ssl3.h revision 264331
119370Spst/* ssl/ssl3.h */
2130803Smarcel/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3130803Smarcel * All rights reserved.
4130803Smarcel *
5130803Smarcel * This package is an SSL implementation written
619370Spst * by Eric Young (eay@cryptsoft.com).
719370Spst * The implementation was written so as to conform with Netscapes SSL.
819370Spst *
998944Sobrien * This library is free for commercial and non-commercial use as long as
1019370Spst * the following conditions are aheared to.  The following conditions
1198944Sobrien * apply to all code found in this distribution, be it the RC4, RSA,
1298944Sobrien * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1398944Sobrien * included with this distribution is covered by the same copyright terms
1498944Sobrien * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1519370Spst *
1698944Sobrien * Copyright remains Eric Young's, and as such any Copyright notices in
1798944Sobrien * the code are not to be removed.
1898944Sobrien * If this package is used in a product, Eric Young should be given attribution
1998944Sobrien * as the author of the parts of the library used.
2019370Spst * This can be in the form of a textual message at program startup or
2198944Sobrien * in documentation (online or textual) provided with the package.
2298944Sobrien *
2398944Sobrien * Redistribution and use in source and binary forms, with or without
2498944Sobrien * modification, are permitted provided that the following conditions
2519370Spst * are met:
2619370Spst * 1. Redistributions of source code must retain the copyright
2719370Spst *    notice, this list of conditions and the following disclaimer.
2819370Spst * 2. Redistributions in binary form must reproduce the above copyright
2919370Spst *    notice, this list of conditions and the following disclaimer in the
3019370Spst *    documentation and/or other materials provided with the distribution.
3119370Spst * 3. All advertising materials mentioning features or use of this software
3219370Spst *    must display the following acknowledgement:
3319370Spst *    "This product includes cryptographic software written by
3419370Spst *     Eric Young (eay@cryptsoft.com)"
3519370Spst *    The word 'cryptographic' can be left out if the rouines from the library
3619370Spst *    being used are not cryptographic related :-).
3719370Spst * 4. If you include any Windows specific code (or a derivative thereof) from
3819370Spst *    the apps directory (application code) you must include an acknowledgement:
3919370Spst *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
4019370Spst *
4119370Spst * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4219370Spst * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4319370Spst * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4419370Spst * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4519370Spst * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4698944Sobrien * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47130803Smarcel * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4819370Spst * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4998944Sobrien * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5019370Spst * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5198944Sobrien * SUCH DAMAGE.
5219370Spst *
5398944Sobrien * The licence and distribution terms for any publically available version or
5419370Spst * derivative of this code cannot be changed.  i.e. this code cannot simply be
5598944Sobrien * copied and put under another distribution licence
5619370Spst * [including the GNU Public Licence.]
5798944Sobrien */
5819370Spst/* ====================================================================
5998944Sobrien * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
6019370Spst *
6198944Sobrien * Redistribution and use in source and binary forms, with or without
6219370Spst * modification, are permitted provided that the following conditions
6398944Sobrien * are met:
6419370Spst *
6598944Sobrien * 1. Redistributions of source code must retain the above copyright
6619370Spst *    notice, this list of conditions and the following disclaimer.
6798944Sobrien *
6819370Spst * 2. Redistributions in binary form must reproduce the above copyright
6998944Sobrien *    notice, this list of conditions and the following disclaimer in
7019370Spst *    the documentation and/or other materials provided with the
7198944Sobrien *    distribution.
7219370Spst *
7398944Sobrien * 3. All advertising materials mentioning features or use of this
7419370Spst *    software must display the following acknowledgment:
7598944Sobrien *    "This product includes software developed by the OpenSSL Project
7619370Spst *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
7798944Sobrien *
7846283Sdfr * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
7998944Sobrien *    endorse or promote products derived from this software without
8046283Sdfr *    prior written permission. For written permission, please contact
8198944Sobrien *    openssl-core@openssl.org.
8246283Sdfr *
8398944Sobrien * 5. Products derived from this software may not be called "OpenSSL"
8446283Sdfr *    nor may "OpenSSL" appear in their names without prior written
8598944Sobrien *    permission of the OpenSSL Project.
8646283Sdfr *
8798944Sobrien * 6. Redistributions of any form whatsoever must retain the following
8846283Sdfr *    acknowledgment:
8998944Sobrien *    "This product includes software developed by the OpenSSL Project
9098944Sobrien *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
9198944Sobrien *
9246283Sdfr * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
9398944Sobrien * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
9498944Sobrien * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
9598944Sobrien * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
9698944Sobrien * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
9798944Sobrien * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
9898944Sobrien * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
9998944Sobrien * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
10098944Sobrien * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
10198944Sobrien * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
10298944Sobrien * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
10398944Sobrien * OF THE POSSIBILITY OF SUCH DAMAGE.
104130803Smarcel * ====================================================================
105130803Smarcel *
10619370Spst * This product includes cryptographic software written by Eric Young
10719370Spst * (eay@cryptsoft.com).  This product includes software written by Tim
10898944Sobrien * Hudson (tjh@cryptsoft.com).
10919370Spst *
11098944Sobrien */
11198944Sobrien/* ====================================================================
11298944Sobrien * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
11319370Spst * ECC cipher suite support in OpenSSL originally developed by
11419370Spst * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
11519370Spst */
11619370Spst
11719370Spst#ifndef HEADER_SSL3_H
11898944Sobrien#define HEADER_SSL3_H
11998944Sobrien
12019370Spst#ifndef OPENSSL_NO_COMP
12119370Spst#include <openssl/comp.h>
12219370Spst#endif
12319370Spst#include <openssl/buffer.h>
12419370Spst#include <openssl/evp.h>
12519370Spst#include <openssl/ssl.h>
12619370Spst
12719370Spst#ifdef  __cplusplus
12819370Spstextern "C" {
12919370Spst#endif
13019370Spst
13119370Spst/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
13219370Spst#define SSL3_CK_SCSV				0x030000FF
13319370Spst
13419370Spst#define SSL3_CK_RSA_NULL_MD5			0x03000001
13519370Spst#define SSL3_CK_RSA_NULL_SHA			0x03000002
13619370Spst#define SSL3_CK_RSA_RC4_40_MD5 			0x03000003
13719370Spst#define SSL3_CK_RSA_RC4_128_MD5			0x03000004
13819370Spst#define SSL3_CK_RSA_RC4_128_SHA			0x03000005
13919370Spst#define SSL3_CK_RSA_RC2_40_MD5			0x03000006
14019370Spst#define SSL3_CK_RSA_IDEA_128_SHA		0x03000007
14119370Spst#define SSL3_CK_RSA_DES_40_CBC_SHA		0x03000008
14219370Spst#define SSL3_CK_RSA_DES_64_CBC_SHA		0x03000009
14319370Spst#define SSL3_CK_RSA_DES_192_CBC3_SHA		0x0300000A
14419370Spst
14519370Spst#define SSL3_CK_DH_DSS_DES_40_CBC_SHA		0x0300000B
14619370Spst#define SSL3_CK_DH_DSS_DES_64_CBC_SHA		0x0300000C
14798944Sobrien#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 	0x0300000D
14819370Spst#define SSL3_CK_DH_RSA_DES_40_CBC_SHA		0x0300000E
14919370Spst#define SSL3_CK_DH_RSA_DES_64_CBC_SHA		0x0300000F
15019370Spst#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 	0x03000010
15119370Spst
15298944Sobrien#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA		0x03000011
15398944Sobrien#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		0x03000012
15419370Spst#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	0x03000013
15519370Spst#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		0x03000014
15619370Spst#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		0x03000015
15719370Spst#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	0x03000016
15819370Spst
15919370Spst#define SSL3_CK_ADH_RC4_40_MD5			0x03000017
16098944Sobrien#define SSL3_CK_ADH_RC4_128_MD5			0x03000018
16119370Spst#define SSL3_CK_ADH_DES_40_CBC_SHA		0x03000019
16298944Sobrien#define SSL3_CK_ADH_DES_64_CBC_SHA		0x0300001A
16319370Spst#define SSL3_CK_ADH_DES_192_CBC_SHA		0x0300001B
16498944Sobrien
16598944Sobrien#if 0
16698944Sobrien	#define SSL3_CK_FZA_DMS_NULL_SHA		0x0300001C
16798944Sobrien	#define SSL3_CK_FZA_DMS_FZA_SHA			0x0300001D
16898944Sobrien	#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
16919370Spst		 to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
17019370Spst		 of the ietf-tls list */
17119370Spst	#define SSL3_CK_FZA_DMS_RC4_SHA			0x0300001E
17219370Spst	#endif
17398944Sobrien#endif
17419370Spst
17519370Spst/*    VRS Additional Kerberos5 entries
17619370Spst */
17719370Spst#define SSL3_CK_KRB5_DES_64_CBC_SHA		0x0300001E
17819370Spst#define SSL3_CK_KRB5_DES_192_CBC3_SHA		0x0300001F
17919370Spst#define SSL3_CK_KRB5_RC4_128_SHA		0x03000020
18019370Spst#define SSL3_CK_KRB5_IDEA_128_CBC_SHA	       	0x03000021
18198944Sobrien#define SSL3_CK_KRB5_DES_64_CBC_MD5       	0x03000022
18219370Spst#define SSL3_CK_KRB5_DES_192_CBC3_MD5       	0x03000023
18319370Spst#define SSL3_CK_KRB5_RC4_128_MD5	       	0x03000024
18419370Spst#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 		0x03000025
18519370Spst
18619370Spst#define SSL3_CK_KRB5_DES_40_CBC_SHA 		0x03000026
18719370Spst#define SSL3_CK_KRB5_RC2_40_CBC_SHA 		0x03000027
18819370Spst#define SSL3_CK_KRB5_RC4_40_SHA	 		0x03000028
18919370Spst#define SSL3_CK_KRB5_DES_40_CBC_MD5 		0x03000029
19019370Spst#define SSL3_CK_KRB5_RC2_40_CBC_MD5 		0x0300002A
19119370Spst#define SSL3_CK_KRB5_RC4_40_MD5	 		0x0300002B
19219370Spst
19319370Spst#define SSL3_TXT_RSA_NULL_MD5			"NULL-MD5"
19419370Spst#define SSL3_TXT_RSA_NULL_SHA			"NULL-SHA"
19598944Sobrien#define SSL3_TXT_RSA_RC4_40_MD5 		"EXP-RC4-MD5"
19698944Sobrien#define SSL3_TXT_RSA_RC4_128_MD5		"RC4-MD5"
19719370Spst#define SSL3_TXT_RSA_RC4_128_SHA		"RC4-SHA"
19819370Spst#define SSL3_TXT_RSA_RC2_40_MD5			"EXP-RC2-CBC-MD5"
19919370Spst#define SSL3_TXT_RSA_IDEA_128_SHA		"IDEA-CBC-SHA"
20019370Spst#define SSL3_TXT_RSA_DES_40_CBC_SHA		"EXP-DES-CBC-SHA"
20198944Sobrien#define SSL3_TXT_RSA_DES_64_CBC_SHA		"DES-CBC-SHA"
20219370Spst#define SSL3_TXT_RSA_DES_192_CBC3_SHA		"DES-CBC3-SHA"
20319370Spst
20419370Spst#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA		"EXP-DH-DSS-DES-CBC-SHA"
20519370Spst#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA		"DH-DSS-DES-CBC-SHA"
20698944Sobrien#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA 	"DH-DSS-DES-CBC3-SHA"
20798944Sobrien#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA		"EXP-DH-RSA-DES-CBC-SHA"
208130803Smarcel#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA		"DH-RSA-DES-CBC-SHA"
20998944Sobrien#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA 	"DH-RSA-DES-CBC3-SHA"
21098944Sobrien
21198944Sobrien#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA		"EXP-EDH-DSS-DES-CBC-SHA"
21298944Sobrien#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA		"EDH-DSS-DES-CBC-SHA"
21398944Sobrien#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA	"EDH-DSS-DES-CBC3-SHA"
21498944Sobrien#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA		"EXP-EDH-RSA-DES-CBC-SHA"
21598944Sobrien#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA		"EDH-RSA-DES-CBC-SHA"
21698944Sobrien#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA	"EDH-RSA-DES-CBC3-SHA"
21798944Sobrien
21898944Sobrien#define SSL3_TXT_ADH_RC4_40_MD5			"EXP-ADH-RC4-MD5"
21998944Sobrien#define SSL3_TXT_ADH_RC4_128_MD5		"ADH-RC4-MD5"
22098944Sobrien#define SSL3_TXT_ADH_DES_40_CBC_SHA		"EXP-ADH-DES-CBC-SHA"
22198944Sobrien#define SSL3_TXT_ADH_DES_64_CBC_SHA		"ADH-DES-CBC-SHA"
22298944Sobrien#define SSL3_TXT_ADH_DES_192_CBC_SHA		"ADH-DES-CBC3-SHA"
22398944Sobrien
22498944Sobrien#if 0
22598944Sobrien	#define SSL3_TXT_FZA_DMS_NULL_SHA		"FZA-NULL-SHA"
22698944Sobrien	#define SSL3_TXT_FZA_DMS_FZA_SHA		"FZA-FZA-CBC-SHA"
22798944Sobrien	#define SSL3_TXT_FZA_DMS_RC4_SHA		"FZA-RC4-SHA"
22898944Sobrien#endif
22998944Sobrien
23098944Sobrien#define SSL3_TXT_KRB5_DES_64_CBC_SHA		"KRB5-DES-CBC-SHA"
23198944Sobrien#define SSL3_TXT_KRB5_DES_192_CBC3_SHA		"KRB5-DES-CBC3-SHA"
23219370Spst#define SSL3_TXT_KRB5_RC4_128_SHA		"KRB5-RC4-SHA"
23319370Spst#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA	       	"KRB5-IDEA-CBC-SHA"
23419370Spst#define SSL3_TXT_KRB5_DES_64_CBC_MD5       	"KRB5-DES-CBC-MD5"
23519370Spst#define SSL3_TXT_KRB5_DES_192_CBC3_MD5       	"KRB5-DES-CBC3-MD5"
23698944Sobrien#define SSL3_TXT_KRB5_RC4_128_MD5		"KRB5-RC4-MD5"
23798944Sobrien#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 		"KRB5-IDEA-CBC-MD5"
23898944Sobrien
23998944Sobrien#define SSL3_TXT_KRB5_DES_40_CBC_SHA 		"EXP-KRB5-DES-CBC-SHA"
24019370Spst#define SSL3_TXT_KRB5_RC2_40_CBC_SHA 		"EXP-KRB5-RC2-CBC-SHA"
24119370Spst#define SSL3_TXT_KRB5_RC4_40_SHA	 	"EXP-KRB5-RC4-SHA"
24219370Spst#define SSL3_TXT_KRB5_DES_40_CBC_MD5 		"EXP-KRB5-DES-CBC-MD5"
24319370Spst#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 		"EXP-KRB5-RC2-CBC-MD5"
24419370Spst#define SSL3_TXT_KRB5_RC4_40_MD5	 	"EXP-KRB5-RC4-MD5"
24598944Sobrien
24619370Spst#define SSL3_SSL_SESSION_ID_LENGTH		32
24798944Sobrien#define SSL3_MAX_SSL_SESSION_ID_LENGTH		32
24898944Sobrien
24998944Sobrien#define SSL3_MASTER_SECRET_SIZE			48
25019370Spst#define SSL3_RANDOM_SIZE			32
25119370Spst#define SSL3_SESSION_ID_SIZE			32
25219370Spst#define SSL3_RT_HEADER_LENGTH			5
25319370Spst
25498944Sobrien#ifndef SSL3_ALIGN_PAYLOAD
25519370Spst /* Some will argue that this increases memory footprint, but it's
256130803Smarcel  * not actually true. Point is that malloc has to return at least
25798944Sobrien  * 64-bit aligned pointers, meaning that allocating 5 bytes wastes
25819370Spst  * 3 bytes in either case. Suggested pre-gaping simply moves these
25919370Spst  * wasted bytes from the end of allocated region to its front,
26098944Sobrien  * but makes data payload aligned, which improves performance:-) */
261130803Smarcel# define SSL3_ALIGN_PAYLOAD			8
26298944Sobrien#else
26319370Spst# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
26419370Spst#  error "insane SSL3_ALIGN_PAYLOAD"
26598944Sobrien#  undef SSL3_ALIGN_PAYLOAD
266130803Smarcel# endif
26798944Sobrien#endif
26819370Spst
26919370Spst/* This is the maximum MAC (digest) size used by the SSL library.
27098944Sobrien * Currently maximum of 20 is used by SHA1, but we reserve for
271130803Smarcel * future extension for 512-bit hashes.
27298944Sobrien */
27319370Spst
27498944Sobrien#define SSL3_RT_MAX_MD_SIZE			64
27519370Spst
27698944Sobrien/* Maximum block size used in all ciphersuites. Currently 16 for AES.
27719370Spst */
27898944Sobrien
27998944Sobrien#define	SSL_RT_MAX_CIPHER_BLOCK_SIZE		16
28098944Sobrien
28198944Sobrien#define SSL3_RT_MAX_EXTRA			(16384)
28298944Sobrien
28398944Sobrien/* Maximum plaintext length: defined by SSL/TLS standards */
28498944Sobrien#define SSL3_RT_MAX_PLAIN_LENGTH		16384
28519370Spst/* Maximum compression overhead: defined by SSL/TLS standards */
28619370Spst#define SSL3_RT_MAX_COMPRESSED_OVERHEAD		1024
28719370Spst
28819370Spst/* The standards give a maximum encryption overhead of 1024 bytes.
28919370Spst * In practice the value is lower than this. The overhead is the maximum
29098944Sobrien * number of padding bytes (256) plus the mac size.
29119370Spst */
29219370Spst#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD	(256 + SSL3_RT_MAX_MD_SIZE)
29398944Sobrien
29498944Sobrien/* OpenSSL currently only uses a padding length of at most one block so
29598944Sobrien * the send overhead is smaller.
29619370Spst */
29719370Spst
29819370Spst#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
29919370Spst			(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
30098944Sobrien
30119370Spst/* If compression isn't used don't include the compression overhead */
302130803Smarcel
30398944Sobrien#ifdef OPENSSL_NO_COMP
30419370Spst#define SSL3_RT_MAX_COMPRESSED_LENGTH		SSL3_RT_MAX_PLAIN_LENGTH
30519370Spst#else
30698944Sobrien#define SSL3_RT_MAX_COMPRESSED_LENGTH	\
307130803Smarcel		(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
30898944Sobrien#endif
30919370Spst#define SSL3_RT_MAX_ENCRYPTED_LENGTH	\
31019370Spst		(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
31198944Sobrien#define SSL3_RT_MAX_PACKET_SIZE		\
312130803Smarcel		(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
31398944Sobrien
31419370Spst#define SSL3_MD_CLIENT_FINISHED_CONST	"\x43\x4C\x4E\x54"
31519370Spst#define SSL3_MD_SERVER_FINISHED_CONST	"\x53\x52\x56\x52"
31698944Sobrien
317130803Smarcel#define SSL3_VERSION			0x0300
31898944Sobrien#define SSL3_VERSION_MAJOR		0x03
31919370Spst#define SSL3_VERSION_MINOR		0x00
32098944Sobrien
32119370Spst#define SSL3_RT_CHANGE_CIPHER_SPEC	20
32298944Sobrien#define SSL3_RT_ALERT			21
32319370Spst#define SSL3_RT_HANDSHAKE		22
32498944Sobrien#define SSL3_RT_APPLICATION_DATA	23
32598944Sobrien#define TLS1_RT_HEARTBEAT		24
32698944Sobrien
32798944Sobrien#define SSL3_AL_WARNING			1
32898944Sobrien#define SSL3_AL_FATAL			2
32998944Sobrien
33098944Sobrien#define SSL3_AD_CLOSE_NOTIFY		 0
33198944Sobrien#define SSL3_AD_UNEXPECTED_MESSAGE	10	/* fatal */
33298944Sobrien#define SSL3_AD_BAD_RECORD_MAC		20	/* fatal */
33398944Sobrien#define SSL3_AD_DECOMPRESSION_FAILURE	30	/* fatal */
33498944Sobrien#define SSL3_AD_HANDSHAKE_FAILURE	40	/* fatal */
33598944Sobrien#define SSL3_AD_NO_CERTIFICATE		41
33698944Sobrien#define SSL3_AD_BAD_CERTIFICATE		42
33798944Sobrien#define SSL3_AD_UNSUPPORTED_CERTIFICATE	43
33898944Sobrien#define SSL3_AD_CERTIFICATE_REVOKED	44
33998944Sobrien#define SSL3_AD_CERTIFICATE_EXPIRED	45
34098944Sobrien#define SSL3_AD_CERTIFICATE_UNKNOWN	46
34198944Sobrien#define SSL3_AD_ILLEGAL_PARAMETER	47	/* fatal */
34298944Sobrien
34398944Sobrien#define TLS1_HB_REQUEST		1
34498944Sobrien#define TLS1_HB_RESPONSE	2
34598944Sobrien
34698944Sobrien#ifndef OPENSSL_NO_SSL_INTERN
347130803Smarcel
34898944Sobrientypedef struct ssl3_record_st
34998944Sobrien	{
35098944Sobrien/*r */	int type;               /* type of record */
35119370Spst/*rw*/	unsigned int length;    /* How many bytes available */
352130803Smarcel/*r */	unsigned int off;       /* read/write offset into 'buf' */
35398944Sobrien/*rw*/	unsigned char *data;    /* pointer to the record data */
35498944Sobrien/*rw*/	unsigned char *input;   /* where the decode bytes are */
35598944Sobrien/*r */	unsigned char *comp;    /* only used with decompression - malloc()ed */
35698944Sobrien/*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
357130803Smarcel/*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
35898944Sobrien	} SSL3_RECORD;
35998944Sobrien
36098944Sobrientypedef struct ssl3_buffer_st
36198944Sobrien	{
36298944Sobrien	unsigned char *buf;     /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
36398944Sobrien	                         * see ssl3_setup_buffers() */
36498944Sobrien	size_t len;             /* buffer size */
36598944Sobrien	int offset;             /* where to 'copy from' */
36698944Sobrien	int left;               /* how many bytes left */
36798944Sobrien	} SSL3_BUFFER;
36898944Sobrien
36998944Sobrien#endif
37098944Sobrien
37119370Spst#define SSL3_CT_RSA_SIGN			1
37219370Spst#define SSL3_CT_DSS_SIGN			2
37398944Sobrien#define SSL3_CT_RSA_FIXED_DH			3
37419370Spst#define SSL3_CT_DSS_FIXED_DH			4
37519370Spst#define SSL3_CT_RSA_EPHEMERAL_DH		5
37619370Spst#define SSL3_CT_DSS_EPHEMERAL_DH		6
37719370Spst#define SSL3_CT_FORTEZZA_DMS			20
37898944Sobrien/* SSL3_CT_NUMBER is used to size arrays and it must be large
37919370Spst * enough to contain all of the cert types defined either for
38019370Spst * SSLv3 and TLSv1.
38119370Spst */
38219370Spst#define SSL3_CT_NUMBER			9
38319370Spst
38419370Spst
38519370Spst#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS	0x0001
38619370Spst#define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
38798944Sobrien#define SSL3_FLAGS_POP_BUFFER			0x0004
38898944Sobrien#define TLS1_FLAGS_TLS_PADDING_BUG		0x0008
38998944Sobrien#define TLS1_FLAGS_SKIP_CERT_VERIFY		0x0010
39098944Sobrien#define TLS1_FLAGS_KEEP_HANDSHAKE		0x0020
39198944Sobrien
39298944Sobrien/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
39319370Spst * restart a handshake because of MS SGC and so prevents us
39419370Spst * from restarting the handshake in a loop. It's reset on a
39546283Sdfr * renegotiation, so effectively limits the client to one restart
39619370Spst * per negotiation. This limits the possibility of a DDoS
39746283Sdfr * attack where the client handshakes in a loop using SGC to
39898944Sobrien * restart. Servers which permit renegotiation can still be
39919370Spst * effected, but we can't prevent that.
40019370Spst */
40146283Sdfr#define SSL3_FLAGS_SGC_RESTART_DONE		0x0040
40219370Spst
40346283Sdfr#ifndef OPENSSL_NO_SSL_INTERN
40446283Sdfr
40598944Sobrientypedef struct ssl3_state_st
40698944Sobrien	{
40798944Sobrien	long flags;
40898944Sobrien	int delay_buf_pop_ret;
40998944Sobrien
41098944Sobrien	unsigned char read_sequence[8];
41198944Sobrien	int read_mac_secret_size;
41298944Sobrien	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
41398944Sobrien	unsigned char write_sequence[8];
41419370Spst	int write_mac_secret_size;
41546283Sdfr	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
41646283Sdfr
41719370Spst	unsigned char server_random[SSL3_RANDOM_SIZE];
41819370Spst	unsigned char client_random[SSL3_RANDOM_SIZE];
41919370Spst
42019370Spst	/* flags for countermeasure against known-IV weakness */
42119370Spst	int need_empty_fragments;
42298944Sobrien	int empty_fragment_done;
42319370Spst
42498944Sobrien	/* The value of 'extra' when the buffers were initialized */
42519370Spst	int init_extra;
42698944Sobrien
42798944Sobrien	SSL3_BUFFER rbuf;	/* read IO goes into here */
42898944Sobrien	SSL3_BUFFER wbuf;	/* write IO goes into here */
42998944Sobrien
43019370Spst	SSL3_RECORD rrec;	/* each decoded record goes in here */
43198944Sobrien	SSL3_RECORD wrec;	/* goes out from here */
43219370Spst
43319370Spst	/* storage for Alert/Handshake protocol data received but not
43419370Spst	 * yet processed by ssl3_read_bytes: */
43598944Sobrien	unsigned char alert_fragment[2];
43619370Spst	unsigned int alert_fragment_len;
43798944Sobrien	unsigned char handshake_fragment[4];
43819370Spst	unsigned int handshake_fragment_len;
43998944Sobrien
44098944Sobrien	/* partial write - check the numbers match */
44198944Sobrien	unsigned int wnum;	/* number of bytes sent so far */
44298944Sobrien	int wpend_tot;		/* number bytes written */
44319370Spst	int wpend_type;
44498944Sobrien	int wpend_ret;		/* number of bytes submitted */
44598944Sobrien	const unsigned char *wpend_buf;
44698944Sobrien
44719370Spst	/* used during startup, digest all incoming/outgoing packets */
44819370Spst	BIO *handshake_buffer;
44998944Sobrien	/* When set of handshake digests is determined, buffer is hashed
45019370Spst	 * and freed and MD_CTX-es for all required digests are stored in
45119370Spst	 * this array */
45298944Sobrien	EVP_MD_CTX **handshake_dgst;
45319370Spst	/* this is set whenerver we see a change_cipher_spec message
45419370Spst	 * come in when we are not looking for one */
45598944Sobrien	int change_cipher_spec;
45619370Spst
45798944Sobrien	int warn_alert;
45819370Spst	int fatal_alert;
45998944Sobrien	/* we allow one fatal and one warning alert to be outstanding,
46019370Spst	 * send close alert via the warning alert */
46119370Spst	int alert_dispatch;
46219370Spst	unsigned char send_alert[2];
46398944Sobrien
46419370Spst	/* This flag is set when we should renegotiate ASAP, basically when
46598944Sobrien	 * there is no more data in the read or write buffers */
46619370Spst	int renegotiate;
46798944Sobrien	int total_renegotiations;
46898944Sobrien	int num_renegotiations;
46919370Spst
47098944Sobrien	int in_read_app_data;
47198944Sobrien
47298944Sobrien	/* Opaque PRF input as used for the current handshake.
47319370Spst	 * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
47419370Spst	 * (otherwise, they are merely present to improve binary compatibility) */
47598944Sobrien	void *client_opaque_prf_input;
47619370Spst	size_t client_opaque_prf_input_len;
47719370Spst	void *server_opaque_prf_input;
47898944Sobrien	size_t server_opaque_prf_input_len;
47919370Spst
48019370Spst	struct	{
48198944Sobrien		/* actually only needs to be 16+20 */
48219370Spst		unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
48398944Sobrien
48498944Sobrien		/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
48598944Sobrien		unsigned char finish_md[EVP_MAX_MD_SIZE*2];
48698944Sobrien		int finish_md_len;
48798944Sobrien		unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
48898944Sobrien		int peer_finish_md_len;
48998944Sobrien
49098944Sobrien		unsigned long message_size;
491130803Smarcel		int message_type;
49298944Sobrien
49398944Sobrien		/* used to hold the new cipher we are going to use */
49498944Sobrien		const SSL_CIPHER *new_cipher;
49598944Sobrien#ifndef OPENSSL_NO_DH
49698944Sobrien		DH *dh;
49798944Sobrien#endif
49898944Sobrien
49998944Sobrien#ifndef OPENSSL_NO_ECDH
50098944Sobrien		EC_KEY *ecdh; /* holds short lived ECDH key */
50198944Sobrien#endif
50298944Sobrien
50398944Sobrien		/* used when SSL_ST_FLUSH_DATA is entered */
50498944Sobrien		int next_state;
50598944Sobrien
50698944Sobrien		int reuse_message;
50798944Sobrien
50819370Spst		/* used for certificate requests */
50919370Spst		int cert_req;
51098944Sobrien		int ctype_num;
51198944Sobrien		char ctype[SSL3_CT_NUMBER];
51219370Spst		STACK_OF(X509_NAME) *ca_names;
51319370Spst
51419370Spst		int use_rsa_tmp;
51519370Spst
51619370Spst		int key_block_length;
51719370Spst		unsigned char *key_block;
51898944Sobrien
51919370Spst		const EVP_CIPHER *new_sym_enc;
52019370Spst		const EVP_MD *new_hash;
52119370Spst		int new_mac_pkey_type;
52219370Spst		int new_mac_secret_size;
52319370Spst#ifndef OPENSSL_NO_COMP
52498944Sobrien		const SSL_COMP *new_compression;
52598944Sobrien#else
52619370Spst		char *new_compression;
52719370Spst#endif
52819370Spst		int cert_request;
52998944Sobrien		} tmp;
53098944Sobrien
53198944Sobrien        /* Connection binding to prevent renegotiation attacks */
53298944Sobrien        unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
53398944Sobrien        unsigned char previous_client_finished_len;
53498944Sobrien        unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
53519370Spst        unsigned char previous_server_finished_len;
53619370Spst        int send_connection_binding; /* TODOEKR */
53719370Spst
53819370Spst#ifndef OPENSSL_NO_NEXTPROTONEG
53919370Spst	/* Set if we saw the Next Protocol Negotiation extension from our peer. */
54098944Sobrien	int next_proto_neg_seen;
54119370Spst#endif
54219370Spst
54398944Sobrien#ifndef OPENSSL_NO_TLSEXT
54419370Spst#ifndef OPENSSL_NO_EC
54598944Sobrien	/* This is set to true if we believe that this is a version of Safari
54698944Sobrien	 * running on OS X 10.6 or newer. We wish to know this because Safari
54798944Sobrien	 * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */
54819370Spst	char is_probably_safari;
54998944Sobrien#endif /* !OPENSSL_NO_EC */
55098944Sobrien#endif /* !OPENSSL_NO_TLSEXT */
55119370Spst	} SSL3_STATE;
55298944Sobrien
55398944Sobrien#endif
55498944Sobrien
55598944Sobrien/* SSLv3 */
556130803Smarcel/*client */
55798944Sobrien/* extra state */
55898944Sobrien#define SSL3_ST_CW_FLUSH		(0x100|SSL_ST_CONNECT)
55998944Sobrien#ifndef OPENSSL_NO_SCTP
56098944Sobrien#define DTLS1_SCTP_ST_CW_WRITE_SOCK			(0x310|SSL_ST_CONNECT)
56198944Sobrien#define DTLS1_SCTP_ST_CR_READ_SOCK			(0x320|SSL_ST_CONNECT)
56298944Sobrien#endif
56398944Sobrien/* write to server */
56498944Sobrien#define SSL3_ST_CW_CLNT_HELLO_A		(0x110|SSL_ST_CONNECT)
56598944Sobrien#define SSL3_ST_CW_CLNT_HELLO_B		(0x111|SSL_ST_CONNECT)
56698944Sobrien/* read from server */
56798944Sobrien#define SSL3_ST_CR_SRVR_HELLO_A		(0x120|SSL_ST_CONNECT)
56898944Sobrien#define SSL3_ST_CR_SRVR_HELLO_B		(0x121|SSL_ST_CONNECT)
56919370Spst#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
57098944Sobrien#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
57119370Spst#define SSL3_ST_CR_CERT_A		(0x130|SSL_ST_CONNECT)
57298944Sobrien#define SSL3_ST_CR_CERT_B		(0x131|SSL_ST_CONNECT)
57398944Sobrien#define SSL3_ST_CR_KEY_EXCH_A		(0x140|SSL_ST_CONNECT)
57419370Spst#define SSL3_ST_CR_KEY_EXCH_B		(0x141|SSL_ST_CONNECT)
57598944Sobrien#define SSL3_ST_CR_CERT_REQ_A		(0x150|SSL_ST_CONNECT)
57698944Sobrien#define SSL3_ST_CR_CERT_REQ_B		(0x151|SSL_ST_CONNECT)
57798944Sobrien#define SSL3_ST_CR_SRVR_DONE_A		(0x160|SSL_ST_CONNECT)
57819370Spst#define SSL3_ST_CR_SRVR_DONE_B		(0x161|SSL_ST_CONNECT)
57919370Spst/* write to server */
58098944Sobrien#define SSL3_ST_CW_CERT_A		(0x170|SSL_ST_CONNECT)
58198944Sobrien#define SSL3_ST_CW_CERT_B		(0x171|SSL_ST_CONNECT)
58219370Spst#define SSL3_ST_CW_CERT_C		(0x172|SSL_ST_CONNECT)
58319370Spst#define SSL3_ST_CW_CERT_D		(0x173|SSL_ST_CONNECT)
58419370Spst#define SSL3_ST_CW_KEY_EXCH_A		(0x180|SSL_ST_CONNECT)
58519370Spst#define SSL3_ST_CW_KEY_EXCH_B		(0x181|SSL_ST_CONNECT)
58619370Spst#define SSL3_ST_CW_CERT_VRFY_A		(0x190|SSL_ST_CONNECT)
58719370Spst#define SSL3_ST_CW_CERT_VRFY_B		(0x191|SSL_ST_CONNECT)
58819370Spst#define SSL3_ST_CW_CHANGE_A		(0x1A0|SSL_ST_CONNECT)
58998944Sobrien#define SSL3_ST_CW_CHANGE_B		(0x1A1|SSL_ST_CONNECT)
59019370Spst#ifndef OPENSSL_NO_NEXTPROTONEG
59198944Sobrien#define SSL3_ST_CW_NEXT_PROTO_A		(0x200|SSL_ST_CONNECT)
59219370Spst#define SSL3_ST_CW_NEXT_PROTO_B		(0x201|SSL_ST_CONNECT)
59398944Sobrien#endif
59498944Sobrien#define SSL3_ST_CW_FINISHED_A		(0x1B0|SSL_ST_CONNECT)
59598944Sobrien#define SSL3_ST_CW_FINISHED_B		(0x1B1|SSL_ST_CONNECT)
59698944Sobrien/* read from server */
59798944Sobrien#define SSL3_ST_CR_CHANGE_A		(0x1C0|SSL_ST_CONNECT)
59898944Sobrien#define SSL3_ST_CR_CHANGE_B		(0x1C1|SSL_ST_CONNECT)
59919370Spst#define SSL3_ST_CR_FINISHED_A		(0x1D0|SSL_ST_CONNECT)
60019370Spst#define SSL3_ST_CR_FINISHED_B		(0x1D1|SSL_ST_CONNECT)
601130803Smarcel#define SSL3_ST_CR_SESSION_TICKET_A	(0x1E0|SSL_ST_CONNECT)
60219370Spst#define SSL3_ST_CR_SESSION_TICKET_B	(0x1E1|SSL_ST_CONNECT)
60319370Spst#define SSL3_ST_CR_CERT_STATUS_A	(0x1F0|SSL_ST_CONNECT)
604130803Smarcel#define SSL3_ST_CR_CERT_STATUS_B	(0x1F1|SSL_ST_CONNECT)
60519370Spst
606130803Smarcel/* server */
60719370Spst/* extra state */
60819370Spst#define SSL3_ST_SW_FLUSH		(0x100|SSL_ST_ACCEPT)
60998944Sobrien#ifndef OPENSSL_NO_SCTP
61098944Sobrien#define DTLS1_SCTP_ST_SW_WRITE_SOCK			(0x310|SSL_ST_ACCEPT)
61198944Sobrien#define DTLS1_SCTP_ST_SR_READ_SOCK			(0x320|SSL_ST_ACCEPT)
61298944Sobrien#endif
61398944Sobrien/* read from client */
614130803Smarcel/* Do not change the number values, they do matter */
61598944Sobrien#define SSL3_ST_SR_CLNT_HELLO_A		(0x110|SSL_ST_ACCEPT)
61698944Sobrien#define SSL3_ST_SR_CLNT_HELLO_B		(0x111|SSL_ST_ACCEPT)
61798944Sobrien#define SSL3_ST_SR_CLNT_HELLO_C		(0x112|SSL_ST_ACCEPT)
61898944Sobrien/* write to client */
61998944Sobrien#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
62098944Sobrien#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
62198944Sobrien#define SSL3_ST_SW_HELLO_REQ_A		(0x120|SSL_ST_ACCEPT)
62298944Sobrien#define SSL3_ST_SW_HELLO_REQ_B		(0x121|SSL_ST_ACCEPT)
62398944Sobrien#define SSL3_ST_SW_HELLO_REQ_C		(0x122|SSL_ST_ACCEPT)
62498944Sobrien#define SSL3_ST_SW_SRVR_HELLO_A		(0x130|SSL_ST_ACCEPT)
62598944Sobrien#define SSL3_ST_SW_SRVR_HELLO_B		(0x131|SSL_ST_ACCEPT)
62698944Sobrien#define SSL3_ST_SW_CERT_A		(0x140|SSL_ST_ACCEPT)
62798944Sobrien#define SSL3_ST_SW_CERT_B		(0x141|SSL_ST_ACCEPT)
62898944Sobrien#define SSL3_ST_SW_KEY_EXCH_A		(0x150|SSL_ST_ACCEPT)
62998944Sobrien#define SSL3_ST_SW_KEY_EXCH_B		(0x151|SSL_ST_ACCEPT)
63098944Sobrien#define SSL3_ST_SW_CERT_REQ_A		(0x160|SSL_ST_ACCEPT)
63198944Sobrien#define SSL3_ST_SW_CERT_REQ_B		(0x161|SSL_ST_ACCEPT)
63298944Sobrien#define SSL3_ST_SW_SRVR_DONE_A		(0x170|SSL_ST_ACCEPT)
63398944Sobrien#define SSL3_ST_SW_SRVR_DONE_B		(0x171|SSL_ST_ACCEPT)
63498944Sobrien/* read from client */
63598944Sobrien#define SSL3_ST_SR_CERT_A		(0x180|SSL_ST_ACCEPT)
63698944Sobrien#define SSL3_ST_SR_CERT_B		(0x181|SSL_ST_ACCEPT)
63798944Sobrien#define SSL3_ST_SR_KEY_EXCH_A		(0x190|SSL_ST_ACCEPT)
63898944Sobrien#define SSL3_ST_SR_KEY_EXCH_B		(0x191|SSL_ST_ACCEPT)
63998944Sobrien#define SSL3_ST_SR_CERT_VRFY_A		(0x1A0|SSL_ST_ACCEPT)
64098944Sobrien#define SSL3_ST_SR_CERT_VRFY_B		(0x1A1|SSL_ST_ACCEPT)
64198944Sobrien#define SSL3_ST_SR_CHANGE_A		(0x1B0|SSL_ST_ACCEPT)
64298944Sobrien#define SSL3_ST_SR_CHANGE_B		(0x1B1|SSL_ST_ACCEPT)
64398944Sobrien#ifndef OPENSSL_NO_NEXTPROTONEG
64498944Sobrien#define SSL3_ST_SR_NEXT_PROTO_A		(0x210|SSL_ST_ACCEPT)
64598944Sobrien#define SSL3_ST_SR_NEXT_PROTO_B		(0x211|SSL_ST_ACCEPT)
64698944Sobrien#endif
64798944Sobrien#define SSL3_ST_SR_FINISHED_A		(0x1C0|SSL_ST_ACCEPT)
64898944Sobrien#define SSL3_ST_SR_FINISHED_B		(0x1C1|SSL_ST_ACCEPT)
64998944Sobrien/* write to client */
65098944Sobrien#define SSL3_ST_SW_CHANGE_A		(0x1D0|SSL_ST_ACCEPT)
65198944Sobrien#define SSL3_ST_SW_CHANGE_B		(0x1D1|SSL_ST_ACCEPT)
65298944Sobrien#define SSL3_ST_SW_FINISHED_A		(0x1E0|SSL_ST_ACCEPT)
653130803Smarcel#define SSL3_ST_SW_FINISHED_B		(0x1E1|SSL_ST_ACCEPT)
65498944Sobrien#define SSL3_ST_SW_SESSION_TICKET_A	(0x1F0|SSL_ST_ACCEPT)
65598944Sobrien#define SSL3_ST_SW_SESSION_TICKET_B	(0x1F1|SSL_ST_ACCEPT)
65698944Sobrien#define SSL3_ST_SW_CERT_STATUS_A	(0x200|SSL_ST_ACCEPT)
65798944Sobrien#define SSL3_ST_SW_CERT_STATUS_B	(0x201|SSL_ST_ACCEPT)
65898944Sobrien
65998944Sobrien#define SSL3_MT_HELLO_REQUEST			0
66098944Sobrien#define SSL3_MT_CLIENT_HELLO			1
66198944Sobrien#define SSL3_MT_SERVER_HELLO			2
66298944Sobrien#define	SSL3_MT_NEWSESSION_TICKET		4
66398944Sobrien#define SSL3_MT_CERTIFICATE			11
66498944Sobrien#define SSL3_MT_SERVER_KEY_EXCHANGE		12
66598944Sobrien#define SSL3_MT_CERTIFICATE_REQUEST		13
66698944Sobrien#define SSL3_MT_SERVER_DONE			14
66798944Sobrien#define SSL3_MT_CERTIFICATE_VERIFY		15
66898944Sobrien#define SSL3_MT_CLIENT_KEY_EXCHANGE		16
66998944Sobrien#define SSL3_MT_FINISHED			20
67098944Sobrien#define SSL3_MT_CERTIFICATE_STATUS		22
67198944Sobrien#ifndef OPENSSL_NO_NEXTPROTONEG
67298944Sobrien#define SSL3_MT_NEXT_PROTO			67
67398944Sobrien#endif
67498944Sobrien#define DTLS1_MT_HELLO_VERIFY_REQUEST    3
675130803Smarcel
67698944Sobrien
67719370Spst#define SSL3_MT_CCS				1
67819370Spst
67919370Spst/* These are used when changing over to a new cipher */
68098944Sobrien#define SSL3_CC_READ		0x01
68119370Spst#define SSL3_CC_WRITE		0x02
68298944Sobrien#define SSL3_CC_CLIENT		0x10
68319370Spst#define SSL3_CC_SERVER		0x20
68498944Sobrien#define SSL3_CHANGE_CIPHER_CLIENT_WRITE	(SSL3_CC_CLIENT|SSL3_CC_WRITE)
68598944Sobrien#define SSL3_CHANGE_CIPHER_SERVER_READ	(SSL3_CC_SERVER|SSL3_CC_READ)
68698944Sobrien#define SSL3_CHANGE_CIPHER_CLIENT_READ	(SSL3_CC_CLIENT|SSL3_CC_READ)
68798944Sobrien#define SSL3_CHANGE_CIPHER_SERVER_WRITE	(SSL3_CC_SERVER|SSL3_CC_WRITE)
68898944Sobrien
68998944Sobrien#ifdef  __cplusplus
69019370Spst}
69119370Spst#endif
69219370Spst#endif
69319370Spst
69498944Sobrien