From bdba74960ad6f24641b7f49b5c501c2b5c3e71db Mon Sep 17 00:00:00 2001
From: Peter Wu <lekensteyn@gmail.com>
Date: Wed, 2 Oct 2013 00:44:42 +0200
Subject: Add cleanup patches in development

I previously mentioned that nobody seems to support AES CCM for PSK, but
then I noticed that bug 8567 uses this for a DTLS capture. I might need
to add some of these missing cases to the ssl_get_keyex_alg function.

 [1]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8567
---
 ...-ssl-drop-unused-SIG_-field-and-constants.patch | 349 +++++++++++++++++++++
 1 file changed, 349 insertions(+)
 create mode 100644 patches-psk-cleanup/0003-ssl-drop-unused-SIG_-field-and-constants.patch

(limited to 'patches-psk-cleanup/0003-ssl-drop-unused-SIG_-field-and-constants.patch')

diff --git a/patches-psk-cleanup/0003-ssl-drop-unused-SIG_-field-and-constants.patch b/patches-psk-cleanup/0003-ssl-drop-unused-SIG_-field-and-constants.patch
new file mode 100644
index 0000000..7fd131a
--- /dev/null
+++ b/patches-psk-cleanup/0003-ssl-drop-unused-SIG_-field-and-constants.patch
@@ -0,0 +1,349 @@
+From 3ae3c5039f134b484bdb3e0d898d15ef11d7b1d5 Mon Sep 17 00:00:00 2001
+From: Peter Wu <lekensteyn@gmail.com>
+Date: Tue, 1 Oct 2013 23:13:04 +0200
+Subject: [PATCH 3/6] ssl: drop unused SIG_ field and constants
+
+These "signature" (server authentication) fields are not used by
+Wireshark and complicates the cipher suites list unnecessary. Some are
+even incorrect, like cipher 139 (TLS_PSK_WITH_3DES_EDE_CBC_SHA) which
+does not use SIG_RSA, but it unauthenticated using a PSK only.
+
+Since this field is not used, decrease maintenance burden by removing
+it. If someone feels a need to re-add this field, you can update
+generate-wireshark-cs[1] and regenerate the code.
+
+ [1]: https://git.lekensteyn.nl/peter/wireshark-notes/tree/
+---
+ epan/dissectors/packet-ssl-utils.c | 292 ++++++++++++++++++-------------------
+ epan/dissectors/packet-ssl-utils.h |   5 -
+ 2 files changed, 146 insertions(+), 151 deletions(-)
+
+diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c
+index cebf230..e478057 100644
+--- a/epan/dissectors/packet-ssl-utils.c
++++ b/epan/dissectors/packet-ssl-utils.c
+@@ -1763,152 +1763,152 @@ static const gchar *ciphers[]={
+ };
+ 
+ static SslCipherSuite cipher_suites[]={
+-    {1,KEX_RSA,SIG_RSA,ENC_NULL,1,0,0,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_MD5 */
+-    {2,KEX_RSA,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_SHA */
+-    {3,KEX_RSA,SIG_RSA,ENC_RC4,1,128,40,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
+-    {4,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_RC4_128_MD5 */
+-    {5,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_RC4_128_SHA */
+-    {6,KEX_RSA,SIG_RSA,ENC_RC2,8,128,40,DIG_MD5, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */
+-    {7,KEX_RSA,SIG_RSA,ENC_IDEA,8,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_IDEA_CBC_SHA */
+-    {8,KEX_RSA,SIG_RSA,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA */
+-    {9,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_DES_CBC_SHA */
+-    {10,KEX_RSA,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */
+-    {11,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA */
+-    {12,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_DES_CBC_SHA */
+-    {13,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA */
+-    {14,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA */
+-    {15,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_DES_CBC_SHA */
+-    {16,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA */
+-    {17,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA */
+-    {18,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_DES_CBC_SHA */
+-    {19,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */
+-    {20,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA */
+-    {21,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_DES_CBC_SHA */
+-    {22,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */
+-    {23,KEX_DH,SIG_NONE,ENC_RC4,1,128,40,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 */
+-    {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_DH_anon_WITH_RC4_128_MD5 */
+-    {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA */
+-    {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_DES_CBC_SHA */
+-    {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_3DES_EDE_CBC_SHA */
+-    {47,KEX_RSA,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_128_CBC_SHA */
+-    {48,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_128_CBC_SHA */
+-    {49,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_128_CBC_SHA */
+-    {50,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA */
+-    {51,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
+-    {52,KEX_DH,SIG_NONE,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_128_CBC_SHA */
+-    {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_256_CBC_SHA */
+-    {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_256_CBC_SHA */
+-    {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_256_CBC_SHA */
+-    {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA */
+-    {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */
+-    {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_256_CBC_SHA */
+-    {59,KEX_RSA,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA256, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_SHA256 */
+-    {60,KEX_RSA,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_128_CBC_SHA256 */
+-    {61,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_256_CBC_SHA256 */
+-    {62,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_128_CBC_SHA256 */
+-    {63,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_128_CBC_SHA256 */
+-    {64,KEX_DH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 */
+-    {65,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */
+-    {66,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA */
+-    {67,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA */
+-    {68,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA */
+-    {69,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */
+-    {70,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA */
+-    {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5, SSL_CIPHER_MODE_STREAM},
+-    {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5, SSL_CIPHER_MODE_STREAM},
+-    {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,56,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA */
+-    {99,KEX_DH,SIG_DSS,ENC_DES,8,64,56,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA */
+-    {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA, SSL_CIPHER_MODE_STREAM},
+-    {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA, SSL_CIPHER_MODE_STREAM},
+-    {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},
+-    {103,KEX_DH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */
+-    {104,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_256_CBC_SHA256 */
+-    {105,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_256_CBC_SHA256 */
+-    {106,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 */
+-    {107,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */
+-    {108,KEX_DH,SIG_NONE,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
+-    {109,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
+-    {132,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */
+-    {133,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA */
+-    {134,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA */
+-    {135,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA */
+-    {136,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */
+-    {137,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA */
+-    {139,KEX_PSK,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},
+-    {140,KEX_PSK,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},
+-    {141,KEX_PSK,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},
+-    {150,KEX_RSA,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_SEED_CBC_SHA */
+-    {151,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_SEED_CBC_SHA */
+-    {152,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_SEED_CBC_SHA */
+-    {153,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_SEED_CBC_SHA */
+-    {154,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_SEED_CBC_SHA */
+-    {155,KEX_DH,SIG_NONE,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_SEED_CBC_SHA */
+-    {156,KEX_RSA,SIG_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
+-    {157,KEX_RSA,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_RSA_WITH_AES_256_GCM_SHA384 */
+-    {158,KEX_DH,SIG_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
+-    {159,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
+-    {160,KEX_DH,SIG_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_RSA_WITH_AES_128_GCM_SHA256 */
+-    {161,KEX_DH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_RSA_WITH_AES_256_GCM_SHA384 */
+-    {162,KEX_DH,SIG_DSS,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 */
+-    {163,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 */
+-    {164,KEX_DH,SIG_DSS,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_DSS_WITH_AES_128_GCM_SHA256 */
+-    {165,KEX_DH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_DSS_WITH_AES_256_GCM_SHA384 */
+-    {166,KEX_DH,SIG_NONE,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
+-    {167,KEX_DH,SIG_NONE,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
+-    {186,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {187,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {188,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {189,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {190,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {191,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 */
+-    {192,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {193,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {194,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */
+-    {49153,KEX_ECDH,SIG_DSS,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
+-    {49154,KEX_ECDH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
+-    {49155,KEX_ECDH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
+-    {49156,KEX_ECDH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
+-    {49157,KEX_ECDH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
+-    {49158,KEX_ECDH,SIG_DSS,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
+-    {49159,KEX_ECDH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
+-    {49160,KEX_ECDH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
+-    {49161,KEX_ECDH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
+-    {49162,KEX_ECDH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
+-    {49163,KEX_ECDH,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_RSA_WITH_NULL_SHA */
+-    {49164,KEX_ECDH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
+-    {49165,KEX_ECDH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
+-    {49166,KEX_ECDH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
+-    {49167,KEX_ECDH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
+-    {49168,KEX_ECDH,SIG_RSA,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_RSA_WITH_NULL_SHA */
+-    {49169,KEX_ECDH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
+-    {49170,KEX_ECDH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
+-    {49171,KEX_ECDH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
+-    {49172,KEX_ECDH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
+-    {49173,KEX_ECDH,SIG_NONE,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_anon_WITH_NULL_SHA */
+-    {49174,KEX_ECDH,SIG_NONE,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_anon_WITH_RC4_128_SHA */
+-    {49175,KEX_ECDH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
+-    {49176,KEX_ECDH,SIG_NONE,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
+-    {49177,KEX_ECDH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
+-    {49187,KEX_ECDH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
+-    {49188,KEX_ECDH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
+-    {49189,KEX_ECDH,SIG_DSS,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
+-    {49190,KEX_ECDH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */
+-    {49191,KEX_ECDH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */
+-    {49192,KEX_ECDH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
+-    {49193,KEX_ECDH,SIG_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
+-    {49194,KEX_ECDH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
+-    {49195,KEX_ECDH,SIG_DSS,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
+-    {49196,KEX_ECDH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
+-    {49197,KEX_ECDH,SIG_DSS,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
+-    {49198,KEX_ECDH,SIG_DSS,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
+-    {49199,KEX_ECDH,SIG_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
+-    {49200,KEX_ECDH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
+-    {49201,KEX_ECDH,SIG_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
+-    {49202,KEX_ECDH,SIG_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
+-    {-1, 0,0,0,0,0,0,0, 0}
++    {1,KEX_RSA,ENC_NULL,1,0,0,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_MD5 */
++    {2,KEX_RSA,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_SHA */
++    {3,KEX_RSA,ENC_RC4,1,128,40,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_EXPORT_WITH_RC4_40_MD5 */
++    {4,KEX_RSA,ENC_RC4,1,128,128,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_RC4_128_MD5 */
++    {5,KEX_RSA,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_RC4_128_SHA */
++    {6,KEX_RSA,ENC_RC2,8,128,40,DIG_MD5, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 */
++    {7,KEX_RSA,ENC_IDEA,8,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_IDEA_CBC_SHA */
++    {8,KEX_RSA,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA */
++    {9,KEX_RSA,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_DES_CBC_SHA */
++    {10,KEX_RSA,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_3DES_EDE_CBC_SHA */
++    {11,KEX_DH,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA */
++    {12,KEX_DH,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_DES_CBC_SHA */
++    {13,KEX_DH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA */
++    {14,KEX_DH,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA */
++    {15,KEX_DH,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_DES_CBC_SHA */
++    {16,KEX_DH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA */
++    {17,KEX_DH,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA */
++    {18,KEX_DH,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_DES_CBC_SHA */
++    {19,KEX_DH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA */
++    {20,KEX_DH,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA */
++    {21,KEX_DH,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_DES_CBC_SHA */
++    {22,KEX_DH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA */
++    {23,KEX_DH,ENC_RC4,1,128,40,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 */
++    {24,KEX_DH,ENC_RC4,1,128,128,DIG_MD5, SSL_CIPHER_MODE_STREAM},   /* TLS_DH_anon_WITH_RC4_128_MD5 */
++    {25,KEX_DH,ENC_DES,8,64,40,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA */
++    {26,KEX_DH,ENC_DES,8,64,64,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_DES_CBC_SHA */
++    {27,KEX_DH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_3DES_EDE_CBC_SHA */
++    {47,KEX_RSA,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_128_CBC_SHA */
++    {48,KEX_DH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_128_CBC_SHA */
++    {49,KEX_DH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_128_CBC_SHA */
++    {50,KEX_DH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA */
++    {51,KEX_DH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
++    {52,KEX_DH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_128_CBC_SHA */
++    {53,KEX_RSA,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_256_CBC_SHA */
++    {54,KEX_DH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_256_CBC_SHA */
++    {55,KEX_DH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_256_CBC_SHA */
++    {56,KEX_DH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA */
++    {57,KEX_DH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */
++    {58,KEX_DH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_256_CBC_SHA */
++    {59,KEX_RSA,ENC_NULL,1,0,0,DIG_SHA256, SSL_CIPHER_MODE_STREAM},   /* TLS_RSA_WITH_NULL_SHA256 */
++    {60,KEX_RSA,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_128_CBC_SHA256 */
++    {61,KEX_RSA,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_AES_256_CBC_SHA256 */
++    {62,KEX_DH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_128_CBC_SHA256 */
++    {63,KEX_DH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_128_CBC_SHA256 */
++    {64,KEX_DH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 */
++    {65,KEX_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA */
++    {66,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA */
++    {67,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA */
++    {68,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA */
++    {69,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA */
++    {70,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA */
++    {96,KEX_RSA,ENC_RC4,1,128,56,DIG_MD5, SSL_CIPHER_MODE_STREAM},
++    {97,KEX_RSA,ENC_RC2,1,128,56,DIG_MD5, SSL_CIPHER_MODE_STREAM},
++    {98,KEX_RSA,ENC_DES,8,64,56,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA */
++    {99,KEX_DH,ENC_DES,8,64,56,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA */
++    {100,KEX_RSA,ENC_RC4,1,128,56,DIG_SHA, SSL_CIPHER_MODE_STREAM},
++    {101,KEX_DH,ENC_RC4,1,128,56,DIG_SHA, SSL_CIPHER_MODE_STREAM},
++    {102,KEX_DH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},
++    {103,KEX_DH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 */
++    {104,KEX_DH,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_AES_256_CBC_SHA256 */
++    {105,KEX_DH,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_AES_256_CBC_SHA256 */
++    {106,KEX_DH,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 */
++    {107,KEX_DH,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 */
++    {108,KEX_DH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
++    {109,KEX_DH,ENC_AES256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
++    {132,KEX_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA */
++    {133,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA */
++    {134,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA */
++    {135,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA */
++    {136,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA */
++    {137,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA */
++    {139,KEX_PSK,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},
++    {140,KEX_PSK,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},
++    {141,KEX_PSK,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},
++    {150,KEX_RSA,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_SEED_CBC_SHA */
++    {151,KEX_DH,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_SEED_CBC_SHA */
++    {152,KEX_DH,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_SEED_CBC_SHA */
++    {153,KEX_DH,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_SEED_CBC_SHA */
++    {154,KEX_DH,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_SEED_CBC_SHA */
++    {155,KEX_DH,ENC_SEED,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_SEED_CBC_SHA */
++    {156,KEX_RSA,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
++    {157,KEX_RSA,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_RSA_WITH_AES_256_GCM_SHA384 */
++    {158,KEX_DH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */
++    {159,KEX_DH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 */
++    {160,KEX_DH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_RSA_WITH_AES_128_GCM_SHA256 */
++    {161,KEX_DH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_RSA_WITH_AES_256_GCM_SHA384 */
++    {162,KEX_DH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 */
++    {163,KEX_DH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 */
++    {164,KEX_DH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_DSS_WITH_AES_128_GCM_SHA256 */
++    {165,KEX_DH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_DSS_WITH_AES_256_GCM_SHA384 */
++    {166,KEX_DH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
++    {167,KEX_DH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
++    {186,KEX_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
++    {187,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
++    {188,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
++    {189,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 */
++    {190,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 */
++    {191,KEX_DH,ENC_CAMELLIA128,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 */
++    {192,KEX_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
++    {193,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
++    {194,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
++    {195,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 */
++    {196,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 */
++    {197,KEX_DH,ENC_CAMELLIA256,16,256,256,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */
++    {49153,KEX_ECDH,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
++    {49154,KEX_ECDH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
++    {49155,KEX_ECDH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA */
++    {49156,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA */
++    {49157,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA */
++    {49158,KEX_ECDH,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
++    {49159,KEX_ECDH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA */
++    {49160,KEX_ECDH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA */
++    {49161,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA */
++    {49162,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA */
++    {49163,KEX_ECDH,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_RSA_WITH_NULL_SHA */
++    {49164,KEX_ECDH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
++    {49165,KEX_ECDH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA */
++    {49166,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA */
++    {49167,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */
++    {49168,KEX_ECDH,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_RSA_WITH_NULL_SHA */
++    {49169,KEX_ECDH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
++    {49170,KEX_ECDH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA */
++    {49171,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */
++    {49172,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
++    {49173,KEX_ECDH,ENC_NULL,1,0,0,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_anon_WITH_NULL_SHA */
++    {49174,KEX_ECDH,ENC_RC4,1,128,128,DIG_SHA, SSL_CIPHER_MODE_STREAM},   /* TLS_ECDH_anon_WITH_RC4_128_SHA */
++    {49175,KEX_ECDH,ENC_3DES,8,192,192,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
++    {49176,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
++    {49177,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
++    {49187,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 */
++    {49188,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 */
++    {49189,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 */
++    {49190,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 */
++    {49191,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 */
++    {49192,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 */
++    {49193,KEX_ECDH,ENC_AES,16,128,128,DIG_SHA256, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 */
++    {49194,KEX_ECDH,ENC_AES256,16,256,256,DIG_SHA384, SSL_CIPHER_MODE_CBC},   /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 */
++    {49195,KEX_ECDH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 */
++    {49196,KEX_ECDH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 */
++    {49197,KEX_ECDH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 */
++    {49198,KEX_ECDH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 */
++    {49199,KEX_ECDH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
++    {49200,KEX_ECDH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 */
++    {49201,KEX_ECDH,ENC_AES,4,128,128,DIG_SHA256, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 */
++    {49202,KEX_ECDH,ENC_AES256,4,256,256,DIG_SHA384, SSL_CIPHER_MODE_GCM},   /* TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 */
++    {-1, 0,0,0,0,0,0, 0}
+ };
+ 
+ #define MAX_BLOCK_SIZE 16
+diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h
+index 4c9dd84..30f78ae 100644
+--- a/epan/dissectors/packet-ssl-utils.h
++++ b/epan/dissectors/packet-ssl-utils.h
+@@ -234,7 +234,6 @@ typedef struct _StringInfo {
+ typedef struct _SslCipherSuite {
+     gint number;
+     gint kex;
+-    gint sig;
+     gint enc;
+     gint block; /* IV block size */
+     gint bits;
+@@ -270,10 +269,6 @@ typedef struct _SslDecoder {
+ #define KEX_ECDH        0x13
+ #define KEX_RSA_PSK     0x14
+ 
+-#define SIG_RSA         0x20
+-#define SIG_DSS         0x21
+-#define SIG_NONE        0x22
+-
+ #define ENC_DES         0x30
+ #define ENC_3DES        0x31
+ #define ENC_RC4         0x32
+-- 
+1.8.4
+
-- 
cgit v1.2.1