LTKCPP-- LLRP Toolkit C Plus Plus Library
ssl3.h
00001 /* ssl/ssl3.h */
00002 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
00003  * All rights reserved.
00004  *
00005  * This package is an SSL implementation written
00006  * by Eric Young (eay@cryptsoft.com).
00007  * The implementation was written so as to conform with Netscapes SSL.
00008  *
00009  * This library is free for commercial and non-commercial use as long as
00010  * the following conditions are aheared to.  The following conditions
00011  * apply to all code found in this distribution, be it the RC4, RSA,
00012  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
00013  * included with this distribution is covered by the same copyright terms
00014  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
00015  *
00016  * Copyright remains Eric Young's, and as such any Copyright notices in
00017  * the code are not to be removed.
00018  * If this package is used in a product, Eric Young should be given attribution
00019  * as the author of the parts of the library used.
00020  * This can be in the form of a textual message at program startup or
00021  * in documentation (online or textual) provided with the package.
00022  *
00023  * Redistribution and use in source and binary forms, with or without
00024  * modification, are permitted provided that the following conditions
00025  * are met:
00026  * 1. Redistributions of source code must retain the copyright
00027  *    notice, this list of conditions and the following disclaimer.
00028  * 2. Redistributions in binary form must reproduce the above copyright
00029  *    notice, this list of conditions and the following disclaimer in the
00030  *    documentation and/or other materials provided with the distribution.
00031  * 3. All advertising materials mentioning features or use of this software
00032  *    must display the following acknowledgement:
00033  *    "This product includes cryptographic software written by
00034  *     Eric Young (eay@cryptsoft.com)"
00035  *    The word 'cryptographic' can be left out if the rouines from the library
00036  *    being used are not cryptographic related :-).
00037  * 4. If you include any Windows specific code (or a derivative thereof) from
00038  *    the apps directory (application code) you must include an acknowledgement:
00039  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
00040  *
00041  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
00042  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00043  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00044  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
00045  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
00046  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
00047  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
00049  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
00050  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00051  * SUCH DAMAGE.
00052  *
00053  * The licence and distribution terms for any publically available version or
00054  * derivative of this code cannot be changed.  i.e. this code cannot simply be
00055  * copied and put under another distribution licence
00056  * [including the GNU Public Licence.]
00057  */
00058 /* ====================================================================
00059  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
00060  *
00061  * Redistribution and use in source and binary forms, with or without
00062  * modification, are permitted provided that the following conditions
00063  * are met:
00064  *
00065  * 1. Redistributions of source code must retain the above copyright
00066  *    notice, this list of conditions and the following disclaimer.
00067  *
00068  * 2. Redistributions in binary form must reproduce the above copyright
00069  *    notice, this list of conditions and the following disclaimer in
00070  *    the documentation and/or other materials provided with the
00071  *    distribution.
00072  *
00073  * 3. All advertising materials mentioning features or use of this
00074  *    software must display the following acknowledgment:
00075  *    "This product includes software developed by the OpenSSL Project
00076  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
00077  *
00078  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
00079  *    endorse or promote products derived from this software without
00080  *    prior written permission. For written permission, please contact
00081  *    openssl-core@openssl.org.
00082  *
00083  * 5. Products derived from this software may not be called "OpenSSL"
00084  *    nor may "OpenSSL" appear in their names without prior written
00085  *    permission of the OpenSSL Project.
00086  *
00087  * 6. Redistributions of any form whatsoever must retain the following
00088  *    acknowledgment:
00089  *    "This product includes software developed by the OpenSSL Project
00090  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
00091  *
00092  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
00093  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00094  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
00095  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
00096  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00097  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
00098  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
00099  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
00101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
00103  * OF THE POSSIBILITY OF SUCH DAMAGE.
00104  * ====================================================================
00105  *
00106  * This product includes cryptographic software written by Eric Young
00107  * (eay@cryptsoft.com).  This product includes software written by Tim
00108  * Hudson (tjh@cryptsoft.com).
00109  *
00110  */
00111 /* ====================================================================
00112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
00113  * ECC cipher suite support in OpenSSL originally developed by
00114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
00115  */
00116 
00117 #ifndef HEADER_SSL3_H
00118 # define HEADER_SSL3_H
00119 
00120 # ifndef OPENSSL_NO_COMP
00121 #  include <openssl/comp.h>
00122 # endif
00123 # include <openssl/buffer.h>
00124 # include <openssl/evp.h>
00125 # include <openssl/ssl.h>
00126 
00127 #ifdef  __cplusplus
00128 extern "C" {
00129 #endif
00130 
00131 /*
00132  * Signalling cipher suite value from RFC 5746
00133  * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
00134  */
00135 # define SSL3_CK_SCSV                            0x030000FF
00136 
00137 /*
00138  * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
00139  * (TLS_FALLBACK_SCSV)
00140  */
00141 # define SSL3_CK_FALLBACK_SCSV                   0x03005600
00142 
00143 # define SSL3_CK_RSA_NULL_MD5                    0x03000001
00144 # define SSL3_CK_RSA_NULL_SHA                    0x03000002
00145 # define SSL3_CK_RSA_RC4_40_MD5                  0x03000003
00146 # define SSL3_CK_RSA_RC4_128_MD5                 0x03000004
00147 # define SSL3_CK_RSA_RC4_128_SHA                 0x03000005
00148 # define SSL3_CK_RSA_RC2_40_MD5                  0x03000006
00149 # define SSL3_CK_RSA_IDEA_128_SHA                0x03000007
00150 # define SSL3_CK_RSA_DES_40_CBC_SHA              0x03000008
00151 # define SSL3_CK_RSA_DES_64_CBC_SHA              0x03000009
00152 # define SSL3_CK_RSA_DES_192_CBC3_SHA            0x0300000A
00153 
00154 # define SSL3_CK_DH_DSS_DES_40_CBC_SHA           0x0300000B
00155 # define SSL3_CK_DH_DSS_DES_64_CBC_SHA           0x0300000C
00156 # define SSL3_CK_DH_DSS_DES_192_CBC3_SHA         0x0300000D
00157 # define SSL3_CK_DH_RSA_DES_40_CBC_SHA           0x0300000E
00158 # define SSL3_CK_DH_RSA_DES_64_CBC_SHA           0x0300000F
00159 # define SSL3_CK_DH_RSA_DES_192_CBC3_SHA         0x03000010
00160 
00161 # define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          0x03000011
00162 # define SSL3_CK_DHE_DSS_DES_40_CBC_SHA          SSL3_CK_EDH_DSS_DES_40_CBC_SHA
00163 # define SSL3_CK_EDH_DSS_DES_64_CBC_SHA          0x03000012
00164 # define SSL3_CK_DHE_DSS_DES_64_CBC_SHA          SSL3_CK_EDH_DSS_DES_64_CBC_SHA
00165 # define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA        0x03000013
00166 # define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA        SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
00167 # define SSL3_CK_EDH_RSA_DES_40_CBC_SHA          0x03000014
00168 # define SSL3_CK_DHE_RSA_DES_40_CBC_SHA          SSL3_CK_EDH_RSA_DES_40_CBC_SHA
00169 # define SSL3_CK_EDH_RSA_DES_64_CBC_SHA          0x03000015
00170 # define SSL3_CK_DHE_RSA_DES_64_CBC_SHA          SSL3_CK_EDH_RSA_DES_64_CBC_SHA
00171 # define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA        0x03000016
00172 # define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA        SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
00173 
00174 # define SSL3_CK_ADH_RC4_40_MD5                  0x03000017
00175 # define SSL3_CK_ADH_RC4_128_MD5                 0x03000018
00176 # define SSL3_CK_ADH_DES_40_CBC_SHA              0x03000019
00177 # define SSL3_CK_ADH_DES_64_CBC_SHA              0x0300001A
00178 # define SSL3_CK_ADH_DES_192_CBC_SHA             0x0300001B
00179 
00180 # if 0
00181 #  define SSL3_CK_FZA_DMS_NULL_SHA                0x0300001C
00182 #  define SSL3_CK_FZA_DMS_FZA_SHA                 0x0300001D
00183 #  if 0                         /* Because it clashes with KRB5, is never
00184                                  * used any more, and is safe to remove
00185                                  * according to David Hopwood
00186                                  * <david.hopwood@zetnet.co.uk> of the
00187                                  * ietf-tls list */
00188 #   define SSL3_CK_FZA_DMS_RC4_SHA                 0x0300001E
00189 #  endif
00190 # endif
00191 
00192 /*
00193  * VRS Additional Kerberos5 entries
00194  */
00195 # define SSL3_CK_KRB5_DES_64_CBC_SHA             0x0300001E
00196 # define SSL3_CK_KRB5_DES_192_CBC3_SHA           0x0300001F
00197 # define SSL3_CK_KRB5_RC4_128_SHA                0x03000020
00198 # define SSL3_CK_KRB5_IDEA_128_CBC_SHA           0x03000021
00199 # define SSL3_CK_KRB5_DES_64_CBC_MD5             0x03000022
00200 # define SSL3_CK_KRB5_DES_192_CBC3_MD5           0x03000023
00201 # define SSL3_CK_KRB5_RC4_128_MD5                0x03000024
00202 # define SSL3_CK_KRB5_IDEA_128_CBC_MD5           0x03000025
00203 
00204 # define SSL3_CK_KRB5_DES_40_CBC_SHA             0x03000026
00205 # define SSL3_CK_KRB5_RC2_40_CBC_SHA             0x03000027
00206 # define SSL3_CK_KRB5_RC4_40_SHA                 0x03000028
00207 # define SSL3_CK_KRB5_DES_40_CBC_MD5             0x03000029
00208 # define SSL3_CK_KRB5_RC2_40_CBC_MD5             0x0300002A
00209 # define SSL3_CK_KRB5_RC4_40_MD5                 0x0300002B
00210 
00211 # define SSL3_TXT_RSA_NULL_MD5                   "NULL-MD5"
00212 # define SSL3_TXT_RSA_NULL_SHA                   "NULL-SHA"
00213 # define SSL3_TXT_RSA_RC4_40_MD5                 "EXP-RC4-MD5"
00214 # define SSL3_TXT_RSA_RC4_128_MD5                "RC4-MD5"
00215 # define SSL3_TXT_RSA_RC4_128_SHA                "RC4-SHA"
00216 # define SSL3_TXT_RSA_RC2_40_MD5                 "EXP-RC2-CBC-MD5"
00217 # define SSL3_TXT_RSA_IDEA_128_SHA               "IDEA-CBC-SHA"
00218 # define SSL3_TXT_RSA_DES_40_CBC_SHA             "EXP-DES-CBC-SHA"
00219 # define SSL3_TXT_RSA_DES_64_CBC_SHA             "DES-CBC-SHA"
00220 # define SSL3_TXT_RSA_DES_192_CBC3_SHA           "DES-CBC3-SHA"
00221 
00222 # define SSL3_TXT_DH_DSS_DES_40_CBC_SHA          "EXP-DH-DSS-DES-CBC-SHA"
00223 # define SSL3_TXT_DH_DSS_DES_64_CBC_SHA          "DH-DSS-DES-CBC-SHA"
00224 # define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA        "DH-DSS-DES-CBC3-SHA"
00225 # define SSL3_TXT_DH_RSA_DES_40_CBC_SHA          "EXP-DH-RSA-DES-CBC-SHA"
00226 # define SSL3_TXT_DH_RSA_DES_64_CBC_SHA          "DH-RSA-DES-CBC-SHA"
00227 # define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA        "DH-RSA-DES-CBC3-SHA"
00228 
00229 # define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA         "EXP-DHE-DSS-DES-CBC-SHA"
00230 # define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA         "DHE-DSS-DES-CBC-SHA"
00231 # define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA       "DHE-DSS-DES-CBC3-SHA"
00232 # define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA         "EXP-DHE-RSA-DES-CBC-SHA"
00233 # define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA         "DHE-RSA-DES-CBC-SHA"
00234 # define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA       "DHE-RSA-DES-CBC3-SHA"
00235 
00236 /*
00237  * This next block of six "EDH" labels is for backward compatibility with
00238  * older versions of OpenSSL.  New code should use the six "DHE" labels above
00239  * instead:
00240  */
00241 # define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA         "EXP-EDH-DSS-DES-CBC-SHA"
00242 # define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA         "EDH-DSS-DES-CBC-SHA"
00243 # define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA       "EDH-DSS-DES-CBC3-SHA"
00244 # define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA         "EXP-EDH-RSA-DES-CBC-SHA"
00245 # define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA         "EDH-RSA-DES-CBC-SHA"
00246 # define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA       "EDH-RSA-DES-CBC3-SHA"
00247 
00248 # define SSL3_TXT_ADH_RC4_40_MD5                 "EXP-ADH-RC4-MD5"
00249 # define SSL3_TXT_ADH_RC4_128_MD5                "ADH-RC4-MD5"
00250 # define SSL3_TXT_ADH_DES_40_CBC_SHA             "EXP-ADH-DES-CBC-SHA"
00251 # define SSL3_TXT_ADH_DES_64_CBC_SHA             "ADH-DES-CBC-SHA"
00252 # define SSL3_TXT_ADH_DES_192_CBC_SHA            "ADH-DES-CBC3-SHA"
00253 
00254 # if 0
00255 #  define SSL3_TXT_FZA_DMS_NULL_SHA               "FZA-NULL-SHA"
00256 #  define SSL3_TXT_FZA_DMS_FZA_SHA                "FZA-FZA-CBC-SHA"
00257 #  define SSL3_TXT_FZA_DMS_RC4_SHA                "FZA-RC4-SHA"
00258 # endif
00259 
00260 # define SSL3_TXT_KRB5_DES_64_CBC_SHA            "KRB5-DES-CBC-SHA"
00261 # define SSL3_TXT_KRB5_DES_192_CBC3_SHA          "KRB5-DES-CBC3-SHA"
00262 # define SSL3_TXT_KRB5_RC4_128_SHA               "KRB5-RC4-SHA"
00263 # define SSL3_TXT_KRB5_IDEA_128_CBC_SHA          "KRB5-IDEA-CBC-SHA"
00264 # define SSL3_TXT_KRB5_DES_64_CBC_MD5            "KRB5-DES-CBC-MD5"
00265 # define SSL3_TXT_KRB5_DES_192_CBC3_MD5          "KRB5-DES-CBC3-MD5"
00266 # define SSL3_TXT_KRB5_RC4_128_MD5               "KRB5-RC4-MD5"
00267 # define SSL3_TXT_KRB5_IDEA_128_CBC_MD5          "KRB5-IDEA-CBC-MD5"
00268 
00269 # define SSL3_TXT_KRB5_DES_40_CBC_SHA            "EXP-KRB5-DES-CBC-SHA"
00270 # define SSL3_TXT_KRB5_RC2_40_CBC_SHA            "EXP-KRB5-RC2-CBC-SHA"
00271 # define SSL3_TXT_KRB5_RC4_40_SHA                "EXP-KRB5-RC4-SHA"
00272 # define SSL3_TXT_KRB5_DES_40_CBC_MD5            "EXP-KRB5-DES-CBC-MD5"
00273 # define SSL3_TXT_KRB5_RC2_40_CBC_MD5            "EXP-KRB5-RC2-CBC-MD5"
00274 # define SSL3_TXT_KRB5_RC4_40_MD5                "EXP-KRB5-RC4-MD5"
00275 
00276 # define SSL3_SSL_SESSION_ID_LENGTH              32
00277 # define SSL3_MAX_SSL_SESSION_ID_LENGTH          32
00278 
00279 # define SSL3_MASTER_SECRET_SIZE                 48
00280 # define SSL3_RANDOM_SIZE                        32
00281 # define SSL3_SESSION_ID_SIZE                    32
00282 # define SSL3_RT_HEADER_LENGTH                   5
00283 
00284 # define SSL3_HM_HEADER_LENGTH                  4
00285 
00286 # ifndef SSL3_ALIGN_PAYLOAD
00287  /*
00288   * Some will argue that this increases memory footprint, but it's not
00289   * actually true. Point is that malloc has to return at least 64-bit aligned
00290   * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
00291   * Suggested pre-gaping simply moves these wasted bytes from the end of
00292   * allocated region to its front, but makes data payload aligned, which
00293   * improves performance:-)
00294   */
00295 #  define SSL3_ALIGN_PAYLOAD                     8
00296 # else
00297 #  if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
00298 #   error "insane SSL3_ALIGN_PAYLOAD"
00299 #   undef SSL3_ALIGN_PAYLOAD
00300 #  endif
00301 # endif
00302 
00303 /*
00304  * This is the maximum MAC (digest) size used by the SSL library. Currently
00305  * maximum of 20 is used by SHA1, but we reserve for future extension for
00306  * 512-bit hashes.
00307  */
00308 
00309 # define SSL3_RT_MAX_MD_SIZE                     64
00310 
00311 /*
00312  * Maximum block size used in all ciphersuites. Currently 16 for AES.
00313  */
00314 
00315 # define SSL_RT_MAX_CIPHER_BLOCK_SIZE            16
00316 
00317 # define SSL3_RT_MAX_EXTRA                       (16384)
00318 
00319 /* Maximum plaintext length: defined by SSL/TLS standards */
00320 # define SSL3_RT_MAX_PLAIN_LENGTH                16384
00321 /* Maximum compression overhead: defined by SSL/TLS standards */
00322 # define SSL3_RT_MAX_COMPRESSED_OVERHEAD         1024
00323 
00324 /*
00325  * The standards give a maximum encryption overhead of 1024 bytes. In
00326  * practice the value is lower than this. The overhead is the maximum number
00327  * of padding bytes (256) plus the mac size.
00328  */
00329 # define SSL3_RT_MAX_ENCRYPTED_OVERHEAD  (256 + SSL3_RT_MAX_MD_SIZE)
00330 
00331 /*
00332  * OpenSSL currently only uses a padding length of at most one block so the
00333  * send overhead is smaller.
00334  */
00335 
00336 # define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
00337                         (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
00338 
00339 /* If compression isn't used don't include the compression overhead */
00340 
00341 # ifdef OPENSSL_NO_COMP
00342 #  define SSL3_RT_MAX_COMPRESSED_LENGTH           SSL3_RT_MAX_PLAIN_LENGTH
00343 # else
00344 #  define SSL3_RT_MAX_COMPRESSED_LENGTH   \
00345                 (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
00346 # endif
00347 # define SSL3_RT_MAX_ENCRYPTED_LENGTH    \
00348                 (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
00349 # define SSL3_RT_MAX_PACKET_SIZE         \
00350                 (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
00351 
00352 # define SSL3_MD_CLIENT_FINISHED_CONST   "\x43\x4C\x4E\x54"
00353 # define SSL3_MD_SERVER_FINISHED_CONST   "\x53\x52\x56\x52"
00354 
00355 # define SSL3_VERSION                    0x0300
00356 # define SSL3_VERSION_MAJOR              0x03
00357 # define SSL3_VERSION_MINOR              0x00
00358 
00359 # define SSL3_RT_CHANGE_CIPHER_SPEC      20
00360 # define SSL3_RT_ALERT                   21
00361 # define SSL3_RT_HANDSHAKE               22
00362 # define SSL3_RT_APPLICATION_DATA        23
00363 # define TLS1_RT_HEARTBEAT               24
00364 
00365 /* Pseudo content types to indicate additional parameters */
00366 # define TLS1_RT_CRYPTO                  0x1000
00367 # define TLS1_RT_CRYPTO_PREMASTER        (TLS1_RT_CRYPTO | 0x1)
00368 # define TLS1_RT_CRYPTO_CLIENT_RANDOM    (TLS1_RT_CRYPTO | 0x2)
00369 # define TLS1_RT_CRYPTO_SERVER_RANDOM    (TLS1_RT_CRYPTO | 0x3)
00370 # define TLS1_RT_CRYPTO_MASTER           (TLS1_RT_CRYPTO | 0x4)
00371 
00372 # define TLS1_RT_CRYPTO_READ             0x0000
00373 # define TLS1_RT_CRYPTO_WRITE            0x0100
00374 # define TLS1_RT_CRYPTO_MAC              (TLS1_RT_CRYPTO | 0x5)
00375 # define TLS1_RT_CRYPTO_KEY              (TLS1_RT_CRYPTO | 0x6)
00376 # define TLS1_RT_CRYPTO_IV               (TLS1_RT_CRYPTO | 0x7)
00377 # define TLS1_RT_CRYPTO_FIXED_IV         (TLS1_RT_CRYPTO | 0x8)
00378 
00379 /* Pseudo content type for SSL/TLS header info */
00380 # define SSL3_RT_HEADER                  0x100
00381 
00382 # define SSL3_AL_WARNING                 1
00383 # define SSL3_AL_FATAL                   2
00384 
00385 # define SSL3_AD_CLOSE_NOTIFY             0
00386 # define SSL3_AD_UNEXPECTED_MESSAGE      10/* fatal */
00387 # define SSL3_AD_BAD_RECORD_MAC          20/* fatal */
00388 # define SSL3_AD_DECOMPRESSION_FAILURE   30/* fatal */
00389 # define SSL3_AD_HANDSHAKE_FAILURE       40/* fatal */
00390 # define SSL3_AD_NO_CERTIFICATE          41
00391 # define SSL3_AD_BAD_CERTIFICATE         42
00392 # define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
00393 # define SSL3_AD_CERTIFICATE_REVOKED     44
00394 # define SSL3_AD_CERTIFICATE_EXPIRED     45
00395 # define SSL3_AD_CERTIFICATE_UNKNOWN     46
00396 # define SSL3_AD_ILLEGAL_PARAMETER       47/* fatal */
00397 
00398 # define TLS1_HB_REQUEST         1
00399 # define TLS1_HB_RESPONSE        2
00400 
00401 # ifndef OPENSSL_NO_SSL_INTERN
00402 
00403 typedef struct ssl3_record_st {
00404     /* type of record */
00405     /*
00406      * r
00407      */ int type;
00408     /* How many bytes available */
00409     /*
00410      * rw
00411      */ unsigned int length;
00412     /* read/write offset into 'buf' */
00413     /*
00414      * r
00415      */ unsigned int off;
00416     /* pointer to the record data */
00417     /*
00418      * rw
00419      */ unsigned char *data;
00420     /* where the decode bytes are */
00421     /*
00422      * rw
00423      */ unsigned char *input;
00424     /* only used with decompression - malloc()ed */
00425     /*
00426      * r
00427      */ unsigned char *comp;
00428     /* epoch number, needed by DTLS1 */
00429     /*
00430      * r
00431      */ unsigned long epoch;
00432     /* sequence number, needed by DTLS1 */
00433     /*
00434      * r
00435      */ unsigned char seq_num[8];
00436 } SSL3_RECORD;
00437 
00438 typedef struct ssl3_buffer_st {
00439     /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
00440     unsigned char *buf;
00441     /* buffer size */
00442     size_t len;
00443     /* where to 'copy from' */
00444     int offset;
00445     /* how many bytes left */
00446     int left;
00447 } SSL3_BUFFER;
00448 
00449 # endif
00450 
00451 # define SSL3_CT_RSA_SIGN                        1
00452 # define SSL3_CT_DSS_SIGN                        2
00453 # define SSL3_CT_RSA_FIXED_DH                    3
00454 # define SSL3_CT_DSS_FIXED_DH                    4
00455 # define SSL3_CT_RSA_EPHEMERAL_DH                5
00456 # define SSL3_CT_DSS_EPHEMERAL_DH                6
00457 # define SSL3_CT_FORTEZZA_DMS                    20
00458 /*
00459  * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
00460  * contain all of the cert types defined either for SSLv3 and TLSv1.
00461  */
00462 # define SSL3_CT_NUMBER                  9
00463 
00464 # define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
00465 # define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
00466 # define SSL3_FLAGS_POP_BUFFER                   0x0004
00467 # define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
00468 # define TLS1_FLAGS_SKIP_CERT_VERIFY             0x0010
00469 # define TLS1_FLAGS_KEEP_HANDSHAKE               0x0020
00470 /*
00471  * Set when the handshake is ready to process peer's ChangeCipherSpec message.
00472  * Cleared after the message has been processed.
00473  */
00474 # define SSL3_FLAGS_CCS_OK                       0x0080
00475 
00476 /* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
00477 # define SSL3_FLAGS_SGC_RESTART_DONE             0x0040
00478 
00479 # ifndef OPENSSL_NO_SSL_INTERN
00480 
00481 typedef struct ssl3_state_st {
00482     long flags;
00483     int delay_buf_pop_ret;
00484     unsigned char read_sequence[8];
00485     int read_mac_secret_size;
00486     unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
00487     unsigned char write_sequence[8];
00488     int write_mac_secret_size;
00489     unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
00490     unsigned char server_random[SSL3_RANDOM_SIZE];
00491     unsigned char client_random[SSL3_RANDOM_SIZE];
00492     /* flags for countermeasure against known-IV weakness */
00493     int need_empty_fragments;
00494     int empty_fragment_done;
00495     /* The value of 'extra' when the buffers were initialized */
00496     int init_extra;
00497     SSL3_BUFFER rbuf;           /* read IO goes into here */
00498     SSL3_BUFFER wbuf;           /* write IO goes into here */
00499     SSL3_RECORD rrec;           /* each decoded record goes in here */
00500     SSL3_RECORD wrec;           /* goes out from here */
00501     /*
00502      * storage for Alert/Handshake protocol data received but not yet
00503      * processed by ssl3_read_bytes:
00504      */
00505     unsigned char alert_fragment[2];
00506     unsigned int alert_fragment_len;
00507     unsigned char handshake_fragment[4];
00508     unsigned int handshake_fragment_len;
00509     /* partial write - check the numbers match */
00510     unsigned int wnum;          /* number of bytes sent so far */
00511     int wpend_tot;              /* number bytes written */
00512     int wpend_type;
00513     int wpend_ret;              /* number of bytes submitted */
00514     const unsigned char *wpend_buf;
00515     /* used during startup, digest all incoming/outgoing packets */
00516     BIO *handshake_buffer;
00517     /*
00518      * When set of handshake digests is determined, buffer is hashed and
00519      * freed and MD_CTX-es for all required digests are stored in this array
00520      */
00521     EVP_MD_CTX **handshake_dgst;
00522     /*
00523      * Set whenever an expected ChangeCipherSpec message is processed.
00524      * Unset when the peer's Finished message is received.
00525      * Unexpected ChangeCipherSpec messages trigger a fatal alert.
00526      */
00527     int change_cipher_spec;
00528     int warn_alert;
00529     int fatal_alert;
00530     /*
00531      * we allow one fatal and one warning alert to be outstanding, send close
00532      * alert via the warning alert
00533      */
00534     int alert_dispatch;
00535     unsigned char send_alert[2];
00536     /*
00537      * This flag is set when we should renegotiate ASAP, basically when there
00538      * is no more data in the read or write buffers
00539      */
00540     int renegotiate;
00541     int total_renegotiations;
00542     int num_renegotiations;
00543     int in_read_app_data;
00544     /*
00545      * Opaque PRF input as used for the current handshake. These fields are
00546      * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
00547      * are merely present to improve binary compatibility)
00548      */
00549     void *client_opaque_prf_input;
00550     size_t client_opaque_prf_input_len;
00551     void *server_opaque_prf_input;
00552     size_t server_opaque_prf_input_len;
00553     struct {
00554         /* actually only needs to be 16+20 */
00555         unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
00556         /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
00557         unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
00558         int finish_md_len;
00559         unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
00560         int peer_finish_md_len;
00561         unsigned long message_size;
00562         int message_type;
00563         /* used to hold the new cipher we are going to use */
00564         const SSL_CIPHER *new_cipher;
00565 #  ifndef OPENSSL_NO_DH
00566         DH *dh;
00567 #  endif
00568 #  ifndef OPENSSL_NO_ECDH
00569         EC_KEY *ecdh;           /* holds short lived ECDH key */
00570 #  endif
00571         /* used when SSL_ST_FLUSH_DATA is entered */
00572         int next_state;
00573         int reuse_message;
00574         /* used for certificate requests */
00575         int cert_req;
00576         int ctype_num;
00577         char ctype[SSL3_CT_NUMBER];
00578         STACK_OF(X509_NAME) *ca_names;
00579         int use_rsa_tmp;
00580         int key_block_length;
00581         unsigned char *key_block;
00582         const EVP_CIPHER *new_sym_enc;
00583         const EVP_MD *new_hash;
00584         int new_mac_pkey_type;
00585         int new_mac_secret_size;
00586 #  ifndef OPENSSL_NO_COMP
00587         const SSL_COMP *new_compression;
00588 #  else
00589         char *new_compression;
00590 #  endif
00591         int cert_request;
00592     } tmp;
00593 
00594     /* Connection binding to prevent renegotiation attacks */
00595     unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
00596     unsigned char previous_client_finished_len;
00597     unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
00598     unsigned char previous_server_finished_len;
00599     int send_connection_binding; /* TODOEKR */
00600 
00601 #  ifndef OPENSSL_NO_NEXTPROTONEG
00602     /*
00603      * Set if we saw the Next Protocol Negotiation extension from our peer.
00604      */
00605     int next_proto_neg_seen;
00606 #  endif
00607 
00608 #  ifndef OPENSSL_NO_TLSEXT
00609 #   ifndef OPENSSL_NO_EC
00610     /*
00611      * This is set to true if we believe that this is a version of Safari
00612      * running on OS X 10.6 or newer. We wish to know this because Safari on
00613      * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
00614      */
00615     char is_probably_safari;
00616 #   endif                       /* !OPENSSL_NO_EC */
00617 
00618     /*
00619      * ALPN information (we are in the process of transitioning from NPN to
00620      * ALPN.)
00621      */
00622 
00623     /*
00624      * In a server these point to the selected ALPN protocol after the
00625      * ClientHello has been processed. In a client these contain the protocol
00626      * that the server selected once the ServerHello has been processed.
00627      */
00628     unsigned char *alpn_selected;
00629     unsigned alpn_selected_len;
00630 #  endif                        /* OPENSSL_NO_TLSEXT */
00631 } SSL3_STATE;
00632 
00633 # endif
00634 
00635 /* SSLv3 */
00636 /*
00637  * client
00638  */
00639 /* extra state */
00640 # define SSL3_ST_CW_FLUSH                (0x100|SSL_ST_CONNECT)
00641 # ifndef OPENSSL_NO_SCTP
00642 #  define DTLS1_SCTP_ST_CW_WRITE_SOCK                     (0x310|SSL_ST_CONNECT)
00643 #  define DTLS1_SCTP_ST_CR_READ_SOCK                      (0x320|SSL_ST_CONNECT)
00644 # endif
00645 /* write to server */
00646 # define SSL3_ST_CW_CLNT_HELLO_A         (0x110|SSL_ST_CONNECT)
00647 # define SSL3_ST_CW_CLNT_HELLO_B         (0x111|SSL_ST_CONNECT)
00648 /* read from server */
00649 # define SSL3_ST_CR_SRVR_HELLO_A         (0x120|SSL_ST_CONNECT)
00650 # define SSL3_ST_CR_SRVR_HELLO_B         (0x121|SSL_ST_CONNECT)
00651 # define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
00652 # define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
00653 # define SSL3_ST_CR_CERT_A               (0x130|SSL_ST_CONNECT)
00654 # define SSL3_ST_CR_CERT_B               (0x131|SSL_ST_CONNECT)
00655 # define SSL3_ST_CR_KEY_EXCH_A           (0x140|SSL_ST_CONNECT)
00656 # define SSL3_ST_CR_KEY_EXCH_B           (0x141|SSL_ST_CONNECT)
00657 # define SSL3_ST_CR_CERT_REQ_A           (0x150|SSL_ST_CONNECT)
00658 # define SSL3_ST_CR_CERT_REQ_B           (0x151|SSL_ST_CONNECT)
00659 # define SSL3_ST_CR_SRVR_DONE_A          (0x160|SSL_ST_CONNECT)
00660 # define SSL3_ST_CR_SRVR_DONE_B          (0x161|SSL_ST_CONNECT)
00661 /* write to server */
00662 # define SSL3_ST_CW_CERT_A               (0x170|SSL_ST_CONNECT)
00663 # define SSL3_ST_CW_CERT_B               (0x171|SSL_ST_CONNECT)
00664 # define SSL3_ST_CW_CERT_C               (0x172|SSL_ST_CONNECT)
00665 # define SSL3_ST_CW_CERT_D               (0x173|SSL_ST_CONNECT)
00666 # define SSL3_ST_CW_KEY_EXCH_A           (0x180|SSL_ST_CONNECT)
00667 # define SSL3_ST_CW_KEY_EXCH_B           (0x181|SSL_ST_CONNECT)
00668 # define SSL3_ST_CW_CERT_VRFY_A          (0x190|SSL_ST_CONNECT)
00669 # define SSL3_ST_CW_CERT_VRFY_B          (0x191|SSL_ST_CONNECT)
00670 # define SSL3_ST_CW_CHANGE_A             (0x1A0|SSL_ST_CONNECT)
00671 # define SSL3_ST_CW_CHANGE_B             (0x1A1|SSL_ST_CONNECT)
00672 # ifndef OPENSSL_NO_NEXTPROTONEG
00673 #  define SSL3_ST_CW_NEXT_PROTO_A         (0x200|SSL_ST_CONNECT)
00674 #  define SSL3_ST_CW_NEXT_PROTO_B         (0x201|SSL_ST_CONNECT)
00675 # endif
00676 # define SSL3_ST_CW_FINISHED_A           (0x1B0|SSL_ST_CONNECT)
00677 # define SSL3_ST_CW_FINISHED_B           (0x1B1|SSL_ST_CONNECT)
00678 /* read from server */
00679 # define SSL3_ST_CR_CHANGE_A             (0x1C0|SSL_ST_CONNECT)
00680 # define SSL3_ST_CR_CHANGE_B             (0x1C1|SSL_ST_CONNECT)
00681 # define SSL3_ST_CR_FINISHED_A           (0x1D0|SSL_ST_CONNECT)
00682 # define SSL3_ST_CR_FINISHED_B           (0x1D1|SSL_ST_CONNECT)
00683 # define SSL3_ST_CR_SESSION_TICKET_A     (0x1E0|SSL_ST_CONNECT)
00684 # define SSL3_ST_CR_SESSION_TICKET_B     (0x1E1|SSL_ST_CONNECT)
00685 # define SSL3_ST_CR_CERT_STATUS_A        (0x1F0|SSL_ST_CONNECT)
00686 # define SSL3_ST_CR_CERT_STATUS_B        (0x1F1|SSL_ST_CONNECT)
00687 
00688 /* server */
00689 /* extra state */
00690 # define SSL3_ST_SW_FLUSH                (0x100|SSL_ST_ACCEPT)
00691 # ifndef OPENSSL_NO_SCTP
00692 #  define DTLS1_SCTP_ST_SW_WRITE_SOCK                     (0x310|SSL_ST_ACCEPT)
00693 #  define DTLS1_SCTP_ST_SR_READ_SOCK                      (0x320|SSL_ST_ACCEPT)
00694 # endif
00695 /* read from client */
00696 /* Do not change the number values, they do matter */
00697 # define SSL3_ST_SR_CLNT_HELLO_A         (0x110|SSL_ST_ACCEPT)
00698 # define SSL3_ST_SR_CLNT_HELLO_B         (0x111|SSL_ST_ACCEPT)
00699 # define SSL3_ST_SR_CLNT_HELLO_C         (0x112|SSL_ST_ACCEPT)
00700 # define SSL3_ST_SR_CLNT_HELLO_D         (0x115|SSL_ST_ACCEPT)
00701 /* write to client */
00702 # define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
00703 # define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
00704 # define SSL3_ST_SW_HELLO_REQ_A          (0x120|SSL_ST_ACCEPT)
00705 # define SSL3_ST_SW_HELLO_REQ_B          (0x121|SSL_ST_ACCEPT)
00706 # define SSL3_ST_SW_HELLO_REQ_C          (0x122|SSL_ST_ACCEPT)
00707 # define SSL3_ST_SW_SRVR_HELLO_A         (0x130|SSL_ST_ACCEPT)
00708 # define SSL3_ST_SW_SRVR_HELLO_B         (0x131|SSL_ST_ACCEPT)
00709 # define SSL3_ST_SW_CERT_A               (0x140|SSL_ST_ACCEPT)
00710 # define SSL3_ST_SW_CERT_B               (0x141|SSL_ST_ACCEPT)
00711 # define SSL3_ST_SW_KEY_EXCH_A           (0x150|SSL_ST_ACCEPT)
00712 # define SSL3_ST_SW_KEY_EXCH_B           (0x151|SSL_ST_ACCEPT)
00713 # define SSL3_ST_SW_CERT_REQ_A           (0x160|SSL_ST_ACCEPT)
00714 # define SSL3_ST_SW_CERT_REQ_B           (0x161|SSL_ST_ACCEPT)
00715 # define SSL3_ST_SW_SRVR_DONE_A          (0x170|SSL_ST_ACCEPT)
00716 # define SSL3_ST_SW_SRVR_DONE_B          (0x171|SSL_ST_ACCEPT)
00717 /* read from client */
00718 # define SSL3_ST_SR_CERT_A               (0x180|SSL_ST_ACCEPT)
00719 # define SSL3_ST_SR_CERT_B               (0x181|SSL_ST_ACCEPT)
00720 # define SSL3_ST_SR_KEY_EXCH_A           (0x190|SSL_ST_ACCEPT)
00721 # define SSL3_ST_SR_KEY_EXCH_B           (0x191|SSL_ST_ACCEPT)
00722 # define SSL3_ST_SR_CERT_VRFY_A          (0x1A0|SSL_ST_ACCEPT)
00723 # define SSL3_ST_SR_CERT_VRFY_B          (0x1A1|SSL_ST_ACCEPT)
00724 # define SSL3_ST_SR_CHANGE_A             (0x1B0|SSL_ST_ACCEPT)
00725 # define SSL3_ST_SR_CHANGE_B             (0x1B1|SSL_ST_ACCEPT)
00726 # ifndef OPENSSL_NO_NEXTPROTONEG
00727 #  define SSL3_ST_SR_NEXT_PROTO_A         (0x210|SSL_ST_ACCEPT)
00728 #  define SSL3_ST_SR_NEXT_PROTO_B         (0x211|SSL_ST_ACCEPT)
00729 # endif
00730 # define SSL3_ST_SR_FINISHED_A           (0x1C0|SSL_ST_ACCEPT)
00731 # define SSL3_ST_SR_FINISHED_B           (0x1C1|SSL_ST_ACCEPT)
00732 /* write to client */
00733 # define SSL3_ST_SW_CHANGE_A             (0x1D0|SSL_ST_ACCEPT)
00734 # define SSL3_ST_SW_CHANGE_B             (0x1D1|SSL_ST_ACCEPT)
00735 # define SSL3_ST_SW_FINISHED_A           (0x1E0|SSL_ST_ACCEPT)
00736 # define SSL3_ST_SW_FINISHED_B           (0x1E1|SSL_ST_ACCEPT)
00737 # define SSL3_ST_SW_SESSION_TICKET_A     (0x1F0|SSL_ST_ACCEPT)
00738 # define SSL3_ST_SW_SESSION_TICKET_B     (0x1F1|SSL_ST_ACCEPT)
00739 # define SSL3_ST_SW_CERT_STATUS_A        (0x200|SSL_ST_ACCEPT)
00740 # define SSL3_ST_SW_CERT_STATUS_B        (0x201|SSL_ST_ACCEPT)
00741 
00742 # define SSL3_MT_HELLO_REQUEST                   0
00743 # define SSL3_MT_CLIENT_HELLO                    1
00744 # define SSL3_MT_SERVER_HELLO                    2
00745 # define SSL3_MT_NEWSESSION_TICKET               4
00746 # define SSL3_MT_CERTIFICATE                     11
00747 # define SSL3_MT_SERVER_KEY_EXCHANGE             12
00748 # define SSL3_MT_CERTIFICATE_REQUEST             13
00749 # define SSL3_MT_SERVER_DONE                     14
00750 # define SSL3_MT_CERTIFICATE_VERIFY              15
00751 # define SSL3_MT_CLIENT_KEY_EXCHANGE             16
00752 # define SSL3_MT_FINISHED                        20
00753 # define SSL3_MT_CERTIFICATE_STATUS              22
00754 # ifndef OPENSSL_NO_NEXTPROTONEG
00755 #  define SSL3_MT_NEXT_PROTO                      67
00756 # endif
00757 # define DTLS1_MT_HELLO_VERIFY_REQUEST    3
00758 
00759 # define SSL3_MT_CCS                             1
00760 
00761 /* These are used when changing over to a new cipher */
00762 # define SSL3_CC_READ            0x01
00763 # define SSL3_CC_WRITE           0x02
00764 # define SSL3_CC_CLIENT          0x10
00765 # define SSL3_CC_SERVER          0x20
00766 # define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
00767 # define SSL3_CHANGE_CIPHER_SERVER_READ  (SSL3_CC_SERVER|SSL3_CC_READ)
00768 # define SSL3_CHANGE_CIPHER_CLIENT_READ  (SSL3_CC_CLIENT|SSL3_CC_READ)
00769 # define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
00770 
00771 #ifdef  __cplusplus
00772 }
00773 #endif
00774 #endif