1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 2 /* Private header file of libSSL. 3 * Various and sundry protocol constants. DON'T CHANGE THESE. These 4 * values are defined by the SSL 3.0 protocol specification. 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 9 10 #ifndef __ssl3proto_h_ 11 #define __ssl3proto_h_ 12 13 typedef PRUint16 SSL3ProtocolVersion; 14 /* version numbers are defined in sslproto.h */ 15 16 /* DTLS 1.3 is still a draft. */ 17 #define DTLS_1_3_DRAFT_VERSION 43 18 19 typedef PRUint16 ssl3CipherSuite; 20 /* The cipher suites are defined in sslproto.h */ 21 22 #define MAX_CERT_TYPES 10 23 #define MAX_MAC_LENGTH 64 24 #define MAX_PADDING_LENGTH 64 25 #define MAX_KEY_LENGTH 64 26 #define EXPORT_KEY_LENGTH 5 27 #define SSL3_RANDOM_LENGTH 32 28 29 #define SSL3_RECORD_HEADER_LENGTH 5 30 31 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ 32 #define DTLS_RECORD_HEADER_LENGTH 13 33 34 #define MAX_FRAGMENT_LENGTH 16384 35 36 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; 37 38 typedef enum { alert_warning = 1, 39 alert_fatal = 2 } SSL3AlertLevel; 40 41 typedef enum { 42 close_notify = 0, 43 unexpected_message = 10, 44 bad_record_mac = 20, 45 decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ 46 record_overflow = 22, /* TLS only */ 47 decompression_failure = 30, 48 handshake_failure = 40, 49 no_certificate = 41, /* SSL3 only, NOT TLS */ 50 bad_certificate = 42, 51 unsupported_certificate = 43, 52 certificate_revoked = 44, 53 certificate_expired = 45, 54 certificate_unknown = 46, 55 illegal_parameter = 47, 56 57 /* All alerts below are TLS only. */ 58 unknown_ca = 48, 59 access_denied = 49, 60 decode_error = 50, 61 decrypt_error = 51, 62 export_restriction = 60, 63 protocol_version = 70, 64 insufficient_security = 71, 65 internal_error = 80, 66 inappropriate_fallback = 86, /* could also be sent for SSLv3 */ 67 user_canceled = 90, 68 no_renegotiation = 100, 69 70 /* Alerts for client hello extensions */ 71 missing_extension = 109, 72 unsupported_extension = 110, 73 certificate_unobtainable = 111, 74 unrecognized_name = 112, 75 bad_certificate_status_response = 113, 76 bad_certificate_hash_value = 114, 77 certificate_required = 116, 78 no_application_protocol = 120, 79 ech_required = 121, 80 81 /* invalid alert */ 82 no_alert = 256 83 } SSL3AlertDescription; 84 85 typedef PRUint8 SSL3Random[SSL3_RANDOM_LENGTH]; 86 87 typedef struct { 88 PRUint8 id[32]; 89 PRUint8 length; 90 } SSL3SessionID; 91 92 /* SSL3SignType moved to ssl.h */ 93 94 /* The SSL key exchange method used */ 95 typedef enum { 96 kea_null, 97 kea_rsa, 98 kea_dh_dss, 99 kea_dh_rsa, 100 kea_dhe_dss, 101 kea_dhe_rsa, 102 kea_dh_anon, 103 kea_ecdh_ecdsa, 104 kea_ecdhe_ecdsa, 105 kea_ecdh_rsa, 106 kea_ecdhe_rsa, 107 kea_ecdh_anon, 108 kea_ecdhe_psk, 109 kea_dhe_psk, 110 kea_tls13_any, 111 } SSL3KeyExchangeAlgorithm; 112 113 /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS 114 * prior to 1.2. */ 115 typedef struct { 116 PRUint8 md5[16]; 117 PRUint8 sha[20]; 118 } SSL3HashesIndividually; 119 120 /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw| 121 * which, if |hashAlg==ssl_hash_none| is also a SSL3HashesIndividually 122 * struct. */ 123 typedef struct { 124 unsigned int len; 125 SSLHashType hashAlg; 126 union { 127 PRUint8 raw[64]; 128 SSL3HashesIndividually s; 129 } u; 130 } SSL3Hashes; 131 132 typedef enum { 133 ct_RSA_sign = 1, 134 ct_DSS_sign = 2, 135 ct_RSA_fixed_DH = 3, 136 ct_DSS_fixed_DH = 4, 137 ct_RSA_ephemeral_DH = 5, 138 ct_DSS_ephemeral_DH = 6, 139 ct_ECDSA_sign = 64, 140 ct_RSA_fixed_ECDH = 65, 141 ct_ECDSA_fixed_ECDH = 66 142 } SSL3ClientCertificateType; 143 144 typedef enum { 145 sender_client = 0x434c4e54, 146 sender_server = 0x53525652 147 } SSL3Sender; 148 149 typedef SSL3HashesIndividually SSL3Finished; 150 151 typedef struct { 152 PRUint8 verify_data[12]; 153 } TLSFinished; 154 155 /* 156 * TLS extension related data structures and constants. 157 */ 158 159 /* SessionTicket extension related data structures. */ 160 161 /* NewSessionTicket handshake message. */ 162 typedef struct { 163 PRTime received_timestamp; 164 PRUint32 ticket_lifetime_hint; 165 PRUint32 flags; 166 PRUint32 ticket_age_add; 167 PRUint32 max_early_data_size; 168 SECItem ticket; 169 } NewSessionTicket; 170 171 typedef enum { 172 tls13_psk_ke = 0, 173 tls13_psk_dh_ke = 1 174 } TLS13PskKEModes; 175 176 typedef enum { 177 CLIENT_AUTH_ANONYMOUS = 0, 178 CLIENT_AUTH_CERTIFICATE = 1 179 } ClientAuthenticationType; 180 181 #define SELF_ENCRYPT_KEY_NAME_LEN 16 182 #define SELF_ENCRYPT_KEY_NAME_PREFIX "NSS!" 183 #define SELF_ENCRYPT_KEY_NAME_PREFIX_LEN 4 184 #define SELF_ENCRYPT_KEY_VAR_NAME_LEN 12 185 186 #endif /* __ssl3proto_h_ */ 187