The Tor Browser: security/nss/lib/ssl/ssl3prot.h@b8a032363ba2

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /* Private header file of libSSL.

     2  * Various and sundry protocol constants. DON'T CHANGE THESE. These

     3  * values are defined by the SSL 3.0 protocol specification.

     4  *

     5  * This Source Code Form is subject to the terms of the Mozilla Public

     6  * License, v. 2.0. If a copy of the MPL was not distributed with this

     7  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     9 #ifndef __ssl3proto_h_

    10 #define __ssl3proto_h_

    12 typedef PRUint8 SSL3Opaque;

    14 typedef PRUint16 SSL3ProtocolVersion;

    15 /* version numbers are defined in sslproto.h */

    17 typedef PRUint16 ssl3CipherSuite;

    18 /* The cipher suites are defined in sslproto.h */

    20 #define MAX_CERT_TYPES                  10

    21 #define MAX_COMPRESSION_METHODS         10

    22 #define MAX_MAC_LENGTH                  64

    23 #define MAX_PADDING_LENGTH              64

    24 #define MAX_KEY_LENGTH                  64

    25 #define EXPORT_KEY_LENGTH                5

    26 #define SSL3_RANDOM_LENGTH              32

    28 #define SSL3_RECORD_HEADER_LENGTH        5

    30 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */

    31 #define DTLS_RECORD_HEADER_LENGTH       13

    33 #define MAX_FRAGMENT_LENGTH          16384

    35 typedef enum {

    36     content_change_cipher_spec = 20,

    37     content_alert              = 21,

    38     content_handshake          = 22,

    39     content_application_data   = 23

    40 } SSL3ContentType;

    42 typedef struct {

    43     SSL3ContentType     type;

    44     SSL3ProtocolVersion version;

    45     PRUint16            length;

    46     SECItem             fragment;

    47 } SSL3Plaintext;

    49 typedef struct {

    50     SSL3ContentType     type;

    51     SSL3ProtocolVersion version;

    52     PRUint16            length;

    53     SECItem             fragment;

    54 } SSL3Compressed;

    56 typedef struct {

    57     SECItem    content;

    58     SSL3Opaque MAC[MAX_MAC_LENGTH];

    59 } SSL3GenericStreamCipher;

    61 typedef struct {

    62     SECItem    content;

    63     SSL3Opaque MAC[MAX_MAC_LENGTH];

    64     PRUint8    padding[MAX_PADDING_LENGTH];

    65     PRUint8    padding_length;

    66 } SSL3GenericBlockCipher;

    68 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;

    70 typedef struct {

    71     SSL3ChangeCipherSpecChoice choice;

    72 } SSL3ChangeCipherSpec;

    74 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;

    76 typedef enum {

    77     close_notify            = 0,

    78     unexpected_message      = 10,

    79     bad_record_mac          = 20,

    80     decryption_failed_RESERVED = 21,    /* do not send; see RFC 5246 */

    81     record_overflow         = 22,       /* TLS only */

    82     decompression_failure   = 30,

    83     handshake_failure       = 40,

    84     no_certificate          = 41,       /* SSL3 only, NOT TLS */

    85     bad_certificate         = 42,

    86     unsupported_certificate = 43,

    87     certificate_revoked     = 44,

    88     certificate_expired     = 45,

    89     certificate_unknown     = 46,

    90     illegal_parameter       = 47,

    92 /* All alerts below are TLS only. */

    93     unknown_ca              = 48,

    94     access_denied           = 49,

    95     decode_error            = 50,

    96     decrypt_error           = 51,

    97     export_restriction      = 60,

    98     protocol_version        = 70,

    99     insufficient_security   = 71,

   100     internal_error          = 80,

   101     inappropriate_fallback  = 86,	/* could also be sent for SSLv3 */

   102     user_canceled           = 90,

   103     no_renegotiation        = 100,

   105 /* Alerts for client hello extensions */

   106     unsupported_extension           = 110,

   107     certificate_unobtainable        = 111,

   108     unrecognized_name               = 112,

   109     bad_certificate_status_response = 113,

   110     bad_certificate_hash_value      = 114,

   111     no_application_protocol         = 120

   113 } SSL3AlertDescription;

   115 typedef struct {

   116     SSL3AlertLevel       level;

   117     SSL3AlertDescription description;

   118 } SSL3Alert;

   120 typedef enum {

   121     hello_request       = 0,

   122     client_hello        = 1,

   123     server_hello        = 2,

   124     hello_verify_request = 3,

   125     new_session_ticket  = 4,

   126     certificate         = 11,

   127     server_key_exchange = 12,

   128     certificate_request = 13,

   129     server_hello_done   = 14,

   130     certificate_verify  = 15,

   131     client_key_exchange = 16,

   132     finished            = 20,

   133     certificate_status  = 22,

   134     next_proto          = 67

   135 } SSL3HandshakeType;

   137 typedef struct {

   138     PRUint8 empty;

   139 } SSL3HelloRequest;

   141 typedef struct {

   142     SSL3Opaque rand[SSL3_RANDOM_LENGTH];

   143 } SSL3Random;

   145 typedef struct {

   146     SSL3Opaque id[32];

   147     PRUint8 length;

   148 } SSL3SessionID;

   150 typedef struct {

   151     SSL3ProtocolVersion   client_version;

   152     SSL3Random            random;

   153     SSL3SessionID         session_id;

   154     SECItem               cipher_suites;

   155     PRUint8               cm_count;

   156     SSLCompressionMethod  compression_methods[MAX_COMPRESSION_METHODS];

   157 } SSL3ClientHello;

   159 typedef struct  {

   160     SSL3ProtocolVersion   server_version;

   161     SSL3Random            random;

   162     SSL3SessionID         session_id;

   163     ssl3CipherSuite       cipher_suite;

   164     SSLCompressionMethod  compression_method;

   165 } SSL3ServerHello;

   167 typedef struct {

   168     SECItem list;

   169 } SSL3Certificate;

   171 /* SSL3SignType moved to ssl.h */

   173 /* The SSL key exchange method used */

   174 typedef enum {

   175     kea_null,

   176     kea_rsa,

   177     kea_rsa_export,

   178     kea_rsa_export_1024,

   179     kea_dh_dss,

   180     kea_dh_dss_export,

   181     kea_dh_rsa,

   182     kea_dh_rsa_export,

   183     kea_dhe_dss,

   184     kea_dhe_dss_export,

   185     kea_dhe_rsa,

   186     kea_dhe_rsa_export,

   187     kea_dh_anon,

   188     kea_dh_anon_export,

   189     kea_rsa_fips,

   190     kea_ecdh_ecdsa,

   191     kea_ecdhe_ecdsa,

   192     kea_ecdh_rsa,

   193     kea_ecdhe_rsa,

   194     kea_ecdh_anon

   195 } SSL3KeyExchangeAlgorithm;

   197 typedef struct {

   198     SECItem modulus;

   199     SECItem exponent;

   200 } SSL3ServerRSAParams;

   202 typedef struct {

   203     SECItem p;

   204     SECItem g;

   205     SECItem Ys;

   206 } SSL3ServerDHParams;

   208 typedef struct {

   209     union {

   210         SSL3ServerDHParams dh;

   211         SSL3ServerRSAParams rsa;

   212     } u;

   213 } SSL3ServerParams;

   215 /* This enum reflects HashAlgorithm enum from

   216  * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1

   217  *

   218  * When updating, be sure to also update ssl3_TLSHashAlgorithmToOID. */

   219 enum {

   220     tls_hash_md5 = 1,

   221     tls_hash_sha1 = 2,

   222     tls_hash_sha224 = 3,

   223     tls_hash_sha256 = 4,

   224     tls_hash_sha384 = 5,

   225     tls_hash_sha512 = 6

   226 };

   228 /* This enum reflects SignatureAlgorithm enum from

   229  * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */

   230 typedef enum {

   231     tls_sig_rsa = 1,

   232     tls_sig_dsa = 2,

   233     tls_sig_ecdsa = 3

   234 } TLSSignatureAlgorithm;

   236 typedef struct {

   237     SECOidTag hashAlg;

   238     TLSSignatureAlgorithm sigAlg;

   239 } SSL3SignatureAndHashAlgorithm;

   241 /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS

   242  * prior to 1.2. */

   243 typedef struct {

   244     PRUint8 md5[16];

   245     PRUint8 sha[20];

   246 } SSL3HashesIndividually;

   248 /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw|

   249  * which, if |hashAlg==SEC_OID_UNKNOWN| is also a SSL3HashesIndividually

   250  * struct. */

   251 typedef struct {

   252     unsigned int len;

   253     SECOidTag hashAlg;

   254     union {

   255         PRUint8 raw[64];

   256         SSL3HashesIndividually s;

   257     } u;

   258 } SSL3Hashes;

   260 typedef struct {

   261     union {

   262         SSL3Opaque anonymous;

   263         SSL3Hashes certified;

   264     } u;

   265 } SSL3ServerKeyExchange;

   267 typedef enum {

   268     ct_RSA_sign         =  1,

   269     ct_DSS_sign         =  2,

   270     ct_RSA_fixed_DH     =  3,

   271     ct_DSS_fixed_DH     =  4,

   272     ct_RSA_ephemeral_DH =  5,

   273     ct_DSS_ephemeral_DH =  6,

   274     ct_ECDSA_sign       =  64,

   275     ct_RSA_fixed_ECDH   =  65,

   276     ct_ECDSA_fixed_ECDH =  66

   278 } SSL3ClientCertificateType;

   280 typedef SECItem *SSL3DistinquishedName;

   282 typedef struct {

   283     SSL3Opaque client_version[2];

   284     SSL3Opaque random[46];

   285 } SSL3RSAPreMasterSecret;

   287 typedef SECItem SSL3EncryptedPreMasterSecret;

   290 typedef SSL3Opaque SSL3MasterSecret[48];

   292 typedef enum { implicit, explicit } SSL3PublicValueEncoding;

   294 typedef struct {

   295     union {

   296         SSL3Opaque implicit;

   297         SECItem    explicit;

   298     } dh_public;

   299 } SSL3ClientDiffieHellmanPublic;

   301 typedef struct {

   302     union {

   303         SSL3EncryptedPreMasterSecret  rsa;

   304         SSL3ClientDiffieHellmanPublic diffie_helman;

   305     } exchange_keys;

   306 } SSL3ClientKeyExchange;

   308 typedef SSL3Hashes SSL3PreSignedCertificateVerify;

   310 typedef SECItem SSL3CertificateVerify;

   312 typedef enum {

   313     sender_client = 0x434c4e54,

   314     sender_server = 0x53525652

   315 } SSL3Sender;

   317 typedef SSL3HashesIndividually SSL3Finished;

   319 typedef struct {

   320     SSL3Opaque verify_data[12];

   321 } TLSFinished;

   323 /*

   324  * TLS extension related data structures and constants.

   325  */

   327 /* SessionTicket extension related data structures. */

   329 /* NewSessionTicket handshake message. */

   330 typedef struct {

   331     PRUint32 received_timestamp;

   332     PRUint32 ticket_lifetime_hint;

   333     SECItem  ticket;

   334 } NewSessionTicket;

   336 typedef enum {

   337     CLIENT_AUTH_ANONYMOUS   = 0,

   338     CLIENT_AUTH_CERTIFICATE = 1

   339 } ClientAuthenticationType;

   341 typedef struct {

   342     ClientAuthenticationType client_auth_type;

   343     union {

   344         SSL3Opaque *certificate_list;

   345     } identity;

   346 } ClientIdentity;

   348 #define SESS_TICKET_KEY_NAME_LEN       16

   349 #define SESS_TICKET_KEY_NAME_PREFIX    "NSS!"

   350 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4

   351 #define SESS_TICKET_KEY_VAR_NAME_LEN   12

   353 typedef struct {

   354     unsigned char *key_name;

   355     unsigned char *iv;

   356     SECItem encrypted_state;

   357     unsigned char *mac;

   358 } EncryptedSessionTicket;

   360 #define TLS_EX_SESS_TICKET_MAC_LENGTH 32

   362 #define TLS_STE_NO_SERVER_NAME        -1

   364 #endif /* __ssl3proto_h_ */

The Tor Browser / file revision

security/nss/lib/ssl/ssl3prot.h@b8a032363ba2

security/nss/lib/ssl/ssl3prot.h