Home | History | Annotate | Download | only in ssl
      1 /* ssl/s3_lib.c */
      2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com)
      3  * All rights reserved.
      4  *
      5  * This package is an SSL implementation written
      6  * by Eric Young (eay (at) cryptsoft.com).
      7  * The implementation was written so as to conform with Netscapes SSL.
      8  *
      9  * This library is free for commercial and non-commercial use as long as
     10  * the following conditions are aheared to.  The following conditions
     11  * apply to all code found in this distribution, be it the RC4, RSA,
     12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
     13  * included with this distribution is covered by the same copyright terms
     14  * except that the holder is Tim Hudson (tjh (at) cryptsoft.com).
     15  *
     16  * Copyright remains Eric Young's, and as such any Copyright notices in
     17  * the code are not to be removed.
     18  * If this package is used in a product, Eric Young should be given attribution
     19  * as the author of the parts of the library used.
     20  * This can be in the form of a textual message at program startup or
     21  * in documentation (online or textual) provided with the package.
     22  *
     23  * Redistribution and use in source and binary forms, with or without
     24  * modification, are permitted provided that the following conditions
     25  * are met:
     26  * 1. Redistributions of source code must retain the copyright
     27  *    notice, this list of conditions and the following disclaimer.
     28  * 2. Redistributions in binary form must reproduce the above copyright
     29  *    notice, this list of conditions and the following disclaimer in the
     30  *    documentation and/or other materials provided with the distribution.
     31  * 3. All advertising materials mentioning features or use of this software
     32  *    must display the following acknowledgement:
     33  *    "This product includes cryptographic software written by
     34  *     Eric Young (eay (at) cryptsoft.com)"
     35  *    The word 'cryptographic' can be left out if the rouines from the library
     36  *    being used are not cryptographic related :-).
     37  * 4. If you include any Windows specific code (or a derivative thereof) from
     38  *    the apps directory (application code) you must include an acknowledgement:
     39  *    "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)"
     40  *
     41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
     42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     51  * SUCH DAMAGE.
     52  *
     53  * The licence and distribution terms for any publically available version or
     54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
     55  * copied and put under another distribution licence
     56  * [including the GNU Public Licence.]
     57  */
     58 /* ====================================================================
     59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
     60  *
     61  * Redistribution and use in source and binary forms, with or without
     62  * modification, are permitted provided that the following conditions
     63  * are met:
     64  *
     65  * 1. Redistributions of source code must retain the above copyright
     66  *    notice, this list of conditions and the following disclaimer.
     67  *
     68  * 2. Redistributions in binary form must reproduce the above copyright
     69  *    notice, this list of conditions and the following disclaimer in
     70  *    the documentation and/or other materials provided with the
     71  *    distribution.
     72  *
     73  * 3. All advertising materials mentioning features or use of this
     74  *    software must display the following acknowledgment:
     75  *    "This product includes software developed by the OpenSSL Project
     76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
     77  *
     78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
     79  *    endorse or promote products derived from this software without
     80  *    prior written permission. For written permission, please contact
     81  *    openssl-core (at) openssl.org.
     82  *
     83  * 5. Products derived from this software may not be called "OpenSSL"
     84  *    nor may "OpenSSL" appear in their names without prior written
     85  *    permission of the OpenSSL Project.
     86  *
     87  * 6. Redistributions of any form whatsoever must retain the following
     88  *    acknowledgment:
     89  *    "This product includes software developed by the OpenSSL Project
     90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
     91  *
     92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
     93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
     96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    103  * OF THE POSSIBILITY OF SUCH DAMAGE.
    104  * ====================================================================
    105  *
    106  * This product includes cryptographic software written by Eric Young
    107  * (eay (at) cryptsoft.com).  This product includes software written by Tim
    108  * Hudson (tjh (at) cryptsoft.com).
    109  *
    110  */
    111 /* ====================================================================
    112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
    113  *
    114  * Portions of the attached software ("Contribution") are developed by
    115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
    116  *
    117  * The Contribution is licensed pursuant to the OpenSSL open source
    118  * license provided above.
    119  *
    120  * ECC cipher suite support in OpenSSL originally written by
    121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
    122  *
    123  */
    124 /* ====================================================================
    125  * Copyright 2005 Nokia. All rights reserved.
    126  *
    127  * The portions of the attached software ("Contribution") is developed by
    128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
    129  * license.
    130  *
    131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
    132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
    133  * support (see RFC 4279) to OpenSSL.
    134  *
    135  * No patent licenses or other rights except those expressly stated in
    136  * the OpenSSL open source license shall be deemed granted or received
    137  * expressly, by implication, estoppel, or otherwise.
    138  *
    139  * No assurances are provided by Nokia that the Contribution does not
    140  * infringe the patent or other intellectual property rights of any third
    141  * party or that the license provides you with all the necessary rights
    142  * to make use of the Contribution.
    143  *
    144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
    145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
    146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
    147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
    148  * OTHERWISE.
    149  */
    150 
    151 #include <stdio.h>
    152 #include <openssl/objects.h>
    153 #include "ssl_locl.h"
    154 #include "kssl_lcl.h"
    155 #ifndef OPENSSL_NO_TLSEXT
    156 #ifndef OPENSSL_NO_EC
    157 #include "../crypto/ec/ec_lcl.h"
    158 #endif /* OPENSSL_NO_EC */
    159 #endif /* OPENSSL_NO_TLSEXT */
    160 #include <openssl/md5.h>
    161 #ifndef OPENSSL_NO_DH
    162 #include <openssl/dh.h>
    163 #endif
    164 
    165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
    166 
    167 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
    168 
    169 /* list of available SSLv3 ciphers (sorted by id) */
    170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
    171 
    172 /* The RSA ciphers */
    173 /* Cipher 01 */
    174 	{
    175 	1,
    176 	SSL3_TXT_RSA_NULL_MD5,
    177 	SSL3_CK_RSA_NULL_MD5,
    178 	SSL_kRSA,
    179 	SSL_aRSA,
    180 	SSL_eNULL,
    181 	SSL_MD5,
    182 	SSL_SSLV3,
    183 	SSL_NOT_EXP|SSL_STRONG_NONE,
    184 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    185 	0,
    186 	0,
    187 	},
    188 
    189 /* Cipher 02 */
    190 	{
    191 	1,
    192 	SSL3_TXT_RSA_NULL_SHA,
    193 	SSL3_CK_RSA_NULL_SHA,
    194 	SSL_kRSA,
    195 	SSL_aRSA,
    196 	SSL_eNULL,
    197 	SSL_SHA1,
    198 	SSL_SSLV3,
    199 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
    200 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    201 	0,
    202 	0,
    203 	},
    204 
    205 /* Cipher 03 */
    206 	{
    207 	1,
    208 	SSL3_TXT_RSA_RC4_40_MD5,
    209 	SSL3_CK_RSA_RC4_40_MD5,
    210 	SSL_kRSA,
    211 	SSL_aRSA,
    212 	SSL_RC4,
    213 	SSL_MD5,
    214 	SSL_SSLV3,
    215 	SSL_EXPORT|SSL_EXP40,
    216 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    217 	40,
    218 	128,
    219 	},
    220 
    221 /* Cipher 04 */
    222 	{
    223 	1,
    224 	SSL3_TXT_RSA_RC4_128_MD5,
    225 	SSL3_CK_RSA_RC4_128_MD5,
    226 	SSL_kRSA,
    227 	SSL_aRSA,
    228 	SSL_RC4,
    229 	SSL_MD5,
    230 	SSL_SSLV3,
    231 	SSL_NOT_EXP|SSL_MEDIUM,
    232 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    233 	128,
    234 	128,
    235 	},
    236 
    237 /* Cipher 05 */
    238 	{
    239 	1,
    240 	SSL3_TXT_RSA_RC4_128_SHA,
    241 	SSL3_CK_RSA_RC4_128_SHA,
    242 	SSL_kRSA,
    243 	SSL_aRSA,
    244 	SSL_RC4,
    245 	SSL_SHA1,
    246 	SSL_SSLV3,
    247 	SSL_NOT_EXP|SSL_MEDIUM,
    248 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    249 	128,
    250 	128,
    251 	},
    252 
    253 /* Cipher 06 */
    254 	{
    255 	1,
    256 	SSL3_TXT_RSA_RC2_40_MD5,
    257 	SSL3_CK_RSA_RC2_40_MD5,
    258 	SSL_kRSA,
    259 	SSL_aRSA,
    260 	SSL_RC2,
    261 	SSL_MD5,
    262 	SSL_SSLV3,
    263 	SSL_EXPORT|SSL_EXP40,
    264 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    265 	40,
    266 	128,
    267 	},
    268 
    269 /* Cipher 07 */
    270 #ifndef OPENSSL_NO_IDEA
    271 	{
    272 	1,
    273 	SSL3_TXT_RSA_IDEA_128_SHA,
    274 	SSL3_CK_RSA_IDEA_128_SHA,
    275 	SSL_kRSA,
    276 	SSL_aRSA,
    277 	SSL_IDEA,
    278 	SSL_SHA1,
    279 	SSL_SSLV3,
    280 	SSL_NOT_EXP|SSL_MEDIUM,
    281 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    282 	128,
    283 	128,
    284 	},
    285 #endif
    286 
    287 /* Cipher 08 */
    288 	{
    289 	1,
    290 	SSL3_TXT_RSA_DES_40_CBC_SHA,
    291 	SSL3_CK_RSA_DES_40_CBC_SHA,
    292 	SSL_kRSA,
    293 	SSL_aRSA,
    294 	SSL_DES,
    295 	SSL_SHA1,
    296 	SSL_SSLV3,
    297 	SSL_EXPORT|SSL_EXP40,
    298 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    299 	40,
    300 	56,
    301 	},
    302 
    303 /* Cipher 09 */
    304 	{
    305 	1,
    306 	SSL3_TXT_RSA_DES_64_CBC_SHA,
    307 	SSL3_CK_RSA_DES_64_CBC_SHA,
    308 	SSL_kRSA,
    309 	SSL_aRSA,
    310 	SSL_DES,
    311 	SSL_SHA1,
    312 	SSL_SSLV3,
    313 	SSL_NOT_EXP|SSL_LOW,
    314 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    315 	56,
    316 	56,
    317 	},
    318 
    319 /* Cipher 0A */
    320 	{
    321 	1,
    322 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
    323 	SSL3_CK_RSA_DES_192_CBC3_SHA,
    324 	SSL_kRSA,
    325 	SSL_aRSA,
    326 	SSL_3DES,
    327 	SSL_SHA1,
    328 	SSL_SSLV3,
    329 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    330 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    331 	112,
    332 	168,
    333 	},
    334 
    335 /* The DH ciphers */
    336 /* Cipher 0B */
    337 	{
    338 	0,
    339 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
    340 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
    341 	SSL_kDHd,
    342 	SSL_aDH,
    343 	SSL_DES,
    344 	SSL_SHA1,
    345 	SSL_SSLV3,
    346 	SSL_EXPORT|SSL_EXP40,
    347 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    348 	40,
    349 	56,
    350 	},
    351 
    352 /* Cipher 0C */
    353 	{
    354 	0, /* not implemented (non-ephemeral DH) */
    355 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
    356 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
    357 	SSL_kDHd,
    358 	SSL_aDH,
    359 	SSL_DES,
    360 	SSL_SHA1,
    361 	SSL_SSLV3,
    362 	SSL_NOT_EXP|SSL_LOW,
    363 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    364 	56,
    365 	56,
    366 	},
    367 
    368 /* Cipher 0D */
    369 	{
    370 	0, /* not implemented (non-ephemeral DH) */
    371 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
    372 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
    373 	SSL_kDHd,
    374 	SSL_aDH,
    375 	SSL_3DES,
    376 	SSL_SHA1,
    377 	SSL_SSLV3,
    378 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    379 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    380 	112,
    381 	168,
    382 	},
    383 
    384 /* Cipher 0E */
    385 	{
    386 	0, /* not implemented (non-ephemeral DH) */
    387 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
    388 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
    389 	SSL_kDHr,
    390 	SSL_aDH,
    391 	SSL_DES,
    392 	SSL_SHA1,
    393 	SSL_SSLV3,
    394 	SSL_EXPORT|SSL_EXP40,
    395 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    396 	40,
    397 	56,
    398 	},
    399 
    400 /* Cipher 0F */
    401 	{
    402 	0, /* not implemented (non-ephemeral DH) */
    403 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
    404 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
    405 	SSL_kDHr,
    406 	SSL_aDH,
    407 	SSL_DES,
    408 	SSL_SHA1,
    409 	SSL_SSLV3,
    410 	SSL_NOT_EXP|SSL_LOW,
    411 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    412 	56,
    413 	56,
    414 	},
    415 
    416 /* Cipher 10 */
    417 	{
    418 	0, /* not implemented (non-ephemeral DH) */
    419 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
    420 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
    421 	SSL_kDHr,
    422 	SSL_aDH,
    423 	SSL_3DES,
    424 	SSL_SHA1,
    425 	SSL_SSLV3,
    426 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    427 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    428 	112,
    429 	168,
    430 	},
    431 
    432 /* The Ephemeral DH ciphers */
    433 /* Cipher 11 */
    434 	{
    435 	1,
    436 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
    437 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
    438 	SSL_kEDH,
    439 	SSL_aDSS,
    440 	SSL_DES,
    441 	SSL_SHA1,
    442 	SSL_SSLV3,
    443 	SSL_EXPORT|SSL_EXP40,
    444 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    445 	40,
    446 	56,
    447 	},
    448 
    449 /* Cipher 12 */
    450 	{
    451 	1,
    452 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
    453 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
    454 	SSL_kEDH,
    455 	SSL_aDSS,
    456 	SSL_DES,
    457 	SSL_SHA1,
    458 	SSL_SSLV3,
    459 	SSL_NOT_EXP|SSL_LOW,
    460 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    461 	56,
    462 	56,
    463 	},
    464 
    465 /* Cipher 13 */
    466 	{
    467 	1,
    468 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
    469 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
    470 	SSL_kEDH,
    471 	SSL_aDSS,
    472 	SSL_3DES,
    473 	SSL_SHA1,
    474 	SSL_SSLV3,
    475 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    476 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    477 	112,
    478 	168,
    479 	},
    480 
    481 /* Cipher 14 */
    482 	{
    483 	1,
    484 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
    485 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
    486 	SSL_kEDH,
    487 	SSL_aRSA,
    488 	SSL_DES,
    489 	SSL_SHA1,
    490 	SSL_SSLV3,
    491 	SSL_EXPORT|SSL_EXP40,
    492 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    493 	40,
    494 	56,
    495 	},
    496 
    497 /* Cipher 15 */
    498 	{
    499 	1,
    500 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
    501 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
    502 	SSL_kEDH,
    503 	SSL_aRSA,
    504 	SSL_DES,
    505 	SSL_SHA1,
    506 	SSL_SSLV3,
    507 	SSL_NOT_EXP|SSL_LOW,
    508 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    509 	56,
    510 	56,
    511 	},
    512 
    513 /* Cipher 16 */
    514 	{
    515 	1,
    516 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
    517 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
    518 	SSL_kEDH,
    519 	SSL_aRSA,
    520 	SSL_3DES,
    521 	SSL_SHA1,
    522 	SSL_SSLV3,
    523 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    524 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    525 	112,
    526 	168,
    527 	},
    528 
    529 /* Cipher 17 */
    530 	{
    531 	1,
    532 	SSL3_TXT_ADH_RC4_40_MD5,
    533 	SSL3_CK_ADH_RC4_40_MD5,
    534 	SSL_kEDH,
    535 	SSL_aNULL,
    536 	SSL_RC4,
    537 	SSL_MD5,
    538 	SSL_SSLV3,
    539 	SSL_EXPORT|SSL_EXP40,
    540 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    541 	40,
    542 	128,
    543 	},
    544 
    545 /* Cipher 18 */
    546 	{
    547 	1,
    548 	SSL3_TXT_ADH_RC4_128_MD5,
    549 	SSL3_CK_ADH_RC4_128_MD5,
    550 	SSL_kEDH,
    551 	SSL_aNULL,
    552 	SSL_RC4,
    553 	SSL_MD5,
    554 	SSL_SSLV3,
    555 	SSL_NOT_EXP|SSL_MEDIUM,
    556 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    557 	128,
    558 	128,
    559 	},
    560 
    561 /* Cipher 19 */
    562 	{
    563 	1,
    564 	SSL3_TXT_ADH_DES_40_CBC_SHA,
    565 	SSL3_CK_ADH_DES_40_CBC_SHA,
    566 	SSL_kEDH,
    567 	SSL_aNULL,
    568 	SSL_DES,
    569 	SSL_SHA1,
    570 	SSL_SSLV3,
    571 	SSL_EXPORT|SSL_EXP40,
    572 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    573 	40,
    574 	128,
    575 	},
    576 
    577 /* Cipher 1A */
    578 	{
    579 	1,
    580 	SSL3_TXT_ADH_DES_64_CBC_SHA,
    581 	SSL3_CK_ADH_DES_64_CBC_SHA,
    582 	SSL_kEDH,
    583 	SSL_aNULL,
    584 	SSL_DES,
    585 	SSL_SHA1,
    586 	SSL_SSLV3,
    587 	SSL_NOT_EXP|SSL_LOW,
    588 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    589 	56,
    590 	56,
    591 	},
    592 
    593 /* Cipher 1B */
    594 	{
    595 	1,
    596 	SSL3_TXT_ADH_DES_192_CBC_SHA,
    597 	SSL3_CK_ADH_DES_192_CBC_SHA,
    598 	SSL_kEDH,
    599 	SSL_aNULL,
    600 	SSL_3DES,
    601 	SSL_SHA1,
    602 	SSL_SSLV3,
    603 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    604 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    605 	112,
    606 	168,
    607 	},
    608 
    609 /* Fortezza ciphersuite from SSL 3.0 spec */
    610 #if 0
    611 /* Cipher 1C */
    612 	{
    613 	0,
    614 	SSL3_TXT_FZA_DMS_NULL_SHA,
    615 	SSL3_CK_FZA_DMS_NULL_SHA,
    616 	SSL_kFZA,
    617 	SSL_aFZA,
    618 	SSL_eNULL,
    619 	SSL_SHA1,
    620 	SSL_SSLV3,
    621 	SSL_NOT_EXP|SSL_STRONG_NONE,
    622 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    623 	0,
    624 	0,
    625 	},
    626 
    627 /* Cipher 1D */
    628 	{
    629 	0,
    630 	SSL3_TXT_FZA_DMS_FZA_SHA,
    631 	SSL3_CK_FZA_DMS_FZA_SHA,
    632 	SSL_kFZA,
    633 	SSL_aFZA,
    634 	SSL_eFZA,
    635 	SSL_SHA1,
    636 	SSL_SSLV3,
    637 	SSL_NOT_EXP|SSL_STRONG_NONE,
    638 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    639 	0,
    640 	0,
    641 	},
    642 
    643 /* Cipher 1E */
    644 	{
    645 	0,
    646 	SSL3_TXT_FZA_DMS_RC4_SHA,
    647 	SSL3_CK_FZA_DMS_RC4_SHA,
    648 	SSL_kFZA,
    649 	SSL_aFZA,
    650 	SSL_RC4,
    651 	SSL_SHA1,
    652 	SSL_SSLV3,
    653 	SSL_NOT_EXP|SSL_MEDIUM,
    654 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    655 	128,
    656 	128,
    657 	},
    658 #endif
    659 
    660 #ifndef OPENSSL_NO_KRB5
    661 /* The Kerberos ciphers*/
    662 /* Cipher 1E */
    663 	{
    664 	1,
    665 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
    666 	SSL3_CK_KRB5_DES_64_CBC_SHA,
    667 	SSL_kKRB5,
    668 	SSL_aKRB5,
    669 	SSL_DES,
    670 	SSL_SHA1,
    671 	SSL_SSLV3,
    672 	SSL_NOT_EXP|SSL_LOW,
    673 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    674 	56,
    675 	56,
    676 	},
    677 
    678 /* Cipher 1F */
    679 	{
    680 	1,
    681 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
    682 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
    683 	SSL_kKRB5,
    684 	SSL_aKRB5,
    685 	SSL_3DES,
    686 	SSL_SHA1,
    687 	SSL_SSLV3,
    688 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    689 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    690 	112,
    691 	168,
    692 	},
    693 
    694 /* Cipher 20 */
    695 	{
    696 	1,
    697 	SSL3_TXT_KRB5_RC4_128_SHA,
    698 	SSL3_CK_KRB5_RC4_128_SHA,
    699 	SSL_kKRB5,
    700 	SSL_aKRB5,
    701 	SSL_RC4,
    702 	SSL_SHA1,
    703 	SSL_SSLV3,
    704 	SSL_NOT_EXP|SSL_MEDIUM,
    705 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    706 	128,
    707 	128,
    708 	},
    709 
    710 /* Cipher 21 */
    711 	{
    712 	1,
    713 	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
    714 	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
    715 	SSL_kKRB5,
    716 	SSL_aKRB5,
    717 	SSL_IDEA,
    718 	SSL_SHA1,
    719 	SSL_SSLV3,
    720 	SSL_NOT_EXP|SSL_MEDIUM,
    721 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    722 	128,
    723 	128,
    724 	},
    725 
    726 /* Cipher 22 */
    727 	{
    728 	1,
    729 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
    730 	SSL3_CK_KRB5_DES_64_CBC_MD5,
    731 	SSL_kKRB5,
    732 	SSL_aKRB5,
    733 	SSL_DES,
    734 	SSL_MD5,
    735 	SSL_SSLV3,
    736 	SSL_NOT_EXP|SSL_LOW,
    737 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    738 	56,
    739 	56,
    740 	},
    741 
    742 /* Cipher 23 */
    743 	{
    744 	1,
    745 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
    746 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
    747 	SSL_kKRB5,
    748 	SSL_aKRB5,
    749 	SSL_3DES,
    750 	SSL_MD5,
    751 	SSL_SSLV3,
    752 	SSL_NOT_EXP|SSL_HIGH,
    753 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    754 	112,
    755 	168,
    756 	},
    757 
    758 /* Cipher 24 */
    759 	{
    760 	1,
    761 	SSL3_TXT_KRB5_RC4_128_MD5,
    762 	SSL3_CK_KRB5_RC4_128_MD5,
    763 	SSL_kKRB5,
    764 	SSL_aKRB5,
    765 	SSL_RC4,
    766 	SSL_MD5,
    767 	SSL_SSLV3,
    768 	SSL_NOT_EXP|SSL_MEDIUM,
    769 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    770 	128,
    771 	128,
    772 	},
    773 
    774 /* Cipher 25 */
    775 	{
    776 	1,
    777 	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
    778 	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
    779 	SSL_kKRB5,
    780 	SSL_aKRB5,
    781 	SSL_IDEA,
    782 	SSL_MD5,
    783 	SSL_SSLV3,
    784 	SSL_NOT_EXP|SSL_MEDIUM,
    785 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    786 	128,
    787 	128,
    788 	},
    789 
    790 /* Cipher 26 */
    791 	{
    792 	1,
    793 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
    794 	SSL3_CK_KRB5_DES_40_CBC_SHA,
    795 	SSL_kKRB5,
    796 	SSL_aKRB5,
    797 	SSL_DES,
    798 	SSL_SHA1,
    799 	SSL_SSLV3,
    800 	SSL_EXPORT|SSL_EXP40,
    801 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    802 	40,
    803 	56,
    804 	},
    805 
    806 /* Cipher 27 */
    807 	{
    808 	1,
    809 	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
    810 	SSL3_CK_KRB5_RC2_40_CBC_SHA,
    811 	SSL_kKRB5,
    812 	SSL_aKRB5,
    813 	SSL_RC2,
    814 	SSL_SHA1,
    815 	SSL_SSLV3,
    816 	SSL_EXPORT|SSL_EXP40,
    817 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    818 	40,
    819 	128,
    820 	},
    821 
    822 /* Cipher 28 */
    823 	{
    824 	1,
    825 	SSL3_TXT_KRB5_RC4_40_SHA,
    826 	SSL3_CK_KRB5_RC4_40_SHA,
    827 	SSL_kKRB5,
    828 	SSL_aKRB5,
    829 	SSL_RC4,
    830 	SSL_SHA1,
    831 	SSL_SSLV3,
    832 	SSL_EXPORT|SSL_EXP40,
    833 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    834 	40,
    835 	128,
    836 	},
    837 
    838 /* Cipher 29 */
    839 	{
    840 	1,
    841 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
    842 	SSL3_CK_KRB5_DES_40_CBC_MD5,
    843 	SSL_kKRB5,
    844 	SSL_aKRB5,
    845 	SSL_DES,
    846 	SSL_MD5,
    847 	SSL_SSLV3,
    848 	SSL_EXPORT|SSL_EXP40,
    849 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    850 	40,
    851 	56,
    852 	},
    853 
    854 /* Cipher 2A */
    855 	{
    856 	1,
    857 	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
    858 	SSL3_CK_KRB5_RC2_40_CBC_MD5,
    859 	SSL_kKRB5,
    860 	SSL_aKRB5,
    861 	SSL_RC2,
    862 	SSL_MD5,
    863 	SSL_SSLV3,
    864 	SSL_EXPORT|SSL_EXP40,
    865 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    866 	40,
    867 	128,
    868 	},
    869 
    870 /* Cipher 2B */
    871 	{
    872 	1,
    873 	SSL3_TXT_KRB5_RC4_40_MD5,
    874 	SSL3_CK_KRB5_RC4_40_MD5,
    875 	SSL_kKRB5,
    876 	SSL_aKRB5,
    877 	SSL_RC4,
    878 	SSL_MD5,
    879 	SSL_SSLV3,
    880 	SSL_EXPORT|SSL_EXP40,
    881 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    882 	40,
    883 	128,
    884 	},
    885 #endif	/* OPENSSL_NO_KRB5 */
    886 
    887 /* New AES ciphersuites */
    888 /* Cipher 2F */
    889 	{
    890 	1,
    891 	TLS1_TXT_RSA_WITH_AES_128_SHA,
    892 	TLS1_CK_RSA_WITH_AES_128_SHA,
    893 	SSL_kRSA,
    894 	SSL_aRSA,
    895 	SSL_AES128,
    896 	SSL_SHA1,
    897 	SSL_TLSV1,
    898 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    899 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    900 	128,
    901 	128,
    902 	},
    903 /* Cipher 30 */
    904 	{
    905 	0,
    906 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
    907 	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
    908 	SSL_kDHd,
    909 	SSL_aDH,
    910 	SSL_AES128,
    911 	SSL_SHA1,
    912 	SSL_TLSV1,
    913 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    914 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    915 	128,
    916 	128,
    917 	},
    918 /* Cipher 31 */
    919 	{
    920 	0,
    921 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
    922 	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
    923 	SSL_kDHr,
    924 	SSL_aDH,
    925 	SSL_AES128,
    926 	SSL_SHA1,
    927 	SSL_TLSV1,
    928 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    929 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    930 	128,
    931 	128,
    932 	},
    933 /* Cipher 32 */
    934 	{
    935 	1,
    936 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
    937 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
    938 	SSL_kEDH,
    939 	SSL_aDSS,
    940 	SSL_AES128,
    941 	SSL_SHA1,
    942 	SSL_TLSV1,
    943 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    944 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    945 	128,
    946 	128,
    947 	},
    948 /* Cipher 33 */
    949 	{
    950 	1,
    951 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
    952 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
    953 	SSL_kEDH,
    954 	SSL_aRSA,
    955 	SSL_AES128,
    956 	SSL_SHA1,
    957 	SSL_TLSV1,
    958 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    959 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    960 	128,
    961 	128,
    962 	},
    963 /* Cipher 34 */
    964 	{
    965 	1,
    966 	TLS1_TXT_ADH_WITH_AES_128_SHA,
    967 	TLS1_CK_ADH_WITH_AES_128_SHA,
    968 	SSL_kEDH,
    969 	SSL_aNULL,
    970 	SSL_AES128,
    971 	SSL_SHA1,
    972 	SSL_TLSV1,
    973 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    974 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    975 	128,
    976 	128,
    977 	},
    978 
    979 /* Cipher 35 */
    980 	{
    981 	1,
    982 	TLS1_TXT_RSA_WITH_AES_256_SHA,
    983 	TLS1_CK_RSA_WITH_AES_256_SHA,
    984 	SSL_kRSA,
    985 	SSL_aRSA,
    986 	SSL_AES256,
    987 	SSL_SHA1,
    988 	SSL_TLSV1,
    989 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
    990 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
    991 	256,
    992 	256,
    993 	},
    994 /* Cipher 36 */
    995 	{
    996 	0,
    997 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
    998 	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
    999 	SSL_kDHd,
   1000 	SSL_aDH,
   1001 	SSL_AES256,
   1002 	SSL_SHA1,
   1003 	SSL_TLSV1,
   1004 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1005 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1006 	256,
   1007 	256,
   1008 	},
   1009 
   1010 /* Cipher 37 */
   1011 	{
   1012 	0, /* not implemented (non-ephemeral DH) */
   1013 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
   1014 	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
   1015 	SSL_kDHr,
   1016 	SSL_aDH,
   1017 	SSL_AES256,
   1018 	SSL_SHA1,
   1019 	SSL_TLSV1,
   1020 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1021 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1022 	256,
   1023 	256,
   1024 	},
   1025 
   1026 /* Cipher 38 */
   1027 	{
   1028 	1,
   1029 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
   1030 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
   1031 	SSL_kEDH,
   1032 	SSL_aDSS,
   1033 	SSL_AES256,
   1034 	SSL_SHA1,
   1035 	SSL_TLSV1,
   1036 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1037 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1038 	256,
   1039 	256,
   1040 	},
   1041 
   1042 /* Cipher 39 */
   1043 	{
   1044 	1,
   1045 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
   1046 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
   1047 	SSL_kEDH,
   1048 	SSL_aRSA,
   1049 	SSL_AES256,
   1050 	SSL_SHA1,
   1051 	SSL_TLSV1,
   1052 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1053 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1054 	256,
   1055 	256,
   1056 	},
   1057 
   1058 	/* Cipher 3A */
   1059 	{
   1060 	1,
   1061 	TLS1_TXT_ADH_WITH_AES_256_SHA,
   1062 	TLS1_CK_ADH_WITH_AES_256_SHA,
   1063 	SSL_kEDH,
   1064 	SSL_aNULL,
   1065 	SSL_AES256,
   1066 	SSL_SHA1,
   1067 	SSL_TLSV1,
   1068 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1069 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1070 	256,
   1071 	256,
   1072 	},
   1073 
   1074 	/* TLS v1.2 ciphersuites */
   1075 	/* Cipher 3B */
   1076 	{
   1077 	1,
   1078 	TLS1_TXT_RSA_WITH_NULL_SHA256,
   1079 	TLS1_CK_RSA_WITH_NULL_SHA256,
   1080 	SSL_kRSA,
   1081 	SSL_aRSA,
   1082 	SSL_eNULL,
   1083 	SSL_SHA256,
   1084 	SSL_TLSV1_2,
   1085 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   1086 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1087 	0,
   1088 	0,
   1089 	},
   1090 
   1091 	/* Cipher 3C */
   1092 	{
   1093 	1,
   1094 	TLS1_TXT_RSA_WITH_AES_128_SHA256,
   1095 	TLS1_CK_RSA_WITH_AES_128_SHA256,
   1096 	SSL_kRSA,
   1097 	SSL_aRSA,
   1098 	SSL_AES128,
   1099 	SSL_SHA256,
   1100 	SSL_TLSV1_2,
   1101 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1102 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1103 	128,
   1104 	128,
   1105 	},
   1106 
   1107 	/* Cipher 3D */
   1108 	{
   1109 	1,
   1110 	TLS1_TXT_RSA_WITH_AES_256_SHA256,
   1111 	TLS1_CK_RSA_WITH_AES_256_SHA256,
   1112 	SSL_kRSA,
   1113 	SSL_aRSA,
   1114 	SSL_AES256,
   1115 	SSL_SHA256,
   1116 	SSL_TLSV1_2,
   1117 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1118 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1119 	256,
   1120 	256,
   1121 	},
   1122 
   1123 	/* Cipher 3E */
   1124 	{
   1125 	0, /* not implemented (non-ephemeral DH) */
   1126 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
   1127 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
   1128 	SSL_kDHd,
   1129 	SSL_aDH,
   1130 	SSL_AES128,
   1131 	SSL_SHA256,
   1132 	SSL_TLSV1_2,
   1133 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1134 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1135 	128,
   1136 	128,
   1137 	},
   1138 
   1139 	/* Cipher 3F */
   1140 	{
   1141 	0, /* not implemented (non-ephemeral DH) */
   1142 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
   1143 	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
   1144 	SSL_kDHr,
   1145 	SSL_aDH,
   1146 	SSL_AES128,
   1147 	SSL_SHA256,
   1148 	SSL_TLSV1_2,
   1149 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1150 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1151 	128,
   1152 	128,
   1153 	},
   1154 
   1155 	/* Cipher 40 */
   1156 	{
   1157 	1,
   1158 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
   1159 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
   1160 	SSL_kEDH,
   1161 	SSL_aDSS,
   1162 	SSL_AES128,
   1163 	SSL_SHA256,
   1164 	SSL_TLSV1_2,
   1165 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1166 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1167 	128,
   1168 	128,
   1169 	},
   1170 
   1171 #ifndef OPENSSL_NO_CAMELLIA
   1172 	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
   1173 
   1174 	/* Cipher 41 */
   1175 	{
   1176 	1,
   1177 	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1178 	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1179 	SSL_kRSA,
   1180 	SSL_aRSA,
   1181 	SSL_CAMELLIA128,
   1182 	SSL_SHA1,
   1183 	SSL_TLSV1,
   1184 	SSL_NOT_EXP|SSL_HIGH,
   1185 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1186 	128,
   1187 	128,
   1188 	},
   1189 
   1190 	/* Cipher 42 */
   1191 	{
   1192 	0, /* not implemented (non-ephemeral DH) */
   1193 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1194 	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1195 	SSL_kDHd,
   1196 	SSL_aDH,
   1197 	SSL_CAMELLIA128,
   1198 	SSL_SHA1,
   1199 	SSL_TLSV1,
   1200 	SSL_NOT_EXP|SSL_HIGH,
   1201 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1202 	128,
   1203 	128,
   1204 	},
   1205 
   1206 	/* Cipher 43 */
   1207 	{
   1208 	0, /* not implemented (non-ephemeral DH) */
   1209 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1210 	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1211 	SSL_kDHr,
   1212 	SSL_aDH,
   1213 	SSL_CAMELLIA128,
   1214 	SSL_SHA1,
   1215 	SSL_TLSV1,
   1216 	SSL_NOT_EXP|SSL_HIGH,
   1217 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1218 	128,
   1219 	128,
   1220 	},
   1221 
   1222 	/* Cipher 44 */
   1223 	{
   1224 	1,
   1225 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1226 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
   1227 	SSL_kEDH,
   1228 	SSL_aDSS,
   1229 	SSL_CAMELLIA128,
   1230 	SSL_SHA1,
   1231 	SSL_TLSV1,
   1232 	SSL_NOT_EXP|SSL_HIGH,
   1233 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1234 	128,
   1235 	128,
   1236 	},
   1237 
   1238 	/* Cipher 45 */
   1239 	{
   1240 	1,
   1241 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1242 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
   1243 	SSL_kEDH,
   1244 	SSL_aRSA,
   1245 	SSL_CAMELLIA128,
   1246 	SSL_SHA1,
   1247 	SSL_TLSV1,
   1248 	SSL_NOT_EXP|SSL_HIGH,
   1249 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1250 	128,
   1251 	128,
   1252 	},
   1253 
   1254 	/* Cipher 46 */
   1255 	{
   1256 	1,
   1257 	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
   1258 	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
   1259 	SSL_kEDH,
   1260 	SSL_aNULL,
   1261 	SSL_CAMELLIA128,
   1262 	SSL_SHA1,
   1263 	SSL_TLSV1,
   1264 	SSL_NOT_EXP|SSL_HIGH,
   1265 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1266 	128,
   1267 	128,
   1268 	},
   1269 #endif /* OPENSSL_NO_CAMELLIA */
   1270 
   1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
   1272 	/* New TLS Export CipherSuites from expired ID */
   1273 #if 0
   1274 	/* Cipher 60 */
   1275 	{
   1276 	1,
   1277 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
   1278 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
   1279 	SSL_kRSA,
   1280 	SSL_aRSA,
   1281 	SSL_RC4,
   1282 	SSL_MD5,
   1283 	SSL_TLSV1,
   1284 	SSL_EXPORT|SSL_EXP56,
   1285 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1286 	56,
   1287 	128,
   1288 	},
   1289 
   1290 	/* Cipher 61 */
   1291 	{
   1292 	1,
   1293 	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
   1294 	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
   1295 	SSL_kRSA,
   1296 	SSL_aRSA,
   1297 	SSL_RC2,
   1298 	SSL_MD5,
   1299 	SSL_TLSV1,
   1300 	SSL_EXPORT|SSL_EXP56,
   1301 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1302 	56,
   1303 	128,
   1304 	},
   1305 #endif
   1306 
   1307 	/* Cipher 62 */
   1308 	{
   1309 	1,
   1310 	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
   1311 	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
   1312 	SSL_kRSA,
   1313 	SSL_aRSA,
   1314 	SSL_DES,
   1315 	SSL_SHA1,
   1316 	SSL_TLSV1,
   1317 	SSL_EXPORT|SSL_EXP56,
   1318 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1319 	56,
   1320 	56,
   1321 	},
   1322 
   1323 	/* Cipher 63 */
   1324 	{
   1325 	1,
   1326 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
   1327 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
   1328 	SSL_kEDH,
   1329 	SSL_aDSS,
   1330 	SSL_DES,
   1331 	SSL_SHA1,
   1332 	SSL_TLSV1,
   1333 	SSL_EXPORT|SSL_EXP56,
   1334 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1335 	56,
   1336 	56,
   1337 	},
   1338 
   1339 	/* Cipher 64 */
   1340 	{
   1341 	1,
   1342 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
   1343 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
   1344 	SSL_kRSA,
   1345 	SSL_aRSA,
   1346 	SSL_RC4,
   1347 	SSL_SHA1,
   1348 	SSL_TLSV1,
   1349 	SSL_EXPORT|SSL_EXP56,
   1350 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1351 	56,
   1352 	128,
   1353 	},
   1354 
   1355 	/* Cipher 65 */
   1356 	{
   1357 	1,
   1358 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
   1359 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
   1360 	SSL_kEDH,
   1361 	SSL_aDSS,
   1362 	SSL_RC4,
   1363 	SSL_SHA1,
   1364 	SSL_TLSV1,
   1365 	SSL_EXPORT|SSL_EXP56,
   1366 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1367 	56,
   1368 	128,
   1369 	},
   1370 
   1371 	/* Cipher 66 */
   1372 	{
   1373 	1,
   1374 	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
   1375 	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
   1376 	SSL_kEDH,
   1377 	SSL_aDSS,
   1378 	SSL_RC4,
   1379 	SSL_SHA1,
   1380 	SSL_TLSV1,
   1381 	SSL_NOT_EXP|SSL_MEDIUM,
   1382 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1383 	128,
   1384 	128,
   1385 	},
   1386 #endif
   1387 
   1388 	/* TLS v1.2 ciphersuites */
   1389 	/* Cipher 67 */
   1390 	{
   1391 	1,
   1392 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
   1393 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
   1394 	SSL_kEDH,
   1395 	SSL_aRSA,
   1396 	SSL_AES128,
   1397 	SSL_SHA256,
   1398 	SSL_TLSV1_2,
   1399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1401 	128,
   1402 	128,
   1403 	},
   1404 
   1405 	/* Cipher 68 */
   1406 	{
   1407 	0, /* not implemented (non-ephemeral DH) */
   1408 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
   1409 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
   1410 	SSL_kDHd,
   1411 	SSL_aDH,
   1412 	SSL_AES256,
   1413 	SSL_SHA256,
   1414 	SSL_TLSV1_2,
   1415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1417 	256,
   1418 	256,
   1419 	},
   1420 
   1421 	/* Cipher 69 */
   1422 	{
   1423 	0, /* not implemented (non-ephemeral DH) */
   1424 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
   1425 	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
   1426 	SSL_kDHr,
   1427 	SSL_aDH,
   1428 	SSL_AES256,
   1429 	SSL_SHA256,
   1430 	SSL_TLSV1_2,
   1431 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1432 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1433 	256,
   1434 	256,
   1435 	},
   1436 
   1437 	/* Cipher 6A */
   1438 	{
   1439 	1,
   1440 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
   1441 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
   1442 	SSL_kEDH,
   1443 	SSL_aDSS,
   1444 	SSL_AES256,
   1445 	SSL_SHA256,
   1446 	SSL_TLSV1_2,
   1447 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1448 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1449 	256,
   1450 	256,
   1451 	},
   1452 
   1453 	/* Cipher 6B */
   1454 	{
   1455 	1,
   1456 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
   1457 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
   1458 	SSL_kEDH,
   1459 	SSL_aRSA,
   1460 	SSL_AES256,
   1461 	SSL_SHA256,
   1462 	SSL_TLSV1_2,
   1463 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1464 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1465 	256,
   1466 	256,
   1467 	},
   1468 
   1469 	/* Cipher 6C */
   1470 	{
   1471 	1,
   1472 	TLS1_TXT_ADH_WITH_AES_128_SHA256,
   1473 	TLS1_CK_ADH_WITH_AES_128_SHA256,
   1474 	SSL_kEDH,
   1475 	SSL_aNULL,
   1476 	SSL_AES128,
   1477 	SSL_SHA256,
   1478 	SSL_TLSV1_2,
   1479 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1480 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1481 	128,
   1482 	128,
   1483 	},
   1484 
   1485 	/* Cipher 6D */
   1486 	{
   1487 	1,
   1488 	TLS1_TXT_ADH_WITH_AES_256_SHA256,
   1489 	TLS1_CK_ADH_WITH_AES_256_SHA256,
   1490 	SSL_kEDH,
   1491 	SSL_aNULL,
   1492 	SSL_AES256,
   1493 	SSL_SHA256,
   1494 	SSL_TLSV1_2,
   1495 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1496 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1497 	256,
   1498 	256,
   1499 	},
   1500 
   1501 	/* GOST Ciphersuites */
   1502 
   1503 	{
   1504 	1,
   1505 	"GOST94-GOST89-GOST89",
   1506 	0x3000080,
   1507 	SSL_kGOST,
   1508 	SSL_aGOST94,
   1509 	SSL_eGOST2814789CNT,
   1510 	SSL_GOST89MAC,
   1511 	SSL_TLSV1,
   1512 	SSL_NOT_EXP|SSL_HIGH,
   1513 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
   1514 	256,
   1515 	256
   1516 	},
   1517 	{
   1518 	1,
   1519 	"GOST2001-GOST89-GOST89",
   1520 	0x3000081,
   1521 	SSL_kGOST,
   1522 	SSL_aGOST01,
   1523 	SSL_eGOST2814789CNT,
   1524 	SSL_GOST89MAC,
   1525 	SSL_TLSV1,
   1526 	SSL_NOT_EXP|SSL_HIGH,
   1527 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
   1528 	256,
   1529 	256
   1530 	},
   1531 	{
   1532 	1,
   1533 	"GOST94-NULL-GOST94",
   1534 	0x3000082,
   1535 	SSL_kGOST,
   1536 	SSL_aGOST94,
   1537 	SSL_eNULL,
   1538 	SSL_GOST94,
   1539 	SSL_TLSV1,
   1540 	SSL_NOT_EXP|SSL_STRONG_NONE,
   1541 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
   1542 	0,
   1543 	0
   1544 	},
   1545 	{
   1546 	1,
   1547 	"GOST2001-NULL-GOST94",
   1548 	0x3000083,
   1549 	SSL_kGOST,
   1550 	SSL_aGOST01,
   1551 	SSL_eNULL,
   1552 	SSL_GOST94,
   1553 	SSL_TLSV1,
   1554 	SSL_NOT_EXP|SSL_STRONG_NONE,
   1555 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
   1556 	0,
   1557 	0
   1558 	},
   1559 
   1560 #ifndef OPENSSL_NO_CAMELLIA
   1561 	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
   1562 
   1563 	/* Cipher 84 */
   1564 	{
   1565 	1,
   1566 	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1567 	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1568 	SSL_kRSA,
   1569 	SSL_aRSA,
   1570 	SSL_CAMELLIA256,
   1571 	SSL_SHA1,
   1572 	SSL_TLSV1,
   1573 	SSL_NOT_EXP|SSL_HIGH,
   1574 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1575 	256,
   1576 	256,
   1577 	},
   1578 	/* Cipher 85 */
   1579 	{
   1580 	0, /* not implemented (non-ephemeral DH) */
   1581 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1582 	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1583 	SSL_kDHd,
   1584 	SSL_aDH,
   1585 	SSL_CAMELLIA256,
   1586 	SSL_SHA1,
   1587 	SSL_TLSV1,
   1588 	SSL_NOT_EXP|SSL_HIGH,
   1589 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1590 	256,
   1591 	256,
   1592 	},
   1593 
   1594 	/* Cipher 86 */
   1595 	{
   1596 	0, /* not implemented (non-ephemeral DH) */
   1597 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1598 	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1599 	SSL_kDHr,
   1600 	SSL_aDH,
   1601 	SSL_CAMELLIA256,
   1602 	SSL_SHA1,
   1603 	SSL_TLSV1,
   1604 	SSL_NOT_EXP|SSL_HIGH,
   1605 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1606 	256,
   1607 	256,
   1608 	},
   1609 
   1610 	/* Cipher 87 */
   1611 	{
   1612 	1,
   1613 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1614 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
   1615 	SSL_kEDH,
   1616 	SSL_aDSS,
   1617 	SSL_CAMELLIA256,
   1618 	SSL_SHA1,
   1619 	SSL_TLSV1,
   1620 	SSL_NOT_EXP|SSL_HIGH,
   1621 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1622 	256,
   1623 	256,
   1624 	},
   1625 
   1626 	/* Cipher 88 */
   1627 	{
   1628 	1,
   1629 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1630 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
   1631 	SSL_kEDH,
   1632 	SSL_aRSA,
   1633 	SSL_CAMELLIA256,
   1634 	SSL_SHA1,
   1635 	SSL_TLSV1,
   1636 	SSL_NOT_EXP|SSL_HIGH,
   1637 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1638 	256,
   1639 	256,
   1640 	},
   1641 
   1642 	/* Cipher 89 */
   1643 	{
   1644 	1,
   1645 	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
   1646 	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
   1647 	SSL_kEDH,
   1648 	SSL_aNULL,
   1649 	SSL_CAMELLIA256,
   1650 	SSL_SHA1,
   1651 	SSL_TLSV1,
   1652 	SSL_NOT_EXP|SSL_HIGH,
   1653 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1654 	256,
   1655 	256,
   1656 	},
   1657 #endif /* OPENSSL_NO_CAMELLIA */
   1658 
   1659 #ifndef OPENSSL_NO_PSK
   1660 	/* Cipher 8A */
   1661 	{
   1662 	1,
   1663 	TLS1_TXT_PSK_WITH_RC4_128_SHA,
   1664 	TLS1_CK_PSK_WITH_RC4_128_SHA,
   1665 	SSL_kPSK,
   1666 	SSL_aPSK,
   1667 	SSL_RC4,
   1668 	SSL_SHA1,
   1669 	SSL_TLSV1,
   1670 	SSL_NOT_EXP|SSL_MEDIUM,
   1671 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1672 	128,
   1673 	128,
   1674 	},
   1675 
   1676 	/* Cipher 8B */
   1677 	{
   1678 	1,
   1679 	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
   1680 	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
   1681 	SSL_kPSK,
   1682 	SSL_aPSK,
   1683 	SSL_3DES,
   1684 	SSL_SHA1,
   1685 	SSL_TLSV1,
   1686 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1687 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1688 	112,
   1689 	168,
   1690 	},
   1691 
   1692 	/* Cipher 8C */
   1693 	{
   1694 	1,
   1695 	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
   1696 	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
   1697 	SSL_kPSK,
   1698 	SSL_aPSK,
   1699 	SSL_AES128,
   1700 	SSL_SHA1,
   1701 	SSL_TLSV1,
   1702 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1703 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1704 	128,
   1705 	128,
   1706 	},
   1707 
   1708 	/* Cipher 8D */
   1709 	{
   1710 	1,
   1711 	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
   1712 	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
   1713 	SSL_kPSK,
   1714 	SSL_aPSK,
   1715 	SSL_AES256,
   1716 	SSL_SHA1,
   1717 	SSL_TLSV1,
   1718 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1719 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1720 	256,
   1721 	256,
   1722 	},
   1723 #endif  /* OPENSSL_NO_PSK */
   1724 
   1725 #ifndef OPENSSL_NO_SEED
   1726 	/* SEED ciphersuites from RFC4162 */
   1727 
   1728 	/* Cipher 96 */
   1729 	{
   1730 	1,
   1731 	TLS1_TXT_RSA_WITH_SEED_SHA,
   1732 	TLS1_CK_RSA_WITH_SEED_SHA,
   1733 	SSL_kRSA,
   1734 	SSL_aRSA,
   1735 	SSL_SEED,
   1736 	SSL_SHA1,
   1737 	SSL_TLSV1,
   1738 	SSL_NOT_EXP|SSL_MEDIUM,
   1739 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1740 	128,
   1741 	128,
   1742 	},
   1743 
   1744 	/* Cipher 97 */
   1745 	{
   1746 	0, /* not implemented (non-ephemeral DH) */
   1747 	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
   1748 	TLS1_CK_DH_DSS_WITH_SEED_SHA,
   1749 	SSL_kDHd,
   1750 	SSL_aDH,
   1751 	SSL_SEED,
   1752 	SSL_SHA1,
   1753 	SSL_TLSV1,
   1754 	SSL_NOT_EXP|SSL_MEDIUM,
   1755 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1756 	128,
   1757 	128,
   1758 	},
   1759 
   1760 	/* Cipher 98 */
   1761 	{
   1762 	0, /* not implemented (non-ephemeral DH) */
   1763 	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
   1764 	TLS1_CK_DH_RSA_WITH_SEED_SHA,
   1765 	SSL_kDHr,
   1766 	SSL_aDH,
   1767 	SSL_SEED,
   1768 	SSL_SHA1,
   1769 	SSL_TLSV1,
   1770 	SSL_NOT_EXP|SSL_MEDIUM,
   1771 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1772 	128,
   1773 	128,
   1774 	},
   1775 
   1776 	/* Cipher 99 */
   1777 	{
   1778 	1,
   1779 	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
   1780 	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
   1781 	SSL_kEDH,
   1782 	SSL_aDSS,
   1783 	SSL_SEED,
   1784 	SSL_SHA1,
   1785 	SSL_TLSV1,
   1786 	SSL_NOT_EXP|SSL_MEDIUM,
   1787 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1788 	128,
   1789 	128,
   1790 	},
   1791 
   1792 	/* Cipher 9A */
   1793 	{
   1794 	1,
   1795 	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
   1796 	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
   1797 	SSL_kEDH,
   1798 	SSL_aRSA,
   1799 	SSL_SEED,
   1800 	SSL_SHA1,
   1801 	SSL_TLSV1,
   1802 	SSL_NOT_EXP|SSL_MEDIUM,
   1803 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1804 	128,
   1805 	128,
   1806 	},
   1807 
   1808 	/* Cipher 9B */
   1809 	{
   1810 	1,
   1811 	TLS1_TXT_ADH_WITH_SEED_SHA,
   1812 	TLS1_CK_ADH_WITH_SEED_SHA,
   1813 	SSL_kEDH,
   1814 	SSL_aNULL,
   1815 	SSL_SEED,
   1816 	SSL_SHA1,
   1817 	SSL_TLSV1,
   1818 	SSL_NOT_EXP|SSL_MEDIUM,
   1819 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   1820 	128,
   1821 	128,
   1822 	},
   1823 
   1824 #endif /* OPENSSL_NO_SEED */
   1825 
   1826 	/* GCM ciphersuites from RFC5288 */
   1827 
   1828 	/* Cipher 9C */
   1829 	{
   1830 	1,
   1831 	TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
   1832 	TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
   1833 	SSL_kRSA,
   1834 	SSL_aRSA,
   1835 	SSL_AES128GCM,
   1836 	SSL_AEAD,
   1837 	SSL_TLSV1_2,
   1838 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1839 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1840 	128,
   1841 	128,
   1842 	},
   1843 
   1844 	/* Cipher 9D */
   1845 	{
   1846 	1,
   1847 	TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
   1848 	TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
   1849 	SSL_kRSA,
   1850 	SSL_aRSA,
   1851 	SSL_AES256GCM,
   1852 	SSL_AEAD,
   1853 	SSL_TLSV1_2,
   1854 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1855 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1856 	256,
   1857 	256,
   1858 	},
   1859 
   1860 	/* Cipher 9E */
   1861 	{
   1862 	1,
   1863 	TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
   1864 	TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
   1865 	SSL_kEDH,
   1866 	SSL_aRSA,
   1867 	SSL_AES128GCM,
   1868 	SSL_AEAD,
   1869 	SSL_TLSV1_2,
   1870 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1871 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1872 	128,
   1873 	128,
   1874 	},
   1875 
   1876 	/* Cipher 9F */
   1877 	{
   1878 	1,
   1879 	TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
   1880 	TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
   1881 	SSL_kEDH,
   1882 	SSL_aRSA,
   1883 	SSL_AES256GCM,
   1884 	SSL_AEAD,
   1885 	SSL_TLSV1_2,
   1886 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1887 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1888 	256,
   1889 	256,
   1890 	},
   1891 
   1892 	/* Cipher A0 */
   1893 	{
   1894 	0,
   1895 	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
   1896 	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
   1897 	SSL_kDHr,
   1898 	SSL_aDH,
   1899 	SSL_AES128GCM,
   1900 	SSL_AEAD,
   1901 	SSL_TLSV1_2,
   1902 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1903 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1904 	128,
   1905 	128,
   1906 	},
   1907 
   1908 	/* Cipher A1 */
   1909 	{
   1910 	0,
   1911 	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
   1912 	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
   1913 	SSL_kDHr,
   1914 	SSL_aDH,
   1915 	SSL_AES256GCM,
   1916 	SSL_AEAD,
   1917 	SSL_TLSV1_2,
   1918 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1919 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1920 	256,
   1921 	256,
   1922 	},
   1923 
   1924 	/* Cipher A2 */
   1925 	{
   1926 	1,
   1927 	TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
   1928 	TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
   1929 	SSL_kEDH,
   1930 	SSL_aDSS,
   1931 	SSL_AES128GCM,
   1932 	SSL_AEAD,
   1933 	SSL_TLSV1_2,
   1934 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1935 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1936 	128,
   1937 	128,
   1938 	},
   1939 
   1940 	/* Cipher A3 */
   1941 	{
   1942 	1,
   1943 	TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
   1944 	TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
   1945 	SSL_kEDH,
   1946 	SSL_aDSS,
   1947 	SSL_AES256GCM,
   1948 	SSL_AEAD,
   1949 	SSL_TLSV1_2,
   1950 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1951 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1952 	256,
   1953 	256,
   1954 	},
   1955 
   1956 	/* Cipher A4 */
   1957 	{
   1958 	0,
   1959 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
   1960 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
   1961 	SSL_kDHd,
   1962 	SSL_aDH,
   1963 	SSL_AES128GCM,
   1964 	SSL_AEAD,
   1965 	SSL_TLSV1_2,
   1966 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1967 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   1968 	128,
   1969 	128,
   1970 	},
   1971 
   1972 	/* Cipher A5 */
   1973 	{
   1974 	0,
   1975 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
   1976 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
   1977 	SSL_kDHd,
   1978 	SSL_aDH,
   1979 	SSL_AES256GCM,
   1980 	SSL_AEAD,
   1981 	SSL_TLSV1_2,
   1982 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1983 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   1984 	256,
   1985 	256,
   1986 	},
   1987 
   1988 	/* Cipher A6 */
   1989 	{
   1990 	1,
   1991 	TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
   1992 	TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
   1993 	SSL_kEDH,
   1994 	SSL_aNULL,
   1995 	SSL_AES128GCM,
   1996 	SSL_AEAD,
   1997 	SSL_TLSV1_2,
   1998 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   1999 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2000 	128,
   2001 	128,
   2002 	},
   2003 
   2004 	/* Cipher A7 */
   2005 	{
   2006 	1,
   2007 	TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
   2008 	TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
   2009 	SSL_kEDH,
   2010 	SSL_aNULL,
   2011 	SSL_AES256GCM,
   2012 	SSL_AEAD,
   2013 	SSL_TLSV1_2,
   2014 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2015 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2016 	256,
   2017 	256,
   2018 	},
   2019 
   2020 #ifndef OPENSSL_NO_ECDH
   2021 	/* Cipher C001 */
   2022 	{
   2023 	1,
   2024 	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
   2025 	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
   2026 	SSL_kECDHe,
   2027 	SSL_aECDH,
   2028 	SSL_eNULL,
   2029 	SSL_SHA1,
   2030 	SSL_TLSV1,
   2031 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2032 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2033 	0,
   2034 	0,
   2035 	},
   2036 
   2037 	/* Cipher C002 */
   2038 	{
   2039 	1,
   2040 	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
   2041 	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
   2042 	SSL_kECDHe,
   2043 	SSL_aECDH,
   2044 	SSL_RC4,
   2045 	SSL_SHA1,
   2046 	SSL_TLSV1,
   2047 	SSL_NOT_EXP|SSL_MEDIUM,
   2048 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2049 	128,
   2050 	128,
   2051 	},
   2052 
   2053 	/* Cipher C003 */
   2054 	{
   2055 	1,
   2056 	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
   2057 	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
   2058 	SSL_kECDHe,
   2059 	SSL_aECDH,
   2060 	SSL_3DES,
   2061 	SSL_SHA1,
   2062 	SSL_TLSV1,
   2063 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2064 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2065 	112,
   2066 	168,
   2067 	},
   2068 
   2069 	/* Cipher C004 */
   2070 	{
   2071 	1,
   2072 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
   2073 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
   2074 	SSL_kECDHe,
   2075 	SSL_aECDH,
   2076 	SSL_AES128,
   2077 	SSL_SHA1,
   2078 	SSL_TLSV1,
   2079 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2080 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2081 	128,
   2082 	128,
   2083 	},
   2084 
   2085 	/* Cipher C005 */
   2086 	{
   2087 	1,
   2088 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
   2089 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
   2090 	SSL_kECDHe,
   2091 	SSL_aECDH,
   2092 	SSL_AES256,
   2093 	SSL_SHA1,
   2094 	SSL_TLSV1,
   2095 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2096 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2097 	256,
   2098 	256,
   2099 	},
   2100 
   2101 	/* Cipher C006 */
   2102 	{
   2103 	1,
   2104 	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
   2105 	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
   2106 	SSL_kEECDH,
   2107 	SSL_aECDSA,
   2108 	SSL_eNULL,
   2109 	SSL_SHA1,
   2110 	SSL_TLSV1,
   2111 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2112 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2113 	0,
   2114 	0,
   2115 	},
   2116 
   2117 	/* Cipher C007 */
   2118 	{
   2119 	1,
   2120 	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
   2121 	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
   2122 	SSL_kEECDH,
   2123 	SSL_aECDSA,
   2124 	SSL_RC4,
   2125 	SSL_SHA1,
   2126 	SSL_TLSV1,
   2127 	SSL_NOT_EXP|SSL_MEDIUM,
   2128 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2129 	128,
   2130 	128,
   2131 	},
   2132 
   2133 	/* Cipher C008 */
   2134 	{
   2135 	1,
   2136 	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
   2137 	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
   2138 	SSL_kEECDH,
   2139 	SSL_aECDSA,
   2140 	SSL_3DES,
   2141 	SSL_SHA1,
   2142 	SSL_TLSV1,
   2143 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2144 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2145 	112,
   2146 	168,
   2147 	},
   2148 
   2149 	/* Cipher C009 */
   2150 	{
   2151 	1,
   2152 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
   2153 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
   2154 	SSL_kEECDH,
   2155 	SSL_aECDSA,
   2156 	SSL_AES128,
   2157 	SSL_SHA1,
   2158 	SSL_TLSV1,
   2159 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2160 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2161 	128,
   2162 	128,
   2163 	},
   2164 
   2165 	/* Cipher C00A */
   2166 	{
   2167 	1,
   2168 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
   2169 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
   2170 	SSL_kEECDH,
   2171 	SSL_aECDSA,
   2172 	SSL_AES256,
   2173 	SSL_SHA1,
   2174 	SSL_TLSV1,
   2175 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2176 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2177 	256,
   2178 	256,
   2179 	},
   2180 
   2181 	/* Cipher C00B */
   2182 	{
   2183 	1,
   2184 	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
   2185 	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
   2186 	SSL_kECDHr,
   2187 	SSL_aECDH,
   2188 	SSL_eNULL,
   2189 	SSL_SHA1,
   2190 	SSL_TLSV1,
   2191 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2192 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2193 	0,
   2194 	0,
   2195 	},
   2196 
   2197 	/* Cipher C00C */
   2198 	{
   2199 	1,
   2200 	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
   2201 	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
   2202 	SSL_kECDHr,
   2203 	SSL_aECDH,
   2204 	SSL_RC4,
   2205 	SSL_SHA1,
   2206 	SSL_TLSV1,
   2207 	SSL_NOT_EXP|SSL_MEDIUM,
   2208 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2209 	128,
   2210 	128,
   2211 	},
   2212 
   2213 	/* Cipher C00D */
   2214 	{
   2215 	1,
   2216 	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
   2217 	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
   2218 	SSL_kECDHr,
   2219 	SSL_aECDH,
   2220 	SSL_3DES,
   2221 	SSL_SHA1,
   2222 	SSL_TLSV1,
   2223 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2224 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2225 	112,
   2226 	168,
   2227 	},
   2228 
   2229 	/* Cipher C00E */
   2230 	{
   2231 	1,
   2232 	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
   2233 	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
   2234 	SSL_kECDHr,
   2235 	SSL_aECDH,
   2236 	SSL_AES128,
   2237 	SSL_SHA1,
   2238 	SSL_TLSV1,
   2239 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2240 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2241 	128,
   2242 	128,
   2243 	},
   2244 
   2245 	/* Cipher C00F */
   2246 	{
   2247 	1,
   2248 	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
   2249 	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
   2250 	SSL_kECDHr,
   2251 	SSL_aECDH,
   2252 	SSL_AES256,
   2253 	SSL_SHA1,
   2254 	SSL_TLSV1,
   2255 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2256 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2257 	256,
   2258 	256,
   2259 	},
   2260 
   2261 	/* Cipher C010 */
   2262 	{
   2263 	1,
   2264 	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
   2265 	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
   2266 	SSL_kEECDH,
   2267 	SSL_aRSA,
   2268 	SSL_eNULL,
   2269 	SSL_SHA1,
   2270 	SSL_TLSV1,
   2271 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2272 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2273 	0,
   2274 	0,
   2275 	},
   2276 
   2277 	/* Cipher C011 */
   2278 	{
   2279 	1,
   2280 	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
   2281 	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
   2282 	SSL_kEECDH,
   2283 	SSL_aRSA,
   2284 	SSL_RC4,
   2285 	SSL_SHA1,
   2286 	SSL_TLSV1,
   2287 	SSL_NOT_EXP|SSL_MEDIUM,
   2288 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2289 	128,
   2290 	128,
   2291 	},
   2292 
   2293 	/* Cipher C012 */
   2294 	{
   2295 	1,
   2296 	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
   2297 	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
   2298 	SSL_kEECDH,
   2299 	SSL_aRSA,
   2300 	SSL_3DES,
   2301 	SSL_SHA1,
   2302 	SSL_TLSV1,
   2303 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2304 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2305 	112,
   2306 	168,
   2307 	},
   2308 
   2309 	/* Cipher C013 */
   2310 	{
   2311 	1,
   2312 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   2313 	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   2314 	SSL_kEECDH,
   2315 	SSL_aRSA,
   2316 	SSL_AES128,
   2317 	SSL_SHA1,
   2318 	SSL_TLSV1,
   2319 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2320 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2321 	128,
   2322 	128,
   2323 	},
   2324 
   2325 	/* Cipher C014 */
   2326 	{
   2327 	1,
   2328 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
   2329 	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
   2330 	SSL_kEECDH,
   2331 	SSL_aRSA,
   2332 	SSL_AES256,
   2333 	SSL_SHA1,
   2334 	SSL_TLSV1,
   2335 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2336 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2337 	256,
   2338 	256,
   2339 	},
   2340 
   2341 	/* Cipher C015 */
   2342 	{
   2343 	1,
   2344 	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
   2345 	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
   2346 	SSL_kEECDH,
   2347 	SSL_aNULL,
   2348 	SSL_eNULL,
   2349 	SSL_SHA1,
   2350 	SSL_TLSV1,
   2351 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
   2352 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2353 	0,
   2354 	0,
   2355 	},
   2356 
   2357 	/* Cipher C016 */
   2358 	{
   2359 	1,
   2360 	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
   2361 	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
   2362 	SSL_kEECDH,
   2363 	SSL_aNULL,
   2364 	SSL_RC4,
   2365 	SSL_SHA1,
   2366 	SSL_TLSV1,
   2367 	SSL_NOT_EXP|SSL_MEDIUM,
   2368 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2369 	128,
   2370 	128,
   2371 	},
   2372 
   2373 	/* Cipher C017 */
   2374 	{
   2375 	1,
   2376 	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
   2377 	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
   2378 	SSL_kEECDH,
   2379 	SSL_aNULL,
   2380 	SSL_3DES,
   2381 	SSL_SHA1,
   2382 	SSL_TLSV1,
   2383 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2384 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2385 	112,
   2386 	168,
   2387 	},
   2388 
   2389 	/* Cipher C018 */
   2390 	{
   2391 	1,
   2392 	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
   2393 	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
   2394 	SSL_kEECDH,
   2395 	SSL_aNULL,
   2396 	SSL_AES128,
   2397 	SSL_SHA1,
   2398 	SSL_TLSV1,
   2399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2401 	128,
   2402 	128,
   2403 	},
   2404 
   2405 	/* Cipher C019 */
   2406 	{
   2407 	1,
   2408 	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
   2409 	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
   2410 	SSL_kEECDH,
   2411 	SSL_aNULL,
   2412 	SSL_AES256,
   2413 	SSL_SHA1,
   2414 	SSL_TLSV1,
   2415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2417 	256,
   2418 	256,
   2419 	},
   2420 #endif	/* OPENSSL_NO_ECDH */
   2421 
   2422 #ifndef OPENSSL_NO_SRP
   2423 	/* Cipher C01A */
   2424 	{
   2425 	1,
   2426 	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
   2427 	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
   2428 	SSL_kSRP,
   2429 	SSL_aSRP,
   2430 	SSL_3DES,
   2431 	SSL_SHA1,
   2432 	SSL_TLSV1,
   2433 	SSL_NOT_EXP|SSL_HIGH,
   2434 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2435 	112,
   2436 	168,
   2437 	},
   2438 
   2439 	/* Cipher C01B */
   2440 	{
   2441 	1,
   2442 	TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
   2443 	TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
   2444 	SSL_kSRP,
   2445 	SSL_aRSA,
   2446 	SSL_3DES,
   2447 	SSL_SHA1,
   2448 	SSL_TLSV1,
   2449 	SSL_NOT_EXP|SSL_HIGH,
   2450 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2451 	112,
   2452 	168,
   2453 	},
   2454 
   2455 	/* Cipher C01C */
   2456 	{
   2457 	1,
   2458 	TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
   2459 	TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
   2460 	SSL_kSRP,
   2461 	SSL_aDSS,
   2462 	SSL_3DES,
   2463 	SSL_SHA1,
   2464 	SSL_TLSV1,
   2465 	SSL_NOT_EXP|SSL_HIGH,
   2466 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2467 	112,
   2468 	168,
   2469 	},
   2470 
   2471 	/* Cipher C01D */
   2472 	{
   2473 	1,
   2474 	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
   2475 	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
   2476 	SSL_kSRP,
   2477 	SSL_aSRP,
   2478 	SSL_AES128,
   2479 	SSL_SHA1,
   2480 	SSL_TLSV1,
   2481 	SSL_NOT_EXP|SSL_HIGH,
   2482 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2483 	128,
   2484 	128,
   2485 	},
   2486 
   2487 	/* Cipher C01E */
   2488 	{
   2489 	1,
   2490 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
   2491 	TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
   2492 	SSL_kSRP,
   2493 	SSL_aRSA,
   2494 	SSL_AES128,
   2495 	SSL_SHA1,
   2496 	SSL_TLSV1,
   2497 	SSL_NOT_EXP|SSL_HIGH,
   2498 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2499 	128,
   2500 	128,
   2501 	},
   2502 
   2503 	/* Cipher C01F */
   2504 	{
   2505 	1,
   2506 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
   2507 	TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
   2508 	SSL_kSRP,
   2509 	SSL_aDSS,
   2510 	SSL_AES128,
   2511 	SSL_SHA1,
   2512 	SSL_TLSV1,
   2513 	SSL_NOT_EXP|SSL_HIGH,
   2514 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2515 	128,
   2516 	128,
   2517 	},
   2518 
   2519 	/* Cipher C020 */
   2520 	{
   2521 	1,
   2522 	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
   2523 	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
   2524 	SSL_kSRP,
   2525 	SSL_aSRP,
   2526 	SSL_AES256,
   2527 	SSL_SHA1,
   2528 	SSL_TLSV1,
   2529 	SSL_NOT_EXP|SSL_HIGH,
   2530 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2531 	256,
   2532 	256,
   2533 	},
   2534 
   2535 	/* Cipher C021 */
   2536 	{
   2537 	1,
   2538 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
   2539 	TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
   2540 	SSL_kSRP,
   2541 	SSL_aRSA,
   2542 	SSL_AES256,
   2543 	SSL_SHA1,
   2544 	SSL_TLSV1,
   2545 	SSL_NOT_EXP|SSL_HIGH,
   2546 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2547 	256,
   2548 	256,
   2549 	},
   2550 
   2551 	/* Cipher C022 */
   2552 	{
   2553 	1,
   2554 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
   2555 	TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
   2556 	SSL_kSRP,
   2557 	SSL_aDSS,
   2558 	SSL_AES256,
   2559 	SSL_SHA1,
   2560 	SSL_TLSV1,
   2561 	SSL_NOT_EXP|SSL_HIGH,
   2562 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2563 	256,
   2564 	256,
   2565 	},
   2566 #endif  /* OPENSSL_NO_SRP */
   2567 #ifndef OPENSSL_NO_ECDH
   2568 
   2569 	/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
   2570 
   2571 	/* Cipher C023 */
   2572 	{
   2573 	1,
   2574 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
   2575 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
   2576 	SSL_kEECDH,
   2577 	SSL_aECDSA,
   2578 	SSL_AES128,
   2579 	SSL_SHA256,
   2580 	SSL_TLSV1_2,
   2581 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2582 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2583 	128,
   2584 	128,
   2585 	},
   2586 
   2587 	/* Cipher C024 */
   2588 	{
   2589 	1,
   2590 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
   2591 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
   2592 	SSL_kEECDH,
   2593 	SSL_aECDSA,
   2594 	SSL_AES256,
   2595 	SSL_SHA384,
   2596 	SSL_TLSV1_2,
   2597 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2598 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2599 	256,
   2600 	256,
   2601 	},
   2602 
   2603 	/* Cipher C025 */
   2604 	{
   2605 	1,
   2606 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
   2607 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
   2608 	SSL_kECDHe,
   2609 	SSL_aECDH,
   2610 	SSL_AES128,
   2611 	SSL_SHA256,
   2612 	SSL_TLSV1_2,
   2613 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2614 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2615 	128,
   2616 	128,
   2617 	},
   2618 
   2619 	/* Cipher C026 */
   2620 	{
   2621 	1,
   2622 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
   2623 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
   2624 	SSL_kECDHe,
   2625 	SSL_aECDH,
   2626 	SSL_AES256,
   2627 	SSL_SHA384,
   2628 	SSL_TLSV1_2,
   2629 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2630 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2631 	256,
   2632 	256,
   2633 	},
   2634 
   2635 	/* Cipher C027 */
   2636 	{
   2637 	1,
   2638 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
   2639 	TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
   2640 	SSL_kEECDH,
   2641 	SSL_aRSA,
   2642 	SSL_AES128,
   2643 	SSL_SHA256,
   2644 	SSL_TLSV1_2,
   2645 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2646 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2647 	128,
   2648 	128,
   2649 	},
   2650 
   2651 	/* Cipher C028 */
   2652 	{
   2653 	1,
   2654 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
   2655 	TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
   2656 	SSL_kEECDH,
   2657 	SSL_aRSA,
   2658 	SSL_AES256,
   2659 	SSL_SHA384,
   2660 	SSL_TLSV1_2,
   2661 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2662 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2663 	256,
   2664 	256,
   2665 	},
   2666 
   2667 	/* Cipher C029 */
   2668 	{
   2669 	1,
   2670 	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
   2671 	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
   2672 	SSL_kECDHr,
   2673 	SSL_aECDH,
   2674 	SSL_AES128,
   2675 	SSL_SHA256,
   2676 	SSL_TLSV1_2,
   2677 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2678 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2679 	128,
   2680 	128,
   2681 	},
   2682 
   2683 	/* Cipher C02A */
   2684 	{
   2685 	1,
   2686 	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
   2687 	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
   2688 	SSL_kECDHr,
   2689 	SSL_aECDH,
   2690 	SSL_AES256,
   2691 	SSL_SHA384,
   2692 	SSL_TLSV1_2,
   2693 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2694 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2695 	256,
   2696 	256,
   2697 	},
   2698 
   2699 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
   2700 
   2701 	/* Cipher C02B */
   2702 	{
   2703 	1,
   2704 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
   2705 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
   2706 	SSL_kEECDH,
   2707 	SSL_aECDSA,
   2708 	SSL_AES128GCM,
   2709 	SSL_AEAD,
   2710 	SSL_TLSV1_2,
   2711 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2712 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2713 	128,
   2714 	128,
   2715 	},
   2716 
   2717 	/* Cipher C02C */
   2718 	{
   2719 	1,
   2720 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
   2721 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
   2722 	SSL_kEECDH,
   2723 	SSL_aECDSA,
   2724 	SSL_AES256GCM,
   2725 	SSL_AEAD,
   2726 	SSL_TLSV1_2,
   2727 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2728 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2729 	256,
   2730 	256,
   2731 	},
   2732 
   2733 	/* Cipher C02D */
   2734 	{
   2735 	1,
   2736 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
   2737 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
   2738 	SSL_kECDHe,
   2739 	SSL_aECDH,
   2740 	SSL_AES128GCM,
   2741 	SSL_AEAD,
   2742 	SSL_TLSV1_2,
   2743 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2744 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2745 	128,
   2746 	128,
   2747 	},
   2748 
   2749 	/* Cipher C02E */
   2750 	{
   2751 	1,
   2752 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
   2753 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
   2754 	SSL_kECDHe,
   2755 	SSL_aECDH,
   2756 	SSL_AES256GCM,
   2757 	SSL_AEAD,
   2758 	SSL_TLSV1_2,
   2759 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2760 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2761 	256,
   2762 	256,
   2763 	},
   2764 
   2765 	/* Cipher C02F */
   2766 	{
   2767 	1,
   2768 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
   2769 	TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
   2770 	SSL_kEECDH,
   2771 	SSL_aRSA,
   2772 	SSL_AES128GCM,
   2773 	SSL_AEAD,
   2774 	SSL_TLSV1_2,
   2775 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2776 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2777 	128,
   2778 	128,
   2779 	},
   2780 
   2781 	/* Cipher C030 */
   2782 	{
   2783 	1,
   2784 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
   2785 	TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
   2786 	SSL_kEECDH,
   2787 	SSL_aRSA,
   2788 	SSL_AES256GCM,
   2789 	SSL_AEAD,
   2790 	SSL_TLSV1_2,
   2791 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2792 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2793 	256,
   2794 	256,
   2795 	},
   2796 
   2797 	/* Cipher C031 */
   2798 	{
   2799 	1,
   2800 	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
   2801 	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
   2802 	SSL_kECDHr,
   2803 	SSL_aECDH,
   2804 	SSL_AES128GCM,
   2805 	SSL_AEAD,
   2806 	SSL_TLSV1_2,
   2807 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2808 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
   2809 	128,
   2810 	128,
   2811 	},
   2812 
   2813 	/* Cipher C032 */
   2814 	{
   2815 	1,
   2816 	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
   2817 	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
   2818 	SSL_kECDHr,
   2819 	SSL_aECDH,
   2820 	SSL_AES256GCM,
   2821 	SSL_AEAD,
   2822 	SSL_TLSV1_2,
   2823 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2824 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
   2825 	256,
   2826 	256,
   2827 	},
   2828 
   2829 #ifndef OPENSSL_NO_PSK
   2830     /* ECDH PSK ciphersuites from RFC 5489 */
   2831 	/* Cipher C035 */
   2832 	{
   2833 	1,
   2834 	TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA,
   2835 	TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
   2836 	SSL_kEECDH,
   2837 	SSL_aPSK,
   2838 	SSL_AES128,
   2839 	SSL_SHA1,
   2840 	SSL_TLSV1,
   2841 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2842 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2843 	128,
   2844 	128,
   2845 	},
   2846 
   2847 	/* Cipher C036 */
   2848 	{
   2849 	1,
   2850 	TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA,
   2851 	TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA,
   2852 	SSL_kEECDH,
   2853 	SSL_aPSK,
   2854 	SSL_AES256,
   2855 	SSL_SHA1,
   2856 	SSL_TLSV1,
   2857 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
   2858 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2859 	256,
   2860 	256,
   2861 	},
   2862 #endif /* OPENSSL_NO_PSK */
   2863 
   2864 #endif /* OPENSSL_NO_ECDH */
   2865 
   2866 
   2867 #ifdef TEMP_GOST_TLS
   2868 /* Cipher FF00 */
   2869 	{
   2870 	1,
   2871 	"GOST-MD5",
   2872 	0x0300ff00,
   2873 	SSL_kRSA,
   2874 	SSL_aRSA,
   2875 	SSL_eGOST2814789CNT,
   2876 	SSL_MD5,
   2877 	SSL_TLSV1,
   2878 	SSL_NOT_EXP|SSL_HIGH,
   2879 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2880 	256,
   2881 	256,
   2882 	},
   2883 	{
   2884 	1,
   2885 	"GOST-GOST94",
   2886 	0x0300ff01,
   2887 	SSL_kRSA,
   2888 	SSL_aRSA,
   2889 	SSL_eGOST2814789CNT,
   2890 	SSL_GOST94,
   2891 	SSL_TLSV1,
   2892 	SSL_NOT_EXP|SSL_HIGH,
   2893 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2894 	256,
   2895 	256
   2896 	},
   2897 	{
   2898 	1,
   2899 	"GOST-GOST89MAC",
   2900 	0x0300ff02,
   2901 	SSL_kRSA,
   2902 	SSL_aRSA,
   2903 	SSL_eGOST2814789CNT,
   2904 	SSL_GOST89MAC,
   2905 	SSL_TLSV1,
   2906 	SSL_NOT_EXP|SSL_HIGH,
   2907 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
   2908 	256,
   2909 	256
   2910 	},
   2911 	{
   2912 	1,
   2913 	"GOST-GOST89STREAM",
   2914 	0x0300ff03,
   2915 	SSL_kRSA,
   2916 	SSL_aRSA,
   2917 	SSL_eGOST2814789CNT,
   2918 	SSL_GOST89MAC,
   2919 	SSL_TLSV1,
   2920 	SSL_NOT_EXP|SSL_HIGH,
   2921 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
   2922 	256,
   2923 	256
   2924 	},
   2925 #endif
   2926 
   2927 /* end of list */
   2928 	};
   2929 
   2930 SSL3_ENC_METHOD SSLv3_enc_data={
   2931 	ssl3_enc,
   2932 	n_ssl3_mac,
   2933 	ssl3_setup_key_block,
   2934 	ssl3_generate_master_secret,
   2935 	ssl3_change_cipher_state,
   2936 	ssl3_final_finish_mac,
   2937 	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
   2938 	ssl3_cert_verify_mac,
   2939 	SSL3_MD_CLIENT_FINISHED_CONST,4,
   2940 	SSL3_MD_SERVER_FINISHED_CONST,4,
   2941 	ssl3_alert_code,
   2942 	(int (*)(SSL *, unsigned char *, size_t, const char *,
   2943 		 size_t, const unsigned char *, size_t,
   2944 		 int use_context))ssl_undefined_function,
   2945 	};
   2946 
   2947 long ssl3_default_timeout(void)
   2948 	{
   2949 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
   2950 	 * is way too long for http, the cache would over fill */
   2951 	return(60*60*2);
   2952 	}
   2953 
   2954 int ssl3_num_ciphers(void)
   2955 	{
   2956 	return(SSL3_NUM_CIPHERS);
   2957 	}
   2958 
   2959 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
   2960 	{
   2961 	if (u < SSL3_NUM_CIPHERS)
   2962 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
   2963 	else
   2964 		return(NULL);
   2965 	}
   2966 
   2967 int ssl3_pending(const SSL *s)
   2968 	{
   2969 	if (s->rstate == SSL_ST_READ_BODY)
   2970 		return 0;
   2971 
   2972 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
   2973 	}
   2974 
   2975 int ssl3_new(SSL *s)
   2976 	{
   2977 	SSL3_STATE *s3;
   2978 
   2979 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
   2980 	memset(s3,0,sizeof *s3);
   2981 	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
   2982 	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
   2983 
   2984 	s->s3=s3;
   2985 
   2986 #ifndef OPENSSL_NO_SRP
   2987 	SSL_SRP_CTX_init(s);
   2988 #endif
   2989 #if !defined(OPENSSL_NO_TLSEXT)
   2990 	s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled;
   2991 	if (s->ctx->tlsext_channel_id_private)
   2992 		s->tlsext_channel_id_private = EVP_PKEY_dup(s->ctx->tlsext_channel_id_private);
   2993 #endif
   2994 	s->method->ssl_clear(s);
   2995 	return(1);
   2996 err:
   2997 	return(0);
   2998 	}
   2999 
   3000 void ssl3_free(SSL *s)
   3001 	{
   3002 	if(s == NULL)
   3003 	    return;
   3004 
   3005 #ifdef TLSEXT_TYPE_opaque_prf_input
   3006 	if (s->s3->client_opaque_prf_input != NULL)
   3007 		OPENSSL_free(s->s3->client_opaque_prf_input);
   3008 	if (s->s3->server_opaque_prf_input != NULL)
   3009 		OPENSSL_free(s->s3->server_opaque_prf_input);
   3010 #endif
   3011 
   3012 	ssl3_cleanup_key_block(s);
   3013 	if (s->s3->rbuf.buf != NULL)
   3014 		ssl3_release_read_buffer(s);
   3015 	if (s->s3->wbuf.buf != NULL)
   3016 		ssl3_release_write_buffer(s);
   3017 	if (s->s3->rrec.comp != NULL)
   3018 		OPENSSL_free(s->s3->rrec.comp);
   3019 #ifndef OPENSSL_NO_DH
   3020 	if (s->s3->tmp.dh != NULL)
   3021 		DH_free(s->s3->tmp.dh);
   3022 #endif
   3023 #ifndef OPENSSL_NO_ECDH
   3024 	if (s->s3->tmp.ecdh != NULL)
   3025 		EC_KEY_free(s->s3->tmp.ecdh);
   3026 #endif
   3027 
   3028 	if (s->s3->tmp.ca_names != NULL)
   3029 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
   3030 	if (s->s3->handshake_buffer) {
   3031 		BIO_free(s->s3->handshake_buffer);
   3032 	}
   3033 	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
   3034 #ifndef OPENSSL_NO_TLSEXT
   3035 	if (s->s3->alpn_selected)
   3036 		OPENSSL_free(s->s3->alpn_selected);
   3037 #endif
   3038 
   3039 #ifndef OPENSSL_NO_SRP
   3040 	SSL_SRP_CTX_free(s);
   3041 #endif
   3042 	OPENSSL_cleanse(s->s3,sizeof *s->s3);
   3043 	OPENSSL_free(s->s3);
   3044 	s->s3=NULL;
   3045 	}
   3046 
   3047 void ssl3_clear(SSL *s)
   3048 	{
   3049 	unsigned char *rp,*wp;
   3050 	size_t rlen, wlen;
   3051 	int init_extra;
   3052 
   3053 #ifdef TLSEXT_TYPE_opaque_prf_input
   3054 	if (s->s3->client_opaque_prf_input != NULL)
   3055 		OPENSSL_free(s->s3->client_opaque_prf_input);
   3056 	s->s3->client_opaque_prf_input = NULL;
   3057 	if (s->s3->server_opaque_prf_input != NULL)
   3058 		OPENSSL_free(s->s3->server_opaque_prf_input);
   3059 	s->s3->server_opaque_prf_input = NULL;
   3060 #endif
   3061 
   3062 	ssl3_cleanup_key_block(s);
   3063 	if (s->s3->tmp.ca_names != NULL)
   3064 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
   3065 
   3066 	if (s->s3->rrec.comp != NULL)
   3067 		{
   3068 		OPENSSL_free(s->s3->rrec.comp);
   3069 		s->s3->rrec.comp=NULL;
   3070 		}
   3071 #ifndef OPENSSL_NO_DH
   3072 	if (s->s3->tmp.dh != NULL)
   3073 		{
   3074 		DH_free(s->s3->tmp.dh);
   3075 		s->s3->tmp.dh = NULL;
   3076 		}
   3077 #endif
   3078 #ifndef OPENSSL_NO_ECDH
   3079 	if (s->s3->tmp.ecdh != NULL)
   3080 		{
   3081 		EC_KEY_free(s->s3->tmp.ecdh);
   3082 		s->s3->tmp.ecdh = NULL;
   3083 		}
   3084 #endif
   3085 #ifndef OPENSSL_NO_TLSEXT
   3086 #ifndef OPENSSL_NO_EC
   3087 	s->s3->is_probably_safari = 0;
   3088 #endif /* !OPENSSL_NO_EC */
   3089 #endif /* !OPENSSL_NO_TLSEXT */
   3090 
   3091 	rp = s->s3->rbuf.buf;
   3092 	wp = s->s3->wbuf.buf;
   3093 	rlen = s->s3->rbuf.len;
   3094  	wlen = s->s3->wbuf.len;
   3095 	init_extra = s->s3->init_extra;
   3096 	if (s->s3->handshake_buffer) {
   3097 		BIO_free(s->s3->handshake_buffer);
   3098 		s->s3->handshake_buffer = NULL;
   3099 	}
   3100 	if (s->s3->handshake_dgst) {
   3101 		ssl3_free_digest_list(s);
   3102 	}
   3103 
   3104 #if !defined(OPENSSL_NO_TLSEXT)
   3105 	if (s->s3->alpn_selected)
   3106 		{
   3107 		free(s->s3->alpn_selected);
   3108 		s->s3->alpn_selected = NULL;
   3109 		}
   3110 #endif
   3111 	memset(s->s3,0,sizeof *s->s3);
   3112 	s->s3->rbuf.buf = rp;
   3113 	s->s3->wbuf.buf = wp;
   3114 	s->s3->rbuf.len = rlen;
   3115  	s->s3->wbuf.len = wlen;
   3116 	s->s3->init_extra = init_extra;
   3117 
   3118 	ssl_free_wbio_buffer(s);
   3119 
   3120 	s->packet_length=0;
   3121 	s->s3->renegotiate=0;
   3122 	s->s3->total_renegotiations=0;
   3123 	s->s3->num_renegotiations=0;
   3124 	s->s3->in_read_app_data=0;
   3125 	s->version=SSL3_VERSION;
   3126 
   3127 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
   3128 	if (s->next_proto_negotiated)
   3129 		{
   3130 		OPENSSL_free(s->next_proto_negotiated);
   3131 		s->next_proto_negotiated = NULL;
   3132 		s->next_proto_negotiated_len = 0;
   3133 		}
   3134 #endif
   3135 
   3136 #if !defined(OPENSSL_NO_TLSEXT)
   3137 	s->s3->tlsext_channel_id_valid = 0;
   3138 #endif
   3139 	}
   3140 
   3141 #ifndef OPENSSL_NO_SRP
   3142 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
   3143 	{
   3144 	return BUF_strdup(s->srp_ctx.info) ;
   3145 	}
   3146 #endif
   3147 
   3148 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
   3149 	{
   3150 	int ret=0;
   3151 
   3152 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
   3153 	if (
   3154 #ifndef OPENSSL_NO_RSA
   3155 	    cmd == SSL_CTRL_SET_TMP_RSA ||
   3156 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
   3157 #endif
   3158 #ifndef OPENSSL_NO_DSA
   3159 	    cmd == SSL_CTRL_SET_TMP_DH ||
   3160 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
   3161 #endif
   3162 		0)
   3163 		{
   3164 		if (!ssl_cert_inst(&s->cert))
   3165 		    	{
   3166 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
   3167 			return(0);
   3168 			}
   3169 		}
   3170 #endif
   3171 
   3172 	switch (cmd)
   3173 		{
   3174 	case SSL_CTRL_GET_SESSION_REUSED:
   3175 		ret=s->hit;
   3176 		break;
   3177 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
   3178 		break;
   3179 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
   3180 		ret=s->s3->num_renegotiations;
   3181 		break;
   3182 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
   3183 		ret=s->s3->num_renegotiations;
   3184 		s->s3->num_renegotiations=0;
   3185 		break;
   3186 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
   3187 		ret=s->s3->total_renegotiations;
   3188 		break;
   3189 	case SSL_CTRL_GET_FLAGS:
   3190 		ret=(int)(s->s3->flags);
   3191 		break;
   3192 #ifndef OPENSSL_NO_RSA
   3193 	case SSL_CTRL_NEED_TMP_RSA:
   3194 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
   3195 		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
   3196 		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
   3197 			ret = 1;
   3198 		break;
   3199 	case SSL_CTRL_SET_TMP_RSA:
   3200 		{
   3201 			RSA *rsa = (RSA *)parg;
   3202 			if (rsa == NULL)
   3203 				{
   3204 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3205 				return(ret);
   3206 				}
   3207 			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
   3208 				{
   3209 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
   3210 				return(ret);
   3211 				}
   3212 			if (s->cert->rsa_tmp != NULL)
   3213 				RSA_free(s->cert->rsa_tmp);
   3214 			s->cert->rsa_tmp = rsa;
   3215 			ret = 1;
   3216 		}
   3217 		break;
   3218 	case SSL_CTRL_SET_TMP_RSA_CB:
   3219 		{
   3220 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3221 		return(ret);
   3222 		}
   3223 		break;
   3224 #endif
   3225 #ifndef OPENSSL_NO_DH
   3226 	case SSL_CTRL_SET_TMP_DH:
   3227 		{
   3228 			DH *dh = (DH *)parg;
   3229 			if (dh == NULL)
   3230 				{
   3231 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3232 				return(ret);
   3233 				}
   3234 			if ((dh = DHparams_dup(dh)) == NULL)
   3235 				{
   3236 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
   3237 				return(ret);
   3238 				}
   3239 			if (!(s->options & SSL_OP_SINGLE_DH_USE))
   3240 				{
   3241 				if (!DH_generate_key(dh))
   3242 					{
   3243 					DH_free(dh);
   3244 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
   3245 					return(ret);
   3246 					}
   3247 				}
   3248 			if (s->cert->dh_tmp != NULL)
   3249 				DH_free(s->cert->dh_tmp);
   3250 			s->cert->dh_tmp = dh;
   3251 			ret = 1;
   3252 		}
   3253 		break;
   3254 	case SSL_CTRL_SET_TMP_DH_CB:
   3255 		{
   3256 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3257 		return(ret);
   3258 		}
   3259 		break;
   3260 #endif
   3261 #ifndef OPENSSL_NO_ECDH
   3262 	case SSL_CTRL_SET_TMP_ECDH:
   3263 		{
   3264 		EC_KEY *ecdh = NULL;
   3265 
   3266 		if (parg == NULL)
   3267 			{
   3268 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
   3269 			return(ret);
   3270 			}
   3271 		if (!EC_KEY_up_ref((EC_KEY *)parg))
   3272 			{
   3273 			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
   3274 			return(ret);
   3275 			}
   3276 		ecdh = (EC_KEY *)parg;
   3277 		if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
   3278 			{
   3279 			if (!EC_KEY_generate_key(ecdh))
   3280 				{
   3281 				EC_KEY_free(ecdh);
   3282 				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
   3283 				return(ret);
   3284 				}
   3285 			}
   3286 		if (s->cert->ecdh_tmp != NULL)
   3287 			EC_KEY_free(s->cert->ecdh_tmp);
   3288 		s->cert->ecdh_tmp = ecdh;
   3289 		ret = 1;
   3290 		}
   3291 		break;
   3292 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3293 		{
   3294 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3295 		return(ret);
   3296 		}
   3297 		break;
   3298 #endif /* !OPENSSL_NO_ECDH */
   3299 #ifndef OPENSSL_NO_TLSEXT
   3300 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
   3301  		if (larg == TLSEXT_NAMETYPE_host_name)
   3302 			{
   3303 			if (s->tlsext_hostname != NULL)
   3304 				OPENSSL_free(s->tlsext_hostname);
   3305 			s->tlsext_hostname = NULL;
   3306 
   3307 			ret = 1;
   3308 			if (parg == NULL)
   3309 				break;
   3310 			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
   3311 				{
   3312 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
   3313 				return 0;
   3314 				}
   3315 			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
   3316 				{
   3317 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
   3318 				return 0;
   3319 				}
   3320 			}
   3321 		else
   3322 			{
   3323 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
   3324 			return 0;
   3325 			}
   3326  		break;
   3327 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
   3328 		s->tlsext_debug_arg=parg;
   3329 		ret = 1;
   3330 		break;
   3331 
   3332 #ifdef TLSEXT_TYPE_opaque_prf_input
   3333 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
   3334 		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
   3335 		                   * (including the cert chain and everything) */
   3336 			{
   3337 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
   3338 			break;
   3339 			}
   3340 		if (s->tlsext_opaque_prf_input != NULL)
   3341 			OPENSSL_free(s->tlsext_opaque_prf_input);
   3342 		if ((size_t)larg == 0)
   3343 			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
   3344 		else
   3345 			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
   3346 		if (s->tlsext_opaque_prf_input != NULL)
   3347 			{
   3348 			s->tlsext_opaque_prf_input_len = (size_t)larg;
   3349 			ret = 1;
   3350 			}
   3351 		else
   3352 			s->tlsext_opaque_prf_input_len = 0;
   3353 		break;
   3354 #endif
   3355 
   3356 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
   3357 		s->tlsext_status_type=larg;
   3358 		ret = 1;
   3359 		break;
   3360 
   3361 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
   3362 		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
   3363 		ret = 1;
   3364 		break;
   3365 
   3366 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
   3367 		s->tlsext_ocsp_exts = parg;
   3368 		ret = 1;
   3369 		break;
   3370 
   3371 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
   3372 		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
   3373 		ret = 1;
   3374 		break;
   3375 
   3376 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
   3377 		s->tlsext_ocsp_ids = parg;
   3378 		ret = 1;
   3379 		break;
   3380 
   3381 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
   3382 		*(unsigned char **)parg = s->tlsext_ocsp_resp;
   3383 		return s->tlsext_ocsp_resplen;
   3384 
   3385 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
   3386 		if (s->tlsext_ocsp_resp)
   3387 			OPENSSL_free(s->tlsext_ocsp_resp);
   3388 		s->tlsext_ocsp_resp = parg;
   3389 		s->tlsext_ocsp_resplen = larg;
   3390 		ret = 1;
   3391 		break;
   3392 
   3393 #ifndef OPENSSL_NO_HEARTBEATS
   3394 	case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
   3395 		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
   3396 			ret = dtls1_heartbeat(s);
   3397 		else
   3398 			ret = tls1_heartbeat(s);
   3399 		break;
   3400 
   3401 	case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
   3402 		ret = s->tlsext_hb_pending;
   3403 		break;
   3404 
   3405 	case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
   3406 		if (larg)
   3407 			s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
   3408 		else
   3409 			s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
   3410 		ret = 1;
   3411 		break;
   3412 #endif
   3413 	case SSL_CTRL_CHANNEL_ID:
   3414 		s->tlsext_channel_id_enabled = 1;
   3415 		ret = 1;
   3416 		break;
   3417 
   3418 	case SSL_CTRL_SET_CHANNEL_ID:
   3419 		if (s->server)
   3420 			break;
   3421 		s->tlsext_channel_id_enabled = 1;
   3422 		if (EVP_PKEY_bits(parg) != 256)
   3423 			{
   3424 			SSLerr(SSL_F_SSL3_CTRL,SSL_R_CHANNEL_ID_NOT_P256);
   3425 			break;
   3426 			}
   3427 		if (s->tlsext_channel_id_private)
   3428 			EVP_PKEY_free(s->tlsext_channel_id_private);
   3429 		s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
   3430 		ret = 1;
   3431 		break;
   3432 
   3433 	case SSL_CTRL_GET_CHANNEL_ID:
   3434 		if (!s->server)
   3435 			break;
   3436 		if (!s->s3->tlsext_channel_id_valid)
   3437 			break;
   3438 		memcpy(parg, s->s3->tlsext_channel_id, larg < 64 ? larg : 64);
   3439 		return 64;
   3440 
   3441 #endif /* !OPENSSL_NO_TLSEXT */
   3442 
   3443 	case SSL_CTRL_CHECK_PROTO_VERSION:
   3444 		/* For library-internal use; checks that the current protocol
   3445 		 * is the highest enabled version (according to s->ctx->method,
   3446 		 * as version negotiation may have changed s->method). */
   3447 		if (s->version == s->ctx->method->version)
   3448 			return 1;
   3449 		/* Apparently we're using a version-flexible SSL_METHOD
   3450 		 * (not at its highest protocol version). */
   3451 		if (s->ctx->method->version == SSLv23_method()->version)
   3452 			{
   3453 #if TLS_MAX_VERSION != TLS1_2_VERSION
   3454 #  error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
   3455 #endif
   3456 			if (!(s->options & SSL_OP_NO_TLSv1_2))
   3457 				return s->version == TLS1_2_VERSION;
   3458 			if (!(s->options & SSL_OP_NO_TLSv1_1))
   3459 				return s->version == TLS1_1_VERSION;
   3460 			if (!(s->options & SSL_OP_NO_TLSv1))
   3461 				return s->version == TLS1_VERSION;
   3462 			if (!(s->options & SSL_OP_NO_SSLv3))
   3463 				return s->version == SSL3_VERSION;
   3464 			if (!(s->options & SSL_OP_NO_SSLv2))
   3465 				return s->version == SSL2_VERSION;
   3466 			}
   3467 		return 0; /* Unexpected state; fail closed. */
   3468 
   3469 	default:
   3470 		break;
   3471 		}
   3472 	return(ret);
   3473 	}
   3474 
   3475 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
   3476 	{
   3477 	int ret=0;
   3478 
   3479 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
   3480 	if (
   3481 #ifndef OPENSSL_NO_RSA
   3482 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
   3483 #endif
   3484 #ifndef OPENSSL_NO_DSA
   3485 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
   3486 #endif
   3487 		0)
   3488 		{
   3489 		if (!ssl_cert_inst(&s->cert))
   3490 			{
   3491 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
   3492 			return(0);
   3493 			}
   3494 		}
   3495 #endif
   3496 
   3497 	switch (cmd)
   3498 		{
   3499 #ifndef OPENSSL_NO_RSA
   3500 	case SSL_CTRL_SET_TMP_RSA_CB:
   3501 		{
   3502 		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
   3503 		}
   3504 		break;
   3505 #endif
   3506 #ifndef OPENSSL_NO_DH
   3507 	case SSL_CTRL_SET_TMP_DH_CB:
   3508 		{
   3509 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
   3510 		}
   3511 		break;
   3512 #endif
   3513 #ifndef OPENSSL_NO_ECDH
   3514 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3515 		{
   3516 		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
   3517 		}
   3518 		break;
   3519 #endif
   3520 #ifndef OPENSSL_NO_TLSEXT
   3521 	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
   3522 		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
   3523 					unsigned char *, int, void *))fp;
   3524 		break;
   3525 #endif
   3526 	default:
   3527 		break;
   3528 		}
   3529 	return(ret);
   3530 	}
   3531 
   3532 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
   3533 	{
   3534 	CERT *cert;
   3535 
   3536 	cert=ctx->cert;
   3537 
   3538 	switch (cmd)
   3539 		{
   3540 #ifndef OPENSSL_NO_RSA
   3541 	case SSL_CTRL_NEED_TMP_RSA:
   3542 		if (	(cert->rsa_tmp == NULL) &&
   3543 			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
   3544 			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
   3545 			)
   3546 			return(1);
   3547 		else
   3548 			return(0);
   3549 		/* break; */
   3550 	case SSL_CTRL_SET_TMP_RSA:
   3551 		{
   3552 		RSA *rsa;
   3553 		int i;
   3554 
   3555 		rsa=(RSA *)parg;
   3556 		i=1;
   3557 		if (rsa == NULL)
   3558 			i=0;
   3559 		else
   3560 			{
   3561 			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
   3562 				i=0;
   3563 			}
   3564 		if (!i)
   3565 			{
   3566 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
   3567 			return(0);
   3568 			}
   3569 		else
   3570 			{
   3571 			if (cert->rsa_tmp != NULL)
   3572 				RSA_free(cert->rsa_tmp);
   3573 			cert->rsa_tmp=rsa;
   3574 			return(1);
   3575 			}
   3576 		}
   3577 		/* break; */
   3578 	case SSL_CTRL_SET_TMP_RSA_CB:
   3579 		{
   3580 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3581 		return(0);
   3582 		}
   3583 		break;
   3584 #endif
   3585 #ifndef OPENSSL_NO_DH
   3586 	case SSL_CTRL_SET_TMP_DH:
   3587 		{
   3588 		DH *new=NULL,*dh;
   3589 
   3590 		dh=(DH *)parg;
   3591 		if ((new=DHparams_dup(dh)) == NULL)
   3592 			{
   3593 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
   3594 			return 0;
   3595 			}
   3596 		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
   3597 			{
   3598 			if (!DH_generate_key(new))
   3599 				{
   3600 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
   3601 				DH_free(new);
   3602 				return 0;
   3603 				}
   3604 			}
   3605 		if (cert->dh_tmp != NULL)
   3606 			DH_free(cert->dh_tmp);
   3607 		cert->dh_tmp=new;
   3608 		return 1;
   3609 		}
   3610 		/*break; */
   3611 	case SSL_CTRL_SET_TMP_DH_CB:
   3612 		{
   3613 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3614 		return(0);
   3615 		}
   3616 		break;
   3617 #endif
   3618 #ifndef OPENSSL_NO_ECDH
   3619 	case SSL_CTRL_SET_TMP_ECDH:
   3620 		{
   3621 		EC_KEY *ecdh = NULL;
   3622 
   3623 		if (parg == NULL)
   3624 			{
   3625 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
   3626 			return 0;
   3627 			}
   3628 		ecdh = EC_KEY_dup((EC_KEY *)parg);
   3629 		if (ecdh == NULL)
   3630 			{
   3631 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
   3632 			return 0;
   3633 			}
   3634 		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
   3635 			{
   3636 			if (!EC_KEY_generate_key(ecdh))
   3637 				{
   3638 				EC_KEY_free(ecdh);
   3639 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
   3640 				return 0;
   3641 				}
   3642 			}
   3643 
   3644 		if (cert->ecdh_tmp != NULL)
   3645 			{
   3646 			EC_KEY_free(cert->ecdh_tmp);
   3647 			}
   3648 		cert->ecdh_tmp = ecdh;
   3649 		return 1;
   3650 		}
   3651 		/* break; */
   3652 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3653 		{
   3654 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
   3655 		return(0);
   3656 		}
   3657 		break;
   3658 #endif /* !OPENSSL_NO_ECDH */
   3659 #ifndef OPENSSL_NO_TLSEXT
   3660 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
   3661 		ctx->tlsext_servername_arg=parg;
   3662 		break;
   3663 	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
   3664 	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
   3665 		{
   3666 		unsigned char *keys = parg;
   3667 		if (!keys)
   3668 			return 48;
   3669 		if (larg != 48)
   3670 			{
   3671 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
   3672 			return 0;
   3673 			}
   3674 		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
   3675 			{
   3676 			memcpy(ctx->tlsext_tick_key_name, keys, 16);
   3677 			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
   3678 			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
   3679 			}
   3680 		else
   3681 			{
   3682 			memcpy(keys, ctx->tlsext_tick_key_name, 16);
   3683 			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
   3684 			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
   3685 			}
   3686 		return 1;
   3687 		}
   3688 	case SSL_CTRL_CHANNEL_ID:
   3689 		/* must be called on a server */
   3690 		if (ctx->method->ssl_accept == ssl_undefined_function)
   3691 			return 0;
   3692 		ctx->tlsext_channel_id_enabled=1;
   3693 		return 1;
   3694 
   3695 #ifdef TLSEXT_TYPE_opaque_prf_input
   3696 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
   3697 		ctx->tlsext_opaque_prf_input_callback_arg = parg;
   3698 		return 1;
   3699 #endif
   3700 
   3701 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
   3702 		ctx->tlsext_status_arg=parg;
   3703 		return 1;
   3704 		break;
   3705 
   3706 #ifndef OPENSSL_NO_SRP
   3707 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
   3708 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3709 		if (ctx->srp_ctx.login != NULL)
   3710 			OPENSSL_free(ctx->srp_ctx.login);
   3711 		ctx->srp_ctx.login = NULL;
   3712 		if (parg == NULL)
   3713 			break;
   3714 		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
   3715 			{
   3716 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
   3717 			return 0;
   3718 			}
   3719 		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
   3720 			{
   3721 			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
   3722 			return 0;
   3723 			}
   3724 		break;
   3725 	case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
   3726 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
   3727 		ctx->srp_ctx.info=parg;
   3728 		break;
   3729 	case SSL_CTRL_SET_SRP_ARG:
   3730 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3731 		ctx->srp_ctx.SRP_cb_arg=parg;
   3732 		break;
   3733 
   3734 	case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
   3735 		ctx->srp_ctx.strength=larg;
   3736 		break;
   3737 #endif
   3738 #endif /* !OPENSSL_NO_TLSEXT */
   3739 
   3740 	/* A Thawte special :-) */
   3741 	case SSL_CTRL_EXTRA_CHAIN_CERT:
   3742 		if (ctx->extra_certs == NULL)
   3743 			{
   3744 			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
   3745 				return(0);
   3746 			}
   3747 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
   3748 		break;
   3749 
   3750 	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
   3751 		*(STACK_OF(X509) **)parg =  ctx->extra_certs;
   3752 		break;
   3753 
   3754 	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
   3755 		if (ctx->extra_certs)
   3756 			{
   3757 			sk_X509_pop_free(ctx->extra_certs, X509_free);
   3758 			ctx->extra_certs = NULL;
   3759 			}
   3760 		break;
   3761 
   3762 	case SSL_CTRL_SET_CHANNEL_ID:
   3763 		ctx->tlsext_channel_id_enabled = 1;
   3764 		if (EVP_PKEY_bits(parg) != 256)
   3765 			{
   3766 			SSLerr(SSL_F_SSL3_CTX_CTRL,SSL_R_CHANNEL_ID_NOT_P256);
   3767 			break;
   3768 			}
   3769 		if (ctx->tlsext_channel_id_private)
   3770 			EVP_PKEY_free(ctx->tlsext_channel_id_private);
   3771 		ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY*) parg);
   3772 		break;
   3773 
   3774 	default:
   3775 		return(0);
   3776 		}
   3777 	return(1);
   3778 	}
   3779 
   3780 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
   3781 	{
   3782 	CERT *cert;
   3783 
   3784 	cert=ctx->cert;
   3785 
   3786 	switch (cmd)
   3787 		{
   3788 #ifndef OPENSSL_NO_RSA
   3789 	case SSL_CTRL_SET_TMP_RSA_CB:
   3790 		{
   3791 		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
   3792 		}
   3793 		break;
   3794 #endif
   3795 #ifndef OPENSSL_NO_DH
   3796 	case SSL_CTRL_SET_TMP_DH_CB:
   3797 		{
   3798 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
   3799 		}
   3800 		break;
   3801 #endif
   3802 #ifndef OPENSSL_NO_ECDH
   3803 	case SSL_CTRL_SET_TMP_ECDH_CB:
   3804 		{
   3805 		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
   3806 		}
   3807 		break;
   3808 #endif
   3809 #ifndef OPENSSL_NO_TLSEXT
   3810 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
   3811 		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
   3812 		break;
   3813 
   3814 #ifdef TLSEXT_TYPE_opaque_prf_input
   3815 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
   3816 		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
   3817 		break;
   3818 #endif
   3819 
   3820 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
   3821 		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
   3822 		break;
   3823 
   3824 	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
   3825 		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
   3826 						unsigned char *,
   3827 						EVP_CIPHER_CTX *,
   3828 						HMAC_CTX *, int))fp;
   3829 		break;
   3830 
   3831 #ifndef OPENSSL_NO_SRP
   3832 	case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
   3833 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3834 		ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
   3835 		break;
   3836 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
   3837 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3838 		ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
   3839 		break;
   3840 	case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
   3841 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
   3842 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
   3843 		break;
   3844 #endif
   3845 #endif
   3846 
   3847 	default:
   3848 		return(0);
   3849 		}
   3850 	return(1);
   3851 	}
   3852 
   3853 /* This function needs to check if the ciphers required are actually
   3854  * available */
   3855 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
   3856 	{
   3857 	SSL_CIPHER c;
   3858 	const SSL_CIPHER *cp;
   3859 	unsigned long id;
   3860 
   3861 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
   3862 	c.id=id;
   3863 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
   3864 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
   3865 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
   3866 #endif
   3867 	if (cp == NULL || cp->valid == 0)
   3868 		return NULL;
   3869 	else
   3870 		return cp;
   3871 	}
   3872 
   3873 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
   3874 	{
   3875 	long l;
   3876 
   3877 	if (p != NULL)
   3878 		{
   3879 		l=c->id;
   3880 		if ((l & 0xff000000) != 0x03000000) return(0);
   3881 		p[0]=((unsigned char)(l>> 8L))&0xFF;
   3882 		p[1]=((unsigned char)(l     ))&0xFF;
   3883 		}
   3884 	return(2);
   3885 	}
   3886 
   3887 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
   3888 	     STACK_OF(SSL_CIPHER) *srvr)
   3889 	{
   3890 	SSL_CIPHER *c,*ret=NULL;
   3891 	STACK_OF(SSL_CIPHER) *prio, *allow;
   3892 	int i,ii,ok;
   3893 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
   3894 	unsigned int j;
   3895 	int ec_ok, ec_nid;
   3896 	unsigned char ec_search1 = 0, ec_search2 = 0;
   3897 #endif
   3898 	CERT *cert;
   3899 	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
   3900 
   3901 	/* Let's see which ciphers we can support */
   3902 	cert=s->cert;
   3903 
   3904 #if 0
   3905 	/* Do not set the compare functions, because this may lead to a
   3906 	 * reordering by "id". We want to keep the original ordering.
   3907 	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
   3908 	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
   3909 	 */
   3910 	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
   3911 	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
   3912 #endif
   3913 
   3914 #ifdef CIPHER_DEBUG
   3915 	printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
   3916 	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
   3917 		{
   3918 		c=sk_SSL_CIPHER_value(srvr,i);
   3919 		printf("%p:%s\n",(void *)c,c->name);
   3920 		}
   3921 	printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
   3922 	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
   3923 	    {
   3924 	    c=sk_SSL_CIPHER_value(clnt,i);
   3925 	    printf("%p:%s\n",(void *)c,c->name);
   3926 	    }
   3927 #endif
   3928 
   3929 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
   3930 		{
   3931 		prio = srvr;
   3932 		allow = clnt;
   3933 		}
   3934 	else
   3935 		{
   3936 		prio = clnt;
   3937 		allow = srvr;
   3938 		}
   3939 
   3940 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
   3941 		{
   3942 		c=sk_SSL_CIPHER_value(prio,i);
   3943 
   3944 		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
   3945 		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
   3946 			(TLS1_get_version(s) < TLS1_2_VERSION))
   3947 			continue;
   3948 
   3949 		ssl_set_cert_masks(cert,c);
   3950 		mask_k = cert->mask_k;
   3951 		mask_a = cert->mask_a;
   3952 		emask_k = cert->export_mask_k;
   3953 		emask_a = cert->export_mask_a;
   3954 #ifndef OPENSSL_NO_SRP
   3955 		if (s->srp_ctx.srp_Mask & SSL_kSRP)
   3956 			{
   3957 			mask_k |= SSL_kSRP;
   3958 			emask_k |= SSL_kSRP;
   3959 			mask_a |= SSL_aSRP;
   3960 			emask_a |= SSL_aSRP;
   3961 			}
   3962 #endif
   3963 
   3964 #ifdef KSSL_DEBUG
   3965 /*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
   3966 #endif    /* KSSL_DEBUG */
   3967 
   3968 		alg_k=c->algorithm_mkey;
   3969 		alg_a=c->algorithm_auth;
   3970 
   3971 #ifndef OPENSSL_NO_KRB5
   3972 		if (alg_k & SSL_kKRB5)
   3973 			{
   3974 			if ( !kssl_keytab_is_available(s->kssl_ctx) )
   3975 			    continue;
   3976 			}
   3977 #endif /* OPENSSL_NO_KRB5 */
   3978 #ifndef OPENSSL_NO_PSK
   3979 		/* with PSK there must be server callback set */
   3980 		if ((alg_a & SSL_aPSK) && s->psk_server_callback == NULL)
   3981 			continue;
   3982 #endif /* OPENSSL_NO_PSK */
   3983 
   3984 		if (SSL_C_IS_EXPORT(c))
   3985 			{
   3986 			ok = (alg_k & emask_k) && (alg_a & emask_a);
   3987 #ifdef CIPHER_DEBUG
   3988 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
   3989 			       (void *)c,c->name);
   3990 #endif
   3991 			}
   3992 		else
   3993 			{
   3994 			ok = (alg_k & mask_k) && (alg_a & mask_a);
   3995 #ifdef CIPHER_DEBUG
   3996 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
   3997 			       c->name);
   3998 #endif
   3999 			}
   4000 
   4001 #ifndef OPENSSL_NO_TLSEXT
   4002 #ifndef OPENSSL_NO_EC
   4003 		if (
   4004 			/* if we are considering an ECC cipher suite that uses our certificate */
   4005 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
   4006 			/* and we have an ECC certificate */
   4007 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
   4008 			/* and the client specified a Supported Point Formats extension */
   4009 			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
   4010 			/* and our certificate's point is compressed */
   4011 			&& (
   4012 				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
   4013 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
   4014 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
   4015 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
   4016 				&& (
   4017 					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
   4018 					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
   4019 					)
   4020 				)
   4021 		)
   4022 			{
   4023 			ec_ok = 0;
   4024 			/* if our certificate's curve is over a field type that the client does not support
   4025 			 * then do not allow this cipher suite to be negotiated */
   4026 			if (
   4027 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
   4028 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
   4029 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
   4030 				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
   4031 			)
   4032 				{
   4033 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
   4034 					{
   4035 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
   4036 						{
   4037 						ec_ok = 1;
   4038 						break;
   4039 						}
   4040 					}
   4041 				}
   4042 			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
   4043 				{
   4044 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
   4045 					{
   4046 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
   4047 						{
   4048 						ec_ok = 1;
   4049 						break;
   4050 						}
   4051 					}
   4052 				}
   4053 			ok = ok && ec_ok;
   4054 			}
   4055 		if (
   4056 			/* if we are considering an ECC cipher suite that uses our certificate */
   4057 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
   4058 			/* and we have an ECC certificate */
   4059 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
   4060 			/* and the client specified an EllipticCurves extension */
   4061 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
   4062 		)
   4063 			{
   4064 			ec_ok = 0;
   4065 			if (
   4066 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
   4067 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
   4068 			)
   4069 				{
   4070 				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
   4071 				if ((ec_nid == 0)
   4072 					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
   4073 				)
   4074 					{
   4075 					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
   4076 						{
   4077 						ec_search1 = 0xFF;
   4078 						ec_search2 = 0x01;
   4079 						}
   4080 					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
   4081 						{
   4082 						ec_search1 = 0xFF;
   4083 						ec_search2 = 0x02;
   4084 						}
   4085 					}
   4086 				else
   4087 					{
   4088 					ec_search1 = 0x00;
   4089 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
   4090 					}
   4091 				if ((ec_search1 != 0) || (ec_search2 != 0))
   4092 					{
   4093 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
   4094 						{
   4095 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
   4096 							{
   4097 							ec_ok = 1;
   4098 							break;
   4099 							}
   4100 						}
   4101 					}
   4102 				}
   4103 			ok = ok && ec_ok;
   4104 			}
   4105 		if (
   4106 			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
   4107 			(alg_k & SSL_kEECDH)
   4108 			/* and we have an ephemeral EC key */
   4109 			&& (s->cert->ecdh_tmp != NULL)
   4110 			/* and the client specified an EllipticCurves extension */
   4111 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
   4112 		)
   4113 			{
   4114 			ec_ok = 0;
   4115 			if (s->cert->ecdh_tmp->group != NULL)
   4116 				{
   4117 				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
   4118 				if ((ec_nid == 0)
   4119 					&& (s->cert->ecdh_tmp->group->meth != NULL)
   4120 				)
   4121 					{
   4122 					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
   4123 						{
   4124 						ec_search1 = 0xFF;
   4125 						ec_search2 = 0x01;
   4126 						}
   4127 					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
   4128 						{
   4129 						ec_search1 = 0xFF;
   4130 						ec_search2 = 0x02;
   4131 						}
   4132 					}
   4133 				else
   4134 					{
   4135 					ec_search1 = 0x00;
   4136 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
   4137 					}
   4138 				if ((ec_search1 != 0) || (ec_search2 != 0))
   4139 					{
   4140 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
   4141 						{
   4142 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
   4143 							{
   4144 							ec_ok = 1;
   4145 							break;
   4146 							}
   4147 						}
   4148 					}
   4149 				}
   4150 			ok = ok && ec_ok;
   4151 			}
   4152 #endif /* OPENSSL_NO_EC */
   4153 #endif /* OPENSSL_NO_TLSEXT */
   4154 
   4155 		if (!ok) continue;
   4156 		ii=sk_SSL_CIPHER_find(allow,c);
   4157 		if (ii >= 0)
   4158 			{
   4159 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
   4160 			if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
   4161 				{
   4162 				if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
   4163 				continue;
   4164 				}
   4165 #endif
   4166 			ret=sk_SSL_CIPHER_value(allow,ii);
   4167 			break;
   4168 			}
   4169 		}
   4170 	return(ret);
   4171 	}
   4172 
   4173 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
   4174 	{
   4175 	int ret=0;
   4176 	unsigned long alg_k;
   4177 
   4178 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
   4179 
   4180 #ifndef OPENSSL_NO_GOST
   4181 	if (s->version >= TLS1_VERSION)
   4182 		{
   4183 		if (alg_k & SSL_kGOST)
   4184 			{
   4185 			p[ret++]=TLS_CT_GOST94_SIGN;
   4186 			p[ret++]=TLS_CT_GOST01_SIGN;
   4187 			return(ret);
   4188 			}
   4189 		}
   4190 #endif
   4191 
   4192 #ifndef OPENSSL_NO_DH
   4193 	if (alg_k & (SSL_kDHr|SSL_kEDH))
   4194 		{
   4195 #  ifndef OPENSSL_NO_RSA
   4196 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
   4197 #  endif
   4198 #  ifndef OPENSSL_NO_DSA
   4199 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
   4200 #  endif
   4201 		}
   4202 	if ((s->version == SSL3_VERSION) &&
   4203 		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
   4204 		{
   4205 #  ifndef OPENSSL_NO_RSA
   4206 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
   4207 #  endif
   4208 #  ifndef OPENSSL_NO_DSA
   4209 		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
   4210 #  endif
   4211 		}
   4212 #endif /* !OPENSSL_NO_DH */
   4213 #ifndef OPENSSL_NO_RSA
   4214 	p[ret++]=SSL3_CT_RSA_SIGN;
   4215 #endif
   4216 #ifndef OPENSSL_NO_DSA
   4217 	p[ret++]=SSL3_CT_DSS_SIGN;
   4218 #endif
   4219 #ifndef OPENSSL_NO_ECDH
   4220 	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
   4221 		{
   4222 		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
   4223 		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
   4224 		}
   4225 #endif
   4226 
   4227 #ifndef OPENSSL_NO_ECDSA
   4228 	/* ECDSA certs can be used with RSA cipher suites as well
   4229 	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
   4230 	 */
   4231 	if (s->version >= TLS1_VERSION)
   4232 		{
   4233 		p[ret++]=TLS_CT_ECDSA_SIGN;
   4234 		}
   4235 #endif
   4236 	return(ret);
   4237 	}
   4238 
   4239 int ssl3_shutdown(SSL *s)
   4240 	{
   4241 	int ret;
   4242 
   4243 	/* Don't do anything much if we have not done the handshake or
   4244 	 * we don't want to send messages :-) */
   4245 	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
   4246 		{
   4247 		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
   4248 		return(1);
   4249 		}
   4250 
   4251 	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
   4252 		{
   4253 		s->shutdown|=SSL_SENT_SHUTDOWN;
   4254 #if 1
   4255 		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
   4256 #endif
   4257 		/* our shutdown alert has been sent now, and if it still needs
   4258 	 	 * to be written, s->s3->alert_dispatch will be true */
   4259 	 	if (s->s3->alert_dispatch)
   4260 	 		return(-1);	/* return WANT_WRITE */
   4261 		}
   4262 	else if (s->s3->alert_dispatch)
   4263 		{
   4264 		/* resend it if not sent */
   4265 #if 1
   4266 		ret=s->method->ssl_dispatch_alert(s);
   4267 		if(ret == -1)
   4268 			{
   4269 			/* we only get to return -1 here the 2nd/Nth
   4270 			 * invocation, we must  have already signalled
   4271 			 * return 0 upon a previous invoation,
   4272 			 * return WANT_WRITE */
   4273 			return(ret);
   4274 			}
   4275 #endif
   4276 		}
   4277 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
   4278 		{
   4279 		/* If we are waiting for a close from our peer, we are closed */
   4280 		s->method->ssl_read_bytes(s,0,NULL,0,0);
   4281 		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
   4282 			{
   4283 			return(-1);	/* return WANT_READ */
   4284 			}
   4285 		}
   4286 
   4287 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
   4288 		!s->s3->alert_dispatch)
   4289 		return(1);
   4290 	else
   4291 		return(0);
   4292 	}
   4293 
   4294 int ssl3_write(SSL *s, const void *buf, int len)
   4295 	{
   4296 	int ret,n;
   4297 
   4298 #if 0
   4299 	if (s->shutdown & SSL_SEND_SHUTDOWN)
   4300 		{
   4301 		s->rwstate=SSL_NOTHING;
   4302 		return(0);
   4303 		}
   4304 #endif
   4305 	clear_sys_error();
   4306 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
   4307 
   4308 	/* This is an experimental flag that sends the
   4309 	 * last handshake message in the same packet as the first
   4310 	 * use data - used to see if it helps the TCP protocol during
   4311 	 * session-id reuse */
   4312 	/* The second test is because the buffer may have been removed */
   4313 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
   4314 		{
   4315 		/* First time through, we write into the buffer */
   4316 		if (s->s3->delay_buf_pop_ret == 0)
   4317 			{
   4318 			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
   4319 					     buf,len);
   4320 			if (ret <= 0) return(ret);
   4321 
   4322 			s->s3->delay_buf_pop_ret=ret;
   4323 			}
   4324 
   4325 		s->rwstate=SSL_WRITING;
   4326 		n=BIO_flush(s->wbio);
   4327 		if (n <= 0) return(n);
   4328 		s->rwstate=SSL_NOTHING;
   4329 
   4330 		/* We have flushed the buffer, so remove it */
   4331 		ssl_free_wbio_buffer(s);
   4332 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
   4333 
   4334 		ret=s->s3->delay_buf_pop_ret;
   4335 		s->s3->delay_buf_pop_ret=0;
   4336 		}
   4337 	else
   4338 		{
   4339 		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
   4340 			buf,len);
   4341 		if (ret <= 0) return(ret);
   4342 		}
   4343 
   4344 	return(ret);
   4345 	}
   4346 
   4347 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
   4348 	{
   4349 	int n,ret;
   4350 
   4351 	clear_sys_error();
   4352 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
   4353 		{
   4354 		/* Deal with an application that calls SSL_read() when handshake data
   4355 		 * is yet to be written.
   4356 		 */
   4357 		if (BIO_wpending(s->wbio) > 0)
   4358 			{
   4359 			s->rwstate=SSL_WRITING;
   4360 			n=BIO_flush(s->wbio);
   4361 			if (n <= 0) return(n);
   4362 			s->rwstate=SSL_NOTHING;
   4363 			}
   4364 		}
   4365 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
   4366 	s->s3->in_read_app_data=1;
   4367 	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
   4368 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
   4369 		{
   4370 		/* ssl3_read_bytes decided to call s->handshake_func, which
   4371 		 * called ssl3_read_bytes to read handshake data.
   4372 		 * However, ssl3_read_bytes actually found application data
   4373 		 * and thinks that application data makes sense here; so disable
   4374 		 * handshake processing and try to read application data again. */
   4375 		s->in_handshake++;
   4376 		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
   4377 		s->in_handshake--;
   4378 		}
   4379 	else
   4380 		s->s3->in_read_app_data=0;
   4381 
   4382 	return(ret);
   4383 	}
   4384 
   4385 int ssl3_read(SSL *s, void *buf, int len)
   4386 	{
   4387 	return ssl3_read_internal(s, buf, len, 0);
   4388 	}
   4389 
   4390 int ssl3_peek(SSL *s, void *buf, int len)
   4391 	{
   4392 	return ssl3_read_internal(s, buf, len, 1);
   4393 	}
   4394 
   4395 int ssl3_renegotiate(SSL *s)
   4396 	{
   4397 	if (s->handshake_func == NULL)
   4398 		return(1);
   4399 
   4400 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
   4401 		return(0);
   4402 
   4403 	s->s3->renegotiate=1;
   4404 	return(1);
   4405 	}
   4406 
   4407 int ssl3_renegotiate_check(SSL *s)
   4408 	{
   4409 	int ret=0;
   4410 
   4411 	if (s->s3->renegotiate)
   4412 		{
   4413 		if (	(s->s3->rbuf.left == 0) &&
   4414 			(s->s3->wbuf.left == 0) &&
   4415 			!SSL_in_init(s))
   4416 			{
   4417 /*
   4418 if we are the server, and we have sent a 'RENEGOTIATE' message, we
   4419 need to go to SSL_ST_ACCEPT.
   4420 */
   4421 			/* SSL_ST_ACCEPT */
   4422 			s->state=SSL_ST_RENEGOTIATE;
   4423 			s->s3->renegotiate=0;
   4424 			s->s3->num_renegotiations++;
   4425 			s->s3->total_renegotiations++;
   4426 			ret=1;
   4427 			}
   4428 		}
   4429 	return(ret);
   4430 	}
   4431 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
   4432  * to new SHA256 PRF and handshake macs
   4433  */
   4434 long ssl_get_algorithm2(SSL *s)
   4435 	{
   4436 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
   4437 	if (s->method->version == TLS1_2_VERSION &&
   4438 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
   4439 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
   4440 	return alg2;
   4441 	}
   4442