1 /* ssl/ssl3.h */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #ifndef HEADER_SSL3_H 60 #define HEADER_SSL3_H 61 62 #ifndef NO_COMP 63 #include <openssl/comp.h> 64 #endif 65 #include <openssl/buffer.h> 66 #include <openssl/evp.h> 67 #include <openssl/ssl.h> 68 69 #ifdef __cplusplus 70 extern "C" { 71 #endif 72 73 #define SSL3_CK_RSA_NULL_MD5 0x03000001 74 #define SSL3_CK_RSA_NULL_SHA 0x03000002 75 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003 76 #define SSL3_CK_RSA_RC4_128_MD5 0x03000004 77 #define SSL3_CK_RSA_RC4_128_SHA 0x03000005 78 #define SSL3_CK_RSA_RC2_40_MD5 0x03000006 79 #define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 80 #define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 81 #define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 82 #define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A 83 84 #define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B 85 #define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C 86 #define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D 87 #define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E 88 #define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F 89 #define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 90 91 #define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 92 #define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 93 #define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 94 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 95 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 96 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 97 98 #define SSL3_CK_ADH_RC4_40_MD5 0x03000017 99 #define SSL3_CK_ADH_RC4_128_MD5 0x03000018 100 #define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 101 #define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A 102 #define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B 103 104 #define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C 105 #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D 106 #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E 107 108 #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" 109 #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" 110 #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" 111 #define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" 112 #define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" 113 #define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" 114 #define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" 115 #define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" 116 #define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" 117 #define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" 118 119 #define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" 120 #define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" 121 #define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" 122 #define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" 123 #define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" 124 #define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" 125 126 #define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" 127 #define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" 128 #define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" 129 #define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" 130 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" 131 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" 132 133 #define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" 134 #define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" 135 #define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" 136 #define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" 137 #define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" 138 139 #define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" 140 #define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" 141 #define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" 142 143 #define SSL3_SSL_SESSION_ID_LENGTH 32 144 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 145 146 #define SSL3_MASTER_SECRET_SIZE 48 147 #define SSL3_RANDOM_SIZE 32 148 #define SSL3_SESSION_ID_SIZE 32 149 #define SSL3_RT_HEADER_LENGTH 5 150 151 /* Due to MS stuffing up, this can change.... */ 152 #if defined(WIN16) || (defined(MSDOS) && !defined(WIN32)) 153 #define SSL3_RT_MAX_EXTRA (14000) 154 #else 155 #define SSL3_RT_MAX_EXTRA (16384) 156 #endif 157 158 #define SSL3_RT_MAX_PLAIN_LENGTH 16384 159 #define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) 160 #define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) 161 #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) 162 #define SSL3_RT_MAX_DATA_SIZE (1024*1024) 163 164 #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" 165 #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" 166 167 #define SSL3_VERSION 0x0300 168 #define SSL3_VERSION_MAJOR 0x03 169 #define SSL3_VERSION_MINOR 0x00 170 171 #define SSL3_RT_CHANGE_CIPHER_SPEC 20 172 #define SSL3_RT_ALERT 21 173 #define SSL3_RT_HANDSHAKE 22 174 #define SSL3_RT_APPLICATION_DATA 23 175 176 #define SSL3_AL_WARNING 1 177 #define SSL3_AL_FATAL 2 178 179 #define SSL3_AD_CLOSE_NOTIFY 0 180 #define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ 181 #define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ 182 #define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ 183 #define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ 184 #define SSL3_AD_NO_CERTIFICATE 41 185 #define SSL3_AD_BAD_CERTIFICATE 42 186 #define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 187 #define SSL3_AD_CERTIFICATE_REVOKED 44 188 #define SSL3_AD_CERTIFICATE_EXPIRED 45 189 #define SSL3_AD_CERTIFICATE_UNKNOWN 46 190 #define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ 191 192 typedef struct ssl3_record_st 193 { 194 /*r */ int type; /* type of record */ 195 /*rw*/ unsigned int length; /* How many bytes available */ 196 /*r */ unsigned int off; /* read/write offset into 'buf' */ 197 /*rw*/ unsigned char *data; /* pointer to the record data */ 198 /*rw*/ unsigned char *input; /* where the decode bytes are */ 199 /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ 200 } SSL3_RECORD; 201 202 typedef struct ssl3_buffer_st 203 { 204 unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if 205 * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */ 206 int offset; /* where to 'copy from' */ 207 int left; /* how many bytes left */ 208 } SSL3_BUFFER; 209 210 #define SSL3_CT_RSA_SIGN 1 211 #define SSL3_CT_DSS_SIGN 2 212 #define SSL3_CT_RSA_FIXED_DH 3 213 #define SSL3_CT_DSS_FIXED_DH 4 214 #define SSL3_CT_RSA_EPHEMERAL_DH 5 215 #define SSL3_CT_DSS_EPHEMERAL_DH 6 216 #define SSL3_CT_FORTEZZA_DMS 20 217 #define SSL3_CT_NUMBER 7 218 219 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 220 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 221 #define SSL3_FLAGS_POP_BUFFER 0x0004 222 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 223 224 typedef struct ssl3_state_st 225 { 226 long flags; 227 int delay_buf_pop_ret; 228 229 unsigned char read_sequence[8]; 230 unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; 231 unsigned char write_sequence[8]; 232 unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; 233 234 unsigned char server_random[SSL3_RANDOM_SIZE]; 235 unsigned char client_random[SSL3_RANDOM_SIZE]; 236 237 SSL3_BUFFER rbuf; /* read IO goes into here */ 238 SSL3_BUFFER wbuf; /* write IO goes into here */ 239 240 SSL3_RECORD rrec; /* each decoded record goes in here */ 241 SSL3_RECORD wrec; /* goes out from here */ 242 243 /* storage for Alert/Handshake protocol data received but not 244 * yet processed by ssl3_read_bytes: */ 245 unsigned char alert_fragment[2]; 246 unsigned int alert_fragment_len; 247 unsigned char handshake_fragment[4]; 248 unsigned int handshake_fragment_len; 249 250 /* partial write - check the numbers match */ 251 unsigned int wnum; /* number of bytes sent so far */ 252 int wpend_tot; /* number bytes written */ 253 int wpend_type; 254 int wpend_ret; /* number of bytes submitted */ 255 const unsigned char *wpend_buf; 256 257 /* used during startup, digest all incoming/outgoing packets */ 258 EVP_MD_CTX finish_dgst1; 259 EVP_MD_CTX finish_dgst2; 260 261 /* this is set whenerver we see a change_cipher_spec message 262 * come in when we are not looking for one */ 263 int change_cipher_spec; 264 265 int warn_alert; 266 int fatal_alert; 267 /* we allow one fatal and one warning alert to be outstanding, 268 * send close alert via the warning alert */ 269 int alert_dispatch; 270 unsigned char send_alert[2]; 271 272 /* This flag is set when we should renegotiate ASAP, basically when 273 * there is no more data in the read or write buffers */ 274 int renegotiate; 275 int total_renegotiations; 276 int num_renegotiations; 277 278 int in_read_app_data; 279 280 struct { 281 /* actually only needs to be 16+20 */ 282 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; 283 284 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ 285 unsigned char finish_md[EVP_MAX_MD_SIZE*2]; 286 int finish_md_len; 287 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2]; 288 int peer_finish_md_len; 289 290 unsigned long message_size; 291 int message_type; 292 293 /* used to hold the new cipher we are going to use */ 294 SSL_CIPHER *new_cipher; 295 #ifndef NO_DH 296 DH *dh; 297 #endif 298 /* used when SSL_ST_FLUSH_DATA is entered */ 299 int next_state; 300 301 int reuse_message; 302 303 /* used for certificate requests */ 304 int cert_req; 305 int ctype_num; 306 char ctype[SSL3_CT_NUMBER]; 307 STACK_OF(X509_NAME) *ca_names; 308 309 int use_rsa_tmp; 310 311 int key_block_length; 312 unsigned char *key_block; 313 314 const EVP_CIPHER *new_sym_enc; 315 const EVP_MD *new_hash; 316 #ifndef NO_COMP 317 const SSL_COMP *new_compression; 318 #else 319 char *new_compression; 320 #endif 321 int cert_request; 322 } tmp; 323 324 } SSL3_STATE; 325 326 /* SSLv3 */ 327 /*client */ 328 /* extra state */ 329 #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) 330 /* write to server */ 331 #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) 332 #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) 333 /* read from server */ 334 #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) 335 #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) 336 #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) 337 #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) 338 #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) 339 #define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) 340 #define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) 341 #define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) 342 #define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) 343 #define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) 344 /* write to server */ 345 #define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) 346 #define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) 347 #define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) 348 #define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) 349 #define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) 350 #define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) 351 #define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) 352 #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) 353 #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) 354 #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) 355 #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) 356 #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) 357 /* read from server */ 358 #define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) 359 #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) 360 #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) 361 #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) 362 363 /* server */ 364 /* extra state */ 365 #define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) 366 /* read from client */ 367 /* Do not change the number values, they do matter */ 368 #define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) 369 #define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) 370 #define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) 371 /* write to client */ 372 #define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) 373 #define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) 374 #define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) 375 #define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) 376 #define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) 377 #define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) 378 #define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) 379 #define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) 380 #define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) 381 #define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) 382 #define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) 383 #define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) 384 #define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) 385 /* read from client */ 386 #define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) 387 #define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) 388 #define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) 389 #define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) 390 #define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) 391 #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) 392 #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) 393 #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) 394 #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) 395 #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) 396 /* write to client */ 397 #define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) 398 #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) 399 #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) 400 #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) 401 402 #define SSL3_MT_HELLO_REQUEST 0 403 #define SSL3_MT_CLIENT_HELLO 1 404 #define SSL3_MT_SERVER_HELLO 2 405 #define SSL3_MT_CERTIFICATE 11 406 #define SSL3_MT_SERVER_KEY_EXCHANGE 12 407 #define SSL3_MT_CERTIFICATE_REQUEST 13 408 #define SSL3_MT_SERVER_DONE 14 409 #define SSL3_MT_CERTIFICATE_VERIFY 15 410 #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 411 #define SSL3_MT_FINISHED 20 412 413 #define SSL3_MT_CCS 1 414 415 /* These are used when changing over to a new cipher */ 416 #define SSL3_CC_READ 0x01 417 #define SSL3_CC_WRITE 0x02 418 #define SSL3_CC_CLIENT 0x10 419 #define SSL3_CC_SERVER 0x20 420 #define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) 421 #define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) 422 #define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) 423 #define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) 424 425 #ifdef __cplusplus 426 } 427 #endif 428 #endif 429 430