# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
# define SSL_MAX_KEY_ARG_LENGTH 8
-# define SSL_MAX_MASTER_KEY_LENGTH 48
+# define SSL_MAX_MASTER_KEY_LENGTH 64
/* The maximum number of encrypt/decrypt pipelines we can support */
# define SSL_MAX_PIPELINES 32
# define SSL_MAC_FLAG_READ_MAC_STREAM 1
# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+/*
+ * A callback for logging out TLS key material. This callback should log out
+ * |line| followed by a newline.
+ */
+typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
+
+/*
+ * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+ * is intended for debugging use with tools like Wireshark. The cb function
+ * should log line followed by a newline.
+ */
+void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
+
+/*
+ * SSL_CTX_get_keylog_callback returns the callback configured by
+ * SSL_CTX_set_keylog_callback.
+ */
+SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);
+
#ifdef __cplusplus
}
#endif
TLS_ST_SW_ENCRYPTED_EXTENSIONS,
TLS_ST_CR_ENCRYPTED_EXTENSIONS,
TLS_ST_CR_CERT_VRFY,
- TLS_ST_SW_CERT_VRFY
+ TLS_ST_SW_CERT_VRFY,
+ TLS_ST_CR_HELLO_REQ
} OSSL_HANDSHAKE_STATE;
/*
__owur int SSL_do_handshake(SSL *s);
int SSL_renegotiate(SSL *s);
-__owur int SSL_renegotiate_abbreviated(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
__owur int SSL_renegotiate_pending(SSL *s);
int SSL_shutdown(SSL *s);
# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 386
# define SSL_F_FINAL_EC_PT_FORMATS 485
# define SSL_F_FINAL_EMS 486
+# define SSL_F_FINAL_KEY_SHARE 503
# define SSL_F_FINAL_RENEGOTIATE 483
# define SSL_F_FINAL_SIG_ALGS 497
+# define SSL_F_NSS_KEYLOG_INT 500
# define SSL_F_OPENSSL_INIT_SSL 342
# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 436
# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 430
# define SSL_F_SSL_GET_SIGN_PKEY 183
# define SSL_F_SSL_INIT_WBIO_BUFFER 184
# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
+# define SSL_F_SSL_LOG_MASTER_SECRET 498
+# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE 499
# define SSL_F_SSL_MODULE_INIT 392
# define SSL_F_SSL_NEW 186
# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE 470
# define SSL_F_TLS_CONSTRUCT_CTOS_NPN 471
# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING 472
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 509
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK 501
# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 473
# define SSL_F_TLS_CONSTRUCT_CTOS_SCT 474
# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME 475
# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 464
# define SSL_F_TLS_PARSE_CTOS_USE_SRTP 465
# define SSL_F_TLS_PARSE_STOC_KEY_SHARE 445
+# define SSL_F_TLS_PARSE_STOC_PSK 502
# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE 448
# define SSL_F_TLS_PARSE_STOC_USE_SRTP 446
# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 378
# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE 382
# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS 444
# define SSL_F_TLS_PROCESS_FINISHED 364
+# define SSL_F_TLS_PROCESS_HELLO_REQ 507
# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT 442
# define SSL_F_TLS_PROCESS_KEY_EXCHANGE 365
# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 366
# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 421
# define SSL_F_TLS_PROCESS_SKE_SRP 422
# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 450
+# define SSL_F_TLS_SETUP_HANDSHAKE 508
# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 220
/* Reason codes. */
# define SSL_R_BAD_LENGTH 271
# define SSL_R_BAD_PACKET_LENGTH 115
# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+# define SSL_R_BAD_PSK_IDENTITY 114
# define SSL_R_BAD_RECORD_TYPE 443
# define SSL_R_BAD_RSA_ENCRYPT 119
# define SSL_R_BAD_SIGNATURE 123