155714Skris/* ssl/ssl3.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 8280297Sjkim * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15280297Sjkim * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 22280297Sjkim * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 37280297Sjkim * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40280297Sjkim * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 52280297Sjkim * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 58100928Snectar/* ==================================================================== 59100928Snectar * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 60100928Snectar * 61100928Snectar * Redistribution and use in source and binary forms, with or without 62100928Snectar * modification, are permitted provided that the following conditions 63100928Snectar * are met: 64100928Snectar * 65100928Snectar * 1. Redistributions of source code must retain the above copyright 66280297Sjkim * notice, this list of conditions and the following disclaimer. 67100928Snectar * 68100928Snectar * 2. Redistributions in binary form must reproduce the above copyright 69100928Snectar * notice, this list of conditions and the following disclaimer in 70100928Snectar * the documentation and/or other materials provided with the 71100928Snectar * distribution. 72100928Snectar * 73100928Snectar * 3. All advertising materials mentioning features or use of this 74100928Snectar * software must display the following acknowledgment: 75100928Snectar * "This product includes software developed by the OpenSSL Project 76100928Snectar * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77100928Snectar * 78100928Snectar * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79100928Snectar * endorse or promote products derived from this software without 80100928Snectar * prior written permission. For written permission, please contact 81100928Snectar * openssl-core@openssl.org. 82100928Snectar * 83100928Snectar * 5. Products derived from this software may not be called "OpenSSL" 84100928Snectar * nor may "OpenSSL" appear in their names without prior written 85100928Snectar * permission of the OpenSSL Project. 86100928Snectar * 87100928Snectar * 6. Redistributions of any form whatsoever must retain the following 88100928Snectar * acknowledgment: 89100928Snectar * "This product includes software developed by the OpenSSL Project 90100928Snectar * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91100928Snectar * 92100928Snectar * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93100928Snectar * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94100928Snectar * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95100928Snectar * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96100928Snectar * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97100928Snectar * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98100928Snectar * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99100928Snectar * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100100928Snectar * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101100928Snectar * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102100928Snectar * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103100928Snectar * OF THE POSSIBILITY OF SUCH DAMAGE. 104100928Snectar * ==================================================================== 105100928Snectar * 106100928Snectar * This product includes cryptographic software written by Eric Young 107100928Snectar * (eay@cryptsoft.com). This product includes software written by Tim 108100928Snectar * Hudson (tjh@cryptsoft.com). 109100928Snectar * 110100928Snectar */ 111160814Ssimon/* ==================================================================== 112160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113280297Sjkim * ECC cipher suite support in OpenSSL originally developed by 114160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115160814Ssimon */ 11655714Skris 117280297Sjkim#ifndef HEADER_SSL3_H 118280297Sjkim# define HEADER_SSL3_H 11955714Skris 120280297Sjkim# ifndef OPENSSL_NO_COMP 121280297Sjkim# include <openssl/comp.h> 122280297Sjkim# endif 123280297Sjkim# include <openssl/buffer.h> 124280297Sjkim# include <openssl/evp.h> 125280297Sjkim# include <openssl/ssl.h> 12655714Skris 12755714Skris#ifdef __cplusplus 12855714Skrisextern "C" { 12955714Skris#endif 13055714Skris 131280297Sjkim/* 132280297Sjkim * Signalling cipher suite value from RFC 5746 133280297Sjkim * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV) 134280297Sjkim */ 135280297Sjkim# define SSL3_CK_SCSV 0x030000FF 136205128Ssimon 137280297Sjkim/* 138280297Sjkim * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00 139280297Sjkim * (TLS_FALLBACK_SCSV) 140280297Sjkim */ 141280297Sjkim# define SSL3_CK_FALLBACK_SCSV 0x03005600 142273144Sjkim 143280297Sjkim# define SSL3_CK_RSA_NULL_MD5 0x03000001 144280297Sjkim# define SSL3_CK_RSA_NULL_SHA 0x03000002 145280297Sjkim# define SSL3_CK_RSA_RC4_40_MD5 0x03000003 146280297Sjkim# define SSL3_CK_RSA_RC4_128_MD5 0x03000004 147280297Sjkim# define SSL3_CK_RSA_RC4_128_SHA 0x03000005 148280297Sjkim# define SSL3_CK_RSA_RC2_40_MD5 0x03000006 149280297Sjkim# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 150280297Sjkim# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 151280297Sjkim# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 152280297Sjkim# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A 15355714Skris 154280297Sjkim# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B 155280297Sjkim# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C 156280297Sjkim# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D 157280297Sjkim# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E 158280297Sjkim# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F 159280297Sjkim# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 16055714Skris 161280297Sjkim# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 162290207Sjkim# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA SSL3_CK_EDH_DSS_DES_40_CBC_SHA 163280297Sjkim# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 164290207Sjkim# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA SSL3_CK_EDH_DSS_DES_64_CBC_SHA 165280297Sjkim# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 166290207Sjkim# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 167280297Sjkim# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 168290207Sjkim# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA SSL3_CK_EDH_RSA_DES_40_CBC_SHA 169280297Sjkim# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 170290207Sjkim# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA SSL3_CK_EDH_RSA_DES_64_CBC_SHA 171280297Sjkim# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 172290207Sjkim# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 17355714Skris 174280297Sjkim# define SSL3_CK_ADH_RC4_40_MD5 0x03000017 175280297Sjkim# define SSL3_CK_ADH_RC4_128_MD5 0x03000018 176280297Sjkim# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 177280297Sjkim# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A 178280297Sjkim# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B 17955714Skris 180280297Sjkim# if 0 181280297Sjkim# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C 182280297Sjkim# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D 183280297Sjkim# if 0 /* Because it clashes with KRB5, is never 184280297Sjkim * used any more, and is safe to remove 185280297Sjkim * according to David Hopwood 186280297Sjkim * <david.hopwood@zetnet.co.uk> of the 187280297Sjkim * ietf-tls list */ 188280297Sjkim# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E 189280297Sjkim# endif 190280297Sjkim# endif 19155714Skris 192280297Sjkim/* 193280297Sjkim * VRS Additional Kerberos5 entries 194109998Smarkm */ 195280297Sjkim# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E 196280297Sjkim# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F 197280297Sjkim# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 198280297Sjkim# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 199280297Sjkim# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 200280297Sjkim# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 201280297Sjkim# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 202280297Sjkim# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 203109998Smarkm 204280297Sjkim# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 205280297Sjkim# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 206280297Sjkim# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 207280297Sjkim# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 208280297Sjkim# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A 209280297Sjkim# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B 210109998Smarkm 211280297Sjkim# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" 212280297Sjkim# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" 213280297Sjkim# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" 214280297Sjkim# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" 215280297Sjkim# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" 216280297Sjkim# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" 217280297Sjkim# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" 218280297Sjkim# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" 219280297Sjkim# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" 220280297Sjkim# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" 22155714Skris 222280297Sjkim# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" 223280297Sjkim# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" 224280297Sjkim# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" 225280297Sjkim# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" 226280297Sjkim# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" 227280297Sjkim# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" 22855714Skris 229290207Sjkim# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA" 230290207Sjkim# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA" 231290207Sjkim# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA" 232290207Sjkim# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA" 233290207Sjkim# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA" 234290207Sjkim# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA" 235290207Sjkim 236290207Sjkim/* 237290207Sjkim * This next block of six "EDH" labels is for backward compatibility with 238290207Sjkim * older versions of OpenSSL. New code should use the six "DHE" labels above 239290207Sjkim * instead: 240290207Sjkim */ 241280297Sjkim# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" 242280297Sjkim# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" 243280297Sjkim# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" 244280297Sjkim# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" 245280297Sjkim# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" 246280297Sjkim# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" 24755714Skris 248280297Sjkim# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" 249280297Sjkim# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" 250280297Sjkim# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" 251280297Sjkim# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" 252280297Sjkim# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" 25355714Skris 254280297Sjkim# if 0 255280297Sjkim# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" 256280297Sjkim# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" 257280297Sjkim# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" 258280297Sjkim# endif 25955714Skris 260280297Sjkim# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" 261280297Sjkim# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" 262280297Sjkim# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" 263280297Sjkim# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" 264280297Sjkim# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" 265280297Sjkim# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" 266280297Sjkim# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" 267280297Sjkim# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" 268109998Smarkm 269280297Sjkim# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" 270280297Sjkim# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" 271280297Sjkim# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" 272280297Sjkim# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" 273280297Sjkim# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" 274280297Sjkim# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" 275109998Smarkm 276280297Sjkim# define SSL3_SSL_SESSION_ID_LENGTH 32 277280297Sjkim# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 27855714Skris 279280297Sjkim# define SSL3_MASTER_SECRET_SIZE 48 280280297Sjkim# define SSL3_RANDOM_SIZE 32 281280297Sjkim# define SSL3_SESSION_ID_SIZE 32 282280297Sjkim# define SSL3_RT_HEADER_LENGTH 5 28355714Skris 284290207Sjkim# define SSL3_HM_HEADER_LENGTH 4 285290207Sjkim 286280297Sjkim# ifndef SSL3_ALIGN_PAYLOAD 287280297Sjkim /* 288280297Sjkim * Some will argue that this increases memory footprint, but it's not 289280297Sjkim * actually true. Point is that malloc has to return at least 64-bit aligned 290280297Sjkim * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case. 291280297Sjkim * Suggested pre-gaping simply moves these wasted bytes from the end of 292280297Sjkim * allocated region to its front, but makes data payload aligned, which 293280297Sjkim * improves performance:-) 294280297Sjkim */ 295280297Sjkim# define SSL3_ALIGN_PAYLOAD 8 296280297Sjkim# else 297280297Sjkim# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0 298280297Sjkim# error "insane SSL3_ALIGN_PAYLOAD" 299280297Sjkim# undef SSL3_ALIGN_PAYLOAD 300280297Sjkim# endif 301238405Sjkim# endif 30255714Skris 303280297Sjkim/* 304280297Sjkim * This is the maximum MAC (digest) size used by the SSL library. Currently 305280297Sjkim * maximum of 20 is used by SHA1, but we reserve for future extension for 306280297Sjkim * 512-bit hashes. 307238405Sjkim */ 308238405Sjkim 309280297Sjkim# define SSL3_RT_MAX_MD_SIZE 64 310238405Sjkim 311280297Sjkim/* 312280297Sjkim * Maximum block size used in all ciphersuites. Currently 16 for AES. 313238405Sjkim */ 314238405Sjkim 315280297Sjkim# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16 316238405Sjkim 317280297Sjkim# define SSL3_RT_MAX_EXTRA (16384) 318238405Sjkim 319238405Sjkim/* Maximum plaintext length: defined by SSL/TLS standards */ 320280297Sjkim# define SSL3_RT_MAX_PLAIN_LENGTH 16384 321238405Sjkim/* Maximum compression overhead: defined by SSL/TLS standards */ 322280297Sjkim# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024 323238405Sjkim 324280297Sjkim/* 325280297Sjkim * The standards give a maximum encryption overhead of 1024 bytes. In 326280297Sjkim * practice the value is lower than this. The overhead is the maximum number 327280297Sjkim * of padding bytes (256) plus the mac size. 328238405Sjkim */ 329280297Sjkim# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE) 330238405Sjkim 331280297Sjkim/* 332280297Sjkim * OpenSSL currently only uses a padding length of at most one block so the 333280297Sjkim * send overhead is smaller. 334238405Sjkim */ 335238405Sjkim 336280297Sjkim# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ 337280297Sjkim (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE) 338238405Sjkim 339238405Sjkim/* If compression isn't used don't include the compression overhead */ 340238405Sjkim 341280297Sjkim# ifdef OPENSSL_NO_COMP 342280297Sjkim# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH 343280297Sjkim# else 344280297Sjkim# define SSL3_RT_MAX_COMPRESSED_LENGTH \ 345280297Sjkim (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD) 346280297Sjkim# endif 347280297Sjkim# define SSL3_RT_MAX_ENCRYPTED_LENGTH \ 348280297Sjkim (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH) 349280297Sjkim# define SSL3_RT_MAX_PACKET_SIZE \ 350280297Sjkim (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) 35155714Skris 352280297Sjkim# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" 353280297Sjkim# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" 35455714Skris 355280297Sjkim# define SSL3_VERSION 0x0300 356280297Sjkim# define SSL3_VERSION_MAJOR 0x03 357280297Sjkim# define SSL3_VERSION_MINOR 0x00 35855714Skris 359280297Sjkim# define SSL3_RT_CHANGE_CIPHER_SPEC 20 360280297Sjkim# define SSL3_RT_ALERT 21 361280297Sjkim# define SSL3_RT_HANDSHAKE 22 362280297Sjkim# define SSL3_RT_APPLICATION_DATA 23 363280297Sjkim# define TLS1_RT_HEARTBEAT 24 36455714Skris 365290207Sjkim/* Pseudo content types to indicate additional parameters */ 366290207Sjkim# define TLS1_RT_CRYPTO 0x1000 367290207Sjkim# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1) 368290207Sjkim# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2) 369290207Sjkim# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3) 370290207Sjkim# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4) 371290207Sjkim 372290207Sjkim# define TLS1_RT_CRYPTO_READ 0x0000 373290207Sjkim# define TLS1_RT_CRYPTO_WRITE 0x0100 374290207Sjkim# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5) 375290207Sjkim# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6) 376290207Sjkim# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7) 377290207Sjkim# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8) 378290207Sjkim 379290207Sjkim/* Pseudo content type for SSL/TLS header info */ 380290207Sjkim# define SSL3_RT_HEADER 0x100 381290207Sjkim 382280297Sjkim# define SSL3_AL_WARNING 1 383280297Sjkim# define SSL3_AL_FATAL 2 38455714Skris 385280297Sjkim# define SSL3_AD_CLOSE_NOTIFY 0 386280297Sjkim# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */ 387280297Sjkim# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */ 388280297Sjkim# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */ 389280297Sjkim# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */ 390280297Sjkim# define SSL3_AD_NO_CERTIFICATE 41 391280297Sjkim# define SSL3_AD_BAD_CERTIFICATE 42 392280297Sjkim# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 393280297Sjkim# define SSL3_AD_CERTIFICATE_REVOKED 44 394280297Sjkim# define SSL3_AD_CERTIFICATE_EXPIRED 45 395280297Sjkim# define SSL3_AD_CERTIFICATE_UNKNOWN 46 396280297Sjkim# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */ 39755714Skris 398280297Sjkim# define TLS1_HB_REQUEST 1 399280297Sjkim# define TLS1_HB_RESPONSE 2 400238405Sjkim 401280297Sjkim# ifndef OPENSSL_NO_SSL_INTERN 40255714Skris 403280297Sjkimtypedef struct ssl3_record_st { 404280297Sjkim /* type of record */ 405280297Sjkim /* 406280297Sjkim * r 407280297Sjkim */ int type; 408280297Sjkim /* How many bytes available */ 409280297Sjkim /* 410280297Sjkim * rw 411280297Sjkim */ unsigned int length; 412280297Sjkim /* read/write offset into 'buf' */ 413280297Sjkim /* 414280297Sjkim * r 415280297Sjkim */ unsigned int off; 416280297Sjkim /* pointer to the record data */ 417280297Sjkim /* 418280297Sjkim * rw 419280297Sjkim */ unsigned char *data; 420280297Sjkim /* where the decode bytes are */ 421280297Sjkim /* 422280297Sjkim * rw 423280297Sjkim */ unsigned char *input; 424280297Sjkim /* only used with decompression - malloc()ed */ 425280297Sjkim /* 426280297Sjkim * r 427280297Sjkim */ unsigned char *comp; 428280297Sjkim /* epoch number, needed by DTLS1 */ 429280297Sjkim /* 430280297Sjkim * r 431280297Sjkim */ unsigned long epoch; 432280297Sjkim /* sequence number, needed by DTLS1 */ 433280297Sjkim /* 434280297Sjkim * r 435280297Sjkim */ unsigned char seq_num[8]; 436280297Sjkim} SSL3_RECORD; 43755714Skris 438280297Sjkimtypedef struct ssl3_buffer_st { 439280297Sjkim /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */ 440280297Sjkim unsigned char *buf; 441280297Sjkim /* buffer size */ 442280297Sjkim size_t len; 443280297Sjkim /* where to 'copy from' */ 444280297Sjkim int offset; 445280297Sjkim /* how many bytes left */ 446280297Sjkim int left; 447280297Sjkim} SSL3_BUFFER; 448238405Sjkim 449280297Sjkim# endif 450280297Sjkim 451280297Sjkim# define SSL3_CT_RSA_SIGN 1 452280297Sjkim# define SSL3_CT_DSS_SIGN 2 453280297Sjkim# define SSL3_CT_RSA_FIXED_DH 3 454280297Sjkim# define SSL3_CT_DSS_FIXED_DH 4 455280297Sjkim# define SSL3_CT_RSA_EPHEMERAL_DH 5 456280297Sjkim# define SSL3_CT_DSS_EPHEMERAL_DH 6 457280297Sjkim# define SSL3_CT_FORTEZZA_DMS 20 458280297Sjkim/* 459280297Sjkim * SSL3_CT_NUMBER is used to size arrays and it must be large enough to 460280297Sjkim * contain all of the cert types defined either for SSLv3 and TLSv1. 461160814Ssimon */ 462280297Sjkim# define SSL3_CT_NUMBER 9 46355714Skris 464280297Sjkim# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 465280297Sjkim# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 466280297Sjkim# define SSL3_FLAGS_POP_BUFFER 0x0004 467280297Sjkim# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 468280297Sjkim# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 469280297Sjkim# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020 470276861Sjkim/* 471276861Sjkim * Set when the handshake is ready to process peer's ChangeCipherSpec message. 472276861Sjkim * Cleared after the message has been processed. 473276861Sjkim */ 474280297Sjkim# define SSL3_FLAGS_CCS_OK 0x0080 475276861Sjkim 476290207Sjkim/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */ 477280297Sjkim# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 47855714Skris 479280297Sjkim# ifndef OPENSSL_NO_SSL_INTERN 480238405Sjkim 481280297Sjkimtypedef struct ssl3_state_st { 482280297Sjkim long flags; 483280297Sjkim int delay_buf_pop_ret; 484280297Sjkim unsigned char read_sequence[8]; 485280297Sjkim int read_mac_secret_size; 486280297Sjkim unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; 487280297Sjkim unsigned char write_sequence[8]; 488280297Sjkim int write_mac_secret_size; 489280297Sjkim unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; 490280297Sjkim unsigned char server_random[SSL3_RANDOM_SIZE]; 491280297Sjkim unsigned char client_random[SSL3_RANDOM_SIZE]; 492280297Sjkim /* flags for countermeasure against known-IV weakness */ 493280297Sjkim int need_empty_fragments; 494280297Sjkim int empty_fragment_done; 495280297Sjkim /* The value of 'extra' when the buffers were initialized */ 496280297Sjkim int init_extra; 497280297Sjkim SSL3_BUFFER rbuf; /* read IO goes into here */ 498280297Sjkim SSL3_BUFFER wbuf; /* write IO goes into here */ 499280297Sjkim SSL3_RECORD rrec; /* each decoded record goes in here */ 500280297Sjkim SSL3_RECORD wrec; /* goes out from here */ 501280297Sjkim /* 502280297Sjkim * storage for Alert/Handshake protocol data received but not yet 503280297Sjkim * processed by ssl3_read_bytes: 504280297Sjkim */ 505280297Sjkim unsigned char alert_fragment[2]; 506280297Sjkim unsigned int alert_fragment_len; 507280297Sjkim unsigned char handshake_fragment[4]; 508280297Sjkim unsigned int handshake_fragment_len; 509280297Sjkim /* partial write - check the numbers match */ 510280297Sjkim unsigned int wnum; /* number of bytes sent so far */ 511280297Sjkim int wpend_tot; /* number bytes written */ 512280297Sjkim int wpend_type; 513280297Sjkim int wpend_ret; /* number of bytes submitted */ 514280297Sjkim const unsigned char *wpend_buf; 515280297Sjkim /* used during startup, digest all incoming/outgoing packets */ 516280297Sjkim BIO *handshake_buffer; 517280297Sjkim /* 518280297Sjkim * When set of handshake digests is determined, buffer is hashed and 519280297Sjkim * freed and MD_CTX-es for all required digests are stored in this array 520280297Sjkim */ 521280297Sjkim EVP_MD_CTX **handshake_dgst; 522280297Sjkim /* 523280297Sjkim * Set whenever an expected ChangeCipherSpec message is processed. 524280297Sjkim * Unset when the peer's Finished message is received. 525280297Sjkim * Unexpected ChangeCipherSpec messages trigger a fatal alert. 526280297Sjkim */ 527280297Sjkim int change_cipher_spec; 528280297Sjkim int warn_alert; 529280297Sjkim int fatal_alert; 530280297Sjkim /* 531280297Sjkim * we allow one fatal and one warning alert to be outstanding, send close 532280297Sjkim * alert via the warning alert 533280297Sjkim */ 534280297Sjkim int alert_dispatch; 535280297Sjkim unsigned char send_alert[2]; 536280297Sjkim /* 537280297Sjkim * This flag is set when we should renegotiate ASAP, basically when there 538280297Sjkim * is no more data in the read or write buffers 539280297Sjkim */ 540280297Sjkim int renegotiate; 541280297Sjkim int total_renegotiations; 542280297Sjkim int num_renegotiations; 543280297Sjkim int in_read_app_data; 544280297Sjkim /* 545280297Sjkim * Opaque PRF input as used for the current handshake. These fields are 546280297Sjkim * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they 547280297Sjkim * are merely present to improve binary compatibility) 548280297Sjkim */ 549280297Sjkim void *client_opaque_prf_input; 550280297Sjkim size_t client_opaque_prf_input_len; 551280297Sjkim void *server_opaque_prf_input; 552280297Sjkim size_t server_opaque_prf_input_len; 553280297Sjkim struct { 554280297Sjkim /* actually only needs to be 16+20 */ 555280297Sjkim unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2]; 556280297Sjkim /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ 557280297Sjkim unsigned char finish_md[EVP_MAX_MD_SIZE * 2]; 558280297Sjkim int finish_md_len; 559280297Sjkim unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2]; 560280297Sjkim int peer_finish_md_len; 561280297Sjkim unsigned long message_size; 562280297Sjkim int message_type; 563280297Sjkim /* used to hold the new cipher we are going to use */ 564280297Sjkim const SSL_CIPHER *new_cipher; 565280297Sjkim# ifndef OPENSSL_NO_DH 566280297Sjkim DH *dh; 567280297Sjkim# endif 568280297Sjkim# ifndef OPENSSL_NO_ECDH 569280297Sjkim EC_KEY *ecdh; /* holds short lived ECDH key */ 570280297Sjkim# endif 571280297Sjkim /* used when SSL_ST_FLUSH_DATA is entered */ 572280297Sjkim int next_state; 573280297Sjkim int reuse_message; 574280297Sjkim /* used for certificate requests */ 575280297Sjkim int cert_req; 576280297Sjkim int ctype_num; 577280297Sjkim char ctype[SSL3_CT_NUMBER]; 578280297Sjkim STACK_OF(X509_NAME) *ca_names; 579280297Sjkim int use_rsa_tmp; 580280297Sjkim int key_block_length; 581280297Sjkim unsigned char *key_block; 582280297Sjkim const EVP_CIPHER *new_sym_enc; 583280297Sjkim const EVP_MD *new_hash; 584280297Sjkim int new_mac_pkey_type; 585280297Sjkim int new_mac_secret_size; 586280297Sjkim# ifndef OPENSSL_NO_COMP 587280297Sjkim const SSL_COMP *new_compression; 588280297Sjkim# else 589280297Sjkim char *new_compression; 590280297Sjkim# endif 591280297Sjkim int cert_request; 592280297Sjkim } tmp; 59355714Skris 594280297Sjkim /* Connection binding to prevent renegotiation attacks */ 595280297Sjkim unsigned char previous_client_finished[EVP_MAX_MD_SIZE]; 596280297Sjkim unsigned char previous_client_finished_len; 597280297Sjkim unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; 598280297Sjkim unsigned char previous_server_finished_len; 599280297Sjkim int send_connection_binding; /* TODOEKR */ 60055714Skris 601280297Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 602280297Sjkim /* 603280297Sjkim * Set if we saw the Next Protocol Negotiation extension from our peer. 604280297Sjkim */ 605280297Sjkim int next_proto_neg_seen; 606280297Sjkim# endif 60755714Skris 608280297Sjkim# ifndef OPENSSL_NO_TLSEXT 609280297Sjkim# ifndef OPENSSL_NO_EC 610280297Sjkim /* 611280297Sjkim * This is set to true if we believe that this is a version of Safari 612280297Sjkim * running on OS X 10.6 or newer. We wish to know this because Safari on 613280297Sjkim * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. 614280297Sjkim */ 615280297Sjkim char is_probably_safari; 616280297Sjkim# endif /* !OPENSSL_NO_EC */ 617290207Sjkim 618290207Sjkim /* 619290207Sjkim * ALPN information (we are in the process of transitioning from NPN to 620290207Sjkim * ALPN.) 621290207Sjkim */ 622290207Sjkim 623290207Sjkim /* 624290207Sjkim * In a server these point to the selected ALPN protocol after the 625290207Sjkim * ClientHello has been processed. In a client these contain the protocol 626290207Sjkim * that the server selected once the ServerHello has been processed. 627290207Sjkim */ 628290207Sjkim unsigned char *alpn_selected; 629290207Sjkim unsigned alpn_selected_len; 630290207Sjkim# endif /* OPENSSL_NO_TLSEXT */ 631280297Sjkim} SSL3_STATE; 632109998Smarkm 633280297Sjkim# endif 634238405Sjkim 63555714Skris/* SSLv3 */ 636280297Sjkim/* 637280297Sjkim * client 638280297Sjkim */ 63955714Skris/* extra state */ 640280297Sjkim# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) 641280297Sjkim# ifndef OPENSSL_NO_SCTP 642280297Sjkim# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT) 643280297Sjkim# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT) 644280297Sjkim# endif 64555714Skris/* write to server */ 646280297Sjkim# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) 647280297Sjkim# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) 64855714Skris/* read from server */ 649280297Sjkim# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) 650280297Sjkim# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) 651280297Sjkim# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) 652280297Sjkim# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) 653280297Sjkim# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) 654280297Sjkim# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) 655280297Sjkim# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) 656280297Sjkim# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) 657280297Sjkim# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) 658280297Sjkim# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) 659280297Sjkim# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) 660280297Sjkim# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) 66155714Skris/* write to server */ 662280297Sjkim# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) 663280297Sjkim# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) 664280297Sjkim# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) 665280297Sjkim# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) 666280297Sjkim# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) 667280297Sjkim# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) 668280297Sjkim# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) 669280297Sjkim# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) 670280297Sjkim# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) 671280297Sjkim# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) 672280297Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 673280297Sjkim# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) 674280297Sjkim# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) 675280297Sjkim# endif 676280297Sjkim# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) 677280297Sjkim# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) 67855714Skris/* read from server */ 679280297Sjkim# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) 680280297Sjkim# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) 681280297Sjkim# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) 682280297Sjkim# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) 683280297Sjkim# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) 684280297Sjkim# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) 685280297Sjkim# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) 686280297Sjkim# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT) 68755714Skris 68855714Skris/* server */ 68955714Skris/* extra state */ 690280297Sjkim# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) 691280297Sjkim# ifndef OPENSSL_NO_SCTP 692280297Sjkim# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT) 693280297Sjkim# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT) 694280297Sjkim# endif 69555714Skris/* read from client */ 69655714Skris/* Do not change the number values, they do matter */ 697280297Sjkim# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) 698280297Sjkim# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) 699280297Sjkim# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) 700290207Sjkim# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT) 70155714Skris/* write to client */ 702280297Sjkim# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT) 703280297Sjkim# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT) 704280297Sjkim# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) 705280297Sjkim# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) 706280297Sjkim# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) 707280297Sjkim# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) 708280297Sjkim# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) 709280297Sjkim# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) 710280297Sjkim# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) 711280297Sjkim# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) 712280297Sjkim# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) 713280297Sjkim# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) 714280297Sjkim# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) 715280297Sjkim# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) 716280297Sjkim# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) 71755714Skris/* read from client */ 718280297Sjkim# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) 719280297Sjkim# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) 720280297Sjkim# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) 721280297Sjkim# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) 722280297Sjkim# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) 723280297Sjkim# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) 724280297Sjkim# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) 725280297Sjkim# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) 726280297Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 727280297Sjkim# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) 728280297Sjkim# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) 729280297Sjkim# endif 730280297Sjkim# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) 731280297Sjkim# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) 73255714Skris/* write to client */ 733280297Sjkim# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) 734280297Sjkim# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) 735280297Sjkim# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) 736280297Sjkim# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) 737280297Sjkim# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) 738280297Sjkim# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) 739280297Sjkim# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) 740280297Sjkim# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) 74155714Skris 742280297Sjkim# define SSL3_MT_HELLO_REQUEST 0 743280297Sjkim# define SSL3_MT_CLIENT_HELLO 1 744280297Sjkim# define SSL3_MT_SERVER_HELLO 2 745280297Sjkim# define SSL3_MT_NEWSESSION_TICKET 4 746280297Sjkim# define SSL3_MT_CERTIFICATE 11 747280297Sjkim# define SSL3_MT_SERVER_KEY_EXCHANGE 12 748280297Sjkim# define SSL3_MT_CERTIFICATE_REQUEST 13 749280297Sjkim# define SSL3_MT_SERVER_DONE 14 750280297Sjkim# define SSL3_MT_CERTIFICATE_VERIFY 15 751280297Sjkim# define SSL3_MT_CLIENT_KEY_EXCHANGE 16 752280297Sjkim# define SSL3_MT_FINISHED 20 753280297Sjkim# define SSL3_MT_CERTIFICATE_STATUS 22 754280297Sjkim# ifndef OPENSSL_NO_NEXTPROTONEG 755280297Sjkim# define SSL3_MT_NEXT_PROTO 67 756280297Sjkim# endif 757280297Sjkim# define DTLS1_MT_HELLO_VERIFY_REQUEST 3 75855714Skris 759280297Sjkim# define SSL3_MT_CCS 1 760160814Ssimon 76155714Skris/* These are used when changing over to a new cipher */ 762280297Sjkim# define SSL3_CC_READ 0x01 763280297Sjkim# define SSL3_CC_WRITE 0x02 764280297Sjkim# define SSL3_CC_CLIENT 0x10 765280297Sjkim# define SSL3_CC_SERVER 0x20 766280297Sjkim# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) 767280297Sjkim# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) 768280297Sjkim# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) 769280297Sjkim# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) 77055714Skris 77155714Skris#ifdef __cplusplus 77255714Skris} 77355714Skris#endif 77455714Skris#endif 775