ssl2.h

Go to the documentation of this file.
00001 /* ssl/ssl2.h */
00002 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
00003  * All rights reserved.
00004  *
00005  * This package is an SSL implementation written
00006  * by Eric Young (eay@cryptsoft.com).
00007  * The implementation was written so as to conform with Netscapes SSL.
00008  *
00009  * This library is free for commercial and non-commercial use as long as
00010  * the following conditions are aheared to.  The following conditions
00011  * apply to all code found in this distribution, be it the RC4, RSA,
00012  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
00013  * included with this distribution is covered by the same copyright terms
00014  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
00015  *
00016  * Copyright remains Eric Young's, and as such any Copyright notices in
00017  * the code are not to be removed.
00018  * If this package is used in a product, Eric Young should be given attribution
00019  * as the author of the parts of the library used.
00020  * This can be in the form of a textual message at program startup or
00021  * in documentation (online or textual) provided with the package.
00022  *
00023  * Redistribution and use in source and binary forms, with or without
00024  * modification, are permitted provided that the following conditions
00025  * are met:
00026  * 1. Redistributions of source code must retain the copyright
00027  *    notice, this list of conditions and the following disclaimer.
00028  * 2. Redistributions in binary form must reproduce the above copyright
00029  *    notice, this list of conditions and the following disclaimer in the
00030  *    documentation and/or other materials provided with the distribution.
00031  * 3. All advertising materials mentioning features or use of this software
00032  *    must display the following acknowledgement:
00033  *    "This product includes cryptographic software written by
00034  *     Eric Young (eay@cryptsoft.com)"
00035  *    The word 'cryptographic' can be left out if the rouines from the library
00036  *    being used are not cryptographic related :-).
00037  * 4. If you include any Windows specific code (or a derivative thereof) from
00038  *    the apps directory (application code) you must include an acknowledgement:
00039  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
00040  *
00041  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
00042  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00043  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00044  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
00045  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
00046  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
00047  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
00049  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
00050  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00051  * SUCH DAMAGE.
00052  *
00053  * The licence and distribution terms for any publically available version or
00054  * derivative of this code cannot be changed.  i.e. this code cannot simply be
00055  * copied and put under another distribution licence
00056  * [including the GNU Public Licence.]
00057  */
00058 
00059 #ifndef HEADER_SSL2_H
00060 #define HEADER_SSL2_H
00061 
00062 #ifdef  __cplusplus
00063 extern "C" {
00064 #endif
00065 
00066 /* Protocol Version Codes */
00067 #define SSL2_VERSION    0x0002
00068 #define SSL2_VERSION_MAJOR 0x00
00069 #define SSL2_VERSION_MINOR 0x02
00070 /* #define SSL2_CLIENT_VERSION   0x0002 */
00071 /* #define SSL2_SERVER_VERSION   0x0002 */
00072 
00073 /* Protocol Message Codes */
00074 #define SSL2_MT_ERROR         0
00075 #define SSL2_MT_CLIENT_HELLO     1
00076 #define SSL2_MT_CLIENT_MASTER_KEY   2
00077 #define SSL2_MT_CLIENT_FINISHED     3
00078 #define SSL2_MT_SERVER_HELLO     4
00079 #define SSL2_MT_SERVER_VERIFY    5
00080 #define SSL2_MT_SERVER_FINISHED     6
00081 #define SSL2_MT_REQUEST_CERTIFICATE 7
00082 #define SSL2_MT_CLIENT_CERTIFICATE  8
00083 
00084 /* Error Message Codes */
00085 #define SSL2_PE_UNDEFINED_ERROR     0x0000
00086 #define SSL2_PE_NO_CIPHER     0x0001
00087 #define SSL2_PE_NO_CERTIFICATE      0x0002
00088 #define SSL2_PE_BAD_CERTIFICATE     0x0004
00089 #define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
00090 
00091 /* Cipher Kind Values */
00092 #define SSL2_CK_NULL_WITH_MD5       0x02000000 /* v3 */
00093 #define SSL2_CK_RC4_128_WITH_MD5    0x02010080
00094 #define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
00095 #define SSL2_CK_RC2_128_CBC_WITH_MD5      0x02030080
00096 #define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5   0x02040080
00097 #define SSL2_CK_IDEA_128_CBC_WITH_MD5     0x02050080
00098 #define SSL2_CK_DES_64_CBC_WITH_MD5    0x02060040
00099 #define SSL2_CK_DES_64_CBC_WITH_SHA    0x02060140 /* v3 */
00100 #define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
00101 #define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
00102 #define SSL2_CK_RC4_64_WITH_MD5        0x02080080 /* MS hack */
00103 
00104 #define SSL2_CK_DES_64_CFB64_WITH_MD5_1      0x02ff0800 /* SSLeay */
00105 #define SSL2_CK_NULL          0x02ff0810 /* SSLeay */
00106 
00107 #define SSL2_TXT_DES_64_CFB64_WITH_MD5_1  "DES-CFB-M1"
00108 #define SSL2_TXT_NULL_WITH_MD5         "NULL-MD5"
00109 #define SSL2_TXT_RC4_128_WITH_MD5      "RC4-MD5"
00110 #define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5   "EXP-RC4-MD5"
00111 #define SSL2_TXT_RC2_128_CBC_WITH_MD5     "RC2-CBC-MD5"
00112 #define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5  "EXP-RC2-CBC-MD5"
00113 #define SSL2_TXT_IDEA_128_CBC_WITH_MD5    "IDEA-CBC-MD5"
00114 #define SSL2_TXT_DES_64_CBC_WITH_MD5      "DES-CBC-MD5"
00115 #define SSL2_TXT_DES_64_CBC_WITH_SHA      "DES-CBC-SHA"
00116 #define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5   "DES-CBC3-MD5"
00117 #define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA   "DES-CBC3-SHA"
00118 #define SSL2_TXT_RC4_64_WITH_MD5    "RC4-64-MD5"
00119 
00120 #define SSL2_TXT_NULL            "NULL"
00121 
00122 /* Flags for the SSL_CIPHER.algorithm2 field */
00123 #define SSL2_CF_5_BYTE_ENC       0x01
00124 #define SSL2_CF_8_BYTE_ENC       0x02
00125 
00126 /* Certificate Type Codes */
00127 #define SSL2_CT_X509_CERTIFICATE    0x01
00128 
00129 /* Authentication Type Code */
00130 #define SSL2_AT_MD5_WITH_RSA_ENCRYPTION      0x01
00131 
00132 #define SSL2_MAX_SSL_SESSION_ID_LENGTH    32
00133 
00134 /* Upper/Lower Bounds */
00135 #define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS   256
00136 #ifdef OPENSSL_SYS_MPE
00137 #define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
00138 #else
00139 #define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u  /* 2^15-1 */
00140 #endif
00141 #define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
00142 
00143 #define SSL2_CHALLENGE_LENGTH 16
00144 /*#define SSL2_CHALLENGE_LENGTH  32 */
00145 #define SSL2_MIN_CHALLENGE_LENGTH   16
00146 #define SSL2_MAX_CHALLENGE_LENGTH   32
00147 #define SSL2_CONNECTION_ID_LENGTH   16
00148 #define SSL2_MAX_CONNECTION_ID_LENGTH  16
00149 #define SSL2_SSL_SESSION_ID_LENGTH  16
00150 #define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
00151 #define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
00152 #define SSL2_MAX_KEY_MATERIAL_LENGTH   24
00153 
00154 #ifndef HEADER_SSL_LOCL_H
00155 #define  CERT     char
00156 #endif
00157 
00158 typedef struct ssl2_state_st
00159    {
00160    int three_byte_header;
00161    int clear_text;      /* clear text */
00162    int escape;    /* not used in SSLv2 */
00163    int ssl2_rollback;   /* used if SSLv23 rolled back to SSLv2 */
00164 
00165    /* non-blocking io info, used to make sure the same
00166     * args were passwd */
00167    unsigned int wnum;   /* number of bytes sent so far */
00168    int wpend_tot;
00169    const unsigned char *wpend_buf;
00170 
00171    int wpend_off; /* offset to data to write */
00172    int wpend_len;    /* number of bytes passwd to write */
00173    int wpend_ret;    /* number of bytes to return to caller */
00174 
00175    /* buffer raw data */
00176    int rbuf_left;
00177    int rbuf_offs;
00178    unsigned char *rbuf;
00179    unsigned char *wbuf;
00180 
00181    unsigned char *write_ptr;/* used to point to the start due to
00182               * 2/3 byte header. */
00183 
00184    unsigned int padding;
00185    unsigned int rlength; /* passed to ssl2_enc */
00186    int ract_data_length; /* Set when things are encrypted. */
00187    unsigned int wlength; /* passed to ssl2_enc */
00188    int wact_data_length; /* Set when things are decrypted. */
00189    unsigned char *ract_data;
00190    unsigned char *wact_data;
00191    unsigned char *mac_data;
00192 
00193    unsigned char *read_key;
00194    unsigned char *write_key;
00195 
00196       /* Stuff specifically to do with this SSL session */
00197    unsigned int challenge_length;
00198    unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
00199    unsigned int conn_id_length;
00200    unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
00201    unsigned int key_material_length;
00202    unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
00203 
00204    unsigned long read_sequence;
00205    unsigned long write_sequence;
00206 
00207    struct   {
00208       unsigned int conn_id_length;
00209       unsigned int cert_type;
00210       unsigned int cert_length;
00211       unsigned int csl;
00212       unsigned int clear;
00213       unsigned int enc;
00214       unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
00215       unsigned int cipher_spec_length;
00216       unsigned int session_id_length;
00217       unsigned int clen;
00218       unsigned int rlen;
00219       } tmp;
00220    } SSL2_STATE;
00221 
00222 /* SSLv2 */
00223 /* client */
00224 #define SSL2_ST_SEND_CLIENT_HELLO_A    (0x10|SSL_ST_CONNECT)
00225 #define SSL2_ST_SEND_CLIENT_HELLO_B    (0x11|SSL_ST_CONNECT)
00226 #define SSL2_ST_GET_SERVER_HELLO_A     (0x20|SSL_ST_CONNECT)
00227 #define SSL2_ST_GET_SERVER_HELLO_B     (0x21|SSL_ST_CONNECT)
00228 #define SSL2_ST_SEND_CLIENT_MASTER_KEY_A  (0x30|SSL_ST_CONNECT)
00229 #define SSL2_ST_SEND_CLIENT_MASTER_KEY_B  (0x31|SSL_ST_CONNECT)
00230 #define SSL2_ST_SEND_CLIENT_FINISHED_A    (0x40|SSL_ST_CONNECT)
00231 #define SSL2_ST_SEND_CLIENT_FINISHED_B    (0x41|SSL_ST_CONNECT)
00232 #define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
00233 #define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
00234 #define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
00235 #define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
00236 #define SSL2_ST_GET_SERVER_VERIFY_A    (0x60|SSL_ST_CONNECT)
00237 #define SSL2_ST_GET_SERVER_VERIFY_B    (0x61|SSL_ST_CONNECT)
00238 #define SSL2_ST_GET_SERVER_FINISHED_A     (0x70|SSL_ST_CONNECT)
00239 #define SSL2_ST_GET_SERVER_FINISHED_B     (0x71|SSL_ST_CONNECT)
00240 #define SSL2_ST_CLIENT_START_ENCRYPTION      (0x80|SSL_ST_CONNECT)
00241 #define SSL2_ST_X509_GET_CLIENT_CERTIFICATE  (0x90|SSL_ST_CONNECT)
00242 /* server */
00243 #define SSL2_ST_GET_CLIENT_HELLO_A     (0x10|SSL_ST_ACCEPT)
00244 #define SSL2_ST_GET_CLIENT_HELLO_B     (0x11|SSL_ST_ACCEPT)
00245 #define SSL2_ST_GET_CLIENT_HELLO_C     (0x12|SSL_ST_ACCEPT)
00246 #define SSL2_ST_SEND_SERVER_HELLO_A    (0x20|SSL_ST_ACCEPT)
00247 #define SSL2_ST_SEND_SERVER_HELLO_B    (0x21|SSL_ST_ACCEPT)
00248 #define SSL2_ST_GET_CLIENT_MASTER_KEY_A      (0x30|SSL_ST_ACCEPT)
00249 #define SSL2_ST_GET_CLIENT_MASTER_KEY_B      (0x31|SSL_ST_ACCEPT)
00250 #define SSL2_ST_SEND_SERVER_VERIFY_A      (0x40|SSL_ST_ACCEPT)
00251 #define SSL2_ST_SEND_SERVER_VERIFY_B      (0x41|SSL_ST_ACCEPT)
00252 #define SSL2_ST_SEND_SERVER_VERIFY_C      (0x42|SSL_ST_ACCEPT)
00253 #define SSL2_ST_GET_CLIENT_FINISHED_A     (0x50|SSL_ST_ACCEPT)
00254 #define SSL2_ST_GET_CLIENT_FINISHED_B     (0x51|SSL_ST_ACCEPT)
00255 #define SSL2_ST_SEND_SERVER_FINISHED_A    (0x60|SSL_ST_ACCEPT)
00256 #define SSL2_ST_SEND_SERVER_FINISHED_B    (0x61|SSL_ST_ACCEPT)
00257 #define SSL2_ST_SEND_REQUEST_CERTIFICATE_A   (0x70|SSL_ST_ACCEPT)
00258 #define SSL2_ST_SEND_REQUEST_CERTIFICATE_B   (0x71|SSL_ST_ACCEPT)
00259 #define SSL2_ST_SEND_REQUEST_CERTIFICATE_C   (0x72|SSL_ST_ACCEPT)
00260 #define SSL2_ST_SEND_REQUEST_CERTIFICATE_D   (0x73|SSL_ST_ACCEPT)
00261 #define SSL2_ST_SERVER_START_ENCRYPTION      (0x80|SSL_ST_ACCEPT)
00262 #define SSL2_ST_X509_GET_SERVER_CERTIFICATE  (0x90|SSL_ST_ACCEPT)
00263 
00264 #ifdef  __cplusplus
00265 }
00266 #endif
00267 #endif
00268
Generated on Thu Aug 20 22:33:05 2009 for OpenXDAS by  doxygen 1.5.6