The Tor Browser / annotate

security/nss/lib/ssl/sslt.h@b8a032363ba2 (annotated)

security/nss/lib/ssl/sslt.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /*
michael@0 2 * This file contains prototypes for the public SSL functions.
michael@0 3 *
michael@0 4 * This Source Code Form is subject to the terms of the Mozilla Public
michael@0 5 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 7
michael@0 8 #ifndef __sslt_h_
michael@0 9 #define __sslt_h_
michael@0 10
michael@0 11 #include "prtypes.h"
michael@0 12
michael@0 13 typedef struct SSL3StatisticsStr {
michael@0 14 /* statistics from ssl3_SendClientHello (sch) */
michael@0 15 long sch_sid_cache_hits;
michael@0 16 long sch_sid_cache_misses;
michael@0 17 long sch_sid_cache_not_ok;
michael@0 18
michael@0 19 /* statistics from ssl3_HandleServerHello (hsh) */
michael@0 20 long hsh_sid_cache_hits;
michael@0 21 long hsh_sid_cache_misses;
michael@0 22 long hsh_sid_cache_not_ok;
michael@0 23
michael@0 24 /* statistics from ssl3_HandleClientHello (hch) */
michael@0 25 long hch_sid_cache_hits;
michael@0 26 long hch_sid_cache_misses;
michael@0 27 long hch_sid_cache_not_ok;
michael@0 28
michael@0 29 /* statistics related to stateless resume */
michael@0 30 long sch_sid_stateless_resumes;
michael@0 31 long hsh_sid_stateless_resumes;
michael@0 32 long hch_sid_stateless_resumes;
michael@0 33 long hch_sid_ticket_parse_failures;
michael@0 34 } SSL3Statistics;
michael@0 35
michael@0 36 /* Key Exchange algorithm values */
michael@0 37 typedef enum {
michael@0 38 ssl_kea_null = 0,
michael@0 39 ssl_kea_rsa = 1,
michael@0 40 ssl_kea_dh = 2,
michael@0 41 ssl_kea_fortezza = 3, /* deprecated, now unused */
michael@0 42 ssl_kea_ecdh = 4,
michael@0 43 ssl_kea_size /* number of ssl_kea_ algorithms */
michael@0 44 } SSLKEAType;
michael@0 45
michael@0 46 /* The following defines are for backwards compatibility.
michael@0 47 ** They will be removed in a forthcoming release to reduce namespace pollution.
michael@0 48 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
michael@0 49 ** soon.
michael@0 50 */
michael@0 51 #define kt_null ssl_kea_null
michael@0 52 #define kt_rsa ssl_kea_rsa
michael@0 53 #define kt_dh ssl_kea_dh
michael@0 54 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */
michael@0 55 #define kt_ecdh ssl_kea_ecdh
michael@0 56 #define kt_kea_size ssl_kea_size
michael@0 57
michael@0 58 typedef enum {
michael@0 59 ssl_sign_null = 0,
michael@0 60 ssl_sign_rsa = 1,
michael@0 61 ssl_sign_dsa = 2,
michael@0 62 ssl_sign_ecdsa = 3
michael@0 63 } SSLSignType;
michael@0 64
michael@0 65 typedef enum {
michael@0 66 ssl_auth_null = 0,
michael@0 67 ssl_auth_rsa = 1,
michael@0 68 ssl_auth_dsa = 2,
michael@0 69 ssl_auth_kea = 3,
michael@0 70 ssl_auth_ecdsa = 4
michael@0 71 } SSLAuthType;
michael@0 72
michael@0 73 typedef enum {
michael@0 74 ssl_calg_null = 0,
michael@0 75 ssl_calg_rc4 = 1,
michael@0 76 ssl_calg_rc2 = 2,
michael@0 77 ssl_calg_des = 3,
michael@0 78 ssl_calg_3des = 4,
michael@0 79 ssl_calg_idea = 5,
michael@0 80 ssl_calg_fortezza = 6, /* deprecated, now unused */
michael@0 81 ssl_calg_aes = 7,
michael@0 82 ssl_calg_camellia = 8,
michael@0 83 ssl_calg_seed = 9,
michael@0 84 ssl_calg_aes_gcm = 10
michael@0 85 } SSLCipherAlgorithm;
michael@0 86
michael@0 87 typedef enum {
michael@0 88 ssl_mac_null = 0,
michael@0 89 ssl_mac_md5 = 1,
michael@0 90 ssl_mac_sha = 2,
michael@0 91 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */
michael@0 92 ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */
michael@0 93 ssl_hmac_sha256 = 5,
michael@0 94 ssl_mac_aead = 6
michael@0 95 } SSLMACAlgorithm;
michael@0 96
michael@0 97 typedef enum {
michael@0 98 ssl_compression_null = 0,
michael@0 99 ssl_compression_deflate = 1 /* RFC 3749 */
michael@0 100 } SSLCompressionMethod;
michael@0 101
michael@0 102 typedef struct SSLChannelInfoStr {
michael@0 103 PRUint32 length;
michael@0 104 PRUint16 protocolVersion;
michael@0 105 PRUint16 cipherSuite;
michael@0 106
michael@0 107 /* server authentication info */
michael@0 108 PRUint32 authKeyBits;
michael@0 109
michael@0 110 /* key exchange algorithm info */
michael@0 111 PRUint32 keaKeyBits;
michael@0 112
michael@0 113 /* session info */
michael@0 114 PRUint32 creationTime; /* seconds since Jan 1, 1970 */
michael@0 115 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
michael@0 116 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
michael@0 117 PRUint32 sessionIDLength; /* up to 32 */
michael@0 118 PRUint8 sessionID [32];
michael@0 119
michael@0 120 /* The following fields are added in NSS 3.12.5. */
michael@0 121
michael@0 122 /* compression method info */
michael@0 123 const char * compressionMethodName;
michael@0 124 SSLCompressionMethod compressionMethod;
michael@0 125 } SSLChannelInfo;
michael@0 126
michael@0 127 typedef struct SSLCipherSuiteInfoStr {
michael@0 128 PRUint16 length;
michael@0 129 PRUint16 cipherSuite;
michael@0 130
michael@0 131 /* Cipher Suite Name */
michael@0 132 const char * cipherSuiteName;
michael@0 133
michael@0 134 /* server authentication info */
michael@0 135 const char * authAlgorithmName;
michael@0 136 SSLAuthType authAlgorithm;
michael@0 137
michael@0 138 /* key exchange algorithm info */
michael@0 139 const char * keaTypeName;
michael@0 140 SSLKEAType keaType;
michael@0 141
michael@0 142 /* symmetric encryption info */
michael@0 143 const char * symCipherName;
michael@0 144 SSLCipherAlgorithm symCipher;
michael@0 145 PRUint16 symKeyBits;
michael@0 146 PRUint16 symKeySpace;
michael@0 147 PRUint16 effectiveKeyBits;
michael@0 148
michael@0 149 /* MAC info */
michael@0 150 /* AEAD ciphers don't have a MAC. For an AEAD cipher, macAlgorithmName
michael@0 151 * is "AEAD", macAlgorithm is ssl_mac_aead, and macBits is the length in
michael@0 152 * bits of the authentication tag. */
michael@0 153 const char * macAlgorithmName;
michael@0 154 SSLMACAlgorithm macAlgorithm;
michael@0 155 PRUint16 macBits;
michael@0 156
michael@0 157 PRUintn isFIPS : 1;
michael@0 158 PRUintn isExportable : 1;
michael@0 159 PRUintn nonStandard : 1;
michael@0 160 PRUintn reservedBits :29;
michael@0 161
michael@0 162 } SSLCipherSuiteInfo;
michael@0 163
michael@0 164 typedef enum {
michael@0 165 ssl_variant_stream = 0,
michael@0 166 ssl_variant_datagram = 1
michael@0 167 } SSLProtocolVariant;
michael@0 168
michael@0 169 typedef struct SSLVersionRangeStr {
michael@0 170 PRUint16 min;
michael@0 171 PRUint16 max;
michael@0 172 } SSLVersionRange;
michael@0 173
michael@0 174 typedef enum {
michael@0 175 SSL_sni_host_name = 0,
michael@0 176 SSL_sni_type_total
michael@0 177 } SSLSniNameType;
michael@0 178
michael@0 179 /* Supported extensions. */
michael@0 180 /* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */
michael@0 181 typedef enum {
michael@0 182 ssl_server_name_xtn = 0,
michael@0 183 ssl_cert_status_xtn = 5,
michael@0 184 #ifndef NSS_DISABLE_ECC
michael@0 185 ssl_elliptic_curves_xtn = 10,
michael@0 186 ssl_ec_point_formats_xtn = 11,
michael@0 187 #endif
michael@0 188 ssl_signature_algorithms_xtn = 13,
michael@0 189 ssl_use_srtp_xtn = 14,
michael@0 190 ssl_app_layer_protocol_xtn = 16,
michael@0 191 ssl_padding_xtn = 21,
michael@0 192 ssl_session_ticket_xtn = 35,
michael@0 193 ssl_next_proto_nego_xtn = 13172,
michael@0 194 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
michael@0 195 } SSLExtensionType;
michael@0 196
michael@0 197 #define SSL_MAX_EXTENSIONS 10 /* doesn't include ssl_padding_xtn. */
michael@0 198
michael@0 199 #endif /* __sslt_h_ */

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial