search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / net / third_party / nss / ssl / ssl3prot.h
blob78fbcaa02db214298d9e37ceb54b8788d270948b
1 /* Private header file of libSSL.
2 * Various and sundry protocol constants. DON'T CHANGE THESE. These
3 * values are defined by the SSL 3.0 protocol specification.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8
9 #ifndef __ssl3proto_h_
10 #define __ssl3proto_h_
11
12 typedef PRUint8 SSL3Opaque;
13
14 typedef PRUint16 SSL3ProtocolVersion;
15 /* version numbers are defined in sslproto.h */
16
17 /* The TLS 1.3 draft version. Used to avoid negotiating
18 * between incompatible pre-standard TLS 1.3 drafts.
19 * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
20 #define TLS_1_3_DRAFT_VERSION 3
21
22 typedef PRUint16 ssl3CipherSuite;
23 /* The cipher suites are defined in sslproto.h */
24
25 #define MAX_CERT_TYPES 10
26 #define MAX_COMPRESSION_METHODS 10
27 #define MAX_MAC_LENGTH 64
28 #define MAX_PADDING_LENGTH 64
29 #define MAX_KEY_LENGTH 64
30 #define EXPORT_KEY_LENGTH 5
31 #define SSL3_RANDOM_LENGTH 32
32
33 #define SSL3_RECORD_HEADER_LENGTH 5
34
35 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */
36 #define DTLS_RECORD_HEADER_LENGTH 13
37
38 #define MAX_FRAGMENT_LENGTH 16384
39
40 typedef enum {
41 content_change_cipher_spec = 20,
42 content_alert = 21,
43 content_handshake = 22,
44 content_application_data = 23
45 } SSL3ContentType;
46
47 typedef struct {
48 SSL3ContentType type;
49 SSL3ProtocolVersion version;
50 PRUint16 length;
51 SECItem fragment;
52 } SSL3Plaintext;
53
54 typedef struct {
55 SSL3ContentType type;
56 SSL3ProtocolVersion version;
57 PRUint16 length;
58 SECItem fragment;
59 } SSL3Compressed;
60
61 typedef struct {
62 SECItem content;
63 SSL3Opaque MAC[MAX_MAC_LENGTH];
64 } SSL3GenericStreamCipher;
65
66 typedef struct {
67 SECItem content;
68 SSL3Opaque MAC[MAX_MAC_LENGTH];
69 PRUint8 padding[MAX_PADDING_LENGTH];
70 PRUint8 padding_length;
71 } SSL3GenericBlockCipher;
72
73 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
74
75 typedef struct {
76 SSL3ChangeCipherSpecChoice choice;
77 } SSL3ChangeCipherSpec;
78
79 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
80
81 typedef enum {
82 close_notify = 0,
83 unexpected_message = 10,
84 bad_record_mac = 20,
85 decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */
86 record_overflow = 22, /* TLS only */
87 decompression_failure = 30,
88 handshake_failure = 40,
89 no_certificate = 41, /* SSL3 only, NOT TLS */
90 bad_certificate = 42,
91 unsupported_certificate = 43,
92 certificate_revoked = 44,
93 certificate_expired = 45,
94 certificate_unknown = 46,
95 illegal_parameter = 47,
96
97 /* All alerts below are TLS only. */
98 unknown_ca = 48,
99 access_denied = 49,
100 decode_error = 50,
101 decrypt_error = 51,
102 export_restriction = 60,
103 protocol_version = 70,
104 insufficient_security = 71,
105 internal_error = 80,
106 inappropriate_fallback = 86, /* could also be sent for SSLv3 */
107 user_canceled = 90,
108 no_renegotiation = 100,
109
110 /* Alerts for client hello extensions */
111 unsupported_extension = 110,
112 certificate_unobtainable = 111,
113 unrecognized_name = 112,
114 bad_certificate_status_response = 113,
115 bad_certificate_hash_value = 114,
116 no_application_protocol = 120
117
118 } SSL3AlertDescription;
119
120 typedef struct {
121 SSL3AlertLevel level;
122 SSL3AlertDescription description;
123 } SSL3Alert;
124
125 typedef enum {
126 hello_request = 0,
127 client_hello = 1,
128 server_hello = 2,
129 hello_verify_request = 3,
130 new_session_ticket = 4,
131 certificate = 11,
132 server_key_exchange = 12,
133 certificate_request = 13,
134 server_hello_done = 14,
135 certificate_verify = 15,
136 client_key_exchange = 16,
137 finished = 20,
138 certificate_status = 22,
139 next_proto = 67,
140 encrypted_extensions = 203,
141 } SSL3HandshakeType;
142
143 typedef struct {
144 PRUint8 empty;
145 } SSL3HelloRequest;
146
147 typedef struct {
148 SSL3Opaque rand[SSL3_RANDOM_LENGTH];
149 } SSL3Random;
150
151 typedef struct {
152 SSL3Opaque id[32];
153 PRUint8 length;
154 } SSL3SessionID;
155
156 typedef struct {
157 SSL3ProtocolVersion client_version;
158 SSL3Random random;
159 SSL3SessionID session_id;
160 SECItem cipher_suites;
161 PRUint8 cm_count;
162 SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
163 } SSL3ClientHello;
164
165 typedef struct {
166 SSL3ProtocolVersion server_version;
167 SSL3Random random;
168 SSL3SessionID session_id;
169 ssl3CipherSuite cipher_suite;
170 SSLCompressionMethod compression_method;
171 } SSL3ServerHello;
172
173 typedef struct {
174 SECItem list;
175 } SSL3Certificate;
176
177 /* SSL3SignType moved to ssl.h */
178
179 /* The SSL key exchange method used */
180 typedef enum {
181 kea_null,
182 kea_rsa,
183 kea_rsa_export,
184 kea_rsa_export_1024,
185 kea_dh_dss,
186 kea_dh_dss_export,
187 kea_dh_rsa,
188 kea_dh_rsa_export,
189 kea_dhe_dss,
190 kea_dhe_dss_export,
191 kea_dhe_rsa,
192 kea_dhe_rsa_export,
193 kea_dh_anon,
194 kea_dh_anon_export,
195 kea_rsa_fips,
196 kea_ecdh_ecdsa,
197 kea_ecdhe_ecdsa,
198 kea_ecdh_rsa,
199 kea_ecdhe_rsa,
200 kea_ecdh_anon
201 } SSL3KeyExchangeAlgorithm;
202
203 typedef struct {
204 SECItem modulus;
205 SECItem exponent;
206 } SSL3ServerRSAParams;
207
208 typedef struct {
209 SECItem p;
210 SECItem g;
211 SECItem Ys;
212 } SSL3ServerDHParams;
213
214 typedef struct {
215 union {
216 SSL3ServerDHParams dh;
217 SSL3ServerRSAParams rsa;
218 } u;
219 } SSL3ServerParams;
220
221 /* This enum reflects HashAlgorithm enum from
222 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
223 *
224 * When updating, be sure to also update ssl3_TLSHashAlgorithmToOID. */
225 enum {
226 tls_hash_md5 = 1,
227 tls_hash_sha1 = 2,
228 tls_hash_sha224 = 3,
229 tls_hash_sha256 = 4,
230 tls_hash_sha384 = 5,
231 tls_hash_sha512 = 6
232 };
233
234 /* This enum reflects SignatureAlgorithm enum from
235 * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
236 typedef enum {
237 tls_sig_rsa = 1,
238 tls_sig_dsa = 2,
239 tls_sig_ecdsa = 3
240 } TLSSignatureAlgorithm;
241
242 typedef struct {
243 SECOidTag hashAlg;
244 TLSSignatureAlgorithm sigAlg;
245 } SSL3SignatureAndHashAlgorithm;
246
247 /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS
248 * prior to 1.2. */
249 typedef struct {
250 PRUint8 md5[16];
251 PRUint8 sha[20];
252 } SSL3HashesIndividually;
253
254 /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw|
255 * which, if |hashAlg==SEC_OID_UNKNOWN| is also a SSL3HashesIndividually
256 * struct. */
257 typedef struct {
258 unsigned int len;
259 SECOidTag hashAlg;
260 union {
261 PRUint8 raw[64];
262 SSL3HashesIndividually s;
263 } u;
264 } SSL3Hashes;
265
266 typedef struct {
267 union {
268 SSL3Opaque anonymous;
269 SSL3Hashes certified;
270 } u;
271 } SSL3ServerKeyExchange;
272
273 typedef enum {
274 ct_RSA_sign = 1,
275 ct_DSS_sign = 2,
276 ct_RSA_fixed_DH = 3,
277 ct_DSS_fixed_DH = 4,
278 ct_RSA_ephemeral_DH = 5,
279 ct_DSS_ephemeral_DH = 6,
280 ct_ECDSA_sign = 64,
281 ct_RSA_fixed_ECDH = 65,
282 ct_ECDSA_fixed_ECDH = 66
283
284 } SSL3ClientCertificateType;
285
286 typedef SECItem *SSL3DistinquishedName;
287
288 typedef struct {
289 SSL3Opaque client_version[2];
290 SSL3Opaque random[46];
291 } SSL3RSAPreMasterSecret;
292
293 typedef SECItem SSL3EncryptedPreMasterSecret;
294
295
296 typedef SSL3Opaque SSL3MasterSecret[48];
297
298 typedef enum { implicit, explicit } SSL3PublicValueEncoding;
299
300 typedef struct {
301 union {
302 SSL3Opaque implicit;
303 SECItem explicit;
304 } dh_public;
305 } SSL3ClientDiffieHellmanPublic;
306
307 typedef struct {
308 union {
309 SSL3EncryptedPreMasterSecret rsa;
310 SSL3ClientDiffieHellmanPublic diffie_helman;
311 } exchange_keys;
312 } SSL3ClientKeyExchange;
313
314 typedef SSL3Hashes SSL3PreSignedCertificateVerify;
315
316 typedef SECItem SSL3CertificateVerify;
317
318 typedef enum {
319 sender_client = 0x434c4e54,
320 sender_server = 0x53525652
321 } SSL3Sender;
322
323 typedef SSL3HashesIndividually SSL3Finished;
324
325 typedef struct {
326 SSL3Opaque verify_data[12];
327 } TLSFinished;
328
329 /*
330 * TLS extension related data structures and constants.
331 */
332
333 /* SessionTicket extension related data structures. */
334
335 /* NewSessionTicket handshake message. */
336 typedef struct {
337 PRUint32 received_timestamp;
338 PRUint32 ticket_lifetime_hint;
339 SECItem ticket;
340 } NewSessionTicket;
341
342 typedef enum {
343 CLIENT_AUTH_ANONYMOUS = 0,
344 CLIENT_AUTH_CERTIFICATE = 1
345 } ClientAuthenticationType;
346
347 typedef struct {
348 ClientAuthenticationType client_auth_type;
349 union {
350 SSL3Opaque *certificate_list;
351 } identity;
352 } ClientIdentity;
353
354 #define SESS_TICKET_KEY_NAME_LEN 16
355 #define SESS_TICKET_KEY_NAME_PREFIX "NSS!"
356 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
357 #define SESS_TICKET_KEY_VAR_NAME_LEN 12
358
359 typedef struct {
360 unsigned char *key_name;
361 unsigned char *iv;
362 SECItem encrypted_state;
363 unsigned char *mac;
364 } EncryptedSessionTicket;
365
366 #define TLS_EX_SESS_TICKET_MAC_LENGTH 32
367
368 #define TLS_STE_NO_SERVER_NAME -1
369
370 #endif /* __ssl3proto_h_ */