Index: net/third_party/nss/ssl/sslt.h |
diff --git a/net/third_party/nss/ssl/sslt.h b/net/third_party/nss/ssl/sslt.h |
index 36e34dfb8d0a8e4f81ac31b93fbfab81848083f1..6f26e5fd9176308642c1bd2636461415c53d23a5 100644 |
--- a/net/third_party/nss/ssl/sslt.h |
+++ b/net/third_party/nss/ssl/sslt.h |
@@ -11,19 +11,6 @@ |
#include "prtypes.h" |
-/* SECItemArray is added in NSS 3.15. Define the type if compiling |
-** against an older version of NSS. |
-*/ |
-#include "nssutil.h" |
-#if NSSUTIL_VMAJOR == 3 && NSSUTIL_VMINOR < 15 |
-typedef struct SECItemArrayStr SECItemArray; |
- |
-struct SECItemArrayStr { |
- SECItem *items; |
- unsigned int len; |
-}; |
-#endif /* NSSUTIL_VMAJOR == 3 && NSSUTIL_VMINOR < 15 */ |
- |
typedef struct SSL3StatisticsStr { |
/* statistics from ssl3_SendClientHello (sch) */ |
long sch_sid_cache_hits; |
@@ -49,12 +36,12 @@ typedef struct SSL3StatisticsStr { |
/* Key Exchange algorithm values */ |
typedef enum { |
- ssl_kea_null = 0, |
- ssl_kea_rsa = 1, |
- ssl_kea_dh = 2, |
- ssl_kea_fortezza = 3, /* deprecated, now unused */ |
- ssl_kea_ecdh = 4, |
- ssl_kea_size /* number of ssl_kea_ algorithms */ |
+ ssl_kea_null = 0, |
+ ssl_kea_rsa = 1, |
+ ssl_kea_dh = 2, |
+ ssl_kea_fortezza = 3, /* deprecated, now unused */ |
+ ssl_kea_ecdh = 4, |
+ ssl_kea_size /* number of ssl_kea_ algorithms */ |
} SSLKEAType; |
/* The following defines are for backwards compatibility. |
@@ -62,21 +49,20 @@ typedef enum { |
** programs that use the kt_ symbols should convert to the ssl_kt_ symbols |
** soon. |
*/ |
-#define kt_null ssl_kea_null |
-#define kt_rsa ssl_kea_rsa |
-#define kt_dh ssl_kea_dh |
-#define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ |
-#define kt_ecdh ssl_kea_ecdh |
-#define kt_kea_size ssl_kea_size |
- |
+#define kt_null ssl_kea_null |
+#define kt_rsa ssl_kea_rsa |
+#define kt_dh ssl_kea_dh |
+#define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ |
+#define kt_ecdh ssl_kea_ecdh |
+#define kt_kea_size ssl_kea_size |
/* Values of this enum match the SignatureAlgorithm enum from |
* https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ |
typedef enum { |
- ssl_sign_null = 0, /* "anonymous" in TLS */ |
- ssl_sign_rsa = 1, |
- ssl_sign_dsa = 2, |
- ssl_sign_ecdsa = 3 |
+ ssl_sign_null = 0, /* "anonymous" in TLS */ |
+ ssl_sign_rsa = 1, |
+ ssl_sign_dsa = 2, |
+ ssl_sign_ecdsa = 3 |
} SSLSignType; |
/* Values of this enum match the HashAlgorithm enum from |
@@ -99,81 +85,86 @@ typedef struct SSLSignatureAndHashAlgStr { |
} SSLSignatureAndHashAlg; |
typedef enum { |
- ssl_auth_null = 0, |
- ssl_auth_rsa = 1, |
- ssl_auth_dsa = 2, |
- ssl_auth_kea = 3, |
- ssl_auth_ecdsa = 4 |
+ ssl_auth_null = 0, |
+ ssl_auth_rsa = 1, |
+ ssl_auth_dsa = 2, |
+ ssl_auth_kea = 3, |
+ ssl_auth_ecdsa = 4 |
} SSLAuthType; |
typedef enum { |
- ssl_calg_null = 0, |
- ssl_calg_rc4 = 1, |
- ssl_calg_rc2 = 2, |
- ssl_calg_des = 3, |
- ssl_calg_3des = 4, |
- ssl_calg_idea = 5, |
- ssl_calg_fortezza = 6, /* deprecated, now unused */ |
- ssl_calg_aes = 7, |
+ ssl_calg_null = 0, |
+ ssl_calg_rc4 = 1, |
+ ssl_calg_rc2 = 2, |
+ ssl_calg_des = 3, |
+ ssl_calg_3des = 4, |
+ ssl_calg_idea = 5, |
+ ssl_calg_fortezza = 6, /* deprecated, now unused */ |
+ ssl_calg_aes = 7, |
ssl_calg_camellia = 8, |
- ssl_calg_seed = 9, |
- ssl_calg_aes_gcm = 10, |
+ ssl_calg_seed = 9, |
+ ssl_calg_aes_gcm = 10, |
ssl_calg_chacha20 = 11 |
} SSLCipherAlgorithm; |
-typedef enum { |
- ssl_mac_null = 0, |
- ssl_mac_md5 = 1, |
- ssl_mac_sha = 2, |
- ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ |
- ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */ |
- ssl_hmac_sha256 = 5, |
- ssl_mac_aead = 6 |
+typedef enum { |
+ ssl_mac_null = 0, |
+ ssl_mac_md5 = 1, |
+ ssl_mac_sha = 2, |
+ ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ |
+ ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */ |
+ ssl_hmac_sha256 = 5, |
+ ssl_mac_aead = 6 |
} SSLMACAlgorithm; |
typedef enum { |
ssl_compression_null = 0, |
- ssl_compression_deflate = 1 /* RFC 3749 */ |
+ ssl_compression_deflate = 1 /* RFC 3749 */ |
} SSLCompressionMethod; |
typedef struct SSLChannelInfoStr { |
- PRUint32 length; |
- PRUint16 protocolVersion; |
- PRUint16 cipherSuite; |
+ /* |length| is obsolete. On return, SSL_GetChannelInfo sets |length| to the |
+ * smaller of the |len| argument and the length of the struct. The caller |
+ * may ignore |length|. */ |
+ PRUint32 length; |
+ PRUint16 protocolVersion; |
+ PRUint16 cipherSuite; |
/* server authentication info */ |
- PRUint32 authKeyBits; |
+ PRUint32 authKeyBits; |
/* key exchange algorithm info */ |
- PRUint32 keaKeyBits; |
+ PRUint32 keaKeyBits; |
/* session info */ |
- PRUint32 creationTime; /* seconds since Jan 1, 1970 */ |
- PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ |
- PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ |
- PRUint32 sessionIDLength; /* up to 32 */ |
- PRUint8 sessionID [32]; |
+ PRUint32 creationTime; /* seconds since Jan 1, 1970 */ |
+ PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ |
+ PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ |
+ PRUint32 sessionIDLength; /* up to 32 */ |
+ PRUint8 sessionID[32]; |
/* The following fields are added in NSS 3.12.5. */ |
/* compression method info */ |
- const char * compressionMethodName; |
+ const char* compressionMethodName; |
SSLCompressionMethod compressionMethod; |
/* The following fields are added in NSS 3.21. |
* This field only has meaning in TLS < 1.3 and will be set to |
* PR_FALSE in TLS 1.3. |
*/ |
- PRBool extendedMasterSecretUsed; |
+ PRBool extendedMasterSecretUsed; |
} SSLChannelInfo; |
/* Preliminary channel info */ |
#define ssl_preinfo_version (1U << 0) |
#define ssl_preinfo_cipher_suite (1U << 1) |
-#define ssl_preinfo_all (ssl_preinfo_version|ssl_preinfo_cipher_suite) |
+#define ssl_preinfo_all (ssl_preinfo_version | ssl_preinfo_cipher_suite) |
typedef struct SSLPreliminaryChannelInfoStr { |
- /* This is set to the length of the struct. */ |
+ /* |length| is obsolete. On return, SSL_GetPreliminaryChannelInfo sets |
+ * |length| to the smaller of the |len| argument and the length of the |
+ * struct. The caller may ignore |length|. */ |
PRUint32 length; |
/* A bitfield over SSLPreliminaryValueSet that describes which |
* preliminary values are set (see ssl_preinfo_*). */ |
@@ -185,39 +176,42 @@ typedef struct SSLPreliminaryChannelInfoStr { |
} SSLPreliminaryChannelInfo; |
typedef struct SSLCipherSuiteInfoStr { |
- PRUint16 length; |
- PRUint16 cipherSuite; |
+ /* |length| is obsolete. On return, SSL_GetCipherSuitelInfo sets |length| |
+ * to the smaller of the |len| argument and the length of the struct. The |
+ * caller may ignore |length|. */ |
+ PRUint16 length; |
+ PRUint16 cipherSuite; |
/* Cipher Suite Name */ |
- const char * cipherSuiteName; |
+ const char* cipherSuiteName; |
/* server authentication info */ |
- const char * authAlgorithmName; |
- SSLAuthType authAlgorithm; |
+ const char* authAlgorithmName; |
+ SSLAuthType authAlgorithm; |
/* key exchange algorithm info */ |
- const char * keaTypeName; |
- SSLKEAType keaType; |
+ const char* keaTypeName; |
+ SSLKEAType keaType; |
/* symmetric encryption info */ |
- const char * symCipherName; |
- SSLCipherAlgorithm symCipher; |
- PRUint16 symKeyBits; |
- PRUint16 symKeySpace; |
- PRUint16 effectiveKeyBits; |
+ const char* symCipherName; |
+ SSLCipherAlgorithm symCipher; |
+ PRUint16 symKeyBits; |
+ PRUint16 symKeySpace; |
+ PRUint16 effectiveKeyBits; |
/* MAC info */ |
/* AEAD ciphers don't have a MAC. For an AEAD cipher, macAlgorithmName |
* is "AEAD", macAlgorithm is ssl_mac_aead, and macBits is the length in |
* bits of the authentication tag. */ |
- const char * macAlgorithmName; |
- SSLMACAlgorithm macAlgorithm; |
- PRUint16 macBits; |
+ const char* macAlgorithmName; |
+ SSLMACAlgorithm macAlgorithm; |
+ PRUint16 macBits; |
- PRUintn isFIPS : 1; |
- PRUintn isExportable : 1; |
- PRUintn nonStandard : 1; |
- PRUintn reservedBits :29; |
+ PRUintn isFIPS : 1; |
+ PRUintn isExportable : 1; |
+ PRUintn nonStandard : 1; |
+ PRUintn reservedBits : 29; |
} SSLCipherSuiteInfo; |
@@ -232,33 +226,35 @@ typedef struct SSLVersionRangeStr { |
} SSLVersionRange; |
typedef enum { |
- SSL_sni_host_name = 0, |
+ SSL_sni_host_name = 0, |
SSL_sni_type_total |
} SSLSniNameType; |
/* Supported extensions. */ |
/* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */ |
typedef enum { |
- ssl_server_name_xtn = 0, |
- ssl_cert_status_xtn = 5, |
+ ssl_server_name_xtn = 0, |
+ ssl_cert_status_xtn = 5, |
#ifndef NSS_DISABLE_ECC |
- ssl_elliptic_curves_xtn = 10, |
- ssl_ec_point_formats_xtn = 11, |
+ ssl_elliptic_curves_xtn = 10, |
+ ssl_ec_point_formats_xtn = 11, |
#endif |
- ssl_signature_algorithms_xtn = 13, |
- ssl_use_srtp_xtn = 14, |
- ssl_app_layer_protocol_xtn = 16, |
- ssl_signed_certificate_timestamp_xtn = 18, /* RFC 6962 */ |
- ssl_padding_xtn = 21, |
- ssl_extended_master_secret_xtn = 23, |
- ssl_session_ticket_xtn = 35, |
- ssl_next_proto_nego_xtn = 13172, |
- ssl_channel_id_xtn = 30032, |
- ssl_renegotiation_info_xtn = 0xff01, |
- ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ |
+ ssl_signature_algorithms_xtn = 13, |
+ ssl_use_srtp_xtn = 14, |
+ ssl_app_layer_protocol_xtn = 16, |
+ /* signed_certificate_timestamp extension, RFC 6962 */ |
+ ssl_signed_cert_timestamp_xtn = 18, |
+ ssl_padding_xtn = 21, |
+ ssl_extended_master_secret_xtn = 23, |
+ ssl_session_ticket_xtn = 35, |
+ ssl_tls13_key_share_xtn = 40, /* unofficial TODO(ekr) */ |
+ ssl_next_proto_nego_xtn = 13172, |
+ ssl_channel_id_xtn = 30032, |
+ ssl_renegotiation_info_xtn = 0xff01, |
+ ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ |
} SSLExtensionType; |
-#define SSL_MAX_EXTENSIONS 14 /* doesn't include ssl_padding_xtn. */ |
+#define SSL_MAX_EXTENSIONS 15 /* doesn't include ssl_padding_xtn. */ |
typedef enum { |
ssl_dhe_group_none = 0, |