diff options
author | Bodo Möller <bodo@openssl.org> | 2007-09-21 06:54:24 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2007-09-21 06:54:24 +0000 |
commit | 761772d7e19145fa9afb2a0c830ead69a33f3fa5 (patch) | |
tree | f6fbfed11e54a5286025bf235889cca1cb87d503 /ssl/ssl_locl.h | |
parent | 54ef01b54bd64fdf5820d3860f4c458a9c2fa4f0 (diff) |
Implement the Opaque PRF Input TLS extension
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and
bugfixes on the way. In particular, this fixes the buffer bounds
checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext().
Note that the opaque PRF Input TLS extension is not compiled by default;
see CHANGES.
Diffstat (limited to 'ssl/ssl_locl.h')
-rw-r--r-- | ssl/ssl_locl.h | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 2f8f0f837d..50a8acc015 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -330,24 +330,30 @@ #define SSL_SSLV3 0x00000002L #define SSL_TLSV1 SSL_SSLV3 /* for now */ -/* Bits for algorithm2 (handshake digests) */ + +/* Bits for algorithm2 (handshake digests and other extra flags) */ #define SSL_HANDSHAKE_MAC_MD5 0x10 #define SSL_HANDSHAKE_MAC_SHA 0x20 #define SSL_HANDSHAKE_MAC_GOST94 0x40 #define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA) - /* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX * make sure to update this constant too */ #define SSL_MAX_DIGEST 4 - #define TLS1_PRF_DGST_SHIFT 8 #define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT) #define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT) #define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT) #define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1) + +/* Stream MAC for GOST ciphersuites from cryptopro draft + * (currently this also goes into algorithm2) */ +#define TLS1_STREAM_MAC 0x04 + + + /* * Export and cipher strength information. For each cipher we have to decide * whether it is exportable or not. This information is likely to change |