From 30c4fd805c7833678d0abc16042606220f777c8c Mon Sep 17 00:00:00 2001
From: jsing <jsing@openbsd.org>
Date: Fri, 23 May 2014 16:33:34 +0000
Subject: [PATCH] Clean up the SSL cipher initialisation and use C99
 initialisers for clarity, grepability and to protect from future field
 reordering/removal.

ok miod@
---
 lib/libssl/s3_lib.c         | 3421 ++++++++++++++++++-----------------
 lib/libssl/src/ssl/s3_lib.c | 3421 ++++++++++++++++++-----------------
 2 files changed, 3424 insertions(+), 3418 deletions(-)

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 0bb74760f2d..f14cbd0c99c 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -168,725 +168,725 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
 /* list of available SSLv3 ciphers (sorted by id) */
 SSL_CIPHER ssl3_ciphers[] = {
 
-/* The RSA ciphers */
-/* Cipher 01 */
-	{
-		1,
-		SSL3_TXT_RSA_NULL_MD5,
-		SSL3_CK_RSA_NULL_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
-	},
-
-/* Cipher 02 */
-	{
-		1,
-		SSL3_TXT_RSA_NULL_SHA,
-		SSL3_CK_RSA_NULL_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
-	},
-
-/* Cipher 03 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_40_MD5,
-		SSL3_CK_RSA_RC4_40_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 04 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_128_MD5,
-		SSL3_CK_RSA_RC4_128_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 05 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_128_SHA,
-		SSL3_CK_RSA_RC4_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 06 */
-	{
-		1,
-		SSL3_TXT_RSA_RC2_40_MD5,
-		SSL3_CK_RSA_RC2_40_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC2,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 07 */
+	/* The RSA ciphers */
+	/* Cipher 01 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_NULL_MD5,
+		.id = SSL3_CK_RSA_NULL_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
+	},
+
+	/* Cipher 02 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_NULL_SHA,
+		.id = SSL3_CK_RSA_NULL_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
+	},
+
+	/* Cipher 03 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_40_MD5,
+		.id = SSL3_CK_RSA_RC4_40_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 04 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_128_MD5,
+		.id = SSL3_CK_RSA_RC4_128_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 05 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_128_SHA,
+		.id = SSL3_CK_RSA_RC4_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 06 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC2_40_MD5,
+		.id = SSL3_CK_RSA_RC2_40_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC2,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
 	{
-		1,
-		SSL3_TXT_RSA_IDEA_128_SHA,
-		SSL3_CK_RSA_IDEA_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_IDEA,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = SSL3_TXT_RSA_IDEA_128_SHA,
+		.id = SSL3_CK_RSA_IDEA_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_IDEA,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 #endif
 
-/* Cipher 08 */
-	{
-		1,
-		SSL3_TXT_RSA_DES_40_CBC_SHA,
-		SSL3_CK_RSA_DES_40_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 09 */
-	{
-		1,
-		SSL3_TXT_RSA_DES_64_CBC_SHA,
-		SSL3_CK_RSA_DES_64_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 0A */
-	{
-		1,
-		SSL3_TXT_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_RSA_DES_192_CBC3_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* The DH ciphers */
-/* Cipher 0B */
-	{
-		0,
-		SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
-		SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 0C */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
-		SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 0D */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-		SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 0E */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
-		SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 0F */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
-		SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 10 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
-		SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 12 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-		SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 13 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-		SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 14 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
-		SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 15 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-		SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 16 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 17 */
-	{
-		1,
-		SSL3_TXT_ADH_RC4_40_MD5,
-		SSL3_CK_ADH_RC4_40_MD5,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 18 */
-	{
-		1,
-		SSL3_TXT_ADH_RC4_128_MD5,
-		SSL3_CK_ADH_RC4_128_MD5,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 19 */
-	{
-		1,
-		SSL3_TXT_ADH_DES_40_CBC_SHA,
-		SSL3_CK_ADH_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 1A */
-	{
-		1,
-		SSL3_TXT_ADH_DES_64_CBC_SHA,
-		SSL3_CK_ADH_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 1B */
-	{
-		1,
-		SSL3_TXT_ADH_DES_192_CBC_SHA,
-		SSL3_CK_ADH_DES_192_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* New AES ciphersuites */
-/* Cipher 2F */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_SHA,
-		TLS1_CK_RSA_WITH_AES_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 30 */
-	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-		TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 31 */
-	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-		TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 32 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-		TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 33 */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-		TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 34 */
-	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_SHA,
-		TLS1_CK_ADH_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 35 */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_SHA,
-		TLS1_CK_RSA_WITH_AES_256_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-/* Cipher 36 */
-	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-		TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 37 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-		TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 38 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-		TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 39 */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-		TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+	/* Cipher 08 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 09 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0A */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* The DH ciphers */
+	/* Cipher 0B */
+	{
+		.valid = 0,
+		.name = SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+		.id = SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0C */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+		.id = SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0D */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+		.id = SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 0E */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0F */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 10 */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* The Ephemeral DH ciphers */
+	/* Cipher 11 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 12 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 13 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 14 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 15 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 16 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 17 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_RC4_40_MD5,
+		.id = SSL3_CK_ADH_RC4_40_MD5,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 18 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_RC4_128_MD5,
+		.id = SSL3_CK_ADH_RC4_128_MD5,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 19 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_40_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 1A */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_64_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 1B */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_192_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_192_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* New AES ciphersuites */
+	/* Cipher 2F */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 30 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 31 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 32 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 33 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 34 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_SHA,
+		.id = TLS1_CK_ADH_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 35 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+	/* Cipher 36 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 37 */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 38 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 39 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 3A */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_SHA,
-		TLS1_CK_ADH_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_SHA,
+		.id = TLS1_CK_ADH_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 3B */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_NULL_SHA256,
-		TLS1_CK_RSA_WITH_NULL_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_NULL_SHA256,
+		.id = TLS1_CK_RSA_WITH_NULL_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher 3C */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_RSA_WITH_AES_128_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 3D */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_RSA_WITH_AES_256_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 3E */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 3F */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 40 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -894,271 +894,273 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 41 */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 42 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 43 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 44 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 45 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 46 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 67 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 68 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 69 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6A */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6B */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6C */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_SHA256,
-		TLS1_CK_ADH_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 6D */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_SHA256,
-		TLS1_CK_ADH_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* GOST Ciphersuites */
 
 	{
-		1,
-		"GOST94-GOST89-GOST89",
-		0x3000080,
-		SSL_kGOST,
-		SSL_aGOST94,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST2001-GOST89-GOST89",
-		0x3000081,
-		SSL_kGOST,
-		SSL_aGOST01,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST94-NULL-GOST94",
-		0x3000082,
-		SSL_kGOST,
-		SSL_aGOST94,
-		SSL_eNULL,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-		0,
-		0
-	},
-	{
-		1,
-		"GOST2001-NULL-GOST94",
-		0x3000083,
-		SSL_kGOST,
-		SSL_aGOST01,
-		SSL_eNULL,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-		0,
-		0
+		.valid = 1,
+		.name = "GOST94-GOST89-GOST89",
+		.id = 0x3000080,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST94,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST2001-GOST89-GOST89",
+		.id = 0x3000081,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST01,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST94-NULL-GOST94",
+		.id = 0x3000082,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST94,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		.strength_bits = 0,
+		.alg_bits = 0
+	},
+	{
+		.valid = 1,
+		.name = "GOST2001-NULL-GOST94",
+		.id = 0x3000083,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST01,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		.strength_bits = 0,
+		.alg_bits = 0
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -1166,163 +1168,164 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 84 */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
+
 	/* Cipher 85 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 86 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 87 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 88 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 89 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
 #ifndef OPENSSL_NO_PSK
 	/* Cipher 8A */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_RC4_128_SHA,
-		TLS1_CK_PSK_WITH_RC4_128_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_RC4_128_SHA,
+		.id = TLS1_CK_PSK_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 8B */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
-		TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher 8C */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
-		TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 8D */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
-		TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif  /* OPENSSL_NO_PSK */
 
@@ -1330,595 +1333,595 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 9C */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 9D */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 9E */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 9F */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A0 */
 	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A1 */
 	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A2 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A3 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A4 */
 	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A5 */
 	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A6 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A7 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 #ifndef OPENSSL_NO_ECDH
 	/* Cipher C001 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C002 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C003 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C004 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C005 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C006 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C007 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C008 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C009 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00A */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C00B */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-		TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C00C */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00D */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C00E */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00F */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C010 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C011 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C012 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C013 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C014 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C015 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-		TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C016 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C017 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C018 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C019 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif	/* OPENSSL_NO_ECDH */
 
@@ -1928,326 +1931,326 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher C023 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C024 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C025 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C026 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C027 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C028 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C029 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02A */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
 
 	/* Cipher C02B */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02C */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C02D */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02E */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C02F */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C030 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C031 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C032 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 #endif /* OPENSSL_NO_ECDH */
 
 
 #ifdef TEMP_GOST_TLS
-/* Cipher FF00 */
-	{
-		1,
-		"GOST-MD5",
-		0x0300ff00,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_MD5,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-	{
-		1,
-		"GOST-GOST94",
-		0x0300ff01,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST-GOST89MAC",
-		0x0300ff02,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST-GOST89STREAM",
-		0x0300ff03,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
-		256,
-		256
+	/* Cipher FF00 */
+	{
+		.valid = 1,
+		.name = "GOST-MD5",
+		.id = 0x0300ff00,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST94",
+		.id = 0x0300ff01,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST89MAC",
+		.id = 0x0300ff02,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST89STREAM",
+		.id = 0x0300ff03,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
 	},
 #endif
-
-/* end of list */
+	/* end of list */
 };
 
 SSL3_ENC_METHOD SSLv3_enc_data = {
diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c
index 0bb74760f2d..f14cbd0c99c 100644
--- a/lib/libssl/src/ssl/s3_lib.c
+++ b/lib/libssl/src/ssl/s3_lib.c
@@ -168,725 +168,725 @@ const char ssl3_version_str[]="SSLv3" OPENSSL_VERSION_PTEXT;
 /* list of available SSLv3 ciphers (sorted by id) */
 SSL_CIPHER ssl3_ciphers[] = {
 
-/* The RSA ciphers */
-/* Cipher 01 */
-	{
-		1,
-		SSL3_TXT_RSA_NULL_MD5,
-		SSL3_CK_RSA_NULL_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
-	},
-
-/* Cipher 02 */
-	{
-		1,
-		SSL3_TXT_RSA_NULL_SHA,
-		SSL3_CK_RSA_NULL_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
-	},
-
-/* Cipher 03 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_40_MD5,
-		SSL3_CK_RSA_RC4_40_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 04 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_128_MD5,
-		SSL3_CK_RSA_RC4_128_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 05 */
-	{
-		1,
-		SSL3_TXT_RSA_RC4_128_SHA,
-		SSL3_CK_RSA_RC4_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 06 */
-	{
-		1,
-		SSL3_TXT_RSA_RC2_40_MD5,
-		SSL3_CK_RSA_RC2_40_MD5,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_RC2,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 07 */
+	/* The RSA ciphers */
+	/* Cipher 01 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_NULL_MD5,
+		.id = SSL3_CK_RSA_NULL_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
+	},
+
+	/* Cipher 02 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_NULL_SHA,
+		.id = SSL3_CK_RSA_NULL_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
+	},
+
+	/* Cipher 03 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_40_MD5,
+		.id = SSL3_CK_RSA_RC4_40_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 04 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_128_MD5,
+		.id = SSL3_CK_RSA_RC4_128_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 05 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC4_128_SHA,
+		.id = SSL3_CK_RSA_RC4_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 06 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_RC2_40_MD5,
+		.id = SSL3_CK_RSA_RC2_40_MD5,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC2,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 07 */
 #ifndef OPENSSL_NO_IDEA
 	{
-		1,
-		SSL3_TXT_RSA_IDEA_128_SHA,
-		SSL3_CK_RSA_IDEA_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_IDEA,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = SSL3_TXT_RSA_IDEA_128_SHA,
+		.id = SSL3_CK_RSA_IDEA_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_IDEA,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 #endif
 
-/* Cipher 08 */
-	{
-		1,
-		SSL3_TXT_RSA_DES_40_CBC_SHA,
-		SSL3_CK_RSA_DES_40_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 09 */
-	{
-		1,
-		SSL3_TXT_RSA_DES_64_CBC_SHA,
-		SSL3_CK_RSA_DES_64_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 0A */
-	{
-		1,
-		SSL3_TXT_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_RSA_DES_192_CBC3_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* The DH ciphers */
-/* Cipher 0B */
-	{
-		0,
-		SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
-		SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 0C */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
-		SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 0D */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-		SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 0E */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
-		SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 0F */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
-		SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 10 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
-		SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 12 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-		SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 13 */
-	{
-		1,
-		SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-		SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 14 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
-		SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		56,
-	},
-
-/* Cipher 15 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-		SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 16 */
-	{
-		1,
-		SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-		SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* Cipher 17 */
-	{
-		1,
-		SSL3_TXT_ADH_RC4_40_MD5,
-		SSL3_CK_ADH_RC4_40_MD5,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 18 */
-	{
-		1,
-		SSL3_TXT_ADH_RC4_128_MD5,
-		SSL3_CK_ADH_RC4_128_MD5,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_MD5,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 19 */
-	{
-		1,
-		SSL3_TXT_ADH_DES_40_CBC_SHA,
-		SSL3_CK_ADH_DES_40_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_EXPORT|SSL_EXP40,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		40,
-		128,
-	},
-
-/* Cipher 1A */
-	{
-		1,
-		SSL3_TXT_ADH_DES_64_CBC_SHA,
-		SSL3_CK_ADH_DES_64_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_LOW,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		56,
-		56,
-	},
-
-/* Cipher 1B */
-	{
-		1,
-		SSL3_TXT_ADH_DES_192_CBC_SHA,
-		SSL3_CK_ADH_DES_192_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_SSLV3,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
-	},
-
-/* New AES ciphersuites */
-/* Cipher 2F */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_SHA,
-		TLS1_CK_RSA_WITH_AES_128_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 30 */
-	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-		TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 31 */
-	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-		TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 32 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-		TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 33 */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-		TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-/* Cipher 34 */
-	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_SHA,
-		TLS1_CK_ADH_WITH_AES_128_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
-	},
-
-/* Cipher 35 */
-	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_SHA,
-		TLS1_CK_RSA_WITH_AES_256_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-/* Cipher 36 */
-	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-		TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 37 */
-	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-		TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 38 */
-	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-		TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-
-/* Cipher 39 */
-	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-		TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+	/* Cipher 08 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 09 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0A */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* The DH ciphers */
+	/* Cipher 0B */
+	{
+		.valid = 0,
+		.name = SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+		.id = SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0C */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+		.id = SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0D */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+		.id = SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 0E */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 0F */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 10 */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* The Ephemeral DH ciphers */
+	/* Cipher 11 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 12 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 13 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+		.id = SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 14 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 15 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 16 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+		.id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* Cipher 17 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_RC4_40_MD5,
+		.id = SSL3_CK_ADH_RC4_40_MD5,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 18 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_RC4_128_MD5,
+		.id = SSL3_CK_ADH_RC4_128_MD5,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 19 */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_40_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_40_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_EXPORT|SSL_EXP40,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 40,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 1A */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_64_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_64_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_LOW,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 56,
+		.alg_bits = 56,
+	},
+
+	/* Cipher 1B */
+	{
+		.valid = 1,
+		.name = SSL3_TXT_ADH_DES_192_CBC_SHA,
+		.id = SSL3_CK_ADH_DES_192_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_SSLV3,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
+	},
+
+	/* New AES ciphersuites */
+	/* Cipher 2F */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 30 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 31 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 32 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 33 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+	/* Cipher 34 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_SHA,
+		.id = TLS1_CK_ADH_WITH_AES_128_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
+	},
+
+	/* Cipher 35 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+	/* Cipher 36 */
+	{
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 37 */
+	{
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 38 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+
+	/* Cipher 39 */
+	{
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 3A */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_SHA,
-		TLS1_CK_ADH_WITH_AES_256_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_SHA,
+		.id = TLS1_CK_ADH_WITH_AES_256_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 3B */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_NULL_SHA256,
-		TLS1_CK_RSA_WITH_NULL_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_NULL_SHA256,
+		.id = TLS1_CK_RSA_WITH_NULL_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher 3C */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_RSA_WITH_AES_128_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 3D */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_RSA_WITH_AES_256_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 3E */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 3F */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 40 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -894,271 +894,273 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 41 */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 42 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 43 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 44 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 45 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 46 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_CAMELLIA128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_CAMELLIA128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
 	/* TLS v1.2 ciphersuites */
 	/* Cipher 67 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 68 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 69 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6A */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6B */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 6C */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_SHA256,
-		TLS1_CK_ADH_WITH_AES_128_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 6D */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_SHA256,
-		TLS1_CK_ADH_WITH_AES_256_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_256_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* GOST Ciphersuites */
 
 	{
-		1,
-		"GOST94-GOST89-GOST89",
-		0x3000080,
-		SSL_kGOST,
-		SSL_aGOST94,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST2001-GOST89-GOST89",
-		0x3000081,
-		SSL_kGOST,
-		SSL_aGOST01,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST94-NULL-GOST94",
-		0x3000082,
-		SSL_kGOST,
-		SSL_aGOST94,
-		SSL_eNULL,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-		0,
-		0
-	},
-	{
-		1,
-		"GOST2001-NULL-GOST94",
-		0x3000083,
-		SSL_kGOST,
-		SSL_aGOST01,
-		SSL_eNULL,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE,
-		SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-		0,
-		0
+		.valid = 1,
+		.name = "GOST94-GOST89-GOST89",
+		.id = 0x3000080,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST94,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST2001-GOST89-GOST89",
+		.id = 0x3000081,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST01,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST94-NULL-GOST94",
+		.id = 0x3000082,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST94,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		.strength_bits = 0,
+		.alg_bits = 0
+	},
+	{
+		.valid = 1,
+		.name = "GOST2001-NULL-GOST94",
+		.id = 0x3000083,
+		.algorithm_mkey = SSL_kGOST,
+		.algorithm_auth = SSL_aGOST01,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE,
+		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
+		.strength_bits = 0,
+		.alg_bits = 0
 	},
 
 #ifndef OPENSSL_NO_CAMELLIA
@@ -1166,163 +1168,164 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 84 */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
+
 	/* Cipher 85 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 86 */
 	{
-		0, /* not implemented (non-ephemeral DH) */
-		TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 0, /* not implemented (non-ephemeral DH) */
+		.name = TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 87 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 88 */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 89 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_CAMELLIA256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_CAMELLIA256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif /* OPENSSL_NO_CAMELLIA */
 
 #ifndef OPENSSL_NO_PSK
 	/* Cipher 8A */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_RC4_128_SHA,
-		TLS1_CK_PSK_WITH_RC4_128_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_RC4_128_SHA,
+		.id = TLS1_CK_PSK_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 8B */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
-		TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher 8C */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
-		TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 8D */
 	{
-		1,
-		TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
-		TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
-		SSL_kPSK,
-		SSL_aPSK,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kPSK,
+		.algorithm_auth = SSL_aPSK,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif  /* OPENSSL_NO_PSK */
 
@@ -1330,595 +1333,595 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher 9C */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 9D */
 	{
-		1,
-		TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher 9E */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher 9F */
 	{
-		1,
-		TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A0 */
 	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A1 */
 	{
-		0,
-		TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kDHr,
-		SSL_aDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 0,
+		.name = TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kDHr,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A2 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A3 */
 	{
-		1,
-		TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aDSS,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aDSS,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A4 */
 	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A5 */
 	{
-		0,
-		TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
-		SSL_kDHd,
-		SSL_aDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 0,
+		.name = TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kDHd,
+		.algorithm_auth = SSL_aDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher A6 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher A7 */
 	{
-		1,
-		TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
-		SSL_kEDH,
-		SSL_aNULL,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 #ifndef OPENSSL_NO_ECDH
 	/* Cipher C001 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C002 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C003 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C004 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C005 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C006 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C007 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C008 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C009 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00A */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C00B */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-		TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C00C */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00D */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C00E */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C00F */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C010 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C011 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C012 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C013 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C014 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C015 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-		TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_eNULL,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		0,
-		0,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_eNULL,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 0,
+		.alg_bits = 0,
 	},
 
 	/* Cipher C016 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-		TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_RC4,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_MEDIUM,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_RC4,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_MEDIUM,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C017 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_3DES,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		168,
-		168,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_3DES,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 168,
+		.alg_bits = 168,
 	},
 
 	/* Cipher C018 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
-		TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_AES128,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C019 */
 	{
-		1,
-		TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
-		TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
-		SSL_kEECDH,
-		SSL_aNULL,
-		SSL_AES256,
-		SSL_SHA1,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+		.id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aNULL,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA1,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 #endif	/* OPENSSL_NO_ECDH */
 
@@ -1928,326 +1931,326 @@ SSL_CIPHER ssl3_ciphers[] = {
 
 	/* Cipher C023 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C024 */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C025 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C026 */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C027 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C028 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C029 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128,
-		SSL_SHA256,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128,
+		.algorithm_mac = SSL_SHA256,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02A */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256,
-		SSL_SHA384,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256,
+		.algorithm_mac = SSL_SHA384,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
 
 	/* Cipher C02B */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02C */
 	{
-		1,
-		TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEECDH,
-		SSL_aECDSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aECDSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C02D */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C02E */
 	{
-		1,
-		TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		SSL_kECDHe,
-		SSL_aECDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kECDHe,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C02F */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C030 */
 	{
-		1,
-		TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kEECDH,
-		SSL_aRSA,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kEECDH,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 	/* Cipher C031 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES128GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		128,
-		128,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES128GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
+		.strength_bits = 128,
+		.alg_bits = 128,
 	},
 
 	/* Cipher C032 */
 	{
-		1,
-		TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		SSL_kECDHr,
-		SSL_aECDH,
-		SSL_AES256GCM,
-		SSL_AEAD,
-		SSL_TLSV1_2,
-		SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
-		SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		256,
-		256,
+		.valid = 1,
+		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+		.algorithm_mkey = SSL_kECDHr,
+		.algorithm_auth = SSL_aECDH,
+		.algorithm_enc = SSL_AES256GCM,
+		.algorithm_mac = SSL_AEAD,
+		.algorithm_ssl = SSL_TLSV1_2,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
+		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
+		.strength_bits = 256,
+		.alg_bits = 256,
 	},
 
 #endif /* OPENSSL_NO_ECDH */
 
 
 #ifdef TEMP_GOST_TLS
-/* Cipher FF00 */
-	{
-		1,
-		"GOST-MD5",
-		0x0300ff00,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_MD5,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256,
-	},
-	{
-		1,
-		"GOST-GOST94",
-		0x0300ff01,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST94,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST-GOST89MAC",
-		0x0300ff02,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		256,
-		256
-	},
-	{
-		1,
-		"GOST-GOST89STREAM",
-		0x0300ff03,
-		SSL_kRSA,
-		SSL_aRSA,
-		SSL_eGOST2814789CNT,
-		SSL_GOST89MAC,
-		SSL_TLSV1,
-		SSL_NOT_EXP|SSL_HIGH,
-		SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
-		256,
-		256
+	/* Cipher FF00 */
+	{
+		.valid = 1,
+		.name = "GOST-MD5",
+		.id = 0x0300ff00,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_MD5,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256,
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST94",
+		.id = 0x0300ff01,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST94,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST89MAC",
+		.id = 0x0300ff02,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
+		.strength_bits = 256,
+		.alg_bits = 256
+	},
+	{
+		.valid = 1,
+		.name = "GOST-GOST89STREAM",
+		.id = 0x0300ff03,
+		.algorithm_mkey = SSL_kRSA,
+		.algorithm_auth = SSL_aRSA,
+		.algorithm_enc = SSL_eGOST2814789CNT,
+		.algorithm_mac = SSL_GOST89MAC,
+		.algorithm_ssl = SSL_TLSV1,
+		.algo_strength = SSL_NOT_EXP|SSL_HIGH,
+		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|
+		    TLS1_STREAM_MAC,
+		.strength_bits = 256,
+		.alg_bits = 256
 	},
 #endif
-
-/* end of list */
+	/* end of list */
 };
 
 SSL3_ENC_METHOD SSLv3_enc_data = {
-- 
2.20.1