117 #ifndef HEADER_SSL3_H
118 #define HEADER_SSL3_H
120 #ifndef OPENSSL_NO_COMP
121 #include <openssl/comp.h>
123 #include <openssl/buffer.h>
124 #include <openssl/evp.h>
125 #include <openssl/ssl.h>
126 #include <openssl/pq_compat.h>
132 #define SSL3_CK_RSA_NULL_MD5 0x03000001
133 #define SSL3_CK_RSA_NULL_SHA 0x03000002
134 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003
135 #define SSL3_CK_RSA_RC4_128_MD5 0x03000004
136 #define SSL3_CK_RSA_RC4_128_SHA 0x03000005
137 #define SSL3_CK_RSA_RC2_40_MD5 0x03000006
138 #define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
139 #define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
140 #define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
141 #define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
143 #define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
144 #define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
145 #define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
146 #define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
147 #define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
148 #define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
150 #define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
151 #define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
152 #define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
153 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
154 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
155 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
157 #define SSL3_CK_ADH_RC4_40_MD5 0x03000017
158 #define SSL3_CK_ADH_RC4_128_MD5 0x03000018
159 #define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
160 #define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
161 #define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
163 #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
164 #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
168 #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
173 #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
174 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
175 #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
176 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
177 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
178 #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
179 #define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
180 #define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
182 #define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
183 #define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
184 #define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
185 #define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
186 #define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
187 #define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
189 #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
190 #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
191 #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
192 #define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
193 #define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
194 #define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
195 #define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
196 #define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
197 #define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
198 #define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
200 #define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
201 #define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
202 #define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
203 #define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
204 #define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
205 #define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
207 #define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
208 #define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
209 #define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
210 #define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
211 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
212 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
214 #define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
215 #define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
216 #define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
217 #define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
218 #define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
220 #define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
221 #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
222 #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
224 #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
225 #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
226 #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
227 #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
228 #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
229 #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
230 #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
231 #define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
233 #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
234 #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
235 #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
236 #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
237 #define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
238 #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
240 #define SSL3_SSL_SESSION_ID_LENGTH 32
241 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
243 #define SSL3_MASTER_SECRET_SIZE 48
244 #define SSL3_RANDOM_SIZE 32
245 #define SSL3_SESSION_ID_SIZE 32
246 #define SSL3_RT_HEADER_LENGTH 5
249 #if defined(OPENSSL_SYS_WIN16) || \
250 (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
251 #define SSL3_RT_MAX_EXTRA (14000)
253 #define SSL3_RT_MAX_EXTRA (16384)
256 #define SSL3_RT_MAX_PLAIN_LENGTH 16384
257 #ifdef OPENSSL_NO_COMP
258 #define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
260 #define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
262 #define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
263 #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
264 #define SSL3_RT_MAX_DATA_SIZE (1024*1024)
266 #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
267 #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
269 #define SSL3_VERSION 0x0300
270 #define SSL3_VERSION_MAJOR 0x03
271 #define SSL3_VERSION_MINOR 0x00
273 #define SSL3_RT_CHANGE_CIPHER_SPEC 20
274 #define SSL3_RT_ALERT 21
275 #define SSL3_RT_HANDSHAKE 22
276 #define SSL3_RT_APPLICATION_DATA 23
278 #define SSL3_AL_WARNING 1
279 #define SSL3_AL_FATAL 2
281 #define SSL3_AD_CLOSE_NOTIFY 0
282 #define SSL3_AD_UNEXPECTED_MESSAGE 10
283 #define SSL3_AD_BAD_RECORD_MAC 20
284 #define SSL3_AD_DECOMPRESSION_FAILURE 30
285 #define SSL3_AD_HANDSHAKE_FAILURE 40
286 #define SSL3_AD_NO_CERTIFICATE 41
287 #define SSL3_AD_BAD_CERTIFICATE 42
288 #define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
289 #define SSL3_AD_CERTIFICATE_REVOKED 44
290 #define SSL3_AD_CERTIFICATE_EXPIRED 45
291 #define SSL3_AD_CERTIFICATE_UNKNOWN 46
292 #define SSL3_AD_ILLEGAL_PARAMETER 47
300 unsigned char *input;
315 #define SSL3_CT_RSA_SIGN 1
316 #define SSL3_CT_DSS_SIGN 2
317 #define SSL3_CT_RSA_FIXED_DH 3
318 #define SSL3_CT_DSS_FIXED_DH 4
319 #define SSL3_CT_RSA_EPHEMERAL_DH 5
320 #define SSL3_CT_DSS_EPHEMERAL_DH 6
321 #define SSL3_CT_FORTEZZA_DMS 20
326 #define SSL3_CT_NUMBER 7
329 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
330 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
331 #define SSL3_FLAGS_POP_BUFFER 0x0004
332 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
337 int delay_buf_pop_ret;
339 unsigned char read_sequence[8];
340 unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
341 unsigned char write_sequence[8];
342 unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
344 unsigned char server_random[SSL3_RANDOM_SIZE];
345 unsigned char client_random[SSL3_RANDOM_SIZE];
348 int need_empty_fragments;
349 int empty_fragment_done;
359 unsigned char alert_fragment[2];
360 unsigned int alert_fragment_len;
361 unsigned char handshake_fragment[4];
362 unsigned int handshake_fragment_len;
369 const unsigned char *wpend_buf;
377 int change_cipher_spec;
384 unsigned char send_alert[2];
389 int total_renegotiations;
390 int num_renegotiations;
392 int in_read_app_data;
396 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
399 unsigned char finish_md[EVP_MAX_MD_SIZE*2];
401 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
402 int peer_finish_md_len;
404 unsigned long message_size;
409 #ifndef OPENSSL_NO_DH
413 #ifndef OPENSSL_NO_ECDH
425 char ctype[SSL3_CT_NUMBER];
430 int key_block_length;
431 unsigned char *key_block;
435 #ifndef OPENSSL_NO_COMP
438 char *new_compression;
449 #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
451 #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
452 #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
454 #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
455 #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
456 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
457 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
458 #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
459 #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
460 #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
461 #define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
462 #define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
463 #define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
464 #define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
465 #define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
467 #define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
468 #define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
469 #define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
470 #define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
471 #define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
472 #define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
473 #define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
474 #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
475 #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
476 #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
477 #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
478 #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
480 #define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
481 #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
482 #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
483 #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
484 #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
485 #define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
489 #define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
492 #define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
493 #define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
494 #define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
496 #define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
497 #define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
498 #define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
499 #define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
500 #define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
501 #define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
502 #define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
503 #define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
504 #define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
505 #define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
506 #define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
507 #define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
508 #define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
509 #define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
510 #define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
512 #define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
513 #define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
514 #define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
515 #define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
516 #define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
517 #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
518 #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
519 #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
520 #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
521 #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
523 #define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
524 #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
525 #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
526 #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
527 #define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
528 #define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
530 #define SSL3_MT_HELLO_REQUEST 0
531 #define SSL3_MT_CLIENT_HELLO 1
532 #define SSL3_MT_SERVER_HELLO 2
533 #define SSL3_MT_NEWSESSION_TICKET 4
534 #define SSL3_MT_CERTIFICATE 11
535 #define SSL3_MT_SERVER_KEY_EXCHANGE 12
536 #define SSL3_MT_CERTIFICATE_REQUEST 13
537 #define SSL3_MT_SERVER_DONE 14
538 #define SSL3_MT_CERTIFICATE_VERIFY 15
539 #define SSL3_MT_CLIENT_KEY_EXCHANGE 16
540 #define SSL3_MT_FINISHED 20
541 #define DTLS1_MT_HELLO_VERIFY_REQUEST 3
544 #define SSL3_MT_CCS 1
547 #define SSL3_CC_READ 0x01
548 #define SSL3_CC_WRITE 0x02
549 #define SSL3_CC_CLIENT 0x10
550 #define SSL3_CC_SERVER 0x20
551 #define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
552 #define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
553 #define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
554 #define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
STACK_OF(X509_NAME)
Definition: ssl_cert.c:554