Răsfoiți Sursa

Removing unused OpenSSL files

Source commit: 5ab9a74081a3b5a11c4df0e47ba6d67f6d32e940
Martin Prikryl 1 an în urmă
părinte
comite
eff378b704

+ 0 - 43
libs/openssl/providers/common/der/DIGESTS.asn1

@@ -1,43 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- From https://tools.ietf.org/html/rfc4055#section-2.1
-
-id-sha1  OBJECT IDENTIFIER  ::=  { iso(1)
-                     identified-organization(3) oiw(14)
-                     secsig(3) algorithms(2) 26 }
-
--- -------------------------------------------------------------------
--- From https://tools.ietf.org/html/rfc5480#appendix-A
--- (OIDs for MD2 and MD5 are allowed only in EMSA-PKCS1-v1_5)
-
-id-md2  OBJECT IDENTIFIER ::= {
-  iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 }
-
-id-md5  OBJECT IDENTIFIER ::= {
-  iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 }
-
--- -------------------------------------------------------------------
--- From https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-
-id-sha256 OBJECT IDENTIFIER ::= { hashAlgs 1 }
-id-sha384 OBJECT IDENTIFIER ::= { hashAlgs 2 }
-id-sha512 OBJECT IDENTIFIER ::= { hashAlgs 3 }
-id-sha224 OBJECT IDENTIFIER ::= { hashAlgs 4 }
-id-sha512-224 OBJECT IDENTIFIER ::= { hashAlgs 5 }
-id-sha512-256 OBJECT IDENTIFIER ::= { hashAlgs 6 }
-id-sha3-224 OBJECT IDENTIFIER ::= { hashAlgs 7 }
-id-sha3-256 OBJECT IDENTIFIER ::= { hashAlgs 8 }
-id-sha3-384 OBJECT IDENTIFIER ::= { hashAlgs 9 }
-id-sha3-512 OBJECT IDENTIFIER ::= { hashAlgs 10 }
-id-shake128 OBJECT IDENTIFIER ::= { hashAlgs 11 }
-id-shake256 OBJECT IDENTIFIER ::= { hashAlgs 12 }
-id-shake128-len OBJECT IDENTIFIER ::= { hashAlgs 17 }
-id-shake256-len OBJECT IDENTIFIER ::= { hashAlgs 18 }
-id-KMACWithSHAKE128 OBJECT IDENTIFIER ::={hashAlgs 19}
-id-KMACWithSHAKE256 OBJECT IDENTIFIER ::={ hashAlgs 20}

+ 0 - 36
libs/openssl/providers/common/der/DSA.asn1

@@ -1,36 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from RFC 3279, 3  ASN.1 Module
--- (https://www.rfc-editor.org/rfc/rfc3279.html#section-3)
-
--- OID for DSA public key
-
-id-dsa OBJECT IDENTIFIER ::= {
-     iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
-
--- OID for DSA signature generated with SHA-1 hash
-
-id-dsa-with-sha1 OBJECT IDENTIFIER ::=  {
-     iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
-
-
--- -------------------------------------------------------------------
--- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-
-sigAlgs OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 4 3 }
-
-id-dsa-with-sha224 OBJECT IDENTIFIER ::= { sigAlgs 1 }
-id-dsa-with-sha256 OBJECT IDENTIFIER ::= { sigAlgs 2 }
-id-dsa-with-sha384 OBJECT IDENTIFIER ::= { sigAlgs 3 }
-id-dsa-with-sha512 OBJECT IDENTIFIER ::= { sigAlgs 4 }
-
-id-dsa-with-sha3-224 OBJECT IDENTIFIER ::= { sigAlgs 5 }
-id-dsa-with-sha3-256 OBJECT IDENTIFIER ::= { sigAlgs 6 }
-id-dsa-with-sha3-384 OBJECT IDENTIFIER ::= { sigAlgs 7 }
-id-dsa-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 8 }

+ 0 - 90
libs/openssl/providers/common/der/EC.asn1

@@ -1,90 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from RFC 3279, 3  ASN.1 Module
--- (https://www.rfc-editor.org/rfc/rfc3279.html#section-3)
-
-ansi-X9-62  OBJECT IDENTIFIER ::= {
-     iso(1) member-body(2) us(840) 10045 }
-
--- Arc for ECDSA signature OIDS
-
-id-ecSigType OBJECT IDENTIFIER ::= { ansi-X9-62 signatures(4) }
-
--- OID for ECDSA signatures with SHA-1
-
-ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { id-ecSigType 1 }
-
-id-publicKeyType OBJECT IDENTIFIER  ::= { ansi-X9-62 keyType(2) }
-
-id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 }
-
--- Named Elliptic Curves in ANSI X9.62.
-
-ellipticCurve OBJECT IDENTIFIER ::= { ansi-X9-62 curves(3) }
-
-c-TwoCurve OBJECT IDENTIFIER ::= {
-     ellipticCurve characteristicTwo(0) }
-
-c2pnb163v1  OBJECT IDENTIFIER  ::=  { c-TwoCurve  1 }
-c2pnb163v2  OBJECT IDENTIFIER  ::=  { c-TwoCurve  2 }
-c2pnb163v3  OBJECT IDENTIFIER  ::=  { c-TwoCurve  3 }
-c2pnb176w1  OBJECT IDENTIFIER  ::=  { c-TwoCurve  4 }
-c2tnb191v1  OBJECT IDENTIFIER  ::=  { c-TwoCurve  5 }
-c2tnb191v2  OBJECT IDENTIFIER  ::=  { c-TwoCurve  6 }
-c2tnb191v3  OBJECT IDENTIFIER  ::=  { c-TwoCurve  7 }
-c2onb191v4  OBJECT IDENTIFIER  ::=  { c-TwoCurve  8 }
-c2onb191v5  OBJECT IDENTIFIER  ::=  { c-TwoCurve  9 }
-c2pnb208w1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 10 }
-c2tnb239v1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 11 }
-c2tnb239v2  OBJECT IDENTIFIER  ::=  { c-TwoCurve 12 }
-c2tnb239v3  OBJECT IDENTIFIER  ::=  { c-TwoCurve 13 }
-c2onb239v4  OBJECT IDENTIFIER  ::=  { c-TwoCurve 14 }
-c2onb239v5  OBJECT IDENTIFIER  ::=  { c-TwoCurve 15 }
-c2pnb272w1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 16 }
-c2pnb304w1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 17 }
-c2tnb359v1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 18 }
-c2pnb368w1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 19 }
-c2tnb431r1  OBJECT IDENTIFIER  ::=  { c-TwoCurve 20 }
-
-primeCurve OBJECT IDENTIFIER ::= { ellipticCurve prime(1) }
-
-prime192v1  OBJECT IDENTIFIER  ::=  { primeCurve  1 }
-prime192v2  OBJECT IDENTIFIER  ::=  { primeCurve  2 }
-prime192v3  OBJECT IDENTIFIER  ::=  { primeCurve  3 }
-prime239v1  OBJECT IDENTIFIER  ::=  { primeCurve  4 }
-prime239v2  OBJECT IDENTIFIER  ::=  { primeCurve  5 }
-prime239v3  OBJECT IDENTIFIER  ::=  { primeCurve  6 }
-prime256v1  OBJECT IDENTIFIER  ::=  { primeCurve  7 }
-
--- -------------------------------------------------------------------
--- Taken from RFC 5758, 3.2.  ECDSA Signature Algorithm
--- (https://www.rfc-editor.org/rfc/rfc5758.html#section-3.2)
-
-ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-     us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 1 }
-
-ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-     us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 }
-
-ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-     us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 3 }
-
-ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
-     us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 4 }
-
--- -------------------------------------------------------------------
--- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-
-sigAlgs OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 4 3 }
-
-id-ecdsa-with-sha3-224 OBJECT IDENTIFIER ::= { sigAlgs 9 }
-id-ecdsa-with-sha3-256 OBJECT IDENTIFIER ::= { sigAlgs 10 }
-id-ecdsa-with-sha3-384 OBJECT IDENTIFIER ::= { sigAlgs 11 }
-id-ecdsa-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 12 }
-

+ 0 - 17
libs/openssl/providers/common/der/ECX.asn1

@@ -1,17 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from RFC 8410, 9  ASN.1 Module
--- (https://tools.ietf.org/html/rfc8410#section-9)
-
-id-edwards-curve-algs OBJECT IDENTIFIER ::= { 1 3 101 }
-
-id-X25519        OBJECT IDENTIFIER ::= { id-edwards-curve-algs 110 }
-id-X448          OBJECT IDENTIFIER ::= { id-edwards-curve-algs 111 }
-id-Ed25519       OBJECT IDENTIFIER ::= { id-edwards-curve-algs 112 }
-id-Ed448         OBJECT IDENTIFIER ::= { id-edwards-curve-algs 113 }

+ 0 - 15
libs/openssl/providers/common/der/NIST.asn1

@@ -1,15 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-
--- Copies of common OIDs used by other ASN.1 files.
-csor OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 }
-nistAlgorithms OBJECT IDENTIFIER ::= { csor nistAlgorithm(4) }
-hashAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 2 }
-sigAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 3 }

+ 0 - 89
libs/openssl/providers/common/der/RSA.asn1

@@ -1,89 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from RFC 8017, Appendix C
--- (https://www.rfc-editor.org/rfc/rfc8017.html#appendix-C)
-
--- ============================
---   Basic object identifiers
--- ============================
-
--- The DER encoding of this in hexadecimal is:
--- (0x)06 08
---        2A 86 48 86 F7 0D 01 01
---
-pkcs-1    OBJECT IDENTIFIER ::= {
-    iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1
-}
-
---
--- When rsaEncryption is used in an AlgorithmIdentifier,
--- the parameters MUST be present and MUST be NULL.
---
-rsaEncryption    OBJECT IDENTIFIER ::= { pkcs-1 1 }
-
---
--- When id-RSAES-OAEP is used in an AlgorithmIdentifier, the
--- parameters MUST be present and MUST be RSAES-OAEP-params.
---
-id-RSAES-OAEP    OBJECT IDENTIFIER ::= { pkcs-1 7 }
-
---
--- When id-pSpecified is used in an AlgorithmIdentifier, the
--- parameters MUST be an OCTET STRING.
---
-id-pSpecified    OBJECT IDENTIFIER ::= { pkcs-1 9 }
-
---
--- When id-RSASSA-PSS is used in an AlgorithmIdentifier, the
--- parameters MUST be present and MUST be RSASSA-PSS-params.
---
-id-RSASSA-PSS    OBJECT IDENTIFIER ::= { pkcs-1 10 }
-
---
--- When the following OIDs are used in an AlgorithmIdentifier,
--- the parameters MUST be present and MUST be NULL.
---
-md2WithRSAEncryption         OBJECT IDENTIFIER ::= { pkcs-1 2 }
-md5WithRSAEncryption         OBJECT IDENTIFIER ::= { pkcs-1 4 }
-sha1WithRSAEncryption        OBJECT IDENTIFIER ::= { pkcs-1 5 }
-sha224WithRSAEncryption      OBJECT IDENTIFIER ::= { pkcs-1 14 }
-sha256WithRSAEncryption      OBJECT IDENTIFIER ::= { pkcs-1 11 }
-sha384WithRSAEncryption      OBJECT IDENTIFIER ::= { pkcs-1 12 }
-sha512WithRSAEncryption      OBJECT IDENTIFIER ::= { pkcs-1 13 }
-sha512-224WithRSAEncryption  OBJECT IDENTIFIER ::= { pkcs-1 15 }
-sha512-256WithRSAEncryption  OBJECT IDENTIFIER ::= { pkcs-1 16 }
-
---
--- When id-mgf1 is used in an AlgorithmIdentifier, the parameters
--- MUST be present and MUST be a HashAlgorithm, for example, sha1.
---
-id-mgf1    OBJECT IDENTIFIER ::= { pkcs-1 8 }
-
--- -------------------------------------------------------------------
--- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-
-id-rsassa-pkcs1-v1_5-with-sha3-224 OBJECT IDENTIFIER ::= { sigAlgs 13 }
-id-rsassa-pkcs1-v1_5-with-sha3-256 OBJECT IDENTIFIER ::= { sigAlgs 14 }
-id-rsassa-pkcs1-v1_5-with-sha3-384 OBJECT IDENTIFIER ::= { sigAlgs 15 }
-id-rsassa-pkcs1-v1_5-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 16 }
-
-
--- -------------------------------------------------------------------
--- These OID's exist in the codebase but may need to be deprecated at some point.
--- md5_sha1 has been omitted as it does not look like valid entry.
-
-md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 }
-
-ripemd160WithRSAEncryption    OBJECT IDENTIFIER ::= {
-    iso(1) identified-organization(3) teletrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) 2
-}
-
-mdc2WithRSASignature OBJECT IDENTIFIER ::= {
-    iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) mdc2WithRSASignature(14)
-}

+ 0 - 18
libs/openssl/providers/common/der/SM2.asn1

@@ -1,18 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
-oscca  OBJECT IDENTIFIER ::= { iso(1) member-body(2) cn(156) 10197 }
-
-sm-scheme OBJECT IDENTIFIER ::= { oscca 1 }
-
--- OID for SM2 signatures with SM3
-
-sm2-with-SM3 OBJECT IDENTIFIER ::= { sm-scheme 501 }
-
--- Named Elliptic Curves of SM2
-
-curveSM2 OBJECT IDENTIFIER ::= { sm-scheme 301 }

+ 0 - 113
libs/openssl/providers/common/der/oids_to_c.pm

@@ -1,113 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the Apache License 2.0 (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-use strict;
-use warnings;
-
-package oids_to_c;
-
-use Carp;
-use File::Spec;
-use OpenSSL::OID;
-
-my $OID_name_re = qr/([a-z](?:[-_A-Za-z0-9]*[A-Za-z0-9])?)/;
-my $OID_value_re = qr/(\{.*?\})/s;
-my $OID_def_re = qr/
-                       ${OID_name_re} \s+ OBJECT \s+ IDENTIFIER \s*
-                       ::=
-                       \s* ${OID_value_re}
-                   /x;
-
-sub filter_to_H {
-    my ($name, $comment) = @{ shift() };
-    my @oid_nums = @_;
-    my $oid_size = scalar @oid_nums;
-
-    (my $C_comment = $comment) =~ s|^| * |msg;
-    $C_comment = "\n/*\n${C_comment}\n */" if $C_comment ne '';
-    (my $C_name = $name) =~ s|-|_|g;
-    my $C_bytes_size = 2 + scalar @_;
-    my $C_bytes = join(', ', map { sprintf("0x%02X", $_) } @oid_nums );
-
-    return <<"_____";
-$C_comment
-#define DER_OID_V_${C_name} DER_P_OBJECT, $oid_size, ${C_bytes}
-#define DER_OID_SZ_${C_name} ${C_bytes_size}
-extern const unsigned char ossl_der_oid_${C_name}[DER_OID_SZ_${C_name}];
-_____
-}
-
-sub filter_to_C {
-    my ($name, $comment) = @{ shift() };
-    my @oid_nums = @_;
-    my $oid_size = scalar @oid_nums;
-
-    croak "Unsupported OID size (>127 bytes)" if $oid_size > 127;
-
-    (my $C_comment = $comment) =~ s|^| * |msg;
-    $C_comment = "\n/*\n${C_comment}\n */" if $C_comment ne '';
-    (my $C_name = $name) =~ s|-|_|g;
-    my $C_bytes_size = 2 + $oid_size;
-
-    return <<"_____";
-$C_comment
-const unsigned char ossl_der_oid_${C_name}[DER_OID_SZ_${C_name}] = {
-    DER_OID_V_${C_name}
-};
-_____
-}
-
-sub _process {
-    my %opts = %{ pop @_ } if ref $_[$#_] eq 'HASH';
-
-    # To maintain input order
-    my @OID_names = ();
-
-    foreach my $file (@_) {
-        my $input = File::Spec->catfile($opts{dir}, $file);
-        open my $fh, $input or die "Reading $input: $!\n";
-
-        my $text = join('',
-                        map {
-                            s|--.*(\R)$|$1|;
-                            $_;
-                        } <$fh>);
-        # print STDERR "-----BEGIN DEBUG-----\n";
-        # print STDERR $text;
-        # print STDERR "-----END DEBUG-----\n";
-        use re 'debugcolor';
-        while ($text =~ m/${OID_def_re}/sg) {
-            my $comment = $&;
-            my $name = $1;
-            my $value = $2;
-
-            # print STDERR "-----BEGIN DEBUG $name-----\n";
-            # print STDERR $value,"\n";
-            # print STDERR "-----END DEBUG $name-----\n";
-            register_oid($name, $value);
-            push @OID_names, [ $name, $comment ];
-        }
-    }
-
-    return @OID_names;
-}
-
-sub process_leaves {
-    my %opts = %{ $_[$#_] } if ref $_[$#_] eq 'HASH';
-    my @OID_names = _process @_;
-
-    my $text = '';
-    my %leaves = map { $_ => 1 } registered_oid_leaves;
-    foreach (grep { defined $leaves{$_->[0]} } @OID_names) {
-        my $lines = $opts{filter}->($_, encode_oid($_->[0]));
-        $text .= $lines;
-    }
-    return $text;
-}
-
-1;

+ 0 - 26
libs/openssl/providers/common/der/wrap.asn1

@@ -1,26 +0,0 @@
--- Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
---
--- Licensed under the Apache License 2.0 (the "License").  You may not use
--- this file except in compliance with the License.  You can obtain a copy
--- in the file LICENSE in the source distribution or at
--- https://www.openssl.org/source/license.html
-
--- -------------------------------------------------------------------
--- Taken from RFC 3370, Section 4.3.1 Triple-DES Key Wrap
--- (https://tools.ietf.org/html/rfc3370)
-
-id-alg-CMS3DESwrap OBJECT IDENTIFIER ::= {
-    iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 6
-}
-
--- -------------------------------------------------------------------
--- Taken from RFC 3394, Section 3. Object Identifiers
--- (https://tools.ietf.org/html/rfc3565)
-
-aes  OBJECT IDENTIFIER  ::=  {
-    joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1
-}
-
-id-aes128-wrap OBJECT IDENTIFIER ::= { aes 5 }
-id-aes192-wrap OBJECT IDENTIFIER ::= { aes 25 }
-id-aes256-wrap OBJECT IDENTIFIER ::= { aes 45 }

+ 0 - 63
libs/openssl/ssl/statem/README.md

@@ -1,63 +0,0 @@
-State Machine Design
-====================
-
-This file provides some guidance on the thinking behind the design of the
-state machine code to aid future maintenance.
-
-The state machine code replaces an older state machine present in OpenSSL
-versions 1.0.2 and below. The new state machine has the following objectives:
-
-  - Remove duplication of state code between client and server
-  - Remove duplication of state code between TLS and DTLS
-  - Simplify transitions and bring the logic together in a single location
-    so that it is easier to validate
-  - Remove duplication of code between each of the message handling functions
-  - Receive a message first and then work out whether that is a valid
-    transition - not the other way around (the other way causes lots of issues
-    where we are expecting one type of message next but actually get something
-    else)
-  - Separate message flow state from handshake state (in order to better
-    understand each)
-    * message flow state = when to flush buffers; handling restarts in the
-      event of NBIO events; handling the common flow of steps for reading a
-      message and the common flow of steps for writing a message etc
-    * handshake state = what handshake message are we working on now
-  - Control complexity: only the state machine can change state: keep all
-    the state changes local to the state machine component
-
-The message flow state machine is divided into a reading sub-state machine and a
-writing sub-state machine. See the source comments in statem.c for a more
-detailed description of the various states and transitions possible.
-
-Conceptually the state machine component is designed as follows:
-
-                          libssl
-                             |
-    -------------------------|-----statem.h------------------------------------
-                             |
-                      _______V____________________
-                     |                            |
-                     |    statem.c                |
-                     |                            |
-                     |    Core state machine code |
-                     |____________________________|
-          statem_local.h     ^          ^
-                   _________|          |_______
-                  |                            |
-     _____________|____________   _____________|____________
-    |                          | |                          |
-    | statem_clnt.c            | | statem_srvr.c            |
-    |                          | |                          |
-    | TLS/DTLS client specific | | TLS/DTLS server specific |
-    | state machine code       | | state machine code       |
-    |__________________________| |__________________________|
-                 |        |_______________|__       |
-                 |        ________________|  |      |
-                 |       |                   |      |
-     ____________V_______V________   ________V______V_______________
-    |                             | |                               |
-    | statem_lib.c                | | statem_dtls.c                 |
-    |                             | |                               |
-    | Non core functions common   | | Non core functions common to  |
-    | to both servers and clients | | both DTLS servers and clients |
-    |_____________________________| |_______________________________|