195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * All rights reserved. 395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This package is an SSL implementation written 595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * by Eric Young (eay@cryptsoft.com). 695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The implementation was written so as to conform with Netscapes SSL. 795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This library is free for commercial and non-commercial use as long as 995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the following conditions are aheared to. The following conditions 1095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * apply to all code found in this distribution, be it the RC4, RSA, 1195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * included with this distribution is covered by the same copyright terms 1395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright remains Eric Young's, and as such any Copyright notices in 1695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the code are not to be removed. 1795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * If this package is used in a product, Eric Young should be given attribution 1895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * as the author of the parts of the library used. 1995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This can be in the form of a textual message at program startup or 2095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * in documentation (online or textual) provided with the package. 2195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Redistribution and use in source and binary forms, with or without 2395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * modification, are permitted provided that the following conditions 2495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * are met: 2595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1. Redistributions of source code must retain the copyright 2695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer. 2795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2. Redistributions in binary form must reproduce the above copyright 2895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer in the 2995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * documentation and/or other materials provided with the distribution. 3095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3. All advertising materials mentioning features or use of this software 3195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * must display the following acknowledgement: 3295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes cryptographic software written by 3395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Eric Young (eay@cryptsoft.com)" 3495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The word 'cryptographic' can be left out if the rouines from the library 3595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * being used are not cryptographic related :-). 3695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4. If you include any Windows specific code (or a derivative thereof) from 3795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the apps directory (application code) you must include an acknowledgement: 3895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 3995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 4995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SUCH DAMAGE. 5195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The licence and distribution terms for any publically available version or 5395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * derivative of this code cannot be changed. i.e. this code cannot simply be 5495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * copied and put under another distribution licence 5595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * [including the GNU Public Licence.] 5695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 5795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ==================================================================== 5895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 5995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Redistribution and use in source and binary forms, with or without 6195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * modification, are permitted provided that the following conditions 6295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * are met: 6395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1. Redistributions of source code must retain the above copyright 6595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer. 6695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2. Redistributions in binary form must reproduce the above copyright 6895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * notice, this list of conditions and the following disclaimer in 6995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the documentation and/or other materials provided with the 7095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * distribution. 7195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 7295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3. All advertising materials mentioning features or use of this 7395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * software must display the following acknowledgment: 7495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes software developed by the OpenSSL Project 7595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 7695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 7795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 7895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * endorse or promote products derived from this software without 7995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * prior written permission. For written permission, please contact 8095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * openssl-core@openssl.org. 8195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 8295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5. Products derived from this software may not be called "OpenSSL" 8395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * nor may "OpenSSL" appear in their names without prior written 8495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * permission of the OpenSSL Project. 8595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 8695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6. Redistributions of any form whatsoever must retain the following 8795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * acknowledgment: 8895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * "This product includes software developed by the OpenSSL Project 8995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 9095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 9195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 9295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 9395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 9495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 9595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 9695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 9795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 9895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 9995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 10095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 10195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 10295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OF THE POSSIBILITY OF SUCH DAMAGE. 10395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ==================================================================== 10495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 10595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This product includes cryptographic software written by Eric Young 10695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * (eay@cryptsoft.com). This product includes software written by Tim 10795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Hudson (tjh@cryptsoft.com). 10895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 10995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 11095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ==================================================================== 11195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 11295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ECC cipher suite support in OpenSSL originally developed by 11395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 11495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 11595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ==================================================================== 11695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright 2005 Nokia. All rights reserved. 11795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 11895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The portions of the attached software ("Contribution") is developed by 11995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Nokia Corporation and is licensed pursuant to the OpenSSL open source 12095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * license. 12195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 12295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The Contribution, originally written by Mika Kousa and Pasi Eronen of 12395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 12495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * support (see RFC 4279) to OpenSSL. 12595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 12695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * No patent licenses or other rights except those expressly stated in 12795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * the OpenSSL open source license shall be deemed granted or received 12895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * expressly, by implication, estoppel, or otherwise. 12995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 13095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * No assurances are provided by Nokia that the Contribution does not 13195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * infringe the patent or other intellectual property rights of any third 13295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * party or that the license provides you with all the necessary rights 13395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * to make use of the Contribution. 13495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 13595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 13695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 13795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 13895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 13995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OTHERWISE. 14095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 14195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 14295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#ifndef HEADER_SSL_LOCL_H 14395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define HEADER_SSL_LOCL_H 14495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 14595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/base.h> 14695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 14795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <errno.h> 14895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <stdlib.h> 14995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <string.h> 15095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <time.h> 15195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 152c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley#include <openssl/aead.h> 15395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/bio.h> 15495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/buf.h> 15595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/dsa.h> 15695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/err.h> 15795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/rsa.h> 15895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/ssl.h> 15995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/stack.h> 16095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 16195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ 16295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=(((unsigned long)(*((c)++)))<< 8), \ 16395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=(((unsigned long)(*((c)++)))<<16), \ 16495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=(((unsigned long)(*((c)++)))<<24)) 16595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 16695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* NOTE - c is not incremented as per c2l */ 16795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define c2ln(c,l1,l2,n) { \ 16895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley c+=n; \ 16995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l1=l2=0; \ 17095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley switch (n) { \ 17195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 8: l2 =((unsigned long)(*(--(c))))<<24; \ 17295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 7: l2|=((unsigned long)(*(--(c))))<<16; \ 17395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 6: l2|=((unsigned long)(*(--(c))))<< 8; \ 17495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 5: l2|=((unsigned long)(*(--(c)))); \ 17595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 4: l1 =((unsigned long)(*(--(c))))<<24; \ 17695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 3: l1|=((unsigned long)(*(--(c))))<<16; \ 17795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 2: l1|=((unsigned long)(*(--(c))))<< 8; \ 17895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 1: l1|=((unsigned long)(*(--(c)))); \ 17995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } \ 18095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 18195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 18295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ 18395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 18495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 18595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>24)&0xff)) 18695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 18795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \ 18895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((unsigned long)(*((c)++)))<<16, \ 18995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((unsigned long)(*((c)++)))<< 8, \ 19095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((unsigned long)(*((c)++)))) 19195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 19295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ 19395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 19495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 19595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l) )&0xff)) 19695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 19795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2n6(l,c) (*((c)++)=(unsigned char)(((l)>>40)&0xff), \ 19895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>32)&0xff), \ 19995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>24)&0xff), \ 20095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 20195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 20295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l) )&0xff)) 20395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 20495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \ 20595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>48)&0xff), \ 20695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>40)&0xff), \ 20795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>32)&0xff), \ 20895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>24)&0xff), \ 20995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>>16)&0xff), \ 21095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ 21195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *((c)++)=(unsigned char)(((l) )&0xff)) 21295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 21395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \ 21495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((BN_ULLONG)(*((c)++)))<<32, \ 21595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((BN_ULLONG)(*((c)++)))<<24, \ 21695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((BN_ULLONG)(*((c)++)))<<16, \ 21795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((BN_ULLONG)(*((c)++)))<< 8, \ 21895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley l|=((BN_ULLONG)(*((c)++)))) 21995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 22095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* NOTE - c is not incremented as per l2c */ 22195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2cn(l1,l2,c,n) { \ 22295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley c+=n; \ 22395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley switch (n) { \ 22495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ 22595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ 22695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ 22795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ 22895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ 22995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ 23095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ 23195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ 23295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } \ 23395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 23495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 23595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ 23695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (((unsigned int)(c[1])) )),c+=2) 23795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \ 23895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley c[1]=(unsigned char)(((s) )&0xff)),c+=2) 23995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 24095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \ 24195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (((unsigned long)(c[1]))<< 8)| \ 24295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (((unsigned long)(c[2])) )),c+=3) 24395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 24495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \ 24595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley c[1]=(unsigned char)(((l)>> 8)&0xff), \ 24695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley c[2]=(unsigned char)(((l) )&0xff)),c+=3) 24795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 24895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* LOCAL STUFF */ 24995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 25095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_DECRYPT 0 25195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENCRYPT 1 25295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 25395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TWO_BYTE_BIT 0x80 25495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SEC_ESC_BIT 0x40 25595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TWO_BYTE_MASK 0x7fff 25695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define THREE_BYTE_MASK 0x3fff 25795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 25895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define INC32(a) ((a)=((a)+1)&0xffffffffL) 25995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define DEC32(a) ((a)=((a)-1)&0xffffffffL) 26095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */ 26195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 26295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* 26395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Define the Bitmasks for SSL_CIPHER.algorithms. 26495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This bits are used packed as dense as possible. If new methods/ciphers 26595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * etc will be added, the bits a likely to change, so this information 26695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * is for internal library use only, even though SSL_CIPHER.algorithms 26795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * can be publicly accessed. 26895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Use the according functions for cipher management instead. 26995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 27095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The bit mask handling in the selection and sorting scheme in 27195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ssl_create_cipher_list() has only limited capabilities, reflecting 27295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * that the different entities within are mutually exclusive: 27395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. 27495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 27595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 27695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm_mkey (key exchange algorithm) */ 27795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_kRSA 0x00000001L /* RSA key exchange */ 2780da0e18a60754e1d8cc520110f5a449ab01a47efDavid Benjamin#define SSL_kEDH 0x00000002L /* tmp DH key no DH cert */ 2790da0e18a60754e1d8cc520110f5a449ab01a47efDavid Benjamin#define SSL_kEECDH 0x00000004L /* ephemeral ECDH */ 2800da0e18a60754e1d8cc520110f5a449ab01a47efDavid Benjamin#define SSL_kPSK 0x00000008L /* PSK */ 28195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 28295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm_auth (server authentication) */ 28395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_aRSA 0x00000001L /* RSA auth */ 284ef2116d33c3c1b38005eb59caa2aaa6300a9b450David Benjamin#define SSL_aNULL 0x00000002L /* no auth (i.e. use ADH or AECDH) */ 285ef2116d33c3c1b38005eb59caa2aaa6300a9b450David Benjamin#define SSL_aECDSA 0x00000004L /* ECDSA auth*/ 286ef2116d33c3c1b38005eb59caa2aaa6300a9b450David Benjamin#define SSL_aPSK 0x00000008L /* PSK auth */ 28795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 28895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 28995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm_enc (symmetric encryption) */ 290d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_3DES 0x00000001L 291d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_RC4 0x00000002L 292d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_AES128 0x00000004L 293d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_AES256 0x00000008L 294d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_AES128GCM 0x00000010L 295d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_AES256GCM 0x00000020L 296d0639af978a51036376b98cd57abac7c07bad06bDavid Benjamin#define SSL_CHACHA20POLY1305 0x00000040L 29795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 29895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM) 29995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 30095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 30195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm_mac (symmetric authentication) */ 30295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 30395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_MD5 0x00000001L 30495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_SHA1 0x00000002L 305019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_SHA256 0x00000004L 306019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_SHA384 0x00000008L 30795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Not a real MAC, just an indication it is part of cipher */ 308019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_AEAD 0x00000010L 30995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 31095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm_ssl (protocol version) */ 31195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_SSLV3 0x00000002L 31295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_TLSV1 SSL_SSLV3 /* for now */ 31395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_TLSV1_2 0x00000004L 31495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 31595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 31695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Bits for algorithm2 (handshake digests and other extra flags) */ 31795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 31895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_HANDSHAKE_MAC_MD5 0x10 31995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_HANDSHAKE_MAC_SHA 0x20 320019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_HANDSHAKE_MAC_SHA256 0x40 321019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_HANDSHAKE_MAC_SHA384 0x80 32295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) 32395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 32495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX 32595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * make sure to update this constant too */ 326019c3cc64a6f8d76dcee044c6d0d9133424ac1cdDavid Benjamin#define SSL_MAX_DIGEST 4 32795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 32895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT) 32995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 33095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_DGST_SHIFT 10 33195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT) 33295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) 33395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) 33495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) 33595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) 33695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 3371258b6a756674d63f172602d8041ccc0dffd03d1Adam Langley#define TLSEXT_CHANNEL_ID_SIZE 128 33895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 339c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley/* SSL_CIPHER_ALGORITHM2_AEAD is a flag in SSL_CIPHER.algorithm2 which 340c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley * indicates that the cipher is implemented via an EVP_AEAD. */ 341c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley#define SSL_CIPHER_ALGORITHM2_AEAD (1<<23) 342c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley 343c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley/* SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce 344c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley * for an SSL_CIPHER* with the SSL_CIPHER_ALGORITHM2_AEAD flag. */ 345c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \ 346c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley (((ssl_cipher->algorithm2 >> 24) & 0xf)*2) 34795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 348de0b2026841c34193cacf5c97646b38439e13200Adam Langley/* SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD is a flag in 349de0b2026841c34193cacf5c97646b38439e13200Adam Langley * SSL_CIPHER.algorithm2 which indicates that the variable part of the nonce is 350de0b2026841c34193cacf5c97646b38439e13200Adam Langley * included as a prefix of the record. (AES-GCM, for example, does with with an 351de0b2026841c34193cacf5c97646b38439e13200Adam Langley * 8-byte variable nonce.) */ 352de0b2026841c34193cacf5c97646b38439e13200Adam Langley#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD (1<<22) 353de0b2026841c34193cacf5c97646b38439e13200Adam Langley 3549447dff5a25980032883975c7d981d9606395938Adam Langley/* SSL_CIPHER_ALGORITHM2_STATEFUL_AEAD is a flag in SSL_CIPHER.algorithm2 which 3559447dff5a25980032883975c7d981d9606395938Adam Langley * indicates that the AEAD is stateful and so doesn't take an nonce. This is 3569447dff5a25980032883975c7d981d9606395938Adam Langley * only true of legacy cipher suites. */ 3579447dff5a25980032883975c7d981d9606395938Adam Langley#define SSL_CIPHER_ALGORITHM2_STATEFUL_AEAD (1<<28) 3589447dff5a25980032883975c7d981d9606395938Adam Langley 35995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* 360ebf42b5f6f2ac0f1a569459d1e9a9c5a98f64abaDavid Benjamin * Cipher strength information. 36195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 362594a58e0781e06597eafc7599e9f88d5ceaeb566David Benjamin#define SSL_MEDIUM 0x00000001L 363594a58e0781e06597eafc7599e9f88d5ceaeb566David Benjamin#define SSL_HIGH 0x00000002L 364594a58e0781e06597eafc7599e9f88d5ceaeb566David Benjamin#define SSL_FIPS 0x00000004L 36595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 36695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* we have used 000001ff - 23 bits left to go */ 36795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 36895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Check if an SSL structure is using DTLS */ 36995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) 37095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* See if we need explicit IV */ 37195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_USE_EXPLICIT_IV(s) \ 37295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV) 37395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* See if we use signature algorithms extension 37495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * and signature algorithm before signatures. 37595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 37695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_USE_SIGALGS(s) \ 37795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS) 37895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: 37995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * may apply to others in future. 38095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 38195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_USE_TLS1_2_CIPHERS(s) \ 38295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS) 38395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Determine if a client can use TLS 1.2 ciphersuites: can't rely on method 38495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * flags because it may not be set to correct version yet. 38595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 38695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_CLIENT_USE_TLS1_2_CIPHERS(s) \ 38795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ((SSL_IS_DTLS(s) && s->client_version <= DTLS1_2_VERSION) || \ 38895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION)) 38995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 39095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Mostly for SSLv3 */ 39195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_PKEY_RSA_ENC 0 39295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_PKEY_RSA_SIGN 1 393a7d1363fcb1f0d825ec2393c06be3d58b0c57efdDavid Benjamin#define SSL_PKEY_ECC 2 394a7d1363fcb1f0d825ec2393c06be3d58b0c57efdDavid Benjamin#define SSL_PKEY_NUM 3 39595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 39695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | 39795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) 39895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) 39995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN 40095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SSL_aRSA <- RSA_ENC | RSA_SIGN 40195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SSL_aDSS <- DSA_SIGN 40295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 40395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 40495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* 40595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define CERT_INVALID 0 40695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define CERT_PUBLIC_KEY 1 40795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define CERT_PRIVATE_KEY 2 40895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley*/ 40995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 410b2ce05839b435bb21fe70acd0fc00abfa918f41eAdam Langley#define PENDING_SESSION -10000 411dc9b1411279f02e604367bc56fca8cf2acc9d531Adam Langley#define CERTIFICATE_SELECTION_PENDING -10001 412b2ce05839b435bb21fe70acd0fc00abfa918f41eAdam Langley 41395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* From ECC-TLS draft, used in encoding the curve type in 41495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ECParameters 41595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 41695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define EXPLICIT_PRIME_CURVE_TYPE 1 41795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define EXPLICIT_CHAR2_CURVE_TYPE 2 41895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define NAMED_CURVE_TYPE 3 41995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 420590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin/* Values for the |hash_message| parameter of |s->method->ssl_get_message|. */ 421590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin#define SSL_GET_MESSAGE_DONT_HASH_MESSAGE 0 422590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin#define SSL_GET_MESSAGE_HASH_MESSAGE 1 423590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin 42495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleytypedef struct cert_pkey_st 42595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { 42695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley X509 *x509; 42795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley EVP_PKEY *privatekey; 42895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Digest to use when signing */ 42995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const EVP_MD *digest; 43095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Chain for this certificate */ 43195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley STACK_OF(X509) *chain; 43295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Set if CERT_PKEY can be used with current SSL session: e.g. 43395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * appropriate curve, signature algorithms etc. If zero it can't be 43495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * used at all. 43595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 43695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int valid_flags; 43795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } CERT_PKEY; 438335d10d201a22598c2b2c379148c9a095b8ab175David Benjamin 43995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_CERT_FLAGS_CHECK_TLS_STRICT \ 440335d10d201a22598c2b2c379148c9a095b8ab175David Benjamin SSL_CERT_FLAG_TLS_STRICT 44195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 44295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleytypedef struct cert_st 44395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { 44495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Current active set */ 44595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array 44695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Probably it would make more sense to store 44795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * an index, not a pointer. */ 44895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 44995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* For servers the following masks are for the key and auth 45095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * algorithms that are supported by the certs below. 45195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * For clients they are masks of *disabled* algorithms based 45295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * on the current session. 45395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 45495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int valid; 45595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned long mask_k; 45695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned long mask_a; 45795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Client only */ 45895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned long mask_ssl; 45995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley DH *dh_tmp; 46095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize); 46195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley EC_KEY *ecdh_tmp; 46295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Callback for generating ephemeral ECDH keys */ 46395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley EC_KEY *(*ecdh_tmp_cb)(SSL *ssl,int is_export,int keysize); 46495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Select ECDH parameters automatically */ 46595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int ecdh_tmp_auto; 46695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Flags related to certificates */ 46795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned int cert_flags; 46895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley CERT_PKEY pkeys[SSL_PKEY_NUM]; 46995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 470676d1e780e96b201113958e8a6f2e787438f200bDavid Benjamin /* Server-only: client_certificate_types is list of certificate types to 471676d1e780e96b201113958e8a6f2e787438f200bDavid Benjamin * include in the CertificateRequest message. 47295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 473676d1e780e96b201113958e8a6f2e787438f200bDavid Benjamin unsigned char *client_certificate_types; 474676d1e780e96b201113958e8a6f2e787438f200bDavid Benjamin size_t num_client_certificate_types; 47595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 47695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* signature algorithms peer reports: e.g. supported signature 47795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * algorithms extension for server or as part of a certificate 47895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * request for client. 47995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 48095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *peer_sigalgs; 48195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Size of above array */ 48295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t peer_sigalgslen; 48395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* suppported signature algorithms. 48495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * When set on a client this is sent in the client hello as the 48595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * supported signature algorithms extension. For servers 48695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * it represents the signature algorithms we are willing to use. 48795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 48895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *conf_sigalgs; 48995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Size of above array */ 49095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t conf_sigalgslen; 49195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Client authentication signature algorithms, if not set then 49295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * uses conf_sigalgs. On servers these will be the signature 49395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * algorithms sent to the client in a cerificate request for TLS 1.2. 49495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * On a client this represents the signature algortithms we are 49595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * willing to use for client authentication. 49695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 49795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *client_sigalgs; 49895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Size of above array */ 49995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t client_sigalgslen; 50095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Signature algorithms shared by client and server: cached 50195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * because these are used most often. 50295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 50395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley TLS_SIGALGS *shared_sigalgs; 50495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t shared_sigalgslen; 50595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 50695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Certificate setup callback: if set is called whenever a 50795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * certificate may be required (client or server). the callback 50895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * can then examine any appropriate parameters and setup any 50995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * certificates required. This allows advanced applications 51095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * to select certificates on the fly: for example based on 51195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * supported signature algorithms or curves. 51295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 51395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*cert_cb)(SSL *ssl, void *arg); 51495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley void *cert_cb_arg; 51595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 51695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Optional X509_STORE for chain building or certificate validation 51795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * If NULL the parent SSL_CTX store is used instead. 51895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 51995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley X509_STORE *chain_store; 52095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley X509_STORE *verify_store; 52195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 52295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Raw values of the cipher list from a client */ 52395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *ciphers_raw; 52495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t ciphers_rawlen; 52595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } CERT; 52695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 52795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 52895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleytypedef struct sess_cert_st 52995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { 53095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ 53195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 53295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* The 'peer_...' members are used only by clients. */ 53395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int peer_cert_type; 53495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 53595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ 53695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; 53795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Obviously we don't have the private keys of these, 53895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * so maybe we shouldn't even use the CERT_PKEY type here. */ 53995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 54095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley RSA *peer_rsa_tmp; /* not used for SSL 2 */ 54195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley DH *peer_dh_tmp; /* not used for SSL 2 */ 54295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley EC_KEY *peer_ecdh_tmp; 54395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } SESS_CERT; 54495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Structure containing decoded values of signature algorithms extension */ 54595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleystruct tls_sigalgs_st 54695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { 54795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* NID of hash algorithm */ 54895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int hash_nid; 54995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* NID of signature algorithm */ 55095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int sign_nid; 55195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Combined hash and signature NID */ 55295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int signandhash_nid; 55395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Raw values used in extension */ 55495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char rsign; 55595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char rhash; 55695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley }; 55795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 55895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define MAC_DEBUG */ 55995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 56095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define ERR_DEBUG */ 56195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define ABORT_DEBUG */ 56295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define PKT_DEBUG 1 */ 56395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define DES_DEBUG */ 56495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define DES_OFB_DEBUG */ 56595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define SSL_DEBUG */ 56695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define RSA_DEBUG */ 56795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/*#define IDEA_DEBUG */ 56895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 56995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define FP_ICC (int (*)(const void *,const void *)) 57095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 57195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff 57295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * It is a bit of a mess of functions, but hell, think of it as 57395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * an opaque structure :-) */ 57495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleytypedef struct ssl3_enc_method 57595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { 57695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*enc)(SSL *, int); 57795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*mac)(SSL *, unsigned char *, int); 57895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*setup_key_block)(SSL *); 57995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int); 58095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*change_cipher_state)(SSL *, int); 58195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*final_finish_mac)(SSL *, const char *, int, unsigned char *); 58295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int finish_mac_length; 58395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*cert_verify_mac)(SSL *, int, unsigned char *); 58495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *client_finished_label; 58595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int client_finished_label_len; 58695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *server_finished_label; 58795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int server_finished_label_len; 58895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*alert_value)(int); 58995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*export_keying_material)(SSL *, unsigned char *, size_t, 59095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *, size_t, 59195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *, size_t, 59295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int use_context); 59395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Various flags indicating protocol version requirements */ 59495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned int enc_flags; 59595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Handshake header length */ 59695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned int hhlen; 59795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Set the handshake header */ 59895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley void (*set_handshake_header)(SSL *s, int type, unsigned long len); 59995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley /* Write out handshake message */ 60095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int (*do_write)(SSL *s); 60195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } SSL3_ENC_METHOD; 60295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 60395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_HM_HEADER_LENGTH(s) s->method->ssl3_enc->hhlen 60495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define ssl_handshake_start(s) \ 60595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley (((unsigned char *)s->init_buf->data) + s->method->ssl3_enc->hhlen) 60695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define ssl_set_handshake_header(s, htype, len) \ 60795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s->method->ssl3_enc->set_handshake_header(s, htype, len) 60895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define ssl_do_write(s) s->method->ssl3_enc->do_write(s) 60995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 61095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Values for enc_flags */ 61195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 61295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Uses explicit IV for CBC mode */ 61395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENC_FLAG_EXPLICIT_IV 0x1 61495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Uses signature algorithms extension */ 61595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENC_FLAG_SIGALGS 0x2 61695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Uses SHA256 default PRF */ 61795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENC_FLAG_SHA256_PRF 0x4 61895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Is DTLS */ 61995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENC_FLAG_DTLS 0x8 62095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: 62195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * may apply to others in future. 62295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */ 62395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define SSL_ENC_FLAG_TLS1_2_CIPHERS 0x10 62495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 625c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley/* ssl_aead_ctx_st contains information about an AEAD that is being used to 626c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley * encrypt an SSL connection. */ 627c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langleystruct ssl_aead_ctx_st 628c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley { 629c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley EVP_AEAD_CTX ctx; 630c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley /* fixed_nonce contains any bytes of the nonce that are fixed for all 631c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley * records. */ 632c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley unsigned char fixed_nonce[8]; 633c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley unsigned char fixed_nonce_len, variable_nonce_len, tag_len; 634de0b2026841c34193cacf5c97646b38439e13200Adam Langley /* variable_nonce_included_in_record is non-zero if the variable nonce 635de0b2026841c34193cacf5c97646b38439e13200Adam Langley * for a record is included as a prefix before the ciphertext. */ 636de0b2026841c34193cacf5c97646b38439e13200Adam Langley char variable_nonce_included_in_record; 637c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley }; 638c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley 63995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 64095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD ssl3_undef_enc_method; 6416f2600199c82330240de9a7f65a801b6f606b7b3David Benjaminextern const SSL_CIPHER ssl3_ciphers[]; 64295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 64395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 64495c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleySSL_METHOD *ssl_bad_method(int ver); 64595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 64695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD TLSv1_enc_data; 64795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD TLSv1_1_enc_data; 64895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD TLSv1_2_enc_data; 64995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD SSLv3_enc_data; 65095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD DTLSv1_enc_data; 65195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyextern SSL3_ENC_METHOD DTLSv1_2_enc_data; 65295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 65395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \ 65495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, enc_data) \ 65595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_METHOD *func_name(void) \ 65695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { \ 65795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley static const SSL_METHOD func_name##_data= { \ 65895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley version, \ 6591b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_new, \ 6601b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_clear, \ 6611b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_free, \ 66295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_accept, \ 66395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_connect, \ 66495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read, \ 66595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_peek, \ 66695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write, \ 66795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_shutdown, \ 66895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate, \ 66995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate_check, \ 67095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_get_message, \ 67195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read_bytes, \ 67295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write_bytes, \ 67395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_dispatch_alert, \ 67495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctrl, \ 67595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_ctrl, \ 67695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_pending, \ 67795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_num_ciphers, \ 67895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_get_cipher, \ 67995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, \ 68095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley &enc_data, \ 68195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_void_function, \ 68295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_callback_ctrl, \ 68395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_callback_ctrl, \ 68495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley }; \ 68595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return &func_name##_data; \ 68695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 68795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 68895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \ 68995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_METHOD *func_name(void) \ 69095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { \ 69195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley static const SSL_METHOD func_name##_data= { \ 69295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley SSL3_VERSION, \ 69395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_new, \ 69495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_clear, \ 69595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_free, \ 69695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_accept, \ 69795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_connect, \ 69895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read, \ 69995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_peek, \ 70095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write, \ 70195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_shutdown, \ 70295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate, \ 70395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate_check, \ 70495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_get_message, \ 70595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read_bytes, \ 70695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write_bytes, \ 70795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_dispatch_alert, \ 70895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctrl, \ 70995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_ctrl, \ 71095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_pending, \ 71195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_num_ciphers, \ 71295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_get_cipher, \ 71395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, \ 71495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley &SSLv3_enc_data, \ 71595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_void_function, \ 71695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_callback_ctrl, \ 71795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_callback_ctrl, \ 71895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley }; \ 71995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return &func_name##_data; \ 72095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 72195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 72295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \ 72395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_METHOD *func_name(void) \ 72495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { \ 72595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley static const SSL_METHOD func_name##_data= { \ 72695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley TLS1_2_VERSION, \ 7271b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_new, \ 7281b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_clear, \ 7291b96526c6f3a3ba492fd0c7d75ddd4e2414a690cDavid Benjamin ssl3_free, \ 73095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_accept, \ 73195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_connect, \ 73295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl23_read, \ 73395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl23_peek, \ 73495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl23_write, \ 73595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_function, \ 73695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_function, \ 73795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_ok, \ 73895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_get_message, \ 73995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read_bytes, \ 74095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write_bytes, \ 74195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_dispatch_alert, \ 74295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctrl, \ 74395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_ctrl, \ 74495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_const_function, \ 7450e498f14d21b679d3d9b03eaa5551faecdb4bc18David Benjamin ssl3_num_ciphers, \ 7460e498f14d21b679d3d9b03eaa5551faecdb4bc18David Benjamin ssl3_get_cipher, \ 74795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, \ 74895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley &TLSv1_2_enc_data, \ 74995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_void_function, \ 75095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_callback_ctrl, \ 75195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_callback_ctrl, \ 75295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley }; \ 75395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return &func_name##_data; \ 75495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 75595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 75695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \ 75795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, enc_data) \ 75895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_METHOD *func_name(void) \ 75995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley { \ 76095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley static const SSL_METHOD func_name##_data= { \ 76195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley version, \ 76295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_new, \ 76395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_clear, \ 76495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_free, \ 76595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_accept, \ 76695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_connect, \ 76795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_read, \ 76895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_peek, \ 76995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_write, \ 77095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_shutdown, \ 77195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate, \ 77295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_renegotiate_check, \ 77395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_get_message, \ 77495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_read_bytes, \ 77595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_write_app_data_bytes, \ 77695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_dispatch_alert, \ 77795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_ctrl, \ 77895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_ctrl, \ 77995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_pending, \ 78095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_num_ciphers, \ 78195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley dtls1_get_cipher, \ 78295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley s_get_meth, \ 78395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley &enc_data, \ 78495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl_undefined_void_function, \ 78595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_callback_ctrl, \ 78695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley ssl3_ctx_callback_ctrl, \ 78795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley }; \ 78895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley return &func_name##_data; \ 78995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley } 79095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 79195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_clear_cipher_ctx(SSL *s); 79295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_clear_bad_session(SSL *s); 79395c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyCERT *ssl_cert_new(void); 79495c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyCERT *ssl_cert_dup(CERT *cert); 79595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_cert_set_default_md(CERT *cert); 79695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_inst(CERT **o); 79795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_cert_clear_certs(CERT *c); 79895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_cert_free(CERT *c); 79995c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleySESS_CERT *ssl_sess_cert_new(void); 80095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_sess_cert_free(SESS_CERT *sc); 80195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_set_peer_cert_type(SESS_CERT *c, int type); 802dc9b1411279f02e604367bc56fca8cf2acc9d531Adam Langleyint ssl_get_prev_session(SSL *s, const struct ssl_early_callback_ctx *ctx); 80395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cipher_id_cmp(const void *in_a, const void *in_b); 80495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cipher_ptr_id_cmp(const SSL_CIPHER **ap, const SSL_CIPHER **bp); 80539482a13aca033b72118807fadd152207e0fad8aDavid BenjaminSTACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs, 80695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley STACK_OF(SSL_CIPHER) **skp); 80739482a13aca033b72118807fadd152207e0fad8aDavid Benjaminint ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p); 80895c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleySTACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, 809858a88daf27975f67d9f63e18f95645be2886bfbAdam Langley struct ssl_cipher_preference_list_st **pref, 81095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley STACK_OF(SSL_CIPHER) **sorted, 81195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *rule_str, CERT *c); 812858a88daf27975f67d9f63e18f95645be2886bfbAdam Langleystruct ssl_cipher_preference_list_st* ssl_cipher_preference_list_dup( 813858a88daf27975f67d9f63e18f95645be2886bfbAdam Langley struct ssl_cipher_preference_list_st *cipher_list); 814858a88daf27975f67d9f63e18f95645be2886bfbAdam Langleyvoid ssl_cipher_preference_list_free( 815858a88daf27975f67d9f63e18f95645be2886bfbAdam Langley struct ssl_cipher_preference_list_st *cipher_list); 816858a88daf27975f67d9f63e18f95645be2886bfbAdam Langleystruct ssl_cipher_preference_list_st* ssl_cipher_preference_list_from_ciphers( 817858a88daf27975f67d9f63e18f95645be2886bfbAdam Langley STACK_OF(SSL_CIPHER) *ciphers); 818858a88daf27975f67d9f63e18f95645be2886bfbAdam Langleystruct ssl_cipher_preference_list_st* ssl_get_cipher_preferences(SSL *s); 819c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langleyint ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead); 82095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc, 821c9fb37504f1c48e37578ee7033f35e3bd236cf67Adam Langley const EVP_MD **md,int *mac_pkey_type,int *mac_secret_size); 8229447dff5a25980032883975c7d981d9606395938Adam Langleyint ssl_cipher_get_mac(const SSL_SESSION *s, const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size); 82395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_get_handshake_digest(int i,long *mask,const EVP_MD **md); 82495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cipher_get_cert_index(const SSL_CIPHER *c); 825e8f3d666ccf4495fffc5aa9d7ac8ee3356bb980dDavid Benjaminint ssl_cipher_has_server_public_key(const SSL_CIPHER *cipher); 8269c651c9ef6d0ec8a4fa953efcdd85e3130015fe6David Benjaminint ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher); 827e8f3d666ccf4495fffc5aa9d7ac8ee3356bb980dDavid Benjamin 82895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain); 82995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain); 83095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_add0_chain_cert(CERT *c, X509 *x); 83195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_add1_chain_cert(CERT *c, X509 *x); 83295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_select_current(CERT *c, X509 *x); 83395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg); 83495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 83595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); 83695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l); 83795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags); 83895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref); 83995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_undefined_function(SSL *s); 84095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_undefined_void_function(void); 84195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_undefined_const_function(const SSL *s); 84295c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyCERT_PKEY *ssl_get_server_send_pkey(const SSL *s); 84395c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyEVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd); 84495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_cert_type(X509 *x,EVP_PKEY *pkey); 84595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher); 84695c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleySTACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); 84795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_verify_alarm_type(long type); 84895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len); 84995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 85039482a13aca033b72118807fadd152207e0fad8aDavid Benjaminconst SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value); 85139482a13aca033b72118807fadd152207e0fad8aDavid Benjaminuint16_t ssl3_get_cipher_value(const SSL_CIPHER *c); 85295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_init_finished_mac(SSL *s); 85395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_server_certificate(SSL *s); 8548da990677b852daff3f6e4a10d9c80c7b4822a06David Benjaminint ssl3_send_new_session_ticket(SSL *s); 85595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_cert_status(SSL *s); 85695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_finished(SSL *s,int state_a,int state_b); 85795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_setup_key_block(SSL *s); 85895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); 85995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_change_cipher_state(SSL *s,int which); 86095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_cleanup_key_block(SSL *s); 86195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_do_write(SSL *s,int type); 86295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_alert(SSL *s,int level, int desc); 86395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_generate_master_secret(SSL *s, unsigned char *out, 86495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *p, int len); 86595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_req_cert_type(SSL *s,unsigned char *p); 866590cbe970c75973f38aeba4b7146dc0b84b66348David Benjaminlong ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int hash_message, int *ok); 867590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin 868590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin/* ssl3_hash_current_message incorporates the current handshake message into 869590cbe970c75973f38aeba4b7146dc0b84b66348David Benjamin * the handshake hash. */ 870590cbe970c75973f38aeba4b7146dc0b84b66348David Benjaminvoid ssl3_hash_current_message(SSL *s); 871854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin 872854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin/* ssl3_cert_verify_hash writes the CertificateVerify hash into the bytes 873854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin * pointed to by |out| and writes the number of bytes to |*out_len|. |out| must 874854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin * have room for EVP_MAX_MD_SIZE bytes. For TLS 1.2 and up, |*out_md| is used 875854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin * for the hash function, otherwise the hash function depends on the type of 876854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin * |pkey| and is written to |*out_md|. It returns one on success and zero on 877854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin * failure. */ 878854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjaminint ssl3_cert_verify_hash(SSL *s, uint8_t *out, size_t *out_len, const EVP_MD **out_md, EVP_PKEY *pkey); 879854dd654d1cf168397b6df8d6a4964288d206e2fDavid Benjamin 88095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen); 88195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_num_ciphers(void); 88295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_CIPHER *ssl3_get_cipher(unsigned int u); 88395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_renegotiate(SSL *ssl); 88495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_renegotiate_check(SSL *ssl); 88595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_dispatch_alert(SSL *s); 88686271ee9f866cd83d9e37ab1ba1218ebefb336aaDavid Benjaminint ssl3_expect_change_cipher_spec(SSL *s); 88795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); 88895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_write_bytes(SSL *s, int type, const void *buf, int len); 88995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p); 89095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); 89195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); 89295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_enc(SSL *s, int send_data); 89395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data); 89495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_free_digest_list(SSL *s); 89595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyunsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk); 8966f2600199c82330240de9a7f65a801b6f606b7b3David Benjaminconst SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt, 897858a88daf27975f67d9f63e18f95645be2886bfbAdam Langley struct ssl_cipher_preference_list_st *srvr); 89895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_setup_buffers(SSL *s); 89995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_setup_read_buffer(SSL *s); 90095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_setup_write_buffer(SSL *s); 90195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_release_read_buffer(SSL *s); 90295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_release_write_buffer(SSL *s); 90395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_digest_cached_records(SSL *s); 90495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_new(SSL *s); 90595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_free(SSL *s); 90695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_accept(SSL *s); 90795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_connect(SSL *s); 90895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_read(SSL *s, void *buf, int len); 90995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_peek(SSL *s, void *buf, int len); 91095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_write(SSL *s, const void *buf, int len); 91195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_shutdown(SSL *s); 91295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_clear(SSL *s); 91395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong ssl3_ctrl(SSL *s,int cmd, long larg, void *parg); 91495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); 91595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); 91695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); 91795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_pending(const SSL *s); 91895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 91995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_record_sequence_update(unsigned char *seq); 92095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_do_change_cipher_spec(SSL *ssl); 92195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 92295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_set_handshake_header(SSL *s, int htype, unsigned long len); 92395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_handshake_write(SSL *s); 92495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 92595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_read(SSL *s, void *buf, int len); 92695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_peek(SSL *s, void *buf, int len); 92795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_write(SSL *s, const void *buf, int len); 92895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 92995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_do_write(SSL *s,int type); 93095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_read_n(SSL *s, int n, int max, int extend); 93195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); 93295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_write_pending(SSL *s, int type, const unsigned char *buf, 93395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned int len); 93495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyunsigned char *dtls1_set_message_header(SSL *s, 93595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *p, unsigned char mt, unsigned long len, 93695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned long frag_off, unsigned long frag_len); 93795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 93895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len); 93995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_write_bytes(SSL *s, int type, const void *buf, int len); 94095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 94195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_send_change_cipher_spec(SSL *s, int a, int b); 94295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen); 94395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyunsigned long dtls1_output_cert_chain(SSL *s, CERT_PKEY *cpk); 94495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_read_failed(SSL *s, int code); 94595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_buffer_message(SSL *s, int ccs); 94695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_retransmit_message(SSL *s, unsigned short seq, 94795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned long frag_off, int *found); 94895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_get_queue_priority(unsigned short seq, int is_ccs); 94995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_retransmit_buffered_messages(SSL *s); 95095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_clear_record_buffer(SSL *s); 95195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr); 95295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); 95395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_reset_seq_numbers(SSL *s, int rw); 95495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_check_timeout_num(SSL *s); 95595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_handle_timeout(SSL *s); 95695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst SSL_CIPHER *dtls1_get_cipher(unsigned int u); 95795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_start_timer(SSL *s); 95895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_stop_timer(SSL *s); 95995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_is_timer_expired(SSL *s); 96095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_double_timeout(SSL *s); 96195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyunsigned int dtls1_min_mtu(void); 96295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 96395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* some client-only functions */ 9648da990677b852daff3f6e4a10d9c80c7b4822a06David Benjaminint ssl3_send_client_hello(SSL *s); 96595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_server_hello(SSL *s); 96695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_certificate_request(SSL *s); 96795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_new_session_ticket(SSL *s); 96895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_cert_status(SSL *s); 96995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_server_done(SSL *s); 9708da990677b852daff3f6e4a10d9c80c7b4822a06David Benjaminint ssl3_send_cert_verify(SSL *s); 97195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_client_certificate(SSL *s); 97295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey); 97395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_client_key_exchange(SSL *s); 9748f8040dd4fdf4531391c5653230a6fe3a24cf5bfDavid Benjaminint ssl3_get_server_key_exchange(SSL *s); 97595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_server_certificate(SSL *s); 97695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_check_cert_and_algorithm(SSL *s); 97795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_next_proto(SSL *s); 9781258b6a756674d63f172602d8041ccc0dffd03d1Adam Langleyint ssl3_send_channel_id(SSL *s); 97995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 98095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_client_hello(SSL *s); 98195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 98295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* some server-only functions */ 98395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_client_hello(SSL *s); 98495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_server_hello(SSL *s); 98595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_hello_request(SSL *s); 98695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_server_key_exchange(SSL *s); 98795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_certificate_request(SSL *s); 98895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_send_server_done(SSL *s); 98995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_client_certificate(SSL *s); 99095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_client_key_exchange(SSL *s); 99195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_cert_verify(SSL *s); 99295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_get_next_proto(SSL *s); 9931258b6a756674d63f172602d8041ccc0dffd03d1Adam Langleyint ssl3_get_channel_id(SSL *s); 99495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 99595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_accept(SSL *s); 99695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_connect(SSL *s); 99795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_read_bytes(SSL *s, int n); 99895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl23_write_bytes(SSL *s); 99995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 100095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_new(SSL *s); 100195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_accept(SSL *s); 100295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_connect(SSL *s); 100395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_free(SSL *s); 100495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid dtls1_clear(SSL *s); 100595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong dtls1_ctrl(SSL *s,int cmd, long larg, void *parg); 100695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_shutdown(SSL *s); 100795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 1008590cbe970c75973f38aeba4b7146dc0b84b66348David Benjaminlong dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int hash_message, int *ok); 100995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_get_record(SSL *s); 101095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_dispatch_alert(SSL *s); 101195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint dtls1_enc(SSL *s, int snd); 101295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 101395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_init_wbio_buffer(SSL *s, int push); 101495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_free_wbio_buffer(SSL *s); 101595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 101695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_change_cipher_state(SSL *s, int which); 101795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_setup_key_block(SSL *s); 101895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_enc(SSL *s, int snd); 10191258b6a756674d63f172602d8041ccc0dffd03d1Adam Langleyint tls1_handshake_digest(SSL *s, unsigned char *out, size_t out_len); 102095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_final_finish_mac(SSL *s, 102195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *str, int slen, unsigned char *p); 102295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); 102395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_mac(SSL *ssl, unsigned char *md, int snd); 102495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_generate_master_secret(SSL *s, unsigned char *out, 102595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char *p, int len); 102695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, 102795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const char *label, size_t llen, 102895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *p, size_t plen, int use_context); 102995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_alert_code(int code); 103095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_alert_code(int code); 103195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_ok(SSL *s); 103295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 103395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s); 103495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 1035dc9b1411279f02e604367bc56fca8cf2acc9d531Adam Langleychar ssl_early_callback_init(struct ssl_early_callback_ctx *ctx); 1036072334d943ef81d45f75d97cd722b46f1293f773David Benjaminint tls1_ec_curve_id2nid(uint16_t curve_id); 1037072334d943ef81d45f75d97cd722b46f1293f773David Benjaminuint16_t tls1_ec_nid2curve_id(int nid); 1038072334d943ef81d45f75d97cd722b46f1293f773David Benjamin 1039072334d943ef81d45f75d97cd722b46f1293f773David Benjamin/* tls1_check_curve parses ECParameters out of |cbs|, modifying it. It 1040072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * checks the curve is one of our preferences and writes the 1041072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * NamedCurve value to |*out_curve_id|. It returns one on success and 1042072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * zero on error. */ 1043ed43958853bda3e1ef817dd7c46306f88cfedb08David Benjaminint tls1_check_curve(SSL *s, CBS *cbs, uint16_t *out_curve_id); 1044072334d943ef81d45f75d97cd722b46f1293f773David Benjamin 1045072334d943ef81d45f75d97cd722b46f1293f773David Benjamin/* tls1_get_shared_curve returns the NID of the first preferred shared curve 1046072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * between client and server preferences. If none can be found, it returns 1047072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * NID_undef. */ 1048072334d943ef81d45f75d97cd722b46f1293f773David Benjaminint tls1_get_shared_curve(SSL *s); 1049072334d943ef81d45f75d97cd722b46f1293f773David Benjamin 1050072334d943ef81d45f75d97cd722b46f1293f773David Benjamin/* tls1_set_curves converts the array of |ncurves| NIDs pointed to by |curves| 1051072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * into a newly allocated array of TLS curve IDs. On success, the function 1052072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * returns one and writes the array to |*out_curve_ids| and its size to 1053072334d943ef81d45f75d97cd722b46f1293f773David Benjamin * |*out_curve_ids_len|. Otherwise, it returns zero. */ 1054072334d943ef81d45f75d97cd722b46f1293f773David Benjaminint tls1_set_curves(uint16_t **out_curve_ids, size_t *out_curve_ids_len, 1055072334d943ef81d45f75d97cd722b46f1293f773David Benjamin const int *curves, size_t ncurves); 1056072334d943ef81d45f75d97cd722b46f1293f773David Benjamin 105795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_check_ec_tmp_key(SSL *s, unsigned long id); 105895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 105995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_shared_list(SSL *s, 106095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *l1, size_t l1len, 106195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *l2, size_t l2len, 106295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int nmatch); 1063b0c235ed366d10674542db784668fe3e13f23709Adam Langleyunsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, size_t header_len); 1064b0c235ed366d10674542db784668fe3e13f23709Adam Langleyunsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit); 1065dc72ff75bd5795440a85f2a5841f0fe98ea37dd6David Benjaminint ssl_parse_clienthello_tlsext(SSL *s, CBS *cbs); 106603973096f416e694b676160ca481553bb44738ebDavid Benjaminint ssl_parse_serverhello_tlsext(SSL *s, CBS *cbs); 106795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_prepare_clienthello_tlsext(SSL *s); 106895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_prepare_serverhello_tlsext(SSL *s); 106995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 107095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#define tlsext_tick_md EVP_sha256 1071dc9b1411279f02e604367bc56fca8cf2acc9d531Adam Langleyint tls1_process_ticket(SSL *s, const struct ssl_early_callback_ctx *ctx, 1072dc9b1411279f02e604367bc56fca8cf2acc9d531Adam Langley SSL_SESSION **ret); 107395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 107495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, 107595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const EVP_MD *md); 107695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls12_get_sigid(const EVP_PKEY *pk); 107795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyconst EVP_MD *tls12_get_hash(unsigned char hash_alg); 107895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 10791258b6a756674d63f172602d8041ccc0dffd03d1Adam Langleyint tls1_channel_id_hash(EVP_MD_CTX *ctx, SSL *s); 10801258b6a756674d63f172602d8041ccc0dffd03d1Adam Langleyint tls1_record_handshake_hashes_for_channel_id(SSL *s); 10811258b6a756674d63f172602d8041ccc0dffd03d1Adam Langley 108295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_set_sigalgs_list(CERT *c, const char *str, int client); 108395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client); 108495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, 108595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int idx); 108695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid tls1_set_cert_validity(SSL *s); 108795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 1088859ec3cc09f244348f3c919693817acb01064535David Benjamin/* ssl_ctx_log_rsa_client_key_exchange logs |premaster| to |ctx|, if logging is 1089859ec3cc09f244348f3c919693817acb01064535David Benjamin * enabled. It returns one on success and zero on failure. The entry is 1090859ec3cc09f244348f3c919693817acb01064535David Benjamin * identified by the first 8 bytes of |encrypted_premaster|. */ 1091859ec3cc09f244348f3c919693817acb01064535David Benjaminint ssl_ctx_log_rsa_client_key_exchange(SSL_CTX *ctx, 1092859ec3cc09f244348f3c919693817acb01064535David Benjamin const uint8_t *encrypted_premaster, size_t encrypted_premaster_len, 1093859ec3cc09f244348f3c919693817acb01064535David Benjamin const uint8_t *premaster, size_t premaster_len); 1094859ec3cc09f244348f3c919693817acb01064535David Benjamin 1095859ec3cc09f244348f3c919693817acb01064535David Benjamin/* ssl_ctx_log_master_secret logs |master| to |ctx|, if logging is enabled. It 1096859ec3cc09f244348f3c919693817acb01064535David Benjamin * returns one on success and zero on failure. The entry is identified by 1097859ec3cc09f244348f3c919693817acb01064535David Benjamin * |client_random|. */ 1098859ec3cc09f244348f3c919693817acb01064535David Benjaminint ssl_ctx_log_master_secret(SSL_CTX *ctx, 1099859ec3cc09f244348f3c919693817acb01064535David Benjamin const uint8_t *client_random, size_t client_random_len, 1100859ec3cc09f244348f3c919693817acb01064535David Benjamin const uint8_t *master, size_t master_len); 1101adb739e1e59a48a421a080e64ad16f23e6b18cfdAdam Langley 1102adb739e1e59a48a421a080e64ad16f23e6b18cfdAdam Langleyint ssl3_can_cutthrough(const SSL *s); 11032970779684c6f164a0e261e96a3d59f331123320Adam Langleyint ssl_get_max_version(const SSL *s); 110495c29f3cd1f6c08c6c0927868683392eea727ccAdam LangleyEVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ; 110595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_clear_hash_ctx(EVP_MD_CTX **hash); 110695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len, 110795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int maxlen); 110803973096f416e694b676160ca481553bb44738ebDavid Benjaminint ssl_parse_serverhello_renegotiate_ext(SSL *s, CBS *cbs, int *out_alert); 110995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len, 111095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley int maxlen); 1111dc72ff75bd5795440a85f2a5841f0fe98ea37dd6David Benjaminint ssl_parse_clienthello_renegotiate_ext(SSL *s, CBS *cbs, int *out_alert); 111295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleylong ssl_get_algorithm2(SSL *s); 1113cd9969434c2b2c347f1fb12623ee240ae01ac942David Benjaminint tls1_process_sigalgs(SSL *s, const CBS *sigalgs); 111495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleysize_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs); 111505da6e1641bb8b3576b97dfc4fba22ee6c5d0453David Benjaminint tls12_check_peer_sigalg(const EVP_MD **out_md, int *out_alert, SSL *s, 111605da6e1641bb8b3576b97dfc4fba22ee6c5d0453David Benjamin CBS *cbs, EVP_PKEY *pkey); 111795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl_set_client_disabled(SSL *s); 111895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 111995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen); 1120dc72ff75bd5795440a85f2a5841f0fe98ea37dd6David Benjaminint ssl_parse_clienthello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert); 112195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen); 112203973096f416e694b676160ca481553bb44738ebDavid Benjaminint ssl_parse_serverhello_use_srtp_ext(SSL *s, CBS *cbs, int *out_alert); 112395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 112495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* s3_cbc.c */ 112595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_cbc_copy_mac(unsigned char* out, 112695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const SSL3_RECORD *rec, 112795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned md_size,unsigned orig_len); 112895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint ssl3_cbc_remove_padding(const SSL* s, 112995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley SSL3_RECORD *rec, 113095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned block_size, 113195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned mac_size); 113295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyint tls1_cbc_remove_padding(const SSL* s, 113395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley SSL3_RECORD *rec, 113495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned block_size, 113595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned mac_size); 113695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleychar ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx); 113795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyvoid ssl3_cbc_digest_record( 113895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const EVP_MD_CTX *ctx, 113995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned char* md_out, 114095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t* md_out_size, 114195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char header[13], 114295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *data, 114395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t data_plus_mac_size, 114495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley size_t data_plus_mac_plus_padding_size, 114595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley const unsigned char *mac_secret, 114695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley unsigned mac_secret_length, 114795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley char is_sslv3); 114895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley 114995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#endif 1150