michael@0: /* Private header file of libSSL. michael@0: * Various and sundry protocol constants. DON'T CHANGE THESE. These michael@0: * values are defined by the SSL 3.0 protocol specification. michael@0: * michael@0: * This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #ifndef __ssl3proto_h_ michael@0: #define __ssl3proto_h_ michael@0: michael@0: typedef PRUint8 SSL3Opaque; michael@0: michael@0: typedef PRUint16 SSL3ProtocolVersion; michael@0: /* version numbers are defined in sslproto.h */ michael@0: michael@0: typedef PRUint16 ssl3CipherSuite; michael@0: /* The cipher suites are defined in sslproto.h */ michael@0: michael@0: #define MAX_CERT_TYPES 10 michael@0: #define MAX_COMPRESSION_METHODS 10 michael@0: #define MAX_MAC_LENGTH 64 michael@0: #define MAX_PADDING_LENGTH 64 michael@0: #define MAX_KEY_LENGTH 64 michael@0: #define EXPORT_KEY_LENGTH 5 michael@0: #define SSL3_RANDOM_LENGTH 32 michael@0: michael@0: #define SSL3_RECORD_HEADER_LENGTH 5 michael@0: michael@0: /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ michael@0: #define DTLS_RECORD_HEADER_LENGTH 13 michael@0: michael@0: #define MAX_FRAGMENT_LENGTH 16384 michael@0: michael@0: typedef enum { michael@0: content_change_cipher_spec = 20, michael@0: content_alert = 21, michael@0: content_handshake = 22, michael@0: content_application_data = 23 michael@0: } SSL3ContentType; michael@0: michael@0: typedef struct { michael@0: SSL3ContentType type; michael@0: SSL3ProtocolVersion version; michael@0: PRUint16 length; michael@0: SECItem fragment; michael@0: } SSL3Plaintext; michael@0: michael@0: typedef struct { michael@0: SSL3ContentType type; michael@0: SSL3ProtocolVersion version; michael@0: PRUint16 length; michael@0: SECItem fragment; michael@0: } SSL3Compressed; michael@0: michael@0: typedef struct { michael@0: SECItem content; michael@0: SSL3Opaque MAC[MAX_MAC_LENGTH]; michael@0: } SSL3GenericStreamCipher; michael@0: michael@0: typedef struct { michael@0: SECItem content; michael@0: SSL3Opaque MAC[MAX_MAC_LENGTH]; michael@0: PRUint8 padding[MAX_PADDING_LENGTH]; michael@0: PRUint8 padding_length; michael@0: } SSL3GenericBlockCipher; michael@0: michael@0: typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; michael@0: michael@0: typedef struct { michael@0: SSL3ChangeCipherSpecChoice choice; michael@0: } SSL3ChangeCipherSpec; michael@0: michael@0: typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel; michael@0: michael@0: typedef enum { michael@0: close_notify = 0, michael@0: unexpected_message = 10, michael@0: bad_record_mac = 20, michael@0: decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ michael@0: record_overflow = 22, /* TLS only */ michael@0: decompression_failure = 30, michael@0: handshake_failure = 40, michael@0: no_certificate = 41, /* SSL3 only, NOT TLS */ michael@0: bad_certificate = 42, michael@0: unsupported_certificate = 43, michael@0: certificate_revoked = 44, michael@0: certificate_expired = 45, michael@0: certificate_unknown = 46, michael@0: illegal_parameter = 47, michael@0: michael@0: /* All alerts below are TLS only. */ michael@0: unknown_ca = 48, michael@0: access_denied = 49, michael@0: decode_error = 50, michael@0: decrypt_error = 51, michael@0: export_restriction = 60, michael@0: protocol_version = 70, michael@0: insufficient_security = 71, michael@0: internal_error = 80, michael@0: inappropriate_fallback = 86, /* could also be sent for SSLv3 */ michael@0: user_canceled = 90, michael@0: no_renegotiation = 100, michael@0: michael@0: /* Alerts for client hello extensions */ michael@0: unsupported_extension = 110, michael@0: certificate_unobtainable = 111, michael@0: unrecognized_name = 112, michael@0: bad_certificate_status_response = 113, michael@0: bad_certificate_hash_value = 114, michael@0: no_application_protocol = 120 michael@0: michael@0: } SSL3AlertDescription; michael@0: michael@0: typedef struct { michael@0: SSL3AlertLevel level; michael@0: SSL3AlertDescription description; michael@0: } SSL3Alert; michael@0: michael@0: typedef enum { michael@0: hello_request = 0, michael@0: client_hello = 1, michael@0: server_hello = 2, michael@0: hello_verify_request = 3, michael@0: new_session_ticket = 4, michael@0: certificate = 11, michael@0: server_key_exchange = 12, michael@0: certificate_request = 13, michael@0: server_hello_done = 14, michael@0: certificate_verify = 15, michael@0: client_key_exchange = 16, michael@0: finished = 20, michael@0: certificate_status = 22, michael@0: next_proto = 67 michael@0: } SSL3HandshakeType; michael@0: michael@0: typedef struct { michael@0: PRUint8 empty; michael@0: } SSL3HelloRequest; michael@0: michael@0: typedef struct { michael@0: SSL3Opaque rand[SSL3_RANDOM_LENGTH]; michael@0: } SSL3Random; michael@0: michael@0: typedef struct { michael@0: SSL3Opaque id[32]; michael@0: PRUint8 length; michael@0: } SSL3SessionID; michael@0: michael@0: typedef struct { michael@0: SSL3ProtocolVersion client_version; michael@0: SSL3Random random; michael@0: SSL3SessionID session_id; michael@0: SECItem cipher_suites; michael@0: PRUint8 cm_count; michael@0: SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; michael@0: } SSL3ClientHello; michael@0: michael@0: typedef struct { michael@0: SSL3ProtocolVersion server_version; michael@0: SSL3Random random; michael@0: SSL3SessionID session_id; michael@0: ssl3CipherSuite cipher_suite; michael@0: SSLCompressionMethod compression_method; michael@0: } SSL3ServerHello; michael@0: michael@0: typedef struct { michael@0: SECItem list; michael@0: } SSL3Certificate; michael@0: michael@0: /* SSL3SignType moved to ssl.h */ michael@0: michael@0: /* The SSL key exchange method used */ michael@0: typedef enum { michael@0: kea_null, michael@0: kea_rsa, michael@0: kea_rsa_export, michael@0: kea_rsa_export_1024, michael@0: kea_dh_dss, michael@0: kea_dh_dss_export, michael@0: kea_dh_rsa, michael@0: kea_dh_rsa_export, michael@0: kea_dhe_dss, michael@0: kea_dhe_dss_export, michael@0: kea_dhe_rsa, michael@0: kea_dhe_rsa_export, michael@0: kea_dh_anon, michael@0: kea_dh_anon_export, michael@0: kea_rsa_fips, michael@0: kea_ecdh_ecdsa, michael@0: kea_ecdhe_ecdsa, michael@0: kea_ecdh_rsa, michael@0: kea_ecdhe_rsa, michael@0: kea_ecdh_anon michael@0: } SSL3KeyExchangeAlgorithm; michael@0: michael@0: typedef struct { michael@0: SECItem modulus; michael@0: SECItem exponent; michael@0: } SSL3ServerRSAParams; michael@0: michael@0: typedef struct { michael@0: SECItem p; michael@0: SECItem g; michael@0: SECItem Ys; michael@0: } SSL3ServerDHParams; michael@0: michael@0: typedef struct { michael@0: union { michael@0: SSL3ServerDHParams dh; michael@0: SSL3ServerRSAParams rsa; michael@0: } u; michael@0: } SSL3ServerParams; michael@0: michael@0: /* This enum reflects HashAlgorithm enum from michael@0: * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 michael@0: * michael@0: * When updating, be sure to also update ssl3_TLSHashAlgorithmToOID. */ michael@0: enum { michael@0: tls_hash_md5 = 1, michael@0: tls_hash_sha1 = 2, michael@0: tls_hash_sha224 = 3, michael@0: tls_hash_sha256 = 4, michael@0: tls_hash_sha384 = 5, michael@0: tls_hash_sha512 = 6 michael@0: }; michael@0: michael@0: /* This enum reflects SignatureAlgorithm enum from michael@0: * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */ michael@0: typedef enum { michael@0: tls_sig_rsa = 1, michael@0: tls_sig_dsa = 2, michael@0: tls_sig_ecdsa = 3 michael@0: } TLSSignatureAlgorithm; michael@0: michael@0: typedef struct { michael@0: SECOidTag hashAlg; michael@0: TLSSignatureAlgorithm sigAlg; michael@0: } SSL3SignatureAndHashAlgorithm; michael@0: michael@0: /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS michael@0: * prior to 1.2. */ michael@0: typedef struct { michael@0: PRUint8 md5[16]; michael@0: PRUint8 sha[20]; michael@0: } SSL3HashesIndividually; michael@0: michael@0: /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw| michael@0: * which, if |hashAlg==SEC_OID_UNKNOWN| is also a SSL3HashesIndividually michael@0: * struct. */ michael@0: typedef struct { michael@0: unsigned int len; michael@0: SECOidTag hashAlg; michael@0: union { michael@0: PRUint8 raw[64]; michael@0: SSL3HashesIndividually s; michael@0: } u; michael@0: } SSL3Hashes; michael@0: michael@0: typedef struct { michael@0: union { michael@0: SSL3Opaque anonymous; michael@0: SSL3Hashes certified; michael@0: } u; michael@0: } SSL3ServerKeyExchange; michael@0: michael@0: typedef enum { michael@0: ct_RSA_sign = 1, michael@0: ct_DSS_sign = 2, michael@0: ct_RSA_fixed_DH = 3, michael@0: ct_DSS_fixed_DH = 4, michael@0: ct_RSA_ephemeral_DH = 5, michael@0: ct_DSS_ephemeral_DH = 6, michael@0: ct_ECDSA_sign = 64, michael@0: ct_RSA_fixed_ECDH = 65, michael@0: ct_ECDSA_fixed_ECDH = 66 michael@0: michael@0: } SSL3ClientCertificateType; michael@0: michael@0: typedef SECItem *SSL3DistinquishedName; michael@0: michael@0: typedef struct { michael@0: SSL3Opaque client_version[2]; michael@0: SSL3Opaque random[46]; michael@0: } SSL3RSAPreMasterSecret; michael@0: michael@0: typedef SECItem SSL3EncryptedPreMasterSecret; michael@0: michael@0: michael@0: typedef SSL3Opaque SSL3MasterSecret[48]; michael@0: michael@0: typedef enum { implicit, explicit } SSL3PublicValueEncoding; michael@0: michael@0: typedef struct { michael@0: union { michael@0: SSL3Opaque implicit; michael@0: SECItem explicit; michael@0: } dh_public; michael@0: } SSL3ClientDiffieHellmanPublic; michael@0: michael@0: typedef struct { michael@0: union { michael@0: SSL3EncryptedPreMasterSecret rsa; michael@0: SSL3ClientDiffieHellmanPublic diffie_helman; michael@0: } exchange_keys; michael@0: } SSL3ClientKeyExchange; michael@0: michael@0: typedef SSL3Hashes SSL3PreSignedCertificateVerify; michael@0: michael@0: typedef SECItem SSL3CertificateVerify; michael@0: michael@0: typedef enum { michael@0: sender_client = 0x434c4e54, michael@0: sender_server = 0x53525652 michael@0: } SSL3Sender; michael@0: michael@0: typedef SSL3HashesIndividually SSL3Finished; michael@0: michael@0: typedef struct { michael@0: SSL3Opaque verify_data[12]; michael@0: } TLSFinished; michael@0: michael@0: /* michael@0: * TLS extension related data structures and constants. michael@0: */ michael@0: michael@0: /* SessionTicket extension related data structures. */ michael@0: michael@0: /* NewSessionTicket handshake message. */ michael@0: typedef struct { michael@0: PRUint32 received_timestamp; michael@0: PRUint32 ticket_lifetime_hint; michael@0: SECItem ticket; michael@0: } NewSessionTicket; michael@0: michael@0: typedef enum { michael@0: CLIENT_AUTH_ANONYMOUS = 0, michael@0: CLIENT_AUTH_CERTIFICATE = 1 michael@0: } ClientAuthenticationType; michael@0: michael@0: typedef struct { michael@0: ClientAuthenticationType client_auth_type; michael@0: union { michael@0: SSL3Opaque *certificate_list; michael@0: } identity; michael@0: } ClientIdentity; michael@0: michael@0: #define SESS_TICKET_KEY_NAME_LEN 16 michael@0: #define SESS_TICKET_KEY_NAME_PREFIX "NSS!" michael@0: #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4 michael@0: #define SESS_TICKET_KEY_VAR_NAME_LEN 12 michael@0: michael@0: typedef struct { michael@0: unsigned char *key_name; michael@0: unsigned char *iv; michael@0: SECItem encrypted_state; michael@0: unsigned char *mac; michael@0: } EncryptedSessionTicket; michael@0: michael@0: #define TLS_EX_SESS_TICKET_MAC_LENGTH 32 michael@0: michael@0: #define TLS_STE_NO_SERVER_NAME -1 michael@0: michael@0: #endif /* __ssl3proto_h_ */