| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Various and sundry protocol constants. DON'T CHANGE THESE. These values | |
| 3 * are mostly defined by the SSL2, SSL3, or TLS protocol specifications. | |
| 4 * Cipher kinds and ciphersuites are part of the public API. | |
| 5 * | |
| 6 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 7 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 9 | |
| 10 #ifndef __sslproto_h_ | |
| 11 #define __sslproto_h_ | |
| 12 | |
| 13 /* All versions less than 3_0 are treated as SSL version 2 */ | |
| 14 #define SSL_LIBRARY_VERSION_2 0x0002 | |
| 15 #define SSL_LIBRARY_VERSION_3_0 0x0300 | |
| 16 #define SSL_LIBRARY_VERSION_TLS_1_0 0x0301 | |
| 17 #define SSL_LIBRARY_VERSION_TLS_1_1 0x0302 | |
| 18 #define SSL_LIBRARY_VERSION_TLS_1_2 0x0303 | |
| 19 /* Note: this is the internal format, not the wire format */ | |
| 20 #define SSL_LIBRARY_VERSION_DTLS_1_0 0x0302 | |
| 21 | |
| 22 /* deprecated old name */ | |
| 23 #define SSL_LIBRARY_VERSION_3_1_TLS SSL_LIBRARY_VERSION_TLS_1_0 | |
| 24 | |
| 25 /* The DTLS version used in the spec */ | |
| 26 #define SSL_LIBRARY_VERSION_DTLS_1_0_WIRE ((~0x0100) & 0xffff) | |
| 27 | |
| 28 /* Header lengths of some of the messages */ | |
| 29 #define SSL_HL_ERROR_HBYTES 3 | |
| 30 #define SSL_HL_CLIENT_HELLO_HBYTES 9 | |
| 31 #define SSL_HL_CLIENT_MASTER_KEY_HBYTES 10 | |
| 32 #define SSL_HL_CLIENT_FINISHED_HBYTES 1 | |
| 33 #define SSL_HL_SERVER_HELLO_HBYTES 11 | |
| 34 #define SSL_HL_SERVER_VERIFY_HBYTES 1 | |
| 35 #define SSL_HL_SERVER_FINISHED_HBYTES 1 | |
| 36 #define SSL_HL_REQUEST_CERTIFICATE_HBYTES 2 | |
| 37 #define SSL_HL_CLIENT_CERTIFICATE_HBYTES 6 | |
| 38 | |
| 39 /* Security handshake protocol codes */ | |
| 40 #define SSL_MT_ERROR 0 | |
| 41 #define SSL_MT_CLIENT_HELLO 1 | |
| 42 #define SSL_MT_CLIENT_MASTER_KEY 2 | |
| 43 #define SSL_MT_CLIENT_FINISHED 3 | |
| 44 #define SSL_MT_SERVER_HELLO 4 | |
| 45 #define SSL_MT_SERVER_VERIFY 5 | |
| 46 #define SSL_MT_SERVER_FINISHED 6 | |
| 47 #define SSL_MT_REQUEST_CERTIFICATE 7 | |
| 48 #define SSL_MT_CLIENT_CERTIFICATE 8 | |
| 49 | |
| 50 /* Certificate types */ | |
| 51 #define SSL_CT_X509_CERTIFICATE 0x01 | |
| 52 #if 0 /* XXX Not implemented yet */ | |
| 53 #define SSL_PKCS6_CERTIFICATE 0x02 | |
| 54 #endif | |
| 55 #define SSL_AT_MD5_WITH_RSA_ENCRYPTION 0x01 | |
| 56 | |
| 57 /* Error codes */ | |
| 58 #define SSL_PE_NO_CYPHERS 0x0001 | |
| 59 #define SSL_PE_NO_CERTIFICATE 0x0002 | |
| 60 #define SSL_PE_BAD_CERTIFICATE 0x0004 | |
| 61 #define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 | |
| 62 | |
| 63 /* Cypher kinds (not the spec version!) */ | |
| 64 #define SSL_CK_RC4_128_WITH_MD5 0x01 | |
| 65 #define SSL_CK_RC4_128_EXPORT40_WITH_MD5 0x02 | |
| 66 #define SSL_CK_RC2_128_CBC_WITH_MD5 0x03 | |
| 67 #define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x04 | |
| 68 #define SSL_CK_IDEA_128_CBC_WITH_MD5 0x05 | |
| 69 #define SSL_CK_DES_64_CBC_WITH_MD5 0x06 | |
| 70 #define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 0x07 | |
| 71 | |
| 72 /* Cipher enables. These are used only for SSL_EnableCipher | |
| 73 * These values define the SSL2 suites, and do not colide with the | |
| 74 * SSL3 Cipher suites defined below. | |
| 75 */ | |
| 76 #define SSL_EN_RC4_128_WITH_MD5 0xFF01 | |
| 77 #define SSL_EN_RC4_128_EXPORT40_WITH_MD5 0xFF02 | |
| 78 #define SSL_EN_RC2_128_CBC_WITH_MD5 0xFF03 | |
| 79 #define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 0xFF04 | |
| 80 #define SSL_EN_IDEA_128_CBC_WITH_MD5 0xFF05 | |
| 81 #define SSL_EN_DES_64_CBC_WITH_MD5 0xFF06 | |
| 82 #define SSL_EN_DES_192_EDE3_CBC_WITH_MD5 0xFF07 | |
| 83 | |
| 84 /* SSL v3 Cipher Suites */ | |
| 85 #define SSL_NULL_WITH_NULL_NULL 0x0000 | |
| 86 | |
| 87 #define SSL_RSA_WITH_NULL_MD5 0x0001 | |
| 88 #define SSL_RSA_WITH_NULL_SHA 0x0002 | |
| 89 #define SSL_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 | |
| 90 #define SSL_RSA_WITH_RC4_128_MD5 0x0004 | |
| 91 #define SSL_RSA_WITH_RC4_128_SHA 0x0005 | |
| 92 #define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 | |
| 93 #define SSL_RSA_WITH_IDEA_CBC_SHA 0x0007 | |
| 94 #define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 | |
| 95 #define SSL_RSA_WITH_DES_CBC_SHA 0x0009 | |
| 96 #define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000a | |
| 97 | |
| 98 #define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000b | |
| 99 #define SSL_DH_DSS_WITH_DES_CBC_SHA 0x000c | |
| 100 #define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000d | |
| 101 #define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000e | |
| 102 #define SSL_DH_RSA_WITH_DES_CBC_SHA 0x000f | |
| 103 #define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 | |
| 104 | |
| 105 #define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 | |
| 106 #define SSL_DHE_DSS_WITH_DES_CBC_SHA 0x0012 | |
| 107 #define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 | |
| 108 #define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 | |
| 109 #define SSL_DHE_RSA_WITH_DES_CBC_SHA 0x0015 | |
| 110 #define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 | |
| 111 | |
| 112 #define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5 0x0017 | |
| 113 #define SSL_DH_ANON_WITH_RC4_128_MD5 0x0018 | |
| 114 #define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019 | |
| 115 #define SSL_DH_ANON_WITH_DES_CBC_SHA 0x001a | |
| 116 #define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA 0x001b | |
| 117 | |
| 118 #define SSL_FORTEZZA_DMS_WITH_NULL_SHA 0x001c /* deprecated */ | |
| 119 #define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA 0x001d /* deprecated */ | |
| 120 #define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA 0x001e /* deprecated */ | |
| 121 | |
| 122 /* New TLS cipher suites */ | |
| 123 #define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F | |
| 124 #define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 | |
| 125 #define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 | |
| 126 #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 | |
| 127 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 | |
| 128 #define TLS_DH_ANON_WITH_AES_128_CBC_SHA 0x0034 | |
| 129 | |
| 130 #define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 | |
| 131 #define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 | |
| 132 #define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 | |
| 133 #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 | |
| 134 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 | |
| 135 #define TLS_DH_ANON_WITH_AES_256_CBC_SHA 0x003A | |
| 136 #define TLS_RSA_WITH_NULL_SHA256 0x003B | |
| 137 #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C | |
| 138 #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D | |
| 139 | |
| 140 #define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041 | |
| 141 #define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042 | |
| 142 #define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043 | |
| 143 #define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0044 | |
| 144 #define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0045 | |
| 145 #define TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA 0x0046 | |
| 146 | |
| 147 #define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x0062 | |
| 148 #define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 0x0064 | |
| 149 | |
| 150 #define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063 | |
| 151 #define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065 | |
| 152 #define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066 | |
| 153 #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 | |
| 154 #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B | |
| 155 | |
| 156 #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084 | |
| 157 #define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0085 | |
| 158 #define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0086 | |
| 159 #define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0087 | |
| 160 #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0088 | |
| 161 #define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA 0x0089 | |
| 162 | |
| 163 #define TLS_RSA_WITH_SEED_CBC_SHA 0x0096 | |
| 164 | |
| 165 #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C | |
| 166 #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E | |
| 167 #define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2 | |
| 168 | |
| 169 /* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client. | |
| 170 * Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending | |
| 171 * back an empty Renegotiation Info (RI) server hello extension. | |
| 172 */ | |
| 173 #define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF | |
| 174 | |
| 175 /* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a | |
| 176 * handshake is the result of TLS version fallback. This value is not IANA | |
| 177 * assigned. */ | |
| 178 #define TLS_FALLBACK_SCSV 0x5600 | |
| 179 | |
| 180 /* Cipher Suite Values starting with 0xC000 are defined in informational | |
| 181 * RFCs. | |
| 182 */ | |
| 183 #define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 | |
| 184 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 | |
| 185 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 | |
| 186 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 | |
| 187 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 | |
| 188 | |
| 189 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 | |
| 190 #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 | |
| 191 #define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 | |
| 192 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 | |
| 193 #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A | |
| 194 | |
| 195 #define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B | |
| 196 #define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C | |
| 197 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D | |
| 198 #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E | |
| 199 #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F | |
| 200 | |
| 201 #define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 | |
| 202 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 | |
| 203 #define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 | |
| 204 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 | |
| 205 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 | |
| 206 | |
| 207 #define TLS_ECDH_anon_WITH_NULL_SHA 0xC015 | |
| 208 #define TLS_ECDH_anon_WITH_RC4_128_SHA 0xC016 | |
| 209 #define TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 0xC017 | |
| 210 #define TLS_ECDH_anon_WITH_AES_128_CBC_SHA 0xC018 | |
| 211 #define TLS_ECDH_anon_WITH_AES_256_CBC_SHA 0xC019 | |
| 212 | |
| 213 #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 | |
| 214 #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 | |
| 215 | |
| 216 #define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B | |
| 217 #define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D | |
| 218 #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F | |
| 219 #define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 | |
| 220 | |
| 221 #define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 0xCC13 | |
| 222 #define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0xCC14 | |
| 223 | |
| 224 /* Netscape "experimental" cipher suites. */ | |
| 225 #define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0 | |
| 226 #define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1 | |
| 227 | |
| 228 /* New non-experimental openly spec'ed versions of those cipher suites. */ | |
| 229 #define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff | |
| 230 #define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe | |
| 231 | |
| 232 /* DTLS-SRTP cipher suites from RFC 5764 */ | |
| 233 /* If you modify this, also modify MAX_DTLS_SRTP_CIPHER_SUITES in sslimpl.h */ | |
| 234 #define SRTP_AES128_CM_HMAC_SHA1_80 0x0001 | |
| 235 #define SRTP_AES128_CM_HMAC_SHA1_32 0x0002 | |
| 236 #define SRTP_NULL_HMAC_SHA1_80 0x0005 | |
| 237 #define SRTP_NULL_HMAC_SHA1_32 0x0006 | |
| 238 | |
| 239 #endif /* __sslproto_h_ */ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master