1 /* ssl/ssl2.h */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 module deimos.openssl.ssl2; 60 61 import deimos.openssl._d_util; 62 63 import deimos.openssl.ssl; // Needed for SSL_ST_CONNECT, etc. 64 65 extern (C): 66 nothrow: 67 68 /* Protocol Version Codes */ 69 enum SSL2_VERSION = 0x0002; 70 enum SSL2_VERSION_MAJOR = 0x00; 71 enum SSL2_VERSION_MINOR = 0x02; 72 /* enum SSL2_CLIENT_VERSION = 0x0002; */ 73 /* enum SSL2_SERVER_VERSION = 0x0002; */ 74 75 /* Protocol Message Codes */ 76 enum SSL2_MT_ERROR = 0; 77 enum SSL2_MT_CLIENT_HELLO = 1; 78 enum SSL2_MT_CLIENT_MASTER_KEY = 2; 79 enum SSL2_MT_CLIENT_FINISHED = 3; 80 enum SSL2_MT_SERVER_HELLO = 4; 81 enum SSL2_MT_SERVER_VERIFY = 5; 82 enum SSL2_MT_SERVER_FINISHED = 6; 83 enum SSL2_MT_REQUEST_CERTIFICATE = 7; 84 enum SSL2_MT_CLIENT_CERTIFICATE = 8; 85 86 /* Error Message Codes */ 87 enum SSL2_PE_UNDEFINED_ERROR = 0x0000; 88 enum SSL2_PE_NO_CIPHER = 0x0001; 89 enum SSL2_PE_NO_CERTIFICATE = 0x0002; 90 enum SSL2_PE_BAD_CERTIFICATE = 0x0004; 91 enum SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE = 0x0006; 92 93 /* Cipher Kind Values */ 94 enum SSL2_CK_NULL_WITH_MD5 = 0x02000000; /* v3 */ 95 enum SSL2_CK_RC4_128_WITH_MD5 = 0x02010080; 96 enum SSL2_CK_RC4_128_EXPORT40_WITH_MD5 = 0x02020080; 97 enum SSL2_CK_RC2_128_CBC_WITH_MD5 = 0x02030080; 98 enum SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x02040080; 99 enum SSL2_CK_IDEA_128_CBC_WITH_MD5 = 0x02050080; 100 enum SSL2_CK_DES_64_CBC_WITH_MD5 = 0x02060040; 101 enum SSL2_CK_DES_64_CBC_WITH_SHA = 0x02060140; /* v3 */ 102 enum SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x020700c0; 103 enum SSL2_CK_DES_192_EDE3_CBC_WITH_SHA = 0x020701c0; /* v3 */ 104 enum SSL2_CK_RC4_64_WITH_MD5 = 0x02080080; /* MS hack */ 105 106 enum SSL2_CK_DES_64_CFB64_WITH_MD5_1 = 0x02ff0800; /* SSLeay */ 107 enum SSL2_CK_NULL = 0x02ff0810; /* SSLeay */ 108 109 enum SSL2_TXT_DES_64_CFB64_WITH_MD5_1 = "DES-CFB-M1"; 110 enum SSL2_TXT_NULL_WITH_MD5 = "NULL-MD5"; 111 enum SSL2_TXT_RC4_128_WITH_MD5 = "RC4-MD5"; 112 enum SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 = "EXP-RC4-MD5"; 113 enum SSL2_TXT_RC2_128_CBC_WITH_MD5 = "RC2-CBC-MD5"; 114 enum SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 = "EXP-RC2-CBC-MD5"; 115 enum SSL2_TXT_IDEA_128_CBC_WITH_MD5 = "IDEA-CBC-MD5"; 116 enum SSL2_TXT_DES_64_CBC_WITH_MD5 = "DES-CBC-MD5"; 117 enum SSL2_TXT_DES_64_CBC_WITH_SHA = "DES-CBC-SHA"; 118 enum SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 = "DES-CBC3-MD5"; 119 enum SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA = "DES-CBC3-SHA"; 120 enum SSL2_TXT_RC4_64_WITH_MD5 = "RC4-64-MD5"; 121 122 enum SSL2_TXT_NULL = "NULL"; 123 124 /* Flags for the SSL_CIPHER.algorithm2 field */ 125 enum SSL2_CF_5_BYTE_ENC = 0x01; 126 enum SSL2_CF_8_BYTE_ENC = 0x02; 127 128 /* Certificate Type Codes */ 129 enum SSL2_CT_X509_CERTIFICATE = 0x01; 130 131 /* Authentication Type Code */ 132 enum SSL2_AT_MD5_WITH_RSA_ENCRYPTION = 0x01; 133 134 enum SSL2_MAX_SSL_SESSION_ID_LENGTH = 32; 135 136 /* Upper/Lower Bounds */ 137 enum SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS = 256; 138 version (OPENSSL_SYS_MPE) { 139 enum SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER = 29998u; 140 } else { 141 enum SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER = 32767u; /* 2^15-1 */ 142 } 143 enum SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER = 16383; /* 2^14-1 */ 144 145 enum SSL2_CHALLENGE_LENGTH = 16; 146 /*enum SSL2_CHALLENGE_LENGTH = 32; */ 147 enum SSL2_MIN_CHALLENGE_LENGTH = 16; 148 enum SSL2_MAX_CHALLENGE_LENGTH = 32; 149 enum SSL2_CONNECTION_ID_LENGTH = 16; 150 enum SSL2_MAX_CONNECTION_ID_LENGTH = 16; 151 enum SSL2_SSL_SESSION_ID_LENGTH = 16; 152 enum SSL2_MAX_CERT_CHALLENGE_LENGTH = 32; 153 enum SSL2_MIN_CERT_CHALLENGE_LENGTH = 16; 154 enum SSL2_MAX_KEY_MATERIAL_LENGTH = 24; 155 156 // #ifndef HEADER_SSL_LOCL_H 157 alias char CERT; 158 // #endif 159 160 version(OPENSSL_NO_SSL_INTERN) {} else { 161 162 struct ssl2_state_st 163 { 164 int three_byte_header; 165 int clear_text; /* clear text */ 166 int escape; /* not used in SSLv2 */ 167 int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ 168 169 /* non-blocking io info, used to make sure the same 170 * args were passwd */ 171 uint wnum; /* number of bytes sent so far */ 172 int wpend_tot; 173 const(ubyte)* wpend_buf; 174 175 int wpend_off; /* offset to data to write */ 176 int wpend_len; /* number of bytes passwd to write */ 177 int wpend_ret; /* number of bytes to return to caller */ 178 179 /* buffer raw data */ 180 int rbuf_left; 181 int rbuf_offs; 182 ubyte* rbuf; 183 ubyte* wbuf; 184 185 ubyte* write_ptr;/* used to point to the start due to 186 * 2/3 byte header. */ 187 188 uint padding; 189 uint rlength; /* passed to ssl2_enc */ 190 int ract_data_length; /* Set when things are encrypted. */ 191 uint wlength; /* passed to ssl2_enc */ 192 int wact_data_length; /* Set when things are decrypted. */ 193 ubyte* ract_data; 194 ubyte* wact_data; 195 ubyte* mac_data; 196 197 ubyte* read_key; 198 ubyte* write_key; 199 200 /* Stuff specifically to do with this SSL session */ 201 uint challenge_length; 202 ubyte[SSL2_MAX_CHALLENGE_LENGTH] challenge; 203 uint conn_id_length; 204 ubyte[SSL2_MAX_CONNECTION_ID_LENGTH] conn_id; 205 uint key_material_length; 206 ubyte[SSL2_MAX_KEY_MATERIAL_LENGTH*2] key_material; 207 208 c_ulong read_sequence; 209 c_ulong write_sequence; 210 211 struct tmp_{ 212 uint conn_id_length; 213 uint cert_type; 214 uint cert_length; 215 uint csl; 216 uint clear; 217 uint enc; 218 ubyte[SSL2_MAX_CERT_CHALLENGE_LENGTH] ccl; 219 uint cipher_spec_length; 220 uint session_id_length; 221 uint clen; 222 uint rlen; 223 } 224 tmp_ tmp; 225 } 226 alias ssl2_state_st SSL2_STATE; 227 228 } 229 230 /* SSLv2 */ 231 /* client */ 232 enum SSL2_ST_SEND_CLIENT_HELLO_A = (0x10|SSL_ST_CONNECT); 233 enum SSL2_ST_SEND_CLIENT_HELLO_B = (0x11|SSL_ST_CONNECT); 234 enum SSL2_ST_GET_SERVER_HELLO_A = (0x20|SSL_ST_CONNECT); 235 enum SSL2_ST_GET_SERVER_HELLO_B = (0x21|SSL_ST_CONNECT); 236 enum SSL2_ST_SEND_CLIENT_MASTER_KEY_A = (0x30|SSL_ST_CONNECT); 237 enum SSL2_ST_SEND_CLIENT_MASTER_KEY_B = (0x31|SSL_ST_CONNECT); 238 enum SSL2_ST_SEND_CLIENT_FINISHED_A = (0x40|SSL_ST_CONNECT); 239 enum SSL2_ST_SEND_CLIENT_FINISHED_B = (0x41|SSL_ST_CONNECT); 240 enum SSL2_ST_SEND_CLIENT_CERTIFICATE_A = (0x50|SSL_ST_CONNECT); 241 enum SSL2_ST_SEND_CLIENT_CERTIFICATE_B = (0x51|SSL_ST_CONNECT); 242 enum SSL2_ST_SEND_CLIENT_CERTIFICATE_C = (0x52|SSL_ST_CONNECT); 243 enum SSL2_ST_SEND_CLIENT_CERTIFICATE_D = (0x53|SSL_ST_CONNECT); 244 enum SSL2_ST_GET_SERVER_VERIFY_A = (0x60|SSL_ST_CONNECT); 245 enum SSL2_ST_GET_SERVER_VERIFY_B = (0x61|SSL_ST_CONNECT); 246 enum SSL2_ST_GET_SERVER_FINISHED_A = (0x70|SSL_ST_CONNECT); 247 enum SSL2_ST_GET_SERVER_FINISHED_B = (0x71|SSL_ST_CONNECT); 248 enum SSL2_ST_CLIENT_START_ENCRYPTION = (0x80|SSL_ST_CONNECT); 249 enum SSL2_ST_X509_GET_CLIENT_CERTIFICATE = (0x90|SSL_ST_CONNECT); 250 /* server */ 251 enum SSL2_ST_GET_CLIENT_HELLO_A = (0x10|SSL_ST_ACCEPT); 252 enum SSL2_ST_GET_CLIENT_HELLO_B = (0x11|SSL_ST_ACCEPT); 253 enum SSL2_ST_GET_CLIENT_HELLO_C = (0x12|SSL_ST_ACCEPT); 254 enum SSL2_ST_SEND_SERVER_HELLO_A = (0x20|SSL_ST_ACCEPT); 255 enum SSL2_ST_SEND_SERVER_HELLO_B = (0x21|SSL_ST_ACCEPT); 256 enum SSL2_ST_GET_CLIENT_MASTER_KEY_A = (0x30|SSL_ST_ACCEPT); 257 enum SSL2_ST_GET_CLIENT_MASTER_KEY_B = (0x31|SSL_ST_ACCEPT); 258 enum SSL2_ST_SEND_SERVER_VERIFY_A = (0x40|SSL_ST_ACCEPT); 259 enum SSL2_ST_SEND_SERVER_VERIFY_B = (0x41|SSL_ST_ACCEPT); 260 enum SSL2_ST_SEND_SERVER_VERIFY_C = (0x42|SSL_ST_ACCEPT); 261 enum SSL2_ST_GET_CLIENT_FINISHED_A = (0x50|SSL_ST_ACCEPT); 262 enum SSL2_ST_GET_CLIENT_FINISHED_B = (0x51|SSL_ST_ACCEPT); 263 enum SSL2_ST_SEND_SERVER_FINISHED_A = (0x60|SSL_ST_ACCEPT); 264 enum SSL2_ST_SEND_SERVER_FINISHED_B = (0x61|SSL_ST_ACCEPT); 265 enum SSL2_ST_SEND_REQUEST_CERTIFICATE_A = (0x70|SSL_ST_ACCEPT); 266 enum SSL2_ST_SEND_REQUEST_CERTIFICATE_B = (0x71|SSL_ST_ACCEPT); 267 enum SSL2_ST_SEND_REQUEST_CERTIFICATE_C = (0x72|SSL_ST_ACCEPT); 268 enum SSL2_ST_SEND_REQUEST_CERTIFICATE_D = (0x73|SSL_ST_ACCEPT); 269 enum SSL2_ST_SERVER_START_ENCRYPTION = (0x80|SSL_ST_ACCEPT); 270 enum SSL2_ST_X509_GET_SERVER_CERTIFICATE = (0x90|SSL_ST_ACCEPT);