OLD | NEW |
| (Empty) |
1 /* Private header file of libSSL. | |
2 * Various and sundry protocol constants. DON'T CHANGE THESE. These | |
3 * values are defined by the SSL 3.0 protocol specification. | |
4 * | |
5 * This Source Code Form is subject to the terms of the Mozilla Public | |
6 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
8 | |
9 #ifndef __ssl3proto_h_ | |
10 #define __ssl3proto_h_ | |
11 | |
12 typedef PRUint8 SSL3Opaque; | |
13 | |
14 typedef PRUint16 SSL3ProtocolVersion; | |
15 /* version numbers are defined in sslproto.h */ | |
16 | |
17 /* The TLS 1.3 draft version. Used to avoid negotiating | |
18 * between incompatible pre-standard TLS 1.3 drafts. | |
19 * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ | |
20 #define TLS_1_3_DRAFT_VERSION 11 | |
21 | |
22 typedef PRUint16 ssl3CipherSuite; | |
23 /* The cipher suites are defined in sslproto.h */ | |
24 | |
25 #define MAX_CERT_TYPES 10 | |
26 #define MAX_COMPRESSION_METHODS 10 | |
27 #define MAX_MAC_LENGTH 64 | |
28 #define MAX_PADDING_LENGTH 64 | |
29 #define MAX_KEY_LENGTH 64 | |
30 #define EXPORT_KEY_LENGTH 5 | |
31 #define SSL3_RANDOM_LENGTH 32 | |
32 | |
33 #define SSL3_RECORD_HEADER_LENGTH 5 | |
34 | |
35 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ | |
36 #define DTLS_RECORD_HEADER_LENGTH 13 | |
37 | |
38 #define MAX_FRAGMENT_LENGTH 16384 | |
39 | |
40 typedef enum { | |
41 content_change_cipher_spec = 20, | |
42 content_alert = 21, | |
43 content_handshake = 22, | |
44 content_application_data = 23 | |
45 } SSL3ContentType; | |
46 | |
47 typedef struct { | |
48 SSL3ContentType type; | |
49 SSL3ProtocolVersion version; | |
50 PRUint16 length; | |
51 SECItem fragment; | |
52 } SSL3Plaintext; | |
53 | |
54 typedef struct { | |
55 SSL3ContentType type; | |
56 SSL3ProtocolVersion version; | |
57 PRUint16 length; | |
58 SECItem fragment; | |
59 } SSL3Compressed; | |
60 | |
61 typedef struct { | |
62 SECItem content; | |
63 SSL3Opaque MAC[MAX_MAC_LENGTH]; | |
64 } SSL3GenericStreamCipher; | |
65 | |
66 typedef struct { | |
67 SECItem content; | |
68 SSL3Opaque MAC[MAX_MAC_LENGTH]; | |
69 PRUint8 padding[MAX_PADDING_LENGTH]; | |
70 PRUint8 padding_length; | |
71 } SSL3GenericBlockCipher; | |
72 | |
73 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; | |
74 | |
75 typedef struct { | |
76 SSL3ChangeCipherSpecChoice choice; | |
77 } SSL3ChangeCipherSpec; | |
78 | |
79 typedef enum { alert_warning = 1, | |
80 alert_fatal = 2 } SSL3AlertLevel; | |
81 | |
82 typedef enum { | |
83 close_notify = 0, | |
84 unexpected_message = 10, | |
85 bad_record_mac = 20, | |
86 decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ | |
87 record_overflow = 22, /* TLS only */ | |
88 decompression_failure = 30, | |
89 handshake_failure = 40, | |
90 no_certificate = 41, /* SSL3 only, NOT TLS */ | |
91 bad_certificate = 42, | |
92 unsupported_certificate = 43, | |
93 certificate_revoked = 44, | |
94 certificate_expired = 45, | |
95 certificate_unknown = 46, | |
96 illegal_parameter = 47, | |
97 | |
98 /* All alerts below are TLS only. */ | |
99 unknown_ca = 48, | |
100 access_denied = 49, | |
101 decode_error = 50, | |
102 decrypt_error = 51, | |
103 export_restriction = 60, | |
104 protocol_version = 70, | |
105 insufficient_security = 71, | |
106 internal_error = 80, | |
107 inappropriate_fallback = 86, /* could also be sent for SSLv3 */ | |
108 user_canceled = 90, | |
109 no_renegotiation = 100, | |
110 | |
111 /* Alerts for client hello extensions */ | |
112 missing_extension = 109, | |
113 unsupported_extension = 110, | |
114 certificate_unobtainable = 111, | |
115 unrecognized_name = 112, | |
116 bad_certificate_status_response = 113, | |
117 bad_certificate_hash_value = 114, | |
118 no_application_protocol = 120 | |
119 | |
120 } SSL3AlertDescription; | |
121 | |
122 typedef struct { | |
123 SSL3AlertLevel level; | |
124 SSL3AlertDescription description; | |
125 } SSL3Alert; | |
126 | |
127 typedef enum { | |
128 hello_request = 0, | |
129 client_hello = 1, | |
130 server_hello = 2, | |
131 hello_verify_request = 3, | |
132 new_session_ticket = 4, | |
133 hello_retry_request = 6, | |
134 encrypted_extensions = 8, | |
135 certificate = 11, | |
136 server_key_exchange = 12, | |
137 certificate_request = 13, | |
138 server_hello_done = 14, | |
139 certificate_verify = 15, | |
140 client_key_exchange = 16, | |
141 finished = 20, | |
142 certificate_status = 22, | |
143 next_proto = 67, | |
144 channelid_encrypted_extensions = 203 | |
145 } SSL3HandshakeType; | |
146 | |
147 typedef struct { | |
148 PRUint8 empty; | |
149 } SSL3HelloRequest; | |
150 | |
151 typedef struct { | |
152 SSL3Opaque rand[SSL3_RANDOM_LENGTH]; | |
153 } SSL3Random; | |
154 | |
155 typedef struct { | |
156 SSL3Opaque id[32]; | |
157 PRUint8 length; | |
158 } SSL3SessionID; | |
159 | |
160 typedef struct { | |
161 SSL3ProtocolVersion client_version; | |
162 SSL3Random random; | |
163 SSL3SessionID session_id; | |
164 SECItem cipher_suites; | |
165 PRUint8 cm_count; | |
166 SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; | |
167 } SSL3ClientHello; | |
168 | |
169 typedef struct { | |
170 SSL3ProtocolVersion server_version; | |
171 SSL3Random random; | |
172 SSL3SessionID session_id; | |
173 ssl3CipherSuite cipher_suite; | |
174 SSLCompressionMethod compression_method; | |
175 } SSL3ServerHello; | |
176 | |
177 typedef struct { | |
178 SECItem list; | |
179 } SSL3Certificate; | |
180 | |
181 /* SSL3SignType moved to ssl.h */ | |
182 | |
183 /* The SSL key exchange method used */ | |
184 typedef enum { | |
185 kea_null, | |
186 kea_rsa, | |
187 kea_rsa_export, | |
188 kea_rsa_export_1024, | |
189 kea_dh_dss, | |
190 kea_dh_dss_export, | |
191 kea_dh_rsa, | |
192 kea_dh_rsa_export, | |
193 kea_dhe_dss, | |
194 kea_dhe_dss_export, | |
195 kea_dhe_rsa, | |
196 kea_dhe_rsa_export, | |
197 kea_dh_anon, | |
198 kea_dh_anon_export, | |
199 kea_rsa_fips, | |
200 kea_ecdh_ecdsa, | |
201 kea_ecdhe_ecdsa, | |
202 kea_ecdh_rsa, | |
203 kea_ecdhe_rsa, | |
204 kea_ecdh_anon | |
205 } SSL3KeyExchangeAlgorithm; | |
206 | |
207 typedef struct { | |
208 SECItem modulus; | |
209 SECItem exponent; | |
210 } SSL3ServerRSAParams; | |
211 | |
212 typedef struct { | |
213 SECItem p; | |
214 SECItem g; | |
215 SECItem Ys; | |
216 } SSL3ServerDHParams; | |
217 | |
218 typedef struct { | |
219 union { | |
220 SSL3ServerDHParams dh; | |
221 SSL3ServerRSAParams rsa; | |
222 } u; | |
223 } SSL3ServerParams; | |
224 | |
225 /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS | |
226 * prior to 1.2. */ | |
227 typedef struct { | |
228 PRUint8 md5[16]; | |
229 PRUint8 sha[20]; | |
230 } SSL3HashesIndividually; | |
231 | |
232 /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw| | |
233 * which, if |hashAlg==ssl_hash_none| is also a SSL3HashesIndividually | |
234 * struct. */ | |
235 typedef struct { | |
236 unsigned int len; | |
237 SSLHashType hashAlg; | |
238 union { | |
239 PRUint8 raw[64]; | |
240 SSL3HashesIndividually s; | |
241 } u; | |
242 } SSL3Hashes; | |
243 | |
244 typedef struct { | |
245 union { | |
246 SSL3Opaque anonymous; | |
247 SSL3Hashes certified; | |
248 } u; | |
249 } SSL3ServerKeyExchange; | |
250 | |
251 typedef enum { | |
252 ct_RSA_sign = 1, | |
253 ct_DSS_sign = 2, | |
254 ct_RSA_fixed_DH = 3, | |
255 ct_DSS_fixed_DH = 4, | |
256 ct_RSA_ephemeral_DH = 5, | |
257 ct_DSS_ephemeral_DH = 6, | |
258 ct_ECDSA_sign = 64, | |
259 ct_RSA_fixed_ECDH = 65, | |
260 ct_ECDSA_fixed_ECDH = 66 | |
261 | |
262 } SSL3ClientCertificateType; | |
263 | |
264 typedef struct { | |
265 SSL3Opaque client_version[2]; | |
266 SSL3Opaque random[46]; | |
267 } SSL3RSAPreMasterSecret; | |
268 | |
269 typedef SSL3Opaque SSL3MasterSecret[48]; | |
270 | |
271 typedef enum { | |
272 sender_client = 0x434c4e54, | |
273 sender_server = 0x53525652 | |
274 } SSL3Sender; | |
275 | |
276 typedef SSL3HashesIndividually SSL3Finished; | |
277 | |
278 typedef struct { | |
279 SSL3Opaque verify_data[12]; | |
280 } TLSFinished; | |
281 | |
282 /* | |
283 * TLS extension related data structures and constants. | |
284 */ | |
285 | |
286 /* SessionTicket extension related data structures. */ | |
287 | |
288 /* NewSessionTicket handshake message. */ | |
289 typedef struct { | |
290 PRUint32 received_timestamp; | |
291 PRUint32 ticket_lifetime_hint; | |
292 SECItem ticket; | |
293 } NewSessionTicket; | |
294 | |
295 typedef enum { | |
296 CLIENT_AUTH_ANONYMOUS = 0, | |
297 CLIENT_AUTH_CERTIFICATE = 1 | |
298 } ClientAuthenticationType; | |
299 | |
300 typedef struct { | |
301 ClientAuthenticationType client_auth_type; | |
302 union { | |
303 SSL3Opaque *certificate_list; | |
304 } identity; | |
305 } ClientIdentity; | |
306 | |
307 #define SESS_TICKET_KEY_NAME_LEN 16 | |
308 #define SESS_TICKET_KEY_NAME_PREFIX "NSS!" | |
309 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4 | |
310 #define SESS_TICKET_KEY_VAR_NAME_LEN 12 | |
311 | |
312 typedef struct { | |
313 unsigned char *key_name; | |
314 unsigned char *iv; | |
315 SECItem encrypted_state; | |
316 unsigned char *mac; | |
317 } EncryptedSessionTicket; | |
318 | |
319 #define TLS_EX_SESS_TICKET_MAC_LENGTH 32 | |
320 | |
321 #define TLS_STE_NO_SERVER_NAME -1 | |
322 | |
323 #endif /* __ssl3proto_h_ */ | |
OLD | NEW |