b147935dc980c0caf505174fbccc7fd26af9fc1c
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #ifndef OPENSSL_NO_TLSEXT
156 #ifndef OPENSSL_NO_EC
157 #include "../crypto/ec/ec_lcl.h"
158 #endif /* OPENSSL_NO_EC */
159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h>
163 #endif
164
165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
166
167 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171
172 /* The RSA ciphers */
173 /* Cipher 01 */
174         {
175         1,
176         SSL3_TXT_RSA_NULL_MD5,
177         SSL3_CK_RSA_NULL_MD5,
178         SSL_kRSA,
179         SSL_aRSA,
180         SSL_eNULL,
181         SSL_MD5,
182         SSL_SSLV3,
183         SSL_NOT_EXP|SSL_STRONG_NONE,
184         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
185         0,
186         0,
187         },
188
189 /* Cipher 02 */
190         {
191         1,
192         SSL3_TXT_RSA_NULL_SHA,
193         SSL3_CK_RSA_NULL_SHA,
194         SSL_kRSA,
195         SSL_aRSA,
196         SSL_eNULL,
197         SSL_SHA1,
198         SSL_SSLV3,
199         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
200         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
201         0,
202         0,
203         },
204
205 /* Cipher 03 */
206         {
207         1,
208         SSL3_TXT_RSA_RC4_40_MD5,
209         SSL3_CK_RSA_RC4_40_MD5,
210         SSL_kRSA,
211         SSL_aRSA,
212         SSL_RC4,
213         SSL_MD5,
214         SSL_SSLV3,
215         SSL_EXPORT|SSL_EXP40,
216         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
217         40,
218         128,
219         },
220
221 /* Cipher 04 */
222         {
223         1,
224         SSL3_TXT_RSA_RC4_128_MD5,
225         SSL3_CK_RSA_RC4_128_MD5,
226         SSL_kRSA,
227         SSL_aRSA,
228         SSL_RC4,
229         SSL_MD5,
230         SSL_SSLV3,
231         SSL_NOT_EXP|SSL_MEDIUM,
232         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
233         128,
234         128,
235         },
236
237 /* Cipher 05 */
238         {
239         1,
240         SSL3_TXT_RSA_RC4_128_SHA,
241         SSL3_CK_RSA_RC4_128_SHA,
242         SSL_kRSA,
243         SSL_aRSA,
244         SSL_RC4,
245         SSL_SHA1,
246         SSL_SSLV3,
247         SSL_NOT_EXP|SSL_MEDIUM,
248         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
249         128,
250         128,
251         },
252
253 /* Cipher 06 */
254         {
255         1,
256         SSL3_TXT_RSA_RC2_40_MD5,
257         SSL3_CK_RSA_RC2_40_MD5,
258         SSL_kRSA,
259         SSL_aRSA,
260         SSL_RC2,
261         SSL_MD5,
262         SSL_SSLV3,
263         SSL_EXPORT|SSL_EXP40,
264         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
265         40,
266         128,
267         },
268
269 /* Cipher 07 */
270 #ifndef OPENSSL_NO_IDEA
271         {
272         1,
273         SSL3_TXT_RSA_IDEA_128_SHA,
274         SSL3_CK_RSA_IDEA_128_SHA,
275         SSL_kRSA,
276         SSL_aRSA,
277         SSL_IDEA,
278         SSL_SHA1,
279         SSL_SSLV3,
280         SSL_NOT_EXP|SSL_MEDIUM,
281         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
282         128,
283         128,
284         },
285 #endif
286
287 /* Cipher 08 */
288         {
289         1,
290         SSL3_TXT_RSA_DES_40_CBC_SHA,
291         SSL3_CK_RSA_DES_40_CBC_SHA,
292         SSL_kRSA,
293         SSL_aRSA,
294         SSL_DES,
295         SSL_SHA1,
296         SSL_SSLV3,
297         SSL_EXPORT|SSL_EXP40,
298         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
299         40,
300         56,
301         },
302
303 /* Cipher 09 */
304         {
305         1,
306         SSL3_TXT_RSA_DES_64_CBC_SHA,
307         SSL3_CK_RSA_DES_64_CBC_SHA,
308         SSL_kRSA,
309         SSL_aRSA,
310         SSL_DES,
311         SSL_SHA1,
312         SSL_SSLV3,
313         SSL_NOT_EXP|SSL_LOW,
314         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
315         56,
316         56,
317         },
318
319 /* Cipher 0A */
320         {
321         1,
322         SSL3_TXT_RSA_DES_192_CBC3_SHA,
323         SSL3_CK_RSA_DES_192_CBC3_SHA,
324         SSL_kRSA,
325         SSL_aRSA,
326         SSL_3DES,
327         SSL_SHA1,
328         SSL_SSLV3,
329         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
330         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
331         168,
332         168,
333         },
334
335 /* The DH ciphers */
336 /* Cipher 0B */
337         {
338         0,
339         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
340         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
341         SSL_kDHd,
342         SSL_aDH,
343         SSL_DES,
344         SSL_SHA1,
345         SSL_SSLV3,
346         SSL_EXPORT|SSL_EXP40,
347         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
348         40,
349         56,
350         },
351
352 /* Cipher 0C */
353         {
354         0, /* not implemented (non-ephemeral DH) */
355         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
356         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
357         SSL_kDHd,
358         SSL_aDH,
359         SSL_DES,
360         SSL_SHA1,
361         SSL_SSLV3,
362         SSL_NOT_EXP|SSL_LOW,
363         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
364         56,
365         56,
366         },
367
368 /* Cipher 0D */
369         {
370         0, /* not implemented (non-ephemeral DH) */
371         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
372         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
373         SSL_kDHd,
374         SSL_aDH,
375         SSL_3DES,
376         SSL_SHA1,
377         SSL_SSLV3,
378         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
379         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
380         168,
381         168,
382         },
383
384 /* Cipher 0E */
385         {
386         0, /* not implemented (non-ephemeral DH) */
387         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
388         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
389         SSL_kDHr,
390         SSL_aDH,
391         SSL_DES,
392         SSL_SHA1,
393         SSL_SSLV3,
394         SSL_EXPORT|SSL_EXP40,
395         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
396         40,
397         56,
398         },
399
400 /* Cipher 0F */
401         {
402         0, /* not implemented (non-ephemeral DH) */
403         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
404         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
405         SSL_kDHr,
406         SSL_aDH,
407         SSL_DES,
408         SSL_SHA1,
409         SSL_SSLV3,
410         SSL_NOT_EXP|SSL_LOW,
411         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
412         56,
413         56,
414         },
415
416 /* Cipher 10 */
417         {
418         0, /* not implemented (non-ephemeral DH) */
419         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
420         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
421         SSL_kDHr,
422         SSL_aDH,
423         SSL_3DES,
424         SSL_SHA1,
425         SSL_SSLV3,
426         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
428         168,
429         168,
430         },
431
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434         {
435         1,
436         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438         SSL_kEDH,
439         SSL_aDSS,
440         SSL_DES,
441         SSL_SHA1,
442         SSL_SSLV3,
443         SSL_EXPORT|SSL_EXP40,
444         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
445         40,
446         56,
447         },
448
449 /* Cipher 12 */
450         {
451         1,
452         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
453         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
454         SSL_kEDH,
455         SSL_aDSS,
456         SSL_DES,
457         SSL_SHA1,
458         SSL_SSLV3,
459         SSL_NOT_EXP|SSL_LOW,
460         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
461         56,
462         56,
463         },
464
465 /* Cipher 13 */
466         {
467         1,
468         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
469         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
470         SSL_kEDH,
471         SSL_aDSS,
472         SSL_3DES,
473         SSL_SHA1,
474         SSL_SSLV3,
475         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
476         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
477         168,
478         168,
479         },
480
481 /* Cipher 14 */
482         {
483         1,
484         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
485         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
486         SSL_kEDH,
487         SSL_aRSA,
488         SSL_DES,
489         SSL_SHA1,
490         SSL_SSLV3,
491         SSL_EXPORT|SSL_EXP40,
492         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
493         40,
494         56,
495         },
496
497 /* Cipher 15 */
498         {
499         1,
500         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
501         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
502         SSL_kEDH,
503         SSL_aRSA,
504         SSL_DES,
505         SSL_SHA1,
506         SSL_SSLV3,
507         SSL_NOT_EXP|SSL_LOW,
508         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
509         56,
510         56,
511         },
512
513 /* Cipher 16 */
514         {
515         1,
516         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
517         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
518         SSL_kEDH,
519         SSL_aRSA,
520         SSL_3DES,
521         SSL_SHA1,
522         SSL_SSLV3,
523         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
524         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
525         168,
526         168,
527         },
528
529 /* Cipher 17 */
530         {
531         1,
532         SSL3_TXT_ADH_RC4_40_MD5,
533         SSL3_CK_ADH_RC4_40_MD5,
534         SSL_kEDH,
535         SSL_aNULL,
536         SSL_RC4,
537         SSL_MD5,
538         SSL_SSLV3,
539         SSL_EXPORT|SSL_EXP40,
540         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
541         40,
542         128,
543         },
544
545 /* Cipher 18 */
546         {
547         1,
548         SSL3_TXT_ADH_RC4_128_MD5,
549         SSL3_CK_ADH_RC4_128_MD5,
550         SSL_kEDH,
551         SSL_aNULL,
552         SSL_RC4,
553         SSL_MD5,
554         SSL_SSLV3,
555         SSL_NOT_EXP|SSL_MEDIUM,
556         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
557         128,
558         128,
559         },
560
561 /* Cipher 19 */
562         {
563         1,
564         SSL3_TXT_ADH_DES_40_CBC_SHA,
565         SSL3_CK_ADH_DES_40_CBC_SHA,
566         SSL_kEDH,
567         SSL_aNULL,
568         SSL_DES,
569         SSL_SHA1,
570         SSL_SSLV3,
571         SSL_EXPORT|SSL_EXP40,
572         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
573         40,
574         128,
575         },
576
577 /* Cipher 1A */
578         {
579         1,
580         SSL3_TXT_ADH_DES_64_CBC_SHA,
581         SSL3_CK_ADH_DES_64_CBC_SHA,
582         SSL_kEDH,
583         SSL_aNULL,
584         SSL_DES,
585         SSL_SHA1,
586         SSL_SSLV3,
587         SSL_NOT_EXP|SSL_LOW,
588         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
589         56,
590         56,
591         },
592
593 /* Cipher 1B */
594         {
595         1,
596         SSL3_TXT_ADH_DES_192_CBC_SHA,
597         SSL3_CK_ADH_DES_192_CBC_SHA,
598         SSL_kEDH,
599         SSL_aNULL,
600         SSL_3DES,
601         SSL_SHA1,
602         SSL_SSLV3,
603         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
604         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
605         168,
606         168,
607         },
608
609 /* Fortezza ciphersuite from SSL 3.0 spec */
610 #if 0
611 /* Cipher 1C */
612         {
613         0,
614         SSL3_TXT_FZA_DMS_NULL_SHA,
615         SSL3_CK_FZA_DMS_NULL_SHA,
616         SSL_kFZA,
617         SSL_aFZA,
618         SSL_eNULL,
619         SSL_SHA1,
620         SSL_SSLV3,
621         SSL_NOT_EXP|SSL_STRONG_NONE,
622         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
623         0,
624         0,
625         },
626
627 /* Cipher 1D */
628         {
629         0,
630         SSL3_TXT_FZA_DMS_FZA_SHA,
631         SSL3_CK_FZA_DMS_FZA_SHA,
632         SSL_kFZA,
633         SSL_aFZA,
634         SSL_eFZA,
635         SSL_SHA1,
636         SSL_SSLV3,
637         SSL_NOT_EXP|SSL_STRONG_NONE,
638         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
639         0,
640         0,
641         },
642
643 /* Cipher 1E */
644         {
645         0,
646         SSL3_TXT_FZA_DMS_RC4_SHA,
647         SSL3_CK_FZA_DMS_RC4_SHA,
648         SSL_kFZA,
649         SSL_aFZA,
650         SSL_RC4,
651         SSL_SHA1,
652         SSL_SSLV3,
653         SSL_NOT_EXP|SSL_MEDIUM,
654         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
655         128,
656         128,
657         },
658 #endif
659
660 #ifndef OPENSSL_NO_KRB5
661 /* The Kerberos ciphers*/
662 /* Cipher 1E */
663         {
664         1,
665         SSL3_TXT_KRB5_DES_64_CBC_SHA,
666         SSL3_CK_KRB5_DES_64_CBC_SHA,
667         SSL_kKRB5,
668         SSL_aKRB5,
669         SSL_DES,
670         SSL_SHA1,
671         SSL_SSLV3,
672         SSL_NOT_EXP|SSL_LOW,
673         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
674         56,
675         56,
676         },
677
678 /* Cipher 1F */
679         {
680         1,
681         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
682         SSL3_CK_KRB5_DES_192_CBC3_SHA,
683         SSL_kKRB5,
684         SSL_aKRB5,
685         SSL_3DES,
686         SSL_SHA1,
687         SSL_SSLV3,
688         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
689         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
690         168,
691         168,
692         },
693
694 /* Cipher 20 */
695         {
696         1,
697         SSL3_TXT_KRB5_RC4_128_SHA,
698         SSL3_CK_KRB5_RC4_128_SHA,
699         SSL_kKRB5,
700         SSL_aKRB5,
701         SSL_RC4,
702         SSL_SHA1,
703         SSL_SSLV3,
704         SSL_NOT_EXP|SSL_MEDIUM,
705         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
706         128,
707         128,
708         },
709
710 /* Cipher 21 */
711         {
712         1,
713         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
714         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
715         SSL_kKRB5,
716         SSL_aKRB5,
717         SSL_IDEA,
718         SSL_SHA1,
719         SSL_SSLV3,
720         SSL_NOT_EXP|SSL_MEDIUM,
721         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
722         128,
723         128,
724         },
725
726 /* Cipher 22 */
727         {
728         1,
729         SSL3_TXT_KRB5_DES_64_CBC_MD5,
730         SSL3_CK_KRB5_DES_64_CBC_MD5,
731         SSL_kKRB5,
732         SSL_aKRB5,
733         SSL_DES,
734         SSL_MD5,
735         SSL_SSLV3,
736         SSL_NOT_EXP|SSL_LOW,
737         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
738         56,
739         56,
740         },
741
742 /* Cipher 23 */
743         {
744         1,
745         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
746         SSL3_CK_KRB5_DES_192_CBC3_MD5,
747         SSL_kKRB5,
748         SSL_aKRB5,
749         SSL_3DES,
750         SSL_MD5,
751         SSL_SSLV3,
752         SSL_NOT_EXP|SSL_HIGH,
753         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
754         168,
755         168,
756         },
757
758 /* Cipher 24 */
759         {
760         1,
761         SSL3_TXT_KRB5_RC4_128_MD5,
762         SSL3_CK_KRB5_RC4_128_MD5,
763         SSL_kKRB5,
764         SSL_aKRB5,
765         SSL_RC4,
766         SSL_MD5,
767         SSL_SSLV3,
768         SSL_NOT_EXP|SSL_MEDIUM,
769         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
770         128,
771         128,
772         },
773
774 /* Cipher 25 */
775         {
776         1,
777         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
778         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
779         SSL_kKRB5,
780         SSL_aKRB5,
781         SSL_IDEA,
782         SSL_MD5,
783         SSL_SSLV3,
784         SSL_NOT_EXP|SSL_MEDIUM,
785         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
786         128,
787         128,
788         },
789
790 /* Cipher 26 */
791         {
792         1,
793         SSL3_TXT_KRB5_DES_40_CBC_SHA,
794         SSL3_CK_KRB5_DES_40_CBC_SHA,
795         SSL_kKRB5,
796         SSL_aKRB5,
797         SSL_DES,
798         SSL_SHA1,
799         SSL_SSLV3,
800         SSL_EXPORT|SSL_EXP40,
801         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
802         40,
803         56,
804         },
805
806 /* Cipher 27 */
807         {
808         1,
809         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
810         SSL3_CK_KRB5_RC2_40_CBC_SHA,
811         SSL_kKRB5,
812         SSL_aKRB5,
813         SSL_RC2,
814         SSL_SHA1,
815         SSL_SSLV3,
816         SSL_EXPORT|SSL_EXP40,
817         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
818         40,
819         128,
820         },
821
822 /* Cipher 28 */
823         {
824         1,
825         SSL3_TXT_KRB5_RC4_40_SHA,
826         SSL3_CK_KRB5_RC4_40_SHA,
827         SSL_kKRB5,
828         SSL_aKRB5,
829         SSL_RC4,
830         SSL_SHA1,
831         SSL_SSLV3,
832         SSL_EXPORT|SSL_EXP40,
833         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
834         40,
835         128,
836         },
837
838 /* Cipher 29 */
839         {
840         1,
841         SSL3_TXT_KRB5_DES_40_CBC_MD5,
842         SSL3_CK_KRB5_DES_40_CBC_MD5,
843         SSL_kKRB5,
844         SSL_aKRB5,
845         SSL_DES,
846         SSL_MD5,
847         SSL_SSLV3,
848         SSL_EXPORT|SSL_EXP40,
849         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
850         40,
851         56,
852         },
853
854 /* Cipher 2A */
855         {
856         1,
857         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
858         SSL3_CK_KRB5_RC2_40_CBC_MD5,
859         SSL_kKRB5,
860         SSL_aKRB5,
861         SSL_RC2,
862         SSL_MD5,
863         SSL_SSLV3,
864         SSL_EXPORT|SSL_EXP40,
865         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
866         40,
867         128,
868         },
869
870 /* Cipher 2B */
871         {
872         1,
873         SSL3_TXT_KRB5_RC4_40_MD5,
874         SSL3_CK_KRB5_RC4_40_MD5,
875         SSL_kKRB5,
876         SSL_aKRB5,
877         SSL_RC4,
878         SSL_MD5,
879         SSL_SSLV3,
880         SSL_EXPORT|SSL_EXP40,
881         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
882         40,
883         128,
884         },
885 #endif  /* OPENSSL_NO_KRB5 */
886
887 /* New AES ciphersuites */
888 /* Cipher 2F */
889         {
890         1,
891         TLS1_TXT_RSA_WITH_AES_128_SHA,
892         TLS1_CK_RSA_WITH_AES_128_SHA,
893         SSL_kRSA,
894         SSL_aRSA,
895         SSL_AES128,
896         SSL_SHA1,
897         SSL_TLSV1,
898         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
899         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
900         128,
901         128,
902         },
903 /* Cipher 30 */
904         {
905         0,
906         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
907         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
908         SSL_kDHd,
909         SSL_aDH,
910         SSL_AES128,
911         SSL_SHA1,
912         SSL_TLSV1,
913         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
914         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
915         128,
916         128,
917         },
918 /* Cipher 31 */
919         {
920         0,
921         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
922         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
923         SSL_kDHr,
924         SSL_aDH,
925         SSL_AES128,
926         SSL_SHA1,
927         SSL_TLSV1,
928         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
929         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
930         128,
931         128,
932         },
933 /* Cipher 32 */
934         {
935         1,
936         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
937         TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
938         SSL_kEDH,
939         SSL_aDSS,
940         SSL_AES128,
941         SSL_SHA1,
942         SSL_TLSV1,
943         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
944         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
945         128,
946         128,
947         },
948 /* Cipher 33 */
949         {
950         1,
951         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
952         TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
953         SSL_kEDH,
954         SSL_aRSA,
955         SSL_AES128,
956         SSL_SHA1,
957         SSL_TLSV1,
958         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
959         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
960         128,
961         128,
962         },
963 /* Cipher 34 */
964         {
965         1,
966         TLS1_TXT_ADH_WITH_AES_128_SHA,
967         TLS1_CK_ADH_WITH_AES_128_SHA,
968         SSL_kEDH,
969         SSL_aNULL,
970         SSL_AES128,
971         SSL_SHA1,
972         SSL_TLSV1,
973         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
974         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
975         128,
976         128,
977         },
978
979 /* Cipher 35 */
980         {
981         1,
982         TLS1_TXT_RSA_WITH_AES_256_SHA,
983         TLS1_CK_RSA_WITH_AES_256_SHA,
984         SSL_kRSA,
985         SSL_aRSA,
986         SSL_AES256,
987         SSL_SHA1,
988         SSL_TLSV1,
989         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
990         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
991         256,
992         256,
993         },
994 /* Cipher 36 */
995         {
996         0,
997         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
998         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
999         SSL_kDHd,
1000         SSL_aDH,
1001         SSL_AES256,
1002         SSL_SHA1,
1003         SSL_TLSV1,
1004         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1005         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1006         256,
1007         256,
1008         },
1009
1010 /* Cipher 37 */
1011         {
1012         0, /* not implemented (non-ephemeral DH) */
1013         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1014         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1015         SSL_kDHr,
1016         SSL_aDH,
1017         SSL_AES256,
1018         SSL_SHA1,
1019         SSL_TLSV1,
1020         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1021         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1022         256,
1023         256,
1024         },
1025
1026 /* Cipher 38 */
1027         {
1028         1,
1029         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1030         TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1031         SSL_kEDH,
1032         SSL_aDSS,
1033         SSL_AES256,
1034         SSL_SHA1,
1035         SSL_TLSV1,
1036         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1037         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1038         256,
1039         256,
1040         },
1041
1042 /* Cipher 39 */
1043         {
1044         1,
1045         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1046         TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1047         SSL_kEDH,
1048         SSL_aRSA,
1049         SSL_AES256,
1050         SSL_SHA1,
1051         SSL_TLSV1,
1052         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1053         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1054         256,
1055         256,
1056         },
1057
1058         /* Cipher 3A */
1059         {
1060         1,
1061         TLS1_TXT_ADH_WITH_AES_256_SHA,
1062         TLS1_CK_ADH_WITH_AES_256_SHA,
1063         SSL_kEDH,
1064         SSL_aNULL,
1065         SSL_AES256,
1066         SSL_SHA1,
1067         SSL_TLSV1,
1068         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1069         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1070         256,
1071         256,
1072         },
1073
1074         /* TLS v1.2 ciphersuites */
1075         /* Cipher 3B */
1076         {
1077         1,
1078         TLS1_TXT_RSA_WITH_NULL_SHA256,
1079         TLS1_CK_RSA_WITH_NULL_SHA256,
1080         SSL_kRSA,
1081         SSL_aRSA,
1082         SSL_eNULL,
1083         SSL_SHA256,
1084         SSL_SSLV3,
1085         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1086         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1087         0,
1088         0,
1089         },
1090
1091         /* Cipher 3C */
1092         {
1093         1,
1094         TLS1_TXT_RSA_WITH_AES_128_SHA256,
1095         TLS1_CK_RSA_WITH_AES_128_SHA256,
1096         SSL_kRSA,
1097         SSL_aRSA,
1098         SSL_AES128,
1099         SSL_SHA256,
1100         SSL_TLSV1,
1101         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1102         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1103         128,
1104         128,
1105         },
1106
1107         /* Cipher 3D */
1108         {
1109         1,
1110         TLS1_TXT_RSA_WITH_AES_256_SHA256,
1111         TLS1_CK_RSA_WITH_AES_256_SHA256,
1112         SSL_kRSA,
1113         SSL_aRSA,
1114         SSL_AES256,
1115         SSL_SHA256,
1116         SSL_TLSV1,
1117         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1118         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1119         256,
1120         256,
1121         },
1122
1123         /* Cipher 3E */
1124         {
1125         0, /* not implemented (non-ephemeral DH) */
1126         TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1127         TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1128         SSL_kDHr,
1129         SSL_aDH,
1130         SSL_AES128,
1131         SSL_SHA256,
1132         SSL_TLSV1,
1133         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1134         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1135         128,
1136         128,
1137         },
1138
1139         /* Cipher 3F */
1140         {
1141         0, /* not implemented (non-ephemeral DH) */
1142         TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1143         TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1144         SSL_kDHr,
1145         SSL_aDH,
1146         SSL_AES128,
1147         SSL_SHA256,
1148         SSL_TLSV1,
1149         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1150         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1151         128,
1152         128,
1153         },
1154
1155         /* Cipher 40 */
1156         {
1157         1,
1158         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1159         TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1160         SSL_kEDH,
1161         SSL_aDSS,
1162         SSL_AES128,
1163         SSL_SHA256,
1164         SSL_TLSV1,
1165         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1166         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1167         128,
1168         128,
1169         },
1170
1171 #ifndef OPENSSL_NO_CAMELLIA
1172         /* Camellia ciphersuites from RFC4132 (128-bit portion) */
1173
1174         /* Cipher 41 */
1175         {
1176         1,
1177         TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1178         TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1179         SSL_kRSA,
1180         SSL_aRSA,
1181         SSL_CAMELLIA128,
1182         SSL_SHA1,
1183         SSL_TLSV1,
1184         SSL_NOT_EXP|SSL_HIGH,
1185         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1186         128,
1187         128,
1188         },
1189
1190         /* Cipher 42 */
1191         {
1192         0, /* not implemented (non-ephemeral DH) */
1193         TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1194         TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1195         SSL_kDHd,
1196         SSL_aDH,
1197         SSL_CAMELLIA128,
1198         SSL_SHA1,
1199         SSL_TLSV1,
1200         SSL_NOT_EXP|SSL_HIGH,
1201         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1202         128,
1203         128,
1204         },
1205
1206         /* Cipher 43 */
1207         {
1208         0, /* not implemented (non-ephemeral DH) */
1209         TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1210         TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1211         SSL_kDHr,
1212         SSL_aDH,
1213         SSL_CAMELLIA128,
1214         SSL_SHA1,
1215         SSL_TLSV1,
1216         SSL_NOT_EXP|SSL_HIGH,
1217         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1218         128,
1219         128,
1220         },
1221
1222         /* Cipher 44 */
1223         {
1224         1,
1225         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1226         TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1227         SSL_kEDH,
1228         SSL_aDSS,
1229         SSL_CAMELLIA128,
1230         SSL_SHA1,
1231         SSL_TLSV1,
1232         SSL_NOT_EXP|SSL_HIGH,
1233         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1234         128,
1235         128,
1236         },
1237
1238         /* Cipher 45 */
1239         {
1240         1,
1241         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1242         TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1243         SSL_kEDH,
1244         SSL_aRSA,
1245         SSL_CAMELLIA128,
1246         SSL_SHA1,
1247         SSL_TLSV1,
1248         SSL_NOT_EXP|SSL_HIGH,
1249         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1250         128,
1251         128,
1252         },
1253
1254         /* Cipher 46 */
1255         {
1256         1,
1257         TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1258         TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1259         SSL_kEDH,
1260         SSL_aNULL,
1261         SSL_CAMELLIA128,
1262         SSL_SHA1,
1263         SSL_TLSV1,
1264         SSL_NOT_EXP|SSL_HIGH,
1265         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1266         128,
1267         128,
1268         },
1269 #endif /* OPENSSL_NO_CAMELLIA */
1270
1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1272         /* New TLS Export CipherSuites from expired ID */
1273 #if 0
1274         /* Cipher 60 */
1275         {
1276         1,
1277         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1278         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1279         SSL_kRSA,
1280         SSL_aRSA,
1281         SSL_RC4,
1282         SSL_MD5,
1283         SSL_TLSV1,
1284         SSL_EXPORT|SSL_EXP56,
1285         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1286         56,
1287         128,
1288         },
1289
1290         /* Cipher 61 */
1291         {
1292         1,
1293         TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1294         TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1295         SSL_kRSA,
1296         SSL_aRSA,
1297         SSL_RC2,
1298         SSL_MD5,
1299         SSL_TLSV1,
1300         SSL_EXPORT|SSL_EXP56,
1301         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1302         56,
1303         128,
1304         },
1305 #endif
1306
1307         /* Cipher 62 */
1308         {
1309         1,
1310         TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1311         TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1312         SSL_kRSA,
1313         SSL_aRSA,
1314         SSL_DES,
1315         SSL_SHA1,
1316         SSL_TLSV1,
1317         SSL_EXPORT|SSL_EXP56,
1318         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1319         56,
1320         56,
1321         },
1322
1323         /* Cipher 63 */
1324         {
1325         1,
1326         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1327         TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1328         SSL_kEDH,
1329         SSL_aDSS,
1330         SSL_DES,
1331         SSL_SHA1,
1332         SSL_TLSV1,
1333         SSL_EXPORT|SSL_EXP56,
1334         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1335         56,
1336         56,
1337         },
1338
1339         /* Cipher 64 */
1340         {
1341         1,
1342         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1343         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1344         SSL_kRSA,
1345         SSL_aRSA,
1346         SSL_RC4,
1347         SSL_SHA1,
1348         SSL_TLSV1,
1349         SSL_EXPORT|SSL_EXP56,
1350         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1351         56,
1352         128,
1353         },
1354
1355         /* Cipher 65 */
1356         {
1357         1,
1358         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1359         TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1360         SSL_kEDH,
1361         SSL_aDSS,
1362         SSL_RC4,
1363         SSL_SHA1,
1364         SSL_TLSV1,
1365         SSL_EXPORT|SSL_EXP56,
1366         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1367         56,
1368         128,
1369         },
1370
1371         /* Cipher 66 */
1372         {
1373         1,
1374         TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1375         TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1376         SSL_kEDH,
1377         SSL_aDSS,
1378         SSL_RC4,
1379         SSL_SHA1,
1380         SSL_TLSV1,
1381         SSL_NOT_EXP|SSL_MEDIUM,
1382         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1383         128,
1384         128,
1385         },
1386 #endif
1387
1388         /* TLS v1.2 ciphersuites */
1389         /* Cipher 67 */
1390         {
1391         1,
1392         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1393         TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1394         SSL_kEDH,
1395         SSL_aRSA,
1396         SSL_AES128,
1397         SSL_SHA256,
1398         SSL_TLSV1,
1399         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1400         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1401         128,
1402         128,
1403         },
1404
1405         /* Cipher 68 */
1406         {
1407         0, /* not implemented (non-ephemeral DH) */
1408         TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1409         TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1410         SSL_kDHr,
1411         SSL_aDH,
1412         SSL_AES256,
1413         SSL_SHA256,
1414         SSL_TLSV1,
1415         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1416         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1417         256,
1418         256,
1419         },
1420
1421         /* Cipher 69 */
1422         {
1423         0, /* not implemented (non-ephemeral DH) */
1424         TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1425         TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1426         SSL_kDHr,
1427         SSL_aDH,
1428         SSL_AES256,
1429         SSL_SHA256,
1430         SSL_TLSV1,
1431         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1432         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1433         256,
1434         256,
1435         },
1436
1437         /* Cipher 6A */
1438         {
1439         1,
1440         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1441         TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1442         SSL_kEDH,
1443         SSL_aDSS,
1444         SSL_AES256,
1445         SSL_SHA256,
1446         SSL_TLSV1,
1447         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1448         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1449         256,
1450         256,
1451         },
1452
1453         /* Cipher 6B */
1454         {
1455         1,
1456         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1457         TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1458         SSL_kEDH,
1459         SSL_aRSA,
1460         SSL_AES256,
1461         SSL_SHA256,
1462         SSL_TLSV1,
1463         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1464         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1465         256,
1466         256,
1467         },
1468
1469         /* Cipher 6C */
1470         {
1471         1,
1472         TLS1_TXT_ADH_WITH_AES_128_SHA256,
1473         TLS1_CK_ADH_WITH_AES_128_SHA256,
1474         SSL_kEDH,
1475         SSL_aNULL,
1476         SSL_AES128,
1477         SSL_SHA256,
1478         SSL_TLSV1,
1479         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1480         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1481         128,
1482         128,
1483         },
1484
1485         /* Cipher 6D */
1486         {
1487         1,
1488         TLS1_TXT_ADH_WITH_AES_256_SHA256,
1489         TLS1_CK_ADH_WITH_AES_256_SHA256,
1490         SSL_kEDH,
1491         SSL_aNULL,
1492         SSL_AES256,
1493         SSL_SHA256,
1494         SSL_TLSV1,
1495         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1496         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1497         256,
1498         256,
1499         },
1500
1501         /* GOST Ciphersuites */
1502
1503         {
1504         1,
1505         "GOST94-GOST89-GOST89",
1506         0x3000080,
1507         SSL_kGOST,
1508         SSL_aGOST94,
1509         SSL_eGOST2814789CNT,
1510         SSL_GOST89MAC,
1511         SSL_TLSV1,
1512         SSL_NOT_EXP|SSL_HIGH,
1513         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1514         256,
1515         256
1516         },
1517         {
1518         1,
1519         "GOST2001-GOST89-GOST89",
1520         0x3000081,
1521         SSL_kGOST,
1522         SSL_aGOST01,
1523         SSL_eGOST2814789CNT,
1524         SSL_GOST89MAC,
1525         SSL_TLSV1,
1526         SSL_NOT_EXP|SSL_HIGH,
1527         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1528         256,
1529         256
1530         },
1531         {
1532         1,
1533         "GOST94-NULL-GOST94",
1534         0x3000082,
1535         SSL_kGOST,
1536         SSL_aGOST94,
1537         SSL_eNULL,
1538         SSL_GOST94,
1539         SSL_TLSV1,
1540         SSL_NOT_EXP|SSL_STRONG_NONE,
1541         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1542         0,
1543         0
1544         },
1545         {
1546         1,
1547         "GOST2001-NULL-GOST94",
1548         0x3000083,
1549         SSL_kGOST,
1550         SSL_aGOST01,
1551         SSL_eNULL,
1552         SSL_GOST94,
1553         SSL_TLSV1,
1554         SSL_NOT_EXP|SSL_STRONG_NONE,
1555         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1556         0,
1557         0
1558         },
1559
1560 #ifndef OPENSSL_NO_CAMELLIA
1561         /* Camellia ciphersuites from RFC4132 (256-bit portion) */
1562
1563         /* Cipher 84 */
1564         {
1565         1,
1566         TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1567         TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1568         SSL_kRSA,
1569         SSL_aRSA,
1570         SSL_CAMELLIA256,
1571         SSL_SHA1,
1572         SSL_TLSV1,
1573         SSL_NOT_EXP|SSL_HIGH,
1574         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1575         256,
1576         256,
1577         },
1578         /* Cipher 85 */
1579         {
1580         0, /* not implemented (non-ephemeral DH) */
1581         TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1582         TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1583         SSL_kDHd,
1584         SSL_aDH,
1585         SSL_CAMELLIA256,
1586         SSL_SHA1,
1587         SSL_TLSV1,
1588         SSL_NOT_EXP|SSL_HIGH,
1589         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1590         256,
1591         256,
1592         },
1593
1594         /* Cipher 86 */
1595         {
1596         0, /* not implemented (non-ephemeral DH) */
1597         TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1598         TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1599         SSL_kDHr,
1600         SSL_aDH,
1601         SSL_CAMELLIA256,
1602         SSL_SHA1,
1603         SSL_TLSV1,
1604         SSL_NOT_EXP|SSL_HIGH,
1605         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1606         256,
1607         256,
1608         },
1609
1610         /* Cipher 87 */
1611         {
1612         1,
1613         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1614         TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1615         SSL_kEDH,
1616         SSL_aDSS,
1617         SSL_CAMELLIA256,
1618         SSL_SHA1,
1619         SSL_TLSV1,
1620         SSL_NOT_EXP|SSL_HIGH,
1621         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1622         256,
1623         256,
1624         },
1625
1626         /* Cipher 88 */
1627         {
1628         1,
1629         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1630         TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1631         SSL_kEDH,
1632         SSL_aRSA,
1633         SSL_CAMELLIA256,
1634         SSL_SHA1,
1635         SSL_TLSV1,
1636         SSL_NOT_EXP|SSL_HIGH,
1637         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1638         256,
1639         256,
1640         },
1641
1642         /* Cipher 89 */
1643         {
1644         1,
1645         TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1646         TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1647         SSL_kEDH,
1648         SSL_aNULL,
1649         SSL_CAMELLIA256,
1650         SSL_SHA1,
1651         SSL_TLSV1,
1652         SSL_NOT_EXP|SSL_HIGH,
1653         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1654         256,
1655         256,
1656         },
1657 #endif /* OPENSSL_NO_CAMELLIA */
1658
1659 #ifndef OPENSSL_NO_PSK
1660         /* Cipher 8A */
1661         {
1662         1,
1663         TLS1_TXT_PSK_WITH_RC4_128_SHA,
1664         TLS1_CK_PSK_WITH_RC4_128_SHA,
1665         SSL_kPSK,
1666         SSL_aPSK,
1667         SSL_RC4,
1668         SSL_SHA1,
1669         SSL_TLSV1,
1670         SSL_NOT_EXP|SSL_MEDIUM,
1671         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1672         128,
1673         128,
1674         },
1675
1676         /* Cipher 8B */
1677         {
1678         1,
1679         TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1680         TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1681         SSL_kPSK,
1682         SSL_aPSK,
1683         SSL_3DES,
1684         SSL_SHA1,
1685         SSL_TLSV1,
1686         SSL_NOT_EXP|SSL_HIGH,
1687         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1688         168,
1689         168,
1690         },
1691
1692         /* Cipher 8C */
1693         {
1694         1,
1695         TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1696         TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1697         SSL_kPSK,
1698         SSL_aPSK,
1699         SSL_AES128,
1700         SSL_SHA1,
1701         SSL_TLSV1,
1702         SSL_NOT_EXP|SSL_HIGH,
1703         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1704         128,
1705         128,
1706         },
1707
1708         /* Cipher 8D */
1709         {
1710         1,
1711         TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1712         TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1713         SSL_kPSK,
1714         SSL_aPSK,
1715         SSL_AES256,
1716         SSL_SHA1,
1717         SSL_TLSV1,
1718         SSL_NOT_EXP|SSL_HIGH,
1719         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1720         256,
1721         256,
1722         },
1723 #endif  /* OPENSSL_NO_PSK */
1724
1725 #ifndef OPENSSL_NO_SEED
1726         /* SEED ciphersuites from RFC4162 */
1727
1728         /* Cipher 96 */
1729         {
1730         1,
1731         TLS1_TXT_RSA_WITH_SEED_SHA,
1732         TLS1_CK_RSA_WITH_SEED_SHA,
1733         SSL_kRSA,
1734         SSL_aRSA,
1735         SSL_SEED,
1736         SSL_SHA1,
1737         SSL_TLSV1,
1738         SSL_NOT_EXP|SSL_MEDIUM,
1739         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1740         128,
1741         128,
1742         },
1743
1744         /* Cipher 97 */
1745         {
1746         0, /* not implemented (non-ephemeral DH) */
1747         TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1748         TLS1_CK_DH_DSS_WITH_SEED_SHA,
1749         SSL_kDHd,
1750         SSL_aDH,
1751         SSL_SEED,
1752         SSL_SHA1,
1753         SSL_TLSV1,
1754         SSL_NOT_EXP|SSL_MEDIUM,
1755         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1756         128,
1757         128,
1758         },
1759
1760         /* Cipher 98 */
1761         {
1762         0, /* not implemented (non-ephemeral DH) */
1763         TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1764         TLS1_CK_DH_RSA_WITH_SEED_SHA,
1765         SSL_kDHr,
1766         SSL_aDH,
1767         SSL_SEED,
1768         SSL_SHA1,
1769         SSL_TLSV1,
1770         SSL_NOT_EXP|SSL_MEDIUM,
1771         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1772         128,
1773         128,
1774         },
1775
1776         /* Cipher 99 */
1777         {
1778         1,
1779         TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1780         TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1781         SSL_kEDH,
1782         SSL_aDSS,
1783         SSL_SEED,
1784         SSL_SHA1,
1785         SSL_TLSV1,
1786         SSL_NOT_EXP|SSL_MEDIUM,
1787         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1788         128,
1789         128,
1790         },
1791
1792         /* Cipher 9A */
1793         {
1794         1,
1795         TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1796         TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1797         SSL_kEDH,
1798         SSL_aRSA,
1799         SSL_SEED,
1800         SSL_SHA1,
1801         SSL_TLSV1,
1802         SSL_NOT_EXP|SSL_MEDIUM,
1803         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1804         128,
1805         128,
1806         },
1807
1808         /* Cipher 9B */
1809         {
1810         1,
1811         TLS1_TXT_ADH_WITH_SEED_SHA,
1812         TLS1_CK_ADH_WITH_SEED_SHA,
1813         SSL_kEDH,
1814         SSL_aNULL,
1815         SSL_SEED,
1816         SSL_SHA1,
1817         SSL_TLSV1,
1818         SSL_NOT_EXP|SSL_MEDIUM,
1819         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1820         128,
1821         128,
1822         },
1823
1824 #endif /* OPENSSL_NO_SEED */
1825
1826 #ifndef OPENSSL_NO_ECDH
1827         /* Cipher C001 */
1828         {
1829         1,
1830         TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
1831         TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
1832         SSL_kECDHe,
1833         SSL_aECDH,
1834         SSL_eNULL,
1835         SSL_SHA1,
1836         SSL_TLSV1,
1837         SSL_NOT_EXP|SSL_STRONG_NONE,
1838         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1839         0,
1840         0,
1841         },
1842
1843         /* Cipher C002 */
1844         {
1845         1,
1846         TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
1847         TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
1848         SSL_kECDHe,
1849         SSL_aECDH,
1850         SSL_RC4,
1851         SSL_SHA1,
1852         SSL_TLSV1,
1853         SSL_NOT_EXP|SSL_MEDIUM,
1854         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1855         128,
1856         128,
1857         },
1858
1859         /* Cipher C003 */
1860         {
1861         1,
1862         TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1863         TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
1864         SSL_kECDHe,
1865         SSL_aECDH,
1866         SSL_3DES,
1867         SSL_SHA1,
1868         SSL_TLSV1,
1869         SSL_NOT_EXP|SSL_HIGH,
1870         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1871         168,
1872         168,
1873         },
1874
1875         /* Cipher C004 */
1876         {
1877         1,
1878         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1879         TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
1880         SSL_kECDHe,
1881         SSL_aECDH,
1882         SSL_AES128,
1883         SSL_SHA1,
1884         SSL_TLSV1,
1885         SSL_NOT_EXP|SSL_HIGH,
1886         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1887         128,
1888         128,
1889         },
1890
1891         /* Cipher C005 */
1892         {
1893         1,
1894         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1895         TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
1896         SSL_kECDHe,
1897         SSL_aECDH,
1898         SSL_AES256,
1899         SSL_SHA1,
1900         SSL_TLSV1,
1901         SSL_NOT_EXP|SSL_HIGH,
1902         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1903         256,
1904         256,
1905         },
1906
1907         /* Cipher C006 */
1908         {
1909         1,
1910         TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
1911         TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
1912         SSL_kEECDH,
1913         SSL_aECDSA,
1914         SSL_eNULL,
1915         SSL_SHA1,
1916         SSL_TLSV1,
1917         SSL_NOT_EXP|SSL_STRONG_NONE,
1918         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1919         0,
1920         0,
1921         },
1922
1923         /* Cipher C007 */
1924         {
1925         1,
1926         TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
1927         TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
1928         SSL_kEECDH,
1929         SSL_aECDSA,
1930         SSL_RC4,
1931         SSL_SHA1,
1932         SSL_TLSV1,
1933         SSL_NOT_EXP|SSL_MEDIUM,
1934         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1935         128,
1936         128,
1937         },
1938
1939         /* Cipher C008 */
1940         {
1941         1,
1942         TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1943         TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
1944         SSL_kEECDH,
1945         SSL_aECDSA,
1946         SSL_3DES,
1947         SSL_SHA1,
1948         SSL_TLSV1,
1949         SSL_NOT_EXP|SSL_HIGH,
1950         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1951         168,
1952         168,
1953         },
1954
1955         /* Cipher C009 */
1956         {
1957         1,
1958         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1959         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
1960         SSL_kEECDH,
1961         SSL_aECDSA,
1962         SSL_AES128,
1963         SSL_SHA1,
1964         SSL_TLSV1,
1965         SSL_NOT_EXP|SSL_HIGH,
1966         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1967         128,
1968         128,
1969         },
1970
1971         /* Cipher C00A */
1972         {
1973         1,
1974         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1975         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
1976         SSL_kEECDH,
1977         SSL_aECDSA,
1978         SSL_AES256,
1979         SSL_SHA1,
1980         SSL_TLSV1,
1981         SSL_NOT_EXP|SSL_HIGH,
1982         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1983         256,
1984         256,
1985         },
1986
1987         /* Cipher C00B */
1988         {
1989         1,
1990         TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
1991         TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
1992         SSL_kECDHr,
1993         SSL_aECDH,
1994         SSL_eNULL,
1995         SSL_SHA1,
1996         SSL_TLSV1,
1997         SSL_NOT_EXP|SSL_STRONG_NONE,
1998         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1999         0,
2000         0,
2001         },
2002
2003         /* Cipher C00C */
2004         {
2005         1,
2006         TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2007         TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2008         SSL_kECDHr,
2009         SSL_aECDH,
2010         SSL_RC4,
2011         SSL_SHA1,
2012         SSL_TLSV1,
2013         SSL_NOT_EXP|SSL_MEDIUM,
2014         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2015         128,
2016         128,
2017         },
2018
2019         /* Cipher C00D */
2020         {
2021         1,
2022         TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2023         TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2024         SSL_kECDHr,
2025         SSL_aECDH,
2026         SSL_3DES,
2027         SSL_SHA1,
2028         SSL_TLSV1,
2029         SSL_NOT_EXP|SSL_HIGH,
2030         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2031         168,
2032         168,
2033         },
2034
2035         /* Cipher C00E */
2036         {
2037         1,
2038         TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2039         TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2040         SSL_kECDHr,
2041         SSL_aECDH,
2042         SSL_AES128,
2043         SSL_SHA1,
2044         SSL_TLSV1,
2045         SSL_NOT_EXP|SSL_HIGH,
2046         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2047         128,
2048         128,
2049         },
2050
2051         /* Cipher C00F */
2052         {
2053         1,
2054         TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2055         TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2056         SSL_kECDHr,
2057         SSL_aECDH,
2058         SSL_AES256,
2059         SSL_SHA1,
2060         SSL_TLSV1,
2061         SSL_NOT_EXP|SSL_HIGH,
2062         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2063         256,
2064         256,
2065         },
2066
2067         /* Cipher C010 */
2068         {
2069         1,
2070         TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2071         TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2072         SSL_kEECDH,
2073         SSL_aRSA,
2074         SSL_eNULL,
2075         SSL_SHA1,
2076         SSL_TLSV1,
2077         SSL_NOT_EXP|SSL_STRONG_NONE,
2078         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2079         0,
2080         0,
2081         },
2082
2083         /* Cipher C011 */
2084         {
2085         1,
2086         TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2087         TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2088         SSL_kEECDH,
2089         SSL_aRSA,
2090         SSL_RC4,
2091         SSL_SHA1,
2092         SSL_TLSV1,
2093         SSL_NOT_EXP|SSL_MEDIUM,
2094         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2095         128,
2096         128,
2097         },
2098
2099         /* Cipher C012 */
2100         {
2101         1,
2102         TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2103         TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2104         SSL_kEECDH,
2105         SSL_aRSA,
2106         SSL_3DES,
2107         SSL_SHA1,
2108         SSL_TLSV1,
2109         SSL_NOT_EXP|SSL_HIGH,
2110         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2111         168,
2112         168,
2113         },
2114
2115         /* Cipher C013 */
2116         {
2117         1,
2118         TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2119         TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2120         SSL_kEECDH,
2121         SSL_aRSA,
2122         SSL_AES128,
2123         SSL_SHA1,
2124         SSL_TLSV1,
2125         SSL_NOT_EXP|SSL_HIGH,
2126         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2127         128,
2128         128,
2129         },
2130
2131         /* Cipher C014 */
2132         {
2133         1,
2134         TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2135         TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2136         SSL_kEECDH,
2137         SSL_aRSA,
2138         SSL_AES256,
2139         SSL_SHA1,
2140         SSL_TLSV1,
2141         SSL_NOT_EXP|SSL_HIGH,
2142         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2143         256,
2144         256,
2145         },
2146
2147         /* Cipher C015 */
2148         {
2149         1,
2150         TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2151         TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2152         SSL_kEECDH,
2153         SSL_aNULL,
2154         SSL_eNULL,
2155         SSL_SHA1,
2156         SSL_TLSV1,
2157         SSL_NOT_EXP|SSL_STRONG_NONE,
2158         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2159         0,
2160         0,
2161         },
2162
2163         /* Cipher C016 */
2164         {
2165         1,
2166         TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2167         TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2168         SSL_kEECDH,
2169         SSL_aNULL,
2170         SSL_RC4,
2171         SSL_SHA1,
2172         SSL_TLSV1,
2173         SSL_NOT_EXP|SSL_MEDIUM,
2174         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2175         128,
2176         128,
2177         },
2178
2179         /* Cipher C017 */
2180         {
2181         1,
2182         TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2183         TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2184         SSL_kEECDH,
2185         SSL_aNULL,
2186         SSL_3DES,
2187         SSL_SHA1,
2188         SSL_TLSV1,
2189         SSL_NOT_EXP|SSL_HIGH,
2190         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2191         168,
2192         168,
2193         },
2194
2195         /* Cipher C018 */
2196         {
2197         1,
2198         TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2199         TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2200         SSL_kEECDH,
2201         SSL_aNULL,
2202         SSL_AES128,
2203         SSL_SHA1,
2204         SSL_TLSV1,
2205         SSL_NOT_EXP|SSL_HIGH,
2206         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2207         128,
2208         128,
2209         },
2210
2211         /* Cipher C019 */
2212         {
2213         1,
2214         TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2215         TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2216         SSL_kEECDH,
2217         SSL_aNULL,
2218         SSL_AES256,
2219         SSL_SHA1,
2220         SSL_TLSV1,
2221         SSL_NOT_EXP|SSL_HIGH,
2222         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2223         256,
2224         256,
2225         },
2226 #endif  /* OPENSSL_NO_ECDH */
2227
2228 #ifndef OPENSSL_NO_SRP
2229         /* Cipher C01A */
2230         {
2231         1,
2232         TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2233         TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2234         SSL_kSRP,
2235         SSL_aNULL,
2236         SSL_3DES,
2237         SSL_SHA1,
2238         SSL_TLSV1,
2239         SSL_NOT_EXP|SSL_HIGH,
2240         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2241         168,
2242         168,
2243         },
2244
2245         /* Cipher C01B */
2246         {
2247         1,
2248         TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2249         TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2250         SSL_kSRP,
2251         SSL_aRSA,
2252         SSL_3DES,
2253         SSL_SHA1,
2254         SSL_TLSV1,
2255         SSL_NOT_EXP|SSL_HIGH,
2256         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2257         168,
2258         168,
2259         },
2260
2261         /* Cipher C01C */
2262         {
2263         1,
2264         TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2265         TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2266         SSL_kSRP,
2267         SSL_aDSS,
2268         SSL_3DES,
2269         SSL_SHA1,
2270         SSL_TLSV1,
2271         SSL_NOT_EXP|SSL_HIGH,
2272         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2273         168,
2274         168,
2275         },
2276
2277         /* Cipher C01D */
2278         {
2279         1,
2280         TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2281         TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2282         SSL_kSRP,
2283         SSL_aNULL,
2284         SSL_AES128,
2285         SSL_SHA1,
2286         SSL_TLSV1,
2287         SSL_NOT_EXP|SSL_HIGH,
2288         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2289         128,
2290         128,
2291         },
2292
2293         /* Cipher C01E */
2294         {
2295         1,
2296         TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2297         TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2298         SSL_kSRP,
2299         SSL_aRSA,
2300         SSL_AES128,
2301         SSL_SHA1,
2302         SSL_TLSV1,
2303         SSL_NOT_EXP|SSL_HIGH,
2304         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2305         128,
2306         128,
2307         },
2308
2309         /* Cipher C01F */
2310         {
2311         1,
2312         TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2313         TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2314         SSL_kSRP,
2315         SSL_aDSS,
2316         SSL_AES128,
2317         SSL_SHA1,
2318         SSL_TLSV1,
2319         SSL_NOT_EXP|SSL_HIGH,
2320         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2321         128,
2322         128,
2323         },
2324
2325         /* Cipher C020 */
2326         {
2327         1,
2328         TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2329         TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2330         SSL_kSRP,
2331         SSL_aNULL,
2332         SSL_AES256,
2333         SSL_SHA1,
2334         SSL_TLSV1,
2335         SSL_NOT_EXP|SSL_HIGH,
2336         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2337         256,
2338         256,
2339         },
2340
2341         /* Cipher C021 */
2342         {
2343         1,
2344         TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2345         TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2346         SSL_kSRP,
2347         SSL_aRSA,
2348         SSL_AES256,
2349         SSL_SHA1,
2350         SSL_TLSV1,
2351         SSL_NOT_EXP|SSL_HIGH,
2352         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2353         256,
2354         256,
2355         },
2356
2357         /* Cipher C022 */
2358         {
2359         1,
2360         TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2361         TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2362         SSL_kSRP,
2363         SSL_aDSS,
2364         SSL_AES256,
2365         SSL_SHA1,
2366         SSL_TLSV1,
2367         SSL_NOT_EXP|SSL_HIGH,
2368         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2369         256,
2370         256,
2371         },
2372 #endif  /* OPENSSL_NO_SRP */
2373
2374 #ifdef TEMP_GOST_TLS
2375 /* Cipher FF00 */
2376         {
2377         1,
2378         "GOST-MD5",
2379         0x0300ff00,
2380         SSL_kRSA,
2381         SSL_aRSA,
2382         SSL_eGOST2814789CNT,
2383         SSL_MD5,
2384         SSL_TLSV1,
2385         SSL_NOT_EXP|SSL_HIGH,
2386         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2387         256,
2388         256,
2389         },
2390         {
2391         1,
2392         "GOST-GOST94",
2393         0x0300ff01,
2394         SSL_kRSA,
2395         SSL_aRSA,
2396         SSL_eGOST2814789CNT,
2397         SSL_GOST94,
2398         SSL_TLSV1,
2399         SSL_NOT_EXP|SSL_HIGH,
2400         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2401         256,
2402         256
2403         },
2404         {
2405         1,
2406         "GOST-GOST89MAC",
2407         0x0300ff02,
2408         SSL_kRSA,
2409         SSL_aRSA,
2410         SSL_eGOST2814789CNT,
2411         SSL_GOST89MAC,
2412         SSL_TLSV1,
2413         SSL_NOT_EXP|SSL_HIGH,
2414         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2415         256,
2416         256
2417         },
2418         {
2419         1,
2420         "GOST-GOST89STREAM",
2421         0x0300ff03,
2422         SSL_kRSA,
2423         SSL_aRSA,
2424         SSL_eGOST2814789CNT,
2425         SSL_GOST89MAC,
2426         SSL_TLSV1,
2427         SSL_NOT_EXP|SSL_HIGH,
2428         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2429         256,
2430         256
2431         },
2432 #endif
2433
2434 /* end of list */
2435         };
2436
2437 SSL3_ENC_METHOD SSLv3_enc_data={
2438         ssl3_enc,
2439         n_ssl3_mac,
2440         ssl3_setup_key_block,
2441         ssl3_generate_master_secret,
2442         ssl3_change_cipher_state,
2443         ssl3_final_finish_mac,
2444         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2445         ssl3_cert_verify_mac,
2446         SSL3_MD_CLIENT_FINISHED_CONST,4,
2447         SSL3_MD_SERVER_FINISHED_CONST,4,
2448         ssl3_alert_code,
2449         };
2450
2451 long ssl3_default_timeout(void)
2452         {
2453         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
2454          * is way too long for http, the cache would over fill */
2455         return(60*60*2);
2456         }
2457
2458 int ssl3_num_ciphers(void)
2459         {
2460         return(SSL3_NUM_CIPHERS);
2461         }
2462
2463 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2464         {
2465         if (u < SSL3_NUM_CIPHERS)
2466                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2467         else
2468                 return(NULL);
2469         }
2470
2471 int ssl3_pending(const SSL *s)
2472         {
2473         if (s->rstate == SSL_ST_READ_BODY)
2474                 return 0;
2475         
2476         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2477         }
2478
2479 int ssl3_new(SSL *s)
2480         {
2481         SSL3_STATE *s3;
2482
2483         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2484         memset(s3,0,sizeof *s3);
2485         memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
2486         memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
2487
2488         s->s3=s3;
2489
2490 #ifndef OPENSSL_NO_SRP
2491         SSL_SRP_CTX_init(s);
2492 #endif
2493         s->method->ssl_clear(s);
2494         return(1);
2495 err:
2496         return(0);
2497         }
2498
2499 void ssl3_free(SSL *s)
2500         {
2501         if(s == NULL)
2502             return;
2503
2504 #ifdef TLSEXT_TYPE_opaque_prf_input
2505         if (s->s3->client_opaque_prf_input != NULL)
2506                 OPENSSL_free(s->s3->client_opaque_prf_input);
2507         if (s->s3->server_opaque_prf_input != NULL)
2508                 OPENSSL_free(s->s3->server_opaque_prf_input);
2509 #endif
2510
2511         ssl3_cleanup_key_block(s);
2512         if (s->s3->rbuf.buf != NULL)
2513                 ssl3_release_read_buffer(s);
2514         if (s->s3->wbuf.buf != NULL)
2515                 ssl3_release_write_buffer(s);
2516         if (s->s3->rrec.comp != NULL)
2517                 OPENSSL_free(s->s3->rrec.comp);
2518 #ifndef OPENSSL_NO_DH
2519         if (s->s3->tmp.dh != NULL)
2520                 DH_free(s->s3->tmp.dh);
2521 #endif
2522 #ifndef OPENSSL_NO_ECDH
2523         if (s->s3->tmp.ecdh != NULL)
2524                 EC_KEY_free(s->s3->tmp.ecdh);
2525 #endif
2526
2527         if (s->s3->tmp.ca_names != NULL)
2528                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2529         if (s->s3->handshake_buffer) {
2530                 BIO_free(s->s3->handshake_buffer);
2531         }
2532         if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
2533 #ifndef OPENSSL_NO_SRP
2534         SSL_SRP_CTX_free(s);
2535 #endif
2536         OPENSSL_cleanse(s->s3,sizeof *s->s3);
2537         OPENSSL_free(s->s3);
2538         s->s3=NULL;
2539         }
2540
2541 void ssl3_clear(SSL *s)
2542         {
2543         unsigned char *rp,*wp;
2544         size_t rlen, wlen;
2545
2546 #ifdef TLSEXT_TYPE_opaque_prf_input
2547         if (s->s3->client_opaque_prf_input != NULL)
2548                 OPENSSL_free(s->s3->client_opaque_prf_input);
2549         s->s3->client_opaque_prf_input = NULL;
2550         if (s->s3->server_opaque_prf_input != NULL)
2551                 OPENSSL_free(s->s3->server_opaque_prf_input);
2552         s->s3->server_opaque_prf_input = NULL;
2553 #endif
2554
2555         ssl3_cleanup_key_block(s);
2556         if (s->s3->tmp.ca_names != NULL)
2557                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2558
2559         if (s->s3->rrec.comp != NULL)
2560                 {
2561                 OPENSSL_free(s->s3->rrec.comp);
2562                 s->s3->rrec.comp=NULL;
2563                 }
2564 #ifndef OPENSSL_NO_DH
2565         if (s->s3->tmp.dh != NULL)
2566                 DH_free(s->s3->tmp.dh);
2567 #endif
2568 #ifndef OPENSSL_NO_ECDH
2569         if (s->s3->tmp.ecdh != NULL)
2570                 EC_KEY_free(s->s3->tmp.ecdh);
2571 #endif
2572
2573         rp = s->s3->rbuf.buf;
2574         wp = s->s3->wbuf.buf;
2575         rlen = s->s3->rbuf.len;
2576         wlen = s->s3->wbuf.len;
2577         if (s->s3->handshake_buffer) {
2578                 BIO_free(s->s3->handshake_buffer);
2579                 s->s3->handshake_buffer = NULL;
2580         }
2581         if (s->s3->handshake_dgst) {
2582                 ssl3_free_digest_list(s);
2583         }       
2584         memset(s->s3,0,sizeof *s->s3);
2585         s->s3->rbuf.buf = rp;
2586         s->s3->wbuf.buf = wp;
2587         s->s3->rbuf.len = rlen;
2588         s->s3->wbuf.len = wlen;
2589
2590         ssl_free_wbio_buffer(s);
2591
2592         s->packet_length=0;
2593         s->s3->renegotiate=0;
2594         s->s3->total_renegotiations=0;
2595         s->s3->num_renegotiations=0;
2596         s->s3->in_read_app_data=0;
2597         s->version=SSL3_VERSION;
2598
2599 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2600         if (s->next_proto_negotiated)
2601                 {
2602                 OPENSSL_free(s->next_proto_negotiated);
2603                 s->next_proto_negotiated = NULL;
2604                 s->next_proto_negotiated_len = 0;
2605                 }
2606 #endif
2607         }
2608
2609 #ifndef OPENSSL_NO_SRP
2610 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
2611         {
2612         return BUF_strdup(s->srp_ctx.info) ;
2613         }
2614 #endif
2615
2616 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2617         {
2618         int ret=0;
2619
2620 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
2621         if (
2622 #ifndef OPENSSL_NO_RSA
2623             cmd == SSL_CTRL_SET_TMP_RSA ||
2624             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
2625 #endif
2626 #ifndef OPENSSL_NO_DSA
2627             cmd == SSL_CTRL_SET_TMP_DH ||
2628             cmd == SSL_CTRL_SET_TMP_DH_CB ||
2629 #endif
2630                 0)
2631                 {
2632                 if (!ssl_cert_inst(&s->cert))
2633                         {
2634                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
2635                         return(0);
2636                         }
2637                 }
2638 #endif
2639
2640         switch (cmd)
2641                 {
2642         case SSL_CTRL_GET_SESSION_REUSED:
2643                 ret=s->hit;
2644                 break;
2645         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
2646                 break;
2647         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
2648                 ret=s->s3->num_renegotiations;
2649                 break;
2650         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
2651                 ret=s->s3->num_renegotiations;
2652                 s->s3->num_renegotiations=0;
2653                 break;
2654         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
2655                 ret=s->s3->total_renegotiations;
2656                 break;
2657         case SSL_CTRL_GET_FLAGS:
2658                 ret=(int)(s->s3->flags);
2659                 break;
2660 #ifndef OPENSSL_NO_RSA
2661         case SSL_CTRL_NEED_TMP_RSA:
2662                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
2663                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
2664                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
2665                         ret = 1;
2666                 break;
2667         case SSL_CTRL_SET_TMP_RSA:
2668                 {
2669                         RSA *rsa = (RSA *)parg;
2670                         if (rsa == NULL)
2671                                 {
2672                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
2673                                 return(ret);
2674                                 }
2675                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
2676                                 {
2677                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
2678                                 return(ret);
2679                                 }
2680                         if (s->cert->rsa_tmp != NULL)
2681                                 RSA_free(s->cert->rsa_tmp);
2682                         s->cert->rsa_tmp = rsa;
2683                         ret = 1;
2684                 }
2685                 break;
2686         case SSL_CTRL_SET_TMP_RSA_CB:
2687                 {
2688                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2689                 return(ret);
2690                 }
2691                 break;
2692 #endif
2693 #ifndef OPENSSL_NO_DH
2694         case SSL_CTRL_SET_TMP_DH:
2695                 {
2696                         DH *dh = (DH *)parg;
2697                         if (dh == NULL)
2698                                 {
2699                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
2700                                 return(ret);
2701                                 }
2702                         if ((dh = DHparams_dup(dh)) == NULL)
2703                                 {
2704                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
2705                                 return(ret);
2706                                 }
2707                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
2708                                 {
2709                                 if (!DH_generate_key(dh))
2710                                         {
2711                                         DH_free(dh);
2712                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
2713                                         return(ret);
2714                                         }
2715                                 }
2716                         if (s->cert->dh_tmp != NULL)
2717                                 DH_free(s->cert->dh_tmp);
2718                         s->cert->dh_tmp = dh;
2719                         ret = 1;
2720                 }
2721                 break;
2722         case SSL_CTRL_SET_TMP_DH_CB:
2723                 {
2724                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2725                 return(ret);
2726                 }
2727                 break;
2728 #endif
2729 #ifndef OPENSSL_NO_ECDH
2730         case SSL_CTRL_SET_TMP_ECDH:
2731                 {
2732                 EC_KEY *ecdh = NULL;
2733                         
2734                 if (parg == NULL)
2735                         {
2736                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
2737                         return(ret);
2738                         }
2739                 if (!EC_KEY_up_ref((EC_KEY *)parg))
2740                         {
2741                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
2742                         return(ret);
2743                         }
2744                 ecdh = (EC_KEY *)parg;
2745                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
2746                         {
2747                         if (!EC_KEY_generate_key(ecdh))
2748                                 {
2749                                 EC_KEY_free(ecdh);
2750                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
2751                                 return(ret);
2752                                 }
2753                         }
2754                 if (s->cert->ecdh_tmp != NULL)
2755                         EC_KEY_free(s->cert->ecdh_tmp);
2756                 s->cert->ecdh_tmp = ecdh;
2757                 ret = 1;
2758                 }
2759                 break;
2760         case SSL_CTRL_SET_TMP_ECDH_CB:
2761                 {
2762                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2763                 return(ret);
2764                 }
2765                 break;
2766 #endif /* !OPENSSL_NO_ECDH */
2767 #ifndef OPENSSL_NO_TLSEXT
2768         case SSL_CTRL_SET_TLSEXT_HOSTNAME:
2769                 if (larg == TLSEXT_NAMETYPE_host_name)
2770                         {
2771                         if (s->tlsext_hostname != NULL) 
2772                                 OPENSSL_free(s->tlsext_hostname);
2773                         s->tlsext_hostname = NULL;
2774
2775                         ret = 1;
2776                         if (parg == NULL) 
2777                                 break;
2778                         if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
2779                                 {
2780                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
2781                                 return 0;
2782                                 }
2783                         if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
2784                                 {
2785                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
2786                                 return 0;
2787                                 }
2788                         }
2789                 else
2790                         {
2791                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
2792                         return 0;
2793                         }
2794                 break;
2795         case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
2796                 s->tlsext_debug_arg=parg;
2797                 ret = 1;
2798                 break;
2799
2800 #ifdef TLSEXT_TYPE_opaque_prf_input
2801         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
2802                 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
2803                                    * (including the cert chain and everything) */
2804                         {
2805                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
2806                         break;
2807                         }
2808                 if (s->tlsext_opaque_prf_input != NULL)
2809                         OPENSSL_free(s->tlsext_opaque_prf_input);
2810                 if ((size_t)larg == 0)
2811                         s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
2812                 else
2813                         s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
2814                 if (s->tlsext_opaque_prf_input != NULL)
2815                         {
2816                         s->tlsext_opaque_prf_input_len = (size_t)larg;
2817                         ret = 1;
2818                         }
2819                 else
2820                         s->tlsext_opaque_prf_input_len = 0;
2821                 break;
2822 #endif
2823
2824         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
2825                 s->tlsext_status_type=larg;
2826                 ret = 1;
2827                 break;
2828
2829         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
2830                 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
2831                 ret = 1;
2832                 break;
2833
2834         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
2835                 s->tlsext_ocsp_exts = parg;
2836                 ret = 1;
2837                 break;
2838
2839         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
2840                 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
2841                 ret = 1;
2842                 break;
2843
2844         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
2845                 s->tlsext_ocsp_ids = parg;
2846                 ret = 1;
2847                 break;
2848
2849         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
2850                 *(unsigned char **)parg = s->tlsext_ocsp_resp;
2851                 return s->tlsext_ocsp_resplen;
2852                 
2853         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
2854                 if (s->tlsext_ocsp_resp)
2855                         OPENSSL_free(s->tlsext_ocsp_resp);
2856                 s->tlsext_ocsp_resp = parg;
2857                 s->tlsext_ocsp_resplen = larg;
2858                 ret = 1;
2859                 break;
2860
2861 #endif /* !OPENSSL_NO_TLSEXT */
2862         default:
2863                 break;
2864                 }
2865         return(ret);
2866         }
2867
2868 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2869         {
2870         int ret=0;
2871
2872 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
2873         if (
2874 #ifndef OPENSSL_NO_RSA
2875             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
2876 #endif
2877 #ifndef OPENSSL_NO_DSA
2878             cmd == SSL_CTRL_SET_TMP_DH_CB ||
2879 #endif
2880                 0)
2881                 {
2882                 if (!ssl_cert_inst(&s->cert))
2883                         {
2884                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
2885                         return(0);
2886                         }
2887                 }
2888 #endif
2889
2890         switch (cmd)
2891                 {
2892 #ifndef OPENSSL_NO_RSA
2893         case SSL_CTRL_SET_TMP_RSA_CB:
2894                 {
2895                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
2896                 }
2897                 break;
2898 #endif
2899 #ifndef OPENSSL_NO_DH
2900         case SSL_CTRL_SET_TMP_DH_CB:
2901                 {
2902                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
2903                 }
2904                 break;
2905 #endif
2906 #ifndef OPENSSL_NO_ECDH
2907         case SSL_CTRL_SET_TMP_ECDH_CB:
2908                 {
2909                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
2910                 }
2911                 break;
2912 #endif
2913 #ifndef OPENSSL_NO_TLSEXT
2914         case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
2915                 s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
2916                                         unsigned char *, int, void *))fp;
2917                 break;
2918 #endif
2919         case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
2920                 {
2921                 s->not_resumable_session_cb = (int (*)(SSL *, int))fp;
2922                 }
2923                 break;
2924         default:
2925                 break;
2926                 }
2927         return(ret);
2928         }
2929
2930 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2931         {
2932         CERT *cert;
2933
2934         cert=ctx->cert;
2935
2936         switch (cmd)
2937                 {
2938 #ifndef OPENSSL_NO_RSA
2939         case SSL_CTRL_NEED_TMP_RSA:
2940                 if (    (cert->rsa_tmp == NULL) &&
2941                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
2942                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
2943                         )
2944                         return(1);
2945                 else
2946                         return(0);
2947                 /* break; */
2948         case SSL_CTRL_SET_TMP_RSA:
2949                 {
2950                 RSA *rsa;
2951                 int i;
2952
2953                 rsa=(RSA *)parg;
2954                 i=1;
2955                 if (rsa == NULL)
2956                         i=0;
2957                 else
2958                         {
2959                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
2960                                 i=0;
2961                         }
2962                 if (!i)
2963                         {
2964                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
2965                         return(0);
2966                         }
2967                 else
2968                         {
2969                         if (cert->rsa_tmp != NULL)
2970                                 RSA_free(cert->rsa_tmp);
2971                         cert->rsa_tmp=rsa;
2972                         return(1);
2973                         }
2974                 }
2975                 /* break; */
2976         case SSL_CTRL_SET_TMP_RSA_CB:
2977                 {
2978                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2979                 return(0);
2980                 }
2981                 break;
2982 #endif
2983 #ifndef OPENSSL_NO_DH
2984         case SSL_CTRL_SET_TMP_DH:
2985                 {
2986                 DH *new=NULL,*dh;
2987
2988                 dh=(DH *)parg;
2989                 if ((new=DHparams_dup(dh)) == NULL)
2990                         {
2991                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
2992                         return 0;
2993                         }
2994                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
2995                         {
2996                         if (!DH_generate_key(new))
2997                                 {
2998                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
2999                                 DH_free(new);
3000                                 return 0;
3001                                 }
3002                         }
3003                 if (cert->dh_tmp != NULL)
3004                         DH_free(cert->dh_tmp);
3005                 cert->dh_tmp=new;
3006                 return 1;
3007                 }
3008                 /*break; */
3009         case SSL_CTRL_SET_TMP_DH_CB:
3010                 {
3011                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3012                 return(0);
3013                 }
3014                 break;
3015 #endif
3016 #ifndef OPENSSL_NO_ECDH
3017         case SSL_CTRL_SET_TMP_ECDH:
3018                 {
3019                 EC_KEY *ecdh = NULL;
3020                         
3021                 if (parg == NULL)
3022                         {
3023                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3024                         return 0;
3025                         }
3026                 ecdh = EC_KEY_dup((EC_KEY *)parg);
3027                 if (ecdh == NULL)
3028                         {
3029                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3030                         return 0;
3031                         }
3032                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3033                         {
3034                         if (!EC_KEY_generate_key(ecdh))
3035                                 {
3036                                 EC_KEY_free(ecdh);
3037                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3038                                 return 0;
3039                                 }
3040                         }
3041
3042                 if (cert->ecdh_tmp != NULL)
3043                         {
3044                         EC_KEY_free(cert->ecdh_tmp);
3045                         }
3046                 cert->ecdh_tmp = ecdh;
3047                 return 1;
3048                 }
3049                 /* break; */
3050         case SSL_CTRL_SET_TMP_ECDH_CB:
3051                 {
3052                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3053                 return(0);
3054                 }
3055                 break;
3056 #endif /* !OPENSSL_NO_ECDH */
3057 #ifndef OPENSSL_NO_TLSEXT
3058         case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3059                 ctx->tlsext_servername_arg=parg;
3060                 break;
3061         case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3062         case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3063                 {
3064                 unsigned char *keys = parg;
3065                 if (!keys)
3066                         return 48;
3067                 if (larg != 48)
3068                         {
3069                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3070                         return 0;
3071                         }
3072                 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3073                         {
3074                         memcpy(ctx->tlsext_tick_key_name, keys, 16);
3075                         memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3076                         memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3077                         }
3078                 else
3079                         {
3080                         memcpy(keys, ctx->tlsext_tick_key_name, 16);
3081                         memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3082                         memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3083                         }
3084                 return 1;
3085                 }
3086
3087 #ifdef TLSEXT_TYPE_opaque_prf_input
3088         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3089                 ctx->tlsext_opaque_prf_input_callback_arg = parg;
3090                 return 1;
3091 #endif
3092
3093         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3094                 ctx->tlsext_status_arg=parg;
3095                 return 1;
3096                 break;
3097
3098 #ifndef OPENSSL_NO_SRP
3099         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3100                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3101                 if (ctx->srp_ctx.login != NULL)
3102                         OPENSSL_free(ctx->srp_ctx.login);
3103                 ctx->srp_ctx.login = NULL;
3104                 if (parg == NULL)
3105                         break;
3106                 if (strlen((char *)parg) > 254)
3107                         {
3108                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3109                         return 0;
3110                         } 
3111                 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3112                         {
3113                         SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3114                         return 0;
3115                         }
3116                 break;
3117         case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3118                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3119                 ctx->srp_ctx.info=parg;
3120                 break;
3121         case SSL_CTRL_SET_SRP_ARG:
3122                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3123                 ctx->srp_ctx.SRP_cb_arg=parg;
3124                 break;
3125
3126         case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3127                 ctx->srp_ctx.strength=larg;
3128                 break;
3129 #endif
3130 #endif /* !OPENSSL_NO_TLSEXT */
3131
3132         /* A Thawte special :-) */
3133         case SSL_CTRL_EXTRA_CHAIN_CERT:
3134                 if (ctx->extra_certs == NULL)
3135                         {
3136                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3137                                 return(0);
3138                         }
3139                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
3140                 break;
3141
3142         default:
3143                 return(0);
3144                 }
3145         return(1);
3146         }
3147
3148 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3149         {
3150         CERT *cert;
3151
3152         cert=ctx->cert;
3153
3154         switch (cmd)
3155                 {
3156 #ifndef OPENSSL_NO_RSA
3157         case SSL_CTRL_SET_TMP_RSA_CB:
3158                 {
3159                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3160                 }
3161                 break;
3162 #endif
3163 #ifndef OPENSSL_NO_DH
3164         case SSL_CTRL_SET_TMP_DH_CB:
3165                 {
3166                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3167                 }
3168                 break;
3169 #endif
3170 #ifndef OPENSSL_NO_ECDH
3171         case SSL_CTRL_SET_TMP_ECDH_CB:
3172                 {
3173                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3174                 }
3175                 break;
3176 #endif
3177 #ifndef OPENSSL_NO_TLSEXT
3178         case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3179                 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3180                 break;
3181
3182 #ifdef TLSEXT_TYPE_opaque_prf_input
3183         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3184                 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
3185                 break;
3186 #endif
3187
3188         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3189                 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
3190                 break;
3191
3192         case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3193                 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
3194                                                 unsigned char *,
3195                                                 EVP_CIPHER_CTX *,
3196                                                 HMAC_CTX *, int))fp;
3197                 break;
3198
3199 #ifndef OPENSSL_NO_SRP
3200         case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3201                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3202                 ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
3203                 break;
3204         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3205                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3206                 ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
3207                 break;
3208         case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3209                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3210                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
3211                 break;
3212         case SSL_CTRL_SET_TLS_EXT_SRP_MISSING_CLIENT_USERNAME_CB:
3213                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3214                 ctx->srp_ctx.SRP_TLS_ext_missing_srp_client_username_callback=(char *(*)(SSL *,void *))fp;
3215                 break;
3216 #endif
3217 #endif
3218         case SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB:
3219                 {
3220                 ctx->not_resumable_session_cb = (int (*)(SSL *, int))fp;
3221                 }
3222                 break;
3223         default:
3224                 return(0);
3225                 }
3226         return(1);
3227         }
3228
3229 /* This function needs to check if the ciphers required are actually
3230  * available */
3231 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3232         {
3233         SSL_CIPHER c;
3234         const SSL_CIPHER *cp;
3235         unsigned long id;
3236
3237         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
3238         c.id=id;
3239         cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3240 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
3241 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
3242 #endif
3243         if (cp == NULL || cp->valid == 0)
3244                 return NULL;
3245         else
3246                 return cp;
3247         }
3248
3249 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3250         {
3251         long l;
3252
3253         if (p != NULL)
3254                 {
3255                 l=c->id;
3256                 if ((l & 0xff000000) != 0x03000000) return(0);
3257                 p[0]=((unsigned char)(l>> 8L))&0xFF;
3258                 p[1]=((unsigned char)(l     ))&0xFF;
3259                 }
3260         return(2);
3261         }
3262
3263 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3264              STACK_OF(SSL_CIPHER) *srvr)
3265         {
3266         SSL_CIPHER *c,*ret=NULL;
3267         STACK_OF(SSL_CIPHER) *prio, *allow;
3268         int i,ii,ok;
3269 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
3270         unsigned int j;
3271         int ec_ok, ec_nid;
3272         unsigned char ec_search1 = 0, ec_search2 = 0;
3273 #endif
3274         CERT *cert;
3275         unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
3276
3277         /* Let's see which ciphers we can support */
3278         cert=s->cert;
3279
3280 #if 0
3281         /* Do not set the compare functions, because this may lead to a
3282          * reordering by "id". We want to keep the original ordering.
3283          * We may pay a price in performance during sk_SSL_CIPHER_find(),
3284          * but would have to pay with the price of sk_SSL_CIPHER_dup().
3285          */
3286         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3287         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
3288 #endif
3289
3290 #ifdef CIPHER_DEBUG
3291         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
3292         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
3293                 {
3294                 c=sk_SSL_CIPHER_value(srvr,i);
3295                 printf("%p:%s\n",(void *)c,c->name);
3296                 }
3297         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
3298         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
3299             {
3300             c=sk_SSL_CIPHER_value(clnt,i);
3301             printf("%p:%s\n",(void *)c,c->name);
3302             }
3303 #endif
3304
3305         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
3306                 {
3307                 prio = srvr;
3308                 allow = clnt;
3309                 }
3310         else
3311                 {
3312                 prio = clnt;
3313                 allow = srvr;
3314                 }
3315
3316         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
3317                 {
3318                 c=sk_SSL_CIPHER_value(prio,i);
3319
3320                 ssl_set_cert_masks(cert,c);
3321                 mask_k = cert->mask_k;
3322                 mask_a = cert->mask_a;
3323                 emask_k = cert->export_mask_k;
3324                 emask_a = cert->export_mask_a;
3325 #ifndef OPENSSL_NO_SRP
3326                 mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
3327                 emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
3328 #endif
3329                         
3330 #ifdef KSSL_DEBUG
3331 /*              printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
3332 #endif    /* KSSL_DEBUG */
3333
3334                 alg_k=c->algorithm_mkey;
3335                 alg_a=c->algorithm_auth;
3336
3337 #ifndef OPENSSL_NO_KRB5
3338                 if (alg_k & SSL_kKRB5)
3339                         {
3340                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
3341                             continue;
3342                         }
3343 #endif /* OPENSSL_NO_KRB5 */
3344 #ifndef OPENSSL_NO_PSK
3345                 /* with PSK there must be server callback set */
3346                 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
3347                         continue;
3348 #endif /* OPENSSL_NO_PSK */
3349
3350                 if (SSL_C_IS_EXPORT(c))
3351                         {
3352                         ok = (alg_k & emask_k) && (alg_a & emask_a);
3353 #ifdef CIPHER_DEBUG
3354                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
3355                                (void *)c,c->name);
3356 #endif
3357                         }
3358                 else
3359                         {
3360                         ok = (alg_k & mask_k) && (alg_a & mask_a);
3361 #ifdef CIPHER_DEBUG
3362                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
3363                                c->name);
3364 #endif
3365                         }
3366
3367 #ifndef OPENSSL_NO_TLSEXT
3368 #ifndef OPENSSL_NO_EC
3369                 if (
3370                         /* if we are considering an ECC cipher suite that uses our certificate */
3371                         (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3372                         /* and we have an ECC certificate */
3373                         && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3374                         /* and the client specified a Supported Point Formats extension */
3375                         && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
3376                         /* and our certificate's point is compressed */
3377                         && (
3378                                 (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
3379                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
3380                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
3381                                 && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
3382                                 && (
3383                                         (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
3384                                         || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
3385                                         )
3386                                 )
3387                 )
3388                         {
3389                         ec_ok = 0;
3390                         /* if our certificate's curve is over a field type that the client does not support
3391                          * then do not allow this cipher suite to be negotiated */
3392                         if (
3393                                 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3394                                 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3395                                 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3396                                 && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3397                         )
3398                                 {
3399                                 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3400                                         {
3401                                         if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
3402                                                 {
3403                                                 ec_ok = 1;
3404                                                 break;
3405                                                 }
3406                                         }
3407                                 }
3408                         else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3409                                 {
3410                                 for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3411                                         {
3412                                         if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
3413                                                 {
3414                                                 ec_ok = 1;
3415                                                 break;
3416                                                 }
3417                                         }
3418                                 }
3419                         ok = ok && ec_ok;
3420                         }
3421                 if (
3422                         /* if we are considering an ECC cipher suite that uses our certificate */
3423                         (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3424                         /* and we have an ECC certificate */
3425                         && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3426                         /* and the client specified an EllipticCurves extension */
3427                         && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3428                 )
3429                         {
3430                         ec_ok = 0;
3431                         if (
3432                                 (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3433                                 && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3434                         )
3435                                 {
3436                                 ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
3437                                 if ((ec_nid == 0)
3438                                         && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3439                                 )
3440                                         {
3441                                         if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3442                                                 {
3443                                                 ec_search1 = 0xFF;
3444                                                 ec_search2 = 0x01;
3445                                                 }
3446                                         else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3447                                                 {
3448                                                 ec_search1 = 0xFF;
3449                                                 ec_search2 = 0x02;
3450                                                 }
3451                                         }
3452                                 else
3453                                         {
3454                                         ec_search1 = 0x00;
3455                                         ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3456                                         }
3457                                 if ((ec_search1 != 0) || (ec_search2 != 0))
3458                                         {
3459                                         for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
3460                                                 {
3461                                                 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
3462                                                         {
3463                                                         ec_ok = 1;
3464                                                         break;
3465                                                         }
3466                                                 }
3467                                         }
3468                                 }
3469                         ok = ok && ec_ok;
3470                         }
3471                 if (
3472                         /* if we are considering an ECC cipher suite that uses an ephemeral EC key */
3473                         (alg_k & SSL_kEECDH)
3474                         /* and we have an ephemeral EC key */
3475                         && (s->cert->ecdh_tmp != NULL)
3476                         /* and the client specified an EllipticCurves extension */
3477                         && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3478                 )
3479                         {
3480                         ec_ok = 0;
3481                         if (s->cert->ecdh_tmp->group != NULL)
3482                                 {
3483                                 ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
3484                                 if ((ec_nid == 0)
3485                                         && (s->cert->ecdh_tmp->group->meth != NULL)
3486                                 )
3487                                         {
3488                                         if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
3489                                                 {
3490                                                 ec_search1 = 0xFF;
3491                                                 ec_search2 = 0x01;
3492                                                 }
3493                                         else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
3494                                                 {
3495                                                 ec_search1 = 0xFF;
3496                                                 ec_search2 = 0x02;
3497                                                 }
3498                                         }
3499                                 else
3500                                         {
3501                                         ec_search1 = 0x00;
3502                                         ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3503                                         }
3504                                 if ((ec_search1 != 0) || (ec_search2 != 0))
3505                                         {
3506                                         for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
3507                                                 {
3508                                                 if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
3509                                                         {
3510                                                         ec_ok = 1;
3511                                                         break;
3512                                                         }
3513                                                 }
3514                                         }
3515                                 }
3516                         ok = ok && ec_ok;
3517                         }
3518 #endif /* OPENSSL_NO_EC */
3519 #endif /* OPENSSL_NO_TLSEXT */
3520
3521                 if (!ok) continue;
3522                 ii=sk_SSL_CIPHER_find(allow,c);
3523                 if (ii >= 0)
3524                         {
3525                         ret=sk_SSL_CIPHER_value(allow,ii);
3526                         break;
3527                         }
3528                 }
3529         return(ret);
3530         }
3531
3532 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
3533         {
3534         int ret=0;
3535         unsigned long alg_k;
3536
3537         alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
3538
3539 #ifndef OPENSSL_NO_GOST
3540         if (s->version >= TLS1_VERSION)
3541                 {
3542                 if (alg_k & SSL_kGOST)
3543                         {
3544                         p[ret++]=TLS_CT_GOST94_SIGN;
3545                         p[ret++]=TLS_CT_GOST01_SIGN;
3546                         return(ret);
3547                         }
3548                 }
3549 #endif
3550
3551 #ifndef OPENSSL_NO_DH
3552         if (alg_k & (SSL_kDHr|SSL_kEDH))
3553                 {
3554 #  ifndef OPENSSL_NO_RSA
3555                 p[ret++]=SSL3_CT_RSA_FIXED_DH;
3556 #  endif
3557 #  ifndef OPENSSL_NO_DSA
3558                 p[ret++]=SSL3_CT_DSS_FIXED_DH;
3559 #  endif
3560                 }
3561         if ((s->version == SSL3_VERSION) &&
3562                 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
3563                 {
3564 #  ifndef OPENSSL_NO_RSA
3565                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
3566 #  endif
3567 #  ifndef OPENSSL_NO_DSA
3568                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
3569 #  endif
3570                 }
3571 #endif /* !OPENSSL_NO_DH */
3572 #ifndef OPENSSL_NO_RSA
3573         p[ret++]=SSL3_CT_RSA_SIGN;
3574 #endif
3575 #ifndef OPENSSL_NO_DSA
3576         p[ret++]=SSL3_CT_DSS_SIGN;
3577 #endif
3578 #ifndef OPENSSL_NO_ECDH
3579         if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
3580                 {
3581                 p[ret++]=TLS_CT_RSA_FIXED_ECDH;
3582                 p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
3583                 }
3584 #endif
3585
3586 #ifndef OPENSSL_NO_ECDSA
3587         /* ECDSA certs can be used with RSA cipher suites as well 
3588          * so we don't need to check for SSL_kECDH or SSL_kEECDH
3589          */
3590         if (s->version >= TLS1_VERSION)
3591                 {
3592                 p[ret++]=TLS_CT_ECDSA_SIGN;
3593                 }
3594 #endif  
3595         return(ret);
3596         }
3597
3598 int ssl3_shutdown(SSL *s)
3599         {
3600         int ret;
3601
3602         /* Don't do anything much if we have not done the handshake or
3603          * we don't want to send messages :-) */
3604         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
3605                 {
3606                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
3607                 return(1);
3608                 }
3609
3610         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
3611                 {
3612                 s->shutdown|=SSL_SENT_SHUTDOWN;
3613 #if 1
3614                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
3615 #endif
3616                 /* our shutdown alert has been sent now, and if it still needs
3617                  * to be written, s->s3->alert_dispatch will be true */
3618                 if (s->s3->alert_dispatch)
3619                         return(-1);     /* return WANT_WRITE */
3620                 }
3621         else if (s->s3->alert_dispatch)
3622                 {
3623                 /* resend it if not sent */
3624 #if 1
3625                 ret=s->method->ssl_dispatch_alert(s);
3626                 if(ret == -1)
3627                         {
3628                         /* we only get to return -1 here the 2nd/Nth
3629                          * invocation, we must  have already signalled
3630                          * return 0 upon a previous invoation,
3631                          * return WANT_WRITE */
3632                         return(ret);
3633                         }
3634 #endif
3635                 }
3636         else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
3637                 {
3638                 /* If we are waiting for a close from our peer, we are closed */
3639                 s->method->ssl_read_bytes(s,0,NULL,0,0);
3640                 if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
3641                         {
3642                         return(-1);     /* return WANT_READ */
3643                         }
3644                 }
3645
3646         if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
3647                 !s->s3->alert_dispatch)
3648                 return(1);
3649         else
3650                 return(0);
3651         }
3652
3653 int ssl3_write(SSL *s, const void *buf, int len)
3654         {
3655         int ret,n;
3656
3657 #if 0
3658         if (s->shutdown & SSL_SEND_SHUTDOWN)
3659                 {
3660                 s->rwstate=SSL_NOTHING;
3661                 return(0);
3662                 }
3663 #endif
3664         clear_sys_error();
3665         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
3666
3667         /* This is an experimental flag that sends the
3668          * last handshake message in the same packet as the first
3669          * use data - used to see if it helps the TCP protocol during
3670          * session-id reuse */
3671         /* The second test is because the buffer may have been removed */
3672         if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
3673                 {
3674                 /* First time through, we write into the buffer */
3675                 if (s->s3->delay_buf_pop_ret == 0)
3676                         {
3677                         ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
3678                                              buf,len);
3679                         if (ret <= 0) return(ret);
3680
3681                         s->s3->delay_buf_pop_ret=ret;
3682                         }
3683
3684                 s->rwstate=SSL_WRITING;
3685                 n=BIO_flush(s->wbio);
3686                 if (n <= 0) return(n);
3687                 s->rwstate=SSL_NOTHING;
3688
3689                 /* We have flushed the buffer, so remove it */
3690                 ssl_free_wbio_buffer(s);
3691                 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
3692
3693                 ret=s->s3->delay_buf_pop_ret;
3694                 s->s3->delay_buf_pop_ret=0;
3695                 }
3696         else
3697                 {
3698                 ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
3699                         buf,len);
3700                 if (ret <= 0) return(ret);
3701                 }
3702
3703         return(ret);
3704         }
3705
3706 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
3707         {
3708         int ret;
3709         
3710         clear_sys_error();
3711         if (s->s3->renegotiate) ssl3_renegotiate_check(s);
3712         s->s3->in_read_app_data=1;
3713         ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
3714         if ((ret == -1) && (s->s3->in_read_app_data == 2))
3715                 {
3716                 /* ssl3_read_bytes decided to call s->handshake_func, which
3717                  * called ssl3_read_bytes to read handshake data.
3718                  * However, ssl3_read_bytes actually found application data
3719                  * and thinks that application data makes sense here; so disable
3720                  * handshake processing and try to read application data again. */
3721                 s->in_handshake++;
3722                 ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
3723                 s->in_handshake--;
3724                 }
3725         else
3726                 s->s3->in_read_app_data=0;
3727
3728         return(ret);
3729         }
3730
3731 int ssl3_read(SSL *s, void *buf, int len)
3732         {
3733         return ssl3_read_internal(s, buf, len, 0);
3734         }
3735
3736 int ssl3_peek(SSL *s, void *buf, int len)
3737         {
3738         return ssl3_read_internal(s, buf, len, 1);
3739         }
3740
3741 int ssl3_renegotiate(SSL *s)
3742         {
3743         if (s->handshake_func == NULL)
3744                 return(1);
3745
3746         if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
3747                 return(0);
3748
3749         s->s3->renegotiate=1;
3750         return(1);
3751         }
3752
3753 int ssl3_renegotiate_check(SSL *s)
3754         {
3755         int ret=0;
3756
3757         if (s->s3->renegotiate)
3758                 {
3759                 if (    (s->s3->rbuf.left == 0) &&
3760                         (s->s3->wbuf.left == 0) &&
3761                         !SSL_in_init(s))
3762                         {
3763 /*
3764 if we are the server, and we have sent a 'RENEGOTIATE' message, we
3765 need to go to SSL_ST_ACCEPT.
3766 */
3767                         /* SSL_ST_ACCEPT */
3768                         s->state=SSL_ST_RENEGOTIATE;
3769                         s->s3->renegotiate=0;
3770                         s->s3->num_renegotiations++;
3771                         s->s3->total_renegotiations++;
3772                         ret=1;
3773                         }
3774                 }
3775         return(ret);
3776         }
3777 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
3778  * to new SHA256 PRF and handshake macs
3779  */
3780 long ssl_get_algorithm2(SSL *s)
3781         {
3782         long alg2 = s->s3->tmp.new_cipher->algorithm2;
3783         if (s->version >= TLS1_2_VERSION &&
3784             alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
3785                 return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
3786         return alg2;
3787         }
3788