| OLD | NEW |
|---|
| (Empty) |
| 1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | |
| 2 /* | |
| 3 * This file contains prototypes for the public SSL functions. | |
| 4 * | |
| 5 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 6 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 8 | |
| 9 #ifndef __sslt_h_ | |
| 10 #define __sslt_h_ | |
| 11 | |
| 12 #include "prtypes.h" | |
| 13 | |
| 14 typedef struct SSL3StatisticsStr { | |
| 15 /* statistics from ssl3_SendClientHello (sch) */ | |
| 16 long sch_sid_cache_hits; | |
| 17 long sch_sid_cache_misses; | |
| 18 long sch_sid_cache_not_ok; | |
| 19 | |
| 20 /* statistics from ssl3_HandleServerHello (hsh) */ | |
| 21 long hsh_sid_cache_hits; | |
| 22 long hsh_sid_cache_misses; | |
| 23 long hsh_sid_cache_not_ok; | |
| 24 | |
| 25 /* statistics from ssl3_HandleClientHello (hch) */ | |
| 26 long hch_sid_cache_hits; | |
| 27 long hch_sid_cache_misses; | |
| 28 long hch_sid_cache_not_ok; | |
| 29 | |
| 30 /* statistics related to stateless resume */ | |
| 31 long sch_sid_stateless_resumes; | |
| 32 long hsh_sid_stateless_resumes; | |
| 33 long hch_sid_stateless_resumes; | |
| 34 long hch_sid_ticket_parse_failures; | |
| 35 } SSL3Statistics; | |
| 36 | |
| 37 /* Key Exchange algorithm values */ | |
| 38 typedef enum { | |
| 39 ssl_kea_null = 0, | |
| 40 ssl_kea_rsa = 1, | |
| 41 ssl_kea_dh = 2, | |
| 42 ssl_kea_fortezza = 3, /* deprecated, now unused */ | |
| 43 ssl_kea_ecdh = 4, | |
| 44 ssl_kea_size /* number of ssl_kea_ algorithms */ | |
| 45 } SSLKEAType; | |
| 46 | |
| 47 /* The following defines are for backwards compatibility. | |
| 48 ** They will be removed in a forthcoming release to reduce namespace pollution. | |
| 49 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols | |
| 50 ** soon. | |
| 51 */ | |
| 52 #define kt_null ssl_kea_null | |
| 53 #define kt_rsa ssl_kea_rsa | |
| 54 #define kt_dh ssl_kea_dh | |
| 55 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ | |
| 56 #define kt_ecdh ssl_kea_ecdh | |
| 57 #define kt_kea_size ssl_kea_size | |
| 58 | |
| 59 /* Values of this enum match the SignatureAlgorithm enum from | |
| 60 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ | |
| 61 typedef enum { | |
| 62 ssl_sign_null = 0, /* "anonymous" in TLS */ | |
| 63 ssl_sign_rsa = 1, | |
| 64 ssl_sign_dsa = 2, | |
| 65 ssl_sign_ecdsa = 3 | |
| 66 } SSLSignType; | |
| 67 | |
| 68 /* Values of this enum match the HashAlgorithm enum from | |
| 69 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ | |
| 70 typedef enum { | |
| 71 /* ssl_hash_none is used internally to mean the pre-1.2 combination of MD5 | |
| 72 * and SHA1. The other values are only used in TLS 1.2. */ | |
| 73 ssl_hash_none = 0, | |
| 74 ssl_hash_md5 = 1, | |
| 75 ssl_hash_sha1 = 2, | |
| 76 ssl_hash_sha224 = 3, | |
| 77 ssl_hash_sha256 = 4, | |
| 78 ssl_hash_sha384 = 5, | |
| 79 ssl_hash_sha512 = 6 | |
| 80 } SSLHashType; | |
| 81 | |
| 82 typedef struct SSLSignatureAndHashAlgStr { | |
| 83 SSLHashType hashAlg; | |
| 84 SSLSignType sigAlg; | |
| 85 } SSLSignatureAndHashAlg; | |
| 86 | |
| 87 typedef enum { | |
| 88 ssl_auth_null = 0, | |
| 89 ssl_auth_rsa = 1, | |
| 90 ssl_auth_dsa = 2, | |
| 91 ssl_auth_kea = 3, | |
| 92 ssl_auth_ecdsa = 4 | |
| 93 } SSLAuthType; | |
| 94 | |
| 95 typedef enum { | |
| 96 ssl_calg_null = 0, | |
| 97 ssl_calg_rc4 = 1, | |
| 98 ssl_calg_rc2 = 2, | |
| 99 ssl_calg_des = 3, | |
| 100 ssl_calg_3des = 4, | |
| 101 ssl_calg_idea = 5, | |
| 102 ssl_calg_fortezza = 6, /* deprecated, now unused */ | |
| 103 ssl_calg_aes = 7, | |
| 104 ssl_calg_camellia = 8, | |
| 105 ssl_calg_seed = 9, | |
| 106 ssl_calg_aes_gcm = 10, | |
| 107 ssl_calg_chacha20 = 11 | |
| 108 } SSLCipherAlgorithm; | |
| 109 | |
| 110 typedef enum { | |
| 111 ssl_mac_null = 0, | |
| 112 ssl_mac_md5 = 1, | |
| 113 ssl_mac_sha = 2, | |
| 114 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ | |
| 115 ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */ | |
| 116 ssl_hmac_sha256 = 5, | |
| 117 ssl_mac_aead = 6 | |
| 118 } SSLMACAlgorithm; | |
| 119 | |
| 120 typedef enum { | |
| 121 ssl_compression_null = 0, | |
| 122 ssl_compression_deflate = 1 /* RFC 3749 */ | |
| 123 } SSLCompressionMethod; | |
| 124 | |
| 125 typedef struct SSLChannelInfoStr { | |
| 126 /* |length| is obsolete. On return, SSL_GetChannelInfo sets |length| to the | |
| 127 * smaller of the |len| argument and the length of the struct. The caller | |
| 128 * may ignore |length|. */ | |
| 129 PRUint32 length; | |
| 130 PRUint16 protocolVersion; | |
| 131 PRUint16 cipherSuite; | |
| 132 | |
| 133 /* server authentication info */ | |
| 134 PRUint32 authKeyBits; | |
| 135 | |
| 136 /* key exchange algorithm info */ | |
| 137 PRUint32 keaKeyBits; | |
| 138 | |
| 139 /* session info */ | |
| 140 PRUint32 creationTime; /* seconds since Jan 1, 1970 */ | |
| 141 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ | |
| 142 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ | |
| 143 PRUint32 sessionIDLength; /* up to 32 */ | |
| 144 PRUint8 sessionID[32]; | |
| 145 | |
| 146 /* The following fields are added in NSS 3.12.5. */ | |
| 147 | |
| 148 /* compression method info */ | |
| 149 const char* compressionMethodName; | |
| 150 SSLCompressionMethod compressionMethod; | |
| 151 | |
| 152 /* The following fields are added in NSS 3.21. | |
| 153 * This field only has meaning in TLS < 1.3 and will be set to | |
| 154 * PR_FALSE in TLS 1.3. | |
| 155 */ | |
| 156 PRBool extendedMasterSecretUsed; | |
| 157 } SSLChannelInfo; | |
| 158 | |
| 159 /* Preliminary channel info */ | |
| 160 #define ssl_preinfo_version (1U << 0) | |
| 161 #define ssl_preinfo_cipher_suite (1U << 1) | |
| 162 #define ssl_preinfo_all (ssl_preinfo_version | ssl_preinfo_cipher_suite) | |
| 163 | |
| 164 typedef struct SSLPreliminaryChannelInfoStr { | |
| 165 /* |length| is obsolete. On return, SSL_GetPreliminaryChannelInfo sets | |
| 166 * |length| to the smaller of the |len| argument and the length of the | |
| 167 * struct. The caller may ignore |length|. */ | |
| 168 PRUint32 length; | |
| 169 /* A bitfield over SSLPreliminaryValueSet that describes which | |
| 170 * preliminary values are set (see ssl_preinfo_*). */ | |
| 171 PRUint32 valuesSet; | |
| 172 /* Protocol version: test (valuesSet & ssl_preinfo_version) */ | |
| 173 PRUint16 protocolVersion; | |
| 174 /* Cipher suite: test (valuesSet & ssl_preinfo_cipher_suite) */ | |
| 175 PRUint16 cipherSuite; | |
| 176 } SSLPreliminaryChannelInfo; | |
| 177 | |
| 178 typedef struct SSLCipherSuiteInfoStr { | |
| 179 /* |length| is obsolete. On return, SSL_GetCipherSuitelInfo sets |length| | |
| 180 * to the smaller of the |len| argument and the length of the struct. The | |
| 181 * caller may ignore |length|. */ | |
| 182 PRUint16 length; | |
| 183 PRUint16 cipherSuite; | |
| 184 | |
| 185 /* Cipher Suite Name */ | |
| 186 const char* cipherSuiteName; | |
| 187 | |
| 188 /* server authentication info */ | |
| 189 const char* authAlgorithmName; | |
| 190 SSLAuthType authAlgorithm; | |
| 191 | |
| 192 /* key exchange algorithm info */ | |
| 193 const char* keaTypeName; | |
| 194 SSLKEAType keaType; | |
| 195 | |
| 196 /* symmetric encryption info */ | |
| 197 const char* symCipherName; | |
| 198 SSLCipherAlgorithm symCipher; | |
| 199 PRUint16 symKeyBits; | |
| 200 PRUint16 symKeySpace; | |
| 201 PRUint16 effectiveKeyBits; | |
| 202 | |
| 203 /* MAC info */ | |
| 204 /* AEAD ciphers don't have a MAC. For an AEAD cipher, macAlgorithmName | |
| 205 * is "AEAD", macAlgorithm is ssl_mac_aead, and macBits is the length in | |
| 206 * bits of the authentication tag. */ | |
| 207 const char* macAlgorithmName; | |
| 208 SSLMACAlgorithm macAlgorithm; | |
| 209 PRUint16 macBits; | |
| 210 | |
| 211 PRUintn isFIPS : 1; | |
| 212 PRUintn isExportable : 1; | |
| 213 PRUintn nonStandard : 1; | |
| 214 PRUintn reservedBits : 29; | |
| 215 | |
| 216 } SSLCipherSuiteInfo; | |
| 217 | |
| 218 typedef enum { | |
| 219 ssl_variant_stream = 0, | |
| 220 ssl_variant_datagram = 1 | |
| 221 } SSLProtocolVariant; | |
| 222 | |
| 223 typedef struct SSLVersionRangeStr { | |
| 224 PRUint16 min; | |
| 225 PRUint16 max; | |
| 226 } SSLVersionRange; | |
| 227 | |
| 228 typedef enum { | |
| 229 SSL_sni_host_name = 0, | |
| 230 SSL_sni_type_total | |
| 231 } SSLSniNameType; | |
| 232 | |
| 233 /* Supported extensions. */ | |
| 234 /* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */ | |
| 235 typedef enum { | |
| 236 ssl_server_name_xtn = 0, | |
| 237 ssl_cert_status_xtn = 5, | |
| 238 #ifndef NSS_DISABLE_ECC | |
| 239 ssl_elliptic_curves_xtn = 10, | |
| 240 ssl_ec_point_formats_xtn = 11, | |
| 241 #endif | |
| 242 ssl_signature_algorithms_xtn = 13, | |
| 243 ssl_use_srtp_xtn = 14, | |
| 244 ssl_app_layer_protocol_xtn = 16, | |
| 245 /* signed_certificate_timestamp extension, RFC 6962 */ | |
| 246 ssl_signed_cert_timestamp_xtn = 18, | |
| 247 ssl_padding_xtn = 21, | |
| 248 ssl_extended_master_secret_xtn = 23, | |
| 249 ssl_session_ticket_xtn = 35, | |
| 250 ssl_tls13_key_share_xtn = 40, /* unofficial TODO(ekr) */ | |
| 251 ssl_next_proto_nego_xtn = 13172, | |
| 252 ssl_channel_id_xtn = 30032, | |
| 253 ssl_renegotiation_info_xtn = 0xff01, | |
| 254 ssl_tls13_draft_version_xtn = 0xff02 /* experimental number */ | |
| 255 } SSLExtensionType; | |
| 256 | |
| 257 #define SSL_MAX_EXTENSIONS 15 /* doesn't include ssl_padding_xtn. */ | |
| 258 | |
| 259 typedef enum { | |
| 260 ssl_dhe_group_none = 0, | |
| 261 ssl_ff_dhe_2048_group = 1, | |
| 262 ssl_ff_dhe_3072_group = 2, | |
| 263 ssl_ff_dhe_4096_group = 3, | |
| 264 ssl_ff_dhe_6144_group = 4, | |
| 265 ssl_ff_dhe_8192_group = 5, | |
| 266 ssl_dhe_group_max | |
| 267 } SSLDHEGroupType; | |
| 268 | |
| 269 #endif /* __sslt_h_ */ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1882433002:
Removing NSS files and USE_OPENSSL flag (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master