kris
/
boringssl
1
0
Forkuj 0
Kod Zgłoszenia 0 Oczekujące zmiany 0 Wydania 0 Wiki Aktywność
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.
1408 Commity
12 Gałęzie
38 MiB
 
 
 
 
 
 
Drzewo: 5f387e38fc
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '5f387e38fc'
${ noResults }
boringssl/ssl/s3_enc.c

526 wiersze
17 KiB
Czysty Wina Historia 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *g

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *g

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *g

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) fromg

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *g

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *g

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.]

  56.  */

  57. /* ====================================================================

  58.  * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.

  59.  *

  60.  * Redistribution and use in source and binary forms, with or without

  61.  * modification, are permitted provided that the following conditions

  62.  * are met:

  63.  *

  64.  * 1. Redistributions of source code must retain the above copyright

  65.  *    notice, this list of conditions and the following disclaimer.g

  66.  *

  67.  * 2. Redistributions in binary form must reproduce the above copyright

  68.  *    notice, this list of conditions and the following disclaimer in

  69.  *    the documentation and/or other materials provided with the

  70.  *    distribution.

  71.  *

  72.  * 3. All advertising materials mentioning features or use of this

  73.  *    software must display the following acknowledgment:

  74.  *    "This product includes software developed by the OpenSSL Project

  75.  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

  76.  *

  77.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  78.  *    endorse or promote products derived from this software without

  79.  *    prior written permission. For written permission, please contact

  80.  *    openssl-core@openssl.org.

  81.  *

  82.  * 5. Products derived from this software may not be called "OpenSSL"

  83.  *    nor may "OpenSSL" appear in their names without prior written

  84.  *    permission of the OpenSSL Project.

  85.  *

  86.  * 6. Redistributions of any form whatsoever must retain the following

  87.  *    acknowledgment:

  88.  *    "This product includes software developed by the OpenSSL Project

  89.  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

  90.  *

  91.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  92.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  93.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  94.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  95.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  96.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  97.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  98.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  99.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  100.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  101.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  102.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  103.  * ====================================================================

  104.  *

  105.  * This product includes cryptographic software written by Eric Young

  106.  * (eay@cryptsoft.com).  This product includes software written by Tim

  107.  * Hudson (tjh@cryptsoft.com).

  108.  *

  109.  */

  110. /* ====================================================================

  111.  * Copyright 2005 Nokia. All rights reserved.

  112.  *

  113.  * The portions of the attached software ("Contribution") is developed by

  114.  * Nokia Corporation and is licensed pursuant to the OpenSSL open source

  115.  * license.

  116.  *

  117.  * The Contribution, originally written by Mika Kousa and Pasi Eronen of

  118.  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites

  119.  * support (see RFC 4279) to OpenSSL.

  120.  *

  121.  * No patent licenses or other rights except those expressly stated in

  122.  * the OpenSSL open source license shall be deemed granted or received

  123.  * expressly, by implication, estoppel, or otherwise.

  124.  *

  125.  * No assurances are provided by Nokia that the Contribution does not

  126.  * infringe the patent or other intellectual property rights of any third

  127.  * party or that the license provides you with all the necessary rights

  128.  * to make use of the Contribution.

  129.  *

  130.  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN

  131.  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA

  132.  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY

  133.  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR

  134.  * OTHERWISE. */

  135. 

  136. #include <assert.h>

  137. #include <stdio.h>

  138. #include <string.h>

  139. 

  140. #include <openssl/err.h>

  141. #include <openssl/evp.h>

  142. #include <openssl/mem.h>

  143. #include <openssl/md5.h>

  144. #include <openssl/obj.h>

  145. 

  146. #include "internal.h"

  147. 

  148. 

  149. static const uint8_t ssl3_pad_1[48] = {

  150.     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,

  151.     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,

  152.     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,

  153.     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,

  154. };

  155. 

  156. static const uint8_t ssl3_pad_2[48] = {

  157.     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,

  158.     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,

  159.     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,

  160.     0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,

  161. };

  162. 

  163. static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len,

  164.                               uint8_t *p);

  165. 

  166. int ssl3_prf(SSL *s, uint8_t *out, size_t out_len, const uint8_t *secret,

  167.              size_t secret_len, const char *label, size_t label_len,

  168.              const uint8_t *seed1, size_t seed1_len,

  169.              const uint8_t *seed2, size_t seed2_len) {

  170.   EVP_MD_CTX md5;

  171.   EVP_MD_CTX sha1;

  172.   uint8_t buf[16], smd[SHA_DIGEST_LENGTH];

  173.   uint8_t c = 'A';

  174.   size_t i, j, k;

  175. 

  176.   k = 0;

  177.   EVP_MD_CTX_init(&md5);

  178.   EVP_MD_CTX_init(&sha1);

  179.   for (i = 0; i < out_len; i += MD5_DIGEST_LENGTH) {

  180.     k++;

  181.     if (k > sizeof(buf)) {

  182.       /* bug: 'buf' is too small for this ciphersuite */

  183.       OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_R_INTERNAL_ERROR);

  184.       return 0;

  185.     }

  186. 

  187.     for (j = 0; j < k; j++) {

  188.       buf[j] = c;

  189.     }

  190.     c++;

  191.     if (!EVP_DigestInit_ex(&sha1, EVP_sha1(), NULL)) {

  192.       OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_LIB_EVP);

  193.       return 0;

  194.     }

  195.     EVP_DigestUpdate(&sha1, buf, k);

  196.     EVP_DigestUpdate(&sha1, secret, secret_len);

  197.     /* |label| is ignored for SSLv3. */

  198.     if (seed1_len) {

  199.       EVP_DigestUpdate(&sha1, seed1, seed1_len);

  200.     }

  201.     if (seed2_len) {

  202.       EVP_DigestUpdate(&sha1, seed2, seed2_len);

  203.     }

  204.     EVP_DigestFinal_ex(&sha1, smd, NULL);

  205. 

  206.     if (!EVP_DigestInit_ex(&md5, EVP_md5(), NULL)) {

  207.       OPENSSL_PUT_ERROR(SSL, ssl3_prf, ERR_LIB_EVP);

  208.       return 0;

  209.     }

  210.     EVP_DigestUpdate(&md5, secret, secret_len);

  211.     EVP_DigestUpdate(&md5, smd, SHA_DIGEST_LENGTH);

  212.     if (i + MD5_DIGEST_LENGTH > out_len) {

  213.       EVP_DigestFinal_ex(&md5, smd, NULL);

  214.       memcpy(out, smd, out_len - i);

  215.     } else {

  216.       EVP_DigestFinal_ex(&md5, out, NULL);

  217.     }

  218. 

  219.     out += MD5_DIGEST_LENGTH;

  220.   }

  221. 

  222.   OPENSSL_cleanse(smd, SHA_DIGEST_LENGTH);

  223.   EVP_MD_CTX_cleanup(&md5);

  224.   EVP_MD_CTX_cleanup(&sha1);

  225. 

  226.   return 1;

  227. }

  228. 

  229. void ssl3_cleanup_key_block(SSL *s) {

  230.   if (s->s3->tmp.key_block != NULL) {

  231.     OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length);

  232.     OPENSSL_free(s->s3->tmp.key_block);

  233.     s->s3->tmp.key_block = NULL;

  234.   }

  235.   s->s3->tmp.key_block_length = 0;

  236. }

  237. 

  238. int ssl3_init_finished_mac(SSL *s) {

  239.   BIO_free(s->s3->handshake_buffer);

  240.   ssl3_free_digest_list(s);

  241.   s->s3->handshake_buffer = BIO_new(BIO_s_mem());

  242.   if (s->s3->handshake_buffer == NULL) {

  243.     return 0;

  244.   }

  245.   BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);

  246. 

  247.   return 1;

  248. }

  249. 

  250. void ssl3_free_digest_list(SSL *s) {

  251.   int i;

  252.   if (!s->s3->handshake_dgst) {

  253.     return;

  254.   }

  255.   for (i = 0; i < SSL_MAX_DIGEST; i++) {

  256.     if (s->s3->handshake_dgst[i]) {

  257.       EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);

  258.     }

  259.   }

  260.   OPENSSL_free(s->s3->handshake_dgst);

  261.   s->s3->handshake_dgst = NULL;

  262. }

  263. 

  264. int ssl3_finish_mac(SSL *s, const uint8_t *buf, int len) {

  265.   int i;

  266. 

  267.   if (s->s3->handshake_buffer) {

  268.     return BIO_write(s->s3->handshake_buffer, (void *)buf, len) >= 0;

  269.   }

  270. 

  271.   for (i = 0; i < SSL_MAX_DIGEST; i++) {

  272.     if (s->s3->handshake_dgst[i] != NULL) {

  273.       EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len);

  274.     }

  275.   }

  276.   return 1;

  277. }

  278. 

  279. int ssl3_digest_cached_records(

  280.     SSL *s, enum should_free_handshake_buffer_t should_free_handshake_buffer) {

  281.   int i;

  282.   uint32_t mask;

  283.   const EVP_MD *md;

  284.   const uint8_t *hdata;

  285.   size_t hdatalen;

  286. 

  287.   /* Allocate handshake_dgst array */

  288.   ssl3_free_digest_list(s);

  289.   s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));

  290.   if (s->s3->handshake_dgst == NULL) {

  291.     OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_R_MALLOC_FAILURE);

  292.     return 0;

  293.   }

  294. 

  295.   memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));

  296.   if (!BIO_mem_contents(s->s3->handshake_buffer, &hdata, &hdatalen)) {

  297.     OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records,

  298.                       SSL_R_BAD_HANDSHAKE_LENGTH);

  299.     return 0;

  300.   }

  301. 

  302.   /* Loop through bits of algorithm2 field and create MD_CTX-es */

  303.   for (i = 0; ssl_get_handshake_digest(&mask, &md, i); i++) {

  304.     if ((mask & ssl_get_algorithm2(s)) && md) {

  305.       s->s3->handshake_dgst[i] = EVP_MD_CTX_create();

  306.       if (s->s3->handshake_dgst[i] == NULL) {

  307.         OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_LIB_EVP);

  308.         return 0;

  309.       }

  310.       if (!EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL)) {

  311.         EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);

  312.         s->s3->handshake_dgst[i] = NULL;

  313.         OPENSSL_PUT_ERROR(SSL, ssl3_digest_cached_records, ERR_LIB_EVP);

  314.         return 0;

  315.       }

  316.       EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, hdatalen);

  317.     } else {

  318.       s->s3->handshake_dgst[i] = NULL;

  319.     }

  320.   }

  321. 

  322.   if (should_free_handshake_buffer == free_handshake_buffer) {

  323.     /* Free handshake_buffer BIO */

  324.     BIO_free(s->s3->handshake_buffer);

  325.     s->s3->handshake_buffer = NULL;

  326.   }

  327. 

  328.   return 1;

  329. }

  330. 

  331. int ssl3_cert_verify_mac(SSL *s, int md_nid, uint8_t *p) {

  332.   return ssl3_handshake_mac(s, md_nid, NULL, 0, p);

  333. }

  334. 

  335. int ssl3_final_finish_mac(SSL *s, const char *sender, int len, uint8_t *p) {

  336.   int ret, sha1len;

  337.   ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);

  338.   if (ret == 0) {

  339.     return 0;

  340.   }

  341. 

  342.   p += ret;

  343. 

  344.   sha1len = ssl3_handshake_mac(s, NID_sha1, sender, len, p);

  345.   if (sha1len == 0) {

  346.     return 0;

  347.   }

  348. 

  349.   ret += sha1len;

  350.   return ret;

  351. }

  352. 

  353. static int ssl3_handshake_mac(SSL *s, int md_nid, const char *sender, int len,

  354.                               uint8_t *p) {

  355.   unsigned int ret;

  356.   int npad, n;

  357.   unsigned int i;

  358.   uint8_t md_buf[EVP_MAX_MD_SIZE];

  359.   EVP_MD_CTX ctx, *d = NULL;

  360. 

  361.   if (s->s3->handshake_buffer &&

  362.       !ssl3_digest_cached_records(s, free_handshake_buffer)) {

  363.     return 0;

  364.   }

  365. 

  366.   /* Search for digest of specified type in the handshake_dgst array. */

  367.   for (i = 0; i < SSL_MAX_DIGEST; i++) {

  368.     if (s->s3->handshake_dgst[i] &&

  369.         EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {

  370.       d = s->s3->handshake_dgst[i];

  371.       break;

  372.     }

  373.   }

  374. 

  375.   if (!d) {

  376.     OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, SSL_R_NO_REQUIRED_DIGEST);

  377.     return 0;

  378.   }

  379. 

  380.   EVP_MD_CTX_init(&ctx);

  381.   if (!EVP_MD_CTX_copy_ex(&ctx, d)) {

  382.     EVP_MD_CTX_cleanup(&ctx);

  383.     OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP);

  384.     return 0;

  385.   }

  386. 

  387.   n = EVP_MD_CTX_size(&ctx);

  388.   if (n < 0) {

  389.     return 0;

  390.   }

  391. 

  392.   npad = (48 / n) * n;

  393.   if (sender != NULL) {

  394.     EVP_DigestUpdate(&ctx, sender, len);

  395.   }

  396.   EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);

  397.   EVP_DigestUpdate(&ctx, ssl3_pad_1, npad);

  398.   EVP_DigestFinal_ex(&ctx, md_buf, &i);

  399. 

  400.   if (!EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL)) {

  401.     EVP_MD_CTX_cleanup(&ctx);

  402.     OPENSSL_PUT_ERROR(SSL, ssl3_handshake_mac, ERR_LIB_EVP);

  403.     return 0;

  404.   }

  405.   EVP_DigestUpdate(&ctx, s->session->master_key, s->session->master_key_length);

  406.   EVP_DigestUpdate(&ctx, ssl3_pad_2, npad);

  407.   EVP_DigestUpdate(&ctx, md_buf, i);

  408.   EVP_DigestFinal_ex(&ctx, p, &ret);

  409. 

  410.   EVP_MD_CTX_cleanup(&ctx);

  411. 

  412.   return ret;

  413. }

  414. 

  415. int ssl3_record_sequence_update(uint8_t *seq, size_t seq_len) {

  416.   size_t i;

  417.   for (i = seq_len - 1; i < seq_len; i--) {

  418.     ++seq[i];

  419.     if (seq[i] != 0) {

  420.       return 1;

  421.     }

  422.   }

  423.   OPENSSL_PUT_ERROR(SSL, ssl3_record_sequence_update, ERR_R_OVERFLOW);

  424.   return 0;

  425. }

  426. 

  427. int ssl3_alert_code(int code) {

  428.   switch (code) {

  429.     case SSL_AD_CLOSE_NOTIFY:

  430.       return SSL3_AD_CLOSE_NOTIFY;

  431. 

  432.     case SSL_AD_UNEXPECTED_MESSAGE:

  433.       return SSL3_AD_UNEXPECTED_MESSAGE;

  434. 

  435.     case SSL_AD_BAD_RECORD_MAC:

  436.       return SSL3_AD_BAD_RECORD_MAC;

  437. 

  438.     case SSL_AD_DECRYPTION_FAILED:

  439.       return SSL3_AD_BAD_RECORD_MAC;

  440. 

  441.     case SSL_AD_RECORD_OVERFLOW:

  442.       return SSL3_AD_BAD_RECORD_MAC;

  443. 

  444.     case SSL_AD_DECOMPRESSION_FAILURE:

  445.       return SSL3_AD_DECOMPRESSION_FAILURE;

  446. 

  447.     case SSL_AD_HANDSHAKE_FAILURE:

  448.       return SSL3_AD_HANDSHAKE_FAILURE;

  449. 

  450.     case SSL_AD_NO_CERTIFICATE:

  451.       return SSL3_AD_NO_CERTIFICATE;

  452. 

  453.     case SSL_AD_BAD_CERTIFICATE:

  454.       return SSL3_AD_BAD_CERTIFICATE;

  455. 

  456.     case SSL_AD_UNSUPPORTED_CERTIFICATE:

  457.       return SSL3_AD_UNSUPPORTED_CERTIFICATE;

  458. 

  459.     case SSL_AD_CERTIFICATE_REVOKED:

  460.       return SSL3_AD_CERTIFICATE_REVOKED;

  461. 

  462.     case SSL_AD_CERTIFICATE_EXPIRED:

  463.       return SSL3_AD_CERTIFICATE_EXPIRED;

  464. 

  465.     case SSL_AD_CERTIFICATE_UNKNOWN:

  466.       return SSL3_AD_CERTIFICATE_UNKNOWN;

  467. 

  468.     case SSL_AD_ILLEGAL_PARAMETER:

  469.       return SSL3_AD_ILLEGAL_PARAMETER;

  470. 

  471.     case SSL_AD_UNKNOWN_CA:

  472.       return SSL3_AD_BAD_CERTIFICATE;

  473. 

  474.     case SSL_AD_ACCESS_DENIED:

  475.       return SSL3_AD_HANDSHAKE_FAILURE;

  476. 

  477.     case SSL_AD_DECODE_ERROR:

  478.       return SSL3_AD_HANDSHAKE_FAILURE;

  479. 

  480.     case SSL_AD_DECRYPT_ERROR:

  481.       return SSL3_AD_HANDSHAKE_FAILURE;

  482. 

  483.     case SSL_AD_EXPORT_RESTRICTION:

  484.       return SSL3_AD_HANDSHAKE_FAILURE;

  485. 

  486.     case SSL_AD_PROTOCOL_VERSION:

  487.       return SSL3_AD_HANDSHAKE_FAILURE;

  488. 

  489.     case SSL_AD_INSUFFICIENT_SECURITY:

  490.       return SSL3_AD_HANDSHAKE_FAILURE;

  491. 

  492.     case SSL_AD_INTERNAL_ERROR:

  493.       return SSL3_AD_HANDSHAKE_FAILURE;

  494. 

  495.     case SSL_AD_USER_CANCELLED:

  496.       return SSL3_AD_HANDSHAKE_FAILURE;

  497. 

  498.     case SSL_AD_NO_RENEGOTIATION:

  499.       return -1; /* Don't send it. */

  500. 

  501.     case SSL_AD_UNSUPPORTED_EXTENSION:

  502.       return SSL3_AD_HANDSHAKE_FAILURE;

  503. 

  504.     case SSL_AD_CERTIFICATE_UNOBTAINABLE:

  505.       return SSL3_AD_HANDSHAKE_FAILURE;

  506. 

  507.     case SSL_AD_UNRECOGNIZED_NAME:

  508.       return SSL3_AD_HANDSHAKE_FAILURE;

  509. 

  510.     case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:

  511.       return SSL3_AD_HANDSHAKE_FAILURE;

  512. 

  513.     case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:

  514.       return SSL3_AD_HANDSHAKE_FAILURE;

  515. 

  516.     case SSL_AD_UNKNOWN_PSK_IDENTITY:

  517.       return TLS1_AD_UNKNOWN_PSK_IDENTITY;

  518. 

  519.     case SSL_AD_INAPPROPRIATE_FALLBACK:

  520.       return SSL3_AD_INAPPROPRIATE_FALLBACK;

  521. 

  522.     default:

  523.       return -1;

  524.   }

  525. }