Use AEAD for AES-GCM.
[openssl.git] / ssl / s3_lib.c
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by 
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #include <openssl/md5.h>
156 #ifndef OPENSSL_NO_DH
157 #include <openssl/dh.h>
158 #endif
159
160 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
161
162 #define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
163
164 /* FIXED_NONCE_LEN is a macro that results in the correct value to set the
165  * fixed nonce length in SSL_CIPHER.algorithms2. It's the inverse of
166  * SSL_CIPHER_AEAD_FIXED_NONCE_LEN. */
167 #define FIXED_NONCE_LEN(x) ((x/2)<<24)
168
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171
172 /* The RSA ciphers */
173 /* Cipher 01 */
174         {
175         1,
176         SSL3_TXT_RSA_NULL_MD5,
177         SSL3_CK_RSA_NULL_MD5,
178         SSL_kRSA,
179         SSL_aRSA,
180         SSL_eNULL,
181         SSL_MD5,
182         SSL_SSLV3,
183         SSL_NOT_EXP|SSL_STRONG_NONE,
184         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
185         0,
186         0,
187         },
188
189 /* Cipher 02 */
190         {
191         1,
192         SSL3_TXT_RSA_NULL_SHA,
193         SSL3_CK_RSA_NULL_SHA,
194         SSL_kRSA,
195         SSL_aRSA,
196         SSL_eNULL,
197         SSL_SHA1,
198         SSL_SSLV3,
199         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
200         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
201         0,
202         0,
203         },
204
205 /* Cipher 03 */
206         {
207         1,
208         SSL3_TXT_RSA_RC4_40_MD5,
209         SSL3_CK_RSA_RC4_40_MD5,
210         SSL_kRSA,
211         SSL_aRSA,
212         SSL_RC4,
213         SSL_MD5,
214         SSL_SSLV3,
215         SSL_EXPORT|SSL_EXP40,
216         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
217         40,
218         128,
219         },
220
221 /* Cipher 04 */
222         {
223         1,
224         SSL3_TXT_RSA_RC4_128_MD5,
225         SSL3_CK_RSA_RC4_128_MD5,
226         SSL_kRSA,
227         SSL_aRSA,
228         SSL_RC4,
229         SSL_MD5,
230         SSL_SSLV3,
231         SSL_NOT_EXP|SSL_MEDIUM,
232         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
233         128,
234         128,
235         },
236
237 /* Cipher 05 */
238         {
239         1,
240         SSL3_TXT_RSA_RC4_128_SHA,
241         SSL3_CK_RSA_RC4_128_SHA,
242         SSL_kRSA,
243         SSL_aRSA,
244         SSL_RC4,
245         SSL_SHA1,
246         SSL_SSLV3,
247         SSL_NOT_EXP|SSL_MEDIUM,
248         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
249         128,
250         128,
251         },
252
253 /* Cipher 06 */
254         {
255         1,
256         SSL3_TXT_RSA_RC2_40_MD5,
257         SSL3_CK_RSA_RC2_40_MD5,
258         SSL_kRSA,
259         SSL_aRSA,
260         SSL_RC2,
261         SSL_MD5,
262         SSL_SSLV3,
263         SSL_EXPORT|SSL_EXP40,
264         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
265         40,
266         128,
267         },
268
269 /* Cipher 07 */
270 #ifndef OPENSSL_NO_IDEA
271         {
272         1,
273         SSL3_TXT_RSA_IDEA_128_SHA,
274         SSL3_CK_RSA_IDEA_128_SHA,
275         SSL_kRSA,
276         SSL_aRSA,
277         SSL_IDEA,
278         SSL_SHA1,
279         SSL_SSLV3,
280         SSL_NOT_EXP|SSL_MEDIUM,
281         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
282         128,
283         128,
284         },
285 #endif
286
287 /* Cipher 08 */
288         {
289         1,
290         SSL3_TXT_RSA_DES_40_CBC_SHA,
291         SSL3_CK_RSA_DES_40_CBC_SHA,
292         SSL_kRSA,
293         SSL_aRSA,
294         SSL_DES,
295         SSL_SHA1,
296         SSL_SSLV3,
297         SSL_EXPORT|SSL_EXP40,
298         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
299         40,
300         56,
301         },
302
303 /* Cipher 09 */
304         {
305         1,
306         SSL3_TXT_RSA_DES_64_CBC_SHA,
307         SSL3_CK_RSA_DES_64_CBC_SHA,
308         SSL_kRSA,
309         SSL_aRSA,
310         SSL_DES,
311         SSL_SHA1,
312         SSL_SSLV3,
313         SSL_NOT_EXP|SSL_LOW,
314         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
315         56,
316         56,
317         },
318
319 /* Cipher 0A */
320         {
321         1,
322         SSL3_TXT_RSA_DES_192_CBC3_SHA,
323         SSL3_CK_RSA_DES_192_CBC3_SHA,
324         SSL_kRSA,
325         SSL_aRSA,
326         SSL_3DES,
327         SSL_SHA1,
328         SSL_SSLV3,
329         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
330         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
331         168,
332         168,
333         },
334
335 /* The DH ciphers */
336 /* Cipher 0B */
337         {
338         1,
339         SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
340         SSL3_CK_DH_DSS_DES_40_CBC_SHA,
341         SSL_kDHd,
342         SSL_aDH,
343         SSL_DES,
344         SSL_SHA1,
345         SSL_SSLV3,
346         SSL_EXPORT|SSL_EXP40,
347         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
348         40,
349         56,
350         },
351
352 /* Cipher 0C */
353         {
354         1,
355         SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
356         SSL3_CK_DH_DSS_DES_64_CBC_SHA,
357         SSL_kDHd,
358         SSL_aDH,
359         SSL_DES,
360         SSL_SHA1,
361         SSL_SSLV3,
362         SSL_NOT_EXP|SSL_LOW,
363         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
364         56,
365         56,
366         },
367
368 /* Cipher 0D */
369         {
370         1,
371         SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
372         SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
373         SSL_kDHd,
374         SSL_aDH,
375         SSL_3DES,
376         SSL_SHA1,
377         SSL_SSLV3,
378         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
379         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
380         168,
381         168,
382         },
383
384 /* Cipher 0E */
385         {
386         1,
387         SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
388         SSL3_CK_DH_RSA_DES_40_CBC_SHA,
389         SSL_kDHr,
390         SSL_aDH,
391         SSL_DES,
392         SSL_SHA1,
393         SSL_SSLV3,
394         SSL_EXPORT|SSL_EXP40,
395         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
396         40,
397         56,
398         },
399
400 /* Cipher 0F */
401         {
402         1,
403         SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
404         SSL3_CK_DH_RSA_DES_64_CBC_SHA,
405         SSL_kDHr,
406         SSL_aDH,
407         SSL_DES,
408         SSL_SHA1,
409         SSL_SSLV3,
410         SSL_NOT_EXP|SSL_LOW,
411         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
412         56,
413         56,
414         },
415
416 /* Cipher 10 */
417         {
418         1,
419         SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
420         SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
421         SSL_kDHr,
422         SSL_aDH,
423         SSL_3DES,
424         SSL_SHA1,
425         SSL_SSLV3,
426         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
428         168,
429         168,
430         },
431
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434         {
435         1,
436         SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437         SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438         SSL_kEDH,
439         SSL_aDSS,
440         SSL_DES,
441         SSL_SHA1,
442         SSL_SSLV3,
443         SSL_EXPORT|SSL_EXP40,
444         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
445         40,
446         56,
447         },
448
449 /* Cipher 12 */
450         {
451         1,
452         SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
453         SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
454         SSL_kEDH,
455         SSL_aDSS,
456         SSL_DES,
457         SSL_SHA1,
458         SSL_SSLV3,
459         SSL_NOT_EXP|SSL_LOW,
460         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
461         56,
462         56,
463         },
464
465 /* Cipher 13 */
466         {
467         1,
468         SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
469         SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
470         SSL_kEDH,
471         SSL_aDSS,
472         SSL_3DES,
473         SSL_SHA1,
474         SSL_SSLV3,
475         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
476         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
477         168,
478         168,
479         },
480
481 /* Cipher 14 */
482         {
483         1,
484         SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
485         SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
486         SSL_kEDH,
487         SSL_aRSA,
488         SSL_DES,
489         SSL_SHA1,
490         SSL_SSLV3,
491         SSL_EXPORT|SSL_EXP40,
492         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
493         40,
494         56,
495         },
496
497 /* Cipher 15 */
498         {
499         1,
500         SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
501         SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
502         SSL_kEDH,
503         SSL_aRSA,
504         SSL_DES,
505         SSL_SHA1,
506         SSL_SSLV3,
507         SSL_NOT_EXP|SSL_LOW,
508         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
509         56,
510         56,
511         },
512
513 /* Cipher 16 */
514         {
515         1,
516         SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
517         SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
518         SSL_kEDH,
519         SSL_aRSA,
520         SSL_3DES,
521         SSL_SHA1,
522         SSL_SSLV3,
523         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
524         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
525         168,
526         168,
527         },
528
529 /* Cipher 17 */
530         {
531         1,
532         SSL3_TXT_ADH_RC4_40_MD5,
533         SSL3_CK_ADH_RC4_40_MD5,
534         SSL_kEDH,
535         SSL_aNULL,
536         SSL_RC4,
537         SSL_MD5,
538         SSL_SSLV3,
539         SSL_EXPORT|SSL_EXP40,
540         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
541         40,
542         128,
543         },
544
545 /* Cipher 18 */
546         {
547         1,
548         SSL3_TXT_ADH_RC4_128_MD5,
549         SSL3_CK_ADH_RC4_128_MD5,
550         SSL_kEDH,
551         SSL_aNULL,
552         SSL_RC4,
553         SSL_MD5,
554         SSL_SSLV3,
555         SSL_NOT_EXP|SSL_MEDIUM,
556         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
557         128,
558         128,
559         },
560
561 /* Cipher 19 */
562         {
563         1,
564         SSL3_TXT_ADH_DES_40_CBC_SHA,
565         SSL3_CK_ADH_DES_40_CBC_SHA,
566         SSL_kEDH,
567         SSL_aNULL,
568         SSL_DES,
569         SSL_SHA1,
570         SSL_SSLV3,
571         SSL_EXPORT|SSL_EXP40,
572         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
573         40,
574         128,
575         },
576
577 /* Cipher 1A */
578         {
579         1,
580         SSL3_TXT_ADH_DES_64_CBC_SHA,
581         SSL3_CK_ADH_DES_64_CBC_SHA,
582         SSL_kEDH,
583         SSL_aNULL,
584         SSL_DES,
585         SSL_SHA1,
586         SSL_SSLV3,
587         SSL_NOT_EXP|SSL_LOW,
588         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
589         56,
590         56,
591         },
592
593 /* Cipher 1B */
594         {
595         1,
596         SSL3_TXT_ADH_DES_192_CBC_SHA,
597         SSL3_CK_ADH_DES_192_CBC_SHA,
598         SSL_kEDH,
599         SSL_aNULL,
600         SSL_3DES,
601         SSL_SHA1,
602         SSL_SSLV3,
603         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
604         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
605         168,
606         168,
607         },
608
609 /* Fortezza ciphersuite from SSL 3.0 spec */
610 #if 0
611 /* Cipher 1C */
612         {
613         0,
614         SSL3_TXT_FZA_DMS_NULL_SHA,
615         SSL3_CK_FZA_DMS_NULL_SHA,
616         SSL_kFZA,
617         SSL_aFZA,
618         SSL_eNULL,
619         SSL_SHA1,
620         SSL_SSLV3,
621         SSL_NOT_EXP|SSL_STRONG_NONE,
622         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
623         0,
624         0,
625         },
626
627 /* Cipher 1D */
628         {
629         0,
630         SSL3_TXT_FZA_DMS_FZA_SHA,
631         SSL3_CK_FZA_DMS_FZA_SHA,
632         SSL_kFZA,
633         SSL_aFZA,
634         SSL_eFZA,
635         SSL_SHA1,
636         SSL_SSLV3,
637         SSL_NOT_EXP|SSL_STRONG_NONE,
638         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
639         0,
640         0,
641         },
642
643 /* Cipher 1E */
644         {
645         0,
646         SSL3_TXT_FZA_DMS_RC4_SHA,
647         SSL3_CK_FZA_DMS_RC4_SHA,
648         SSL_kFZA,
649         SSL_aFZA,
650         SSL_RC4,
651         SSL_SHA1,
652         SSL_SSLV3,
653         SSL_NOT_EXP|SSL_MEDIUM,
654         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
655         128,
656         128,
657         },
658 #endif
659
660 #ifndef OPENSSL_NO_KRB5
661 /* The Kerberos ciphers*/
662 /* Cipher 1E */
663         {
664         1,
665         SSL3_TXT_KRB5_DES_64_CBC_SHA,
666         SSL3_CK_KRB5_DES_64_CBC_SHA,
667         SSL_kKRB5,
668         SSL_aKRB5,
669         SSL_DES,
670         SSL_SHA1,
671         SSL_SSLV3,
672         SSL_NOT_EXP|SSL_LOW,
673         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
674         56,
675         56,
676         },
677
678 /* Cipher 1F */
679         {
680         1,
681         SSL3_TXT_KRB5_DES_192_CBC3_SHA,
682         SSL3_CK_KRB5_DES_192_CBC3_SHA,
683         SSL_kKRB5,
684         SSL_aKRB5,
685         SSL_3DES,
686         SSL_SHA1,
687         SSL_SSLV3,
688         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
689         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
690         168,
691         168,
692         },
693
694 /* Cipher 20 */
695         {
696         1,
697         SSL3_TXT_KRB5_RC4_128_SHA,
698         SSL3_CK_KRB5_RC4_128_SHA,
699         SSL_kKRB5,
700         SSL_aKRB5,
701         SSL_RC4,
702         SSL_SHA1,
703         SSL_SSLV3,
704         SSL_NOT_EXP|SSL_MEDIUM,
705         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
706         128,
707         128,
708         },
709
710 /* Cipher 21 */
711         {
712         1,
713         SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
714         SSL3_CK_KRB5_IDEA_128_CBC_SHA,
715         SSL_kKRB5,
716         SSL_aKRB5,
717         SSL_IDEA,
718         SSL_SHA1,
719         SSL_SSLV3,
720         SSL_NOT_EXP|SSL_MEDIUM,
721         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
722         128,
723         128,
724         },
725
726 /* Cipher 22 */
727         {
728         1,
729         SSL3_TXT_KRB5_DES_64_CBC_MD5,
730         SSL3_CK_KRB5_DES_64_CBC_MD5,
731         SSL_kKRB5,
732         SSL_aKRB5,
733         SSL_DES,
734         SSL_MD5,
735         SSL_SSLV3,
736         SSL_NOT_EXP|SSL_LOW,
737         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
738         56,
739         56,
740         },
741
742 /* Cipher 23 */
743         {
744         1,
745         SSL3_TXT_KRB5_DES_192_CBC3_MD5,
746         SSL3_CK_KRB5_DES_192_CBC3_MD5,
747         SSL_kKRB5,
748         SSL_aKRB5,
749         SSL_3DES,
750         SSL_MD5,
751         SSL_SSLV3,
752         SSL_NOT_EXP|SSL_HIGH,
753         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
754         168,
755         168,
756         },
757
758 /* Cipher 24 */
759         {
760         1,
761         SSL3_TXT_KRB5_RC4_128_MD5,
762         SSL3_CK_KRB5_RC4_128_MD5,
763         SSL_kKRB5,
764         SSL_aKRB5,
765         SSL_RC4,
766         SSL_MD5,
767         SSL_SSLV3,
768         SSL_NOT_EXP|SSL_MEDIUM,
769         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
770         128,
771         128,
772         },
773
774 /* Cipher 25 */
775         {
776         1,
777         SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
778         SSL3_CK_KRB5_IDEA_128_CBC_MD5,
779         SSL_kKRB5,
780         SSL_aKRB5,
781         SSL_IDEA,
782         SSL_MD5,
783         SSL_SSLV3,
784         SSL_NOT_EXP|SSL_MEDIUM,
785         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
786         128,
787         128,
788         },
789
790 /* Cipher 26 */
791         {
792         1,
793         SSL3_TXT_KRB5_DES_40_CBC_SHA,
794         SSL3_CK_KRB5_DES_40_CBC_SHA,
795         SSL_kKRB5,
796         SSL_aKRB5,
797         SSL_DES,
798         SSL_SHA1,
799         SSL_SSLV3,
800         SSL_EXPORT|SSL_EXP40,
801         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
802         40,
803         56,
804         },
805
806 /* Cipher 27 */
807         {
808         1,
809         SSL3_TXT_KRB5_RC2_40_CBC_SHA,
810         SSL3_CK_KRB5_RC2_40_CBC_SHA,
811         SSL_kKRB5,
812         SSL_aKRB5,
813         SSL_RC2,
814         SSL_SHA1,
815         SSL_SSLV3,
816         SSL_EXPORT|SSL_EXP40,
817         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
818         40,
819         128,
820         },
821
822 /* Cipher 28 */
823         {
824         1,
825         SSL3_TXT_KRB5_RC4_40_SHA,
826         SSL3_CK_KRB5_RC4_40_SHA,
827         SSL_kKRB5,
828         SSL_aKRB5,
829         SSL_RC4,
830         SSL_SHA1,
831         SSL_SSLV3,
832         SSL_EXPORT|SSL_EXP40,
833         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
834         40,
835         128,
836         },
837
838 /* Cipher 29 */
839         {
840         1,
841         SSL3_TXT_KRB5_DES_40_CBC_MD5,
842         SSL3_CK_KRB5_DES_40_CBC_MD5,
843         SSL_kKRB5,
844         SSL_aKRB5,
845         SSL_DES,
846         SSL_MD5,
847         SSL_SSLV3,
848         SSL_EXPORT|SSL_EXP40,
849         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
850         40,
851         56,
852         },
853
854 /* Cipher 2A */
855         {
856         1,
857         SSL3_TXT_KRB5_RC2_40_CBC_MD5,
858         SSL3_CK_KRB5_RC2_40_CBC_MD5,
859         SSL_kKRB5,
860         SSL_aKRB5,
861         SSL_RC2,
862         SSL_MD5,
863         SSL_SSLV3,
864         SSL_EXPORT|SSL_EXP40,
865         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
866         40,
867         128,
868         },
869
870 /* Cipher 2B */
871         {
872         1,
873         SSL3_TXT_KRB5_RC4_40_MD5,
874         SSL3_CK_KRB5_RC4_40_MD5,
875         SSL_kKRB5,
876         SSL_aKRB5,
877         SSL_RC4,
878         SSL_MD5,
879         SSL_SSLV3,
880         SSL_EXPORT|SSL_EXP40,
881         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
882         40,
883         128,
884         },
885 #endif  /* OPENSSL_NO_KRB5 */
886
887 /* New AES ciphersuites */
888 /* Cipher 2F */
889         {
890         1,
891         TLS1_TXT_RSA_WITH_AES_128_SHA,
892         TLS1_CK_RSA_WITH_AES_128_SHA,
893         SSL_kRSA,
894         SSL_aRSA,
895         SSL_AES128,
896         SSL_SHA1,
897         SSL_TLSV1,
898         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
899         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
900         128,
901         128,
902         },
903 /* Cipher 30 */
904         {
905         1,
906         TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
907         TLS1_CK_DH_DSS_WITH_AES_128_SHA,
908         SSL_kDHd,
909         SSL_aDH,
910         SSL_AES128,
911         SSL_SHA1,
912         SSL_TLSV1,
913         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
914         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
915         128,
916         128,
917         },
918 /* Cipher 31 */
919         {
920         1,
921         TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
922         TLS1_CK_DH_RSA_WITH_AES_128_SHA,
923         SSL_kDHr,
924         SSL_aDH,
925         SSL_AES128,
926         SSL_SHA1,
927         SSL_TLSV1,
928         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
929         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
930         128,
931         128,
932         },
933 /* Cipher 32 */
934         {
935         1,
936         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
937         TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
938         SSL_kEDH,
939         SSL_aDSS,
940         SSL_AES128,
941         SSL_SHA1,
942         SSL_TLSV1,
943         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
944         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
945         128,
946         128,
947         },
948 /* Cipher 33 */
949         {
950         1,
951         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
952         TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
953         SSL_kEDH,
954         SSL_aRSA,
955         SSL_AES128,
956         SSL_SHA1,
957         SSL_TLSV1,
958         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
959         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
960         128,
961         128,
962         },
963 /* Cipher 34 */
964         {
965         1,
966         TLS1_TXT_ADH_WITH_AES_128_SHA,
967         TLS1_CK_ADH_WITH_AES_128_SHA,
968         SSL_kEDH,
969         SSL_aNULL,
970         SSL_AES128,
971         SSL_SHA1,
972         SSL_TLSV1,
973         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
974         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
975         128,
976         128,
977         },
978
979 /* Cipher 35 */
980         {
981         1,
982         TLS1_TXT_RSA_WITH_AES_256_SHA,
983         TLS1_CK_RSA_WITH_AES_256_SHA,
984         SSL_kRSA,
985         SSL_aRSA,
986         SSL_AES256,
987         SSL_SHA1,
988         SSL_TLSV1,
989         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
990         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
991         256,
992         256,
993         },
994 /* Cipher 36 */
995         {
996         1,
997         TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
998         TLS1_CK_DH_DSS_WITH_AES_256_SHA,
999         SSL_kDHd,
1000         SSL_aDH,
1001         SSL_AES256,
1002         SSL_SHA1,
1003         SSL_TLSV1,
1004         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1005         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1006         256,
1007         256,
1008         },
1009
1010 /* Cipher 37 */
1011         {
1012         1,
1013         TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1014         TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1015         SSL_kDHr,
1016         SSL_aDH,
1017         SSL_AES256,
1018         SSL_SHA1,
1019         SSL_TLSV1,
1020         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1021         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1022         256,
1023         256,
1024         },
1025
1026 /* Cipher 38 */
1027         {
1028         1,
1029         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1030         TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1031         SSL_kEDH,
1032         SSL_aDSS,
1033         SSL_AES256,
1034         SSL_SHA1,
1035         SSL_TLSV1,
1036         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1037         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1038         256,
1039         256,
1040         },
1041
1042 /* Cipher 39 */
1043         {
1044         1,
1045         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1046         TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1047         SSL_kEDH,
1048         SSL_aRSA,
1049         SSL_AES256,
1050         SSL_SHA1,
1051         SSL_TLSV1,
1052         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1053         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1054         256,
1055         256,
1056         },
1057
1058         /* Cipher 3A */
1059         {
1060         1,
1061         TLS1_TXT_ADH_WITH_AES_256_SHA,
1062         TLS1_CK_ADH_WITH_AES_256_SHA,
1063         SSL_kEDH,
1064         SSL_aNULL,
1065         SSL_AES256,
1066         SSL_SHA1,
1067         SSL_TLSV1,
1068         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1069         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1070         256,
1071         256,
1072         },
1073
1074         /* TLS v1.2 ciphersuites */
1075         /* Cipher 3B */
1076         {
1077         1,
1078         TLS1_TXT_RSA_WITH_NULL_SHA256,
1079         TLS1_CK_RSA_WITH_NULL_SHA256,
1080         SSL_kRSA,
1081         SSL_aRSA,
1082         SSL_eNULL,
1083         SSL_SHA256,
1084         SSL_TLSV1_2,
1085         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1086         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1087         0,
1088         0,
1089         },
1090
1091         /* Cipher 3C */
1092         {
1093         1,
1094         TLS1_TXT_RSA_WITH_AES_128_SHA256,
1095         TLS1_CK_RSA_WITH_AES_128_SHA256,
1096         SSL_kRSA,
1097         SSL_aRSA,
1098         SSL_AES128,
1099         SSL_SHA256,
1100         SSL_TLSV1_2,
1101         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1102         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1103         128,
1104         128,
1105         },
1106
1107         /* Cipher 3D */
1108         {
1109         1,
1110         TLS1_TXT_RSA_WITH_AES_256_SHA256,
1111         TLS1_CK_RSA_WITH_AES_256_SHA256,
1112         SSL_kRSA,
1113         SSL_aRSA,
1114         SSL_AES256,
1115         SSL_SHA256,
1116         SSL_TLSV1_2,
1117         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1118         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1119         256,
1120         256,
1121         },
1122
1123         /* Cipher 3E */
1124         {
1125         1,
1126         TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1127         TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1128         SSL_kDHd,
1129         SSL_aDH,
1130         SSL_AES128,
1131         SSL_SHA256,
1132         SSL_TLSV1_2,
1133         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1134         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1135         128,
1136         128,
1137         },
1138
1139         /* Cipher 3F */
1140         {
1141         1,
1142         TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1143         TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1144         SSL_kDHr,
1145         SSL_aDH,
1146         SSL_AES128,
1147         SSL_SHA256,
1148         SSL_TLSV1_2,
1149         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1150         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1151         128,
1152         128,
1153         },
1154
1155         /* Cipher 40 */
1156         {
1157         1,
1158         TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1159         TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1160         SSL_kEDH,
1161         SSL_aDSS,
1162         SSL_AES128,
1163         SSL_SHA256,
1164         SSL_TLSV1_2,
1165         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1166         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1167         128,
1168         128,
1169         },
1170
1171 #ifndef OPENSSL_NO_CAMELLIA
1172         /* Camellia ciphersuites from RFC4132 (128-bit portion) */
1173
1174         /* Cipher 41 */
1175         {
1176         1,
1177         TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1178         TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1179         SSL_kRSA,
1180         SSL_aRSA,
1181         SSL_CAMELLIA128,
1182         SSL_SHA1,
1183         SSL_TLSV1,
1184         SSL_NOT_EXP|SSL_HIGH,
1185         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1186         128,
1187         128,
1188         },
1189
1190         /* Cipher 42 */
1191         {
1192         1,
1193         TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1194         TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1195         SSL_kDHd,
1196         SSL_aDH,
1197         SSL_CAMELLIA128,
1198         SSL_SHA1,
1199         SSL_TLSV1,
1200         SSL_NOT_EXP|SSL_HIGH,
1201         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1202         128,
1203         128,
1204         },
1205
1206         /* Cipher 43 */
1207         {
1208         1,
1209         TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1210         TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1211         SSL_kDHr,
1212         SSL_aDH,
1213         SSL_CAMELLIA128,
1214         SSL_SHA1,
1215         SSL_TLSV1,
1216         SSL_NOT_EXP|SSL_HIGH,
1217         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1218         128,
1219         128,
1220         },
1221
1222         /* Cipher 44 */
1223         {
1224         1,
1225         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1226         TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1227         SSL_kEDH,
1228         SSL_aDSS,
1229         SSL_CAMELLIA128,
1230         SSL_SHA1,
1231         SSL_TLSV1,
1232         SSL_NOT_EXP|SSL_HIGH,
1233         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1234         128,
1235         128,
1236         },
1237
1238         /* Cipher 45 */
1239         {
1240         1,
1241         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1242         TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1243         SSL_kEDH,
1244         SSL_aRSA,
1245         SSL_CAMELLIA128,
1246         SSL_SHA1,
1247         SSL_TLSV1,
1248         SSL_NOT_EXP|SSL_HIGH,
1249         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1250         128,
1251         128,
1252         },
1253
1254         /* Cipher 46 */
1255         {
1256         1,
1257         TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1258         TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1259         SSL_kEDH,
1260         SSL_aNULL,
1261         SSL_CAMELLIA128,
1262         SSL_SHA1,
1263         SSL_TLSV1,
1264         SSL_NOT_EXP|SSL_HIGH,
1265         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1266         128,
1267         128,
1268         },
1269 #endif /* OPENSSL_NO_CAMELLIA */
1270
1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1272         /* New TLS Export CipherSuites from expired ID */
1273 #if 0
1274         /* Cipher 60 */
1275         {
1276         1,
1277         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1278         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1279         SSL_kRSA,
1280         SSL_aRSA,
1281         SSL_RC4,
1282         SSL_MD5,
1283         SSL_TLSV1,
1284         SSL_EXPORT|SSL_EXP56,
1285         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1286         56,
1287         128,
1288         },
1289
1290         /* Cipher 61 */
1291         {
1292         1,
1293         TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1294         TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1295         SSL_kRSA,
1296         SSL_aRSA,
1297         SSL_RC2,
1298         SSL_MD5,
1299         SSL_TLSV1,
1300         SSL_EXPORT|SSL_EXP56,
1301         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1302         56,
1303         128,
1304         },
1305 #endif
1306
1307         /* Cipher 62 */
1308         {
1309         1,
1310         TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1311         TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1312         SSL_kRSA,
1313         SSL_aRSA,
1314         SSL_DES,
1315         SSL_SHA1,
1316         SSL_TLSV1,
1317         SSL_EXPORT|SSL_EXP56,
1318         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1319         56,
1320         56,
1321         },
1322
1323         /* Cipher 63 */
1324         {
1325         1,
1326         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1327         TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1328         SSL_kEDH,
1329         SSL_aDSS,
1330         SSL_DES,
1331         SSL_SHA1,
1332         SSL_TLSV1,
1333         SSL_EXPORT|SSL_EXP56,
1334         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1335         56,
1336         56,
1337         },
1338
1339         /* Cipher 64 */
1340         {
1341         1,
1342         TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1343         TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1344         SSL_kRSA,
1345         SSL_aRSA,
1346         SSL_RC4,
1347         SSL_SHA1,
1348         SSL_TLSV1,
1349         SSL_EXPORT|SSL_EXP56,
1350         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1351         56,
1352         128,
1353         },
1354
1355         /* Cipher 65 */
1356         {
1357         1,
1358         TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1359         TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1360         SSL_kEDH,
1361         SSL_aDSS,
1362         SSL_RC4,
1363         SSL_SHA1,
1364         SSL_TLSV1,
1365         SSL_EXPORT|SSL_EXP56,
1366         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1367         56,
1368         128,
1369         },
1370
1371         /* Cipher 66 */
1372         {
1373         1,
1374         TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1375         TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1376         SSL_kEDH,
1377         SSL_aDSS,
1378         SSL_RC4,
1379         SSL_SHA1,
1380         SSL_TLSV1,
1381         SSL_NOT_EXP|SSL_MEDIUM,
1382         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1383         128,
1384         128,
1385         },
1386 #endif
1387
1388         /* TLS v1.2 ciphersuites */
1389         /* Cipher 67 */
1390         {
1391         1,
1392         TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1393         TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1394         SSL_kEDH,
1395         SSL_aRSA,
1396         SSL_AES128,
1397         SSL_SHA256,
1398         SSL_TLSV1_2,
1399         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1400         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1401         128,
1402         128,
1403         },
1404
1405         /* Cipher 68 */
1406         {
1407         1,
1408         TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1409         TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1410         SSL_kDHd,
1411         SSL_aDH,
1412         SSL_AES256,
1413         SSL_SHA256,
1414         SSL_TLSV1_2,
1415         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1416         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1417         256,
1418         256,
1419         },
1420
1421         /* Cipher 69 */
1422         {
1423         1,
1424         TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1425         TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1426         SSL_kDHr,
1427         SSL_aDH,
1428         SSL_AES256,
1429         SSL_SHA256,
1430         SSL_TLSV1_2,
1431         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1432         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1433         256,
1434         256,
1435         },
1436
1437         /* Cipher 6A */
1438         {
1439         1,
1440         TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1441         TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1442         SSL_kEDH,
1443         SSL_aDSS,
1444         SSL_AES256,
1445         SSL_SHA256,
1446         SSL_TLSV1_2,
1447         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1448         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1449         256,
1450         256,
1451         },
1452
1453         /* Cipher 6B */
1454         {
1455         1,
1456         TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1457         TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1458         SSL_kEDH,
1459         SSL_aRSA,
1460         SSL_AES256,
1461         SSL_SHA256,
1462         SSL_TLSV1_2,
1463         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1464         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1465         256,
1466         256,
1467         },
1468
1469         /* Cipher 6C */
1470         {
1471         1,
1472         TLS1_TXT_ADH_WITH_AES_128_SHA256,
1473         TLS1_CK_ADH_WITH_AES_128_SHA256,
1474         SSL_kEDH,
1475         SSL_aNULL,
1476         SSL_AES128,
1477         SSL_SHA256,
1478         SSL_TLSV1_2,
1479         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1480         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1481         128,
1482         128,
1483         },
1484
1485         /* Cipher 6D */
1486         {
1487         1,
1488         TLS1_TXT_ADH_WITH_AES_256_SHA256,
1489         TLS1_CK_ADH_WITH_AES_256_SHA256,
1490         SSL_kEDH,
1491         SSL_aNULL,
1492         SSL_AES256,
1493         SSL_SHA256,
1494         SSL_TLSV1_2,
1495         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1496         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1497         256,
1498         256,
1499         },
1500
1501         /* GOST Ciphersuites */
1502
1503         {
1504         1,
1505         "GOST94-GOST89-GOST89",
1506         0x3000080,
1507         SSL_kGOST,
1508         SSL_aGOST94,
1509         SSL_eGOST2814789CNT,
1510         SSL_GOST89MAC,
1511         SSL_TLSV1,
1512         SSL_NOT_EXP|SSL_HIGH,
1513         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1514         256,
1515         256
1516         },
1517         {
1518         1,
1519         "GOST2001-GOST89-GOST89",
1520         0x3000081,
1521         SSL_kGOST,
1522         SSL_aGOST01,
1523         SSL_eGOST2814789CNT,
1524         SSL_GOST89MAC,
1525         SSL_TLSV1,
1526         SSL_NOT_EXP|SSL_HIGH,
1527         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1528         256,
1529         256
1530         },
1531         {
1532         1,
1533         "GOST94-NULL-GOST94",
1534         0x3000082,
1535         SSL_kGOST,
1536         SSL_aGOST94,
1537         SSL_eNULL,
1538         SSL_GOST94,
1539         SSL_TLSV1,
1540         SSL_NOT_EXP|SSL_STRONG_NONE,
1541         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1542         0,
1543         0
1544         },
1545         {
1546         1,
1547         "GOST2001-NULL-GOST94",
1548         0x3000083,
1549         SSL_kGOST,
1550         SSL_aGOST01,
1551         SSL_eNULL,
1552         SSL_GOST94,
1553         SSL_TLSV1,
1554         SSL_NOT_EXP|SSL_STRONG_NONE,
1555         SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1556         0,
1557         0
1558         },
1559
1560 #ifndef OPENSSL_NO_CAMELLIA
1561         /* Camellia ciphersuites from RFC4132 (256-bit portion) */
1562
1563         /* Cipher 84 */
1564         {
1565         1,
1566         TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1567         TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1568         SSL_kRSA,
1569         SSL_aRSA,
1570         SSL_CAMELLIA256,
1571         SSL_SHA1,
1572         SSL_TLSV1,
1573         SSL_NOT_EXP|SSL_HIGH,
1574         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1575         256,
1576         256,
1577         },
1578         /* Cipher 85 */
1579         {
1580         1,
1581         TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1582         TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1583         SSL_kDHd,
1584         SSL_aDH,
1585         SSL_CAMELLIA256,
1586         SSL_SHA1,
1587         SSL_TLSV1,
1588         SSL_NOT_EXP|SSL_HIGH,
1589         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1590         256,
1591         256,
1592         },
1593
1594         /* Cipher 86 */
1595         {
1596         1,
1597         TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1598         TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1599         SSL_kDHr,
1600         SSL_aDH,
1601         SSL_CAMELLIA256,
1602         SSL_SHA1,
1603         SSL_TLSV1,
1604         SSL_NOT_EXP|SSL_HIGH,
1605         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1606         256,
1607         256,
1608         },
1609
1610         /* Cipher 87 */
1611         {
1612         1,
1613         TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1614         TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1615         SSL_kEDH,
1616         SSL_aDSS,
1617         SSL_CAMELLIA256,
1618         SSL_SHA1,
1619         SSL_TLSV1,
1620         SSL_NOT_EXP|SSL_HIGH,
1621         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1622         256,
1623         256,
1624         },
1625
1626         /* Cipher 88 */
1627         {
1628         1,
1629         TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1630         TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1631         SSL_kEDH,
1632         SSL_aRSA,
1633         SSL_CAMELLIA256,
1634         SSL_SHA1,
1635         SSL_TLSV1,
1636         SSL_NOT_EXP|SSL_HIGH,
1637         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1638         256,
1639         256,
1640         },
1641
1642         /* Cipher 89 */
1643         {
1644         1,
1645         TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1646         TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1647         SSL_kEDH,
1648         SSL_aNULL,
1649         SSL_CAMELLIA256,
1650         SSL_SHA1,
1651         SSL_TLSV1,
1652         SSL_NOT_EXP|SSL_HIGH,
1653         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1654         256,
1655         256,
1656         },
1657 #endif /* OPENSSL_NO_CAMELLIA */
1658
1659 #ifndef OPENSSL_NO_PSK
1660         /* Cipher 8A */
1661         {
1662         1,
1663         TLS1_TXT_PSK_WITH_RC4_128_SHA,
1664         TLS1_CK_PSK_WITH_RC4_128_SHA,
1665         SSL_kPSK,
1666         SSL_aPSK,
1667         SSL_RC4,
1668         SSL_SHA1,
1669         SSL_TLSV1,
1670         SSL_NOT_EXP|SSL_MEDIUM,
1671         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1672         128,
1673         128,
1674         },
1675
1676         /* Cipher 8B */
1677         {
1678         1,
1679         TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1680         TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1681         SSL_kPSK,
1682         SSL_aPSK,
1683         SSL_3DES,
1684         SSL_SHA1,
1685         SSL_TLSV1,
1686         SSL_NOT_EXP|SSL_HIGH,
1687         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1688         168,
1689         168,
1690         },
1691
1692         /* Cipher 8C */
1693         {
1694         1,
1695         TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1696         TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1697         SSL_kPSK,
1698         SSL_aPSK,
1699         SSL_AES128,
1700         SSL_SHA1,
1701         SSL_TLSV1,
1702         SSL_NOT_EXP|SSL_HIGH,
1703         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1704         128,
1705         128,
1706         },
1707
1708         /* Cipher 8D */
1709         {
1710         1,
1711         TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1712         TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1713         SSL_kPSK,
1714         SSL_aPSK,
1715         SSL_AES256,
1716         SSL_SHA1,
1717         SSL_TLSV1,
1718         SSL_NOT_EXP|SSL_HIGH,
1719         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1720         256,
1721         256,
1722         },
1723 #endif  /* OPENSSL_NO_PSK */
1724
1725 #ifndef OPENSSL_NO_SEED
1726         /* SEED ciphersuites from RFC4162 */
1727
1728         /* Cipher 96 */
1729         {
1730         1,
1731         TLS1_TXT_RSA_WITH_SEED_SHA,
1732         TLS1_CK_RSA_WITH_SEED_SHA,
1733         SSL_kRSA,
1734         SSL_aRSA,
1735         SSL_SEED,
1736         SSL_SHA1,
1737         SSL_TLSV1,
1738         SSL_NOT_EXP|SSL_MEDIUM,
1739         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1740         128,
1741         128,
1742         },
1743
1744         /* Cipher 97 */
1745         {
1746         1,
1747         TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1748         TLS1_CK_DH_DSS_WITH_SEED_SHA,
1749         SSL_kDHd,
1750         SSL_aDH,
1751         SSL_SEED,
1752         SSL_SHA1,
1753         SSL_TLSV1,
1754         SSL_NOT_EXP|SSL_MEDIUM,
1755         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1756         128,
1757         128,
1758         },
1759
1760         /* Cipher 98 */
1761         {
1762         1,
1763         TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1764         TLS1_CK_DH_RSA_WITH_SEED_SHA,
1765         SSL_kDHr,
1766         SSL_aDH,
1767         SSL_SEED,
1768         SSL_SHA1,
1769         SSL_TLSV1,
1770         SSL_NOT_EXP|SSL_MEDIUM,
1771         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1772         128,
1773         128,
1774         },
1775
1776         /* Cipher 99 */
1777         {
1778         1,
1779         TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1780         TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1781         SSL_kEDH,
1782         SSL_aDSS,
1783         SSL_SEED,
1784         SSL_SHA1,
1785         SSL_TLSV1,
1786         SSL_NOT_EXP|SSL_MEDIUM,
1787         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1788         128,
1789         128,
1790         },
1791
1792         /* Cipher 9A */
1793         {
1794         1,
1795         TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1796         TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1797         SSL_kEDH,
1798         SSL_aRSA,
1799         SSL_SEED,
1800         SSL_SHA1,
1801         SSL_TLSV1,
1802         SSL_NOT_EXP|SSL_MEDIUM,
1803         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1804         128,
1805         128,
1806         },
1807
1808         /* Cipher 9B */
1809         {
1810         1,
1811         TLS1_TXT_ADH_WITH_SEED_SHA,
1812         TLS1_CK_ADH_WITH_SEED_SHA,
1813         SSL_kEDH,
1814         SSL_aNULL,
1815         SSL_SEED,
1816         SSL_SHA1,
1817         SSL_TLSV1,
1818         SSL_NOT_EXP|SSL_MEDIUM,
1819         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1820         128,
1821         128,
1822         },
1823
1824 #endif /* OPENSSL_NO_SEED */
1825
1826         /* GCM ciphersuites from RFC5288 */
1827
1828         /* Cipher 9C */
1829         {
1830         1,
1831         TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1832         TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1833         SSL_kRSA,
1834         SSL_aRSA,
1835         SSL_AES128GCM,
1836         SSL_AEAD,
1837         SSL_TLSV1_2,
1838         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
1840                 FIXED_NONCE_LEN(4),
1841         128,
1842         128,
1843         },
1844
1845         /* Cipher 9D */
1846         {
1847         1,
1848         TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1849         TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1850         SSL_kRSA,
1851         SSL_aRSA,
1852         SSL_AES256GCM,
1853         SSL_AEAD,
1854         SSL_TLSV1_2,
1855         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1856         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
1857                 FIXED_NONCE_LEN(4),
1858         256,
1859         256,
1860         },
1861
1862         /* Cipher 9E */
1863         {
1864         1,
1865         TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1866         TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1867         SSL_kEDH,
1868         SSL_aRSA,
1869         SSL_AES128GCM,
1870         SSL_AEAD,
1871         SSL_TLSV1_2,
1872         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1873         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
1874                 FIXED_NONCE_LEN(4),
1875         128,
1876         128,
1877         },
1878
1879         /* Cipher 9F */
1880         {
1881         1,
1882         TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1883         TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1884         SSL_kEDH,
1885         SSL_aRSA,
1886         SSL_AES256GCM,
1887         SSL_AEAD,
1888         SSL_TLSV1_2,
1889         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1890         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
1891                 FIXED_NONCE_LEN(4),
1892         256,
1893         256,
1894         },
1895
1896         /* Cipher A0 */
1897         {
1898         1,
1899         TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1900         TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1901         SSL_kDHr,
1902         SSL_aDH,
1903         SSL_AES128GCM,
1904         SSL_AEAD,
1905         SSL_TLSV1_2,
1906         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1907         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
1908                 FIXED_NONCE_LEN(4),
1909         128,
1910         128,
1911         },
1912
1913         /* Cipher A1 */
1914         {
1915         1,
1916         TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1917         TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1918         SSL_kDHr,
1919         SSL_aDH,
1920         SSL_AES256GCM,
1921         SSL_AEAD,
1922         SSL_TLSV1_2,
1923         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1924         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
1925                 FIXED_NONCE_LEN(4),
1926         256,
1927         256,
1928         },
1929
1930         /* Cipher A2 */
1931         {
1932         1,
1933         TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1934         TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1935         SSL_kEDH,
1936         SSL_aDSS,
1937         SSL_AES128GCM,
1938         SSL_AEAD,
1939         SSL_TLSV1_2,
1940         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1941         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
1942                 FIXED_NONCE_LEN(4),
1943         128,
1944         128,
1945         },
1946
1947         /* Cipher A3 */
1948         {
1949         1,
1950         TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1951         TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1952         SSL_kEDH,
1953         SSL_aDSS,
1954         SSL_AES256GCM,
1955         SSL_AEAD,
1956         SSL_TLSV1_2,
1957         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1958         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
1959                 FIXED_NONCE_LEN(4),
1960         256,
1961         256,
1962         },
1963
1964         /* Cipher A4 */
1965         {
1966         1,
1967         TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1968         TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1969         SSL_kDHd,
1970         SSL_aDH,
1971         SSL_AES128GCM,
1972         SSL_AEAD,
1973         SSL_TLSV1_2,
1974         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1975         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
1976                 FIXED_NONCE_LEN(4),
1977         128,
1978         128,
1979         },
1980
1981         /* Cipher A5 */
1982         {
1983         1,
1984         TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1985         TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1986         SSL_kDHd,
1987         SSL_aDH,
1988         SSL_AES256GCM,
1989         SSL_AEAD,
1990         SSL_TLSV1_2,
1991         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1992         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
1993                 FIXED_NONCE_LEN(4),
1994         256,
1995         256,
1996         },
1997
1998         /* Cipher A6 */
1999         {
2000         1,
2001         TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
2002         TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
2003         SSL_kEDH,
2004         SSL_aNULL,
2005         SSL_AES128GCM,
2006         SSL_AEAD,
2007         SSL_TLSV1_2,
2008         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2009         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
2010                 FIXED_NONCE_LEN(4),
2011         128,
2012         128,
2013         },
2014
2015         /* Cipher A7 */
2016         {
2017         1,
2018         TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2019         TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2020         SSL_kEDH,
2021         SSL_aNULL,
2022         SSL_AES256GCM,
2023         SSL_AEAD,
2024         SSL_TLSV1_2,
2025         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2026         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
2027                 FIXED_NONCE_LEN(4),
2028         256,
2029         256,
2030         },
2031 #ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
2032         {
2033         1,
2034         "SCSV",
2035         SSL3_CK_SCSV,
2036         0,
2037         0,
2038         0,
2039         0,
2040         0,
2041         0,
2042         0,
2043         0,
2044         0
2045         },
2046 #endif
2047
2048 #ifndef OPENSSL_NO_ECDH
2049         /* Cipher C001 */
2050         {
2051         1,
2052         TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2053         TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2054         SSL_kECDHe,
2055         SSL_aECDH,
2056         SSL_eNULL,
2057         SSL_SHA1,
2058         SSL_TLSV1,
2059         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2060         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2061         0,
2062         0,
2063         },
2064
2065         /* Cipher C002 */
2066         {
2067         1,
2068         TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2069         TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2070         SSL_kECDHe,
2071         SSL_aECDH,
2072         SSL_RC4,
2073         SSL_SHA1,
2074         SSL_TLSV1,
2075         SSL_NOT_EXP|SSL_MEDIUM,
2076         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2077         128,
2078         128,
2079         },
2080
2081         /* Cipher C003 */
2082         {
2083         1,
2084         TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2085         TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2086         SSL_kECDHe,
2087         SSL_aECDH,
2088         SSL_3DES,
2089         SSL_SHA1,
2090         SSL_TLSV1,
2091         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2092         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2093         168,
2094         168,
2095         },
2096
2097         /* Cipher C004 */
2098         {
2099         1,
2100         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2101         TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2102         SSL_kECDHe,
2103         SSL_aECDH,
2104         SSL_AES128,
2105         SSL_SHA1,
2106         SSL_TLSV1,
2107         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2108         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2109         128,
2110         128,
2111         },
2112
2113         /* Cipher C005 */
2114         {
2115         1,
2116         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2117         TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2118         SSL_kECDHe,
2119         SSL_aECDH,
2120         SSL_AES256,
2121         SSL_SHA1,
2122         SSL_TLSV1,
2123         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2124         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2125         256,
2126         256,
2127         },
2128
2129         /* Cipher C006 */
2130         {
2131         1,
2132         TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2133         TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2134         SSL_kEECDH,
2135         SSL_aECDSA,
2136         SSL_eNULL,
2137         SSL_SHA1,
2138         SSL_TLSV1,
2139         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2140         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2141         0,
2142         0,
2143         },
2144
2145         /* Cipher C007 */
2146         {
2147         1,
2148         TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2149         TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2150         SSL_kEECDH,
2151         SSL_aECDSA,
2152         SSL_RC4,
2153         SSL_SHA1,
2154         SSL_TLSV1,
2155         SSL_NOT_EXP|SSL_MEDIUM,
2156         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2157         128,
2158         128,
2159         },
2160
2161         /* Cipher C008 */
2162         {
2163         1,
2164         TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2165         TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2166         SSL_kEECDH,
2167         SSL_aECDSA,
2168         SSL_3DES,
2169         SSL_SHA1,
2170         SSL_TLSV1,
2171         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2172         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2173         168,
2174         168,
2175         },
2176
2177         /* Cipher C009 */
2178         {
2179         1,
2180         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2181         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2182         SSL_kEECDH,
2183         SSL_aECDSA,
2184         SSL_AES128,
2185         SSL_SHA1,
2186         SSL_TLSV1,
2187         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2188         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2189         128,
2190         128,
2191         },
2192
2193         /* Cipher C00A */
2194         {
2195         1,
2196         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2197         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2198         SSL_kEECDH,
2199         SSL_aECDSA,
2200         SSL_AES256,
2201         SSL_SHA1,
2202         SSL_TLSV1,
2203         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2204         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2205         256,
2206         256,
2207         },
2208
2209         /* Cipher C00B */
2210         {
2211         1,
2212         TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2213         TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2214         SSL_kECDHr,
2215         SSL_aECDH,
2216         SSL_eNULL,
2217         SSL_SHA1,
2218         SSL_TLSV1,
2219         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2220         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2221         0,
2222         0,
2223         },
2224
2225         /* Cipher C00C */
2226         {
2227         1,
2228         TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2229         TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2230         SSL_kECDHr,
2231         SSL_aECDH,
2232         SSL_RC4,
2233         SSL_SHA1,
2234         SSL_TLSV1,
2235         SSL_NOT_EXP|SSL_MEDIUM,
2236         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2237         128,
2238         128,
2239         },
2240
2241         /* Cipher C00D */
2242         {
2243         1,
2244         TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2245         TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2246         SSL_kECDHr,
2247         SSL_aECDH,
2248         SSL_3DES,
2249         SSL_SHA1,
2250         SSL_TLSV1,
2251         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2252         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2253         168,
2254         168,
2255         },
2256
2257         /* Cipher C00E */
2258         {
2259         1,
2260         TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2261         TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2262         SSL_kECDHr,
2263         SSL_aECDH,
2264         SSL_AES128,
2265         SSL_SHA1,
2266         SSL_TLSV1,
2267         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2268         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2269         128,
2270         128,
2271         },
2272
2273         /* Cipher C00F */
2274         {
2275         1,
2276         TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2277         TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2278         SSL_kECDHr,
2279         SSL_aECDH,
2280         SSL_AES256,
2281         SSL_SHA1,
2282         SSL_TLSV1,
2283         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2284         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2285         256,
2286         256,
2287         },
2288
2289         /* Cipher C010 */
2290         {
2291         1,
2292         TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2293         TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2294         SSL_kEECDH,
2295         SSL_aRSA,
2296         SSL_eNULL,
2297         SSL_SHA1,
2298         SSL_TLSV1,
2299         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2300         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2301         0,
2302         0,
2303         },
2304
2305         /* Cipher C011 */
2306         {
2307         1,
2308         TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2309         TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2310         SSL_kEECDH,
2311         SSL_aRSA,
2312         SSL_RC4,
2313         SSL_SHA1,
2314         SSL_TLSV1,
2315         SSL_NOT_EXP|SSL_MEDIUM,
2316         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2317         128,
2318         128,
2319         },
2320
2321         /* Cipher C012 */
2322         {
2323         1,
2324         TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2325         TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2326         SSL_kEECDH,
2327         SSL_aRSA,
2328         SSL_3DES,
2329         SSL_SHA1,
2330         SSL_TLSV1,
2331         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2332         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2333         168,
2334         168,
2335         },
2336
2337         /* Cipher C013 */
2338         {
2339         1,
2340         TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2341         TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2342         SSL_kEECDH,
2343         SSL_aRSA,
2344         SSL_AES128,
2345         SSL_SHA1,
2346         SSL_TLSV1,
2347         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2348         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2349         128,
2350         128,
2351         },
2352
2353         /* Cipher C014 */
2354         {
2355         1,
2356         TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2357         TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2358         SSL_kEECDH,
2359         SSL_aRSA,
2360         SSL_AES256,
2361         SSL_SHA1,
2362         SSL_TLSV1,
2363         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2364         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2365         256,
2366         256,
2367         },
2368
2369         /* Cipher C015 */
2370         {
2371         1,
2372         TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2373         TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2374         SSL_kEECDH,
2375         SSL_aNULL,
2376         SSL_eNULL,
2377         SSL_SHA1,
2378         SSL_TLSV1,
2379         SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2380         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2381         0,
2382         0,
2383         },
2384
2385         /* Cipher C016 */
2386         {
2387         1,
2388         TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2389         TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2390         SSL_kEECDH,
2391         SSL_aNULL,
2392         SSL_RC4,
2393         SSL_SHA1,
2394         SSL_TLSV1,
2395         SSL_NOT_EXP|SSL_MEDIUM,
2396         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2397         128,
2398         128,
2399         },
2400
2401         /* Cipher C017 */
2402         {
2403         1,
2404         TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2405         TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2406         SSL_kEECDH,
2407         SSL_aNULL,
2408         SSL_3DES,
2409         SSL_SHA1,
2410         SSL_TLSV1,
2411         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2412         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2413         168,
2414         168,
2415         },
2416
2417         /* Cipher C018 */
2418         {
2419         1,
2420         TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2421         TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2422         SSL_kEECDH,
2423         SSL_aNULL,
2424         SSL_AES128,
2425         SSL_SHA1,
2426         SSL_TLSV1,
2427         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2428         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2429         128,
2430         128,
2431         },
2432
2433         /* Cipher C019 */
2434         {
2435         1,
2436         TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2437         TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2438         SSL_kEECDH,
2439         SSL_aNULL,
2440         SSL_AES256,
2441         SSL_SHA1,
2442         SSL_TLSV1,
2443         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2444         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2445         256,
2446         256,
2447         },
2448 #endif  /* OPENSSL_NO_ECDH */
2449
2450 #ifndef OPENSSL_NO_SRP
2451         /* Cipher C01A */
2452         {
2453         1,
2454         TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2455         TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2456         SSL_kSRP,
2457         SSL_aNULL,
2458         SSL_3DES,
2459         SSL_SHA1,
2460         SSL_TLSV1,
2461         SSL_NOT_EXP|SSL_HIGH,
2462         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2463         168,
2464         168,
2465         },
2466
2467         /* Cipher C01B */
2468         {
2469         1,
2470         TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2471         TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2472         SSL_kSRP,
2473         SSL_aRSA,
2474         SSL_3DES,
2475         SSL_SHA1,
2476         SSL_TLSV1,
2477         SSL_NOT_EXP|SSL_HIGH,
2478         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2479         168,
2480         168,
2481         },
2482
2483         /* Cipher C01C */
2484         {
2485         1,
2486         TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2487         TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2488         SSL_kSRP,
2489         SSL_aDSS,
2490         SSL_3DES,
2491         SSL_SHA1,
2492         SSL_TLSV1,
2493         SSL_NOT_EXP|SSL_HIGH,
2494         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2495         168,
2496         168,
2497         },
2498
2499         /* Cipher C01D */
2500         {
2501         1,
2502         TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2503         TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2504         SSL_kSRP,
2505         SSL_aNULL,
2506         SSL_AES128,
2507         SSL_SHA1,
2508         SSL_TLSV1,
2509         SSL_NOT_EXP|SSL_HIGH,
2510         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2511         128,
2512         128,
2513         },
2514
2515         /* Cipher C01E */
2516         {
2517         1,
2518         TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2519         TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2520         SSL_kSRP,
2521         SSL_aRSA,
2522         SSL_AES128,
2523         SSL_SHA1,
2524         SSL_TLSV1,
2525         SSL_NOT_EXP|SSL_HIGH,
2526         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2527         128,
2528         128,
2529         },
2530
2531         /* Cipher C01F */
2532         {
2533         1,
2534         TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2535         TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2536         SSL_kSRP,
2537         SSL_aDSS,
2538         SSL_AES128,
2539         SSL_SHA1,
2540         SSL_TLSV1,
2541         SSL_NOT_EXP|SSL_HIGH,
2542         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2543         128,
2544         128,
2545         },
2546
2547         /* Cipher C020 */
2548         {
2549         1,
2550         TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2551         TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2552         SSL_kSRP,
2553         SSL_aNULL,
2554         SSL_AES256,
2555         SSL_SHA1,
2556         SSL_TLSV1,
2557         SSL_NOT_EXP|SSL_HIGH,
2558         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2559         256,
2560         256,
2561         },
2562
2563         /* Cipher C021 */
2564         {
2565         1,
2566         TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2567         TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2568         SSL_kSRP,
2569         SSL_aRSA,
2570         SSL_AES256,
2571         SSL_SHA1,
2572         SSL_TLSV1,
2573         SSL_NOT_EXP|SSL_HIGH,
2574         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2575         256,
2576         256,
2577         },
2578
2579         /* Cipher C022 */
2580         {
2581         1,
2582         TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2583         TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2584         SSL_kSRP,
2585         SSL_aDSS,
2586         SSL_AES256,
2587         SSL_SHA1,
2588         SSL_TLSV1,
2589         SSL_NOT_EXP|SSL_HIGH,
2590         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2591         256,
2592         256,
2593         },
2594 #endif  /* OPENSSL_NO_SRP */
2595 #ifndef OPENSSL_NO_ECDH
2596
2597         /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2598
2599         /* Cipher C023 */
2600         {
2601         1,
2602         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2603         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2604         SSL_kEECDH,
2605         SSL_aECDSA,
2606         SSL_AES128,
2607         SSL_SHA256,
2608         SSL_TLSV1_2,
2609         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2610         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2611         128,
2612         128,
2613         },
2614
2615         /* Cipher C024 */
2616         {
2617         1,
2618         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2619         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2620         SSL_kEECDH,
2621         SSL_aECDSA,
2622         SSL_AES256,
2623         SSL_SHA384,
2624         SSL_TLSV1_2,
2625         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2626         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2627         256,
2628         256,
2629         },
2630
2631         /* Cipher C025 */
2632         {
2633         1,
2634         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2635         TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2636         SSL_kECDHe,
2637         SSL_aECDH,
2638         SSL_AES128,
2639         SSL_SHA256,
2640         SSL_TLSV1_2,
2641         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2642         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2643         128,
2644         128,
2645         },
2646
2647         /* Cipher C026 */
2648         {
2649         1,
2650         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2651         TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2652         SSL_kECDHe,
2653         SSL_aECDH,
2654         SSL_AES256,
2655         SSL_SHA384,
2656         SSL_TLSV1_2,
2657         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2658         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2659         256,
2660         256,
2661         },
2662
2663         /* Cipher C027 */
2664         {
2665         1,
2666         TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2667         TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2668         SSL_kEECDH,
2669         SSL_aRSA,
2670         SSL_AES128,
2671         SSL_SHA256,
2672         SSL_TLSV1_2,
2673         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2674         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2675         128,
2676         128,
2677         },
2678
2679         /* Cipher C028 */
2680         {
2681         1,
2682         TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2683         TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2684         SSL_kEECDH,
2685         SSL_aRSA,
2686         SSL_AES256,
2687         SSL_SHA384,
2688         SSL_TLSV1_2,
2689         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2690         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2691         256,
2692         256,
2693         },
2694
2695         /* Cipher C029 */
2696         {
2697         1,
2698         TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2699         TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2700         SSL_kECDHr,
2701         SSL_aECDH,
2702         SSL_AES128,
2703         SSL_SHA256,
2704         SSL_TLSV1_2,
2705         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2706         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2707         128,
2708         128,
2709         },
2710
2711         /* Cipher C02A */
2712         {
2713         1,
2714         TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2715         TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2716         SSL_kECDHr,
2717         SSL_aECDH,
2718         SSL_AES256,
2719         SSL_SHA384,
2720         SSL_TLSV1_2,
2721         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2722         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2723         256,
2724         256,
2725         },
2726
2727         /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2728
2729         /* Cipher C02B */
2730         {
2731         1,
2732         TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2733         TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2734         SSL_kEECDH,
2735         SSL_aECDSA,
2736         SSL_AES128GCM,
2737         SSL_AEAD,
2738         SSL_TLSV1_2,
2739         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2740         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
2741                 FIXED_NONCE_LEN(4),
2742         128,
2743         128,
2744         },
2745
2746         /* Cipher C02C */
2747         {
2748         1,
2749         TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2750         TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2751         SSL_kEECDH,
2752         SSL_aECDSA,
2753         SSL_AES256GCM,
2754         SSL_AEAD,
2755         SSL_TLSV1_2,
2756         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2757         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
2758                 FIXED_NONCE_LEN(4),
2759         256,
2760         256,
2761         },
2762
2763         /* Cipher C02D */
2764         {
2765         1,
2766         TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2767         TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2768         SSL_kECDHe,
2769         SSL_aECDH,
2770         SSL_AES128GCM,
2771         SSL_AEAD,
2772         SSL_TLSV1_2,
2773         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2774         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
2775                 FIXED_NONCE_LEN(4),
2776         128,
2777         128,
2778         },
2779
2780         /* Cipher C02E */
2781         {
2782         1,
2783         TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2784         TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2785         SSL_kECDHe,
2786         SSL_aECDH,
2787         SSL_AES256GCM,
2788         SSL_AEAD,
2789         SSL_TLSV1_2,
2790         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2791         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
2792                 FIXED_NONCE_LEN(4),
2793         256,
2794         256,
2795         },
2796
2797         /* Cipher C02F */
2798         {
2799         1,
2800         TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2801         TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2802         SSL_kEECDH,
2803         SSL_aRSA,
2804         SSL_AES128GCM,
2805         SSL_AEAD,
2806         SSL_TLSV1_2,
2807         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2808         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
2809                 FIXED_NONCE_LEN(4),
2810         128,
2811         128,
2812         },
2813
2814         /* Cipher C030 */
2815         {
2816         1,
2817         TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2818         TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2819         SSL_kEECDH,
2820         SSL_aRSA,
2821         SSL_AES256GCM,
2822         SSL_AEAD,
2823         SSL_TLSV1_2,
2824         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2825         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
2826                 FIXED_NONCE_LEN(4),
2827         256,
2828         256,
2829         },
2830
2831         /* Cipher C031 */
2832         {
2833         1,
2834         TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2835         TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2836         SSL_kECDHr,
2837         SSL_aECDH,
2838         SSL_AES128GCM,
2839         SSL_AEAD,
2840         SSL_TLSV1_2,
2841         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2842         SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|SSL_CIPHER_ALGORITHM2_AEAD|
2843                 FIXED_NONCE_LEN(4),
2844         128,
2845         128,
2846         },
2847
2848         /* Cipher C032 */
2849         {
2850         1,
2851         TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2852         TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2853         SSL_kECDHr,
2854         SSL_aECDH,
2855         SSL_AES256GCM,
2856         SSL_AEAD,
2857         SSL_TLSV1_2,
2858         SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2859         SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|SSL_CIPHER_ALGORITHM2_AEAD|
2860                 FIXED_NONCE_LEN(4),
2861         256,
2862         256,
2863         },
2864
2865 #endif /* OPENSSL_NO_ECDH */
2866
2867
2868 #ifdef TEMP_GOST_TLS
2869 /* Cipher FF00 */
2870         {
2871         1,
2872         "GOST-MD5",
2873         0x0300ff00,
2874         SSL_kRSA,
2875         SSL_aRSA,
2876         SSL_eGOST2814789CNT,
2877         SSL_MD5,
2878         SSL_TLSV1,
2879         SSL_NOT_EXP|SSL_HIGH,
2880         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2881         256,
2882         256,
2883         },
2884         {
2885         1,
2886         "GOST-GOST94",
2887         0x0300ff01,
2888         SSL_kRSA,
2889         SSL_aRSA,
2890         SSL_eGOST2814789CNT,
2891         SSL_GOST94,
2892         SSL_TLSV1,
2893         SSL_NOT_EXP|SSL_HIGH,
2894         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2895         256,
2896         256
2897         },
2898         {
2899         1,
2900         "GOST-GOST89MAC",
2901         0x0300ff02,
2902         SSL_kRSA,
2903         SSL_aRSA,
2904         SSL_eGOST2814789CNT,
2905         SSL_GOST89MAC,
2906         SSL_TLSV1,
2907         SSL_NOT_EXP|SSL_HIGH,
2908         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2909         256,
2910         256
2911         },
2912         {
2913         1,
2914         "GOST-GOST89STREAM",
2915         0x0300ff03,
2916         SSL_kRSA,
2917         SSL_aRSA,
2918         SSL_eGOST2814789CNT,
2919         SSL_GOST89MAC,
2920         SSL_TLSV1,
2921         SSL_NOT_EXP|SSL_HIGH,
2922         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2923         256,
2924         256
2925         },
2926 #endif
2927
2928 /* end of list */
2929         };
2930
2931 SSL3_ENC_METHOD SSLv3_enc_data={
2932         ssl3_enc,
2933         n_ssl3_mac,
2934         ssl3_setup_key_block,
2935         ssl3_generate_master_secret,
2936         ssl3_change_cipher_state,
2937         ssl3_final_finish_mac,
2938         MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2939         ssl3_cert_verify_mac,
2940         SSL3_MD_CLIENT_FINISHED_CONST,4,
2941         SSL3_MD_SERVER_FINISHED_CONST,4,
2942         ssl3_alert_code,
2943         (int (*)(SSL *, unsigned char *, size_t, const char *,
2944                  size_t, const unsigned char *, size_t,
2945                  int use_context))ssl_undefined_function,
2946         0,
2947         SSL3_HM_HEADER_LENGTH,
2948         ssl3_set_handshake_header,
2949         ssl3_handshake_write
2950         };
2951
2952 long ssl3_default_timeout(void)
2953         {
2954         /* 2 hours, the 24 hours mentioned in the SSLv3 spec
2955          * is way too long for http, the cache would over fill */
2956         return(60*60*2);
2957         }
2958
2959 int ssl3_num_ciphers(void)
2960         {
2961         return(SSL3_NUM_CIPHERS);
2962         }
2963
2964 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2965         {
2966         if (u < SSL3_NUM_CIPHERS)
2967                 return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2968         else
2969                 return(NULL);
2970         }
2971
2972 int ssl3_pending(const SSL *s)
2973         {
2974         if (s->rstate == SSL_ST_READ_BODY)
2975                 return 0;
2976         
2977         return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2978         }
2979
2980 void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
2981         {
2982         unsigned char *p = (unsigned char *)s->init_buf->data;
2983         *(p++) = htype;
2984         l2n3(len, p);
2985         s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
2986         s->init_off = 0;
2987         }
2988
2989 int ssl3_handshake_write(SSL *s)
2990         {
2991         return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
2992         }
2993
2994 int ssl3_new(SSL *s)
2995         {
2996         SSL3_STATE *s3;
2997
2998         if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2999         memset(s3,0,sizeof *s3);
3000         memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
3001         memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
3002
3003         s->s3=s3;
3004
3005 #ifndef OPENSSL_NO_SRP
3006         SSL_SRP_CTX_init(s);
3007 #endif
3008         s->method->ssl_clear(s);
3009         return(1);
3010 err:
3011         return(0);
3012         }
3013
3014 void ssl3_free(SSL *s)
3015         {
3016         if(s == NULL)
3017             return;
3018
3019 #ifdef TLSEXT_TYPE_opaque_prf_input
3020         if (s->s3->client_opaque_prf_input != NULL)
3021                 OPENSSL_free(s->s3->client_opaque_prf_input);
3022         if (s->s3->server_opaque_prf_input != NULL)
3023                 OPENSSL_free(s->s3->server_opaque_prf_input);
3024 #endif
3025
3026         ssl3_cleanup_key_block(s);
3027         if (s->s3->rbuf.buf != NULL)
3028                 ssl3_release_read_buffer(s);
3029         if (s->s3->wbuf.buf != NULL)
3030                 ssl3_release_write_buffer(s);
3031         if (s->s3->rrec.comp != NULL)
3032                 OPENSSL_free(s->s3->rrec.comp);
3033 #ifndef OPENSSL_NO_DH
3034         if (s->s3->tmp.dh != NULL)
3035                 DH_free(s->s3->tmp.dh);
3036 #endif
3037 #ifndef OPENSSL_NO_ECDH
3038         if (s->s3->tmp.ecdh != NULL)
3039                 EC_KEY_free(s->s3->tmp.ecdh);
3040 #endif
3041
3042         if (s->s3->tmp.ca_names != NULL)
3043                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3044         if (s->s3->handshake_buffer) {
3045                 BIO_free(s->s3->handshake_buffer);
3046         }
3047         if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
3048 #ifndef OPENSSL_NO_TLSEXT
3049         if (s->s3->alpn_selected)
3050                 OPENSSL_free(s->s3->alpn_selected);
3051 #endif
3052
3053 #ifndef OPENSSL_NO_SRP
3054         SSL_SRP_CTX_free(s);
3055 #endif
3056 #ifndef OPENSSL_NO_TLSEXT
3057         if (s->s3->tlsext_authz_client_types != NULL)
3058                 OPENSSL_free(s->s3->tlsext_authz_client_types);
3059         if (s->s3->tlsext_custom_types != NULL)
3060                 OPENSSL_free(s->s3->tlsext_custom_types);
3061 #endif
3062         OPENSSL_cleanse(s->s3,sizeof *s->s3);
3063         OPENSSL_free(s->s3);
3064         s->s3=NULL;
3065         }
3066
3067 void ssl3_clear(SSL *s)
3068         {
3069         unsigned char *rp,*wp;
3070         size_t rlen, wlen;
3071         int init_extra;
3072
3073 #ifdef TLSEXT_TYPE_opaque_prf_input
3074         if (s->s3->client_opaque_prf_input != NULL)
3075                 OPENSSL_free(s->s3->client_opaque_prf_input);
3076         s->s3->client_opaque_prf_input = NULL;
3077         if (s->s3->server_opaque_prf_input != NULL)
3078                 OPENSSL_free(s->s3->server_opaque_prf_input);
3079         s->s3->server_opaque_prf_input = NULL;
3080 #endif
3081
3082         ssl3_cleanup_key_block(s);
3083         if (s->s3->tmp.ca_names != NULL)
3084                 sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3085
3086         if (s->s3->rrec.comp != NULL)
3087                 {
3088                 OPENSSL_free(s->s3->rrec.comp);
3089                 s->s3->rrec.comp=NULL;
3090                 }
3091 #ifndef OPENSSL_NO_DH
3092         if (s->s3->tmp.dh != NULL)
3093                 {
3094                 DH_free(s->s3->tmp.dh);
3095                 s->s3->tmp.dh = NULL;
3096                 }
3097 #endif
3098 #ifndef OPENSSL_NO_ECDH
3099         if (s->s3->tmp.ecdh != NULL)
3100                 {
3101                 EC_KEY_free(s->s3->tmp.ecdh);
3102                 s->s3->tmp.ecdh = NULL;
3103                 }
3104 #endif
3105 #ifndef OPENSSL_NO_TLSEXT
3106         if (s->s3->tlsext_authz_client_types != NULL)
3107                 {
3108                 OPENSSL_free(s->s3->tlsext_authz_client_types);
3109                 s->s3->tlsext_authz_client_types = NULL;
3110                 }
3111         if (s->s3->tlsext_custom_types != NULL)
3112                 {
3113                 OPENSSL_free(s->s3->tlsext_custom_types);
3114                 s->s3->tlsext_custom_types = NULL;
3115                 }
3116         s->s3->tlsext_custom_types_count = 0;   
3117 #ifndef OPENSSL_NO_EC
3118         s->s3->is_probably_safari = 0;
3119 #endif /* !OPENSSL_NO_EC */
3120 #endif /* !OPENSSL_NO_TLSEXT */
3121
3122         rp = s->s3->rbuf.buf;
3123         wp = s->s3->wbuf.buf;
3124         rlen = s->s3->rbuf.len;
3125         wlen = s->s3->wbuf.len;
3126         init_extra = s->s3->init_extra;
3127         if (s->s3->handshake_buffer) {
3128                 BIO_free(s->s3->handshake_buffer);
3129                 s->s3->handshake_buffer = NULL;
3130         }
3131         if (s->s3->handshake_dgst) {
3132                 ssl3_free_digest_list(s);
3133         }       
3134
3135 #if !defined(OPENSSL_NO_TLSEXT)
3136         if (s->s3->alpn_selected)
3137                 {
3138                 free(s->s3->alpn_selected);
3139                 s->s3->alpn_selected = NULL;
3140                 }
3141 #endif
3142         memset(s->s3,0,sizeof *s->s3);
3143         s->s3->rbuf.buf = rp;
3144         s->s3->wbuf.buf = wp;
3145         s->s3->rbuf.len = rlen;
3146         s->s3->wbuf.len = wlen;
3147         s->s3->init_extra = init_extra;
3148
3149         ssl_free_wbio_buffer(s);
3150
3151         s->packet_length=0;
3152         s->s3->renegotiate=0;
3153         s->s3->total_renegotiations=0;
3154         s->s3->num_renegotiations=0;
3155         s->s3->in_read_app_data=0;
3156         s->version=SSL3_VERSION;
3157
3158 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3159         if (s->next_proto_negotiated)
3160                 {
3161                 OPENSSL_free(s->next_proto_negotiated);
3162                 s->next_proto_negotiated = NULL;
3163                 s->next_proto_negotiated_len = 0;
3164                 }
3165 #endif
3166         }
3167
3168 #ifndef OPENSSL_NO_SRP
3169 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
3170         {
3171         return BUF_strdup(s->srp_ctx.info) ;
3172         }
3173 #endif
3174
3175 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len);
3176
3177 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3178         {
3179         int ret=0;
3180
3181 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3182         if (
3183 #ifndef OPENSSL_NO_RSA
3184             cmd == SSL_CTRL_SET_TMP_RSA ||
3185             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3186 #endif
3187 #ifndef OPENSSL_NO_DSA
3188             cmd == SSL_CTRL_SET_TMP_DH ||
3189             cmd == SSL_CTRL_SET_TMP_DH_CB ||
3190 #endif
3191                 0)
3192                 {
3193                 if (!ssl_cert_inst(&s->cert))
3194                         {
3195                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3196                         return(0);
3197                         }
3198                 }
3199 #endif
3200
3201         switch (cmd)
3202                 {
3203         case SSL_CTRL_GET_SESSION_REUSED:
3204                 ret=s->hit;
3205                 break;
3206         case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3207                 break;
3208         case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3209                 ret=s->s3->num_renegotiations;
3210                 break;
3211         case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3212                 ret=s->s3->num_renegotiations;
3213                 s->s3->num_renegotiations=0;
3214                 break;
3215         case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3216                 ret=s->s3->total_renegotiations;
3217                 break;
3218         case SSL_CTRL_GET_FLAGS:
3219                 ret=(int)(s->s3->flags);
3220                 break;
3221 #ifndef OPENSSL_NO_RSA
3222         case SSL_CTRL_NEED_TMP_RSA:
3223                 if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3224                     ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3225                      (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
3226                         ret = 1;
3227                 break;
3228         case SSL_CTRL_SET_TMP_RSA:
3229                 {
3230                         RSA *rsa = (RSA *)parg;
3231                         if (rsa == NULL)
3232                                 {
3233                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3234                                 return(ret);
3235                                 }
3236                         if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
3237                                 {
3238                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3239                                 return(ret);
3240                                 }
3241                         if (s->cert->rsa_tmp != NULL)
3242                                 RSA_free(s->cert->rsa_tmp);
3243                         s->cert->rsa_tmp = rsa;
3244                         ret = 1;
3245                 }
3246                 break;
3247         case SSL_CTRL_SET_TMP_RSA_CB:
3248                 {
3249                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3250                 return(ret);
3251                 }
3252                 break;
3253 #endif
3254 #ifndef OPENSSL_NO_DH
3255         case SSL_CTRL_SET_TMP_DH:
3256                 {
3257                         DH *dh = (DH *)parg;
3258                         if (dh == NULL)
3259                                 {
3260                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3261                                 return(ret);
3262                                 }
3263                         if ((dh = DHparams_dup(dh)) == NULL)
3264                                 {
3265                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3266                                 return(ret);
3267                                 }
3268                         if (!(s->options & SSL_OP_SINGLE_DH_USE))
3269                                 {
3270                                 if (!DH_generate_key(dh))
3271                                         {
3272                                         DH_free(dh);
3273                                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3274                                         return(ret);
3275                                         }
3276                                 }
3277                         if (s->cert->dh_tmp != NULL)
3278                                 DH_free(s->cert->dh_tmp);
3279                         s->cert->dh_tmp = dh;
3280                         ret = 1;
3281                 }
3282                 break;
3283         case SSL_CTRL_SET_TMP_DH_CB:
3284                 {
3285                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3286                 return(ret);
3287                 }
3288                 break;
3289 #endif
3290 #ifndef OPENSSL_NO_ECDH
3291         case SSL_CTRL_SET_TMP_ECDH:
3292                 {
3293                 EC_KEY *ecdh = NULL;
3294                         
3295                 if (parg == NULL)
3296                         {
3297                         SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3298                         return(ret);
3299                         }
3300                 if (!EC_KEY_up_ref((EC_KEY *)parg))
3301                         {
3302                         SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3303                         return(ret);
3304                         }
3305                 ecdh = (EC_KEY *)parg;
3306                 if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
3307                         {
3308                         if (!EC_KEY_generate_key(ecdh))
3309                                 {
3310                                 EC_KEY_free(ecdh);
3311                                 SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3312                                 return(ret);
3313                                 }
3314                         }
3315                 if (s->cert->ecdh_tmp != NULL)
3316                         EC_KEY_free(s->cert->ecdh_tmp);
3317                 s->cert->ecdh_tmp = ecdh;
3318                 ret = 1;
3319                 }
3320                 break;
3321         case SSL_CTRL_SET_TMP_ECDH_CB:
3322                 {
3323                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3324                 return(ret);
3325                 }
3326                 break;
3327 #endif /* !OPENSSL_NO_ECDH */
3328 #ifndef OPENSSL_NO_TLSEXT
3329         case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3330                 if (larg == TLSEXT_NAMETYPE_host_name)
3331                         {
3332                         if (s->tlsext_hostname != NULL) 
3333                                 OPENSSL_free(s->tlsext_hostname);
3334                         s->tlsext_hostname = NULL;
3335
3336                         ret = 1;
3337                         if (parg == NULL) 
3338                                 break;
3339                         if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
3340                                 {
3341                                 SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3342                                 return 0;
3343                                 }
3344                         if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
3345                                 {
3346                                 SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3347                                 return 0;
3348                                 }
3349                         }
3350                 else
3351                         {
3352                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3353                         return 0;
3354                         }
3355                 break;
3356         case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3357                 s->tlsext_debug_arg=parg;
3358                 ret = 1;
3359                 break;
3360
3361 #ifdef TLSEXT_TYPE_opaque_prf_input
3362         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3363                 if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
3364                                    * (including the cert chain and everything) */
3365                         {
3366                         SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3367                         break;
3368                         }
3369                 if (s->tlsext_opaque_prf_input != NULL)
3370                         OPENSSL_free(s->tlsext_opaque_prf_input);
3371                 if ((size_t)larg == 0)
3372                         s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
3373                 else
3374                         s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
3375                 if (s->tlsext_opaque_prf_input != NULL)
3376                         {
3377                         s->tlsext_opaque_prf_input_len = (size_t)larg;
3378                         ret = 1;
3379                         }
3380                 else
3381                         s->tlsext_opaque_prf_input_len = 0;
3382                 break;
3383 #endif
3384
3385         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3386                 s->tlsext_status_type=larg;
3387                 ret = 1;
3388                 break;
3389
3390         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3391                 *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3392                 ret = 1;
3393                 break;
3394
3395         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3396                 s->tlsext_ocsp_exts = parg;
3397                 ret = 1;
3398                 break;
3399
3400         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3401                 *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3402                 ret = 1;
3403                 break;
3404
3405         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3406                 s->tlsext_ocsp_ids = parg;
3407                 ret = 1;
3408                 break;
3409
3410         case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3411                 *(unsigned char **)parg = s->tlsext_ocsp_resp;
3412                 return s->tlsext_ocsp_resplen;
3413                 
3414         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3415                 if (s->tlsext_ocsp_resp)
3416                         OPENSSL_free(s->tlsext_ocsp_resp);
3417                 s->tlsext_ocsp_resp = parg;
3418                 s->tlsext_ocsp_resplen = larg;
3419                 ret = 1;
3420                 break;
3421
3422 #ifndef OPENSSL_NO_HEARTBEATS
3423         case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3424                 if (SSL_IS_DTLS(s))
3425                         ret = dtls1_heartbeat(s);
3426                 else
3427                         ret = tls1_heartbeat(s);
3428                 break;
3429
3430         case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3431                 ret = s->tlsext_hb_pending;
3432                 break;
3433
3434         case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3435                 if (larg)
3436                         s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3437                 else
3438                         s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3439                 ret = 1;
3440                 break;
3441 #endif
3442
3443 #endif /* !OPENSSL_NO_TLSEXT */
3444
3445         case SSL_CTRL_CHAIN:
3446                 if (larg)
3447                         return ssl_cert_set1_chain(s->cert,
3448                                                 (STACK_OF (X509) *)parg);
3449                 else
3450                         return ssl_cert_set0_chain(s->cert,
3451                                                 (STACK_OF (X509) *)parg);
3452
3453         case SSL_CTRL_CHAIN_CERT:
3454                 if (larg)
3455                         return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg);
3456                 else
3457                         return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
3458
3459 #ifndef OPENSSL_NO_EC
3460         case SSL_CTRL_GET_CURVES:
3461                 {
3462                 unsigned char *clist;
3463                 size_t clistlen;
3464                 if (!s->session)
3465                         return 0;
3466                 clist = s->session->tlsext_ellipticcurvelist;
3467                 clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
3468                 if (parg)
3469                         {
3470                         size_t i;
3471                         int *cptr = parg;
3472                         unsigned int cid, nid;
3473                         for (i = 0; i < clistlen; i++)
3474                                 {
3475                                 n2s(clist, cid);
3476                                 nid = tls1_ec_curve_id2nid(cid);
3477                                 if (nid != 0)
3478                                         cptr[i] = nid;
3479                                 else
3480                                         cptr[i] = TLSEXT_nid_unknown | cid;
3481                                 }
3482                         }
3483                 return (int)clistlen;
3484                 }
3485
3486         case SSL_CTRL_SET_CURVES:
3487                 return tls1_set_curves(&s->tlsext_ellipticcurvelist,
3488                                         &s->tlsext_ellipticcurvelist_length,
3489                                                                 parg, larg);
3490
3491         case SSL_CTRL_SET_CURVES_LIST:
3492                 return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
3493                                         &s->tlsext_ellipticcurvelist_length,
3494                                                                 parg);
3495
3496         case SSL_CTRL_GET_SHARED_CURVE:
3497                 return tls1_shared_curve(s, larg);
3498
3499         case SSL_CTRL_SET_ECDH_AUTO:
3500                 s->cert->ecdh_tmp_auto = larg;
3501                 return 1;
3502 #endif
3503         case SSL_CTRL_SET_SIGALGS:
3504                 return tls1_set_sigalgs(s->cert, parg, larg, 0);
3505
3506         case SSL_CTRL_SET_SIGALGS_LIST:
3507                 return tls1_set_sigalgs_list(s->cert, parg, 0);
3508
3509         case SSL_CTRL_SET_CLIENT_SIGALGS:
3510                 return tls1_set_sigalgs(s->cert, parg, larg, 1);
3511
3512         case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3513                 return tls1_set_sigalgs_list(s->cert, parg, 1);
3514
3515         case SSL_CTRL_GET_CLIENT_CERT_TYPES:
3516                 {
3517                 const unsigned char **pctype = parg;
3518                 if (s->server || !s->s3->tmp.cert_req)
3519                         return 0;
3520                 if (s->cert->ctypes)
3521                         {
3522                         if (pctype)
3523                                 *pctype = s->cert->ctypes;
3524                         return (int)s->cert->ctype_num;
3525                         }
3526                 if (pctype)
3527                         *pctype = (unsigned char *)s->s3->tmp.ctype;
3528                 return s->s3->tmp.ctype_num;
3529                 }
3530
3531         case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3532                 if (!s->server)
3533                         return 0;
3534                 return ssl3_set_req_cert_type(s->cert, parg, larg);
3535
3536         case SSL_CTRL_BUILD_CERT_CHAIN:
3537                 return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg);
3538
3539         case SSL_CTRL_SET_VERIFY_CERT_STORE:
3540                 return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
3541
3542         case SSL_CTRL_SET_CHAIN_CERT_STORE:
3543                 return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
3544
3545         case SSL_CTRL_GET_PEER_SIGNATURE_NID:
3546                 if (SSL_USE_SIGALGS(s))
3547                         {
3548                         if (s->session && s->session->sess_cert)
3549                                 {
3550                                 const EVP_MD *sig;
3551                                 sig = s->session->sess_cert->peer_key->digest;
3552                                 if (sig)
3553                                         {
3554                                         *(int *)parg = EVP_MD_type(sig);
3555                                         return 1;
3556                                         }
3557                                 }
3558                         return 0;
3559                         }
3560                 /* Might want to do something here for other versions */
3561                 else
3562                         return 0;
3563
3564         case SSL_CTRL_GET_SERVER_TMP_KEY:
3565                 if (s->server || !s->session || !s->session->sess_cert)
3566                         return 0;
3567                 else
3568                         {
3569                         SESS_CERT *sc;
3570                         EVP_PKEY *ptmp;
3571                         int rv = 0;
3572                         sc = s->session->sess_cert;
3573 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC)
3574                         if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp
3575                                                         && !sc->peer_ecdh_tmp)
3576                                 return 0;
3577 #endif
3578                         ptmp = EVP_PKEY_new();
3579                         if (!ptmp)
3580                                 return 0;
3581                         if (0);
3582 #ifndef OPENSSL_NO_RSA
3583                         else if (sc->peer_rsa_tmp)
3584                                 rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
3585 #endif
3586 #ifndef OPENSSL_NO_DH
3587                         else if (sc->peer_dh_tmp)
3588                                 rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
3589 #endif
3590 #ifndef OPENSSL_NO_ECDH
3591                         else if (sc->peer_ecdh_tmp)
3592                                 rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
3593 #endif
3594                         if (rv)
3595                                 {
3596                                 *(EVP_PKEY **)parg = ptmp;
3597                                 return 1;
3598                                 }
3599                         EVP_PKEY_free(ptmp);
3600                         return 0;
3601                         }
3602 #ifndef OPENSSL_NO_EC
3603         case SSL_CTRL_GET_EC_POINT_FORMATS:
3604                 {
3605                 SSL_SESSION *sess = s->session;
3606                 const unsigned char **pformat = parg;
3607                 if (!sess || !sess->tlsext_ecpointformatlist)
3608                         return 0;
3609                 *pformat = sess->tlsext_ecpointformatlist;
3610                 return (int)sess->tlsext_ecpointformatlist_length;
3611                 }
3612 #endif
3613         default:
3614                 break;
3615                 }
3616         return(ret);
3617         }
3618
3619 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3620         {
3621         int ret=0;
3622
3623 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3624         if (
3625 #ifndef OPENSSL_NO_RSA
3626             cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3627 #endif
3628 #ifndef OPENSSL_NO_DSA
3629             cmd == SSL_CTRL_SET_TMP_DH_CB ||
3630 #endif
3631                 0)
3632                 {
3633                 if (!ssl_cert_inst(&s->cert))
3634                         {
3635                         SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
3636                         return(0);
3637                         }
3638                 }
3639 #endif
3640
3641         switch (cmd)
3642                 {
3643 #ifndef OPENSSL_NO_RSA
3644         case SSL_CTRL_SET_TMP_RSA_CB:
3645                 {
3646                 s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3647                 }
3648                 break;
3649 #endif
3650 #ifndef OPENSSL_NO_DH
3651         case SSL_CTRL_SET_TMP_DH_CB:
3652                 {
3653                 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3654                 }
3655                 break;
3656 #endif
3657 #ifndef OPENSSL_NO_ECDH
3658         case SSL_CTRL_SET_TMP_ECDH_CB:
3659                 {
3660                 s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3661                 }
3662                 break;
3663 #endif
3664 #ifndef OPENSSL_NO_TLSEXT
3665         case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3666                 s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
3667                                         unsigned char *, int, void *))fp;
3668                 break;
3669 #endif
3670         default:
3671                 break;
3672                 }
3673         return(ret);
3674         }
3675
3676 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3677         {
3678         CERT *cert;
3679
3680         cert=ctx->cert;
3681
3682         switch (cmd)
3683                 {
3684 #ifndef OPENSSL_NO_RSA
3685         case SSL_CTRL_NEED_TMP_RSA:
3686                 if (    (cert->rsa_tmp == NULL) &&
3687                         ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3688                          (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
3689                         )
3690                         return(1);
3691                 else
3692                         return(0);
3693                 /* break; */
3694         case SSL_CTRL_SET_TMP_RSA:
3695                 {
3696                 RSA *rsa;
3697                 int i;
3698
3699                 rsa=(RSA *)parg;
3700                 i=1;
3701                 if (rsa == NULL)
3702                         i=0;
3703                 else
3704                         {
3705                         if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
3706                                 i=0;
3707                         }
3708                 if (!i)
3709                         {
3710                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
3711                         return(0);
3712                         }
3713                 else
3714                         {
3715                         if (cert->rsa_tmp != NULL)
3716                                 RSA_free(cert->rsa_tmp);
3717                         cert->rsa_tmp=rsa;
3718                         return(1);
3719                         }
3720                 }
3721                 /* break; */
3722         case SSL_CTRL_SET_TMP_RSA_CB:
3723                 {
3724                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3725                 return(0);
3726                 }
3727                 break;
3728 #endif
3729 #ifndef OPENSSL_NO_DH
3730         case SSL_CTRL_SET_TMP_DH:
3731                 {
3732                 DH *new=NULL,*dh;
3733
3734                 dh=(DH *)parg;
3735                 if ((new=DHparams_dup(dh)) == NULL)
3736                         {
3737                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3738                         return 0;
3739                         }
3740                 if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
3741                         {
3742                         if (!DH_generate_key(new))
3743                                 {
3744                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3745                                 DH_free(new);
3746                                 return 0;
3747                                 }
3748                         }
3749                 if (cert->dh_tmp != NULL)
3750                         DH_free(cert->dh_tmp);
3751                 cert->dh_tmp=new;
3752                 return 1;
3753                 }
3754                 /*break; */
3755         case SSL_CTRL_SET_TMP_DH_CB:
3756                 {
3757                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3758                 return(0);
3759                 }
3760                 break;
3761 #endif
3762 #ifndef OPENSSL_NO_ECDH
3763         case SSL_CTRL_SET_TMP_ECDH:
3764                 {
3765                 EC_KEY *ecdh = NULL;
3766                         
3767                 if (parg == NULL)
3768                         {
3769                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3770                         return 0;
3771                         }
3772                 ecdh = EC_KEY_dup((EC_KEY *)parg);
3773                 if (ecdh == NULL)
3774                         {
3775                         SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3776                         return 0;
3777                         }
3778                 if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3779                         {
3780                         if (!EC_KEY_generate_key(ecdh))
3781                                 {
3782                                 EC_KEY_free(ecdh);
3783                                 SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3784                                 return 0;
3785                                 }
3786                         }
3787
3788                 if (cert->ecdh_tmp != NULL)
3789                         {
3790                         EC_KEY_free(cert->ecdh_tmp);
3791                         }
3792                 cert->ecdh_tmp = ecdh;
3793                 return 1;
3794                 }
3795                 /* break; */
3796         case SSL_CTRL_SET_TMP_ECDH_CB:
3797                 {
3798                 SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3799                 return(0);
3800                 }
3801                 break;
3802 #endif /* !OPENSSL_NO_ECDH */
3803 #ifndef OPENSSL_NO_TLSEXT
3804         case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3805                 ctx->tlsext_servername_arg=parg;
3806                 break;
3807         case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3808         case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3809                 {
3810                 unsigned char *keys = parg;
3811                 if (!keys)
3812                         return 48;
3813                 if (larg != 48)
3814                         {
3815                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3816                         return 0;
3817                         }
3818                 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3819                         {
3820                         memcpy(ctx->tlsext_tick_key_name, keys, 16);
3821                         memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3822                         memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3823                         }
3824                 else
3825                         {
3826                         memcpy(keys, ctx->tlsext_tick_key_name, 16);
3827                         memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3828                         memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3829                         }
3830                 return 1;
3831                 }
3832
3833 #ifdef TLSEXT_TYPE_opaque_prf_input
3834         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3835                 ctx->tlsext_opaque_prf_input_callback_arg = parg;
3836                 return 1;
3837 #endif
3838
3839         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3840                 ctx->tlsext_status_arg=parg;
3841                 return 1;
3842                 break;
3843
3844 #ifndef OPENSSL_NO_SRP
3845         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3846                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3847                 if (ctx->srp_ctx.login != NULL)
3848                         OPENSSL_free(ctx->srp_ctx.login);
3849                 ctx->srp_ctx.login = NULL;
3850                 if (parg == NULL)
3851                         break;
3852                 if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
3853                         {
3854                         SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3855                         return 0;
3856                         } 
3857                 if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3858                         {
3859                         SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3860                         return 0;
3861                         }
3862                 break;
3863         case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3864                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3865                 ctx->srp_ctx.info=parg;
3866                 break;
3867         case SSL_CTRL_SET_SRP_ARG:
3868                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3869                 ctx->srp_ctx.SRP_cb_arg=parg;
3870                 break;
3871
3872         case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3873                 ctx->srp_ctx.strength=larg;
3874                 break;
3875 #endif
3876
3877 #ifndef OPENSSL_NO_EC
3878         case SSL_CTRL_SET_CURVES:
3879                 return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
3880                                         &ctx->tlsext_ellipticcurvelist_length,
3881                                                                 parg, larg);
3882
3883         case SSL_CTRL_SET_CURVES_LIST:
3884                 return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
3885                                         &ctx->tlsext_ellipticcurvelist_length,
3886                                                                 parg);
3887         case SSL_CTRL_SET_ECDH_AUTO:
3888                 ctx->cert->ecdh_tmp_auto = larg;
3889                 return 1;
3890 #endif
3891         case SSL_CTRL_SET_SIGALGS:
3892                 return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
3893
3894         case SSL_CTRL_SET_SIGALGS_LIST:
3895                 return tls1_set_sigalgs_list(ctx->cert, parg, 0);
3896
3897         case SSL_CTRL_SET_CLIENT_SIGALGS:
3898                 return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
3899
3900         case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
3901                 return tls1_set_sigalgs_list(ctx->cert, parg, 1);
3902
3903         case SSL_CTRL_SET_CLIENT_CERT_TYPES:
3904                 return ssl3_set_req_cert_type(ctx->cert, parg, larg);
3905
3906         case SSL_CTRL_BUILD_CERT_CHAIN:
3907                 return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg);
3908
3909         case SSL_CTRL_SET_VERIFY_CERT_STORE:
3910                 return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
3911
3912         case SSL_CTRL_SET_CHAIN_CERT_STORE:
3913                 return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
3914
3915         case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG:
3916                 ctx->tlsext_authz_server_audit_proof_cb_arg = parg;
3917                 break;
3918
3919 #endif /* !OPENSSL_NO_TLSEXT */
3920
3921         /* A Thawte special :-) */
3922         case SSL_CTRL_EXTRA_CHAIN_CERT:
3923                 if (ctx->extra_certs == NULL)
3924                         {
3925                         if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3926                                 return(0);
3927                         }
3928                 sk_X509_push(ctx->extra_certs,(X509 *)parg);
3929                 break;
3930
3931         case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3932                 *(STACK_OF(X509) **)parg =  ctx->extra_certs;
3933                 break;
3934
3935         case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3936                 if (ctx->extra_certs)
3937                         {
3938                         sk_X509_pop_free(ctx->extra_certs, X509_free);
3939                         ctx->extra_certs = NULL;
3940                         }
3941                 break;
3942
3943         case SSL_CTRL_CHAIN:
3944                 if (larg)
3945                         return ssl_cert_set1_chain(ctx->cert,
3946                                                 (STACK_OF (X509) *)parg);
3947                 else
3948                         return ssl_cert_set0_chain(ctx->cert,
3949                                                 (STACK_OF (X509) *)parg);
3950
3951         case SSL_CTRL_CHAIN_CERT:
3952                 if (larg)
3953                         return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg);
3954                 else
3955                         return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg);
3956
3957         default:
3958                 return(0);
3959                 }
3960         return(1);
3961         }
3962
3963 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3964         {
3965         CERT *cert;
3966
3967         cert=ctx->cert;
3968
3969         switch (cmd)
3970                 {
3971 #ifndef OPENSSL_NO_RSA
3972         case SSL_CTRL_SET_TMP_RSA_CB:
3973                 {
3974                 cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3975                 }
3976                 break;
3977 #endif
3978 #ifndef OPENSSL_NO_DH
3979         case SSL_CTRL_SET_TMP_DH_CB:
3980                 {
3981                 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3982                 }
3983                 break;
3984 #endif
3985 #ifndef OPENSSL_NO_ECDH
3986         case SSL_CTRL_SET_TMP_ECDH_CB:
3987                 {
3988                 cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3989                 }
3990                 break;
3991 #endif
3992 #ifndef OPENSSL_NO_TLSEXT
3993         case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3994                 ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3995                 break;
3996
3997 #ifdef TLSEXT_TYPE_opaque_prf_input
3998         case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3999                 ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
4000                 break;
4001 #endif
4002
4003         case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
4004                 ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
4005                 break;
4006
4007         case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
4008                 ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char  *,
4009                                                 unsigned char *,
4010                                                 EVP_CIPHER_CTX *,
4011                                                 HMAC_CTX *, int))fp;
4012                 break;
4013
4014 #ifndef OPENSSL_NO_SRP
4015         case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
4016                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
4017                 ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
4018                 break;
4019         case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
4020                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
4021                 ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
4022                 break;
4023         case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
4024                 ctx->srp_ctx.srp_Mask|=SSL_kSRP;
4025                 ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
4026                 break;
4027 #endif
4028
4029         case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB:
4030                 ctx->tlsext_authz_server_audit_proof_cb =
4031                         (int (*)(SSL *, void *))fp;
4032                 break;
4033
4034 #endif
4035         default:
4036                 return(0);
4037                 }
4038         return(1);
4039         }
4040
4041 /* This function needs to check if the ciphers required are actually
4042  * available */
4043 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
4044         {
4045         SSL_CIPHER c;
4046         const SSL_CIPHER *cp;
4047         unsigned long id;
4048
4049         id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
4050         c.id=id;
4051         cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
4052 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
4053 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
4054 #endif
4055         return cp;
4056         }
4057
4058 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
4059         {
4060         long l;
4061
4062         if (p != NULL)
4063                 {
4064                 l=c->id;
4065                 if ((l & 0xff000000) != 0x03000000) return(0);
4066                 p[0]=((unsigned char)(l>> 8L))&0xFF;
4067                 p[1]=((unsigned char)(l     ))&0xFF;
4068                 }
4069         return(2);
4070         }
4071
4072 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
4073              STACK_OF(SSL_CIPHER) *srvr)
4074         {
4075         SSL_CIPHER *c,*ret=NULL;
4076         STACK_OF(SSL_CIPHER) *prio, *allow;
4077         int i,ii,ok;
4078         CERT *cert;
4079         unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
4080
4081         /* Let's see which ciphers we can support */
4082         cert=s->cert;
4083
4084 #if 0
4085         /* Do not set the compare functions, because this may lead to a
4086          * reordering by "id". We want to keep the original ordering.
4087          * We may pay a price in performance during sk_SSL_CIPHER_find(),
4088          * but would have to pay with the price of sk_SSL_CIPHER_dup().
4089          */
4090         sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
4091         sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
4092 #endif
4093
4094 #ifdef CIPHER_DEBUG
4095         printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
4096         for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
4097                 {
4098                 c=sk_SSL_CIPHER_value(srvr,i);
4099                 printf("%p:%s\n",(void *)c,c->name);
4100                 }
4101         printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
4102         for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
4103             {
4104             c=sk_SSL_CIPHER_value(clnt,i);
4105             printf("%p:%s\n",(void *)c,c->name);
4106             }
4107 #endif
4108
4109         if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s))
4110                 {
4111                 prio = srvr;
4112                 allow = clnt;
4113                 }
4114         else
4115                 {
4116                 prio = clnt;
4117                 allow = srvr;
4118                 }
4119
4120         tls1_set_cert_validity(s);
4121
4122         for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
4123                 {
4124                 c=sk_SSL_CIPHER_value(prio,i);
4125
4126                 /* Skip TLS v1.2 only ciphersuites if not supported */
4127                 if ((c->algorithm_ssl & SSL_TLSV1_2) && 
4128                         !SSL_USE_TLS1_2_CIPHERS(s))
4129                         continue;
4130
4131                 ssl_set_cert_masks(cert,c);
4132                 mask_k = cert->mask_k;
4133                 mask_a = cert->mask_a;
4134                 emask_k = cert->export_mask_k;
4135                 emask_a = cert->export_mask_a;
4136 #ifndef OPENSSL_NO_SRP
4137                 mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
4138                 emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
4139 #endif
4140                         
4141 #ifdef KSSL_DEBUG
4142 /*              printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
4143 #endif    /* KSSL_DEBUG */
4144
4145                 alg_k=c->algorithm_mkey;
4146                 alg_a=c->algorithm_auth;
4147
4148 #ifndef OPENSSL_NO_KRB5
4149                 if (alg_k & SSL_kKRB5)
4150                         {
4151                         if ( !kssl_keytab_is_available(s->kssl_ctx) )
4152                             continue;
4153                         }
4154 #endif /* OPENSSL_NO_KRB5 */
4155 #ifndef OPENSSL_NO_PSK
4156                 /* with PSK there must be server callback set */
4157                 if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
4158                         continue;
4159 #endif /* OPENSSL_NO_PSK */
4160
4161                 if (SSL_C_IS_EXPORT(c))
4162                         {
4163                         ok = (alg_k & emask_k) && (alg_a & emask_a);
4164 #ifdef CIPHER_DEBUG
4165                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
4166                                (void *)c,c->name);
4167 #endif
4168                         }
4169                 else
4170                         {
4171                         ok = (alg_k & mask_k) && (alg_a & mask_a);
4172 #ifdef CIPHER_DEBUG
4173                         printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
4174                                c->name);
4175 #endif
4176                         }
4177
4178 #ifndef OPENSSL_NO_TLSEXT
4179 #ifndef OPENSSL_NO_EC
4180                 /* if we are considering an ECC cipher suite that uses
4181                  * an ephemeral EC key check it */
4182                 if (alg_k & SSL_kEECDH)
4183                         ok = ok && tls1_check_ec_tmp_key(s, c->id);
4184 #endif /* OPENSSL_NO_EC */
4185 #endif /* OPENSSL_NO_TLSEXT */
4186
4187                 if (!ok) continue;
4188                 ii=sk_SSL_CIPHER_find(allow,c);
4189                 if (ii >= 0)
4190                         {
4191 #if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
4192                         if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA) && s->s3->is_probably_safari)
4193                                 {
4194                                 if (!ret) ret=sk_SSL_CIPHER_value(allow,ii);
4195                                 continue;
4196                                 }
4197 #endif
4198                         ret=sk_SSL_CIPHER_value(allow,ii);
4199                         break;
4200                         }
4201                 }
4202         return(ret);
4203         }
4204
4205 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
4206         {
4207         int ret=0;
4208         const unsigned char *sig;
4209         size_t i, siglen;
4210         int have_rsa_sign = 0, have_dsa_sign = 0;
4211 #ifndef OPENSSL_NO_ECDSA
4212         int have_ecdsa_sign = 0;
4213 #endif
4214         int nostrict = 1;
4215         unsigned long alg_k;
4216
4217         /* If we have custom certificate types set, use them */
4218         if (s->cert->ctypes)
4219                 {
4220                 memcpy(p, s->cert->ctypes, s->cert->ctype_num);
4221                 return (int)s->cert->ctype_num;
4222                 }
4223         /* get configured sigalgs */
4224         siglen = tls12_get_psigalgs(s, &sig);
4225         if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
4226                 nostrict = 0;
4227         for (i = 0; i < siglen; i+=2, sig+=2)
4228                 {
4229                 switch(sig[1])
4230                         {
4231                 case TLSEXT_signature_rsa:
4232                         have_rsa_sign = 1;
4233                         break;
4234
4235                 case TLSEXT_signature_dsa:
4236                         have_dsa_sign = 1;
4237                         break;
4238 #ifndef OPENSSL_NO_ECDSA
4239                 case TLSEXT_signature_ecdsa:
4240                         have_ecdsa_sign = 1;
4241                         break;
4242 #endif
4243                         }
4244                 }
4245
4246         alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4247
4248 #ifndef OPENSSL_NO_GOST
4249         if (s->version >= TLS1_VERSION)
4250                 {
4251                 if (alg_k & SSL_kGOST)
4252                         {
4253                         p[ret++]=TLS_CT_GOST94_SIGN;
4254                         p[ret++]=TLS_CT_GOST01_SIGN;
4255                         return(ret);
4256                         }
4257                 }
4258 #endif
4259
4260 #ifndef OPENSSL_NO_DH
4261         if (alg_k & (SSL_kDHr|SSL_kEDH))
4262                 {
4263 #  ifndef OPENSSL_NO_RSA
4264                 /* Since this refers to a certificate signed with an RSA
4265                  * algorithm, only check for rsa signing in strict mode.
4266                  */
4267                 if (nostrict || have_rsa_sign)
4268                         p[ret++]=SSL3_CT_RSA_FIXED_DH;
4269 #  endif
4270 #  ifndef OPENSSL_NO_DSA
4271                 if (nostrict || have_dsa_sign)
4272                         p[ret++]=SSL3_CT_DSS_FIXED_DH;
4273 #  endif
4274                 }
4275         if ((s->version == SSL3_VERSION) &&
4276                 (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
4277                 {
4278 #  ifndef OPENSSL_NO_RSA
4279                 p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
4280 #  endif
4281 #  ifndef OPENSSL_NO_DSA
4282                 p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
4283 #  endif
4284                 }
4285 #endif /* !OPENSSL_NO_DH */
4286 #ifndef OPENSSL_NO_RSA
4287         if (have_rsa_sign)
4288                 p[ret++]=SSL3_CT_RSA_SIGN;
4289 #endif
4290 #ifndef OPENSSL_NO_DSA
4291         if (have_dsa_sign)
4292                 p[ret++]=SSL3_CT_DSS_SIGN;
4293 #endif
4294 #ifndef OPENSSL_NO_ECDH
4295         if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
4296                 {
4297                 if (nostrict || have_rsa_sign)
4298                         p[ret++]=TLS_CT_RSA_FIXED_ECDH;
4299                 if (nostrict || have_ecdsa_sign)
4300                         p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
4301                 }
4302 #endif
4303
4304 #ifndef OPENSSL_NO_ECDSA
4305         /* ECDSA certs can be used with RSA cipher suites as well 
4306          * so we don't need to check for SSL_kECDH or SSL_kEECDH
4307          */
4308         if (s->version >= TLS1_VERSION)
4309                 {
4310                 if (have_ecdsa_sign)
4311                         p[ret++]=TLS_CT_ECDSA_SIGN;
4312                 }
4313 #endif  
4314         return(ret);
4315         }
4316
4317 static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
4318         {
4319         if (c->ctypes)
4320                 {
4321                 OPENSSL_free(c->ctypes);
4322                 c->ctypes = NULL;
4323                 }
4324         if (!p || !len)
4325                 return 1;
4326         if (len > 0xff)
4327                 return 0;
4328         c->ctypes = OPENSSL_malloc(len);
4329         if (!c->ctypes)
4330                 return 0;
4331         memcpy(c->ctypes, p, len);
4332         c->ctype_num = len;
4333         return 1;
4334         }
4335
4336 int ssl3_shutdown(SSL *s)
4337         {
4338         int ret;
4339
4340         /* Don't do anything much if we have not done the handshake or
4341          * we don't want to send messages :-) */
4342         if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
4343                 {
4344                 s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
4345                 return(1);
4346                 }
4347
4348         if (!(s->shutdown & SSL_SENT_SHUTDOWN))
4349                 {
4350                 s->shutdown|=SSL_SENT_SHUTDOWN;
4351 #if 1
4352                 ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
4353 #endif
4354                 /* our shutdown alert has been sent now, and if it still needs
4355                  * to be written, s->s3->alert_dispatch will be true */
4356                 if (s->s3->alert_dispatch)
4357                         return(-1);     /* return WANT_WRITE */
4358                 }
4359         else if (s->s3->alert_dispatch)
4360                 {
4361                 /* resend it if not sent */
4362 #if 1
4363                 re