security/nss/lib/ssl/sslt.h@b8a032363ba2
security/nss/lib/ssl/sslt.h
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 /*
2 * This file contains prototypes for the public SSL functions.
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 #ifndef __sslt_h_
9 #define __sslt_h_
11 #include "prtypes.h"
13 typedef struct SSL3StatisticsStr {
14 /* statistics from ssl3_SendClientHello (sch) */
15 long sch_sid_cache_hits;
16 long sch_sid_cache_misses;
17 long sch_sid_cache_not_ok;
19 /* statistics from ssl3_HandleServerHello (hsh) */
20 long hsh_sid_cache_hits;
21 long hsh_sid_cache_misses;
22 long hsh_sid_cache_not_ok;
24 /* statistics from ssl3_HandleClientHello (hch) */
25 long hch_sid_cache_hits;
26 long hch_sid_cache_misses;
27 long hch_sid_cache_not_ok;
29 /* statistics related to stateless resume */
30 long sch_sid_stateless_resumes;
31 long hsh_sid_stateless_resumes;
32 long hch_sid_stateless_resumes;
33 long hch_sid_ticket_parse_failures;
34 } SSL3Statistics;
36 /* Key Exchange algorithm values */
37 typedef enum {
38 ssl_kea_null = 0,
39 ssl_kea_rsa = 1,
40 ssl_kea_dh = 2,
41 ssl_kea_fortezza = 3, /* deprecated, now unused */
42 ssl_kea_ecdh = 4,
43 ssl_kea_size /* number of ssl_kea_ algorithms */
44 } SSLKEAType;
46 /* The following defines are for backwards compatibility.
47 ** They will be removed in a forthcoming release to reduce namespace pollution.
48 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
49 ** soon.
50 */
51 #define kt_null ssl_kea_null
52 #define kt_rsa ssl_kea_rsa
53 #define kt_dh ssl_kea_dh
54 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */
55 #define kt_ecdh ssl_kea_ecdh
56 #define kt_kea_size ssl_kea_size
58 typedef enum {
59 ssl_sign_null = 0,
60 ssl_sign_rsa = 1,
61 ssl_sign_dsa = 2,
62 ssl_sign_ecdsa = 3
63 } SSLSignType;
65 typedef enum {
66 ssl_auth_null = 0,
67 ssl_auth_rsa = 1,
68 ssl_auth_dsa = 2,
69 ssl_auth_kea = 3,
70 ssl_auth_ecdsa = 4
71 } SSLAuthType;
73 typedef enum {
74 ssl_calg_null = 0,
75 ssl_calg_rc4 = 1,
76 ssl_calg_rc2 = 2,
77 ssl_calg_des = 3,
78 ssl_calg_3des = 4,
79 ssl_calg_idea = 5,
80 ssl_calg_fortezza = 6, /* deprecated, now unused */
81 ssl_calg_aes = 7,
82 ssl_calg_camellia = 8,
83 ssl_calg_seed = 9,
84 ssl_calg_aes_gcm = 10
85 } SSLCipherAlgorithm;
87 typedef enum {
88 ssl_mac_null = 0,
89 ssl_mac_md5 = 1,
90 ssl_mac_sha = 2,
91 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */
92 ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */
93 ssl_hmac_sha256 = 5,
94 ssl_mac_aead = 6
95 } SSLMACAlgorithm;
97 typedef enum {
98 ssl_compression_null = 0,
99 ssl_compression_deflate = 1 /* RFC 3749 */
100 } SSLCompressionMethod;
102 typedef struct SSLChannelInfoStr {
103 PRUint32 length;
104 PRUint16 protocolVersion;
105 PRUint16 cipherSuite;
107 /* server authentication info */
108 PRUint32 authKeyBits;
110 /* key exchange algorithm info */
111 PRUint32 keaKeyBits;
113 /* session info */
114 PRUint32 creationTime; /* seconds since Jan 1, 1970 */
115 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
116 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
117 PRUint32 sessionIDLength; /* up to 32 */
118 PRUint8 sessionID [32];
120 /* The following fields are added in NSS 3.12.5. */
122 /* compression method info */
123 const char * compressionMethodName;
124 SSLCompressionMethod compressionMethod;
125 } SSLChannelInfo;
127 typedef struct SSLCipherSuiteInfoStr {
128 PRUint16 length;
129 PRUint16 cipherSuite;
131 /* Cipher Suite Name */
132 const char * cipherSuiteName;
134 /* server authentication info */
135 const char * authAlgorithmName;
136 SSLAuthType authAlgorithm;
138 /* key exchange algorithm info */
139 const char * keaTypeName;
140 SSLKEAType keaType;
142 /* symmetric encryption info */
143 const char * symCipherName;
144 SSLCipherAlgorithm symCipher;
145 PRUint16 symKeyBits;
146 PRUint16 symKeySpace;
147 PRUint16 effectiveKeyBits;
149 /* MAC info */
150 /* AEAD ciphers don't have a MAC. For an AEAD cipher, macAlgorithmName
151 * is "AEAD", macAlgorithm is ssl_mac_aead, and macBits is the length in
152 * bits of the authentication tag. */
153 const char * macAlgorithmName;
154 SSLMACAlgorithm macAlgorithm;
155 PRUint16 macBits;
157 PRUintn isFIPS : 1;
158 PRUintn isExportable : 1;
159 PRUintn nonStandard : 1;
160 PRUintn reservedBits :29;
162 } SSLCipherSuiteInfo;
164 typedef enum {
165 ssl_variant_stream = 0,
166 ssl_variant_datagram = 1
167 } SSLProtocolVariant;
169 typedef struct SSLVersionRangeStr {
170 PRUint16 min;
171 PRUint16 max;
172 } SSLVersionRange;
174 typedef enum {
175 SSL_sni_host_name = 0,
176 SSL_sni_type_total
177 } SSLSniNameType;
179 /* Supported extensions. */
180 /* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */
181 typedef enum {
182 ssl_server_name_xtn = 0,
183 ssl_cert_status_xtn = 5,
184 #ifndef NSS_DISABLE_ECC
185 ssl_elliptic_curves_xtn = 10,
186 ssl_ec_point_formats_xtn = 11,
187 #endif
188 ssl_signature_algorithms_xtn = 13,
189 ssl_use_srtp_xtn = 14,
190 ssl_app_layer_protocol_xtn = 16,
191 ssl_padding_xtn = 21,
192 ssl_session_ticket_xtn = 35,
193 ssl_next_proto_nego_xtn = 13172,
194 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */
195 } SSLExtensionType;
197 #define SSL_MAX_EXTENSIONS 10 /* doesn't include ssl_padding_xtn. */
199 #endif /* __sslt_h_ */
