xref: /freebsd/crypto/openssl/ssl/s3_lib.c (revision 87c1627502a5dde91e5284118eec8682b60f27a2)
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150 
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #ifndef OPENSSL_NO_TLSEXT
156 #ifndef OPENSSL_NO_EC
157 #include "../crypto/ec/ec_lcl.h"
158 #endif /* OPENSSL_NO_EC */
159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h>
163 #endif
164 
165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
166 
167 #define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168 
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171 
172 /* The RSA ciphers */
173 /* Cipher 01 */
174 	{
175 	1,
176 	SSL3_TXT_RSA_NULL_MD5,
177 	SSL3_CK_RSA_NULL_MD5,
178 	SSL_kRSA,
179 	SSL_aRSA,
180 	SSL_eNULL,
181 	SSL_MD5,
182 	SSL_SSLV3,
183 	SSL_NOT_EXP|SSL_STRONG_NONE,
184 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
185 	0,
186 	0,
187 	},
188 
189 /* Cipher 02 */
190 	{
191 	1,
192 	SSL3_TXT_RSA_NULL_SHA,
193 	SSL3_CK_RSA_NULL_SHA,
194 	SSL_kRSA,
195 	SSL_aRSA,
196 	SSL_eNULL,
197 	SSL_SHA1,
198 	SSL_SSLV3,
199 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
200 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
201 	0,
202 	0,
203 	},
204 
205 /* Cipher 03 */
206 	{
207 	1,
208 	SSL3_TXT_RSA_RC4_40_MD5,
209 	SSL3_CK_RSA_RC4_40_MD5,
210 	SSL_kRSA,
211 	SSL_aRSA,
212 	SSL_RC4,
213 	SSL_MD5,
214 	SSL_SSLV3,
215 	SSL_EXPORT|SSL_EXP40,
216 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
217 	40,
218 	128,
219 	},
220 
221 /* Cipher 04 */
222 	{
223 	1,
224 	SSL3_TXT_RSA_RC4_128_MD5,
225 	SSL3_CK_RSA_RC4_128_MD5,
226 	SSL_kRSA,
227 	SSL_aRSA,
228 	SSL_RC4,
229 	SSL_MD5,
230 	SSL_SSLV3,
231 	SSL_NOT_EXP|SSL_MEDIUM,
232 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
233 	128,
234 	128,
235 	},
236 
237 /* Cipher 05 */
238 	{
239 	1,
240 	SSL3_TXT_RSA_RC4_128_SHA,
241 	SSL3_CK_RSA_RC4_128_SHA,
242 	SSL_kRSA,
243 	SSL_aRSA,
244 	SSL_RC4,
245 	SSL_SHA1,
246 	SSL_SSLV3,
247 	SSL_NOT_EXP|SSL_MEDIUM,
248 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
249 	128,
250 	128,
251 	},
252 
253 /* Cipher 06 */
254 	{
255 	1,
256 	SSL3_TXT_RSA_RC2_40_MD5,
257 	SSL3_CK_RSA_RC2_40_MD5,
258 	SSL_kRSA,
259 	SSL_aRSA,
260 	SSL_RC2,
261 	SSL_MD5,
262 	SSL_SSLV3,
263 	SSL_EXPORT|SSL_EXP40,
264 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
265 	40,
266 	128,
267 	},
268 
269 /* Cipher 07 */
270 #ifndef OPENSSL_NO_IDEA
271 	{
272 	1,
273 	SSL3_TXT_RSA_IDEA_128_SHA,
274 	SSL3_CK_RSA_IDEA_128_SHA,
275 	SSL_kRSA,
276 	SSL_aRSA,
277 	SSL_IDEA,
278 	SSL_SHA1,
279 	SSL_SSLV3,
280 	SSL_NOT_EXP|SSL_MEDIUM,
281 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
282 	128,
283 	128,
284 	},
285 #endif
286 
287 /* Cipher 08 */
288 	{
289 	1,
290 	SSL3_TXT_RSA_DES_40_CBC_SHA,
291 	SSL3_CK_RSA_DES_40_CBC_SHA,
292 	SSL_kRSA,
293 	SSL_aRSA,
294 	SSL_DES,
295 	SSL_SHA1,
296 	SSL_SSLV3,
297 	SSL_EXPORT|SSL_EXP40,
298 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
299 	40,
300 	56,
301 	},
302 
303 /* Cipher 09 */
304 	{
305 	1,
306 	SSL3_TXT_RSA_DES_64_CBC_SHA,
307 	SSL3_CK_RSA_DES_64_CBC_SHA,
308 	SSL_kRSA,
309 	SSL_aRSA,
310 	SSL_DES,
311 	SSL_SHA1,
312 	SSL_SSLV3,
313 	SSL_NOT_EXP|SSL_LOW,
314 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
315 	56,
316 	56,
317 	},
318 
319 /* Cipher 0A */
320 	{
321 	1,
322 	SSL3_TXT_RSA_DES_192_CBC3_SHA,
323 	SSL3_CK_RSA_DES_192_CBC3_SHA,
324 	SSL_kRSA,
325 	SSL_aRSA,
326 	SSL_3DES,
327 	SSL_SHA1,
328 	SSL_SSLV3,
329 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
330 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
331 	168,
332 	168,
333 	},
334 
335 /* The DH ciphers */
336 /* Cipher 0B */
337 	{
338 	0,
339 	SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
340 	SSL3_CK_DH_DSS_DES_40_CBC_SHA,
341 	SSL_kDHd,
342 	SSL_aDH,
343 	SSL_DES,
344 	SSL_SHA1,
345 	SSL_SSLV3,
346 	SSL_EXPORT|SSL_EXP40,
347 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
348 	40,
349 	56,
350 	},
351 
352 /* Cipher 0C */
353 	{
354 	0, /* not implemented (non-ephemeral DH) */
355 	SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
356 	SSL3_CK_DH_DSS_DES_64_CBC_SHA,
357 	SSL_kDHd,
358 	SSL_aDH,
359 	SSL_DES,
360 	SSL_SHA1,
361 	SSL_SSLV3,
362 	SSL_NOT_EXP|SSL_LOW,
363 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
364 	56,
365 	56,
366 	},
367 
368 /* Cipher 0D */
369 	{
370 	0, /* not implemented (non-ephemeral DH) */
371 	SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
372 	SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
373 	SSL_kDHd,
374 	SSL_aDH,
375 	SSL_3DES,
376 	SSL_SHA1,
377 	SSL_SSLV3,
378 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
379 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
380 	168,
381 	168,
382 	},
383 
384 /* Cipher 0E */
385 	{
386 	0, /* not implemented (non-ephemeral DH) */
387 	SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
388 	SSL3_CK_DH_RSA_DES_40_CBC_SHA,
389 	SSL_kDHr,
390 	SSL_aDH,
391 	SSL_DES,
392 	SSL_SHA1,
393 	SSL_SSLV3,
394 	SSL_EXPORT|SSL_EXP40,
395 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
396 	40,
397 	56,
398 	},
399 
400 /* Cipher 0F */
401 	{
402 	0, /* not implemented (non-ephemeral DH) */
403 	SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
404 	SSL3_CK_DH_RSA_DES_64_CBC_SHA,
405 	SSL_kDHr,
406 	SSL_aDH,
407 	SSL_DES,
408 	SSL_SHA1,
409 	SSL_SSLV3,
410 	SSL_NOT_EXP|SSL_LOW,
411 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
412 	56,
413 	56,
414 	},
415 
416 /* Cipher 10 */
417 	{
418 	0, /* not implemented (non-ephemeral DH) */
419 	SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
420 	SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
421 	SSL_kDHr,
422 	SSL_aDH,
423 	SSL_3DES,
424 	SSL_SHA1,
425 	SSL_SSLV3,
426 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
428 	168,
429 	168,
430 	},
431 
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434 	{
435 	1,
436 	SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437 	SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438 	SSL_kEDH,
439 	SSL_aDSS,
440 	SSL_DES,
441 	SSL_SHA1,
442 	SSL_SSLV3,
443 	SSL_EXPORT|SSL_EXP40,
444 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
445 	40,
446 	56,
447 	},
448 
449 /* Cipher 12 */
450 	{
451 	1,
452 	SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
453 	SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
454 	SSL_kEDH,
455 	SSL_aDSS,
456 	SSL_DES,
457 	SSL_SHA1,
458 	SSL_SSLV3,
459 	SSL_NOT_EXP|SSL_LOW,
460 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
461 	56,
462 	56,
463 	},
464 
465 /* Cipher 13 */
466 	{
467 	1,
468 	SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
469 	SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
470 	SSL_kEDH,
471 	SSL_aDSS,
472 	SSL_3DES,
473 	SSL_SHA1,
474 	SSL_SSLV3,
475 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
476 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
477 	168,
478 	168,
479 	},
480 
481 /* Cipher 14 */
482 	{
483 	1,
484 	SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
485 	SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
486 	SSL_kEDH,
487 	SSL_aRSA,
488 	SSL_DES,
489 	SSL_SHA1,
490 	SSL_SSLV3,
491 	SSL_EXPORT|SSL_EXP40,
492 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
493 	40,
494 	56,
495 	},
496 
497 /* Cipher 15 */
498 	{
499 	1,
500 	SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
501 	SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
502 	SSL_kEDH,
503 	SSL_aRSA,
504 	SSL_DES,
505 	SSL_SHA1,
506 	SSL_SSLV3,
507 	SSL_NOT_EXP|SSL_LOW,
508 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
509 	56,
510 	56,
511 	},
512 
513 /* Cipher 16 */
514 	{
515 	1,
516 	SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
517 	SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
518 	SSL_kEDH,
519 	SSL_aRSA,
520 	SSL_3DES,
521 	SSL_SHA1,
522 	SSL_SSLV3,
523 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
524 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
525 	168,
526 	168,
527 	},
528 
529 /* Cipher 17 */
530 	{
531 	1,
532 	SSL3_TXT_ADH_RC4_40_MD5,
533 	SSL3_CK_ADH_RC4_40_MD5,
534 	SSL_kEDH,
535 	SSL_aNULL,
536 	SSL_RC4,
537 	SSL_MD5,
538 	SSL_SSLV3,
539 	SSL_EXPORT|SSL_EXP40,
540 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
541 	40,
542 	128,
543 	},
544 
545 /* Cipher 18 */
546 	{
547 	1,
548 	SSL3_TXT_ADH_RC4_128_MD5,
549 	SSL3_CK_ADH_RC4_128_MD5,
550 	SSL_kEDH,
551 	SSL_aNULL,
552 	SSL_RC4,
553 	SSL_MD5,
554 	SSL_SSLV3,
555 	SSL_NOT_EXP|SSL_MEDIUM,
556 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
557 	128,
558 	128,
559 	},
560 
561 /* Cipher 19 */
562 	{
563 	1,
564 	SSL3_TXT_ADH_DES_40_CBC_SHA,
565 	SSL3_CK_ADH_DES_40_CBC_SHA,
566 	SSL_kEDH,
567 	SSL_aNULL,
568 	SSL_DES,
569 	SSL_SHA1,
570 	SSL_SSLV3,
571 	SSL_EXPORT|SSL_EXP40,
572 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
573 	40,
574 	128,
575 	},
576 
577 /* Cipher 1A */
578 	{
579 	1,
580 	SSL3_TXT_ADH_DES_64_CBC_SHA,
581 	SSL3_CK_ADH_DES_64_CBC_SHA,
582 	SSL_kEDH,
583 	SSL_aNULL,
584 	SSL_DES,
585 	SSL_SHA1,
586 	SSL_SSLV3,
587 	SSL_NOT_EXP|SSL_LOW,
588 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
589 	56,
590 	56,
591 	},
592 
593 /* Cipher 1B */
594 	{
595 	1,
596 	SSL3_TXT_ADH_DES_192_CBC_SHA,
597 	SSL3_CK_ADH_DES_192_CBC_SHA,
598 	SSL_kEDH,
599 	SSL_aNULL,
600 	SSL_3DES,
601 	SSL_SHA1,
602 	SSL_SSLV3,
603 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
604 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
605 	168,
606 	168,
607 	},
608 
609 /* Fortezza ciphersuite from SSL 3.0 spec */
610 #if 0
611 /* Cipher 1C */
612 	{
613 	0,
614 	SSL3_TXT_FZA_DMS_NULL_SHA,
615 	SSL3_CK_FZA_DMS_NULL_SHA,
616 	SSL_kFZA,
617 	SSL_aFZA,
618 	SSL_eNULL,
619 	SSL_SHA1,
620 	SSL_SSLV3,
621 	SSL_NOT_EXP|SSL_STRONG_NONE,
622 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
623 	0,
624 	0,
625 	},
626 
627 /* Cipher 1D */
628 	{
629 	0,
630 	SSL3_TXT_FZA_DMS_FZA_SHA,
631 	SSL3_CK_FZA_DMS_FZA_SHA,
632 	SSL_kFZA,
633 	SSL_aFZA,
634 	SSL_eFZA,
635 	SSL_SHA1,
636 	SSL_SSLV3,
637 	SSL_NOT_EXP|SSL_STRONG_NONE,
638 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
639 	0,
640 	0,
641 	},
642 
643 /* Cipher 1E */
644 	{
645 	0,
646 	SSL3_TXT_FZA_DMS_RC4_SHA,
647 	SSL3_CK_FZA_DMS_RC4_SHA,
648 	SSL_kFZA,
649 	SSL_aFZA,
650 	SSL_RC4,
651 	SSL_SHA1,
652 	SSL_SSLV3,
653 	SSL_NOT_EXP|SSL_MEDIUM,
654 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
655 	128,
656 	128,
657 	},
658 #endif
659 
660 #ifndef OPENSSL_NO_KRB5
661 /* The Kerberos ciphers*/
662 /* Cipher 1E */
663 	{
664 	1,
665 	SSL3_TXT_KRB5_DES_64_CBC_SHA,
666 	SSL3_CK_KRB5_DES_64_CBC_SHA,
667 	SSL_kKRB5,
668 	SSL_aKRB5,
669 	SSL_DES,
670 	SSL_SHA1,
671 	SSL_SSLV3,
672 	SSL_NOT_EXP|SSL_LOW,
673 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
674 	56,
675 	56,
676 	},
677 
678 /* Cipher 1F */
679 	{
680 	1,
681 	SSL3_TXT_KRB5_DES_192_CBC3_SHA,
682 	SSL3_CK_KRB5_DES_192_CBC3_SHA,
683 	SSL_kKRB5,
684 	SSL_aKRB5,
685 	SSL_3DES,
686 	SSL_SHA1,
687 	SSL_SSLV3,
688 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
689 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
690 	168,
691 	168,
692 	},
693 
694 /* Cipher 20 */
695 	{
696 	1,
697 	SSL3_TXT_KRB5_RC4_128_SHA,
698 	SSL3_CK_KRB5_RC4_128_SHA,
699 	SSL_kKRB5,
700 	SSL_aKRB5,
701 	SSL_RC4,
702 	SSL_SHA1,
703 	SSL_SSLV3,
704 	SSL_NOT_EXP|SSL_MEDIUM,
705 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
706 	128,
707 	128,
708 	},
709 
710 /* Cipher 21 */
711 	{
712 	1,
713 	SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
714 	SSL3_CK_KRB5_IDEA_128_CBC_SHA,
715 	SSL_kKRB5,
716 	SSL_aKRB5,
717 	SSL_IDEA,
718 	SSL_SHA1,
719 	SSL_SSLV3,
720 	SSL_NOT_EXP|SSL_MEDIUM,
721 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
722 	128,
723 	128,
724 	},
725 
726 /* Cipher 22 */
727 	{
728 	1,
729 	SSL3_TXT_KRB5_DES_64_CBC_MD5,
730 	SSL3_CK_KRB5_DES_64_CBC_MD5,
731 	SSL_kKRB5,
732 	SSL_aKRB5,
733 	SSL_DES,
734 	SSL_MD5,
735 	SSL_SSLV3,
736 	SSL_NOT_EXP|SSL_LOW,
737 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
738 	56,
739 	56,
740 	},
741 
742 /* Cipher 23 */
743 	{
744 	1,
745 	SSL3_TXT_KRB5_DES_192_CBC3_MD5,
746 	SSL3_CK_KRB5_DES_192_CBC3_MD5,
747 	SSL_kKRB5,
748 	SSL_aKRB5,
749 	SSL_3DES,
750 	SSL_MD5,
751 	SSL_SSLV3,
752 	SSL_NOT_EXP|SSL_HIGH,
753 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
754 	168,
755 	168,
756 	},
757 
758 /* Cipher 24 */
759 	{
760 	1,
761 	SSL3_TXT_KRB5_RC4_128_MD5,
762 	SSL3_CK_KRB5_RC4_128_MD5,
763 	SSL_kKRB5,
764 	SSL_aKRB5,
765 	SSL_RC4,
766 	SSL_MD5,
767 	SSL_SSLV3,
768 	SSL_NOT_EXP|SSL_MEDIUM,
769 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
770 	128,
771 	128,
772 	},
773 
774 /* Cipher 25 */
775 	{
776 	1,
777 	SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
778 	SSL3_CK_KRB5_IDEA_128_CBC_MD5,
779 	SSL_kKRB5,
780 	SSL_aKRB5,
781 	SSL_IDEA,
782 	SSL_MD5,
783 	SSL_SSLV3,
784 	SSL_NOT_EXP|SSL_MEDIUM,
785 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
786 	128,
787 	128,
788 	},
789 
790 /* Cipher 26 */
791 	{
792 	1,
793 	SSL3_TXT_KRB5_DES_40_CBC_SHA,
794 	SSL3_CK_KRB5_DES_40_CBC_SHA,
795 	SSL_kKRB5,
796 	SSL_aKRB5,
797 	SSL_DES,
798 	SSL_SHA1,
799 	SSL_SSLV3,
800 	SSL_EXPORT|SSL_EXP40,
801 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
802 	40,
803 	56,
804 	},
805 
806 /* Cipher 27 */
807 	{
808 	1,
809 	SSL3_TXT_KRB5_RC2_40_CBC_SHA,
810 	SSL3_CK_KRB5_RC2_40_CBC_SHA,
811 	SSL_kKRB5,
812 	SSL_aKRB5,
813 	SSL_RC2,
814 	SSL_SHA1,
815 	SSL_SSLV3,
816 	SSL_EXPORT|SSL_EXP40,
817 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
818 	40,
819 	128,
820 	},
821 
822 /* Cipher 28 */
823 	{
824 	1,
825 	SSL3_TXT_KRB5_RC4_40_SHA,
826 	SSL3_CK_KRB5_RC4_40_SHA,
827 	SSL_kKRB5,
828 	SSL_aKRB5,
829 	SSL_RC4,
830 	SSL_SHA1,
831 	SSL_SSLV3,
832 	SSL_EXPORT|SSL_EXP40,
833 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
834 	40,
835 	128,
836 	},
837 
838 /* Cipher 29 */
839 	{
840 	1,
841 	SSL3_TXT_KRB5_DES_40_CBC_MD5,
842 	SSL3_CK_KRB5_DES_40_CBC_MD5,
843 	SSL_kKRB5,
844 	SSL_aKRB5,
845 	SSL_DES,
846 	SSL_MD5,
847 	SSL_SSLV3,
848 	SSL_EXPORT|SSL_EXP40,
849 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
850 	40,
851 	56,
852 	},
853 
854 /* Cipher 2A */
855 	{
856 	1,
857 	SSL3_TXT_KRB5_RC2_40_CBC_MD5,
858 	SSL3_CK_KRB5_RC2_40_CBC_MD5,
859 	SSL_kKRB5,
860 	SSL_aKRB5,
861 	SSL_RC2,
862 	SSL_MD5,
863 	SSL_SSLV3,
864 	SSL_EXPORT|SSL_EXP40,
865 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
866 	40,
867 	128,
868 	},
869 
870 /* Cipher 2B */
871 	{
872 	1,
873 	SSL3_TXT_KRB5_RC4_40_MD5,
874 	SSL3_CK_KRB5_RC4_40_MD5,
875 	SSL_kKRB5,
876 	SSL_aKRB5,
877 	SSL_RC4,
878 	SSL_MD5,
879 	SSL_SSLV3,
880 	SSL_EXPORT|SSL_EXP40,
881 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
882 	40,
883 	128,
884 	},
885 #endif	/* OPENSSL_NO_KRB5 */
886 
887 /* New AES ciphersuites */
888 /* Cipher 2F */
889 	{
890 	1,
891 	TLS1_TXT_RSA_WITH_AES_128_SHA,
892 	TLS1_CK_RSA_WITH_AES_128_SHA,
893 	SSL_kRSA,
894 	SSL_aRSA,
895 	SSL_AES128,
896 	SSL_SHA1,
897 	SSL_TLSV1,
898 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
899 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
900 	128,
901 	128,
902 	},
903 /* Cipher 30 */
904 	{
905 	0,
906 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
907 	TLS1_CK_DH_DSS_WITH_AES_128_SHA,
908 	SSL_kDHd,
909 	SSL_aDH,
910 	SSL_AES128,
911 	SSL_SHA1,
912 	SSL_TLSV1,
913 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
914 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
915 	128,
916 	128,
917 	},
918 /* Cipher 31 */
919 	{
920 	0,
921 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
922 	TLS1_CK_DH_RSA_WITH_AES_128_SHA,
923 	SSL_kDHr,
924 	SSL_aDH,
925 	SSL_AES128,
926 	SSL_SHA1,
927 	SSL_TLSV1,
928 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
929 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
930 	128,
931 	128,
932 	},
933 /* Cipher 32 */
934 	{
935 	1,
936 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
937 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
938 	SSL_kEDH,
939 	SSL_aDSS,
940 	SSL_AES128,
941 	SSL_SHA1,
942 	SSL_TLSV1,
943 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
944 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
945 	128,
946 	128,
947 	},
948 /* Cipher 33 */
949 	{
950 	1,
951 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
952 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
953 	SSL_kEDH,
954 	SSL_aRSA,
955 	SSL_AES128,
956 	SSL_SHA1,
957 	SSL_TLSV1,
958 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
959 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
960 	128,
961 	128,
962 	},
963 /* Cipher 34 */
964 	{
965 	1,
966 	TLS1_TXT_ADH_WITH_AES_128_SHA,
967 	TLS1_CK_ADH_WITH_AES_128_SHA,
968 	SSL_kEDH,
969 	SSL_aNULL,
970 	SSL_AES128,
971 	SSL_SHA1,
972 	SSL_TLSV1,
973 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
974 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
975 	128,
976 	128,
977 	},
978 
979 /* Cipher 35 */
980 	{
981 	1,
982 	TLS1_TXT_RSA_WITH_AES_256_SHA,
983 	TLS1_CK_RSA_WITH_AES_256_SHA,
984 	SSL_kRSA,
985 	SSL_aRSA,
986 	SSL_AES256,
987 	SSL_SHA1,
988 	SSL_TLSV1,
989 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
990 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
991 	256,
992 	256,
993 	},
994 /* Cipher 36 */
995 	{
996 	0,
997 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
998 	TLS1_CK_DH_DSS_WITH_AES_256_SHA,
999 	SSL_kDHd,
1000 	SSL_aDH,
1001 	SSL_AES256,
1002 	SSL_SHA1,
1003 	SSL_TLSV1,
1004 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1005 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1006 	256,
1007 	256,
1008 	},
1009 
1010 /* Cipher 37 */
1011 	{
1012 	0, /* not implemented (non-ephemeral DH) */
1013 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1014 	TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1015 	SSL_kDHr,
1016 	SSL_aDH,
1017 	SSL_AES256,
1018 	SSL_SHA1,
1019 	SSL_TLSV1,
1020 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1021 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1022 	256,
1023 	256,
1024 	},
1025 
1026 /* Cipher 38 */
1027 	{
1028 	1,
1029 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1030 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1031 	SSL_kEDH,
1032 	SSL_aDSS,
1033 	SSL_AES256,
1034 	SSL_SHA1,
1035 	SSL_TLSV1,
1036 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1037 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1038 	256,
1039 	256,
1040 	},
1041 
1042 /* Cipher 39 */
1043 	{
1044 	1,
1045 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1046 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1047 	SSL_kEDH,
1048 	SSL_aRSA,
1049 	SSL_AES256,
1050 	SSL_SHA1,
1051 	SSL_TLSV1,
1052 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1053 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1054 	256,
1055 	256,
1056 	},
1057 
1058 	/* Cipher 3A */
1059 	{
1060 	1,
1061 	TLS1_TXT_ADH_WITH_AES_256_SHA,
1062 	TLS1_CK_ADH_WITH_AES_256_SHA,
1063 	SSL_kEDH,
1064 	SSL_aNULL,
1065 	SSL_AES256,
1066 	SSL_SHA1,
1067 	SSL_TLSV1,
1068 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1069 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1070 	256,
1071 	256,
1072 	},
1073 
1074 	/* TLS v1.2 ciphersuites */
1075 	/* Cipher 3B */
1076 	{
1077 	1,
1078 	TLS1_TXT_RSA_WITH_NULL_SHA256,
1079 	TLS1_CK_RSA_WITH_NULL_SHA256,
1080 	SSL_kRSA,
1081 	SSL_aRSA,
1082 	SSL_eNULL,
1083 	SSL_SHA256,
1084 	SSL_TLSV1_2,
1085 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1086 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1087 	0,
1088 	0,
1089 	},
1090 
1091 	/* Cipher 3C */
1092 	{
1093 	1,
1094 	TLS1_TXT_RSA_WITH_AES_128_SHA256,
1095 	TLS1_CK_RSA_WITH_AES_128_SHA256,
1096 	SSL_kRSA,
1097 	SSL_aRSA,
1098 	SSL_AES128,
1099 	SSL_SHA256,
1100 	SSL_TLSV1_2,
1101 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1102 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1103 	128,
1104 	128,
1105 	},
1106 
1107 	/* Cipher 3D */
1108 	{
1109 	1,
1110 	TLS1_TXT_RSA_WITH_AES_256_SHA256,
1111 	TLS1_CK_RSA_WITH_AES_256_SHA256,
1112 	SSL_kRSA,
1113 	SSL_aRSA,
1114 	SSL_AES256,
1115 	SSL_SHA256,
1116 	SSL_TLSV1_2,
1117 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1118 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1119 	256,
1120 	256,
1121 	},
1122 
1123 	/* Cipher 3E */
1124 	{
1125 	0, /* not implemented (non-ephemeral DH) */
1126 	TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1127 	TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1128 	SSL_kDHd,
1129 	SSL_aDH,
1130 	SSL_AES128,
1131 	SSL_SHA256,
1132 	SSL_TLSV1_2,
1133 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1134 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1135 	128,
1136 	128,
1137 	},
1138 
1139 	/* Cipher 3F */
1140 	{
1141 	0, /* not implemented (non-ephemeral DH) */
1142 	TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1143 	TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1144 	SSL_kDHr,
1145 	SSL_aDH,
1146 	SSL_AES128,
1147 	SSL_SHA256,
1148 	SSL_TLSV1_2,
1149 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1150 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1151 	128,
1152 	128,
1153 	},
1154 
1155 	/* Cipher 40 */
1156 	{
1157 	1,
1158 	TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1159 	TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1160 	SSL_kEDH,
1161 	SSL_aDSS,
1162 	SSL_AES128,
1163 	SSL_SHA256,
1164 	SSL_TLSV1_2,
1165 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1166 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1167 	128,
1168 	128,
1169 	},
1170 
1171 #ifndef OPENSSL_NO_CAMELLIA
1172 	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
1173 
1174 	/* Cipher 41 */
1175 	{
1176 	1,
1177 	TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1178 	TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1179 	SSL_kRSA,
1180 	SSL_aRSA,
1181 	SSL_CAMELLIA128,
1182 	SSL_SHA1,
1183 	SSL_TLSV1,
1184 	SSL_NOT_EXP|SSL_HIGH,
1185 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1186 	128,
1187 	128,
1188 	},
1189 
1190 	/* Cipher 42 */
1191 	{
1192 	0, /* not implemented (non-ephemeral DH) */
1193 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1194 	TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1195 	SSL_kDHd,
1196 	SSL_aDH,
1197 	SSL_CAMELLIA128,
1198 	SSL_SHA1,
1199 	SSL_TLSV1,
1200 	SSL_NOT_EXP|SSL_HIGH,
1201 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1202 	128,
1203 	128,
1204 	},
1205 
1206 	/* Cipher 43 */
1207 	{
1208 	0, /* not implemented (non-ephemeral DH) */
1209 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1210 	TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1211 	SSL_kDHr,
1212 	SSL_aDH,
1213 	SSL_CAMELLIA128,
1214 	SSL_SHA1,
1215 	SSL_TLSV1,
1216 	SSL_NOT_EXP|SSL_HIGH,
1217 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1218 	128,
1219 	128,
1220 	},
1221 
1222 	/* Cipher 44 */
1223 	{
1224 	1,
1225 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1226 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1227 	SSL_kEDH,
1228 	SSL_aDSS,
1229 	SSL_CAMELLIA128,
1230 	SSL_SHA1,
1231 	SSL_TLSV1,
1232 	SSL_NOT_EXP|SSL_HIGH,
1233 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1234 	128,
1235 	128,
1236 	},
1237 
1238 	/* Cipher 45 */
1239 	{
1240 	1,
1241 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1242 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1243 	SSL_kEDH,
1244 	SSL_aRSA,
1245 	SSL_CAMELLIA128,
1246 	SSL_SHA1,
1247 	SSL_TLSV1,
1248 	SSL_NOT_EXP|SSL_HIGH,
1249 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1250 	128,
1251 	128,
1252 	},
1253 
1254 	/* Cipher 46 */
1255 	{
1256 	1,
1257 	TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1258 	TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1259 	SSL_kEDH,
1260 	SSL_aNULL,
1261 	SSL_CAMELLIA128,
1262 	SSL_SHA1,
1263 	SSL_TLSV1,
1264 	SSL_NOT_EXP|SSL_HIGH,
1265 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1266 	128,
1267 	128,
1268 	},
1269 #endif /* OPENSSL_NO_CAMELLIA */
1270 
1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1272 	/* New TLS Export CipherSuites from expired ID */
1273 #if 0
1274 	/* Cipher 60 */
1275 	{
1276 	1,
1277 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1278 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1279 	SSL_kRSA,
1280 	SSL_aRSA,
1281 	SSL_RC4,
1282 	SSL_MD5,
1283 	SSL_TLSV1,
1284 	SSL_EXPORT|SSL_EXP56,
1285 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1286 	56,
1287 	128,
1288 	},
1289 
1290 	/* Cipher 61 */
1291 	{
1292 	1,
1293 	TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1294 	TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1295 	SSL_kRSA,
1296 	SSL_aRSA,
1297 	SSL_RC2,
1298 	SSL_MD5,
1299 	SSL_TLSV1,
1300 	SSL_EXPORT|SSL_EXP56,
1301 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1302 	56,
1303 	128,
1304 	},
1305 #endif
1306 
1307 	/* Cipher 62 */
1308 	{
1309 	1,
1310 	TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1311 	TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1312 	SSL_kRSA,
1313 	SSL_aRSA,
1314 	SSL_DES,
1315 	SSL_SHA1,
1316 	SSL_TLSV1,
1317 	SSL_EXPORT|SSL_EXP56,
1318 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1319 	56,
1320 	56,
1321 	},
1322 
1323 	/* Cipher 63 */
1324 	{
1325 	1,
1326 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1327 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1328 	SSL_kEDH,
1329 	SSL_aDSS,
1330 	SSL_DES,
1331 	SSL_SHA1,
1332 	SSL_TLSV1,
1333 	SSL_EXPORT|SSL_EXP56,
1334 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1335 	56,
1336 	56,
1337 	},
1338 
1339 	/* Cipher 64 */
1340 	{
1341 	1,
1342 	TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1343 	TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1344 	SSL_kRSA,
1345 	SSL_aRSA,
1346 	SSL_RC4,
1347 	SSL_SHA1,
1348 	SSL_TLSV1,
1349 	SSL_EXPORT|SSL_EXP56,
1350 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1351 	56,
1352 	128,
1353 	},
1354 
1355 	/* Cipher 65 */
1356 	{
1357 	1,
1358 	TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1359 	TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1360 	SSL_kEDH,
1361 	SSL_aDSS,
1362 	SSL_RC4,
1363 	SSL_SHA1,
1364 	SSL_TLSV1,
1365 	SSL_EXPORT|SSL_EXP56,
1366 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1367 	56,
1368 	128,
1369 	},
1370 
1371 	/* Cipher 66 */
1372 	{
1373 	1,
1374 	TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1375 	TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1376 	SSL_kEDH,
1377 	SSL_aDSS,
1378 	SSL_RC4,
1379 	SSL_SHA1,
1380 	SSL_TLSV1,
1381 	SSL_NOT_EXP|SSL_MEDIUM,
1382 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1383 	128,
1384 	128,
1385 	},
1386 #endif
1387 
1388 	/* TLS v1.2 ciphersuites */
1389 	/* Cipher 67 */
1390 	{
1391 	1,
1392 	TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1393 	TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1394 	SSL_kEDH,
1395 	SSL_aRSA,
1396 	SSL_AES128,
1397 	SSL_SHA256,
1398 	SSL_TLSV1_2,
1399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1401 	128,
1402 	128,
1403 	},
1404 
1405 	/* Cipher 68 */
1406 	{
1407 	0, /* not implemented (non-ephemeral DH) */
1408 	TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1409 	TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1410 	SSL_kDHd,
1411 	SSL_aDH,
1412 	SSL_AES256,
1413 	SSL_SHA256,
1414 	SSL_TLSV1_2,
1415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1417 	256,
1418 	256,
1419 	},
1420 
1421 	/* Cipher 69 */
1422 	{
1423 	0, /* not implemented (non-ephemeral DH) */
1424 	TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1425 	TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1426 	SSL_kDHr,
1427 	SSL_aDH,
1428 	SSL_AES256,
1429 	SSL_SHA256,
1430 	SSL_TLSV1_2,
1431 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1432 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1433 	256,
1434 	256,
1435 	},
1436 
1437 	/* Cipher 6A */
1438 	{
1439 	1,
1440 	TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1441 	TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1442 	SSL_kEDH,
1443 	SSL_aDSS,
1444 	SSL_AES256,
1445 	SSL_SHA256,
1446 	SSL_TLSV1_2,
1447 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1448 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1449 	256,
1450 	256,
1451 	},
1452 
1453 	/* Cipher 6B */
1454 	{
1455 	1,
1456 	TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1457 	TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1458 	SSL_kEDH,
1459 	SSL_aRSA,
1460 	SSL_AES256,
1461 	SSL_SHA256,
1462 	SSL_TLSV1_2,
1463 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1464 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1465 	256,
1466 	256,
1467 	},
1468 
1469 	/* Cipher 6C */
1470 	{
1471 	1,
1472 	TLS1_TXT_ADH_WITH_AES_128_SHA256,
1473 	TLS1_CK_ADH_WITH_AES_128_SHA256,
1474 	SSL_kEDH,
1475 	SSL_aNULL,
1476 	SSL_AES128,
1477 	SSL_SHA256,
1478 	SSL_TLSV1_2,
1479 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1480 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1481 	128,
1482 	128,
1483 	},
1484 
1485 	/* Cipher 6D */
1486 	{
1487 	1,
1488 	TLS1_TXT_ADH_WITH_AES_256_SHA256,
1489 	TLS1_CK_ADH_WITH_AES_256_SHA256,
1490 	SSL_kEDH,
1491 	SSL_aNULL,
1492 	SSL_AES256,
1493 	SSL_SHA256,
1494 	SSL_TLSV1_2,
1495 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1496 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1497 	256,
1498 	256,
1499 	},
1500 
1501 	/* GOST Ciphersuites */
1502 
1503 	{
1504 	1,
1505 	"GOST94-GOST89-GOST89",
1506 	0x3000080,
1507 	SSL_kGOST,
1508 	SSL_aGOST94,
1509 	SSL_eGOST2814789CNT,
1510 	SSL_GOST89MAC,
1511 	SSL_TLSV1,
1512 	SSL_NOT_EXP|SSL_HIGH,
1513 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1514 	256,
1515 	256
1516 	},
1517 	{
1518 	1,
1519 	"GOST2001-GOST89-GOST89",
1520 	0x3000081,
1521 	SSL_kGOST,
1522 	SSL_aGOST01,
1523 	SSL_eGOST2814789CNT,
1524 	SSL_GOST89MAC,
1525 	SSL_TLSV1,
1526 	SSL_NOT_EXP|SSL_HIGH,
1527 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1528 	256,
1529 	256
1530 	},
1531 	{
1532 	1,
1533 	"GOST94-NULL-GOST94",
1534 	0x3000082,
1535 	SSL_kGOST,
1536 	SSL_aGOST94,
1537 	SSL_eNULL,
1538 	SSL_GOST94,
1539 	SSL_TLSV1,
1540 	SSL_NOT_EXP|SSL_STRONG_NONE,
1541 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1542 	0,
1543 	0
1544 	},
1545 	{
1546 	1,
1547 	"GOST2001-NULL-GOST94",
1548 	0x3000083,
1549 	SSL_kGOST,
1550 	SSL_aGOST01,
1551 	SSL_eNULL,
1552 	SSL_GOST94,
1553 	SSL_TLSV1,
1554 	SSL_NOT_EXP|SSL_STRONG_NONE,
1555 	SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1556 	0,
1557 	0
1558 	},
1559 
1560 #ifndef OPENSSL_NO_CAMELLIA
1561 	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
1562 
1563 	/* Cipher 84 */
1564 	{
1565 	1,
1566 	TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1567 	TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1568 	SSL_kRSA,
1569 	SSL_aRSA,
1570 	SSL_CAMELLIA256,
1571 	SSL_SHA1,
1572 	SSL_TLSV1,
1573 	SSL_NOT_EXP|SSL_HIGH,
1574 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1575 	256,
1576 	256,
1577 	},
1578 	/* Cipher 85 */
1579 	{
1580 	0, /* not implemented (non-ephemeral DH) */
1581 	TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1582 	TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1583 	SSL_kDHd,
1584 	SSL_aDH,
1585 	SSL_CAMELLIA256,
1586 	SSL_SHA1,
1587 	SSL_TLSV1,
1588 	SSL_NOT_EXP|SSL_HIGH,
1589 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1590 	256,
1591 	256,
1592 	},
1593 
1594 	/* Cipher 86 */
1595 	{
1596 	0, /* not implemented (non-ephemeral DH) */
1597 	TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1598 	TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1599 	SSL_kDHr,
1600 	SSL_aDH,
1601 	SSL_CAMELLIA256,
1602 	SSL_SHA1,
1603 	SSL_TLSV1,
1604 	SSL_NOT_EXP|SSL_HIGH,
1605 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1606 	256,
1607 	256,
1608 	},
1609 
1610 	/* Cipher 87 */
1611 	{
1612 	1,
1613 	TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1614 	TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1615 	SSL_kEDH,
1616 	SSL_aDSS,
1617 	SSL_CAMELLIA256,
1618 	SSL_SHA1,
1619 	SSL_TLSV1,
1620 	SSL_NOT_EXP|SSL_HIGH,
1621 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1622 	256,
1623 	256,
1624 	},
1625 
1626 	/* Cipher 88 */
1627 	{
1628 	1,
1629 	TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1630 	TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1631 	SSL_kEDH,
1632 	SSL_aRSA,
1633 	SSL_CAMELLIA256,
1634 	SSL_SHA1,
1635 	SSL_TLSV1,
1636 	SSL_NOT_EXP|SSL_HIGH,
1637 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1638 	256,
1639 	256,
1640 	},
1641 
1642 	/* Cipher 89 */
1643 	{
1644 	1,
1645 	TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1646 	TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1647 	SSL_kEDH,
1648 	SSL_aNULL,
1649 	SSL_CAMELLIA256,
1650 	SSL_SHA1,
1651 	SSL_TLSV1,
1652 	SSL_NOT_EXP|SSL_HIGH,
1653 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1654 	256,
1655 	256,
1656 	},
1657 #endif /* OPENSSL_NO_CAMELLIA */
1658 
1659 #ifndef OPENSSL_NO_PSK
1660 	/* Cipher 8A */
1661 	{
1662 	1,
1663 	TLS1_TXT_PSK_WITH_RC4_128_SHA,
1664 	TLS1_CK_PSK_WITH_RC4_128_SHA,
1665 	SSL_kPSK,
1666 	SSL_aPSK,
1667 	SSL_RC4,
1668 	SSL_SHA1,
1669 	SSL_TLSV1,
1670 	SSL_NOT_EXP|SSL_MEDIUM,
1671 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1672 	128,
1673 	128,
1674 	},
1675 
1676 	/* Cipher 8B */
1677 	{
1678 	1,
1679 	TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1680 	TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1681 	SSL_kPSK,
1682 	SSL_aPSK,
1683 	SSL_3DES,
1684 	SSL_SHA1,
1685 	SSL_TLSV1,
1686 	SSL_NOT_EXP|SSL_HIGH,
1687 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1688 	168,
1689 	168,
1690 	},
1691 
1692 	/* Cipher 8C */
1693 	{
1694 	1,
1695 	TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1696 	TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1697 	SSL_kPSK,
1698 	SSL_aPSK,
1699 	SSL_AES128,
1700 	SSL_SHA1,
1701 	SSL_TLSV1,
1702 	SSL_NOT_EXP|SSL_HIGH,
1703 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1704 	128,
1705 	128,
1706 	},
1707 
1708 	/* Cipher 8D */
1709 	{
1710 	1,
1711 	TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1712 	TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1713 	SSL_kPSK,
1714 	SSL_aPSK,
1715 	SSL_AES256,
1716 	SSL_SHA1,
1717 	SSL_TLSV1,
1718 	SSL_NOT_EXP|SSL_HIGH,
1719 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1720 	256,
1721 	256,
1722 	},
1723 #endif  /* OPENSSL_NO_PSK */
1724 
1725 #ifndef OPENSSL_NO_SEED
1726 	/* SEED ciphersuites from RFC4162 */
1727 
1728 	/* Cipher 96 */
1729 	{
1730 	1,
1731 	TLS1_TXT_RSA_WITH_SEED_SHA,
1732 	TLS1_CK_RSA_WITH_SEED_SHA,
1733 	SSL_kRSA,
1734 	SSL_aRSA,
1735 	SSL_SEED,
1736 	SSL_SHA1,
1737 	SSL_TLSV1,
1738 	SSL_NOT_EXP|SSL_MEDIUM,
1739 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1740 	128,
1741 	128,
1742 	},
1743 
1744 	/* Cipher 97 */
1745 	{
1746 	0, /* not implemented (non-ephemeral DH) */
1747 	TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1748 	TLS1_CK_DH_DSS_WITH_SEED_SHA,
1749 	SSL_kDHd,
1750 	SSL_aDH,
1751 	SSL_SEED,
1752 	SSL_SHA1,
1753 	SSL_TLSV1,
1754 	SSL_NOT_EXP|SSL_MEDIUM,
1755 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1756 	128,
1757 	128,
1758 	},
1759 
1760 	/* Cipher 98 */
1761 	{
1762 	0, /* not implemented (non-ephemeral DH) */
1763 	TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1764 	TLS1_CK_DH_RSA_WITH_SEED_SHA,
1765 	SSL_kDHr,
1766 	SSL_aDH,
1767 	SSL_SEED,
1768 	SSL_SHA1,
1769 	SSL_TLSV1,
1770 	SSL_NOT_EXP|SSL_MEDIUM,
1771 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1772 	128,
1773 	128,
1774 	},
1775 
1776 	/* Cipher 99 */
1777 	{
1778 	1,
1779 	TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1780 	TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1781 	SSL_kEDH,
1782 	SSL_aDSS,
1783 	SSL_SEED,
1784 	SSL_SHA1,
1785 	SSL_TLSV1,
1786 	SSL_NOT_EXP|SSL_MEDIUM,
1787 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1788 	128,
1789 	128,
1790 	},
1791 
1792 	/* Cipher 9A */
1793 	{
1794 	1,
1795 	TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1796 	TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1797 	SSL_kEDH,
1798 	SSL_aRSA,
1799 	SSL_SEED,
1800 	SSL_SHA1,
1801 	SSL_TLSV1,
1802 	SSL_NOT_EXP|SSL_MEDIUM,
1803 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1804 	128,
1805 	128,
1806 	},
1807 
1808 	/* Cipher 9B */
1809 	{
1810 	1,
1811 	TLS1_TXT_ADH_WITH_SEED_SHA,
1812 	TLS1_CK_ADH_WITH_SEED_SHA,
1813 	SSL_kEDH,
1814 	SSL_aNULL,
1815 	SSL_SEED,
1816 	SSL_SHA1,
1817 	SSL_TLSV1,
1818 	SSL_NOT_EXP|SSL_MEDIUM,
1819 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1820 	128,
1821 	128,
1822 	},
1823 
1824 #endif /* OPENSSL_NO_SEED */
1825 
1826 	/* GCM ciphersuites from RFC5288 */
1827 
1828 	/* Cipher 9C */
1829 	{
1830 	1,
1831 	TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1832 	TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1833 	SSL_kRSA,
1834 	SSL_aRSA,
1835 	SSL_AES128GCM,
1836 	SSL_AEAD,
1837 	SSL_TLSV1_2,
1838 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1840 	128,
1841 	128,
1842 	},
1843 
1844 	/* Cipher 9D */
1845 	{
1846 	1,
1847 	TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1848 	TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1849 	SSL_kRSA,
1850 	SSL_aRSA,
1851 	SSL_AES256GCM,
1852 	SSL_AEAD,
1853 	SSL_TLSV1_2,
1854 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1855 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1856 	256,
1857 	256,
1858 	},
1859 
1860 	/* Cipher 9E */
1861 	{
1862 	1,
1863 	TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1864 	TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1865 	SSL_kEDH,
1866 	SSL_aRSA,
1867 	SSL_AES128GCM,
1868 	SSL_AEAD,
1869 	SSL_TLSV1_2,
1870 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1871 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1872 	128,
1873 	128,
1874 	},
1875 
1876 	/* Cipher 9F */
1877 	{
1878 	1,
1879 	TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1880 	TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1881 	SSL_kEDH,
1882 	SSL_aRSA,
1883 	SSL_AES256GCM,
1884 	SSL_AEAD,
1885 	SSL_TLSV1_2,
1886 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1887 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1888 	256,
1889 	256,
1890 	},
1891 
1892 	/* Cipher A0 */
1893 	{
1894 	0,
1895 	TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1896 	TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1897 	SSL_kDHr,
1898 	SSL_aDH,
1899 	SSL_AES128GCM,
1900 	SSL_AEAD,
1901 	SSL_TLSV1_2,
1902 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1904 	128,
1905 	128,
1906 	},
1907 
1908 	/* Cipher A1 */
1909 	{
1910 	0,
1911 	TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1912 	TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1913 	SSL_kDHr,
1914 	SSL_aDH,
1915 	SSL_AES256GCM,
1916 	SSL_AEAD,
1917 	SSL_TLSV1_2,
1918 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1919 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1920 	256,
1921 	256,
1922 	},
1923 
1924 	/* Cipher A2 */
1925 	{
1926 	1,
1927 	TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1928 	TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1929 	SSL_kEDH,
1930 	SSL_aDSS,
1931 	SSL_AES128GCM,
1932 	SSL_AEAD,
1933 	SSL_TLSV1_2,
1934 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1935 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1936 	128,
1937 	128,
1938 	},
1939 
1940 	/* Cipher A3 */
1941 	{
1942 	1,
1943 	TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1944 	TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1945 	SSL_kEDH,
1946 	SSL_aDSS,
1947 	SSL_AES256GCM,
1948 	SSL_AEAD,
1949 	SSL_TLSV1_2,
1950 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1951 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1952 	256,
1953 	256,
1954 	},
1955 
1956 	/* Cipher A4 */
1957 	{
1958 	0,
1959 	TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1960 	TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1961 	SSL_kDHd,
1962 	SSL_aDH,
1963 	SSL_AES128GCM,
1964 	SSL_AEAD,
1965 	SSL_TLSV1_2,
1966 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1967 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1968 	128,
1969 	128,
1970 	},
1971 
1972 	/* Cipher A5 */
1973 	{
1974 	0,
1975 	TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1976 	TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1977 	SSL_kDHd,
1978 	SSL_aDH,
1979 	SSL_AES256GCM,
1980 	SSL_AEAD,
1981 	SSL_TLSV1_2,
1982 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1983 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1984 	256,
1985 	256,
1986 	},
1987 
1988 	/* Cipher A6 */
1989 	{
1990 	1,
1991 	TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1992 	TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1993 	SSL_kEDH,
1994 	SSL_aNULL,
1995 	SSL_AES128GCM,
1996 	SSL_AEAD,
1997 	SSL_TLSV1_2,
1998 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1999 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2000 	128,
2001 	128,
2002 	},
2003 
2004 	/* Cipher A7 */
2005 	{
2006 	1,
2007 	TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2008 	TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2009 	SSL_kEDH,
2010 	SSL_aNULL,
2011 	SSL_AES256GCM,
2012 	SSL_AEAD,
2013 	SSL_TLSV1_2,
2014 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2015 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2016 	256,
2017 	256,
2018 	},
2019 
2020 #ifndef OPENSSL_NO_ECDH
2021 	/* Cipher C001 */
2022 	{
2023 	1,
2024 	TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2025 	TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2026 	SSL_kECDHe,
2027 	SSL_aECDH,
2028 	SSL_eNULL,
2029 	SSL_SHA1,
2030 	SSL_TLSV1,
2031 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2032 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2033 	0,
2034 	0,
2035 	},
2036 
2037 	/* Cipher C002 */
2038 	{
2039 	1,
2040 	TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2041 	TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2042 	SSL_kECDHe,
2043 	SSL_aECDH,
2044 	SSL_RC4,
2045 	SSL_SHA1,
2046 	SSL_TLSV1,
2047 	SSL_NOT_EXP|SSL_MEDIUM,
2048 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2049 	128,
2050 	128,
2051 	},
2052 
2053 	/* Cipher C003 */
2054 	{
2055 	1,
2056 	TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2057 	TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2058 	SSL_kECDHe,
2059 	SSL_aECDH,
2060 	SSL_3DES,
2061 	SSL_SHA1,
2062 	SSL_TLSV1,
2063 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2064 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2065 	168,
2066 	168,
2067 	},
2068 
2069 	/* Cipher C004 */
2070 	{
2071 	1,
2072 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2073 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2074 	SSL_kECDHe,
2075 	SSL_aECDH,
2076 	SSL_AES128,
2077 	SSL_SHA1,
2078 	SSL_TLSV1,
2079 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2080 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2081 	128,
2082 	128,
2083 	},
2084 
2085 	/* Cipher C005 */
2086 	{
2087 	1,
2088 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2089 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2090 	SSL_kECDHe,
2091 	SSL_aECDH,
2092 	SSL_AES256,
2093 	SSL_SHA1,
2094 	SSL_TLSV1,
2095 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2096 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2097 	256,
2098 	256,
2099 	},
2100 
2101 	/* Cipher C006 */
2102 	{
2103 	1,
2104 	TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2105 	TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2106 	SSL_kEECDH,
2107 	SSL_aECDSA,
2108 	SSL_eNULL,
2109 	SSL_SHA1,
2110 	SSL_TLSV1,
2111 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2112 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2113 	0,
2114 	0,
2115 	},
2116 
2117 	/* Cipher C007 */
2118 	{
2119 	1,
2120 	TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2121 	TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2122 	SSL_kEECDH,
2123 	SSL_aECDSA,
2124 	SSL_RC4,
2125 	SSL_SHA1,
2126 	SSL_TLSV1,
2127 	SSL_NOT_EXP|SSL_MEDIUM,
2128 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2129 	128,
2130 	128,
2131 	},
2132 
2133 	/* Cipher C008 */
2134 	{
2135 	1,
2136 	TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2137 	TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2138 	SSL_kEECDH,
2139 	SSL_aECDSA,
2140 	SSL_3DES,
2141 	SSL_SHA1,
2142 	SSL_TLSV1,
2143 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2144 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2145 	168,
2146 	168,
2147 	},
2148 
2149 	/* Cipher C009 */
2150 	{
2151 	1,
2152 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2153 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2154 	SSL_kEECDH,
2155 	SSL_aECDSA,
2156 	SSL_AES128,
2157 	SSL_SHA1,
2158 	SSL_TLSV1,
2159 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2160 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2161 	128,
2162 	128,
2163 	},
2164 
2165 	/* Cipher C00A */
2166 	{
2167 	1,
2168 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2169 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2170 	SSL_kEECDH,
2171 	SSL_aECDSA,
2172 	SSL_AES256,
2173 	SSL_SHA1,
2174 	SSL_TLSV1,
2175 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2176 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2177 	256,
2178 	256,
2179 	},
2180 
2181 	/* Cipher C00B */
2182 	{
2183 	1,
2184 	TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2185 	TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2186 	SSL_kECDHr,
2187 	SSL_aECDH,
2188 	SSL_eNULL,
2189 	SSL_SHA1,
2190 	SSL_TLSV1,
2191 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2192 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2193 	0,
2194 	0,
2195 	},
2196 
2197 	/* Cipher C00C */
2198 	{
2199 	1,
2200 	TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2201 	TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2202 	SSL_kECDHr,
2203 	SSL_aECDH,
2204 	SSL_RC4,
2205 	SSL_SHA1,
2206 	SSL_TLSV1,
2207 	SSL_NOT_EXP|SSL_MEDIUM,
2208 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2209 	128,
2210 	128,
2211 	},
2212 
2213 	/* Cipher C00D */
2214 	{
2215 	1,
2216 	TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2217 	TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2218 	SSL_kECDHr,
2219 	SSL_aECDH,
2220 	SSL_3DES,
2221 	SSL_SHA1,
2222 	SSL_TLSV1,
2223 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2224 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2225 	168,
2226 	168,
2227 	},
2228 
2229 	/* Cipher C00E */
2230 	{
2231 	1,
2232 	TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2233 	TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2234 	SSL_kECDHr,
2235 	SSL_aECDH,
2236 	SSL_AES128,
2237 	SSL_SHA1,
2238 	SSL_TLSV1,
2239 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2240 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2241 	128,
2242 	128,
2243 	},
2244 
2245 	/* Cipher C00F */
2246 	{
2247 	1,
2248 	TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2249 	TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2250 	SSL_kECDHr,
2251 	SSL_aECDH,
2252 	SSL_AES256,
2253 	SSL_SHA1,
2254 	SSL_TLSV1,
2255 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2256 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2257 	256,
2258 	256,
2259 	},
2260 
2261 	/* Cipher C010 */
2262 	{
2263 	1,
2264 	TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2265 	TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2266 	SSL_kEECDH,
2267 	SSL_aRSA,
2268 	SSL_eNULL,
2269 	SSL_SHA1,
2270 	SSL_TLSV1,
2271 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2272 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2273 	0,
2274 	0,
2275 	},
2276 
2277 	/* Cipher C011 */
2278 	{
2279 	1,
2280 	TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2281 	TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2282 	SSL_kEECDH,
2283 	SSL_aRSA,
2284 	SSL_RC4,
2285 	SSL_SHA1,
2286 	SSL_TLSV1,
2287 	SSL_NOT_EXP|SSL_MEDIUM,
2288 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2289 	128,
2290 	128,
2291 	},
2292 
2293 	/* Cipher C012 */
2294 	{
2295 	1,
2296 	TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2297 	TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2298 	SSL_kEECDH,
2299 	SSL_aRSA,
2300 	SSL_3DES,
2301 	SSL_SHA1,
2302 	SSL_TLSV1,
2303 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2304 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2305 	168,
2306 	168,
2307 	},
2308 
2309 	/* Cipher C013 */
2310 	{
2311 	1,
2312 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2313 	TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2314 	SSL_kEECDH,
2315 	SSL_aRSA,
2316 	SSL_AES128,
2317 	SSL_SHA1,
2318 	SSL_TLSV1,
2319 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2320 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2321 	128,
2322 	128,
2323 	},
2324 
2325 	/* Cipher C014 */
2326 	{
2327 	1,
2328 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2329 	TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2330 	SSL_kEECDH,
2331 	SSL_aRSA,
2332 	SSL_AES256,
2333 	SSL_SHA1,
2334 	SSL_TLSV1,
2335 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2336 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2337 	256,
2338 	256,
2339 	},
2340 
2341 	/* Cipher C015 */
2342 	{
2343 	1,
2344 	TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2345 	TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2346 	SSL_kEECDH,
2347 	SSL_aNULL,
2348 	SSL_eNULL,
2349 	SSL_SHA1,
2350 	SSL_TLSV1,
2351 	SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2352 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2353 	0,
2354 	0,
2355 	},
2356 
2357 	/* Cipher C016 */
2358 	{
2359 	1,
2360 	TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2361 	TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2362 	SSL_kEECDH,
2363 	SSL_aNULL,
2364 	SSL_RC4,
2365 	SSL_SHA1,
2366 	SSL_TLSV1,
2367 	SSL_NOT_EXP|SSL_MEDIUM,
2368 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2369 	128,
2370 	128,
2371 	},
2372 
2373 	/* Cipher C017 */
2374 	{
2375 	1,
2376 	TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2377 	TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2378 	SSL_kEECDH,
2379 	SSL_aNULL,
2380 	SSL_3DES,
2381 	SSL_SHA1,
2382 	SSL_TLSV1,
2383 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2384 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2385 	168,
2386 	168,
2387 	},
2388 
2389 	/* Cipher C018 */
2390 	{
2391 	1,
2392 	TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2393 	TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2394 	SSL_kEECDH,
2395 	SSL_aNULL,
2396 	SSL_AES128,
2397 	SSL_SHA1,
2398 	SSL_TLSV1,
2399 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2400 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2401 	128,
2402 	128,
2403 	},
2404 
2405 	/* Cipher C019 */
2406 	{
2407 	1,
2408 	TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2409 	TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2410 	SSL_kEECDH,
2411 	SSL_aNULL,
2412 	SSL_AES256,
2413 	SSL_SHA1,
2414 	SSL_TLSV1,
2415 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2416 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2417 	256,
2418 	256,
2419 	},
2420 #endif	/* OPENSSL_NO_ECDH */
2421 
2422 #ifndef OPENSSL_NO_SRP
2423 	/* Cipher C01A */
2424 	{
2425 	1,
2426 	TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2427 	TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2428 	SSL_kSRP,
2429 	SSL_aNULL,
2430 	SSL_3DES,
2431 	SSL_SHA1,
2432 	SSL_TLSV1,
2433 	SSL_NOT_EXP|SSL_HIGH,
2434 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2435 	168,
2436 	168,
2437 	},
2438 
2439 	/* Cipher C01B */
2440 	{
2441 	1,
2442 	TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2443 	TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2444 	SSL_kSRP,
2445 	SSL_aRSA,
2446 	SSL_3DES,
2447 	SSL_SHA1,
2448 	SSL_TLSV1,
2449 	SSL_NOT_EXP|SSL_HIGH,
2450 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2451 	168,
2452 	168,
2453 	},
2454 
2455 	/* Cipher C01C */
2456 	{
2457 	1,
2458 	TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2459 	TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2460 	SSL_kSRP,
2461 	SSL_aDSS,
2462 	SSL_3DES,
2463 	SSL_SHA1,
2464 	SSL_TLSV1,
2465 	SSL_NOT_EXP|SSL_HIGH,
2466 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2467 	168,
2468 	168,
2469 	},
2470 
2471 	/* Cipher C01D */
2472 	{
2473 	1,
2474 	TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2475 	TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2476 	SSL_kSRP,
2477 	SSL_aNULL,
2478 	SSL_AES128,
2479 	SSL_SHA1,
2480 	SSL_TLSV1,
2481 	SSL_NOT_EXP|SSL_HIGH,
2482 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2483 	128,
2484 	128,
2485 	},
2486 
2487 	/* Cipher C01E */
2488 	{
2489 	1,
2490 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2491 	TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2492 	SSL_kSRP,
2493 	SSL_aRSA,
2494 	SSL_AES128,
2495 	SSL_SHA1,
2496 	SSL_TLSV1,
2497 	SSL_NOT_EXP|SSL_HIGH,
2498 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2499 	128,
2500 	128,
2501 	},
2502 
2503 	/* Cipher C01F */
2504 	{
2505 	1,
2506 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2507 	TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2508 	SSL_kSRP,
2509 	SSL_aDSS,
2510 	SSL_AES128,
2511 	SSL_SHA1,
2512 	SSL_TLSV1,
2513 	SSL_NOT_EXP|SSL_HIGH,
2514 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2515 	128,
2516 	128,
2517 	},
2518 
2519 	/* Cipher C020 */
2520 	{
2521 	1,
2522 	TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2523 	TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2524 	SSL_kSRP,
2525 	SSL_aNULL,
2526 	SSL_AES256,
2527 	SSL_SHA1,
2528 	SSL_TLSV1,
2529 	SSL_NOT_EXP|SSL_HIGH,
2530 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2531 	256,
2532 	256,
2533 	},
2534 
2535 	/* Cipher C021 */
2536 	{
2537 	1,
2538 	TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2539 	TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2540 	SSL_kSRP,
2541 	SSL_aRSA,
2542 	SSL_AES256,
2543 	SSL_SHA1,
2544 	SSL_TLSV1,
2545 	SSL_NOT_EXP|SSL_HIGH,
2546 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2547 	256,
2548 	256,
2549 	},
2550 
2551 	/* Cipher C022 */
2552 	{
2553 	1,
2554 	TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2555 	TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2556 	SSL_kSRP,
2557 	SSL_aDSS,
2558 	SSL_AES256,
2559 	SSL_SHA1,
2560 	SSL_TLSV1,
2561 	SSL_NOT_EXP|SSL_HIGH,
2562 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2563 	256,
2564 	256,
2565 	},
2566 #endif  /* OPENSSL_NO_SRP */
2567 #ifndef OPENSSL_NO_ECDH
2568 
2569 	/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2570 
2571 	/* Cipher C023 */
2572 	{
2573 	1,
2574 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2575 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2576 	SSL_kEECDH,
2577 	SSL_aECDSA,
2578 	SSL_AES128,
2579 	SSL_SHA256,
2580 	SSL_TLSV1_2,
2581 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2582 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2583 	128,
2584 	128,
2585 	},
2586 
2587 	/* Cipher C024 */
2588 	{
2589 	1,
2590 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2591 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2592 	SSL_kEECDH,
2593 	SSL_aECDSA,
2594 	SSL_AES256,
2595 	SSL_SHA384,
2596 	SSL_TLSV1_2,
2597 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2598 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2599 	256,
2600 	256,
2601 	},
2602 
2603 	/* Cipher C025 */
2604 	{
2605 	1,
2606 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2607 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2608 	SSL_kECDHe,
2609 	SSL_aECDH,
2610 	SSL_AES128,
2611 	SSL_SHA256,
2612 	SSL_TLSV1_2,
2613 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2614 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2615 	128,
2616 	128,
2617 	},
2618 
2619 	/* Cipher C026 */
2620 	{
2621 	1,
2622 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2623 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2624 	SSL_kECDHe,
2625 	SSL_aECDH,
2626 	SSL_AES256,
2627 	SSL_SHA384,
2628 	SSL_TLSV1_2,
2629 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2630 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2631 	256,
2632 	256,
2633 	},
2634 
2635 	/* Cipher C027 */
2636 	{
2637 	1,
2638 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2639 	TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2640 	SSL_kEECDH,
2641 	SSL_aRSA,
2642 	SSL_AES128,
2643 	SSL_SHA256,
2644 	SSL_TLSV1_2,
2645 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2646 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2647 	128,
2648 	128,
2649 	},
2650 
2651 	/* Cipher C028 */
2652 	{
2653 	1,
2654 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2655 	TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2656 	SSL_kEECDH,
2657 	SSL_aRSA,
2658 	SSL_AES256,
2659 	SSL_SHA384,
2660 	SSL_TLSV1_2,
2661 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2662 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2663 	256,
2664 	256,
2665 	},
2666 
2667 	/* Cipher C029 */
2668 	{
2669 	1,
2670 	TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2671 	TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2672 	SSL_kECDHr,
2673 	SSL_aECDH,
2674 	SSL_AES128,
2675 	SSL_SHA256,
2676 	SSL_TLSV1_2,
2677 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2678 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2679 	128,
2680 	128,
2681 	},
2682 
2683 	/* Cipher C02A */
2684 	{
2685 	1,
2686 	TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2687 	TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2688 	SSL_kECDHr,
2689 	SSL_aECDH,
2690 	SSL_AES256,
2691 	SSL_SHA384,
2692 	SSL_TLSV1_2,
2693 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2694 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2695 	256,
2696 	256,
2697 	},
2698 
2699 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
2700 
2701 	/* Cipher C02B */
2702 	{
2703 	1,
2704 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2705 	TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2706 	SSL_kEECDH,
2707 	SSL_aECDSA,
2708 	SSL_AES128GCM,
2709 	SSL_AEAD,
2710 	SSL_TLSV1_2,
2711 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2712 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2713 	128,
2714 	128,
2715 	},
2716 
2717 	/* Cipher C02C */
2718 	{
2719 	1,
2720 	TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2721 	TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2722 	SSL_kEECDH,
2723 	SSL_aECDSA,
2724 	SSL_AES256GCM,
2725 	SSL_AEAD,
2726 	SSL_TLSV1_2,
2727 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2728 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2729 	256,
2730 	256,
2731 	},
2732 
2733 	/* Cipher C02D */
2734 	{
2735 	1,
2736 	TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2737 	TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2738 	SSL_kECDHe,
2739 	SSL_aECDH,
2740 	SSL_AES128GCM,
2741 	SSL_AEAD,
2742 	SSL_TLSV1_2,
2743 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2744 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2745 	128,
2746 	128,
2747 	},
2748 
2749 	/* Cipher C02E */
2750 	{
2751 	1,
2752 	TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2753 	TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2754 	SSL_kECDHe,
2755 	SSL_aECDH,
2756 	SSL_AES256GCM,
2757 	SSL_AEAD,
2758 	SSL_TLSV1_2,
2759 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2760 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2761 	256,
2762 	256,
2763 	},
2764 
2765 	/* Cipher C02F */
2766 	{
2767 	1,
2768 	TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2769 	TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2770 	SSL_kEECDH,
2771 	SSL_aRSA,
2772 	SSL_AES128GCM,
2773 	SSL_AEAD,
2774 	SSL_TLSV1_2,
2775 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2776 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2777 	128,
2778 	128,
2779 	},
2780 
2781 	/* Cipher C030 */
2782 	{
2783 	1,
2784 	TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2785 	TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2786 	SSL_kEECDH,
2787 	SSL_aRSA,
2788 	SSL_AES256GCM,
2789 	SSL_AEAD,
2790 	SSL_TLSV1_2,
2791 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2792 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2793 	256,
2794 	256,
2795 	},
2796 
2797 	/* Cipher C031 */
2798 	{
2799 	1,
2800 	TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2801 	TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2802 	SSL_kECDHr,
2803 	SSL_aECDH,
2804 	SSL_AES128GCM,
2805 	SSL_AEAD,
2806 	SSL_TLSV1_2,
2807 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2808 	SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2809 	128,
2810 	128,
2811 	},
2812 
2813 	/* Cipher C032 */
2814 	{
2815 	1,
2816 	TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2817 	TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2818 	SSL_kECDHr,
2819 	SSL_aECDH,
2820 	SSL_AES256GCM,
2821 	SSL_AEAD,
2822 	SSL_TLSV1_2,
2823 	SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2824 	SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2825 	256,
2826 	256,
2827 	},
2828 
2829 #endif /* OPENSSL_NO_ECDH */
2830 
2831 
2832 #ifdef TEMP_GOST_TLS
2833 /* Cipher FF00 */
2834 	{
2835 	1,
2836 	"GOST-MD5",
2837 	0x0300ff00,
2838 	SSL_kRSA,
2839 	SSL_aRSA,
2840 	SSL_eGOST2814789CNT,
2841 	SSL_MD5,
2842 	SSL_TLSV1,
2843 	SSL_NOT_EXP|SSL_HIGH,
2844 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2845 	256,
2846 	256,
2847 	},
2848 	{
2849 	1,
2850 	"GOST-GOST94",
2851 	0x0300ff01,
2852 	SSL_kRSA,
2853 	SSL_aRSA,
2854 	SSL_eGOST2814789CNT,
2855 	SSL_GOST94,
2856 	SSL_TLSV1,
2857 	SSL_NOT_EXP|SSL_HIGH,
2858 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2859 	256,
2860 	256
2861 	},
2862 	{
2863 	1,
2864 	"GOST-GOST89MAC",
2865 	0x0300ff02,
2866 	SSL_kRSA,
2867 	SSL_aRSA,
2868 	SSL_eGOST2814789CNT,
2869 	SSL_GOST89MAC,
2870 	SSL_TLSV1,
2871 	SSL_NOT_EXP|SSL_HIGH,
2872 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2873 	256,
2874 	256
2875 	},
2876 	{
2877 	1,
2878 	"GOST-GOST89STREAM",
2879 	0x0300ff03,
2880 	SSL_kRSA,
2881 	SSL_aRSA,
2882 	SSL_eGOST2814789CNT,
2883 	SSL_GOST89MAC,
2884 	SSL_TLSV1,
2885 	SSL_NOT_EXP|SSL_HIGH,
2886 	SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2887 	256,
2888 	256
2889 	},
2890 #endif
2891 
2892 /* end of list */
2893 	};
2894 
2895 SSL3_ENC_METHOD SSLv3_enc_data={
2896 	ssl3_enc,
2897 	n_ssl3_mac,
2898 	ssl3_setup_key_block,
2899 	ssl3_generate_master_secret,
2900 	ssl3_change_cipher_state,
2901 	ssl3_final_finish_mac,
2902 	MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2903 	ssl3_cert_verify_mac,
2904 	SSL3_MD_CLIENT_FINISHED_CONST,4,
2905 	SSL3_MD_SERVER_FINISHED_CONST,4,
2906 	ssl3_alert_code,
2907 	(int (*)(SSL *, unsigned char *, size_t, const char *,
2908 		 size_t, const unsigned char *, size_t,
2909 		 int use_context))ssl_undefined_function,
2910 	};
2911 
2912 long ssl3_default_timeout(void)
2913 	{
2914 	/* 2 hours, the 24 hours mentioned in the SSLv3 spec
2915 	 * is way too long for http, the cache would over fill */
2916 	return(60*60*2);
2917 	}
2918 
2919 int ssl3_num_ciphers(void)
2920 	{
2921 	return(SSL3_NUM_CIPHERS);
2922 	}
2923 
2924 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2925 	{
2926 	if (u < SSL3_NUM_CIPHERS)
2927 		return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2928 	else
2929 		return(NULL);
2930 	}
2931 
2932 int ssl3_pending(const SSL *s)
2933 	{
2934 	if (s->rstate == SSL_ST_READ_BODY)
2935 		return 0;
2936 
2937 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2938 	}
2939 
2940 int ssl3_new(SSL *s)
2941 	{
2942 	SSL3_STATE *s3;
2943 
2944 	if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2945 	memset(s3,0,sizeof *s3);
2946 	memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
2947 	memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
2948 
2949 	s->s3=s3;
2950 
2951 #ifndef OPENSSL_NO_SRP
2952 	SSL_SRP_CTX_init(s);
2953 #endif
2954 	s->method->ssl_clear(s);
2955 	return(1);
2956 err:
2957 	return(0);
2958 	}
2959 
2960 void ssl3_free(SSL *s)
2961 	{
2962 	if(s == NULL)
2963 	    return;
2964 
2965 #ifdef TLSEXT_TYPE_opaque_prf_input
2966 	if (s->s3->client_opaque_prf_input != NULL)
2967 		OPENSSL_free(s->s3->client_opaque_prf_input);
2968 	if (s->s3->server_opaque_prf_input != NULL)
2969 		OPENSSL_free(s->s3->server_opaque_prf_input);
2970 #endif
2971 
2972 	ssl3_cleanup_key_block(s);
2973 	if (s->s3->rbuf.buf != NULL)
2974 		ssl3_release_read_buffer(s);
2975 	if (s->s3->wbuf.buf != NULL)
2976 		ssl3_release_write_buffer(s);
2977 	if (s->s3->rrec.comp != NULL)
2978 		OPENSSL_free(s->s3->rrec.comp);
2979 #ifndef OPENSSL_NO_DH
2980 	if (s->s3->tmp.dh != NULL)
2981 		DH_free(s->s3->tmp.dh);
2982 #endif
2983 #ifndef OPENSSL_NO_ECDH
2984 	if (s->s3->tmp.ecdh != NULL)
2985 		EC_KEY_free(s->s3->tmp.ecdh);
2986 #endif
2987 
2988 	if (s->s3->tmp.ca_names != NULL)
2989 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2990 	if (s->s3->handshake_buffer) {
2991 		BIO_free(s->s3->handshake_buffer);
2992 	}
2993 	if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
2994 #ifndef OPENSSL_NO_SRP
2995 	SSL_SRP_CTX_free(s);
2996 #endif
2997 	OPENSSL_cleanse(s->s3,sizeof *s->s3);
2998 	OPENSSL_free(s->s3);
2999 	s->s3=NULL;
3000 	}
3001 
3002 void ssl3_clear(SSL *s)
3003 	{
3004 	unsigned char *rp,*wp;
3005 	size_t rlen, wlen;
3006 	int init_extra;
3007 
3008 #ifdef TLSEXT_TYPE_opaque_prf_input
3009 	if (s->s3->client_opaque_prf_input != NULL)
3010 		OPENSSL_free(s->s3->client_opaque_prf_input);
3011 	s->s3->client_opaque_prf_input = NULL;
3012 	if (s->s3->server_opaque_prf_input != NULL)
3013 		OPENSSL_free(s->s3->server_opaque_prf_input);
3014 	s->s3->server_opaque_prf_input = NULL;
3015 #endif
3016 
3017 	ssl3_cleanup_key_block(s);
3018 	if (s->s3->tmp.ca_names != NULL)
3019 		sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3020 
3021 	if (s->s3->rrec.comp != NULL)
3022 		{
3023 		OPENSSL_free(s->s3->rrec.comp);
3024 		s->s3->rrec.comp=NULL;
3025 		}
3026 #ifndef OPENSSL_NO_DH
3027 	if (s->s3->tmp.dh != NULL)
3028 		{
3029 		DH_free(s->s3->tmp.dh);
3030 		s->s3->tmp.dh = NULL;
3031 		}
3032 #endif
3033 #ifndef OPENSSL_NO_ECDH
3034 	if (s->s3->tmp.ecdh != NULL)
3035 		{
3036 		EC_KEY_free(s->s3->tmp.ecdh);
3037 		s->s3->tmp.ecdh = NULL;
3038 		}
3039 #endif
3040 
3041 	rp = s->s3->rbuf.buf;
3042 	wp = s->s3->wbuf.buf;
3043 	rlen = s->s3->rbuf.len;
3044  	wlen = s->s3->wbuf.len;
3045 	init_extra = s->s3->init_extra;
3046 	if (s->s3->handshake_buffer) {
3047 		BIO_free(s->s3->handshake_buffer);
3048 		s->s3->handshake_buffer = NULL;
3049 	}
3050 	if (s->s3->handshake_dgst) {
3051 		ssl3_free_digest_list(s);
3052 	}
3053 	memset(s->s3,0,sizeof *s->s3);
3054 	s->s3->rbuf.buf = rp;
3055 	s->s3->wbuf.buf = wp;
3056 	s->s3->rbuf.len = rlen;
3057  	s->s3->wbuf.len = wlen;
3058 	s->s3->init_extra = init_extra;
3059 
3060 	ssl_free_wbio_buffer(s);
3061 
3062 	s->packet_length=0;
3063 	s->s3->renegotiate=0;
3064 	s->s3->total_renegotiations=0;
3065 	s->s3->num_renegotiations=0;
3066 	s->s3->in_read_app_data=0;
3067 	s->version=SSL3_VERSION;
3068 
3069 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3070 	if (s->next_proto_negotiated)
3071 		{
3072 		OPENSSL_free(s->next_proto_negotiated);
3073 		s->next_proto_negotiated = NULL;
3074 		s->next_proto_negotiated_len = 0;
3075 		}
3076 #endif
3077 	}
3078 
3079 #ifndef OPENSSL_NO_SRP
3080 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
3081 	{
3082 	return BUF_strdup(s->srp_ctx.info) ;
3083 	}
3084 #endif
3085 
3086 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3087 	{
3088 	int ret=0;
3089 
3090 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3091 	if (
3092 #ifndef OPENSSL_NO_RSA
3093 	    cmd == SSL_CTRL_SET_TMP_RSA ||
3094 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3095 #endif
3096 #ifndef OPENSSL_NO_DSA
3097 	    cmd == SSL_CTRL_SET_TMP_DH ||
3098 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
3099 #endif
3100 		0)
3101 		{
3102 		if (!ssl_cert_inst(&s->cert))
3103 		    	{
3104 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3105 			return(0);
3106 			}
3107 		}
3108 #endif
3109 
3110 	switch (cmd)
3111 		{
3112 	case SSL_CTRL_GET_SESSION_REUSED:
3113 		ret=s->hit;
3114 		break;
3115 	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3116 		break;
3117 	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3118 		ret=s->s3->num_renegotiations;
3119 		break;
3120 	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3121 		ret=s->s3->num_renegotiations;
3122 		s->s3->num_renegotiations=0;
3123 		break;
3124 	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3125 		ret=s->s3->total_renegotiations;
3126 		break;
3127 	case SSL_CTRL_GET_FLAGS:
3128 		ret=(int)(s->s3->flags);
3129 		break;
3130 #ifndef OPENSSL_NO_RSA
3131 	case SSL_CTRL_NEED_TMP_RSA:
3132 		if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3133 		    ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3134 		     (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
3135 			ret = 1;
3136 		break;
3137 	case SSL_CTRL_SET_TMP_RSA:
3138 		{
3139 			RSA *rsa = (RSA *)parg;
3140 			if (rsa == NULL)
3141 				{
3142 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3143 				return(ret);
3144 				}
3145 			if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
3146 				{
3147 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3148 				return(ret);
3149 				}
3150 			if (s->cert->rsa_tmp != NULL)
3151 				RSA_free(s->cert->rsa_tmp);
3152 			s->cert->rsa_tmp = rsa;
3153 			ret = 1;
3154 		}
3155 		break;
3156 	case SSL_CTRL_SET_TMP_RSA_CB:
3157 		{
3158 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3159 		return(ret);
3160 		}
3161 		break;
3162 #endif
3163 #ifndef OPENSSL_NO_DH
3164 	case SSL_CTRL_SET_TMP_DH:
3165 		{
3166 			DH *dh = (DH *)parg;
3167 			if (dh == NULL)
3168 				{
3169 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3170 				return(ret);
3171 				}
3172 			if ((dh = DHparams_dup(dh)) == NULL)
3173 				{
3174 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3175 				return(ret);
3176 				}
3177 			if (!(s->options & SSL_OP_SINGLE_DH_USE))
3178 				{
3179 				if (!DH_generate_key(dh))
3180 					{
3181 					DH_free(dh);
3182 					SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3183 					return(ret);
3184 					}
3185 				}
3186 			if (s->cert->dh_tmp != NULL)
3187 				DH_free(s->cert->dh_tmp);
3188 			s->cert->dh_tmp = dh;
3189 			ret = 1;
3190 		}
3191 		break;
3192 	case SSL_CTRL_SET_TMP_DH_CB:
3193 		{
3194 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3195 		return(ret);
3196 		}
3197 		break;
3198 #endif
3199 #ifndef OPENSSL_NO_ECDH
3200 	case SSL_CTRL_SET_TMP_ECDH:
3201 		{
3202 		EC_KEY *ecdh = NULL;
3203 
3204 		if (parg == NULL)
3205 			{
3206 			SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3207 			return(ret);
3208 			}
3209 		if (!EC_KEY_up_ref((EC_KEY *)parg))
3210 			{
3211 			SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3212 			return(ret);
3213 			}
3214 		ecdh = (EC_KEY *)parg;
3215 		if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
3216 			{
3217 			if (!EC_KEY_generate_key(ecdh))
3218 				{
3219 				EC_KEY_free(ecdh);
3220 				SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3221 				return(ret);
3222 				}
3223 			}
3224 		if (s->cert->ecdh_tmp != NULL)
3225 			EC_KEY_free(s->cert->ecdh_tmp);
3226 		s->cert->ecdh_tmp = ecdh;
3227 		ret = 1;
3228 		}
3229 		break;
3230 	case SSL_CTRL_SET_TMP_ECDH_CB:
3231 		{
3232 		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3233 		return(ret);
3234 		}
3235 		break;
3236 #endif /* !OPENSSL_NO_ECDH */
3237 #ifndef OPENSSL_NO_TLSEXT
3238 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3239  		if (larg == TLSEXT_NAMETYPE_host_name)
3240 			{
3241 			if (s->tlsext_hostname != NULL)
3242 				OPENSSL_free(s->tlsext_hostname);
3243 			s->tlsext_hostname = NULL;
3244 
3245 			ret = 1;
3246 			if (parg == NULL)
3247 				break;
3248 			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
3249 				{
3250 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3251 				return 0;
3252 				}
3253 			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
3254 				{
3255 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3256 				return 0;
3257 				}
3258 			}
3259 		else
3260 			{
3261 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3262 			return 0;
3263 			}
3264  		break;
3265 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3266 		s->tlsext_debug_arg=parg;
3267 		ret = 1;
3268 		break;
3269 
3270 #ifdef TLSEXT_TYPE_opaque_prf_input
3271 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3272 		if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
3273 		                   * (including the cert chain and everything) */
3274 			{
3275 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3276 			break;
3277 			}
3278 		if (s->tlsext_opaque_prf_input != NULL)
3279 			OPENSSL_free(s->tlsext_opaque_prf_input);
3280 		if ((size_t)larg == 0)
3281 			s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
3282 		else
3283 			s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
3284 		if (s->tlsext_opaque_prf_input != NULL)
3285 			{
3286 			s->tlsext_opaque_prf_input_len = (size_t)larg;
3287 			ret = 1;
3288 			}
3289 		else
3290 			s->tlsext_opaque_prf_input_len = 0;
3291 		break;
3292 #endif
3293 
3294 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3295 		s->tlsext_status_type=larg;
3296 		ret = 1;
3297 		break;
3298 
3299 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3300 		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3301 		ret = 1;
3302 		break;
3303 
3304 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3305 		s->tlsext_ocsp_exts = parg;
3306 		ret = 1;
3307 		break;
3308 
3309 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3310 		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3311 		ret = 1;
3312 		break;
3313 
3314 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3315 		s->tlsext_ocsp_ids = parg;
3316 		ret = 1;
3317 		break;
3318 
3319 	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3320 		*(unsigned char **)parg = s->tlsext_ocsp_resp;
3321 		return s->tlsext_ocsp_resplen;
3322 
3323 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3324 		if (s->tlsext_ocsp_resp)
3325 			OPENSSL_free(s->tlsext_ocsp_resp);
3326 		s->tlsext_ocsp_resp = parg;
3327 		s->tlsext_ocsp_resplen = larg;
3328 		ret = 1;
3329 		break;
3330 
3331 #ifndef OPENSSL_NO_HEARTBEATS
3332 	case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3333 		if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
3334 			ret = dtls1_heartbeat(s);
3335 		else
3336 			ret = tls1_heartbeat(s);
3337 		break;
3338 
3339 	case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3340 		ret = s->tlsext_hb_pending;
3341 		break;
3342 
3343 	case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3344 		if (larg)
3345 			s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3346 		else
3347 			s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3348 		ret = 1;
3349 		break;
3350 #endif
3351 
3352 #endif /* !OPENSSL_NO_TLSEXT */
3353 	default:
3354 		break;
3355 		}
3356 	return(ret);
3357 	}
3358 
3359 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3360 	{
3361 	int ret=0;
3362 
3363 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3364 	if (
3365 #ifndef OPENSSL_NO_RSA
3366 	    cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3367 #endif
3368 #ifndef OPENSSL_NO_DSA
3369 	    cmd == SSL_CTRL_SET_TMP_DH_CB ||
3370 #endif
3371 		0)
3372 		{
3373 		if (!ssl_cert_inst(&s->cert))
3374 			{
3375 			SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
3376 			return(0);
3377 			}
3378 		}
3379 #endif
3380 
3381 	switch (cmd)
3382 		{
3383 #ifndef OPENSSL_NO_RSA
3384 	case SSL_CTRL_SET_TMP_RSA_CB:
3385 		{
3386 		s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3387 		}
3388 		break;
3389 #endif
3390 #ifndef OPENSSL_NO_DH
3391 	case SSL_CTRL_SET_TMP_DH_CB:
3392 		{
3393 		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3394 		}
3395 		break;
3396 #endif
3397 #ifndef OPENSSL_NO_ECDH
3398 	case SSL_CTRL_SET_TMP_ECDH_CB:
3399 		{
3400 		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3401 		}
3402 		break;
3403 #endif
3404 #ifndef OPENSSL_NO_TLSEXT
3405 	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3406 		s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
3407 					unsigned char *, int, void *))fp;
3408 		break;
3409 #endif
3410 	default:
3411 		break;
3412 		}
3413 	return(ret);
3414 	}
3415 
3416 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3417 	{
3418 	CERT *cert;
3419 
3420 	cert=ctx->cert;
3421 
3422 	switch (cmd)
3423 		{
3424 #ifndef OPENSSL_NO_RSA
3425 	case SSL_CTRL_NEED_TMP_RSA:
3426 		if (	(cert->rsa_tmp == NULL) &&
3427 			((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3428 			 (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
3429 			)
3430 			return(1);
3431 		else
3432 			return(0);
3433 		/* break; */
3434 	case SSL_CTRL_SET_TMP_RSA:
3435 		{
3436 		RSA *rsa;
3437 		int i;
3438 
3439 		rsa=(RSA *)parg;
3440 		i=1;
3441 		if (rsa == NULL)
3442 			i=0;
3443 		else
3444 			{
3445 			if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
3446 				i=0;
3447 			}
3448 		if (!i)
3449 			{
3450 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
3451 			return(0);
3452 			}
3453 		else
3454 			{
3455 			if (cert->rsa_tmp != NULL)
3456 				RSA_free(cert->rsa_tmp);
3457 			cert->rsa_tmp=rsa;
3458 			return(1);
3459 			}
3460 		}
3461 		/* break; */
3462 	case SSL_CTRL_SET_TMP_RSA_CB:
3463 		{
3464 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3465 		return(0);
3466 		}
3467 		break;
3468 #endif
3469 #ifndef OPENSSL_NO_DH
3470 	case SSL_CTRL_SET_TMP_DH:
3471 		{
3472 		DH *new=NULL,*dh;
3473 
3474 		dh=(DH *)parg;
3475 		if ((new=DHparams_dup(dh)) == NULL)
3476 			{
3477 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3478 			return 0;
3479 			}
3480 		if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
3481 			{
3482 			if (!DH_generate_key(new))
3483 				{
3484 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3485 				DH_free(new);
3486 				return 0;
3487 				}
3488 			}
3489 		if (cert->dh_tmp != NULL)
3490 			DH_free(cert->dh_tmp);
3491 		cert->dh_tmp=new;
3492 		return 1;
3493 		}
3494 		/*break; */
3495 	case SSL_CTRL_SET_TMP_DH_CB:
3496 		{
3497 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3498 		return(0);
3499 		}
3500 		break;
3501 #endif
3502 #ifndef OPENSSL_NO_ECDH
3503 	case SSL_CTRL_SET_TMP_ECDH:
3504 		{
3505 		EC_KEY *ecdh = NULL;
3506 
3507 		if (parg == NULL)
3508 			{
3509 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3510 			return 0;
3511 			}
3512 		ecdh = EC_KEY_dup((EC_KEY *)parg);
3513 		if (ecdh == NULL)
3514 			{
3515 			SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3516 			return 0;
3517 			}
3518 		if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3519 			{
3520 			if (!EC_KEY_generate_key(ecdh))
3521 				{
3522 				EC_KEY_free(ecdh);
3523 				SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3524 				return 0;
3525 				}
3526 			}
3527 
3528 		if (cert->ecdh_tmp != NULL)
3529 			{
3530 			EC_KEY_free(cert->ecdh_tmp);
3531 			}
3532 		cert->ecdh_tmp = ecdh;
3533 		return 1;
3534 		}
3535 		/* break; */
3536 	case SSL_CTRL_SET_TMP_ECDH_CB:
3537 		{
3538 		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3539 		return(0);
3540 		}
3541 		break;
3542 #endif /* !OPENSSL_NO_ECDH */
3543 #ifndef OPENSSL_NO_TLSEXT
3544 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3545 		ctx->tlsext_servername_arg=parg;
3546 		break;
3547 	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3548 	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3549 		{
3550 		unsigned char *keys = parg;
3551 		if (!keys)
3552 			return 48;
3553 		if (larg != 48)
3554 			{
3555 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3556 			return 0;
3557 			}
3558 		if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3559 			{
3560 			memcpy(ctx->tlsext_tick_key_name, keys, 16);
3561 			memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3562 			memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3563 			}
3564 		else
3565 			{
3566 			memcpy(keys, ctx->tlsext_tick_key_name, 16);
3567 			memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3568 			memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3569 			}
3570 		return 1;
3571 		}
3572 
3573 #ifdef TLSEXT_TYPE_opaque_prf_input
3574 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3575 		ctx->tlsext_opaque_prf_input_callback_arg = parg;
3576 		return 1;
3577 #endif
3578 
3579 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3580 		ctx->tlsext_status_arg=parg;
3581 		return 1;
3582 		break;
3583 
3584 #ifndef OPENSSL_NO_SRP
3585 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3586 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3587 		if (ctx->srp_ctx.login != NULL)
3588 			OPENSSL_free(ctx->srp_ctx.login);
3589 		ctx->srp_ctx.login = NULL;
3590 		if (parg == NULL)
3591 			break;
3592 		if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
3593 			{
3594 			SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3595 			return 0;
3596 			}
3597 		if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3598 			{
3599 			SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3600 			return 0;
3601 			}
3602 		break;
3603 	case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3604 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3605 		ctx->srp_ctx.info=parg;
3606 		break;
3607 	case SSL_CTRL_SET_SRP_ARG:
3608 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3609 		ctx->srp_ctx.SRP_cb_arg=parg;
3610 		break;
3611 
3612 	case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3613 		ctx->srp_ctx.strength=larg;
3614 		break;
3615 #endif
3616 #endif /* !OPENSSL_NO_TLSEXT */
3617 
3618 	/* A Thawte special :-) */
3619 	case SSL_CTRL_EXTRA_CHAIN_CERT:
3620 		if (ctx->extra_certs == NULL)
3621 			{
3622 			if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3623 				return(0);
3624 			}
3625 		sk_X509_push(ctx->extra_certs,(X509 *)parg);
3626 		break;
3627 
3628 	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3629 		*(STACK_OF(X509) **)parg =  ctx->extra_certs;
3630 		break;
3631 
3632 	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3633 		if (ctx->extra_certs)
3634 			{
3635 			sk_X509_pop_free(ctx->extra_certs, X509_free);
3636 			ctx->extra_certs = NULL;
3637 			}
3638 		break;
3639 
3640 	default:
3641 		return(0);
3642 		}
3643 	return(1);
3644 	}
3645 
3646 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3647 	{
3648 	CERT *cert;
3649 
3650 	cert=ctx->cert;
3651 
3652 	switch (cmd)
3653 		{
3654 #ifndef OPENSSL_NO_RSA
3655 	case SSL_CTRL_SET_TMP_RSA_CB:
3656 		{
3657 		cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3658 		}
3659 		break;
3660 #endif
3661 #ifndef OPENSSL_NO_DH
3662 	case SSL_CTRL_SET_TMP_DH_CB:
3663 		{
3664 		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3665 		}
3666 		break;
3667 #endif
3668 #ifndef OPENSSL_NO_ECDH
3669 	case SSL_CTRL_SET_TMP_ECDH_CB:
3670 		{
3671 		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3672 		}
3673 		break;
3674 #endif
3675 #ifndef OPENSSL_NO_TLSEXT
3676 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3677 		ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3678 		break;
3679 
3680 #ifdef TLSEXT_TYPE_opaque_prf_input
3681 	case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3682 		ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
3683 		break;
3684 #endif
3685 
3686 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3687 		ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
3688 		break;
3689 
3690 	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3691 		ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
3692 						unsigned char *,
3693 						EVP_CIPHER_CTX *,
3694 						HMAC_CTX *, int))fp;
3695 		break;
3696 
3697 #ifndef OPENSSL_NO_SRP
3698 	case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3699 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3700 		ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
3701 		break;
3702 	case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3703 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3704 		ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
3705 		break;
3706 	case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3707 		ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3708 		ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
3709 		break;
3710 #endif
3711 #endif
3712 	default:
3713 		return(0);
3714 		}
3715 	return(1);
3716 	}
3717 
3718 /* This function needs to check if the ciphers required are actually
3719  * available */
3720 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3721 	{
3722 	SSL_CIPHER c;
3723 	const SSL_CIPHER *cp;
3724 	unsigned long id;
3725 
3726 	id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
3727 	c.id=id;
3728 	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3729 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
3730 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
3731 #endif
3732 	if (cp == NULL || cp->valid == 0)
3733 		return NULL;
3734 	else
3735 		return cp;
3736 	}
3737 
3738 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3739 	{
3740 	long l;
3741 
3742 	if (p != NULL)
3743 		{
3744 		l=c->id;
3745 		if ((l & 0xff000000) != 0x03000000) return(0);
3746 		p[0]=((unsigned char)(l>> 8L))&0xFF;
3747 		p[1]=((unsigned char)(l     ))&0xFF;
3748 		}
3749 	return(2);
3750 	}
3751 
3752 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3753 	     STACK_OF(SSL_CIPHER) *srvr)
3754 	{
3755 	SSL_CIPHER *c,*ret=NULL;
3756 	STACK_OF(SSL_CIPHER) *prio, *allow;
3757 	int i,ii,ok;
3758 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
3759 	unsigned int j;
3760 	int ec_ok, ec_nid;
3761 	unsigned char ec_search1 = 0, ec_search2 = 0;
3762 #endif
3763 	CERT *cert;
3764 	unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
3765 
3766 	/* Let's see which ciphers we can support */
3767 	cert=s->cert;
3768 
3769 #if 0
3770 	/* Do not set the compare functions, because this may lead to a
3771 	 * reordering by "id". We want to keep the original ordering.
3772 	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
3773 	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
3774 	 */
3775 	sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3776 	sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
3777 #endif
3778 
3779 #ifdef CIPHER_DEBUG
3780 	printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
3781 	for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
3782 		{
3783 		c=sk_SSL_CIPHER_value(srvr,i);
3784 		printf("%p:%s\n",(void *)c,c->name);
3785 		}
3786 	printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
3787 	for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
3788 	    {
3789 	    c=sk_SSL_CIPHER_value(clnt,i);
3790 	    printf("%p:%s\n",(void *)c,c->name);
3791 	    }
3792 #endif
3793 
3794 	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
3795 		{
3796 		prio = srvr;
3797 		allow = clnt;
3798 		}
3799 	else
3800 		{
3801 		prio = clnt;
3802 		allow = srvr;
3803 		}
3804 
3805 	for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
3806 		{
3807 		c=sk_SSL_CIPHER_value(prio,i);
3808 
3809 		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
3810 		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
3811 			(TLS1_get_version(s) < TLS1_2_VERSION))
3812 			continue;
3813 
3814 		ssl_set_cert_masks(cert,c);
3815 		mask_k = cert->mask_k;
3816 		mask_a = cert->mask_a;
3817 		emask_k = cert->export_mask_k;
3818 		emask_a = cert->export_mask_a;
3819 #ifndef OPENSSL_NO_SRP
3820 		mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
3821 		emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
3822 #endif
3823 
3824 #ifdef KSSL_DEBUG
3825 /*		printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
3826 #endif    /* KSSL_DEBUG */
3827 
3828 		alg_k=c->algorithm_mkey;
3829 		alg_a=c->algorithm_auth;
3830 
3831 #ifndef OPENSSL_NO_KRB5
3832 		if (alg_k & SSL_kKRB5)
3833 			{
3834 			if ( !kssl_keytab_is_available(s->kssl_ctx) )
3835 			    continue;
3836 			}
3837 #endif /* OPENSSL_NO_KRB5 */
3838 #ifndef OPENSSL_NO_PSK
3839 		/* with PSK there must be server callback set */
3840 		if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
3841 			continue;
3842 #endif /* OPENSSL_NO_PSK */
3843 
3844 		if (SSL_C_IS_EXPORT(c))
3845 			{
3846 			ok = (alg_k & emask_k) && (alg_a & emask_a);
3847 #ifdef CIPHER_DEBUG
3848 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
3849 			       (void *)c,c->name);
3850 #endif
3851 			}
3852 		else
3853 			{
3854 			ok = (alg_k & mask_k) && (alg_a & mask_a);
3855 #ifdef CIPHER_DEBUG
3856 			printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
3857 			       c->name);
3858 #endif
3859 			}
3860 
3861 #ifndef OPENSSL_NO_TLSEXT
3862 #ifndef OPENSSL_NO_EC
3863 		if (
3864 			/* if we are considering an ECC cipher suite that uses our certificate */
3865 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3866 			/* and we have an ECC certificate */
3867 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3868 			/* and the client specified a Supported Point Formats extension */
3869 			&& ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
3870 			/* and our certificate's point is compressed */
3871 			&& (
3872 				(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
3873 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
3874 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
3875 				&& (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
3876 				&& (
3877 					(*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
3878 					|| (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
3879 					)
3880 				)
3881 		)
3882 			{
3883 			ec_ok = 0;
3884 			/* if our certificate's curve is over a field type that the client does not support
3885 			 * then do not allow this cipher suite to be negotiated */
3886 			if (
3887 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3888 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3889 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3890 				&& (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3891 			)
3892 				{
3893 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3894 					{
3895 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
3896 						{
3897 						ec_ok = 1;
3898 						break;
3899 						}
3900 					}
3901 				}
3902 			else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3903 				{
3904 				for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3905 					{
3906 					if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
3907 						{
3908 						ec_ok = 1;
3909 						break;
3910 						}
3911 					}
3912 				}
3913 			ok = ok && ec_ok;
3914 			}
3915 		if (
3916 			/* if we are considering an ECC cipher suite that uses our certificate */
3917 			(alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3918 			/* and we have an ECC certificate */
3919 			&& (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3920 			/* and the client specified an EllipticCurves extension */
3921 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3922 		)
3923 			{
3924 			ec_ok = 0;
3925 			if (
3926 				(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3927 				&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3928 			)
3929 				{
3930 				ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
3931 				if ((ec_nid == 0)
3932 					&& (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3933 				)
3934 					{
3935 					if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3936 						{
3937 						ec_search1 = 0xFF;
3938 						ec_search2 = 0x01;
3939 						}
3940 					else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3941 						{
3942 						ec_search1 = 0xFF;
3943 						ec_search2 = 0x02;
3944 						}
3945 					}
3946 				else
3947 					{
3948 					ec_search1 = 0x00;
3949 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3950 					}
3951 				if ((ec_search1 != 0) || (ec_search2 != 0))
3952 					{
3953 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
3954 						{
3955 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
3956 							{
3957 							ec_ok = 1;
3958 							break;
3959 							}
3960 						}
3961 					}
3962 				}
3963 			ok = ok && ec_ok;
3964 			}
3965 		if (
3966 			/* if we are considering an ECC cipher suite that uses an ephemeral EC key */
3967 			(alg_k & SSL_kEECDH)
3968 			/* and we have an ephemeral EC key */
3969 			&& (s->cert->ecdh_tmp != NULL)
3970 			/* and the client specified an EllipticCurves extension */
3971 			&& ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3972 		)
3973 			{
3974 			ec_ok = 0;
3975 			if (s->cert->ecdh_tmp->group != NULL)
3976 				{
3977 				ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
3978 				if ((ec_nid == 0)
3979 					&& (s->cert->ecdh_tmp->group->meth != NULL)
3980 				)
3981 					{
3982 					if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
3983 						{
3984 						ec_search1 = 0xFF;
3985 						ec_search2 = 0x01;
3986 						}
3987 					else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
3988 						{
3989 						ec_search1 = 0xFF;
3990 						ec_search2 = 0x02;
3991 						}
3992 					}
3993 				else
3994 					{
3995 					ec_search1 = 0x00;
3996 					ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3997 					}
3998 				if ((ec_search1 != 0) || (ec_search2 != 0))
3999 					{
4000 					for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
4001 						{
4002 						if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
4003 							{
4004 							ec_ok = 1;
4005 							break;
4006 							}
4007 						}
4008 					}
4009 				}
4010 			ok = ok && ec_ok;
4011 			}
4012 #endif /* OPENSSL_NO_EC */
4013 #endif /* OPENSSL_NO_TLSEXT */
4014 
4015 		if (!ok) continue;
4016 		ii=sk_SSL_CIPHER_find(allow,c);
4017 		if (ii >= 0)
4018 			{
4019 			ret=sk_SSL_CIPHER_value(allow,ii);
4020 			break;
4021 			}
4022 		}
4023 	return(ret);
4024 	}
4025 
4026 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
4027 	{
4028 	int ret=0;
4029 	unsigned long alg_k;
4030 
4031 	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4032 
4033 #ifndef OPENSSL_NO_GOST
4034 	if (s->version >= TLS1_VERSION)
4035 		{
4036 		if (alg_k & SSL_kGOST)
4037 			{
4038 			p[ret++]=TLS_CT_GOST94_SIGN;
4039 			p[ret++]=TLS_CT_GOST01_SIGN;
4040 			return(ret);
4041 			}
4042 		}
4043 #endif
4044 
4045 #ifndef OPENSSL_NO_DH
4046 	if (alg_k & (SSL_kDHr|SSL_kEDH))
4047 		{
4048 #  ifndef OPENSSL_NO_RSA
4049 		p[ret++]=SSL3_CT_RSA_FIXED_DH;
4050 #  endif
4051 #  ifndef OPENSSL_NO_DSA
4052 		p[ret++]=SSL3_CT_DSS_FIXED_DH;
4053 #  endif
4054 		}
4055 	if ((s->version == SSL3_VERSION) &&
4056 		(alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
4057 		{
4058 #  ifndef OPENSSL_NO_RSA
4059 		p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
4060 #  endif
4061 #  ifndef OPENSSL_NO_DSA
4062 		p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
4063 #  endif
4064 		}
4065 #endif /* !OPENSSL_NO_DH */
4066 #ifndef OPENSSL_NO_RSA
4067 	p[ret++]=SSL3_CT_RSA_SIGN;
4068 #endif
4069 #ifndef OPENSSL_NO_DSA
4070 	p[ret++]=SSL3_CT_DSS_SIGN;
4071 #endif
4072 #ifndef OPENSSL_NO_ECDH
4073 	if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
4074 		{
4075 		p[ret++]=TLS_CT_RSA_FIXED_ECDH;
4076 		p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
4077 		}
4078 #endif
4079 
4080 #ifndef OPENSSL_NO_ECDSA
4081 	/* ECDSA certs can be used with RSA cipher suites as well
4082 	 * so we don't need to check for SSL_kECDH or SSL_kEECDH
4083 	 */
4084 	if (s->version >= TLS1_VERSION)
4085 		{
4086 		p[ret++]=TLS_CT_ECDSA_SIGN;
4087 		}
4088 #endif
4089 	return(ret);
4090 	}
4091 
4092 int ssl3_shutdown(SSL *s)
4093 	{
4094 	int ret;
4095 
4096 	/* Don't do anything much if we have not done the handshake or
4097 	 * we don't want to send messages :-) */
4098 	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
4099 		{
4100 		s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
4101 		return(1);
4102 		}
4103 
4104 	if (!(s->shutdown & SSL_SENT_SHUTDOWN))
4105 		{
4106 		s->shutdown|=SSL_SENT_SHUTDOWN;
4107 #if 1
4108 		ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
4109 #endif
4110 		/* our shutdown alert has been sent now, and if it still needs
4111 	 	 * to be written, s->s3->alert_dispatch will be true */
4112 	 	if (s->s3->alert_dispatch)
4113 	 		return(-1);	/* return WANT_WRITE */
4114 		}
4115 	else if (s->s3->alert_dispatch)
4116 		{
4117 		/* resend it if not sent */
4118 #if 1
4119 		ret=s->method->ssl_dispatch_alert(s);
4120 		if(ret == -1)
4121 			{
4122 			/* we only get to return -1 here the 2nd/Nth
4123 			 * invocation, we must  have already signalled
4124 			 * return 0 upon a previous invoation,
4125 			 * return WANT_WRITE */
4126 			return(ret);
4127 			}
4128 #endif
4129 		}
4130 	else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4131 		{
4132 		/* If we are waiting for a close from our peer, we are closed */
4133 		s->method->ssl_read_bytes(s,0,NULL,0,0);
4134 		if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4135 			{
4136 			return(-1);	/* return WANT_READ */
4137 			}
4138 		}
4139 
4140 	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
4141 		!s->s3->alert_dispatch)
4142 		return(1);
4143 	else
4144 		return(0);
4145 	}
4146 
4147 int ssl3_write(SSL *s, const void *buf, int len)
4148 	{
4149 	int ret,n;
4150 
4151 #if 0
4152 	if (s->shutdown & SSL_SEND_SHUTDOWN)
4153 		{
4154 		s->rwstate=SSL_NOTHING;
4155 		return(0);
4156 		}
4157 #endif
4158 	clear_sys_error();
4159 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4160 
4161 	/* This is an experimental flag that sends the
4162 	 * last handshake message in the same packet as the first
4163 	 * use data - used to see if it helps the TCP protocol during
4164 	 * session-id reuse */
4165 	/* The second test is because the buffer may have been removed */
4166 	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
4167 		{
4168 		/* First time through, we write into the buffer */
4169 		if (s->s3->delay_buf_pop_ret == 0)
4170 			{
4171 			ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4172 					     buf,len);
4173 			if (ret <= 0) return(ret);
4174 
4175 			s->s3->delay_buf_pop_ret=ret;
4176 			}
4177 
4178 		s->rwstate=SSL_WRITING;
4179 		n=BIO_flush(s->wbio);
4180 		if (n <= 0) return(n);
4181 		s->rwstate=SSL_NOTHING;
4182 
4183 		/* We have flushed the buffer, so remove it */
4184 		ssl_free_wbio_buffer(s);
4185 		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
4186 
4187 		ret=s->s3->delay_buf_pop_ret;
4188 		s->s3->delay_buf_pop_ret=0;
4189 		}
4190 	else
4191 		{
4192 		ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4193 			buf,len);
4194 		if (ret <= 0) return(ret);
4195 		}
4196 
4197 	return(ret);
4198 	}
4199 
4200 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
4201 	{
4202 	int ret;
4203 
4204 	clear_sys_error();
4205 	if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4206 	s->s3->in_read_app_data=1;
4207 	ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4208 	if ((ret == -1) && (s->s3->in_read_app_data == 2))
4209 		{
4210 		/* ssl3_read_bytes decided to call s->handshake_func, which
4211 		 * called ssl3_read_bytes to read handshake data.
4212 		 * However, ssl3_read_bytes actually found application data
4213 		 * and thinks that application data makes sense here; so disable
4214 		 * handshake processing and try to read application data again. */
4215 		s->in_handshake++;
4216 		ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4217 		s->in_handshake--;
4218 		}
4219 	else
4220 		s->s3->in_read_app_data=0;
4221 
4222 	return(ret);
4223 	}
4224 
4225 int ssl3_read(SSL *s, void *buf, int len)
4226 	{
4227 	return ssl3_read_internal(s, buf, len, 0);
4228 	}
4229 
4230 int ssl3_peek(SSL *s, void *buf, int len)
4231 	{
4232 	return ssl3_read_internal(s, buf, len, 1);
4233 	}
4234 
4235 int ssl3_renegotiate(SSL *s)
4236 	{
4237 	if (s->handshake_func == NULL)
4238 		return(1);
4239 
4240 	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4241 		return(0);
4242 
4243 	s->s3->renegotiate=1;
4244 	return(1);
4245 	}
4246 
4247 int ssl3_renegotiate_check(SSL *s)
4248 	{
4249 	int ret=0;
4250 
4251 	if (s->s3->renegotiate)
4252 		{
4253 		if (	(s->s3->rbuf.left == 0) &&
4254 			(s->s3->wbuf.left == 0) &&
4255 			!SSL_in_init(s))
4256 			{
4257 /*
4258 if we are the server, and we have sent a 'RENEGOTIATE' message, we
4259 need to go to SSL_ST_ACCEPT.
4260 */
4261 			/* SSL_ST_ACCEPT */
4262 			s->state=SSL_ST_RENEGOTIATE;
4263 			s->s3->renegotiate=0;
4264 			s->s3->num_renegotiations++;
4265 			s->s3->total_renegotiations++;
4266 			ret=1;
4267 			}
4268 		}
4269 	return(ret);
4270 	}
4271 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
4272  * to new SHA256 PRF and handshake macs
4273  */
4274 long ssl_get_algorithm2(SSL *s)
4275 	{
4276 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
4277 	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
4278 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
4279 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4280 	return alg2;
4281 	}
4282 
4283