OLD | NEW |
1 /* ssl/ssl.h */ | 1 /* ssl/ssl.h */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
284 #define SSL_TXT_RC2 "RC2" | 284 #define SSL_TXT_RC2 "RC2" |
285 #define SSL_TXT_IDEA "IDEA" | 285 #define SSL_TXT_IDEA "IDEA" |
286 #define SSL_TXT_SEED "SEED" | 286 #define SSL_TXT_SEED "SEED" |
287 #define SSL_TXT_AES128 "AES128" | 287 #define SSL_TXT_AES128 "AES128" |
288 #define SSL_TXT_AES256 "AES256" | 288 #define SSL_TXT_AES256 "AES256" |
289 #define SSL_TXT_AES "AES" | 289 #define SSL_TXT_AES "AES" |
290 #define SSL_TXT_AES_GCM "AESGCM" | 290 #define SSL_TXT_AES_GCM "AESGCM" |
291 #define SSL_TXT_CAMELLIA128 "CAMELLIA128" | 291 #define SSL_TXT_CAMELLIA128 "CAMELLIA128" |
292 #define SSL_TXT_CAMELLIA256 "CAMELLIA256" | 292 #define SSL_TXT_CAMELLIA256 "CAMELLIA256" |
293 #define SSL_TXT_CAMELLIA "CAMELLIA" | 293 #define SSL_TXT_CAMELLIA "CAMELLIA" |
| 294 #define SSL_TXT_CHACHA20 "CHACHA20" |
294 | 295 |
295 #define SSL_TXT_MD5 "MD5" | 296 #define SSL_TXT_MD5 "MD5" |
296 #define SSL_TXT_SHA1 "SHA1" | 297 #define SSL_TXT_SHA1 "SHA1" |
297 #define SSL_TXT_SHA "SHA" /* same as "SHA1" */ | 298 #define SSL_TXT_SHA "SHA" /* same as "SHA1" */ |
298 #define SSL_TXT_GOST94 "GOST94" | 299 #define SSL_TXT_GOST94 "GOST94" |
299 #define SSL_TXT_GOST89MAC "GOST89MAC" | 300 #define SSL_TXT_GOST89MAC "GOST89MAC" |
300 #define SSL_TXT_SHA256 "SHA256" | 301 #define SSL_TXT_SHA256 "SHA256" |
301 #define SSL_TXT_SHA384 "SHA384" | 302 #define SSL_TXT_SHA384 "SHA384" |
302 | 303 |
303 #define SSL_TXT_SSLV2 "SSLv2" | 304 #define SSL_TXT_SSLV2 "SSLv2" |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
392 unsigned long id; /* id, 4 bytes, first is version */ | 393 unsigned long id; /* id, 4 bytes, first is version */ |
393 | 394 |
394 /* changed in 0.9.9: these four used to be portions of a single value 'a
lgorithms' */ | 395 /* changed in 0.9.9: these four used to be portions of a single value 'a
lgorithms' */ |
395 unsigned long algorithm_mkey; /* key exchange algorithm */ | 396 unsigned long algorithm_mkey; /* key exchange algorithm */ |
396 unsigned long algorithm_auth; /* server authentication */ | 397 unsigned long algorithm_auth; /* server authentication */ |
397 unsigned long algorithm_enc; /* symmetric encryption */ | 398 unsigned long algorithm_enc; /* symmetric encryption */ |
398 unsigned long algorithm_mac; /* symmetric authentication */ | 399 unsigned long algorithm_mac; /* symmetric authentication */ |
399 unsigned long algorithm_ssl; /* (major) protocol version */ | 400 unsigned long algorithm_ssl; /* (major) protocol version */ |
400 | 401 |
401 unsigned long algo_strength; /* strength and export flags */ | 402 unsigned long algo_strength; /* strength and export flags */ |
402 » unsigned long algorithm2;» /* Extra flags */ | 403 » unsigned long algorithm2;» /* Extra flags. See SSL2_CF_* in ssl2.h |
| 404 » » » » » and algorithm2 section in |
| 405 » » » » » ssl_locl.h */ |
403 int strength_bits; /* Number of bits really used */ | 406 int strength_bits; /* Number of bits really used */ |
404 int alg_bits; /* Number of bits for algorithm */ | 407 int alg_bits; /* Number of bits for algorithm */ |
405 }; | 408 }; |
406 | 409 |
407 | 410 |
408 /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ | 411 /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ |
409 struct ssl_method_st | 412 struct ssl_method_st |
410 { | 413 { |
411 int version; | 414 int version; |
412 int (*ssl_new)(SSL *s); | 415 int (*ssl_new)(SSL *s); |
(...skipping 308 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
721 int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx); | 724 int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx); |
722 int SSL_SRP_CTX_free(SSL *ctx); | 725 int SSL_SRP_CTX_free(SSL *ctx); |
723 int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx); | 726 int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx); |
724 int SSL_srp_server_param_with_username(SSL *s, int *ad); | 727 int SSL_srp_server_param_with_username(SSL *s, int *ad); |
725 int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key); | 728 int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key); |
726 int SRP_Calc_A_param(SSL *s); | 729 int SRP_Calc_A_param(SSL *s); |
727 int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key); | 730 int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key); |
728 | 731 |
729 #endif | 732 #endif |
730 | 733 |
| 734 struct ssl_aead_ctx_st; |
| 735 typedef struct ssl_aead_ctx_st SSL_AEAD_CTX; |
| 736 |
731 #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) | 737 #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) |
732 #define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */ | 738 #define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */ |
733 #else | 739 #else |
734 #define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */ | 740 #define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */ |
735 #endif | 741 #endif |
736 | 742 |
737 #define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) | 743 #define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) |
738 | 744 |
739 /* This callback type is used inside SSL_CTX, SSL, and in the functions that set | 745 /* This callback type is used inside SSL_CTX, SSL, and in the functions that set |
740 * them. It is used to override the generation of SSL/TLS session IDs in a | 746 * them. It is used to override the generation of SSL/TLS session IDs in a |
(...skipping 465 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1206 int trust; /* Trust setting */ | 1212 int trust; /* Trust setting */ |
1207 #endif | 1213 #endif |
1208 | 1214 |
1209 /* crypto */ | 1215 /* crypto */ |
1210 STACK_OF(SSL_CIPHER) *cipher_list; | 1216 STACK_OF(SSL_CIPHER) *cipher_list; |
1211 STACK_OF(SSL_CIPHER) *cipher_list_by_id; | 1217 STACK_OF(SSL_CIPHER) *cipher_list_by_id; |
1212 | 1218 |
1213 /* These are the ones being used, the ones in SSL_SESSION are | 1219 /* These are the ones being used, the ones in SSL_SESSION are |
1214 * the ones to be 'copied' into these ones */ | 1220 * the ones to be 'copied' into these ones */ |
1215 int mac_flags; | 1221 int mac_flags; |
| 1222 SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then |
| 1223 |enc_read_ctx| and |read_hash| are |
| 1224 ignored. */ |
1216 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ | 1225 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ |
1217 EVP_MD_CTX *read_hash; /* used for mac generation */ | 1226 EVP_MD_CTX *read_hash; /* used for mac generation */ |
1218 #ifndef OPENSSL_NO_COMP | 1227 #ifndef OPENSSL_NO_COMP |
1219 COMP_CTX *expand; /* uncompress */ | 1228 COMP_CTX *expand; /* uncompress */ |
1220 #else | 1229 #else |
1221 char *expand; | 1230 char *expand; |
1222 #endif | 1231 #endif |
1223 | 1232 |
| 1233 SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then |
| 1234 |enc_write_ctx| and |write_hash| are |
| 1235 ignored. */ |
1224 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ | 1236 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ |
1225 EVP_MD_CTX *write_hash; /* used for mac generation */ | 1237 EVP_MD_CTX *write_hash; /* used for mac generation */ |
1226 #ifndef OPENSSL_NO_COMP | 1238 #ifndef OPENSSL_NO_COMP |
1227 COMP_CTX *compress; /* compression */ | 1239 COMP_CTX *compress; /* compression */ |
1228 #else | 1240 #else |
1229 char *compress; | 1241 char *compress; |
1230 #endif | 1242 #endif |
1231 | 1243 |
1232 /* session info */ | 1244 /* session info */ |
1233 | 1245 |
(...skipping 1086 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2320 #define SSL_F_SSL_USE_CERTIFICATE_FILE 200 | 2332 #define SSL_F_SSL_USE_CERTIFICATE_FILE 200 |
2321 #define SSL_F_SSL_USE_PRIVATEKEY 201 | 2333 #define SSL_F_SSL_USE_PRIVATEKEY 201 |
2322 #define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 | 2334 #define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 |
2323 #define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 | 2335 #define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 |
2324 #define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273 | 2336 #define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273 |
2325 #define SSL_F_SSL_USE_RSAPRIVATEKEY 204 | 2337 #define SSL_F_SSL_USE_RSAPRIVATEKEY 204 |
2326 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 | 2338 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 |
2327 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 | 2339 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 |
2328 #define SSL_F_SSL_VERIFY_CERT_CHAIN 207 | 2340 #define SSL_F_SSL_VERIFY_CERT_CHAIN 207 |
2329 #define SSL_F_SSL_WRITE 208 | 2341 #define SSL_F_SSL_WRITE 208 |
| 2342 #define SSL_F_TLS1_AEAD_CTX_INIT 339 |
2330 #define SSL_F_TLS1_CERT_VERIFY_MAC 286 | 2343 #define SSL_F_TLS1_CERT_VERIFY_MAC 286 |
2331 #define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 | 2344 #define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 |
| 2345 #define SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD 340 |
| 2346 #define SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER 338 |
2332 #define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274 | 2347 #define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274 |
2333 #define SSL_F_TLS1_ENC 210 | 2348 #define SSL_F_TLS1_ENC 210 |
2334 #define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314 | 2349 #define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314 |
2335 #define SSL_F_TLS1_HEARTBEAT 315 | 2350 #define SSL_F_TLS1_HEARTBEAT 315 |
2336 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275 | 2351 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275 |
2337 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 | 2352 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 |
2338 #define SSL_F_TLS1_PRF 284 | 2353 #define SSL_F_TLS1_PRF 284 |
2339 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 | 2354 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 |
2340 #define SSL_F_WRITE_PENDING 212 | 2355 #define SSL_F_WRITE_PENDING 212 |
2341 | 2356 |
(...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2647 #define SSL_R_WRONG_SIGNATURE_TYPE 370 | 2662 #define SSL_R_WRONG_SIGNATURE_TYPE 370 |
2648 #define SSL_R_WRONG_SSL_VERSION 266 | 2663 #define SSL_R_WRONG_SSL_VERSION 266 |
2649 #define SSL_R_WRONG_VERSION_NUMBER 267 | 2664 #define SSL_R_WRONG_VERSION_NUMBER 267 |
2650 #define SSL_R_X509_LIB 268 | 2665 #define SSL_R_X509_LIB 268 |
2651 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 | 2666 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 |
2652 | 2667 |
2653 #ifdef __cplusplus | 2668 #ifdef __cplusplus |
2654 } | 2669 } |
2655 #endif | 2670 #endif |
2656 #endif | 2671 #endif |
OLD | NEW |