OLD | NEW |
| (Empty) |
1 /* ssl/ssl_locl.h */ | |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | |
3 * All rights reserved. | |
4 * | |
5 * This package is an SSL implementation written | |
6 * by Eric Young (eay@cryptsoft.com). | |
7 * The implementation was written so as to conform with Netscapes SSL. | |
8 * | |
9 * This library is free for commercial and non-commercial use as long as | |
10 * the following conditions are aheared to. The following conditions | |
11 * apply to all code found in this distribution, be it the RC4, RSA, | |
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 * included with this distribution is covered by the same copyright terms | |
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 * | |
16 * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 * the code are not to be removed. | |
18 * If this package is used in a product, Eric Young should be given attribution | |
19 * as the author of the parts of the library used. | |
20 * This can be in the form of a textual message at program startup or | |
21 * in documentation (online or textual) provided with the package. | |
22 * | |
23 * Redistribution and use in source and binary forms, with or without | |
24 * modification, are permitted provided that the following conditions | |
25 * are met: | |
26 * 1. Redistributions of source code must retain the copyright | |
27 * notice, this list of conditions and the following disclaimer. | |
28 * 2. Redistributions in binary form must reproduce the above copyright | |
29 * notice, this list of conditions and the following disclaimer in the | |
30 * documentation and/or other materials provided with the distribution. | |
31 * 3. All advertising materials mentioning features or use of this software | |
32 * must display the following acknowledgement: | |
33 * "This product includes cryptographic software written by | |
34 * Eric Young (eay@cryptsoft.com)" | |
35 * The word 'cryptographic' can be left out if the rouines from the library | |
36 * being used are not cryptographic related :-). | |
37 * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 * the apps directory (application code) you must include an acknowledgement: | |
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 * | |
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 * SUCH DAMAGE. | |
52 * | |
53 * The licence and distribution terms for any publically available version or | |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 * copied and put under another distribution licence | |
56 * [including the GNU Public Licence.] | |
57 */ | |
58 /* ==================================================================== | |
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. | |
60 * | |
61 * Redistribution and use in source and binary forms, with or without | |
62 * modification, are permitted provided that the following conditions | |
63 * are met: | |
64 * | |
65 * 1. Redistributions of source code must retain the above copyright | |
66 * notice, this list of conditions and the following disclaimer. | |
67 * | |
68 * 2. Redistributions in binary form must reproduce the above copyright | |
69 * notice, this list of conditions and the following disclaimer in | |
70 * the documentation and/or other materials provided with the | |
71 * distribution. | |
72 * | |
73 * 3. All advertising materials mentioning features or use of this | |
74 * software must display the following acknowledgment: | |
75 * "This product includes software developed by the OpenSSL Project | |
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
77 * | |
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
79 * endorse or promote products derived from this software without | |
80 * prior written permission. For written permission, please contact | |
81 * openssl-core@openssl.org. | |
82 * | |
83 * 5. Products derived from this software may not be called "OpenSSL" | |
84 * nor may "OpenSSL" appear in their names without prior written | |
85 * permission of the OpenSSL Project. | |
86 * | |
87 * 6. Redistributions of any form whatsoever must retain the following | |
88 * acknowledgment: | |
89 * "This product includes software developed by the OpenSSL Project | |
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
91 * | |
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
103 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
104 * ==================================================================== | |
105 * | |
106 * This product includes cryptographic software written by Eric Young | |
107 * (eay@cryptsoft.com). This product includes software written by Tim | |
108 * Hudson (tjh@cryptsoft.com). | |
109 * | |
110 */ | |
111 /* ==================================================================== | |
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | |
113 * ECC cipher suite support in OpenSSL originally developed by | |
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | |
115 */ | |
116 /* ==================================================================== | |
117 * Copyright 2005 Nokia. All rights reserved. | |
118 * | |
119 * The portions of the attached software ("Contribution") is developed by | |
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source | |
121 * license. | |
122 * | |
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of | |
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites | |
125 * support (see RFC 4279) to OpenSSL. | |
126 * | |
127 * No patent licenses or other rights except those expressly stated in | |
128 * the OpenSSL open source license shall be deemed granted or received | |
129 * expressly, by implication, estoppel, or otherwise. | |
130 * | |
131 * No assurances are provided by Nokia that the Contribution does not | |
132 * infringe the patent or other intellectual property rights of any third | |
133 * party or that the license provides you with all the necessary rights | |
134 * to make use of the Contribution. | |
135 * | |
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN | |
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA | |
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY | |
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR | |
140 * OTHERWISE. | |
141 */ | |
142 | |
143 #ifndef HEADER_SSL_LOCL_H | |
144 #define HEADER_SSL_LOCL_H | |
145 #include <stdlib.h> | |
146 #include <time.h> | |
147 #include <string.h> | |
148 #include <errno.h> | |
149 | |
150 #include "e_os.h" | |
151 | |
152 #include <openssl/buffer.h> | |
153 #ifndef OPENSSL_NO_COMP | |
154 #include <openssl/comp.h> | |
155 #endif | |
156 #include <openssl/bio.h> | |
157 #include <openssl/stack.h> | |
158 #ifndef OPENSSL_NO_RSA | |
159 #include <openssl/rsa.h> | |
160 #endif | |
161 #ifndef OPENSSL_NO_DSA | |
162 #include <openssl/dsa.h> | |
163 #endif | |
164 #include <openssl/err.h> | |
165 #include <openssl/ssl.h> | |
166 #include <openssl/symhacks.h> | |
167 | |
168 #ifdef OPENSSL_BUILD_SHLIBSSL | |
169 # undef OPENSSL_EXTERN | |
170 # define OPENSSL_EXTERN OPENSSL_EXPORT | |
171 #endif | |
172 | |
173 #undef PKCS1_CHECK | |
174 | |
175 #define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ | |
176 l|=(((unsigned long)(*((c)++)))<< 8), \ | |
177 l|=(((unsigned long)(*((c)++)))<<16), \ | |
178 l|=(((unsigned long)(*((c)++)))<<24)) | |
179 | |
180 /* NOTE - c is not incremented as per c2l */ | |
181 #define c2ln(c,l1,l2,n) { \ | |
182 c+=n; \ | |
183 l1=l2=0; \ | |
184 switch (n) { \ | |
185 case 8: l2 =((unsigned long)(*(--(c))))<<24; \ | |
186 case 7: l2|=((unsigned long)(*(--(c))))<<16; \ | |
187 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \ | |
188 case 5: l2|=((unsigned long)(*(--(c)))); \ | |
189 case 4: l1 =((unsigned long)(*(--(c))))<<24; \ | |
190 case 3: l1|=((unsigned long)(*(--(c))))<<16; \ | |
191 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \ | |
192 case 1: l1|=((unsigned long)(*(--(c)))); \ | |
193 } \ | |
194 } | |
195 | |
196 #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ | |
197 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | |
198 *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | |
199 *((c)++)=(unsigned char)(((l)>>24)&0xff)) | |
200 | |
201 #define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \ | |
202 l|=((unsigned long)(*((c)++)))<<16, \ | |
203 l|=((unsigned long)(*((c)++)))<< 8, \ | |
204 l|=((unsigned long)(*((c)++)))) | |
205 | |
206 #define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ | |
207 *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | |
208 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | |
209 *((c)++)=(unsigned char)(((l) )&0xff)) | |
210 | |
211 #define l2n6(l,c) (*((c)++)=(unsigned char)(((l)>>40)&0xff), \ | |
212 *((c)++)=(unsigned char)(((l)>>32)&0xff), \ | |
213 *((c)++)=(unsigned char)(((l)>>24)&0xff), \ | |
214 *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | |
215 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | |
216 *((c)++)=(unsigned char)(((l) )&0xff)) | |
217 | |
218 #define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \ | |
219 *((c)++)=(unsigned char)(((l)>>48)&0xff), \ | |
220 *((c)++)=(unsigned char)(((l)>>40)&0xff), \ | |
221 *((c)++)=(unsigned char)(((l)>>32)&0xff), \ | |
222 *((c)++)=(unsigned char)(((l)>>24)&0xff), \ | |
223 *((c)++)=(unsigned char)(((l)>>16)&0xff), \ | |
224 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ | |
225 *((c)++)=(unsigned char)(((l) )&0xff)) | |
226 | |
227 #define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \ | |
228 l|=((BN_ULLONG)(*((c)++)))<<32, \ | |
229 l|=((BN_ULLONG)(*((c)++)))<<24, \ | |
230 l|=((BN_ULLONG)(*((c)++)))<<16, \ | |
231 l|=((BN_ULLONG)(*((c)++)))<< 8, \ | |
232 l|=((BN_ULLONG)(*((c)++)))) | |
233 | |
234 /* NOTE - c is not incremented as per l2c */ | |
235 #define l2cn(l1,l2,c,n) { \ | |
236 c+=n; \ | |
237 switch (n) { \ | |
238 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ | |
239 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ | |
240 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ | |
241 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ | |
242 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ | |
243 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ | |
244 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ | |
245 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ | |
246 } \ | |
247 } | |
248 | |
249 #define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ | |
250 (((unsigned int)(c[1])) )),c+=2) | |
251 #define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \ | |
252 c[1]=(unsigned char)(((s) )&0xff)),c+=2) | |
253 | |
254 #define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \ | |
255 (((unsigned long)(c[1]))<< 8)| \ | |
256 (((unsigned long)(c[2])) )),c+=3) | |
257 | |
258 #define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \ | |
259 c[1]=(unsigned char)(((l)>> 8)&0xff), \ | |
260 c[2]=(unsigned char)(((l) )&0xff)),c+=3) | |
261 | |
262 /* LOCAL STUFF */ | |
263 | |
264 #define SSL_DECRYPT 0 | |
265 #define SSL_ENCRYPT 1 | |
266 | |
267 #define TWO_BYTE_BIT 0x80 | |
268 #define SEC_ESC_BIT 0x40 | |
269 #define TWO_BYTE_MASK 0x7fff | |
270 #define THREE_BYTE_MASK 0x3fff | |
271 | |
272 #define INC32(a) ((a)=((a)+1)&0xffffffffL) | |
273 #define DEC32(a) ((a)=((a)-1)&0xffffffffL) | |
274 #define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */ | |
275 | |
276 /* | |
277 * Define the Bitmasks for SSL_CIPHER.algorithms. | |
278 * This bits are used packed as dense as possible. If new methods/ciphers | |
279 * etc will be added, the bits a likely to change, so this information | |
280 * is for internal library use only, even though SSL_CIPHER.algorithms | |
281 * can be publicly accessed. | |
282 * Use the according functions for cipher management instead. | |
283 * | |
284 * The bit mask handling in the selection and sorting scheme in | |
285 * ssl_create_cipher_list() has only limited capabilities, reflecting | |
286 * that the different entities within are mutually exclusive: | |
287 * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. | |
288 */ | |
289 | |
290 /* Bits for algorithm_mkey (key exchange algorithm) */ | |
291 #define SSL_kRSA 0x00000001L /* RSA key exchange */ | |
292 #define SSL_kDHr 0x00000002L /* DH cert, RSA CA cert */ /* no suc
h ciphersuites supported! */ | |
293 #define SSL_kDHd 0x00000004L /* DH cert, DSA CA cert */ /* no suc
h ciphersuite supported! */ | |
294 #define SSL_kEDH 0x00000008L /* tmp DH key no DH cert */ | |
295 #define SSL_kKRB5 0x00000010L /* Kerberos5 key exchange */ | |
296 #define SSL_kECDHr 0x00000020L /* ECDH cert, RSA CA cert */ | |
297 #define SSL_kECDHe 0x00000040L /* ECDH cert, ECDSA CA cert */ | |
298 #define SSL_kEECDH 0x00000080L /* ephemeral ECDH */ | |
299 #define SSL_kPSK 0x00000100L /* PSK */ | |
300 #define SSL_kGOST 0x00000200L /* GOST key exchange */ | |
301 #define SSL_kSRP 0x00000400L /* SRP */ | |
302 | |
303 /* Bits for algorithm_auth (server authentication) */ | |
304 #define SSL_aRSA 0x00000001L /* RSA auth */ | |
305 #define SSL_aDSS 0x00000002L /* DSS auth */ | |
306 #define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) *
/ | |
307 #define SSL_aDH 0x00000008L /* Fixed DH auth (kDHd or kDHr) */ /
* no such ciphersuites supported! */ | |
308 #define SSL_aECDH 0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr
) */ | |
309 #define SSL_aKRB5 0x00000020L /* KRB5 auth */ | |
310 #define SSL_aECDSA 0x00000040L /* ECDSA auth*/ | |
311 #define SSL_aPSK 0x00000080L /* PSK auth */ | |
312 #define SSL_aGOST94 0x00000100L /* GOST R 34.10-94 s
ignature auth */ | |
313 #define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signatu
re auth */ | |
314 | |
315 | |
316 /* Bits for algorithm_enc (symmetric encryption) */ | |
317 #define SSL_DES 0x00000001L | |
318 #define SSL_3DES 0x00000002L | |
319 #define SSL_RC4 0x00000004L | |
320 #define SSL_RC2 0x00000008L | |
321 #define SSL_IDEA 0x00000010L | |
322 #define SSL_eNULL 0x00000020L | |
323 #define SSL_AES128 0x00000040L | |
324 #define SSL_AES256 0x00000080L | |
325 #define SSL_CAMELLIA128 0x00000100L | |
326 #define SSL_CAMELLIA256 0x00000200L | |
327 #define SSL_eGOST2814789CNT 0x00000400L | |
328 #define SSL_SEED 0x00000800L | |
329 #define SSL_AES128GCM 0x00001000L | |
330 #define SSL_AES256GCM 0x00002000L | |
331 #define SSL_CHACHA20POLY1305 0x00004000L | |
332 | |
333 #define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256G
CM) | |
334 #define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256) | |
335 | |
336 | |
337 /* Bits for algorithm_mac (symmetric authentication) */ | |
338 | |
339 #define SSL_MD5 0x00000001L | |
340 #define SSL_SHA1 0x00000002L | |
341 #define SSL_GOST94 0x00000004L | |
342 #define SSL_GOST89MAC 0x00000008L | |
343 #define SSL_SHA256 0x00000010L | |
344 #define SSL_SHA384 0x00000020L | |
345 /* Not a real MAC, just an indication it is part of cipher */ | |
346 #define SSL_AEAD 0x00000040L | |
347 | |
348 /* Bits for algorithm_ssl (protocol version) */ | |
349 #define SSL_SSLV2 0x00000001L | |
350 #define SSL_SSLV3 0x00000002L | |
351 #define SSL_TLSV1 SSL_SSLV3 /* for now */ | |
352 #define SSL_TLSV1_2 0x00000004L | |
353 | |
354 | |
355 /* Bits for algorithm2 (handshake digests and other extra flags) */ | |
356 | |
357 #define SSL_HANDSHAKE_MAC_MD5 0x10 | |
358 #define SSL_HANDSHAKE_MAC_SHA 0x20 | |
359 #define SSL_HANDSHAKE_MAC_GOST94 0x40 | |
360 #define SSL_HANDSHAKE_MAC_SHA256 0x80 | |
361 #define SSL_HANDSHAKE_MAC_SHA384 0x100 | |
362 #define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA
) | |
363 | |
364 /* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX | |
365 * make sure to update this constant too */ | |
366 #define SSL_MAX_DIGEST 6 | |
367 | |
368 #define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT) | |
369 | |
370 #define TLS1_PRF_DGST_SHIFT 10 | |
371 #define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT) | |
372 #define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) | |
373 #define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT) | |
374 #define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT) | |
375 #define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT) | |
376 #define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) | |
377 | |
378 /* Stream MAC for GOST ciphersuites from cryptopro draft | |
379 * (currently this also goes into algorithm2) */ | |
380 #define TLS1_STREAM_MAC 0x04 | |
381 | |
382 #define TLSEXT_CHANNEL_ID_SIZE 128 | |
383 | |
384 /* SSL_CIPHER_ALGORITHM2_AEAD is a flag in SSL_CIPHER.algorithm2 which | |
385 * indicates that the cipher is implemented via an EVP_AEAD. */ | |
386 #define SSL_CIPHER_ALGORITHM2_AEAD (1<<23) | |
387 | |
388 /* SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce | |
389 * for an SSL_CIPHER* with the SSL_CIPHER_ALGORITHM2_AEAD flag. */ | |
390 #define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \ | |
391 (((ssl_cipher->algorithm2 >> 24) & 0xf)*2) | |
392 | |
393 /* SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD is a flag in | |
394 * SSL_CIPHER.algorithm2 which indicates that the variable part of the nonce is | |
395 * included as a prefix of the record. (AES-GCM, for example, does with with an | |
396 * 8-byte variable nonce.) */ | |
397 #define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD (1<<22) | |
398 | |
399 /* | |
400 * Export and cipher strength information. For each cipher we have to decide | |
401 * whether it is exportable or not. This information is likely to change | |
402 * over time, since the export control rules are no static technical issue. | |
403 * | |
404 * Independent of the export flag the cipher strength is sorted into classes. | |
405 * SSL_EXP40 was denoting the 40bit US export limit of past times, which now | |
406 * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change | |
407 * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more, | |
408 * since SSL_EXP64 could be similar to SSL_LOW. | |
409 * For this reason SSL_MICRO and SSL_MINI macros are included to widen the | |
410 * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed | |
411 * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would | |
412 * be possible. | |
413 */ | |
414 #define SSL_EXP_MASK 0x00000003L | |
415 #define SSL_STRONG_MASK 0x000001fcL | |
416 | |
417 #define SSL_NOT_EXP 0x00000001L | |
418 #define SSL_EXPORT 0x00000002L | |
419 | |
420 #define SSL_STRONG_NONE 0x00000004L | |
421 #define SSL_EXP40 0x00000008L | |
422 #define SSL_MICRO (SSL_EXP40) | |
423 #define SSL_EXP56 0x00000010L | |
424 #define SSL_MINI (SSL_EXP56) | |
425 #define SSL_LOW 0x00000020L | |
426 #define SSL_MEDIUM 0x00000040L | |
427 #define SSL_HIGH 0x00000080L | |
428 #define SSL_FIPS 0x00000100L | |
429 | |
430 /* we have used 000001ff - 23 bits left to go */ | |
431 | |
432 /* | |
433 * Macros to check the export status and cipher strength for export ciphers. | |
434 * Even though the macros for EXPORT and EXPORT40/56 have similar names, | |
435 * their meaning is different: | |
436 * *_EXPORT macros check the 'exportable' status. | |
437 * *_EXPORT40/56 macros are used to check whether a certain cipher strength | |
438 * is given. | |
439 * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct | |
440 * algorithm structure element to be passed (algorithms, algo_strength) and no | |
441 * typechecking can be done as they are all of type unsigned long, their | |
442 * direct usage is discouraged. | |
443 * Use the SSL_C_* macros instead. | |
444 */ | |
445 #define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT) | |
446 #define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56) | |
447 #define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40) | |
448 #define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength) | |
449 #define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength) | |
450 #define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength) | |
451 | |
452 #define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \ | |
453 (a) == SSL_DES ? 8 : 7) | |
454 #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) | |
455 #define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithm_enc,
\ | |
456 (c)->algo_strength) | |
457 #define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength
) | |
458 | |
459 | |
460 | |
461 | |
462 /* Mostly for SSLv3 */ | |
463 #define SSL_PKEY_RSA_ENC 0 | |
464 #define SSL_PKEY_RSA_SIGN 1 | |
465 #define SSL_PKEY_DSA_SIGN 2 | |
466 #define SSL_PKEY_DH_RSA 3 | |
467 #define SSL_PKEY_DH_DSA 4 | |
468 #define SSL_PKEY_ECC 5 | |
469 #define SSL_PKEY_GOST94 6 | |
470 #define SSL_PKEY_GOST01 7 | |
471 #define SSL_PKEY_NUM 8 | |
472 | |
473 /* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | | |
474 * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) | |
475 * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) | |
476 * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN | |
477 * SSL_aRSA <- RSA_ENC | RSA_SIGN | |
478 * SSL_aDSS <- DSA_SIGN | |
479 */ | |
480 | |
481 /* | |
482 #define CERT_INVALID 0 | |
483 #define CERT_PUBLIC_KEY 1 | |
484 #define CERT_PRIVATE_KEY 2 | |
485 */ | |
486 | |
487 #ifndef OPENSSL_NO_EC | |
488 /* From ECC-TLS draft, used in encoding the curve type in | |
489 * ECParameters | |
490 */ | |
491 #define EXPLICIT_PRIME_CURVE_TYPE 1 | |
492 #define EXPLICIT_CHAR2_CURVE_TYPE 2 | |
493 #define NAMED_CURVE_TYPE 3 | |
494 #endif /* OPENSSL_NO_EC */ | |
495 | |
496 typedef struct cert_pkey_st | |
497 { | |
498 X509 *x509; | |
499 STACK_OF(X509) *cert_chain; | |
500 EVP_PKEY *privatekey; | |
501 /* Digest to use when signing */ | |
502 const EVP_MD *digest; | |
503 } CERT_PKEY; | |
504 | |
505 typedef struct cert_st | |
506 { | |
507 /* Current active set */ | |
508 CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array | |
509 * Probably it would make more sense to store | |
510 * an index, not a pointer. */ | |
511 | |
512 /* The following masks are for the key and auth | |
513 * algorithms that are supported by the certs below */ | |
514 int valid; | |
515 unsigned long mask_k; | |
516 unsigned long mask_a; | |
517 unsigned long export_mask_k; | |
518 unsigned long export_mask_a; | |
519 #ifndef OPENSSL_NO_RSA | |
520 RSA *rsa_tmp; | |
521 RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize); | |
522 #endif | |
523 #ifndef OPENSSL_NO_DH | |
524 DH *dh_tmp; | |
525 DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize); | |
526 #endif | |
527 #ifndef OPENSSL_NO_ECDH | |
528 EC_KEY *ecdh_tmp; | |
529 /* Callback for generating ephemeral ECDH keys */ | |
530 EC_KEY *(*ecdh_tmp_cb)(SSL *ssl,int is_export,int keysize); | |
531 #endif | |
532 | |
533 CERT_PKEY pkeys[SSL_PKEY_NUM]; | |
534 | |
535 int references; /* >1 only if SSL_copy_session_id is used */ | |
536 } CERT; | |
537 | |
538 | |
539 typedef struct sess_cert_st | |
540 { | |
541 STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ | |
542 | |
543 /* The 'peer_...' members are used only by clients. */ | |
544 int peer_cert_type; | |
545 | |
546 CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!)
*/ | |
547 CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; | |
548 /* Obviously we don't have the private keys of these, | |
549 * so maybe we shouldn't even use the CERT_PKEY type here. */ | |
550 | |
551 #ifndef OPENSSL_NO_RSA | |
552 RSA *peer_rsa_tmp; /* not used for SSL 2 */ | |
553 #endif | |
554 #ifndef OPENSSL_NO_DH | |
555 DH *peer_dh_tmp; /* not used for SSL 2 */ | |
556 #endif | |
557 #ifndef OPENSSL_NO_ECDH | |
558 EC_KEY *peer_ecdh_tmp; | |
559 #endif | |
560 | |
561 int references; /* actually always 1 at the moment */ | |
562 } SESS_CERT; | |
563 | |
564 | |
565 /*#define MAC_DEBUG */ | |
566 | |
567 /*#define ERR_DEBUG */ | |
568 /*#define ABORT_DEBUG */ | |
569 /*#define PKT_DEBUG 1 */ | |
570 /*#define DES_DEBUG */ | |
571 /*#define DES_OFB_DEBUG */ | |
572 /*#define SSL_DEBUG */ | |
573 /*#define RSA_DEBUG */ | |
574 /*#define IDEA_DEBUG */ | |
575 | |
576 #define FP_ICC (int (*)(const void *,const void *)) | |
577 #define ssl_put_cipher_by_char(ssl,ciph,ptr) \ | |
578 ((ssl)->method->put_cipher_by_char((ciph),(ptr))) | |
579 #define ssl_get_cipher_by_char(ssl,ptr) \ | |
580 ((ssl)->method->get_cipher_by_char(ptr)) | |
581 | |
582 /* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff | |
583 * It is a bit of a mess of functions, but hell, think of it as | |
584 * an opaque structure :-) */ | |
585 typedef struct ssl3_enc_method | |
586 { | |
587 int (*enc)(SSL *, int); | |
588 int (*mac)(SSL *, unsigned char *, int); | |
589 int (*setup_key_block)(SSL *); | |
590 int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, i
nt); | |
591 int (*change_cipher_state)(SSL *, int); | |
592 int (*final_finish_mac)(SSL *, const char *, int, unsigned char *); | |
593 int finish_mac_length; | |
594 int (*cert_verify_mac)(SSL *, int, unsigned char *); | |
595 const char *client_finished_label; | |
596 int client_finished_label_len; | |
597 const char *server_finished_label; | |
598 int server_finished_label_len; | |
599 int (*alert_value)(int); | |
600 int (*export_keying_material)(SSL *, unsigned char *, size_t, | |
601 const char *, size_t, | |
602 const unsigned char *, size_t, | |
603 int use_context); | |
604 } SSL3_ENC_METHOD; | |
605 | |
606 /* ssl_aead_ctx_st contains information about an AEAD that is being used to | |
607 * encrypt an SSL connection. */ | |
608 struct ssl_aead_ctx_st | |
609 { | |
610 EVP_AEAD_CTX ctx; | |
611 /* fixed_nonce contains any bytes of the nonce that are fixed for all | |
612 * records. */ | |
613 unsigned char fixed_nonce[8]; | |
614 unsigned char fixed_nonce_len, variable_nonce_len, tag_len; | |
615 /* variable_nonce_included_in_record is non-zero if the variable nonce | |
616 * for a record is included as a prefix before the ciphertext. */ | |
617 char variable_nonce_included_in_record; | |
618 }; | |
619 | |
620 #ifndef OPENSSL_NO_COMP | |
621 /* Used for holding the relevant compression methods loaded into SSL_CTX */ | |
622 typedef struct ssl3_comp_st | |
623 { | |
624 int comp_id; /* The identifier byte for this compression type */ | |
625 char *name; /* Text name used for the compression type */ | |
626 COMP_METHOD *method; /* The method :-) */ | |
627 } SSL3_COMP; | |
628 #endif | |
629 | |
630 #ifndef OPENSSL_NO_BUF_FREELISTS | |
631 typedef struct ssl3_buf_freelist_st | |
632 { | |
633 size_t chunklen; | |
634 unsigned int len; | |
635 struct ssl3_buf_freelist_entry_st *head; | |
636 } SSL3_BUF_FREELIST; | |
637 | |
638 typedef struct ssl3_buf_freelist_entry_st | |
639 { | |
640 struct ssl3_buf_freelist_entry_st *next; | |
641 } SSL3_BUF_FREELIST_ENTRY; | |
642 #endif | |
643 | |
644 extern SSL3_ENC_METHOD ssl3_undef_enc_method; | |
645 OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[]; | |
646 OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[]; | |
647 | |
648 | |
649 SSL_METHOD *ssl_bad_method(int ver); | |
650 | |
651 extern SSL3_ENC_METHOD TLSv1_enc_data; | |
652 extern SSL3_ENC_METHOD SSLv3_enc_data; | |
653 extern SSL3_ENC_METHOD DTLSv1_enc_data; | |
654 | |
655 #define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \ | |
656 s_get_meth) \ | |
657 const SSL_METHOD *func_name(void) \ | |
658 { \ | |
659 static const SSL_METHOD func_name##_data= { \ | |
660 version, \ | |
661 tls1_new, \ | |
662 tls1_clear, \ | |
663 tls1_free, \ | |
664 s_accept, \ | |
665 s_connect, \ | |
666 ssl3_read, \ | |
667 ssl3_peek, \ | |
668 ssl3_write, \ | |
669 ssl3_shutdown, \ | |
670 ssl3_renegotiate, \ | |
671 ssl3_renegotiate_check, \ | |
672 ssl3_get_message, \ | |
673 ssl3_read_bytes, \ | |
674 ssl3_write_bytes, \ | |
675 ssl3_dispatch_alert, \ | |
676 ssl3_ctrl, \ | |
677 ssl3_ctx_ctrl, \ | |
678 ssl3_get_cipher_by_char, \ | |
679 ssl3_put_cipher_by_char, \ | |
680 ssl3_pending, \ | |
681 ssl3_num_ciphers, \ | |
682 ssl3_get_cipher, \ | |
683 s_get_meth, \ | |
684 tls1_default_timeout, \ | |
685 &TLSv1_enc_data, \ | |
686 ssl_undefined_void_function, \ | |
687 ssl3_callback_ctrl, \ | |
688 ssl3_ctx_callback_ctrl, \ | |
689 }; \ | |
690 return &func_name##_data; \ | |
691 } | |
692 | |
693 #define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \ | |
694 const SSL_METHOD *func_name(void) \ | |
695 { \ | |
696 static const SSL_METHOD func_name##_data= { \ | |
697 SSL3_VERSION, \ | |
698 ssl3_new, \ | |
699 ssl3_clear, \ | |
700 ssl3_free, \ | |
701 s_accept, \ | |
702 s_connect, \ | |
703 ssl3_read, \ | |
704 ssl3_peek, \ | |
705 ssl3_write, \ | |
706 ssl3_shutdown, \ | |
707 ssl3_renegotiate, \ | |
708 ssl3_renegotiate_check, \ | |
709 ssl3_get_message, \ | |
710 ssl3_read_bytes, \ | |
711 ssl3_write_bytes, \ | |
712 ssl3_dispatch_alert, \ | |
713 ssl3_ctrl, \ | |
714 ssl3_ctx_ctrl, \ | |
715 ssl3_get_cipher_by_char, \ | |
716 ssl3_put_cipher_by_char, \ | |
717 ssl3_pending, \ | |
718 ssl3_num_ciphers, \ | |
719 ssl3_get_cipher, \ | |
720 s_get_meth, \ | |
721 ssl3_default_timeout, \ | |
722 &SSLv3_enc_data, \ | |
723 ssl_undefined_void_function, \ | |
724 ssl3_callback_ctrl, \ | |
725 ssl3_ctx_callback_ctrl, \ | |
726 }; \ | |
727 return &func_name##_data; \ | |
728 } | |
729 | |
730 #define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \ | |
731 const SSL_METHOD *func_name(void) \ | |
732 { \ | |
733 static const SSL_METHOD func_name##_data= { \ | |
734 TLS1_2_VERSION, \ | |
735 tls1_new, \ | |
736 tls1_clear, \ | |
737 tls1_free, \ | |
738 s_accept, \ | |
739 s_connect, \ | |
740 ssl23_read, \ | |
741 ssl23_peek, \ | |
742 ssl23_write, \ | |
743 ssl_undefined_function, \ | |
744 ssl_undefined_function, \ | |
745 ssl_ok, \ | |
746 ssl3_get_message, \ | |
747 ssl3_read_bytes, \ | |
748 ssl3_write_bytes, \ | |
749 ssl3_dispatch_alert, \ | |
750 ssl3_ctrl, \ | |
751 ssl3_ctx_ctrl, \ | |
752 ssl23_get_cipher_by_char, \ | |
753 ssl23_put_cipher_by_char, \ | |
754 ssl_undefined_const_function, \ | |
755 ssl23_num_ciphers, \ | |
756 ssl23_get_cipher, \ | |
757 s_get_meth, \ | |
758 ssl23_default_timeout, \ | |
759 &ssl3_undef_enc_method, \ | |
760 ssl_undefined_void_function, \ | |
761 ssl3_callback_ctrl, \ | |
762 ssl3_ctx_callback_ctrl, \ | |
763 }; \ | |
764 return &func_name##_data; \ | |
765 } | |
766 | |
767 #define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \ | |
768 const SSL_METHOD *func_name(void) \ | |
769 { \ | |
770 static const SSL_METHOD func_name##_data= { \ | |
771 SSL2_VERSION, \ | |
772 ssl2_new, /* local */ \ | |
773 ssl2_clear, /* local */ \ | |
774 ssl2_free, /* local */ \ | |
775 s_accept, \ | |
776 s_connect, \ | |
777 ssl2_read, \ | |
778 ssl2_peek, \ | |
779 ssl2_write, \ | |
780 ssl2_shutdown, \ | |
781 ssl_ok, /* NULL - renegotiate */ \ | |
782 ssl_ok, /* NULL - check renegotiate */ \ | |
783 NULL, /* NULL - ssl_get_message */ \ | |
784 NULL, /* NULL - ssl_get_record */ \ | |
785 NULL, /* NULL - ssl_write_bytes */ \ | |
786 NULL, /* NULL - dispatch_alert */ \ | |
787 ssl2_ctrl, /* local */ \ | |
788 ssl2_ctx_ctrl, /* local */ \ | |
789 ssl2_get_cipher_by_char, \ | |
790 ssl2_put_cipher_by_char, \ | |
791 ssl2_pending, \ | |
792 ssl2_num_ciphers, \ | |
793 ssl2_get_cipher, \ | |
794 s_get_meth, \ | |
795 ssl2_default_timeout, \ | |
796 &ssl3_undef_enc_method, \ | |
797 ssl_undefined_void_function, \ | |
798 ssl2_callback_ctrl, /* local */ \ | |
799 ssl2_ctx_callback_ctrl, /* local */ \ | |
800 }; \ | |
801 return &func_name##_data; \ | |
802 } | |
803 | |
804 #define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \ | |
805 const SSL_METHOD *func_name(void) \ | |
806 { \ | |
807 static const SSL_METHOD func_name##_data= { \ | |
808 DTLS1_VERSION, \ | |
809 dtls1_new, \ | |
810 dtls1_clear, \ | |
811 dtls1_free, \ | |
812 s_accept, \ | |
813 s_connect, \ | |
814 ssl3_read, \ | |
815 ssl3_peek, \ | |
816 ssl3_write, \ | |
817 dtls1_shutdown, \ | |
818 ssl3_renegotiate, \ | |
819 ssl3_renegotiate_check, \ | |
820 dtls1_get_message, \ | |
821 dtls1_read_bytes, \ | |
822 dtls1_write_app_data_bytes, \ | |
823 dtls1_dispatch_alert, \ | |
824 dtls1_ctrl, \ | |
825 ssl3_ctx_ctrl, \ | |
826 ssl3_get_cipher_by_char, \ | |
827 ssl3_put_cipher_by_char, \ | |
828 ssl3_pending, \ | |
829 ssl3_num_ciphers, \ | |
830 dtls1_get_cipher, \ | |
831 s_get_meth, \ | |
832 dtls1_default_timeout, \ | |
833 &DTLSv1_enc_data, \ | |
834 ssl_undefined_void_function, \ | |
835 ssl3_callback_ctrl, \ | |
836 ssl3_ctx_callback_ctrl, \ | |
837 }; \ | |
838 return &func_name##_data; \ | |
839 } | |
840 | |
841 void ssl_clear_cipher_ctx(SSL *s); | |
842 int ssl_clear_bad_session(SSL *s); | |
843 CERT *ssl_cert_new(void); | |
844 CERT *ssl_cert_dup(CERT *cert); | |
845 int ssl_cert_inst(CERT **o); | |
846 void ssl_cert_free(CERT *c); | |
847 SESS_CERT *ssl_sess_cert_new(void); | |
848 void ssl_sess_cert_free(SESS_CERT *sc); | |
849 int ssl_set_peer_cert_type(SESS_CERT *c, int type); | |
850 int ssl_get_new_session(SSL *s, int session); | |
851 int ssl_get_prev_session(SSL *s, unsigned char *session,int len, const unsigned
char *limit); | |
852 int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b); | |
853 DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, | |
854 ssl_cipher_id); | |
855 int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, | |
856 const SSL_CIPHER * const *bp); | |
857 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, | |
858 STACK_OF(SSL_CIPHER) **skp); | |
859 int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p, | |
860 int (*put_cb)(const SSL_CIPHER *, unsigned char *))
; | |
861 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, | |
862 STACK_OF(SSL_CIPHER) **pref, | |
863 STACK_OF(SSL_CIPHER) **sorted, | |
864 const char *rule_str); | |
865 void ssl_update_cache(SSL *s, int mode); | |
866 int ssl_cipher_get_comp(const SSL_SESSION *s, SSL_COMP **comp); | |
867 int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead); | |
868 int ssl_cipher_get_evp(const SSL_SESSION *s,const EVP_CIPHER **enc, | |
869 const EVP_MD **md,int *mac_pkey_type,int *mac_secret_size
); | |
870 int ssl_get_handshake_digest(int i,long *mask,const EVP_MD **md);
| |
871 int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); | |
872 int ssl_undefined_function(SSL *s); | |
873 int ssl_undefined_void_function(void); | |
874 int ssl_undefined_const_function(const SSL *s); | |
875 CERT_PKEY *ssl_get_server_send_pkey(const SSL *s); | |
876 X509 *ssl_get_server_send_cert(const SSL *); | |
877 EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd); | |
878 int ssl_cert_type(X509 *x,EVP_PKEY *pkey); | |
879 void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher); | |
880 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); | |
881 int ssl_verify_alarm_type(long type); | |
882 void ssl_load_ciphers(void); | |
883 | |
884 int ssl2_enc_init(SSL *s, int client); | |
885 int ssl2_generate_key_material(SSL *s); | |
886 void ssl2_enc(SSL *s,int send_data); | |
887 void ssl2_mac(SSL *s,unsigned char *mac,int send_data); | |
888 const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p); | |
889 int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); | |
890 int ssl2_part_read(SSL *s, unsigned long f, int i); | |
891 int ssl2_do_write(SSL *s); | |
892 int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data); | |
893 void ssl2_return_error(SSL *s,int reason); | |
894 void ssl2_write_error(SSL *s); | |
895 int ssl2_num_ciphers(void); | |
896 const SSL_CIPHER *ssl2_get_cipher(unsigned int u); | |
897 int ssl2_new(SSL *s); | |
898 void ssl2_free(SSL *s); | |
899 int ssl2_accept(SSL *s); | |
900 int ssl2_connect(SSL *s); | |
901 int ssl2_read(SSL *s, void *buf, int len); | |
902 int ssl2_peek(SSL *s, void *buf, int len); | |
903 int ssl2_write(SSL *s, const void *buf, int len); | |
904 int ssl2_shutdown(SSL *s); | |
905 void ssl2_clear(SSL *s); | |
906 long ssl2_ctrl(SSL *s,int cmd, long larg, void *parg); | |
907 long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); | |
908 long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); | |
909 long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); | |
910 int ssl2_pending(const SSL *s); | |
911 long ssl2_default_timeout(void ); | |
912 | |
913 const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); | |
914 int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); | |
915 void ssl3_init_finished_mac(SSL *s); | |
916 int ssl3_send_server_certificate(SSL *s); | |
917 int ssl3_send_newsession_ticket(SSL *s); | |
918 int ssl3_send_cert_status(SSL *s); | |
919 int ssl3_get_finished(SSL *s,int state_a,int state_b); | |
920 int ssl3_setup_key_block(SSL *s); | |
921 int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); | |
922 int ssl3_change_cipher_state(SSL *s,int which); | |
923 void ssl3_cleanup_key_block(SSL *s); | |
924 int ssl3_do_write(SSL *s,int type); | |
925 int ssl3_send_alert(SSL *s,int level, int desc); | |
926 int ssl3_generate_master_secret(SSL *s, unsigned char *out, | |
927 unsigned char *p, int len); | |
928 int ssl3_get_req_cert_type(SSL *s,unsigned char *p); | |
929 long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); | |
930 int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen); | |
931 int ssl3_num_ciphers(void); | |
932 const SSL_CIPHER *ssl3_get_cipher(unsigned int u); | |
933 int ssl3_renegotiate(SSL *ssl); | |
934 int ssl3_renegotiate_check(SSL *ssl); | |
935 int ssl3_dispatch_alert(SSL *s); | |
936 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); | |
937 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len); | |
938 int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,unsigned char *p)
; | |
939 int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); | |
940 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); | |
941 int ssl3_enc(SSL *s, int send_data); | |
942 int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data); | |
943 void ssl3_free_digest_list(SSL *s); | |
944 unsigned long ssl3_output_cert_chain(SSL *s, X509 *x); | |
945 SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *clnt, | |
946 STACK_OF(SSL_CIPHER) *srvr); | |
947 int ssl3_setup_buffers(SSL *s); | |
948 int ssl3_setup_read_buffer(SSL *s); | |
949 int ssl3_setup_write_buffer(SSL *s); | |
950 int ssl3_release_read_buffer(SSL *s); | |
951 int ssl3_release_write_buffer(SSL *s); | |
952 int ssl3_digest_cached_records(SSL *s); | |
953 int ssl3_new(SSL *s); | |
954 void ssl3_free(SSL *s); | |
955 int ssl3_accept(SSL *s); | |
956 int ssl3_connect(SSL *s); | |
957 int ssl3_read(SSL *s, void *buf, int len); | |
958 int ssl3_peek(SSL *s, void *buf, int len); | |
959 int ssl3_write(SSL *s, const void *buf, int len); | |
960 int ssl3_shutdown(SSL *s); | |
961 void ssl3_clear(SSL *s); | |
962 long ssl3_ctrl(SSL *s,int cmd, long larg, void *parg); | |
963 long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, void *parg); | |
964 long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); | |
965 long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)(void)); | |
966 int ssl3_pending(const SSL *s); | |
967 | |
968 void ssl3_record_sequence_update(unsigned char *seq); | |
969 int ssl3_do_change_cipher_spec(SSL *ssl); | |
970 long ssl3_default_timeout(void ); | |
971 | |
972 int ssl23_num_ciphers(void ); | |
973 const SSL_CIPHER *ssl23_get_cipher(unsigned int u); | |
974 int ssl23_read(SSL *s, void *buf, int len); | |
975 int ssl23_peek(SSL *s, void *buf, int len); | |
976 int ssl23_write(SSL *s, const void *buf, int len); | |
977 int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); | |
978 const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); | |
979 long ssl23_default_timeout(void ); | |
980 | |
981 long tls1_default_timeout(void); | |
982 int dtls1_do_write(SSL *s,int type); | |
983 int ssl3_read_n(SSL *s, int n, int max, int extend); | |
984 int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek); | |
985 int ssl3_do_compress(SSL *ssl); | |
986 int ssl3_do_uncompress(SSL *ssl); | |
987 int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, | |
988 unsigned int len); | |
989 unsigned char *dtls1_set_message_header(SSL *s, | |
990 unsigned char *p, unsigned char mt, unsigned long len, | |
991 unsigned long frag_off, unsigned long frag_len); | |
992 | |
993 int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len); | |
994 int dtls1_write_bytes(SSL *s, int type, const void *buf, int len); | |
995 | |
996 int dtls1_send_change_cipher_spec(SSL *s, int a, int b); | |
997 int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen); | |
998 unsigned long dtls1_output_cert_chain(SSL *s, X509 *x); | |
999 int dtls1_read_failed(SSL *s, int code); | |
1000 int dtls1_buffer_message(SSL *s, int ccs); | |
1001 int dtls1_retransmit_message(SSL *s, unsigned short seq, | |
1002 unsigned long frag_off, int *found); | |
1003 int dtls1_get_queue_priority(unsigned short seq, int is_ccs); | |
1004 int dtls1_retransmit_buffered_messages(SSL *s); | |
1005 void dtls1_clear_record_buffer(SSL *s); | |
1006 void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
; | |
1007 void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); | |
1008 void dtls1_reset_seq_numbers(SSL *s, int rw); | |
1009 long dtls1_default_timeout(void); | |
1010 struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft); | |
1011 int dtls1_check_timeout_num(SSL *s); | |
1012 int dtls1_handle_timeout(SSL *s); | |
1013 const SSL_CIPHER *dtls1_get_cipher(unsigned int u); | |
1014 void dtls1_start_timer(SSL *s); | |
1015 void dtls1_stop_timer(SSL *s); | |
1016 int dtls1_is_timer_expired(SSL *s); | |
1017 void dtls1_double_timeout(SSL *s); | |
1018 int dtls1_send_newsession_ticket(SSL *s); | |
1019 unsigned int dtls1_min_mtu(void); | |
1020 | |
1021 /* some client-only functions */ | |
1022 int ssl3_client_hello(SSL *s); | |
1023 int ssl3_get_server_hello(SSL *s); | |
1024 int ssl3_get_certificate_request(SSL *s); | |
1025 int ssl3_get_new_session_ticket(SSL *s); | |
1026 int ssl3_get_cert_status(SSL *s); | |
1027 int ssl3_get_server_done(SSL *s); | |
1028 int ssl3_send_client_verify(SSL *s); | |
1029 int ssl3_send_client_certificate(SSL *s); | |
1030 int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey); | |
1031 int ssl3_send_client_key_exchange(SSL *s); | |
1032 int ssl3_get_key_exchange(SSL *s); | |
1033 int ssl3_get_server_certificate(SSL *s); | |
1034 int ssl3_check_cert_and_algorithm(SSL *s); | |
1035 #ifndef OPENSSL_NO_TLSEXT | |
1036 int ssl3_check_finished(SSL *s); | |
1037 # ifndef OPENSSL_NO_NEXTPROTONEG | |
1038 int ssl3_send_next_proto(SSL *s); | |
1039 int ssl3_send_channel_id(SSL *s); | |
1040 # endif | |
1041 #endif | |
1042 | |
1043 int dtls1_client_hello(SSL *s); | |
1044 int dtls1_send_client_certificate(SSL *s); | |
1045 int dtls1_send_client_key_exchange(SSL *s); | |
1046 int dtls1_send_client_verify(SSL *s); | |
1047 | |
1048 /* some server-only functions */ | |
1049 int ssl3_get_client_hello(SSL *s); | |
1050 int ssl3_send_server_hello(SSL *s); | |
1051 int ssl3_send_hello_request(SSL *s); | |
1052 int ssl3_send_server_key_exchange(SSL *s); | |
1053 int ssl3_send_certificate_request(SSL *s); | |
1054 int ssl3_send_server_done(SSL *s); | |
1055 int ssl3_check_client_hello(SSL *s); | |
1056 int ssl3_get_client_certificate(SSL *s); | |
1057 int ssl3_get_client_key_exchange(SSL *s); | |
1058 int ssl3_get_cert_verify(SSL *s); | |
1059 #ifndef OPENSSL_NO_NEXTPROTONEG | |
1060 int ssl3_get_next_proto(SSL *s); | |
1061 #endif | |
1062 int ssl3_get_channel_id(SSL *s); | |
1063 | |
1064 int dtls1_send_hello_request(SSL *s); | |
1065 int dtls1_send_server_hello(SSL *s); | |
1066 int dtls1_send_server_certificate(SSL *s); | |
1067 int dtls1_send_server_key_exchange(SSL *s); | |
1068 int dtls1_send_certificate_request(SSL *s); | |
1069 int dtls1_send_server_done(SSL *s); | |
1070 | |
1071 | |
1072 | |
1073 int ssl23_accept(SSL *s); | |
1074 int ssl23_connect(SSL *s); | |
1075 int ssl23_read_bytes(SSL *s, int n); | |
1076 int ssl23_write_bytes(SSL *s); | |
1077 | |
1078 int tls1_new(SSL *s); | |
1079 void tls1_free(SSL *s); | |
1080 void tls1_clear(SSL *s); | |
1081 long tls1_ctrl(SSL *s,int cmd, long larg, void *parg); | |
1082 long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)(void)); | |
1083 | |
1084 int dtls1_new(SSL *s); | |
1085 int dtls1_accept(SSL *s); | |
1086 int dtls1_connect(SSL *s); | |
1087 void dtls1_free(SSL *s); | |
1088 void dtls1_clear(SSL *s); | |
1089 long dtls1_ctrl(SSL *s,int cmd, long larg, void *parg); | |
1090 int dtls1_shutdown(SSL *s); | |
1091 | |
1092 long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); | |
1093 int dtls1_get_record(SSL *s); | |
1094 int do_dtls1_write(SSL *s, int type, const unsigned char *buf, | |
1095 unsigned int len, int create_empty_fragement); | |
1096 int dtls1_dispatch_alert(SSL *s); | |
1097 int dtls1_enc(SSL *s, int snd); | |
1098 | |
1099 int ssl_init_wbio_buffer(SSL *s, int push); | |
1100 void ssl_free_wbio_buffer(SSL *s); | |
1101 | |
1102 int tls1_change_cipher_state(SSL *s, int which); | |
1103 int tls1_setup_key_block(SSL *s); | |
1104 int tls1_enc(SSL *s, int snd); | |
1105 int tls1_handshake_digest(SSL *s, unsigned char *out, size_t out_len); | |
1106 int tls1_final_finish_mac(SSL *s, | |
1107 const char *str, int slen, unsigned char *p); | |
1108 int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p); | |
1109 int tls1_mac(SSL *ssl, unsigned char *md, int snd); | |
1110 int tls1_generate_master_secret(SSL *s, unsigned char *out, | |
1111 unsigned char *p, int len); | |
1112 int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, | |
1113 const char *label, size_t llen, | |
1114 const unsigned char *p, size_t plen, int use_context); | |
1115 int tls1_alert_code(int code); | |
1116 int ssl3_alert_code(int code); | |
1117 int ssl_ok(SSL *s); | |
1118 | |
1119 #ifndef OPENSSL_NO_ECDH | |
1120 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s); | |
1121 #endif | |
1122 | |
1123 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); | |
1124 | |
1125 #ifndef OPENSSL_NO_EC | |
1126 int tls1_ec_curve_id2nid(int curve_id); | |
1127 int tls1_ec_nid2curve_id(int nid); | |
1128 #endif /* OPENSSL_NO_EC */ | |
1129 | |
1130 #ifndef OPENSSL_NO_TLSEXT | |
1131 unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c
har *limit, size_t header_len); | |
1132 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned c
har *limit); | |
1133 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d,
int n, int *al); | |
1134 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d,
int n, int *al); | |
1135 int ssl_prepare_clienthello_tlsext(SSL *s); | |
1136 int ssl_prepare_serverhello_tlsext(SSL *s); | |
1137 int ssl_check_clienthello_tlsext_early(SSL *s); | |
1138 int ssl_check_clienthello_tlsext_late(SSL *s); | |
1139 int ssl_check_serverhello_tlsext(SSL *s); | |
1140 | |
1141 #ifndef OPENSSL_NO_HEARTBEATS | |
1142 int tls1_heartbeat(SSL *s); | |
1143 int dtls1_heartbeat(SSL *s); | |
1144 int tls1_process_heartbeat(SSL *s); | |
1145 int dtls1_process_heartbeat(SSL *s); | |
1146 #endif | |
1147 | |
1148 #ifdef OPENSSL_NO_SHA256 | |
1149 #define tlsext_tick_md EVP_sha1 | |
1150 #else | |
1151 #define tlsext_tick_md EVP_sha256 | |
1152 #endif | |
1153 int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | |
1154 const unsigned char *limit, SSL_SESSION **ret); | |
1155 | |
1156 int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, | |
1157 const EVP_MD *md); | |
1158 int tls12_get_sigid(const EVP_PKEY *pk); | |
1159 const EVP_MD *tls12_get_hash(unsigned char hash_alg); | |
1160 | |
1161 int tls1_channel_id_hash(EVP_MD_CTX *ctx, SSL *s); | |
1162 int tls1_record_handshake_hashes_for_channel_id(SSL *s); | |
1163 #endif | |
1164 | |
1165 int ssl3_can_cutthrough(const SSL *s); | |
1166 | |
1167 EVP_MD_CTX* ssl_replace_hash(EVP_MD_CTX **hash,const EVP_MD *md) ; | |
1168 void ssl_clear_hash_ctx(EVP_MD_CTX **hash); | |
1169 int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len, | |
1170 int maxlen); | |
1171 int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len, | |
1172 int *al); | |
1173 int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len, | |
1174 int maxlen); | |
1175 int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len, | |
1176 int *al); | |
1177 long ssl_get_algorithm2(SSL *s); | |
1178 int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize); | |
1179 int tls12_get_req_sig_algs(SSL *s, unsigned char *p); | |
1180 | |
1181 int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max
len); | |
1182 int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al
); | |
1183 int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int max
len); | |
1184 int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,int *al
); | |
1185 | |
1186 /* s3_cbc.c */ | |
1187 void ssl3_cbc_copy_mac(unsigned char* out, | |
1188 const SSL3_RECORD *rec, | |
1189 unsigned md_size,unsigned orig_len); | |
1190 int ssl3_cbc_remove_padding(const SSL* s, | |
1191 SSL3_RECORD *rec, | |
1192 unsigned block_size, | |
1193 unsigned mac_size); | |
1194 int tls1_cbc_remove_padding(const SSL* s, | |
1195 SSL3_RECORD *rec, | |
1196 unsigned block_size, | |
1197 unsigned mac_size); | |
1198 char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx); | |
1199 void ssl3_cbc_digest_record( | |
1200 const EVP_MD_CTX *ctx, | |
1201 unsigned char* md_out, | |
1202 size_t* md_out_size, | |
1203 const unsigned char header[13], | |
1204 const unsigned char *data, | |
1205 size_t data_plus_mac_size, | |
1206 size_t data_plus_mac_plus_padding_size, | |
1207 const unsigned char *mac_secret, | |
1208 unsigned mac_secret_length, | |
1209 char is_sslv3); | |
1210 | |
1211 void tls_fips_digest_extra( | |
1212 const EVP_CIPHER_CTX *cipher_ctx, EVP_MD_CTX *mac_ctx, | |
1213 const unsigned char *data, size_t data_len, size_t orig_len); | |
1214 | |
1215 #endif | |
OLD | NEW |