2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2005 Nokia. All rights reserved.
114 * The portions of the attached software ("Contribution") is developed by
115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120 * support (see RFC 4279) to OpenSSL.
122 * No patent licenses or other rights except those expressly stated in
123 * the OpenSSL open source license shall be deemed granted or received
124 * expressly, by implication, estoppel, or otherwise.
126 * No assurances are provided by Nokia that the Contribution does not
127 * infringe the patent or other intellectual property rights of any third
128 * party or that the license provides you with all the necessary rights
129 * to make use of the Contribution.
131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139 #include "ssl_locl.h"
140 #include <openssl/evp.h>
141 #include <openssl/md5.h>
143 static int ssl3_generate_key_block(SSL
*s
, unsigned char *km
, int num
)
147 unsigned char buf
[16], smd
[SHA_DIGEST_LENGTH
];
148 unsigned char c
= 'A';
149 unsigned int i
, j
, k
;
152 #ifdef CHARSET_EBCDIC
153 c
= os_toascii
[c
]; /* 'A' in ASCII */
156 m5
= EVP_MD_CTX_new();
157 s1
= EVP_MD_CTX_new();
158 if (m5
== NULL
|| s1
== NULL
) {
159 SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK
, ERR_R_MALLOC_FAILURE
);
162 EVP_MD_CTX_set_flags(m5
, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
);
163 for (i
= 0; (int)i
< num
; i
+= MD5_DIGEST_LENGTH
) {
165 if (k
> sizeof buf
) {
166 /* bug: 'buf' is too small for this ciphersuite */
167 SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK
, ERR_R_INTERNAL_ERROR
);
171 for (j
= 0; j
< k
; j
++)
174 EVP_DigestInit_ex(s1
, EVP_sha1(), NULL
);
175 EVP_DigestUpdate(s1
, buf
, k
);
176 EVP_DigestUpdate(s1
, s
->session
->master_key
,
177 s
->session
->master_key_length
);
178 EVP_DigestUpdate(s1
, s
->s3
->server_random
, SSL3_RANDOM_SIZE
);
179 EVP_DigestUpdate(s1
, s
->s3
->client_random
, SSL3_RANDOM_SIZE
);
180 EVP_DigestFinal_ex(s1
, smd
, NULL
);
182 EVP_DigestInit_ex(m5
, EVP_md5(), NULL
);
183 EVP_DigestUpdate(m5
, s
->session
->master_key
,
184 s
->session
->master_key_length
);
185 EVP_DigestUpdate(m5
, smd
, SHA_DIGEST_LENGTH
);
186 if ((int)(i
+ MD5_DIGEST_LENGTH
) > num
) {
187 EVP_DigestFinal_ex(m5
, smd
, NULL
);
188 memcpy(km
, smd
, (num
- i
));
190 EVP_DigestFinal_ex(m5
, km
, NULL
);
192 km
+= MD5_DIGEST_LENGTH
;
194 OPENSSL_cleanse(smd
, sizeof(smd
));
202 int ssl3_change_cipher_state(SSL
*s
, int which
)
204 unsigned char *p
, *mac_secret
;
205 unsigned char exp_key
[EVP_MAX_KEY_LENGTH
];
206 unsigned char exp_iv
[EVP_MAX_IV_LENGTH
];
207 unsigned char *ms
, *key
, *iv
;
210 #ifndef OPENSSL_NO_COMP
217 c
= s
->s3
->tmp
.new_sym_enc
;
218 m
= s
->s3
->tmp
.new_hash
;
219 /* m == NULL will lead to a crash later */
221 #ifndef OPENSSL_NO_COMP
222 if (s
->s3
->tmp
.new_compression
== NULL
)
225 comp
= s
->s3
->tmp
.new_compression
->method
;
228 if (which
& SSL3_CC_READ
) {
229 if (s
->enc_read_ctx
!= NULL
)
231 else if ((s
->enc_read_ctx
=
232 OPENSSL_malloc(sizeof(*s
->enc_read_ctx
))) == NULL
)
236 * make sure it's intialized in case we exit later with an error
238 EVP_CIPHER_CTX_init(s
->enc_read_ctx
);
239 dd
= s
->enc_read_ctx
;
241 if (ssl_replace_hash(&s
->read_hash
, m
) == NULL
) {
242 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
, ERR_R_INTERNAL_ERROR
);
245 #ifndef OPENSSL_NO_COMP
247 COMP_CTX_free(s
->expand
);
250 s
->expand
= COMP_CTX_new(comp
);
251 if (s
->expand
== NULL
) {
252 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
,
253 SSL_R_COMPRESSION_LIBRARY_ERROR
);
256 if (!RECORD_LAYER_setup_comp_buffer(&s
->rlayer
))
260 RECORD_LAYER_reset_read_sequence(&s
->rlayer
);
261 mac_secret
= &(s
->s3
->read_mac_secret
[0]);
263 if (s
->enc_write_ctx
!= NULL
)
265 else if ((s
->enc_write_ctx
=
266 OPENSSL_malloc(sizeof(*s
->enc_write_ctx
))) == NULL
)
270 * make sure it's intialized in case we exit later with an error
272 EVP_CIPHER_CTX_init(s
->enc_write_ctx
);
273 dd
= s
->enc_write_ctx
;
274 if (ssl_replace_hash(&s
->write_hash
, m
) == NULL
) {
275 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
, ERR_R_INTERNAL_ERROR
);
278 #ifndef OPENSSL_NO_COMP
280 COMP_CTX_free(s
->compress
);
283 s
->compress
= COMP_CTX_new(comp
);
284 if (s
->compress
== NULL
) {
285 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
,
286 SSL_R_COMPRESSION_LIBRARY_ERROR
);
291 RECORD_LAYER_reset_write_sequence(&s
->rlayer
);
292 mac_secret
= &(s
->s3
->write_mac_secret
[0]);
296 EVP_CIPHER_CTX_cleanup(dd
);
298 p
= s
->s3
->tmp
.key_block
;
302 cl
= EVP_CIPHER_key_length(c
);
304 k
= EVP_CIPHER_iv_length(c
);
305 if ((which
== SSL3_CHANGE_CIPHER_CLIENT_WRITE
) ||
306 (which
== SSL3_CHANGE_CIPHER_SERVER_READ
)) {
323 if (n
> s
->s3
->tmp
.key_block_length
) {
324 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
, ERR_R_INTERNAL_ERROR
);
328 memcpy(mac_secret
, ms
, i
);
330 EVP_CipherInit_ex(dd
, c
, NULL
, key
, iv
, (which
& SSL3_CC_WRITE
));
332 #ifdef OPENSSL_SSL_TRACE_CRYPTO
333 if (s
->msg_callback
) {
335 int wh
= which
& SSL3_CC_WRITE
?
336 TLS1_RT_CRYPTO_WRITE
: TLS1_RT_CRYPTO_READ
;
337 s
->msg_callback(2, s
->version
, wh
| TLS1_RT_CRYPTO_MAC
,
338 mac_secret
, EVP_MD_size(m
), s
, s
->msg_callback_arg
);
340 s
->msg_callback(2, s
->version
, wh
| TLS1_RT_CRYPTO_KEY
,
341 key
, c
->key_len
, s
, s
->msg_callback_arg
);
343 s
->msg_callback(2, s
->version
, wh
| TLS1_RT_CRYPTO_IV
,
344 iv
, k
, s
, s
->msg_callback_arg
);
349 OPENSSL_cleanse(exp_key
, sizeof(exp_key
));
350 OPENSSL_cleanse(exp_iv
, sizeof(exp_iv
));
353 SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE
, ERR_R_MALLOC_FAILURE
);
355 OPENSSL_cleanse(exp_key
, sizeof(exp_key
));
356 OPENSSL_cleanse(exp_iv
, sizeof(exp_iv
));
360 int ssl3_setup_key_block(SSL
*s
)
369 if (s
->s3
->tmp
.key_block_length
!= 0)
372 if (!ssl_cipher_get_evp(s
->session
, &c
, &hash
, NULL
, NULL
, &comp
, 0)) {
373 SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK
, SSL_R_CIPHER_OR_HASH_UNAVAILABLE
);
377 s
->s3
->tmp
.new_sym_enc
= c
;
378 s
->s3
->tmp
.new_hash
= hash
;
379 #ifdef OPENSSL_NO_COMP
380 s
->s3
->tmp
.new_compression
= NULL
;
382 s
->s3
->tmp
.new_compression
= comp
;
385 num
= EVP_MD_size(hash
);
389 num
= EVP_CIPHER_key_length(c
) + num
+ EVP_CIPHER_iv_length(c
);
392 ssl3_cleanup_key_block(s
);
394 if ((p
= OPENSSL_malloc(num
)) == NULL
)
397 s
->s3
->tmp
.key_block_length
= num
;
398 s
->s3
->tmp
.key_block
= p
;
400 ret
= ssl3_generate_key_block(s
, p
, num
);
402 if (!(s
->options
& SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
)) {
404 * enable vulnerability countermeasure for CBC ciphers with known-IV
405 * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
407 s
->s3
->need_empty_fragments
= 1;
409 if (s
->session
->cipher
!= NULL
) {
410 if (s
->session
->cipher
->algorithm_enc
== SSL_eNULL
)
411 s
->s3
->need_empty_fragments
= 0;
413 #ifndef OPENSSL_NO_RC4
414 if (s
->session
->cipher
->algorithm_enc
== SSL_RC4
)
415 s
->s3
->need_empty_fragments
= 0;
423 SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK
, ERR_R_MALLOC_FAILURE
);
427 void ssl3_cleanup_key_block(SSL
*s
)
429 OPENSSL_clear_free(s
->s3
->tmp
.key_block
, s
->s3
->tmp
.key_block_length
);
430 s
->s3
->tmp
.key_block
= NULL
;
431 s
->s3
->tmp
.key_block_length
= 0;
434 void ssl3_init_finished_mac(SSL
*s
)
436 ssl3_free_digest_list(s
);
437 s
->s3
->handshake_buffer
= BIO_new(BIO_s_mem());
438 (void)BIO_set_close(s
->s3
->handshake_buffer
, BIO_CLOSE
);
442 * Free digest list. Also frees handshake buffer since they are always freed
446 void ssl3_free_digest_list(SSL
*s
)
448 BIO_free(s
->s3
->handshake_buffer
);
449 s
->s3
->handshake_buffer
= NULL
;
450 EVP_MD_CTX_free(s
->s3
->handshake_dgst
);
451 s
->s3
->handshake_dgst
= NULL
;
454 void ssl3_finish_mac(SSL
*s
, const unsigned char *buf
, int len
)
456 if (s
->s3
->handshake_dgst
== NULL
)
457 BIO_write(s
->s3
->handshake_buffer
, (void *)buf
, len
);
459 EVP_DigestUpdate(s
->s3
->handshake_dgst
, buf
, len
);
462 int ssl3_digest_cached_records(SSL
*s
, int keep
)
468 if (s
->s3
->handshake_dgst
== NULL
) {
469 hdatalen
= BIO_get_mem_data(s
->s3
->handshake_buffer
, &hdata
);
471 SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS
, SSL_R_BAD_HANDSHAKE_LENGTH
);
475 s
->s3
->handshake_dgst
= EVP_MD_CTX_new();
476 if (s
->s3
->handshake_dgst
== NULL
) {
477 SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS
, ERR_R_MALLOC_FAILURE
);
481 md
= ssl_handshake_md(s
);
483 SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS
, ERR_R_INTERNAL_ERROR
);
487 EVP_DigestInit_ex(s
->s3
->handshake_dgst
, md
, NULL
);
488 EVP_DigestUpdate(s
->s3
->handshake_dgst
, hdata
, hdatalen
);
492 BIO_free(s
->s3
->handshake_buffer
);
493 s
->s3
->handshake_buffer
= NULL
;
499 int ssl3_final_finish_mac(SSL
*s
, const char *sender
, int len
, unsigned char *p
)
502 EVP_MD_CTX
*ctx
= NULL
;
504 if (!ssl3_digest_cached_records(s
, 0))
507 if (EVP_MD_CTX_type(s
->s3
->handshake_dgst
) != NID_md5_sha1
) {
508 SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC
, SSL_R_NO_REQUIRED_DIGEST
);
512 ctx
= EVP_MD_CTX_new();
514 SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC
, ERR_R_MALLOC_FAILURE
);
517 EVP_MD_CTX_copy_ex(ctx
, s
->s3
->handshake_dgst
);
519 ret
= EVP_MD_CTX_size(ctx
);
521 EVP_MD_CTX_reset(ctx
);
525 if ((sender
!= NULL
&& EVP_DigestUpdate(ctx
, sender
, len
) <= 0)
526 || EVP_MD_CTX_ctrl(ctx
, EVP_CTRL_SSL3_MASTER_SECRET
,
527 s
->session
->master_key_length
,
528 s
->session
->master_key
) <= 0
529 || EVP_DigestFinal_ex(ctx
, p
, NULL
) <= 0) {
530 SSLerr(SSL_F_SSL3_FINAL_FINISH_MAC
, ERR_R_INTERNAL_ERROR
);
534 EVP_MD_CTX_free(ctx
);
539 int ssl3_generate_master_secret(SSL
*s
, unsigned char *out
, unsigned char *p
,
542 static const unsigned char *salt
[3] = {
543 #ifndef CHARSET_EBCDIC
544 (const unsigned char *)"A",
545 (const unsigned char *)"BB",
546 (const unsigned char *)"CCC",
548 (const unsigned char *)"\x41",
549 (const unsigned char *)"\x42\x42",
550 (const unsigned char *)"\x43\x43\x43",
553 unsigned char buf
[EVP_MAX_MD_SIZE
];
554 EVP_MD_CTX
*ctx
= EVP_MD_CTX_new();
557 #ifdef OPENSSL_SSL_TRACE_CRYPTO
558 unsigned char *tmpout
= out
;
562 SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET
, ERR_R_MALLOC_FAILURE
);
565 for (i
= 0; i
< 3; i
++) {
566 if (EVP_DigestInit_ex(ctx
, s
->ctx
->sha1
, NULL
) <= 0
567 || EVP_DigestUpdate(ctx
, salt
[i
],
568 strlen((const char *)salt
[i
])) <= 0
569 || EVP_DigestUpdate(ctx
, p
, len
) <= 0
570 || EVP_DigestUpdate(ctx
, &(s
->s3
->client_random
[0]),
571 SSL3_RANDOM_SIZE
) <= 0
572 || EVP_DigestUpdate(ctx
, &(s
->s3
->server_random
[0]),
573 SSL3_RANDOM_SIZE
) <= 0
574 || EVP_DigestFinal_ex(ctx
, buf
, &n
) <= 0
576 || EVP_DigestInit_ex(ctx
, s
->ctx
->md5
, NULL
) <= 0
577 || EVP_DigestUpdate(ctx
, p
, len
) <= 0
578 || EVP_DigestUpdate(ctx
, buf
, n
) <= 0
579 || EVP_DigestFinal_ex(ctx
, out
, &n
) <= 0) {
580 SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET
, ERR_R_INTERNAL_ERROR
);
587 EVP_MD_CTX_free(ctx
);
589 #ifdef OPENSSL_SSL_TRACE_CRYPTO
590 if (ret
> 0 && s
->msg_callback
) {
591 s
->msg_callback(2, s
->version
, TLS1_RT_CRYPTO_PREMASTER
,
592 p
, len
, s
, s
->msg_callback_arg
);
593 s
->msg_callback(2, s
->version
, TLS1_RT_CRYPTO_CLIENT_RANDOM
,
594 s
->s3
->client_random
, SSL3_RANDOM_SIZE
,
595 s
, s
->msg_callback_arg
);
596 s
->msg_callback(2, s
->version
, TLS1_RT_CRYPTO_SERVER_RANDOM
,
597 s
->s3
->server_random
, SSL3_RANDOM_SIZE
,
598 s
, s
->msg_callback_arg
);
599 s
->msg_callback(2, s
->version
, TLS1_RT_CRYPTO_MASTER
,
600 tmpout
, SSL3_MASTER_SECRET_SIZE
,
601 s
, s
->msg_callback_arg
);
604 OPENSSL_cleanse(buf
, sizeof(buf
));
608 int ssl3_alert_code(int code
)
611 case SSL_AD_CLOSE_NOTIFY
:
612 return (SSL3_AD_CLOSE_NOTIFY
);
613 case SSL_AD_UNEXPECTED_MESSAGE
:
614 return (SSL3_AD_UNEXPECTED_MESSAGE
);
615 case SSL_AD_BAD_RECORD_MAC
:
616 return (SSL3_AD_BAD_RECORD_MAC
);
617 case SSL_AD_DECRYPTION_FAILED
:
618 return (SSL3_AD_BAD_RECORD_MAC
);
619 case SSL_AD_RECORD_OVERFLOW
:
620 return (SSL3_AD_BAD_RECORD_MAC
);
621 case SSL_AD_DECOMPRESSION_FAILURE
:
622 return (SSL3_AD_DECOMPRESSION_FAILURE
);
623 case SSL_AD_HANDSHAKE_FAILURE
:
624 return (SSL3_AD_HANDSHAKE_FAILURE
);
625 case SSL_AD_NO_CERTIFICATE
:
626 return (SSL3_AD_NO_CERTIFICATE
);
627 case SSL_AD_BAD_CERTIFICATE
:
628 return (SSL3_AD_BAD_CERTIFICATE
);
629 case SSL_AD_UNSUPPORTED_CERTIFICATE
:
630 return (SSL3_AD_UNSUPPORTED_CERTIFICATE
);
631 case SSL_AD_CERTIFICATE_REVOKED
:
632 return (SSL3_AD_CERTIFICATE_REVOKED
);
633 case SSL_AD_CERTIFICATE_EXPIRED
:
634 return (SSL3_AD_CERTIFICATE_EXPIRED
);
635 case SSL_AD_CERTIFICATE_UNKNOWN
:
636 return (SSL3_AD_CERTIFICATE_UNKNOWN
);
637 case SSL_AD_ILLEGAL_PARAMETER
:
638 return (SSL3_AD_ILLEGAL_PARAMETER
);
639 case SSL_AD_UNKNOWN_CA
:
640 return (SSL3_AD_BAD_CERTIFICATE
);
641 case SSL_AD_ACCESS_DENIED
:
642 return (SSL3_AD_HANDSHAKE_FAILURE
);
643 case SSL_AD_DECODE_ERROR
:
644 return (SSL3_AD_HANDSHAKE_FAILURE
);
645 case SSL_AD_DECRYPT_ERROR
:
646 return (SSL3_AD_HANDSHAKE_FAILURE
);
647 case SSL_AD_EXPORT_RESTRICTION
:
648 return (SSL3_AD_HANDSHAKE_FAILURE
);
649 case SSL_AD_PROTOCOL_VERSION
:
650 return (SSL3_AD_HANDSHAKE_FAILURE
);
651 case SSL_AD_INSUFFICIENT_SECURITY
:
652 return (SSL3_AD_HANDSHAKE_FAILURE
);
653 case SSL_AD_INTERNAL_ERROR
:
654 return (SSL3_AD_HANDSHAKE_FAILURE
);
655 case SSL_AD_USER_CANCELLED
:
656 return (SSL3_AD_HANDSHAKE_FAILURE
);
657 case SSL_AD_NO_RENEGOTIATION
:
658 return (-1); /* Don't send it :-) */
659 case SSL_AD_UNSUPPORTED_EXTENSION
:
660 return (SSL3_AD_HANDSHAKE_FAILURE
);
661 case SSL_AD_CERTIFICATE_UNOBTAINABLE
:
662 return (SSL3_AD_HANDSHAKE_FAILURE
);
663 case SSL_AD_UNRECOGNIZED_NAME
:
664 return (SSL3_AD_HANDSHAKE_FAILURE
);
665 case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE
:
666 return (SSL3_AD_HANDSHAKE_FAILURE
);
667 case SSL_AD_BAD_CERTIFICATE_HASH_VALUE
:
668 return (SSL3_AD_HANDSHAKE_FAILURE
);
669 case SSL_AD_UNKNOWN_PSK_IDENTITY
:
670 return (TLS1_AD_UNKNOWN_PSK_IDENTITY
);
671 case SSL_AD_INAPPROPRIATE_FALLBACK
:
672 return (TLS1_AD_INAPPROPRIATE_FALLBACK
);