mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
326 lines
10 KiB
326 lines
10 KiB
//+---------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1992 - 1995.
|
|
//
|
|
// File: msgs.h
|
|
//
|
|
// Contents:
|
|
//
|
|
// Classes:
|
|
//
|
|
// Functions:
|
|
//
|
|
// History: 8-02-95 RichardW Created
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
#ifndef __SSL2MSG_H__
|
|
#define __SSL2MSG_H__
|
|
|
|
typedef struct _Ssl2_Cipher_Tuple {
|
|
UCHAR C1;
|
|
UCHAR C2;
|
|
UCHAR C3;
|
|
} Ssl2_Cipher_Tuple, * PSsl2_Cipher_Tuple;
|
|
|
|
///////////////////////////////////////////////////////////////////
|
|
//
|
|
// Useful Macros
|
|
//
|
|
///////////////////////////////////////////////////////////////////
|
|
|
|
#define LSBOF(x) ((UCHAR) ((x) & 0xFF))
|
|
#define MSBOF(x) ((UCHAR) (((x) >> 8) & 0xFF) )
|
|
|
|
#define COMBINEBYTES(Msb, Lsb) ((DWORD) (((DWORD) (Msb) << 8) | (DWORD) (Lsb)))
|
|
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////
|
|
//
|
|
// Message Constants
|
|
//
|
|
///////////////////////////////////////////////////////////////////
|
|
|
|
#define SSL2_CLIENT_VERSION 0x0002
|
|
#define SSL2_SERVER_VERSION 0x0002
|
|
|
|
#define SSL2_CLIENT_VERSION_MSB 0x00
|
|
#define SSL2_CLIENT_VERSION_LSB 0x02
|
|
|
|
#define SSL2_SERVER_VERSION_MSB 0x00
|
|
#define SSL2_SERVER_VERSION_LSB 0x02
|
|
|
|
#ifdef DO_PCT_COMPAT
|
|
#define PCT_COMPAT_VERSION_MSB 0x83
|
|
#define PCT_COMPAT_VERSION_LSB 0x01
|
|
#endif
|
|
|
|
#define SSL2_MT_ERROR 0
|
|
#define SSL2_MT_CLIENT_HELLO 1
|
|
#define SSL2_MT_CLIENT_MASTER_KEY 2
|
|
#define SSL2_MT_CLIENT_FINISHED_V2 3
|
|
#define SSL2_MT_SERVER_HELLO 4
|
|
#define SSL2_MT_SERVER_VERIFY 5
|
|
#define SSL2_MT_SERVER_FINISHED_V2 6
|
|
#define SSL2_MT_REQUEST_CERTIFICATE 7
|
|
#define SSL2_MT_CLIENT_CERTIFICATE 8
|
|
#define SSL2_MT_CLIENT_DH_KEY 9
|
|
#define SSL2_MT_CLIENT_SESSION_KEY 10
|
|
#define SSL2_MT_CLIENT_FINISHED 11
|
|
#define SSL2_MT_SERVER_FINISHED 12
|
|
|
|
#define SSL_PE_NO_CIPHER 0x0001
|
|
#define SSL_PE_NO_CERTIFICATE 0x0002
|
|
#define SSL_PE_BAD_CERTIFICATE 0x0004
|
|
#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
|
|
|
|
|
|
#define SSL_CT_X509_CERTIFICATE 0x01
|
|
#define SSL_CT_PKCS7_CERTIFICATE 0x02
|
|
|
|
#if DBG
|
|
#define SSL_CT_DEBUG_CERT 0x80
|
|
#endif
|
|
|
|
#define SSL2_MAX_CHALLENGE_LEN 32 /* max accepted challenge size */
|
|
#define SSL2_CHALLENGE_SIZE 16 /* default generated challenge size */
|
|
#define SSL2_SESSION_ID_LEN 16
|
|
#define SSL2_GEN_CONNECTION_ID_LEN 16 /* Dont change this, netscape requires 16 byte
|
|
* id's */
|
|
#define SSL2_MAX_CONNECTION_ID_LEN 32
|
|
#define SSL3_SESSION_ID_LEN 32
|
|
#define SSL2_MAC_LENGTH 16
|
|
#define SSL2_MASTER_KEY_SIZE 16
|
|
#define SSL2_MAX_KEY_ARGS 8
|
|
#define SSL2_MAX_MESSAGE_LENGTH 32768
|
|
#define MAX_UNI_CIPHERS 64
|
|
|
|
#define SSL_MKFAST(a, b, c) (DWORD)(((a)<<16) | ((b)<<8) | (c))
|
|
|
|
#define SSL_MKSLOW(a) (UCHAR)((a>>16)& 0xff), (UCHAR)((a>>8)& 0xff), (UCHAR)((a)& 0xff)
|
|
|
|
#define SSL_RSA_WITH_RC4_128_MD5 SSL_MKFAST(0x00, 0x00, 0x04)
|
|
#define SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_MKFAST(0x00, 0x00, 0x03)
|
|
|
|
#define SSL_CK_RC4_128_WITH_MD5 SSL_MKFAST(0x01, 0x00, 0x80)
|
|
#define SSL_CK_RC4_128_EXPORT40_WITH_MD5 SSL_MKFAST(0x02, 0x00, 0x80)
|
|
#define SSL_CK_RC2_128_CBC_WITH_MD5 SSL_MKFAST(0x03, 0x00, 0x80)
|
|
#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 SSL_MKFAST(0x04, 0x00, 0x80)
|
|
#define SSL_CK_IDEA_128_CBC_WITH_MD5 SSL_MKFAST(0x05, 0x00, 0x80)
|
|
#define SSL_CK_DES_64_CBC_WITH_MD5 SSL_MKFAST(0x06, 0x00, 0x40)
|
|
#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 SSL_MKFAST(0x07, 0x00, 0xC0)
|
|
#define SSL_CK_NULL_WITH_MD5 SSL_MKFAST(0x00, 0x00, 0x00)
|
|
#define SSL_CK_DES_64_CBC_WITH_SHA SSL_MKFAST(0x06, 0x01, 0x40)
|
|
#define SSL_CK_DES_192_EDE3_WITH_SHA SSL_MKFAST(0x07, 0x01, 0xC0)
|
|
|
|
#define SSL_CK_RC4_128_FINANCE64_WITH_MD5 SSL_MKFAST(0x08, 0x00, 0x80)
|
|
|
|
#ifdef ENABLE_NONE_CIPHER
|
|
#define SSL_CK_NONE SSL_MKFAST(0x09, 0x00, 0x00)
|
|
#endif
|
|
|
|
|
|
|
|
#define SSL_KEA_RSA {(UCHAR) 0x10, (UCHAR) 0x00, (UCHAR) 0x00}
|
|
#define SSL_KEA_RSA_TOKEN_WITH_DES {(UCHAR) 0x10, (UCHAR) 0x01, (UCHAR) 0x00}
|
|
#define SSL_KEA_RSA_TOKEN_WITH_DES_EDE3 {(UCHAR) 0x10, (UCHAR) 0x01, (UCHAR) 0x01}
|
|
#define SSL_KEA_RSA_TOKEN_WITH_RC4 {(UCHAR) 0x10, (UCHAR) 0x01, (UCHAR) 0x02}
|
|
#define SSL_KEA_DH {(UCHAR) 0x11, (UCHAR) 0x00, (UCHAR) 0x00}
|
|
#define SSL_KEA_DH_TOKEN_WITH_DES {(UCHAR) 0x11, (UCHAR) 0x01, (UCHAR) 0x00}
|
|
#define SSL_KEA_DH_TOKEN_WITH_DES_EDE3 {(UCHAR) 0x11, (UCHAR) 0x01, (UCHAR) 0x01}
|
|
#define SSL_KEA_DH_ANON {(UCHAR) 0x12, (UCHAR) 0x00, (UCHAR) 0x00}
|
|
|
|
#define CRYPTO_RC4_128 0x00010080
|
|
#define CRYPTO_RC4_40 0x00020080
|
|
#define CRYPTO_RC2_128 0x00030080
|
|
#define CRYPTO_RC2_40 0x00040080
|
|
#define CRYPTO_IDEA_128 0x00050080
|
|
#define CRYPTO_NULL 0x00000000
|
|
#define CRYPTO_DES_64 0x00060040
|
|
#define CRYPTO_3DES_192 0x000700C0
|
|
|
|
|
|
extern CertTypeMap aSsl2CertEncodingPref[];
|
|
extern DWORD cSsl2CertEncodingPref;
|
|
|
|
|
|
typedef DWORD Ssl2_Cipher_Kind;
|
|
|
|
//typedef struct _Ssl2CipherMap {
|
|
// Ssl2_Cipher_Kind Kind;
|
|
// ALG_ID aiHash;
|
|
// ALG_ID aiCipher;
|
|
// DWORD dwStrength;
|
|
// ExchSpec KeyExch;
|
|
// ALG_ID aiKeyAlg;
|
|
//} Ssl2CipherMap, *PSsl2CipherMap;
|
|
|
|
|
|
typedef struct _SSL2_MESSAGE_HEADER {
|
|
UCHAR Byte0;
|
|
UCHAR Byte1;
|
|
} SSL2_MESSAGE_HEADER, * PSSL2_MESSAGE_HEADER;
|
|
|
|
typedef struct _SSL2_MESSAGE_HEADER_EX {
|
|
UCHAR Byte0;
|
|
UCHAR Byte1;
|
|
UCHAR PaddingSize;
|
|
} SSL2_MESSAGE_HEADER_EX, * PSSL2_MESSAGE_HEADER_EX;
|
|
|
|
|
|
typedef struct _SSL2_ERROR {
|
|
SSL2_MESSAGE_HEADER Header;
|
|
UCHAR MessageId;
|
|
UCHAR ErrorMsb;
|
|
UCHAR ErrorLsb;
|
|
} SSL2_ERROR, * PSSL2_ERROR;
|
|
|
|
|
|
typedef struct _SSL2_CLIENT_HELLO {
|
|
SSL2_MESSAGE_HEADER Header;
|
|
UCHAR MessageId;
|
|
UCHAR VersionMsb;
|
|
UCHAR VersionLsb;
|
|
UCHAR CipherSpecsLenMsb;
|
|
UCHAR CipherSpecsLenLsb;
|
|
UCHAR SessionIdLenMsb;
|
|
UCHAR SessionIdLenLsb;
|
|
UCHAR ChallengeLenMsb;
|
|
UCHAR ChallengeLenLsb;
|
|
UCHAR VariantData[1];
|
|
} SSL2_CLIENT_HELLO, * PSSL2_CLIENT_HELLO;
|
|
|
|
|
|
typedef struct _SSL2_SERVER_HELLO {
|
|
SSL2_MESSAGE_HEADER Header;
|
|
UCHAR MessageId;
|
|
UCHAR SessionIdHit;
|
|
UCHAR CertificateType;
|
|
UCHAR ServerVersionMsb;
|
|
UCHAR ServerVersionLsb;
|
|
UCHAR CertificateLenMsb;
|
|
UCHAR CertificateLenLsb;
|
|
UCHAR CipherSpecsLenMsb;
|
|
UCHAR CipherSpecsLenLsb;
|
|
UCHAR ConnectionIdLenMsb;
|
|
UCHAR ConnectionIdLenLsb;
|
|
UCHAR VariantData[1];
|
|
} SSL2_SERVER_HELLO, * PSSL2_SERVER_HELLO;
|
|
|
|
typedef struct _SSL2_CLIENT_MASTER_KEY {
|
|
SSL2_MESSAGE_HEADER Header;
|
|
UCHAR MessageId;
|
|
Ssl2_Cipher_Tuple CipherKind;
|
|
UCHAR ClearKeyLenMsb;
|
|
UCHAR ClearKeyLenLsb;
|
|
UCHAR EncryptedKeyLenMsb;
|
|
UCHAR EncryptedKeyLenLsb;
|
|
UCHAR KeyArgLenMsb;
|
|
UCHAR KeyArgLenLsb;
|
|
UCHAR VariantData[1];
|
|
} SSL2_CLIENT_MASTER_KEY, * PSSL2_CLIENT_MASTER_KEY;
|
|
|
|
|
|
typedef struct _SSL2_SERVER_VERIFY {
|
|
UCHAR MessageId;
|
|
UCHAR ChallengeData[SSL2_MAX_CHALLENGE_LEN];
|
|
} SSL2_SERVER_VERIFY, * PSSL2_SERVER_VERIFY;
|
|
|
|
typedef struct _SSL2_CLIENT_FINISHED {
|
|
UCHAR MessageId;
|
|
UCHAR ConnectionID[SSL2_MAX_CONNECTION_ID_LEN];
|
|
} SSL2_CLIENT_FINISHED, * PSSL2_CLIENT_FINISHED;
|
|
|
|
typedef struct _SSL2_SERVER_FINISHED {
|
|
UCHAR MessageId;
|
|
UCHAR SessionID[SSL2_SESSION_ID_LEN];
|
|
} SSL2_SERVER_FINISHED, * PSSL2_SERVER_FINISHED;
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////
|
|
//
|
|
// Expanded Form Messages:
|
|
//
|
|
////////////////////////////////////////////////////
|
|
|
|
/* Rules for buffer in expanded form */
|
|
/* Only things which are going to be allocated
|
|
* anyway, or are created statically are not created
|
|
* as arrays */
|
|
|
|
typedef DWORD CipherSpec;
|
|
typedef DWORD * PCipherSpec;
|
|
|
|
typedef struct _Ssl2_Client_Hello {
|
|
DWORD dwVer;
|
|
DWORD cCipherSpecs;
|
|
DWORD cbSessionID;
|
|
DWORD cbChallenge;
|
|
UCHAR SessionID[SSL3_SESSION_ID_LEN]; //NOTE: changed to 32 bytes long....
|
|
UCHAR Challenge[SSL2_MAX_CHALLENGE_LEN];
|
|
Ssl2_Cipher_Kind CipherSpecs[MAX_UNI_CIPHERS]; /* points to static array */
|
|
} Ssl2_Client_Hello, * PSsl2_Client_Hello;
|
|
|
|
typedef struct _Ssl2_Server_Hello {
|
|
DWORD SessionIdHit;
|
|
DWORD CertificateType;
|
|
DWORD cbCertificate;
|
|
DWORD cCipherSpecs;
|
|
DWORD cbConnectionID;
|
|
UCHAR ConnectionID[SSL2_MAX_CONNECTION_ID_LEN];
|
|
PUCHAR pCertificate; /* points to pre-created cert */
|
|
Ssl2_Cipher_Kind * pCipherSpecs; /* points to static array */
|
|
} Ssl2_Server_Hello, * PSsl2_Server_Hello;
|
|
|
|
|
|
typedef struct _Ssl2_Client_Master_Key {
|
|
DWORD ClearKeyLen;
|
|
DWORD EncryptedKeyLen;
|
|
DWORD KeyArgLen;
|
|
Ssl2_Cipher_Kind CipherKind;
|
|
UCHAR ClearKey[SSL2_MASTER_KEY_SIZE];
|
|
UCHAR * pbEncryptedKey;
|
|
UCHAR KeyArg[SSL2_MASTER_KEY_SIZE];
|
|
} Ssl2_Client_Master_Key, * PSsl2_Client_Master_Key;
|
|
|
|
///////////////////////////////////////////////////
|
|
//
|
|
// Pickling Prototypes
|
|
//
|
|
///////////////////////////////////////////////////
|
|
SP_STATUS
|
|
Ssl2PackClientHello(
|
|
PSsl2_Client_Hello pCanonical,
|
|
PSPBuffer pCommOutput);
|
|
|
|
SP_STATUS
|
|
Ssl2UnpackClientHello(
|
|
PSPBuffer pInput,
|
|
PSsl2_Client_Hello * ppClient);
|
|
|
|
SP_STATUS
|
|
Ssl2PackServerHello(
|
|
PSsl2_Server_Hello pCanonical,
|
|
PSPBuffer pCommOutput);
|
|
|
|
SP_STATUS
|
|
Ssl2UnpackServerHello(
|
|
PSPBuffer pInput,
|
|
PSsl2_Server_Hello * ppServer);
|
|
|
|
SP_STATUS
|
|
Ssl2PackClientMasterKey(
|
|
PSsl2_Client_Master_Key pCanonical,
|
|
PSPBuffer pCommOutput);
|
|
|
|
SP_STATUS
|
|
Ssl2UnpackClientMasterKey(
|
|
PSPBuffer pInput,
|
|
PSsl2_Client_Master_Key * ppClient);
|
|
|
|
|
|
|
|
#endif /* __SSL2MSG_H__ */
|