xref: /freebsd/crypto/openssl/ssl/s3_lib.c (revision 2e5b60079b7d8c3ca68f1390cd90f305e651f8d3)
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150 
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #ifndef OPENSSL_NO_TLSEXT
156 #ifndef OPENSSL_NO_EC
157 #include "../crypto/ec/ec_lcl.h"
158 #endif /* OPENSSL_NO_EC */
159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h>
163 #endif
164 
165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
166 
167 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168 
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171 
172 /* The RSA ciphers */
173 /* Cipher 01 */
174 	{
175 	1,
176 	SSL3_TXT_RSA_NULL_MD5,
177 	SSL3_CK_RSA_NULL_MD5,
178 	SSL_kRSA,
179 	SSL_aRSA,
180 	SSL_eNULL,
181 	SSL_MD5,
182 	SSL_SSLV3,
183 	SSL_NOT_EXP|SSL_STRONG_NONE,
184 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
185 	0,
186 	0,
187 	},
188 
189 /* Cipher 02 */
190 	{
191 	1,
192 	SSL3_TXT_RSA_NULL_SHA,
193 	SSL3_CK_RSA_NULL_SHA,
194 	SSL_kRSA,
195 	SSL_aRSA,
196 	SSL_eNULL,
197 	SSL_SHA1,
198 	SSL_SSLV3,
199 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
200 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
201 	0,
202 	0,
203 	},
204 
205 /* Cipher 03 */
206 	{
207 	1,
208 	SSL3_TXT_RSA_RC4_40_MD5,
209 	SSL3_CK_RSA_RC4_40_MD5,
210 	SSL_kRSA,
211 	SSL_aRSA,
212 	SSL_RC4,
213 	SSL_MD5,
214 	SSL_SSLV3,
215 	SSL_EXPORT|SSL_EXP40,
216 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
217 	40,
218 	128,
219 	},
220 
221 /* Cipher 04 */
222 	{
223 	1,
224 	SSL3_TXT_RSA_RC4_128_MD5,
225 	SSL3_CK_RSA_RC4_128_MD5,
226 	SSL_kRSA,
227 	SSL_aRSA,
228 	SSL_RC4,
229 	SSL_MD5,
230 	SSL_SSLV3,
231 	SSL_NOT_EXP|SSL_MEDIUM,
232 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
233 	128,
234 	128,
235 	},
236 
237 /* Cipher 05 */
238 	{
239 	1,
240 	SSL3_TXT_RSA_RC4_128_SHA,
241 	SSL3_CK_RSA_RC4_128_SHA,
242 	SSL_kRSA,
243 	SSL_aRSA,
244 	SSL_RC4,
245 	SSL_SHA1,
246 	SSL_SSLV3,
247 	SSL_NOT_EXP|SSL_MEDIUM,
248 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
249 	128,
250 	128,
251 	},
252 
253 /* Cipher 06 */
254 	{
255 	1,
256 	SSL3_TXT_RSA_RC2_40_MD5,
257 	SSL3_CK_RSA_RC2_40_MD5,
258 	SSL_kRSA,
259 	SSL_aRSA,
260 	SSL_RC2,
261 	SSL_MD5,
262 	SSL_SSLV3,
263 	SSL_EXPORT|SSL_EXP40,
264 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
265 	40,
266 	128,
267 	},
268 
269 /* Cipher 07 */
270 #ifndef OPENSSL_NO_IDEA
271 	{
272 	1,
273 	SSL3_TXT_RSA_IDEA_128_SHA,
274 	SSL3_CK_RSA_IDEA_128_SHA,
275 	SSL_kRSA,
276 	SSL_aRSA,
277 	SSL_IDEA,
278 	SSL_SHA1,
279 	SSL_SSLV3,
280 	SSL_NOT_EXP|SSL_MEDIUM,
281 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
282 	128,
283 	128,
284 	},
285 #endif
286 
287 /* Cipher 08 */
288 	{
289 	1,
290 	SSL3_TXT_RSA_DES_40_CBC_SHA,
291 	SSL3_CK_RSA_DES_40_CBC_SHA,
292 	SSL_kRSA,
293 	SSL_aRSA,
294 	SSL_DES,
295 	SSL_SHA1,
296 	SSL_SSLV3,
297 	SSL_EXPORT|SSL_EXP40,
298 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
299 	40,
300 	56,
301 	},
302 
303 /* Cipher 09 */
304 	{
305 	1,
306 	SSL3_TXT_RSA_DES_64_CBC_SHA,
307 	SSL3_CK_RSA_DES_64_CBC_SHA,
308 	SSL_kRSA,
309 	SSL_aRSA,
310 	SSL_DES,
311 	SSL_SHA1,
312 	SSL_SSLV3,
313 	SSL_NOT_EXP|SSL_LOW,
314 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
315 	56,
316 	56,
317 	},
318 
319 /* Cipher 0A */
320 	{
321 	1,
322 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
323 	SSL3_CK_RSA_DES_192_CBC3_SHA,
324 	SSL_kRSA,
325 	SSL_aRSA,
326 	SSL_3DES,
327 	SSL_SHA1,
328 	SSL_SSLV3,
329 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
330 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
331 	112,
332 	168,
333 	},
334 
335 /* The DH ciphers */
336 /* Cipher 0B */
337 	{
338 	0,
339 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
340 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
341 	SSL_kDHd,
342 	SSL_aDH,
343 	SSL_DES,
344 	SSL_SHA1,
345 	SSL_SSLV3,
346 	SSL_EXPORT|SSL_EXP40,
347 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
348 	40,
349 	56,
350 	},
351 
352 /* Cipher 0C */
353 	{
354 	0, /* not implemented (non-ephemeral DH) */
355 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
356 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
357 	SSL_kDHd,
358 	SSL_aDH,
359 	SSL_DES,
360 	SSL_SHA1,
361 	SSL_SSLV3,
362 	SSL_NOT_EXP|SSL_LOW,
363 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
364 	56,
365 	56,
366 	},
367 
368 /* Cipher 0D */
369 	{
370 	0, /* not implemented (non-ephemeral DH) */
371 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
372 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
373 	SSL_kDHd,
374 	SSL_aDH,
375 	SSL_3DES,
376 	SSL_SHA1,
377 	SSL_SSLV3,
378 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
379 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
380 	112,
381 	168,
382 	},
383 
384 /* Cipher 0E */
385 	{
386 	0, /* not implemented (non-ephemeral DH) */
387 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
388 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
389 	SSL_kDHr,
390 	SSL_aDH,
391 	SSL_DES,
392 	SSL_SHA1,
393 	SSL_SSLV3,
394 	SSL_EXPORT|SSL_EXP40,
395 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
396 	40,
397 	56,
398 	},
399 
400 /* Cipher 0F */
401 	{
402 	0, /* not implemented (non-ephemeral DH) */
403 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
404 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
405 	SSL_kDHr,
406 	SSL_aDH,
407 	SSL_DES,
408 	SSL_SHA1,
409 	SSL_SSLV3,
410 	SSL_NOT_EXP|SSL_LOW,
411 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
412 	56,
413 	56,
414 	},
415 
416 /* Cipher 10 */
417 	{
418 	0, /* not implemented (non-ephemeral DH) */
419 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
420 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
421 	SSL_kDHr,
422 	SSL_aDH,
423 	SSL_3DES,
424 	SSL_SHA1,
425 	SSL_SSLV3,
426 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
428 	112,
429 	168,
430 	},
431 
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434 	{
435 	1,
436 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438 	SSL_kEDH,
439 	SSL_aDSS,
440 	SSL_DES,
441 	SSL_SHA1,
442 	SSL_SSLV3,
443 	SSL_EXPORT|SSL_EXP40,
444 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
445 	40,
446 	56,
447 	},
448 
449 /* Cipher 12 */
450 	{
451 	1,
452 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
453 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
454 	SSL_kEDH,
455 	SSL_aDSS,
456 	SSL_DES,
457 	SSL_SHA1,
458 	SSL_SSLV3,
459 	SSL_NOT_EXP|SSL_LOW,
460 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
461 	56,
462 	56,
463 	},
464 
465 /* Cipher 13 */
466 	{
467 	1,
468 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
469 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
470 	SSL_kEDH,
471 	SSL_aDSS,
472 	SSL_3DES,
473 	SSL_SHA1,
474 	SSL_SSLV3,
475 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
476 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
477 	112,
478 	168,
479 	},
480 
481 /* Cipher 14 */
482 	{
483 	1,
484 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
485 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
486 	SSL_kEDH,
487 	SSL_aRSA,
488 	SSL_DES,
489 	SSL_SHA1,
490 	SSL_SSLV3,
491 	SSL_EXPORT|SSL_EXP40,
492 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
493 	40,
494 	56,
495 	},
496 
497 /* Cipher 15 */
498 	{
499 	1,
500 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
501 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
502 	SSL_kEDH,
503 	SSL_aRSA,
504 	SSL_DES,
505 	SSL_SHA1,
506 	SSL_SSLV3,
507 	SSL_NOT_EXP|SSL_LOW,
508 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
509 	56,
510 	56,
511 	},
512 
513 /* Cipher 16 */
514 	{
515 	1,
516 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
517 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
518 	SSL_kEDH,
519 	SSL_aRSA,
520 	SSL_3DES,
521 	SSL_SHA1,
522 	SSL_SSLV3,
523 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
524 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
525 	112,
526 	168,
527 	},
528 
529 /* Cipher 17 */
530 	{
531 	1,
532 	SSL3_TXT_ADH_RC4_40_MD5,
533 	SSL3_CK_ADH_RC4_40_MD5,
534 	SSL_kEDH,
535 	SSL_aNULL,
536 	SSL_RC4,
537 	SSL_MD5,
538 	SSL_SSLV3,
539 	SSL_EXPORT|SSL_EXP40,
540 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
541 	40,
542 	128,
543 	},
544 
545 /* Cipher 18 */
546 	{
547 	1,
548 	SSL3_TXT_ADH_RC4_128_MD5,
549 	SSL3_CK_ADH_RC4_128_MD5,
550 	SSL_kEDH,
551 	SSL_aNULL,
552 	SSL_RC4,
553 	SSL_MD5,
554 	SSL_SSLV3,
555 	SSL_NOT_EXP|SSL_MEDIUM,
556 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
557 	128,
558 	128,
559 	},
560 
561 /* Cipher 19 */
562 	{
563 	1,
564 	SSL3_TXT_ADH_DES_40_CBC_SHA,
565 	SSL3_CK_ADH_DES_40_CBC_SHA,
566 	SSL_kEDH,
567 	SSL_aNULL,
568 	SSL_DES,
569 	SSL_SHA1,
570 	SSL_SSLV3,
571 	SSL_EXPORT|SSL_EXP40,
572 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
573 	40,
574 	128,
575 	},
576 
577 /* Cipher 1A */
578 	{
579 	1,
580 	SSL3_TXT_ADH_DES_64_CBC_SHA,
581 	SSL3_CK_ADH_DES_64_CBC_SHA,
582 	SSL_kEDH,
583 	SSL_aNULL,
584 	SSL_DES,
585 	SSL_SHA1,
586 	SSL_SSLV3,
587 	SSL_NOT_EXP|SSL_LOW,
588 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
589 	56,
590 	56,
591 	},
592 
593 /* Cipher 1B */
594 	{
595 	1,
596 	SSL3_TXT_ADH_DES_192_CBC_SHA,
597 	SSL3_CK_ADH_DES_192_CBC_SHA,
598 	SSL_kEDH,
599 	SSL_aNULL,
600 	SSL_3DES,
601 	SSL_SHA1,
602 	SSL_SSLV3,
603 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
604 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
605 	112,
606 	168,
607 	},
608 
609 /* Fortezza ciphersuite from SSL 3.0 spec */
610 #if 0
611 /* Cipher 1C */
612 	{
613 	0,
614 	SSL3_TXT_FZA_DMS_NULL_SHA,
615 	SSL3_CK_FZA_DMS_NULL_SHA,
616 	SSL_kFZA,
617 	SSL_aFZA,
618 	SSL_eNULL,
619 	SSL_SHA1,
620 	SSL_SSLV3,
621 	SSL_NOT_EXP|SSL_STRONG_NONE,
622 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
623 	0,
624 	0,
625 	},
626 
627 /* Cipher 1D */
628 	{
629 	0,
630 	SSL3_TXT_FZA_DMS_FZA_SHA,
631 	SSL3_CK_FZA_DMS_FZA_SHA,
632 	SSL_kFZA,
633 	SSL_aFZA,
634 	SSL_eFZA,
635 	SSL_SHA1,
636 	SSL_SSLV3,
637 	SSL_NOT_EXP|SSL_STRONG_NONE,
638 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
639 	0,
640 	0,
641 	},
642 
643 /* Cipher 1E */
644 	{
645 	0,
646 	SSL3_TXT_FZA_DMS_RC4_SHA,
647 	SSL3_CK_FZA_DMS_RC4_SHA,
648 	SSL_kFZA,
649 	SSL_aFZA,
650 	SSL_RC4,
651 	SSL_SHA1,
652 	SSL_SSLV3,
653 	SSL_NOT_EXP|SSL_MEDIUM,
654 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
655 	128,
656 	128,
657 	},
658 #endif
659 
660 #ifndef OPENSSL_NO_KRB5
661 /* The Kerberos ciphers*/
662 /* Cipher 1E */
663 	{
664 	1,
665 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
666 	SSL3_CK_KRB5_DES_64_CBC_SHA,
667 	SSL_kKRB5,
668 	SSL_aKRB5,
669 	SSL_DES,
670 	SSL_SHA1,
671 	SSL_SSLV3,
672 	SSL_NOT_EXP|SSL_LOW,
673 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
674 	56,
675 	56,
676 	},
677 
678 /* Cipher 1F */
679 	{
680 	1,
681 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
682 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
683 	SSL_kKRB5,
684 	SSL_aKRB5,
685 	SSL_3DES,
686 	SSL_SHA1,
687 	SSL_SSLV3,
688 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
689 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
690 	112,
691 	168,
692 	},
693 
694 /* Cipher 20 */
695 	{
696 	1,
697 	SSL3_TXT_KRB5_RC4_128_SHA,
698 	SSL3_CK_KRB5_RC4_128_SHA,
699 	SSL_kKRB5,
700 	SSL_aKRB5,
701 	SSL_RC4,
702 	SSL_SHA1,
703 	SSL_SSLV3,
704 	SSL_NOT_EXP|SSL_MEDIUM,
705 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
706 	128,
707 	128,
708 	},
709 
710 /* Cipher 21 */
711 	{
712 	1,
713 	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
714 	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
715 	SSL_kKRB5,
716 	SSL_aKRB5,
717 	SSL_IDEA,
718 	SSL_SHA1,
719 	SSL_SSLV3,
720 	SSL_NOT_EXP|SSL_MEDIUM,
721 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
722 	128,
723 	128,
724 	},
725 
726 /* Cipher 22 */
727 	{
728 	1,
729 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
730 	SSL3_CK_KRB5_DES_64_CBC_MD5,
731 	SSL_kKRB5,
732 	SSL_aKRB5,
733 	SSL_DES,
734 	SSL_MD5,
735 	SSL_SSLV3,
736 	SSL_NOT_EXP|SSL_LOW,
737 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
738 	56,
739 	56,
740 	},
741 
742 /* Cipher 23 */
743 	{
744 	1,
745 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
746 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
747 	SSL_kKRB5,
748 	SSL_aKRB5,
749 	SSL_3DES,
750 	SSL_MD5,
751 	SSL_SSLV3,
752 	SSL_NOT_EXP|SSL_HIGH,
753 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
754 	112,
755 	168,
756 	},
757 
758 /* Cipher 24 */
759 	{
760 	1,
761 	SSL3_TXT_KRB5_RC4_128_MD5,
762 	SSL3_CK_KRB5_RC4_128_MD5,
763 	SSL_kKRB5,
764 	SSL_aKRB5,
765 	SSL_RC4,
766 	SSL_MD5,
767 	SSL_SSLV3,
768 	SSL_NOT_EXP|SSL_MEDIUM,
769 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
770 	128,
771 	128,
772 	},
773 
774 /* Cipher 25 */
775 	{
776 	1,
777 	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
778 	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
779 	SSL_kKRB5,
780 	SSL_aKRB5,
781 	SSL_IDEA,
782 	SSL_MD5,
783 	SSL_SSLV3,
784 	SSL_NOT_EXP|SSL_MEDIUM,
785 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
786 	128,
787 	128,
788 	},
789 
790 /* Cipher 26 */
791 	{
792 	1,
793 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
794 	SSL3_CK_KRB5_DES_40_CBC_SHA,
795 	SSL_kKRB5,
796 	SSL_aKRB5,
797 	SSL_DES,
798 	SSL_SHA1,
799 	SSL_SSLV3,
800 	SSL_EXPORT|SSL_EXP40,
801 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
802 	40,
803 	56,
804 	},
805 
806 /* Cipher 27 */
807 	{
808 	1,
809 	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
810 	SSL3_CK_KRB5_RC2_40_CBC_SHA,
811 	SSL_kKRB5,
812 	SSL_aKRB5,
813 	SSL_RC2,
814 	SSL_SHA1,
815 	SSL_SSLV3,
816 	SSL_EXPORT|SSL_EXP40,
817 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
818 	40,
819 	128,
820 	},
821 
822 /* Cipher 28 */
823 	{
824 	1,
825 	SSL3_TXT_KRB5_RC4_40_SHA,
826 	SSL3_CK_KRB5_RC4_40_SHA,
827 	SSL_kKRB5,
828 	SSL_aKRB5,
829 	SSL_RC4,
830 	SSL_SHA1,
831 	SSL_SSLV3,
832 	SSL_EXPORT|SSL_EXP40,
833 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
834 	40,
835 	128,
836 	},
837 
838 /* Cipher 29 */
839 	{
840 	1,
841 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
842 	SSL3_CK_KRB5_DES_40_CBC_MD5,
843 	SSL_kKRB5,
844 	SSL_aKRB5,
845 	SSL_DES,
846 	SSL_MD5,
847 	SSL_SSLV3,
848 	SSL_EXPORT|SSL_EXP40,
849 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
850 	40,
851 	56,
852 	},
853 
854 /* Cipher 2A */
855 	{
856 	1,
857 	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
858 	SSL3_CK_KRB5_RC2_40_CBC_MD5,
859 	SSL_kKRB5,
860 	SSL_aKRB5,
861 	SSL_RC2,
862 	SSL_MD5,
863 	SSL_SSLV3,
864 	SSL_EXPORT|SSL_EXP40,
865 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
866 	40,
867 	128,
868 	},
869 
870 /* Cipher 2B */
871 	{
872 	1,
873 	SSL3_TXT_KRB5_RC4_40_MD5,
874 	SSL3_CK_KRB5_RC4_40_MD5,
875 	SSL_kKRB5,
876 	SSL_aKRB5,
877 	SSL_RC4,
878 	SSL_MD5,
879 	SSL_SSLV3,
880 	SSL_EXPORT|SSL_EXP40,
881 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
882 	40,
883 	128,
884 	},
885 #endif	/* OPENSSL_NO_KRB5 */
886 
887 /* New AES ciphersuites */
888 /* Cipher 2F */
889 	{
890 	1,
891 	TLS1_TXT_RSA_WITH_AES_128_SHA,
892 	TLS1_CK_RSA_WITH_AES_128_SHA,
893 	SSL_kRSA,
894 	SSL_aRSA,
895 	SSL_AES128,
896 	SSL_SHA1,
897 	SSL_TLSV1,
898 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
899 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
900 	128,
901 	128,
902 	},
903 /* Cipher 30 */
904 	{
905 	0,
906 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
907 	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
908 	SSL_kDHd,
909 	SSL_aDH,
910 	SSL_AES128,
911 	SSL_SHA1,
912 	SSL_TLSV1,
913 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
914 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
915 	128,
916 	128,
917 	},
918 /* Cipher 31 */
919 	{
920 	0,
921 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
922 	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
923 	SSL_kDHr,
924 	SSL_aDH,
925 	SSL_AES128,
926 	SSL_SHA1,
927 	SSL_TLSV1,
928 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
929 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
930 	128,
931 	128,
932 	},
933 /* Cipher 32 */
934 	{
935 	1,
936 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
937 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
938 	SSL_kEDH,
939 	SSL_aDSS,
940 	SSL_AES128,
941 	SSL_SHA1,
942 	SSL_TLSV1,
943 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
944 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
945 	128,
946 	128,
947 	},
948 /* Cipher 33 */
949 	{
950 	1,
951 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
952 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
953 	SSL_kEDH,
954 	SSL_aRSA,
955 	SSL_AES128,
956 	SSL_SHA1,
957 	SSL_TLSV1,
958 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
959 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
960 	128,
961 	128,
962 	},
963 /* Cipher 34 */
964 	{
965 	1,
966 	TLS1_TXT_ADH_WITH_AES_128_SHA,
967 	TLS1_CK_ADH_WITH_AES_128_SHA,
968 	SSL_kEDH,
969 	SSL_aNULL,
970 	SSL_AES128,
971 	SSL_SHA1,
972 	SSL_TLSV1,
973 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
974 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
975 	128,
976 	128,
977 	},
978 
979 /* Cipher 35 */
980 	{
981 	1,
982 	TLS1_TXT_RSA_WITH_AES_256_SHA,
983 	TLS1_CK_RSA_WITH_AES_256_SHA,
984 	SSL_kRSA,
985 	SSL_aRSA,
986 	SSL_AES256,
987 	SSL_SHA1,
988 	SSL_TLSV1,
989 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
990 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
991 	256,
992 	256,
993 	},
994 /* Cipher 36 */
995 	{
996 	0,
997 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
998 	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
999 	SSL_kDHd,
1000 	SSL_aDH,
1001 	SSL_AES256,
1002 	SSL_SHA1,
1003 	SSL_TLSV1,
1004 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1005 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1006 	256,
1007 	256,
1008 	},
1009 
1010 /* Cipher 37 */
1011 	{
1012 	0, /* not implemented (non-ephemeral DH) */
1013 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1014 	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1015 	SSL_kDHr,
1016 	SSL_aDH,
1017 	SSL_AES256,
1018 	SSL_SHA1,
1019 	SSL_TLSV1,
1020 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1021 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1022 	256,
1023 	256,
1024 	},
1025 
1026 /* Cipher 38 */
1027 	{
1028 	1,
1029 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1030 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1031 	SSL_kEDH,
1032 	SSL_aDSS,
1033 	SSL_AES256,
1034 	SSL_SHA1,
1035 	SSL_TLSV1,
1036 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1037 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1038 	256,
1039 	256,
1040 	},
1041 
1042 /* Cipher 39 */
1043 	{
1044 	1,
1045 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1046 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1047 	SSL_kEDH,
1048 	SSL_aRSA,
1049 	SSL_AES256,
1050 	SSL_SHA1,
1051 	SSL_TLSV1,
1052 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1053 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1054 	256,
1055 	256,
1056 	},
1057 
1058 	/* Cipher 3A */
1059 	{
1060 	1,
1061 	TLS1_TXT_ADH_WITH_AES_256_SHA,
1062 	TLS1_CK_ADH_WITH_AES_256_SHA,
1063 	SSL_kEDH,
1064 	SSL_aNULL,
1065 	SSL_AES256,
1066 	SSL_SHA1,
1067 	SSL_TLSV1,
1068 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1069 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1070 	256,
1071 	256,
1072 	},
1073 
1074 	/* TLS v1.2 ciphersuites */
1075 	/* Cipher 3B */
1076 	{
1077 	1,
1078 	TLS1_TXT_RSA_WITH_NULL_SHA256,
1079 	TLS1_CK_RSA_WITH_NULL_SHA256,
1080 	SSL_kRSA,
1081 	SSL_aRSA,
1082 	SSL_eNULL,
1083 	SSL_SHA256,
1084 	SSL_TLSV1_2,
1085 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1086 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1087 	0,
1088 	0,
1089 	},
1090 
1091 	/* Cipher 3C */
1092 	{
1093 	1,
1094 	TLS1_TXT_RSA_WITH_AES_128_SHA256,
1095 	TLS1_CK_RSA_WITH_AES_128_SHA256,
1096 	SSL_kRSA,
1097 	SSL_aRSA,
1098 	SSL_AES128,
1099 	SSL_SHA256,
1100 	SSL_TLSV1_2,
1101 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1102 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1103 	128,
1104 	128,
1105 	},
1106 
1107 	/* Cipher 3D */
1108 	{
1109 	1,
1110 	TLS1_TXT_RSA_WITH_AES_256_SHA256,
1111 	TLS1_CK_RSA_WITH_AES_256_SHA256,
1112 	SSL_kRSA,
1113 	SSL_aRSA,
1114 	SSL_AES256,
1115 	SSL_SHA256,
1116 	SSL_TLSV1_2,
1117 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1118 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1119 	256,
1120 	256,
1121 	},
1122 
1123 	/* Cipher 3E */
1124 	{
1125 	0, /* not implemented (non-ephemeral DH) */
1126 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1127 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1128 	SSL_kDHd,
1129 	SSL_aDH,
1130 	SSL_AES128,
1131 	SSL_SHA256,
1132 	SSL_TLSV1_2,
1133 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1134 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1135 	128,
1136 	128,
1137 	},
1138 
1139 	/* Cipher 3F */
1140 	{
1141 	0, /* not implemented (non-ephemeral DH) */
1142 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1143 	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1144 	SSL_kDHr,
1145 	SSL_aDH,
1146 	SSL_AES128,
1147 	SSL_SHA256,
1148 	SSL_TLSV1_2,
1149 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1150 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1151 	128,
1152 	128,
1153 	},
1154 
1155 	/* Cipher 40 */
1156 	{
1157 	1,
1158 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1159 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1160 	SSL_kEDH,
1161 	SSL_aDSS,
1162 	SSL_AES128,
1163 	SSL_SHA256,
1164 	SSL_TLSV1_2,
1165 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1166 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1167 	128,
1168 	128,
1169 	},
1170 
1171 #ifndef OPENSSL_NO_CAMELLIA
1172 	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
1173 
1174 	/* Cipher 41 */
1175 	{
1176 	1,
1177 	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1178 	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1179 	SSL_kRSA,
1180 	SSL_aRSA,
1181 	SSL_CAMELLIA128,
1182 	SSL_SHA1,
1183 	SSL_TLSV1,
1184 	SSL_NOT_EXP|SSL_HIGH,
1185 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1186 	128,
1187 	128,
1188 	},
1189 
1190 	/* Cipher 42 */
1191 	{
1192 	0, /* not implemented (non-ephemeral DH) */
1193 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1194 	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1195 	SSL_kDHd,
1196 	SSL_aDH,
1197 	SSL_CAMELLIA128,
1198 	SSL_SHA1,
1199 	SSL_TLSV1,
1200 	SSL_NOT_EXP|SSL_HIGH,
1201 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1202 	128,
1203 	128,
1204 	},
1205 
1206 	/* Cipher 43 */
1207 	{
1208 	0, /* not implemented (non-ephemeral DH) */
1209 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1210 	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1211 	SSL_kDHr,
1212 	SSL_aDH,
1213 	SSL_CAMELLIA128,
1214 	SSL_SHA1,
1215 	SSL_TLSV1,
1216 	SSL_NOT_EXP|SSL_HIGH,
1217 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1218 	128,
1219 	128,
1220 	},
1221 
1222 	/* Cipher 44 */
1223 	{
1224 	1,
1225 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1226 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1227 	SSL_kEDH,
1228 	SSL_aDSS,
1229 	SSL_CAMELLIA128,
1230 	SSL_SHA1,
1231 	SSL_TLSV1,
1232 	SSL_NOT_EXP|SSL_HIGH,
1233 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1234 	128,
1235 	128,
1236 	},
1237 
1238 	/* Cipher 45 */
1239 	{
1240 	1,
1241 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1242 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1243 	SSL_kEDH,
1244 	SSL_aRSA,
1245 	SSL_CAMELLIA128,
1246 	SSL_SHA1,
1247 	SSL_TLSV1,
1248 	SSL_NOT_EXP|SSL_HIGH,
1249 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1250 	128,
1251 	128,
1252 	},
1253 
1254 	/* Cipher 46 */
1255 	{
1256 	1,
1257 	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1258 	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1259 	SSL_kEDH,
1260 	SSL_aNULL,
1261 	SSL_CAMELLIA128,
1262 	SSL_SHA1,
1263 	SSL_TLSV1,
1264 	SSL_NOT_EXP|SSL_HIGH,
1265 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1266 	128,
1267 	128,
1268 	},
1269 #endif /* OPENSSL_NO_CAMELLIA */
1270 
1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1272 	/* New TLS Export CipherSuites from expired ID */
1273 #if 0
1274 	/* Cipher 60 */
1275 	{
1276 	1,
1277 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1278 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1279 	SSL_kRSA,
1280 	SSL_aRSA,
1281 	SSL_RC4,
1282 	SSL_MD5,
1283 	SSL_TLSV1,
1284 	SSL_EXPORT|SSL_EXP56,
1285 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1286 	56,
1287 	128,
1288 	},
1289 
1290 	/* Cipher 61 */
1291 	{
1292 	1,
1293 	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1294 	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1295 	SSL_kRSA,
1296 	SSL_aRSA,
1297 	SSL_RC2,
1298 	SSL_MD5,
1299 	SSL_TLSV1,
1300 	SSL_EXPORT|SSL_EXP56,
1301 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1302 	56,
1303 	128,
1304 	},
1305 #endif
1306 
1307 	/* Cipher 62 */
1308 	{
1309 	1,
1310 	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1311 	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1312 	SSL_kRSA,
1313 	SSL_aRSA,
1314 	SSL_DES,
1315 	SSL_SHA1,
1316 	SSL_TLSV1,
1317 	SSL_EXPORT|SSL_EXP56,
1318 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1319 	56,
1320 	56,
1321 	},
1322 
1323 	/* Cipher 63 */
1324 	{
1325 	1,
1326 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1327 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1328 	SSL_kEDH,
1329 	SSL_aDSS,
1330 	SSL_DES,
1331 	SSL_SHA1,
1332 	SSL_TLSV1,
1333 	SSL_EXPORT|SSL_EXP56,
1334 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1335 	56,
1336 	56,
1337 	},
1338 
1339 	/* Cipher 64 */
1340 	{
1341 	1,
1342 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1343 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1344 	SSL_kRSA,
1345 	SSL_aRSA,
1346 	SSL_RC4,
1347 	SSL_SHA1,
1348 	SSL_TLSV1,
1349 	SSL_EXPORT|SSL_EXP56,
1350 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1351 	56,
1352 	128,
1353 	},
1354 
1355 	/* Cipher 65 */
1356 	{
1357 	1,
1358 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1359 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1360 	SSL_kEDH,
1361 	SSL_aDSS,
1362 	SSL_RC4,
1363 	SSL_SHA1,
1364 	SSL_TLSV1,
1365 	SSL_EXPORT|SSL_EXP56,
1366 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1367 	56,
1368 	128,
1369 	},
1370 
1371 	/* Cipher 66 */
1372 	{
1373 	1,
1374 	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1375 	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1376 	SSL_kEDH,
1377 	SSL_aDSS,
1378 	SSL_RC4,
1379 	SSL_SHA1,
1380 	SSL_TLSV1,
1381 	SSL_NOT_EXP|SSL_MEDIUM,
1382 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1383 	128,
1384 	128,
1385 	},
1386 #endif
1387 
1388 	/* TLS v1.2 ciphersuites */
1389 	/* Cipher 67 */
1390 	{
1391 	1,
1392 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1393 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1394 	SSL_kEDH,
1395 	SSL_aRSA,
1396 	SSL_AES128,
1397 	SSL_SHA256,
1398 	SSL_TLSV1_2,
1399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1401 	128,
1402 	128,
1403 	},
1404 
1405 	/* Cipher 68 */
1406 	{
1407 	0, /* not implemented (non-ephemeral DH) */
1408 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1409 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1410 	SSL_kDHd,
1411 	SSL_aDH,
1412 	SSL_AES256,
1413 	SSL_SHA256,
1414 	SSL_TLSV1_2,
1415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1417 	256,
1418 	256,
1419 	},
1420 
1421 	/* Cipher 69 */
1422 	{
1423 	0, /* not implemented (non-ephemeral DH) */
1424 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1425 	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1426 	SSL_kDHr,
1427 	SSL_aDH,
1428 	SSL_AES256,
1429 	SSL_SHA256,
1430 	SSL_TLSV1_2,
1431 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1432 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1433 	256,
1434 	256,
1435 	},
1436 
1437 	/* Cipher 6A */
1438 	{
1439 	1,
1440 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1441 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1442 	SSL_kEDH,
1443 	SSL_aDSS,
1444 	SSL_AES256,
1445 	SSL_SHA256,
1446 	SSL_TLSV1_2,
1447 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1448 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1449 	256,
1450 	256,
1451 	},
1452 
1453 	/* Cipher 6B */
1454 	{
1455 	1,
1456 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1457 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1458 	SSL_kEDH,
1459 	SSL_aRSA,
1460 	SSL_AES256,
1461 	SSL_SHA256,
1462 	SSL_TLSV1_2,
1463 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1464 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1465 	256,
1466 	256,
1467 	},
1468 
1469 	/* Cipher 6C */
1470 	{
1471 	1,
1472 	TLS1_TXT_ADH_WITH_AES_128_SHA256,
1473 	TLS1_CK_ADH_WITH_AES_128_SHA256,
1474 	SSL_kEDH,
1475 	SSL_aNULL,
1476 	SSL_AES128,
1477 	SSL_SHA256,
1478 	SSL_TLSV1_2,
1479 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1480 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1481 	128,
1482 	128,
1483 	},
1484 
1485 	/* Cipher 6D */
1486 	{
1487 	1,
1488 	TLS1_TXT_ADH_WITH_AES_256_SHA256,
1489 	TLS1_CK_ADH_WITH_AES_256_SHA256,
1490 	SSL_kEDH,
1491 	SSL_aNULL,
1492 	SSL_AES256,
1493 	SSL_SHA256,
1494 	SSL_TLSV1_2,
1495 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1496 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1497 	256,
1498 	256,
1499 	},
1500 
1501 	/* GOST Ciphersuites */
1502 
1503 	{
1504 	1,
1505 	"GOST94-GOST89-GOST89",
1506 	0x3000080,
1507 	SSL_kGOST,
1508 	SSL_aGOST94,
1509 	SSL_eGOST2814789CNT,
1510 	SSL_GOST89MAC,
1511 	SSL_TLSV1,
1512 	SSL_NOT_EXP|SSL_HIGH,
1513 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1514 	256,
1515 	256
1516 	},
1517 	{
1518 	1,
1519 	"GOST2001-GOST89-GOST89",
1520 	0x3000081,
1521 	SSL_kGOST,
1522 	SSL_aGOST01,
1523 	SSL_eGOST2814789CNT,
1524 	SSL_GOST89MAC,
1525 	SSL_TLSV1,
1526 	SSL_NOT_EXP|SSL_HIGH,
1527 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1528 	256,
1529 	256
1530 	},
1531 	{
1532 	1,
1533 	"GOST94-NULL-GOST94",
1534 	0x3000082,
1535 	SSL_kGOST,
1536 	SSL_aGOST94,
1537 	SSL_eNULL,
1538 	SSL_GOST94,
1539 	SSL_TLSV1,
1540 	SSL_NOT_EXP|SSL_STRONG_NONE,
1541 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1542 	0,
1543 	0
1544 	},
1545 	{
1546 	1,
1547 	"GOST2001-NULL-GOST94",
1548 	0x3000083,
1549 	SSL_kGOST,
1550 	SSL_aGOST01,
1551 	SSL_eNULL,
1552 	SSL_GOST94,
1553 	SSL_TLSV1,
1554 	SSL_NOT_EXP|SSL_STRONG_NONE,
1555 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1556 	0,
1557 	0
1558 	},
1559 
1560 #ifndef OPENSSL_NO_CAMELLIA
1561 	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
1562 
1563 	/* Cipher 84 */
1564 	{
1565 	1,
1566 	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1567 	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1568 	SSL_kRSA,
1569 	SSL_aRSA,
1570 	SSL_CAMELLIA256,
1571 	SSL_SHA1,
1572 	SSL_TLSV1,
1573 	SSL_NOT_EXP|SSL_HIGH,
1574 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1575 	256,
1576 	256,
1577 	},
1578 	/* Cipher 85 */
1579 	{
1580 	0, /* not implemented (non-ephemeral DH) */
1581 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1582 	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1583 	SSL_kDHd,
1584 	SSL_aDH,
1585 	SSL_CAMELLIA256,
1586 	SSL_SHA1,
1587 	SSL_TLSV1,
1588 	SSL_NOT_EXP|SSL_HIGH,
1589 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1590 	256,
1591 	256,
1592 	},
1593 
1594 	/* Cipher 86 */
1595 	{
1596 	0, /* not implemented (non-ephemeral DH) */
1597 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1598 	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1599 	SSL_kDHr,
1600 	SSL_aDH,
1601 	SSL_CAMELLIA256,
1602 	SSL_SHA1,
1603 	SSL_TLSV1,
1604 	SSL_NOT_EXP|SSL_HIGH,
1605 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1606 	256,
1607 	256,
1608 	},
1609 
1610 	/* Cipher 87 */
1611 	{
1612 	1,
1613 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1614 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1615 	SSL_kEDH,
1616 	SSL_aDSS,
1617 	SSL_CAMELLIA256,
1618 	SSL_SHA1,
1619 	SSL_TLSV1,
1620 	SSL_NOT_EXP|SSL_HIGH,
1621 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1622 	256,
1623 	256,
1624 	},
1625 
1626 	/* Cipher 88 */
1627 	{
1628 	1,
1629 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1630 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1631 	SSL_kEDH,
1632 	SSL_aRSA,
1633 	SSL_CAMELLIA256,
1634 	SSL_SHA1,
1635 	SSL_TLSV1,
1636 	SSL_NOT_EXP|SSL_HIGH,
1637 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1638 	256,
1639 	256,
1640 	},
1641 
1642 	/* Cipher 89 */
1643 	{
1644 	1,
1645 	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1646 	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1647 	SSL_kEDH,
1648 	SSL_aNULL,
1649 	SSL_CAMELLIA256,
1650 	SSL_SHA1,
1651 	SSL_TLSV1,
1652 	SSL_NOT_EXP|SSL_HIGH,
1653 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1654 	256,
1655 	256,
1656 	},
1657 #endif /* OPENSSL_NO_CAMELLIA */
1658 
1659 #ifndef OPENSSL_NO_PSK
1660 	/* Cipher 8A */
1661 	{
1662 	1,
1663 	TLS1_TXT_PSK_WITH_RC4_128_SHA,
1664 	TLS1_CK_PSK_WITH_RC4_128_SHA,
1665 	SSL_kPSK,
1666 	SSL_aPSK,
1667 	SSL_RC4,
1668 	SSL_SHA1,
1669 	SSL_TLSV1,
1670 	SSL_NOT_EXP|SSL_MEDIUM,
1671 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1672 	128,
1673 	128,
1674 	},
1675 
1676 	/* Cipher 8B */
1677 	{
1678 	1,
1679 	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1680 	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1681 	SSL_kPSK,
1682 	SSL_aPSK,
1683 	SSL_3DES,
1684 	SSL_SHA1,
1685 	SSL_TLSV1,
1686 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1687 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1688 	112,
1689 	168,
1690 	},
1691 
1692 	/* Cipher 8C */
1693 	{
1694 	1,
1695 	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1696 	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1697 	SSL_kPSK,
1698 	SSL_aPSK,
1699 	SSL_AES128,
1700 	SSL_SHA1,
1701 	SSL_TLSV1,
1702 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1703 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1704 	128,
1705 	128,
1706 	},
1707 
1708 	/* Cipher 8D */
1709 	{
1710 	1,
1711 	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1712 	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1713 	SSL_kPSK,
1714 	SSL_aPSK,
1715 	SSL_AES256,
1716 	SSL_SHA1,
1717 	SSL_TLSV1,
1718 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1719 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1720 	256,
1721 	256,
1722 	},
1723 #endif  /* OPENSSL_NO_PSK */
1724 
1725 #ifndef OPENSSL_NO_SEED
1726 	/* SEED ciphersuites from RFC4162 */
1727 
1728 	/* Cipher 96 */
1729 	{
1730 	1,
1731 	TLS1_TXT_RSA_WITH_SEED_SHA,
1732 	TLS1_CK_RSA_WITH_SEED_SHA,
1733 	SSL_kRSA,
1734 	SSL_aRSA,
1735 	SSL_SEED,
1736 	SSL_SHA1,
1737 	SSL_TLSV1,
1738 	SSL_NOT_EXP|SSL_MEDIUM,
1739 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1740 	128,
1741 	128,
1742 	},
1743 
1744 	/* Cipher 97 */
1745 	{
1746 	0, /* not implemented (non-ephemeral DH) */
1747 	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1748 	TLS1_CK_DH_DSS_WITH_SEED_SHA,
1749 	SSL_kDHd,
1750 	SSL_aDH,
1751 	SSL_SEED,
1752 	SSL_SHA1,
1753 	SSL_TLSV1,
1754 	SSL_NOT_EXP|SSL_MEDIUM,
1755 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1756 	128,
1757 	128,
1758 	},
1759 
1760 	/* Cipher 98 */
1761 	{
1762 	0, /* not implemented (non-ephemeral DH) */
1763 	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1764 	TLS1_CK_DH_RSA_WITH_SEED_SHA,
1765 	SSL_kDHr,
1766 	SSL_aDH,
1767 	SSL_SEED,
1768 	SSL_SHA1,
1769 	SSL_TLSV1,
1770 	SSL_NOT_EXP|SSL_MEDIUM,
1771 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1772 	128,
1773 	128,
1774 	},
1775 
1776 	/* Cipher 99 */
1777 	{
1778 	1,
1779 	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1780 	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1781 	SSL_kEDH,
1782 	SSL_aDSS,
1783 	SSL_SEED,
1784 	SSL_SHA1,
1785 	SSL_TLSV1,
1786 	SSL_NOT_EXP|SSL_MEDIUM,
1787 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1788 	128,
1789 	128,
1790 	},
1791 
1792 	/* Cipher 9A */
1793 	{
1794 	1,
1795 	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1796 	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1797 	SSL_kEDH,
1798 	SSL_aRSA,
1799 	SSL_SEED,
1800 	SSL_SHA1,
1801 	SSL_TLSV1,
1802 	SSL_NOT_EXP|SSL_MEDIUM,
1803 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1804 	128,
1805 	128,
1806 	},
1807 
1808 	/* Cipher 9B */
1809 	{
1810 	1,
1811 	TLS1_TXT_ADH_WITH_SEED_SHA,
1812 	TLS1_CK_ADH_WITH_SEED_SHA,
1813 	SSL_kEDH,
1814 	SSL_aNULL,
1815 	SSL_SEED,
1816 	SSL_SHA1,
1817 	SSL_TLSV1,
1818 	SSL_NOT_EXP|SSL_MEDIUM,
1819 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1820 	128,
1821 	128,
1822 	},
1823 
1824 #endif /* OPENSSL_NO_SEED */
1825 
1826 	/* GCM ciphersuites from RFC5288 */
1827 
1828 	/* Cipher 9C */
1829 	{
1830 	1,
1831 	TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1832 	TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1833 	SSL_kRSA,
1834 	SSL_aRSA,
1835 	SSL_AES128GCM,
1836 	SSL_AEAD,
1837 	SSL_TLSV1_2,
1838 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1840 	128,
1841 	128,
1842 	},
1843 
1844 	/* Cipher 9D */
1845 	{
1846 	1,
1847 	TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1848 	TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1849 	SSL_kRSA,
1850 	SSL_aRSA,
1851 	SSL_AES256GCM,
1852 	SSL_AEAD,
1853 	SSL_TLSV1_2,
1854 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1855 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1856 	256,
1857 	256,
1858 	},
1859 
1860 	/* Cipher 9E */
1861 	{
1862 	1,
1863 	TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1864 	TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1865 	SSL_kEDH,
1866 	SSL_aRSA,
1867 	SSL_AES128GCM,
1868 	SSL_AEAD,
1869 	SSL_TLSV1_2,
1870 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1871 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1872 	128,
1873 	128,
1874 	},
1875 
1876 	/* Cipher 9F */
1877 	{
1878 	1,
1879 	TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1880 	TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1881 	SSL_kEDH,
1882 	SSL_aRSA,
1883 	SSL_AES256GCM,
1884 	SSL_AEAD,
1885 	SSL_TLSV1_2,
1886 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1887 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1888 	256,
1889 	256,
1890 	},
1891 
1892 	/* Cipher A0 */
1893 	{
1894 	0,
1895 	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1896 	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1897 	SSL_kDHr,
1898 	SSL_aDH,
1899 	SSL_AES128GCM,
1900 	SSL_AEAD,
1901 	SSL_TLSV1_2,
1902 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1904 	128,
1905 	128,
1906 	},
1907 
1908 	/* Cipher A1 */
1909 	{
1910 	0,
1911 	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1912 	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1913 	SSL_kDHr,
1914 	SSL_aDH,
1915 	SSL_AES256GCM,
1916 	SSL_AEAD,
1917 	SSL_TLSV1_2,
1918 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1919 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1920 	256,
1921 	256,
1922 	},
1923 
1924 	/* Cipher A2 */
1925 	{
1926 	1,
1927 	TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1928 	TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1929 	SSL_kEDH,
1930 	SSL_aDSS,
1931 	SSL_AES128GCM,
1932 	SSL_AEAD,
1933 	SSL_TLSV1_2,
1934 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1935 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1936 	128,
1937 	128,
1938 	},
1939 
1940 	/* Cipher A3 */
1941 	{
1942 	1,
1943 	TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1944 	TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1945 	SSL_kEDH,
1946 	SSL_aDSS,
1947 	SSL_AES256GCM,
1948 	SSL_AEAD,
1949 	SSL_TLSV1_2,
1950 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1951 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1952 	256,
1953 	256,
1954 	},
1955 
1956 	/* Cipher A4 */
1957 	{
1958 	0,
1959 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1960 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1961 	SSL_kDHd,
1962 	SSL_aDH,
1963 	SSL_AES128GCM,
1964 	SSL_AEAD,
1965 	SSL_TLSV1_2,
1966 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1967 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1968 	128,
1969 	128,
1970 	},
1971 
1972 	/* Cipher A5 */
1973 	{
1974 	0,
1975 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1976 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1977 	SSL_kDHd,
1978 	SSL_aDH,
1979 	SSL_AES256GCM,
1980 	SSL_AEAD,
1981 	SSL_TLSV1_2,
1982 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1983 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1984 	256,
1985 	256,
1986 	},
1987 
1988 	/* Cipher A6 */
1989 	{
1990 	1,
1991 	TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1992 	TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1993 	SSL_kEDH,
1994 	SSL_aNULL,
1995 	SSL_AES128GCM,
1996 	SSL_AEAD,
1997 	SSL_TLSV1_2,
1998 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1999 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2000 	128,
2001 	128,
2002 	},
2003 
2004 	/* Cipher A7 */
2005 	{
2006 	1,
2007 	TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2008 	TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2009 	SSL_kEDH,
2010 	SSL_aNULL,
2011 	SSL_AES256GCM,
2012 	SSL_AEAD,
2013 	SSL_TLSV1_2,
2014 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2015 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2016 	256,
2017 	256,
2018 	},
2019 
2020 #ifndef OPENSSL_NO_ECDH
2021 	/* Cipher C001 */
2022 	{
2023 	1,
2024 	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2025 	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2026 	SSL_kECDHe,
2027 	SSL_aECDH,
2028 	SSL_eNULL,
2029 	SSL_SHA1,
2030 	SSL_TLSV1,
2031 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2032 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2033 	0,
2034 	0,
2035 	},
2036 
2037 	/* Cipher C002 */
2038 	{
2039 	1,
2040 	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2041 	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2042 	SSL_kECDHe,
2043 	SSL_aECDH,
2044 	SSL_RC4,
2045 	SSL_SHA1,
2046 	SSL_TLSV1,
2047 	SSL_NOT_EXP|SSL_MEDIUM,
2048 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2049 	128,
2050 	128,
2051 	},
2052 
2053 	/* Cipher C003 */
2054 	{
2055 	1,
2056 	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2057 	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2058 	SSL_kECDHe,
2059 	SSL_aECDH,
2060 	SSL_3DES,
2061 	SSL_SHA1,
2062 	SSL_TLSV1,
2063 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2064 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2065 	112,
2066 	168,
2067 	},
2068 
2069 	/* Cipher C004 */
2070 	{
2071 	1,
2072 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2073 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2074 	SSL_kECDHe,
2075 	SSL_aECDH,
2076 	SSL_AES128,
2077 	SSL_SHA1,
2078 	SSL_TLSV1,
2079 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2080 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2081 	128,
2082 	128,
2083 	},
2084 
2085 	/* Cipher C005 */
2086 	{
2087 	1,
2088 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2089 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2090 	SSL_kECDHe,
2091 	SSL_aECDH,
2092 	SSL_AES256,
2093 	SSL_SHA1,
2094 	SSL_TLSV1,
2095 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2096 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2097 	256,
2098 	256,
2099 	},
2100 
2101 	/* Cipher C006 */
2102 	{
2103 	1,
2104 	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2105 	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2106 	SSL_kEECDH,
2107 	SSL_aECDSA,
2108 	SSL_eNULL,
2109 	SSL_SHA1,
2110 	SSL_TLSV1,
2111 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2112 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2113 	0,
2114 	0,
2115 	},
2116 
2117 	/* Cipher C007 */
2118 	{
2119 	1,
2120 	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2121 	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2122 	SSL_kEECDH,
2123 	SSL_aECDSA,
2124 	SSL_RC4,
2125 	SSL_SHA1,
2126 	SSL_TLSV1,
2127 	SSL_NOT_EXP|SSL_MEDIUM,
2128 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2129 	128,
2130 	128,
2131 	},
2132 
2133 	/* Cipher C008 */
2134 	{
2135 	1,
2136 	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2137 	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2138 	SSL_kEECDH,
2139 	SSL_aECDSA,
2140 	SSL_3DES,
2141 	SSL_SHA1,
2142 	SSL_TLSV1,
2143 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2144 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2145 	112,
2146 	168,
2147 	},
2148 
2149 	/* Cipher C009 */
2150 	{
2151 	1,
2152 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2153 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2154 	SSL_kEECDH,
2155 	SSL_aECDSA,
2156 	SSL_AES128,
2157 	SSL_SHA1,
2158 	SSL_TLSV1,
2159 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2160 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2161 	128,
2162 	128,
2163 	},
2164 
2165 	/* Cipher C00A */
2166 	{
2167 	1,
2168 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2169 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2170 	SSL_kEECDH,
2171 	SSL_aECDSA,
2172 	SSL_AES256,
2173 	SSL_SHA1,
2174 	SSL_TLSV1,
2175 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2176 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2177 	256,
2178 	256,
2179 	},
2180 
2181 	/* Cipher C00B */
2182 	{
2183 	1,
2184 	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2185 	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2186 	SSL_kECDHr,
2187 	SSL_aECDH,
2188 	SSL_eNULL,
2189 	SSL_SHA1,
2190 	SSL_TLSV1,
2191 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2192 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2193 	0,
2194 	0,
2195 	},
2196 
2197 	/* Cipher C00C */
2198 	{
2199 	1,
2200 	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2201 	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2202 	SSL_kECDHr,
2203 	SSL_aECDH,
2204 	SSL_RC4,
2205 	SSL_SHA1,
2206 	SSL_TLSV1,
2207 	SSL_NOT_EXP|SSL_MEDIUM,
2208 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2209 	128,
2210 	128,
2211 	},
2212 
2213 	/* Cipher C00D */
2214 	{
2215 	1,
2216 	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2217 	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2218 	SSL_kECDHr,
2219 	SSL_aECDH,
2220 	SSL_3DES,
2221 	SSL_SHA1,
2222 	SSL_TLSV1,
2223 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2224 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2225 	112,
2226 	168,
2227 	},
2228 
2229 	/* Cipher C00E */
2230 	{
2231 	1,
2232 	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2233 	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2234 	SSL_kECDHr,
2235 	SSL_aECDH,
2236 	SSL_AES128,
2237 	SSL_SHA1,
2238 	SSL_TLSV1,
2239 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2240 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2241 	128,
2242 	128,
2243 	},
2244 
2245 	/* Cipher C00F */
2246 	{
2247 	1,
2248 	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2249 	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2250 	SSL_kECDHr,
2251 	SSL_aECDH,
2252 	SSL_AES256,
2253 	SSL_SHA1,
2254 	SSL_TLSV1,
2255 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2256 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2257 	256,
2258 	256,
2259 	},
2260 
2261 	/* Cipher C010 */
2262 	{
2263 	1,
2264 	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2265 	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2266 	SSL_kEECDH,
2267 	SSL_aRSA,
2268 	SSL_eNULL,
2269 	SSL_SHA1,
2270 	SSL_TLSV1,
2271 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2272 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2273 	0,
2274 	0,
2275 	},
2276 
2277 	/* Cipher C011 */
2278 	{
2279 	1,
2280 	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2281 	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2282 	SSL_kEECDH,
2283 	SSL_aRSA,
2284 	SSL_RC4,
2285 	SSL_SHA1,
2286 	SSL_TLSV1,
2287 	SSL_NOT_EXP|SSL_MEDIUM,
2288 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2289 	128,
2290 	128,
2291 	},
2292 
2293 	/* Cipher C012 */
2294 	{
2295 	1,
2296 	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2297 	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2298 	SSL_kEECDH,
2299 	SSL_aRSA,
2300 	SSL_3DES,
2301 	SSL_SHA1,
2302 	SSL_TLSV1,
2303 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2304 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2305 	112,
2306 	168,
2307 	},
2308 
2309 	/* Cipher C013 */
2310 	{
2311 	1,
2312 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2313 	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2314 	SSL_kEECDH,
2315 	SSL_aRSA,
2316 	SSL_AES128,
2317 	SSL_SHA1,
2318 	SSL_TLSV1,
2319 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2320 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2321 	128,
2322 	128,
2323 	},
2324 
2325 	/* Cipher C014 */
2326 	{
2327 	1,
2328 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2329 	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2330 	SSL_kEECDH,
2331 	SSL_aRSA,
2332 	SSL_AES256,
2333 	SSL_SHA1,
2334 	SSL_TLSV1,
2335 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2336 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2337 	256,
2338 	256,
2339 	},
2340 
2341 	/* Cipher C015 */
2342 	{
2343 	1,
2344 	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2345 	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2346 	SSL_kEECDH,
2347 	SSL_aNULL,
2348 	SSL_eNULL,
2349 	SSL_SHA1,
2350 	SSL_TLSV1,
2351 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2352 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2353 	0,
2354 	0,
2355 	},
2356 
2357 	/* Cipher C016 */
2358 	{
2359 	1,
2360 	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2361 	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2362 	SSL_kEECDH,
2363 	SSL_aNULL,
2364 	SSL_RC4,
2365 	SSL_SHA1,
2366 	SSL_TLSV1,
2367 	SSL_NOT_EXP|SSL_MEDIUM,
2368 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2369 	128,
2370 	128,
2371 	},
2372 
2373 	/* Cipher C017 */
2374 	{
2375 	1,
2376 	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2377 	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2378 	SSL_kEECDH,
2379 	SSL_aNULL,
2380 	SSL_3DES,
2381 	SSL_SHA1,
2382 	SSL_TLSV1,
2383 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2384 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2385 	112,
2386 	168,
2387 	},
2388 
2389 	/* Cipher C018 */
2390 	{
2391 	1,
2392 	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2393 	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2394 	SSL_kEECDH,
2395 	SSL_aNULL,
2396 	SSL_AES128,
2397 	SSL_SHA1,
2398 	SSL_TLSV1,
2399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2401 	128,
2402 	128,
2403 	},
2404 
2405 	/* Cipher C019 */
2406 	{
2407 	1,
2408 	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2409 	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2410 	SSL_kEECDH,
2411 	SSL_aNULL,
2412 	SSL_AES256,
2413 	SSL_SHA1,
2414 	SSL_TLSV1,
2415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2417 	256,
2418 	256,
2419 	},
2420 #endif	/* OPENSSL_NO_ECDH */
2421 
2422 #ifndef OPENSSL_NO_SRP
2423 	/* Cipher C01A */
2424 	{
2425 	1,
2426 	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2427 	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2428 	SSL_kSRP,
2429 	SSL_aSRP,
2430 	SSL_3DES,
2431 	SSL_SHA1,
2432 	SSL_TLSV1,
2433 	SSL_NOT_EXP|SSL_HIGH,
2434 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2435 	112,
2436 	168,
2437 	},
2438 
2439 	/* Cipher C01B */
2440 	{
2441 	1,
2442 	TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2443 	TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2444 	SSL_kSRP,
2445 	SSL_aRSA,
2446 	SSL_3DES,
2447 	SSL_SHA1,
2448 	SSL_TLSV1,
2449 	SSL_NOT_EXP|SSL_HIGH,
2450 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2451 	112,
2452 	168,
2453 	},
2454 
2455 	/* Cipher C01C */
2456 	{
2457 	1,
2458 	TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2459 	TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2460 	SSL_kSRP,
2461 	SSL_aDSS,
2462 	SSL_3DES,
2463 	SSL_SHA1,
2464 	SSL_TLSV1,
2465 	SSL_NOT_EXP|SSL_HIGH,
2466 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2467 	112,
2468 	168,
2469 	},
2470 
2471 	/* Cipher C01D */
2472 	{
2473 	1,
2474 	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2475 	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2476 	SSL_kSRP,
2477 	SSL_aSRP,
2478 	SSL_AES128,
2479 	SSL_SHA1,
2480 	SSL_TLSV1,
2481 	SSL_NOT_EXP|SSL_HIGH,
2482 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2483 	128,
2484 	128,
2485 	},
2486 
2487 	/* Cipher C01E */
2488 	{
2489 	1,
2490 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2491 	TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2492 	SSL_kSRP,
2493 	SSL_aRSA,
2494 	SSL_AES128,
2495 	SSL_SHA1,
2496 	SSL_TLSV1,
2497 	SSL_NOT_EXP|SSL_HIGH,
2498 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2499 	128,
2500 	128,
2501 	},
2502 
2503 	/* Cipher C01F */
2504 	{
2505 	1,
2506 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2507 	TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2508 	SSL_kSRP,
2509 	SSL_aDSS,
2510 	SSL_AES128,
2511 	SSL_SHA1,
2512 	SSL_TLSV1,
2513 	SSL_NOT_EXP|SSL_HIGH,
2514 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2515 	128,
2516 	128,
2517 	},
2518 
2519 	/* Cipher C020 */
2520 	{
2521 	1,
2522 	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2523 	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2524 	SSL_kSRP,
2525 	SSL_aSRP,
2526 	SSL_AES256,
2527 	SSL_SHA1,
2528 	SSL_TLSV1,
2529 	SSL_NOT_EXP|SSL_HIGH,
2530 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2531 	256,
2532 	256,
2533 	},
2534 
2535 	/* Cipher C021 */
2536 	{
2537 	1,
2538 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2539 	TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2540 	SSL_kSRP,
2541 	SSL_aRSA,
2542 	SSL_AES256,
2543 	SSL_SHA1,
2544 	SSL_TLSV1,
2545 	SSL_NOT_EXP|SSL_HIGH,
2546 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2547 	256,
2548 	256,
2549 	},
2550 
2551 	/* Cipher C022 */
2552 	{
2553 	1,
2554 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2555 	TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2556 	SSL_kSRP,
2557 	SSL_aDSS,
2558 	SSL_AES256,
2559 	SSL_SHA1,
2560 	SSL_TLSV1,
2561 	SSL_NOT_EXP|SSL_HIGH,
2562 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2563 	256,
2564 	256,
2565 	},
2566 #endif  /* OPENSSL_NO_SRP */
2567 #ifndef OPENSSL_NO_ECDH
2568 
2569 	/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2570 
2571 	/* Cipher C023 */
2572 	{
2573 	1,
2574 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2575 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2576 	SSL_kEECDH,
2577 	SSL_aECDSA,
2578 	SSL_AES128,
2579 	SSL_SHA256,
2580 	SSL_TLSV1_2,
2581 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2582 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2583 	128,
2584 	128,
2585 	},
2586 
2587 	/* Cipher C024 */
2588 	{
2589 	1,
2590 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2591 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2592 	SSL_kEECDH,
2593 	SSL_aECDSA,
2594 	SSL_AES256,
2595 	SSL_SHA384,
2596 	SSL_TLSV1_2,
2597 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2598 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2599 	256,
2600 	256,
2601 	},
2602 
2603 	/* Cipher C025 */
2604 	{
2605 	1,
2606 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2607 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2608 	SSL_kECDHe,
2609 	SSL_aECDH,
2610 	SSL_AES128,
2611 	SSL_SHA256,
2612 	SSL_TLSV1_2,
2613 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2614 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2615 	128,
2616 	128,
2617 	},
2618 
2619 	/* Cipher C026 */
2620 	{
2621 	1,
2622 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2623 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2624 	SSL_kECDHe,
2625 	SSL_aECDH,
2626 	SSL_AES256,
2627 	SSL_SHA384,
2628 	SSL_TLSV1_2,
2629 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2630 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2631 	256,
2632 	256,
2633 	},
2634 
2635 	/* Cipher C027 */
2636 	{
2637 	1,
2638 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2639 	TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2640 	SSL_kEECDH,
2641 	SSL_aRSA,
2642 	SSL_AES128,
2643 	SSL_SHA256,
2644 	SSL_TLSV1_2,
2645 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2646 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2647 	128,
2648 	128,
2649 	},
2650 
2651 	/* Cipher C028 */
2652 	{
2653 	1,
2654 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2655 	TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2656 	SSL_kEECDH,
2657 	SSL_aRSA,
2658 	SSL_AES256,
2659 	SSL_SHA384,
2660 	SSL_TLSV1_2,
2661 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2662 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2663 	256,
2664 	256,
2665 	},
2666 
2667 	/* Cipher C029 */
2668 	{
2669 	1,
2670 	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2671 	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2672 	SSL_kECDHr,
2673 	SSL_aECDH,
2674 	SSL_AES128,
2675 	SSL_SHA256,
2676 	SSL_TLSV1_2,
2677 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2678 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2679 	128,
2680 	128,
2681 	},
2682 
2683 	/* Cipher C02A */
2684 	{
2685 	1,
2686 	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2687 	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2688 	SSL_kECDHr,
2689 	SSL_aECDH,
2690 	SSL_AES256,
2691 	SSL_SHA384,
2692 	SSL_TLSV1_2,
2693 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2694 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2695 	256,
2696 	256,
2697 	},
2698 
2699 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
2700 
2701 	/* Cipher C02B */
2702 	{
2703 	1,
2704 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2705 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2706 	SSL_kEECDH,
2707 	SSL_aECDSA,
2708 	SSL_AES128GCM,
2709 	SSL_AEAD,
2710 	SSL_TLSV1_2,
2711 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2712 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2713 	128,
2714 	128,
2715 	},
2716 
2717 	/* Cipher C02C */
2718 	{
2719 	1,
2720 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2721 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2722 	SSL_kEECDH,
2723 	SSL_aECDSA,
2724 	SSL_AES256GCM,
2725 	SSL_AEAD,
2726 	SSL_TLSV1_2,
2727 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2728 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2729 	256,
2730 	256,
2731 	},
2732 
2733 	/* Cipher C02D */
2734 	{
2735 	1,
2736 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2737 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2738 	SSL_kECDHe,
2739 	SSL_aECDH,
2740 	SSL_AES128GCM,
2741 	SSL_AEAD,
2742 	SSL_TLSV1_2,
2743 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2744 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2745 	128,
2746 	128,
2747 	},
2748 
2749 	/* Cipher C02E */
2750 	{
2751 	1,
2752 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2753 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2754 	SSL_kECDHe,
2755 	SSL_aECDH,
2756 	SSL_AES256GCM,
2757 	SSL_AEAD,
2758 	SSL_TLSV1_2,
2759 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2760 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2761 	256,
2762 	256,
2763 	},
2764 
2765 	/* Cipher C02F */
2766 	{
2767 	1,
2768 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2769 	TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2770 	SSL_kEECDH,
2771 	SSL_aRSA,
2772 	SSL_AES128GCM,
2773 	SSL_AEAD,
2774 	SSL_TLSV1_2,
2775 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2776 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2777 	128,
2778 	128,
2779 	},
2780 
2781 	/* Cipher C030 */
2782 	{
2783 	1,
2784 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2785 	TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2786 	SSL_kEECDH,
2787 	SSL_aRSA,
2788 	SSL_AES256GCM,
2789 	SSL_AEAD,
2790 	SSL_TLSV1_2,
2791 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2792 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2793 	256,
2794 	256,
2795 	},
2796 
2797 	/* Cipher C031 */
2798 	{
2799 	1,
2800 	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2801 	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2802 	SSL_kECDHr,
2803 	SSL_aECDH,
2804 	SSL_AES128GCM,
2805 	SSL_AEAD,
2806 	SSL_TLSV1_2,
2807 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2808 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2809 	128,
2810 	128,
2811 	},
2812 
2813 	/* Cipher C032 */
2814 	{
2815 	1,
2816 	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2817 	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2818 	SSL_kECDHr,
2819 	SSL_aECDH,
2820 	SSL_AES256GCM,
2821 	SSL_AEAD,
2822 	SSL_TLSV1_2,
2823 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2824 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2825 	256,
2826 	256,
2827 	},
2828 
2829 #endif /* OPENSSL_NO_ECDH */
2830 
2831 
2832 #ifdef TEMP_GOST_TLS
2833 /* Cipher FF00 */
2834 	{
2835 	1,
2836 	"GOST-MD5",
2837 	0x0300ff00,
2838 	SSL_kRSA,
2839 	SSL_aRSA,
2840 	SSL_eGOST2814789CNT,
2841 	SSL_MD5,
2842 	SSL_TLSV1,
2843 	SSL_NOT_EXP|SSL_HIGH,
2844 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2845 	256,
2846 	256,
2847 	},
2848 	{
2849 	1,
2850 	"GOST-GOST94",
2851 	0x0300ff01,
2852 	SSL_kRSA,
2853 	SSL_aRSA,
2854 	SSL_eGOST2814789CNT,
2855 	SSL_GOST94,
2856 	SSL_TLSV1,
2857 	SSL_NOT_EXP|SSL_HIGH,
2858 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2859 	256,
2860 	256
2861 	},
2862 	{
2863 	1,
2864 	"GOST-GOST89MAC",
2865 	0x0300ff02,
2866 	SSL_kRSA,
2867 	SSL_aRSA,
2868 	SSL_eGOST2814789CNT,
2869 	SSL_GOST89MAC,
2870 	SSL_TLSV1,
2871 	SSL_NOT_EXP|SSL_HIGH,
2872 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2873 	256,
2874 	256
2875 	},
2876 	{
2877 	1,
2878 	"GOST-GOST89STREAM",
2879 	0x0300ff03,
2880 	SSL_kRSA,
2881 	SSL_aRSA,
2882 	SSL_eGOST2814789CNT,
2883 	SSL_GOST89MAC,
2884 	SSL_TLSV1,
2885 	SSL_NOT_EXP|SSL_HIGH,
2886 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2887 	256,
2888 	256
2889 	},
2890 #endif
2891 
2892 /* end of list */
2893 	};
2894 
2895 SSL3_ENC_METHOD SSLv3_enc_data={
2896 	ssl3_enc,
2897 	n_ssl3_mac,
2898 	ssl3_setup_key_block,
2899 	ssl3_generate_master_secret,
2900 	ssl3_change_cipher_state,
2901 	ssl3_final_finish_mac,
2902 	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2903 	ssl3_cert_verify_mac,
2904 	SSL3_MD_CLIENT_FINISHED_CONST,4,
2905 	SSL3_MD_SERVER_FINISHED_CONST,4,
2906 	ssl3_alert_code,
2907 	(int (*)(SSL *, unsigned char *, size_t, const char *,
2908 		 size_t, const unsigned char *, size_t,
2909 		 int use_context))ssl_undefined_function,
2910 	};
2911 
2912 long ssl3_default_timeout(void)
2913 	{
2914 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
2915 	 * is way too long for http, the cache would over fill */
2916 	return(60*60*2);
2917 	}
2918 
2919 int ssl3_num_ciphers(void)
2920 	{
2921 	return(SSL3_NUM_CIPHERS);
2922 	}
2923 
2924 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2925 	{
2926 	if (u < SSL3_NUM_CIPHERS)
2927 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2928 	else
2929 		return(NULL);
2930 	}
2931 
2932 int ssl3_pending(const SSL *s)
2933 	{
2934 	if (s->rstate == SSL_ST_READ_BODY)
2935 		return 0;
2936 
2937 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2938 	}
2939 
2940 int ssl3_new(SSL *s)
2941 	{
2942 	SSL3_STATE *s3;
2943 
2944 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2945 	memset(s3,0,sizeof *s3);
2946 	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
2947 	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
2948 
2949 	s->s3=s3;
2950 
2951 #ifndef OPENSSL_NO_SRP
2952 	SSL_SRP_CTX_init(s);
2953 #endif
2954 	s->method->ssl_clear(s);
2955 	return(1);
2956 err:
2957 	return(0);
2958 	}
2959 
2960 void ssl3_free(SSL *s)
2961 	{
2962 	if(s == NULL)
2963 	    return;
2964 
2965 #ifdef TLSEXT_TYPE_opaque_prf_input
2966 	if (s->s3->client_opaque_prf_input != NULL)
2967 		OPENSSL_free(s->s3->client_opaque_prf_input);
2968 	if (s->s3->server_opaque_prf_input != NULL)
2969 		OPENSSL_free(s->s3->server_opaque_prf_input);
2970 #endif
2971 
2972 	ssl3_cleanup_key_block(s);
2973 	if (s->s3->rbuf.buf != NULL)
2974 		ssl3_release_read_buffer(s);
2975 	if (s->s3->wbuf.buf != NULL)
2976 		ssl3_release_write_buffer(s);
2977 	if (s->s3->rrec.comp != NULL)
2978 		OPENSSL_free(s->s3->rrec.comp);
2979 #ifndef OPENSSL_NO_DH
2980 	if (s->s3->tmp.dh != NULL)
2981 		DH_free(s->s3->tmp.dh);
2982 #endif
2983 #ifndef OPENSSL_NO_ECDH
2984 	if (s->s3->tmp.ecdh != NULL)
2985 		EC_KEY_free(s->s3->tmp.ecdh);
2986 #endif
2987 
2988 	if (s->s3->tmp.ca_names != NULL)
2989 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2990 	if (s->s3->handshake_buffer) {
2991 		BIO_free(s->s3->handshake_buffer);
2992 	}
2993 	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
2994 #ifndef OPENSSL_NO_SRP
2995 	SSL_SRP_CTX_free(s);
2996 #endif
2997 	OPENSSL_cleanse(s->s3,sizeof *s->s3);
2998 	OPENSSL_free(s->s3);
2999 	s->s3=NULL;
3000 	}
3001 
3002 void ssl3_clear(SSL *s)
3003 	{
3004 	unsigned char *rp,*wp;
3005 	size_t rlen, wlen;
3006 	int init_extra;
3007 
3008 #ifdef TLSEXT_TYPE_opaque_prf_input
3009 	if (s->s3->client_opaque_prf_input != NULL)
3010 		OPENSSL_free(s->s3->client_opaque_prf_input);
3011 	s->s3->client_opaque_prf_input = NULL;
3012 	if (s->s3->server_opaque_prf_input != NULL)
3013 		OPENSSL_free(s->s3->server_opaque_prf_input);
3014 	s->s3->server_opaque_prf_input = NULL;
3015 #endif
3016 
3017 	ssl3_cleanup_key_block(s);
3018 	if (s->s3->tmp.ca_names != NULL)
3019 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3020 
3021 	if (s->s3->rrec.comp != NULL)
3022 		{
3023 		OPENSSL_free(s->s3->rrec.comp);
3024 		s->s3->rrec.comp=NULL;
3025 		}
3026 #ifndef OPENSSL_NO_DH
3027 	if (s->s3->tmp.dh != NULL)
3028 		{
3029 		DH_free(s->s3->tmp.dh);
3030 		s->s3->tmp.dh = NULL;
3031 		}
3032 #endif
3033 #ifndef OPENSSL_NO_ECDH
3034 	if (s->s3->tmp.ecdh != NULL)
3035 		{
3036 		EC_KEY_free(s->s3->tmp.ecdh);
3037 		s->s3->tmp.ecdh = NULL;
3038 		}
3039 #endif
3040 #ifndef OPENSSL_NO_TLSEXT
3041 #ifndef OPENSSL_NO_EC
3042 	s->s3->is_probably_safari = 0;
3043 #endif /* !OPENSSL_NO_EC */
3044 #endif /* !OPENSSL_NO_TLSEXT */
3045 
3046 	rp = s->s3->rbuf.buf;
3047 	wp = s->s3->wbuf.buf;
3048 	rlen = s->s3->rbuf.len;
3049  	wlen = s->s3->wbuf.len;
3050 	init_extra = s->s3->init_extra;
3051 	if (s->s3->handshake_buffer) {
3052 		BIO_free(s->s3->handshake_buffer);
3053 		s->s3->handshake_buffer = NULL;
3054 	}
3055 	if (s->s3->handshake_dgst) {
3056 		ssl3_free_digest_list(s);
3057 	}
3058 	memset(s->s3,0,sizeof *s->s3);
3059 	s->s3->rbuf.buf = rp;
3060 	s->s3->wbuf.buf = wp;
3061 	s->s3->rbuf.len = rlen;
3062  	s->s3->wbuf.len = wlen;
3063 	s->s3->init_extra = init_extra;
3064 
3065 	ssl_free_wbio_buffer(s);
3066 
3067 	s->packet_length=0;
3068 	s->s3->renegotiate=0;
3069 	s->s3->total_renegotiations=0;
3070 	s->s3->num_renegotiations=0;
3071 	s->s3->in_read_app_data=0;
3072 	s->version=SSL3_VERSION;
3073 
3074 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3075 	if (s->next_proto_negotiated)
3076 		{
3077 		OPENSSL_free(s->next_proto_negotiated);
3078 		s->next_proto_negotiated = NULL;
3079 		s->next_proto_negotiated_len = 0;
3080 		}
3081 #endif
3082 	}
3083 
3084 #ifndef OPENSSL_NO_SRP
3085 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
3086 	{
3087 	return BUF_strdup(s->srp_ctx.info) ;
3088 	}
3089 #endif
3090 
3091 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3092 	{
3093 	int ret=0;
3094 
3095 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3096 	if (
3097 #ifndef OPENSSL_NO_RSA
3098 	    cmd == SSL_CTRL_SET_TMP_RSA ||
3099 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3100 #endif
3101 #ifndef OPENSSL_NO_DSA
3102 	    cmd == SSL_CTRL_SET_TMP_DH ||
3103 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
3104 #endif
3105 		0)
3106 		{
3107 		if (!ssl_cert_inst(&s->cert))
3108 		    	{
3109 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3110 			return(0);
3111 			}
3112 		}
3113 #endif
3114 
3115 	switch (cmd)
3116 		{
3117 	case SSL_CTRL_GET_SESSION_REUSED:
3118 		ret=s->hit;
3119 		break;
3120 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3121 		break;
3122 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3123 		ret=s->s3->num_renegotiations;
3124 		break;
3125 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3126 		ret=s->s3->num_renegotiations;
3127 		s->s3->num_renegotiations=0;
3128 		break;
3129 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3130 		ret=s->s3->total_renegotiations;
3131 		break;
3132 	case SSL_CTRL_GET_FLAGS:
3133 		ret=(int)(s->s3->flags);
3134 		break;
3135 #ifndef OPENSSL_NO_RSA
3136 	case SSL_CTRL_NEED_TMP_RSA:
3137 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3138 		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3139 		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
3140 			ret = 1;
3141 		break;
3142 	case SSL_CTRL_SET_TMP_RSA:
3143 		{
3144 			RSA *rsa = (RSA *)parg;
3145 			if (rsa == NULL)
3146 				{
3147 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3148 				return(ret);
3149 				}
3150 			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
3151 				{
3152 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3153 				return(ret);
3154 				}
3155 			if (s->cert->rsa_tmp != NULL)
3156 				RSA_free(s->cert->rsa_tmp);
3157 			s->cert->rsa_tmp = rsa;
3158 			ret = 1;
3159 		}
3160 		break;
3161 	case SSL_CTRL_SET_TMP_RSA_CB:
3162 		{
3163 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3164 		return(ret);
3165 		}
3166 		break;
3167 #endif
3168 #ifndef OPENSSL_NO_DH
3169 	case SSL_CTRL_SET_TMP_DH:
3170 		{
3171 			DH *dh = (DH *)parg;
3172 			if (dh == NULL)
3173 				{
3174 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3175 				return(ret);
3176 				}
3177 			if ((dh = DHparams_dup(dh)) == NULL)
3178 				{
3179 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3180 				return(ret);
3181 				}
3182 			if (!(s->options & SSL_OP_SINGLE_DH_USE))
3183 				{
3184 				if (!DH_generate_key(dh))
3185 					{
3186 					DH_free(dh);
3187 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3188 					return(ret);
3189 					}
3190 				}
3191 			if (s->cert->dh_tmp != NULL)
3192 				DH_free(s->cert->dh_tmp);
3193 			s->cert->dh_tmp = dh;
3194 			ret = 1;
3195 		}
3196 		break;
3197 	case SSL_CTRL_SET_TMP_DH_CB:
3198 		{
3199 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3200 		return(ret);
3201 		}
3202 		break;
3203 #endif
3204 #ifndef OPENSSL_NO_ECDH
3205 	case SSL_CTRL_SET_TMP_ECDH:
3206 		{
3207 		EC_KEY *ecdh = NULL;
3208 
3209 		if (parg == NULL)
3210 			{
3211 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3212 			return(ret);
3213 			}
3214 		if (!EC_KEY_up_ref((EC_KEY *)parg))
3215 			{
3216 			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3217 			return(ret);
3218 			}
3219 		ecdh = (EC_KEY *)parg;
3220 		if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
3221 			{
3222 			if (!EC_KEY_generate_key(ecdh))
3223 				{
3224 				EC_KEY_free(ecdh);
3225 				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3226 				return(ret);
3227 				}
3228 			}
3229 		if (s->cert->ecdh_tmp != NULL)
3230 			EC_KEY_free(s->cert->ecdh_tmp);
3231 		s->cert->ecdh_tmp = ecdh;
3232 		ret = 1;
3233 		}
3234 		break;
3235 	case SSL_CTRL_SET_TMP_ECDH_CB:
3236 		{
3237 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3238 		return(ret);
3239 		}
3240 		break;
3241 #endif /* !OPENSSL_NO_ECDH */
3242 #ifndef OPENSSL_NO_TLSEXT
3243 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3244  		if (larg == TLSEXT_NAMETYPE_host_name)
3245 			{
3246 			if (s->tlsext_hostname != NULL)
3247 				OPENSSL_free(s->tlsext_hostname);
3248 			s->tlsext_hostname = NULL;
3249 
3250 			ret = 1;
3251 			if (parg == NULL)
3252 				break;
3253 			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
3254 				{
3255 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3256 				return 0;
3257 				}
3258 			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
3259 				{
3260 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3261 				return 0;
3262 				}
3263 			}
3264 		else
3265 			{
3266 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3267 			return 0;
3268 			}
3269  		break;
3270 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3271 		s->tlsext_debug_arg=parg;
3272 		ret = 1;
3273 		break;
3274 
3275 #ifdef TLSEXT_TYPE_opaque_prf_input
3276 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3277 		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
3278 		                   * (including the cert chain and everything) */
3279 			{
3280 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3281 			break;
3282 			}
3283 		if (s->tlsext_opaque_prf_input != NULL)
3284 			OPENSSL_free(s->tlsext_opaque_prf_input);
3285 		if ((size_t)larg == 0)
3286 			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
3287 		else
3288 			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
3289 		if (s->tlsext_opaque_prf_input != NULL)
3290 			{
3291 			s->tlsext_opaque_prf_input_len = (size_t)larg;
3292 			ret = 1;
3293 			}
3294 		else
3295 			s->tlsext_opaque_prf_input_len = 0;
3296 		break;
3297 #endif
3298 
3299 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3300 		s->tlsext_status_type=larg;
3301 		ret = 1;
3302 		break;
3303 
3304 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3305 		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3306 		ret = 1;
3307 		break;
3308 
3309 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3310 		s->tlsext_ocsp_exts = parg;
3311 		ret = 1;
3312 		break;
3313 
3314 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3315 		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3316 		ret = 1;
3317 		break;
3318 
3319 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3320 		s->tlsext_ocsp_ids = parg;
3321 		ret = 1;
3322 		break;
3323 
3324 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3325 		*(unsigned char **)parg = s->tlsext_ocsp_resp;
3326 		return s->tlsext_ocsp_resplen;
3327 
3328 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3329 		if (s->tlsext_ocsp_resp)
3330 			OPENSSL_free(s->tlsext_ocsp_resp);
3331 		s->tlsext_ocsp_resp = parg;
3332 		s->tlsext_ocsp_resplen = larg;
3333 		ret = 1;
3334 		break;
3335 
3336 #ifndef OPENSSL_NO_HEARTBEATS
3337 	case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3338 		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
3339 			ret = dtls1_heartbeat(s);
3340 		else
3341 			ret = tls1_heartbeat(s);
3342 		break;
3343 
3344 	case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3345 		ret = s->tlsext_hb_pending;
3346 		break;
3347 
3348 	case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3349 		if (larg)
3350 			s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3351 		else
3352 			s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3353 		ret = 1;
3354 		break;
3355 #endif
3356 
3357 #endif /* !OPENSSL_NO_TLSEXT */
3358 
3359 	case SSL_CTRL_CHECK_PROTO_VERSION:
3360 		/* For library-internal use; checks that the current protocol
3361 		 * is the highest enabled version (according to s->ctx->method,
3362 		 * as version negotiation may have changed s->method). */
3363 		if (s->version == s->ctx->method->version)
3364 			return 1;
3365 		/* Apparently we're using a version-flexible SSL_METHOD
3366 		 * (not at its highest protocol version). */
3367 		if (s->ctx->method->version == SSLv23_method()->version)
3368 			{
3369 #if TLS_MAX_VERSION != TLS1_2_VERSION
3370 #  error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
3371 #endif
3372 			if (!(s->options & SSL_OP_NO_TLSv1_2))
3373 				return s->version == TLS1_2_VERSION;
3374 			if (!(s->options & SSL_OP_NO_TLSv1_1))
3375 				return s->version == TLS1_1_VERSION;
3376 			if (!(s->options & SSL_OP_NO_TLSv1))
3377 				return s->version == TLS1_VERSION;
3378 			if (!(s->options & SSL_OP_NO_SSLv3))
3379 				return s->version == SSL3_VERSION;
3380 			if (!(s->options & SSL_OP_NO_SSLv2))
3381 				return s->version == SSL2_VERSION;
3382 			}
3383 		return 0; /* Unexpected state; fail closed. */
3384 
3385 	default:
3386 		break;
3387 		}
3388 	return(ret);
3389 	}
3390 
3391 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3392 	{
3393 	int ret=0;
3394 
3395 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3396 	if (
3397 #ifndef OPENSSL_NO_RSA
3398 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3399 #endif
3400 #ifndef OPENSSL_NO_DSA
3401 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
3402 #endif
3403 		0)
3404 		{
3405 		if (!ssl_cert_inst(&s->cert))
3406 			{
3407 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
3408 			return(0);
3409 			}
3410 		}
3411 #endif
3412 
3413 	switch (cmd)
3414 		{
3415 #ifndef OPENSSL_NO_RSA
3416 	case SSL_CTRL_SET_TMP_RSA_CB:
3417 		{
3418 		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3419 		}
3420 		break;
3421 #endif
3422 #ifndef OPENSSL_NO_DH
3423 	case SSL_CTRL_SET_TMP_DH_CB:
3424 		{
3425 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3426 		}
3427 		break;
3428 #endif
3429 #ifndef OPENSSL_NO_ECDH
3430 	case SSL_CTRL_SET_TMP_ECDH_CB:
3431 		{
3432 		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3433 		}
3434 		break;
3435 #endif
3436 #ifndef OPENSSL_NO_TLSEXT
3437 	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3438 		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
3439 					unsigned char *, int, void *))fp;
3440 		break;
3441 #endif
3442 	default:
3443 		break;
3444 		}
3445 	return(ret);
3446 	}
3447 
3448 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3449 	{
3450 	CERT *cert;
3451 
3452 	cert=ctx->cert;
3453 
3454 	switch (cmd)
3455 		{
3456 #ifndef OPENSSL_NO_RSA
3457 	case SSL_CTRL_NEED_TMP_RSA:
3458 		if (	(cert->rsa_tmp == NULL) &&
3459 			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3460 			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
3461 			)
3462 			return(1);
3463 		else
3464 			return(0);
3465 		/* break; */
3466 	case SSL_CTRL_SET_TMP_RSA:
3467 		{
3468 		RSA *rsa;
3469 		int i;
3470 
3471 		rsa=(RSA *)parg;
3472 		i=1;
3473 		if (rsa == NULL)
3474 			i=0;
3475 		else
3476 			{
3477 			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
3478 				i=0;
3479 			}
3480 		if (!i)
3481 			{
3482 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
3483 			return(0);
3484 			}
3485 		else
3486 			{
3487 			if (cert->rsa_tmp != NULL)
3488 				RSA_free(cert->rsa_tmp);
3489 			cert->rsa_tmp=rsa;
3490 			return(1);
3491 			}
3492 		}
3493 		/* break; */
3494 	case SSL_CTRL_SET_TMP_RSA_CB:
3495 		{
3496 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3497 		return(0);
3498 		}
3499 		break;
3500 #endif
3501 #ifndef OPENSSL_NO_DH
3502 	case SSL_CTRL_SET_TMP_DH:
3503 		{
3504 		DH *new=NULL,*dh;
3505 
3506 		dh=(DH *)parg;
3507 		if ((new=DHparams_dup(dh)) == NULL)
3508 			{
3509 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3510 			return 0;
3511 			}
3512 		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
3513 			{
3514 			if (!DH_generate_key(new))
3515 				{
3516 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3517 				DH_free(new);
3518 				return 0;
3519 				}
3520 			}
3521 		if (cert->dh_tmp != NULL)
3522 			DH_free(cert->dh_tmp);
3523 		cert->dh_tmp=new;
3524 		return 1;
3525 		}
3526 		/*break; */
3527 	case SSL_CTRL_SET_TMP_DH_CB:
3528 		{
3529 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3530 		return(0);
3531 		}
3532 		break;
3533 #endif
3534 #ifndef OPENSSL_NO_ECDH
3535 	case SSL_CTRL_SET_TMP_ECDH:
3536 		{
3537 		EC_KEY *ecdh = NULL;
3538 
3539 		if (parg == NULL)
3540 			{
3541 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3542 			return 0;
3543 			}
3544 		ecdh = EC_KEY_dup((EC_KEY *)parg);
3545 		if (ecdh == NULL)
3546 			{
3547 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3548 			return 0;
3549 			}
3550 		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3551 			{
3552 			if (!EC_KEY_generate_key(ecdh))
3553 				{
3554 				EC_KEY_free(ecdh);
3555 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3556 				return 0;
3557 				}
3558 			}
3559 
3560 		if (cert->ecdh_tmp != NULL)
3561 			{
3562 			EC_KEY_free(cert->ecdh_tmp);
3563 			}
3564 		cert->ecdh_tmp = ecdh;
3565 		return 1;
3566 		}
3567 		/* break; */
3568 	case SSL_CTRL_SET_TMP_ECDH_CB:
3569 		{
3570 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3571 		return(0);
3572 		}
3573 		break;
3574 #endif /* !OPENSSL_NO_ECDH */
3575 #ifndef OPENSSL_NO_TLSEXT
3576 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3577 		ctx->tlsext_servername_arg=parg;
3578 		break;
3579 	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3580 	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3581 		{
3582 		unsigned char *keys = parg;
3583 		if (!keys)
3584 			return 48;
3585 		if (larg != 48)
3586 			{
3587 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3588 			return 0;
3589 			}
3590 		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3591 			{
3592 			memcpy(ctx->tlsext_tick_key_name, keys, 16);
3593 			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3594 			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3595 			}
3596 		else
3597 			{
3598 			memcpy(keys, ctx->tlsext_tick_key_name, 16);
3599 			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3600 			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3601 			}
3602 		return 1;
3603 		}
3604 
3605 #ifdef TLSEXT_TYPE_opaque_prf_input
3606 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3607 		ctx->tlsext_opaque_prf_input_callback_arg = parg;
3608 		return 1;
3609 #endif
3610 
3611 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3612 		ctx->tlsext_status_arg=parg;
3613 		return 1;
3614 		break;
3615 
3616 #ifndef OPENSSL_NO_SRP
3617 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3618 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3619 		if (ctx->srp_ctx.login != NULL)
3620 			OPENSSL_free(ctx->srp_ctx.login);
3621 		ctx->srp_ctx.login = NULL;
3622 		if (parg == NULL)
3623 			break;
3624 		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
3625 			{
3626 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3627 			return 0;
3628 			}
3629 		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3630 			{
3631 			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3632 			return 0;
3633 			}
3634 		break;
3635 	case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3636 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3637 		ctx->srp_ctx.info=parg;
3638 		break;
3639 	case SSL_CTRL_SET_SRP_ARG:
3640 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3641 		ctx->srp_ctx.SRP_cb_arg=parg;
3642 		break;
3643 
3644 	case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3645 		ctx->srp_ctx.strength=larg;
3646 		break;
3647 #endif
3648 #endif /* !OPENSSL_NO_TLSEXT */
3649 
3650 	/* A Thawte special :-) */
3651 	case SSL_CTRL_EXTRA_CHAIN_CERT:
3652 		if (ctx->extra_certs == NULL)
3653 			{
3654 			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3655 				return(0);
3656 			}
3657 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
3658 		break;
3659 
3660 	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3661 		*(STACK_OF(X509) **)parg =  ctx->extra_certs;
3662 		break;
3663 
3664 	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3665 		if (ctx->extra_certs)
3666 			{
3667 			sk_X509_pop_free(ctx->extra_certs, X509_free);
3668 			ctx->extra_certs = NULL;
3669 			}
3670 		break;
3671 
3672 	default:
3673 		return(0);
3674 		}
3675 	return(1);
3676 	}
3677 
3678 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3679 	{
3680 	CERT *cert;
3681 
3682 	cert=ctx->cert;
3683 
3684 	switch (cmd)
3685 		{
3686 #ifndef OPENSSL_NO_RSA
3687 	case SSL_CTRL_SET_TMP_RSA_CB:
3688 		{
3689 		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3690 		}
3691 		break;
3692 #endif
3693 #ifndef OPENSSL_NO_DH
3694 	case SSL_CTRL_SET_TMP_DH_CB:
3695 		{
3696 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3697 		}
3698 		break;
3699 #endif
3700 #ifndef OPENSSL_NO_ECDH
3701 	case SSL_CTRL_SET_TMP_ECDH_CB:
3702 		{
3703 		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3704 		}
3705 		break;
3706 #endif
3707 #ifndef OPENSSL_NO_TLSEXT
3708 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3709 		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3710 		break;
3711 
3712 #ifdef TLSEXT_TYPE_opaque_prf_input
3713 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3714 		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
3715 		break;
3716 #endif
3717 
3718 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3719 		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
3720 		break;
3721 
3722 	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3723 		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
3724 						unsigned char *,
3725 						EVP_CIPHER_CTX *,
3726 						HMAC_CTX *, int))fp;
3727 		break;
3728 
3729 #ifndef OPENSSL_NO_SRP
3730 	case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3731 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3732 		ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
3733 		break;
3734 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3735 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3736 		ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
3737 		break;
3738 	case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3739 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3740 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
3741 		break;
3742 #endif
3743 #endif
3744 
3745 	default:
3746 		return(0);
3747 		}
3748 	return(1);
3749 	}
3750 
3751 /* This function needs to check if the ciphers required are actually
3752  * available */
3753 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3754 	{
3755 	SSL_CIPHER c;
3756 	const SSL_CIPHER *cp;
3757 	unsigned long id;
3758 
3759 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
3760 	c.id=id;
3761 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3762 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
3763 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
3764 #endif
3765 	if (cp == NULL || cp->valid == 0)
3766 		return NULL;
3767 	else
3768 		return cp;
3769 	}
3770 
3771 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3772 	{
3773 	long l;
3774 
3775 	if (p != NULL)
3776 		{
3777 		l=c->id;
3778 		if ((l & 0xff000000) != 0x03000000) return(0);
3779 		p[0]=((unsigned char)(l>> 8L))&0xFF;
3780 		p[1]=((unsigned char)(l     ))&0xFF;
3781 		}
3782 	return(2);
3783 	}
3784 
3785 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3786 	     STACK_OF(SSL_CIPHER) *srvr)
3787 	{
3788 	SSL_CIPHER *c,*ret=NULL;
3789 	STACK_OF(SSL_CIPHER) *prio, *allow;
3790 	int i,ii,ok;
3791 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
3792 	unsigned int j;
3793 	int ec_ok, ec_nid;
3794 	unsigned char ec_search1 = 0, ec_search2 = 0;
3795 #endif
3796 	CERT *cert;
3797 	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
3798 
3799 	/* Let's see which ciphers we can support */
3800 	cert=s->cert;
3801 
3802 #if 0
3803 	/* Do not set the compare functions, because this may lead to a
3804 	 * reordering by "id". We want to keep the original ordering.
3805 	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
3806 	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
3807 	 */
3808 	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3809 	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
3810 #endif
3811 
3812 #ifdef CIPHER_DEBUG
3813 	fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
3814 	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
3815 		{
3816 		c=sk_SSL_CIPHER_value(srvr,i);
3817 		fprintf(stderr, "%p:%s\n",(void *)c,c->name);
3818 		}
3819 	fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
3820 	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
3821 	    {
3822 	    c=sk_SSL_CIPHER_value(clnt,i);
3823 	    fprintf(stderr, "%p:%s\n",(void *)c,c->name);
3824 	    }
3825 #endif
3826 
3827 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
3828 		{
3829 		prio = srvr;
3830 		allow = clnt;
3831 		}
3832 	else
3833 		{
3834 		prio = clnt;
3835 		allow = srvr;
3836 		}
3837 
3838 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
3839 		{
3840 		c=sk_SSL_CIPHER_value(prio,i);
3841 
3842 		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
3843 		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
3844 			(TLS1_get_version(s) < TLS1_2_VERSION))
3845 			continue;
3846 
3847 		ssl_set_cert_masks(cert,c);
3848 		mask_k = cert->mask_k;
3849 		mask_a = cert->mask_a;
3850 		emask_k = cert->export_mask_k;
3851 		emask_a = cert->export_mask_a;
3852 #ifndef OPENSSL_NO_SRP
3853 		if (s->srp_ctx.srp_Mask & SSL_kSRP)
3854 			{
3855 			mask_k |= SSL_kSRP;
3856 			emask_k |= SSL_kSRP;
3857 			mask_a |= SSL_aSRP;
3858 			emask_a |= SSL_aSRP;
3859 			}
3860 #endif
3861 
3862 #ifdef KSSL_DEBUG
3863 /*		fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
3864 #endif    /* KSSL_DEBUG */
3865 
3866 		alg_k=c->algorithm_mkey;
3867 		alg_a=c->algorithm_auth;
3868 
3869 #ifndef OPENSSL_NO_KRB5
3870 		if (alg_k & SSL_kKRB5)
3871 			{
3872 			if ( !kssl_keytab_is_available(s->kssl_ctx) )
3873 			    continue;
3874 			}
3875 #endif /* OPENSSL_NO_KRB5 */
3876 #ifndef OPENSSL_NO_PSK
3877 		/* with PSK there must be server callback set */
3878 		if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
3879 			continue;
3880 #endif /* OPENSSL_NO_PSK */
3881 
3882 		if (SSL_C_IS_EXPORT(c))
3883 			{
3884 			ok = (alg_k & emask_k) && (alg_a & emask_a);
3885 #ifdef CIPHER_DEBUG
3886 			fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
3887 			       (void *)c,c->name);
3888 #endif
3889 			}
3890 		else
3891 			{
3892 			ok = (alg_k & mask_k) && (alg_a & mask_a);
3893 #ifdef CIPHER_DEBUG
3894 			fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
3895 			       c->name);
3896 #endif
3897 			}
3898 
3899 #ifndef OPENSSL_NO_TLSEXT
3900 #ifndef OPENSSL_NO_EC
3901 		if (
3902 			/* if we are considering an ECC cipher suite that uses our certificate */
3903 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3904 			/* and we have an ECC certificate */
3905 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3906 			/* and the client specified a Supported Point Formats extension */
3907 			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
3908 			/* and our certificate's point is compressed */
3909 			&& (
3910 				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
3911 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
3912 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
3913 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
3914 				&& (
3915 					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
3916 					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
3917 					)
3918 				)
3919 		)
3920 			{
3921 			ec_ok = 0;
3922 			/* if our certificate's curve is over a field type that the client does not support
3923 			 * then do not allow this cipher suite to be negotiated */
3924 			if (
3925 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3926 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3927 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3928 				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3929 			)
3930 				{
3931 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3932 					{
3933 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
3934 						{
3935 						ec_ok = 1;
3936 						break;
3937 						}
3938 					}
3939 				}
3940 			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3941 				{
3942 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3943 					{
3944 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
3945 						{
3946 						ec_ok = 1;
3947 						break;
3948 						}
3949 					}
3950 				}
3951 			ok = ok && ec_ok;
3952 			}
3953 		if (
3954 			/* if we are considering an ECC cipher suite that uses our certificate */
3955 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3956 			/* and we have an ECC certificate */
3957 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3958 			/* and the client specified an EllipticCurves extension */
3959 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3960 		)
3961 			{
3962 			ec_ok = 0;
3963 			if (
3964 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3965 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3966 			)
3967 				{
3968 				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
3969 				if ((ec_nid == 0)
3970 					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3971 				)
3972 					{
3973 					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3974 						{
3975 						ec_search1 = 0xFF;
3976 						ec_search2 = 0x01;
3977 						}
3978 					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3979 						{
3980 						ec_search1 = 0xFF;
3981 						ec_search2 = 0x02;
3982 						}
3983 					}
3984 				else
3985 					{
3986 					ec_search1 = 0x00;
3987 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3988 					}
3989 				if ((ec_search1 != 0) || (ec_search2 != 0))
3990 					{
3991 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
3992 						{
3993 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
3994 							{
3995 							ec_ok = 1;
3996 							break;
3997 							}
3998 						}
3999 					}
4000 				}
4001 			ok = ok && ec_ok;
4002 			}
4003 #ifndef OPENSSL_NO_ECDH
4004 		if (
4005 			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
4006 			(alg_k & SSL_kEECDH)
4007 			/* and we have an ephemeral EC key */
4008 			&& (s->cert->ecdh_tmp != NULL)
4009 			/* and the client specified an EllipticCurves extension */
4010 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
4011 		)
4012 			{
4013 			ec_ok = 0;
4014 			if (s->cert->ecdh_tmp->group != NULL)
4015 				{
4016 				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
4017 				if ((ec_nid == 0)
4018 					&& (s->cert->ecdh_tmp->group->meth != NULL)
4019 				)
4020 					{
4021 					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
4022 						{
4023 						ec_search1 = 0xFF;
4024 						ec_search2 = 0x01;
4025 						}
4026 					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
4027 						{
4028 						ec_search1 = 0xFF;
4029 						ec_search2 = 0x02;
4030 						}
4031 					}
4032 				else
4033 					{
4034 					ec_search1 = 0x00;
4035 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
4036 					}
4037 				if ((ec_search1 != 0) || (ec_search2 != 0))
4038 					{
4039 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
4040 						{
4041 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
4042 							{
4043 							ec_ok = 1;
4044 							break;
4045 							}
4046 						}
4047 					}
4048 				}
4049 			ok = ok && ec_ok;
4050 			}
4051 #endif /* OPENSSL_NO_ECDH */
4052 #endif /* OPENSSL_NO_EC */
4053 #endif /* OPENSSL_NO_TLSEXT */
4054 
4055 		if (!ok) continue;
4056 		ii=sk_SSL_CIPHER_find(allow,c);
4057 		if (ii >= 0)
4058 			{
4059 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
4060 			if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
4061 				{
4062 				if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
4063 				continue;
4064 				}
4065 #endif
4066 			ret=sk_SSL_CIPHER_value(allow,ii);
4067 			break;
4068 			}
4069 		}
4070 	return(ret);
4071 	}
4072 
4073 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
4074 	{
4075 	int ret=0;
4076 	unsigned long alg_k;
4077 
4078 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4079 
4080 #ifndef OPENSSL_NO_GOST
4081 	if (s->version >= TLS1_VERSION)
4082 		{
4083 		if (alg_k & SSL_kGOST)
4084 			{
4085 			p[ret++]=TLS_CT_GOST94_SIGN;
4086 			p[ret++]=TLS_CT_GOST01_SIGN;
4087 			return(ret);
4088 			}
4089 		}
4090 #endif
4091 
4092 #ifndef OPENSSL_NO_DH
4093 	if (alg_k & (SSL_kDHr|SSL_kEDH))
4094 		{
4095 #  ifndef OPENSSL_NO_RSA
4096 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
4097 #  endif
4098 #  ifndef OPENSSL_NO_DSA
4099 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
4100 #  endif
4101 		}
4102 	if ((s->version == SSL3_VERSION) &&
4103 		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
4104 		{
4105 #  ifndef OPENSSL_NO_RSA
4106 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
4107 #  endif
4108 #  ifndef OPENSSL_NO_DSA
4109 		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
4110 #  endif
4111 		}
4112 #endif /* !OPENSSL_NO_DH */
4113 #ifndef OPENSSL_NO_RSA
4114 	p[ret++]=SSL3_CT_RSA_SIGN;
4115 #endif
4116 #ifndef OPENSSL_NO_DSA
4117 	p[ret++]=SSL3_CT_DSS_SIGN;
4118 #endif
4119 #ifndef OPENSSL_NO_ECDH
4120 	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
4121 		{
4122 		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
4123 		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
4124 		}
4125 #endif
4126 
4127 #ifndef OPENSSL_NO_ECDSA
4128 	/* ECDSA certs can be used with RSA cipher suites as well
4129 	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
4130 	 */
4131 	if (s->version >= TLS1_VERSION)
4132 		{
4133 		p[ret++]=TLS_CT_ECDSA_SIGN;
4134 		}
4135 #endif
4136 	return(ret);
4137 	}
4138 
4139 int ssl3_shutdown(SSL *s)
4140 	{
4141 	int ret;
4142 
4143 	/* Don't do anything much if we have not done the handshake or
4144 	 * we don't want to send messages :-) */
4145 	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
4146 		{
4147 		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
4148 		return(1);
4149 		}
4150 
4151 	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
4152 		{
4153 		s->shutdown|=SSL_SENT_SHUTDOWN;
4154 #if 1
4155 		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
4156 #endif
4157 		/* our shutdown alert has been sent now, and if it still needs
4158 	 	 * to be written, s->s3->alert_dispatch will be true */
4159 	 	if (s->s3->alert_dispatch)
4160 	 		return(-1);	/* return WANT_WRITE */
4161 		}
4162 	else if (s->s3->alert_dispatch)
4163 		{
4164 		/* resend it if not sent */
4165 #if 1
4166 		ret=s->method->ssl_dispatch_alert(s);
4167 		if(ret == -1)
4168 			{
4169 			/* we only get to return -1 here the 2nd/Nth
4170 			 * invocation, we must  have already signalled
4171 			 * return 0 upon a previous invoation,
4172 			 * return WANT_WRITE */
4173 			return(ret);
4174 			}
4175 #endif
4176 		}
4177 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4178 		{
4179 		/* If we are waiting for a close from our peer, we are closed */
4180 		s->method->ssl_read_bytes(s,0,NULL,0,0);
4181 		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4182 			{
4183 			return(-1);	/* return WANT_READ */
4184 			}
4185 		}
4186 
4187 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
4188 		!s->s3->alert_dispatch)
4189 		return(1);
4190 	else
4191 		return(0);
4192 	}
4193 
4194 int ssl3_write(SSL *s, const void *buf, int len)
4195 	{
4196 	int ret,n;
4197 
4198 #if 0
4199 	if (s->shutdown & SSL_SEND_SHUTDOWN)
4200 		{
4201 		s->rwstate=SSL_NOTHING;
4202 		return(0);
4203 		}
4204 #endif
4205 	clear_sys_error();
4206 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4207 
4208 	/* This is an experimental flag that sends the
4209 	 * last handshake message in the same packet as the first
4210 	 * use data - used to see if it helps the TCP protocol during
4211 	 * session-id reuse */
4212 	/* The second test is because the buffer may have been removed */
4213 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
4214 		{
4215 		/* First time through, we write into the buffer */
4216 		if (s->s3->delay_buf_pop_ret == 0)
4217 			{
4218 			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4219 					     buf,len);
4220 			if (ret <= 0) return(ret);
4221 
4222 			s->s3->delay_buf_pop_ret=ret;
4223 			}
4224 
4225 		s->rwstate=SSL_WRITING;
4226 		n=BIO_flush(s->wbio);
4227 		if (n <= 0) return(n);
4228 		s->rwstate=SSL_NOTHING;
4229 
4230 		/* We have flushed the buffer, so remove it */
4231 		ssl_free_wbio_buffer(s);
4232 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
4233 
4234 		ret=s->s3->delay_buf_pop_ret;
4235 		s->s3->delay_buf_pop_ret=0;
4236 		}
4237 	else
4238 		{
4239 		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4240 			buf,len);
4241 		if (ret <= 0) return(ret);
4242 		}
4243 
4244 	return(ret);
4245 	}
4246 
4247 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
4248 	{
4249 	int ret;
4250 
4251 	clear_sys_error();
4252 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4253 	s->s3->in_read_app_data=1;
4254 	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4255 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
4256 		{
4257 		/* ssl3_read_bytes decided to call s->handshake_func, which
4258 		 * called ssl3_read_bytes to read handshake data.
4259 		 * However, ssl3_read_bytes actually found application data
4260 		 * and thinks that application data makes sense here; so disable
4261 		 * handshake processing and try to read application data again. */
4262 		s->in_handshake++;
4263 		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4264 		s->in_handshake--;
4265 		}
4266 	else
4267 		s->s3->in_read_app_data=0;
4268 
4269 	return(ret);
4270 	}
4271 
4272 int ssl3_read(SSL *s, void *buf, int len)
4273 	{
4274 	return ssl3_read_internal(s, buf, len, 0);
4275 	}
4276 
4277 int ssl3_peek(SSL *s, void *buf, int len)
4278 	{
4279 	return ssl3_read_internal(s, buf, len, 1);
4280 	}
4281 
4282 int ssl3_renegotiate(SSL *s)
4283 	{
4284 	if (s->handshake_func == NULL)
4285 		return(1);
4286 
4287 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4288 		return(0);
4289 
4290 	s->s3->renegotiate=1;
4291 	return(1);
4292 	}
4293 
4294 int ssl3_renegotiate_check(SSL *s)
4295 	{
4296 	int ret=0;
4297 
4298 	if (s->s3->renegotiate)
4299 		{
4300 		if (	(s->s3->rbuf.left == 0) &&
4301 			(s->s3->wbuf.left == 0) &&
4302 			!SSL_in_init(s))
4303 			{
4304 /*
4305 if we are the server, and we have sent a 'RENEGOTIATE' message, we
4306 need to go to SSL_ST_ACCEPT.
4307 */
4308 			/* SSL_ST_ACCEPT */
4309 			s->state=SSL_ST_RENEGOTIATE;
4310 			s->s3->renegotiate=0;
4311 			s->s3->num_renegotiations++;
4312 			s->s3->total_renegotiations++;
4313 			ret=1;
4314 			}
4315 		}
4316 	return(ret);
4317 	}
4318 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
4319  * to new SHA256 PRF and handshake macs
4320  */
4321 long ssl_get_algorithm2(SSL *s)
4322 	{
4323 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
4324 	if (s->method->version == TLS1_2_VERSION &&
4325 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
4326 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4327 	return alg2;
4328 	}
4329