summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl3.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl3.h')
-rw-r--r--src/lib/libssl/ssl3.h41
1 files changed, 40 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 1153aeda74..4b1e2e9834 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -108,6 +108,11 @@
108 * Hudson (tjh@cryptsoft.com). 108 * Hudson (tjh@cryptsoft.com).
109 * 109 *
110 */ 110 */
111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
111 116
112#ifndef HEADER_SSL3_H 117#ifndef HEADER_SSL3_H
113#define HEADER_SSL3_H 118#define HEADER_SSL3_H
@@ -118,6 +123,7 @@
118#include <openssl/buffer.h> 123#include <openssl/buffer.h>
119#include <openssl/evp.h> 124#include <openssl/evp.h>
120#include <openssl/ssl.h> 125#include <openssl/ssl.h>
126#include <openssl/pq_compat.h>
121 127
122#ifdef __cplusplus 128#ifdef __cplusplus
123extern "C" { 129extern "C" {
@@ -248,7 +254,11 @@ extern "C" {
248#endif 254#endif
249 255
250#define SSL3_RT_MAX_PLAIN_LENGTH 16384 256#define SSL3_RT_MAX_PLAIN_LENGTH 16384
257#ifdef OPENSSL_NO_COMP
258#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
259#else
251#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) 260#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
261#endif
252#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) 262#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
253#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) 263#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
254#define SSL3_RT_MAX_DATA_SIZE (1024*1024) 264#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
@@ -289,6 +299,8 @@ typedef struct ssl3_record_st
289/*rw*/ unsigned char *data; /* pointer to the record data */ 299/*rw*/ unsigned char *data; /* pointer to the record data */
290/*rw*/ unsigned char *input; /* where the decode bytes are */ 300/*rw*/ unsigned char *input; /* where the decode bytes are */
291/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ 301/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
302/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
303/*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */
292 } SSL3_RECORD; 304 } SSL3_RECORD;
293 305
294typedef struct ssl3_buffer_st 306typedef struct ssl3_buffer_st
@@ -307,7 +319,12 @@ typedef struct ssl3_buffer_st
307#define SSL3_CT_RSA_EPHEMERAL_DH 5 319#define SSL3_CT_RSA_EPHEMERAL_DH 5
308#define SSL3_CT_DSS_EPHEMERAL_DH 6 320#define SSL3_CT_DSS_EPHEMERAL_DH 6
309#define SSL3_CT_FORTEZZA_DMS 20 321#define SSL3_CT_FORTEZZA_DMS 20
310#define SSL3_CT_NUMBER 7 322/* SSL3_CT_NUMBER is used to size arrays and it must be large
323 * enough to contain all of the cert types defined either for
324 * SSLv3 and TLSv1.
325 */
326#define SSL3_CT_NUMBER 7
327
311 328
312#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 329#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
313#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 330#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
@@ -392,6 +409,11 @@ typedef struct ssl3_state_st
392#ifndef OPENSSL_NO_DH 409#ifndef OPENSSL_NO_DH
393 DH *dh; 410 DH *dh;
394#endif 411#endif
412
413#ifndef OPENSSL_NO_ECDH
414 EC_KEY *ecdh; /* holds short lived ECDH key */
415#endif
416
395 /* used when SSL_ST_FLUSH_DATA is entered */ 417 /* used when SSL_ST_FLUSH_DATA is entered */
396 int next_state; 418 int next_state;
397 419
@@ -420,6 +442,7 @@ typedef struct ssl3_state_st
420 442
421 } SSL3_STATE; 443 } SSL3_STATE;
422 444
445
423/* SSLv3 */ 446/* SSLv3 */
424/*client */ 447/*client */
425/* extra state */ 448/* extra state */
@@ -430,6 +453,8 @@ typedef struct ssl3_state_st
430/* read from server */ 453/* read from server */
431#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) 454#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
432#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) 455#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
456#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
457#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
433#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) 458#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
434#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) 459#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
435#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) 460#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
@@ -456,6 +481,10 @@ typedef struct ssl3_state_st
456#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) 481#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
457#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) 482#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
458#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) 483#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
484#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
485#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
486#define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
487#define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
459 488
460/* server */ 489/* server */
461/* extra state */ 490/* extra state */
@@ -466,6 +495,8 @@ typedef struct ssl3_state_st
466#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) 495#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
467#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) 496#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
468/* write to client */ 497/* write to client */
498#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
499#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
469#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) 500#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
470#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) 501#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
471#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) 502#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
@@ -495,10 +526,15 @@ typedef struct ssl3_state_st
495#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) 526#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
496#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) 527#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
497#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) 528#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
529#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
530#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
531#define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
532#define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
498 533
499#define SSL3_MT_HELLO_REQUEST 0 534#define SSL3_MT_HELLO_REQUEST 0
500#define SSL3_MT_CLIENT_HELLO 1 535#define SSL3_MT_CLIENT_HELLO 1
501#define SSL3_MT_SERVER_HELLO 2 536#define SSL3_MT_SERVER_HELLO 2
537#define SSL3_MT_NEWSESSION_TICKET 4
502#define SSL3_MT_CERTIFICATE 11 538#define SSL3_MT_CERTIFICATE 11
503#define SSL3_MT_SERVER_KEY_EXCHANGE 12 539#define SSL3_MT_SERVER_KEY_EXCHANGE 12
504#define SSL3_MT_CERTIFICATE_REQUEST 13 540#define SSL3_MT_CERTIFICATE_REQUEST 13
@@ -506,6 +542,9 @@ typedef struct ssl3_state_st
506#define SSL3_MT_CERTIFICATE_VERIFY 15 542#define SSL3_MT_CERTIFICATE_VERIFY 15
507#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 543#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
508#define SSL3_MT_FINISHED 20 544#define SSL3_MT_FINISHED 20
545#define SSL3_MT_CERTIFICATE_STATUS 22
546#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
547
509 548
510#define SSL3_MT_CCS 1 549#define SSL3_MT_CCS 1
511 550
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 15:06:24 +0000