1 #if MONO_FEATURE_APPLETLS 2 // Copyright 2014 Xamarin Inc. All rights reserved. 3 4 namespace Mono.AppleTls { 5 6 // Security.framework/Headers/SecureTransport.h 7 // untyped enum 8 enum SslProtocol { 9 Unknown = 0, 10 // Ssl_3_0 = 2, 11 Tls_1_0 = 4, 12 Tls_1_1 = 7, 13 Tls_1_2 = 8, 14 // Dtls_1_0 = 9, 15 16 /* Obsolete on iOS */ 17 // Ssl_2_0 = 1, 18 // Ssl_3_0_only = 3, 19 // Tls_1_0_only = 5, 20 // All = 6, 21 } 22 23 // subset of OSStatus (int) 24 enum SslStatus { 25 Success = 0, // errSecSuccess in SecBase.h 26 Protocol = -9800, 27 Negotiation = -9801, 28 FatalAlert = -9802, 29 WouldBlock = -9803, 30 SessionNotFound = -9804, 31 ClosedGraceful = -9805, 32 ClosedAbort = -9806, 33 XCertChainInvalid = -9807, 34 BadCert = -9808, 35 Crypto = -9809, 36 Internal = -9810, 37 ModuleAttach = -9811, 38 UnknownRootCert = -9812, 39 NoRootCert = -9813, 40 CertExpired = -9814, 41 CertNotYetValid = -9815, 42 ClosedNotNotified = -9816, 43 BufferOverflow = -9817, 44 BadCipherSuite = -9818, 45 PeerUnexpectedMsg = -9819, 46 PeerBadRecordMac = -9820, 47 PeerDecryptionFail = -9821, 48 PeerRecordOverflow = -9822, 49 PeerDecompressFail = -9823, 50 PeerHandshakeFail = -9824, 51 PeerBadCert = -9825, 52 PeerUnsupportedCert = -9826, 53 PeerCertRevoked = -9827, 54 PeerCertExpired = -9828, 55 PeerCertUnknown = -9829, 56 IllegalParam = -9830, 57 PeerUnknownCA = -9831, 58 PeerAccessDenied = -9832, 59 PeerDecodeError = -9833, 60 PeerDecryptError = -9834, 61 PeerExportRestriction = -9835, 62 PeerProtocolVersion = -9836, 63 PeerInsufficientSecurity = -9837, 64 PeerInternalError = -9838, 65 PeerUserCancelled = -9839, 66 PeerNoRenegotiation = -9840, 67 PeerAuthCompleted = -9841, // non fatal 68 PeerClientCertRequested = -9842, // non fatal 69 HostNameMismatch = -9843, 70 ConnectionRefused = -9844, 71 DecryptionFail = -9845, 72 BadRecordMac = -9846, 73 RecordOverflow = -9847, 74 BadConfiguration = -9848, 75 UnexpectedRecord = -9849, 76 SSLWeakPeerEphemeralDHKey = -9850, 77 SSLClientHelloReceived = -9851 // non falta 78 } 79 80 // Security.framework/Headers/SecureTransport.h 81 // untyped enum 82 enum SslSessionOption { 83 BreakOnServerAuth, 84 BreakOnCertRequested, 85 BreakOnClientAuth, 86 87 // FalseStart, 88 89 // SendOneByteRecord, 90 91 // AllowServerIdentityChange = 5, 92 93 // Fallback = 6, 94 95 // BreakOnClientHello = 7, 96 97 // AllowRenegotiation = 8, 98 } 99 100 // Security.framework/Headers/SecureTransport.h 101 // untyped enum 102 enum SslAuthenticate { 103 // Never, 104 // Always, 105 Try = 2, 106 } 107 108 // Security.framework/Headers/SecureTransport.h 109 // untyped enum 110 enum SslProtocolSide { 111 Server, 112 Client, 113 } 114 115 // Security.framework/Headers/SecureTransport.h 116 // untyped enum 117 enum SslConnectionType { 118 Stream, 119 // Datagram 120 } 121 122 // Security.framework/Headers/SecureTransport.h 123 // untyped enum 124 enum SslSessionState { 125 Invalid = -1, 126 // Idle, 127 // Handshake, 128 // Connected, 129 // Closed, 130 // Aborted 131 } 132 133 // Security.framework/Headers/SecureTransport.h 134 // untyped enum 135 enum SslClientCertificateState { 136 None, 137 Requested, 138 Sent, 139 Rejected 140 } 141 142 // Security.framework/Headers/CipherSuite.h 143 // 32 bits (uint32_t) on OSX, 16 bits (uint16_t) on iOS 144 #if XAMMAC || XAMMAC_4_5 145 enum SslCipherSuite : uint { 146 #else 147 enum SslCipherSuite : ushort { 148 #endif 149 // DO NOT RENAME VALUES - they don't look good but we need them to keep compatibility with our System.dll code 150 // it's how it's defined across most SSL/TLS implementation (from RFC) 151 152 SSL_NULL_WITH_NULL_NULL = 0x0000, // value used before (not after) negotiation 153 TLS_NULL_WITH_NULL_NULL = 0x0000, 154 155 // Not the whole list (too much unneeed metadata) but only what's supported 156 // FIXME needs to be expended with OSX 10.9 157 158 SSL_RSA_WITH_NULL_MD5 = 0x0001, 159 SSL_RSA_WITH_NULL_SHA = 0x0002, 160 SSL_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003, // iOS 5.1 only 161 SSL_RSA_WITH_RC4_128_MD5 = 0x0004, 162 SSL_RSA_WITH_RC4_128_SHA = 0x0005, 163 SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, 164 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, 165 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017, // iOS 5.1 only 166 SSL_DH_anon_WITH_RC4_128_MD5 = 0x0018, 167 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, 168 169 // TLS - identical values to SSL (above) 170 171 TLS_RSA_WITH_NULL_MD5 = 0x0001, 172 TLS_RSA_WITH_NULL_SHA = 0x0002, 173 TLS_RSA_WITH_RC4_128_MD5 = 0x0004, 174 TLS_RSA_WITH_RC4_128_SHA = 0x0005, 175 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, 176 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, 177 TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018, 178 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, 179 180 // TLS specific 181 182 TLS_PSK_WITH_NULL_SHA = 0x002C, 183 TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, 184 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, 185 TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034, 186 TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, 187 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, 188 TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A, 189 TLS_RSA_WITH_NULL_SHA256 = 0x003B, 190 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, 191 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, 192 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, 193 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, 194 TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C, 195 TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D, 196 TLS_PSK_WITH_RC4_128_SHA = 0x008A, 197 TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, 198 TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, 199 TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, 200 201 TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C, // iOS 9+ 202 TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D, // iOS 9+ 203 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E, // iOS 9+ 204 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F, // iOS 9+ 205 206 TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6, // iOS 5.1 only 207 TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7, // iOS 5.1 only 208 TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE, 209 TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF, 210 TLS_PSK_WITH_NULL_SHA256 = 0x00B0, 211 TLS_PSK_WITH_NULL_SHA384 = 0x00B1, 212 TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001, 213 TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002, 214 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003, 215 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004, 216 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005, 217 TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006, 218 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, 219 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, 220 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, 221 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, 222 TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B, 223 TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C, 224 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D, 225 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E, 226 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F, 227 TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010, 228 TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, 229 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, 230 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, 231 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, 232 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, 233 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, 234 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025, 235 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026, 236 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, 237 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, 238 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029, 239 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A, 240 241 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B, // iOS 9+ 242 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C, // iOS 9+ 243 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D, // iOS 9+ 244 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E, // iOS 9+ 245 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F, // iOS 9+ 246 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030, // iOS 9+ 247 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031, // iOS 9+ 248 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032, // iOS 9+ 249 } 250 } 251 #endif 252