Home | History | Annotate | Download | only in openssl
      1 /* ssl/ssl3.h */
      2 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com)
      3  * All rights reserved.
      4  *
      5  * This package is an SSL implementation written
      6  * by Eric Young (eay (at) cryptsoft.com).
      7  * The implementation was written so as to conform with Netscapes SSL.
      8  *
      9  * This library is free for commercial and non-commercial use as long as
     10  * the following conditions are aheared to.  The following conditions
     11  * apply to all code found in this distribution, be it the RC4, RSA,
     12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
     13  * included with this distribution is covered by the same copyright terms
     14  * except that the holder is Tim Hudson (tjh (at) cryptsoft.com).
     15  *
     16  * Copyright remains Eric Young's, and as such any Copyright notices in
     17  * the code are not to be removed.
     18  * If this package is used in a product, Eric Young should be given attribution
     19  * as the author of the parts of the library used.
     20  * This can be in the form of a textual message at program startup or
     21  * in documentation (online or textual) provided with the package.
     22  *
     23  * Redistribution and use in source and binary forms, with or without
     24  * modification, are permitted provided that the following conditions
     25  * are met:
     26  * 1. Redistributions of source code must retain the copyright
     27  *    notice, this list of conditions and the following disclaimer.
     28  * 2. Redistributions in binary form must reproduce the above copyright
     29  *    notice, this list of conditions and the following disclaimer in the
     30  *    documentation and/or other materials provided with the distribution.
     31  * 3. All advertising materials mentioning features or use of this software
     32  *    must display the following acknowledgement:
     33  *    "This product includes cryptographic software written by
     34  *     Eric Young (eay (at) cryptsoft.com)"
     35  *    The word 'cryptographic' can be left out if the rouines from the library
     36  *    being used are not cryptographic related :-).
     37  * 4. If you include any Windows specific code (or a derivative thereof) from
     38  *    the apps directory (application code) you must include an acknowledgement:
     39  *    "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)"
     40  *
     41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
     42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
     45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     51  * SUCH DAMAGE.
     52  *
     53  * The licence and distribution terms for any publically available version or
     54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
     55  * copied and put under another distribution licence
     56  * [including the GNU Public Licence.]
     57  */
     58 /* ====================================================================
     59  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
     60  *
     61  * Redistribution and use in source and binary forms, with or without
     62  * modification, are permitted provided that the following conditions
     63  * are met:
     64  *
     65  * 1. Redistributions of source code must retain the above copyright
     66  *    notice, this list of conditions and the following disclaimer.
     67  *
     68  * 2. Redistributions in binary form must reproduce the above copyright
     69  *    notice, this list of conditions and the following disclaimer in
     70  *    the documentation and/or other materials provided with the
     71  *    distribution.
     72  *
     73  * 3. All advertising materials mentioning features or use of this
     74  *    software must display the following acknowledgment:
     75  *    "This product includes software developed by the OpenSSL Project
     76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
     77  *
     78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
     79  *    endorse or promote products derived from this software without
     80  *    prior written permission. For written permission, please contact
     81  *    openssl-core (at) openssl.org.
     82  *
     83  * 5. Products derived from this software may not be called "OpenSSL"
     84  *    nor may "OpenSSL" appear in their names without prior written
     85  *    permission of the OpenSSL Project.
     86  *
     87  * 6. Redistributions of any form whatsoever must retain the following
     88  *    acknowledgment:
     89  *    "This product includes software developed by the OpenSSL Project
     90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
     91  *
     92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
     93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
     96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    103  * OF THE POSSIBILITY OF SUCH DAMAGE.
    104  * ====================================================================
    105  *
    106  * This product includes cryptographic software written by Eric Young
    107  * (eay (at) cryptsoft.com).  This product includes software written by Tim
    108  * Hudson (tjh (at) cryptsoft.com).
    109  *
    110  */
    111 /* ====================================================================
    112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
    113  * ECC cipher suite support in OpenSSL originally developed by
    114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
    115  */
    116 
    117 #ifndef OPENSSL_HEADER_SSL3_H
    118 #define OPENSSL_HEADER_SSL3_H
    119 
    120 #include <openssl/aead.h>
    121 #include <openssl/type_check.h>
    122 
    123 #ifdef  __cplusplus
    124 extern "C" {
    125 #endif
    126 
    127 
    128 /* These are kept to support clients that negotiates higher protocol versions
    129  * using SSLv2 client hello records. */
    130 #define SSL2_MT_CLIENT_HELLO 1
    131 #define SSL2_VERSION 0x0002
    132 
    133 /* Signalling cipher suite value from RFC 5746. */
    134 #define SSL3_CK_SCSV 0x030000FF
    135 /* Fallback signalling cipher suite value from RFC 7507. */
    136 #define SSL3_CK_FALLBACK_SCSV 0x03005600
    137 
    138 #define SSL3_CK_RSA_NULL_MD5 0x03000001
    139 #define SSL3_CK_RSA_NULL_SHA 0x03000002
    140 #define SSL3_CK_RSA_RC4_40_MD5 0x03000003
    141 #define SSL3_CK_RSA_RC4_128_MD5 0x03000004
    142 #define SSL3_CK_RSA_RC4_128_SHA 0x03000005
    143 #define SSL3_CK_RSA_RC2_40_MD5 0x03000006
    144 #define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
    145 #define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
    146 #define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
    147 #define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
    148 
    149 #define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
    150 #define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
    151 #define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
    152 #define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
    153 #define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
    154 #define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
    155 
    156 #define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
    157 #define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
    158 #define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
    159 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
    160 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
    161 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
    162 
    163 #define SSL3_CK_ADH_RC4_40_MD5 0x03000017
    164 #define SSL3_CK_ADH_RC4_128_MD5 0x03000018
    165 #define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
    166 #define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
    167 #define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
    168 
    169 #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
    170 #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
    171 #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
    172 #define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
    173 #define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
    174 #define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
    175 #define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
    176 #define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
    177 #define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
    178 #define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
    179 
    180 #define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
    181 #define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
    182 #define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
    183 #define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
    184 #define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
    185 #define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
    186 
    187 #define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
    188 #define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
    189 #define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
    190 #define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
    191 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
    192 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
    193 
    194 #define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
    195 #define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
    196 #define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
    197 #define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
    198 #define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
    199 
    200 #define SSL3_SSL_SESSION_ID_LENGTH 32
    201 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
    202 
    203 #define SSL3_MASTER_SECRET_SIZE 48
    204 #define SSL3_RANDOM_SIZE 32
    205 #define SSL3_SESSION_ID_SIZE 32
    206 #define SSL3_RT_HEADER_LENGTH 5
    207 
    208 #define SSL3_HM_HEADER_LENGTH 4
    209 
    210 #ifndef SSL3_ALIGN_PAYLOAD
    211 /* Some will argue that this increases memory footprint, but it's not actually
    212  * true. Point is that malloc has to return at least 64-bit aligned pointers,
    213  * meaning that allocating 5 bytes wastes 3 bytes in either case. Suggested
    214  * pre-gaping simply moves these wasted bytes from the end of allocated region
    215  * to its front, but makes data payload aligned, which improves performance. */
    216 #define SSL3_ALIGN_PAYLOAD 8
    217 #else
    218 #if (SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) != 0
    219 #error "insane SSL3_ALIGN_PAYLOAD"
    220 #undef SSL3_ALIGN_PAYLOAD
    221 #endif
    222 #endif
    223 
    224 /* This is the maximum MAC (digest) size used by the SSL library. Currently
    225  * maximum of 20 is used by SHA1, but we reserve for future extension for
    226  * 512-bit hashes. */
    227 
    228 #define SSL3_RT_MAX_MD_SIZE 64
    229 
    230 /* Maximum block size used in all ciphersuites. Currently 16 for AES. */
    231 
    232 #define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
    233 
    234 /* Maximum plaintext length: defined by SSL/TLS standards */
    235 #define SSL3_RT_MAX_PLAIN_LENGTH 16384
    236 /* Maximum compression overhead: defined by SSL/TLS standards */
    237 #define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
    238 
    239 /* The standards give a maximum encryption overhead of 1024 bytes. In practice
    240  * the value is lower than this. The overhead is the maximum number of padding
    241  * bytes (256) plus the mac size.
    242  *
    243  * TODO(davidben): This derivation doesn't take AEADs into account, or TLS 1.1
    244  * explicit nonces. It happens to work because |SSL3_RT_MAX_MD_SIZE| is larger
    245  * than necessary and no true AEAD has variable overhead in TLS 1.2. */
    246 #define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
    247 
    248 /* SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD is the maximum overhead in encrypting a
    249  * record. This does not include the record header. Some ciphers use explicit
    250  * nonces, so it includes both the AEAD overhead as well as the nonce. */
    251 #define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
    252     (EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH)
    253 
    254 OPENSSL_COMPILE_ASSERT(
    255     SSL3_RT_MAX_ENCRYPTED_OVERHEAD >= SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
    256     max_overheads_are_consistent);
    257 
    258 /* SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for
    259  * |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the
    260  * compression overhead. */
    261 #define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
    262 
    263 #define SSL3_RT_MAX_ENCRYPTED_LENGTH \
    264   (SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH)
    265 #define SSL3_RT_MAX_PACKET_SIZE \
    266   (SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH)
    267 
    268 #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
    269 #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
    270 
    271 #define SSL3_RT_CHANGE_CIPHER_SPEC 20
    272 #define SSL3_RT_ALERT 21
    273 #define SSL3_RT_HANDSHAKE 22
    274 #define SSL3_RT_APPLICATION_DATA 23
    275 
    276 /* Pseudo content type for SSL/TLS header info */
    277 #define SSL3_RT_HEADER 0x100
    278 
    279 #define SSL3_AL_WARNING 1
    280 #define SSL3_AL_FATAL 2
    281 
    282 #define SSL3_AD_CLOSE_NOTIFY 0
    283 #define SSL3_AD_UNEXPECTED_MESSAGE 10    /* fatal */
    284 #define SSL3_AD_BAD_RECORD_MAC 20        /* fatal */
    285 #define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
    286 #define SSL3_AD_HANDSHAKE_FAILURE 40     /* fatal */
    287 #define SSL3_AD_NO_CERTIFICATE 41
    288 #define SSL3_AD_BAD_CERTIFICATE 42
    289 #define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
    290 #define SSL3_AD_CERTIFICATE_REVOKED 44
    291 #define SSL3_AD_CERTIFICATE_EXPIRED 45
    292 #define SSL3_AD_CERTIFICATE_UNKNOWN 46
    293 #define SSL3_AD_ILLEGAL_PARAMETER 47      /* fatal */
    294 #define SSL3_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */
    295 
    296 #define SSL3_CT_RSA_SIGN 1
    297 #define SSL3_CT_DSS_SIGN 2
    298 #define SSL3_CT_RSA_FIXED_DH 3
    299 #define SSL3_CT_DSS_FIXED_DH 4
    300 #define SSL3_CT_RSA_EPHEMERAL_DH 5
    301 #define SSL3_CT_DSS_EPHEMERAL_DH 6
    302 #define SSL3_CT_FORTEZZA_DMS 20
    303 
    304 /* SSLv3 */
    305 /* client */
    306 /* extra state */
    307 #define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT)
    308 #define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT)
    309 #define SSL3_ST_VERIFY_SERVER_CERT (0x102 | SSL_ST_CONNECT)
    310 /* write to server */
    311 #define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT)
    312 #define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT)
    313 /* read from server */
    314 #define SSL3_ST_CR_SRVR_HELLO_A (0x120 | SSL_ST_CONNECT)
    315 #define SSL3_ST_CR_SRVR_HELLO_B (0x121 | SSL_ST_CONNECT)
    316 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126 | SSL_ST_CONNECT)
    317 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127 | SSL_ST_CONNECT)
    318 #define SSL3_ST_CR_CERT_A (0x130 | SSL_ST_CONNECT)
    319 #define SSL3_ST_CR_CERT_B (0x131 | SSL_ST_CONNECT)
    320 #define SSL3_ST_CR_KEY_EXCH_A (0x140 | SSL_ST_CONNECT)
    321 #define SSL3_ST_CR_KEY_EXCH_B (0x141 | SSL_ST_CONNECT)
    322 #define SSL3_ST_CR_CERT_REQ_A (0x150 | SSL_ST_CONNECT)
    323 #define SSL3_ST_CR_CERT_REQ_B (0x151 | SSL_ST_CONNECT)
    324 #define SSL3_ST_CR_SRVR_DONE_A (0x160 | SSL_ST_CONNECT)
    325 #define SSL3_ST_CR_SRVR_DONE_B (0x161 | SSL_ST_CONNECT)
    326 /* write to server */
    327 #define SSL3_ST_CW_CERT_A (0x170 | SSL_ST_CONNECT)
    328 #define SSL3_ST_CW_CERT_B (0x171 | SSL_ST_CONNECT)
    329 #define SSL3_ST_CW_CERT_C (0x172 | SSL_ST_CONNECT)
    330 #define SSL3_ST_CW_CERT_D (0x173 | SSL_ST_CONNECT)
    331 #define SSL3_ST_CW_KEY_EXCH_A (0x180 | SSL_ST_CONNECT)
    332 #define SSL3_ST_CW_KEY_EXCH_B (0x181 | SSL_ST_CONNECT)
    333 #define SSL3_ST_CW_CERT_VRFY_A (0x190 | SSL_ST_CONNECT)
    334 #define SSL3_ST_CW_CERT_VRFY_B (0x191 | SSL_ST_CONNECT)
    335 #define SSL3_ST_CW_CERT_VRFY_C (0x192 | SSL_ST_CONNECT)
    336 #define SSL3_ST_CW_CHANGE_A (0x1A0 | SSL_ST_CONNECT)
    337 #define SSL3_ST_CW_CHANGE_B (0x1A1 | SSL_ST_CONNECT)
    338 #define SSL3_ST_CW_NEXT_PROTO_A (0x200 | SSL_ST_CONNECT)
    339 #define SSL3_ST_CW_NEXT_PROTO_B (0x201 | SSL_ST_CONNECT)
    340 #define SSL3_ST_CW_CHANNEL_ID_A (0x220 | SSL_ST_CONNECT)
    341 #define SSL3_ST_CW_CHANNEL_ID_B (0x221 | SSL_ST_CONNECT)
    342 #define SSL3_ST_CW_FINISHED_A (0x1B0 | SSL_ST_CONNECT)
    343 #define SSL3_ST_CW_FINISHED_B (0x1B1 | SSL_ST_CONNECT)
    344 /* read from server */
    345 #define SSL3_ST_CR_CHANGE (0x1C0 | SSL_ST_CONNECT)
    346 #define SSL3_ST_CR_FINISHED_A (0x1D0 | SSL_ST_CONNECT)
    347 #define SSL3_ST_CR_FINISHED_B (0x1D1 | SSL_ST_CONNECT)
    348 #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0 | SSL_ST_CONNECT)
    349 #define SSL3_ST_CR_SESSION_TICKET_B (0x1E1 | SSL_ST_CONNECT)
    350 #define SSL3_ST_CR_CERT_STATUS_A (0x1F0 | SSL_ST_CONNECT)
    351 #define SSL3_ST_CR_CERT_STATUS_B (0x1F1 | SSL_ST_CONNECT)
    352 
    353 /* server */
    354 /* extra state */
    355 #define SSL3_ST_SW_FLUSH (0x100 | SSL_ST_ACCEPT)
    356 /* read from client */
    357 #define SSL3_ST_SR_INITIAL_BYTES (0x240 | SSL_ST_ACCEPT)
    358 #define SSL3_ST_SR_V2_CLIENT_HELLO (0x241 | SSL_ST_ACCEPT)
    359 #define SSL3_ST_SR_CLNT_HELLO_A (0x110 | SSL_ST_ACCEPT)
    360 #define SSL3_ST_SR_CLNT_HELLO_B (0x111 | SSL_ST_ACCEPT)
    361 #define SSL3_ST_SR_CLNT_HELLO_C (0x112 | SSL_ST_ACCEPT)
    362 #define SSL3_ST_SR_CLNT_HELLO_D (0x115 | SSL_ST_ACCEPT)
    363 /* write to client */
    364 #define SSL3_ST_SW_HELLO_REQ_A (0x120 | SSL_ST_ACCEPT)
    365 #define SSL3_ST_SW_HELLO_REQ_B (0x121 | SSL_ST_ACCEPT)
    366 #define SSL3_ST_SW_HELLO_REQ_C (0x122 | SSL_ST_ACCEPT)
    367 #define SSL3_ST_SW_SRVR_HELLO_A (0x130 | SSL_ST_ACCEPT)
    368 #define SSL3_ST_SW_SRVR_HELLO_B (0x131 | SSL_ST_ACCEPT)
    369 #define SSL3_ST_SW_CERT_A (0x140 | SSL_ST_ACCEPT)
    370 #define SSL3_ST_SW_CERT_B (0x141 | SSL_ST_ACCEPT)
    371 #define SSL3_ST_SW_KEY_EXCH_A (0x150 | SSL_ST_ACCEPT)
    372 #define SSL3_ST_SW_KEY_EXCH_B (0x151 | SSL_ST_ACCEPT)
    373 #define SSL3_ST_SW_KEY_EXCH_C (0x152 | SSL_ST_ACCEPT)
    374 #define SSL3_ST_SW_CERT_REQ_A (0x160 | SSL_ST_ACCEPT)
    375 #define SSL3_ST_SW_CERT_REQ_B (0x161 | SSL_ST_ACCEPT)
    376 #define SSL3_ST_SW_SRVR_DONE_A (0x170 | SSL_ST_ACCEPT)
    377 #define SSL3_ST_SW_SRVR_DONE_B (0x171 | SSL_ST_ACCEPT)
    378 /* read from client */
    379 #define SSL3_ST_SR_CERT_A (0x180 | SSL_ST_ACCEPT)
    380 #define SSL3_ST_SR_CERT_B (0x181 | SSL_ST_ACCEPT)
    381 #define SSL3_ST_SR_KEY_EXCH_A (0x190 | SSL_ST_ACCEPT)
    382 #define SSL3_ST_SR_KEY_EXCH_B (0x191 | SSL_ST_ACCEPT)
    383 #define SSL3_ST_SR_KEY_EXCH_C (0x192 | SSL_ST_ACCEPT)
    384 #define SSL3_ST_SR_CERT_VRFY_A (0x1A0 | SSL_ST_ACCEPT)
    385 #define SSL3_ST_SR_CERT_VRFY_B (0x1A1 | SSL_ST_ACCEPT)
    386 #define SSL3_ST_SR_CHANGE (0x1B0 | SSL_ST_ACCEPT)
    387 #define SSL3_ST_SR_NEXT_PROTO_A (0x210 | SSL_ST_ACCEPT)
    388 #define SSL3_ST_SR_NEXT_PROTO_B (0x211 | SSL_ST_ACCEPT)
    389 #define SSL3_ST_SR_CHANNEL_ID_A (0x230 | SSL_ST_ACCEPT)
    390 #define SSL3_ST_SR_CHANNEL_ID_B (0x231 | SSL_ST_ACCEPT)
    391 #define SSL3_ST_SR_FINISHED_A (0x1C0 | SSL_ST_ACCEPT)
    392 #define SSL3_ST_SR_FINISHED_B (0x1C1 | SSL_ST_ACCEPT)
    393 
    394 /* write to client */
    395 #define SSL3_ST_SW_CHANGE_A (0x1D0 | SSL_ST_ACCEPT)
    396 #define SSL3_ST_SW_CHANGE_B (0x1D1 | SSL_ST_ACCEPT)
    397 #define SSL3_ST_SW_FINISHED_A (0x1E0 | SSL_ST_ACCEPT)
    398 #define SSL3_ST_SW_FINISHED_B (0x1E1 | SSL_ST_ACCEPT)
    399 #define SSL3_ST_SW_SESSION_TICKET_A (0x1F0 | SSL_ST_ACCEPT)
    400 #define SSL3_ST_SW_SESSION_TICKET_B (0x1F1 | SSL_ST_ACCEPT)
    401 #define SSL3_ST_SW_CERT_STATUS_A (0x200 | SSL_ST_ACCEPT)
    402 #define SSL3_ST_SW_CERT_STATUS_B (0x201 | SSL_ST_ACCEPT)
    403 #define SSL3_ST_SW_SUPPLEMENTAL_DATA_A (0x220 | SSL_ST_ACCEPT)
    404 #define SSL3_ST_SW_SUPPLEMENTAL_DATA_B (0x221 | SSL_ST_ACCEPT)
    405 
    406 #define SSL3_MT_HELLO_REQUEST 0
    407 #define SSL3_MT_CLIENT_HELLO 1
    408 #define SSL3_MT_SERVER_HELLO 2
    409 #define SSL3_MT_NEWSESSION_TICKET 4
    410 #define SSL3_MT_CERTIFICATE 11
    411 #define SSL3_MT_SERVER_KEY_EXCHANGE 12
    412 #define SSL3_MT_CERTIFICATE_REQUEST 13
    413 #define SSL3_MT_SERVER_DONE 14
    414 #define SSL3_MT_CERTIFICATE_VERIFY 15
    415 #define SSL3_MT_CLIENT_KEY_EXCHANGE 16
    416 #define SSL3_MT_FINISHED 20
    417 #define SSL3_MT_CERTIFICATE_STATUS 22
    418 #define SSL3_MT_SUPPLEMENTAL_DATA 23
    419 #define SSL3_MT_NEXT_PROTO 67
    420 #define SSL3_MT_ENCRYPTED_EXTENSIONS 203
    421 #define DTLS1_MT_HELLO_VERIFY_REQUEST 3
    422 
    423 
    424 #define SSL3_MT_CCS 1
    425 
    426 /* These are used when changing over to a new cipher */
    427 #define SSL3_CC_READ 0x01
    428 #define SSL3_CC_WRITE 0x02
    429 #define SSL3_CC_CLIENT 0x10
    430 #define SSL3_CC_SERVER 0x20
    431 #define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT | SSL3_CC_WRITE)
    432 #define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER | SSL3_CC_READ)
    433 #define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT | SSL3_CC_READ)
    434 #define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER | SSL3_CC_WRITE)
    435 
    436 
    437 #ifdef  __cplusplus
    438 }  /* extern C */
    439 #endif
    440 
    441 #endif  /* OPENSSL_HEADER_SSL3_H */
    442