summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_local.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_local.h')
-rw-r--r--src/lib/libssl/ssl_local.h20
1 files changed, 2 insertions, 18 deletions
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index bd6275fac7..b4d093b226 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_local.h,v 1.12 2023/12/29 12:24:33 tb Exp $ */ 1/* $OpenBSD: ssl_local.h,v 1.13 2024/02/03 15:58:34 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -197,7 +197,6 @@ __BEGIN_HIDDEN_DECLS
197#define SSL_kRSA 0x00000001L /* RSA key exchange */ 197#define SSL_kRSA 0x00000001L /* RSA key exchange */
198#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */ 198#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */
199#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */ 199#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
200#define SSL_kGOST 0x00000200L /* GOST key exchange */
201#define SSL_kTLS1_3 0x00000400L /* TLSv1.3 key exchange */ 200#define SSL_kTLS1_3 0x00000400L /* TLSv1.3 key exchange */
202 201
203/* Bits for algorithm_auth (server authentication) */ 202/* Bits for algorithm_auth (server authentication) */
@@ -205,7 +204,6 @@ __BEGIN_HIDDEN_DECLS
205#define SSL_aDSS 0x00000002L /* DSS auth */ 204#define SSL_aDSS 0x00000002L /* DSS auth */
206#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */ 205#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
207#define SSL_aECDSA 0x00000040L /* ECDSA auth*/ 206#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
208#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
209#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */ 207#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */
210 208
211/* Bits for algorithm_enc (symmetric encryption) */ 209/* Bits for algorithm_enc (symmetric encryption) */
@@ -218,7 +216,6 @@ __BEGIN_HIDDEN_DECLS
218#define SSL_AES256 0x00000040L 216#define SSL_AES256 0x00000040L
219#define SSL_CAMELLIA128 0x00000080L 217#define SSL_CAMELLIA128 0x00000080L
220#define SSL_CAMELLIA256 0x00000100L 218#define SSL_CAMELLIA256 0x00000100L
221#define SSL_eGOST2814789CNT 0x00000200L
222#define SSL_AES128GCM 0x00000400L 219#define SSL_AES128GCM 0x00000400L
223#define SSL_AES256GCM 0x00000800L 220#define SSL_AES256GCM 0x00000800L
224#define SSL_CHACHA20POLY1305 0x00001000L 221#define SSL_CHACHA20POLY1305 0x00001000L
@@ -231,8 +228,6 @@ __BEGIN_HIDDEN_DECLS
231 228
232#define SSL_MD5 0x00000001L 229#define SSL_MD5 0x00000001L
233#define SSL_SHA1 0x00000002L 230#define SSL_SHA1 0x00000002L
234#define SSL_GOST94 0x00000004L
235#define SSL_GOST89MAC 0x00000008L
236#define SSL_SHA256 0x00000010L 231#define SSL_SHA256 0x00000010L
237#define SSL_SHA384 0x00000020L 232#define SSL_SHA384 0x00000020L
238/* Not a real MAC, just an indication it is part of cipher */ 233/* Not a real MAC, just an indication it is part of cipher */
@@ -251,10 +246,8 @@ __BEGIN_HIDDEN_DECLS
251#define SSL_HANDSHAKE_MAC_MASK 0xff0 246#define SSL_HANDSHAKE_MAC_MASK 0xff0
252#define SSL_HANDSHAKE_MAC_MD5 0x010 247#define SSL_HANDSHAKE_MAC_MD5 0x010
253#define SSL_HANDSHAKE_MAC_SHA 0x020 248#define SSL_HANDSHAKE_MAC_SHA 0x020
254#define SSL_HANDSHAKE_MAC_GOST94 0x040
255#define SSL_HANDSHAKE_MAC_SHA256 0x080 249#define SSL_HANDSHAKE_MAC_SHA256 0x080
256#define SSL_HANDSHAKE_MAC_SHA384 0x100 250#define SSL_HANDSHAKE_MAC_SHA384 0x100
257#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
258#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) 251#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
259 252
260#define SSL3_CK_ID 0x03000000 253#define SSL3_CK_ID 0x03000000
@@ -267,17 +260,9 @@ __BEGIN_HIDDEN_DECLS
267#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) 260#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
268#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) 261#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
269#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) 262#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
270#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
271#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
272#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) 263#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
273 264
274/* 265/*
275 * Stream MAC for GOST ciphersuites from cryptopro draft
276 * (currently this also goes into algorithm2).
277 */
278#define TLS1_STREAM_MAC 0x04
279
280/*
281 * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that 266 * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
282 * indicates that the variable part of the nonce is included as a prefix of 267 * indicates that the variable part of the nonce is included as a prefix of
283 * the record (AES-GCM, for example, does this with an 8-byte variable nonce.) 268 * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
@@ -324,8 +309,7 @@ __BEGIN_HIDDEN_DECLS
324 309
325#define SSL_PKEY_RSA 0 310#define SSL_PKEY_RSA 0
326#define SSL_PKEY_ECC 1 311#define SSL_PKEY_ECC 1
327#define SSL_PKEY_GOST01 2 312#define SSL_PKEY_NUM 2
328#define SSL_PKEY_NUM 3
329 313
330#define SSL_MAX_EMPTY_RECORDS 32 314#define SSL_MAX_EMPTY_RECORDS 32
331 315
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 04:30:34 +0000