diff options
Diffstat (limited to 'src/include/openssl/tls1.h')
| -rw-r--r-- | src/include/openssl/tls1.h | 137 |
1 files changed, 38 insertions, 99 deletions
diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h index f2bee27..92d2752 100644 --- a/src/include/openssl/tls1.h +++ b/src/include/openssl/tls1.h @@ -1,4 +1,3 @@ -/* ssl/tls1.h */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -148,11 +147,10 @@ * OTHERWISE. */ -#ifndef HEADER_TLS1_H -#define HEADER_TLS1_H +#ifndef OPENSSL_HEADER_TLS1_H +#define OPENSSL_HEADER_TLS1_H -#include <openssl/buf.h> -#include <openssl/stack.h> +#include <openssl/base.h> #ifdef __cplusplus extern "C" { @@ -209,7 +207,7 @@ extern "C" { #define TLSEXT_TYPE_signature_algorithms 13 /* ExtensionType value from RFC5764 */ -#define TLSEXT_TYPE_use_srtp 14 +#define TLSEXT_TYPE_srtp 14 /* ExtensionType value from RFC5620 */ #define TLSEXT_TYPE_heartbeat 15 @@ -217,10 +215,7 @@ extern "C" { /* ExtensionType value from RFC7301 */ #define TLSEXT_TYPE_application_layer_protocol_negotiation 16 -/* ExtensionType value for TLS padding extension. - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - * http://tools.ietf.org/html/draft-agl-tls-padding-03 - */ +/* ExtensionType value from RFC7685 */ #define TLSEXT_TYPE_padding 21 /* https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 */ @@ -239,11 +234,8 @@ extern "C" { #define TLSEXT_TYPE_next_proto_neg 13172 /* This is not an IANA defined extension number */ -#define TLSEXT_TYPE_channel_id 30031 -#define TLSEXT_TYPE_channel_id_new 30032 +#define TLSEXT_TYPE_channel_id 30032 -/* NameType value from RFC 3546 */ -#define TLSEXT_NAMETYPE_host_name 0 /* status request value from RFC 3546 */ #define TLSEXT_STATUSTYPE_ocsp 1 @@ -278,83 +270,6 @@ extern "C" { #define TLSEXT_MAXLEN_host_name 255 -OPENSSL_EXPORT const char *SSL_get_servername(const SSL *s, const int type); -OPENSSL_EXPORT int SSL_get_servername_type(const SSL *s); - -/* SSL_export_keying_material exports a value derived from the master secret, as - * specified in RFC 5705. It writes |out_len| bytes to |out| given a label and - * optional context. (Since a zero length context is allowed, the |use_context| - * flag controls whether a context is included.) - * - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int SSL_export_keying_material( - SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len, - const uint8_t *context, size_t context_len, int use_context); - -OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, - int *psignandhash, uint8_t *rsig, - uint8_t *rhash); - -OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, - int *phash, int *psignandhash, - uint8_t *rsig, uint8_t *rhash); - -/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name| - * in the server_name extension. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name); - -/* SSL_CTX_set_tlsext_servername_callback configures |callback| to be called on - * the server after ClientHello extensions have been parsed and returns one. - * |callback| may use |SSL_get_servername| to examine the server_name extension - * and return a |SSL_TLSEXT_ERR_*| value. If it returns |SSL_TLSEXT_ERR_NOACK|, - * the server_name extension is not acknowledged in the ServerHello. If the - * return value signals an alert, |callback| should set |*out_alert| to the - * alert to send. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback( - SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)); - -#define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_ALERT_WARNING 1 -#define SSL_TLSEXT_ERR_ALERT_FATAL 2 -#define SSL_TLSEXT_ERR_NOACK 3 - -/* SSL_CTX_set_tlsext_servername_arg sets the argument to the servername - * callback and returns one. See |SSL_CTX_set_tlsext_servername_callback|. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg); - -#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx), SSL_CTRL_GET_TLSEXT_TICKET_KEYS, (keylen), (keys)) -#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys)) - -/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and - * returns one. |callback| will be called when encrypting a new ticket and when - * decrypting a ticket from the client. - * - * In both modes, |ctx| and |hmac_ctx| will already have been initialized with - * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback| - * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx| - * for encryption or decryption, based on the mode. - * - * When encrypting a new ticket, |encrypt| will be one. It writes a public - * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length - * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns 1 on success and -1 on error. - * - * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a - * 16-byte key name and |iv| points to an IV. The length of the IV consumed must - * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket - * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed. - * This may be used to re-key the ticket. - * - * WARNING: |callback| wildly breaks the usual return value convention and is - * called in two different modes. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( - SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv, - EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, - int encrypt)); - /* PSK ciphersuites from 4279 */ #define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A #define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B @@ -512,9 +427,17 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 #define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 -#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CC13 -#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14 -#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15 +#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD 0x0300CC13 +#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD 0x0300CC14 + +#define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA8 +#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0x0300CCA9 +#define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0x0300CCAC + +/* TODO(davidben): Remove this. Historically, the CK names for CHACHA20_POLY1305 + * were missing 'WITH' and 'SHA256'. */ +#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 \ + TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 /* XXX * Inconsistency alert: @@ -676,10 +599,25 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" #define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305" -#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 \ +/* For convenience, the old and new CHACHA20_POLY1305 ciphers have the same + * name. In cipher strings, both will be selected. This is temporary and will be + * removed when the pre-standard construction is removed. */ +#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD \ + "ECDHE-RSA-CHACHA20-POLY1305" +#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD \ + "ECDHE-ECDSA-CHACHA20-POLY1305" + +#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 \ + "ECDHE-RSA-CHACHA20-POLY1305" +#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 \ "ECDHE-ECDSA-CHACHA20-POLY1305" -#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" +#define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \ + "ECDHE-PSK-CHACHA20-POLY1305" + +/* TODO(davidben): Remove this. Historically, the TXT names for CHACHA20_POLY1305 + * were missing 'SHA256'. */ +#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 \ + TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 @@ -709,6 +647,7 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #ifdef __cplusplus -} -#endif +} /* extern C */ #endif + +#endif /* OPENSSL_HEADER_TLS1_H */ |