155714Skris/* ssl/ssl3.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 8296341Sdelphij * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15296341Sdelphij * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 22296341Sdelphij * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 37296341Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40296341Sdelphij * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 52296341Sdelphij * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 58100928Snectar/* ==================================================================== 59100928Snectar * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 60100928Snectar * 61100928Snectar * Redistribution and use in source and binary forms, with or without 62100928Snectar * modification, are permitted provided that the following conditions 63100928Snectar * are met: 64100928Snectar * 65100928Snectar * 1. Redistributions of source code must retain the above copyright 66296341Sdelphij * notice, this list of conditions and the following disclaimer. 67100928Snectar * 68100928Snectar * 2. Redistributions in binary form must reproduce the above copyright 69100928Snectar * notice, this list of conditions and the following disclaimer in 70100928Snectar * the documentation and/or other materials provided with the 71100928Snectar * distribution. 72100928Snectar * 73100928Snectar * 3. All advertising materials mentioning features or use of this 74100928Snectar * software must display the following acknowledgment: 75100928Snectar * "This product includes software developed by the OpenSSL Project 76100928Snectar * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77100928Snectar * 78100928Snectar * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79100928Snectar * endorse or promote products derived from this software without 80100928Snectar * prior written permission. For written permission, please contact 81100928Snectar * openssl-core@openssl.org. 82100928Snectar * 83100928Snectar * 5. Products derived from this software may not be called "OpenSSL" 84100928Snectar * nor may "OpenSSL" appear in their names without prior written 85100928Snectar * permission of the OpenSSL Project. 86100928Snectar * 87100928Snectar * 6. Redistributions of any form whatsoever must retain the following 88100928Snectar * acknowledgment: 89100928Snectar * "This product includes software developed by the OpenSSL Project 90100928Snectar * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91100928Snectar * 92100928Snectar * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93100928Snectar * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94100928Snectar * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95100928Snectar * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96100928Snectar * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97100928Snectar * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98100928Snectar * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99100928Snectar * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100100928Snectar * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101100928Snectar * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102100928Snectar * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103100928Snectar * OF THE POSSIBILITY OF SUCH DAMAGE. 104100928Snectar * ==================================================================== 105100928Snectar * 106100928Snectar * This product includes cryptographic software written by Eric Young 107100928Snectar * (eay@cryptsoft.com). This product includes software written by Tim 108100928Snectar * Hudson (tjh@cryptsoft.com). 109100928Snectar * 110100928Snectar */ 111160814Ssimon/* ==================================================================== 112160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113296341Sdelphij * ECC cipher suite support in OpenSSL originally developed by 114160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115160814Ssimon */ 11655714Skris 117296341Sdelphij#ifndef HEADER_SSL3_H 118296341Sdelphij# define HEADER_SSL3_H 11955714Skris 120296341Sdelphij# ifndef OPENSSL_NO_COMP 121296341Sdelphij# include <openssl/comp.h> 122296341Sdelphij# endif 123296341Sdelphij# include <openssl/buffer.h> 124296341Sdelphij# include <openssl/evp.h> 125296341Sdelphij# include <openssl/ssl.h> 12655714Skris 12755714Skris#ifdef __cplusplus 12855714Skrisextern "C" { 12955714Skris#endif 13055714Skris 131296341Sdelphij/* 132296341Sdelphij * Signalling cipher suite value from RFC 5746 133296341Sdelphij * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) 134296341Sdelphij */ 135296341Sdelphij# define SSL3_CK_SCSV 0x030000FF 136205128Ssimon 137296341Sdelphij/* 138296341Sdelphij * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 139296341Sdelphij * (TLS_FALLBACK_SCSV) 140296341Sdelphij */ 141296341Sdelphij# define SSL3_CK_FALLBACK_SCSV 0x03005600 142273399Sdelphij 143296341Sdelphij# define SSL3_CK_RSA_NULL_MD5 0x03000001 144296341Sdelphij# define SSL3_CK_RSA_NULL_SHA 0x03000002 145296341Sdelphij# define SSL3_CK_RSA_RC4_40_MD5 0x03000003 146296341Sdelphij# define SSL3_CK_RSA_RC4_128_MD5 0x03000004 147296341Sdelphij# define SSL3_CK_RSA_RC4_128_SHA 0x03000005 148296341Sdelphij# define SSL3_CK_RSA_RC2_40_MD5 0x03000006 149296341Sdelphij# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 150296341Sdelphij# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 151296341Sdelphij# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 152296341Sdelphij# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A 15355714Skris 154296341Sdelphij# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B 155296341Sdelphij# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C 156296341Sdelphij# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D 157296341Sdelphij# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E 158296341Sdelphij# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F 159296341Sdelphij# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 16055714Skris 161296341Sdelphij# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 162296341Sdelphij# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 163296341Sdelphij# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 164296341Sdelphij# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 165296341Sdelphij# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 166296341Sdelphij# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 16755714Skris 168296341Sdelphij# define SSL3_CK_ADH_RC4_40_MD5 0x03000017 169296341Sdelphij# define SSL3_CK_ADH_RC4_128_MD5 0x03000018 170296341Sdelphij# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 171296341Sdelphij# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A 172296341Sdelphij# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B 17355714Skris 174296341Sdelphij# if 0 175296341Sdelphij# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C 176296341Sdelphij# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D 177296341Sdelphij# if 0 /* Because it clashes with KRB5, is never 178296341Sdelphij * used any more, and is safe to remove 179296341Sdelphij * according to David Hopwood 180296341Sdelphij * <david.hopwood@zetnet.co.uk> of the 181296341Sdelphij * ietf-tls list */ 182296341Sdelphij# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E 183296341Sdelphij# endif 184296341Sdelphij# endif 18555714Skris 186296341Sdelphij/* 187296341Sdelphij * VRS Additional Kerberos5 entries 188109998Smarkm */ 189296341Sdelphij# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E 190296341Sdelphij# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F 191296341Sdelphij# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 192296341Sdelphij# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 193296341Sdelphij# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 194296341Sdelphij# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 195296341Sdelphij# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 196296341Sdelphij# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 197109998Smarkm 198296341Sdelphij# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 199296341Sdelphij# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 200296341Sdelphij# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 201296341Sdelphij# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 202296341Sdelphij# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A 203296341Sdelphij# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B 204109998Smarkm 205296341Sdelphij# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" 206296341Sdelphij# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" 207296341Sdelphij# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" 208296341Sdelphij# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" 209296341Sdelphij# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" 210296341Sdelphij# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" 211296341Sdelphij# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" 212296341Sdelphij# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" 213296341Sdelphij# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" 214296341Sdelphij# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" 21555714Skris 216296341Sdelphij# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" 217296341Sdelphij# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" 218296341Sdelphij# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" 219296341Sdelphij# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" 220296341Sdelphij# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" 221296341Sdelphij# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" 22255714Skris 223296341Sdelphij# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" 224296341Sdelphij# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" 225296341Sdelphij# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" 226296341Sdelphij# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" 227296341Sdelphij# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" 228296341Sdelphij# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" 22955714Skris 230296341Sdelphij# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" 231296341Sdelphij# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" 232296341Sdelphij# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" 233296341Sdelphij# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" 234296341Sdelphij# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" 23555714Skris 236296341Sdelphij# if 0 237296341Sdelphij# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" 238296341Sdelphij# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" 239296341Sdelphij# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" 240296341Sdelphij# endif 24155714Skris 242296341Sdelphij# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" 243296341Sdelphij# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" 244296341Sdelphij# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" 245296341Sdelphij# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" 246296341Sdelphij# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" 247296341Sdelphij# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" 248296341Sdelphij# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" 249296341Sdelphij# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" 250109998Smarkm 251296341Sdelphij# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" 252296341Sdelphij# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" 253296341Sdelphij# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" 254296341Sdelphij# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" 255296341Sdelphij# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" 256296341Sdelphij# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" 257109998Smarkm 258296341Sdelphij# define SSL3_SSL_SESSION_ID_LENGTH 32 259296341Sdelphij# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 26055714Skris 261296341Sdelphij# define SSL3_MASTER_SECRET_SIZE 48 262296341Sdelphij# define SSL3_RANDOM_SIZE 32 263296341Sdelphij# define SSL3_SESSION_ID_SIZE 32 264296341Sdelphij# define SSL3_RT_HEADER_LENGTH 5 26555714Skris 266296341Sdelphij# ifndef SSL3_ALIGN_PAYLOAD 267296341Sdelphij /* 268296341Sdelphij * Some will argue that this increases memory footprint, but it's not 269296341Sdelphij * actually true. Point is that malloc has to return at least 64-bit aligned 270296341Sdelphij * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case. 271296341Sdelphij * Suggested pre-gaping simply moves these wasted bytes from the end of 272296341Sdelphij * allocated region to its front, but makes data payload aligned, which 273296341Sdelphij * improves performance:-) 274296341Sdelphij */ 275296341Sdelphij# define SSL3_ALIGN_PAYLOAD 8 276296341Sdelphij# else 277296341Sdelphij# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0 278296341Sdelphij# error "insane SSL3_ALIGN_PAYLOAD" 279296341Sdelphij# undef SSL3_ALIGN_PAYLOAD 280296341Sdelphij# endif 281238405Sjkim# endif 28255714Skris 283296341Sdelphij/* 284296341Sdelphij * This is the maximum MAC (digest) size used by the SSL library. Currently 285296341Sdelphij * maximum of 20 is used by SHA1, but we reserve for future extension for 286296341Sdelphij * 512-bit hashes. 287238405Sjkim */ 288238405Sjkim 289296341Sdelphij# define SSL3_RT_MAX_MD_SIZE 64 290238405Sjkim 291296341Sdelphij/* 292296341Sdelphij * Maximum block size used in all ciphersuites. Currently 16 for AES. 293238405Sjkim */ 294238405Sjkim 295296341Sdelphij# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16 296238405Sjkim 297296341Sdelphij# define SSL3_RT_MAX_EXTRA (16384) 298238405Sjkim 299238405Sjkim/* Maximum plaintext length: defined by SSL/TLS standards */ 300296341Sdelphij# define SSL3_RT_MAX_PLAIN_LENGTH 16384 301238405Sjkim/* Maximum compression overhead: defined by SSL/TLS standards */ 302296341Sdelphij# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024 303238405Sjkim 304296341Sdelphij/* 305296341Sdelphij * The standards give a maximum encryption overhead of 1024 bytes. In 306296341Sdelphij * practice the value is lower than this. The overhead is the maximum number 307296341Sdelphij * of padding bytes (256) plus the mac size. 308238405Sjkim */ 309296341Sdelphij# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE) 310238405Sjkim 311296341Sdelphij/* 312296341Sdelphij * OpenSSL currently only uses a padding length of at most one block so the 313296341Sdelphij * send overhead is smaller. 314238405Sjkim */ 315238405Sjkim 316296341Sdelphij# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ 317296341Sdelphij (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE) 318238405Sjkim 319238405Sjkim/* If compression isn't used don't include the compression overhead */ 320238405Sjkim 321296341Sdelphij# ifdef OPENSSL_NO_COMP 322296341Sdelphij# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH 323296341Sdelphij# else 324296341Sdelphij# define SSL3_RT_MAX_COMPRESSED_LENGTH \ 325296341Sdelphij (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD) 326296341Sdelphij# endif 327296341Sdelphij# define SSL3_RT_MAX_ENCRYPTED_LENGTH \ 328296341Sdelphij (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH) 329296341Sdelphij# define SSL3_RT_MAX_PACKET_SIZE \ 330296341Sdelphij (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) 33155714Skris 332296341Sdelphij# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" 333296341Sdelphij# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" 33455714Skris 335296341Sdelphij# define SSL3_VERSION 0x0300 336296341Sdelphij# define SSL3_VERSION_MAJOR 0x03 337296341Sdelphij# define SSL3_VERSION_MINOR 0x00 33855714Skris 339296341Sdelphij# define SSL3_RT_CHANGE_CIPHER_SPEC 20 340296341Sdelphij# define SSL3_RT_ALERT 21 341296341Sdelphij# define SSL3_RT_HANDSHAKE 22 342296341Sdelphij# define SSL3_RT_APPLICATION_DATA 23 343296341Sdelphij# define TLS1_RT_HEARTBEAT 24 34455714Skris 345296341Sdelphij# define SSL3_AL_WARNING 1 346296341Sdelphij# define SSL3_AL_FATAL 2 34755714Skris 348296341Sdelphij# define SSL3_AD_CLOSE_NOTIFY 0 349296341Sdelphij# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */ 350296341Sdelphij# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */ 351296341Sdelphij# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */ 352296341Sdelphij# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */ 353296341Sdelphij# define SSL3_AD_NO_CERTIFICATE 41 354296341Sdelphij# define SSL3_AD_BAD_CERTIFICATE 42 355296341Sdelphij# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 356296341Sdelphij# define SSL3_AD_CERTIFICATE_REVOKED 44 357296341Sdelphij# define SSL3_AD_CERTIFICATE_EXPIRED 45 358296341Sdelphij# define SSL3_AD_CERTIFICATE_UNKNOWN 46 359296341Sdelphij# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */ 36055714Skris 361296341Sdelphij# define TLS1_HB_REQUEST 1 362296341Sdelphij# define TLS1_HB_RESPONSE 2 363238405Sjkim 364296341Sdelphij# ifndef OPENSSL_NO_SSL_INTERN 36555714Skris 366296341Sdelphijtypedef struct ssl3_record_st { 367296341Sdelphij /* type of record */ 368296341Sdelphij /* 369296341Sdelphij * r 370296341Sdelphij */ int type; 371296341Sdelphij /* How many bytes available */ 372296341Sdelphij /* 373296341Sdelphij * rw 374296341Sdelphij */ unsigned int length; 375296341Sdelphij /* read/write offset into 'buf' */ 376296341Sdelphij /* 377296341Sdelphij * r 378296341Sdelphij */ unsigned int off; 379296341Sdelphij /* pointer to the record data */ 380296341Sdelphij /* 381296341Sdelphij * rw 382296341Sdelphij */ unsigned char *data; 383296341Sdelphij /* where the decode bytes are */ 384296341Sdelphij /* 385296341Sdelphij * rw 386296341Sdelphij */ unsigned char *input; 387296341Sdelphij /* only used with decompression - malloc()ed */ 388296341Sdelphij /* 389296341Sdelphij * r 390296341Sdelphij */ unsigned char *comp; 391296341Sdelphij /* epoch number, needed by DTLS1 */ 392296341Sdelphij /* 393296341Sdelphij * r 394296341Sdelphij */ unsigned long epoch; 395296341Sdelphij /* sequence number, needed by DTLS1 */ 396296341Sdelphij /* 397296341Sdelphij * r 398296341Sdelphij */ unsigned char seq_num[8]; 399296341Sdelphij} SSL3_RECORD; 40055714Skris 401296341Sdelphijtypedef struct ssl3_buffer_st { 402296341Sdelphij /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */ 403296341Sdelphij unsigned char *buf; 404296341Sdelphij /* buffer size */ 405296341Sdelphij size_t len; 406296341Sdelphij /* where to 'copy from' */ 407296341Sdelphij int offset; 408296341Sdelphij /* how many bytes left */ 409296341Sdelphij int left; 410296341Sdelphij} SSL3_BUFFER; 411238405Sjkim 412296341Sdelphij# endif 413296341Sdelphij 414296341Sdelphij# define SSL3_CT_RSA_SIGN 1 415296341Sdelphij# define SSL3_CT_DSS_SIGN 2 416296341Sdelphij# define SSL3_CT_RSA_FIXED_DH 3 417296341Sdelphij# define SSL3_CT_DSS_FIXED_DH 4 418296341Sdelphij# define SSL3_CT_RSA_EPHEMERAL_DH 5 419296341Sdelphij# define SSL3_CT_DSS_EPHEMERAL_DH 6 420296341Sdelphij# define SSL3_CT_FORTEZZA_DMS 20 421296341Sdelphij/* 422296341Sdelphij * SSL3_CT_NUMBER is used to size arrays and it must be large enough to 423296341Sdelphij * contain all of the cert types defined either for SSLv3 and TLSv1. 424160814Ssimon */ 425296341Sdelphij# define SSL3_CT_NUMBER 9 42655714Skris 427296341Sdelphij# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 428296341Sdelphij# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 429296341Sdelphij# define SSL3_FLAGS_POP_BUFFER 0x0004 430296341Sdelphij# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 431296341Sdelphij# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 432296341Sdelphij# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020 433279264Sdelphij/* 434279264Sdelphij * Set when the handshake is ready to process peer's ChangeCipherSpec message. 435279264Sdelphij * Cleared after the message has been processed. 436279264Sdelphij */ 437296341Sdelphij# define SSL3_FLAGS_CCS_OK 0x0080 438279264Sdelphij 439296341Sdelphij/* 440296341Sdelphij * SSL3_FLAGS_SGC_RESTART_DONE is set when we restart a handshake because of 441296341Sdelphij * MS SGC and so prevents us from restarting the handshake in a loop. It's 442296341Sdelphij * reset on a renegotiation, so effectively limits the client to one restart 443296341Sdelphij * per negotiation. This limits the possibility of a DDoS attack where the 444296341Sdelphij * client handshakes in a loop using SGC to restart. Servers which permit 445296341Sdelphij * renegotiation can still be effected, but we can't prevent that. 446234954Sbz */ 447296341Sdelphij# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 44855714Skris 449296341Sdelphij# ifndef OPENSSL_NO_SSL_INTERN 450238405Sjkim 451296341Sdelphijtypedef struct ssl3_state_st { 452296341Sdelphij long flags; 453296341Sdelphij int delay_buf_pop_ret; 454296341Sdelphij unsigned char read_sequence[8]; 455296341Sdelphij int read_mac_secret_size; 456296341Sdelphij unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; 457296341Sdelphij unsigned char write_sequence[8]; 458296341Sdelphij int write_mac_secret_size; 459296341Sdelphij unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; 460296341Sdelphij unsigned char server_random[SSL3_RANDOM_SIZE]; 461296341Sdelphij unsigned char client_random[SSL3_RANDOM_SIZE]; 462296341Sdelphij /* flags for countermeasure against known-IV weakness */ 463296341Sdelphij int need_empty_fragments; 464296341Sdelphij int empty_fragment_done; 465296341Sdelphij /* The value of 'extra' when the buffers were initialized */ 466296341Sdelphij int init_extra; 467296341Sdelphij SSL3_BUFFER rbuf; /* read IO goes into here */ 468296341Sdelphij SSL3_BUFFER wbuf; /* write IO goes into here */ 469296341Sdelphij SSL3_RECORD rrec; /* each decoded record goes in here */ 470296341Sdelphij SSL3_RECORD wrec; /* goes out from here */ 471296341Sdelphij /* 472296341Sdelphij * storage for Alert/Handshake protocol data received but not yet 473296341Sdelphij * processed by ssl3_read_bytes: 474296341Sdelphij */ 475296341Sdelphij unsigned char alert_fragment[2]; 476296341Sdelphij unsigned int alert_fragment_len; 477296341Sdelphij unsigned char handshake_fragment[4]; 478296341Sdelphij unsigned int handshake_fragment_len; 479296341Sdelphij /* partial write - check the numbers match */ 480296341Sdelphij unsigned int wnum; /* number of bytes sent so far */ 481296341Sdelphij int wpend_tot; /* number bytes written */ 482296341Sdelphij int wpend_type; 483296341Sdelphij int wpend_ret; /* number of bytes submitted */ 484296341Sdelphij const unsigned char *wpend_buf; 485296341Sdelphij /* used during startup, digest all incoming/outgoing packets */ 486296341Sdelphij BIO *handshake_buffer; 487296341Sdelphij /* 488296341Sdelphij * When set of handshake digests is determined, buffer is hashed and 489296341Sdelphij * freed and MD_CTX-es for all required digests are stored in this array 490296341Sdelphij */ 491296341Sdelphij EVP_MD_CTX **handshake_dgst; 492296341Sdelphij /* 493296341Sdelphij * Set whenever an expected ChangeCipherSpec message is processed. 494296341Sdelphij * Unset when the peer's Finished message is received. 495296341Sdelphij * Unexpected ChangeCipherSpec messages trigger a fatal alert. 496296341Sdelphij */ 497296341Sdelphij int change_cipher_spec; 498296341Sdelphij int warn_alert; 499296341Sdelphij int fatal_alert; 500296341Sdelphij /* 501296341Sdelphij * we allow one fatal and one warning alert to be outstanding, send close 502296341Sdelphij * alert via the warning alert 503296341Sdelphij */ 504296341Sdelphij int alert_dispatch; 505296341Sdelphij unsigned char send_alert[2]; 506296341Sdelphij /* 507296341Sdelphij * This flag is set when we should renegotiate ASAP, basically when there 508296341Sdelphij * is no more data in the read or write buffers 509296341Sdelphij */ 510296341Sdelphij int renegotiate; 511296341Sdelphij int total_renegotiations; 512296341Sdelphij int num_renegotiations; 513296341Sdelphij int in_read_app_data; 514296341Sdelphij /* 515296341Sdelphij * Opaque PRF input as used for the current handshake. These fields are 516296341Sdelphij * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they 517296341Sdelphij * are merely present to improve binary compatibility) 518296341Sdelphij */ 519296341Sdelphij void *client_opaque_prf_input; 520296341Sdelphij size_t client_opaque_prf_input_len; 521296341Sdelphij void *server_opaque_prf_input; 522296341Sdelphij size_t server_opaque_prf_input_len; 523296341Sdelphij struct { 524296341Sdelphij /* actually only needs to be 16+20 */ 525296341Sdelphij unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2]; 526296341Sdelphij /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ 527296341Sdelphij unsigned char finish_md[EVP_MAX_MD_SIZE * 2]; 528296341Sdelphij int finish_md_len; 529296341Sdelphij unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2]; 530296341Sdelphij int peer_finish_md_len; 531296341Sdelphij unsigned long message_size; 532296341Sdelphij int message_type; 533296341Sdelphij /* used to hold the new cipher we are going to use */ 534296341Sdelphij const SSL_CIPHER *new_cipher; 535296341Sdelphij# ifndef OPENSSL_NO_DH 536296341Sdelphij DH *dh; 537296341Sdelphij# endif 538296341Sdelphij# ifndef OPENSSL_NO_ECDH 539296341Sdelphij EC_KEY *ecdh; /* holds short lived ECDH key */ 540296341Sdelphij# endif 541296341Sdelphij /* used when SSL_ST_FLUSH_DATA is entered */ 542296341Sdelphij int next_state; 543296341Sdelphij int reuse_message; 544296341Sdelphij /* used for certificate requests */ 545296341Sdelphij int cert_req; 546296341Sdelphij int ctype_num; 547296341Sdelphij char ctype[SSL3_CT_NUMBER]; 548296341Sdelphij STACK_OF(X509_NAME) *ca_names; 549296341Sdelphij int use_rsa_tmp; 550296341Sdelphij int key_block_length; 551296341Sdelphij unsigned char *key_block; 552296341Sdelphij const EVP_CIPHER *new_sym_enc; 553296341Sdelphij const EVP_MD *new_hash; 554296341Sdelphij int new_mac_pkey_type; 555296341Sdelphij int new_mac_secret_size; 556296341Sdelphij# ifndef OPENSSL_NO_COMP 557296341Sdelphij const SSL_COMP *new_compression; 558296341Sdelphij# else 559296341Sdelphij char *new_compression; 560296341Sdelphij# endif 561296341Sdelphij int cert_request; 562296341Sdelphij } tmp; 56355714Skris 564296341Sdelphij /* Connection binding to prevent renegotiation attacks */ 565296341Sdelphij unsigned char previous_client_finished[EVP_MAX_MD_SIZE]; 566296341Sdelphij unsigned char previous_client_finished_len; 567296341Sdelphij unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; 568296341Sdelphij unsigned char previous_server_finished_len; 569296341Sdelphij int send_connection_binding; /* TODOEKR */ 57055714Skris 571296341Sdelphij# ifndef OPENSSL_NO_NEXTPROTONEG 572296341Sdelphij /* 573296341Sdelphij * Set if we saw the Next Protocol Negotiation extension from our peer. 574296341Sdelphij */ 575296341Sdelphij int next_proto_neg_seen; 576296341Sdelphij# endif 57755714Skris 578296341Sdelphij# ifndef OPENSSL_NO_TLSEXT 579296341Sdelphij# ifndef OPENSSL_NO_EC 580296341Sdelphij /* 581296341Sdelphij * This is set to true if we believe that this is a version of Safari 582296341Sdelphij * running on OS X 10.6 or newer. We wish to know this because Safari on 583296341Sdelphij * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. 584296341Sdelphij */ 585296341Sdelphij char is_probably_safari; 586296341Sdelphij# endif /* !OPENSSL_NO_EC */ 587296341Sdelphij# endif /* !OPENSSL_NO_TLSEXT */ 588308204Sdelphij /* Count of the number of consecutive warning alerts received */ 589308204Sdelphij unsigned int alert_count; 590296341Sdelphij} SSL3_STATE; 591109998Smarkm 592296341Sdelphij# endif 593238405Sjkim 59455714Skris/* SSLv3 */ 595296341Sdelphij/* 596296341Sdelphij * client 597296341Sdelphij */ 59855714Skris/* extra state */ 599296341Sdelphij# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) 600296341Sdelphij# ifndef OPENSSL_NO_SCTP 601296341Sdelphij# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT) 602296341Sdelphij# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT) 603296341Sdelphij# endif 60455714Skris/* write to server */ 605296341Sdelphij# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) 606296341Sdelphij# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) 60755714Skris/* read from server */ 608296341Sdelphij# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) 609296341Sdelphij# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) 610296341Sdelphij# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) 611296341Sdelphij# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) 612296341Sdelphij# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) 613296341Sdelphij# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) 614296341Sdelphij# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) 615296341Sdelphij# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) 616296341Sdelphij# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) 617296341Sdelphij# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) 618296341Sdelphij# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) 619296341Sdelphij# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) 62055714Skris/* write to server */ 621296341Sdelphij# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) 622296341Sdelphij# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) 623296341Sdelphij# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) 624296341Sdelphij# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) 625296341Sdelphij# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) 626296341Sdelphij# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) 627296341Sdelphij# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) 628296341Sdelphij# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) 629296341Sdelphij# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) 630296341Sdelphij# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) 631296341Sdelphij# ifndef OPENSSL_NO_NEXTPROTONEG 632296341Sdelphij# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) 633296341Sdelphij# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) 634296341Sdelphij# endif 635296341Sdelphij# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) 636296341Sdelphij# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) 63755714Skris/* read from server */ 638296341Sdelphij# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) 639296341Sdelphij# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) 640296341Sdelphij# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) 641296341Sdelphij# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) 642296341Sdelphij# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) 643296341Sdelphij# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) 644296341Sdelphij# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) 645296341Sdelphij# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT) 64655714Skris 64755714Skris/* server */ 64855714Skris/* extra state */ 649296341Sdelphij# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) 650296341Sdelphij# ifndef OPENSSL_NO_SCTP 651296341Sdelphij# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT) 652296341Sdelphij# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT) 653296341Sdelphij# endif 65455714Skris/* read from client */ 65555714Skris/* Do not change the number values, they do matter */ 656296341Sdelphij# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) 657296341Sdelphij# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) 658296341Sdelphij# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) 65955714Skris/* write to client */ 660296341Sdelphij# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT) 661296341Sdelphij# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT) 662296341Sdelphij# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) 663296341Sdelphij# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) 664296341Sdelphij# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) 665296341Sdelphij# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) 666296341Sdelphij# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) 667296341Sdelphij# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) 668296341Sdelphij# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) 669296341Sdelphij# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) 670296341Sdelphij# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) 671296341Sdelphij# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) 672296341Sdelphij# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) 673296341Sdelphij# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) 674296341Sdelphij# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) 67555714Skris/* read from client */ 676296341Sdelphij# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) 677296341Sdelphij# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) 678296341Sdelphij# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) 679296341Sdelphij# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) 680296341Sdelphij# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) 681296341Sdelphij# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) 682296341Sdelphij# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) 683296341Sdelphij# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) 684296341Sdelphij# ifndef OPENSSL_NO_NEXTPROTONEG 685296341Sdelphij# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) 686296341Sdelphij# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) 687296341Sdelphij# endif 688296341Sdelphij# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) 689296341Sdelphij# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) 69055714Skris/* write to client */ 691296341Sdelphij# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) 692296341Sdelphij# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) 693296341Sdelphij# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) 694296341Sdelphij# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) 695296341Sdelphij# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) 696296341Sdelphij# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) 697296341Sdelphij# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) 698296341Sdelphij# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) 69955714Skris 700296341Sdelphij# define SSL3_MT_HELLO_REQUEST 0 701296341Sdelphij# define SSL3_MT_CLIENT_HELLO 1 702296341Sdelphij# define SSL3_MT_SERVER_HELLO 2 703296341Sdelphij# define SSL3_MT_NEWSESSION_TICKET 4 704296341Sdelphij# define SSL3_MT_CERTIFICATE 11 705296341Sdelphij# define SSL3_MT_SERVER_KEY_EXCHANGE 12 706296341Sdelphij# define SSL3_MT_CERTIFICATE_REQUEST 13 707296341Sdelphij# define SSL3_MT_SERVER_DONE 14 708296341Sdelphij# define SSL3_MT_CERTIFICATE_VERIFY 15 709296341Sdelphij# define SSL3_MT_CLIENT_KEY_EXCHANGE 16 710296341Sdelphij# define SSL3_MT_FINISHED 20 711296341Sdelphij# define SSL3_MT_CERTIFICATE_STATUS 22 712296341Sdelphij# ifndef OPENSSL_NO_NEXTPROTONEG 713296341Sdelphij# define SSL3_MT_NEXT_PROTO 67 714296341Sdelphij# endif 715296341Sdelphij# define DTLS1_MT_HELLO_VERIFY_REQUEST 3 71655714Skris 717296341Sdelphij# define SSL3_MT_CCS 1 718160814Ssimon 71955714Skris/* These are used when changing over to a new cipher */ 720296341Sdelphij# define SSL3_CC_READ 0x01 721296341Sdelphij# define SSL3_CC_WRITE 0x02 722296341Sdelphij# define SSL3_CC_CLIENT 0x10 723296341Sdelphij# define SSL3_CC_SERVER 0x20 724296341Sdelphij# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) 725296341Sdelphij# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) 726296341Sdelphij# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) 727296341Sdelphij# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) 72855714Skris 72955714Skris#ifdef __cplusplus 73055714Skris} 73155714Skris#endif 73255714Skris#endif 733