OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
s3_lib.c
Go to the documentation of this file.
1 /* ssl/s3_lib.c */
2 /* Copyright (C) 1995-1998 Eric Young ([email protected])
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young ([email protected]).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to. The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson ([email protected]).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  * notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  * notice, this list of conditions and the following disclaimer in the
30  * documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  * must display the following acknowledgement:
33  * "This product includes cryptographic software written by
34  * Eric Young ([email protected])"
35  * The word 'cryptographic' can be left out if the rouines from the library
36  * being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  * the apps directory (application code) you must include an acknowledgement:
39  * "This product includes software written by Tim Hudson ([email protected])"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed. i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  * notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  * notice, this list of conditions and the following disclaimer in
70  * the documentation and/or other materials provided with the
71  * distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  * software must display the following acknowledgment:
75  * "This product includes software developed by the OpenSSL Project
76  * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  * endorse or promote products derived from this software without
80  * prior written permission. For written permission, please contact
81  * [email protected].
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  * nor may "OpenSSL" appear in their names without prior written
85  * permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  * acknowledgment:
89  * "This product includes software developed by the OpenSSL Project
90  * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * ([email protected]). This product includes software written by Tim
108  * Hudson ([email protected]).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  *
114  * Portions of the attached software ("Contribution") are developed by
115  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
116  *
117  * The Contribution is licensed pursuant to the OpenSSL open source
118  * license provided above.
119  *
120  * ECC cipher suite support in OpenSSL originally written by
121  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
122  *
123  */
124 /* ====================================================================
125  * Copyright 2005 Nokia. All rights reserved.
126  *
127  * The portions of the attached software ("Contribution") is developed by
128  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
129  * license.
130  *
131  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
132  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
133  * support (see RFC 4279) to OpenSSL.
134  *
135  * No patent licenses or other rights except those expressly stated in
136  * the OpenSSL open source license shall be deemed granted or received
137  * expressly, by implication, estoppel, or otherwise.
138  *
139  * No assurances are provided by Nokia that the Contribution does not
140  * infringe the patent or other intellectual property rights of any third
141  * party or that the license provides you with all the necessary rights
142  * to make use of the Contribution.
143  *
144  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
145  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
146  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
147  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
148  * OTHERWISE.
149  */
150 
151 #include <stdio.h>
152 #include <openssl/objects.h>
153 #include "ssl_locl.h"
154 #include "kssl_lcl.h"
155 #ifndef OPENSSL_NO_TLSEXT
156 #ifndef OPENSSL_NO_EC
157 #include "../crypto/ec/ec_lcl.h"
158 #endif /* OPENSSL_NO_EC */
159 #endif /* OPENSSL_NO_TLSEXT */
160 #include <openssl/md5.h>
161 #ifndef OPENSSL_NO_DH
162 #include <openssl/dh.h>
163 #endif
164 
165 const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
166 
167 #define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
168 
169 /* list of available SSLv3 ciphers (sorted by id) */
170 OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
171 
172 /* The RSA ciphers */
173 /* Cipher 01 */
174  {
175  1,
176  SSL3_TXT_RSA_NULL_MD5,
177  SSL3_CK_RSA_NULL_MD5,
178  SSL_kRSA,
179  SSL_aRSA,
180  SSL_eNULL,
181  SSL_MD5,
182  SSL_SSLV3,
183  SSL_NOT_EXP|SSL_STRONG_NONE,
184  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
185  0,
186  0,
187  },
188 
189 /* Cipher 02 */
190  {
191  1,
192  SSL3_TXT_RSA_NULL_SHA,
193  SSL3_CK_RSA_NULL_SHA,
194  SSL_kRSA,
195  SSL_aRSA,
196  SSL_eNULL,
197  SSL_SHA1,
198  SSL_SSLV3,
199  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
200  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
201  0,
202  0,
203  },
204 
205 /* Cipher 03 */
206  {
207  1,
208  SSL3_TXT_RSA_RC4_40_MD5,
209  SSL3_CK_RSA_RC4_40_MD5,
210  SSL_kRSA,
211  SSL_aRSA,
212  SSL_RC4,
213  SSL_MD5,
214  SSL_SSLV3,
215  SSL_EXPORT|SSL_EXP40,
216  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
217  40,
218  128,
219  },
220 
221 /* Cipher 04 */
222  {
223  1,
224  SSL3_TXT_RSA_RC4_128_MD5,
225  SSL3_CK_RSA_RC4_128_MD5,
226  SSL_kRSA,
227  SSL_aRSA,
228  SSL_RC4,
229  SSL_MD5,
230  SSL_SSLV3,
231  SSL_NOT_EXP|SSL_MEDIUM,
232  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
233  128,
234  128,
235  },
236 
237 /* Cipher 05 */
238  {
239  1,
240  SSL3_TXT_RSA_RC4_128_SHA,
241  SSL3_CK_RSA_RC4_128_SHA,
242  SSL_kRSA,
243  SSL_aRSA,
244  SSL_RC4,
245  SSL_SHA1,
246  SSL_SSLV3,
247  SSL_NOT_EXP|SSL_MEDIUM,
248  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
249  128,
250  128,
251  },
252 
253 /* Cipher 06 */
254  {
255  1,
256  SSL3_TXT_RSA_RC2_40_MD5,
257  SSL3_CK_RSA_RC2_40_MD5,
258  SSL_kRSA,
259  SSL_aRSA,
260  SSL_RC2,
261  SSL_MD5,
262  SSL_SSLV3,
263  SSL_EXPORT|SSL_EXP40,
264  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
265  40,
266  128,
267  },
268 
269 /* Cipher 07 */
270 #ifndef OPENSSL_NO_IDEA
271  {
272  1,
273  SSL3_TXT_RSA_IDEA_128_SHA,
274  SSL3_CK_RSA_IDEA_128_SHA,
275  SSL_kRSA,
276  SSL_aRSA,
277  SSL_IDEA,
278  SSL_SHA1,
279  SSL_SSLV3,
280  SSL_NOT_EXP|SSL_MEDIUM,
281  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
282  128,
283  128,
284  },
285 #endif
286 
287 /* Cipher 08 */
288  {
289  1,
290  SSL3_TXT_RSA_DES_40_CBC_SHA,
291  SSL3_CK_RSA_DES_40_CBC_SHA,
292  SSL_kRSA,
293  SSL_aRSA,
294  SSL_DES,
295  SSL_SHA1,
296  SSL_SSLV3,
297  SSL_EXPORT|SSL_EXP40,
298  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
299  40,
300  56,
301  },
302 
303 /* Cipher 09 */
304  {
305  1,
306  SSL3_TXT_RSA_DES_64_CBC_SHA,
307  SSL3_CK_RSA_DES_64_CBC_SHA,
308  SSL_kRSA,
309  SSL_aRSA,
310  SSL_DES,
311  SSL_SHA1,
312  SSL_SSLV3,
313  SSL_NOT_EXP|SSL_LOW,
314  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
315  56,
316  56,
317  },
318 
319 /* Cipher 0A */
320  {
321  1,
322  SSL3_TXT_RSA_DES_192_CBC3_SHA,
323  SSL3_CK_RSA_DES_192_CBC3_SHA,
324  SSL_kRSA,
325  SSL_aRSA,
326  SSL_3DES,
327  SSL_SHA1,
328  SSL_SSLV3,
329  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
330  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
331  168,
332  168,
333  },
334 
335 /* The DH ciphers */
336 /* Cipher 0B */
337  {
338  0,
339  SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
340  SSL3_CK_DH_DSS_DES_40_CBC_SHA,
341  SSL_kDHd,
342  SSL_aDH,
343  SSL_DES,
344  SSL_SHA1,
345  SSL_SSLV3,
346  SSL_EXPORT|SSL_EXP40,
347  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
348  40,
349  56,
350  },
351 
352 /* Cipher 0C */
353  {
354  0, /* not implemented (non-ephemeral DH) */
355  SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
356  SSL3_CK_DH_DSS_DES_64_CBC_SHA,
357  SSL_kDHd,
358  SSL_aDH,
359  SSL_DES,
360  SSL_SHA1,
361  SSL_SSLV3,
362  SSL_NOT_EXP|SSL_LOW,
363  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
364  56,
365  56,
366  },
367 
368 /* Cipher 0D */
369  {
370  0, /* not implemented (non-ephemeral DH) */
371  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
372  SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
373  SSL_kDHd,
374  SSL_aDH,
375  SSL_3DES,
376  SSL_SHA1,
377  SSL_SSLV3,
378  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
379  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
380  168,
381  168,
382  },
383 
384 /* Cipher 0E */
385  {
386  0, /* not implemented (non-ephemeral DH) */
387  SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
388  SSL3_CK_DH_RSA_DES_40_CBC_SHA,
389  SSL_kDHr,
390  SSL_aDH,
391  SSL_DES,
392  SSL_SHA1,
393  SSL_SSLV3,
394  SSL_EXPORT|SSL_EXP40,
395  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
396  40,
397  56,
398  },
399 
400 /* Cipher 0F */
401  {
402  0, /* not implemented (non-ephemeral DH) */
403  SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
404  SSL3_CK_DH_RSA_DES_64_CBC_SHA,
405  SSL_kDHr,
406  SSL_aDH,
407  SSL_DES,
408  SSL_SHA1,
409  SSL_SSLV3,
410  SSL_NOT_EXP|SSL_LOW,
411  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
412  56,
413  56,
414  },
415 
416 /* Cipher 10 */
417  {
418  0, /* not implemented (non-ephemeral DH) */
419  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
420  SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
421  SSL_kDHr,
422  SSL_aDH,
423  SSL_3DES,
424  SSL_SHA1,
425  SSL_SSLV3,
426  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
427  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
428  168,
429  168,
430  },
431 
432 /* The Ephemeral DH ciphers */
433 /* Cipher 11 */
434  {
435  1,
436  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
437  SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
438  SSL_kEDH,
439  SSL_aDSS,
440  SSL_DES,
441  SSL_SHA1,
442  SSL_SSLV3,
443  SSL_EXPORT|SSL_EXP40,
444  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
445  40,
446  56,
447  },
448 
449 /* Cipher 12 */
450  {
451  1,
452  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
453  SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
454  SSL_kEDH,
455  SSL_aDSS,
456  SSL_DES,
457  SSL_SHA1,
458  SSL_SSLV3,
459  SSL_NOT_EXP|SSL_LOW,
460  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
461  56,
462  56,
463  },
464 
465 /* Cipher 13 */
466  {
467  1,
468  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
469  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
470  SSL_kEDH,
471  SSL_aDSS,
472  SSL_3DES,
473  SSL_SHA1,
474  SSL_SSLV3,
475  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
476  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
477  168,
478  168,
479  },
480 
481 /* Cipher 14 */
482  {
483  1,
484  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
485  SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
486  SSL_kEDH,
487  SSL_aRSA,
488  SSL_DES,
489  SSL_SHA1,
490  SSL_SSLV3,
491  SSL_EXPORT|SSL_EXP40,
492  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
493  40,
494  56,
495  },
496 
497 /* Cipher 15 */
498  {
499  1,
500  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
501  SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
502  SSL_kEDH,
503  SSL_aRSA,
504  SSL_DES,
505  SSL_SHA1,
506  SSL_SSLV3,
507  SSL_NOT_EXP|SSL_LOW,
508  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
509  56,
510  56,
511  },
512 
513 /* Cipher 16 */
514  {
515  1,
516  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
517  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
518  SSL_kEDH,
519  SSL_aRSA,
520  SSL_3DES,
521  SSL_SHA1,
522  SSL_SSLV3,
523  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
524  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
525  168,
526  168,
527  },
528 
529 /* Cipher 17 */
530  {
531  1,
532  SSL3_TXT_ADH_RC4_40_MD5,
533  SSL3_CK_ADH_RC4_40_MD5,
534  SSL_kEDH,
535  SSL_aNULL,
536  SSL_RC4,
537  SSL_MD5,
538  SSL_SSLV3,
539  SSL_EXPORT|SSL_EXP40,
540  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
541  40,
542  128,
543  },
544 
545 /* Cipher 18 */
546  {
547  1,
548  SSL3_TXT_ADH_RC4_128_MD5,
549  SSL3_CK_ADH_RC4_128_MD5,
550  SSL_kEDH,
551  SSL_aNULL,
552  SSL_RC4,
553  SSL_MD5,
554  SSL_SSLV3,
555  SSL_NOT_EXP|SSL_MEDIUM,
556  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
557  128,
558  128,
559  },
560 
561 /* Cipher 19 */
562  {
563  1,
564  SSL3_TXT_ADH_DES_40_CBC_SHA,
565  SSL3_CK_ADH_DES_40_CBC_SHA,
566  SSL_kEDH,
567  SSL_aNULL,
568  SSL_DES,
569  SSL_SHA1,
570  SSL_SSLV3,
571  SSL_EXPORT|SSL_EXP40,
572  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
573  40,
574  128,
575  },
576 
577 /* Cipher 1A */
578  {
579  1,
580  SSL3_TXT_ADH_DES_64_CBC_SHA,
581  SSL3_CK_ADH_DES_64_CBC_SHA,
582  SSL_kEDH,
583  SSL_aNULL,
584  SSL_DES,
585  SSL_SHA1,
586  SSL_SSLV3,
587  SSL_NOT_EXP|SSL_LOW,
588  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
589  56,
590  56,
591  },
592 
593 /* Cipher 1B */
594  {
595  1,
596  SSL3_TXT_ADH_DES_192_CBC_SHA,
597  SSL3_CK_ADH_DES_192_CBC_SHA,
598  SSL_kEDH,
599  SSL_aNULL,
600  SSL_3DES,
601  SSL_SHA1,
602  SSL_SSLV3,
603  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
604  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
605  168,
606  168,
607  },
608 
609 /* Fortezza ciphersuite from SSL 3.0 spec */
610 #if 0
611 /* Cipher 1C */
612  {
613  0,
614  SSL3_TXT_FZA_DMS_NULL_SHA,
615  SSL3_CK_FZA_DMS_NULL_SHA,
616  SSL_kFZA,
617  SSL_aFZA,
618  SSL_eNULL,
619  SSL_SHA1,
620  SSL_SSLV3,
621  SSL_NOT_EXP|SSL_STRONG_NONE,
622  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
623  0,
624  0,
625  },
626 
627 /* Cipher 1D */
628  {
629  0,
630  SSL3_TXT_FZA_DMS_FZA_SHA,
631  SSL3_CK_FZA_DMS_FZA_SHA,
632  SSL_kFZA,
633  SSL_aFZA,
634  SSL_eFZA,
635  SSL_SHA1,
636  SSL_SSLV3,
637  SSL_NOT_EXP|SSL_STRONG_NONE,
638  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
639  0,
640  0,
641  },
642 
643 /* Cipher 1E */
644  {
645  0,
646  SSL3_TXT_FZA_DMS_RC4_SHA,
647  SSL3_CK_FZA_DMS_RC4_SHA,
648  SSL_kFZA,
649  SSL_aFZA,
650  SSL_RC4,
651  SSL_SHA1,
652  SSL_SSLV3,
653  SSL_NOT_EXP|SSL_MEDIUM,
654  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
655  128,
656  128,
657  },
658 #endif
659 
660 #ifndef OPENSSL_NO_KRB5
661 /* The Kerberos ciphers*/
662 /* Cipher 1E */
663  {
664  1,
665  SSL3_TXT_KRB5_DES_64_CBC_SHA,
666  SSL3_CK_KRB5_DES_64_CBC_SHA,
667  SSL_kKRB5,
668  SSL_aKRB5,
669  SSL_DES,
670  SSL_SHA1,
671  SSL_SSLV3,
672  SSL_NOT_EXP|SSL_LOW,
673  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
674  56,
675  56,
676  },
677 
678 /* Cipher 1F */
679  {
680  1,
681  SSL3_TXT_KRB5_DES_192_CBC3_SHA,
682  SSL3_CK_KRB5_DES_192_CBC3_SHA,
683  SSL_kKRB5,
684  SSL_aKRB5,
685  SSL_3DES,
686  SSL_SHA1,
687  SSL_SSLV3,
688  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
689  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
690  168,
691  168,
692  },
693 
694 /* Cipher 20 */
695  {
696  1,
697  SSL3_TXT_KRB5_RC4_128_SHA,
698  SSL3_CK_KRB5_RC4_128_SHA,
699  SSL_kKRB5,
700  SSL_aKRB5,
701  SSL_RC4,
702  SSL_SHA1,
703  SSL_SSLV3,
704  SSL_NOT_EXP|SSL_MEDIUM,
705  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
706  128,
707  128,
708  },
709 
710 /* Cipher 21 */
711  {
712  1,
713  SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
714  SSL3_CK_KRB5_IDEA_128_CBC_SHA,
715  SSL_kKRB5,
716  SSL_aKRB5,
717  SSL_IDEA,
718  SSL_SHA1,
719  SSL_SSLV3,
720  SSL_NOT_EXP|SSL_MEDIUM,
721  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
722  128,
723  128,
724  },
725 
726 /* Cipher 22 */
727  {
728  1,
729  SSL3_TXT_KRB5_DES_64_CBC_MD5,
730  SSL3_CK_KRB5_DES_64_CBC_MD5,
731  SSL_kKRB5,
732  SSL_aKRB5,
733  SSL_DES,
734  SSL_MD5,
735  SSL_SSLV3,
736  SSL_NOT_EXP|SSL_LOW,
737  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
738  56,
739  56,
740  },
741 
742 /* Cipher 23 */
743  {
744  1,
745  SSL3_TXT_KRB5_DES_192_CBC3_MD5,
746  SSL3_CK_KRB5_DES_192_CBC3_MD5,
747  SSL_kKRB5,
748  SSL_aKRB5,
749  SSL_3DES,
750  SSL_MD5,
751  SSL_SSLV3,
752  SSL_NOT_EXP|SSL_HIGH,
753  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
754  168,
755  168,
756  },
757 
758 /* Cipher 24 */
759  {
760  1,
761  SSL3_TXT_KRB5_RC4_128_MD5,
762  SSL3_CK_KRB5_RC4_128_MD5,
763  SSL_kKRB5,
764  SSL_aKRB5,
765  SSL_RC4,
766  SSL_MD5,
767  SSL_SSLV3,
768  SSL_NOT_EXP|SSL_MEDIUM,
769  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
770  128,
771  128,
772  },
773 
774 /* Cipher 25 */
775  {
776  1,
777  SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
778  SSL3_CK_KRB5_IDEA_128_CBC_MD5,
779  SSL_kKRB5,
780  SSL_aKRB5,
781  SSL_IDEA,
782  SSL_MD5,
783  SSL_SSLV3,
784  SSL_NOT_EXP|SSL_MEDIUM,
785  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
786  128,
787  128,
788  },
789 
790 /* Cipher 26 */
791  {
792  1,
793  SSL3_TXT_KRB5_DES_40_CBC_SHA,
794  SSL3_CK_KRB5_DES_40_CBC_SHA,
795  SSL_kKRB5,
796  SSL_aKRB5,
797  SSL_DES,
798  SSL_SHA1,
799  SSL_SSLV3,
800  SSL_EXPORT|SSL_EXP40,
801  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
802  40,
803  56,
804  },
805 
806 /* Cipher 27 */
807  {
808  1,
809  SSL3_TXT_KRB5_RC2_40_CBC_SHA,
810  SSL3_CK_KRB5_RC2_40_CBC_SHA,
811  SSL_kKRB5,
812  SSL_aKRB5,
813  SSL_RC2,
814  SSL_SHA1,
815  SSL_SSLV3,
816  SSL_EXPORT|SSL_EXP40,
817  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
818  40,
819  128,
820  },
821 
822 /* Cipher 28 */
823  {
824  1,
825  SSL3_TXT_KRB5_RC4_40_SHA,
826  SSL3_CK_KRB5_RC4_40_SHA,
827  SSL_kKRB5,
828  SSL_aKRB5,
829  SSL_RC4,
830  SSL_SHA1,
831  SSL_SSLV3,
832  SSL_EXPORT|SSL_EXP40,
833  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
834  40,
835  128,
836  },
837 
838 /* Cipher 29 */
839  {
840  1,
841  SSL3_TXT_KRB5_DES_40_CBC_MD5,
842  SSL3_CK_KRB5_DES_40_CBC_MD5,
843  SSL_kKRB5,
844  SSL_aKRB5,
845  SSL_DES,
846  SSL_MD5,
847  SSL_SSLV3,
848  SSL_EXPORT|SSL_EXP40,
849  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
850  40,
851  56,
852  },
853 
854 /* Cipher 2A */
855  {
856  1,
857  SSL3_TXT_KRB5_RC2_40_CBC_MD5,
858  SSL3_CK_KRB5_RC2_40_CBC_MD5,
859  SSL_kKRB5,
860  SSL_aKRB5,
861  SSL_RC2,
862  SSL_MD5,
863  SSL_SSLV3,
864  SSL_EXPORT|SSL_EXP40,
865  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
866  40,
867  128,
868  },
869 
870 /* Cipher 2B */
871  {
872  1,
873  SSL3_TXT_KRB5_RC4_40_MD5,
874  SSL3_CK_KRB5_RC4_40_MD5,
875  SSL_kKRB5,
876  SSL_aKRB5,
877  SSL_RC4,
878  SSL_MD5,
879  SSL_SSLV3,
880  SSL_EXPORT|SSL_EXP40,
881  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
882  40,
883  128,
884  },
885 #endif /* OPENSSL_NO_KRB5 */
886 
887 /* New AES ciphersuites */
888 /* Cipher 2F */
889  {
890  1,
891  TLS1_TXT_RSA_WITH_AES_128_SHA,
892  TLS1_CK_RSA_WITH_AES_128_SHA,
893  SSL_kRSA,
894  SSL_aRSA,
895  SSL_AES128,
896  SSL_SHA1,
897  SSL_TLSV1,
898  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
899  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
900  128,
901  128,
902  },
903 /* Cipher 30 */
904  {
905  0,
906  TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
907  TLS1_CK_DH_DSS_WITH_AES_128_SHA,
908  SSL_kDHd,
909  SSL_aDH,
910  SSL_AES128,
911  SSL_SHA1,
912  SSL_TLSV1,
913  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
914  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
915  128,
916  128,
917  },
918 /* Cipher 31 */
919  {
920  0,
921  TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
922  TLS1_CK_DH_RSA_WITH_AES_128_SHA,
923  SSL_kDHr,
924  SSL_aDH,
925  SSL_AES128,
926  SSL_SHA1,
927  SSL_TLSV1,
928  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
929  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
930  128,
931  128,
932  },
933 /* Cipher 32 */
934  {
935  1,
936  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
937  TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
938  SSL_kEDH,
939  SSL_aDSS,
940  SSL_AES128,
941  SSL_SHA1,
942  SSL_TLSV1,
943  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
944  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
945  128,
946  128,
947  },
948 /* Cipher 33 */
949  {
950  1,
951  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
952  TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
953  SSL_kEDH,
954  SSL_aRSA,
955  SSL_AES128,
956  SSL_SHA1,
957  SSL_TLSV1,
958  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
959  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
960  128,
961  128,
962  },
963 /* Cipher 34 */
964  {
965  1,
966  TLS1_TXT_ADH_WITH_AES_128_SHA,
967  TLS1_CK_ADH_WITH_AES_128_SHA,
968  SSL_kEDH,
969  SSL_aNULL,
970  SSL_AES128,
971  SSL_SHA1,
972  SSL_TLSV1,
973  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
974  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
975  128,
976  128,
977  },
978 
979 /* Cipher 35 */
980  {
981  1,
982  TLS1_TXT_RSA_WITH_AES_256_SHA,
983  TLS1_CK_RSA_WITH_AES_256_SHA,
984  SSL_kRSA,
985  SSL_aRSA,
986  SSL_AES256,
987  SSL_SHA1,
988  SSL_TLSV1,
989  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
990  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
991  256,
992  256,
993  },
994 /* Cipher 36 */
995  {
996  0,
997  TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
998  TLS1_CK_DH_DSS_WITH_AES_256_SHA,
999  SSL_kDHd,
1000  SSL_aDH,
1001  SSL_AES256,
1002  SSL_SHA1,
1003  SSL_TLSV1,
1004  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1005  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1006  256,
1007  256,
1008  },
1009 
1010 /* Cipher 37 */
1011  {
1012  0, /* not implemented (non-ephemeral DH) */
1013  TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
1014  TLS1_CK_DH_RSA_WITH_AES_256_SHA,
1015  SSL_kDHr,
1016  SSL_aDH,
1017  SSL_AES256,
1018  SSL_SHA1,
1019  SSL_TLSV1,
1020  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1021  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1022  256,
1023  256,
1024  },
1025 
1026 /* Cipher 38 */
1027  {
1028  1,
1029  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
1030  TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
1031  SSL_kEDH,
1032  SSL_aDSS,
1033  SSL_AES256,
1034  SSL_SHA1,
1035  SSL_TLSV1,
1036  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1037  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1038  256,
1039  256,
1040  },
1041 
1042 /* Cipher 39 */
1043  {
1044  1,
1045  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
1046  TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
1047  SSL_kEDH,
1048  SSL_aRSA,
1049  SSL_AES256,
1050  SSL_SHA1,
1051  SSL_TLSV1,
1052  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1053  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1054  256,
1055  256,
1056  },
1057 
1058  /* Cipher 3A */
1059  {
1060  1,
1061  TLS1_TXT_ADH_WITH_AES_256_SHA,
1062  TLS1_CK_ADH_WITH_AES_256_SHA,
1063  SSL_kEDH,
1064  SSL_aNULL,
1065  SSL_AES256,
1066  SSL_SHA1,
1067  SSL_TLSV1,
1068  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1069  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1070  256,
1071  256,
1072  },
1073 
1074  /* TLS v1.2 ciphersuites */
1075  /* Cipher 3B */
1076  {
1077  1,
1078  TLS1_TXT_RSA_WITH_NULL_SHA256,
1079  TLS1_CK_RSA_WITH_NULL_SHA256,
1080  SSL_kRSA,
1081  SSL_aRSA,
1082  SSL_eNULL,
1083  SSL_SHA256,
1084  SSL_TLSV1_2,
1085  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
1086  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1087  0,
1088  0,
1089  },
1090 
1091  /* Cipher 3C */
1092  {
1093  1,
1094  TLS1_TXT_RSA_WITH_AES_128_SHA256,
1095  TLS1_CK_RSA_WITH_AES_128_SHA256,
1096  SSL_kRSA,
1097  SSL_aRSA,
1098  SSL_AES128,
1099  SSL_SHA256,
1100  SSL_TLSV1_2,
1101  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1102  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1103  128,
1104  128,
1105  },
1106 
1107  /* Cipher 3D */
1108  {
1109  1,
1110  TLS1_TXT_RSA_WITH_AES_256_SHA256,
1111  TLS1_CK_RSA_WITH_AES_256_SHA256,
1112  SSL_kRSA,
1113  SSL_aRSA,
1114  SSL_AES256,
1115  SSL_SHA256,
1116  SSL_TLSV1_2,
1117  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1118  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1119  256,
1120  256,
1121  },
1122 
1123  /* Cipher 3E */
1124  {
1125  0, /* not implemented (non-ephemeral DH) */
1126  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
1127  TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
1128  SSL_kDHr,
1129  SSL_aDH,
1130  SSL_AES128,
1131  SSL_SHA256,
1132  SSL_TLSV1_2,
1133  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1134  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1135  128,
1136  128,
1137  },
1138 
1139  /* Cipher 3F */
1140  {
1141  0, /* not implemented (non-ephemeral DH) */
1142  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
1143  TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
1144  SSL_kDHr,
1145  SSL_aDH,
1146  SSL_AES128,
1147  SSL_SHA256,
1148  SSL_TLSV1_2,
1149  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1150  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1151  128,
1152  128,
1153  },
1154 
1155  /* Cipher 40 */
1156  {
1157  1,
1158  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
1159  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
1160  SSL_kEDH,
1161  SSL_aDSS,
1162  SSL_AES128,
1163  SSL_SHA256,
1164  SSL_TLSV1_2,
1165  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1166  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1167  128,
1168  128,
1169  },
1170 
1171 #ifndef OPENSSL_NO_CAMELLIA
1172  /* Camellia ciphersuites from RFC4132 (128-bit portion) */
1173 
1174  /* Cipher 41 */
1175  {
1176  1,
1177  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
1178  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
1179  SSL_kRSA,
1180  SSL_aRSA,
1181  SSL_CAMELLIA128,
1182  SSL_SHA1,
1183  SSL_TLSV1,
1184  SSL_NOT_EXP|SSL_HIGH,
1185  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1186  128,
1187  128,
1188  },
1189 
1190  /* Cipher 42 */
1191  {
1192  0, /* not implemented (non-ephemeral DH) */
1193  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1194  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
1195  SSL_kDHd,
1196  SSL_aDH,
1197  SSL_CAMELLIA128,
1198  SSL_SHA1,
1199  SSL_TLSV1,
1200  SSL_NOT_EXP|SSL_HIGH,
1201  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1202  128,
1203  128,
1204  },
1205 
1206  /* Cipher 43 */
1207  {
1208  0, /* not implemented (non-ephemeral DH) */
1209  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1210  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
1211  SSL_kDHr,
1212  SSL_aDH,
1213  SSL_CAMELLIA128,
1214  SSL_SHA1,
1215  SSL_TLSV1,
1216  SSL_NOT_EXP|SSL_HIGH,
1217  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1218  128,
1219  128,
1220  },
1221 
1222  /* Cipher 44 */
1223  {
1224  1,
1225  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1226  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
1227  SSL_kEDH,
1228  SSL_aDSS,
1229  SSL_CAMELLIA128,
1230  SSL_SHA1,
1231  SSL_TLSV1,
1232  SSL_NOT_EXP|SSL_HIGH,
1233  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1234  128,
1235  128,
1236  },
1237 
1238  /* Cipher 45 */
1239  {
1240  1,
1241  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1242  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
1243  SSL_kEDH,
1244  SSL_aRSA,
1245  SSL_CAMELLIA128,
1246  SSL_SHA1,
1247  SSL_TLSV1,
1248  SSL_NOT_EXP|SSL_HIGH,
1249  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1250  128,
1251  128,
1252  },
1253 
1254  /* Cipher 46 */
1255  {
1256  1,
1257  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
1258  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
1259  SSL_kEDH,
1260  SSL_aNULL,
1261  SSL_CAMELLIA128,
1262  SSL_SHA1,
1263  SSL_TLSV1,
1264  SSL_NOT_EXP|SSL_HIGH,
1265  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1266  128,
1267  128,
1268  },
1269 #endif /* OPENSSL_NO_CAMELLIA */
1270 
1271 #if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
1272  /* New TLS Export CipherSuites from expired ID */
1273 #if 0
1274  /* Cipher 60 */
1275  {
1276  1,
1277  TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
1278  TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
1279  SSL_kRSA,
1280  SSL_aRSA,
1281  SSL_RC4,
1282  SSL_MD5,
1283  SSL_TLSV1,
1284  SSL_EXPORT|SSL_EXP56,
1285  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1286  56,
1287  128,
1288  },
1289 
1290  /* Cipher 61 */
1291  {
1292  1,
1293  TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1294  TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
1295  SSL_kRSA,
1296  SSL_aRSA,
1297  SSL_RC2,
1298  SSL_MD5,
1299  SSL_TLSV1,
1300  SSL_EXPORT|SSL_EXP56,
1301  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1302  56,
1303  128,
1304  },
1305 #endif
1306 
1307  /* Cipher 62 */
1308  {
1309  1,
1310  TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1311  TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
1312  SSL_kRSA,
1313  SSL_aRSA,
1314  SSL_DES,
1315  SSL_SHA1,
1316  SSL_TLSV1,
1317  SSL_EXPORT|SSL_EXP56,
1318  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1319  56,
1320  56,
1321  },
1322 
1323  /* Cipher 63 */
1324  {
1325  1,
1326  TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1327  TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
1328  SSL_kEDH,
1329  SSL_aDSS,
1330  SSL_DES,
1331  SSL_SHA1,
1332  SSL_TLSV1,
1333  SSL_EXPORT|SSL_EXP56,
1334  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1335  56,
1336  56,
1337  },
1338 
1339  /* Cipher 64 */
1340  {
1341  1,
1342  TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
1343  TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
1344  SSL_kRSA,
1345  SSL_aRSA,
1346  SSL_RC4,
1347  SSL_SHA1,
1348  SSL_TLSV1,
1349  SSL_EXPORT|SSL_EXP56,
1350  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1351  56,
1352  128,
1353  },
1354 
1355  /* Cipher 65 */
1356  {
1357  1,
1358  TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1359  TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
1360  SSL_kEDH,
1361  SSL_aDSS,
1362  SSL_RC4,
1363  SSL_SHA1,
1364  SSL_TLSV1,
1365  SSL_EXPORT|SSL_EXP56,
1366  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1367  56,
1368  128,
1369  },
1370 
1371  /* Cipher 66 */
1372  {
1373  1,
1374  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
1375  TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
1376  SSL_kEDH,
1377  SSL_aDSS,
1378  SSL_RC4,
1379  SSL_SHA1,
1380  SSL_TLSV1,
1381  SSL_NOT_EXP|SSL_MEDIUM,
1382  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1383  128,
1384  128,
1385  },
1386 #endif
1387 
1388  /* TLS v1.2 ciphersuites */
1389  /* Cipher 67 */
1390  {
1391  1,
1392  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
1393  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
1394  SSL_kEDH,
1395  SSL_aRSA,
1396  SSL_AES128,
1397  SSL_SHA256,
1398  SSL_TLSV1_2,
1399  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1400  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1401  128,
1402  128,
1403  },
1404 
1405  /* Cipher 68 */
1406  {
1407  0, /* not implemented (non-ephemeral DH) */
1408  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
1409  TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
1410  SSL_kDHr,
1411  SSL_aDH,
1412  SSL_AES256,
1413  SSL_SHA256,
1414  SSL_TLSV1_2,
1415  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1416  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1417  256,
1418  256,
1419  },
1420 
1421  /* Cipher 69 */
1422  {
1423  0, /* not implemented (non-ephemeral DH) */
1424  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
1425  TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
1426  SSL_kDHr,
1427  SSL_aDH,
1428  SSL_AES256,
1429  SSL_SHA256,
1430  SSL_TLSV1_2,
1431  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1432  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1433  256,
1434  256,
1435  },
1436 
1437  /* Cipher 6A */
1438  {
1439  1,
1440  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
1441  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
1442  SSL_kEDH,
1443  SSL_aDSS,
1444  SSL_AES256,
1445  SSL_SHA256,
1446  SSL_TLSV1_2,
1447  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1448  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1449  256,
1450  256,
1451  },
1452 
1453  /* Cipher 6B */
1454  {
1455  1,
1456  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
1457  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
1458  SSL_kEDH,
1459  SSL_aRSA,
1460  SSL_AES256,
1461  SSL_SHA256,
1462  SSL_TLSV1_2,
1463  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1464  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1465  256,
1466  256,
1467  },
1468 
1469  /* Cipher 6C */
1470  {
1471  1,
1472  TLS1_TXT_ADH_WITH_AES_128_SHA256,
1473  TLS1_CK_ADH_WITH_AES_128_SHA256,
1474  SSL_kEDH,
1475  SSL_aNULL,
1476  SSL_AES128,
1477  SSL_SHA256,
1478  SSL_TLSV1_2,
1479  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1480  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1481  128,
1482  128,
1483  },
1484 
1485  /* Cipher 6D */
1486  {
1487  1,
1488  TLS1_TXT_ADH_WITH_AES_256_SHA256,
1489  TLS1_CK_ADH_WITH_AES_256_SHA256,
1490  SSL_kEDH,
1491  SSL_aNULL,
1492  SSL_AES256,
1493  SSL_SHA256,
1494  SSL_TLSV1_2,
1495  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1496  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1497  256,
1498  256,
1499  },
1500 
1501  /* GOST Ciphersuites */
1502 
1503  {
1504  1,
1505  "GOST94-GOST89-GOST89",
1506  0x3000080,
1507  SSL_kGOST,
1508  SSL_aGOST94,
1509  SSL_eGOST2814789CNT,
1510  SSL_GOST89MAC,
1511  SSL_TLSV1,
1512  SSL_NOT_EXP|SSL_HIGH,
1513  SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1514  256,
1515  256
1516  },
1517  {
1518  1,
1519  "GOST2001-GOST89-GOST89",
1520  0x3000081,
1521  SSL_kGOST,
1522  SSL_aGOST01,
1523  SSL_eGOST2814789CNT,
1524  SSL_GOST89MAC,
1525  SSL_TLSV1,
1526  SSL_NOT_EXP|SSL_HIGH,
1527  SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
1528  256,
1529  256
1530  },
1531  {
1532  1,
1533  "GOST94-NULL-GOST94",
1534  0x3000082,
1535  SSL_kGOST,
1536  SSL_aGOST94,
1537  SSL_eNULL,
1538  SSL_GOST94,
1539  SSL_TLSV1,
1540  SSL_NOT_EXP|SSL_STRONG_NONE,
1541  SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1542  0,
1543  0
1544  },
1545  {
1546  1,
1547  "GOST2001-NULL-GOST94",
1548  0x3000083,
1549  SSL_kGOST,
1550  SSL_aGOST01,
1551  SSL_eNULL,
1552  SSL_GOST94,
1553  SSL_TLSV1,
1554  SSL_NOT_EXP|SSL_STRONG_NONE,
1555  SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
1556  0,
1557  0
1558  },
1559 
1560 #ifndef OPENSSL_NO_CAMELLIA
1561  /* Camellia ciphersuites from RFC4132 (256-bit portion) */
1562 
1563  /* Cipher 84 */
1564  {
1565  1,
1566  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
1567  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
1568  SSL_kRSA,
1569  SSL_aRSA,
1570  SSL_CAMELLIA256,
1571  SSL_SHA1,
1572  SSL_TLSV1,
1573  SSL_NOT_EXP|SSL_HIGH,
1574  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1575  256,
1576  256,
1577  },
1578  /* Cipher 85 */
1579  {
1580  0, /* not implemented (non-ephemeral DH) */
1581  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1582  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
1583  SSL_kDHd,
1584  SSL_aDH,
1585  SSL_CAMELLIA256,
1586  SSL_SHA1,
1587  SSL_TLSV1,
1588  SSL_NOT_EXP|SSL_HIGH,
1589  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1590  256,
1591  256,
1592  },
1593 
1594  /* Cipher 86 */
1595  {
1596  0, /* not implemented (non-ephemeral DH) */
1597  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1598  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
1599  SSL_kDHr,
1600  SSL_aDH,
1601  SSL_CAMELLIA256,
1602  SSL_SHA1,
1603  SSL_TLSV1,
1604  SSL_NOT_EXP|SSL_HIGH,
1605  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1606  256,
1607  256,
1608  },
1609 
1610  /* Cipher 87 */
1611  {
1612  1,
1613  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1614  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
1615  SSL_kEDH,
1616  SSL_aDSS,
1617  SSL_CAMELLIA256,
1618  SSL_SHA1,
1619  SSL_TLSV1,
1620  SSL_NOT_EXP|SSL_HIGH,
1621  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1622  256,
1623  256,
1624  },
1625 
1626  /* Cipher 88 */
1627  {
1628  1,
1629  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1630  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
1631  SSL_kEDH,
1632  SSL_aRSA,
1633  SSL_CAMELLIA256,
1634  SSL_SHA1,
1635  SSL_TLSV1,
1636  SSL_NOT_EXP|SSL_HIGH,
1637  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1638  256,
1639  256,
1640  },
1641 
1642  /* Cipher 89 */
1643  {
1644  1,
1645  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
1646  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
1647  SSL_kEDH,
1648  SSL_aNULL,
1649  SSL_CAMELLIA256,
1650  SSL_SHA1,
1651  SSL_TLSV1,
1652  SSL_NOT_EXP|SSL_HIGH,
1653  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1654  256,
1655  256,
1656  },
1657 #endif /* OPENSSL_NO_CAMELLIA */
1658 
1659 #ifndef OPENSSL_NO_PSK
1660  /* Cipher 8A */
1661  {
1662  1,
1663  TLS1_TXT_PSK_WITH_RC4_128_SHA,
1664  TLS1_CK_PSK_WITH_RC4_128_SHA,
1665  SSL_kPSK,
1666  SSL_aPSK,
1667  SSL_RC4,
1668  SSL_SHA1,
1669  SSL_TLSV1,
1670  SSL_NOT_EXP|SSL_MEDIUM,
1671  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1672  128,
1673  128,
1674  },
1675 
1676  /* Cipher 8B */
1677  {
1678  1,
1679  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
1680  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
1681  SSL_kPSK,
1682  SSL_aPSK,
1683  SSL_3DES,
1684  SSL_SHA1,
1685  SSL_TLSV1,
1686  SSL_NOT_EXP|SSL_HIGH,
1687  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1688  168,
1689  168,
1690  },
1691 
1692  /* Cipher 8C */
1693  {
1694  1,
1695  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
1696  TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
1697  SSL_kPSK,
1698  SSL_aPSK,
1699  SSL_AES128,
1700  SSL_SHA1,
1701  SSL_TLSV1,
1702  SSL_NOT_EXP|SSL_HIGH,
1703  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1704  128,
1705  128,
1706  },
1707 
1708  /* Cipher 8D */
1709  {
1710  1,
1711  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
1712  TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
1713  SSL_kPSK,
1714  SSL_aPSK,
1715  SSL_AES256,
1716  SSL_SHA1,
1717  SSL_TLSV1,
1718  SSL_NOT_EXP|SSL_HIGH,
1719  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1720  256,
1721  256,
1722  },
1723 #endif /* OPENSSL_NO_PSK */
1724 
1725 #ifndef OPENSSL_NO_SEED
1726  /* SEED ciphersuites from RFC4162 */
1727 
1728  /* Cipher 96 */
1729  {
1730  1,
1731  TLS1_TXT_RSA_WITH_SEED_SHA,
1732  TLS1_CK_RSA_WITH_SEED_SHA,
1733  SSL_kRSA,
1734  SSL_aRSA,
1735  SSL_SEED,
1736  SSL_SHA1,
1737  SSL_TLSV1,
1738  SSL_NOT_EXP|SSL_MEDIUM,
1739  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1740  128,
1741  128,
1742  },
1743 
1744  /* Cipher 97 */
1745  {
1746  0, /* not implemented (non-ephemeral DH) */
1747  TLS1_TXT_DH_DSS_WITH_SEED_SHA,
1748  TLS1_CK_DH_DSS_WITH_SEED_SHA,
1749  SSL_kDHd,
1750  SSL_aDH,
1751  SSL_SEED,
1752  SSL_SHA1,
1753  SSL_TLSV1,
1754  SSL_NOT_EXP|SSL_MEDIUM,
1755  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1756  128,
1757  128,
1758  },
1759 
1760  /* Cipher 98 */
1761  {
1762  0, /* not implemented (non-ephemeral DH) */
1763  TLS1_TXT_DH_RSA_WITH_SEED_SHA,
1764  TLS1_CK_DH_RSA_WITH_SEED_SHA,
1765  SSL_kDHr,
1766  SSL_aDH,
1767  SSL_SEED,
1768  SSL_SHA1,
1769  SSL_TLSV1,
1770  SSL_NOT_EXP|SSL_MEDIUM,
1771  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1772  128,
1773  128,
1774  },
1775 
1776  /* Cipher 99 */
1777  {
1778  1,
1779  TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
1780  TLS1_CK_DHE_DSS_WITH_SEED_SHA,
1781  SSL_kEDH,
1782  SSL_aDSS,
1783  SSL_SEED,
1784  SSL_SHA1,
1785  SSL_TLSV1,
1786  SSL_NOT_EXP|SSL_MEDIUM,
1787  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1788  128,
1789  128,
1790  },
1791 
1792  /* Cipher 9A */
1793  {
1794  1,
1795  TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
1796  TLS1_CK_DHE_RSA_WITH_SEED_SHA,
1797  SSL_kEDH,
1798  SSL_aRSA,
1799  SSL_SEED,
1800  SSL_SHA1,
1801  SSL_TLSV1,
1802  SSL_NOT_EXP|SSL_MEDIUM,
1803  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1804  128,
1805  128,
1806  },
1807 
1808  /* Cipher 9B */
1809  {
1810  1,
1811  TLS1_TXT_ADH_WITH_SEED_SHA,
1812  TLS1_CK_ADH_WITH_SEED_SHA,
1813  SSL_kEDH,
1814  SSL_aNULL,
1815  SSL_SEED,
1816  SSL_SHA1,
1817  SSL_TLSV1,
1818  SSL_NOT_EXP|SSL_MEDIUM,
1819  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
1820  128,
1821  128,
1822  },
1823 
1824 #endif /* OPENSSL_NO_SEED */
1825 
1826  /* GCM ciphersuites from RFC5288 */
1827 
1828  /* Cipher 9C */
1829  {
1830  1,
1831  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
1832  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
1833  SSL_kRSA,
1834  SSL_aRSA,
1835  SSL_AES128GCM,
1836  SSL_AEAD,
1837  SSL_TLSV1_2,
1838  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1839  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1840  128,
1841  128,
1842  },
1843 
1844  /* Cipher 9D */
1845  {
1846  1,
1847  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
1848  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
1849  SSL_kRSA,
1850  SSL_aRSA,
1851  SSL_AES256GCM,
1852  SSL_AEAD,
1853  SSL_TLSV1_2,
1854  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1855  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1856  256,
1857  256,
1858  },
1859 
1860  /* Cipher 9E */
1861  {
1862  1,
1863  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
1864  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
1865  SSL_kEDH,
1866  SSL_aRSA,
1867  SSL_AES128GCM,
1868  SSL_AEAD,
1869  SSL_TLSV1_2,
1870  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1871  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1872  128,
1873  128,
1874  },
1875 
1876  /* Cipher 9F */
1877  {
1878  1,
1879  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
1880  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
1881  SSL_kEDH,
1882  SSL_aRSA,
1883  SSL_AES256GCM,
1884  SSL_AEAD,
1885  SSL_TLSV1_2,
1886  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1887  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1888  256,
1889  256,
1890  },
1891 
1892  /* Cipher A0 */
1893  {
1894  0,
1895  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
1896  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
1897  SSL_kDHr,
1898  SSL_aDH,
1899  SSL_AES128GCM,
1900  SSL_AEAD,
1901  SSL_TLSV1_2,
1902  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1903  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1904  128,
1905  128,
1906  },
1907 
1908  /* Cipher A1 */
1909  {
1910  0,
1911  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
1912  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
1913  SSL_kDHr,
1914  SSL_aDH,
1915  SSL_AES256GCM,
1916  SSL_AEAD,
1917  SSL_TLSV1_2,
1918  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1919  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1920  256,
1921  256,
1922  },
1923 
1924  /* Cipher A2 */
1925  {
1926  1,
1927  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
1928  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
1929  SSL_kEDH,
1930  SSL_aDSS,
1931  SSL_AES128GCM,
1932  SSL_AEAD,
1933  SSL_TLSV1_2,
1934  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1935  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1936  128,
1937  128,
1938  },
1939 
1940  /* Cipher A3 */
1941  {
1942  1,
1943  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
1944  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
1945  SSL_kEDH,
1946  SSL_aDSS,
1947  SSL_AES256GCM,
1948  SSL_AEAD,
1949  SSL_TLSV1_2,
1950  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1951  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1952  256,
1953  256,
1954  },
1955 
1956  /* Cipher A4 */
1957  {
1958  0,
1959  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
1960  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
1961  SSL_kDHr,
1962  SSL_aDH,
1963  SSL_AES128GCM,
1964  SSL_AEAD,
1965  SSL_TLSV1_2,
1966  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1967  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
1968  128,
1969  128,
1970  },
1971 
1972  /* Cipher A5 */
1973  {
1974  0,
1975  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
1976  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
1977  SSL_kDHr,
1978  SSL_aDH,
1979  SSL_AES256GCM,
1980  SSL_AEAD,
1981  SSL_TLSV1_2,
1982  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1983  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
1984  256,
1985  256,
1986  },
1987 
1988  /* Cipher A6 */
1989  {
1990  1,
1991  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
1992  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
1993  SSL_kEDH,
1994  SSL_aNULL,
1995  SSL_AES128GCM,
1996  SSL_AEAD,
1997  SSL_TLSV1_2,
1998  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
1999  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2000  128,
2001  128,
2002  },
2003 
2004  /* Cipher A7 */
2005  {
2006  1,
2007  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
2008  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
2009  SSL_kEDH,
2010  SSL_aNULL,
2011  SSL_AES256GCM,
2012  SSL_AEAD,
2013  SSL_TLSV1_2,
2014  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2015  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2016  256,
2017  256,
2018  },
2019 
2020 #ifndef OPENSSL_NO_ECDH
2021  /* Cipher C001 */
2022  {
2023  1,
2024  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
2025  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
2026  SSL_kECDHe,
2027  SSL_aECDH,
2028  SSL_eNULL,
2029  SSL_SHA1,
2030  SSL_TLSV1,
2031  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2032  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2033  0,
2034  0,
2035  },
2036 
2037  /* Cipher C002 */
2038  {
2039  1,
2040  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
2041  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
2042  SSL_kECDHe,
2043  SSL_aECDH,
2044  SSL_RC4,
2045  SSL_SHA1,
2046  SSL_TLSV1,
2047  SSL_NOT_EXP|SSL_MEDIUM,
2048  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2049  128,
2050  128,
2051  },
2052 
2053  /* Cipher C003 */
2054  {
2055  1,
2056  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2057  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
2058  SSL_kECDHe,
2059  SSL_aECDH,
2060  SSL_3DES,
2061  SSL_SHA1,
2062  SSL_TLSV1,
2063  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2064  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2065  168,
2066  168,
2067  },
2068 
2069  /* Cipher C004 */
2070  {
2071  1,
2072  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2073  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
2074  SSL_kECDHe,
2075  SSL_aECDH,
2076  SSL_AES128,
2077  SSL_SHA1,
2078  SSL_TLSV1,
2079  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2080  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2081  128,
2082  128,
2083  },
2084 
2085  /* Cipher C005 */
2086  {
2087  1,
2088  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2089  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
2090  SSL_kECDHe,
2091  SSL_aECDH,
2092  SSL_AES256,
2093  SSL_SHA1,
2094  SSL_TLSV1,
2095  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2096  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2097  256,
2098  256,
2099  },
2100 
2101  /* Cipher C006 */
2102  {
2103  1,
2104  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
2105  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
2106  SSL_kEECDH,
2107  SSL_aECDSA,
2108  SSL_eNULL,
2109  SSL_SHA1,
2110  SSL_TLSV1,
2111  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2112  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2113  0,
2114  0,
2115  },
2116 
2117  /* Cipher C007 */
2118  {
2119  1,
2120  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
2121  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
2122  SSL_kEECDH,
2123  SSL_aECDSA,
2124  SSL_RC4,
2125  SSL_SHA1,
2126  SSL_TLSV1,
2127  SSL_NOT_EXP|SSL_MEDIUM,
2128  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2129  128,
2130  128,
2131  },
2132 
2133  /* Cipher C008 */
2134  {
2135  1,
2136  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2137  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
2138  SSL_kEECDH,
2139  SSL_aECDSA,
2140  SSL_3DES,
2141  SSL_SHA1,
2142  SSL_TLSV1,
2143  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2144  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2145  168,
2146  168,
2147  },
2148 
2149  /* Cipher C009 */
2150  {
2151  1,
2152  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2153  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
2154  SSL_kEECDH,
2155  SSL_aECDSA,
2156  SSL_AES128,
2157  SSL_SHA1,
2158  SSL_TLSV1,
2159  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2160  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2161  128,
2162  128,
2163  },
2164 
2165  /* Cipher C00A */
2166  {
2167  1,
2168  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2169  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
2170  SSL_kEECDH,
2171  SSL_aECDSA,
2172  SSL_AES256,
2173  SSL_SHA1,
2174  SSL_TLSV1,
2175  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2176  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2177  256,
2178  256,
2179  },
2180 
2181  /* Cipher C00B */
2182  {
2183  1,
2184  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
2185  TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
2186  SSL_kECDHr,
2187  SSL_aECDH,
2188  SSL_eNULL,
2189  SSL_SHA1,
2190  SSL_TLSV1,
2191  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2192  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2193  0,
2194  0,
2195  },
2196 
2197  /* Cipher C00C */
2198  {
2199  1,
2200  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
2201  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
2202  SSL_kECDHr,
2203  SSL_aECDH,
2204  SSL_RC4,
2205  SSL_SHA1,
2206  SSL_TLSV1,
2207  SSL_NOT_EXP|SSL_MEDIUM,
2208  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2209  128,
2210  128,
2211  },
2212 
2213  /* Cipher C00D */
2214  {
2215  1,
2216  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2217  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
2218  SSL_kECDHr,
2219  SSL_aECDH,
2220  SSL_3DES,
2221  SSL_SHA1,
2222  SSL_TLSV1,
2223  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2224  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2225  168,
2226  168,
2227  },
2228 
2229  /* Cipher C00E */
2230  {
2231  1,
2232  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
2233  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
2234  SSL_kECDHr,
2235  SSL_aECDH,
2236  SSL_AES128,
2237  SSL_SHA1,
2238  SSL_TLSV1,
2239  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2240  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2241  128,
2242  128,
2243  },
2244 
2245  /* Cipher C00F */
2246  {
2247  1,
2248  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
2249  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
2250  SSL_kECDHr,
2251  SSL_aECDH,
2252  SSL_AES256,
2253  SSL_SHA1,
2254  SSL_TLSV1,
2255  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2256  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2257  256,
2258  256,
2259  },
2260 
2261  /* Cipher C010 */
2262  {
2263  1,
2264  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
2265  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
2266  SSL_kEECDH,
2267  SSL_aRSA,
2268  SSL_eNULL,
2269  SSL_SHA1,
2270  SSL_TLSV1,
2271  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2272  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2273  0,
2274  0,
2275  },
2276 
2277  /* Cipher C011 */
2278  {
2279  1,
2280  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
2281  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
2282  SSL_kEECDH,
2283  SSL_aRSA,
2284  SSL_RC4,
2285  SSL_SHA1,
2286  SSL_TLSV1,
2287  SSL_NOT_EXP|SSL_MEDIUM,
2288  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2289  128,
2290  128,
2291  },
2292 
2293  /* Cipher C012 */
2294  {
2295  1,
2296  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2297  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
2298  SSL_kEECDH,
2299  SSL_aRSA,
2300  SSL_3DES,
2301  SSL_SHA1,
2302  SSL_TLSV1,
2303  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2304  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2305  168,
2306  168,
2307  },
2308 
2309  /* Cipher C013 */
2310  {
2311  1,
2312  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2313  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
2314  SSL_kEECDH,
2315  SSL_aRSA,
2316  SSL_AES128,
2317  SSL_SHA1,
2318  SSL_TLSV1,
2319  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2320  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2321  128,
2322  128,
2323  },
2324 
2325  /* Cipher C014 */
2326  {
2327  1,
2328  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2329  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
2330  SSL_kEECDH,
2331  SSL_aRSA,
2332  SSL_AES256,
2333  SSL_SHA1,
2334  SSL_TLSV1,
2335  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2336  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2337  256,
2338  256,
2339  },
2340 
2341  /* Cipher C015 */
2342  {
2343  1,
2344  TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
2345  TLS1_CK_ECDH_anon_WITH_NULL_SHA,
2346  SSL_kEECDH,
2347  SSL_aNULL,
2348  SSL_eNULL,
2349  SSL_SHA1,
2350  SSL_TLSV1,
2351  SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
2352  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2353  0,
2354  0,
2355  },
2356 
2357  /* Cipher C016 */
2358  {
2359  1,
2360  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
2361  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
2362  SSL_kEECDH,
2363  SSL_aNULL,
2364  SSL_RC4,
2365  SSL_SHA1,
2366  SSL_TLSV1,
2367  SSL_NOT_EXP|SSL_MEDIUM,
2368  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2369  128,
2370  128,
2371  },
2372 
2373  /* Cipher C017 */
2374  {
2375  1,
2376  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
2377  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
2378  SSL_kEECDH,
2379  SSL_aNULL,
2380  SSL_3DES,
2381  SSL_SHA1,
2382  SSL_TLSV1,
2383  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2384  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2385  168,
2386  168,
2387  },
2388 
2389  /* Cipher C018 */
2390  {
2391  1,
2392  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
2393  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
2394  SSL_kEECDH,
2395  SSL_aNULL,
2396  SSL_AES128,
2397  SSL_SHA1,
2398  SSL_TLSV1,
2399  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2400  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2401  128,
2402  128,
2403  },
2404 
2405  /* Cipher C019 */
2406  {
2407  1,
2408  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
2409  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
2410  SSL_kEECDH,
2411  SSL_aNULL,
2412  SSL_AES256,
2413  SSL_SHA1,
2414  SSL_TLSV1,
2415  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2416  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2417  256,
2418  256,
2419  },
2420 #endif /* OPENSSL_NO_ECDH */
2421 
2422 #ifndef OPENSSL_NO_SRP
2423  /* Cipher C01A */
2424  {
2425  1,
2426  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2427  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
2428  SSL_kSRP,
2429  SSL_aNULL,
2430  SSL_3DES,
2431  SSL_SHA1,
2432  SSL_TLSV1,
2433  SSL_NOT_EXP|SSL_HIGH,
2434  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2435  168,
2436  168,
2437  },
2438 
2439  /* Cipher C01B */
2440  {
2441  1,
2442  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2443  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
2444  SSL_kSRP,
2445  SSL_aRSA,
2446  SSL_3DES,
2447  SSL_SHA1,
2448  SSL_TLSV1,
2449  SSL_NOT_EXP|SSL_HIGH,
2450  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2451  168,
2452  168,
2453  },
2454 
2455  /* Cipher C01C */
2456  {
2457  1,
2458  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2459  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
2460  SSL_kSRP,
2461  SSL_aDSS,
2462  SSL_3DES,
2463  SSL_SHA1,
2464  SSL_TLSV1,
2465  SSL_NOT_EXP|SSL_HIGH,
2466  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2467  168,
2468  168,
2469  },
2470 
2471  /* Cipher C01D */
2472  {
2473  1,
2474  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
2475  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
2476  SSL_kSRP,
2477  SSL_aNULL,
2478  SSL_AES128,
2479  SSL_SHA1,
2480  SSL_TLSV1,
2481  SSL_NOT_EXP|SSL_HIGH,
2482  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2483  128,
2484  128,
2485  },
2486 
2487  /* Cipher C01E */
2488  {
2489  1,
2490  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2491  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
2492  SSL_kSRP,
2493  SSL_aRSA,
2494  SSL_AES128,
2495  SSL_SHA1,
2496  SSL_TLSV1,
2497  SSL_NOT_EXP|SSL_HIGH,
2498  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2499  128,
2500  128,
2501  },
2502 
2503  /* Cipher C01F */
2504  {
2505  1,
2506  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2507  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
2508  SSL_kSRP,
2509  SSL_aDSS,
2510  SSL_AES128,
2511  SSL_SHA1,
2512  SSL_TLSV1,
2513  SSL_NOT_EXP|SSL_HIGH,
2514  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2515  128,
2516  128,
2517  },
2518 
2519  /* Cipher C020 */
2520  {
2521  1,
2522  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
2523  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
2524  SSL_kSRP,
2525  SSL_aNULL,
2526  SSL_AES256,
2527  SSL_SHA1,
2528  SSL_TLSV1,
2529  SSL_NOT_EXP|SSL_HIGH,
2530  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2531  256,
2532  256,
2533  },
2534 
2535  /* Cipher C021 */
2536  {
2537  1,
2538  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2539  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
2540  SSL_kSRP,
2541  SSL_aRSA,
2542  SSL_AES256,
2543  SSL_SHA1,
2544  SSL_TLSV1,
2545  SSL_NOT_EXP|SSL_HIGH,
2546  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2547  256,
2548  256,
2549  },
2550 
2551  /* Cipher C022 */
2552  {
2553  1,
2554  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2555  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
2556  SSL_kSRP,
2557  SSL_aDSS,
2558  SSL_AES256,
2559  SSL_SHA1,
2560  SSL_TLSV1,
2561  SSL_NOT_EXP|SSL_HIGH,
2562  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2563  256,
2564  256,
2565  },
2566 #endif /* OPENSSL_NO_SRP */
2567 #ifndef OPENSSL_NO_ECDH
2568 
2569  /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
2570 
2571  /* Cipher C023 */
2572  {
2573  1,
2574  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
2575  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
2576  SSL_kEECDH,
2577  SSL_aECDSA,
2578  SSL_AES128,
2579  SSL_SHA256,
2580  SSL_TLSV1_2,
2581  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2582  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2583  128,
2584  128,
2585  },
2586 
2587  /* Cipher C024 */
2588  {
2589  1,
2590  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
2591  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
2592  SSL_kEECDH,
2593  SSL_aECDSA,
2594  SSL_AES256,
2595  SSL_SHA384,
2596  SSL_TLSV1_2,
2597  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2598  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2599  256,
2600  256,
2601  },
2602 
2603  /* Cipher C025 */
2604  {
2605  1,
2606  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
2607  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
2608  SSL_kECDHe,
2609  SSL_aECDH,
2610  SSL_AES128,
2611  SSL_SHA256,
2612  SSL_TLSV1_2,
2613  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2614  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2615  128,
2616  128,
2617  },
2618 
2619  /* Cipher C026 */
2620  {
2621  1,
2622  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
2623  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
2624  SSL_kECDHe,
2625  SSL_aECDH,
2626  SSL_AES256,
2627  SSL_SHA384,
2628  SSL_TLSV1_2,
2629  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2630  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2631  256,
2632  256,
2633  },
2634 
2635  /* Cipher C027 */
2636  {
2637  1,
2638  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
2639  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
2640  SSL_kEECDH,
2641  SSL_aRSA,
2642  SSL_AES128,
2643  SSL_SHA256,
2644  SSL_TLSV1_2,
2645  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2646  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2647  128,
2648  128,
2649  },
2650 
2651  /* Cipher C028 */
2652  {
2653  1,
2654  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
2655  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
2656  SSL_kEECDH,
2657  SSL_aRSA,
2658  SSL_AES256,
2659  SSL_SHA384,
2660  SSL_TLSV1_2,
2661  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2662  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2663  256,
2664  256,
2665  },
2666 
2667  /* Cipher C029 */
2668  {
2669  1,
2670  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
2671  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
2672  SSL_kECDHe,
2673  SSL_aECDH,
2674  SSL_AES128,
2675  SSL_SHA256,
2676  SSL_TLSV1_2,
2677  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2678  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2679  128,
2680  128,
2681  },
2682 
2683  /* Cipher C02A */
2684  {
2685  1,
2686  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
2687  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
2688  SSL_kECDHe,
2689  SSL_aECDH,
2690  SSL_AES256,
2691  SSL_SHA384,
2692  SSL_TLSV1_2,
2693  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2694  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2695  256,
2696  256,
2697  },
2698 
2699  /* GCM based TLS v1.2 ciphersuites from RFC5289 */
2700 
2701  /* Cipher C02B */
2702  {
2703  1,
2704  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2705  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
2706  SSL_kEECDH,
2707  SSL_aECDSA,
2708  SSL_AES128GCM,
2709  SSL_AEAD,
2710  SSL_TLSV1_2,
2711  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2712  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2713  128,
2714  128,
2715  },
2716 
2717  /* Cipher C02C */
2718  {
2719  1,
2720  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2721  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
2722  SSL_kEECDH,
2723  SSL_aECDSA,
2724  SSL_AES256GCM,
2725  SSL_AEAD,
2726  SSL_TLSV1_2,
2727  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2728  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2729  256,
2730  256,
2731  },
2732 
2733  /* Cipher C02D */
2734  {
2735  1,
2736  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2737  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
2738  SSL_kECDHe,
2739  SSL_aECDH,
2740  SSL_AES128GCM,
2741  SSL_AEAD,
2742  SSL_TLSV1_2,
2743  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2744  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2745  128,
2746  128,
2747  },
2748 
2749  /* Cipher C02E */
2750  {
2751  1,
2752  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2753  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
2754  SSL_kECDHe,
2755  SSL_aECDH,
2756  SSL_AES256GCM,
2757  SSL_AEAD,
2758  SSL_TLSV1_2,
2759  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2760  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2761  256,
2762  256,
2763  },
2764 
2765  /* Cipher C02F */
2766  {
2767  1,
2768  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2769  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
2770  SSL_kEECDH,
2771  SSL_aRSA,
2772  SSL_AES128GCM,
2773  SSL_AEAD,
2774  SSL_TLSV1_2,
2775  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2776  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2777  128,
2778  128,
2779  },
2780 
2781  /* Cipher C030 */
2782  {
2783  1,
2784  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2785  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
2786  SSL_kEECDH,
2787  SSL_aRSA,
2788  SSL_AES256GCM,
2789  SSL_AEAD,
2790  SSL_TLSV1_2,
2791  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2792  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2793  256,
2794  256,
2795  },
2796 
2797  /* Cipher C031 */
2798  {
2799  1,
2800  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2801  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
2802  SSL_kECDHe,
2803  SSL_aECDH,
2804  SSL_AES128GCM,
2805  SSL_AEAD,
2806  SSL_TLSV1_2,
2807  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2808  SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
2809  128,
2810  128,
2811  },
2812 
2813  /* Cipher C032 */
2814  {
2815  1,
2816  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2817  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
2818  SSL_kECDHe,
2819  SSL_aECDH,
2820  SSL_AES256GCM,
2821  SSL_AEAD,
2822  SSL_TLSV1_2,
2823  SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
2824  SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
2825  256,
2826  256,
2827  },
2828 
2829 #endif /* OPENSSL_NO_ECDH */
2830 
2831 
2832 #ifdef TEMP_GOST_TLS
2833 /* Cipher FF00 */
2834  {
2835  1,
2836  "GOST-MD5",
2837  0x0300ff00,
2838  SSL_kRSA,
2839  SSL_aRSA,
2840  SSL_eGOST2814789CNT,
2841  SSL_MD5,
2842  SSL_TLSV1,
2843  SSL_NOT_EXP|SSL_HIGH,
2844  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2845  256,
2846  256,
2847  },
2848  {
2849  1,
2850  "GOST-GOST94",
2851  0x0300ff01,
2852  SSL_kRSA,
2853  SSL_aRSA,
2854  SSL_eGOST2814789CNT,
2855  SSL_GOST94,
2856  SSL_TLSV1,
2857  SSL_NOT_EXP|SSL_HIGH,
2858  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2859  256,
2860  256
2861  },
2862  {
2863  1,
2864  "GOST-GOST89MAC",
2865  0x0300ff02,
2866  SSL_kRSA,
2867  SSL_aRSA,
2868  SSL_eGOST2814789CNT,
2869  SSL_GOST89MAC,
2870  SSL_TLSV1,
2871  SSL_NOT_EXP|SSL_HIGH,
2872  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
2873  256,
2874  256
2875  },
2876  {
2877  1,
2878  "GOST-GOST89STREAM",
2879  0x0300ff03,
2880  SSL_kRSA,
2881  SSL_aRSA,
2882  SSL_eGOST2814789CNT,
2883  SSL_GOST89MAC,
2884  SSL_TLSV1,
2885  SSL_NOT_EXP|SSL_HIGH,
2886  SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
2887  256,
2888  256
2889  },
2890 #endif
2891 
2892 /* end of list */
2893  };
2894 
2895 SSL3_ENC_METHOD SSLv3_enc_data={
2896  ssl3_enc,
2897  n_ssl3_mac,
2898  ssl3_setup_key_block,
2899  ssl3_generate_master_secret,
2900  ssl3_change_cipher_state,
2901  ssl3_final_finish_mac,
2902  MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
2903  ssl3_cert_verify_mac,
2904  SSL3_MD_CLIENT_FINISHED_CONST,4,
2905  SSL3_MD_SERVER_FINISHED_CONST,4,
2906  ssl3_alert_code,
2907  (int (*)(SSL *, unsigned char *, size_t, const char *,
2908  size_t, const unsigned char *, size_t,
2909  int use_context))ssl_undefined_function,
2910  };
2911 
2912 long ssl3_default_timeout(void)
2913  {
2914  /* 2 hours, the 24 hours mentioned in the SSLv3 spec
2915  * is way too long for http, the cache would over fill */
2916  return(60*60*2);
2917  }
2918 
2919 int ssl3_num_ciphers(void)
2920  {
2921  return(SSL3_NUM_CIPHERS);
2922  }
2923 
2924 const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
2925  {
2926  if (u < SSL3_NUM_CIPHERS)
2927  return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
2928  else
2929  return(NULL);
2930  }
2931 
2932 int ssl3_pending(const SSL *s)
2933  {
2934  if (s->rstate == SSL_ST_READ_BODY)
2935  return 0;
2936 
2937  return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
2938  }
2939 
2940 int ssl3_new(SSL *s)
2941  {
2942  SSL3_STATE *s3;
2943 
2944  if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err;
2945  memset(s3,0,sizeof *s3);
2946  memset(s3->rrec.seq_num,0,sizeof(s3->rrec.seq_num));
2947  memset(s3->wrec.seq_num,0,sizeof(s3->wrec.seq_num));
2948 
2949  s->s3=s3;
2950 
2951 #ifndef OPENSSL_NO_SRP
2952  SSL_SRP_CTX_init(s);
2953 #endif
2954  s->method->ssl_clear(s);
2955  return(1);
2956 err:
2957  return(0);
2958  }
2959 
2960 void ssl3_free(SSL *s)
2961  {
2962  if(s == NULL)
2963  return;
2964 
2965 #ifdef TLSEXT_TYPE_opaque_prf_input
2966  if (s->s3->client_opaque_prf_input != NULL)
2967  OPENSSL_free(s->s3->client_opaque_prf_input);
2968  if (s->s3->server_opaque_prf_input != NULL)
2969  OPENSSL_free(s->s3->server_opaque_prf_input);
2970 #endif
2971 
2972  ssl3_cleanup_key_block(s);
2973  if (s->s3->rbuf.buf != NULL)
2974  ssl3_release_read_buffer(s);
2975  if (s->s3->wbuf.buf != NULL)
2976  ssl3_release_write_buffer(s);
2977  if (s->s3->rrec.comp != NULL)
2978  OPENSSL_free(s->s3->rrec.comp);
2979 #ifndef OPENSSL_NO_DH
2980  if (s->s3->tmp.dh != NULL)
2981  DH_free(s->s3->tmp.dh);
2982 #endif
2983 #ifndef OPENSSL_NO_ECDH
2984  if (s->s3->tmp.ecdh != NULL)
2985  EC_KEY_free(s->s3->tmp.ecdh);
2986 #endif
2987 
2988  if (s->s3->tmp.ca_names != NULL)
2989  sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
2990  if (s->s3->handshake_buffer) {
2991  BIO_free(s->s3->handshake_buffer);
2992  }
2993  if (s->s3->handshake_dgst) ssl3_free_digest_list(s);
2994 #ifndef OPENSSL_NO_SRP
2995  SSL_SRP_CTX_free(s);
2996 #endif
2997  OPENSSL_cleanse(s->s3,sizeof *s->s3);
2998  OPENSSL_free(s->s3);
2999  s->s3=NULL;
3000  }
3001 
3002 void ssl3_clear(SSL *s)
3003  {
3004  unsigned char *rp,*wp;
3005  size_t rlen, wlen;
3006  int init_extra;
3007 
3008 #ifdef TLSEXT_TYPE_opaque_prf_input
3009  if (s->s3->client_opaque_prf_input != NULL)
3010  OPENSSL_free(s->s3->client_opaque_prf_input);
3011  s->s3->client_opaque_prf_input = NULL;
3012  if (s->s3->server_opaque_prf_input != NULL)
3013  OPENSSL_free(s->s3->server_opaque_prf_input);
3014  s->s3->server_opaque_prf_input = NULL;
3015 #endif
3016 
3017  ssl3_cleanup_key_block(s);
3018  if (s->s3->tmp.ca_names != NULL)
3019  sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
3020 
3021  if (s->s3->rrec.comp != NULL)
3022  {
3023  OPENSSL_free(s->s3->rrec.comp);
3024  s->s3->rrec.comp=NULL;
3025  }
3026 #ifndef OPENSSL_NO_DH
3027  if (s->s3->tmp.dh != NULL)
3028  {
3029  DH_free(s->s3->tmp.dh);
3030  s->s3->tmp.dh = NULL;
3031  }
3032 #endif
3033 #ifndef OPENSSL_NO_ECDH
3034  if (s->s3->tmp.ecdh != NULL)
3035  {
3036  EC_KEY_free(s->s3->tmp.ecdh);
3037  s->s3->tmp.ecdh = NULL;
3038  }
3039 #endif
3040 
3041  rp = s->s3->rbuf.buf;
3042  wp = s->s3->wbuf.buf;
3043  rlen = s->s3->rbuf.len;
3044  wlen = s->s3->wbuf.len;
3045  init_extra = s->s3->init_extra;
3046  if (s->s3->handshake_buffer) {
3047  BIO_free(s->s3->handshake_buffer);
3048  s->s3->handshake_buffer = NULL;
3049  }
3050  if (s->s3->handshake_dgst) {
3051  ssl3_free_digest_list(s);
3052  }
3053  memset(s->s3,0,sizeof *s->s3);
3054  s->s3->rbuf.buf = rp;
3055  s->s3->wbuf.buf = wp;
3056  s->s3->rbuf.len = rlen;
3057  s->s3->wbuf.len = wlen;
3058  s->s3->init_extra = init_extra;
3059 
3060  ssl_free_wbio_buffer(s);
3061 
3062  s->packet_length=0;
3063  s->s3->renegotiate=0;
3064  s->s3->total_renegotiations=0;
3065  s->s3->num_renegotiations=0;
3066  s->s3->in_read_app_data=0;
3067  s->version=SSL3_VERSION;
3068 
3069 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
3070  if (s->next_proto_negotiated)
3071  {
3072  OPENSSL_free(s->next_proto_negotiated);
3073  s->next_proto_negotiated = NULL;
3074  s->next_proto_negotiated_len = 0;
3075  }
3076 #endif
3077  }
3078 
3079 #ifndef OPENSSL_NO_SRP
3080 static char * MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
3081  {
3082  return BUF_strdup(s->srp_ctx.info) ;
3083  }
3084 #endif
3085 
3086 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
3087  {
3088  int ret=0;
3089 
3090 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3091  if (
3092 #ifndef OPENSSL_NO_RSA
3093  cmd == SSL_CTRL_SET_TMP_RSA ||
3094  cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3095 #endif
3096 #ifndef OPENSSL_NO_DSA
3097  cmd == SSL_CTRL_SET_TMP_DH ||
3098  cmd == SSL_CTRL_SET_TMP_DH_CB ||
3099 #endif
3100  0)
3101  {
3102  if (!ssl_cert_inst(&s->cert))
3103  {
3104  SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
3105  return(0);
3106  }
3107  }
3108 #endif
3109 
3110  switch (cmd)
3111  {
3112  case SSL_CTRL_GET_SESSION_REUSED:
3113  ret=s->hit;
3114  break;
3115  case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
3116  break;
3117  case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
3118  ret=s->s3->num_renegotiations;
3119  break;
3120  case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
3121  ret=s->s3->num_renegotiations;
3122  s->s3->num_renegotiations=0;
3123  break;
3124  case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
3125  ret=s->s3->total_renegotiations;
3126  break;
3127  case SSL_CTRL_GET_FLAGS:
3128  ret=(int)(s->s3->flags);
3129  break;
3130 #ifndef OPENSSL_NO_RSA
3131  case SSL_CTRL_NEED_TMP_RSA:
3132  if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
3133  ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3134  (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))))
3135  ret = 1;
3136  break;
3137  case SSL_CTRL_SET_TMP_RSA:
3138  {
3139  RSA *rsa = (RSA *)parg;
3140  if (rsa == NULL)
3141  {
3142  SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3143  return(ret);
3144  }
3145  if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
3146  {
3147  SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
3148  return(ret);
3149  }
3150  if (s->cert->rsa_tmp != NULL)
3151  RSA_free(s->cert->rsa_tmp);
3152  s->cert->rsa_tmp = rsa;
3153  ret = 1;
3154  }
3155  break;
3156  case SSL_CTRL_SET_TMP_RSA_CB:
3157  {
3158  SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3159  return(ret);
3160  }
3161  break;
3162 #endif
3163 #ifndef OPENSSL_NO_DH
3164  case SSL_CTRL_SET_TMP_DH:
3165  {
3166  DH *dh = (DH *)parg;
3167  if (dh == NULL)
3168  {
3169  SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3170  return(ret);
3171  }
3172  if ((dh = DHparams_dup(dh)) == NULL)
3173  {
3174  SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3175  return(ret);
3176  }
3177  if (!(s->options & SSL_OP_SINGLE_DH_USE))
3178  {
3179  if (!DH_generate_key(dh))
3180  {
3181  DH_free(dh);
3182  SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
3183  return(ret);
3184  }
3185  }
3186  if (s->cert->dh_tmp != NULL)
3187  DH_free(s->cert->dh_tmp);
3188  s->cert->dh_tmp = dh;
3189  ret = 1;
3190  }
3191  break;
3192  case SSL_CTRL_SET_TMP_DH_CB:
3193  {
3194  SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3195  return(ret);
3196  }
3197  break;
3198 #endif
3199 #ifndef OPENSSL_NO_ECDH
3200  case SSL_CTRL_SET_TMP_ECDH:
3201  {
3202  EC_KEY *ecdh = NULL;
3203 
3204  if (parg == NULL)
3205  {
3206  SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
3207  return(ret);
3208  }
3209  if (!EC_KEY_up_ref((EC_KEY *)parg))
3210  {
3211  SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3212  return(ret);
3213  }
3214  ecdh = (EC_KEY *)parg;
3215  if (!(s->options & SSL_OP_SINGLE_ECDH_USE))
3216  {
3217  if (!EC_KEY_generate_key(ecdh))
3218  {
3219  EC_KEY_free(ecdh);
3220  SSLerr(SSL_F_SSL3_CTRL,ERR_R_ECDH_LIB);
3221  return(ret);
3222  }
3223  }
3224  if (s->cert->ecdh_tmp != NULL)
3225  EC_KEY_free(s->cert->ecdh_tmp);
3226  s->cert->ecdh_tmp = ecdh;
3227  ret = 1;
3228  }
3229  break;
3230  case SSL_CTRL_SET_TMP_ECDH_CB:
3231  {
3232  SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3233  return(ret);
3234  }
3235  break;
3236 #endif /* !OPENSSL_NO_ECDH */
3237 #ifndef OPENSSL_NO_TLSEXT
3238  case SSL_CTRL_SET_TLSEXT_HOSTNAME:
3239  if (larg == TLSEXT_NAMETYPE_host_name)
3240  {
3241  if (s->tlsext_hostname != NULL)
3242  OPENSSL_free(s->tlsext_hostname);
3243  s->tlsext_hostname = NULL;
3244 
3245  ret = 1;
3246  if (parg == NULL)
3247  break;
3248  if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name)
3249  {
3250  SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
3251  return 0;
3252  }
3253  if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
3254  {
3255  SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
3256  return 0;
3257  }
3258  }
3259  else
3260  {
3261  SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
3262  return 0;
3263  }
3264  break;
3265  case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
3266  s->tlsext_debug_arg=parg;
3267  ret = 1;
3268  break;
3269 
3270 #ifdef TLSEXT_TYPE_opaque_prf_input
3271  case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
3272  if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message
3273  * (including the cert chain and everything) */
3274  {
3275  SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
3276  break;
3277  }
3278  if (s->tlsext_opaque_prf_input != NULL)
3279  OPENSSL_free(s->tlsext_opaque_prf_input);
3280  if ((size_t)larg == 0)
3281  s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */
3282  else
3283  s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
3284  if (s->tlsext_opaque_prf_input != NULL)
3285  {
3286  s->tlsext_opaque_prf_input_len = (size_t)larg;
3287  ret = 1;
3288  }
3289  else
3290  s->tlsext_opaque_prf_input_len = 0;
3291  break;
3292 #endif
3293 
3294  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
3295  s->tlsext_status_type=larg;
3296  ret = 1;
3297  break;
3298 
3299  case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
3300  *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
3301  ret = 1;
3302  break;
3303 
3304  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
3305  s->tlsext_ocsp_exts = parg;
3306  ret = 1;
3307  break;
3308 
3309  case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
3310  *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
3311  ret = 1;
3312  break;
3313 
3314  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
3315  s->tlsext_ocsp_ids = parg;
3316  ret = 1;
3317  break;
3318 
3319  case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
3320  *(unsigned char **)parg = s->tlsext_ocsp_resp;
3321  return s->tlsext_ocsp_resplen;
3322 
3323  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
3324  if (s->tlsext_ocsp_resp)
3325  OPENSSL_free(s->tlsext_ocsp_resp);
3326  s->tlsext_ocsp_resp = parg;
3327  s->tlsext_ocsp_resplen = larg;
3328  ret = 1;
3329  break;
3330 
3331 #ifndef OPENSSL_NO_HEARTBEATS
3332  case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
3333  if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
3334  ret = dtls1_heartbeat(s);
3335  else
3336  ret = tls1_heartbeat(s);
3337  break;
3338 
3339  case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
3340  ret = s->tlsext_hb_pending;
3341  break;
3342 
3343  case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
3344  if (larg)
3345  s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3346  else
3347  s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
3348  ret = 1;
3349  break;
3350 #endif
3351 
3352 #endif /* !OPENSSL_NO_TLSEXT */
3353  default:
3354  break;
3355  }
3356  return(ret);
3357  }
3358 
3359 long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
3360  {
3361  int ret=0;
3362 
3363 #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
3364  if (
3365 #ifndef OPENSSL_NO_RSA
3366  cmd == SSL_CTRL_SET_TMP_RSA_CB ||
3367 #endif
3368 #ifndef OPENSSL_NO_DSA
3369  cmd == SSL_CTRL_SET_TMP_DH_CB ||
3370 #endif
3371  0)
3372  {
3373  if (!ssl_cert_inst(&s->cert))
3374  {
3375  SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
3376  return(0);
3377  }
3378  }
3379 #endif
3380 
3381  switch (cmd)
3382  {
3383 #ifndef OPENSSL_NO_RSA
3384  case SSL_CTRL_SET_TMP_RSA_CB:
3385  {
3386  s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3387  }
3388  break;
3389 #endif
3390 #ifndef OPENSSL_NO_DH
3391  case SSL_CTRL_SET_TMP_DH_CB:
3392  {
3393  s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3394  }
3395  break;
3396 #endif
3397 #ifndef OPENSSL_NO_ECDH
3398  case SSL_CTRL_SET_TMP_ECDH_CB:
3399  {
3400  s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3401  }
3402  break;
3403 #endif
3404 #ifndef OPENSSL_NO_TLSEXT
3405  case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
3406  s->tlsext_debug_cb=(void (*)(SSL *,int ,int,
3407  unsigned char *, int, void *))fp;
3408  break;
3409 #endif
3410  default:
3411  break;
3412  }
3413  return(ret);
3414  }
3415 
3416 long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
3417  {
3418  CERT *cert;
3419 
3420  cert=ctx->cert;
3421 
3422  switch (cmd)
3423  {
3424 #ifndef OPENSSL_NO_RSA
3425  case SSL_CTRL_NEED_TMP_RSA:
3426  if ( (cert->rsa_tmp == NULL) &&
3427  ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
3428  (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
3429  )
3430  return(1);
3431  else
3432  return(0);
3433  /* break; */
3434  case SSL_CTRL_SET_TMP_RSA:
3435  {
3436  RSA *rsa;
3437  int i;
3438 
3439  rsa=(RSA *)parg;
3440  i=1;
3441  if (rsa == NULL)
3442  i=0;
3443  else
3444  {
3445  if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
3446  i=0;
3447  }
3448  if (!i)
3449  {
3450  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
3451  return(0);
3452  }
3453  else
3454  {
3455  if (cert->rsa_tmp != NULL)
3456  RSA_free(cert->rsa_tmp);
3457  cert->rsa_tmp=rsa;
3458  return(1);
3459  }
3460  }
3461  /* break; */
3462  case SSL_CTRL_SET_TMP_RSA_CB:
3463  {
3464  SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3465  return(0);
3466  }
3467  break;
3468 #endif
3469 #ifndef OPENSSL_NO_DH
3470  case SSL_CTRL_SET_TMP_DH:
3471  {
3472  DH *new=NULL,*dh;
3473 
3474  dh=(DH *)parg;
3475  if ((new=DHparams_dup(dh)) == NULL)
3476  {
3477  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3478  return 0;
3479  }
3480  if (!(ctx->options & SSL_OP_SINGLE_DH_USE))
3481  {
3482  if (!DH_generate_key(new))
3483  {
3484  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
3485  DH_free(new);
3486  return 0;
3487  }
3488  }
3489  if (cert->dh_tmp != NULL)
3490  DH_free(cert->dh_tmp);
3491  cert->dh_tmp=new;
3492  return 1;
3493  }
3494  /*break; */
3495  case SSL_CTRL_SET_TMP_DH_CB:
3496  {
3497  SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3498  return(0);
3499  }
3500  break;
3501 #endif
3502 #ifndef OPENSSL_NO_ECDH
3503  case SSL_CTRL_SET_TMP_ECDH:
3504  {
3505  EC_KEY *ecdh = NULL;
3506 
3507  if (parg == NULL)
3508  {
3509  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3510  return 0;
3511  }
3512  ecdh = EC_KEY_dup((EC_KEY *)parg);
3513  if (ecdh == NULL)
3514  {
3515  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_EC_LIB);
3516  return 0;
3517  }
3518  if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE))
3519  {
3520  if (!EC_KEY_generate_key(ecdh))
3521  {
3522  EC_KEY_free(ecdh);
3523  SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_ECDH_LIB);
3524  return 0;
3525  }
3526  }
3527 
3528  if (cert->ecdh_tmp != NULL)
3529  {
3530  EC_KEY_free(cert->ecdh_tmp);
3531  }
3532  cert->ecdh_tmp = ecdh;
3533  return 1;
3534  }
3535  /* break; */
3536  case SSL_CTRL_SET_TMP_ECDH_CB:
3537  {
3538  SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
3539  return(0);
3540  }
3541  break;
3542 #endif /* !OPENSSL_NO_ECDH */
3543 #ifndef OPENSSL_NO_TLSEXT
3544  case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
3545  ctx->tlsext_servername_arg=parg;
3546  break;
3547  case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
3548  case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
3549  {
3550  unsigned char *keys = parg;
3551  if (!keys)
3552  return 48;
3553  if (larg != 48)
3554  {
3555  SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
3556  return 0;
3557  }
3558  if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS)
3559  {
3560  memcpy(ctx->tlsext_tick_key_name, keys, 16);
3561  memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
3562  memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
3563  }
3564  else
3565  {
3566  memcpy(keys, ctx->tlsext_tick_key_name, 16);
3567  memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
3568  memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
3569  }
3570  return 1;
3571  }
3572 
3573 #ifdef TLSEXT_TYPE_opaque_prf_input
3574  case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
3575  ctx->tlsext_opaque_prf_input_callback_arg = parg;
3576  return 1;
3577 #endif
3578 
3579  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
3580  ctx->tlsext_status_arg=parg;
3581  return 1;
3582  break;
3583 
3584 #ifndef OPENSSL_NO_SRP
3585  case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
3586  ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3587  if (ctx->srp_ctx.login != NULL)
3588  OPENSSL_free(ctx->srp_ctx.login);
3589  ctx->srp_ctx.login = NULL;
3590  if (parg == NULL)
3591  break;
3592  if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1)
3593  {
3594  SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
3595  return 0;
3596  }
3597  if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL)
3598  {
3599  SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
3600  return 0;
3601  }
3602  break;
3603  case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
3604  ctx->srp_ctx.SRP_give_srp_client_pwd_callback=srp_password_from_info_cb;
3605  ctx->srp_ctx.info=parg;
3606  break;
3607  case SSL_CTRL_SET_SRP_ARG:
3608  ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3609  ctx->srp_ctx.SRP_cb_arg=parg;
3610  break;
3611 
3612  case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
3613  ctx->srp_ctx.strength=larg;
3614  break;
3615 #endif
3616 #endif /* !OPENSSL_NO_TLSEXT */
3617 
3618  /* A Thawte special :-) */
3619  case SSL_CTRL_EXTRA_CHAIN_CERT:
3620  if (ctx->extra_certs == NULL)
3621  {
3622  if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
3623  return(0);
3624  }
3625  sk_X509_push(ctx->extra_certs,(X509 *)parg);
3626  break;
3627 
3628  case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
3629  *(STACK_OF(X509) **)parg = ctx->extra_certs;
3630  break;
3631 
3632  case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
3633  if (ctx->extra_certs)
3634  {
3635  sk_X509_pop_free(ctx->extra_certs, X509_free);
3636  ctx->extra_certs = NULL;
3637  }
3638  break;
3639 
3640  default:
3641  return(0);
3642  }
3643  return(1);
3644  }
3645 
3646 long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
3647  {
3648  CERT *cert;
3649 
3650  cert=ctx->cert;
3651 
3652  switch (cmd)
3653  {
3654 #ifndef OPENSSL_NO_RSA
3655  case SSL_CTRL_SET_TMP_RSA_CB:
3656  {
3657  cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
3658  }
3659  break;
3660 #endif
3661 #ifndef OPENSSL_NO_DH
3662  case SSL_CTRL_SET_TMP_DH_CB:
3663  {
3664  cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
3665  }
3666  break;
3667 #endif
3668 #ifndef OPENSSL_NO_ECDH
3669  case SSL_CTRL_SET_TMP_ECDH_CB:
3670  {
3671  cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
3672  }
3673  break;
3674 #endif
3675 #ifndef OPENSSL_NO_TLSEXT
3676  case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
3677  ctx->tlsext_servername_callback=(int (*)(SSL *,int *,void *))fp;
3678  break;
3679 
3680 #ifdef TLSEXT_TYPE_opaque_prf_input
3681  case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
3682  ctx->tlsext_opaque_prf_input_callback = (int (*)(SSL *,void *, size_t, void *))fp;
3683  break;
3684 #endif
3685 
3686  case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
3687  ctx->tlsext_status_cb=(int (*)(SSL *,void *))fp;
3688  break;
3689 
3690  case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
3691  ctx->tlsext_ticket_key_cb=(int (*)(SSL *,unsigned char *,
3692  unsigned char *,
3693  EVP_CIPHER_CTX *,
3694  HMAC_CTX *, int))fp;
3695  break;
3696 
3697 #ifndef OPENSSL_NO_SRP
3698  case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
3699  ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3700  ctx->srp_ctx.SRP_verify_param_callback=(int (*)(SSL *,void *))fp;
3701  break;
3702  case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
3703  ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3704  ctx->srp_ctx.TLS_ext_srp_username_callback=(int (*)(SSL *,int *,void *))fp;
3705  break;
3706  case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
3707  ctx->srp_ctx.srp_Mask|=SSL_kSRP;
3708  ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp;
3709  break;
3710 #endif
3711 #endif
3712  default:
3713  return(0);
3714  }
3715  return(1);
3716  }
3717 
3718 /* This function needs to check if the ciphers required are actually
3719  * available */
3720 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
3721  {
3722  SSL_CIPHER c;
3723  const SSL_CIPHER *cp;
3724  unsigned long id;
3725 
3726  id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
3727  c.id=id;
3728  cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
3729 #ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
3730 if (cp == NULL) fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
3731 #endif
3732  if (cp == NULL || cp->valid == 0)
3733  return NULL;
3734  else
3735  return cp;
3736  }
3737 
3738 int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
3739  {
3740  long l;
3741 
3742  if (p != NULL)
3743  {
3744  l=c->id;
3745  if ((l & 0xff000000) != 0x03000000) return(0);
3746  p[0]=((unsigned char)(l>> 8L))&0xFF;
3747  p[1]=((unsigned char)(l ))&0xFF;
3748  }
3749  return(2);
3750  }
3751 
3752 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
3753  STACK_OF(SSL_CIPHER) *srvr)
3754  {
3755  SSL_CIPHER *c,*ret=NULL;
3756  STACK_OF(SSL_CIPHER) *prio, *allow;
3757  int i,ii,ok;
3758 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_EC)
3759  unsigned int j;
3760  int ec_ok, ec_nid;
3761  unsigned char ec_search1 = 0, ec_search2 = 0;
3762 #endif
3763  CERT *cert;
3764  unsigned long alg_k,alg_a,mask_k,mask_a,emask_k,emask_a;
3765 
3766  /* Let's see which ciphers we can support */
3767  cert=s->cert;
3768 
3769 #if 0
3770  /* Do not set the compare functions, because this may lead to a
3771  * reordering by "id". We want to keep the original ordering.
3772  * We may pay a price in performance during sk_SSL_CIPHER_find(),
3773  * but would have to pay with the price of sk_SSL_CIPHER_dup().
3774  */
3775  sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
3776  sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
3777 #endif
3778 
3779 #ifdef CIPHER_DEBUG
3780  printf("Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr), (void *)srvr);
3781  for(i=0 ; i < sk_SSL_CIPHER_num(srvr) ; ++i)
3782  {
3783  c=sk_SSL_CIPHER_value(srvr,i);
3784  printf("%p:%s\n",(void *)c,c->name);
3785  }
3786  printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt), (void *)clnt);
3787  for(i=0 ; i < sk_SSL_CIPHER_num(clnt) ; ++i)
3788  {
3789  c=sk_SSL_CIPHER_value(clnt,i);
3790  printf("%p:%s\n",(void *)c,c->name);
3791  }
3792 #endif
3793 
3794  if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE)
3795  {
3796  prio = srvr;
3797  allow = clnt;
3798  }
3799  else
3800  {
3801  prio = clnt;
3802  allow = srvr;
3803  }
3804 
3805  for (i=0; i<sk_SSL_CIPHER_num(prio); i++)
3806  {
3807  c=sk_SSL_CIPHER_value(prio,i);
3808 
3809  /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
3810  if ((c->algorithm_ssl & SSL_TLSV1_2) &&
3811  (TLS1_get_version(s) < TLS1_2_VERSION))
3812  continue;
3813 
3814  ssl_set_cert_masks(cert,c);
3815  mask_k = cert->mask_k;
3816  mask_a = cert->mask_a;
3817  emask_k = cert->export_mask_k;
3818  emask_a = cert->export_mask_a;
3819 #ifndef OPENSSL_NO_SRP
3820  mask_k=cert->mask_k | s->srp_ctx.srp_Mask;
3821  emask_k=cert->export_mask_k | s->srp_ctx.srp_Mask;
3822 #endif
3823 
3824 #ifdef KSSL_DEBUG
3825 /* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
3826 #endif /* KSSL_DEBUG */
3827 
3828  alg_k=c->algorithm_mkey;
3829  alg_a=c->algorithm_auth;
3830 
3831 #ifndef OPENSSL_NO_KRB5
3832  if (alg_k & SSL_kKRB5)
3833  {
3834  if ( !kssl_keytab_is_available(s->kssl_ctx) )
3835  continue;
3836  }
3837 #endif /* OPENSSL_NO_KRB5 */
3838 #ifndef OPENSSL_NO_PSK
3839  /* with PSK there must be server callback set */
3840  if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
3841  continue;
3842 #endif /* OPENSSL_NO_PSK */
3843 
3844  if (SSL_C_IS_EXPORT(c))
3845  {
3846  ok = (alg_k & emask_k) && (alg_a & emask_a);
3847 #ifdef CIPHER_DEBUG
3848  printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",ok,alg_k,alg_a,emask_k,emask_a,
3849  (void *)c,c->name);
3850 #endif
3851  }
3852  else
3853  {
3854  ok = (alg_k & mask_k) && (alg_a & mask_a);
3855 #ifdef CIPHER_DEBUG
3856  printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",ok,alg_k,alg_a,mask_k,mask_a,(void *)c,
3857  c->name);
3858 #endif
3859  }
3860 
3861 #ifndef OPENSSL_NO_TLSEXT
3862 #ifndef OPENSSL_NO_EC
3863  if (
3864  /* if we are considering an ECC cipher suite that uses our certificate */
3865  (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3866  /* and we have an ECC certificate */
3867  && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3868  /* and the client specified a Supported Point Formats extension */
3869  && ((s->session->tlsext_ecpointformatlist_length > 0) && (s->session->tlsext_ecpointformatlist != NULL))
3870  /* and our certificate's point is compressed */
3871  && (
3872  (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info != NULL)
3873  && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key != NULL)
3874  && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key != NULL)
3875  && (s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data != NULL)
3876  && (
3877  (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED)
3878  || (*(s->cert->pkeys[SSL_PKEY_ECC].x509->cert_info->key->public_key->data) == POINT_CONVERSION_COMPRESSED + 1)
3879  )
3880  )
3881  )
3882  {
3883  ec_ok = 0;
3884  /* if our certificate's curve is over a field type that the client does not support
3885  * then do not allow this cipher suite to be negotiated */
3886  if (
3887  (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3888  && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3889  && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3890  && (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3891  )
3892  {
3893  for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3894  {
3895  if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime)
3896  {
3897  ec_ok = 1;
3898  break;
3899  }
3900  }
3901  }
3902  else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3903  {
3904  for (j = 0; j < s->session->tlsext_ecpointformatlist_length; j++)
3905  {
3906  if (s->session->tlsext_ecpointformatlist[j] == TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2)
3907  {
3908  ec_ok = 1;
3909  break;
3910  }
3911  }
3912  }
3913  ok = ok && ec_ok;
3914  }
3915  if (
3916  /* if we are considering an ECC cipher suite that uses our certificate */
3917  (alg_a & SSL_aECDSA || alg_a & SSL_aECDH)
3918  /* and we have an ECC certificate */
3919  && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL)
3920  /* and the client specified an EllipticCurves extension */
3921  && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3922  )
3923  {
3924  ec_ok = 0;
3925  if (
3926  (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec != NULL)
3927  && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group != NULL)
3928  )
3929  {
3930  ec_nid = EC_GROUP_get_curve_name(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group);
3931  if ((ec_nid == 0)
3932  && (s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth != NULL)
3933  )
3934  {
3935  if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_prime_field)
3936  {
3937  ec_search1 = 0xFF;
3938  ec_search2 = 0x01;
3939  }
3940  else if (EC_METHOD_get_field_type(s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec->group->meth) == NID_X9_62_characteristic_two_field)
3941  {
3942  ec_search1 = 0xFF;
3943  ec_search2 = 0x02;
3944  }
3945  }
3946  else
3947  {
3948  ec_search1 = 0x00;
3949  ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3950  }
3951  if ((ec_search1 != 0) || (ec_search2 != 0))
3952  {
3953  for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
3954  {
3955  if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
3956  {
3957  ec_ok = 1;
3958  break;
3959  }
3960  }
3961  }
3962  }
3963  ok = ok && ec_ok;
3964  }
3965  if (
3966  /* if we are considering an ECC cipher suite that uses an ephemeral EC key */
3967  (alg_k & SSL_kEECDH)
3968  /* and we have an ephemeral EC key */
3969  && (s->cert->ecdh_tmp != NULL)
3970  /* and the client specified an EllipticCurves extension */
3971  && ((s->session->tlsext_ellipticcurvelist_length > 0) && (s->session->tlsext_ellipticcurvelist != NULL))
3972  )
3973  {
3974  ec_ok = 0;
3975  if (s->cert->ecdh_tmp->group != NULL)
3976  {
3977  ec_nid = EC_GROUP_get_curve_name(s->cert->ecdh_tmp->group);
3978  if ((ec_nid == 0)
3979  && (s->cert->ecdh_tmp->group->meth != NULL)
3980  )
3981  {
3982  if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_prime_field)
3983  {
3984  ec_search1 = 0xFF;
3985  ec_search2 = 0x01;
3986  }
3987  else if (EC_METHOD_get_field_type(s->cert->ecdh_tmp->group->meth) == NID_X9_62_characteristic_two_field)
3988  {
3989  ec_search1 = 0xFF;
3990  ec_search2 = 0x02;
3991  }
3992  }
3993  else
3994  {
3995  ec_search1 = 0x00;
3996  ec_search2 = tls1_ec_nid2curve_id(ec_nid);
3997  }
3998  if ((ec_search1 != 0) || (ec_search2 != 0))
3999  {
4000  for (j = 0; j < s->session->tlsext_ellipticcurvelist_length / 2; j++)
4001  {
4002  if ((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) && (s->session->tlsext_ellipticcurvelist[2*j+1] == ec_search2))
4003  {
4004  ec_ok = 1;
4005  break;
4006  }
4007  }
4008  }
4009  }
4010  ok = ok && ec_ok;
4011  }
4012 #endif /* OPENSSL_NO_EC */
4013 #endif /* OPENSSL_NO_TLSEXT */
4014 
4015  if (!ok) continue;
4016  ii=sk_SSL_CIPHER_find(allow,c);
4017  if (ii >= 0)
4018  {
4019  ret=sk_SSL_CIPHER_value(allow,ii);
4020  break;
4021  }
4022  }
4023  return(ret);
4024  }
4025 
4026 int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
4027  {
4028  int ret=0;
4029  unsigned long alg_k;
4030 
4031  alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
4032 
4033 #ifndef OPENSSL_NO_GOST
4034  if (s->version >= TLS1_VERSION)
4035  {
4036  if (alg_k & SSL_kGOST)
4037  {
4038  p[ret++]=TLS_CT_GOST94_SIGN;
4039  p[ret++]=TLS_CT_GOST01_SIGN;
4040  return(ret);
4041  }
4042  }
4043 #endif
4044 
4045 #ifndef OPENSSL_NO_DH
4046  if (alg_k & (SSL_kDHr|SSL_kEDH))
4047  {
4048 # ifndef OPENSSL_NO_RSA
4049  p[ret++]=SSL3_CT_RSA_FIXED_DH;
4050 # endif
4051 # ifndef OPENSSL_NO_DSA
4052  p[ret++]=SSL3_CT_DSS_FIXED_DH;
4053 # endif
4054  }
4055  if ((s->version == SSL3_VERSION) &&
4056  (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
4057  {
4058 # ifndef OPENSSL_NO_RSA
4059  p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
4060 # endif
4061 # ifndef OPENSSL_NO_DSA
4062  p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
4063 # endif
4064  }
4065 #endif /* !OPENSSL_NO_DH */
4066 #ifndef OPENSSL_NO_RSA
4067  p[ret++]=SSL3_CT_RSA_SIGN;
4068 #endif
4069 #ifndef OPENSSL_NO_DSA
4070  p[ret++]=SSL3_CT_DSS_SIGN;
4071 #endif
4072 #ifndef OPENSSL_NO_ECDH
4073  if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION))
4074  {
4075  p[ret++]=TLS_CT_RSA_FIXED_ECDH;
4076  p[ret++]=TLS_CT_ECDSA_FIXED_ECDH;
4077  }
4078 #endif
4079 
4080 #ifndef OPENSSL_NO_ECDSA
4081  /* ECDSA certs can be used with RSA cipher suites as well
4082  * so we don't need to check for SSL_kECDH or SSL_kEECDH
4083  */
4084  if (s->version >= TLS1_VERSION)
4085  {
4086  p[ret++]=TLS_CT_ECDSA_SIGN;
4087  }
4088 #endif
4089  return(ret);
4090  }
4091 
4092 int ssl3_shutdown(SSL *s)
4093  {
4094  int ret;
4095 
4096  /* Don't do anything much if we have not done the handshake or
4097  * we don't want to send messages :-) */
4098  if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
4099  {
4100  s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
4101  return(1);
4102  }
4103 
4104  if (!(s->shutdown & SSL_SENT_SHUTDOWN))
4105  {
4106  s->shutdown|=SSL_SENT_SHUTDOWN;
4107 #if 1
4108  ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
4109 #endif
4110  /* our shutdown alert has been sent now, and if it still needs
4111  * to be written, s->s3->alert_dispatch will be true */
4112  if (s->s3->alert_dispatch)
4113  return(-1); /* return WANT_WRITE */
4114  }
4115  else if (s->s3->alert_dispatch)
4116  {
4117  /* resend it if not sent */
4118 #if 1
4119  ret=s->method->ssl_dispatch_alert(s);
4120  if(ret == -1)
4121  {
4122  /* we only get to return -1 here the 2nd/Nth
4123  * invocation, we must have already signalled
4124  * return 0 upon a previous invoation,
4125  * return WANT_WRITE */
4126  return(ret);
4127  }
4128 #endif
4129  }
4130  else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4131  {
4132  /* If we are waiting for a close from our peer, we are closed */
4133  s->method->ssl_read_bytes(s,0,NULL,0,0);
4134  if(!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
4135  {
4136  return(-1); /* return WANT_READ */
4137  }
4138  }
4139 
4140  if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
4141  !s->s3->alert_dispatch)
4142  return(1);
4143  else
4144  return(0);
4145  }
4146 
4147 int ssl3_write(SSL *s, const void *buf, int len)
4148  {
4149  int ret,n;
4150 
4151 #if 0
4152  if (s->shutdown & SSL_SEND_SHUTDOWN)
4153  {
4154  s->rwstate=SSL_NOTHING;
4155  return(0);
4156  }
4157 #endif
4158  clear_sys_error();
4159  if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4160 
4161  /* This is an experimental flag that sends the
4162  * last handshake message in the same packet as the first
4163  * use data - used to see if it helps the TCP protocol during
4164  * session-id reuse */
4165  /* The second test is because the buffer may have been removed */
4166  if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
4167  {
4168  /* First time through, we write into the buffer */
4169  if (s->s3->delay_buf_pop_ret == 0)
4170  {
4171  ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4172  buf,len);
4173  if (ret <= 0) return(ret);
4174 
4175  s->s3->delay_buf_pop_ret=ret;
4176  }
4177 
4178  s->rwstate=SSL_WRITING;
4179  n=BIO_flush(s->wbio);
4180  if (n <= 0) return(n);
4181  s->rwstate=SSL_NOTHING;
4182 
4183  /* We have flushed the buffer, so remove it */
4184  ssl_free_wbio_buffer(s);
4185  s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
4186 
4187  ret=s->s3->delay_buf_pop_ret;
4188  s->s3->delay_buf_pop_ret=0;
4189  }
4190  else
4191  {
4192  ret=s->method->ssl_write_bytes(s,SSL3_RT_APPLICATION_DATA,
4193  buf,len);
4194  if (ret <= 0) return(ret);
4195  }
4196 
4197  return(ret);
4198  }
4199 
4200 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
4201  {
4202  int ret;
4203 
4204  clear_sys_error();
4205  if (s->s3->renegotiate) ssl3_renegotiate_check(s);
4206  s->s3->in_read_app_data=1;
4207  ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4208  if ((ret == -1) && (s->s3->in_read_app_data == 2))
4209  {
4210  /* ssl3_read_bytes decided to call s->handshake_func, which
4211  * called ssl3_read_bytes to read handshake data.
4212  * However, ssl3_read_bytes actually found application data
4213  * and thinks that application data makes sense here; so disable
4214  * handshake processing and try to read application data again. */
4215  s->in_handshake++;
4216  ret=s->method->ssl_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
4217  s->in_handshake--;
4218  }
4219  else
4220  s->s3->in_read_app_data=0;
4221 
4222  return(ret);
4223  }
4224 
4225 int ssl3_read(SSL *s, void *buf, int len)
4226  {
4227  return ssl3_read_internal(s, buf, len, 0);
4228  }
4229 
4230 int ssl3_peek(SSL *s, void *buf, int len)
4231  {
4232  return ssl3_read_internal(s, buf, len, 1);
4233  }
4234 
4235 int ssl3_renegotiate(SSL *s)
4236  {
4237  if (s->handshake_func == NULL)
4238  return(1);
4239 
4240  if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
4241  return(0);
4242 
4243  s->s3->renegotiate=1;
4244  return(1);
4245  }
4246 
4247 int ssl3_renegotiate_check(SSL *s)
4248  {
4249  int ret=0;
4250 
4251  if (s->s3->renegotiate)
4252  {
4253  if ( (s->s3->rbuf.left == 0) &&
4254  (s->s3->wbuf.left == 0) &&
4255  !SSL_in_init(s))
4256  {
4257 /*
4258 if we are the server, and we have sent a 'RENEGOTIATE' message, we
4259 need to go to SSL_ST_ACCEPT.
4260 */
4261  /* SSL_ST_ACCEPT */
4262  s->state=SSL_ST_RENEGOTIATE;
4263  s->s3->renegotiate=0;
4264  s->s3->num_renegotiations++;
4265  s->s3->total_renegotiations++;
4266  ret=1;
4267  }
4268  }
4269  return(ret);
4270  }
4271 /* If we are using TLS v1.2 or later and default SHA1+MD5 algorithms switch
4272  * to new SHA256 PRF and handshake macs
4273  */
4274 long ssl_get_algorithm2(SSL *s)
4275  {
4276  long alg2 = s->s3->tmp.new_cipher->algorithm2;
4277  if (TLS1_get_version(s) >= TLS1_2_VERSION &&
4278  alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
4279  return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
4280  return alg2;
4281  }
4282 
Generated on Thu Jan 10 2013 09:53:43 for OpenSSL by   doxygen 1.8.2