With lots of disabled code it does now build.
authorWerner Koch <wk@gnupg.org>
Mon, 29 Sep 2014 14:16:25 +0000 (16:16 +0200)
committerWerner Koch <wk@gnupg.org>
Wed, 1 Oct 2014 15:44:16 +0000 (17:44 +0200)
--

17 files changed:
configure.ac
src/Makefile.am
src/ciphersuites.c
src/ciphersuites.h
src/context.h
src/debug.c
src/libntbtls.vers
src/ntbtls-cli.c
src/ntbtls-config.in [new file with mode: 0644]
src/ntbtls-int.h
src/ntbtls.h.in
src/ntbtls.m4 [new file with mode: 0644]
src/protocol-cli.c
src/protocol-srv.c
src/protocol.c
src/util.h
src/x509.c [new file with mode: 0644]

index 70b86e8..9993710 100644 (file)
@@ -56,8 +56,12 @@ LIBNTBTLS_LT_CURRENT=0
 LIBNTBTLS_LT_AGE=0
 LIBNTBTLS_LT_REVISION=0
 
+# If the API is changed in an incompatible way: increment the next counter.
+NTBTLS_CONFIG_API_VERSION=1
 
-NEED_GPG_ERROR_VERSION=1.15
+# Minimum versions for required libraries
+
+NEED_GPG_ERROR_VERSION=1.16
 
 NEED_LIBGCRYPT_API=1
 NEED_LIBGCRYPT_VERSION=1.6.0
@@ -65,6 +69,9 @@ NEED_LIBGCRYPT_VERSION=1.6.0
 NEED_KSBA_API=1
 NEED_KSBA_VERSION=1.2.0
 
+
+# End of config section
+
 PACKAGE=$PACKAGE_NAME
 VERSION=$PACKAGE_VERSION
 
@@ -258,6 +265,8 @@ AC_MSG_NOTICE([checking for libraries])
 #
 AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION",
                   have_gpg_error=yes,have_gpg_error=no)
+AC_DEFINE(GPG_ERR_SOURCE_DEFAULT, GPG_ERR_SOURCE_TLS,
+          [The default error source for NTBTLS.])
 
 
 #
@@ -569,6 +578,20 @@ AC_ARG_ENABLE(optimization,
 #
 
 
+
+#
+# Set variables for use by ntbtls-config.
+#
+NTBTLS_CONFIG_LIBS="-lntbtls -lksba -lgcrypt"
+NTBTLS_CONFIG_CFLAGS=""
+NTBTLS_CONFIG_HOST="$host"
+
+AC_SUBST(NTBTLS_CONFIG_API_VERSION)
+AC_SUBST(NTBTLS_CONFIG_LIBS)
+AC_SUBST(NTBTLS_CONFIG_CFLAGS)
+AC_SUBST(NTBTLS_CONFIG_HOST)
+
+
 #
 # Provide information about the build.
 #
@@ -642,7 +665,11 @@ Makefile
 m4/Makefile
 src/Makefile
 src/ntbtls.h
+src/ntbtls-config
 ])
+AC_CONFIG_COMMANDS([ntbtls-conf],[[
+chmod +x src/ntbtls-config
+]])
 
 
 AC_OUTPUT
index b871d74..a693b28 100644 (file)
@@ -83,6 +83,8 @@ libntbtls_la_SOURCES = \
        context.h ntbtls-int.h util.h wipemem.h \
        protocol.c \
        protocol-cli.c \
+       ciphersuites.c ciphersuites.h \
+       x509.c \
        debug.c
 
 # protocol-srv.c
@@ -90,3 +92,10 @@ libntbtls_la_SOURCES = \
 install-data-local: install-def-file
 
 uninstall-local: uninstall-def-file
+
+
+# Sample programs
+
+ntbtls_cli_CFLAGS = @LIBGCRYPT_CFLAGS@ @KSBA_CFLAGS@ @GPG_ERROR_CFLAGS@
+ntbtls_cli_LDFLAGS = -no-install
+ntbtls_cli_LDADD = libntbtls.la @LIBGCRYPT_LIBS@ @KSBA_LIBS@ @GPG_ERROR_LIBS@
index 75e178c..ebc2d40 100644 (file)
  * the file AUTHORS in the top directory of NTBTLS.
  */
 
+#include <config.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "ntbtls-int.h"
+#include "ciphersuites.h"
+
+/*
+ * This structure is used for storing ciphersuite information
+ */
+struct _ntbtls_ciphersuite_s
+{
+  int tlsid;
+  const char *name;
+  cipher_algo_t cipher;
+  cipher_mode_t ciphermode;
+  md_algo_t mac;
+  key_exchange_type_t key_exchange;
+  unsigned char flags;
+  unsigned char min_major_ver;
+  unsigned char min_minor_ver;
+  unsigned char max_major_ver;
+  unsigned char max_minor_ver;
+};
+
 
 
 /*
  * Ordered from most preferred to least preferred in terms of security.
  *
- * Current rule (except rc4, weak and null which come last):
+ * Current rule:
  * 1. By key exchange:
  *    Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
  * 2. By key length and cipher:
@@ -201,1825 +226,1202 @@ static const int ciphersuite_preference[] = {
 
   TLS_PSK_WITH_3DES_EDE_CBC_SHA,
 
-  /* RC4 suites */
-  TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
-  TLS_ECDHE_RSA_WITH_RC4_128_SHA,
-  TLS_ECDHE_PSK_WITH_RC4_128_SHA,
-  TLS_DHE_PSK_WITH_RC4_128_SHA,
-  TLS_RSA_WITH_RC4_128_SHA,
-  TLS_RSA_WITH_RC4_128_MD5,
-  TLS_ECDH_RSA_WITH_RC4_128_SHA,
-  TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
-  TLS_RSA_PSK_WITH_RC4_128_SHA,
-  TLS_PSK_WITH_RC4_128_SHA,
-
-  /* Weak suites */
-  TLS_DHE_RSA_WITH_DES_CBC_SHA,
-  TLS_RSA_WITH_DES_CBC_SHA,
-
-  /* NULL suites */
-  TLS_ECDHE_ECDSA_WITH_NULL_SHA,
-  TLS_ECDHE_RSA_WITH_NULL_SHA,
-  TLS_ECDHE_PSK_WITH_NULL_SHA384,
-  TLS_ECDHE_PSK_WITH_NULL_SHA256,
-  TLS_ECDHE_PSK_WITH_NULL_SHA,
-  TLS_DHE_PSK_WITH_NULL_SHA384,
-  TLS_DHE_PSK_WITH_NULL_SHA256,
-  TLS_DHE_PSK_WITH_NULL_SHA,
-
-  TLS_RSA_WITH_NULL_SHA256,
-  TLS_RSA_WITH_NULL_SHA,
-  TLS_RSA_WITH_NULL_MD5,
-  TLS_ECDH_RSA_WITH_NULL_SHA,
-  TLS_ECDH_ECDSA_WITH_NULL_SHA,
-  TLS_RSA_PSK_WITH_NULL_SHA384,
-  TLS_RSA_PSK_WITH_NULL_SHA256,
-  TLS_RSA_PSK_WITH_NULL_SHA,
-  TLS_PSK_WITH_NULL_SHA384,
-  TLS_PSK_WITH_NULL_SHA256,
-  TLS_PSK_WITH_NULL_SHA,
-
   0
 };
 
 
 
-/*
- * This structure is used for storing ciphersuite information
- */
-struct _ntbtls_ciphersuite_s
-{
-  int id;
-  const char * name;
-
-  cipher_type_t cipher;
-  md_type_t mac;
-  key_exchange_type_t key_exchange;
-
-  int min_major_ver;
-  int min_minor_ver;
-  int max_major_ver;
-  int max_minor_ver;
-
-  unsigned char flags;
-};
-
-
-
 static const struct _ntbtls_ciphersuite_s ciphersuite_definitions[] = {
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA1_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+
   {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
    "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
    "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA1_C */
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
    "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
    "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
    "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA512_C */
-#if defined(POLARSSL_CCM_C)
-  {TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-  {TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-#endif /* POLARSSL_CCM_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
+   "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+   "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
+   "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+   "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
    "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-
-#if defined(POLARSSL_CIPHER_NULL_CIPHER)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
-#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA1_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA1_C */
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+   "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+   "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
    "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
    "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
    "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
    "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-
-#if defined(POLARSSL_CIPHER_NULL_CIPHER)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
-#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
-  {TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
-
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_GCM_C)
-  {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_CCM_C)
-  {TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-  {TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-#endif /* POLARSSL_CCM_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+   "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+   "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+   "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+   "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+   "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+   "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+   "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_256_CCM,
+   "TLS-DHE-RSA-WITH-AES-256-CCM",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_256_CCM_8,
+   "TLS-DHE-RSA-WITH-AES-256-CCM-8",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_128_CCM,
+   "TLS-DHE-RSA-WITH-AES-128-CCM",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_AES_128_CCM_8,
+   "TLS-DHE-RSA-WITH-AES-128-CCM-8",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
 
   {TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
    "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA1_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
    "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
 
   {TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
    "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
-  {TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
-
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_GCM_C)
-  {TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA1_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA1_C */
-#if defined(POLARSSL_CCM_C)
-  {TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-  {TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-#endif /* POLARSSL_CCM_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+   "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_256_GCM_SHA384,
+   "TLS-RSA-WITH-AES-256-GCM-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_128_GCM_SHA256,
+   "TLS-RSA-WITH-AES-128-GCM-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_128_CBC_SHA256,
+   "TLS-RSA-WITH-AES-128-CBC-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_256_CBC_SHA256,
+   "TLS-RSA-WITH-AES-256-CBC-SHA256",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_128_CBC_SHA,
+   "TLS-RSA-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_256_CBC_SHA,
+   "TLS-RSA-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_256_CCM,
+   "TLS-RSA-WITH-AES-256-CCM",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_256_CCM_8,
+   "TLS-RSA-WITH-AES-256-CCM-8",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_128_CCM,
+   "TLS-RSA-WITH-AES-128-CCM",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_AES_128_CCM_8,
+   "TLS-RSA-WITH-AES-128-CCM-8",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-   "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+    "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
+    GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+    KEY_EXCHANGE_RSA,
+    0,
+    TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+    TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
+   "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
+   "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA1_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_MD5_C)
-  {TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif
-#endif /* POLARSSL_ARC4_C */
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA1_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA1_C */
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+   "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+   "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+   "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
    "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
    "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
    "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
    "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-
-#if defined(POLARSSL_CIPHER_NULL_CIPHER)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
-#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_SHA1_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_SHA1_C */
-#if defined(POLARSSL_SHA256_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-  {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+   "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDH_RSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+   {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+   "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDH_ECDSA,
+    0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+   {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+    "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
+    GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+    KEY_EXCHANGE_ECDH_ECDSA,
+    0,
+    TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+    TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+   {TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
    "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_ECDSA,
+    0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
    "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
    "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_GCM_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
    "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+
   {TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
    "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-
-#if defined(POLARSSL_CIPHER_NULL_CIPHER)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
-#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_CCM_C)
-  {TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-  {TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-#endif /* POLARSSL_CCM_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDH_ECDSA,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_128_GCM_SHA256,
+   "TLS-PSK-WITH-AES-128-GCM-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_256_GCM_SHA384,
+   "TLS-PSK-WITH-AES-256-GCM-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_128_CBC_SHA256,
+   "TLS-PSK-WITH-AES-128-CBC-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_256_CBC_SHA384,
+   "TLS-PSK-WITH-AES-256-CBC-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_128_CBC_SHA,
+   "TLS-PSK-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_256_CBC_SHA,
+   "TLS-PSK-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_256_CCM,
+   "TLS-PSK-WITH-AES-256-CCM",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_256_CCM_8,
+   "TLS-PSK-WITH-AES-256-CCM-8",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_128_CCM,
+   "TLS-PSK-WITH-AES-128-CCM",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_AES_128_CCM_8,
+   "TLS-PSK-WITH-AES-128-CCM-8",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#if defined(POLARSSL_CCM_C)
-  {TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
-   POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-  {TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-  {TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
-   POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_SHORT_TAG},
-#endif /* POLARSSL_CCM_C */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_PSK_WITH_3DES_EDE_CBC_SHA,
+   "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
+   "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+   "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+   "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
+   "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
+   "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
+   "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_256_CCM,
+   "TLS-DHE-PSK-WITH-AES-256-CCM",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_256_CCM_8,
+   "TLS-DHE-PSK-WITH-AES-256-CCM-8",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_128_CCM,
+   "TLS-DHE-PSK-WITH-AES-128-CCM",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_AES_128_CCM_8,
+   "TLS-DHE-PSK-WITH-AES-128-CCM-8",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   CIPHERSUITE_FLAG_SHORT_TAG,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-#if defined(POLARSSL_AES_C)
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+   "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_DHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
    "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
    "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+   "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+   "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
-#if defined(POLARSSL_AES_C)
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
-   POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
-   POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
-  {TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
-   POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-
-  {TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
-   POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_AES_C */
-
-#if defined(POLARSSL_CAMELLIA_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+   "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_ECDHE_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_1,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
+   "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
+   "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
+   "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
+   "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
+   "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
+   GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
+   "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
+   GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
    "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
    "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-
-#if defined(POLARSSL_GCM_C)
-#if defined(POLARSSL_SHA256_C)
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
    "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
-   POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA256_C */
-
-#if defined(POLARSSL_SHA512_C)
+   GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA256,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
   {TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
    "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
-   POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA512_C */
-#endif /* POLARSSL_GCM_C */
-#endif /* POLARSSL_CAMELLIA_C */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
-   POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
-   POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-
-#if defined(POLARSSL_ARC4_C)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
-   POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   0},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_ARC4_C */
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
-
-#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
-#if defined(POLARSSL_CIPHER_NULL_CIPHER)
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
-#if defined(POLARSSL_MD5_C)
-  {TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA256_C)
-  {TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-
-#if defined(POLARSSL_SHA256_C)
-  {TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-
-#if defined(POLARSSL_SHA256_C)
-  {TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-
-#if defined(POLARSSL_SHA256_C)
-  {TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-
-#if defined(POLARSSL_SHA256_C)
-  {TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-
-#if defined(POLARSSL_SHA512_C)
-  {TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
-   POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
-#endif /* POLARSSL_CIPHER_NULL_CIPHER */
-
-#if defined(POLARSSL_DES_C)
-#if defined(POLARSSL_CIPHER_MODE_CBC)
-#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
-   POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
-
-#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
-#if defined(POLARSSL_SHA1_C)
-  {TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
-   POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
-   SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-   POLARSSL_CIPHERSUITE_WEAK},
-#endif /* POLARSSL_SHA1_C */
-#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
-#endif /* POLARSSL_CIPHER_MODE_CBC */
-#endif /* POLARSSL_DES_C */
-#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
+   GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_GCM, GCRY_MD_SHA384,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
+
+  {TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+   "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
+   GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_MD_SHA1,
+   KEY_EXCHANGE_RSA_PSK,
+   0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_0,
+   TLS_MAJOR_VERSION_3, TLS_MINOR_VERSION_3},
 
   {0, "", 0, 0, 0, 0, 0, 0, 0, 0}
 };
 
-#if defined(SSL_CIPHERSUITES)
-const int *
-ssl_list_ciphersuites (void)
-{
-  return (ciphersuite_preference);
-}
-#else
-#define MAX_CIPHERSUITES    sizeof( ciphersuite_definitions     ) /     \
-  sizeof( ciphersuite_definitions[0]  )
-static int supported_ciphersuites[MAX_CIPHERSUITES];
+
+static int supported_ciphersuites[DIM (ciphersuite_definitions)];
 static int supported_init = 0;
 
+
+/* Return an array with all supported cipher suites.  */
 const int *
-ssl_list_ciphersuites (void)
+_ntbtls_ciphersuite_list (void)
 {
   /*
    * On initial call filter out all ciphersuites not supported by current
    * build based on presence in the ciphersuite_definitions.
    */
-  if (supported_init == 0)
+  //FIXME: We need to check that algorithms are enabled in libgcrypt
+  //       and we need to protect this with a mutex.
+  if (!supported_init)
     {
-      const int *p;
-      int *q;
+      int i, j;
 
-      for (p = ciphersuite_preference, q = supported_ciphersuites;
-           *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; p++)
+      for (i=j=0; (ciphersuite_preference[i]
+                   && j < DIM(ciphersuite_definitions)-1); i++)
         {
-#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES)
-          const ssl_ciphersuite_t *cs_info;
-          if ((cs_info = ssl_ciphersuite_from_id (*p)) != NULL &&
-              cs_info->cipher != POLARSSL_CIPHER_ARC4_128)
-#else
-          if (ssl_ciphersuite_from_id (*p) != NULL)
-#endif
-            *(q++) = *p;
+          if (_ntbtls_ciphersuite_from_id (ciphersuite_preference[i]))
+            supported_ciphersuites[j++] = ciphersuite_preference[i];
         }
-      *q = 0;
+      supported_ciphersuites[j] = 0;
 
       supported_init = 1;
     }
 
-  return (supported_ciphersuites);
-};
-#endif /* SSL_CIPHERSUITES */
-
-const ssl_ciphersuite_t *
-ssl_ciphersuite_from_string (const char *ciphersuite_name)
-{
-  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
-
-  if (NULL == ciphersuite_name)
-    return (NULL);
-
-  while (cur->id != 0)
-    {
-      if (0 == strcasecmp (cur->name, ciphersuite_name))
-        return (cur);
-
-      cur++;
-    }
-
-  return (NULL);
+  return supported_ciphersuites;
 }
 
-const ssl_ciphersuite_t *
-ssl_ciphersuite_from_id (int ciphersuite)
-{
-  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
 
-  while (cur->id != 0)
-    {
-      if (cur->id == ciphersuite)
-        return (cur);
+ciphersuite_t
+_ntbtls_ciphersuite_from_id (int suite_id)
+{
+  ciphersuite_t suite;
 
-      cur++;
-    }
+  for (suite = ciphersuite_definitions; suite->tlsid; suite++)
+    if (suite->tlsid == suite_id)
+      return suite;
 
-  return (NULL);
+  return NULL;
 }
 
+
 const char *
-ssl_get_ciphersuite_name (const int ciphersuite_id)
+_ntbtls_ciphersuite_get_name (int suite_id)
 {
-  const ssl_ciphersuite_t *cur;
-
-  cur = ssl_ciphersuite_from_id (ciphersuite_id);
+  ciphersuite_t suite;
 
-  if (cur == NULL)
-    return ("unknown");
-
-  return (cur->name);
+  suite = _ntbtls_ciphersuite_from_id (suite_id);
+  return suite? suite->name : "unknown";
 }
 
-int
-ssl_get_ciphersuite_id (const char *ciphersuite_name)
+md_algo_t
+_ntbtls_ciphersuite_get_mac (ciphersuite_t suite)
 {
-  const ssl_ciphersuite_t *cur;
-
-  cur = ssl_ciphersuite_from_string (ciphersuite_name);
+  return suite? suite->mac : 0;
+}
 
-  if (cur == NULL)
-    return (0);
 
-  return (cur->id);
+key_exchange_type_t
+_ntbtls_ciphersuite_get_kex (ciphersuite_t suite)
+{
+  return suite? suite->key_exchange : 0;
 }
 
-#if defined(POLARSSL_PK_C)
-pk_type_t
-ssl_get_ciphersuite_sig_pk_alg (const ssl_ciphersuite_t * info)
+
+pk_algo_t
+_ntbtls_ciphersuite_get_sig_pk_alg (ciphersuite_t suite)
 {
-  switch (info->key_exchange)
+  if (!suite)
+    return 0;
+
+  switch (suite->key_exchange)
     {
-    case POLARSSL_KEY_EXCHANGE_RSA:
-    case POLARSSL_KEY_EXCHANGE_DHE_RSA:
-    case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
-    case POLARSSL_KEY_EXCHANGE_RSA_PSK:
-      return (POLARSSL_PK_RSA);
+    case KEY_EXCHANGE_RSA:
+    case KEY_EXCHANGE_DHE_RSA:
+    case KEY_EXCHANGE_ECDHE_RSA:
+    case KEY_EXCHANGE_RSA_PSK:
+      return GCRY_PK_RSA;
 
-    case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
-      return (POLARSSL_PK_ECDSA);
+    case KEY_EXCHANGE_ECDHE_ECDSA:
+      return GCRY_PK_ECC; /* Actuall ECDSA */
 
-    case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
-    case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
-      return (POLARSSL_PK_ECKEY);
+    case KEY_EXCHANGE_ECDH_RSA:
+    case KEY_EXCHANGE_ECDH_ECDSA:
+      return GCRY_PK_ECC;
 
     default:
-      return (POLARSSL_PK_NONE);
+      return 0;
     }
 }
-#endif /* POLARSSL_PK_C */
 
-#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
+
 int
-ssl_ciphersuite_uses_ec (const ssl_ciphersuite_t * info)
+_ntbtls_ciphersuite_version_ok (ciphersuite_t suite,
+                                int min_minor_ver, int max_minor_ver)
 {
-  switch (info->key_exchange)
+  if (!suite)
+    return 0;
+
+  return (suite->min_minor_ver >= min_minor_ver
+          && suite->max_minor_ver <= max_minor_ver);
+}
+
+
+int
+_ntbtls_ciphersuite_uses_ec (ciphersuite_t suite)
+{
+  if (!suite)
+    return 0;
+
+  switch (suite->key_exchange)
     {
-    case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
-    case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
-    case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
-    case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
-    case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
-      return (1);
+    case KEY_EXCHANGE_ECDHE_RSA:
+    case KEY_EXCHANGE_ECDHE_ECDSA:
+    case KEY_EXCHANGE_ECDHE_PSK:
+    case KEY_EXCHANGE_ECDH_RSA:
+    case KEY_EXCHANGE_ECDH_ECDSA:
+      return 1;
 
     default:
-      return (0);
+      return 0;
     }
 }
-#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
 
-#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
+
 int
-ssl_ciphersuite_uses_psk (const ssl_ciphersuite_t * info)
+_ntbtls_ciphersuite_uses_psk (ciphersuite_t suite)
 {
-  switch (info->key_exchange)
+  if (!suite)
+    return 0;
+
+  switch (suite->key_exchange)
     {
-    case POLARSSL_KEY_EXCHANGE_PSK:
-    case POLARSSL_KEY_EXCHANGE_RSA_PSK:
-    case POLARSSL_KEY_EXCHANGE_DHE_PSK:
-    case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
-      return (1);
+    case KEY_EXCHANGE_PSK:
+    case KEY_EXCHANGE_RSA_PSK:
+    case KEY_EXCHANGE_DHE_PSK:
+    case KEY_EXCHANGE_ECDHE_PSK:
+      return 1;
 
     default:
-      return (0);
+      return 0;
     }
 }
-#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
-
-#endif /* POLARSSL_SSL_TLS_C */
index 9259415..f47b91a 100644 (file)
 #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        0x84
 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    0x88
 
-#define TLS_PSK_WITH_RC4_128_SHA                 0x8A
 #define TLS_PSK_WITH_3DES_EDE_CBC_SHA            0x8B
 #define TLS_PSK_WITH_AES_128_CBC_SHA             0x8C
 #define TLS_PSK_WITH_AES_256_CBC_SHA             0x8D
 
-#define TLS_DHE_PSK_WITH_RC4_128_SHA             0x8E
 #define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA        0x8F
 #define TLS_DHE_PSK_WITH_AES_128_CBC_SHA         0x90
 #define TLS_DHE_PSK_WITH_AES_256_CBC_SHA         0x91
 
-#define TLS_RSA_PSK_WITH_RC4_128_SHA             0x92
 #define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA        0x93
 #define TLS_RSA_PSK_WITH_AES_128_CBC_SHA         0x94
 #define TLS_RSA_PSK_WITH_AES_256_CBC_SHA         0x95
 #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     0xC0   /**< TLS 1.2 */
 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4   /**< TLS 1.2 */
 
-#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA          0xC002 /**< Not in SSL3! */
 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA     0xC003 /**< Not in SSL3! */
 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA      0xC004 /**< Not in SSL3! */
 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA      0xC005 /**< Not in SSL3! */
 
-#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA         0xC007 /**< Not in SSL3! */
 #define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA    0xC008 /**< Not in SSL3! */
 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA     0xC009 /**< Not in SSL3! */
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA     0xC00A /**< Not in SSL3! */
 
-#define TLS_ECDH_RSA_WITH_RC4_128_SHA            0xC00C /**< Not in SSL3! */
 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA       0xC00D /**< Not in SSL3! */
 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA        0xC00E /**< Not in SSL3! */
 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA        0xC00F /**< Not in SSL3! */
 
-#define TLS_ECDHE_RSA_WITH_RC4_128_SHA           0xC011 /**< Not in SSL3! */
 #define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA      0xC012 /**< Not in SSL3! */
 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       0xC013 /**< Not in SSL3! */
 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       0xC014 /**< Not in SSL3! */
 #define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     0xC031 /**< TLS 1.2 */
 #define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     0xC032 /**< TLS 1.2 */
 
-#define TLS_ECDHE_PSK_WITH_RC4_128_SHA           0xC033 /**< Not in SSL3! */
 #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA      0xC034 /**< Not in SSL3! */
 #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       0xC035 /**< Not in SSL3! */
 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       0xC036 /**< Not in SSL3! */
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8      0xC0AF  /**< TLS 1.2 */
 
 struct _ntbtls_ciphersuite_s;
-typedef struct _ntbtls_ciphersuite_s  *ciphersuite_t;
+typedef const struct _ntbtls_ciphersuite_s *ciphersuite_t;
 
-#define POLARSSL_CIPHERSUITE_WEAK       0x01    /**< Weak ciphersuite flag  */
-#define POLARSSL_CIPHERSUITE_SHORT_TAG  0x02    /**< Short authentication tag,
-                                                   eg for CCM_8 */
+#define CIPHERSUITE_FLAG_SHORT_TAG  0x01   /* Short authentication tag.  */
 
-const int *ssl_list_ciphersuites (void);
+const int *_ntbtls_ciphersuite_list (void);
+ciphersuite_t _ntbtls_ciphersuite_from_id (int suite_id);
 
-const ciphersuite_t ssl_ciphersuite_from_string (const char *name);
-const ciphersuite_t ssl_ciphersuite_from_id (int ciphersuite_id);
+const char *_ntbtls_ciphersuite_get_name (int suite_id);
 
-#if defined(POLARSSL_PK_C)
-pk_type_t ssl_get_ciphersuite_sig_pk_alg (const ciphersuite_t info);
-#endif
+md_algo_t _ntbtls_ciphersuite_get_mac (ciphersuite_t suite);
+key_exchange_type_t _ntbtls_ciphersuite_get_kex (ciphersuite_t suite);
+pk_algo_t _ntbtls_ciphersuite_get_sig_pk_alg (ciphersuite_t suite);
+int _ntbtls_ciphersuite_version_ok (ciphersuite_t suite,
+                                    int min_minor_ver, int max_minor_ver);
 
-int ssl_ciphersuite_uses_ec (const ciphersuite_t info);
-int ssl_ciphersuite_uses_psk (const ciphersuite_t info);
+int _ntbtls_ciphersuite_uses_ec (ciphersuite_t suite);
+int _ntbtls_ciphersuite_uses_psk (ciphersuite_t suite);
 
 
 #endif /*NTBTLS_CIPHERSUITES_H*/
index b08d334..9fe53ed 100644 (file)
 #define NTBTLS_CONTEXT_H
 
 #include <gcrypt.h>
-#include <ksba.h>
 #include <zlib.h>
 
 
 typedef enum gcry_md_algos md_algo_t;
 typedef enum gcry_cipher_algos cipher_algo_t;
-typedef enum gcry_pk_algos pk_type_t;
+typedef enum gcry_cipher_modes cipher_mode_t;
+typedef enum gcry_pk_algos pk_algo_t;
 
 /*
  * TLS states  (note that the order of the states is important)
@@ -93,6 +93,25 @@ typedef enum
   } key_exchange_type_t;
 
 
+/*
+ * Object to hold X.509 certifciates.
+ */
+struct x509_cert_s;
+typedef struct x509_cert_s *x509_cert_t;
+
+/*
+ * Object to hold an X.509 private key.
+ */
+struct x509_privkey_s;
+typedef struct x509_privkey_s *x509_privkey_t;
+
+
+/*
+ * Object to hold an X.509 CRL.
+ */
+struct x509_crl_s;
+typedef struct x509_crl_s *x509_crl_t;
+
 
 /*
  * This structure is used for storing current session data.
@@ -106,7 +125,7 @@ struct _ntbtls_session_s
   unsigned char id[32];         /*!< session identifier */
   unsigned char master[48];     /*!< the master secret  */
 
-  ksba_cert_t peer_cert;        /*!< peer X.509 cert chain */
+  x509_cert_t peer_chain;       /*!< peer X.509 cert chain */
   int verify_result;            /*!<  verification result     */
 
   unsigned char *ticket;        /*!< RFC 5077 session ticket */
@@ -115,7 +134,7 @@ struct _ntbtls_session_s
 
   unsigned char mfl_code;       /*!< MaxFragmentLength negotiated by peer */
 
-  int trunc_hmac;               /*!< flag for truncated hmac activation   */
+  int use_trunc_hmac;           /* Flag for truncated hmac activation.   */
 };
 
 typedef struct _ntbtls_session_s *session_t;
@@ -124,23 +143,8 @@ typedef struct _ntbtls_session_s *session_t;
 /*
  * This structure is used for storing ciphersuite information
  */
-struct _ntbtls_ciphersuite_s
-{
-  int id;
-  const char *name;
-
-  cipher_algo_t cipher;
-  md_algo_t mac;
-  key_exchange_type_t key_exchange;
-
-  int min_major_ver;
-  int min_minor_ver;
-  int max_major_ver;
-  int max_minor_ver;
-
-  unsigned char flags;
-};
-typedef struct _ntbtls_ciphersuite_s *ciphersuite_t;
+struct _ntbtls_ciphersuite_s;
+typedef const struct _ntbtls_ciphersuite_s *ciphersuite_t;
 
 
 /*
@@ -152,8 +156,7 @@ struct _ntbtls_transform_s
   /*
    * Session specific crypto layer
    */
-  const ciphersuite_t ciphersuite_info;
-  /*!<  Chosen cipersuite_info  */
+  ciphersuite_t ciphersuite;    /*!<  Chosen cipersuite_info  */
   unsigned int keylen;          /*!<  symmetric key length    */
   size_t minlen;                /*!<  min. ciphertext length  */
   size_t ivlen;                 /*!<  IV length               */
@@ -185,9 +188,8 @@ typedef struct _ntbtls_transform_s *transform_t;
 struct _ntbtls_key_cert_s
 {
   struct _ntbtls_key_cert_s *next;
-  ksba_cert_t cert;             /*!< cert                       */
-  /*FIXME*/void *key;              /*!< private key                */
-  int key_own_alloc;            /*!< did we allocate key?       */
+  x509_cert_t  cert;
+  x509_privkey_t key;
 };
 
 typedef struct _ntbtls_key_cert_s *key_cert_t;
@@ -208,6 +210,7 @@ struct _ntbtls_handshake_params_s
   /*ecdh_context*/void* ecdh_ctx;        /*!<  ECDH key exchange       */
   const /*ecp_curve_info*/void **curves;/*!<  Supported elliptic curves */
   /**
+   * //FIXME: Better explain this
    * Current key/cert or key/cert list.
    * On client: pointer to ssl->key_cert, only the first entry used.
    * On server: starts as a pointer to ssl->key_cert, then becomes
@@ -250,7 +253,7 @@ typedef struct _ntbtls_handshake_params_s *handshake_params_t;
 struct _ntbtls_ticket_keys_s
 {
   unsigned char key_name[16];   /*!< name to quickly discard bad tickets */
-  gcry_cipher_hd_t enc;          /*!< encryption context                  */
+  gcry_cipher_hd_t enc;         /*!< encryption context                  */
   gcry_cipher_hd_t dec;         /*!< decryption context                  */
   unsigned char mac_key[16];    /*!< authentication key                  */
 };
@@ -299,7 +302,7 @@ struct _ntbtls_context_s
   int (*f_sni) (void *, ntbtls_t, const unsigned char *, size_t);
   void *p_sni;                  /*!< context for SNI extension        */
 
-  int (*f_vrfy) (void *, ksba_cert_t, int, int *);
+  int (*f_vrfy) (void *, x509_cert_t, int, int *);
   void *p_vrfy;                 /*!< context for verification         */
 
   int (*f_psk) (void *, ntbtls_t, const unsigned char *, size_t);
@@ -364,8 +367,8 @@ struct _ntbtls_context_s
    */
   key_cert_t key_cert;          /*!<  own certificate(s)/key(s) */
 
-  ksba_cert_t ca_chain;         /*!<  own trusted CA chain      */
-  ksba_crl_t  ca_crl;           /*!<  trusted CA CRLs           */
+  x509_cert_t ca_chain;         /*!<  own trusted CA chain      */
+  x509_crl_t  ca_crl;           /*!<  trusted CA CRLs           */
   const char *peer_cn;          /*!<  expected peer CN          */
 
   /*
@@ -386,8 +389,8 @@ struct _ntbtls_context_s
   int renego_max_records;       /*!<  grace period for renegotiation */
   const int *ciphersuite_list[4];       /*!<  allowed ciphersuites / version */
   const /*ecp_group_id*/ void *curve_list;   /*!<  allowed curves        */
-  int trunc_hmac;               /*!<  negotiate truncated hmac?      */
-  int session_tickets;          /*!<  use session tickets?    */
+  int use_trunc_hmac;           /* Use truncated HMAC flag.   */
+  int use_session_tickets;      /* Use session tickets flag.  */
   int ticket_lifetime;          /*!<  session ticket lifetime */
 
   gcry_mpi_t dhm_P;             /*!<  prime modulus for DHM   */
index 4d51753..56466af 100644 (file)
@@ -39,7 +39,7 @@ _ntbtls_debug_msg (int level, const char *format, ...)
   gpgrt_fputs ("ntbtls: ", es_stderr);
   gpgrt_vfprintf (es_stderr, format, arg_ptr);
   if (*format && format[strlen(format)-1] != '\n')
-    gpgrt_fputc ('\n', stderr);
+    gpgrt_fputc ('\n', es_stderr);
   va_end (arg_ptr);
   gpg_err_set_errno (saved_errno);
 }
@@ -50,7 +50,7 @@ _ntbtls_debug_bug (const char *file, int line)
 {
   const char *s;
 
-  s = strrchr (s, '/');
+  s = strrchr (file, '/');
   if (s)
     file = s + 1;
   _ntbtls_debug_msg (0, "bug detected at %s:%d\n", file, line);
index a24e7f5..44163ef 100644 (file)
@@ -22,7 +22,7 @@
 NTBTLS_1.0 {
   global:
     ntbtls_new;
-    ntbtls_relase;
+    ntbtls_release;
     ntbtls_set_transport;
     ntbtls_get_stream;
     ntbtls_handshake;
index 0b7f2fc..34e72c3 100644 (file)
@@ -20,6 +20,7 @@
 #include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <stdarg.h>
 
 #include "ntbtls.h"
@@ -106,18 +107,17 @@ info (const char *format, ...)
 static void
 simple_client (void)
 {
-  ggp_error_t err;
+  gpg_error_t err;
   ntbtls_t tls;
 
-
-  err = ntbtls_new (&tls);
+  err = ntbtls_new (&tls, NTBTLS_CLIENT);
   if (err)
-    die ("ntbtls_init failed: %s %s\n",
+    die ("ntbtls_init failed: %s <%s>\n",
          gpg_strerror (err), gpg_strsource (err));
 
-  err = ntbtls_set_transport (tls, instream, outstream);
+  err = ntbtls_set_transport (tls, es_stdin, es_stdout);
   if (err)
-    die ("ntbtls_set_transport failed: %s <%s>\n"
+    die ("ntbtls_set_transport failed: %s <%s>\n",
          gpg_strerror (err), gpg_strsource (err));
 
   info ("starting handshake");
@@ -126,6 +126,8 @@ simple_client (void)
       info ("handshake error: %s <%s>", gpg_strerror (err),gpg_strsource (err));
       switch (gpg_err_code (err))
         {
+        default:
+          break;
         }
       die ("handshake failed");
     }
@@ -161,4 +163,5 @@ main (int argc, char **argv)
     }
 
   simple_client ();
+  return 0;
 }
diff --git a/src/ntbtls-config.in b/src/ntbtls-config.in
new file mode 100644 (file)
index 0000000..a9510a4
--- /dev/null
@@ -0,0 +1,175 @@
+#!/bin/sh
+# Copyright (C) 1999, 2002, 2003, 2004, 2011 Free Software Foundation, Inc.
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# File: @configure_input@
+
+# General.
+prefix="@prefix@"
+exec_prefix="@exec_prefix@"
+version="@VERSION@"
+includedir="@includedir@"
+libdir="@libdir@"
+gpg_error_libs="@GPG_ERROR_LIBS@"
+gpg_error_cflags="@GPG_ERROR_CFLAGS@"
+
+# libgcrypt values.
+libs="@NTBTLS_CONFIG_LIBS@"
+cflags="@NTBTLS_CONFIG_CFLAGS@"
+
+# API info
+api_version="@NTBTLS_CONFIG_API_VERSION@"
+
+# Configured for host
+my_host="@NTBTLS_CONFIG_HOST@"
+
+# Misc information.
+
+# State variables.
+echo_libs=no
+echo_cflags=no
+echo_prefix=no
+echo_exec_prefix=no
+echo_version=no
+echo_api_version=no
+echo_host=no
+
+# Prints usage information.
+usage()
+{
+    cat <<EOF
+Usage: $0 [OPTIONS]
+Options:
+       [--prefix]
+       [--exec-prefix]
+       [--version]
+        [--api-version]
+       [--libs]
+       [--cflags]
+        [--host]
+EOF
+    exit $1
+}
+
+if test $# -eq 0; then
+    # Nothing to do.
+    usage 1 1>&2
+fi
+
+while test $# -gt 0; do
+    case "$1" in
+       # Set up `optarg'.
+       --*=*)
+           optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'`
+           ;;
+       *)
+           optarg=""
+           ;;
+    esac
+
+    case $1 in
+       --thread=*)
+           echo "$0: --thread option obsolete: use the thread callback interface" 1>&2
+           exit 1
+           ;;
+        --prefix=*)
+            # For compatibility reasons with old M4 macros, we ignore
+            # setting of prefix.
+            ;;
+       --prefix)
+           echo_prefix=yes
+           ;;
+        --exec-prefix=*)
+            ;;
+       --exec-prefix)
+           echo_exec_prefix=yes
+           ;;
+       --version)
+           echo_version=yes
+           ;;
+        --api-version)
+            echo_api_version=yes
+            ;;
+       --cflags)
+           echo_cflags=yes
+           ;;
+       --libs)
+           echo_libs=yes
+           ;;
+        --host)
+            echo_host=yes
+            ;;
+       *)
+           usage 1 1>&2
+           ;;
+    esac
+    shift
+done
+
+if test "$echo_prefix" = "yes"; then
+    echo "$prefix"
+fi
+
+if test "$echo_exec_prefix" = "yes"; then
+    echo "$exec_prefix"
+fi
+
+if test "$echo_cflags" = "yes"; then
+    includes=""
+    cflags_final="$cflags"
+
+    # Set up `includes'.
+    if test "x$includedir" != "x/usr/include" -a "x$includedir" != "x/include"; then
+       includes="-I$includedir"
+    fi
+    # Set up `cflags_final'.
+    cflags_final="$cflags_final $gpg_error_cflags"
+
+    tmp=""
+    for i in $includes $cflags_final; do
+       if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then
+           tmp="$tmp $i"
+       fi
+    done
+    echo $tmp
+fi
+
+if test "$echo_libs" = "yes"; then
+    libdirs=""
+    libs_final="$libs"
+
+    # Set up `libdirs'.
+    if test "x$libdir" != "x/usr/lib" -a "x$libdir" != "x/lib"; then
+       libdirs="-L$libdir"
+    fi
+
+    # Set up `libs_final'.
+    libs_final="$libs_final $gpg_error_libs"
+
+    tmp=""
+    for i in $libdirs $libs_final; do
+       if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then
+           tmp="$tmp $i"
+       fi
+    done
+    echo $tmp
+fi
+
+if test "$echo_version" = "yes"; then
+    echo "$version"
+fi
+
+if test "$echo_api_version" = "yes"; then
+    echo "$api_version"
+fi
+
+if test "$echo_host" = "yes"; then
+    echo "$my_host"
+fi
index 00b4fe5..a95fab9 100644 (file)
 #define TLS_COMPRESS_NULL               0
 #define TLS_COMPRESS_DEFLATE            1
 
+#define TLS_VERIFY_NONE                 0
+#define TLS_VERIFY_OPTIONAL             1
+#define TLS_VERIFY_REQUIRED             2
+
+#define TLS_LEGACY_RENEGOTIATION        0
+#define TLS_SECURE_RENEGOTIATION        1
+
+#define TLS_LEGACY_NO_RENEGOTIATION     0
+#define TLS_LEGACY_ALLOW_RENEGOTIATION  1
+#define TLS_LEGACY_BREAK_HANDSHAKE      2
+
+#define TLS_TRUNCATED_HMAC_LEN          10 /* 80 bits, rfc 6066 section 7 */
+
 
 /* Lifetime of session tickets in seconds.  */
 #define TLS_DEFAULT_TICKET_LIFETIME  86400
 
 
+
 /*
  * Size of the input/output buffer.  Note: the RFC defines the default
  * size of TLS messages.  If you change the value here, other
 #define TLS_MAC_ADD           48  /* SHA-384 used for HMAC */
 #define TLS_PADDING_ADD      256
 #define TLS_BUFFER_LEN  (TLS_MAX_CONTENT_LEN                    \
-                         + SSL_COMPRESSION_ADD                  \
+                         + TLS_COMPRESSION_ADD                  \
                          + 29 /* counter + header + IV */       \
-                         + SSL_MAC_ADD                          \
-                         + SSL_PADDING_ADD                      \
+                         + TLS_MAC_ADD                          \
+                         + TLS_PADDING_ADD                      \
                          )
 
 /*
@@ -123,7 +137,6 @@ union premaster_secret_u
 #define TLS_MAX_FRAG_LEN_1024           2  /*!< MaxFragmentLength 2^10     */
 #define TLS_MAX_FRAG_LEN_2048           3  /*!< MaxFragmentLength 2^11     */
 #define TLS_MAX_FRAG_LEN_4096           4  /*!< MaxFragmentLength 2^12     */
-#define TLS_MAX_FRAG_LEN_INVALID        5  /*!< first invalid value        */
 
 
 /*
@@ -220,6 +233,12 @@ union premaster_secret_u
 #define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
 
 
+/*
+ * Signaling ciphersuite values (SCSV)
+ */
+#define TLS_EMPTY_RENEGOTIATION_INFO    0xFF
+
+
 
 /*
  * The structure definitions are in a separate file.
@@ -227,6 +246,29 @@ union premaster_secret_u
 
 #include "context.h"
 
+/*
+ *  Inline functions etc.
+ */
+
+/* Return the private key object from the context object or NULL if
+   there is none.  */
+static inline x509_privkey_t
+tls_own_key (ntbtls_t tls)
+{
+  return tls->handshake->key_cert? tls->handshake->key_cert->key : NULL;
+}
+
+
+/* Return the certifciate key object from the context object or NULL
+   if there is none.  */
+static inline x509_cert_t
+tls_own_cert (ntbtls_t tls)
+{
+  return tls->handshake->key_cert? tls->handshake->key_cert->cert : NULL;
+}
+
+
+
 \f
 /*
  * Prototypes
@@ -236,11 +278,28 @@ union premaster_secret_u
 gpg_error_t _ntbtls_fetch_input (ntbtls_t tls, size_t nb_want);
 gpg_error_t _ntbtls_flush_output (ntbtls_t tls);
 
-pk_type_t _ntbtls_pk_alg_from_sig (unsigned char sig);
+gpg_error_t _ntbtls_write_record (ntbtls_t tls);
+gpg_error_t _ntbtls_read_record (ntbtls_t tls);
+gpg_error_t _ntbtls_send_fatal_handshake_failure (ntbtls_t tls);
+gpg_error_t _ntbtls_send_alert_message (ntbtls_t tls, unsigned char level,
+                                        unsigned char message);
+
+pk_algo_t _ntbtls_pk_alg_from_sig (unsigned char sig);
 md_algo_t _ntbtls_md_alg_from_hash (unsigned char hash);
 
 gpg_error_t _ntbtls_derive_keys (ntbtls_t tls);
 
+void _ntbtls_optimize_checksum (ntbtls_t tls,
+                                const ciphersuite_t ciphersuite_info);
+
+gpg_error_t _ntbtls_psk_derive_premaster (ntbtls_t tls,
+                                          key_exchange_type_t kex);
+gpg_error_t _ntbtls_write_change_cipher_spec (ntbtls_t tls);
+gpg_error_t _ntbtls_parse_change_cipher_spec (ntbtls_t tls);
+gpg_error_t _ntbtls_write_finished (ntbtls_t tls);
+gpg_error_t _ntbtls_parse_finished (ntbtls_t tls);
+void _ntbtls_handshake_wrapup (ntbtls_t tls);
+
 
 /* Functions directly used by the public API.  */
 gpg_error_t _ntbtls_new (ntbtls_t *r_tls, unsigned int flags);
@@ -262,6 +321,38 @@ gpg_error_t _ntbtls_handshake_server_step (ntbtls_t tls);
 /*-- protocol-cli.c --*/
 gpg_error_t _ntbtls_handshake_client_step (ntbtls_t tls);
 
+/*-- x509.c --*/
+
+/*
+ *X509 Verify codes  - FIXME: Replace them by ksba stuff.
+ */
+#define BADCERT_EXPIRED             0x01  /* The certificate validity has expired. */
+#define BADCERT_REVOKED             0x02  /* The certificate has been revoked (is on a CRL). */
+#define BADCERT_CN_MISMATCH         0x04  /* The certificate Common Name (CN) does not match with the expected CN. */
+#define BADCERT_NOT_TRUSTED         0x08  /* The certificate is not correctly signed by the trusted CA. */
+#define BADCRL_NOT_TRUSTED          0x10  /* CRL is not correctly signed by the trusted CA. */
+#define BADCRL_EXPIRED              0x20  /* CRL is expired. */
+#define BADCERT_MISSING             0x40  /* Certificate was missing. */
+#define BADCERT_SKIP_VERIFY         0x80  /* Certificate verification was skipped. */
+#define BADCERT_OTHER             0x0100  /* Other reason (can be used by verify callback) */
+#define BADCERT_FUTURE            0x0200  /* The certificate validity starts in the future. */
+#define BADCRL_FUTURE             0x0400  /* The CRL is from the future */
+
+
+gpg_error_t _ntbtls_x509_new (x509_cert_t *r_cert);
+void _ntbtls_x509_release (x509_cert_t crt);
+gpg_error_t _ntbtls_x509_append_cert (x509_cert_t cert,
+                                      const void *der, size_t derlen);
+const unsigned char *_ntbtls_x509_get_cert (x509_cert_t cert, int idx,
+                                            size_t *r_derlen);
+
+
+gpg_error_t _ntbtls_x509_verify (x509_cert_t cert, x509_cert_t trust_ca,
+                                 x509_crl_t ca_crl,
+                                 const char *cn, int *r_flags);
+
+int _ntbtls_x509_can_do (x509_privkey_t privkey, pk_algo_t pkalgo);
+
 
 
 #endif /*NTBTLS_NTBTLS_INT_H*/
index 53b7497..1b07333 100644 (file)
@@ -43,9 +43,9 @@ extern "C" {
 #define NTBTLS_VERSION_NUMBER @VERSION_NUMBER@
 
 
-/* Flags used by ntbtls_init.  */
-#define NTBTLS_INIT_SERVER  0
-#define NTBTLS_INIT_CLIENT  1
+/* Flags used by ntbtls_new.  */
+#define NTBTLS_SERVER  0
+#define NTBTLS_CLIENT  1
 
 
 /* The TLS context object.  */
diff --git a/src/ntbtls.m4 b/src/ntbtls.m4
new file mode 100644 (file)
index 0000000..1907810
--- /dev/null
@@ -0,0 +1,123 @@
+dnl Autoconf macros for NTBTLS
+dnl Copyright (C) 2002, 2004, 2011 Free Software Foundation, Inc.
+dnl
+dnl This file is free software; as a special exception the author gives
+dnl unlimited permission to copy and/or distribute it, with or without
+dnl modifications, as long as this notice is preserved.
+dnl
+dnl This file is distributed in the hope that it will be useful, but
+dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+dnl AM_PATH_NTBTLS([MINIMUM-VERSION,
+dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl
+dnl Test for NTBTLS and define NTBTLS_CFLAGS and NTBTLS_LIBS.
+dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
+dnl with the API version to also check the API compatibility. Example:
+dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed
+dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1.  Using
+dnl this features allows to prevent build against newer versions of libgcrypt
+dnl with a changed API.
+dnl
+AC_DEFUN([AM_PATH_NTBTLS],
+[ AC_REQUIRE([AC_CANONICAL_HOST])
+  AC_ARG_WITH(ntbtls-prefix,
+            AC_HELP_STRING([--with-ntbtls-prefix=PFX],
+                           [prefix where NTBTLS is installed (optional)]),
+     ntbtls_config_prefix="$withval", ntbtls_config_prefix="")
+  if test x$ntbtls_config_prefix != x ; then
+     if test x${NTBTLS_CONFIG+set} != xset ; then
+        NTBTLS_CONFIG=$ntbtls_config_prefix/bin/ntbtls-config
+     fi
+  fi
+
+  AC_PATH_TOOL(NTBTLS_CONFIG, ntbtls-config, no)
+  tmp=ifelse([$1], ,1:1.2.0,$1)
+  if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
+     req_ntbtls_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
+     min_ntbtls_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
+  else
+     req_ntbtls_api=0
+     min_ntbtls_version="$tmp"
+  fi
+
+  AC_MSG_CHECKING(for NTBTLS - version >= $min_ntbtls_version)
+  ok=no
+  if test "$NTBTLS_CONFIG" != "no" ; then
+    req_major=`echo $min_ntbtls_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
+    req_minor=`echo $min_ntbtls_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
+    req_micro=`echo $min_ntbtls_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
+    ntbtls_config_version=`$NTBTLS_CONFIG --version`
+    major=`echo $ntbtls_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
+    minor=`echo $ntbtls_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
+    micro=`echo $ntbtls_config_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
+    if test "$major" -gt "$req_major"; then
+        ok=yes
+    else
+        if test "$major" -eq "$req_major"; then
+            if test "$minor" -gt "$req_minor"; then
+               ok=yes
+            else
+               if test "$minor" -eq "$req_minor"; then
+                   if test "$micro" -ge "$req_micro"; then
+                     ok=yes
+                   fi
+               fi
+            fi
+        fi
+    fi
+  fi
+  if test $ok = yes; then
+    AC_MSG_RESULT([yes ($ntbtls_config_version)])
+  else
+    AC_MSG_RESULT(no)
+  fi
+  if test $ok = yes; then
+     # If we have a recent ntbtls, we should also check that the
+     # API is compatible
+     if test "$req_ntbtls_api" -gt 0 ; then
+        tmp=`$NTBTLS_CONFIG --api-version 2>/dev/null || echo 0`
+        if test "$tmp" -gt 0 ; then
+           AC_MSG_CHECKING([NTBTLS API version])
+           if test "$req_ntbtls_api" -eq "$tmp" ; then
+             AC_MSG_RESULT([okay])
+           else
+             ok=no
+             AC_MSG_RESULT([does not match. want=$req_ntbtls_api got=$tmp])
+           fi
+        fi
+     fi
+  fi
+  if test $ok = yes; then
+    NTBTLS_CFLAGS=`$NTBTLS_CONFIG --cflags`
+    NTBTLS_LIBS=`$NTBTLS_CONFIG --libs`
+    ifelse([$2], , :, [$2])
+    ntbtls_config_host=`$NTBTLS_CONFIG --host 2>/dev/null || echo none`
+    if test x"$ntbtls_config_host" != xnone ; then
+      if test x"$ntbtls_config_host" != x"$host" ; then
+  AC_MSG_WARN([[
+***
+*** The config script $NTBTLS_CONFIG was
+*** built for $ntbtls_config_host and thus may not match the
+*** used host $host.
+*** You may want to use the configure option --with-ntbtls-prefix
+*** to specify a matching config script.
+***]])
+      fi
+    fi
+  else
+    NTBTLS_CFLAGS=""
+    NTBTLS_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(NTBTLS_CFLAGS)
+  AC_SUBST(NTBTLS_LIBS)
+])
index 9313954..eedc82c 100644 (file)
@@ -27,6 +27,7 @@
 #include <stdlib.h>
 
 #include "ntbtls-int.h"
+#include "ciphersuites.h"
 
 
 static void
@@ -182,36 +183,37 @@ static void
 write_supported_elliptic_curves_ext (ntbtls_t ssl,
                                      unsigned char *buf, size_t * olen)
 {
-  unsigned char *p = buf;
-  unsigned char *elliptic_curve_list = p + 6;
-  size_t elliptic_curve_len = 0;
-  const ecp_curve_info *info;
-  const ecp_group_id *grp_id;
+  //FIXME:
+  /* unsigned char *p = buf; */
+  /* unsigned char *elliptic_curve_list = p + 6; */
+  /* size_t elliptic_curve_len = 0; */
+  /* const ecp_curve_info *info; */
+  /* const ecp_group_id *grp_id; */
 
-  *olen = 0;
+  /* *olen = 0; */
 
-  debug_msg (3, "client hello, adding supported_elliptic_curves extension");
+  /* debug_msg (3, "client hello, adding supported_elliptic_curves extension"); */
 
-  for (grp_id = ssl->curve_list; *grp_id != POLARSSL_ECP_DP_NONE; grp_id++)
-    {
-      info = ecp_curve_info_from_grp_id (*grp_id);
-      elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
-      elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
-    }
+  /* for (grp_id = ssl->curve_list; *grp_id != POLARSSL_ECP_DP_NONE; grp_id++) */
+  /*   { */
+  /*     info = ecp_curve_info_from_grp_id (*grp_id); */
+  /*     elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8; */
+  /*     elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF; */
+  /*   } */
 
-  if (elliptic_curve_len == 0)
-    return;
+  /* if (elliptic_curve_len == 0) */
+  /*   return; */
 
-  *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8) & 0xFF);
-  *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_ELLIPTIC_CURVES) & 0xFF);
+  /* *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8) & 0xFF); */
+  /* *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_ELLIPTIC_CURVES) & 0xFF); */
 
-  *p++ = (unsigned char) (((elliptic_curve_len + 2) >> 8) & 0xFF);
-  *p++ = (unsigned char) (((elliptic_curve_len + 2)) & 0xFF);
+  /* *p++ = (unsigned char) (((elliptic_curve_len + 2) >> 8) & 0xFF); */
+  /* *p++ = (unsigned char) (((elliptic_curve_len + 2)) & 0xFF); */
 
-  *p++ = (unsigned char) (((elliptic_curve_len) >> 8) & 0xFF);
-  *p++ = (unsigned char) (((elliptic_curve_len)) & 0xFF);
+  /* *p++ = (unsigned char) (((elliptic_curve_len) >> 8) & 0xFF); */
+  /* *p++ = (unsigned char) (((elliptic_curve_len)) & 0xFF); */
 
-  *olen = 6 + elliptic_curve_len;
+  /* *olen = 6 + elliptic_curve_len; */
 }
 
 
@@ -219,33 +221,34 @@ static void
 write_cli_supported_point_formats_ext (ntbtls_t ssl,
                                        unsigned char *buf, size_t * olen)
 {
-  unsigned char *p = buf;
-  ((void) ssl);
+  //FIXME:
+  /* unsigned char *p = buf; */
+  /* ((void) ssl); */
 
-  *olen = 0;
+  /* *olen = 0; */
 
-  debug_msg (3, "client hello, adding supported_point_formats extension");
+  /* debug_msg (3, "client hello, adding supported_point_formats extension"); */
 
-  *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_POINT_FORMATS >> 8) & 0xFF);
-  *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_POINT_FORMATS) & 0xFF);
+  /* *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_POINT_FORMATS >> 8) & 0xFF); */
+  /* *p++ = (unsigned char) ((TLS_EXT_SUPPORTED_POINT_FORMATS) & 0xFF); */
 
-  *p++ = 0x00;
-  *p++ = 2;
+  /* *p++ = 0x00; */
+  /* *p++ = 2; */
 
-  *p++ = 1;
-  *p++ = POLARSSL_ECP_PF_UNCOMPRESSED;
+  /* *p++ = 1; */
+  /* *p++ = POLARSSL_ECP_PF_UNCOMPRESSED; */
 
-  *olen = 6;
+  /* *olen = 6; */
 }
 
 
 static void
-write_cli_max_fragment_length_ext (ntbtls_t ssl,
-                                   unsigned char *buf, size_t * olen)
+write_cli_max_fragment_length_ext (ntbtls_t tls,
+                                   unsigned char *buf, size_t *olen)
 {
   unsigned char *p = buf;
 
-  if (ssl->mfl_code == SSL_MAX_FRAG_LEN_NONE)
+  if (tls->mfl_code == TLS_MAX_FRAG_LEN_NONE)
     {
       *olen = 0;
       return;
@@ -259,19 +262,19 @@ write_cli_max_fragment_length_ext (ntbtls_t ssl,
   *p++ = 0x00;
   *p++ = 1;
 
-  *p++ = ssl->mfl_code;
+  *p++ = tls->mfl_code;
 
   *olen = 5;
 }
 
 
 static void
-write_cli_truncated_hmac_ext (ntbtls_t ssl,
+write_cli_truncated_hmac_ext (ntbtls_t tls,
                               unsigned char *buf, size_t * olen)
 {
   unsigned char *p = buf;
 
-  if (ssl->trunc_hmac == SSL_TRUNC_HMAC_DISABLED)
+  if (!tls->use_trunc_hmac)
     {
       *olen = 0;
       return;
@@ -296,7 +299,7 @@ write_cli_session_ticket_ext (ntbtls_t ssl,
   unsigned char *p = buf;
   size_t tlen = ssl->session_negotiate->ticket_len;
 
-  if (ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED)
+  if (!ssl->use_session_tickets)
     {
       *olen = 0;
       return;
@@ -373,17 +376,17 @@ write_cli_alpn_ext (ntbtls_t ssl, unsigned char *buf, size_t * olen)
 }
 
 
-static int
+static gpg_error_t
 write_client_hello (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
   size_t i, n, olen;
   size_t ext_len = 0;
   unsigned char *buf;
   unsigned char *p, *q;
   time_t t;
   const int *ciphersuites;
-  const ssl_ciphersuite_t *ciphersuite_info;
+  ciphersuite_t suite;
 
   debug_msg (2, "=> write client hello");
 
@@ -452,15 +455,11 @@ write_client_hello (ntbtls_t tls)
    * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
    * generate and include a Session ID in the TLS ClientHello."
    */
-  if (tls->renegotiation == SSL_INITIAL_HANDSHAKE &&
+  if (tls->renegotiation == TLS_INITIAL_HANDSHAKE &&
       tls->session_negotiate->ticket != NULL &&
       tls->session_negotiate->ticket_len != 0)
     {
-      ret = tls->f_rng (tls->p_rng, tls->session_negotiate->id, 32);
-
-      if (ret != 0)
-        return (ret);
-
+      gcry_create_nonce (tls->session_negotiate->id, 32);
       tls->session_negotiate->length = n = 32;
     }
 
@@ -472,6 +471,8 @@ write_client_hello (ntbtls_t tls)
   debug_msg (3, "client hello, session id len.: %d", n);
   debug_buf (3, "client hello, session id", buf + 39, n);
 
+  //FIXME: We do not have a way to set tye ciphersuites.  Thus
+  // consider to replace this with simpler code.
   ciphersuites = tls->ciphersuite_list[tls->minor_ver];
   n = 0;
   q = p;
@@ -482,32 +483,33 @@ write_client_hello (ntbtls_t tls)
   /*
    * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
    */
-  if (tls->renegotiation == SSL_INITIAL_HANDSHAKE)
+  if (tls->renegotiation == TLS_INITIAL_HANDSHAKE)
     {
-      *p++ = (unsigned char) (SSL_EMPTY_RENEGOTIATION_INFO >> 8);
-      *p++ = (unsigned char) (SSL_EMPTY_RENEGOTIATION_INFO);
+      *p++ = (unsigned char) (TLS_EMPTY_RENEGOTIATION_INFO >> 8);
+      *p++ = (unsigned char) (TLS_EMPTY_RENEGOTIATION_INFO);
       n++;
     }
 
-  for (i = 0; ciphersuites[i] != 0; i++)
+  /*FIXME: We should add an explicit limit and not rely on the known
+    length of the ciphersuites.  */
+  for (i = 0; ciphersuites && ciphersuites[i]; i++)
     {
-      ciphersuite_info = ssl_ciphersuite_from_id (ciphersuites[i]);
-
-      if (ciphersuite_info == NULL)
+      suite = _ntbtls_ciphersuite_from_id (ciphersuites[i]);
+      if (!suite)
         continue;
 
-      if (ciphersuite_info->min_minor_ver > tls->max_minor_ver ||
-          ciphersuite_info->max_minor_ver < tls->min_minor_ver)
+      if (!_ntbtls_ciphersuite_version_ok (suite, tls->min_minor_ver,
+                                           tls->max_minor_ver))
         continue;
 
-      debug_msg (3, "client hello, add ciphersuite: %2d",
-                 ciphersuites[i]);
+      debug_msg (3, "client hello, add ciphersuite: %2d", ciphersuites[i]);
 
       n++;
       *p++ = (unsigned char) (ciphersuites[i] >> 8);
       *p++ = (unsigned char) (ciphersuites[i]);
     }
 
+  /* Fixup the ciphersuite length.  */
   *q++ = (unsigned char) (n >> 7);
   *q++ = (unsigned char) (n << 1);
 
@@ -515,38 +517,38 @@ write_client_hello (ntbtls_t tls)
 
   debug_msg (3, "client hello, compress len.: %d", 2);
   debug_msg (3, "client hello, compress alg.: %d %d",
-             SSL_COMPRESS_DEFLATE, SSL_COMPRESS_NULL);
+             TLS_COMPRESS_DEFLATE, TLS_COMPRESS_NULL);
 
   *p++ = 2;
-  *p++ = SSL_COMPRESS_DEFLATE;
-  *p++ = SSL_COMPRESS_NULL;
+  *p++ = TLS_COMPRESS_DEFLATE;
+  *p++ = TLS_COMPRESS_NULL;
 
   /* First write extensions, then the total length.  */
-  write_hostname_ext (ssl, p + 2 + ext_len, &olen);
+  write_hostname_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  write_cli_renegotiation_ext (ssl, p + 2 + ext_len, &olen);
+  write_cli_renegotiation_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  write_signature_algorithms_ext (ssl, p + 2 + ext_len, &olen);
+  write_signature_algorithms_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  ssl_write_supported_elliptic_curves_ext (ssl, p + 2 + ext_len, &olen);
-  ext_len += olen;
+  /* ssl_write_supported_elliptic_curves_ext (tls, p + 2 + ext_len, &olen); */
+  /* ext_len += olen; */
 
-  write_cli_supported_point_formats_ext (ssl, p + 2 + ext_len, &olen);
-  ext_len += olen;
+  /* write_cli_supported_point_formats_ext (tls, p + 2 + ext_len, &olen); */
+  /* ext_len += olen; */
 
-  write_cli_max_fragment_length_ext (ssl, p + 2 + ext_len, &olen);
+  write_cli_max_fragment_length_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  write_cli_truncated_hmac_ext (ssl, p + 2 + ext_len, &olen);
+  write_cli_truncated_hmac_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  write_cli_session_ticket_ext (ssl, p + 2 + ext_len, &olen);
+  write_cli_session_ticket_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
-  write_cli_alpn_ext (ssl, p + 2 + ext_len, &olen);
+  write_cli_alpn_ext (tls, p + 2 + ext_len, &olen);
   ext_len += olen;
 
   debug_msg (3, "client hello, total extension length: %d", ext_len);
@@ -567,8 +569,8 @@ write_client_hello (ntbtls_t tls)
   err = _ntbtls_write_record (tls);
   if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write client hello");
@@ -576,144 +578,143 @@ write_client_hello (ntbtls_t tls)
   return (0);
 }
 
-static int
-ssl_parse_renegotiation_info (ntbtls_t ssl,
-                              const unsigned char *buf, size_t len)
+
+static gpg_error_t
+parse_renegotiation_info (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  int ret;
+  gpg_error_t err;
 
-  if (ssl->renegotiation == SSL_INITIAL_HANDSHAKE)
+  if (tls->renegotiation == TLS_INITIAL_HANDSHAKE)
     {
       if (len != 1 || buf[0] != 0x0)
         {
           debug_msg (1, "non-zero length renegotiated connection field");
 
-          if ((ret = ssl_send_fatal_handshake_failure (ssl)) != 0)
-            return (ret);
-
-          return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+          err = _ntbtls_send_fatal_handshake_failure (tls);
+          if (!err)
+            err = gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+          return err;
         }
 
-      ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION;
+      tls->secure_renegotiation = TLS_SECURE_RENEGOTIATION;
     }
   else
     {
       /* Check verify-data in constant-time. The length OTOH is no secret */
-      if (len != 1 + ssl->verify_data_len * 2 ||
-          buf[0] != ssl->verify_data_len * 2 ||
-          safer_memcmp (buf + 1,
-                        ssl->own_verify_data, ssl->verify_data_len) != 0 ||
-          safer_memcmp (buf + 1 + ssl->verify_data_len,
-                        ssl->peer_verify_data, ssl->verify_data_len) != 0)
+      if (len != 1 + tls->verify_data_len * 2
+          || buf[0] != tls->verify_data_len * 2
+          || memcmpct (buf + 1,
+                       tls->own_verify_data, tls->verify_data_len)
+          || memcmpct (buf + 1 + tls->verify_data_len,
+                       tls->peer_verify_data, tls->verify_data_len))
         {
           debug_msg (1, "non-matching renegotiated connection field");
 
-          if ((ret = ssl_send_fatal_handshake_failure (ssl)) != 0)
-            return (ret);
-
-          return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+          err = _ntbtls_send_fatal_handshake_failure (tls);
+          if (!err)
+            err = gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+          return err;
         }
     }
 
-  return (0);
+  return 0;
 }
 
 
-static int
-ssl_parse_max_fragment_length_ext (ntbtls_t ssl,
-                                   const unsigned char *buf, size_t len)
+static gpg_error_t
+parse_max_fragment_length_ext (ntbtls_t tls,
+                               const unsigned char *buf, size_t len)
 {
   /*
    * server should use the extension only if we did,
    * and if so the server's value should match ours (and len is always 1)
    */
-  if (ssl->mfl_code == SSL_MAX_FRAG_LEN_NONE ||
-      len != 1 || buf[0] != ssl->mfl_code)
+  if (tls->mfl_code == TLS_MAX_FRAG_LEN_NONE
+      || len != 1
+      || buf[0] != tls->mfl_code)
     {
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
 
-  return (0);
+  return 0;
 }
 
 
-
-static int
-ssl_parse_truncated_hmac_ext (ntbtls_t ssl,
-                              const unsigned char *buf, size_t len)
+static gpg_error_t
+parse_truncated_hmac_ext (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  if (ssl->trunc_hmac == SSL_TRUNC_HMAC_DISABLED || len != 0)
+  (void)buf;
+
+  if (!tls->use_trunc_hmac || len)
     {
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
 
-  ((void) buf);
-
-  ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
+  tls->session_negotiate->use_trunc_hmac = 1;
 
-  return (0);
+  return 0;
 }
 
 
-static int
-ssl_parse_session_ticket_ext (ntbtls_t ssl,
-                              const unsigned char *buf, size_t len)
+static gpg_error_t
+parse_session_ticket_ext (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  if (ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED || len != 0)
+  (void)buf;
+
+  if (!tls->use_session_tickets || len)
     {
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
 
-  ((void) buf);
+  tls->handshake->new_session_ticket = 1;
 
-  ssl->handshake->new_session_ticket = 1;
-
-  return (0);
+  return 0;
 }
 
 
-static int
-ssl_parse_supported_point_formats_ext (ntbtls_t ssl,
-                                       const unsigned char *buf, size_t len)
+static gpg_error_t
+parse_supported_point_formats_ext (ntbtls_t ssl,
+                                   const unsigned char *buf, size_t len)
 {
-  size_t list_size;
-  const unsigned char *p;
-
-  list_size = buf[0];
-  if (list_size + 1 != len)
-    {
-      debug_msg (1, "bad server hello message");
-      return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
-    }
-
-  p = buf + 1;
-  while (list_size > 0)
-    {
-      if (p[0] == POLARSSL_ECP_PF_UNCOMPRESSED ||
-          p[0] == POLARSSL_ECP_PF_COMPRESSED)
-        {
-          ssl->handshake->ecdh_ctx.point_format = p[0];
-          debug_msg (4, "point format selected: %d", p[0]);
-          return (0);
-        }
-
-      list_size--;
-      p++;
-    }
-
-  debug_msg (1, "no point format in common");
+  //FIXME:
+  /* size_t list_size; */
+  /* const unsigned char *p; */
+
+  /* list_size = buf[0]; */
+  /* if (list_size + 1 != len) */
+  /*   { */
+  /*     debug_msg (1, "bad server hello message"); */
+  /*     return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO); */
+  /*   } */
+
+  /* p = buf + 1; */
+  /* while (list_size > 0) */
+  /*   { */
+  /*     if (p[0] == POLARSSL_ECP_PF_UNCOMPRESSED || */
+  /*         p[0] == POLARSSL_ECP_PF_COMPRESSED) */
+  /*       { */
+  /*         ssl->handshake->ecdh_ctx.point_format = p[0]; */
+  /*         debug_msg (4, "point format selected: %d", p[0]); */
+  /*         return (0); */
+  /*       } */
+
+  /*     list_size--; */
+  /*     p++; */
+  /*   } */
+
+  /* debug_msg (1, "no point format in common"); */
   return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
 }
 
 
-static int
-ssl_parse_alpn_ext (ntbtls_t ssl, const unsigned char *buf, size_t len)
+static gpg_error_t
+parse_alpn_ext (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
   size_t list_len, name_len;
   const char **p;
 
   /* If we didn't send it, the server shouldn't send it */
-  if (ssl->alpn_list == NULL)
+  if (!tls->alpn_list)
     return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
 
   /*
@@ -739,12 +740,12 @@ ssl_parse_alpn_ext (ntbtls_t ssl, const unsigned char *buf, size_t len)
     return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
 
   /* Check that the server chosen protocol was in our list and save it */
-  for (p = ssl->alpn_list; *p != NULL; p++)
+  for (p = tls->alpn_list; *p; p++)
     {
-      if (name_len == strlen (*p) && memcmp (buf + 3, *p, name_len) == 0)
+      if (name_len == strlen (*p) && !memcmp (buf + 3, *p, name_len))
         {
-          ssl->alpn_chosen = *p;
-          return (0);
+          tls->alpn_chosen = *p;
+          return 0;
         }
     }
 
@@ -752,10 +753,11 @@ ssl_parse_alpn_ext (ntbtls_t ssl, const unsigned char *buf, size_t len)
 }
 
 
-static int
-parse_server_hello (ntbtls_t ssl)
+static gpg_error_t
+parse_server_hello (ntbtls_t tls)
 {
-  int ret, i, comp;
+  gpg_error_t err;
+  int i, comp;
   size_t n;
   size_t ext_len = 0;
   unsigned char *buf, *ext;
@@ -772,15 +774,16 @@ parse_server_hello (ntbtls_t ssl)
    *     6  .   9   UNIX time()
    *    10  .  37   random bytes
    */
-  buf = ssl->in_msg;
+  buf = tls->in_msg;
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return ret;
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
     {
       debug_msg (1, "bad server hello message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
@@ -788,39 +791,42 @@ parse_server_hello (ntbtls_t ssl)
 
   debug_msg (3, "server hello, chosen version: [%d:%d]",  buf[4], buf[5]);
 
-  if (ssl->in_hslen < 42 ||
-      buf[0] != TLS_HS_SERVER_HELLO || buf[4] != SSL_MAJOR_VERSION_3)
+  if (tls->in_hslen < 42
+      || buf[0] != TLS_HS_SERVER_HELLO
+      || buf[4] != TLS_MAJOR_VERSION_3)
     {
       debug_msg (1, "bad server hello message");
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
 
-  if (buf[5] > ssl->max_minor_ver)
+  if (buf[5] > tls->max_minor_ver)
     {
       debug_msg (1, "bad server hello message");
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
 
-  ssl->minor_ver = buf[5];
+  tls->minor_ver = buf[5];
 
-  if (ssl->minor_ver < ssl->min_minor_ver)
+  if (tls->minor_ver < tls->min_minor_ver)
     {
-      debug_msg (1, "server only supports ssl smaller than minimum"
-                 " [%d:%d] < [%d:%d]", ssl->major_ver,
-                 ssl->minor_ver, buf[4], buf[5]);
+      debug_msg (1, "server only supports TLS smaller than minimum"
+                 " [%d:%d] < [%d:%d]", tls->major_ver,
+                 tls->minor_ver, buf[4], buf[5]);
 
-      ssl_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
-                              TLS_ALERT_MSG_PROTOCOL_VERSION);
+      _ntbtls_send_alert_message (tls, TLS_ALERT_LEVEL_FATAL,
+                                  TLS_ALERT_MSG_PROTOCOL_VERSION);
 
       return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
     }
 
-  t = ((uint32_t) buf[6] << 24)
-    | ((uint32_t) buf[7] << 16)
-    | ((uint32_t) buf[8] << 8) | ((uint32_t) buf[9]);
+  /*FIXME: Replace by an buftou32 macro.  */
+  t = ((  (uint32_t) buf[6] << 24)
+       | ((uint32_t) buf[7] << 16)
+       | ((uint32_t) buf[8] << 8)
+       | ((uint32_t) buf[9]       ));
   debug_msg (3, "server hello, current time: %lu", t);
 
-  memcpy (ssl->handshake->randbytes + 32, buf + 6, 32);
+  memcpy (tls->handshake->randbytes + 32, buf + 6, 32);
 
   n = buf[38];
 
@@ -840,32 +846,32 @@ parse_server_hello (ntbtls_t ssl)
    *   42+n . 43+n  extensions length
    *   44+n . 44+n+m extensions
    */
-  if (ssl->in_hslen > 42 + n)
+  if (tls->in_hslen > 42 + n)
     {
       ext_len = ((buf[42 + n] << 8) | (buf[43 + n]));
 
-      if ((ext_len > 0 && ext_len < 4) || ssl->in_hslen != 44 + n + ext_len)
+      if ((ext_len > 0 && ext_len < 4) || tls->in_hslen != 44 + n + ext_len)
         {
           debug_msg (1, "bad server hello message");
           return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
         }
     }
 
+  /* FIXME: Use a different name for I.  */
   i = (buf[39 + n] << 8) | buf[40 + n];
   comp = buf[41 + n];
 
   /*
    * Initialize update checksum functions
    */
-  ssl->transform_negotiate->ciphersuite_info = ssl_ciphersuite_from_id (i);
-
-  if (ssl->transform_negotiate->ciphersuite_info == NULL)
+  tls->transform_negotiate->ciphersuite = _ntbtls_ciphersuite_from_id (i);
+  if (!tls->transform_negotiate->ciphersuite)
     {
       debug_msg (1, "ciphersuite info for %04x not found", i);
       return gpg_error (GPG_ERR_INV_ARG);
     }
 
-  ssl_optimize_checksum (ssl, ssl->transform_negotiate->ciphersuite_info);
+  _ntbtls_optimize_checksum (tls, tls->transform_negotiate->ciphersuite);
 
   debug_msg (3, "server hello, session id len.: %d", n);
   debug_buf (3, "server hello, session id", buf + 39, n);
@@ -873,62 +879,63 @@ parse_server_hello (ntbtls_t ssl)
   /*
    * Check if the session can be resumed
    */
-  if (ssl->renegotiation != SSL_INITIAL_HANDSHAKE ||
-      ssl->handshake->resume == 0 || n == 0 ||
-      ssl->session_negotiate->ciphersuite != i ||
-      ssl->session_negotiate->compression != comp ||
-      ssl->session_negotiate->length != n ||
-      memcmp (ssl->session_negotiate->id, buf + 39, n) != 0)
-    {
-      ssl->state++;
-      ssl->handshake->resume = 0;
-      ssl->session_negotiate->start = time (NULL);
-      ssl->session_negotiate->ciphersuite = i;
-      ssl->session_negotiate->compression = comp;
-      ssl->session_negotiate->length = n;
-      memcpy (ssl->session_negotiate->id, buf + 39, n);
+  if (tls->renegotiation != TLS_INITIAL_HANDSHAKE
+      || !tls->handshake->resume
+      || !n
+      || tls->session_negotiate->ciphersuite != i
+      || tls->session_negotiate->compression != comp
+      || tls->session_negotiate->length != n
+      || memcmp (tls->session_negotiate->id, buf + 39, n))
+    {
+      tls->state++;
+      tls->handshake->resume = 0;
+      tls->session_negotiate->start = time (NULL);
+      tls->session_negotiate->ciphersuite = i;
+      tls->session_negotiate->compression = comp;
+      tls->session_negotiate->length = n;
+      memcpy (tls->session_negotiate->id, buf + 39, n);
     }
   else
     {
-      ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC;
+      tls->state = TLS_SERVER_CHANGE_CIPHER_SPEC;
 
-      if ((ret = _ntbtls_derive_keys (ssl)) != 0)
+      err = _ntbtls_derive_keys (tls);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ssl_derive_keys", ret);
-          return (ret);
+          debug_ret (1, "derive_keys", err);
+          return err;
         }
     }
 
   debug_msg (3, "%s session has been resumed",
-             ssl->handshake->resume ? "a" : "no");
+             tls->handshake->resume ? "a" : "no");
 
   debug_msg (3, "server hello, chosen ciphersuite: %d", i);
   debug_msg (3, "server hello, compress alg.: %d", buf[41 + n]);
 
+  //FIXME: Strange code.
   i = 0;
-  while (1)
+  for (;;)
     {
-      if (ssl->ciphersuite_list[ssl->minor_ver][i] == 0)
+      if (!tls->ciphersuite_list[tls->minor_ver][i])
         {
           debug_msg (1, "bad server hello message");
           return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
         }
 
-      if (ssl->ciphersuite_list[ssl->minor_ver][i++] ==
-          ssl->session_negotiate->ciphersuite)
+      if (tls->ciphersuite_list[tls->minor_ver][i++]
+          == tls->session_negotiate->ciphersuite)
         {
           break;
         }
     }
 
-  if (comp != TLS_COMPRESS_NULL
-      && comp != TLS_COMPRESS_DEFLATE
-    )
+  if (comp != TLS_COMPRESS_NULL && comp != TLS_COMPRESS_DEFLATE)
     {
       debug_msg (1, "bad server hello message");
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
     }
-  ssl->session_negotiate->compression = comp;
+  tls->session_negotiate->compression = comp;
 
   ext = buf + 44 + n;
 
@@ -950,65 +957,44 @@ parse_server_hello (ntbtls_t ssl)
         case TLS_EXT_RENEGOTIATION_INFO:
           debug_msg (3, "found renegotiation extension");
           renegotiation_info_seen = 1;
-
-          if ((ret = ssl_parse_renegotiation_info (ssl, ext + 4,
-                                                   ext_size)) != 0)
-            return (ret);
-
+          err = parse_renegotiation_info (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         case TLS_EXT_MAX_FRAGMENT_LENGTH:
           debug_msg (3, "found max_fragment_length extension");
-
-          if ((ret = ssl_parse_max_fragment_length_ext (ssl,
-                                                        ext + 4,
-                                                        ext_size)) != 0)
-            {
-              return (ret);
-            }
-
+          err = parse_max_fragment_length_ext (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         case TLS_EXT_TRUNCATED_HMAC:
           debug_msg (3, "found truncated_hmac extension");
-
-          if ((ret = ssl_parse_truncated_hmac_ext (ssl,
-                                                   ext + 4, ext_size)) != 0)
-            {
-              return (ret);
-            }
-
+          err = parse_truncated_hmac_ext (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         case TLS_EXT_SESSION_TICKET:
           debug_msg (3, "found session_ticket extension");
-
-          if ((ret = ssl_parse_session_ticket_ext (ssl,
-                                                   ext + 4, ext_size)) != 0)
-            {
-              return (ret);
-            }
-
+          err = parse_session_ticket_ext (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         case TLS_EXT_SUPPORTED_POINT_FORMATS:
           debug_msg (3, "found supported_point_formats extension");
-
-          if ((ret = ssl_parse_supported_point_formats_ext (ssl,
-                                                            ext + 4,
-                                                            ext_size)) != 0)
-            {
-              return (ret);
-            }
-
+          err = parse_supported_point_formats_ext (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         case TLS_EXT_ALPN:
           debug_msg (3, "found alpn extension");
-
-          if ((ret = ssl_parse_alpn_ext (ssl, ext + 4, ext_size)) != 0)
-            return (ret);
-
+          err = parse_alpn_ext (tls, ext + 4, ext_size);
+          if (err)
+            return err;
           break;
 
         default:
@@ -1029,51 +1015,50 @@ parse_server_hello (ntbtls_t ssl)
   /*
    * Renegotiation security checks
    */
-  if (ssl->secure_renegotiation == TLS_LEGACY_RENEGOTIATION &&
-      ssl->allow_legacy_renegotiation == TLS_LEGACY_BREAK_HANDSHAKE)
+  if (tls->secure_renegotiation == TLS_LEGACY_RENEGOTIATION
+      && tls->allow_legacy_renegotiation == TLS_LEGACY_BREAK_HANDSHAKE)
     {
       debug_msg (1, "legacy renegotiation, breaking off handshake");
       handshake_failure = 1;
     }
-  else if (ssl->renegotiation == TLS_RENEGOTIATION &&
-           ssl->secure_renegotiation == TLS_SECURE_RENEGOTIATION &&
-           renegotiation_info_seen == 0)
+  else if (tls->renegotiation == TLS_RENEGOTIATION
+           && tls->secure_renegotiation == TLS_SECURE_RENEGOTIATION
+           && !renegotiation_info_seen)
     {
       debug_msg (1, "renegotiation_info extension missing (secure)");
       handshake_failure = 1;
     }
-  else if (ssl->renegotiation == TLS_RENEGOTIATION &&
-           ssl->secure_renegotiation == TLS_LEGACY_RENEGOTIATION &&
-           ssl->allow_legacy_renegotiation == TLS_LEGACY_NO_RENEGOTIATION)
+  else if (tls->renegotiation == TLS_RENEGOTIATION
+           && tls->secure_renegotiation == TLS_LEGACY_RENEGOTIATION
+           && tls->allow_legacy_renegotiation == TLS_LEGACY_NO_RENEGOTIATION)
     {
       debug_msg (1, "legacy renegotiation not allowed");
       handshake_failure = 1;
     }
-  else if (ssl->renegotiation == TLS_RENEGOTIATION &&
-           ssl->secure_renegotiation == TLS_LEGACY_RENEGOTIATION &&
-           renegotiation_info_seen == 1)
+  else if (tls->renegotiation == TLS_RENEGOTIATION
+           && tls->secure_renegotiation == TLS_LEGACY_RENEGOTIATION &&
+           renegotiation_info_seen)
     {
       debug_msg (1, "renegotiation_info extension present (legacy)");
       handshake_failure = 1;
     }
 
-  if (handshake_failure == 1)
+  if (handshake_failure)
     {
-      if ((ret = ssl_send_fatal_handshake_failure (ssl)) != 0)
-        return (ret);
-
-      return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+      err = _ntbtls_send_fatal_handshake_failure (tls);
+      if (!err)
+        err = gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO);
+      return err;
     }
 
   debug_msg (2, "<= parse server hello");
 
-  return (0);
+  return 0;
 }
 
 
 static int
-ssl_parse_server_dh_params (ntbtls_t ssl, unsigned char **p,
-                            unsigned char *end)
+parse_server_dh_params (ntbtls_t ssl, unsigned char **p, unsigned char *end)
 {
   int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
@@ -1086,21 +1071,22 @@ ssl_parse_server_dh_params (ntbtls_t ssl, unsigned char **p,
    *     opaque dh_Ys<1..2^16-1>;
    * } ServerDHParams;
    */
-  if ((ret = dhm_read_params (&ssl->handshake->dhm_ctx, p, end)) != 0)
-    {
-      SSL_DEBUG_RET (2, ("dhm_read_params"), ret);
-      return (ret);
-    }
-
-  if (ssl->handshake->dhm_ctx.len < 64 || ssl->handshake->dhm_ctx.len > 512)
-    {
-      debug_msg (1, "bad server key exchange message (DHM length)");
-      return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
-    }
-
-  SSL_DEBUG_MPI (3, "DHM: P ", &ssl->handshake->dhm_ctx.P);
-  SSL_DEBUG_MPI (3, "DHM: G ", &ssl->handshake->dhm_ctx.G);
-  SSL_DEBUG_MPI (3, "DHM: GY", &ssl->handshake->dhm_ctx.GY);
+  //FIXME:
+  /* if ((ret = dhm_read_params (&ssl->handshake->dhm_ctx, p, end)) != 0) */
+  /*   { */
+  /*     debug_ret (2, "dhm_read_params", ret); */
+  /*     return (ret); */
+  /*   } */
+
+  /* if (ssl->handshake->dhm_ctx.len < 64 || ssl->handshake->dhm_ctx.len > 512) */
+  /*   { */
+  /*     debug_msg (1, "bad server key exchange message (DHM length)"); */
+  /*     return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX); */
+  /*   } */
+
+  /* SSL_DEBUG_MPI (3, "DHM: P ", &ssl->handshake->dhm_ctx.P); */
+  /* SSL_DEBUG_MPI (3, "DHM: G ", &ssl->handshake->dhm_ctx.G); */
+  /* SSL_DEBUG_MPI (3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); */
 
   return (ret);
 }
@@ -1109,29 +1095,29 @@ ssl_parse_server_dh_params (ntbtls_t ssl, unsigned char **p,
 static int
 ssl_check_server_ecdh_params (const ntbtls_t ssl)
 {
-  const ecp_curve_info *curve_info;
+  //FIXME:
+  /* const ecp_curve_info *curve_info; */
 
-  curve_info = ecp_curve_info_from_grp_id (ssl->handshake->ecdh_ctx.grp.id);
-  if (curve_info == NULL)
-    {
-      debug_bug ();
-      return gpg_error (GPG_ERR_INTERNAL);
-    }
+  /* curve_info = ecp_curve_info_from_grp_id (ssl->handshake->ecdh_ctx.grp.id); */
+  /* if (curve_info == NULL) */
+  /*   { */
+  /*     debug_bug (); */
+  /*     return gpg_error (GPG_ERR_INTERNAL); */
+  /*   } */
 
-  debug_msg (2, "ECDH curve: %s", curve_info->name);
+  /* debug_msg (2, "ECDH curve: %s", curve_info->name); */
 
-  if (!ssl_curve_is_acceptable (ssl, ssl->handshake->ecdh_ctx.grp.id))
-    return (-1);
+  /* if (!ssl_curve_is_acceptable (ssl, ssl->handshake->ecdh_ctx.grp.id)) */
+  /*   return (-1); */
 
-  SSL_DEBUG_ECP (3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp);
+  /* SSL_DEBUG_ECP (3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp); */
 
   return (0);
 }
 
 
 static int
-ssl_parse_server_ecdh_params (ntbtls_t ssl,
-                              unsigned char **p, unsigned char *end)
+parse_server_ecdh_params (ntbtls_t ssl, unsigned char **p, unsigned char *end)
 {
   int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 
@@ -1143,36 +1129,37 @@ ssl_parse_server_ecdh_params (ntbtls_t ssl,
    *     ECPoint      public;
    * } ServerECDHParams;
    */
-  if ((ret = ecdh_read_params (&ssl->handshake->ecdh_ctx,
-                               (const unsigned char **) p, end)) != 0)
-    {
-      SSL_DEBUG_RET (1, ("ecdh_read_params"), ret);
-      return (ret);
-    }
-
-  if (ssl_check_server_ecdh_params (ssl) != 0)
-    {
-      debug_msg (1, "bad server key exchange message (ECDHE curve)");
-      return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
-    }
+  //FIXME:
+  /* if ((ret = ecdh_read_params (&ssl->handshake->ecdh_ctx, */
+  /*                              (const unsigned char **) p, end)) != 0) */
+  /*   { */
+  /*     debug_ret (1, ("ecdh_read_params"), ret); */
+  /*     return (ret); */
+  /*   } */
+
+  /* if (ssl_check_server_ecdh_params (ssl) != 0) */
+  /*   { */
+  /*     debug_msg (1, "bad server key exchange message (ECDHE curve)"); */
+  /*     return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX); */
+  /*   } */
 
   return (ret);
 }
 
 
-static int
-ssl_parse_server_psk_hint (ntbtls_t ssl,
-                           unsigned char **p, unsigned char *end)
+static gpg_error_t
+parse_server_psk_hint (ntbtls_t tls, unsigned char **p, unsigned char *end)
 {
-  int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
   size_t len;
-  ((void) ssl);
+
+  (void)tls;
 
   /*
    * PSK parameters:
    *
    * opaque psk_identity_hint<0..2^16-1>;
    */
+  //FIXME: Check that *p is large enough for LEN.
   len = (*p)[0] << 8 | (*p)[1];
   *p += 2;
 
@@ -1186,22 +1173,21 @@ ssl_parse_server_psk_hint (ntbtls_t ssl,
   // TODO: Retrieve PSK identity hint and callback to app
   //
   *p += len;
-  ret = 0;
 
-  return (ret);
+  return 0;
 }
 
 
 /*
  * Generate a pre-master secret and encrypt it with the server's RSA key
  */
-static int
-ssl_write_encrypted_pms (ntbtls_t ssl,
-                         size_t offset, size_t * olen, size_t pms_offset)
+static gpg_error_t
+write_encrypted_pms (ntbtls_t tls,
+                     size_t offset, size_t *olen, size_t pms_offset)
 {
-  int ret;
-  size_t len_bytes = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 0 : 2;
-  unsigned char *p = ssl->handshake->premaster + pms_offset;
+  gpg_error_t err;
+  size_t len_bytes = tls->minor_ver == TLS_MINOR_VERSION_0 ? 0 : 2;
+  unsigned char *p = tls->handshake->premaster + pms_offset;
 
   /*
    * Generate (part of) the pre-master as
@@ -1210,62 +1196,57 @@ ssl_write_encrypted_pms (ntbtls_t ssl,
    *      opaque random[46];
    *  } PreMasterSecret;
    */
-  p[0] = (unsigned char) ssl->max_major_ver;
-  p[1] = (unsigned char) ssl->max_minor_ver;
+  p[0] = (unsigned char) tls->max_major_ver;
+  p[1] = (unsigned char) tls->max_minor_ver;
 
-  if ((ret = ssl->f_rng (ssl->p_rng, p + 2, 46)) != 0)
-    {
-      SSL_DEBUG_RET (1, "f_rng", ret);
-      return (ret);
-    }
+  gcry_randomize (p + 2, 46, GCRY_STRONG_RANDOM);
 
-  ssl->handshake->pmslen = 48;
+  tls->handshake->pmslen = 48;
 
   /*
    * Now write it out, encrypted
    */
-  if (!pk_can_do (&ssl->session_negotiate->peer_cert->pk, POLARSSL_PK_RSA))
-    {
-      debug_msg (1, "certificate key type mismatch");
-      return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
-    }
-
-  if ((ret = pk_encrypt (&ssl->session_negotiate->peer_cert->pk,
-                         p, ssl->handshake->pmslen,
-                         ssl->out_msg + offset + len_bytes, olen,
-                         SSL_MAX_CONTENT_LEN - offset - len_bytes,
-                         ssl->f_rng, ssl->p_rng)) != 0)
+  //FIXME: Need a cert related can_do function.
+  /* if (!_ntbtls_x509_foo_can_do (tls->session_negotiate->peer_chain, GCRY_PK_RSA)) */
+  /*   { */
+  /*     debug_msg (1, "certificate key type mismatch"); */
+  /*     return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO); */
+  /*   } */
+
+  /* err = pk_encrypt (&tls->session_negotiate->peer_chain->pk, */
+  /*                   p, tls->handshake->pmslen, */
+  /*                   tls->out_msg + offset + len_bytes, olen, */
+  /*                   TLS_MAX_CONTENT_LEN - offset - len_bytes); */
+  err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "rsa_pkcs1_encrypt", ret);
-      return (ret);
+      debug_ret (1, "rsa_pkcs1_encrypt", err);
+      return err;
     }
 
   if (len_bytes == 2)
     {
-      ssl->out_msg[offset + 0] = (unsigned char) (*olen >> 8);
-      ssl->out_msg[offset + 1] = (unsigned char) (*olen);
+      tls->out_msg[offset + 0] = (unsigned char) (*olen >> 8);
+      tls->out_msg[offset + 1] = (unsigned char) (*olen);
       *olen += 2;
     }
 
-
-  return (0);
+  return 0;
 }
 
 
-static int
-ssl_parse_signature_algorithm (ntbtls_t ssl,
-                               unsigned char **p,
-                               unsigned char *end,
-                               md_type_t * md_alg, pk_type_t * pk_alg)
+static gpg_error_t
+parse_signature_algorithm (ntbtls_t tls, unsigned char **p, unsigned char *end,
+                           md_algo_t *md_alg, pk_algo_t *pk_alg)
 {
-  ((void) ssl);
-  *md_alg = POLARSSL_MD_NONE;
-  *pk_alg = POLARSSL_PK_NONE;
+
+  *md_alg = 0;
+  *pk_alg = 0;
 
   /* Only in TLS 1.2 */
-  if (ssl->minor_ver != SSL_MINOR_VERSION_3)
+  if (tls->minor_ver != TLS_MINOR_VERSION_3)
     {
-      return (0);
+      return 0;
     }
 
   if ((*p) + 2 > end)
@@ -1295,89 +1276,89 @@ ssl_parse_signature_algorithm (ntbtls_t ssl,
   debug_msg (2, "Server used HashAlgorithm %d", (*p)[0]);
   *p += 2;
 
-  return (0);
+  return 0;
 }
 
 
-static int
-ssl_get_ecdh_params_from_cert (ntbtls_t ssl)
+static gpg_error_t
+get_ecdh_params_from_cert (ntbtls_t tls)
 {
-  int ret;
-  const ecp_keypair *peer_key;
-
-  if (!pk_can_do (&ssl->session_negotiate->peer_cert->pk, POLARSSL_PK_ECKEY))
-    {
-      debug_msg (1, "server key not ECDH capable");
-      return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
-    }
-
-  peer_key = pk_ec (ssl->session_negotiate->peer_cert->pk);
-
-  if ((ret = ecdh_get_params (&ssl->handshake->ecdh_ctx, peer_key,
-                              POLARSSL_ECDH_THEIRS)) != 0)
-    {
-      SSL_DEBUG_RET (1, ("ecdh_get_params"), ret);
-      return (ret);
-    }
-
-  if (ssl_check_server_ecdh_params (ssl) != 0)
-    {
-      debug_msg (1, "bad server certificate (ECDH curve)");
-      return gpg_error (GPG_ERR_BAD_HS_CERT);
-    }
-
-  return (ret);
+  (void)tls;
+
+  //FIXME:
+  /* int ret; */
+  /* const ecp_keypair *peer_key; */
+
+  /* if (!pk_can_do (&ssl->session_negotiate->peer_chain->pk, POLARSSL_PK_ECKEY)) */
+  /*   { */
+  /*     debug_msg (1, "server key not ECDH capable"); */
+  /*     return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO); */
+  /*   } */
+
+  /* peer_key = pk_ec (ssl->session_negotiate->peer_chain->pk); */
+
+  /* if ((ret = ecdh_get_params (&ssl->handshake->ecdh_ctx, peer_key, */
+  /*                             POLARSSL_ECDH_THEIRS)) != 0) */
+  /*   { */
+  /*     debug_ret (1, ("ecdh_get_params"), ret); */
+  /*     return (ret); */
+  /*   } */
+
+  /* if (ssl_check_server_ecdh_params (ssl) != 0) */
+  /*   { */
+  /*     debug_msg (1, "bad server certificate (ECDH curve)"); */
+  /*     return gpg_error (GPG_ERR_BAD_HS_CERT); */
+  /*   } */
+
+  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
 }
 
 
-static int
-parse_server_key_exchange (ntbtls_t ssl)
+static gpg_error_t
+parse_server_key_exchange (ntbtls_t tls)
 {
-  int ret;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  gpg_error_t err;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
   unsigned char *p, *end;
   size_t sig_len, params_len;
   unsigned char hash[64];
-  md_type_t md_alg = POLARSSL_MD_NONE;
+  md_algo_t md_alg = 0;
   size_t hashlen;
-  pk_type_t pk_alg = POLARSSL_PK_NONE;
+  pk_algo_t pk_alg = 0;
 
 
   debug_msg (2, "=> parse server key exchange");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA)
+  if (kex == KEY_EXCHANGE_RSA)
     {
       debug_msg (2, "<= skip parse server key exchange");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
-  ((void) p);
-  ((void) end);
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
+  if (kex == KEY_EXCHANGE_ECDH_RSA || kex == KEY_EXCHANGE_ECDH_ECDSA)
     {
-      if ((ret = ssl_get_ecdh_params_from_cert (ssl)) != 0)
+      err = get_ecdh_params_from_cert (tls);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ssl_get_ecdh_params_from_cert", ret);
-          return (ret);
+          debug_ret (1, "get_ecdh_params_from_cert", err);
+          return err;
         }
 
       debug_msg (2, "<= skip parse server key exchange");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
-  ((void) p);
-  ((void) end);
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return (ret);
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
     {
       debug_msg (1, "bad server key exchange message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
@@ -1385,58 +1366,59 @@ parse_server_key_exchange (ntbtls_t ssl)
 
   /*
    * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
-   * doesn't use a psk_identity_hint
+   * doesn't use a psk_identity_hint.
    */
-  if (ssl->in_msg[0] != TLS_HS_SERVER_KEY_EXCHANGE)
+  if (tls->in_msg[0] != TLS_HS_SERVER_KEY_EXCHANGE)
     {
-      if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-          ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
+      if (kex == KEY_EXCHANGE_PSK || kex == KEY_EXCHANGE_RSA_PSK)
         {
-          ssl->record_read = 1;
-          goto exit;
+          tls->record_read = 1;
+          goto leave;
         }
 
       debug_msg (1, "bad server key exchange message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
     }
 
-  p = ssl->in_msg + 4;
-  end = ssl->in_msg + ssl->in_hslen;
-  debug_buf (3, "server key exchange", p, ssl->in_hslen - 4);
+  p = tls->in_msg + 4;
+  end = tls->in_msg + tls->in_hslen;
+  debug_buf (3, "server key exchange", p, tls->in_hslen - 4);
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_RSA_PSK
+      || kex == KEY_EXCHANGE_DHE_PSK
+      || kex == KEY_EXCHANGE_ECDHE_PSK)
     {
-      if (ssl_parse_server_psk_hint (ssl, &p, end) != 0)
+      err = parse_server_psk_hint (tls, &p, end);
+      if (err)
         {
           debug_msg (1, "bad server key exchange message");
-          return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
+          return err;
         }
-    }                           /* FALLTROUGH */
-
+    }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
-    ;                           /* nothing more to do */
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
-           ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_RSA_PSK)
+    ; /* Nothing more to do.  */
+  else if (kex == KEY_EXCHANGE_DHE_RSA
+           || kex == KEY_EXCHANGE_DHE_PSK)
     {
-      if (ssl_parse_server_dh_params (ssl, &p, end) != 0)
+      err = parse_server_dh_params (tls, &p, end);
+      if (err)
         {
           debug_msg (1, "bad server key exchange message");
-          return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
+          return err;
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA)
+  else if (kex == KEY_EXCHANGE_ECDHE_RSA
+           || kex == KEY_EXCHANGE_ECDHE_PSK
+           || kex == KEY_EXCHANGE_ECDHE_ECDSA)
     {
-      if (ssl_parse_server_ecdh_params (ssl, &p, end) != 0)
+      err = parse_server_ecdh_params (tls, &p, end);
+      if (err)
         {
           debug_msg (1, "bad server key exchange message");
-          return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
+          return err;
         }
     }
   else
@@ -1446,29 +1428,30 @@ parse_server_key_exchange (ntbtls_t ssl)
     }
 
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA)
+  if (kex == KEY_EXCHANGE_DHE_RSA
+      || kex == KEY_EXCHANGE_ECDHE_RSA
+      || kex == KEY_EXCHANGE_ECDHE_ECDSA)
     {
-      params_len = p - (ssl->in_msg + 4);
+      params_len = p - (tls->in_msg + 4);
 
       /*
        * Handle the digitally-signed structure
        */
-      if (ssl->minor_ver == SSL_MINOR_VERSION_3)
+      if (tls->minor_ver == TLS_MINOR_VERSION_3)
         {
-          if (ssl_parse_signature_algorithm (ssl, &p, end,
-                                             &md_alg, &pk_alg) != 0)
+          err = parse_signature_algorithm (tls, &p, end, &md_alg, &pk_alg);
+          if (err)
             {
               debug_msg (1, "bad server key exchange message");
-              return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
+              return err;
             }
 
-          if (pk_alg != ssl_get_ciphersuite_sig_pk_alg (ciphersuite_info))
+          if (pk_alg != _ntbtls_ciphersuite_get_sig_pk_alg (suite))
             {
               debug_msg (1, "bad server key exchange message");
               return gpg_error (GPG_ERR_BAD_HS_SERVER_KEX);
             }
+          //FIXME: Check that the ECC subtype matches.  */
         }
       else
         {
@@ -1493,14 +1476,11 @@ parse_server_key_exchange (ntbtls_t ssl)
       /*
        * Compute the hash that has been signed
        */
-      if (md_alg != POLARSSL_MD_NONE)
+      if (md_alg)
         {
-          md_context_t ctx;
+          gcry_buffer_t iov[2];
 
-          md_init (&ctx);
-
-          /* Info from md_alg will be used instead */
-          hashlen = 0;
+          memset (iov, 0, sizeof iov);
 
           /*
            * digitally-signed struct {
@@ -1509,17 +1489,18 @@ parse_server_key_exchange (ntbtls_t ssl)
            *     ServerDHParams params;
            * };
            */
-          if ((ret = md_init_ctx (&ctx, md_info_from_type (md_alg))) != 0)
-            {
-              SSL_DEBUG_RET (1, "md_init_ctx", ret);
-              return (ret);
-            }
 
-          md_starts (&ctx);
-          md_update (&ctx, ssl->handshake->randbytes, 64);
-          md_update (&ctx, ssl->in_msg + 4, params_len);
-          md_finish (&ctx, hash);
-          md_free (&ctx);
+          iov[0].data = tls->handshake->randbytes;
+          iov[0].len  = 64;
+          iov[1].data = tls->in_msg + 4;
+          iov[1].len  = params_len;
+          hashlen = gcry_md_get_algo_dlen (md_alg);
+          if (hashlen > sizeof hash)
+            err = gpg_error (GPG_ERR_BUG);
+          else
+            err = gcry_md_hash_buffers (md_alg, 0, hash, iov, 2);
+          if (err)
+            return err;
         }
       else
         {
@@ -1527,54 +1508,57 @@ parse_server_key_exchange (ntbtls_t ssl)
           return gpg_error (GPG_ERR_INTERNAL);
         }
 
-      debug_buf (3, "parameters hash", hash, hashlen != 0 ? hashlen :
-                     (unsigned int) (md_info_from_type (md_alg))->size);
+      debug_buf (3, "parameters hash", hash, hashlen);
 
+
+      //FIXME:
       /*
        * Verify signature
        */
-      if (!pk_can_do (&ssl->session_negotiate->peer_cert->pk, pk_alg))
-        {
-          debug_msg (1, "bad server key exchange message");
-          return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
-        }
-
-      if ((ret = pk_verify (&ssl->session_negotiate->peer_cert->pk,
-                            md_alg, hash, hashlen, p, sig_len)) != 0)
-        {
-          SSL_DEBUG_RET (1, "pk_verify", ret);
-          return (ret);
-        }
-    }
-
-exit:
-  ssl->state++;
+      /* Check that the indicated PK algorithm matches the provided key.  */
+      /* if (!pk_can_do (&tls->session_negotiate->peer_chain->pk, pk_alg)) */
+      /*   { */
+      /*     debug_msg (1, "bad server key exchange message"); */
+      /*     return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO); */
+      /*   } */
+
+      /* if ((ret = pk_verify (&tls->session_negotiate->peer_chain->pk, */
+      /*                       md_alg, hash, hashlen, p, sig_len)) != 0) */
+      /*   { */
+      /*     debug_ret (1, "pk_verify", ret); */
+      /*     return (ret); */
+      /*   } */
+    }
+
+ leave:
+  tls->state++;
 
   debug_msg (2, "<= parse server key exchange");
 
-  return (0);
+  return 0;
 }
 
-static int
-parse_certificate_request (ntbtls_t ssl)
+
+static gpg_error_t
+parse_certificate_request (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
   unsigned char *buf, *p;
   size_t n = 0, m = 0;
   size_t cert_type_len = 0, dn_len = 0;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
 
   debug_msg (2, "=> parse certificate request");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_RSA_PSK
+      || kex == KEY_EXCHANGE_DHE_PSK
+      || kex == KEY_EXCHANGE_ECDHE_PSK)
     {
       debug_msg (2, "<= skip parse certificate request");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
 
   /*
@@ -1589,48 +1573,48 @@ parse_certificate_request (ntbtls_t ssl)
    *    n+4 .. ...  Distinguished Name #1
    *    ... .. ...  length of DN 2, etc.
    */
-  if (ssl->record_read == 0)
+  if (!tls->record_read)
     {
-      if ((ret = _ntbtls_read_record (ssl)) != 0)
+      err = _ntbtls_read_record (tls);
+      if (err)
         {
-          debug_ret (1, "read_record", ret);
-          return (ret);
+          debug_ret (1, "read_record", err);
+          return err;
         }
 
-      if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+      if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
         {
           debug_msg (1, "bad certificate request message");
           return gpg_error (GPG_ERR_UNEXPECTED_MSG);
         }
 
-      ssl->record_read = 1;
+      tls->record_read = 1;
     }
 
-  ssl->client_auth = 0;
-  ssl->state++;
+  tls->client_auth = 0;
+  tls->state++;
 
-  if (ssl->in_msg[0] == TLS_HS_CERTIFICATE_REQUEST)
-    ssl->client_auth++;
+  if (tls->in_msg[0] == TLS_HS_CERTIFICATE_REQUEST)
+    tls->client_auth++;
 
-  debug_msg (3, "got %s certificate request",
-             ssl->client_auth ? "a" : "no");
+  debug_msg (3, "got %s certificate request", tls->client_auth ? "a" : "no");
 
-  if (ssl->client_auth == 0)
-    goto exit;
+  if (!tls->client_auth)
+    goto leave;
 
-  ssl->record_read = 0;
+  tls->record_read = 0;
 
   // TODO: handshake_failure alert for an anonymous server to request
   // client authentication
 
-  buf = ssl->in_msg;
+  buf = tls->in_msg;
 
   // Retrieve cert types
   //
   cert_type_len = buf[4];
   n = cert_type_len;
 
-  if (ssl->in_hslen < 6 + n)
+  if (tls->in_hslen < 6 + n)
     {
       debug_msg (1, "bad certificate request message");
       return gpg_error (GPG_ERR_BAD_HS_CERT_REQ);
@@ -1639,16 +1623,16 @@ parse_certificate_request (ntbtls_t ssl)
   p = buf + 5;
   while (cert_type_len > 0)
     {
-      if (*p == SSL_CERT_TYPE_RSA_SIGN &&
-          pk_can_do (ssl_own_key (ssl), POLARSSL_PK_RSA))
+      if (*p == TLS_CERT_TYPE_RSA_SIGN
+          && _ntbtls_x509_can_do (tls_own_key (tls), GCRY_PK_RSA))
         {
-          ssl->handshake->cert_type = SSL_CERT_TYPE_RSA_SIGN;
+          tls->handshake->cert_type = TLS_CERT_TYPE_RSA_SIGN;
           break;
         }
-      else if (*p == SSL_CERT_TYPE_ECDSA_SIGN &&
-            pk_can_do (ssl_own_key (ssl), POLARSSL_PK_ECDSA))
+      else if (*p == TLS_CERT_TYPE_ECDSA_SIGN
+               && _ntbtls_x509_can_do (tls_own_key (tls), GCRY_PK_ECDSA))
         {
-          ssl->handshake->cert_type = SSL_CERT_TYPE_ECDSA_SIGN;
+          tls->handshake->cert_type = TLS_CERT_TYPE_ECDSA_SIGN;
           break;
         }
       else
@@ -1660,7 +1644,7 @@ parse_certificate_request (ntbtls_t ssl)
       p++;
     }
 
-  if (ssl->minor_ver == SSL_MINOR_VERSION_3)
+  if (tls->minor_ver == TLS_MINOR_VERSION_3)
     {
       /* Ignored, see comments about hash in write_certificate_verify */
       // TODO: should check the signature part against our pk_key though
@@ -1670,7 +1654,7 @@ parse_certificate_request (ntbtls_t ssl)
       m += 2;
       n += sig_alg_len;
 
-      if (ssl->in_hslen < 6 + n)
+      if (tls->in_hslen < 6 + n)
         {
           debug_msg (1, "bad certificate request message");
           return gpg_error (GPG_ERR_BAD_HS_CERT_REQ);
@@ -1682,196 +1666,201 @@ parse_certificate_request (ntbtls_t ssl)
   dn_len = ((buf[5 + m + n] << 8) | (buf[6 + m + n]));
 
   n += dn_len;
-  if (ssl->in_hslen != 7 + m + n)
+  if (tls->in_hslen != 7 + m + n)
     {
       debug_msg (1, "bad certificate request message");
       return gpg_error (GPG_ERR_BAD_HS_CERT_REQ);
     }
 
exit:
leave:
   debug_msg (2, "<= parse certificate request");
 
-  return (0);
+  return 0;
 }
 
 
-static int
-parse_server_hello_done (ntbtls_t ssl)
+static gpg_error_t
+parse_server_hello_done (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
 
   debug_msg (2, "=> parse server hello done");
 
-  if (ssl->record_read == 0)
+  if (!tls->record_read)
     {
-      if ((ret = _ntbtls_read_record (ssl)) != 0)
+      err = _ntbtls_read_record (tls);
         {
-          debug_ret (1, "ssl_read_record", ret);
-          return (ret);
+          debug_ret (1, "read_record", err);
+          return err;
         }
 
-      if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+      if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
         {
           debug_msg (1, "bad server hello done message");
           return gpg_error (GPG_ERR_UNEXPECTED_MSG);
         }
     }
-  ssl->record_read = 0;
+  tls->record_read = 0;
 
-  if (ssl->in_hslen != 4 || ssl->in_msg[0] != TLS_HS_SERVER_HELLO_DONE)
+  if (tls->in_hslen != 4 || tls->in_msg[0] != TLS_HS_SERVER_HELLO_DONE)
     {
       debug_msg (1, "bad server hello done message");
       return gpg_error (GPG_ERR_BAD_HS_SERVER_HELLO_DONE);
     }
 
-  ssl->state++;
+  tls->state++;
 
   debug_msg (2, "<= parse server hello done");
 
-  return (0);
+  return 0;
 }
 
-static int
-write_client_key_exchange (ntbtls_t ssl)
+
+static gpg_error_t
+write_client_key_exchange (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
   size_t i, n;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
 
   debug_msg (2, "=> write client key exchange");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA)
+  if (kex == KEY_EXCHANGE_DHE_RSA)
     {
       /*
        * DHM key exchange -- send G^X mod P
        */
-      n = ssl->handshake->dhm_ctx.len;
+      n = 0; //FIXME: tls->handshake->dhm_ctx.len;
 
-      ssl->out_msg[4] = (unsigned char) (n >> 8);
-      ssl->out_msg[5] = (unsigned char) (n);
+      tls->out_msg[4] = (unsigned char) (n >> 8);
+      tls->out_msg[5] = (unsigned char) (n);
       i = 6;
 
-      ret = dhm_make_public (&ssl->handshake->dhm_ctx,
-                             (int) mpi_size (&ssl->handshake->dhm_ctx.P),
-                             &ssl->out_msg[i], n, ssl->f_rng, ssl->p_rng);
-      if (ret != 0)
+      /* err = dhm_make_public (&tls->handshake->dhm_ctx, */
+      /*                        (int) mpi_size (&tls->handshake->dhm_ctx.P), */
+      /*                        &tls->out_msg[i], n, tls->f_rng, tls->p_rng); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "dhm_make_public", ret);
-          return (ret);
+          debug_ret (1, "dhm_make_public", err);
+          return err;
         }
 
-      SSL_DEBUG_MPI (3, "DHM: X ", &ssl->handshake->dhm_ctx.X);
-      SSL_DEBUG_MPI (3, "DHM: GX", &ssl->handshake->dhm_ctx.GX);
+      /* SSL_DEBUG_MPI (3, "DHM: X ", &ssl->handshake->dhm_ctx.X); */
+      /* SSL_DEBUG_MPI (3, "DHM: GX", &tls->handshake->dhm_ctx.GX); */
 
-      ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE;
+      tls->handshake->pmslen = TLS_PREMASTER_SIZE;
 
-      if ((ret = dhm_calc_secret (&ssl->handshake->dhm_ctx,
-                                  ssl->handshake->premaster,
-                                  &ssl->handshake->pmslen,
-                                  ssl->f_rng, ssl->p_rng)) != 0)
+      /* err = dhm_calc_secret (&tls->handshake->dhm_ctx, */
+      /*                        tls->handshake->premaster, */
+      /*                        &tls->handshake->pmslen); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "dhm_calc_secret", ret);
-          return (ret);
+          debug_ret (1, "dhm_calc_secret", err);
+          return err;
         }
 
-      SSL_DEBUG_MPI (3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
+      /* SSL_DEBUG_MPI (3, "DHM: K ", &tls->handshake->dhm_ctx.K); */
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA
-        || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA
-        || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
+  else if (kex == KEY_EXCHANGE_ECDHE_RSA
+           || kex == KEY_EXCHANGE_ECDHE_ECDSA
+           || kex == KEY_EXCHANGE_ECDH_RSA
+           || kex == KEY_EXCHANGE_ECDH_ECDSA)
     {
       /*
        * ECDH key exchange -- send client public value
        */
       i = 4;
 
-      ret = ecdh_make_public (&ssl->handshake->ecdh_ctx,
-                              &n,
-                              &ssl->out_msg[i], 1000, ssl->f_rng, ssl->p_rng);
-      if (ret != 0)
+      /* ret = ecdh_make_public (&tls->handshake->ecdh_ctx, */
+      /*                         &n, &tls->out_msg[i], 1000); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ecdh_make_public", ret);
-          return (ret);
+          debug_ret (1, "ecdh_make_public", err);
+          return err;
         }
 
-      SSL_DEBUG_ECP (3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q);
+      /* SSL_DEBUG_ECP (3, "ECDH: Q", &tls->handshake->ecdh_ctx.Q); */
 
-      if ((ret = ecdh_calc_secret (&ssl->handshake->ecdh_ctx,
-                                   &ssl->handshake->pmslen,
-                                   ssl->handshake->premaster,
-                                   POLARSSL_MPI_MAX_SIZE,
-                                   ssl->f_rng, ssl->p_rng)) != 0)
+      /* err = ecdh_calc_secret (&tls->handshake->ecdh_ctx, */
+      /*                         &tls->handshake->pmslen, */
+      /*                         tls->handshake->premaster, */
+      /*                         POLARSSL_MPI_MAX_SIZE); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ecdh_calc_secret", ret);
-          return (ret);
+          debug_ret (1, "ecdh_calc_secret", err);
+          return err;
         }
 
-      SSL_DEBUG_MPI (3, "ECDH: z", &ssl->handshake->ecdh_ctx.z);
+      /* SSL_DEBUG_MPI (3, "ECDH: z", &tls->handshake->ecdh_ctx.z); */
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  else if (kex == KEY_EXCHANGE_PSK
+           || kex == KEY_EXCHANGE_RSA_PSK
+           || kex == KEY_EXCHANGE_DHE_PSK
+           || kex == KEY_EXCHANGE_ECDHE_PSK)
     {
       /*
        * opaque psk_identity<0..2^16-1>;
        */
-      if (ssl->psk == NULL || ssl->psk_identity == NULL)
+      if (!tls->psk || !tls->psk_identity)
         return gpg_error (GPG_ERR_NO_SECKEY);
 
       i = 4;
-      n = ssl->psk_identity_len;
-      ssl->out_msg[i++] = (unsigned char) (n >> 8);
-      ssl->out_msg[i++] = (unsigned char) (n);
+      n = tls->psk_identity_len;
+      tls->out_msg[i++] = (unsigned char) (n >> 8);
+      tls->out_msg[i++] = (unsigned char) (n);
 
-      memcpy (ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len);
-      i += ssl->psk_identity_len;
+      memcpy (tls->out_msg + i, tls->psk_identity, tls->psk_identity_len);
+      i += tls->psk_identity_len;
 
-      if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK)
+      if (kex == KEY_EXCHANGE_PSK)
         {
           n = 0;
         }
-      else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
+      else if (kex == KEY_EXCHANGE_RSA_PSK)
         {
-          if ((ret = ssl_write_encrypted_pms (ssl, i, &n, 2)) != 0)
-            return (ret);
+          err = write_encrypted_pms (tls, i, &n, 2);
+          if (err)
+            return err;
         }
-      else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+      else if (kex == KEY_EXCHANGE_DHE_PSK)
         {
           /*
            * ClientDiffieHellmanPublic public (DHM send G^X mod P)
            */
-          n = ssl->handshake->dhm_ctx.len;
-          ssl->out_msg[i++] = (unsigned char) (n >> 8);
-          ssl->out_msg[i++] = (unsigned char) (n);
-
-          ret = dhm_make_public (&ssl->handshake->dhm_ctx,
-                                 (int) mpi_size (&ssl->handshake->dhm_ctx.P),
-                                 &ssl->out_msg[i], n, ssl->f_rng, ssl->p_rng);
-          if (ret != 0)
+          n = 0; //FIXME: tls->handshake->dhm_ctx.len;
+          tls->out_msg[i++] = (unsigned char) (n >> 8);
+          tls->out_msg[i++] = (unsigned char) (n);
+
+          /* err = dhm_make_public (&tls->handshake->dhm_ctx, */
+          /*                        (int) mpi_size (&tls->handshake->dhm_ctx.P), */
+          /*                        &tls->out_msg[i], n); */
+          err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+          if (err)
             {
-              SSL_DEBUG_RET (1, "dhm_make_public", ret);
-              return (ret);
+              debug_ret (1, "dhm_make_public", err);
+              return err;
             }
         }
-      else if (ciphersuite_info->key_exchange
-               == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+      else if (kex == KEY_EXCHANGE_ECDHE_PSK)
         {
           /*
            * ClientECDiffieHellmanPublic public;
            */
-          ret = ecdh_make_public (&ssl->handshake->ecdh_ctx, &n,
-                                  &ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i,
-                                  ssl->f_rng, ssl->p_rng);
-          if (ret != 0)
+          /* err = ecdh_make_public (&tls->handshake->ecdh_ctx, &n, */
+          /*                         &tls->out_msg[i], TLS_MAX_CONTENT_LEN - i); */
+          err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+          if (err)
             {
-              SSL_DEBUG_RET (1, "ecdh_make_public", ret);
-              return (ret);
+              debug_ret (1, "ecdh_make_public", err);
+              return err;
             }
 
-          SSL_DEBUG_ECP (3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q);
+          /* SSL_DEBUG_ECP (3, "ECDH: Q", &tls->handshake->ecdh_ctx.Q); */
         }
       else
         {
@@ -1879,19 +1868,19 @@ write_client_key_exchange (ntbtls_t ssl)
           return gpg_error (GPG_ERR_INTERNAL);
         }
 
-      if ((ret = ssl_psk_derive_premaster (ssl,
-                                           ciphersuite_info->key_exchange)) !=
-          0)
+      err = _ntbtls_psk_derive_premaster (tls, kex);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ssl_psk_derive_premaster", ret);
-          return (ret);
+          debug_ret (1, "psk_derive_premaster", err);
+          return err;
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA)
+  else if (kex == KEY_EXCHANGE_RSA)
     {
       i = 4;
-      if ((ret = ssl_write_encrypted_pms (ssl, i, &n, 0)) != 0)
-        return (ret);
+      err = write_encrypted_pms (tls, i, &n, 0);
+      if (err)
+        return err;
     }
   else
     {
@@ -1899,62 +1888,65 @@ write_client_key_exchange (ntbtls_t ssl)
       return gpg_error (GPG_ERR_INTERNAL);
     }
 
-  if ((ret = _ntbtls_derive_keys (ssl)) != 0)
+  err = _ntbtls_derive_keys (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_derive_keys", ret);
-      return (ret);
+      debug_ret (1, "derive_keys", err);
+      return err;
     }
 
-  ssl->out_msglen = i + n;
-  ssl->out_msgtype = TLS_MSG_HANDSHAKE;
-  ssl->out_msg[0] = TLS_HS_CLIENT_KEY_EXCHANGE;
+  tls->out_msglen = i + n;
+  tls->out_msgtype = TLS_MSG_HANDSHAKE;
+  tls->out_msg[0] = TLS_HS_CLIENT_KEY_EXCHANGE;
 
-  ssl->state++;
+  tls->state++;
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write client key exchange");
 
-  return (0);
+  return 0;
 }
 
 
-static int
-write_certificate_verify (ntbtls_t ssl)
+static gpg_error_t
+write_certificate_verify (ntbtls_t tls)
 {
-  int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
-  size_t n = 0, offset = 0;
+  gpg_error_t err;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
+  size_t n = 0;
+  size_t offset = 0;
   unsigned char hash[48];
   unsigned char *hash_start = hash;
-  md_type_t md_alg = POLARSSL_MD_NONE;
+  md_algo_t md_alg = 0;
   unsigned int hashlen;
 
   debug_msg (2, "=> write certificate verify");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_RSA_PSK
+      || kex == KEY_EXCHANGE_ECDHE_PSK
+      || kex == KEY_EXCHANGE_DHE_PSK)
     {
       debug_msg (2, "<= skip write certificate verify");
-      ssl->state++;
+      tls->state++;
       return (0);
     }
 
-  if (ssl->client_auth == 0 || ssl_own_cert (ssl) == NULL)
+  if (!tls->client_auth  || !tls_own_cert (tls))
     {
       debug_msg (2, "<= skip write certificate verify");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
 
-  if (ssl_own_key (ssl) == NULL)
+  if (!tls_own_key (tls))
     {
       debug_msg (1, "got no private key");
       return gpg_error (GPG_ERR_NO_SECKEY);
@@ -1963,9 +1955,9 @@ write_certificate_verify (ntbtls_t ssl)
   /*
    * Make an RSA signature of the handshake digests
    */
-  ssl->handshake->calc_verify (ssl, hash);
+  tls->handshake->calc_verify (tls, hash);
 
-  if (ssl->minor_ver == SSL_MINOR_VERSION_3)
+  if (tls->minor_ver == TLS_MINOR_VERSION_3)
     {
       /*
        * digitally-signed struct {
@@ -1982,21 +1974,21 @@ write_certificate_verify (ntbtls_t ssl)
        * Reason: Otherwise we should have running hashes for SHA512 and SHA224
        *         in order to satisfy 'weird' needs from the server side.
        */
-      if (ssl->transform_negotiate->ciphersuite_info->mac ==
-          POLARSSL_MD_SHA384)
+      if (_ntbtls_ciphersuite_get_mac
+          (tls->transform_negotiate->ciphersuite) == GCRY_MD_SHA384)
         {
-          md_alg = POLARSSL_MD_SHA384;
-          ssl->out_msg[4] = SSL_HASH_SHA384;
+          md_alg = GCRY_MD_SHA384;
+          tls->out_msg[4] = TLS_HASH_SHA384;
+          hashlen = 48;
         }
       else
         {
-          md_alg = POLARSSL_MD_SHA256;
-          ssl->out_msg[4] = SSL_HASH_SHA256;
+          md_alg = GCRY_MD_SHA256;
+          tls->out_msg[4] = TLS_HASH_SHA256;
+          hashlen = 32;
         }
-      ssl->out_msg[5] = 0; //FIXME: ssl_sig_from_pk (ssl_own_key (ssl));
+      tls->out_msg[5] = 0; //FIXME: ssl_sig_from_pk (ssl_own_key (tls));
 
-      /* Info from md_alg will be used instead */
-      hashlen = 0;
       offset = 2;
     }
   else
@@ -2005,52 +1997,55 @@ write_certificate_verify (ntbtls_t ssl)
       return gpg_error (GPG_ERR_INTERNAL);
     }
 
-  if ((ret = pk_sign (ssl_own_key (ssl), md_alg, hash_start, hashlen,
-                      ssl->out_msg + 6 + offset, &n,
-                      ssl->f_rng, ssl->p_rng)) != 0)
+  /* err = pk_sign (tls_own_key (tls), md_alg, hash_start, hashlen, */
+  /*                tls->out_msg + 6 + offset, &n); */
+  err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "pk_sign", ret);
-      return (ret);
+      debug_ret (1, "pk_sign", err);
+      return err;
     }
 
-  ssl->out_msg[4 + offset] = (unsigned char) (n >> 8);
-  ssl->out_msg[5 + offset] = (unsigned char) (n);
+  tls->out_msg[4 + offset] = (unsigned char) (n >> 8);
+  tls->out_msg[5 + offset] = (unsigned char) (n);
 
-  ssl->out_msglen = 6 + n + offset;
-  ssl->out_msgtype = TLS_MSG_HANDSHAKE;
-  ssl->out_msg[0] = TLS_HS_CERTIFICATE_VERIFY;
+  tls->out_msglen = 6 + n + offset;
+  tls->out_msgtype = TLS_MSG_HANDSHAKE;
+  tls->out_msg[0] = TLS_HS_CERTIFICATE_VERIFY;
 
-  ssl->state++;
+  tls->state++;
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write certificate verify");
 
-  return (ret);
+  return 0;
 }
 
 
-static int
-parse_new_session_ticket (ntbtls_t ssl)
+static gpg_error_t
+parse_new_session_ticket (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
   uint32_t lifetime;
   size_t ticket_len;
   unsigned char *ticket;
 
   debug_msg (2, "=> parse new session ticket");
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return (ret);
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
     {
       debug_msg (1, "bad new session ticket message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
@@ -2068,18 +2063,20 @@ parse_new_session_ticket (ntbtls_t ssl)
    * 8  .  9   ticket_len (n)
    * 10 .  9+n ticket content
    */
-  if (ssl->in_msg[0] != TLS_HS_NEW_SESSION_TICKET || ssl->in_hslen < 10)
+  if (tls->in_msg[0] != TLS_HS_NEW_SESSION_TICKET || tls->in_hslen < 10)
     {
       debug_msg (1, "bad new session ticket message");
       return gpg_error (GPG_ERR_BAD_TICKET);
     }
 
-  lifetime = (ssl->in_msg[4] << 24) | (ssl->in_msg[5] << 16) |
-    (ssl->in_msg[6] << 8) | (ssl->in_msg[7]);
+  lifetime = ((tls->in_msg[4] << 24)
+              | (tls->in_msg[5] << 16)
+              | (tls->in_msg[6] << 8)
+              | (tls->in_msg[7]));
 
-  ticket_len = (ssl->in_msg[8] << 8) | (ssl->in_msg[9]);
+  ticket_len = (tls->in_msg[8] << 8) | (tls->in_msg[9]);
 
-  if (ticket_len + 10 != ssl->in_hslen)
+  if (ticket_len + 10 != tls->in_hslen)
     {
       debug_msg (1, "bad new session ticket message");
       return gpg_error (GPG_ERR_BAD_TICKET);
@@ -2088,20 +2085,20 @@ parse_new_session_ticket (ntbtls_t ssl)
   debug_msg (3, "ticket length: %d", ticket_len);
 
   /* We're not waiting for a NewSessionTicket message any more */
-  ssl->handshake->new_session_ticket = 0;
+  tls->handshake->new_session_ticket = 0;
 
   /*
    * Zero-length ticket means the server changed his mind and doesn't want
    * to send a ticket after all, so just forget it
    */
-  if (ticket_len == 0)
-    return (0);
+  if (!ticket_len)
+    return 0;
 
-  wipememory (ssl->session_negotiate->ticket,
-              ssl->session_negotiate->ticket_len);
-  polarssl_free (ssl->session_negotiate->ticket);
-  ssl->session_negotiate->ticket = NULL;
-  ssl->session_negotiate->ticket_len = 0;
+  wipememory (tls->session_negotiate->ticket,
+              tls->session_negotiate->ticket_len);
+  free (tls->session_negotiate->ticket);
+  tls->session_negotiate->ticket = NULL;
+  tls->session_negotiate->ticket_len = 0;
 
   ticket = malloc (ticket_len);
   if (!ticket)
@@ -2111,11 +2108,11 @@ parse_new_session_ticket (ntbtls_t ssl)
       return err;
     }
 
-  memcpy (ticket, ssl->in_msg + 10, ticket_len);
+  memcpy (ticket, tls->in_msg + 10, ticket_len);
 
-  ssl->session_negotiate->ticket = ticket;
-  ssl->session_negotiate->ticket_len = ticket_len;
-  ssl->session_negotiate->ticket_lifetime = lifetime;
+  tls->session_negotiate->ticket = ticket;
+  tls->session_negotiate->ticket_len = ticket_len;
+  tls->session_negotiate->ticket_lifetime = lifetime;
 
   /*
    * RFC 5077 section 3.4:
@@ -2123,11 +2120,11 @@ parse_new_session_ticket (ntbtls_t ssl)
    * discards any Session ID that was sent in the ServerHello."
    */
   debug_msg (3, "ticket in use, discarding session id");
-  ssl->session_negotiate->length = 0;
+  tls->session_negotiate->length = 0;
 
   debug_msg (2, "<= parse new session ticket");
 
-  return (0);
+  return 0;
 }
 
 
@@ -2140,7 +2137,7 @@ _ntbtls_handshake_client_step (ntbtls_t tls)
   gpg_error_t err;
 
   if (tls->state == TLS_HANDSHAKE_OVER)
-    return gpg_error (GPG_ERR_INV_STATE)
+    return gpg_error (GPG_ERR_INV_STATE);
 
   debug_msg (2, "client state: %d", tls->state);
 
@@ -2232,7 +2229,7 @@ _ntbtls_handshake_client_step (ntbtls_t tls)
       break;
 
     case TLS_FLUSH_BUFFERS:
-      TLS_DEBUG_MSG (2, "handshake: done");
+      debug_msg (2, "handshake: done");
       tls->state = TLS_HANDSHAKE_WRAPUP;
       break;
 
@@ -2241,7 +2238,7 @@ _ntbtls_handshake_client_step (ntbtls_t tls)
       break;
 
     default:
-      TLS_DEBUG_MSG (1, "invalid state %d", tls->state);
+      debug_msg (1, "invalid state %d", tls->state);
       err = gpg_error (GPG_ERR_INV_STATE);
       break;
     }
index d243d50..0d0fc90 100644 (file)
@@ -364,9 +364,9 @@ ssl_parse_servername_ext (ntbtls_t ssl,
           ret = ssl_sni_wrapper (ssl, p + 3, hostname_len);
           if (ret != 0)
             {
-              SSL_DEBUG_RET (1, "ssl_sni_wrapper", ret);
-              ssl_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
-                                      TLS_ALERT_MSG_UNRECOGNIZED_NAME);
+              debug_ret (1, "ssl_sni_wrapper", ret);
+              _ntbtls_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
+                                          TLS_ALERT_MSG_UNRECOGNIZED_NAME);
               return gpg_error (GPG_ERR_BAD_HS_CLIENT_HELLO);
             }
           return (0);
@@ -411,8 +411,7 @@ ssl_parse_renegotiation_info (ntbtls_t ssl,
       /* Check verify-data in constant-time. The length OTOH is no secret */
       if (len != 1 + ssl->verify_data_len ||
           buf[0] != ssl->verify_data_len ||
-          safer_memcmp (buf + 1, ssl->peer_verify_data,
-                        ssl->verify_data_len) != 0)
+          memcmpct (buf + 1, ssl->peer_verify_data, ssl->verify_data_len))
         {
           debug_msg (1, "non-matching renegotiated connection field");
 
@@ -576,7 +575,7 @@ ssl_parse_truncated_hmac_ext (ntbtls_t ssl,
 
   ((void) buf);
 
-  ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
+  ssl->session_negotiate->use_trunc_hmac = 1;
 
   return (0);
 }
@@ -588,8 +587,8 @@ ssl_parse_session_ticket_ext (ntbtls_t ssl,
 {
   int ret;
 
-  if (ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED)
-    return (0);
+  if (!ssl->use_session_tickets)
+    return 0;
 
   /* Remember the client asked us to send a new ticket */
   ssl->handshake->new_session_ticket = 1;
@@ -610,7 +609,7 @@ ssl_parse_session_ticket_ext (ntbtls_t ssl,
    */
   if ((ret = ssl_parse_ticket (ssl, buf, len)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_parse_ticket", ret);
+      debug_ret (1, "ssl_parse_ticket", ret);
       return (0);
     }
 
@@ -681,7 +680,7 @@ ssl_parse_alpn_ext (ntbtls_t ssl, const unsigned char *buf, size_t len)
     }
 
   /* If we get there, no match was found */
-  ssl_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
+  _ntbtls_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
                           TLS_ALERT_MSG_NO_APPLICATION_PROTOCOL);
   return gpg_error (GPG_ERR_BAD_HS_CLIENT_HELLO);
 }
@@ -716,10 +715,10 @@ ssl_key_matches_curves (pk_context * pk, const ecp_curve_info ** curves)
  * return 0 on success and -1 on failure.
  */
 static int
-ssl_pick_cert (ntbtls_t ssl, const ssl_ciphersuite_t * ciphersuite_info)
+ssl_pick_cert (ntbtls_t ssl, const ssl_ciphersuite_t * suite)
 {
   ssl_key_cert *cur, *list;
-  pk_type_t pk_alg = ssl_get_ciphersuite_sig_pk_alg (ciphersuite_info);
+  pk_algo_t pk_alg = ssl_get_ciphersuite_sig_pk_alg (suite);
 
   if (ssl->handshake->sni_key_cert != NULL)
     list = ssl->handshake->sni_key_cert;
@@ -742,7 +741,7 @@ ssl_pick_cert (ntbtls_t ssl, const ssl_ciphersuite_t * ciphersuite_info)
        * different uses based on keyUsage, eg if they want to avoid signing
        * and decrypting with the same RSA key.
        */
-      if (ssl_check_cert_usage (cur->cert, ciphersuite_info,
+      if (ssl_check_cert_usage (cur->cert, suite,
                                 SSL_IS_SERVER) != 0)
         {
           continue;
@@ -767,11 +766,11 @@ ssl_pick_cert (ntbtls_t ssl, const ssl_ciphersuite_t * ciphersuite_info)
 
 /*
  * Check if a given ciphersuite is suitable for use with our config/keys/etc
- * Sets ciphersuite_info only if the suite matches.
+ * Sets suite only if the suite matches.
  */
 static int
 ssl_ciphersuite_match (ntbtls_t ssl, int suite_id,
-                       const ssl_ciphersuite_t ** ciphersuite_info)
+                       const ssl_ciphersuite_t ** suite)
 {
   const ssl_ciphersuite_t *suite_info;
 
@@ -808,7 +807,7 @@ ssl_ciphersuite_match (ntbtls_t ssl, int suite_id,
   if (ssl_pick_cert (ssl, suite_info) != 0)
     return (0);
 
-  *ciphersuite_info = suite_info;
+  *suite = suite_info;
   return (0);
 }
 
@@ -826,14 +825,14 @@ parse_client_hello (ntbtls_t ssl)
   int renegotiation_info_seen = 0;
   int handshake_failure = 0;
   const int *ciphersuites;
-  const ssl_ciphersuite_t *ciphersuite_info;
+  const ssl_ciphersuite_t *suite;
 
   debug_msg (2, "=> parse client hello");
 
   if (ssl->renegotiation == SSL_INITIAL_HANDSHAKE &&
       (ret = _ntbtls_fetch_input (ssl, 5)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_fetch_input", ret);
+      debug_ret (1, "ssl_fetch_input", ret);
       return (ret);
     }
 
@@ -875,7 +874,7 @@ parse_client_hello (ntbtls_t ssl)
   if (ssl->renegotiation == SSL_INITIAL_HANDSHAKE &&
       (err = _ntbtls_fetch_input (ssl, 5 + n)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_fetch_input", ret);
+      debug_ret (1, "ssl_fetch_input", ret);
       return (ret);
     }
 
@@ -932,7 +931,7 @@ parse_client_hello (ntbtls_t ssl)
                  ssl->major_ver, ssl->minor_ver,
                  ssl->min_major_ver, ssl->min_minor_ver);
 
-      ssl_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
+      ntbtls_send_alert_message (ssl, TLS_ALERT_LEVEL_FATAL,
                               TLS_ALERT_MSG_PROTOCOL_VERSION);
 
       return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
@@ -1204,7 +1203,7 @@ parse_client_hello (ntbtls_t ssl)
    * and certificate from the SNI callback triggered by the SNI extension.)
    */
   ciphersuites = ssl->ciphersuite_list[ssl->minor_ver];
-  ciphersuite_info = NULL;
+  suite = NULL;
   for (j = 0, p = buf + 41 + sess_len; j < ciph_len; j += 2, p += 2)
     {
       for (i = 0; ciphersuites[i] != 0; i++)
@@ -1214,10 +1213,10 @@ parse_client_hello (ntbtls_t ssl)
             continue;
 
           if ((ret = ssl_ciphersuite_match (ssl, ciphersuites[i],
-                                            &ciphersuite_info)) != 0)
+                                            &suite)) != 0)
             return (ret);
 
-          if (ciphersuite_info != NULL)
+          if (suite != NULL)
             goto have_ciphersuite;
         }
     }
@@ -1231,8 +1230,8 @@ return gpg_error (GPG_ERR_NO_CIPHER);
 
 have_ciphersuite:
   ssl->session_negotiate->ciphersuite = ciphersuites[i];
-  ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
-  ssl_optimize_checksum (ssl, ssl->transform_negotiate->ciphersuite_info);
+  ssl->transform_negotiate->ciphersuite = suite;
+  _ntbtls_optimize_checksum (ssl, ssl->transform_negotiate->ciphersuite);
 
   ssl->in_left = 0;
   ssl->state++;
@@ -1249,7 +1248,7 @@ write_srv_truncated_hmac_ext (ntbtls_t ssl,
 {
   unsigned char *p = buf;
 
-  if (ssl->session_negotiate->trunc_hmac == SSL_TRUNC_HMAC_DISABLED)
+  if (!ssl->session_negotiate->use_trunc_hmac)
     {
       *olen = 0;
       return;
@@ -1455,7 +1454,7 @@ write_server_hello (ntbtls_t ssl)
   debug_buf (3, "server hello, random bytes", buf + 6, 32);
 
   /*
-   * Resume is 0  by default, see ssl_handshake_init().
+   * Resume is 0  by default, see handshake_init().
    * It may be already set to 1 by ssl_parse_session_ticket_ext().
    * If not, try looking up session ID in our cache.
    */
@@ -1502,7 +1501,7 @@ write_server_hello (ntbtls_t ssl)
 
       if ((ret = _ntbtls_derive_keys (ssl)) != 0)
         {
-          SSL_DEBUG_RET (1, "ssl_derive_keys", ret);
+          debug_ret (1, "ssl_derive_keys", ret);
           return (ret);
         }
     }
@@ -1579,8 +1578,8 @@ static int
 write_certificate_request (ntbtls_t ssl)
 {
   int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  const ssl_ciphersuite_t *suite =
+    ssl->transform_negotiate->ciphersuite;
   size_t dn_size, total_dn_size;        /* excluding length bytes */
   size_t ct_len, sa_len;        /* including length bytes */
   unsigned char *buf, *p;
@@ -1590,10 +1589,10 @@ write_certificate_request (ntbtls_t ssl)
 
   ssl->state++;
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
       ssl->authmode == SSL_VERIFY_NONE)
     {
       debug_msg (2, "<= skip write certificate request");
@@ -1651,7 +1650,7 @@ write_certificate_request (ntbtls_t ssl)
        */
       ssl->handshake->verify_sig_alg = SSL_HASH_SHA256;
 
-      if (ssl->transform_negotiate->ciphersuite_info->mac ==
+      if (ssl->transform_negotiate->ciphersuite->mac ==
           POLARSSL_MD_SHA384)
         {
           ssl->handshake->verify_sig_alg = SSL_HASH_SHA384;
@@ -1725,7 +1724,7 @@ ssl_get_ecdh_params_from_cert (ntbtls_t ssl)
                               pk_ec (*ssl_own_key (ssl)),
                               POLARSSL_ECDH_OURS)) != 0)
     {
-      SSL_DEBUG_RET (1, ("ecdh_get_params"), ret);
+      debug_ret (1, ("ecdh_get_params"), ret);
       return (ret);
     }
 
@@ -1738,8 +1737,8 @@ write_server_key_exchange (ntbtls_t ssl)
 {
   int ret;
   size_t n = 0;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  const ssl_ciphersuite_t *suite =
+    ssl->transform_negotiate->ciphersuite;
   unsigned char *p = ssl->out_msg + 4;
   unsigned char *dig_signed = p;
   size_t dig_signed_len = 0, len;
@@ -1749,17 +1748,17 @@ write_server_key_exchange (ntbtls_t ssl)
 
   debug_msg (2, "=> write server key exchange");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
     {
       debug_msg (2, "<= skip write server key exchange");
       ssl->state++;
       return (0);
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
     {
       ssl_get_ecdh_params_from_cert (ssl);
 
@@ -1768,8 +1767,8 @@ write_server_key_exchange (ntbtls_t ssl)
       return (0);
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
     {
       /* TODO: Support identity hints */
       *(p++) = 0x00;
@@ -1778,8 +1777,8 @@ write_server_key_exchange (ntbtls_t ssl)
       n += 2;
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
     {
       /*
        * Ephemeral DH parameters:
@@ -1793,7 +1792,7 @@ write_server_key_exchange (ntbtls_t ssl)
       if ((ret = mpi_copy (&ssl->handshake->dhm_ctx.P, &ssl->dhm_P)) != 0 ||
           (ret = mpi_copy (&ssl->handshake->dhm_ctx.G, &ssl->dhm_G)) != 0)
         {
-          SSL_DEBUG_RET (1, "mpi_copy", ret);
+          debug_ret (1, "mpi_copy", ret);
           return (ret);
         }
 
@@ -1801,7 +1800,7 @@ write_server_key_exchange (ntbtls_t ssl)
                                   (int) mpi_size (&ssl->handshake->dhm_ctx.P),
                                   p, &len, ssl->f_rng, ssl->p_rng)) != 0)
         {
-          SSL_DEBUG_RET (1, "dhm_make_params", ret);
+          debug_ret (1, "dhm_make_params", ret);
           return (ret);
         }
 
@@ -1817,9 +1816,9 @@ write_server_key_exchange (ntbtls_t ssl)
       SSL_DEBUG_MPI (3, "DHM: GX", &ssl->handshake->dhm_ctx.GX);
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
     {
       /*
        * Ephemeral ECDH parameters:
@@ -1850,7 +1849,7 @@ write_server_key_exchange (ntbtls_t ssl)
       if ((ret = ecp_use_known_dp (&ssl->handshake->ecdh_ctx.grp,
                                    (*curve)->grp_id)) != 0)
         {
-          SSL_DEBUG_RET (1, "ecp_use_known_dp", ret);
+          debug_ret (1, "ecp_use_known_dp", ret);
           return (ret);
         }
 
@@ -1860,7 +1859,7 @@ write_server_key_exchange (ntbtls_t ssl)
       /*                              p, TLS_MAX_CONTENT_LEN - n, */
       /*                              ssl->f_rng, ssl->p_rng)) != 0) */
       /*   { */
-      /*     SSL_DEBUG_RET (1, "ecdh_make_params", ret); */
+      /*     debug_ret (1, "ecdh_make_params", ret); */
       /*     return (ret); */
       /*   } */
 
@@ -1873,14 +1872,14 @@ write_server_key_exchange (ntbtls_t ssl)
       SSL_DEBUG_ECP (3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q);
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA)
     {
       size_t signature_len = 0;
       unsigned int hashlen = 0;
       unsigned char hash[64];
-      md_type_t md_alg = 0;
+      md_algo_t md_alg = 0;
 
       /*
        * Choose hash algorithm. NONE means MD5 + SHA1 here.
@@ -1921,7 +1920,7 @@ write_server_key_exchange (ntbtls_t ssl)
            */
           if ((ret = md_init_ctx (&ctx, md_info)) != 0)
             {
-              SSL_DEBUG_RET (1, "md_init_ctx", ret);
+              debug_ret (1, "md_init_ctx", ret);
               return (ret);
             }
 
@@ -1961,7 +1960,7 @@ write_server_key_exchange (ntbtls_t ssl)
                           p + 2, &signature_len,
                           ssl->f_rng, ssl->p_rng)) != 0)
         {
-          SSL_DEBUG_RET (1, "pk_sign", ret);
+          debug_ret (1, "pk_sign", ret);
           return (ret);
         }
 
@@ -1983,7 +1982,7 @@ write_server_key_exchange (ntbtls_t ssl)
 
   if ((ret = ssl_write_record (ssl)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
+      debug_ret (1, "ssl_write_record", ret);
       return (ret);
     }
 
@@ -2007,7 +2006,7 @@ write_server_hello_done (ntbtls_t ssl)
 
   if ((ret = ssl_write_record (ssl)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
+      debug_ret (1, "ssl_write_record", ret);
       return (ret);
     }
 
@@ -2044,7 +2043,7 @@ ssl_parse_client_dh_public (ntbtls_t ssl, unsigned char **p,
 
   if ((ret = dhm_read_public (&ssl->handshake->dhm_ctx, *p, n)) != 0)
     {
-      SSL_DEBUG_RET (1, "dhm_read_public", ret);
+      debug_ret (1, "dhm_read_public", ret);
       return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
     }
 
@@ -2160,7 +2159,7 @@ ssl_parse_client_psk_identity (ntbtls_t ssl, unsigned char **p,
       /* Identity is not a big secret since clients send it in the clear,
        * but treat it carefully anyway, just in case */
       if (n != ssl->psk_identity_len ||
-          safer_memcmp (ssl->psk_identity, *p, n) != 0)
+          memcmpct (ssl->psk_identity, *p, n))
         {
           ret = gpg_error (GPG_ERR_UNKNOWN_IDENTITY);
         }
@@ -2169,7 +2168,7 @@ ssl_parse_client_psk_identity (ntbtls_t ssl, unsigned char **p,
   if (gpg_err_code (ret) == GPG_ERR_UNKNOWN_IDENTITY)
     {
       debug_buf (3, "Unknown PSK identity", *p, n);
-      if ((ret = ssl_send_alert_message (ssl,
+      if ((ret = ntbtls_send_alert_message (ssl,
                                          TLS_ALERT_LEVEL_FATAL,
                                          TLS_ALERT_MSG_UNKNOWN_PSK_IDENTITY))
           != 0)
@@ -2190,9 +2189,9 @@ static int
 parse_client_key_exchange (ntbtls_t ssl)
 {
   int ret;
-  const ssl_ciphersuite_t *ciphersuite_info;
+  const ssl_ciphersuite_t *suite;
 
-  ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+  suite = ssl->transform_negotiate->ciphersuite;
 
   debug_msg (2, "=> parse client key exchange");
 
@@ -2214,14 +2213,14 @@ parse_client_key_exchange (ntbtls_t ssl)
       return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
     }
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA)
     {
       unsigned char *p = ssl->in_msg + 4;
       unsigned char *end = ssl->in_msg + ssl->in_hslen;
 
       if ((ret = ssl_parse_client_dh_public (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_dh_public"), ret);
+          debug_ret (1, ("ssl_parse_client_dh_public"), ret);
           return (ret);
         }
 
@@ -2238,21 +2237,21 @@ parse_client_key_exchange (ntbtls_t ssl)
                                   &ssl->handshake->pmslen,
                                   ssl->f_rng, ssl->p_rng)) != 0)
         {
-          SSL_DEBUG_RET (1, "dhm_calc_secret", ret);
+          debug_ret (1, "dhm_calc_secret", ret);
           return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
         }
 
       SSL_DEBUG_MPI (3, "DHM: K ", &ssl->handshake->dhm_ctx.K);
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA
-        || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA
-        || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA
-        || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA
+        || suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA
+        || suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA
+        || suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA)
     {
       if ((ret = ecdh_read_public (&ssl->handshake->ecdh_ctx,
                                    ssl->in_msg + 4, ssl->in_hslen - 4)) != 0)
         {
-          SSL_DEBUG_RET (1, "ecdh_read_public", ret);
+          debug_ret (1, "ecdh_read_public", ret);
           return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
         }
 
@@ -2264,20 +2263,20 @@ parse_client_key_exchange (ntbtls_t ssl)
                                    POLARSSL_MPI_MAX_SIZE,
                                    ssl->f_rng, ssl->p_rng)) != 0)
         {
-          SSL_DEBUG_RET (1, "ecdh_calc_secret", ret);
+          debug_ret (1, "ecdh_calc_secret", ret);
           return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
         }
 
       SSL_DEBUG_MPI (3, "ECDH: z  ", &ssl->handshake->ecdh_ctx.z);
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_PSK)
     {
       unsigned char *p = ssl->in_msg + 4;
       unsigned char *end = ssl->in_msg + ssl->in_hslen;
 
       if ((ret = ssl_parse_client_psk_identity (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_psk_identity"), ret);
+          debug_ret (1, ("ssl_parse_client_psk_identity"), ret);
           return (ret);
         }
 
@@ -2288,51 +2287,51 @@ parse_client_key_exchange (ntbtls_t ssl)
         }
 
       if ((ret = ssl_psk_derive_premaster (ssl,
-                                           ciphersuite_info->key_exchange)) !=
+                                           suite->key_exchange)) !=
           0)
         {
-          SSL_DEBUG_RET (1, "ssl_psk_derive_premaster", ret);
+          debug_ret (1, "ssl_psk_derive_premaster", ret);
           return (ret);
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK)
     {
       unsigned char *p = ssl->in_msg + 4;
       unsigned char *end = ssl->in_msg + ssl->in_hslen;
 
       if ((ret = ssl_parse_client_psk_identity (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_psk_identity"), ret);
+          debug_ret (1, ("ssl_parse_client_psk_identity"), ret);
           return (ret);
         }
 
       if ((ret = ssl_parse_encrypted_pms (ssl, p, end, 2)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_encrypted_pms"), ret);
+          debug_ret (1, ("ssl_parse_encrypted_pms"), ret);
           return (ret);
         }
 
       if ((ret = ssl_psk_derive_premaster (ssl,
-                                           ciphersuite_info->key_exchange)) !=
+                                           suite->key_exchange)) !=
           0)
         {
-          SSL_DEBUG_RET (1, "ssl_psk_derive_premaster", ret);
+          debug_ret (1, "ssl_psk_derive_premaster", ret);
           return (ret);
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
     {
       unsigned char *p = ssl->in_msg + 4;
       unsigned char *end = ssl->in_msg + ssl->in_hslen;
 
       if ((ret = ssl_parse_client_psk_identity (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_psk_identity"), ret);
+          debug_ret (1, ("ssl_parse_client_psk_identity"), ret);
           return (ret);
         }
       if ((ret = ssl_parse_client_dh_public (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_dh_public"), ret);
+          debug_ret (1, ("ssl_parse_client_dh_public"), ret);
           return (ret);
         }
 
@@ -2343,49 +2342,49 @@ parse_client_key_exchange (ntbtls_t ssl)
         }
 
       if ((ret = ssl_psk_derive_premaster (ssl,
-                                           ciphersuite_info->key_exchange)) !=
+                                           suite->key_exchange)) !=
           0)
         {
-          SSL_DEBUG_RET (1, "ssl_psk_derive_premaster", ret);
+          debug_ret (1, "ssl_psk_derive_premaster", ret);
           return (ret);
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
     {
       unsigned char *p = ssl->in_msg + 4;
       unsigned char *end = ssl->in_msg + ssl->in_hslen;
 
       if ((ret = ssl_parse_client_psk_identity (ssl, &p, end)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_client_psk_identity"), ret);
+          debug_ret (1, ("ssl_parse_client_psk_identity"), ret);
           return (ret);
         }
 
       if ((ret = ecdh_read_public (&ssl->handshake->ecdh_ctx,
                                    p, end - p)) != 0)
         {
-          SSL_DEBUG_RET (1, "ecdh_read_public", ret);
+          debug_ret (1, "ecdh_read_public", ret);
           return gpg_error (GPG_ERR_BAD_HS_CLIENT_KEX);
         }
 
       SSL_DEBUG_ECP (3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp);
 
       if ((ret = ssl_psk_derive_premaster (ssl,
-                                           ciphersuite_info->key_exchange)) !=
+                                           suite->key_exchange)) !=
           0)
         {
-          SSL_DEBUG_RET (1, "ssl_psk_derive_premaster", ret);
+          debug_ret (1, "ssl_psk_derive_premaster", ret);
           return (ret);
         }
     }
-  else if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA)
+  else if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA)
     {
       if ((ret = ssl_parse_encrypted_pms (ssl,
                                           ssl->in_msg + 4,
                                           ssl->in_msg + ssl->in_hslen,
                                           0)) != 0)
         {
-          SSL_DEBUG_RET (1, ("ssl_parse_parse_encrypted_pms_secret"), ret);
+          debug_ret (1, ("ssl_parse_parse_encrypted_pms_secret"), ret);
           return (ret);
         }
     }
@@ -2397,7 +2396,7 @@ parse_client_key_exchange (ntbtls_t ssl)
 
   if ((ret = _ntbtls_derive_keys (ssl)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_derive_keys", ret);
+      debug_ret (1, "ssl_derive_keys", ret);
       return (ret);
     }
 
@@ -2417,17 +2416,17 @@ parse_certificate_verify (ntbtls_t ssl)
   unsigned char hash[48];
   unsigned char *hash_start = hash;
   size_t hashlen;
-  pk_type_t pk_alg;
-  md_type_t md_alg;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  pk_algo_t pk_alg;
+  md_algo_t md_alg;
+  const ssl_ciphersuite_t *suite =
+    ssl->transform_negotiate->ciphersuite;
 
   debug_msg (2, "=> parse certificate verify");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
+  if (suite->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
+      suite->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK)
     {
       debug_msg (2, "<= skip parse certificate verify");
       ssl->state++;
@@ -2528,7 +2527,7 @@ parse_certificate_verify (ntbtls_t ssl)
                         md_alg, hash_start, hashlen,
                         ssl->in_msg + 6 + sa_len, sig_len)) != 0)
     {
-      SSL_DEBUG_RET (1, "pk_verify", ret);
+      debug_ret (1, "pk_verify", ret);
       return (ret);
     }
 
@@ -2568,7 +2567,7 @@ write_new_session_ticket (ntbtls_t ssl)
 
   if ((ret = ssl_write_ticket (ssl, &tlen)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_write_ticket", ret);
+      debug_ret (1, "ssl_write_ticket", ret);
       tlen = 0;
     }
 
@@ -2585,7 +2584,7 @@ write_new_session_ticket (ntbtls_t ssl)
 
   if ((ret = ssl_write_record (ssl)) != 0)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
+      debug_ret (1, "ssl_write_record", ret);
       return (ret);
     }
 
index b1a2cfc..6627557 100644 (file)
 #include <stdlib.h>
 
 #include "ntbtls-int.h"
+#include "ciphersuites.h"
 
-
+static void transform_deinit (transform_t transform);
 static void session_deinit (session_t session);
+static void handshake_params_deinit (handshake_params_t handshake);
+static void ticket_keys_deinit (ticket_keys_t tkeys);
 
-static void update_checksum_start (ntbtls_t, const unsigned char *, size_t);
 static void update_checksum_sha256 (ntbtls_t, const unsigned char *, size_t);
-static void calc_verify_tls_sha256 (ntbtls_t, unsigned char *);
 static void calc_finished_tls_sha256 (ntbtls_t, unsigned char *, int);
-static void update_checksum_sha384 (ntbtls_t, const unsigned char *, size_t);
 static void calc_verify_tls_sha384 (ntbtls_t, unsigned char *);
 static void calc_finished_tls_sha384 (ntbtls_t, unsigned char *, int);
 
 
 
+
 /*
  * Convert max_fragment_length codes to length.
  * RFC 6066 says:
@@ -49,23 +50,23 @@ static void calc_finished_tls_sha384 (ntbtls_t, unsigned char *, int);
  *    } MaxFragmentLength;
  * and we add 0 -> extension unused
  */
-static unsigned int mfl_code_to_length[TLS_MAX_FRAG_LEN_INVALID] =
+static unsigned int mfl_code_to_length[] =
   {
-    TLS_MAX_CONTENT_LEN,          /* SSL_MAX_FRAG_LEN_NONE */
-    512,                          /* SSL_MAX_FRAG_LEN_512  */
-    1024,                         /* SSL_MAX_FRAG_LEN_1024 */
-    2048,                         /* SSL_MAX_FRAG_LEN_2048 */
-    4096                          /* SSL_MAX_FRAG_LEN_4096 */
+    TLS_MAX_CONTENT_LEN,          /* TLS_MAX_FRAG_LEN_NONE */
+    512,                          /* TLS_MAX_FRAG_LEN_512  */
+    1024,                         /* TLS_MAX_FRAG_LEN_1024 */
+    2048,                         /* TLS_MAX_FRAG_LEN_2048 */
+    4096                          /* TLS_MAX_FRAG_LEN_4096 */
   };
 
 
-static int
-ssl_session_copy (session_t dst, const session_t src)
+static gpg_error_t
+session_copy (session_t dst, const session_t src)
 {
   session_deinit (dst);
   memcpy (dst, src, sizeof *src);
 
-  if (src->peer_cert)
+  if (src->peer_chain)
     {
       /* int ret; */
 
@@ -87,7 +88,7 @@ ssl_session_copy (session_t dst, const session_t src)
 
   if (src->ticket)
     {
-      dst->ticket =  malloc (src->ticket_len);
+      dst->ticket = malloc (src->ticket_len);
       if (!dst->ticket)
         return gpg_error_from_syserror ();
 
@@ -263,33 +264,33 @@ _ntbtls_derive_keys (ntbtls_t ssl)
 
   /* debug_msg (2, "=> derive keys"); */
 
-  /* cipher_info = cipher_info_from_type (transform->ciphersuite_info->cipher); */
+  /* cipher_info = cipher_info_from_type (transform->ciphersuite->cipher); */
   /* if (cipher_info == NULL) */
   /*   { */
   /*     debug_msg (1, "cipher info for %d not found", */
-  /*                transform->ciphersuite_info->cipher); */
+  /*                transform->ciphersuite->cipher); */
   /*     return gpg_error (GPG_ERR_INV_ARG); */
   /*   } */
 
-  /* md_info = md_info_from_type (transform->ciphersuite_info->mac); */
+  /* md_info = md_info_from_type (transform->ciphersuite->mac); */
   /* if (md_info == NULL) */
   /*   { */
   /*     debug_msg (1, "md info for %d not found", */
-  /*                transform->ciphersuite_info->mac); */
+  /*                transform->ciphersuite->mac); */
   /*     return gpg_error (GPG_ERR_INV_ARG); */
   /*   } */
 
   /* /\* */
   /*  * Set appropriate PRF function and other TLS functions */
   /*  *\/ */
-  /* if (ssl->minor_ver == SSL_MINOR_VERSION_3 && */
-  /*     transform->ciphersuite_info->mac == GCRY_MD_SHA384) */
+  /* if (ssl->minor_ver == TLS_MINOR_VERSION_3 && */
+  /*     transform->ciphersuite->mac == GCRY_MD_SHA384) */
   /*   { */
   /*     handshake->tls_prf = tls_prf_sha384; */
   /*     handshake->calc_verify = calc_verify_tls_sha384; */
   /*     handshake->calc_finished = calc_finished_tls_sha384; */
   /*   } */
-  /* else if (ssl->minor_ver == SSL_MINOR_VERSION_3) */
+  /* else if (ssl->minor_ver == TLS_MINOR_VERSION_3) */
   /*   { */
   /*     handshake->tls_prf = tls_prf_sha256; */
   /*     handshake->calc_verify = calc_verify_tls_sha256; */
@@ -357,7 +358,7 @@ _ntbtls_derive_keys (ntbtls_t ssl)
 
   /*     /\* Minimum length is expicit IV + tag *\/ */
   /*     transform->minlen = transform->ivlen - transform->fixed_ivlen */
-  /*       + (transform->ciphersuite_info->flags & */
+  /*       + (transform->ciphersuite->flags & */
   /*          POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16); */
   /*   } */
   /* else */
@@ -368,7 +369,7 @@ _ntbtls_derive_keys (ntbtls_t ssl)
   /*     if ((ret = md_init_ctx (&transform->md_ctx_enc, md_info)) != 0 || */
   /*         (ret = md_init_ctx (&transform->md_ctx_dec, md_info)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "md_init_ctx", ret); */
+  /*         debug_ret (1, "md_init_ctx", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -380,8 +381,8 @@ _ntbtls_derive_keys (ntbtls_t ssl)
   /*      * (rfc 6066 page 13 or rfc 2104 section 4), */
   /*      * so we only need to adjust the length here. */
   /*      *\/ */
-  /*     if (session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED) */
-  /*       transform->maclen = SSL_TRUNCATED_HMAC_LEN; */
+  /*     if (session->use_trunc_hmac) */
+  /*       transform->maclen = TLS_TRUNCATED_HMAC_LEN; */
 
   /*     /\* IV length *\/ */
   /*     transform->ivlen = cipher_info->iv_size; */
@@ -400,8 +401,8 @@ _ntbtls_derive_keys (ntbtls_t ssl)
   /*                              + cipher_info->block_size */
   /*                              - transform->maclen % cipher_info->block_size); */
 
-  /*         if (ssl->minor_ver == SSL_MINOR_VERSION_2 */
-  /*             || ssl->minor_ver == SSL_MINOR_VERSION_3) */
+  /*         if (ssl->minor_ver == TLS_MINOR_VERSION_2 */
+  /*             || ssl->minor_ver == TLS_MINOR_VERSION_3) */
   /*           { */
   /*             transform->minlen += transform->ivlen; */
   /*           } */
@@ -455,7 +456,7 @@ _ntbtls_derive_keys (ntbtls_t ssl)
   /*             iv_copy_len); */
   /*   } */
 
-  /* if (ssl->minor_ver >= SSL_MINOR_VERSION_1) */
+  /* if (ssl->minor_ver >= TLS_MINOR_VERSION_1) */
   /*   { */
   /*     md_hmac_starts (&transform->md_ctx_enc, mac_enc, transform->maclen); */
   /*     md_hmac_starts (&transform->md_ctx_dec, mac_dec, transform->maclen); */
@@ -468,27 +469,27 @@ _ntbtls_derive_keys (ntbtls_t ssl)
 
   /* if ((ret = cipher_init_ctx (&transform->cipher_ctx_enc, cipher_info)) != 0) */
   /*   { */
-  /*     SSL_DEBUG_RET (1, "cipher_init_ctx", ret); */
+  /*     debug_ret (1, "cipher_init_ctx", ret); */
   /*     return (ret); */
   /*   } */
 
   /* if ((ret = cipher_init_ctx (&transform->cipher_ctx_dec, cipher_info)) != 0) */
   /*   { */
-  /*     SSL_DEBUG_RET (1, "cipher_init_ctx", ret); */
+  /*     debug_ret (1, "cipher_init_ctx", ret); */
   /*     return (ret); */
   /*   } */
 
   /* if ((ret = cipher_setkey (&transform->cipher_ctx_enc, key1, */
   /*                           cipher_info->key_length, POLARSSL_ENCRYPT)) != 0) */
   /*   { */
-  /*     SSL_DEBUG_RET (1, "cipher_setkey", ret); */
+  /*     debug_ret (1, "cipher_setkey", ret); */
   /*     return (ret); */
   /*   } */
 
   /* if ((ret = cipher_setkey (&transform->cipher_ctx_dec, key2, */
   /*                           cipher_info->key_length, POLARSSL_DECRYPT)) != 0) */
   /*   { */
-  /*     SSL_DEBUG_RET (1, "cipher_setkey", ret); */
+  /*     debug_ret (1, "cipher_setkey", ret); */
   /*     return (ret); */
   /*   } */
 
@@ -497,14 +498,14 @@ _ntbtls_derive_keys (ntbtls_t ssl)
   /*     if ((ret = cipher_set_padding_mode (&transform->cipher_ctx_enc, */
   /*                                         POLARSSL_PADDING_NONE)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_set_padding_mode", ret); */
+  /*         debug_ret (1, "cipher_set_padding_mode", ret); */
   /*         return (ret); */
   /*       } */
 
   /*     if ((ret = cipher_set_padding_mode (&transform->cipher_ctx_dec, */
   /*                                         POLARSSL_PADDING_NONE)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_set_padding_mode", ret); */
+  /*         debug_ret (1, "cipher_set_padding_mode", ret); */
   /*         return (ret); */
   /*       } */
   /*   } */
@@ -584,11 +585,12 @@ calc_verify_tls_sha384 (ntbtls_t ssl, unsigned char hash[48])
 }
 
 
-int
-ssl_psk_derive_premaster (ntbtls_t ssl, key_exchange_type_t key_ex)
+gpg_error_t
+_ntbtls_psk_derive_premaster (ntbtls_t tls, key_exchange_type_t kex)
 {
-  unsigned char *p = ssl->handshake->premaster;
-  unsigned char *end = p + sizeof (ssl->handshake->premaster);
+  gpg_error_t err;
+  unsigned char *p = tls->handshake->premaster;
+  unsigned char *end = p + sizeof (tls->handshake->premaster);
 
   /*
    * PMS = struct {
@@ -597,16 +599,16 @@ ssl_psk_derive_premaster (ntbtls_t ssl, key_exchange_type_t key_ex)
    * };
    * with "other_secret" depending on the particular key exchange
    */
-  if (key_ex == KEY_EXCHANGE_PSK)
+  if (kex == KEY_EXCHANGE_PSK)
     {
-      if (end - p < 2 + (int) ssl->psk_len)
+      if (end - p < 2 + (int) tls->psk_len)
         return gpg_error (GPG_ERR_INV_ARG);
 
-      *(p++) = (unsigned char) (ssl->psk_len >> 8);
-      *(p++) = (unsigned char) (ssl->psk_len);
-      p += ssl->psk_len;
+      *(p++) = (unsigned char) (tls->psk_len >> 8);
+      *(p++) = (unsigned char) (tls->psk_len);
+      p += tls->psk_len;
     }
-  else if (key_ex == KEY_EXCHANGE_RSA_PSK)
+  else if (kex == KEY_EXCHANGE_RSA_PSK)
     {
       /*
        * other_secret already set by the ClientKeyExchange message,
@@ -616,44 +618,42 @@ ssl_psk_derive_premaster (ntbtls_t ssl, key_exchange_type_t key_ex)
       *p++ = 48;
       p += 48;
     }
-  else if (key_ex == KEY_EXCHANGE_DHE_PSK)
+  else if (kex == KEY_EXCHANGE_DHE_PSK)
     {
-      //FIXME:
-      /* int ret; */
-      /* size_t len = end - (p + 2); */
+      size_t len = end - (p + 2);
 
-      /* Write length only when we know the actual value */
-      /* if ((ret = dhm_calc_secret (&ssl->handshake->dhm_ctx, */
-      /*                             p + 2, &len, ssl->f_rng, ssl->p_rng)) != 0) */
-      /*   { */
-      /*     SSL_DEBUG_RET (1, "dhm_calc_secret", ret); */
-      /*     return (ret); */
-      /*   } */
-      /* *(p++) = (unsigned char) (len >> 8); */
-      /* *(p++) = (unsigned char) (len); */
-      /* p += len; */
+      /* Write length only when we know the actual value.  */
+      /* err = dhm_calc_secret (&tls->handshake->dhm_ctx, p + 2, &len); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
+        {
+          debug_ret (1, "dhm_calc_secret", err);
+          return err;
+        }
+      *(p++) = (unsigned char) (len >> 8);
+      *(p++) = (unsigned char) (len);
+      p += len;
 
-      /* SSL_DEBUG_MPI (3, "DHM: K ", &ssl->handshake->dhm_ctx.K); */
+      /* SSL_DEBUG_MPI (3, "DHM: K ", &tls->handshake->dhm_ctx.K); */
     }
-  else if (key_ex == KEY_EXCHANGE_ECDHE_PSK)
+  else if (kex == KEY_EXCHANGE_ECDHE_PSK)
     {
-      //FIXME:
-      /* int ret; */
-      /* size_t zlen; */
+      size_t zlen;
 
-      /* if ((ret = ecdh_calc_secret (&ssl->handshake->ecdh_ctx, &zlen, */
-      /*                              p + 2, end - (p + 2), */
-      /*                              ssl->f_rng, ssl->p_rng)) != 0) */
-      /*   { */
-      /*     SSL_DEBUG_RET (1, "ecdh_calc_secret", ret); */
-      /*     return (ret); */
-      /*   } */
+      /* err = ecdh_calc_secret (&tls->handshake->ecdh_ctx, &zlen, */
+      /*                         p + 2, end - (p + 2)); */
+      err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+      if (err)
+        {
+          debug_ret (1, "ecdh_calc_secret", err);
+          return err;
+        }
 
-      /* *(p++) = (unsigned char) (zlen >> 8); */
-      /* *(p++) = (unsigned char) (zlen); */
-      /* p += zlen; */
+      *(p++) = (unsigned char) (zlen >> 8);
+      *(p++) = (unsigned char) (zlen);
+      p += zlen;
 
-      /* SSL_DEBUG_MPI (3, "ECDH: z", &ssl->handshake->ecdh_ctx.z); */
+      /* SSL_DEBUG_MPI (3, "ECDH: z", &tls->handshake->ecdh_ctx.z); */
     }
   else
     {
@@ -662,17 +662,17 @@ ssl_psk_derive_premaster (ntbtls_t ssl, key_exchange_type_t key_ex)
     }
 
   /* opaque psk<0..2^16-1>; */
-  if (end - p < 2 + (int) ssl->psk_len)
+  if (end - p < 2 + (int) tls->psk_len)
     return gpg_error (GPG_ERR_INV_ARG);
 
-  *(p++) = (unsigned char) (ssl->psk_len >> 8);
-  *(p++) = (unsigned char) (ssl->psk_len);
-  memcpy (p, ssl->psk, ssl->psk_len);
-  p += ssl->psk_len;
+  *(p++) = (unsigned char) (tls->psk_len >> 8);
+  *(p++) = (unsigned char) (tls->psk_len);
+  memcpy (p, tls->psk, tls->psk_len);
+  p += tls->psk_len;
 
-  ssl->handshake->pmslen = p - ssl->handshake->premaster;
+  tls->handshake->pmslen = p - tls->handshake->premaster;
 
-  return (0);
+  return 0;
 }
 
 
@@ -694,7 +694,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*  *\/ */
   /* if (mode != POLARSSL_MODE_GCM && mode != POLARSSL_MODE_CCM) */
   /*   { */
-  /*     if (ssl->minor_ver >= SSL_MINOR_VERSION_1) */
+  /*     if (ssl->minor_ver >= TLS_MINOR_VERSION_1) */
   /*       { */
   /*         md_hmac_update (&ssl->transform_out->md_ctx_enc, ssl->out_ctr, 13); */
   /*         md_hmac_update (&ssl->transform_out->md_ctx_enc, */
@@ -737,7 +737,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*                              ssl->out_msg, ssl->out_msglen, */
   /*                              ssl->out_msg, &olen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_crypt", ret); */
+  /*         debug_ret (1, "cipher_crypt", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -753,7 +753,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*     size_t enc_msglen, olen; */
   /*     unsigned char *enc_msg; */
   /*     unsigned char add_data[13]; */
-  /*     unsigned char taglen = ssl->transform_out->ciphersuite_info->flags & */
+  /*     unsigned char taglen = ssl->transform_out->ciphersuite->flags & */
   /*       POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16; */
 
   /*     memcpy (add_data, ssl->out_ctr, 8); */
@@ -808,7 +808,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*                                     enc_msg, &olen, */
   /*                                     enc_msg + enc_msglen, taglen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_auth_encrypt", ret); */
+  /*         debug_ret (1, "cipher_auth_encrypt", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -845,7 +845,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*      * Prepend per-record IV for block cipher in TLS v1.1 and up as per */
   /*      * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */
   /*      *\/ */
-  /*     if (ssl->minor_ver >= SSL_MINOR_VERSION_2) */
+  /*     if (ssl->minor_ver >= TLS_MINOR_VERSION_2) */
   /*       { */
   /*         /\* */
   /*          * Generate IV */
@@ -879,7 +879,7 @@ ssl_encrypt_buf (ntbtls_t ssl)
   /*                              ssl->transform_out->ivlen, */
   /*                              enc_msg, enc_msglen, enc_msg, &olen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_crypt", ret); */
+  /*         debug_ret (1, "cipher_crypt", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -945,7 +945,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*                              ssl->in_msg, ssl->in_msglen, */
   /*                              ssl->in_msg, &olen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_crypt", ret); */
+  /*         debug_ret (1, "cipher_crypt", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -962,7 +962,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*     unsigned char *dec_msg; */
   /*     unsigned char *dec_msg_result; */
   /*     unsigned char add_data[13]; */
-  /*     unsigned char taglen = ssl->transform_in->ciphersuite_info->flags & */
+  /*     unsigned char taglen = ssl->transform_in->ciphersuite->flags & */
   /*       POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16; */
   /*     unsigned char explicit_iv_len = ssl->transform_in->ivlen - */
   /*       ssl->transform_in->fixed_ivlen; */
@@ -1008,7 +1008,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*                                     dec_msg_result, &olen, */
   /*                                     dec_msg + dec_msglen, taglen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_auth_decrypt", ret); */
+  /*         debug_ret (1, "cipher_auth_decrypt", ret); */
 
   /*         if (ret == POLARSSL_ERR_CIPHER_AUTH_FAILED) */
   /*           return gpg_error (GPG_ERR_BAD_MAC); */
@@ -1044,7 +1044,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*         return gpg_error (GPG_ERR_INV_MAC); */
   /*       } */
 
-  /*     if (ssl->minor_ver >= SSL_MINOR_VERSION_2) */
+  /*     if (ssl->minor_ver >= TLS_MINOR_VERSION_2) */
   /*       minlen += ssl->transform_in->ivlen; */
 
   /*     if (ssl->in_msglen < minlen + ssl->transform_in->ivlen || */
@@ -1065,7 +1065,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*     /\* */
   /*      * Initialize for prepended IV for block cipher in TLS v1.1 and up */
   /*      *\/ */
-  /*     if (ssl->minor_ver >= SSL_MINOR_VERSION_2) */
+  /*     if (ssl->minor_ver >= TLS_MINOR_VERSION_2) */
   /*       { */
   /*         dec_msglen -= ssl->transform_in->ivlen; */
   /*         ssl->in_msglen -= ssl->transform_in->ivlen; */
@@ -1080,7 +1080,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*                              dec_msg, dec_msglen, */
   /*                              dec_msg_result, &olen)) != 0) */
   /*       { */
-  /*         SSL_DEBUG_RET (1, "cipher_crypt", ret); */
+  /*         debug_ret (1, "cipher_crypt", ret); */
   /*         return (ret); */
   /*       } */
 
@@ -1100,7 +1100,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*         correct = 0; */
   /*       } */
 
-  /*     if (ssl->minor_ver > SSL_MINOR_VERSION_0) */
+  /*     if (ssl->minor_ver > TLS_MINOR_VERSION_0) */
   /*       { */
   /*         /\* */
   /*          * TLSv1+: always check the padding up to the first failure */
@@ -1113,14 +1113,14 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*          * Padding is guaranteed to be incorrect if: */
   /*          *   1. padlen >= ssl->in_msglen */
   /*          * */
-  /*          *   2. padding_idx >= SSL_MAX_CONTENT_LEN + */
+  /*          *   2. padding_idx >= TLS_MAX_CONTENT_LEN + */
   /*          *                     ssl->transform_in->maclen */
   /*          * */
   /*          * In both cases we reset padding_idx to a safe value (0) to */
   /*          * prevent out-of-buffer reads. */
   /*          *\/ */
   /*         correct &= (ssl->in_msglen >= padlen + 1); */
-  /*         correct &= (padding_idx < SSL_MAX_CONTENT_LEN + */
+  /*         correct &= (padding_idx < TLS_MAX_CONTENT_LEN + */
   /*                     ssl->transform_in->maclen); */
 
   /*         padding_idx *= correct; */
@@ -1167,7 +1167,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
 
   /*     memcpy (tmp, ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen); */
 
-  /*     if (ssl->minor_ver > SSL_MINOR_VERSION_0) */
+  /*     if (ssl->minor_ver > TLS_MINOR_VERSION_0) */
   /*       { */
   /*         /\* */
   /*          * Process MAC and always update for padlen afterwards to make */
@@ -1208,7 +1208,7 @@ ssl_decrypt_buf (ntbtls_t ssl)
   /*     debug_buf (4, "computed mac", */
   /*                ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen); */
 
-  /*     if (safer_memcmp (tmp, ssl->in_msg + ssl->in_msglen, */
+  /*     if (memcmpct (tmp, ssl->in_msg + ssl->in_msglen, */
   /*                       ssl->transform_in->maclen) != 0) */
   /*       { */
   /*         debug_msg (1, "message mac does not match"); */
@@ -1285,15 +1285,16 @@ ssl_compress_buf (ntbtls_t ssl)
   ssl->transform_out->ctx_deflate.next_out = msg_post;
   ssl->transform_out->ctx_deflate.avail_out = TLS_BUFFER_LEN;
 
-  ret = deflate (&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH);
+  /* ret = deflate (&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH); */
+  ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
   if (ret != Z_OK)
     {
       debug_msg (1, "failed to perform compression (%d)", ret);
       return gpg_error (GPG_ERR_COMPR_FAILED);
     }
 
-  ssl->out_msglen = SSL_BUFFER_LEN -
-    ssl->transform_out->ctx_deflate.avail_out;
+  ssl->out_msglen = (TLS_BUFFER_LEN
+                     - ssl->transform_out->ctx_deflate.avail_out);
 
   debug_msg (3, "after compression: msglen = %d, ", ssl->out_msglen);
 
@@ -1330,15 +1331,16 @@ ssl_decompress_buf (ntbtls_t ssl)
   ssl->transform_in->ctx_inflate.next_out = msg_post;
   ssl->transform_in->ctx_inflate.avail_out = TLS_MAX_CONTENT_LEN;
 
-  ret = inflate (&ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH);
+  /* ret = inflate (&ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH); */
+  ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
   if (ret != Z_OK)
     {
       debug_msg (1, "failed to perform decompression (%d)", ret);
       return gpg_error (GPG_ERR_COMPR_FAILED);
     }
 
-  ssl->in_msglen = SSL_MAX_CONTENT_LEN -
-    ssl->transform_in->ctx_inflate.avail_out;
+  ssl->in_msglen = (TLS_MAX_CONTENT_LEN
+                    - ssl->transform_in->ctx_inflate.avail_out);
 
   debug_msg (3, "after decompression: msglen = %d, ", ssl->in_msglen);
 
@@ -1376,16 +1378,16 @@ _ntbtls_fetch_input (ntbtls_t tls, size_t nb_want)
   while (tls->in_left < nb_want)
     {
       len = nb_want - tls->in_left;
-      if (es_read (tls->inbound, ssl->in_hdr + ssl->in_left, len, &nread))
+      if (es_read (tls->inbound, tls->in_hdr + tls->in_left, len, &nread))
         err = gpg_error_from_syserror ();
 
-      debug_msg (2, "in_left: %d, nb_want: %d", ssl->in_left, nb_want);
-      SSL_DEBUG_RET (2, "ssl->f_recv", nread);
+      debug_msg (2, "in_left: %d, nb_want: %d", tls->in_left, nb_want);
+      debug_ret (2, "es_read", nread);
 
       if (err || !nread /*ie. EOF*/)
         break;
 
-      ssl->in_left += nread;
+      tls->in_left += nread;
     }
 
   debug_msg (2, "<= fetch input");
@@ -1416,7 +1418,7 @@ _ntbtls_flush_output (ntbtls_t tls)
                  5 + tls->out_msglen, tls->out_left);
 
       buf = tls->out_hdr + 5 + tls->out_msglen - tls->out_left;
-      if (es_write (tls->outbound, buf, ssl->out_left, nwritten))
+      if (es_write (tls->outbound, buf, tls->out_left, &nwritten))
         err = gpg_error_from_syserror ();
 
       debug_ret (2, "es_write", err);
@@ -1424,7 +1426,7 @@ _ntbtls_flush_output (ntbtls_t tls)
       if (err)
         break;
 
-      ssl->out_left -= nwritten;
+      tls->out_left -= nwritten;
     }
 
   debug_msg (2, "<= flush output");
@@ -1478,7 +1480,7 @@ _ntbtls_write_record (ntbtls_t tls)
 
       if (tls->transform_out)
         {
-          err = ssl_encrypt_buf (ssl);
+          err = ssl_encrypt_buf (tls);
           if (err)
             {
               debug_ret (1, "ssl_encrypt_buf", err);
@@ -1515,81 +1517,82 @@ _ntbtls_write_record (ntbtls_t tls)
 
 
 gpg_error_t
-_ntbtls_read_record (ntbtls_t ssl)
+_ntbtls_read_record (ntbtls_t tls)
 {
-  int ret, done = 0;
+  gpg_error_t err;
+  int done = 0;
 
   debug_msg (2, "=> read record");
 
-  if (ssl->in_hslen != 0 && ssl->in_hslen < ssl->in_msglen)
+  if (tls->in_hslen != 0 && tls->in_hslen < tls->in_msglen)
     {
       /*
        * Get next Handshake message in the current record
        */
-      ssl->in_msglen -= ssl->in_hslen;
+      tls->in_msglen -= tls->in_hslen;
 
-      memmove (ssl->in_msg, ssl->in_msg + ssl->in_hslen, ssl->in_msglen);
+      memmove (tls->in_msg, tls->in_msg + tls->in_hslen, tls->in_msglen);
 
-      ssl->in_hslen = 4;
-      ssl->in_hslen += (ssl->in_msg[2] << 8) | ssl->in_msg[3];
+      tls->in_hslen = 4;
+      tls->in_hslen += (tls->in_msg[2] << 8) | tls->in_msg[3];
 
       debug_msg (3, "handshake message: msglen ="
                  " %d, type = %d, hslen = %d",
-                 ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen);
+                 tls->in_msglen, tls->in_msg[0], tls->in_hslen);
 
-      if (ssl->in_msglen < 4 || ssl->in_msg[1] != 0)
+      if (tls->in_msglen < 4 || tls->in_msg[1] != 0)
         {
           debug_msg (1, "bad handshake length");
           return gpg_error (GPG_ERR_INV_RECORD);
         }
 
-      if (ssl->in_msglen < ssl->in_hslen)
+      if (tls->in_msglen < tls->in_hslen)
         {
           debug_msg (1, "bad handshake length");
           return gpg_error (GPG_ERR_INV_RECORD);
         }
 
-      if (ssl->state != SSL_HANDSHAKE_OVER)
-        ssl->handshake->update_checksum (ssl, ssl->in_msg, ssl->in_hslen);
+      if (tls->state != TLS_HANDSHAKE_OVER)
+        tls->handshake->update_checksum (tls, tls->in_msg, tls->in_hslen);
 
       return (0);
     }
 
-  ssl->in_hslen = 0;
+  tls->in_hslen = 0;
 
   /*
    * Read the record header and validate it
    */
-  err = _ntbtls_fetch_input (ssl, 5);
+  err = _ntbtls_fetch_input (tls, 5);
   if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_fetch_input", err);
+      debug_ret (1, "fetch_input", err);
       return err;
     }
   //FIXME: Handle EOF
 
-  ssl->in_msgtype = ssl->in_hdr[0];
-  ssl->in_msglen = (ssl->in_hdr[3] << 8) | ssl->in_hdr[4];
+  tls->in_msgtype = tls->in_hdr[0];
+  tls->in_msglen = (tls->in_hdr[3] << 8) | tls->in_hdr[4];
 
   debug_msg (3, "input record: msgtype = %d, "
              "version = [%d:%d], msglen = %d",
-             ssl->in_hdr[0], ssl->in_hdr[1], ssl->in_hdr[2],
-             (ssl->in_hdr[3] << 8) | ssl->in_hdr[4]);
+             tls->in_hdr[0], tls->in_hdr[1], tls->in_hdr[2],
+             (tls->in_hdr[3] << 8) | tls->in_hdr[4]);
 
-  if (ssl->in_hdr[1] != ssl->major_ver)
+  if (tls->in_hdr[1] != tls->major_ver)
     {
       debug_msg (1, "major version mismatch");
       return gpg_error (GPG_ERR_INV_RECORD);
     }
 
-  if (ssl->in_hdr[2] > ssl->max_minor_ver)
+  if (tls->in_hdr[2] > tls->max_minor_ver)
     {
       debug_msg (1, "minor version mismatch");
       return gpg_error (GPG_ERR_INV_RECORD);
     }
 
   /* Sanity check (outer boundaries) */
-  if (ssl->in_msglen < 1 || ssl->in_msglen > SSL_BUFFER_LEN - 13)
+  if (tls->in_msglen < 1 || tls->in_msglen > TLS_BUFFER_LEN - 13)
     {
       debug_msg (1, "bad message length");
       return gpg_error (GPG_ERR_INV_RECORD);
@@ -1599,9 +1602,9 @@ _ntbtls_read_record (ntbtls_t ssl)
    * Make sure the message length is acceptable for the current transform
    * and protocol version.
    */
-  if (ssl->transform_in == NULL)
+  if (!tls->transform_in)
     {
-      if (ssl->in_msglen > SSL_MAX_CONTENT_LEN)
+      if (tls->in_msglen > TLS_MAX_CONTENT_LEN)
         {
           debug_msg (1, "bad message length");
           return gpg_error (GPG_ERR_INV_RECORD);
@@ -1609,7 +1612,7 @@ _ntbtls_read_record (ntbtls_t ssl)
     }
   else
     {
-      if (ssl->in_msglen < ssl->transform_in->minlen)
+      if (tls->in_msglen < tls->transform_in->minlen)
         {
           debug_msg (1, "bad message length");
           return gpg_error (GPG_ERR_INV_RECORD);
@@ -1618,9 +1621,9 @@ _ntbtls_read_record (ntbtls_t ssl)
       /*
        * TLS encrypted messages can have up to 256 bytes of padding
        */
-      if (ssl->minor_ver >= SSL_MINOR_VERSION_1 &&
-          ssl->in_msglen > ssl->transform_in->minlen +
-          SSL_MAX_CONTENT_LEN + 256)
+      if (tls->minor_ver >= TLS_MINOR_VERSION_1
+          && tls->in_msglen > (tls->transform_in->minlen
+                               + TLS_MAX_CONTENT_LEN + 256))
         {
           debug_msg (1, "bad message length");
           return gpg_error (GPG_ERR_INV_RECORD);
@@ -1630,127 +1633,125 @@ _ntbtls_read_record (ntbtls_t ssl)
   /*
    * Read and optionally decrypt the message contents
    */
-  err = _ntbtls_fetch_input (ssl, 5 + ssl->in_msglen);
+  err = _ntbtls_fetch_input (tls, 5 + tls->in_msglen);
   if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_fetch_input", err);
+      debug_ret (1, "fetch_input", err);
       return err;
     }
   //FIXME: Handle EOF
 
-  debug_buf (4, "input record from network", ssl->in_hdr, 5 + ssl->in_msglen);
+  debug_buf (4, "input record from network", tls->in_hdr, 5 + tls->in_msglen);
 
-  if (!done && ssl->transform_in != NULL)
+  if (!done && tls->transform_in)
     {
-      if ((ret = ssl_decrypt_buf (ssl)) != 0)
+      err = ssl_decrypt_buf (tls);
+      if (err)
         {
           if (gpg_err_code (err) == GPG_ERR_INV_MAC
-            || gpg_err_code (err) == GPG_ERR_BAD_MAC)
+              || gpg_err_code (err) == GPG_ERR_BAD_MAC)
             {
-              ssl_send_alert_message (ssl,
-                                      TLS_ALERT_LEVEL_FATAL,
-                                      TLS_ALERT_MSG_BAD_RECORD_MAC);
+              _ntbtls_send_alert_message (tls,
+                                          TLS_ALERT_LEVEL_FATAL,
+                                          TLS_ALERT_MSG_BAD_RECORD_MAC);
             }
-          SSL_DEBUG_RET (1, "ssl_decrypt_buf", ret);
-          return (ret);
+          debug_ret (1, "decrypt_buf", err);
+          return err;
         }
 
-      debug_buf (4, "input payload after decrypt", ssl->in_msg, ssl->in_msglen);
+      debug_buf (4, "input payload after decrypt", tls->in_msg, tls->in_msglen);
 
-      if (ssl->in_msglen > SSL_MAX_CONTENT_LEN)
+      if (tls->in_msglen > TLS_MAX_CONTENT_LEN)
         {
           debug_msg (1, "bad message length");
           return gpg_error (GPG_ERR_INV_RECORD);
         }
     }
 
-  if (ssl->transform_in != NULL &&
-      ssl->session_in->compression == SSL_COMPRESS_DEFLATE)
+  if (tls->transform_in && tls->session_in->compression == TLS_COMPRESS_DEFLATE)
     {
-      if ((ret = ssl_decompress_buf (ssl)) != 0)
+      err = ssl_decompress_buf (tls);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "ssl_decompress_buf", ret);
-          return (ret);
+          debug_ret (1, "decompress_buf", err);
+          return err;
         }
 
-      ssl->in_hdr[3] = (unsigned char) (ssl->in_msglen >> 8);
-      ssl->in_hdr[4] = (unsigned char) (ssl->in_msglen);
+      tls->in_hdr[3] = (unsigned char) (tls->in_msglen >> 8);
+      tls->in_hdr[4] = (unsigned char) (tls->in_msglen);
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE &&
-      ssl->in_msgtype != TLS_MSG_ALERT &&
-      ssl->in_msgtype != TLS_MSG_CHANGE_CIPHER_SPEC &&
-      ssl->in_msgtype != TLS_MSG_APPLICATION_DATA)
+  if (   tls->in_msgtype != TLS_MSG_HANDSHAKE
+      && tls->in_msgtype != TLS_MSG_ALERT
+      && tls->in_msgtype != TLS_MSG_CHANGE_CIPHER_SPEC
+      && tls->in_msgtype != TLS_MSG_APPLICATION_DATA)
     {
       debug_msg (1, "unknown record type");
 
-      if ((ret = ssl_send_alert_message (ssl,
-                                         TLS_ALERT_LEVEL_FATAL,
-                                         TLS_ALERT_MSG_UNEXPECTED_MESSAGE)) !=
-          0)
-        {
-          return (ret);
-        }
+      err = _ntbtls_send_alert_message (tls, TLS_ALERT_LEVEL_FATAL,
+                                        TLS_ALERT_MSG_UNEXPECTED_MESSAGE);
+      if (!err)
+        err = gpg_error (GPG_ERR_INV_RECORD);
 
-      return gpg_error (GPG_ERR_INV_RECORD);
+      return err;
     }
 
-  if (ssl->in_msgtype == TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype == TLS_MSG_HANDSHAKE)
     {
-      ssl->in_hslen = 4;
-      ssl->in_hslen += (ssl->in_msg[2] << 8) | ssl->in_msg[3];
+      tls->in_hslen = 4;
+      tls->in_hslen += (tls->in_msg[2] << 8) | tls->in_msg[3];
 
       debug_msg (3, "handshake message: msglen ="
                  " %d, type = %d, hslen = %d",
-                 ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen);
+                 tls->in_msglen, tls->in_msg[0], tls->in_hslen);
 
       /*
        * Additional checks to validate the handshake header
        */
-      if (ssl->in_msglen < 4 || ssl->in_msg[1] != 0)
+      if (tls->in_msglen < 4 || tls->in_msg[1] != 0)
         {
           debug_msg (1, "bad handshake length");
           return gpg_error (GPG_ERR_INV_RECORD);
         }
 
-      if (ssl->in_msglen < ssl->in_hslen)
+      if (tls->in_msglen < tls->in_hslen)
         {
           debug_msg (1, "bad handshake length");
           return gpg_error (GPG_ERR_INV_RECORD);
         }
 
-      if (ssl->state != SSL_HANDSHAKE_OVER)
-        ssl->handshake->update_checksum (ssl, ssl->in_msg, ssl->in_hslen);
+      if (tls->state != TLS_HANDSHAKE_OVER)
+        tls->handshake->update_checksum (tls, tls->in_msg, tls->in_hslen);
     }
 
-  if (ssl->in_msgtype == TLS_MSG_ALERT)
+  if (tls->in_msgtype == TLS_MSG_ALERT)
     {
       debug_msg (2, "got an alert message, type: [%d:%d]",
-                 ssl->in_msg[0], ssl->in_msg[1]);
+                 tls->in_msg[0], tls->in_msg[1]);
 
       /*
        * Ignore non-fatal alerts, except close_notify
        */
-      if (ssl->in_msg[0] == TLS_ALERT_LEVEL_FATAL)
+      if (tls->in_msg[0] == TLS_ALERT_LEVEL_FATAL)
         {
           debug_msg (1, "is a fatal alert message (msg %d)",
-                     ssl->in_msg[1]);
+                     tls->in_msg[1]);
           /**
-           * Subtract from error code as ssl->in_msg[1] is 7-bit positive
+           * Subtract from error code as tls->in_msg[1] is 7-bit positive
            * error identifier.
            */
           return gpg_error (GPG_ERR_FATAL_ALERT);
         }
 
-      if (ssl->in_msg[0] == TLS_ALERT_LEVEL_WARNING &&
-          ssl->in_msg[1] == TLS_ALERT_MSG_CLOSE_NOTIFY)
+      if (tls->in_msg[0] == TLS_ALERT_LEVEL_WARNING &&
+          tls->in_msg[1] == TLS_ALERT_MSG_CLOSE_NOTIFY)
         {
           debug_msg (2, "is a close notify message");
           return gpg_error (GPG_ERR_CLOSE_NOTIFY);
         }
     }
 
-  ssl->in_left = 0;
+  tls->in_left = 0;
 
   debug_msg (2, "<= read record");
 
@@ -1758,90 +1759,88 @@ _ntbtls_read_record (ntbtls_t ssl)
 }
 
 
-int
-ssl_send_fatal_handshake_failure (ntbtls_t ssl)
+gpg_error_t
+_ntbtls_send_fatal_handshake_failure (ntbtls_t tls)
 {
-  int ret;
-
-  if ((ret = ssl_send_alert_message (ssl,
-                                     TLS_ALERT_LEVEL_FATAL,
-                                     TLS_ALERT_MSG_HANDSHAKE_FAILURE)) != 0)
-    {
-      return (ret);
-    }
-
-  return (0);
+  return _ntbtls_send_alert_message (tls, TLS_ALERT_LEVEL_FATAL,
+                                     TLS_ALERT_MSG_HANDSHAKE_FAILURE);
 }
 
 
-int
-ssl_send_alert_message (ntbtls_t ssl,
-                        unsigned char level, unsigned char message)
+gpg_error_t
+_ntbtls_send_alert_message (ntbtls_t tls,
+                            unsigned char level, unsigned char message)
 {
-  int ret;
+  gpg_error_t err;
 
   debug_msg (2, "=> send alert message");
 
-  ssl->out_msgtype = TLS_MSG_ALERT;
-  ssl->out_msglen = 2;
-  ssl->out_msg[0] = level;
-  ssl->out_msg[1] = message;
+  tls->out_msgtype = TLS_MSG_ALERT;
+  tls->out_msglen = 2;
+  tls->out_msg[0] = level;
+  tls->out_msg[1] = message;
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= send alert message");
 
-  return (0);
+  return 0;
 }
 
 
 /*
  * Handshake functions
  */
-int
-_ntbtls_write_certificate (ntbtls_t ssl)
+
+
+gpg_error_t
+_ntbtls_write_certificate (ntbtls_t tls)
 {
-  int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-  size_t i, n;
-  const x509_crt *crt;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  gpg_error_t err;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
+  x509_cert_t cert;
+  int idx;
+  const unsigned char *der;
+  size_t derlen;
+  size_t i;
 
   debug_msg (2, "=> write certificate");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_DHE_PSK
+      || kex == KEY_EXCHANGE_ECDHE_PSK)
     {
       debug_msg (2, "<= skip write certificate");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
 
-  if (ssl->is_client)
+  if (tls->is_client)
     {
-      if (ssl->client_auth == 0)
+      if (!tls->client_auth)
         {
           debug_msg (2, "<= skip write certificate");
-          ssl->state++;
-          return (0);
+          tls->state++;
+          return 0;
         }
 
     }
-  else /* SSL_IS_SERVER */
+  else /* is_server */
     {
-      if (ssl_own_cert (ssl) == NULL)
+      if (!tls_own_cert (tls))
         {
           debug_msg (1, "got no certificate to send");
           return gpg_error (GPG_ERR_MISSING_CERT);
         }
     }
 
-  SSL_DEBUG_CRT (3, "own certificate", ssl_own_cert (ssl));
+  /* SSL_DEBUG_CRT (3, "own certificate", tls_own_cert (tls)); */
 
   /*
    *     0  .  0    handshake type
@@ -1853,203 +1852,195 @@ _ntbtls_write_certificate (ntbtls_t ssl)
    *    n+3 . ...   upper level cert, etc.
    */
   i = 7;
-  crt = ssl_own_cert (ssl);
-
-  while (crt != NULL)
+  cert = tls_own_cert (tls);
+  for (idx = 0; (der = _ntbtls_x509_get_cert (cert, idx, &derlen)); idx++)
     {
-      n = crt->raw.len;
-      if (n > SSL_MAX_CONTENT_LEN - 3 - i)
+      if (derlen > TLS_MAX_CONTENT_LEN - 3 - i)
         {
           debug_msg (1, "certificate too large, %d > %d",
-                     i + 3 + n, SSL_MAX_CONTENT_LEN);
+                     i + 3 + derlen, TLS_MAX_CONTENT_LEN);
           return gpg_error (GPG_ERR_CERT_TOO_LARGE);
         }
 
-      ssl->out_msg[i] = (unsigned char) (n >> 16);
-      ssl->out_msg[i + 1] = (unsigned char) (n >> 8);
-      ssl->out_msg[i + 2] = (unsigned char) (n);
-
+      tls->out_msg[i]     = (unsigned char) (derlen >> 16);
+      tls->out_msg[i + 1] = (unsigned char) (derlen >> 8);
+      tls->out_msg[i + 2] = (unsigned char) (derlen);
       i += 3;
-      memcpy (ssl->out_msg + i, crt->raw.p, n);
-      i += n;
-      crt = crt->next;
+      memcpy (tls->out_msg + i, der, derlen);
+      i += derlen;
     }
 
-  ssl->out_msg[4] = (unsigned char) ((i - 7) >> 16);
-  ssl->out_msg[5] = (unsigned char) ((i - 7) >> 8);
-  ssl->out_msg[6] = (unsigned char) ((i - 7));
+  tls->out_msg[4] = (unsigned char) ((i - 7) >> 16);
+  tls->out_msg[5] = (unsigned char) ((i - 7) >> 8);
+  tls->out_msg[6] = (unsigned char) ((i - 7));
 
-  ssl->out_msglen = i;
-  ssl->out_msgtype = TLS_MSG_HANDSHAKE;
-  ssl->out_msg[0] = TLS_HS_CERTIFICATE;
+  tls->out_msglen = i;
+  tls->out_msgtype = TLS_MSG_HANDSHAKE;
+  tls->out_msg[0] = TLS_HS_CERTIFICATE;
 
-  ssl->state++;
+  tls->state++;
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write certificate");
 
-  return (ret);
+  return err;
 }
 
 
-int
-_ntbtls_parse_certificate (ntbtls_t ssl)
+gpg_error_t
+_ntbtls_parse_certificate (ntbtls_t tls)
 {
-  int ret = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+  gpg_error_t err;
   size_t i, n;
-  const ssl_ciphersuite_t *ciphersuite_info =
-    ssl->transform_negotiate->ciphersuite_info;
+  const ciphersuite_t suite = tls->transform_negotiate->ciphersuite;
+  key_exchange_type_t kex = _ntbtls_ciphersuite_get_kex (suite);
 
   debug_msg (2, "=> parse certificate");
 
-  if (ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
-      ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK)
+  if (kex == KEY_EXCHANGE_PSK
+      || kex == KEY_EXCHANGE_DHE_PSK
+      || kex == KEY_EXCHANGE_ECDHE_PSK)
     {
       debug_msg (2, "<= skip parse certificate");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
 
-  if (!tls->is_client &&
-      (ssl->authmode == SSL_VERIFY_NONE ||
-       ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK))
+  if (!tls->is_client
+      && (tls->authmode == TLS_VERIFY_NONE || kex == KEY_EXCHANGE_RSA_PSK))
     {
-      ssl->session_negotiate->verify_result = BADCERT_SKIP_VERIFY;
+      tls->session_negotiate->verify_result = BADCERT_SKIP_VERIFY;
       debug_msg (2, "<= skip parse certificate");
-      ssl->state++;
-      return (0);
+      tls->state++;
+      return 0;
     }
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return (ret);
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  ssl->state++;
+  tls->state++;
 
-
-  if (!tls->is_client && ssl->minor_ver != SSL_MINOR_VERSION_0)
+  if (!tls->is_client && tls->minor_ver != TLS_MINOR_VERSION_0)
     {
-      if (ssl->in_hslen == 7 &&
-          ssl->in_msgtype == TLS_MSG_HANDSHAKE &&
-          ssl->in_msg[0] == TLS_HS_CERTIFICATE &&
-          memcmp (ssl->in_msg + 4, "\0\0\0", 3) == 0)
+      if (tls->in_hslen == 7 &&
+          tls->in_msgtype == TLS_MSG_HANDSHAKE &&
+          tls->in_msg[0] == TLS_HS_CERTIFICATE &&
+          !memcmp (tls->in_msg + 4, "\0\0\0", 3))
         {
           debug_msg (1, "TLSv1 client has no certificate");
 
-          ssl->session_negotiate->verify_result = BADCERT_MISSING;
-          if (ssl->authmode == SSL_VERIFY_REQUIRED)
+          tls->session_negotiate->verify_result = BADCERT_MISSING;
+          if (tls->authmode == TLS_VERIFY_REQUIRED)
             return gpg_error (GPG_ERR_MISSING_CLIENT_CERT);
           else
-            return (0);
+            return 0;
         }
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
     {
       debug_msg (1, "bad certificate message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
     }
 
-  if (ssl->in_msg[0] != TLS_HS_CERTIFICATE || ssl->in_hslen < 10)
+  if (tls->in_msg[0] != TLS_HS_CERTIFICATE || tls->in_hslen < 10)
     {
       debug_msg (1, "bad certificate message");
       return gpg_error (GPG_ERR_BAD_HS_CERT);
     }
 
   /*
-   * Same message structure as in ssl_write_certificate()
+   * Same message structure as in _ntbtls_write_certificate()
    */
-  n = (ssl->in_msg[5] << 8) | ssl->in_msg[6];
+  n = (tls->in_msg[5] << 8) | tls->in_msg[6];
 
-  if (ssl->in_msg[4] != 0 || ssl->in_hslen != 7 + n)
+  if (tls->in_msg[4] != 0 || tls->in_hslen != 7 + n)
     {
       debug_msg (1, "bad certificate message");
-      return gpg_error (GPG_ERR_BAD_HS_CERT)
+      return gpg_error (GPG_ERR_BAD_HS_CERT);
     }
 
-  /* In case we tried to reuse a session but it failed */
-  if (ssl->session_negotiate->peer_cert != NULL)
+  /* In case we tried to reuse a session but it failed. */
+  if (tls->session_negotiate->peer_chain)
     {
-      x509_crt_free (ssl->session_negotiate->peer_cert);
-      polarssl_free (ssl->session_negotiate->peer_cert);
+      _ntbtls_x509_release (tls->session_negotiate->peer_chain);
+      tls->session_negotiate->peer_chain = NULL;
     }
 
-  if (!(ssl->session_negotiate->peer_cert = malloc (sizeof (x509_crt))))
+  err = _ntbtls_x509_new (&tls->session_negotiate->peer_chain);
+  if (err)
     {
-      err = gpg_error_from_syserror ();
-      debug_msg (1, "malloc(%d bytes) failed", sizeof (x509_crt));
+      debug_msg (1, "allocating X.509 cert object failed");
       return err;
     }
 
-  x509_crt_init (ssl->session_negotiate->peer_cert);
-
-  i = 7;
-
-  while (i < ssl->in_hslen)
+  for (i = 7; i < tls->in_hslen; )
     {
-      if (ssl->in_msg[i] != 0)
+      if (tls->in_msg[i] != 0)
         {
           debug_msg (1, "bad certificate message");
           return gpg_error (GPG_ERR_BAD_HS_CERT);
         }
 
-      n = ((unsigned int) ssl->in_msg[i + 1] << 8)
-        | (unsigned int) ssl->in_msg[i + 2];
+      n = (((unsigned int) tls->in_msg[i + 1] << 8)
+           | (unsigned int) tls->in_msg[i + 2]);
       i += 3;
 
-      if (n < 128 || i + n > ssl->in_hslen)
+      if (n < 128 || i + n > tls->in_hslen)
         {
           debug_msg (1, "bad certificate message");
           return gpg_error (GPG_ERR_BAD_HS_CERT);
         }
 
-      ret = x509_crt_parse_der (ssl->session_negotiate->peer_cert,
-                                ssl->in_msg + i, n);
-      if (ret != 0)
+      err = _ntbtls_x509_append_cert (tls->session_negotiate->peer_chain,
+                                      tls->in_msg + i, n);
+      if (err)
         {
-          SSL_DEBUG_RET (1, " x509_crt_parse_der", ret);
-          return (ret);
+          debug_ret (1, "x509_append_cert", err);
+          return err;
         }
-
       i += n;
     }
 
-  SSL_DEBUG_CRT (3, "peer certificate", ssl->session_negotiate->peer_cert);
+  //FIXME: debug_crt (3, "peer certificate", tls->session_negotiate->peer_chain);
 
   /*
    * On client, make sure the server cert doesn't change during renego to
    * avoid "triple handshake" attack: https://secure-resumption.com/
    */
-  if (tls->is_client && ssl->renegotiation == TLS_RENEGOTIATION)
+  if (tls->is_client && tls->renegotiation == TLS_RENEGOTIATION)
     {
-      if (ssl->session->peer_cert == NULL)
+      if (!tls->session->peer_chain)
         {
           debug_msg (1, "new server cert during renegotiation");
           return gpg_error (GPG_ERR_BAD_HS_CERT);
         }
 
-      if (ssl->session->peer_cert->raw.len !=
-          ssl->session_negotiate->peer_cert->raw.len ||
-          memcmp (ssl->session->peer_cert->raw.p,
-                  ssl->session_negotiate->peer_cert->raw.p,
-                  ssl->session->peer_cert->raw.len) != 0)
-        {
-          debug_msg (1, "server cert changed during renegotiation");
-          return gpg_error (GPG_ERR_BAD_HS_CERT);
-        }
+      //FIXME:  Need to implement this in x509.c  IMPORTANT!
+      /* if (tls->session->peer_chain->raw.len != */
+      /*     tls->session_negotiate->peer_chain->raw.len */
+      /*     ||  memcmp (tls->session->peer_chain->raw.p, */
+      /*                 tls->session_negotiate->peer_chain->raw.p, */
+      /*                 tls->session->peer_chain->raw.len)) */
+      /*   { */
+      /*     debug_msg (1, "server cert changed during renegotiation"); */
+      /*     return gpg_error (GPG_ERR_BAD_HS_CERT); */
+      /*   } */
     }
 
-  if (ssl->authmode != SSL_VERIFY_NONE)
+  if (tls->authmode != TLS_VERIFY_NONE)
     {
-      if (ssl->ca_chain == NULL)
+      if (!tls->ca_chain)
         {
           debug_msg (1, "got no CA chain");
           return gpg_error (GPG_ERR_NO_CERT_CHAIN);
@@ -2058,455 +2049,465 @@ _ntbtls_parse_certificate (ntbtls_t ssl)
       /*
        * Main check: verify certificate
        */
-      ret = x509_crt_verify (ssl->session_negotiate->peer_cert,
-                             ssl->ca_chain, ssl->ca_crl, ssl->peer_cn,
-                             &ssl->session_negotiate->verify_result,
-                             ssl->f_vrfy, ssl->p_vrfy);
-
-      if (ret != 0)
+      err = _ntbtls_x509_verify (tls->session_negotiate->peer_chain,
+                                 tls->ca_chain, tls->ca_crl,
+                                 tls->peer_cn,
+                                 &tls->session_negotiate->verify_result);
+      if (err)
         {
-          SSL_DEBUG_RET (1, "x509_verify_cert", ret);
+          debug_ret (1, "x509_verify", err);
         }
 
       /*
        * Secondary checks: always done, but change 'ret' only if it was 0
        */
-      {
-        pk_context *pk = &ssl->session_negotiate->peer_cert->pk;
-
-        /* If certificate uses an EC key, make sure the curve is OK */
-        if (pk_can_do (pk, POLARSSL_PK_ECKEY) &&
-            !ssl_curve_is_acceptable (ssl, pk_ec (*pk)->grp.id))
-          {
-            debug_msg (1, "bad certificate (EC key curve)");
-            if (ret == 0)
-              ret = gpg_error (GPG_ERR_BAD_HS_CERT);
-          }
-      }
-
-      if (ssl_check_cert_usage (ssl->session_negotiate->peer_cert,
-                                ciphersuite_info, tls->is_client) != 0)
-        {
-          debug_msg (1, "bad certificate (usage extensions)");
-          if (ret == 0)
-            ret = gpg_error (GPG_ERR_BAD_HS_CERT);
-        }
+      //FIXME:
+      /* { */
+      /*   pk_context *pk = &tls->session_negotiate->peer_chain->pk; */
+
+      /*   /\* If certificate uses an EC key, make sure the curve is OK *\/ */
+      /*   if (pk_can_do (pk, POLARSSL_PK_ECKEY) && */
+      /*       !ssl_curve_is_acceptable (tls, pk_ec (*pk)->grp.id)) */
+      /*     { */
+      /*       debug_msg (1, "bad certificate (EC key curve)"); */
+      /*       if (ret == 0) */
+      /*         ret = gpg_error (GPG_ERR_BAD_HS_CERT); */
+      /*     } */
+      /* } */
+      /* */
+      /* if (ssl_check_cert_usage (tls->session_negotiate->peer_chain, */
+      /*                           suite, tls->is_client)) */
+      /*   { */
+      /*     debug_msg (1, "bad certificate (usage extensions)"); */
+      /*     if (!err) */
+      /*       err = gpg_error (GPG_ERR_BAD_HS_CERT); */
+      /*   } */
 
-      if (ssl->authmode != SSL_VERIFY_REQUIRED)
-        ret = 0;
+      if (tls->authmode != TLS_VERIFY_REQUIRED)
+        err = 0;
     }
 
   debug_msg (2, "<= parse certificate");
 
-  return (ret);
+  return err;
 }
 
 
-int
-_ntbtls_write_change_cipher_spec (ntbtls_t ssl)
+gpg_error_t
+_ntbtls_write_change_cipher_spec (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
 
   debug_msg (2, "=> write change cipher spec");
 
-  ssl->out_msgtype = TLS_MSG_CHANGE_CIPHER_SPEC;
-  ssl->out_msglen = 1;
-  ssl->out_msg[0] = 1;
+  tls->out_msgtype = TLS_MSG_CHANGE_CIPHER_SPEC;
+  tls->out_msglen = 1;
+  tls->out_msg[0] = 1;
 
-  ssl->state++;
+  tls->state++;
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write change cipher spec");
 
-  return (0);
+  return 0;
 }
 
-int
-_ntbtls_parse_change_cipher_spec (ntbtls_t ssl)
+
+gpg_error_t
+_ntbtls_parse_change_cipher_spec (ntbtls_t tls)
 {
-  int ret;
+  gpg_error_t err;
 
   debug_msg (2, "=> parse change cipher spec");
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return (ret);
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  if (ssl->in_msgtype != TLS_MSG_CHANGE_CIPHER_SPEC)
+  if (tls->in_msgtype != TLS_MSG_CHANGE_CIPHER_SPEC)
     {
       debug_msg (1, "bad change cipher spec message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
     }
 
-  if (ssl->in_msglen != 1 || ssl->in_msg[0] != 1)
+  if (tls->in_msglen != 1 || tls->in_msg[0] != 1)
     {
       debug_msg (1, "bad change cipher spec message");
       return gpg_error (GPG_ERR_BAD_HS_CHANGE_CIPHER);
     }
 
-  ssl->state++;
+  tls->state++;
 
   debug_msg (2, "<= parse change cipher spec");
 
-  return (0);
+  return 0;
 }
 
 
-void
-ssl_optimize_checksum (ntbtls_t ssl, const ssl_ciphersuite_t *ciphersuite_info)
+static void
+update_checksum_sha256 (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  if (ciphersuite_info->mac == GCRY_MD_SHA384)
-    ssl->handshake->update_checksum = update_checksum_sha384;
-  else if (ciphersuite_info->mac != GCRY_MD_SHA384)
-    ssl->handshake->update_checksum = update_checksum_sha256;
-  else
-    {
-      debug_bug ();
-      return;
-    }
+  gcry_md_write (tls->handshake->fin_sha256, buf, len);
 }
 
 
 static void
-update_checksum_start (ntbtls_t ssl, const unsigned char *buf, size_t len)
+update_checksum_sha384 (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  gcry_md_write (ssl->handshake->fin_sha256, buf, len);
-  gcry_md_write (ssl->handshake->fin_sha512, buf, len);
+  gcry_md_write (tls->handshake->fin_sha512, buf, len);
 }
 
 
-
-static void
-update_checksum_sha256 (ntbtls_t ssl, const unsigned char *buf, size_t len)
+void
+_ntbtls_optimize_checksum (ntbtls_t tls, const ciphersuite_t suite)
 {
-  sha256_update (&ssl->handshake->fin_sha256, buf, len);
+  if (_ntbtls_ciphersuite_get_mac (suite) == GCRY_MD_SHA384)
+    tls->handshake->update_checksum = update_checksum_sha384;
+  else if (_ntbtls_ciphersuite_get_mac (suite) != GCRY_MD_SHA384)
+    tls->handshake->update_checksum = update_checksum_sha256;
+  else
+    {
+      debug_bug ();
+      return;
+    }
 }
 
 
 static void
-update_checksum_sha384 (ntbtls_t ssl, const unsigned char *buf, size_t len)
+update_checksum_start (ntbtls_t tls, const unsigned char *buf, size_t len)
 {
-  sha512_update (&ssl->handshake->fin_sha512, buf, len);
+  gcry_md_write (tls->handshake->fin_sha256, buf, len);
+  gcry_md_write (tls->handshake->fin_sha512, buf, len);
 }
 
 
-static void
-calc_finished_tls_sha256 (ntbtls_t ssl, unsigned char *buf, int is_client)
-{
-  int len = 12;
-  const char *sender;
-  sha256_context sha256;
-  unsigned char padbuf[32];
 
-  session_t session = ssl->session_negotiate;
-  if (!session)
-    session = ssl->session;
+/* static void */
+/* calc_finished_tls_sha256 (ntbtls_t ssl, unsigned char *buf, int is_client) */
+/* { */
+/*   int len = 12; */
+/*   const char *sender; */
+/*   sha256_context sha256; */
+/*   unsigned char padbuf[32]; */
 
-  debug_msg (2, "=> calc  finished tls sha256");
+/*   session_t session = ssl->session_negotiate; */
+/*   if (!session) */
+/*     session = ssl->session; */
 
-  memcpy (&sha256, &ssl->handshake->fin_sha256, sizeof (sha256_context));
+/*   debug_msg (2, "=> calc  finished tls sha256"); */
 
-  /*
-   * TLSv1.2:
-   *   hash = PRF( master, finished_label,
-   *               Hash( handshake ) )[0.11]
-   */
+/*   memcpy (&sha256, &ssl->handshake->fin_sha256, sizeof (sha256_context)); */
 
-#if !defined(POLARSSL_SHA256_ALT)
-  debug_buf (4, "finished sha2 state", sha256.state, sizeof (sha256.state));
-#endif
+/*   /\* */
+/*    * TLSv1.2: */
+/*    *   hash = PRF( master, finished_label, */
+/*    *               Hash( handshake ) )[0.11] */
+/*    *\/ */
 
-  sender = is_client ? "client finished" : "server finished";
+/* #if !defined(POLARSSL_SHA256_ALT) */
+/*   debug_buf (4, "finished sha2 state", sha256.state, sizeof (sha256.state)); */
+/* #endif */
 
-  sha256_finish (&sha256, padbuf);
+/*   sender = is_client ? "client finished" : "server finished"; */
 
-  ssl->handshake->tls_prf (session->master, 48, sender, padbuf, 32, buf, len);
+/*   sha256_finish (&sha256, padbuf); */
 
-  debug_buf (3, "calc finished result", buf, len);
+/*   ssl->handshake->tls_prf (session->master, 48, sender, padbuf, 32, buf, len); */
 
-  sha256_free (&sha256);
+/*   debug_buf (3, "calc finished result", buf, len); */
 
-  wipememory (padbuf, sizeof (padbuf));
+/*   sha256_free (&sha256); */
 
-  debug_msg (2, "<= calc  finished");
-}
+/*   wipememory (padbuf, sizeof (padbuf)); */
 
+/*   debug_msg (2, "<= calc  finished"); */
+/* } */
 
-static void
-calc_finished_tls_sha384 (ntbtls_t ssl, unsigned char *buf, int is_client)
-{
-  int len = 12;
-  const char *sender;
-  sha512_context sha512;
-  unsigned char padbuf[48];
 
-  session_t session = ssl->session_negotiate;
-  if (!session)
-    session = ssl->session;
+/* static void */
+/* calc_finished_tls_sha384 (ntbtls_t ssl, unsigned char *buf, int is_client) */
+/* { */
+/*   int len = 12; */
+/*   const char *sender; */
+/*   sha512_context sha512; */
+/*   unsigned char padbuf[48]; */
 
-  debug_msg (2, "=> calc  finished tls sha384");
+/*   session_t session = ssl->session_negotiate; */
+/*   if (!session) */
+/*     session = ssl->session; */
 
-  memcpy (&sha512, &ssl->handshake->fin_sha512, sizeof (sha512_context));
+/*   debug_msg (2, "=> calc  finished tls sha384"); */
 
-  /*
-   * TLSv1.2:
-   *   hash = PRF( master, finished_label,
-   *               Hash( handshake ) )[0.11]
-   */
+/*   memcpy (&sha512, &ssl->handshake->fin_sha512, sizeof (sha512_context)); */
 
-#if !defined(POLARSSL_SHA512_ALT)
-  debug_buf (4, "finished sha512 state", sha512.state, sizeof (sha512.state));
-#endif
+/*   /\* */
+/*    * TLSv1.2: */
+/*    *   hash = PRF( master, finished_label, */
+/*    *               Hash( handshake ) )[0.11] */
+/*    *\/ */
 
-  sender = is_client ? "client finished" : "server finished";
+/* #if !defined(POLARSSL_SHA512_ALT) */
+/*   debug_buf (4, "finished sha512 state", sha512.state, sizeof (sha512.state)); */
+/* #endif */
 
-  sha512_finish (&sha512, padbuf);
+/*   sender = is_client ? "client finished" : "server finished"; */
 
-  ssl->handshake->tls_prf (session->master, 48, sender, padbuf, 48, buf, len);
+/*   sha512_finish (&sha512, padbuf); */
 
-  debug_buf (3, "calc finished result", buf, len);
+/*   ssl->handshake->tls_prf (session->master, 48, sender, padbuf, 48, buf, len); */
 
-  sha512_free (&sha512);
+/*   debug_buf (3, "calc finished result", buf, len); */
 
-  wipememory (padbuf, sizeof (padbuf));
+/*   sha512_free (&sha512); */
 
-  debug_msg (2, "<= calc  finished");
-}
+/*   wipememory (padbuf, sizeof (padbuf)); */
+
+/*   debug_msg (2, "<= calc  finished"); */
+/* } */
 
 
 void
-_ntbtls_handshake_wrapup (ntbtls_t ssl)
+_ntbtls_handshake_wrapup (ntbtls_t tls)
 {
-  int resume = ssl->handshake->resume;
+  int resume = tls->handshake->resume;
 
   debug_msg (3, "=> handshake wrapup");
 
   /*
    * Free our handshake params
    */
-  handshake_params_deinit (ssl->handshake);
-  free (ssl->handshake);
-  ssl->handshake = NULL;
+  handshake_params_deinit (tls->handshake);
+  free (tls->handshake);
+  tls->handshake = NULL;
 
-  if (ssl->renegotiation == TLS_RENEGOTIATION)
+  if (tls->renegotiation == TLS_RENEGOTIATION)
     {
-      ssl->renegotiation = TLS_RENEGOTIATION_DONE;
-      ssl->renego_records_seen = 0;
+      tls->renegotiation = TLS_RENEGOTIATION_DONE;
+      tls->renego_records_seen = 0;
     }
 
   /*
    * Switch in our now active transform context
    */
-  if (ssl->transform)
+  if (tls->transform)
     {
-      transform_deinit (ssl->transform);
-      free (ssl->transform);
+      transform_deinit (tls->transform);
+      free (tls->transform);
     }
-  ssl->transform = ssl->transform_negotiate;
-  ssl->transform_negotiate = NULL;
+  tls->transform = tls->transform_negotiate;
+  tls->transform_negotiate = NULL;
 
-  if (ssl->session)
+  if (tls->session)
     {
-      session_deinit (ssl->session);
-      free (ssl->session);
+      session_deinit (tls->session);
+      free (tls->session);
     }
-  ssl->session = ssl->session_negotiate;
-  ssl->session_negotiate = NULL;
+  tls->session = tls->session_negotiate;
+  tls->session_negotiate = NULL;
 
   /*
    * Add cache entry
    */
-  if (ssl->f_set_cache != NULL && ssl->session->length != 0 && resume == 0)
+  if (tls->f_set_cache && tls->session->length && !resume)
     {
-      if (ssl->f_set_cache (ssl->p_set_cache, ssl->session) != 0)
+      if (tls->f_set_cache (tls->p_set_cache, tls->session))
         debug_msg (1, "cache did not store session");
     }
 
-  ssl->state++;
+  tls->state++;
 
   debug_msg (3, "<= handshake wrapup");
 }
 
 
-int
-_ntbtls_write_finished (ntbtls_t ssl)
+gpg_error_t
+_ntbtls_write_finished (ntbtls_t tls)
 {
-  int ret, hash_len;
+  gpg_error_t err;
+  int hashlen;
 
   debug_msg (2, "=> write finished");
 
   /*
    * Set the out_msg pointer to the correct location based on IV length
    */
-  if (ssl->minor_ver >= SSL_MINOR_VERSION_2)
+  if (tls->minor_ver >= TLS_MINOR_VERSION_2)
     {
-      ssl->out_msg = ssl->out_iv + ssl->transform_negotiate->ivlen -
-        ssl->transform_negotiate->fixed_ivlen;
+      tls->out_msg = (tls->out_iv
+                      + tls->transform_negotiate->ivlen
+                      - tls->transform_negotiate->fixed_ivlen);
     }
   else
-    ssl->out_msg = ssl->out_iv;
+    tls->out_msg = tls->out_iv;
 
-  ssl->handshake->calc_finished (ssl, ssl->out_msg + 4, ssl->is_client);
+  tls->handshake->calc_finished (tls, tls->out_msg + 4, tls->is_client);
 
-  // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
-  hash_len = (ssl->minor_ver == SSL_MINOR_VERSION_0) ? 36 : 12;
+  //FIXME: TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
+  hashlen = (tls->minor_ver == TLS_MINOR_VERSION_0) ? 36 : 12;
 
-  ssl->verify_data_len = hash_len;
-  memcpy (ssl->own_verify_data, ssl->out_msg + 4, hash_len);
+  tls->verify_data_len = hashlen;
+  memcpy (tls->own_verify_data, tls->out_msg + 4, hashlen);
 
-  ssl->out_msglen = 4 + hash_len;
-  ssl->out_msgtype = TLS_MSG_HANDSHAKE;
-  ssl->out_msg[0] = TLS_HS_FINISHED;
+  tls->out_msglen = 4 + hashlen;
+  tls->out_msgtype = TLS_MSG_HANDSHAKE;
+  tls->out_msg[0] = TLS_HS_FINISHED;
 
   /*
    * In case of session resuming, invert the client and server
    * ChangeCipherSpec messages order.
    */
-  if (ssl->handshake->resume != 0)
+  if (tls->handshake->resume)
     {
-      if (ssl->is_client)
-        ssl->state = SSL_HANDSHAKE_WRAPUP;
+      if (tls->is_client)
+        tls->state = TLS_HANDSHAKE_WRAPUP;
       else
-        ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC;
+        tls->state = TLS_CLIENT_CHANGE_CIPHER_SPEC;
     }
   else
-    ssl->state++;
+    tls->state++;
 
   /*
    * Switch to our negotiated transform and session parameters for outbound
    * data.
    */
   debug_msg (3, "switching to new transform spec for outbound data");
-  ssl->transform_out = ssl->transform_negotiate;
-  ssl->session_out = ssl->session_negotiate;
-  memset (ssl->out_ctr, 0, 8);
+  tls->transform_out = tls->transform_negotiate;
+  tls->session_out = tls->session_negotiate;
+  memset (tls->out_ctr, 0, 8);
 
-  if ((ret = ssl_write_record (ssl)) != 0)
+  err = _ntbtls_write_record (tls);
+  if (err)
     {
-      SSL_DEBUG_RET (1, "ssl_write_record", ret);
-      return (ret);
+      debug_ret (1, "write_record", err);
+      return err;
     }
 
   debug_msg (2, "<= write finished");
 
-  return (0);
+  return 0;
 }
 
 
-int
-_ntbtls_parse_finished (ntbtls_t ssl)
+gpg_error_t
+_ntbtls_parse_finished (ntbtls_t tls)
 {
-  int ret;
-  unsigned int hash_len;
+  gpg_error_t err;
+  unsigned int hashlen;
   unsigned char buf[36];
 
   debug_msg (2, "=> parse finished");
 
-  ssl->handshake->calc_finished (ssl, buf, tls->is_client);
+  tls->handshake->calc_finished (tls, buf, tls->is_client);
 
   /*
    * Switch to our negotiated transform and session parameters for inbound
    * data.
    */
   debug_msg (3, "switching to new transform spec for inbound data");
-  ssl->transform_in = ssl->transform_negotiate;
-  ssl->session_in = ssl->session_negotiate;
-  memset (ssl->in_ctr, 0, 8);
+  tls->transform_in = tls->transform_negotiate;
+  tls->session_in = tls->session_negotiate;
+  memset (tls->in_ctr, 0, 8);
 
   /*
    * Set the in_msg pointer to the correct location based on IV length
    */
-  if (ssl->minor_ver >= SSL_MINOR_VERSION_2)
+  if (tls->minor_ver >= TLS_MINOR_VERSION_2)
     {
-      ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen -
-        ssl->transform_negotiate->fixed_ivlen;
+      tls->in_msg = (tls->in_iv
+                     + tls->transform_negotiate->ivlen
+                     - tls->transform_negotiate->fixed_ivlen);
     }
   else
-    ssl->in_msg = ssl->in_iv;
+    tls->in_msg = tls->in_iv;
 
-  if ((ret = _ntbtls_read_record (ssl)) != 0)
+  err = _ntbtls_read_record (tls);
+  if (err)
     {
-      debug_ret (1, "read_record", ret);
-      return (ret);
+      debug_ret (1, "read_record", err);
+      return err;
     }
 
-  if (ssl->in_msgtype != TLS_MSG_HANDSHAKE)
+  if (tls->in_msgtype != TLS_MSG_HANDSHAKE)
     {
       debug_msg (1, "bad finished message");
       return gpg_error (GPG_ERR_UNEXPECTED_MSG);
     }
 
-  // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
-  hash_len = (ssl->minor_ver == SSL_MINOR_VERSION_0) ? 36 : 12;
+  //FIXME: TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
+  hashlen = (tls->minor_ver == TLS_MINOR_VERSION_0) ? 36 : 12;
 
-  if (ssl->in_msg[0] != TLS_HS_FINISHED || ssl->in_hslen != 4 + hash_len)
+  if (tls->in_msg[0] != TLS_HS_FINISHED || tls->in_hslen != 4 + hashlen)
     {
       debug_msg (1, "bad finished message");
       return gpg_error (GPG_ERR_BAD_HS_FINISHED);
     }
 
-  if (safer_memcmp (ssl->in_msg + 4, buf, hash_len) != 0)
+  if (memcmpct (tls->in_msg + 4, buf, hashlen))
     {
       debug_msg (1, "bad finished message");
       return gpg_error (GPG_ERR_BAD_HS_FINISHED);
     }
 
-  ssl->verify_data_len = hash_len;
-  memcpy (ssl->peer_verify_data, buf, hash_len);
+  tls->verify_data_len = hashlen;
+  memcpy (tls->peer_verify_data, buf, hashlen);
 
-  if (ssl->handshake->resume != 0)
+  if (tls->handshake->resume)
     {
-      if (ssl->is_client)
-        ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC;
+      if (tls->is_client)
+        tls->state = TLS_CLIENT_CHANGE_CIPHER_SPEC;
       else
-        ssl->state = SSL_HANDSHAKE_WRAPUP;
+        tls->state = TLS_HANDSHAKE_WRAPUP;
     }
   else
-    ssl->state++;
+    tls->state++;
 
   debug_msg (2, "<= parse finished");
 
-  return (0);
+  return 0;
 }
 
 
 static gpg_error_t
-transform_init (ssl_transform * transform)
+transform_init (transform_t transform)
 {
-  gpg_error_t err;
+  gpg_error_t err = 0;
 
-  cipher_init (&transform->cipher_ctx_enc);
-  cipher_init (&transform->cipher_ctx_dec);
+  //FIXME:
+  /* cipher_init (&transform->cipher_ctx_enc); */
+  /* cipher_init (&transform->cipher_ctx_dec); */
 
-  md_init (&transform->md_ctx_enc);
-  md_init (&transform->md_ctx_dec);
+  /* md_init (&transform->md_ctx_enc); */
+  /* md_init (&transform->md_ctx_dec); */
   return err;
 }
 
 
 static void
-transform_deinit (ssl_transform * transform)
+transform_deinit (transform_t transform)
 {
   if (!transform)
     return;
 
-  deflateEnd (&transform->ctx_deflate);
-  inflateEnd (&transform->ctx_inflate);
+  //FIXME:
+  /* deflateEnd (&transform->ctx_deflate); */
+  /* inflateEnd (&transform->ctx_inflate); */
 
-  cipher_free (&transform->cipher_ctx_enc);
-  cipher_free (&transform->cipher_ctx_dec);
+  /* cipher_free (&transform->cipher_ctx_enc); */
+  /* cipher_free (&transform->cipher_ctx_dec); */
 
-  md_free (&transform->md_ctx_enc);
-  md_free (&transform->md_ctx_dec);
+  /* md_free (&transform->md_ctx_enc); */
+  /* md_free (&transform->md_ctx_dec); */
 
-  wipememory (transform, sizeof (ssl_transform));
+  wipememory (transform, sizeof *transform);
 }
 
 
@@ -2523,12 +2524,8 @@ session_deinit (session_t session)
   if (!session)
     return;
 
-  if (session->peer_cert)
-    {
-      //FIXME:
-      /* x509_crt_free (session->peer_cert); */
-      free (session->peer_cert);
-    }
+  if (session->peer_chain)
+    _ntbtls_x509_release (session->peer_chain);
 
   free (session->ticket);
   wipememory (session, sizeof *session);
@@ -2536,7 +2533,7 @@ session_deinit (session_t session)
 
 
 static gpg_error_t
-handshake_params_init (ssl_handshake_params * handshake)
+handshake_params_init (handshake_params_t handshake)
 {
   gpg_error_t err;
 
@@ -2553,7 +2550,7 @@ handshake_params_init (ssl_handshake_params * handshake)
     }
 
   handshake->update_checksum = update_checksum_start;
-  handshake->sig_alg = SSL_HASH_SHA1;
+  handshake->sig_alg = TLS_HASH_SHA1;
 
   //*FIXME:
   /* dhm_init (&handshake->dhm_ctx); */
@@ -2563,7 +2560,7 @@ handshake_params_init (ssl_handshake_params * handshake)
 
 
 static void
-handshake_params_deinit (ssl_handshake_params * handshake)
+handshake_params_deinit (handshake_params_t handshake)
 {
   if (!handshake)
     return;
@@ -2578,18 +2575,19 @@ handshake_params_deinit (ssl_handshake_params * handshake)
      the belong to the SNI callback. */
   if (handshake->sni_key_cert)
     {
-      ssl_key_cert *cur, *next;
+      //FIXME:
+      /* ssl_key_cert *cur, *next; */
 
-      cur = handshake->sni_key_cert;
-      while (cur)
-        {
-          next = cur->next;
-          free (cur);
-          cur = next;
-        }
+      /* cur = handshake->sni_key_cert; */
+      /* while (cur) */
+      /*   { */
+      /*     next = cur->next; */
+      /*     free (cur); */
+      /*     cur = next; */
+      /*   } */
     }
 
-  wipememory (handshake, sizeof (ssl_handshake_params));
+  wipememory (handshake, sizeof *handshake);
 }
 
 
@@ -2671,8 +2669,8 @@ handshake_init (ntbtls_t tls)
 /*
  * Create a new TLS context.  Valid values for FLAGS are:
  *
- *   NTBTLS_INIT_SERVER  - This endpoint is a server (default).
- *   NTBTLS_INIT_CLIENT  - This endpoint is a client.
+ *   NTBTLS_SERVER  - This endpoint is a server (default).
+ *   NTBTLS_CLIENT  - This endpoint is a client.
  *
  * On success a context object is returned at R_TLS.  One error NULL
  * is stored at R_TLS and an error code is returned.
@@ -2686,6 +2684,10 @@ _ntbtls_new (ntbtls_t *r_tls, unsigned int flags)
 
   *r_tls = NULL;
 
+  /* Note: NTBTLS_SERVER has value 0, thus we can't check for it. */
+  if ((flags & ~(NTBTLS_CLIENT)))
+    return gpg_error (GPG_ERR_EINVAL);
+
   tls = calloc (1, sizeof *tls);
   if (!tls)
     return gpg_error_from_syserror ();  /* Return immediately.  */
@@ -2695,6 +2697,12 @@ _ntbtls_new (ntbtls_t *r_tls, unsigned int flags)
   tls->max_major_ver = TLS_MAX_MAJOR_VERSION;
   tls->max_minor_ver = TLS_MAX_MINOR_VERSION;
 
+  if ((flags & NTBTLS_CLIENT))
+    {
+      tls->is_client = 1;
+      tls->use_session_tickets = 1;
+    }
+
   /* FIXME: ssl_set_ciphersuites (ssl, ssl_list_ciphersuites ()); */
 
   tls->renego_max_records = TLS_RENEGO_MAX_RECORDS_DEFAULT;
@@ -2705,7 +2713,7 @@ _ntbtls_new (ntbtls_t *r_tls, unsigned int flags)
   /*     (ret = mpi_read_string (&tls->dhm_G, 16, */
   /*                             POLARSSL_DHM_RFC5114_MODP_1024_G)) != 0) */
   /*   { */
-  /*     SSL_DEBUG_RET (1, "mpi_read_string", ret); */
+  /*     debug_ret (1, "mpi_read_string", ret); */
   /*     return (ret); */
   /*   } */
 
@@ -2744,7 +2752,7 @@ _ntbtls_new (ntbtls_t *r_tls, unsigned int flags)
     goto leave;
 
   if (tls->is_client)
-    tls->session_tickets = SSL_SESSION_TICKETS_ENABLED;
+    tls->use_session_tickets = 1;
 
 
  leave:
@@ -2802,7 +2810,7 @@ _ntbtls_release (ntbtls_t tls)
 
   if (tls->handshake)
     {
-      handshake_deinit (tls->handshake);
+      handshake_params_deinit (tls->handshake);
       free (tls->handshake);
       transform_deinit (tls->transform_negotiate);
       free (tls->transform_negotiate);
@@ -2818,7 +2826,7 @@ _ntbtls_release (ntbtls_t tls)
 
   if (tls->ticket_keys)
     {
-      ssl_ticket_keys_free (tls->ticket_keys);
+      ticket_keys_deinit (tls->ticket_keys);
       free (tls->ticket_keys);
     }
 
@@ -2839,7 +2847,8 @@ _ntbtls_release (ntbtls_t tls)
       tls->psk_identity_len = 0;
     }
 
-  ssl_key_cert_free (tls->key_cert);
+  //FIXME:
+  /* ssl_key_cert_free (tls->key_cert); */
 
   debug_msg (2, "<= release");
 
@@ -2923,8 +2932,8 @@ ssl_session_reset (ntbtls_t ssl)
 
   ssl->renego_records_seen = 0;
 
-  memset (ssl->out_ctr, 0, SSL_BUFFER_LEN);
-  memset (ssl->in_ctr, 0, SSL_BUFFER_LEN);
+  memset (ssl->out_ctr, 0, TLS_BUFFER_LEN);
+  memset (ssl->in_ctr, 0, TLS_BUFFER_LEN);
 
   if (ssl->transform)
     {
@@ -2950,61 +2959,53 @@ ssl_session_reset (ntbtls_t ssl)
 
 
 static void
-ssl_ticket_keys_free (ssl_ticket_keys * tkeys)
+ticket_keys_deinit (ticket_keys_t tkeys)
 {
-  aes_free (&tkeys->enc);
-  aes_free (&tkeys->dec);
+  //FIXME:
+  /* aes_free (&tkeys->enc); */
+  /* aes_free (&tkeys->dec); */
 
-  wipememory (tkeys, sizeof (ssl_ticket_keys));
+  wipememory (tkeys, sizeof *tkeys);
 }
 
 
 /*
- * Allocate and initialize ticket keys
+ * Allocate and initialize ticket keys in TLS if not yet done.
  */
-static int
-ssl_ticket_keys_init (ntbtls_t ssl)
+static gpg_error_t
+ticket_keys_setup (ntbtls_t tls)
 {
-  int ret;
-  ssl_ticket_keys *tkeys;
+  ticket_keys_t tkeys;
   unsigned char buf[16];
 
-  if (ssl->ticket_keys != NULL)
-    return (0);
+  if (tls->ticket_keys)
+    return 0;
 
   tkeys = malloc (sizeof *tkeys);
   if (!tkeys)
-    return gpg_error_from_syserror ()
+    return gpg_error_from_syserror ();
 
-  aes_init (&tkeys->enc);
-  aes_init (&tkeys->dec);
+  //FIXME:
+  /* aes_init (&tkeys->enc); */
+  /* aes_init (&tkeys->dec); */
 
-  if ((ret = ssl->f_rng (ssl->p_rng, tkeys->key_name, 16)) != 0)
-    {
-      ssl_ticket_keys_free (tkeys);
-      polarssl_free (tkeys);
-      return (ret);
-    }
+  gcry_randomize (tkeys->key_name, 16, GCRY_STRONG_RANDOM);
+  gcry_randomize (buf, 16, GCRY_STRONG_RANDOM);
 
-  if ((ret = ssl->f_rng (ssl->p_rng, buf, 16)) != 0 ||
-      (ret = aes_setkey_enc (&tkeys->enc, buf, 128)) != 0 ||
-      (ret = aes_setkey_dec (&tkeys->dec, buf, 128)) != 0)
-    {
-      ssl_ticket_keys_free (tkeys);
-      polarssl_free (tkeys);
-      return (ret);
-    }
+  //FIXME:
+  /* if ((ret = aes_setkey_enc (&tkeys->enc, buf, 128)) != 0 || */
+  /*     (ret = aes_setkey_dec (&tkeys->dec, buf, 128)) != 0) */
+  /*   { */
+  /*     ssl_ticket_keys_free (tkeys); */
+  /*     polarssl_free (tkeys); */
+  /*     return (ret); */
+  /*   } */
 
-  if ((ret = ssl->f_rng (ssl->p_rng, tkeys->mac_key, 16)) != 0)
-    {
-      ssl_ticket_keys_free (tkeys);
-      polarssl_free (tkeys);
-      return (ret);
-    }
+  gcry_randomize (tkeys->mac_key, 16, GCRY_STRONG_RANDOM);
 
-  ssl->ticket_keys = tkeys;
+  tls->ticket_keys = tkeys;
 
-  return (0);
+  return 0;
 }
 
 
@@ -3028,33 +3029,6 @@ ssl_set_verify (ntbtls_t ssl,
 }
 #endif /* POLARSSL_X509_CRT_PARSE_C */
 
-void
-ssl_set_rng (ntbtls_t ssl,
-             int (*f_rng) (void *, unsigned char *, size_t), void *p_rng)
-{
-  ssl->f_rng = f_rng;
-  ssl->p_rng = p_rng;
-}
-
-void
-ssl_set_dbg (ntbtls_t ssl,
-             void (*f_dbg) (void *, int, const char *), void *p_dbg)
-{
-  ssl->f_dbg = f_dbg;
-  ssl->p_dbg = p_dbg;
-}
-
-void
-ssl_set_bio (ntbtls_t ssl,
-             int (*f_recv) (void *, unsigned char *, size_t), void *p_recv,
-             int (*f_send) (void *, const unsigned char *, size_t),
-             void *p_send)
-{
-  ssl->f_recv = f_recv;
-  ssl->f_send = f_send;
-  ssl->p_recv = p_recv;
-  ssl->p_send = p_send;
-}
 
 void
 ssl_set_session_cache (ntbtls_t ssl,
@@ -3070,365 +3044,343 @@ ssl_set_session_cache (ntbtls_t ssl,
   ssl->p_set_cache = p_set_cache;
 }
 
-int
-ssl_set_session (ntbtls_t ssl, const session_t session)
-{
-  int ret;
-
-  if (ssl == NULL ||
-      session == NULL ||
-      ssl->session_negotiate == NULL || !ssl->is_client)
-    {
-      return gpg_error (GPG_ERR_INV_ARG);
-    }
-
-  if ((ret = ssl_session_copy (ssl->session_negotiate, session)) != 0)
-    return (ret);
-
-  ssl->handshake->resume = 1;
-
-  return (0);
-}
-
-void
-ssl_set_ciphersuites (ntbtls_t ssl, const int *ciphersuites)
-{
-  ssl->ciphersuite_list[SSL_MINOR_VERSION_0] = ciphersuites;
-  ssl->ciphersuite_list[SSL_MINOR_VERSION_1] = ciphersuites;
-  ssl->ciphersuite_list[SSL_MINOR_VERSION_2] = ciphersuites;
-  ssl->ciphersuite_list[SSL_MINOR_VERSION_3] = ciphersuites;
-}
-
-void
-ssl_set_ciphersuites_for_version (ntbtls_t ssl,
-                                  const int *ciphersuites,
-                                  int major, int minor)
-{
-  if (major != SSL_MAJOR_VERSION_3)
-    return;
-
-  if (minor < SSL_MINOR_VERSION_0 || minor > SSL_MINOR_VERSION_3)
-    return;
-
-  ssl->ciphersuite_list[minor] = ciphersuites;
-}
-
-
-/* Add a new (empty) key_cert entry an return a pointer to it */
-static ssl_key_cert *
-ssl_add_key_cert (ntbtls_t ssl)
-{
-  ssl_key_cert *key_cert, *last;
-
-  key_cert = calloc (1, sizeof *key_cert);
-  if (!key_cert)
-    return NULL;
-
-  /* Append the new key_cert to the (possibly empty) current list */
-  if (ssl->key_cert == NULL)
-    {
-      ssl->key_cert = key_cert;
-      if (ssl->handshake != NULL)
-        ssl->handshake->key_cert = key_cert;
-    }
-  else
-    {
-      last = ssl->key_cert;
-      while (last->next != NULL)
-        last = last->next;
-      last->next = key_cert;
-    }
-
-  return (key_cert);
-}
-
-
-void
-ssl_set_ca_chain (ntbtls_t ssl, x509_crt * ca_chain,
-                  x509_crl * ca_crl, const char *peer_cn)
-{
-  ssl->ca_chain = ca_chain;
-  ssl->ca_crl = ca_crl;
-  ssl->peer_cn = peer_cn;
-}
-
-
-int
-ssl_set_own_cert (ntbtls_t ssl, x509_crt * own_cert, pk_context * pk_key)
-{
-  ssl_key_cert *key_cert;
-
-  key_cert = ssl_add_key_cert (ssl);
-  if (!key_cert)
-    return gpg_error_from_syserror ();
-
-  key_cert->cert = own_cert;
-  key_cert->key = pk_key;
-
-  return 0;
-}
-
-
-int
-ssl_set_own_cert_rsa (ntbtls_t ssl, x509_crt * own_cert,
-                      rsa_context * rsa_key)
-{
-  int ret;
-  ssl_key_cert *key_cert;
-
-
-  key_cert = ssl_add_key_cert (ssl);
-  if (!key_cert)
-    return gpg_error_from_syserror ();
-
-  key_cert->key = malloc (sizeof (pk_context));
-  if (!key_cert->key)
-    return gpg_error_from_syserror ();
-
-  pk_init (key_cert->key);
-
-  ret = pk_init_ctx (key_cert->key, pk_info_from_type (POLARSSL_PK_RSA));
-  if (ret != 0)
-    return (ret);
-
-  if ((ret = rsa_copy (pk_rsa (*key_cert->key), rsa_key)) != 0)
-    return (ret);
-
-  key_cert->cert = own_cert;
-  key_cert->key_own_alloc = 1;
-
-  return (0);
-}
-
-
-int
-ssl_set_own_cert_alt (ntbtls_t ssl, x509_crt * own_cert,
-                      void *rsa_key,
-                      rsa_decrypt_func rsa_decrypt,
-                      rsa_sign_func rsa_sign, rsa_key_len_func rsa_key_len)
-{
-  int ret;
-  ssl_key_cert *key_cert;
-
-  key_cert = ssl_add_key_cert (ssl);
-  if (!key_cert)
-    return gpg_error_from_syserror ();
-
-  key_cert->key = malloc (sizeof (pk_context));
-  if (!key_cert->key)
-    {
-      err = gpg_error_from_syserror ();
-      free (key_cert);
-      return err;
-    }
 
-  pk_init (key_cert->key);
-
-  if ((ret = pk_init_ctx_rsa_alt (key_cert->key, rsa_key,
-                                  rsa_decrypt, rsa_sign, rsa_key_len)) != 0)
-    return (ret);
-
-  key_cert->cert = own_cert;
-  key_cert->key_own_alloc = 1;
-
-  return 0;
-}
-
-
-int
-ssl_set_psk (ntbtls_t ssl, const unsigned char *psk, size_t psk_len,
-             const unsigned char *psk_identity, size_t psk_identity_len)
+/* Request resumption of session (client-side only).
+   Session data is copied from presented session structure. */
+gpg_error_t
+_ntbtls_set_session (ntbtls_t tls, const session_t session)
 {
-  if (psk == NULL || psk_identity == NULL)
-    return gpg_error (GPG_ERR_INV_ARG);
+  gpg_error_t err;
 
-  if (psk_len > POLARSSL_PSK_MAX_LEN)
+  if (!tls || !session || !tls->session_negotiate || !tls->is_client)
     return gpg_error (GPG_ERR_INV_ARG);
 
-  if (ssl->psk != NULL)
-    {
-      free (ssl->psk);
-      ssl->psk = NULL;
-      free (ssl->psk_identity);
-      ssl->psk_identity = NULL;
-    }
-
-  ssl->psk_len = psk_len;
-  ssl->psk_identity_len = psk_identity_len;
-
-  ssl->psk = malloc (ssl->psk_len);
-  if (!ssl->psk)
-    return gpg_error_from_syserror ();
-
-  ssl->psk_identity = malloc (ssl->psk_identity_len);
-  if (!ssl->psk_identity)
-    {
-      err = gpg_error_from_syserror ();
-      free (ssl->psk);
-      ssl->psk = NULL;
-      return err;
-    }
+  err = session_copy (tls->session_negotiate, session);
+  if (err)
+    return err;
 
-  memcpy (ssl->psk, psk, ssl->psk_len);
-  memcpy (ssl->psk_identity, psk_identity, ssl->psk_identity_len);
+  tls->handshake->resume = 1;
 
-  return (0);
+  return 0;
 }
 
-void
-ssl_set_psk_cb (ntbtls_t ssl,
-                int (*f_psk) (void *, ssl_context *, const unsigned char *,
-                              size_t), void *p_psk)
-{
-  ssl->f_psk = f_psk;
-  ssl->p_psk = p_psk;
-}
 
 
-int
-ssl_set_dh_param (ntbtls_t ssl, const char *dhm_P, const char *dhm_G)
-{
-  int ret;
+/* Add a new (empty) key_cert entry an return a pointer to it */
+/* static ssl_key_cert * */
+/* ssl_add_key_cert (ntbtls_t ssl) */
+/* { */
+/*   ssl_key_cert *key_cert, *last; */
+
+/*   key_cert = calloc (1, sizeof *key_cert); */
+/*   if (!key_cert) */
+/*     return NULL; */
+
+/*   /\* Append the new key_cert to the (possibly empty) current list *\/ */
+/*   if (ssl->key_cert == NULL) */
+/*     { */
+/*       ssl->key_cert = key_cert; */
+/*       if (ssl->handshake != NULL) */
+/*         ssl->handshake->key_cert = key_cert; */
+/*     } */
+/*   else */
+/*     { */
+/*       last = ssl->key_cert; */
+/*       while (last->next != NULL) */
+/*         last = last->next; */
+/*       last->next = key_cert; */
+/*     } */
+
+/*   return (key_cert); */
+/* } */
 
-  if ((ret = mpi_read_string (&ssl->dhm_P, 16, dhm_P)) != 0)
-    {
-      SSL_DEBUG_RET (1, "mpi_read_string", ret);
-      return (ret);
-    }
 
-  if ((ret = mpi_read_string (&ssl->dhm_G, 16, dhm_G)) != 0)
-    {
-      SSL_DEBUG_RET (1, "mpi_read_string", ret);
-      return (ret);
-    }
+/* void */
+/* ssl_set_ca_chain (ntbtls_t ssl, x509_crt * ca_chain, */
+/*                   x509_crl_t ca_crl, const char *peer_cn) */
+/* { */
+/*   ssl->ca_chain = ca_chain; */
+/*   ssl->ca_crl = ca_crl; */
+/*   ssl->peer_cn = peer_cn; */
+/* } */
+
+
+/* int */
+/* ssl_set_own_cert (ntbtls_t ssl, x509_crt * own_cert, pk_context * pk_key) */
+/* { */
+/*   ssl_key_cert *key_cert; */
+
+/*   key_cert = ssl_add_key_cert (ssl); */
+/*   if (!key_cert) */
+/*     return gpg_error_from_syserror (); */
+
+/*   key_cert->cert = own_cert; */
+/*   key_cert->key = pk_key; */
+
+/*   return 0; */
+/* } */
+
+
+/* int */
+/* ssl_set_own_cert_rsa (ntbtls_t ssl, x509_crt * own_cert, */
+/*                       rsa_context * rsa_key) */
+/* { */
+/*   int ret; */
+/*   ssl_key_cert *key_cert; */
+
+
+/*   key_cert = ssl_add_key_cert (ssl); */
+/*   if (!key_cert) */
+/*     return gpg_error_from_syserror (); */
+
+/*   key_cert->key = malloc (sizeof (pk_context)); */
+/*   if (!key_cert->key) */
+/*     return gpg_error_from_syserror (); */
+
+/*   pk_init (key_cert->key); */
+
+/*   ret = pk_init_ctx (key_cert->key, pk_info_from_type (POLARSSL_PK_RSA)); */
+/*   if (ret != 0) */
+/*     return (ret); */
+
+/*   if ((ret = rsa_copy (pk_rsa (*key_cert->key), rsa_key)) != 0) */
+/*     return (ret); */
+
+/*   key_cert->cert = own_cert; */
+/*   key_cert->key_own_alloc = 1; */
+
+/*   return (0); */
+/* } */
+
+
+/* int */
+/* ssl_set_own_cert_alt (ntbtls_t ssl, x509_crt * own_cert, */
+/*                       void *rsa_key, */
+/*                       rsa_decrypt_func rsa_decrypt, */
+/*                       rsa_sign_func rsa_sign, rsa_key_len_func rsa_key_len) */
+/* { */
+/*   int ret; */
+/*   ssl_key_cert *key_cert; */
+
+/*   key_cert = ssl_add_key_cert (ssl); */
+/*   if (!key_cert) */
+/*     return gpg_error_from_syserror (); */
+
+/*   key_cert->key = malloc (sizeof (pk_context)); */
+/*   if (!key_cert->key) */
+/*     { */
+/*       err = gpg_error_from_syserror (); */
+/*       free (key_cert); */
+/*       return err; */
+/*     } */
+
+/*   pk_init (key_cert->key); */
+
+/*   if ((ret = pk_init_ctx_rsa_alt (key_cert->key, rsa_key, */
+/*                                   rsa_decrypt, rsa_sign, rsa_key_len)) != 0) */
+/*     return (ret); */
+
+/*   key_cert->cert = own_cert; */
+/*   key_cert->key_own_alloc = 1; */
+
+/*   return 0; */
+/* } */
+
+
+/* int */
+/* ssl_set_psk (ntbtls_t ssl, const unsigned char *psk, size_t psk_len, */
+/*              const unsigned char *psk_identity, size_t psk_identity_len) */
+/* { */
+/*   if (psk == NULL || psk_identity == NULL) */
+/*     return gpg_error (GPG_ERR_INV_ARG); */
+
+/*   if (psk_len > POLARSSL_PSK_MAX_LEN) */
+/*     return gpg_error (GPG_ERR_INV_ARG); */
+
+/*   if (ssl->psk != NULL) */
+/*     { */
+/*       free (ssl->psk); */
+/*       ssl->psk = NULL; */
+/*       free (ssl->psk_identity); */
+/*       ssl->psk_identity = NULL; */
+/*     } */
 
-  return (0);
-}
+/*   ssl->psk_len = psk_len; */
+/*   ssl->psk_identity_len = psk_identity_len; */
 
-int
-ssl_set_dh_param_ctx (ntbtls_t ssl, dhm_context * dhm_ctx)
-{
-  int ret;
+/*   ssl->psk = malloc (ssl->psk_len); */
+/*   if (!ssl->psk) */
+/*     return gpg_error_from_syserror (); */
 
-  if ((ret = mpi_copy (&ssl->dhm_P, &dhm_ctx->P)) != 0)
-    {
-      SSL_DEBUG_RET (1, "mpi_copy", ret);
-      return (ret);
-    }
-
-  if ((ret = mpi_copy (&ssl->dhm_G, &dhm_ctx->G)) != 0)
-    {
-      SSL_DEBUG_RET (1, "mpi_copy", ret);
-      return (ret);
-    }
-
-  return (0);
-}
+/*   ssl->psk_identity = malloc (ssl->psk_identity_len); */
+/*   if (!ssl->psk_identity) */
+/*