1 files changed, 0 insertions, 407 deletions
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
deleted file mode 100644
index 2d1d293e1a..0000000000
--- a/src/lib/libssl/tls1.h
+++ /dev/null
@@ -1,407 +0,0 @@
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-#ifndef HEADER_TLS1_H 
-#define HEADER_TLS1_H 
-#include <openssl/buffer.h>
-#ifdef  __cplusplus
-extern "C" {
-#endif
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES    0
-#define TLS1_VERSION                    0x0301
-#define TLS1_VERSION_MAJOR              0x03
-#define TLS1_VERSION_MINOR              0x01
-#define TLS1_AD_DECRYPTION_FAILED       21
-#define TLS1_AD_RECORD_OVERFLOW         22
-#define TLS1_AD_UNKNOWN_CA              48      /* fatal */
-#define TLS1_AD_ACCESS_DENIED           49      /* fatal */
-#define TLS1_AD_DECODE_ERROR            50      /* fatal */
-#define TLS1_AD_DECRYPT_ERROR           51
-#define TLS1_AD_EXPORT_RESTRICTION      60      /* fatal */
-#define TLS1_AD_PROTOCOL_VERSION        70      /* fatal */
-#define TLS1_AD_INSUFFICIENT_SECURITY   71      /* fatal */
-#define TLS1_AD_INTERNAL_ERROR          80      /* fatal */
-#define TLS1_AD_USER_CANCELLED          90
-#define TLS1_AD_NO_RENEGOTIATION        100
-/* codes 110-114 are from RFC3546 */
-#define TLS1_AD_UNSUPPORTED_EXTENSION   110
-#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
-#define TLS1_AD_UNRECOGNIZED_NAME       112
-#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
-#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
-#define TLS1_AD_UNKNOWN_PSK_IDENTITY    115     /* fatal */
-/* ExtensionType values from RFC 3546 */
-#define TLSEXT_TYPE_server_name                 0
-#define TLSEXT_TYPE_max_fragment_length         1
-#define TLSEXT_TYPE_client_certificate_url      2
-#define TLSEXT_TYPE_trusted_ca_keys             3
-#define TLSEXT_TYPE_truncated_hmac              4
-#define TLSEXT_TYPE_status_request              5
-#define TLSEXT_TYPE_elliptic_curves             10
-#define TLSEXT_TYPE_ec_point_formats            11
-#define TLSEXT_TYPE_session_ticket              35
-/* NameType value from RFC 3546 */
-#define TLSEXT_NAMETYPE_host_name 0
-/* status request value from RFC 3546 */
-#define TLSEXT_STATUSTYPE_ocsp 1
-#ifndef OPENSSL_NO_TLSEXT
-#define TLSEXT_MAXLEN_host_name 255
-const char *SSL_get_servername(const SSL *s, const int type) ;
-int SSL_get_servername_type(const SSL *s) ;
-#define SSL_set_tlsext_host_name(s,name) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
-#define SSL_set_tlsext_debug_callback(ssl, cb) \
-SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
-#define SSL_set_tlsext_debug_arg(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
-#define SSL_set_tlsext_status_type(ssl, type) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
-#define SSL_get_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-#define SSL_set_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-#define SSL_get_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-#define SSL_set_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
-#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
-#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
-#define SSL_TLSEXT_ERR_OK 0
-#define SSL_TLSEXT_ERR_ALERT_WARNING 1
-#define SSL_TLSEXT_ERR_ALERT_FATAL 2
-#define SSL_TLSEXT_ERR_NOACK 3
-#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
-#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen),(keys))
-#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen),(keys))
-#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
-#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
-SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
-#endif
-/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
- * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
- * s3_lib.c).  We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't. */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5          0x03000060
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5      0x03000061
-#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA         0x03000062
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA     0x03000063
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA          0x03000064
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA      0x03000065
-#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA                0x03000066
-/* AES ciphersuites from RFC3268 */
-#define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
-#define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
-#define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
-#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
-#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
-#define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
-#define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
-#define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
-#define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
-#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
-#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
-#define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
-/* Camellia ciphersuites from RFC4132 */
-#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA           0x03000041
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA        0x03000042
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA        0x03000043
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA       0x03000044
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA       0x03000045
-#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA           0x03000046
-#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA           0x03000084
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA       0x03000087
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA       0x03000088
-#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA           0x03000089
-/* SEED ciphersuites from RFC4162 */
-#define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
-#define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
-#define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
-#define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
-#define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
-#define TLS1_CK_ADH_WITH_SEED_SHA                       0x0300009B
-/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
-#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
-#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
-#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
-#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
-#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
-#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
-#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
-#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
-#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
-#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
-#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
-#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
-#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
-#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
-#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
-#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
-#define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
-#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
-#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
-#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
-#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
-/* XXX
- * Inconsistency alert:
- * The OpenSSL names of ciphers with ephemeral DH here include the string
- * "DHE", while elsewhere it has always been "EDH".
- * (The alias for the list of all such ciphers also is "EDH".)
- * The specifications speak of "EDH"; maybe we should allow both forms
- * for everything. */
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5         "EXP1024-RC4-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5     "EXP1024-RC2-CBC-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA        "EXP1024-DES-CBC-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA    "EXP1024-DHE-DSS-DES-CBC-SHA"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA         "EXP1024-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA     "EXP1024-DHE-DSS-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA               "DHE-DSS-RC4-SHA"
-/* AES ciphersuites from RFC3268 */
-#define TLS1_TXT_RSA_WITH_AES_128_SHA                   "AES128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA                "DH-DSS-AES128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA                "DH-RSA-AES128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA               "DHE-DSS-AES128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA               "DHE-RSA-AES128-SHA"
-#define TLS1_TXT_ADH_WITH_AES_128_SHA                   "ADH-AES128-SHA"
-#define TLS1_TXT_RSA_WITH_AES_256_SHA                   "AES256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA                "DH-DSS-AES256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA                "DH-RSA-AES256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA               "DHE-DSS-AES256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
-#define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
-/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
-#define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
-/* Camellia ciphersuites from RFC4132 */
-#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA          "CAMELLIA128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA       "DH-DSS-CAMELLIA128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA       "DH-RSA-CAMELLIA128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA      "DHE-DSS-CAMELLIA128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA      "DHE-RSA-CAMELLIA128-SHA"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA          "ADH-CAMELLIA128-SHA"
-#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA          "CAMELLIA256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA       "DH-DSS-CAMELLIA256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA       "DH-RSA-CAMELLIA256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA      "DHE-DSS-CAMELLIA256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
-/* SEED ciphersuites from RFC4162 */
-#define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
-#define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
-#define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
-#define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
-#define TLS_CT_RSA_SIGN                 1
-#define TLS_CT_DSS_SIGN                 2
-#define TLS_CT_RSA_FIXED_DH             3
-#define TLS_CT_DSS_FIXED_DH             4
-#define TLS_CT_ECDSA_SIGN               64
-#define TLS_CT_RSA_FIXED_ECDH           65
-#define TLS_CT_ECDSA_FIXED_ECDH         66
-#define TLS_CT_NUMBER                   7
-#define TLS1_FINISH_MAC_LENGTH          12
-#define TLS_MD_MAX_CONST_SIZE                   20
-#define TLS_MD_CLIENT_FINISH_CONST              "client finished"
-#define TLS_MD_CLIENT_FINISH_CONST_SIZE         15
-#define TLS_MD_SERVER_FINISH_CONST              "server finished"
-#define TLS_MD_SERVER_FINISH_CONST_SIZE         15
-#define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
-#define TLS_MD_KEY_EXPANSION_CONST              "key expansion"
-#define TLS_MD_KEY_EXPANSION_CONST_SIZE         13
-#define TLS_MD_CLIENT_WRITE_KEY_CONST           "client write key"
-#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE      16
-#define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
-#define TLS_MD_IV_BLOCK_CONST                   "IV block"
-#define TLS_MD_IV_BLOCK_CONST_SIZE              8
-#define TLS_MD_MASTER_SECRET_CONST              "master secret"
-#define TLS_MD_MASTER_SECRET_CONST_SIZE         13
-#ifdef CHARSET_EBCDIC
-#undef TLS_MD_CLIENT_FINISH_CONST
-#define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*client finished*/
-#undef TLS_MD_SERVER_FINISH_CONST
-#define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"  /*server finished*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
-#undef TLS_MD_KEY_EXPANSION_CONST
-#define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"  /*key expansion*/
-#undef TLS_MD_CLIENT_WRITE_KEY_CONST
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*client write key*/
-#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"  /*server write key*/
-#undef TLS_MD_IV_BLOCK_CONST
-#define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"  /*IV block*/
-#undef TLS_MD_MASTER_SECRET_CONST
-#define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"  /*master secret*/
-#endif
-#ifdef  __cplusplus
-}
-#endif
-#endif

diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h deleted file mode 100644 index 2d1d293e1a..0000000000 --- a/src/lib/libssl/tls1.h +++ /dev/null
@@ -1,407 +0,0 @@
1	/* ssl/tls1.h */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58	/* ====================================================================
59	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60	*
61	* Portions of the attached software ("Contribution") are developed by
62	* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63	*
64	* The Contribution is licensed pursuant to the OpenSSL open source
65	* license provided above.
66	*
67	* ECC cipher suite support in OpenSSL originally written by
68	* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
69	*
70	*/
71
72	#ifndef HEADER_TLS1_H
73	#define HEADER_TLS1_H
74
75	#include <openssl/buffer.h>
76
77	#ifdef __cplusplus
78	extern "C" {
79	#endif
80
81	#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
82
83	#define TLS1_VERSION 0x0301
84	#define TLS1_VERSION_MAJOR 0x03
85	#define TLS1_VERSION_MINOR 0x01
86
87	#define TLS1_AD_DECRYPTION_FAILED 21
88	#define TLS1_AD_RECORD_OVERFLOW 22
89	#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
90	#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
91	#define TLS1_AD_DECODE_ERROR 50 /* fatal */
92	#define TLS1_AD_DECRYPT_ERROR 51
93	#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */
94	#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
95	#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
96	#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
97	#define TLS1_AD_USER_CANCELLED 90
98	#define TLS1_AD_NO_RENEGOTIATION 100
99	/* codes 110-114 are from RFC3546 */
100	#define TLS1_AD_UNSUPPORTED_EXTENSION 110
101	#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
102	#define TLS1_AD_UNRECOGNIZED_NAME 112
103	#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
104	#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
105	#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
106
107	/* ExtensionType values from RFC 3546 */
108	#define TLSEXT_TYPE_server_name 0
109	#define TLSEXT_TYPE_max_fragment_length 1
110	#define TLSEXT_TYPE_client_certificate_url 2
111	#define TLSEXT_TYPE_trusted_ca_keys 3
112	#define TLSEXT_TYPE_truncated_hmac 4
113	#define TLSEXT_TYPE_status_request 5
114	#define TLSEXT_TYPE_elliptic_curves 10
115	#define TLSEXT_TYPE_ec_point_formats 11
116	#define TLSEXT_TYPE_session_ticket 35
117
118	/* NameType value from RFC 3546 */
119	#define TLSEXT_NAMETYPE_host_name 0
120	/* status request value from RFC 3546 */
121	#define TLSEXT_STATUSTYPE_ocsp 1
122
123	#ifndef OPENSSL_NO_TLSEXT
124
125	#define TLSEXT_MAXLEN_host_name 255
126
127	const char SSL_get_servername(const SSL s, const int type) ;
128	int SSL_get_servername_type(const SSL *s) ;
129
130	#define SSL_set_tlsext_host_name(s,name) \
131	SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
132
133	#define SSL_set_tlsext_debug_callback(ssl, cb) \
134	SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
135
136	#define SSL_set_tlsext_debug_arg(ssl, arg) \
137	SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
138
139	#define SSL_set_tlsext_status_type(ssl, type) \
140	SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
141
142	#define SSL_get_tlsext_status_exts(ssl, arg) \
143	SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
144
145	#define SSL_set_tlsext_status_exts(ssl, arg) \
146	SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
147
148	#define SSL_get_tlsext_status_ids(ssl, arg) \
149	SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
150
151	#define SSL_set_tlsext_status_ids(ssl, arg) \
152	SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
153
154	#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
155	SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
156
157	#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
158	SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
159
160	#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
161	SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
162
163	#define SSL_TLSEXT_ERR_OK 0
164	#define SSL_TLSEXT_ERR_ALERT_WARNING 1
165	#define SSL_TLSEXT_ERR_ALERT_FATAL 2
166	#define SSL_TLSEXT_ERR_NOACK 3
167
168	#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
169	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
170
171	#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
172	SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen),(keys))
173	#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
174	SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen),(keys))
175
176	#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
177	SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
178
179	#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
180	SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
181
182	#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
183	SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
184
185	#endif
186
187	/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
188	* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
189	* s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
190	* shouldn't. */
191	#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
192	#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
193	#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
194	#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
195	#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
196	#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
197	#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
198
199	/* AES ciphersuites from RFC3268 */
200
201	#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
202	#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
203	#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
204	#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
205	#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
206	#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
207
208	#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
209	#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
210	#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
211	#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
212	#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
213	#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
214
215	/* Camellia ciphersuites from RFC4132 */
216	#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
217	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
218	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
219	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
220	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
221	#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
222
223	#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
224	#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
225	#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
226	#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
227	#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
228	#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
229
230	/* SEED ciphersuites from RFC4162 */
231	#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
232	#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
233	#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
234	#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
235	#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
236	#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
237
238	/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
239	#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
240	#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
241	#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
242	#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
243	#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
244
245	#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
246	#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
247	#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
248	#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
249	#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
250
251	#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
252	#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
253	#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
254	#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
255	#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
256
257	#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
258	#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
259	#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
260	#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
261	#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
262
263	#define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
264	#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
265	#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
266	#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
267	#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
268
269	/* XXX
270	* Inconsistency alert:
271	* The OpenSSL names of ciphers with ephemeral DH here include the string
272	* "DHE", while elsewhere it has always been "EDH".
273	* (The alias for the list of all such ciphers also is "EDH".)
274	* The specifications speak of "EDH"; maybe we should allow both forms
275	* for everything. */
276	#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
277	#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
278	#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
279	#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
280	#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
281	#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
282	#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
283
284	/* AES ciphersuites from RFC3268 */
285	#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
286	#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
287	#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
288	#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
289	#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
290	#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
291
292	#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
293	#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
294	#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
295	#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
296	#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
297	#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
298
299	/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
300	#define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
301	#define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
302	#define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
303	#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
304	#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
305
306	#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
307	#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
308	#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
309	#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
310	#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
311
312	#define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
313	#define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
314	#define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
315	#define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
316	#define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
317
318	#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
319	#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
320	#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
321	#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
322	#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
323
324	#define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
325	#define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
326	#define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
327	#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
328	#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
329
330	/* Camellia ciphersuites from RFC4132 */
331	#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
332	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
333	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
334	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
335	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
336	#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
337
338	#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
339	#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
340	#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
341	#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
342	#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
343	#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
344
345	/* SEED ciphersuites from RFC4162 */
346	#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
347	#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
348	#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
349	#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
350	#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
351	#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
352
353	#define TLS_CT_RSA_SIGN 1
354	#define TLS_CT_DSS_SIGN 2
355	#define TLS_CT_RSA_FIXED_DH 3
356	#define TLS_CT_DSS_FIXED_DH 4
357	#define TLS_CT_ECDSA_SIGN 64
358	#define TLS_CT_RSA_FIXED_ECDH 65
359	#define TLS_CT_ECDSA_FIXED_ECDH 66
360	#define TLS_CT_NUMBER 7
361
362	#define TLS1_FINISH_MAC_LENGTH 12
363
364	#define TLS_MD_MAX_CONST_SIZE 20
365	#define TLS_MD_CLIENT_FINISH_CONST "client finished"
366	#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
367	#define TLS_MD_SERVER_FINISH_CONST "server finished"
368	#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
369	#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
370	#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
371	#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
372	#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
373	#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
374	#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
375	#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
376	#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
377	#define TLS_MD_IV_BLOCK_CONST "IV block"
378	#define TLS_MD_IV_BLOCK_CONST_SIZE 8
379	#define TLS_MD_MASTER_SECRET_CONST "master secret"
380	#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
381
382	#ifdef CHARSET_EBCDIC
383	#undef TLS_MD_CLIENT_FINISH_CONST
384	#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /client finished/
385	#undef TLS_MD_SERVER_FINISH_CONST
386	#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /server finished/
387	#undef TLS_MD_SERVER_WRITE_KEY_CONST
388	#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /server write key/
389	#undef TLS_MD_KEY_EXPANSION_CONST
390	#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /key expansion/
391	#undef TLS_MD_CLIENT_WRITE_KEY_CONST
392	#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /client write key/
393	#undef TLS_MD_SERVER_WRITE_KEY_CONST
394	#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /server write key/
395	#undef TLS_MD_IV_BLOCK_CONST
396	#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /IV block/
397	#undef TLS_MD_MASTER_SECRET_CONST
398	#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /master secret/
399	#endif
400
401	#ifdef __cplusplus
402	}
403	#endif
404	#endif
405
406
407