4231 			s->s3->delay_buf_pop_ret=ret;
   4232 			}
   4233 
   4234 		s->rwstate=SSL_WRITING;
   4235 		n=BIO_flush(s->wbio);
   4236 		if (n <= 0) return(n);
   4237 		s->rwstate=SSL_NOTHING;
   4238 
   4239 		/* We have flushed the buffer, so remove it */
   4240 		ssl_free_wbio_buffer(s);
   4241 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
   4242 
   4243 		ret=s->s3->delay_buf_pop_ret;
   4244 		s->s3->delay_buf_pop_ret=0;
   4245 		}
   4246 	else
   4247 		{
   4248 		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
   4249 			buf,len);
   4250 		if (ret <= 0) return(ret);
   4251 		}
   4252 
   4253 	return(ret);
   4254 	}
   4255 
   4256 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
   4257 	{
   4258 	int n,ret;
   4259 
   4260 	clear_sys_error();
   4261 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
   4262 		{
   4263 		/* Deal with an application that calls SSL_read() when handshake data
   4264 		 * is yet to be written.
   4265 		 */
   4266 		if (BIO_wpending(s->wbio) > 0)
   4267 			{
   4268 			s->rwstate=SSL_WRITING;
   4269 			n=BIO_flush(s->wbio);
   4270 			if (n <= 0) return(n);
   4271 			s->rwstate=SSL_NOTHING;
   4272 			}
   4273 		}
   4274 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
   4275 	s->s3->in_read_app_data=1;
   4276 	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
   4277 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
   4278 		{
   4279 		/* ssl3_read_bytes decided to call s->handshake_func, which
   4280 		 * called ssl3_read_bytes to read handshake data.
   4281 		 * However, ssl3_read_bytes actually found application data
   4282 		 * and thinks that application data makes sense here; so disable
   4283 		 * handshake processing and try to read application data again. */
   4284 		s->in_handshake++;
   4285 		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
   4286 		s->in_handshake--;
   4287 		}
   4288 	else
   4289 		s->s3->in_read_app_data=0;
   4290 
   4291 	return(ret);
   4292 	}
   4293 
   4294 int ssl3_read(SSL *s, void *buf, int len)
   4295 	{
   4296 	return ssl3_read_internal(s, buf, len, 0);
   4297 	}
   4298 
   4299 int ssl3_peek(SSL *s, void *buf, int len)
   4300 	{
   4301 	return ssl3_read_internal(s, buf, len, 1);
   4302 	}
   4303 
   4304 int ssl3_renegotiate(SSL *s)
   4305 	{
   4306 	if (s->handshake_func == NULL)
   4307 		return(1);
   4308 
   4309 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
   4310 		return(0);
   4311 
   4312 	s->s3->renegotiate=1;
   4313 	return(1);
   4314 	}
   4315 
   4316 int ssl3_renegotiate_check(SSL *s)
   4317 	{
   4318 	int ret=0;
   4319 
   4320 	if (s->s3->renegotiate)
   4321 		{
   4322 		if (	(s->s3->rbuf.left == 0) &&
   4323 			(s->s3->wbuf.left == 0) &&
   4324 			!SSL_in_init(s))
   4325 			{
   4326 /*
   4327 if we are the server, and we have sent a 'RENEGOTIATE' message, we
   4328 need to go to SSL_ST_ACCEPT.
   4329 */
   4330 			/* SSL_ST_ACCEPT */
   4331 			s->state=SSL_ST_RENEGOTIATE;
   4332 			s->s3->renegotiate=0;
   4333 			s->s3->num_renegotiations++;
   4334 			s->s3->total_renegotiations++;
   4335 			ret=1;
   4336 			}
   4337 		}
   4338 	return(ret);
   4339 	}
   4340 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
   4341  * to new SHA256 PRF and handshake macs
   4342  */
   4343 long ssl_get_algorithm2(SSL *s)
   4344 	{
   4345 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
   4346 	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
   4347 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
   4348 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
   4349 	return alg2;
   4350 	}
   4351 
   4352