search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "Merged all Chromoting Host code into remoting_core.dll (Windows)."
[chromium-blink-merge.git] / net / third_party / nss / ssl / ssl3prot.h
blobf6e733ab1e5ff61dfd94e82f191fe800141f5747
1 /* Private header file of libSSL.
2 * Various and sundry protocol constants. DON'T CHANGE THESE. These
3 * values are defined by the SSL 3.0 protocol specification.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 /* $Id: ssl3prot.h,v 1.22 2012/04/25 14:50:12 gerv%gerv.net Exp $ */
9
10 #ifndef __ssl3proto_h_
11 #define __ssl3proto_h_
12
13 typedef uint8 SSL3Opaque;
14
15 typedef uint16 SSL3ProtocolVersion;
16 /* version numbers are defined in sslproto.h */
17
18 typedef uint16 ssl3CipherSuite;
19 /* The cipher suites are defined in sslproto.h */
20
21 #define MAX_CERT_TYPES 10
22 #define MAX_COMPRESSION_METHODS 10
23 #define MAX_MAC_LENGTH 64
24 #define MAX_PADDING_LENGTH 64
25 #define MAX_KEY_LENGTH 64
26 #define EXPORT_KEY_LENGTH 5
27 #define SSL3_RANDOM_LENGTH 32
28
29 #define SSL3_RECORD_HEADER_LENGTH 5
30
31 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */
32 #define DTLS_RECORD_HEADER_LENGTH 13
33
34 #define MAX_FRAGMENT_LENGTH 16384
35
36 typedef enum {
37 content_change_cipher_spec = 20,
38 content_alert = 21,
39 content_handshake = 22,
40 content_application_data = 23
41 } SSL3ContentType;
42
43 typedef struct {
44 SSL3ContentType type;
45 SSL3ProtocolVersion version;
46 uint16 length;
47 SECItem fragment;
48 } SSL3Plaintext;
49
50 typedef struct {
51 SSL3ContentType type;
52 SSL3ProtocolVersion version;
53 uint16 length;
54 SECItem fragment;
55 } SSL3Compressed;
56
57 typedef struct {
58 SECItem content;
59 SSL3Opaque MAC[MAX_MAC_LENGTH];
60 } SSL3GenericStreamCipher;
61
62 typedef struct {
63 SECItem content;
64 SSL3Opaque MAC[MAX_MAC_LENGTH];
65 uint8 padding[MAX_PADDING_LENGTH];
66 uint8 padding_length;
67 } SSL3GenericBlockCipher;
68
69 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
70
71 typedef struct {
72 SSL3ChangeCipherSpecChoice choice;
73 } SSL3ChangeCipherSpec;
74
75 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
76
77 typedef enum {
78 close_notify = 0,
79 unexpected_message = 10,
80 bad_record_mac = 20,
81 decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */
82 record_overflow = 22, /* TLS only */
83 decompression_failure = 30,
84 handshake_failure = 40,
85 no_certificate = 41, /* SSL3 only, NOT TLS */
86 bad_certificate = 42,
87 unsupported_certificate = 43,
88 certificate_revoked = 44,
89 certificate_expired = 45,
90 certificate_unknown = 46,
91 illegal_parameter = 47,
92
93 /* All alerts below are TLS only. */
94 unknown_ca = 48,
95 access_denied = 49,
96 decode_error = 50,
97 decrypt_error = 51,
98 export_restriction = 60,
99 protocol_version = 70,
100 insufficient_security = 71,
101 internal_error = 80,
102 user_canceled = 90,
103 no_renegotiation = 100,
104
105 /* Alerts for client hello extensions */
106 unsupported_extension = 110,
107 certificate_unobtainable = 111,
108 unrecognized_name = 112,
109 bad_certificate_status_response = 113,
110 bad_certificate_hash_value = 114
111
112 } SSL3AlertDescription;
113
114 typedef struct {
115 SSL3AlertLevel level;
116 SSL3AlertDescription description;
117 } SSL3Alert;
118
119 typedef enum {
120 hello_request = 0,
121 client_hello = 1,
122 server_hello = 2,
123 hello_verify_request = 3,
124 new_session_ticket = 4,
125 certificate = 11,
126 server_key_exchange = 12,
127 certificate_request = 13,
128 server_hello_done = 14,
129 certificate_verify = 15,
130 client_key_exchange = 16,
131 finished = 20,
132 certificate_status = 22,
133 next_proto = 67,
134 encrypted_extensions= 203
135 } SSL3HandshakeType;
136
137 typedef struct {
138 uint8 empty;
139 } SSL3HelloRequest;
140
141 typedef struct {
142 SSL3Opaque rand[SSL3_RANDOM_LENGTH];
143 } SSL3Random;
144
145 typedef struct {
146 SSL3Opaque id[32];
147 uint8 length;
148 } SSL3SessionID;
149
150 typedef struct {
151 SSL3ProtocolVersion client_version;
152 SSL3Random random;
153 SSL3SessionID session_id;
154 SECItem cipher_suites;
155 uint8 cm_count;
156 SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
157 } SSL3ClientHello;
158
159 typedef struct {
160 SSL3ProtocolVersion server_version;
161 SSL3Random random;
162 SSL3SessionID session_id;
163 ssl3CipherSuite cipher_suite;
164 SSLCompressionMethod compression_method;
165 } SSL3ServerHello;
166
167 typedef struct {
168 SECItem list;
169 } SSL3Certificate;
170
171 /* SSL3SignType moved to ssl.h */
172
173 /* The SSL key exchange method used */
174 typedef enum {
175 kea_null,
176 kea_rsa,
177 kea_rsa_export,
178 kea_rsa_export_1024,
179 kea_dh_dss,
180 kea_dh_dss_export,
181 kea_dh_rsa,
182 kea_dh_rsa_export,
183 kea_dhe_dss,
184 kea_dhe_dss_export,
185 kea_dhe_rsa,
186 kea_dhe_rsa_export,
187 kea_dh_anon,
188 kea_dh_anon_export,
189 kea_rsa_fips,
190 kea_ecdh_ecdsa,
191 kea_ecdhe_ecdsa,
192 kea_ecdh_rsa,
193 kea_ecdhe_rsa,
194 kea_ecdh_anon
195 } SSL3KeyExchangeAlgorithm;
196
197 typedef struct {
198 SECItem modulus;
199 SECItem exponent;
200 } SSL3ServerRSAParams;
201
202 typedef struct {
203 SECItem p;
204 SECItem g;
205 SECItem Ys;
206 } SSL3ServerDHParams;
207
208 typedef struct {
209 union {
210 SSL3ServerDHParams dh;
211 SSL3ServerRSAParams rsa;
212 } u;
213 } SSL3ServerParams;
214
215 typedef struct {
216 uint8 md5[16];
217 uint8 sha[20];
218 } SSL3Hashes;
219
220 typedef struct {
221 union {
222 SSL3Opaque anonymous;
223 SSL3Hashes certified;
224 } u;
225 } SSL3ServerKeyExchange;
226
227 typedef enum {
228 ct_RSA_sign = 1,
229 ct_DSS_sign = 2,
230 ct_RSA_fixed_DH = 3,
231 ct_DSS_fixed_DH = 4,
232 ct_RSA_ephemeral_DH = 5,
233 ct_DSS_ephemeral_DH = 6,
234 ct_ECDSA_sign = 64,
235 ct_RSA_fixed_ECDH = 65,
236 ct_ECDSA_fixed_ECDH = 66
237
238 } SSL3ClientCertificateType;
239
240 typedef SECItem *SSL3DistinquishedName;
241
242 typedef struct {
243 SSL3Opaque client_version[2];
244 SSL3Opaque random[46];
245 } SSL3RSAPreMasterSecret;
246
247 typedef SECItem SSL3EncryptedPreMasterSecret;
248
249
250 typedef SSL3Opaque SSL3MasterSecret[48];
251
252 typedef enum { implicit, explicit } SSL3PublicValueEncoding;
253
254 typedef struct {
255 union {
256 SSL3Opaque implicit;
257 SECItem explicit;
258 } dh_public;
259 } SSL3ClientDiffieHellmanPublic;
260
261 typedef struct {
262 union {
263 SSL3EncryptedPreMasterSecret rsa;
264 SSL3ClientDiffieHellmanPublic diffie_helman;
265 } exchange_keys;
266 } SSL3ClientKeyExchange;
267
268 typedef SSL3Hashes SSL3PreSignedCertificateVerify;
269
270 typedef SECItem SSL3CertificateVerify;
271
272 typedef enum {
273 sender_client = 0x434c4e54,
274 sender_server = 0x53525652
275 } SSL3Sender;
276
277 typedef SSL3Hashes SSL3Finished;
278
279 typedef struct {
280 SSL3Opaque verify_data[12];
281 } TLSFinished;
282
283 /*
284 * TLS extension related data structures and constants.
285 */
286
287 /* SessionTicket extension related data structures. */
288
289 /* NewSessionTicket handshake message. */
290 typedef struct {
291 uint32 received_timestamp;
292 uint32 ticket_lifetime_hint;
293 SECItem ticket;
294 } NewSessionTicket;
295
296 typedef enum {
297 CLIENT_AUTH_ANONYMOUS = 0,
298 CLIENT_AUTH_CERTIFICATE = 1
299 } ClientAuthenticationType;
300
301 typedef struct {
302 ClientAuthenticationType client_auth_type;
303 union {
304 SSL3Opaque *certificate_list;
305 } identity;
306 } ClientIdentity;
307
308 #define SESS_TICKET_KEY_NAME_LEN 16
309 #define SESS_TICKET_KEY_NAME_PREFIX "NSS!"
310 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
311 #define SESS_TICKET_KEY_VAR_NAME_LEN 12
312
313 typedef struct {
314 unsigned char *key_name;
315 unsigned char *iv;
316 SECItem encrypted_state;
317 unsigned char *mac;
318 } EncryptedSessionTicket;
319
320 #define TLS_EX_SESS_TICKET_MAC_LENGTH 32
321
322 #define TLS_STE_NO_SERVER_NAME -1
323
324 #endif /* __ssl3proto_h_ */