Enable PSK in FIPS mode.
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #include <openssl/md5.h>
156 #ifndef OPENSSL_NO_DH
157 #include <openssl/dh.h>
158 #endif
159
160 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
161
162 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
163
164 /* list of available SSLv3 ciphers (sorted by id) */
165 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
166
167 /* The RSA ciphers */
168 /* Cipher 01 */
169         {
170         1,
171         SSL3_TXT_RSA_NULL_MD5,
172         SSL3_CK_RSA_NULL_MD5,
173         SSL_kRSA,
174         SSL_aRSA,
175         SSL_eNULL,
176         SSL_MD5,
177         SSL_SSLV3,
178         SSL_NOT_EXP|SSL_STRONG_NONE,
179         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
180         0,
181         0,
182         },
183
184 /* Cipher 02 */
185         {
186         1,
187         SSL3_TXT_RSA_NULL_SHA,
188         SSL3_CK_RSA_NULL_SHA,
189         SSL_kRSA,
190         SSL_aRSA,
191         SSL_eNULL,
192         SSL_SHA1,
193         SSL_SSLV3,
194         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
195         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
196         0,
197         0,
198         },
199
200 /* Cipher 03 */
201         {
202         1,
203         SSL3_TXT_RSA_RC4_40_MD5,
204         SSL3_CK_RSA_RC4_40_MD5,
205         SSL_kRSA,
206         SSL_aRSA,
207         SSL_RC4,
208         SSL_MD5,
209         SSL_SSLV3,
210         SSL_EXPORT|SSL_EXP40,
211         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
212         40,
213         128,
214         },
215
216 /* Cipher 04 */
217         {
218         1,
219         SSL3_TXT_RSA_RC4_128_MD5,
220         SSL3_CK_RSA_RC4_128_MD5,
221         SSL_kRSA,
222         SSL_aRSA,
223         SSL_RC4,
224         SSL_MD5,
225         SSL_SSLV3,
226         SSL_NOT_EXP|SSL_MEDIUM,
227         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
228         128,
229         128,
230         },
231
232 /* Cipher 05 */
233         {
234         1,
235         SSL3_TXT_RSA_RC4_128_SHA,
236         SSL3_CK_RSA_RC4_128_SHA,
237         SSL_kRSA,
238         SSL_aRSA,
239         SSL_RC4,
240         SSL_SHA1,
241         SSL_SSLV3,
242         SSL_NOT_EXP|SSL_MEDIUM,
243         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
244         128,
245         128,
246         },
247
248 /* Cipher 06 */
249         {
250         1,
251         SSL3_TXT_RSA_RC2_40_MD5,
252         SSL3_CK_RSA_RC2_40_MD5,
253         SSL_kRSA,
254         SSL_aRSA,
255         SSL_RC2,
256         SSL_MD5,
257         SSL_SSLV3,
258         SSL_EXPORT|SSL_EXP40,
259         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
260         40,
261         128,
262         },
263
264 /* Cipher 07 */
265 #ifndef OPENSSL_NO_IDEA
266         {
267         1,
268         SSL3_TXT_RSA_IDEA_128_SHA,
269         SSL3_CK_RSA_IDEA_128_SHA,
270         SSL_kRSA,
271         SSL_aRSA,
272         SSL_IDEA,
273         SSL_SHA1,
274         SSL_SSLV3,
275         SSL_NOT_EXP|SSL_MEDIUM,
276         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
277         128,
278         128,
279         },
280 #endif
281
282 /* Cipher 08 */
283         {
284         1,
285         SSL3_TXT_RSA_DES_40_CBC_SHA,
286         SSL3_CK_RSA_DES_40_CBC_SHA,
287         SSL_kRSA,
288         SSL_aRSA,
289         SSL_DES,
290         SSL_SHA1,
291         SSL_SSLV3,
292         SSL_EXPORT|SSL_EXP40,
293         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
294         40,
295         56,
296         },
297
298 /* Cipher 09 */
299         {
300         1,
301         SSL3_TXT_RSA_DES_64_CBC_SHA,
302         SSL3_CK_RSA_DES_64_CBC_SHA,
303         SSL_kRSA,
304         SSL_aRSA,
305         SSL_DES,
306         SSL_SHA1,
307         SSL_SSLV3,
308         SSL_NOT_EXP|SSL_LOW,
309         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
310         56,
311         56,
312         },
313
314 /* Cipher 0A */
315         {
316         1,
317         SSL3_TXT_RSA_DES_192_CBC3_SHA,
318         SSL3_CK_RSA_DES_192_CBC3_SHA,
319         SSL_kRSA,
320         SSL_aRSA,
321         SSL_3DES,
322         SSL_SHA1,
323         SSL_SSLV3,
324         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
325         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
326         168,
327         168,
328         },
329
330 /* The DH ciphers */
331 /* Cipher 0B */
332         {
333         1,
334         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
335         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
336         SSL_kDHd,
337         SSL_aDH,
338         SSL_DES,
339         SSL_SHA1,
340         SSL_SSLV3,
341         SSL_EXPORT|SSL_EXP40,
342         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
343         40,
344         56,
345         },
346
347 /* Cipher 0C */
348         {
349         1,
350         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
351         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
352         SSL_kDHd,
353         SSL_aDH,
354         SSL_DES,
355         SSL_SHA1,
356         SSL_SSLV3,
357         SSL_NOT_EXP|SSL_LOW,
358         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
359         56,
360         56,
361         },
362
363 /* Cipher 0D */
364         {
365         1,
366         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
367         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
368         SSL_kDHd,
369         SSL_aDH,
370         SSL_3DES,
371         SSL_SHA1,
372         SSL_SSLV3,
373         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
374         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
375         168,
376         168,
377         },
378
379 /* Cipher 0E */
380         {
381         1,
382         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
383         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
384         SSL_kDHr,
385         SSL_aDH,
386         SSL_DES,
387         SSL_SHA1,
388         SSL_SSLV3,
389         SSL_EXPORT|SSL_EXP40,
390         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
391         40,
392         56,
393         },
394
395 /* Cipher 0F */
396         {
397         1,
398         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
399         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
400         SSL_kDHr,
401         SSL_aDH,
402         SSL_DES,
403         SSL_SHA1,
404         SSL_SSLV3,
405         SSL_NOT_EXP|SSL_LOW,
406         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
407         56,
408         56,
409         },
410
411 /* Cipher 10 */
412         {
413         1,
414         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
415         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
416         SSL_kDHr,
417         SSL_aDH,
418         SSL_3DES,
419         SSL_SHA1,
420         SSL_SSLV3,
421         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
422         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
423         168,
424         168,
425         },
426
427 /* The Ephemeral DH ciphers */
428 /* Cipher 11 */
429         {
430         1,
431         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
432         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
433         SSL_kEDH,
434         SSL_aDSS,
435         SSL_DES,
436         SSL_SHA1,
437         SSL_SSLV3,
438         SSL_EXPORT|SSL_EXP40,
439         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
440         40,
441         56,
442         },
443
444 /* Cipher 12 */
445         {
446         1,
447         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
448         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
449         SSL_kEDH,
450         SSL_aDSS,
451         SSL_DES,
452         SSL_SHA1,
453         SSL_SSLV3,
454         SSL_NOT_EXP|SSL_LOW,
455         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
456         56,
457         56,
458         },
459
460 /* Cipher 13 */
461         {
462         1,
463         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
464         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
465         SSL_kEDH,
466         SSL_aDSS,
467         SSL_3DES,
468         SSL_SHA1,
469         SSL_SSLV3,
470         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
471         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
472         168,
473         168,
474         },
475
476 /* Cipher 14 */
477         {
478         1,
479         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
480         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
481         SSL_kEDH,
482         SSL_aRSA,
483         SSL_DES,
484         SSL_SHA1,
485         SSL_SSLV3,
486         SSL_EXPORT|SSL_EXP40,
487         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
488         40,
489         56,
490         },
491
492 /* Cipher 15 */
493         {
494         1,
495         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
496         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
497         SSL_kEDH,
498         SSL_aRSA,
499         SSL_DES,
500         SSL_SHA1,
501         SSL_SSLV3,
502         SSL_NOT_EXP|SSL_LOW,
503         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
504         56,
505         56,
506         },
507
508 /* Cipher 16 */
509         {
510         1,
511         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
512         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
513         SSL_kEDH,
514         SSL_aRSA,
515         SSL_3DES,
516         SSL_SHA1,
517         SSL_SSLV3,
518         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
519         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
520         168,
521         168,
522         },
523
524 /* Cipher 17 */
525         {
526         1,
527         SSL3_TXT_ADH_RC4_40_MD5,
528         SSL3_CK_ADH_RC4_40_MD5,
529         SSL_kEDH,
530         SSL_aNULL,
531         SSL_RC4,
532         SSL_MD5,
533         SSL_SSLV3,
534         SSL_EXPORT|SSL_EXP40,
535         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
536         40,
537         128,
538         },
539
540 /* Cipher 18 */
541         {
542         1,
543         SSL3_TXT_ADH_RC4_128_MD5,
544         SSL3_CK_ADH_RC4_128_MD5,
545         SSL_kEDH,
546         SSL_aNULL,
547         SSL_RC4,
548         SSL_MD5,
549         SSL_SSLV3,
550         SSL_NOT_EXP|SSL_MEDIUM,
551         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
552         128,
553         128,
554         },
555
556 /* Cipher 19 */
557         {
558         1,
559         SSL3_TXT_ADH_DES_40_CBC_SHA,
560         SSL3_CK_ADH_DES_40_CBC_SHA,
561         SSL_kEDH,
562         SSL_aNULL,
563         SSL_DES,
564         SSL_SHA1,
565         SSL_SSLV3,
566         SSL_EXPORT|SSL_EXP40,
567         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
568         40,
569         128,
570         },
571
572 /* Cipher 1A */
573         {
574         1,
575         SSL3_TXT_ADH_DES_64_CBC_SHA,
576         SSL3_CK_ADH_DES_64_CBC_SHA,
577         SSL_kEDH,
578         SSL_aNULL,
579         SSL_DES,
580         SSL_SHA1,
581         SSL_SSLV3,
582         SSL_NOT_EXP|SSL_LOW,
583         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
584         56,
585         56,
586         },
587
588 /* Cipher 1B */
589         {
590         1,
591         SSL3_TXT_ADH_DES_192_CBC_SHA,
592         SSL3_CK_ADH_DES_192_CBC_SHA,
593         SSL_kEDH,
594         SSL_aNULL,
595         SSL_3DES,
596         SSL_SHA1,
597         SSL_SSLV3,
598         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
599         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
600         168,
601         168,
602         },
603
604 /* Fortezza ciphersuite from SSL 3.0 spec */
605 #if 0
606 /* Cipher 1C */
607         {
608         0,
609         SSL3_TXT_FZA_DMS_NULL_SHA,
610         SSL3_CK_FZA_DMS_NULL_SHA,
611         SSL_kFZA,
612         SSL_aFZA,
613         SSL_eNULL,
614         SSL_SHA1,
615         SSL_SSLV3,
616         SSL_NOT_EXP|SSL_STRONG_NONE,
617         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
618         0,
619         0,
620         },
621
622 /* Cipher 1D */
623         {
624         0,
625         SSL3_TXT_FZA_DMS_FZA_SHA,
626         SSL3_CK_FZA_DMS_FZA_SHA,
627         SSL_kFZA,
628         SSL_aFZA,
629         SSL_eFZA,
630         SSL_SHA1,
631         SSL_SSLV3,
632         SSL_NOT_EXP|SSL_STRONG_NONE,
633         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
634         0,
635         0,
636         },
637
638 /* Cipher 1E */
639         {
640         0,
641         SSL3_TXT_FZA_DMS_RC4_SHA,
642         SSL3_CK_FZA_DMS_RC4_SHA,
643         SSL_kFZA,
644         SSL_aFZA,
645         SSL_RC4,
646         SSL_SHA1,
647         SSL_SSLV3,
648         SSL_NOT_EXP|SSL_MEDIUM,
649         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
650         128,
651         128,
652         },
653 #endif
654
655 #ifndef OPENSSL_NO_KRB5
656 /* The Kerberos ciphers*/
657 /* Cipher 1E */
658         {
659         1,
660         SSL3_TXT_KRB5_DES_64_CBC_SHA,
661         SSL3_CK_KRB5_DES_64_CBC_SHA,
662         SSL_kKRB5,
663         SSL_aKRB5,
664         SSL_DES,
665         SSL_SHA1,
666         SSL_SSLV3,
667         SSL_NOT_EXP|SSL_LOW,
668         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
669         56,
670         56,
671         },
672
673 /* Cipher 1F */
674         {
675         1,
676         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
677         SSL3_CK_KRB5_DES_192_CBC3_SHA,
678         SSL_kKRB5,
679         SSL_aKRB5,
680         SSL_3DES,
681         SSL_SHA1,
682         SSL_SSLV3,
683         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
684         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
685         168,
686         168,
687         },
688
689 /* Cipher 20 */
690         {
691         1,
692         SSL3_TXT_KRB5_RC4_128_SHA,
693         SSL3_CK_KRB5_RC4_128_SHA,
694         SSL_kKRB5,
695         SSL_aKRB5,
696         SSL_RC4,
697         SSL_SHA1,
698         SSL_SSLV3,
699         SSL_NOT_EXP|SSL_MEDIUM,
700         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
701         128,
702         128,
703         },
704
705 /* Cipher 21 */
706         {
707         1,
708         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
709         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
710         SSL_kKRB5,
711         SSL_aKRB5,
712         SSL_IDEA,
713         SSL_SHA1,
714         SSL_SSLV3,
715         SSL_NOT_EXP|SSL_MEDIUM,
716         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
717         128,
718         128,
719         },
720
721 /* Cipher 22 */
722         {
723         1,
724         SSL3_TXT_KRB5_DES_64_CBC_MD5,
725         SSL3_CK_KRB5_DES_64_CBC_MD5,
726         SSL_kKRB5,
727         SSL_aKRB5,
728         SSL_DES,
729         SSL_MD5,
730         SSL_SSLV3,
731         SSL_NOT_EXP|SSL_LOW,
732         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
733         56,
734         56,
735         },
736
737 /* Cipher 23 */
738         {
739         1,
740         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
741         SSL3_CK_KRB5_DES_192_CBC3_MD5,
742         SSL_kKRB5,
743         SSL_aKRB5,
744         SSL_3DES,
745         SSL_MD5,
746         SSL_SSLV3,
747         SSL_NOT_EXP|SSL_HIGH,
748         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
749         168,
750         168,
751         },
752
753 /* Cipher 24 */
754         {
755         1,
756         SSL3_TXT_KRB5_RC4_128_MD5,
757         SSL3_CK_KRB5_RC4_128_MD5,
758         SSL_kKRB5,
759         SSL_aKRB5,
760         SSL_RC4,
761         SSL_MD5,
762         SSL_SSLV3,
763         SSL_NOT_EXP|SSL_MEDIUM,
764         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
765         128,
766         128,
767         },
768
769 /* Cipher 25 */
770         {
771         1,
772         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
773         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
774         SSL_kKRB5,
775         SSL_aKRB5,
776         SSL_IDEA,
777         SSL_MD5,
778         SSL_SSLV3,
779         SSL_NOT_EXP|SSL_MEDIUM,
780         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
781         128,
782         128,
783         },
784
785 /* Cipher 26 */
786         {
787         1,
788         SSL3_TXT_KRB5_DES_40_CBC_SHA,
789         SSL3_CK_KRB5_DES_40_CBC_SHA,
790         SSL_kKRB5,
791         SSL_aKRB5,
792         SSL_DES,
793         SSL_SHA1,
794         SSL_SSLV3,
795         SSL_EXPORT|SSL_EXP40,
796         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
797         40,
798         56,
799         },
800
801 /* Cipher 27 */
802         {
803         1,
804         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
805         SSL3_CK_KRB5_RC2_40_CBC_SHA,
806         SSL_kKRB5,
807         SSL_aKRB5,
808         SSL_RC2,
809         SSL_SHA1,
810         SSL_SSLV3,
811         SSL_EXPORT|SSL_EXP40,
812         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
813         40,
814         128,
815         },
816
817 /* Cipher 28 */
818         {
819         1,
820         SSL3_TXT_KRB5_RC4_40_SHA,
821         SSL3_CK_KRB5_RC4_40_SHA,
822         SSL_kKRB5,
823         SSL_aKRB5,
824         SSL_RC4,
825         SSL_SHA1,
826         SSL_SSLV3,
827         SSL_EXPORT|SSL_EXP40,
828         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
829         40,
830         128,
831         },
832
833 /* Cipher 29 */
834         {
835         1,
836         SSL3_TXT_KRB5_DES_40_CBC_MD5,
837         SSL3_CK_KRB5_DES_40_CBC_MD5,
838         SSL_kKRB5,
839         SSL_aKRB5,
840         SSL_DES,
841         SSL_MD5,
842         SSL_SSLV3,
843         SSL_EXPORT|SSL_EXP40,
844         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
845         40,
846         56,
847         },
848
849 /* Cipher 2A */
850         {
851         1,
852         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
853         SSL3_CK_KRB5_RC2_40_CBC_MD5,
854         SSL_kKRB5,
855         SSL_aKRB5,
856         SSL_RC2,
857         SSL_MD5,
858         SSL_SSLV3,
859         SSL_EXPORT|SSL_EXP40,
860         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
861         40,
862         128,
863         },
864
865 /* Cipher 2B */
866         {
867         1,
868         SSL3_TXT_KRB5_RC4_40_MD5,
869         SSL3_CK_KRB5_RC4_40_MD5,
870         SSL_kKRB5,
871         SSL_aKRB5,
872         SSL_RC4,
873         SSL_MD5,
874         SSL_SSLV3,
875         SSL_EXPORT|SSL_EXP40,
876         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
877         40,
878         128,
879         },
880 #endif  /* OPENSSL_NO_KRB5 */
881
882 /* New AES ciphersuites */
883 /* Cipher 2F */
884         {
885         1,
886         TLS1_TXT_RSA_WITH_AES_128_SHA,
887         TLS1_CK_RSA_WITH_AES_128_SHA,
888         SSL_kRSA,
889         SSL_aRSA,
890         SSL_AES128,
891         SSL_SHA1,
892         SSL_TLSV1,
893         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
894         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
895         128,
896         128,
897         },
898 /* Cipher 30 */
899         {
900         1,
901         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
902         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
903         SSL_kDHd,
904         SSL_aDH,
905         SSL_AES128,
906         SSL_SHA1,
907         SSL_TLSV1,
908         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
909         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
910         128,
911         128,
912         },
913 /* Cipher 31 */
914         {
915         1,
916         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
917         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
918         SSL_kDHr,
919         SSL_aDH,
920         SSL_AES128,
921         SSL_SHA1,
922         SSL_TLSV1,
923         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
924         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
925         128,
926         128,
927         },
928 /* Cipher 32 */
929         {
930         1,
931         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
932         TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
933         SSL_kEDH,
934         SSL_aDSS,
935         SSL_AES128,
936         SSL_SHA1,
937         SSL_TLSV1,
938         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
939         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
940         128,
941         128,
942         },
943 /* Cipher 33 */
944         {
945         1,
946         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
947         TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
948         SSL_kEDH,
949         SSL_aRSA,
950         SSL_AES128,
951         SSL_SHA1,
952         SSL_TLSV1,
953         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
954         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
955         128,
956         128,
957         },
958 /* Cipher 34 */
959         {
960         1,
961         TLS1_TXT_ADH_WITH_AES_128_SHA,
962         TLS1_CK_ADH_WITH_AES_128_SHA,
963         SSL_kEDH,
964         SSL_aNULL,
965         SSL_AES128,
966         SSL_SHA1,
967         SSL_TLSV1,
968         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
969         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
970         128,
971         128,
972         },
973
974 /* Cipher 35 */
975         {
976         1,
977         TLS1_TXT_RSA_WITH_AES_256_SHA,
978         TLS1_CK_RSA_WITH_AES_256_SHA,
979         SSL_kRSA,
980         SSL_aRSA,
981         SSL_AES256,
982         SSL_SHA1,
983         SSL_TLSV1,
984         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
985         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
986         256,
987         256,
988         },
989 /* Cipher 36 */
990         {
991         1,
992         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
993         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
994         SSL_kDHd,
995         SSL_aDH,
996         SSL_AES256,
997         SSL_SHA1,
998         SSL_TLSV1,
999         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1000         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1001         256,
1002         256,
1003         },
1004
1005 /* Cipher 37 */
1006         {
1007         1,
1008         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1009         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1010         SSL_kDHr,
1011         SSL_aDH,
1012         SSL_AES256,
1013         SSL_SHA1,
1014         SSL_TLSV1,
1015         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1016         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1017         256,
1018         256,
1019         },
1020
1021 /* Cipher 38 */
1022         {
1023         1,
1024         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1025         TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1026         SSL_kEDH,
1027         SSL_aDSS,
1028         SSL_AES256,
1029         SSL_SHA1,
1030         SSL_TLSV1,
1031         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1032         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1033         256,
1034         256,
1035         },
1036
1037 /* Cipher 39 */
1038         {
1039         1,
1040         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1041         TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1042         SSL_kEDH,
1043         SSL_aRSA,
1044         SSL_AES256,
1045         SSL_SHA1,
1046         SSL_TLSV1,
1047         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1048         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1049         256,
1050         256,
1051         },
1052
1053         /* Cipher 3A */
1054         {
1055         1,
1056         TLS1_TXT_ADH_WITH_AES_256_SHA,
1057         TLS1_CK_ADH_WITH_AES_256_SHA,
1058         SSL_kEDH,
1059         SSL_aNULL,
1060         SSL_AES256,
1061         SSL_SHA1,
1062         SSL_TLSV1,
1063         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1064         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1065         256,
1066         256,
1067         },
1068
1069         /* TLS v1.2 ciphersuites */
1070         /* Cipher 3B */
1071         {
1072         1,
1073         TLS1_TXT_RSA_WITH_NULL_SHA256,
1074         TLS1_CK_RSA_WITH_NULL_SHA256,
1075         SSL_kRSA,
1076         SSL_aRSA,
1077         SSL_eNULL,
1078         SSL_SHA256,
1079         SSL_TLSV1_2,
1080         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1081         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1082         0,
1083         0,
1084         },
1085
1086         /* Cipher 3C */
1087         {
1088         1,
1089         TLS1_TXT_RSA_WITH_AES_128_SHA256,
1090         TLS1_CK_RSA_WITH_AES_128_SHA256,
1091         SSL_kRSA,
1092         SSL_aRSA,
1093         SSL_AES128,
1094         SSL_SHA256,
1095         SSL_TLSV1_2,
1096         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1097         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1098         128,
1099         128,
1100         },
1101
1102         /* Cipher 3D */
1103         {
1104         1,
1105         TLS1_TXT_RSA_WITH_AES_256_SHA256,
1106         TLS1_CK_RSA_WITH_AES_256_SHA256,
1107         SSL_kRSA,
1108         SSL_aRSA,
1109         SSL_AES256,
1110         SSL_SHA256,
1111         SSL_TLSV1_2,
1112         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1113         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1114         256,
1115         256,
1116         },
1117
1118         /* Cipher 3E */
1119         {
1120         1,
1121         TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1122         TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1123         SSL_kDHd,
1124         SSL_aDH,
1125         SSL_AES128,
1126         SSL_SHA256,
1127         SSL_TLSV1_2,
1128         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1129         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1130         128,
1131         128,
1132         },
1133
1134         /* Cipher 3F */
1135         {
1136         1,
1137         TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1138         TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1139         SSL_kDHr,
1140         SSL_aDH,
1141         SSL_AES128,
1142         SSL_SHA256,
1143         SSL_TLSV1_2,
1144         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1145         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1146         128,
1147         128,
1148         },
1149
1150         /* Cipher 40 */
1151         {
1152         1,
1153         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1154         TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1155         SSL_kEDH,
1156         SSL_aDSS,
1157         SSL_AES128,
1158         SSL_SHA256,
1159         SSL_TLSV1_2,
1160         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1161         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1162         128,
1163         128,
1164         },
1165
1166 #ifndef OPENSSL_NO_CAMELLIA
1167         /* Camellia ciphersuites from RFC4132 (128-bit portion) */
1168
1169         /* Cipher 41 */
1170         {
1171         1,
1172         TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1173         TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1174         SSL_kRSA,
1175         SSL_aRSA,
1176         SSL_CAMELLIA128,
1177         SSL_SHA1,
1178         SSL_TLSV1,
1179         SSL_NOT_EXP|SSL_HIGH,
1180         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1181         128,
1182         128,
1183         },
1184
1185         /* Cipher 42 */
1186         {
1187         1,
1188         TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1189         TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1190         SSL_kDHd,
1191         SSL_aDH,
1192         SSL_CAMELLIA128,
1193         SSL_SHA1,
1194         SSL_TLSV1,
1195         SSL_NOT_EXP|SSL_HIGH,
1196         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1197         128,
1198         128,
1199         },
1200
1201         /* Cipher 43 */
1202         {
1203         1,
1204         TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1205         TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1206         SSL_kDHr,
1207         SSL_aDH,
1208         SSL_CAMELLIA128,
1209         SSL_SHA1,
1210         SSL_TLSV1,
1211         SSL_NOT_EXP|SSL_HIGH,
1212         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1213         128,
1214         128,
1215         },
1216
1217         /* Cipher 44 */
1218         {
1219         1,
1220         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1221         TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1222         SSL_kEDH,
1223         SSL_aDSS,
1224         SSL_CAMELLIA128,
1225         SSL_SHA1,
1226         SSL_TLSV1,
1227         SSL_NOT_EXP|SSL_HIGH,
1228         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1229         128,
1230         128,
1231         },
1232
1233         /* Cipher 45 */
1234         {
1235         1,
1236         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1237         TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1238         SSL_kEDH,
1239         SSL_aRSA,
1240         SSL_CAMELLIA128,
1241         SSL_SHA1,
1242         SSL_TLSV1,
1243         SSL_NOT_EXP|SSL_HIGH,
1244         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1245         128,
1246         128,
1247         },
1248
1249         /* Cipher 46 */
1250         {
1251         1,
1252         TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1253         TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1254         SSL_kEDH,
1255         SSL_aNULL,
1256         SSL_CAMELLIA128,
1257         SSL_SHA1,
1258         SSL_TLSV1,
1259         SSL_NOT_EXP|SSL_HIGH,
1260         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1261         128,
1262         128,
1263         },
1264 #endif /* OPENSSL_NO_CAMELLIA */
1265
1266 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1267         /* New TLS Export CipherSuites from expired ID */
1268 #if 0
1269         /* Cipher 60 */
1270         {
1271         1,
1272         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1273         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1274         SSL_kRSA,
1275         SSL_aRSA,
1276         SSL_RC4,
1277         SSL_MD5,
1278         SSL_TLSV1,
1279         SSL_EXPORT|SSL_EXP56,
1280         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1281         56,
1282         128,
1283         },
1284
1285         /* Cipher 61 */
1286         {
1287         1,
1288         TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1289         TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1290         SSL_kRSA,
1291         SSL_aRSA,
1292         SSL_RC2,
1293         SSL_MD5,
1294         SSL_TLSV1,
1295         SSL_EXPORT|SSL_EXP56,
1296         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1297         56,
1298         128,
1299         },
1300 #endif
1301
1302         /* Cipher 62 */
1303         {
1304         1,
1305         TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1306         TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1307         SSL_kRSA,
1308         SSL_aRSA,
1309         SSL_DES,
1310         SSL_SHA1,
1311         SSL_TLSV1,
1312         SSL_EXPORT|SSL_EXP56,
1313         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1314         56,
1315         56,
1316         },
1317
1318         /* Cipher 63 */
1319         {
1320         1,
1321         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1322         TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1323         SSL_kEDH,
1324         SSL_aDSS,
1325         SSL_DES,
1326         SSL_SHA1,
1327         SSL_TLSV1,
1328         SSL_EXPORT|SSL_EXP56,
1329         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1330         56,
1331         56,
1332         },
1333
1334         /* Cipher 64 */
1335         {
1336         1,
1337         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1338         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1339         SSL_kRSA,
1340         SSL_aRSA,
1341         SSL_RC4,
1342         SSL_SHA1,
1343         SSL_TLSV1,
1344         SSL_EXPORT|SSL_EXP56,
1345         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1346         56,
1347         128,
1348         },
1349
1350         /* Cipher 65 */
1351         {
1352         1,
1353         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1354         TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1355         SSL_kEDH,
1356         SSL_aDSS,
1357         SSL_RC4,
1358         SSL_SHA1,
1359         SSL_TLSV1,
1360         SSL_EXPORT|SSL_EXP56,
1361         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1362         56,
1363         128,
1364         },
1365
1366         /* Cipher 66 */
1367         {
1368         1,
1369         TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1370         TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1371         SSL_kEDH,
1372         SSL_aDSS,
1373         SSL_RC4,
1374         SSL_SHA1,
1375         SSL_TLSV1,
1376         SSL_NOT_EXP|SSL_MEDIUM,
1377         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1378         128,
1379         128,
1380         },
1381 #endif
1382
1383         /* TLS v1.2 ciphersuites */
1384         /* Cipher 67 */
1385         {
1386         1,
1387         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1388         TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1389         SSL_kEDH,
1390         SSL_aRSA,
1391         SSL_AES128,
1392         SSL_SHA256,
1393         SSL_TLSV1_2,
1394         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1395         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1396         128,
1397         128,
1398         },
1399
1400         /* Cipher 68 */
1401         {
1402         1,
1403         TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1404         TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1405         SSL_kDHd,
1406         SSL_aDH,
1407         SSL_AES256,
1408         SSL_SHA256,
1409         SSL_TLSV1_2,
1410         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1411         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1412         256,
1413         256,
1414         },
1415
1416         /* Cipher 69 */
1417         {
1418         1,
1419         TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1420         TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1421         SSL_kDHr,
1422         SSL_aDH,
1423         SSL_AES256,
1424         SSL_SHA256,
1425         SSL_TLSV1_2,
1426         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1427         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1428         256,
1429         256,
1430         },
1431
1432         /* Cipher 6A */
1433         {
1434         1,
1435         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1436         TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1437         SSL_kEDH,
1438         SSL_aDSS,
1439         SSL_AES256,
1440         SSL_SHA256,
1441         SSL_TLSV1_2,
1442         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1443         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1444         256,
1445         256,
1446         },
1447
1448         /* Cipher 6B */
1449         {
1450         1,
1451         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1452         TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1453         SSL_kEDH,
1454         SSL_aRSA,
1455         SSL_AES256,
1456         SSL_SHA256,
1457         SSL_TLSV1_2,
1458         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1459         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1460         256,
1461         256,
1462         },
1463
1464         /* Cipher 6C */
1465         {
1466         1,
1467         TLS1_TXT_ADH_WITH_AES_128_SHA256,
1468         TLS1_CK_ADH_WITH_AES_128_SHA256,
1469         SSL_kEDH,
1470         SSL_aNULL,
1471         SSL_AES128,
1472         SSL_SHA256,
1473         SSL_TLSV1_2,
1474         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1475         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1476         128,
1477         128,
1478         },
1479
1480         /* Cipher 6D */
1481         {
1482         1,
1483         TLS1_TXT_ADH_WITH_AES_256_SHA256,
1484         TLS1_CK_ADH_WITH_AES_256_SHA256,
1485         SSL_kEDH,
1486         SSL_aNULL,
1487         SSL_AES256,
1488         SSL_SHA256,
1489         SSL_TLSV1_2,
1490         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1491         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1492         256,
1493         256,
1494         },
1495
1496         /* GOST Ciphersuites */
1497
1498         {
1499         1,
1500         "GOST94-GOST89-GOST89",
1501         0x3000080,
1502         SSL_kGOST,
1503         SSL_aGOST94,
1504         SSL_eGOST2814789CNT,
1505         SSL_GOST89MAC,
1506         SSL_TLSV1,
1507         SSL_NOT_EXP|SSL_HIGH,
1508         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1509         256,
1510         256
1511         },
1512         {
1513         1,
1514         "GOST2001-GOST89-GOST89",
1515         0x3000081,
1516         SSL_kGOST,
1517         SSL_aGOST01,
1518         SSL_eGOST2814789CNT,
1519         SSL_GOST89MAC,
1520         SSL_TLSV1,
1521         SSL_NOT_EXP|SSL_HIGH,
1522         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1523         256,
1524         256
1525         },
1526         {
1527         1,
1528         "GOST94-NULL-GOST94",
1529         0x3000082,
1530         SSL_kGOST,
1531         SSL_aGOST94,
1532         SSL_eNULL,
1533         SSL_GOST94,
1534         SSL_TLSV1,
1535         SSL_NOT_EXP|SSL_STRONG_NONE,
1536         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1537         0,
1538         0
1539         },
1540         {
1541         1,
1542         "GOST2001-NULL-GOST94",
1543         0x3000083,
1544         SSL_kGOST,
1545         SSL_aGOST01,
1546         SSL_eNULL,
1547         SSL_GOST94,
1548         SSL_TLSV1,
1549         SSL_NOT_EXP|SSL_STRONG_NONE,
1550         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1551         0,
1552         0
1553         },
1554
1555 #ifndef OPENSSL_NO_CAMELLIA
1556         /* Camellia ciphersuites from RFC4132 (256-bit portion) */
1557
1558         /* Cipher 84 */
1559         {
1560         1,
1561         TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1562         TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1563         SSL_kRSA,
1564         SSL_aRSA,
1565         SSL_CAMELLIA256,
1566         SSL_SHA1,
1567         SSL_TLSV1,
1568         SSL_NOT_EXP|SSL_HIGH,
1569         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1570         256,
1571         256,
1572         },
1573         /* Cipher 85 */
1574         {
1575         1,
1576         TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1577         TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1578         SSL_kDHd,
1579         SSL_aDH,
1580         SSL_CAMELLIA256,
1581         SSL_SHA1,
1582         SSL_TLSV1,
1583         SSL_NOT_EXP|SSL_HIGH,
1584         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1585         256,
1586         256,
1587         },
1588
1589         /* Cipher 86 */
1590         {
1591         1,
1592         TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1593         TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1594         SSL_kDHr,
1595         SSL_aDH,
1596         SSL_CAMELLIA256,
1597         SSL_SHA1,
1598         SSL_TLSV1,
1599         SSL_NOT_EXP|SSL_HIGH,
1600         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1601         256,
1602         256,
1603         },
1604
1605         /* Cipher 87 */
1606         {
1607         1,
1608         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1609         TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1610         SSL_kEDH,
1611         SSL_aDSS,
1612         SSL_CAMELLIA256,
1613         SSL_SHA1,
1614         SSL_TLSV1,
1615         SSL_NOT_EXP|SSL_HIGH,
1616         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1617         256,
1618         256,
1619         },
1620
1621         /* Cipher 88 */
1622         {
1623         1,
1624         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1625         TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1626         SSL_kEDH,
1627         SSL_aRSA,
1628         SSL_CAMELLIA256,
1629         SSL_SHA1,
1630         SSL_TLSV1,
1631         SSL_NOT_EXP|SSL_HIGH,
1632         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1633         256,
1634         256,
1635         },
1636
1637         /* Cipher 89 */
1638         {
1639         1,
1640         TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1641         TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1642         SSL_kEDH,
1643         SSL_aNULL,
1644         SSL_CAMELLIA256,
1645         SSL_SHA1,
1646         SSL_TLSV1,
1647         SSL_NOT_EXP|SSL_HIGH,
1648         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1649         256,
1650         256,
1651         },
1652 #endif /* OPENSSL_NO_CAMELLIA */
1653
1654 #ifndef OPENSSL_NO_PSK
1655         /* Cipher 8A */
1656         {
1657         1,
1658         TLS1_TXT_PSK_WITH_RC4_128_SHA,
1659         TLS1_CK_PSK_WITH_RC4_128_SHA,
1660         SSL_kPSK,
1661         SSL_aPSK,
1662         SSL_RC4,
1663         SSL_SHA1,
1664         SSL_TLSV1,
1665         SSL_NOT_EXP|SSL_MEDIUM,
1666         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1667         128,
1668         128,
1669         },
1670
1671         /* Cipher 8B */
1672         {
1673         1,
1674         TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1675         TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1676         SSL_kPSK,
1677         SSL_aPSK,
1678         SSL_3DES,
1679         SSL_SHA1,
1680         SSL_TLSV1,
1681         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1682         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1683         168,
1684         168,
1685         },
1686
1687         /* Cipher 8C */
1688         {
1689         1,
1690         TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1691         TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1692         SSL_kPSK,
1693         SSL_aPSK,
1694         SSL_AES128,
1695         SSL_SHA1,
1696         SSL_TLSV1,
1697         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1698         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1699         128,
1700         128,
1701         },
1702
1703         /* Cipher 8D */
1704         {
1705         1,
1706         TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1707         TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1708         SSL_kPSK,
1709         SSL_aPSK,
1710         SSL_AES256,
1711         SSL_SHA1,
1712         SSL_TLSV1,
1713         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1714         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1715         256,
1716         256,
1717         },
1718 #endif  /* OPENSSL_NO_PSK */
1719
1720 #ifndef OPENSSL_NO_SEED
1721         /* SEED ciphersuites from RFC4162 */
1722
1723         /* Cipher 96 */
1724         {
1725         1,
1726         TLS1_TXT_RSA_WITH_SEED_SHA,
1727         TLS1_CK_RSA_WITH_SEED_SHA,
1728         SSL_kRSA,
1729         SSL_aRSA,
1730         SSL_SEED,
1731         SSL_SHA1,
1732         SSL_TLSV1,
1733         SSL_NOT_EXP|SSL_MEDIUM,
1734         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1735         128,
1736         128,
1737         },
1738
1739         /* Cipher 97 */
1740         {
1741         1,
1742         TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1743         TLS1_CK_DH_DSS_WITH_SEED_SHA,
1744         SSL_kDHd,
1745         SSL_aDH,
1746         SSL_SEED,
1747         SSL_SHA1,
1748         SSL_TLSV1,
1749         SSL_NOT_EXP|SSL_MEDIUM,
1750         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1751         128,
1752         128,
1753         },
1754
1755         /* Cipher 98 */
1756         {
1757         1,
1758         TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1759         TLS1_CK_DH_RSA_WITH_SEED_SHA,
1760         SSL_kDHr,
1761         SSL_aDH,
1762         SSL_SEED,
1763         SSL_SHA1,
1764         SSL_TLSV1,
1765         SSL_NOT_EXP|SSL_MEDIUM,
1766         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1767         128,
1768         128,
1769         },
1770
1771         /* Cipher 99 */
1772         {
1773         1,
1774         TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1775         TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1776         SSL_kEDH,
1777         SSL_aDSS,
1778         SSL_SEED,
1779         SSL_SHA1,
1780         SSL_TLSV1,
1781         SSL_NOT_EXP|SSL_MEDIUM,
1782         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1783         128,
1784         128,
1785         },
1786
1787         /* Cipher 9A */
1788         {
1789         1,
1790         TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1791         TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1792         SSL_kEDH,
1793         SSL_aRSA,
1794         SSL_SEED,
1795         SSL_SHA1,
1796         SSL_TLSV1,
1797         SSL_NOT_EXP|SSL_MEDIUM,
1798         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1799         128,
1800         128,
1801         },
1802
1803         /* Cipher 9B */
1804         {
1805         1,
1806         TLS1_TXT_ADH_WITH_SEED_SHA,
1807         TLS1_CK_ADH_WITH_SEED_SHA,
1808         SSL_kEDH,
1809         SSL_aNULL,
1810         SSL_SEED,
1811         SSL_SHA1,
1812         SSL_TLSV1,
1813         SSL_NOT_EXP|SSL_MEDIUM,
1814         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1815         128,
1816         128,
1817         },
1818
1819 #endif /* OPENSSL_NO_SEED */
1820
1821         /* GCM ciphersuites from RFC5288 */
1822
1823         /* Cipher 9C */
1824         {
1825         1,
1826         TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1827         TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1828         SSL_kRSA,
1829         SSL_aRSA,
1830         SSL_AES128GCM,
1831         SSL_AEAD,
1832         SSL_TLSV1_2,
1833         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1834         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1835         128,
1836         128,
1837         },
1838
1839         /* Cipher 9D */
1840         {
1841         1,
1842         TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1843         TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1844         SSL_kRSA,
1845         SSL_aRSA,
1846         SSL_AES256GCM,
1847         SSL_AEAD,
1848         SSL_TLSV1_2,
1849         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1850         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1851         256,
1852         256,
1853         },
1854
1855         /* Cipher 9E */
1856         {
1857         1,
1858         TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1859         TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1860         SSL_kEDH,
1861         SSL_aRSA,
1862         SSL_AES128GCM,
1863         SSL_AEAD,
1864         SSL_TLSV1_2,
1865         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1866         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1867         128,
1868         128,
1869         },
1870
1871         /* Cipher 9F */
1872         {
1873         1,
1874         TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1875         TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1876         SSL_kEDH,
1877         SSL_aRSA,
1878         SSL_AES256GCM,
1879         SSL_AEAD,
1880         SSL_TLSV1_2,
1881         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1882         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1883         256,
1884         256,
1885         },
1886
1887         /* Cipher A0 */
1888         {
1889         1,
1890         TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1891         TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1892         SSL_kDHr,
1893         SSL_aDH,
1894         SSL_AES128GCM,
1895         SSL_AEAD,
1896         SSL_TLSV1_2,
1897         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1898         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1899         128,
1900         128,
1901         },
1902
1903         /* Cipher A1 */
1904         {
1905         1,
1906         TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1907         TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1908         SSL_kDHr,
1909         SSL_aDH,
1910         SSL_AES256GCM,
1911         SSL_AEAD,
1912         SSL_TLSV1_2,
1913         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1914         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1915         256,
1916         256,
1917         },
1918
1919         /* Cipher A2 */
1920         {
1921         1,
1922         TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1923         TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1924         SSL_kEDH,
1925         SSL_aDSS,
1926         SSL_AES128GCM,
1927         SSL_AEAD,
1928         SSL_TLSV1_2,
1929         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1930         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1931         128,
1932         128,
1933         },
1934
1935         /* Cipher A3 */
1936         {
1937         1,
1938         TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1939         TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1940         SSL_kEDH,
1941         SSL_aDSS,
1942         SSL_AES256GCM,
1943         SSL_AEAD,
1944         SSL_TLSV1_2,
1945         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1946         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1947         256,
1948         256,
1949         },
1950
1951         /* Cipher A4 */
1952         {
1953         1,
1954         TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1955         TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1956         SSL_kDHd,
1957         SSL_aDH,
1958         SSL_AES128GCM,
1959         SSL_AEAD,
1960         SSL_TLSV1_2,
1961         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1962         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1963         128,
1964         128,
1965         },
1966
1967         /* Cipher A5 */
1968         {
1969         1,
1970         TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1971         TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1972         SSL_kDHd,
1973         SSL_aDH,
1974         SSL_AES256GCM,
1975         SSL_AEAD,
1976         SSL_TLSV1_2,
1977         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1978         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1979         256,
1980         256,
1981         },
1982
1983         /* Cipher A6 */
1984         {
1985         1,
1986         TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1987         TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1988         SSL_kEDH,
1989         SSL_aNULL,
1990         SSL_AES128GCM,
1991         SSL_AEAD,
1992         SSL_TLSV1_2,
1993         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1994         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1995         128,
1996         128,
1997         },
1998
1999         /* Cipher A7 */
2000         {
2001         1,
2002         TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2003         TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2004         SSL_kEDH,
2005         SSL_aNULL,
2006         SSL_AES256GCM,
2007         SSL_AEAD,
2008         SSL_TLSV1_2,
2009         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2010         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2011         256,
2012         256,
2013         },
2014 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
2015         {
2016         1,
2017         "SCSV",
2018         SSL3_CK_SCSV,
2019         0,
2020         0,
2021         0,
2022         0,
2023         0,
2024         0,
2025         0,
2026         0,
2027         0
2028         },
2029 #endif
2030
2031 #ifndef OPENSSL_NO_ECDH
2032         /* Cipher C001 */
2033         {
2034         1,
2035         TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2036         TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2037         SSL_kECDHe,
2038         SSL_aECDH,
2039         SSL_eNULL,
2040         SSL_SHA1,
2041         SSL_TLSV1,
2042         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2043         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2044         0,
2045         0,
2046         },
2047
2048         /* Cipher C002 */
2049         {
2050         1,
2051         TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2052         TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2053         SSL_kECDHe,
2054         SSL_aECDH,
2055         SSL_RC4,
2056         SSL_SHA1,
2057         SSL_TLSV1,
2058         SSL_NOT_EXP|SSL_MEDIUM,
2059         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2060         128,
2061         128,
2062         },
2063
2064         /* Cipher C003 */
2065         {
2066         1,
2067         TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2068         TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2069         SSL_kECDHe,
2070         SSL_aECDH,
2071         SSL_3DES,
2072         SSL_SHA1,
2073         SSL_TLSV1,
2074         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2075         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2076         168,
2077         168,
2078         },
2079
2080         /* Cipher C004 */
2081         {
2082         1,
2083         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2084         TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2085         SSL_kECDHe,
2086         SSL_aECDH,
2087         SSL_AES128,
2088         SSL_SHA1,
2089         SSL_TLSV1,
2090         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2091         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2092         128,
2093         128,
2094         },
2095
2096         /* Cipher C005 */
2097         {
2098         1,
2099         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2100         TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2101         SSL_kECDHe,
2102         SSL_aECDH,
2103         SSL_AES256,
2104         SSL_SHA1,
2105         SSL_TLSV1,
2106         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2107         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2108         256,
2109         256,
2110         },
2111
2112         /* Cipher C006 */
2113         {
2114         1,
2115         TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2116         TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2117         SSL_kEECDH,
2118         SSL_aECDSA,
2119         SSL_eNULL,
2120         SSL_SHA1,
2121         SSL_TLSV1,
2122         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2123         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2124         0,
2125         0,
2126         },
2127
2128         /* Cipher C007 */
2129         {
2130         1,
2131         TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2132         TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2133         SSL_kEECDH,
2134         SSL_aECDSA,
2135         SSL_RC4,
2136         SSL_SHA1,
2137         SSL_TLSV1,
2138         SSL_NOT_EXP|SSL_MEDIUM,
2139         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2140         128,
2141         128,
2142         },
2143
2144         /* Cipher C008 */
2145         {
2146         1,
2147         TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2148         TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2149         SSL_kEECDH,
2150         SSL_aECDSA,
2151         SSL_3DES,
2152         SSL_SHA1,
2153         SSL_TLSV1,
2154         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2155         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2156         168,
2157         168,
2158         },
2159
2160         /* Cipher C009 */
2161         {
2162         1,
2163         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2164         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2165         SSL_kEECDH,
2166         SSL_aECDSA,
2167         SSL_AES128,
2168         SSL_SHA1,
2169         SSL_TLSV1,
2170         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2171         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2172         128,
2173         128,
2174         },
2175
2176         /* Cipher C00A */
2177         {
2178         1,
2179         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2180         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2181         SSL_kEECDH,
2182         SSL_aECDSA,
2183         SSL_AES256,
2184         SSL_SHA1,
2185         SSL_TLSV1,
2186         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2187         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2188         256,
2189         256,
2190         },
2191
2192         /* Cipher C00B */
2193         {
2194         1,
2195         TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2196         TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2197         SSL_kECDHr,
2198         SSL_aECDH,
2199         SSL_eNULL,
2200         SSL_SHA1,
2201         SSL_TLSV1,
2202         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2203         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2204         0,
2205         0,
2206         },
2207
2208         /* Cipher C00C */
2209         {
2210         1,
2211         TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2212         TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2213         SSL_kECDHr,
2214         SSL_aECDH,
2215         SSL_RC4,
2216         SSL_SHA1,
2217         SSL_TLSV1,
2218         SSL_NOT_EXP|SSL_MEDIUM,
2219         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2220         128,
2221         128,
2222         },
2223
2224         /* Cipher C00D */
2225         {
2226         1,
2227         TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2228         TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2229         SSL_kECDHr,
2230         SSL_aECDH,
2231         SSL_3DES,
2232         SSL_SHA1,
2233         SSL_TLSV1,
2234         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2235         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2236         168,
2237         168,
2238         },
2239
2240         /* Cipher C00E */
2241         {
2242         1,
2243         TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2244         TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2245         SSL_kECDHr,
2246         SSL_aECDH,
2247         SSL_AES128,
2248         SSL_SHA1,
2249         SSL_TLSV1,
2250         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2251         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2252         128,
2253         128,
2254         },
2255
2256         /* Cipher C00F */
2257         {
2258         1,
2259         TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2260         TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2261         SSL_kECDHr,
2262         SSL_aECDH,
2263         SSL_AES256,
2264         SSL_SHA1,
2265         SSL_TLSV1,
2266         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2267         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2268         256,
2269         256,
2270         },
2271
2272         /* Cipher C010 */
2273         {
2274         1,
2275         TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2276         TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2277         SSL_kEECDH,
2278         SSL_aRSA,
2279         SSL_eNULL,
2280         SSL_SHA1,
2281         SSL_TLSV1,
2282         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2283         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2284         0,
2285         0,
2286         },
2287
2288         /* Cipher C011 */
2289         {
2290         1,
2291         TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2292         TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2293         SSL_kEECDH,
2294         SSL_aRSA,
2295         SSL_RC4,
2296         SSL_SHA1,
2297         SSL_TLSV1,
2298         SSL_NOT_EXP|SSL_MEDIUM,
2299         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2300         128,
2301         128,
2302         },
2303
2304         /* Cipher C012 */
2305         {
2306         1,
2307         TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2308         TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2309         SSL_kEECDH,
2310         SSL_aRSA,
2311         SSL_3DES,
2312         SSL_SHA1,
2313         SSL_TLSV1,
2314         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2315         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2316         168,
2317         168,
2318         },
2319
2320         /* Cipher C013 */
2321         {
2322         1,
2323         TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2324         TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2325         SSL_kEECDH,
2326         SSL_aRSA,
2327         SSL_AES128,
2328         SSL_SHA1,
2329         SSL_TLSV1,
2330         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2331         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2332         128,
2333         128,
2334         },
2335
2336         /* Cipher C014 */
2337         {
2338         1,
2339         TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2340         TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2341         SSL_kEECDH,
2342         SSL_aRSA,
2343         SSL_AES256,
2344         SSL_SHA1,
2345         SSL_TLSV1,
2346         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2347         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2348         256,
2349         256,
2350         },
2351
2352         /* Cipher C015 */
2353         {
2354         1,
2355         TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2356         TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2357         SSL_kEECDH,
2358         SSL_aNULL,
2359         SSL_eNULL,
2360         SSL_SHA1,
2361         SSL_TLSV1,
2362         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2363         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2364         0,
2365         0,
2366         },
2367
2368         /* Cipher C016 */
2369         {
2370         1,
2371         TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2372         TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2373         SSL_kEECDH,
2374         SSL_aNULL,
2375         SSL_RC4,
2376         SSL_SHA1,
2377         SSL_TLSV1,
2378         SSL_NOT_EXP|SSL_MEDIUM,
2379         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2380         128,
2381         128,
2382         },
2383
2384         /* Cipher C017 */
2385         {
2386         1,
2387         TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2388         TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2389         SSL_kEECDH,
2390         SSL_aNULL,
2391         SSL_3DES,
2392         SSL_SHA1,
2393         SSL_TLSV1,
2394         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2395         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2396         168,
2397         168,
2398         },
2399
2400         /* Cipher C018 */
2401         {
2402         1,
2403         TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2404         TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2405         SSL_kEECDH,
2406         SSL_aNULL,
2407         SSL_AES128,
2408         SSL_SHA1,
2409         SSL_TLSV1,
2410         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2411         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2412         128,
2413         128,
2414         },
2415
2416         /* Cipher C019 */
2417         {
2418         1,
2419         TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2420         TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2421         SSL_kEECDH,
2422         SSL_aNULL,
2423         SSL_AES256,
2424         SSL_SHA1,
2425         SSL_TLSV1,
2426         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2427         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2428         256,
2429         256,
2430         },
2431 #endif  /* OPENSSL_NO_ECDH */
2432
2433 #ifndef OPENSSL_NO_SRP
2434         /* Cipher C01A */
2435         {
2436         1,
2437         TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2438         TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2439         SSL_kSRP,
2440         SSL_aNULL,
2441         SSL_3DES,
2442         SSL_SHA1,
2443         SSL_TLSV1,
2444         SSL_NOT_EXP|SSL_HIGH,
2445         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2446         168,
2447         168,
2448         },
2449
2450         /* Cipher C01B */
2451         {
2452         1,
2453         TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2454         TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2455         SSL_kSRP,
2456         SSL_aRSA,
2457         SSL_3DES,
2458         SSL_SHA1,
2459         SSL_TLSV1,
2460         SSL_NOT_EXP|SSL_HIGH,
2461         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2462         168,
2463         168,
2464         },
2465
2466         /* Cipher C01C */
2467         {
2468         1,
2469         TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2470         TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2471         SSL_kSRP,
2472         SSL_aDSS,
2473         SSL_3DES,
2474         SSL_SHA1,
2475         SSL_TLSV1,
2476         SSL_NOT_EXP|SSL_HIGH,
2477         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2478         168,
2479         168,
2480         },
2481
2482         /* Cipher C01D */
2483         {
2484         1,
2485         TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2486         TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2487         SSL_kSRP,
2488         SSL_aNULL,
2489         SSL_AES128,
2490         SSL_SHA1,
2491         SSL_TLSV1,
2492         SSL_NOT_EXP|SSL_HIGH,
2493         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2494         128,
2495         128,
2496         },
2497
2498         /* Cipher C01E */
2499         {
2500         1,
2501         TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2502         TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2503         SSL_kSRP,
2504         SSL_aRSA,
2505         SSL_AES128,
2506         SSL_SHA1,
2507         SSL_TLSV1,
2508         SSL_NOT_EXP|SSL_HIGH,
2509         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2510         128,
2511         128,
2512         },
2513
2514         /* Cipher C01F */
2515         {
2516         1,
2517         TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2518         TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2519         SSL_kSRP,
2520         SSL_aDSS,
2521         SSL_AES128,
2522         SSL_SHA1,
2523         SSL_TLSV1,
2524         SSL_NOT_EXP|SSL_HIGH,
2525         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2526         128,
2527         128,
2528         },
2529
2530         /* Cipher C020 */
2531         {
2532         1,
2533         TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2534         TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2535         SSL_kSRP,
2536         SSL_aNULL,
2537         SSL_AES256,
2538         SSL_SHA1,
2539         SSL_TLSV1,
2540         SSL_NOT_EXP|SSL_HIGH,
2541         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2542         256,
2543         256,
2544         },
2545
2546         /* Cipher C021 */
2547         {
2548         1,
2549         TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2550         TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2551         SSL_kSRP,
2552         SSL_aRSA,
2553         SSL_AES256,
2554         SSL_SHA1,
2555         SSL_TLSV1,
2556         SSL_NOT_EXP|SSL_HIGH,
2557         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2558         256,
2559         256,
2560         },
2561
2562         /* Cipher C022 */
2563         {
2564         1,
2565         TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2566         TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2567         SSL_kSRP,
2568         SSL_aDSS,
2569         SSL_AES256,
2570         SSL_SHA1,
2571         SSL_TLSV1,
2572         SSL_NOT_EXP|SSL_HIGH,
2573         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2574         256,
2575         256,
2576         },
2577 #endif  /* OPENSSL_NO_SRP */
2578 #ifndef OPENSSL_NO_ECDH
2579
2580         /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2581
2582         /* Cipher C023 */
2583         {
2584         1,
2585         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2586         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2587         SSL_kEECDH,
2588         SSL_aECDSA,
2589         SSL_AES128,
2590         SSL_SHA256,
2591         SSL_TLSV1_2,
2592         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2593         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2594         128,
2595         128,
2596         },
2597
2598         /* Cipher C024 */
2599         {
2600         1,
2601         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2602         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2603         SSL_kEECDH,
2604         SSL_aECDSA,
2605         SSL_AES256,
2606         SSL_SHA384,
2607         SSL_TLSV1_2,
2608         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2609         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2610         256,
2611         256,
2612         },
2613
2614         /* Cipher C025 */
2615         {
2616         1,
2617         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2618         TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2619         SSL_kECDHe,
2620         SSL_aECDH,
2621         SSL_AES128,
2622         SSL_SHA256,
2623         SSL_TLSV1_2,
2624         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2625         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2626         128,
2627         128,
2628         },
2629
2630         /* Cipher C026 */
2631         {
2632         1,
2633         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2634         TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2635         SSL_kECDHe,
2636         SSL_aECDH,
2637         SSL_AES256,
2638         SSL_SHA384,
2639         SSL_TLSV1_2,
2640         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2641         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2642         256,
2643         256,
2644         },
2645
2646         /* Cipher C027 */
2647         {
2648         1,
2649         TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2650         TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2651         SSL_kEECDH,
2652         SSL_aRSA,
2653         SSL_AES128,
2654         SSL_SHA256,
2655         SSL_TLSV1_2,
2656         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2657         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2658         128,
2659         128,
2660         },
2661
2662         /* Cipher C028 */
2663         {
2664         1,
2665         TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2666         TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2667         SSL_kEECDH,
2668         SSL_aRSA,
2669         SSL_AES256,
2670         SSL_SHA384,
2671         SSL_TLSV1_2,
2672         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2673         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2674         256,
2675         256,
2676         },
2677
2678         /* Cipher C029 */
2679         {
2680         1,
2681         TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2682         TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2683         SSL_kECDHr,
2684         SSL_aECDH,
2685         SSL_AES128,
2686         SSL_SHA256,
2687         SSL_TLSV1_2,
2688         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2689         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2690         128,
2691         128,
2692         },
2693
2694         /* Cipher C02A */
2695         {
2696         1,
2697         TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2698         TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2699         SSL_kECDHr,
2700         SSL_aECDH,
2701         SSL_AES256,
2702         SSL_SHA384,
2703         SSL_TLSV1_2,
2704         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2705         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2706         256,
2707         256,
2708         },
2709
2710         /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2711
2712         /* Cipher C02B */
2713         {
2714         1,
2715         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2716         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2717         SSL_kEECDH,
2718         SSL_aECDSA,
2719         SSL_AES128GCM,
2720         SSL_AEAD,
2721         SSL_TLSV1_2,
2722         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2723         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2724         128,
2725         128,
2726         },
2727
2728         /* Cipher C02C */
2729         {
2730         1,
2731         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2732         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2733         SSL_kEECDH,
2734         SSL_aECDSA,
2735         SSL_AES256GCM,
2736         SSL_AEAD,
2737         SSL_TLSV1_2,
2738         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2739         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2740         256,
2741         256,
2742         },
2743
2744         /* Cipher C02D */
2745         {
2746         1,
2747         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2748         TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2749         SSL_kECDHe,
2750         SSL_aECDH,
2751         SSL_AES128GCM,
2752         SSL_AEAD,
2753         SSL_TLSV1_2,
2754         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2755         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2756         128,
2757         128,
2758         },
2759
2760         /* Cipher C02E */
2761         {
2762         1,
2763         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2764         TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2765         SSL_kECDHe,
2766         SSL_aECDH,
2767         SSL_AES256GCM,
2768         SSL_AEAD,
2769         SSL_TLSV1_2,
2770         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2771         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2772         256,
2773         256,
2774         },
2775
2776         /* Cipher C02F */
2777         {
2778         1,
2779         TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2780         TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2781         SSL_kEECDH,
2782         SSL_aRSA,
2783         SSL_AES128GCM,
2784         SSL_AEAD,
2785         SSL_TLSV1_2,
2786         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2787         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2788         128,
2789         128,
2790         },
2791
2792         /* Cipher C030 */
2793         {
2794         1,
2795         TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2796         TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2797         SSL_kEECDH,
2798         SSL_aRSA,
2799         SSL_AES256GCM,
2800         SSL_AEAD,
2801         SSL_TLSV1_2,
2802         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2803         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2804         256,
2805         256,
2806         },
2807
2808         /* Cipher C031 */
2809         {
2810         1,
2811         TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2812         TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2813         SSL_kECDHr,
2814         SSL_aECDH,
2815         SSL_AES128GCM,
2816         SSL_AEAD,
2817         SSL_TLSV1_2,
2818         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2819         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2820         128,
2821         128,
2822         },
2823
2824         /* Cipher C032 */
2825         {
2826         1,
2827         TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2828         TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2829         SSL_kECDHr,
2830         SSL_aECDH,
2831         SSL_AES256GCM,
2832         SSL_AEAD,
2833         SSL_TLSV1_2,
2834         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2835         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2836         256,
2837         256,
2838         },
2839
2840 #endif /* OPENSSL_NO_ECDH */
2841
2842
2843 #ifdef TEMP_GOST_TLS
2844 /* Cipher FF00 */
2845         {
2846         1,
2847         "GOST-MD5",
2848         0x0300ff00,
2849         SSL_kRSA,
2850         SSL_aRSA,
2851         SSL_eGOST2814789CNT,
2852         SSL_MD5,
2853         SSL_TLSV1,
2854         SSL_NOT_EXP|SSL_HIGH,
2855         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2856         256,
2857         256,
2858         },
2859         {
2860         1,
2861         "GOST-GOST94",
2862         0x0300ff01,
2863         SSL_kRSA,
2864         SSL_aRSA,
2865         SSL_eGOST2814789CNT,
2866         SSL_GOST94,
2867         SSL_TLSV1,
2868         SSL_NOT_EXP|SSL_HIGH,
2869         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2870         256,
2871         256
2872         },
2873         {
2874         1,
2875         "GOST-GOST89MAC",
2876         0x0300ff02,
2877         SSL_kRSA,
2878         SSL_aRSA,
2879         SSL_eGOST2814789CNT,
2880         SSL_GOST89MAC,
2881         SSL_TLSV1,
2882         SSL_NOT_EXP|SSL_HIGH,
2883         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2884         256,
2885         256
2886         },
2887         {
2888         1,
2889         "GOST-GOST89STREAM",
2890         0x0300ff03,
2891         SSL_kRSA,
2892         SSL_aRSA,
2893         SSL_eGOST2814789CNT,
2894         SSL_GOST89MAC,
2895         SSL_TLSV1,
2896         SSL_NOT_EXP|SSL_HIGH,
2897         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2898         256,
2899         256
2900         },
2901 #endif
2902
2903 /* end of list */
2904         };
2905
2906 SSL3_ENC_METHOD SSLv3_enc_data={
2907         ssl3_enc,
2908         n_ssl3_mac,
2909         ssl3_setup_key_block,
2910         ssl3_generate_master_secret,
2911         ssl3_change_cipher_state,
2912         ssl3_final_finish_mac,
2913         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2914         ssl3_cert_verify_mac,
2915         SSL3_MD_CLIENT_FINISHED_CONST,4,
2916         SSL3_MD_SERVER_FINISHED_CONST,4,
2917         ssl3_alert_code,
2918         (int (*)(SSL *, unsigned char *, size_t, const char *,
2919                  size_t, const unsigned char *, size_t,
2920                  int use_context))ssl_undefined_function,
2921         0,
2922         SSL3_HM_HEADER_LENGTH,
2923         ssl3_set_handshake_header,
2924         ssl3_handshake_write
2925         };
2926
2927 long ssl3_default_timeout(void)
2928         {
2929         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
2930          * is way too long for http, the cache would over fill */
2931         return(60*60*2);
2932         }
2933
2934 int ssl3_num_ciphers(void)
2935         {
2936         return(SSL3_NUM_CIPHERS);
2937         }
2938
2939 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2940         {
2941         if (u < SSL3_NUM_CIPHERS)
2942                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2943         else
2944                 return(NULL);
2945         }
2946
2947 int ssl3_pending(const SSL *s)
2948         {
2949         if (s->rstate == SSL_ST_READ_BODY)
2950                 return 0;
2951         
2952         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2953         }
2954
2955 void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
2956         {
2957         unsigned char *p = (unsigned char *)s->init_buf->data;
2958         *(p++) = htype;
2959         l2n3(len, p);
2960         s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
2961         s->init_off = 0;
2962         }
2963
2964 int ssl3_handshake_write(SSL *s)
2965         {
2966         return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
2967         }
2968
2969 int ssl3_new(SSL *s)
2970         {
2971         SSL3_STATE *s3;
2972
2973         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2974         memset(s3,0,sizeof *s3);
2975         memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
2976         memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
2977
2978         s->s3=s3;
2979
2980 #ifndef OPENSSL_NO_SRP
2981         SSL_SRP_CTX_init(s);
2982 #endif
2983         s->method->ssl_clear(s);
2984         return(1);
2985 err:
2986         return(0);
2987         }
2988
2989 void ssl3_free(SSL *s)
2990         {
2991         if(s == NULL)
2992             return;
2993
2994 #ifdef TLSEXT_TYPE_opaque_prf_input
2995         if (s->s3->client_opaque_prf_input != NULL)
2996                 OPENSSL_free(s->s3->client_opaque_prf_input);
2997         if (s->s3->server_opaque_prf_input != NULL)
2998                 OPENSSL_free(s->s3->server_opaque_prf_input);
2999 #endif
3000
3001         ssl3_cleanup_key_block(s);
3002         if (s->s3->rbuf.buf != NULL)
3003                 ssl3_release_read_buffer(s);
3004         if (s->s3->wbuf.buf != NULL)
3005                 ssl3_release_write_buffer(s);
3006         if (s->s3->rrec.comp != NULL)
3007                 OPENSSL_free(s->s3->rrec.comp);
3008 #ifndef OPENSSL_NO_DH
3009         if (s->s3->tmp.dh != NULL)
3010                 DH_free(s->s3->tmp.dh);
3011 #endif
3012 #ifndef OPENSSL_NO_ECDH
3013         if (s->s3->tmp.ecdh != NULL)
3014                 EC_KEY_free(s->s3->tmp.ecdh);
3015 #endif
3016
3017         if (s->s3->tmp.ca_names != NULL)
3018                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3019         if (s->s3->handshake_buffer) {
3020                 BIO_free(s->s3->handshake_buffer);
3021         }
3022         if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
3023 #ifndef OPENSSL_NO_TLSEXT
3024         if (s->s3->alpn_selected)
3025                 OPENSSL_free(s->s3->alpn_selected);
3026 #endif
3027
3028 #ifndef OPENSSL_NO_SRP
3029         SSL_SRP_CTX_free(s);
3030 #endif
3031 #ifndef OPENSSL_NO_TLSEXT
3032         if (s->s3->tlsext_custom_types != NULL)
3033                 OPENSSL_free(s->s3->tlsext_custom_types);
3034 #endif
3035         OPENSSL_cleanse(s->s3,sizeof *s->s3);
3036         OPENSSL_free(s->s3);
3037         s->s3=NULL;
3038         }
3039
3040 void ssl3_clear(SSL *s)
3041         {
3042         unsigned char *rp,*wp;
3043         size_t rlen, wlen;
3044         int init_extra;
3045
3046 #ifdef TLSEXT_TYPE_opaque_prf_input
3047         if (s->s3->client_opaque_prf_input != NULL)
3048                 OPENSSL_free(s->s3->client_opaque_prf_input);
3049         s->s3->client_opaque_prf_input = NULL;
3050         if (s->s3->server_opaque_prf_input != NULL)
3051                 OPENSSL_free(s->s3->server_opaque_prf_input);
3052         s->s3->server_opaque_prf_input = NULL;
3053 #endif
3054
3055         ssl3_cleanup_key_block(s);
3056         if (s->s3->tmp.ca_names != NULL)
3057                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3058
3059         if (s->s3->rrec.comp != NULL)
3060                 {
3061                 OPENSSL_free(s->s3->rrec.comp);
3062                 s->s3->rrec.comp=NULL;
3063                 }
3064 #ifndef OPENSSL_NO_DH
3065         if (s->s3->tmp.dh != NULL)
3066                 {
3067                 DH_free(s->s3->tmp.dh);
3068                 s->s3->tmp.dh = NULL;
3069                 }
3070 #endif
3071 #ifndef OPENSSL_NO_ECDH
3072         if (s->s3->tmp.ecdh != NULL)
3073                 {
3074                 EC_KEY_free(s->s3->tmp.ecdh);
3075                 s->s3->tmp.ecdh = NULL;
3076                 }
3077 #endif
3078 #ifndef OPENSSL_NO_TLSEXT
3079         if (s->s3->tlsext_custom_types != NULL)
3080                 {
3081                 OPENSSL_free(s->s3->tlsext_custom_types);
3082                 s->s3->tlsext_custom_types = NULL;
3083                 }
3084         s->s3->tlsext_custom_types_count = 0;   
3085 #ifndef OPENSSL_NO_EC
3086         s->s3->is_probably_safari = 0;
3087 #endif /* !OPENSSL_NO_EC */
3088 #endif /* !OPENSSL_NO_TLSEXT */
3089
3090         rp = s->s3->rbuf.buf;
3091         wp = s->s3->wbuf.buf;
3092         rlen = s->s3->rbuf.len;
3093         wlen = s->s3->wbuf.len;
3094         init_extra = s->s3->init_extra;
3095         if (s->s3->handshake_buffer) {
3096                 BIO_free(s->s3->handshake_buffer);
3097                 s->s3->handshake_buffer = NULL;
3098         }
3099         if (s->s3->handshake_dgst) {
3100                 ssl3_free_digest_list(s);
3101         }       
3102
3103 #if !defined(OPENSSL_NO_TLSEXT)
3104         if (s->s3->alpn_selected)
3105                 {
3106                 free(s->s3->alpn_selected);
3107                 s->s3->alpn_selected = NULL;
3108                 }
3109 #endif
3110         memset(s->s3,0,sizeof *s->s3);
3111         s->s3->rbuf.buf = rp;
3112         s->s3->wbuf.buf = wp;
3113         s->s3->rbuf.len = rlen;
3114         s->s3->wbuf.len = wlen;
3115         s->s3->init_extra = init_extra;
3116
3117         ssl_free_wbio_buffer(s);
3118
3119         s->packet_length=0;
3120         s->s3->renegotiate=0;
3121         s->s3->total_renegotiations=0;
3122         s->s3->num_renegotiations=0;
3123         s->s3->in_read_app_data=0;
3124         s->version=SSL3_VERSION;
3125
3126 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3127         if (s->next_proto_negotiated)
3128                 {
3129                 OPENSSL_free(s->next_proto_negotiated);
3130                 s->next_proto_negotiated = NULL;
3131                 s->next_proto_negotiated_len = 0;
3132                 }
3133 #endif
3134         }
3135
3136 #ifndef OPENSSL_NO_SRP
3137 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
3138         {
3139         return BUF_strdup(s->srp_ctx.info) ;
3140         }
3141 #endif
3142
3143 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3144
3145 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3146         {
3147         int ret=0;
3148
3149 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3150         if (
3151 #ifndef OPENSSL_NO_RSA
3152             cmd == SSL_CTRL_SET_TMP_RSA ||
3153             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3154 #endif
3155 #ifndef OPENSSL_NO_DSA
3156             cmd == SSL_CTRL_SET_TMP_DH ||
3157             cmd == SSL_CTRL_SET_TMP_DH_CB ||
3158 #endif
3159                 0)
3160                 {
3161                 if (!ssl_cert_inst(&s->cert))
3162                         {
3163                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3164                         return(0);
3165                         }
3166                 }
3167 #endif
3168
3169         switch (cmd)
3170                 {
3171         case SSL_CTRL_GET_SESSION_REUSED:
3172                 ret=s->hit;
3173                 break;
3174         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3175                 break;
3176         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3177                 ret=s->s3->num_renegotiations;
3178                 break;
3179         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3180                 ret=s->s3->num_renegotiations;
3181                 s->s3->num_renegotiations=0;
3182                 break;
3183         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3184                 ret=s->s3->total_renegotiations;
3185                 break;
3186         case SSL_CTRL_GET_FLAGS:
3187                 ret=(int)(s->s3->flags);
3188                 break;
3189 #ifndef OPENSSL_NO_RSA
3190         case SSL_CTRL_NEED_TMP_RSA:
3191                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3192                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3193                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
3194                         ret = 1;
3195                 break;
3196         case SSL_CTRL_SET_TMP_RSA:
3197                 {
3198                         RSA *rsa = (RSA *)parg;
3199                         if (rsa == NULL)
3200                                 {
3201                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3202                                 return(ret);
3203                                 }
3204                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
3205                                 {
3206                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3207                                 return(ret);
3208                                 }
3209                         if (s->cert->rsa_tmp != NULL)
3210                                 RSA_free(s->cert->rsa_tmp);
3211                         s->cert->rsa_tmp = rsa;
3212                         ret = 1;
3213                 }
3214                 break;
3215         case SSL_CTRL_SET_TMP_RSA_CB:
3216                 {
3217                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3218                 return(ret);
3219                 }
3220                 break;
3221 #endif
3222 #ifndef OPENSSL_NO_DH
3223         case SSL_CTRL_SET_TMP_DH:
3224                 {
3225                         DH *dh = (DH *)parg;
3226                         if (dh == NULL)
3227                                 {
3228                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3229                                 return(ret);
3230                                 }
3231                         if ((dh = DHparams_dup(dh)) == NULL)
3232                                 {
3233                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3234                                 return(ret);
3235                                 }
3236                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
3237                                 {
3238                                 if (!DH_generate_key(dh))
3239                                         {
3240                                         DH_free(dh);
3241                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3242                                         return(ret);
3243                                         }
3244                                 }
3245                         if (s->cert->dh_tmp != NULL)
3246                                 DH_free(s->cert->dh_tmp);
3247                         s->cert->dh_tmp = dh;
3248                         ret = 1;
3249                 }
3250                 break;
3251         case SSL_CTRL_SET_TMP_DH_CB:
3252                 {
3253                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3254                 return(ret);
3255                 }
3256                 break;
3257 #endif
3258 #ifndef OPENSSL_NO_ECDH
3259         case SSL_CTRL_SET_TMP_ECDH:
3260                 {
3261                 EC_KEY *ecdh = NULL;
3262                         
3263                 if (parg == NULL)
3264                         {
3265                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3266                         return(ret);
3267                         }
3268                 if (!EC_KEY_up_ref((EC_KEY *)parg))
3269                         {
3270                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3271                         return(ret);
3272                         }
3273                 ecdh = (EC_KEY *)parg;
3274                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
3275                         {
3276                         if (!EC_KEY_generate_key(ecdh))
3277                                 {
3278                                 EC_KEY_free(ecdh);
3279                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3280                                 return(ret);
3281                                 }
3282                         }
3283                 if (s->cert->ecdh_tmp != NULL)
3284                         EC_KEY_free(s->cert->ecdh_tmp);
3285                 s->cert->ecdh_tmp = ecdh;
3286                 ret = 1;
3287                 }
3288                 break;
3289         case SSL_CTRL_SET_TMP_ECDH_CB:
3290                 {
3291                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3292                 return(ret);
3293                 }
3294                 break;
3295 #endif /* !OPENSSL_NO_ECDH */
3296 #ifndef OPENSSL_NO_TLSEXT
3297         case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3298                 if (larg == TLSEXT_NAMETYPE_host_name)
3299                         {
3300                         if (s->tlsext_hostname != NULL) 
3301                                 OPENSSL_free(s->tlsext_hostname);
3302                         s->tlsext_hostname = NULL;
3303
3304                         ret = 1;
3305                         if (parg == NULL) 
3306                                 break;
3307                         if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
3308                                 {
3309                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3310                                 return 0;
3311                                 }
3312                         if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
3313                                 {
3314                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3315                                 return 0;
3316                                 }
3317                         }
3318                 else
3319                         {
3320                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3321                         return 0;
3322                         }
3323                 break;
3324         case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3325                 s->tlsext_debug_arg=parg;
3326                 ret = 1;
3327                 break;
3328
3329 #ifdef TLSEXT_TYPE_opaque_prf_input
3330         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3331                 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
3332                                    * (including the cert chain and everything) */
3333                         {
3334                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3335                         break;
3336                         }
3337                 if (s->tlsext_opaque_prf_input != NULL)
3338                         OPENSSL_free(s->tlsext_opaque_prf_input);
3339                 if ((size_t)larg == 0)
3340                         s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
3341                 else
3342                         s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
3343                 if (s->tlsext_opaque_prf_input != NULL)
3344                         {
3345                         s->tlsext_opaque_prf_input_len = (size_t)larg;
3346                         ret = 1;
3347                         }
3348                 else
3349                         s->tlsext_opaque_prf_input_len = 0;
3350                 break;
3351 #endif
3352
3353         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3354                 s->tlsext_status_type=larg;
3355                 ret = 1;
3356                 break;
3357
3358         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3359                 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3360                 ret = 1;
3361                 break;
3362
3363         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3364                 s->tlsext_ocsp_exts = parg;
3365                 ret = 1;
3366                 break;
3367
3368         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3369                 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3370                 ret = 1;
3371                 break;
3372
3373         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3374                 s->tlsext_ocsp_ids = parg;
3375                 ret = 1;
3376                 break;
3377
3378         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3379                 *(unsigned char **)parg = s->tlsext_ocsp_resp;
3380                 return s->tlsext_ocsp_resplen;
3381                 
3382         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3383                 if (s->tlsext_ocsp_resp)
3384                         OPENSSL_free(s->tlsext_ocsp_resp);
3385                 s->tlsext_ocsp_resp = parg;
3386                 s->tlsext_ocsp_resplen = larg;
3387                 ret = 1;
3388                 break;
3389
3390 #ifndef OPENSSL_NO_HEARTBEATS
3391         case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3392                 if (SSL_IS_DTLS(s))
3393                         ret = dtls1_heartbeat(s);
3394                 else
3395                         ret = tls1_heartbeat(s);
3396                 break;
3397
3398         case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3399                 ret = s->tlsext_hb_pending;
3400                 break;
3401
3402         case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3403                 if (larg)
3404                         s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3405                 else
3406                         s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3407                 ret = 1;
3408                 break;
3409 #endif
3410
3411 #endif /* !OPENSSL_NO_TLSEXT */
3412
3413         case SSL_CTRL_CHAIN:
3414                 if (larg)
3415                         return ssl_cert_set1_chain(s->cert,
3416                                                 (STACK_OF (X509) *)parg);
3417                 else
3418                         return ssl_cert_set0_chain(s->cert,
3419                                                 (STACK_OF (X509) *)parg);
3420
3421         case SSL_CTRL_CHAIN_CERT:
3422                 if (larg)
3423                         return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg);
3424                 else
3425                         return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
3426
3427 #ifndef OPENSSL_NO_EC
3428         case SSL_CTRL_GET_CURVES:
3429                 {
3430                 unsigned char *clist;
3431                 size_t clistlen;
3432                 if (!s->session)
3433                         return 0;
3434                 clist = s->session->tlsext_ellipticcurvelist;
3435                 clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
3436                 if (parg)
3437                         {
3438                         size_t i;
3439                         int *cptr = parg;
3440                         unsigned int cid, nid;
3441                         for (i = 0; i < clistlen; i++)
3442                                 {
3443                                 n2s(clist, cid);
3444                                 nid = tls1_ec_curve_id2nid(cid);
3445                                 if (nid != 0)
3446                                         cptr[i] = nid;
3447                                 else
3448                                         cptr[i] = TLSEXT_nid_unknown | cid;
3449                                 }
3450                         }
3451                 return (int)clistlen;
3452                 }
3453
3454         case SSL_CTRL_SET_CURVES:
3455                 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3456                                         &s->tlsext_ellipticcurvelist_length,
3457                                                                 parg, larg);
3458
3459         case SSL_CTRL_SET_CURVES_LIST:
3460                 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
3461                                         &s->tlsext_ellipticcurvelist_length,
3462                                                                 parg);
3463
3464         case SSL_CTRL_GET_SHARED_CURVE:
3465                 return tls1_shared_curve(s, larg);
3466
3467         case SSL_CTRL_SET_ECDH_AUTO:
3468                 s->cert->ecdh_tmp_auto = larg;
3469                 return 1;
3470 #endif
3471         case SSL_CTRL_SET_SIGALGS:
3472                 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3473
3474         case SSL_CTRL_SET_SIGALGS_LIST:
3475                 return tls1_set_sigalgs_list(s->cert, parg, 0);
3476
3477         case SSL_CTRL_SET_CLIENT_SIGALGS:
3478                 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3479
3480         case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3481                 return tls1_set_sigalgs_list(s->cert, parg, 1);
3482
3483         case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3484                 {
3485                 const unsigned char **pctype = parg;
3486                 if (s->server || !s->s3->tmp.cert_req)
3487                         return 0;
3488                 if (s->cert->ctypes)
3489                         {
3490                         if (pctype)
3491                                 *pctype = s->cert->ctypes;
3492                         return (int)s->cert->ctype_num;
3493                         }
3494                 if (pctype)
3495                         *pctype = (unsigned char *)s->s3->tmp.ctype;
3496                 return s->s3->tmp.ctype_num;
3497                 }
3498
3499         case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3500                 if (!s->server)
3501                         return 0;
3502                 return ssl3_set_req_cert_type(s->cert, parg, larg);
3503
3504         case SSL_CTRL_BUILD_CERT_CHAIN:
3505                 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg);
3506
3507         case SSL_CTRL_SET_VERIFY_CERT_STORE:
3508                 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3509
3510         case SSL_CTRL_SET_CHAIN_CERT_STORE:
3511                 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3512
3513         case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3514                 if (SSL_USE_SIGALGS(s))
3515                         {
3516                         if (s->session && s->session->sess_cert)
3517                                 {
3518                                 const EVP_MD *sig;
3519                                 sig = s->session->sess_cert->peer_key->digest;
3520                                 if (sig)
3521                                         {
3522                                         *(int *)parg = EVP_MD_type(sig);
3523                                         return 1;
3524                                         }
3525                                 }
3526                         return 0;
3527                         }
3528                 /* Might want to do something here for other versions */
3529                 else
3530                         return 0;
3531
3532         case SSL_CTRL_GET_SERVER_TMP_KEY:
3533                 if (s->server || !s->session || !s->session->sess_cert)
3534                         return 0;
3535                 else
3536                         {
3537                         SESS_CERT *sc;
3538                         EVP_PKEY *ptmp;
3539                         int rv = 0;
3540                         sc = s->session->sess_cert;
3541 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC)
3542                         if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp
3543                                                         && !sc->peer_ecdh_tmp)
3544                                 return 0;
3545 #endif
3546                         ptmp = EVP_PKEY_new();
3547                         if (!ptmp)
3548                                 return 0;
3549                         if (0);
3550 #ifndef OPENSSL_NO_RSA
3551                         else if (sc->peer_rsa_tmp)
3552                                 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
3553 #endif
3554 #ifndef OPENSSL_NO_DH
3555                         else if (sc->peer_dh_tmp)
3556                                 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
3557 #endif
3558 #ifndef OPENSSL_NO_ECDH
3559                         else if (sc->peer_ecdh_tmp)
3560                                 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
3561 #endif
3562                         if (rv)
3563                                 {
3564                                 *(EVP_PKEY **)parg = ptmp;
3565                                 return 1;
3566                                 }
3567                         EVP_PKEY_free(ptmp);
3568                         return 0;
3569                         }
3570 #ifndef OPENSSL_NO_EC
3571         case SSL_CTRL_GET_EC_POINT_FORMATS:
3572                 {
3573                 SSL_SESSION *sess = s->session;
3574                 const unsigned char **pformat = parg;
3575                 if (!sess || !sess->tlsext_ecpointformatlist)
3576                         return 0;
3577                 *pformat = sess->tlsext_ecpointformatlist;
3578                 return (int)sess->tlsext_ecpointformatlist_length;
3579                 }
3580 #endif
3581         default:
3582                 break;
3583                 }
3584         return(ret);
3585         }
3586
3587 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3588         {
3589         int ret=0;
3590
3591 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3592         if (
3593 #ifndef OPENSSL_NO_RSA
3594             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3595 #endif
3596 #ifndef OPENSSL_NO_DSA
3597             cmd == SSL_CTRL_SET_TMP_DH_CB ||
3598 #endif
3599                 0)
3600                 {
3601                 if (!ssl_cert_inst(&s->cert))
3602                         {
3603                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
3604                         return(0);
3605                         }
3606                 }
3607 #endif
3608
3609         switch (cmd)
3610                 {
3611 #ifndef OPENSSL_NO_RSA
3612         case SSL_CTRL_SET_TMP_RSA_CB:
3613                 {
3614                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3615                 }
3616                 break;
3617 #endif
3618 #ifndef OPENSSL_NO_DH
3619         case SSL_CTRL_SET_TMP_DH_CB:
3620                 {
3621                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3622                 }
3623                 break;
3624 #endif
3625 #ifndef OPENSSL_NO_ECDH
3626         case SSL_CTRL_SET_TMP_ECDH_CB:
3627                 {
3628                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3629                 }
3630                 break;
3631 #endif
3632 #ifndef OPENSSL_NO_TLSEXT
3633         case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3634                 s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
3635                                         unsigned char *, int, void *))fp;
3636                 break;
3637 #endif
3638         case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3639                 {
3640                 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3641                 }
3642                 break;
3643         default:
3644                 break;
3645                 }
3646         return(ret);
3647         }
3648
3649 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3650         {
3651         CERT *cert;
3652
3653         cert=ctx->cert;
3654
3655         switch (cmd)
3656                 {
3657 #ifndef OPENSSL_NO_RSA
3658         case SSL_CTRL_NEED_TMP_RSA:
3659                 if (    (cert->rsa_tmp == NULL) &&
3660                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3661                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
3662                         )
3663                         return(1);
3664                 else
3665                         return(0);
3666                 /* break; */
3667         case SSL_CTRL_SET_TMP_RSA:
3668                 {
3669                 RSA *rsa;
3670                 int i;
3671
3672                 rsa=(RSA *)parg;
3673                 i=1;
3674                 if (rsa == NULL)
3675                         i=0;
3676                 else
3677                         {
3678                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
3679                                 i=0;
3680                         }
3681                 if (!i)
3682                         {
3683                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
3684                         return(0);
3685                         }
3686                 else
3687                         {
3688                         if (cert->rsa_tmp != NULL)
3689                                 RSA_free(cert->rsa_tmp);
3690                         cert->rsa_tmp=rsa;
3691                         return(1);
3692                         }
3693                 }
3694                 /* break; */
3695         case SSL_CTRL_SET_TMP_RSA_CB:
3696                 {
3697                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3698                 return(0);
3699                 }
3700                 break;
3701 #endif
3702 #ifndef OPENSSL_NO_DH
3703         case SSL_CTRL_SET_TMP_DH:
3704                 {
3705                 DH *new=NULL,*dh;
3706
3707                 dh=(DH *)parg;
3708                 if ((new=DHparams_dup(dh)) == NULL)
3709                         {
3710                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3711                         return 0;
3712                         }
3713                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
3714                         {
3715                         if (!DH_generate_key(new))
3716                                 {
3717                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3718                                 DH_free(new);
3719                                 return 0;
3720                                 }
3721                         }
3722                 if (cert->dh_tmp != NULL)
3723                         DH_free(cert->dh_tmp);
3724                 cert->dh_tmp=new;
3725                 return 1;
3726                 }
3727                 /*break; */
3728         case SSL_CTRL_SET_TMP_DH_CB:
3729                 {
3730                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3731                 return(0);
3732                 }
3733                 break;
3734 #endif
3735 #ifndef OPENSSL_NO_ECDH
3736         case SSL_CTRL_SET_TMP_ECDH:
3737                 {
3738                 EC_KEY *ecdh = NULL;
3739                         
3740                 if (parg == NULL)
3741                         {
3742                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3743                         return 0;
3744                         }
3745                 ecdh = EC_KEY_dup((EC_KEY *)parg);
3746                 if (ecdh == NULL)
3747                         {
3748                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3749                         return 0;
3750                         }
3751                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3752                         {
3753                         if (!EC_KEY_generate_key(ecdh))
3754                                 {
3755                                 EC_KEY_free(ecdh);
3756                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3757                                 return 0;
3758                                 }
3759                         }
3760
3761                 if (cert->ecdh_tmp != NULL)
3762                         {
3763                         EC_KEY_free(cert->ecdh_tmp);
3764                         }
3765                 cert->ecdh_tmp = ecdh;
3766                 return 1;
3767                 }
3768                 /* break; */
3769         case SSL_CTRL_SET_TMP_ECDH_CB:
3770                 {
3771                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3772                 return(0);
3773                 }
3774                 break;
3775 #endif /* !OPENSSL_NO_ECDH */
3776 #ifndef OPENSSL_NO_TLSEXT
3777         case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3778                 ctx->tlsext_servername_arg=parg;
3779                 break;
3780         case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3781         case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3782                 {
3783                 unsigned char *keys = parg;
3784                 if (!keys)
3785                         return 48;
3786                 if (larg != 48)
3787                         {
3788                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3789                         return 0;
3790                         }
3791                 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3792                         {
3793                         memcpy(ctx->tlsext_tick_key_name, keys, 16);
3794                         memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3795                         memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3796                         }
3797                 else
3798                         {
3799                         memcpy(keys, ctx->tlsext_tick_key_name, 16);
3800                         memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3801                         memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3802                         }
3803                 return 1;
3804                 }
3805
3806 #ifdef TLSEXT_TYPE_opaque_prf_input
3807         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3808                 ctx->tlsext_opaque_prf_input_callback_arg = parg;
3809                 return 1;
3810 #endif
3811
3812         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3813                 ctx->tlsext_status_arg=parg;
3814                 return 1;
3815                 break;
3816
3817 #ifndef OPENSSL_NO_SRP
3818         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3819                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3820                 if (ctx->srp_ctx.login != NULL)
3821                         OPENSSL_free(ctx->srp_ctx.login);
3822                 ctx->srp_ctx.login = NULL;
3823                 if (parg == NULL)
3824                         break;
3825                 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
3826                         {
3827                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3828                         return 0;
3829                         } 
3830                 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3831                         {
3832                         SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3833                         return 0;
3834                         }
3835                 break;
3836         case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3837                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3838                 ctx->srp_ctx.info=parg;
3839                 break;
3840         case SSL_CTRL_SET_SRP_ARG:
3841                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3842                 ctx->srp_ctx.SRP_cb_arg=parg;
3843                 break;
3844
3845         case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3846                 ctx->srp_ctx.strength=larg;
3847                 break;
3848 #endif
3849
3850 #ifndef OPENSSL_NO_EC
3851         case SSL_CTRL_SET_CURVES:
3852                 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3853                                         &ctx->tlsext_ellipticcurvelist_length,
3854                                                                 parg, larg);
3855
3856         case SSL_CTRL_SET_CURVES_LIST:
3857                 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
3858                                         &ctx->tlsext_ellipticcurvelist_length,
3859                                                                 parg);
3860         case SSL_CTRL_SET_ECDH_AUTO:
3861                 ctx->cert->ecdh_tmp_auto = larg;
3862                 return 1;
3863 #endif
3864         case SSL_CTRL_SET_SIGALGS:
3865                 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3866
3867         case SSL_CTRL_SET_SIGALGS_LIST:
3868                 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3869
3870         case SSL_CTRL_SET_CLIENT_SIGALGS:
3871                 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3872
3873         case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3874                 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3875
3876         case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3877                 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3878
3879         case SSL_CTRL_BUILD_CERT_CHAIN:
3880                 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg);
3881
3882         case SSL_CTRL_SET_VERIFY_CERT_STORE:
3883                 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3884
3885         case SSL_CTRL_SET_CHAIN_CERT_STORE:
3886                 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3887
3888 #endif /* !OPENSSL_NO_TLSEXT */
3889
3890         /* A Thawte special :-) */
3891         case SSL_CTRL_EXTRA_CHAIN_CERT:
3892                 if (ctx->extra_certs == NULL)
3893                         {
3894                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3895                                 return(0);
3896                         }
3897                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
3898                 break;
3899
3900         case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3901                 *(STACK_OF(X509) **)parg =  ctx->extra_certs;
3902                 break;
3903
3904         case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3905                 if (ctx->extra_certs)
3906                         {
3907                         sk_X509_pop_free(ctx->extra_certs, X509_free);
3908                         ctx->extra_certs = NULL;
3909                         }
3910                 break;
3911
3912         case SSL_CTRL_CHAIN:
3913                 if (larg)
3914                         return ssl_cert_set1_chain(ctx->cert,
3915                                                 (STACK_OF (X509) *)parg);
3916                 else
3917                         return ssl_cert_set0_chain(ctx->cert,
3918                                                 (STACK_OF (X509) *)parg);
3919
3920         case SSL_CTRL_CHAIN_CERT:
3921                 if (larg)
3922                         return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg);
3923                 else
3924                         return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg);
3925
3926         default:
3927                 return(0);
3928                 }
3929         return(1);
3930         }
3931
3932 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3933         {
3934         CERT *cert;
3935
3936         cert=ctx->cert;
3937
3938         switch (cmd)
3939                 {
3940 #ifndef OPENSSL_NO_RSA
3941         case SSL_CTRL_SET_TMP_RSA_CB:
3942                 {
3943                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3944                 }
3945                 break;
3946 #endif
3947 #ifndef OPENSSL_NO_DH
3948         case SSL_CTRL_SET_TMP_DH_CB:
3949                 {
3950                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3951                 }
3952                 break;
3953 #endif
3954 #ifndef OPENSSL_NO_ECDH
3955         case SSL_CTRL_SET_TMP_ECDH_CB:
3956                 {
3957                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3958                 }
3959                 break;
3960 #endif
3961 #ifndef OPENSSL_NO_TLSEXT
3962         case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3963                 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3964                 break;
3965
3966 #ifdef TLSEXT_TYPE_opaque_prf_input
3967         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3968                 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
3969                 break;
3970 #endif
3971
3972         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3973                 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
3974                 break;
3975
3976         case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3977                 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
3978                                                 unsigned char *,
3979                                                 EVP_CIPHER_CTX *,
3980                                                 HMAC_CTX *, int))fp;
3981                 break;
3982
3983 #ifndef OPENSSL_NO_SRP
3984         case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3985                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3986                 ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
3987                 break;
3988         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3989                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3990                 ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
3991                 break;
3992         case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3993                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3994                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
3995                 break;
3996 #endif
3997 #endif
3998         case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3999                 {
4000                 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
4001                 }
4002                 break;
4003         default:
4004                 return(0);
4005                 }
4006         return(1);
4007         }
4008
4009 /* This function needs to check if the ciphers required are actually
4010  * available */
4011 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4012         {
4013         SSL_CIPHER c;
4014         const SSL_CIPHER *cp;
4015         unsigned long id;
4016
4017         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
4018         c.id=id;
4019         cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4020 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
4021 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
4022 #endif
4023         return cp;
4024         }
4025
4026 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
4027         {
4028         long l;
4029
4030         if (p != NULL)
4031                 {
4032                 l=c->id;
4033                 if ((l & 0xff000000) != 0x03000000) return(0);
4034                 p[0]=((unsigned char)(l>> 8L))&0xFF;
4035                 p[1]=((unsigned char)(l     ))&0xFF;
4036                 }
4037         return(2);
4038         }
4039
4040 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4041              STACK_OF(SSL_CIPHER) *srvr)
4042         {
4043         SSL_CIPHER *c,*ret=NULL;
4044         STACK_OF(SSL_CIPHER) *prio, *allow;
4045         int i,ii,ok;
4046         CERT *cert;
4047         unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
4048
4049         /* Let's see which ciphers we can support */
4050         cert=s->cert;
4051
4052 #if 0
4053         /* Do not set the compare functions, because this may lead to a
4054          * reordering by "id". We want to keep the original ordering.
4055          * We may pay a price in performance during sk_SSL_CIPHER_find(),
4056          * but would have to pay with the price of sk_SSL_CIPHER_dup().
4057          */
4058         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
4059         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
4060 #endif
4061
4062 #ifdef CIPHER_DEBUG
4063         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
4064         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
4065                 {
4066                 c=sk_SSL_CIPHER_value(srvr,i);
4067                 printf("%p:%s\n",(void *)c,c->name);
4068                 }
4069         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
4070         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
4071             {
4072             c=sk_SSL_CIPHER_value(clnt,i);
4073             printf("%p:%s\n",(void *)c,c->name);
4074             }
4075 #endif
4076
4077         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s))
4078                 {
4079                 prio = srvr;
4080                 allow = clnt;
4081                 }
4082         else
4083                 {
4084                 prio = clnt;
4085                 allow = srvr;
4086                 }
4087
4088         tls1_set_cert_validity(s);
4089
4090         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
4091                 {
4092                 c=sk_SSL_CIPHER_value(prio,i);
4093
4094                 /* Skip TLS v1.2 only ciphersuites if not supported */
4095                 if ((c->algorithm_ssl & SSL_TLSV1_2) && 
4096                         !SSL_USE_TLS1_2_CIPHERS(s))
4097                         continue;
4098
4099                 ssl_set_cert_masks(cert,c);
4100                 mask_k = cert->mask_k;
4101                 mask_a = cert->mask_a;
4102                 emask_k = cert->export_mask_k;
4103                 emask_a = cert->export_mask_a;
4104 #ifndef OPENSSL_NO_SRP
4105                 mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
4106                 emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
4107 #endif
4108                         
4109 #ifdef KSSL_DEBUG
4110 /*              printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
4111 #endif    /* KSSL_DEBUG */
4112
4113                 alg_k=c->algorithm_mkey;
4114                 alg_a=c->algorithm_auth;
4115
4116 #ifndef OPENSSL_NO_KRB5
4117                 if (alg_k & SSL_kKRB5)
4118                         {
4119                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
4120                             continue;
4121                         }
4122 #endif /* OPENSSL_NO_KRB5 */
4123 #ifndef OPENSSL_NO_PSK
4124                 /* with PSK there must be server callback set */
4125                 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
4126                         continue;
4127 #endif /* OPENSSL_NO_PSK */
4128
4129                 if (SSL_C_IS_EXPORT(c))
4130                         {
4131                         ok = (alg_k & emask_k) && (alg_a & emask_a);
4132 #ifdef CIPHER_DEBUG
4133                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
4134                                (void *)c,c->name);
4135 #endif
4136                         }
4137                 else
4138                         {
4139                         ok = (alg_k & mask_k) && (alg_a & mask_a);
4140 #ifdef CIPHER_DEBUG
4141                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
4142                                c->name);
4143 #endif
4144                         }
4145
4146 #ifndef OPENSSL_NO_TLSEXT
4147 #ifndef OPENSSL_NO_EC
4148                 /* if we are considering an ECC cipher suite that uses
4149                  * an ephemeral EC key check it */
4150                 if (alg_k & SSL_kEECDH)
4151                         ok = ok && tls1_check_ec_tmp_key(s, c->id);
4152 #endif /* OPENSSL_NO_EC */
4153 #endif /* OPENSSL_NO_TLSEXT */
4154
4155                 if (!ok) continue;
4156                 ii=sk_SSL_CIPHER_find(allow,c);
4157                 if (ii >= 0)
4158                         {
4159 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
4160                         if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
4161                                 {
4162                                 if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
4163                                 continue;
4164                                 }
4165 #endif
4166                         ret=sk_SSL_CIPHER_value(allow,ii);
4167                         break;
4168                         }
4169                 }
4170         return(ret);
4171         }
4172
4173 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
4174         {
4175         int ret=0;
4176         const unsigned char *sig;
4177         size_t i, siglen;
4178         int have_rsa_sign = 0, have_dsa_sign = 0;
4179 #ifndef OPENSSL_NO_ECDSA
4180         int have_ecdsa_sign = 0;
4181 #endif
4182         int nostrict = 1;
4183         unsigned long alg_k;
4184
4185         /* If we have custom certificate types set, use them */
4186         if (s->cert->ctypes)
4187                 {
4188                 memcpy(p, s->cert->ctypes, s->cert->ctype_num);
4189                 return (int)s->cert->ctype_num;
4190                 }
4191         /* get configured sigalgs */
4192         siglen = tls12_get_psigalgs(s, &sig);
4193         if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
4194                 nostrict = 0;
4195         for (i = 0; i < siglen; i+=2, sig+=2)
4196                 {
4197                 switch(sig[1])
4198                         {
4199                 case TLSEXT_signature_rsa:
4200                         have_rsa_sign = 1;
4201                         break;
4202
4203                 case TLSEXT_signature_dsa:
4204                         have_dsa_sign = 1;
4205                         break;
4206 #ifndef OPENSSL_NO_ECDSA
4207                 case TLSEXT_signature_ecdsa:
4208                         have_ecdsa_sign = 1;
4209                         break;
4210 #endif
4211                         }
4212                 }
4213
4214         alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4215
4216 #ifndef OPENSSL_NO_GOST
4217         if (s->version >= TLS1_VERSION)
4218                 {
4219                 if (alg_k & SSL_kGOST)
4220                         {
4221                         p[ret++]=TLS_CT_GOST94_SIGN;
4222                         p[ret++]=TLS_CT_GOST01_SIGN;
4223                         return(ret);
4224                         }
4225                 }
4226 #endif
4227
4228 #ifndef OPENSSL_NO_DH
4229         if (alg_k & (SSL_kDHr|SSL_kEDH))
4230                 {
4231 #  ifndef OPENSSL_NO_RSA
4232                 /* Since this refers to a certificate signed with an RSA
4233                  * algorithm, only check for rsa signing in strict mode.
4234                  */
4235                 if (nostrict || have_rsa_sign)
4236                         p[ret++]=SSL3_CT_RSA_FIXED_DH;
4237 #  endif
4238 #  ifndef OPENSSL_NO_DSA
4239                 if (nostrict || have_dsa_sign)
4240                         p[ret++]=SSL3_CT_DSS_FIXED_DH;
4241 #  endif
4242                 }
4243         if ((s->version == SSL3_VERSION) &&
4244                 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
4245                 {
4246 #  ifndef OPENSSL_NO_RSA
4247                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
4248 #  endif
4249 #  ifndef OPENSSL_NO_DSA
4250                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
4251 #  endif
4252                 }
4253 #endif /* !OPENSSL_NO_DH */
4254 #ifndef OPENSSL_NO_RSA
4255         if (have_rsa_sign)
4256                 p[ret++]=SSL3_CT_RSA_SIGN;
4257 #endif
4258 #ifndef OPENSSL_NO_DSA
4259         if (have_dsa_sign)
4260                 p[ret++]=SSL3_CT_DSS_SIGN;
4261 #endif
4262 #ifndef OPENSSL_NO_ECDH
4263         if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
4264                 {
4265                 if (nostrict || have_rsa_sign)
4266                         p[ret++]=TLS_CT_RSA_FIXED_ECDH;
4267                 if (nostrict || have_ecdsa_sign)
4268                         p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
4269                 }
4270 #endif
4271
4272 #ifndef OPENSSL_NO_ECDSA
4273         /* ECDSA certs can be used with RSA cipher suites as well 
4274          * so we don't need to check for SSL_kECDH or SSL_kEECDH
4275          */
4276         if (s->version >= TLS1_VERSION)
4277                 {
4278                 if (have_ecdsa_sign)
4279                         p[ret++]=TLS_CT_ECDSA_SIGN;
4280                 }
4281 #endif  
4282         return(ret);
4283         }
4284
4285 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4286         {
4287         if (c->ctypes)
4288                 {
4289                 OPENSSL_free(c->ctypes);
4290                 c->ctypes = NULL;
4291                 }
4292         if (!p || !len)
4293                 return 1;
4294         if (len > 0xff)
4295                 return 0;
4296         c->ctypes = OPENSSL_malloc(len);
4297         if (!c->ctypes)
4298                 return 0;
4299         memcpy(c->ctypes, p, len);
4300         c->ctype_num = len;
4301         return 1;
4302         }
4303
4304 int ssl3_shutdown(SSL *s)
4305         {
4306         int ret;
4307
4308         /* Don't do anything much if we have not done the handshake or
4309          * we don't want to send messages :-) */
4310         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
4311                 {
4312                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
4313                 return(1);
4314                 }
4315
4316         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
4317                 {
4318                 s->shutdown|=SSL_SENT_SHUTDOWN;
4319 #if 1
4320                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
4321 #endif
4322                 /* our shutdown alert has been sent now, and if it still needs
4323                  * to be written, s->s3->alert_dispatch will be true */
4324                 if (s->s3->alert_dispatch)
4325                         return(-1);     /* return WANT_WRITE */
4326                 }
4327         else if (s->s3->alert_dispatch)
4328                 {
4329                 /* resend it if not sent */
4330 #if 1
4331                 ret=s->method->ssl_dispatch_alert(s);
4332                 if(ret == -1)
4333                         {
4334                         /* we only get to return -1 here the 2nd/Nth
4335                          * invocation, we must  have already signalled
4336                          * return 0 upon a previous invoation,
4337                          * return WANT_WRITE */
4338                         return(ret);
4339                         }
4340 #endif
4341                 }
4342         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4343                 {
4344                 /* If we are waiting for a close from our peer, we are closed */
4345                 s->method->ssl_read_bytes(s,0,NULL,0,0);
4346                 if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4347                         {
4348                         return(-1);     /* return WANT_READ */
4349                         }
4350                 }
4351
4352         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
4353                 !s->s3->alert_dispatch)
4354                 return(1);
4355         else
4356                 return(0);
4357         }
4358
4359 int ssl3_write(SSL *s, const void *buf, int len)
4360         {
4361         int ret,n;
4362
4363 #if 0
4364         if (s->shutdown & SSL_SEND_SHUTDOWN)
4365                 {
4366                 s->rwstate=SSL_NOTHING;
4367                 return(0);
4368                 }
4369 #endif
4370         clear_sys_error();
4371         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4372
4373         /* This is an experimental flag that sends the
4374          * last handshake message in the same packet as the first
4375          * use data - used to see if it helps the TCP protocol during
4376          * session-id reuse */
4377         /* The second test is because the buffer may have been removed */
4378         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
4379                 {
4380                 /* First time through, we write into the buffer */
4381                 if (s->s3->delay_buf_pop_ret == 0)
4382                         {
4383                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4384                                              buf,len);
4385                         if (ret <= 0) return(ret);
4386
4387                         s->s3->delay_buf_pop_ret=ret;
4388                         }
4389
4390                 s->rwstate=SSL_WRITING;
4391                 n=BIO_flush(s->wbio);
4392                 if (n <= 0) return(n);
4393                 s->rwstate=SSL_NOTHING;
4394
4395                 /* We have flushed the buffer, so remove it */
4396                 ssl_free_wbio_buffer(s);
4397                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
4398
4399                 ret=s->s3->delay_buf_pop_ret;
4400                 s->s3->delay_buf_pop_ret=0;
4401                 }
4402         else
4403                 {
4404                 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4405                         buf,len);
4406                 if (ret <= 0) return(ret);
4407                 }
4408
4409         return(ret);
4410         }
4411
4412 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
4413         {
4414         int ret;
4415         
4416         clear_sys_error();
4417         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4418         s->s3->in_read_app_data=1;
4419         ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4420         if ((ret == -1) && (s->s3->in_read_app_data == 2))
4421                 {
4422                 /* ssl3_read_bytes decided to call s->handshake_func, which
4423                  * called ssl3_read_bytes to read handshake data.
4424                  * However, ssl3_read_bytes actually found application data
4425                  * and thinks that application data makes sense here; so disable
4426                  * handshake processing and try to read application data again. */
4427                 s->in_handshake++;
4428                 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4429                 s->in_handshake--;
4430                 }
4431         else
4432                 s->s3->in_read_app_data=0;
4433
4434         return(ret);
4435         }
4436
4437 int ssl3_read(SSL *s, void *buf, int len)
4438         {
4439         return ssl3_read_internal(s, buf, len, 0);
4440         }
4441
4442 int ssl3_peek(SSL *s, void *buf, int len)
4443         {
4444         return ssl3_read_internal(s, buf, len, 1);
4445         }
4446
4447 int ssl3_renegotiate(SSL *s)
4448         {
4449         if (s->handshake_func == NULL)
4450                 return(1);
4451
4452         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4453                 return(0);
4454
4455         s->s3->renegotiate=1;
4456         return(1);
4457         }
4458
4459 int ssl3_renegotiate_check(SSL *s)
4460         {
4461         int ret=0;
4462
4463         if (s->s3->renegotiate)
4464                 {
4465                 if (    (s->s3->rbuf.left == 0) &&
4466                         (s->s3->wbuf.left == 0) &&
4467                         !SSL_in_init(s))
4468                         {
4469 /*
4470 if we are the server, and we have sent a 'RENEGOTIATE' message, we
4471 need to go to SSL_ST_ACCEPT.
4472 */
4473                         /* SSL_ST_ACCEPT */
4474                         s->state=SSL_ST_RENEGOTIATE;
4475                         s->s3->renegotiate=0;
4476                         s->s3->num_renegotiations++;
4477                         s->s3->total_renegotiations++;
4478                         ret=1;
4479                         }
4480                 }
4481         return(ret);
4482         }
4483 /* If we are using default SHA1+MD5 algorithms switch to&