1 1.1 christos /* 2 1.1 christos * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * Copyright 2005 Nokia. All rights reserved. 4 1.1 christos * 5 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 6 1.1 christos * this file except in compliance with the License. You can obtain a copy 7 1.1 christos * in the file LICENSE in the source distribution or at 8 1.1 christos * https://www.openssl.org/source/license.html 9 1.1 christos */ 10 1.1 christos 11 1.1 christos #include <stdio.h> 12 1.1 christos #include "ssl_local.h" 13 1.1 christos #include <openssl/evp.h> 14 1.1 christos #include <openssl/md5.h> 15 1.1 christos #include <openssl/core_names.h> 16 1.1 christos #include "internal/cryptlib.h" 17 1.1 christos #include "internal/ssl_unwrap.h" 18 1.1 christos 19 1.1 christos static int ssl3_generate_key_block(SSL_CONNECTION *s, unsigned char *km, int num) 20 1.1 christos { 21 1.1 christos const EVP_MD *md5 = NULL, *sha1 = NULL; 22 1.1 christos EVP_MD_CTX *m5; 23 1.1 christos EVP_MD_CTX *s1; 24 1.1 christos unsigned char buf[16], smd[SHA_DIGEST_LENGTH]; 25 1.1 christos unsigned char c = 'A'; 26 1.1 christos unsigned int i, k; 27 1.1 christos int ret = 0; 28 1.1 christos SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); 29 1.1 christos 30 1.1 christos #ifdef CHARSET_EBCDIC 31 1.1.1.2 christos c = os_toascii[c]; /* 'A' in ASCII */ 32 1.1 christos #endif 33 1.1 christos k = 0; 34 1.1 christos md5 = ssl_evp_md_fetch(sctx->libctx, NID_md5, sctx->propq); 35 1.1 christos sha1 = ssl_evp_md_fetch(sctx->libctx, NID_sha1, sctx->propq); 36 1.1 christos m5 = EVP_MD_CTX_new(); 37 1.1 christos s1 = EVP_MD_CTX_new(); 38 1.1 christos if (md5 == NULL || sha1 == NULL || m5 == NULL || s1 == NULL) { 39 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); 40 1.1 christos goto err; 41 1.1 christos } 42 1.1 christos for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) { 43 1.1 christos k++; 44 1.1 christos if (k > sizeof(buf)) { 45 1.1 christos /* bug: 'buf' is too small for this ciphersuite */ 46 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 47 1.1 christos goto err; 48 1.1 christos } 49 1.1 christos 50 1.1 christos memset(buf, c, k); 51 1.1 christos c++; 52 1.1 christos if (!EVP_DigestInit_ex(s1, sha1, NULL) 53 1.1 christos || !EVP_DigestUpdate(s1, buf, k) 54 1.1 christos || !EVP_DigestUpdate(s1, s->session->master_key, 55 1.1.1.2 christos s->session->master_key_length) 56 1.1 christos || !EVP_DigestUpdate(s1, s->s3.server_random, SSL3_RANDOM_SIZE) 57 1.1 christos || !EVP_DigestUpdate(s1, s->s3.client_random, SSL3_RANDOM_SIZE) 58 1.1 christos || !EVP_DigestFinal_ex(s1, smd, NULL) 59 1.1 christos || !EVP_DigestInit_ex(m5, md5, NULL) 60 1.1 christos || !EVP_DigestUpdate(m5, s->session->master_key, 61 1.1.1.2 christos s->session->master_key_length) 62 1.1 christos || !EVP_DigestUpdate(m5, smd, SHA_DIGEST_LENGTH)) { 63 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 64 1.1 christos goto err; 65 1.1 christos } 66 1.1 christos if ((int)(i + MD5_DIGEST_LENGTH) > num) { 67 1.1 christos if (!EVP_DigestFinal_ex(m5, smd, NULL)) { 68 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 69 1.1 christos goto err; 70 1.1 christos } 71 1.1 christos memcpy(km, smd, (num - i)); 72 1.1 christos } else { 73 1.1 christos if (!EVP_DigestFinal_ex(m5, km, NULL)) { 74 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 75 1.1 christos goto err; 76 1.1 christos } 77 1.1 christos } 78 1.1 christos 79 1.1 christos km += MD5_DIGEST_LENGTH; 80 1.1 christos } 81 1.1 christos OPENSSL_cleanse(smd, sizeof(smd)); 82 1.1 christos ret = 1; 83 1.1.1.2 christos err: 84 1.1 christos EVP_MD_CTX_free(m5); 85 1.1 christos EVP_MD_CTX_free(s1); 86 1.1 christos ssl_evp_md_free(md5); 87 1.1 christos ssl_evp_md_free(sha1); 88 1.1 christos return ret; 89 1.1 christos } 90 1.1 christos 91 1.1 christos int ssl3_change_cipher_state(SSL_CONNECTION *s, int which) 92 1.1 christos { 93 1.1 christos unsigned char *p, *mac_secret; 94 1.1 christos size_t md_len; 95 1.1 christos unsigned char *key, *iv; 96 1.1 christos const EVP_CIPHER *ciph; 97 1.1 christos const SSL_COMP *comp = NULL; 98 1.1 christos const EVP_MD *md; 99 1.1 christos int mdi; 100 1.1 christos size_t n, iv_len, key_len; 101 1.1 christos int direction = (which & SSL3_CC_READ) != 0 ? OSSL_RECORD_DIRECTION_READ 102 1.1 christos : OSSL_RECORD_DIRECTION_WRITE; 103 1.1 christos 104 1.1 christos ciph = s->s3.tmp.new_sym_enc; 105 1.1 christos md = s->s3.tmp.new_hash; 106 1.1 christos /* m == NULL will lead to a crash later */ 107 1.1 christos if (!ossl_assert(md != NULL)) { 108 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 109 1.1 christos goto err; 110 1.1 christos } 111 1.1 christos #ifndef OPENSSL_NO_COMP 112 1.1 christos comp = s->s3.tmp.new_compression; 113 1.1 christos #endif 114 1.1 christos 115 1.1 christos p = s->s3.tmp.key_block; 116 1.1 christos mdi = EVP_MD_get_size(md); 117 1.1 christos if (mdi <= 0) { 118 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 119 1.1 christos goto err; 120 1.1 christos } 121 1.1 christos md_len = (size_t)mdi; 122 1.1 christos key_len = EVP_CIPHER_get_key_length(ciph); 123 1.1 christos iv_len = EVP_CIPHER_get_iv_length(ciph); 124 1.1 christos 125 1.1.1.2 christos if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || (which == SSL3_CHANGE_CIPHER_SERVER_READ)) { 126 1.1 christos mac_secret = &(p[0]); 127 1.1 christos n = md_len + md_len; 128 1.1 christos key = &(p[n]); 129 1.1 christos n += key_len + key_len; 130 1.1 christos iv = &(p[n]); 131 1.1 christos n += iv_len + iv_len; 132 1.1 christos } else { 133 1.1 christos n = md_len; 134 1.1 christos mac_secret = &(p[n]); 135 1.1 christos n += md_len + key_len; 136 1.1 christos key = &(p[n]); 137 1.1 christos n += key_len + iv_len; 138 1.1 christos iv = &(p[n]); 139 1.1 christos n += iv_len; 140 1.1 christos } 141 1.1 christos 142 1.1 christos if (n > s->s3.tmp.key_block_length) { 143 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 144 1.1 christos goto err; 145 1.1 christos } 146 1.1 christos 147 1.1 christos if (!ssl_set_new_record_layer(s, SSL3_VERSION, 148 1.1.1.2 christos direction, 149 1.1.1.2 christos OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 150 1.1.1.2 christos NULL, 0, key, key_len, iv, iv_len, mac_secret, 151 1.1.1.2 christos md_len, ciph, 0, NID_undef, md, comp, NULL)) { 152 1.1 christos /* SSLfatal already called */ 153 1.1 christos goto err; 154 1.1 christos } 155 1.1 christos 156 1.1 christos return 1; 157 1.1.1.2 christos err: 158 1.1 christos return 0; 159 1.1 christos } 160 1.1 christos 161 1.1 christos int ssl3_setup_key_block(SSL_CONNECTION *s) 162 1.1 christos { 163 1.1 christos unsigned char *p; 164 1.1 christos const EVP_CIPHER *c; 165 1.1 christos const EVP_MD *hash; 166 1.1 christos int num; 167 1.1 christos int ret = 0; 168 1.1 christos SSL_COMP *comp; 169 1.1 christos 170 1.1 christos if (s->s3.tmp.key_block_length != 0) 171 1.1 christos return 1; 172 1.1 christos 173 1.1 christos if (!ssl_cipher_get_evp(SSL_CONNECTION_GET_CTX(s), s->session, &c, &hash, 174 1.1.1.2 christos NULL, NULL, &comp, 0)) { 175 1.1 christos /* Error is already recorded */ 176 1.1 christos SSLfatal_alert(s, SSL_AD_INTERNAL_ERROR); 177 1.1 christos return 0; 178 1.1 christos } 179 1.1 christos 180 1.1 christos ssl_evp_cipher_free(s->s3.tmp.new_sym_enc); 181 1.1 christos s->s3.tmp.new_sym_enc = c; 182 1.1 christos ssl_evp_md_free(s->s3.tmp.new_hash); 183 1.1 christos s->s3.tmp.new_hash = hash; 184 1.1 christos #ifdef OPENSSL_NO_COMP 185 1.1 christos s->s3.tmp.new_compression = NULL; 186 1.1 christos #else 187 1.1 christos s->s3.tmp.new_compression = comp; 188 1.1 christos #endif 189 1.1 christos 190 1.1 christos num = EVP_MD_get_size(hash); 191 1.1 christos if (num <= 0) 192 1.1 christos return 0; 193 1.1 christos 194 1.1 christos num = EVP_CIPHER_get_key_length(c) + num + EVP_CIPHER_get_iv_length(c); 195 1.1 christos num *= 2; 196 1.1 christos 197 1.1 christos ssl3_cleanup_key_block(s); 198 1.1 christos 199 1.1 christos if ((p = OPENSSL_malloc(num)) == NULL) { 200 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); 201 1.1 christos return 0; 202 1.1 christos } 203 1.1 christos 204 1.1 christos s->s3.tmp.key_block_length = num; 205 1.1 christos s->s3.tmp.key_block = p; 206 1.1 christos 207 1.1 christos /* Calls SSLfatal() as required */ 208 1.1 christos ret = ssl3_generate_key_block(s, p, num); 209 1.1 christos 210 1.1 christos return ret; 211 1.1 christos } 212 1.1 christos 213 1.1 christos void ssl3_cleanup_key_block(SSL_CONNECTION *s) 214 1.1 christos { 215 1.1 christos OPENSSL_clear_free(s->s3.tmp.key_block, s->s3.tmp.key_block_length); 216 1.1 christos s->s3.tmp.key_block = NULL; 217 1.1 christos s->s3.tmp.key_block_length = 0; 218 1.1 christos } 219 1.1 christos 220 1.1 christos int ssl3_init_finished_mac(SSL_CONNECTION *s) 221 1.1 christos { 222 1.1 christos BIO *buf = BIO_new(BIO_s_mem()); 223 1.1 christos 224 1.1 christos if (buf == NULL) { 225 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_BIO_LIB); 226 1.1 christos return 0; 227 1.1 christos } 228 1.1 christos ssl3_free_digest_list(s); 229 1.1 christos s->s3.handshake_buffer = buf; 230 1.1 christos (void)BIO_set_close(s->s3.handshake_buffer, BIO_CLOSE); 231 1.1 christos return 1; 232 1.1 christos } 233 1.1 christos 234 1.1 christos /* 235 1.1 christos * Free digest list. Also frees handshake buffer since they are always freed 236 1.1 christos * together. 237 1.1 christos */ 238 1.1 christos 239 1.1 christos void ssl3_free_digest_list(SSL_CONNECTION *s) 240 1.1 christos { 241 1.1 christos BIO_free(s->s3.handshake_buffer); 242 1.1 christos s->s3.handshake_buffer = NULL; 243 1.1 christos EVP_MD_CTX_free(s->s3.handshake_dgst); 244 1.1 christos s->s3.handshake_dgst = NULL; 245 1.1 christos } 246 1.1 christos 247 1.1 christos int ssl3_finish_mac(SSL_CONNECTION *s, const unsigned char *buf, size_t len) 248 1.1 christos { 249 1.1 christos int ret; 250 1.1 christos 251 1.1 christos if (s->s3.handshake_dgst == NULL) { 252 1.1 christos /* Note: this writes to a memory BIO so a failure is a fatal error */ 253 1.1 christos if (len > INT_MAX) { 254 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_OVERFLOW_ERROR); 255 1.1 christos return 0; 256 1.1 christos } 257 1.1 christos ret = BIO_write(s->s3.handshake_buffer, (void *)buf, (int)len); 258 1.1 christos if (ret <= 0 || ret != (int)len) { 259 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 260 1.1 christos return 0; 261 1.1 christos } 262 1.1 christos } else { 263 1.1 christos ret = EVP_DigestUpdate(s->s3.handshake_dgst, buf, len); 264 1.1 christos if (!ret) { 265 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 266 1.1 christos return 0; 267 1.1 christos } 268 1.1 christos } 269 1.1 christos return 1; 270 1.1 christos } 271 1.1 christos 272 1.1 christos int ssl3_digest_cached_records(SSL_CONNECTION *s, int keep) 273 1.1 christos { 274 1.1 christos const EVP_MD *md; 275 1.1 christos long hdatalen; 276 1.1 christos void *hdata; 277 1.1 christos 278 1.1 christos if (s->s3.handshake_dgst == NULL) { 279 1.1 christos hdatalen = BIO_get_mem_data(s->s3.handshake_buffer, &hdata); 280 1.1 christos if (hdatalen <= 0) { 281 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_HANDSHAKE_LENGTH); 282 1.1 christos return 0; 283 1.1 christos } 284 1.1 christos 285 1.1 christos s->s3.handshake_dgst = EVP_MD_CTX_new(); 286 1.1 christos if (s->s3.handshake_dgst == NULL) { 287 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); 288 1.1 christos return 0; 289 1.1 christos } 290 1.1 christos 291 1.1 christos md = ssl_handshake_md(s); 292 1.1 christos if (md == NULL) { 293 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, 294 1.1.1.2 christos SSL_R_NO_SUITABLE_DIGEST_ALGORITHM); 295 1.1 christos return 0; 296 1.1 christos } 297 1.1 christos if (!EVP_DigestInit_ex(s->s3.handshake_dgst, md, NULL) 298 1.1 christos || !EVP_DigestUpdate(s->s3.handshake_dgst, hdata, hdatalen)) { 299 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 300 1.1 christos return 0; 301 1.1 christos } 302 1.1 christos } 303 1.1 christos if (keep == 0) { 304 1.1 christos BIO_free(s->s3.handshake_buffer); 305 1.1 christos s->s3.handshake_buffer = NULL; 306 1.1 christos } 307 1.1 christos 308 1.1 christos return 1; 309 1.1 christos } 310 1.1 christos 311 1.1 christos void ssl3_digest_master_key_set_params(const SSL_SESSION *session, 312 1.1.1.2 christos OSSL_PARAM params[]) 313 1.1 christos { 314 1.1 christos int n = 0; 315 1.1 christos params[n++] = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS, 316 1.1.1.2 christos (void *)session->master_key, 317 1.1.1.2 christos session->master_key_length); 318 1.1 christos params[n++] = OSSL_PARAM_construct_end(); 319 1.1 christos } 320 1.1 christos 321 1.1 christos size_t ssl3_final_finish_mac(SSL_CONNECTION *s, const char *sender, size_t len, 322 1.1.1.2 christos unsigned char *p) 323 1.1 christos { 324 1.1 christos int ret; 325 1.1 christos EVP_MD_CTX *ctx = NULL; 326 1.1 christos 327 1.1 christos if (!ssl3_digest_cached_records(s, 0)) { 328 1.1 christos /* SSLfatal() already called */ 329 1.1 christos return 0; 330 1.1 christos } 331 1.1 christos 332 1.1 christos if (EVP_MD_CTX_get_type(s->s3.handshake_dgst) != NID_md5_sha1) { 333 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_NO_REQUIRED_DIGEST); 334 1.1 christos return 0; 335 1.1 christos } 336 1.1 christos 337 1.1 christos ctx = EVP_MD_CTX_new(); 338 1.1 christos if (ctx == NULL) { 339 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); 340 1.1 christos return 0; 341 1.1 christos } 342 1.1 christos if (!EVP_MD_CTX_copy_ex(ctx, s->s3.handshake_dgst)) { 343 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 344 1.1 christos ret = 0; 345 1.1 christos goto err; 346 1.1 christos } 347 1.1 christos 348 1.1 christos ret = EVP_MD_CTX_get_size(ctx); 349 1.1 christos if (ret < 0) { 350 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 351 1.1 christos ret = 0; 352 1.1 christos goto err; 353 1.1 christos } 354 1.1 christos 355 1.1 christos if (sender != NULL) { 356 1.1 christos OSSL_PARAM digest_cmd_params[3]; 357 1.1 christos 358 1.1 christos ssl3_digest_master_key_set_params(s->session, digest_cmd_params); 359 1.1 christos 360 1.1 christos if (EVP_DigestUpdate(ctx, sender, len) <= 0 361 1.1 christos || EVP_MD_CTX_set_params(ctx, digest_cmd_params) <= 0 362 1.1 christos || EVP_DigestFinal_ex(ctx, p, NULL) <= 0) { 363 1.1.1.2 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 364 1.1.1.2 christos ret = 0; 365 1.1 christos } 366 1.1 christos } 367 1.1 christos 368 1.1.1.2 christos err: 369 1.1 christos EVP_MD_CTX_free(ctx); 370 1.1 christos 371 1.1 christos return ret; 372 1.1 christos } 373 1.1 christos 374 1.1 christos int ssl3_generate_master_secret(SSL_CONNECTION *s, unsigned char *out, 375 1.1.1.2 christos unsigned char *p, 376 1.1.1.2 christos size_t len, size_t *secret_size) 377 1.1 christos { 378 1.1 christos static const unsigned char *const salt[3] = { 379 1.1 christos #ifndef CHARSET_EBCDIC 380 1.1 christos (const unsigned char *)"A", 381 1.1 christos (const unsigned char *)"BB", 382 1.1 christos (const unsigned char *)"CCC", 383 1.1 christos #else 384 1.1 christos (const unsigned char *)"\x41", 385 1.1 christos (const unsigned char *)"\x42\x42", 386 1.1 christos (const unsigned char *)"\x43\x43\x43", 387 1.1 christos #endif 388 1.1 christos }; 389 1.1 christos unsigned char buf[EVP_MAX_MD_SIZE]; 390 1.1 christos EVP_MD_CTX *ctx = EVP_MD_CTX_new(); 391 1.1 christos int i, ret = 1; 392 1.1 christos unsigned int n; 393 1.1 christos size_t ret_secret_size = 0; 394 1.1 christos 395 1.1 christos if (ctx == NULL) { 396 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); 397 1.1 christos return 0; 398 1.1 christos } 399 1.1 christos for (i = 0; i < 3; i++) { 400 1.1 christos if (EVP_DigestInit_ex(ctx, SSL_CONNECTION_GET_CTX(s)->sha1, NULL) <= 0 401 1.1 christos || EVP_DigestUpdate(ctx, salt[i], 402 1.1.1.2 christos strlen((const char *)salt[i])) 403 1.1.1.2 christos <= 0 404 1.1 christos || EVP_DigestUpdate(ctx, p, len) <= 0 405 1.1 christos || EVP_DigestUpdate(ctx, &(s->s3.client_random[0]), 406 1.1.1.2 christos SSL3_RANDOM_SIZE) 407 1.1.1.2 christos <= 0 408 1.1 christos || EVP_DigestUpdate(ctx, &(s->s3.server_random[0]), 409 1.1.1.2 christos SSL3_RANDOM_SIZE) 410 1.1.1.2 christos <= 0 411 1.1 christos || EVP_DigestFinal_ex(ctx, buf, &n) <= 0 412 1.1 christos || EVP_DigestInit_ex(ctx, SSL_CONNECTION_GET_CTX(s)->md5, NULL) <= 0 413 1.1 christos || EVP_DigestUpdate(ctx, p, len) <= 0 414 1.1 christos || EVP_DigestUpdate(ctx, buf, n) <= 0 415 1.1 christos || EVP_DigestFinal_ex(ctx, out, &n) <= 0) { 416 1.1 christos SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); 417 1.1 christos ret = 0; 418 1.1 christos break; 419 1.1 christos } 420 1.1 christos out += n; 421 1.1 christos ret_secret_size += n; 422 1.1 christos } 423 1.1 christos EVP_MD_CTX_free(ctx); 424 1.1 christos 425 1.1 christos OPENSSL_cleanse(buf, sizeof(buf)); 426 1.1 christos if (ret) 427 1.1 christos *secret_size = ret_secret_size; 428 1.1 christos return ret; 429 1.1 christos } 430 1.1 christos 431 1.1 christos int ssl3_alert_code(int code) 432 1.1 christos { 433 1.1 christos switch (code) { 434 1.1 christos case SSL_AD_CLOSE_NOTIFY: 435 1.1 christos return SSL3_AD_CLOSE_NOTIFY; 436 1.1 christos case SSL_AD_UNEXPECTED_MESSAGE: 437 1.1 christos return SSL3_AD_UNEXPECTED_MESSAGE; 438 1.1 christos case SSL_AD_BAD_RECORD_MAC: 439 1.1 christos return SSL3_AD_BAD_RECORD_MAC; 440 1.1 christos case SSL_AD_DECRYPTION_FAILED: 441 1.1 christos return SSL3_AD_BAD_RECORD_MAC; 442 1.1 christos case SSL_AD_RECORD_OVERFLOW: 443 1.1 christos return SSL3_AD_BAD_RECORD_MAC; 444 1.1 christos case SSL_AD_DECOMPRESSION_FAILURE: 445 1.1 christos return SSL3_AD_DECOMPRESSION_FAILURE; 446 1.1 christos case SSL_AD_HANDSHAKE_FAILURE: 447 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 448 1.1 christos case SSL_AD_NO_CERTIFICATE: 449 1.1 christos return SSL3_AD_NO_CERTIFICATE; 450 1.1 christos case SSL_AD_BAD_CERTIFICATE: 451 1.1 christos return SSL3_AD_BAD_CERTIFICATE; 452 1.1 christos case SSL_AD_UNSUPPORTED_CERTIFICATE: 453 1.1 christos return SSL3_AD_UNSUPPORTED_CERTIFICATE; 454 1.1 christos case SSL_AD_CERTIFICATE_REVOKED: 455 1.1 christos return SSL3_AD_CERTIFICATE_REVOKED; 456 1.1 christos case SSL_AD_CERTIFICATE_EXPIRED: 457 1.1 christos return SSL3_AD_CERTIFICATE_EXPIRED; 458 1.1 christos case SSL_AD_CERTIFICATE_UNKNOWN: 459 1.1 christos return SSL3_AD_CERTIFICATE_UNKNOWN; 460 1.1 christos case SSL_AD_ILLEGAL_PARAMETER: 461 1.1 christos return SSL3_AD_ILLEGAL_PARAMETER; 462 1.1 christos case SSL_AD_UNKNOWN_CA: 463 1.1 christos return SSL3_AD_BAD_CERTIFICATE; 464 1.1 christos case SSL_AD_ACCESS_DENIED: 465 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 466 1.1 christos case SSL_AD_DECODE_ERROR: 467 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 468 1.1 christos case SSL_AD_DECRYPT_ERROR: 469 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 470 1.1 christos case SSL_AD_EXPORT_RESTRICTION: 471 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 472 1.1 christos case SSL_AD_PROTOCOL_VERSION: 473 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 474 1.1 christos case SSL_AD_INSUFFICIENT_SECURITY: 475 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 476 1.1 christos case SSL_AD_INTERNAL_ERROR: 477 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 478 1.1 christos case SSL_AD_USER_CANCELLED: 479 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 480 1.1 christos case SSL_AD_NO_RENEGOTIATION: 481 1.1.1.2 christos return -1; /* Don't send it :-) */ 482 1.1 christos case SSL_AD_UNSUPPORTED_EXTENSION: 483 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 484 1.1 christos case SSL_AD_CERTIFICATE_UNOBTAINABLE: 485 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 486 1.1 christos case SSL_AD_UNRECOGNIZED_NAME: 487 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 488 1.1 christos case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 489 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 490 1.1 christos case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: 491 1.1 christos return SSL3_AD_HANDSHAKE_FAILURE; 492 1.1 christos case SSL_AD_UNKNOWN_PSK_IDENTITY: 493 1.1 christos return TLS1_AD_UNKNOWN_PSK_IDENTITY; 494 1.1 christos case SSL_AD_INAPPROPRIATE_FALLBACK: 495 1.1 christos return TLS1_AD_INAPPROPRIATE_FALLBACK; 496 1.1 christos case SSL_AD_NO_APPLICATION_PROTOCOL: 497 1.1 christos return TLS1_AD_NO_APPLICATION_PROTOCOL; 498 1.1 christos case SSL_AD_CERTIFICATE_REQUIRED: 499 1.1 christos return SSL_AD_HANDSHAKE_FAILURE; 500 1.1 christos case TLS13_AD_MISSING_EXTENSION: 501 1.1 christos return SSL_AD_HANDSHAKE_FAILURE; 502 1.1 christos default: 503 1.1 christos return -1; 504 1.1 christos } 505 1.1 christos } 506
Indexes created Sun Mar 01 05:31:48 UTC 2026