OLD | NEW |
| 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
1 /* | 2 /* |
2 * This file contains prototypes for the public SSL functions. | 3 * This file contains prototypes for the public SSL functions. |
3 * | 4 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 5 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 6 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 8 |
8 #ifndef __sslt_h_ | 9 #ifndef __sslt_h_ |
9 #define __sslt_h_ | 10 #define __sslt_h_ |
10 | 11 |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
61 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols | 62 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols |
62 ** soon. | 63 ** soon. |
63 */ | 64 */ |
64 #define kt_null ssl_kea_null | 65 #define kt_null ssl_kea_null |
65 #define kt_rsa ssl_kea_rsa | 66 #define kt_rsa ssl_kea_rsa |
66 #define kt_dh ssl_kea_dh | 67 #define kt_dh ssl_kea_dh |
67 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ | 68 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ |
68 #define kt_ecdh ssl_kea_ecdh | 69 #define kt_ecdh ssl_kea_ecdh |
69 #define kt_kea_size ssl_kea_size | 70 #define kt_kea_size ssl_kea_size |
70 | 71 |
| 72 |
| 73 /* Values of this enum match the SignatureAlgorithm enum from |
| 74 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
71 typedef enum { | 75 typedef enum { |
72 ssl_sign_null = 0, | 76 ssl_sign_null = 0, /* "anonymous" in TLS */ |
73 ssl_sign_rsa = 1, | 77 ssl_sign_rsa = 1, |
74 ssl_sign_dsa = 2, | 78 ssl_sign_dsa = 2, |
75 ssl_sign_ecdsa = 3 | 79 ssl_sign_ecdsa = 3 |
76 } SSLSignType; | 80 } SSLSignType; |
77 | 81 |
| 82 /* Values of this enum match the HashAlgorithm enum from |
| 83 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
| 84 typedef enum { |
| 85 /* ssl_hash_none is used internally to mean the pre-1.2 combination of MD5 |
| 86 * and SHA1. The other values are only used in TLS 1.2. */ |
| 87 ssl_hash_none = 0, |
| 88 ssl_hash_md5 = 1, |
| 89 ssl_hash_sha1 = 2, |
| 90 ssl_hash_sha224 = 3, |
| 91 ssl_hash_sha256 = 4, |
| 92 ssl_hash_sha384 = 5, |
| 93 ssl_hash_sha512 = 6 |
| 94 } SSLHashType; |
| 95 |
| 96 typedef struct SSLSignatureAndHashAlgStr { |
| 97 SSLHashType hashAlg; |
| 98 SSLSignType sigAlg; |
| 99 } SSLSignatureAndHashAlg; |
| 100 |
78 typedef enum { | 101 typedef enum { |
79 ssl_auth_null = 0, | 102 ssl_auth_null = 0, |
80 ssl_auth_rsa = 1, | 103 ssl_auth_rsa = 1, |
81 ssl_auth_dsa = 2, | 104 ssl_auth_dsa = 2, |
82 ssl_auth_kea = 3, | 105 ssl_auth_kea = 3, |
83 ssl_auth_ecdsa = 4 | 106 ssl_auth_ecdsa = 4 |
84 } SSLAuthType; | 107 } SSLAuthType; |
85 | 108 |
86 typedef enum { | 109 typedef enum { |
87 ssl_calg_null = 0, | 110 ssl_calg_null = 0, |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
129 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ | 152 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ |
130 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ | 153 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ |
131 PRUint32 sessionIDLength; /* up to 32 */ | 154 PRUint32 sessionIDLength; /* up to 32 */ |
132 PRUint8 sessionID [32]; | 155 PRUint8 sessionID [32]; |
133 | 156 |
134 /* The following fields are added in NSS 3.12.5. */ | 157 /* The following fields are added in NSS 3.12.5. */ |
135 | 158 |
136 /* compression method info */ | 159 /* compression method info */ |
137 const char * compressionMethodName; | 160 const char * compressionMethodName; |
138 SSLCompressionMethod compressionMethod; | 161 SSLCompressionMethod compressionMethod; |
| 162 |
| 163 /* The following fields are added in NSS 3.21. |
| 164 * This field only has meaning in TLS < 1.3 and will be set to |
| 165 * PR_FALSE in TLS 1.3. |
| 166 */ |
| 167 PRBool extendedMasterSecretUsed; |
139 } SSLChannelInfo; | 168 } SSLChannelInfo; |
140 | 169 |
| 170 /* Preliminary channel info */ |
| 171 #define ssl_preinfo_version (1U << 0) |
| 172 #define ssl_preinfo_cipher_suite (1U << 1) |
| 173 #define ssl_preinfo_all (ssl_preinfo_version|ssl_preinfo_cipher_suite) |
| 174 |
| 175 typedef struct SSLPreliminaryChannelInfoStr { |
| 176 /* This is set to the length of the struct. */ |
| 177 PRUint32 length; |
| 178 /* A bitfield over SSLPreliminaryValueSet that describes which |
| 179 * preliminary values are set (see ssl_preinfo_*). */ |
| 180 PRUint32 valuesSet; |
| 181 /* Protocol version: test (valuesSet & ssl_preinfo_version) */ |
| 182 PRUint16 protocolVersion; |
| 183 /* Cipher suite: test (valuesSet & ssl_preinfo_cipher_suite) */ |
| 184 PRUint16 cipherSuite; |
| 185 } SSLPreliminaryChannelInfo; |
| 186 |
141 typedef struct SSLCipherSuiteInfoStr { | 187 typedef struct SSLCipherSuiteInfoStr { |
142 PRUint16 length; | 188 PRUint16 length; |
143 PRUint16 cipherSuite; | 189 PRUint16 cipherSuite; |
144 | 190 |
145 /* Cipher Suite Name */ | 191 /* Cipher Suite Name */ |
146 const char * cipherSuiteName; | 192 const char * cipherSuiteName; |
147 | 193 |
148 /* server authentication info */ | 194 /* server authentication info */ |
149 const char * authAlgorithmName; | 195 const char * authAlgorithmName; |
150 SSLAuthType authAlgorithm; | 196 SSLAuthType authAlgorithm; |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
197 ssl_cert_status_xtn = 5, | 243 ssl_cert_status_xtn = 5, |
198 #ifndef NSS_DISABLE_ECC | 244 #ifndef NSS_DISABLE_ECC |
199 ssl_elliptic_curves_xtn = 10, | 245 ssl_elliptic_curves_xtn = 10, |
200 ssl_ec_point_formats_xtn = 11, | 246 ssl_ec_point_formats_xtn = 11, |
201 #endif | 247 #endif |
202 ssl_signature_algorithms_xtn = 13, | 248 ssl_signature_algorithms_xtn = 13, |
203 ssl_use_srtp_xtn = 14, | 249 ssl_use_srtp_xtn = 14, |
204 ssl_app_layer_protocol_xtn = 16, | 250 ssl_app_layer_protocol_xtn = 16, |
205 ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */ | 251 ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */ |
206 ssl_padding_xtn = 21, | 252 ssl_padding_xtn = 21, |
| 253 ssl_extended_master_secret_xtn = 23, |
207 ssl_session_ticket_xtn = 35, | 254 ssl_session_ticket_xtn = 35, |
208 ssl_next_proto_nego_xtn = 13172, | 255 ssl_next_proto_nego_xtn = 13172, |
209 ssl_channel_id_xtn = 30032, | 256 ssl_channel_id_xtn = 30032, |
210 ssl_renegotiation_info_xtn = 0xff01, | 257 ssl_renegotiation_info_xtn = 0xff01, |
211 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ | 258 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ |
212 } SSLExtensionType; | 259 } SSLExtensionType; |
213 | 260 |
214 #define SSL_MAX_EXTENSIONS 13 /* doesn't include ssl_padding_xtn. */ | 261 #define SSL_MAX_EXTENSIONS 14 /* doesn't include ssl_padding_xtn. */ |
| 262 |
| 263 typedef enum { |
| 264 ssl_dhe_group_none = 0, |
| 265 ssl_ff_dhe_2048_group = 1, |
| 266 ssl_ff_dhe_3072_group = 2, |
| 267 ssl_ff_dhe_4096_group = 3, |
| 268 ssl_ff_dhe_6144_group = 4, |
| 269 ssl_ff_dhe_8192_group = 5, |
| 270 ssl_dhe_group_max |
| 271 } SSLDHEGroupType; |
215 | 272 |
216 #endif /* __sslt_h_ */ | 273 #endif /* __sslt_h_ */ |
OLD | NEW |