// $Id: SSLCiphers.h 1678 2005-11-08 19:16:37Z vern $ #ifndef SSL_CIPHERS_H #define SSL_CIPHERS_H #include "Dict.h" // --- definitions for sslv3x cipher handling --------------------------------- /*! * In SSLv2, a cipher spec consists of three bytes. */ enum SSLv2_CipherSpec { // --- standard SSLv2 ciphers SSL_CK_RC4_128_WITH_MD5 = 0x010080, SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x020080, SSL_CK_RC2_128_CBC_WITH_MD5 = 0x030080, SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x040080, SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x050080, SSL_CK_DES_64_CBC_WITH_MD5 = 0x060040, SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x0700C0, SSL_CK_RC4_64_WITH_MD5 = 0x080080 }; /*! * In SSLv3x, a cipher spec consists of two bytes. */ enum SSL3_1_CipherSpec { // --- standard SSLv3x ciphers TLS_NULL_WITH_NULL_NULL = 0x0000, TLS_RSA_WITH_NULL_MD5 = 0x0001, TLS_RSA_WITH_NULL_SHA = 0x0002, TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003, TLS_RSA_WITH_RC4_128_MD5 = 0x0004, TLS_RSA_WITH_RC4_128_SHA = 0x0005, TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006, TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007, TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008, TLS_RSA_WITH_DES_CBC_SHA = 0x0009, TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B, TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C, TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D, TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E, TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F, TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010, TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011, TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014, TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017, TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018, TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019, TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A, TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, // --- special SSLv3 ciphers SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x001C, SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x001D, //SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x001E, // -- RFC 2712 (ciphers not fully described in SSLCiphers.cc) TLS_KRB5_WITH_DES_CBC_SHA = 0x001E, TLS_KRB5_WITH_3DES_EDE_CBC_SHA = 0x001F, TLS_KRB5_WITH_RC4_128_SHA = 0x0020, TLS_KRB5_WITH_IDEA_CBC_SHA = 0x0021, TLS_KRB5_WITH_DES_CBC_MD5 = 0x0022, TLS_KRB5_WITH_3DES_EDE_CBC_MD5 = 0x0023, TLS_KRB5_WITH_RC4_128_MD5 = 0x0024, TLS_KRB5_WITH_IDEA_CBC_MD5 = 0x0025, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA = 0x0026, TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA = 0x0027, TLS_KRB5_EXPORT_WITH_RC4_40_SHA = 0x0028, TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 = 0x0029, TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 = 0x002A, TLS_KRB5_EXPORT_WITH_RC4_40_MD5 = 0x002B, // --- new AES ciphers TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030, TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031, TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034, TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036, TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037, TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A, TLS_RSA_WITH_NULL_SHA256 = 0x003B, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E, TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, // -- RFC 4132 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041, TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042, TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043, TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046, // -- Non-RFC. Widely deployed implementation (ciphers not fully described in SSLCiphers.cc) TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = 0x0060, TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = 0x0061, TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = 0x0062, TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = 0x0063, TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = 0x0064, TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = 0x0065, TLS_DHE_DSS_WITH_RC4_128_SHA = 0x0066, // -- RFC 5246 (ciphers not fully described in SSLCiphers.cc) TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068, TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C, TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D, // -- RFC 5932 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084, TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085, TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086, TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088, TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089, // -- RFC 4279 (ciphers not fully described in SSLCiphers.cc) TLS_PSK_WITH_RC4_128_SHA = 0x008A, TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E, TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F, TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092, TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093, TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094, TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095, // -- RFC 4162 TLS_RSA_WITH_SEED_CBC_SHA = 0x0096, TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097, TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098, TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099, TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A, TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B, // -- RFC 5288 (ciphers not fully described in SSLCiphers.cc) TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C, TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F, TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0, TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3, TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4, TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5, TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6, TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7, // -- RFC 5487 (ciphers not fully described in SSLCiphers.cc) TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8, TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9, TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA, TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB, TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC, TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD, TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE, TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF, TLS_PSK_WITH_NULL_SHA256 = 0x00B0, TLS_PSK_WITH_NULL_SHA384 = 0x00B1, TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2, TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3, TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4, TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5, TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6, TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7, TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8, TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9, // -- RFC 5932 (ciphers not fully described in SSLCiphers.cc) TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA, TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB, TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC, TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE, TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF, TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0, TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1, TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2, TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3, TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4, TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5, // -- RFC 4492 TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001, TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005, TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B, TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F, TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010, TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, TLS_ECDH_anon_WITH_NULL_SHA = 0xC015, TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017, TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018, TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019, // -- RFC 5054 (ciphers not fully described in SSLCiphers.cc) TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A, TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B, TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C, TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D, TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E, TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F, TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020, TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021, TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022, // -- RFC 5289 (ciphers not fully described in SSLCiphers.cc) TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032, // -- RFC 5489 (ciphers not fully described in SSLCiphers.cc) TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033, TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038, TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039, TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A, TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B, // --- special SSLv3 FIPS ciphers SSL_RSA_FIPS_WITH_DES_CBC_SHA = 0xFEFE, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = 0xFEFF, SSL_RSA_FIPS_WITH_DES_CBC_SHA_2 = 0xFFE1, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA_2 = 0xFFE0, // Tags for SSL 2 cipher kinds which are not specified for SSL 3. SSL_RSA_WITH_RC2_CBC_MD5 = 0xFF80, SSL_RSA_WITH_IDEA_CBC_MD5 = 0xFF81, SSL_RSA_WITH_DES_CBC_MD5 = 0xFF82, SSL_RSA_WITH_3DES_EDE_CBC_MD5 = 0xFF83, TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF, }; enum SSL_CipherType { SSL_CIPHER_TYPE_STREAM, SSL_CIPHER_TYPE_BLOCK, SSL_CIPHER_TYPE_NULL }; enum SSL_BulkCipherAlgorithm { SSL_CIPHER_NULL, SSL_CIPHER_RC4, SSL_CIPHER_RC2, SSL_CIPHER_DES, SSL_CIPHER_3DES, SSL_CIPHER_DES40, SSL_CIPHER_FORTEZZA, SSL_CIPHER_IDEA, SSL_CIPHER_AES, SSL_CIPHER_CAMELLIA, SSL_CIPHER_SEED, }; enum SSL_MACAlgorithm { SSL_MAC_NULL, SSL_MAC_MD5, SSL_MAC_SHA }; enum SSL_KeyExchangeAlgorithm { SSL_KEY_EXCHANGE_NULL, SSL_KEY_EXCHANGE_RSA, SSL_KEY_EXCHANGE_RSA_EXPORT, SSL_KEY_EXCHANGE_DH, SSL_KEY_EXCHANGE_DH_DSS, SSL_KEY_EXCHANGE_DH_DSS_EXPORT, SSL_KEY_EXCHANGE_DH_RSA, SSL_KEY_EXCHANGE_DH_RSA_EXPORT, SSL_KEY_EXCHANGE_DHE_DSS, SSL_KEY_EXCHANGE_DHE_DSS_EXPORT, SSL_KEY_EXCHANGE_DHE_RSA, SSL_KEY_EXCHANGE_DHE_RSA_EXPORT, SSL_KEY_EXCHANGE_DH_anon, SSL_KEY_EXCHANGE_DH_anon_EXPORT, SSL_KEY_EXCHANGE_FORTEZZA_KEA, // --- new 56 bit export ciphers SSL_KEY_EXCHANGE_RSA_EXPORT1024, SSL_KEY_EXCHANGE_DHE_DSS_EXPORT1024, // -- Elliptic Curve key change algorithms (rfc4492) SSL_KEY_EXCHANGE_ECDH_ECDSA, SSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_KEY_EXCHANGE_ECDH_RSA, SSL_KEY_EXCHANGE_ECDHE_RSA, SSL_KEY_EXCHANGE_ECDH_anon, }; #if 0 struct SSL_CipherSpecImprove { uint32 identifier; // SSL_CipherType cipherType; SSL_BulkCipherAlgorithm encryptionAlgorithm; SSL_BulkCipherAlgorithm authenticationAlgorithm; SSL_BulkCipherAlgorithm keyAlgorithm; SSL_MACAlgorithm macAlgorithm; int clearkeySize; int encryptedkeySize; uint32 flags; // IsExportable IsSSLv2 IsSSLv30 IsSSLv31 const char* fullName = "TLS_WITH_NULL_NULL"; }; #endif struct SSL_CipherSpec { uint32 identifier; ///< type code of the CIPHER-SPEC (2 or 3 Bytes) SSL_CipherType cipherType; uint32 flags; SSL_BulkCipherAlgorithm bulkCipherAlgorithm; SSL_MACAlgorithm macAlgorithm; SSL_KeyExchangeAlgorithm keyExchangeAlgorithm; int clearKeySize; ///< size in bits of plaintext part of master key int encryptedKeySize; ///< size in bits of encrypted part of master key int hashSize; }; const uint32 SSL_FLAG_EXPORT = 0x0001; ///< set if exportable cipher const uint32 SSL_FLAG_SSLv20 = 0x0002; ///< set if cipher defined for SSLv20 const uint32 SSL_FLAG_SSLv30 = 0x0004; ///< set if cipher defined for SSLv30 const uint32 SSL_FLAG_SSLv31 = 0x0008; ///< set if cipher defined for SSLv31 declare(PDict, SSL_CipherSpec); extern PDict(SSL_CipherSpec) SSL_CipherSpecDict; extern SSL_CipherSpec SSL_CipherSpecs[]; extern const uint SSL_CipherSpecs_Count; #endif