mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 13:51:41 +00:00
e7899e86a5
for bug 1046718, bug 1050107, bug 1054625, bug 1057465, bug 1057476.
370 lines
9.1 KiB
C
370 lines
9.1 KiB
C
/* Private header file of libSSL.
|
|
* Various and sundry protocol constants. DON'T CHANGE THESE. These
|
|
* values are defined by the SSL 3.0 protocol specification.
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef __ssl3proto_h_
|
|
#define __ssl3proto_h_
|
|
|
|
typedef PRUint8 SSL3Opaque;
|
|
|
|
typedef PRUint16 SSL3ProtocolVersion;
|
|
/* version numbers are defined in sslproto.h */
|
|
|
|
/* The TLS 1.3 draft version. Used to avoid negotiating
|
|
* between incompatible pre-standard TLS 1.3 drafts.
|
|
* TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
|
|
#define TLS_1_3_DRAFT_VERSION 3
|
|
|
|
typedef PRUint16 ssl3CipherSuite;
|
|
/* The cipher suites are defined in sslproto.h */
|
|
|
|
#define MAX_CERT_TYPES 10
|
|
#define MAX_COMPRESSION_METHODS 10
|
|
#define MAX_MAC_LENGTH 64
|
|
#define MAX_PADDING_LENGTH 64
|
|
#define MAX_KEY_LENGTH 64
|
|
#define EXPORT_KEY_LENGTH 5
|
|
#define SSL3_RANDOM_LENGTH 32
|
|
|
|
#define SSL3_RECORD_HEADER_LENGTH 5
|
|
|
|
/* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */
|
|
#define DTLS_RECORD_HEADER_LENGTH 13
|
|
|
|
#define MAX_FRAGMENT_LENGTH 16384
|
|
|
|
typedef enum {
|
|
content_change_cipher_spec = 20,
|
|
content_alert = 21,
|
|
content_handshake = 22,
|
|
content_application_data = 23
|
|
} SSL3ContentType;
|
|
|
|
typedef struct {
|
|
SSL3ContentType type;
|
|
SSL3ProtocolVersion version;
|
|
PRUint16 length;
|
|
SECItem fragment;
|
|
} SSL3Plaintext;
|
|
|
|
typedef struct {
|
|
SSL3ContentType type;
|
|
SSL3ProtocolVersion version;
|
|
PRUint16 length;
|
|
SECItem fragment;
|
|
} SSL3Compressed;
|
|
|
|
typedef struct {
|
|
SECItem content;
|
|
SSL3Opaque MAC[MAX_MAC_LENGTH];
|
|
} SSL3GenericStreamCipher;
|
|
|
|
typedef struct {
|
|
SECItem content;
|
|
SSL3Opaque MAC[MAX_MAC_LENGTH];
|
|
PRUint8 padding[MAX_PADDING_LENGTH];
|
|
PRUint8 padding_length;
|
|
} SSL3GenericBlockCipher;
|
|
|
|
typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
|
|
|
|
typedef struct {
|
|
SSL3ChangeCipherSpecChoice choice;
|
|
} SSL3ChangeCipherSpec;
|
|
|
|
typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
|
|
|
|
typedef enum {
|
|
close_notify = 0,
|
|
unexpected_message = 10,
|
|
bad_record_mac = 20,
|
|
decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */
|
|
record_overflow = 22, /* TLS only */
|
|
decompression_failure = 30,
|
|
handshake_failure = 40,
|
|
no_certificate = 41, /* SSL3 only, NOT TLS */
|
|
bad_certificate = 42,
|
|
unsupported_certificate = 43,
|
|
certificate_revoked = 44,
|
|
certificate_expired = 45,
|
|
certificate_unknown = 46,
|
|
illegal_parameter = 47,
|
|
|
|
/* All alerts below are TLS only. */
|
|
unknown_ca = 48,
|
|
access_denied = 49,
|
|
decode_error = 50,
|
|
decrypt_error = 51,
|
|
export_restriction = 60,
|
|
protocol_version = 70,
|
|
insufficient_security = 71,
|
|
internal_error = 80,
|
|
inappropriate_fallback = 86, /* could also be sent for SSLv3 */
|
|
user_canceled = 90,
|
|
no_renegotiation = 100,
|
|
|
|
/* Alerts for client hello extensions */
|
|
unsupported_extension = 110,
|
|
certificate_unobtainable = 111,
|
|
unrecognized_name = 112,
|
|
bad_certificate_status_response = 113,
|
|
bad_certificate_hash_value = 114,
|
|
no_application_protocol = 120
|
|
|
|
} SSL3AlertDescription;
|
|
|
|
typedef struct {
|
|
SSL3AlertLevel level;
|
|
SSL3AlertDescription description;
|
|
} SSL3Alert;
|
|
|
|
typedef enum {
|
|
hello_request = 0,
|
|
client_hello = 1,
|
|
server_hello = 2,
|
|
hello_verify_request = 3,
|
|
new_session_ticket = 4,
|
|
certificate = 11,
|
|
server_key_exchange = 12,
|
|
certificate_request = 13,
|
|
server_hello_done = 14,
|
|
certificate_verify = 15,
|
|
client_key_exchange = 16,
|
|
finished = 20,
|
|
certificate_status = 22,
|
|
next_proto = 67
|
|
} SSL3HandshakeType;
|
|
|
|
typedef struct {
|
|
PRUint8 empty;
|
|
} SSL3HelloRequest;
|
|
|
|
typedef struct {
|
|
SSL3Opaque rand[SSL3_RANDOM_LENGTH];
|
|
} SSL3Random;
|
|
|
|
typedef struct {
|
|
SSL3Opaque id[32];
|
|
PRUint8 length;
|
|
} SSL3SessionID;
|
|
|
|
typedef struct {
|
|
SSL3ProtocolVersion client_version;
|
|
SSL3Random random;
|
|
SSL3SessionID session_id;
|
|
SECItem cipher_suites;
|
|
PRUint8 cm_count;
|
|
SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
|
|
} SSL3ClientHello;
|
|
|
|
typedef struct {
|
|
SSL3ProtocolVersion server_version;
|
|
SSL3Random random;
|
|
SSL3SessionID session_id;
|
|
ssl3CipherSuite cipher_suite;
|
|
SSLCompressionMethod compression_method;
|
|
} SSL3ServerHello;
|
|
|
|
typedef struct {
|
|
SECItem list;
|
|
} SSL3Certificate;
|
|
|
|
/* SSL3SignType moved to ssl.h */
|
|
|
|
/* The SSL key exchange method used */
|
|
typedef enum {
|
|
kea_null,
|
|
kea_rsa,
|
|
kea_rsa_export,
|
|
kea_rsa_export_1024,
|
|
kea_dh_dss,
|
|
kea_dh_dss_export,
|
|
kea_dh_rsa,
|
|
kea_dh_rsa_export,
|
|
kea_dhe_dss,
|
|
kea_dhe_dss_export,
|
|
kea_dhe_rsa,
|
|
kea_dhe_rsa_export,
|
|
kea_dh_anon,
|
|
kea_dh_anon_export,
|
|
kea_rsa_fips,
|
|
kea_ecdh_ecdsa,
|
|
kea_ecdhe_ecdsa,
|
|
kea_ecdh_rsa,
|
|
kea_ecdhe_rsa,
|
|
kea_ecdh_anon
|
|
} SSL3KeyExchangeAlgorithm;
|
|
|
|
typedef struct {
|
|
SECItem modulus;
|
|
SECItem exponent;
|
|
} SSL3ServerRSAParams;
|
|
|
|
typedef struct {
|
|
SECItem p;
|
|
SECItem g;
|
|
SECItem Ys;
|
|
} SSL3ServerDHParams;
|
|
|
|
typedef struct {
|
|
union {
|
|
SSL3ServerDHParams dh;
|
|
SSL3ServerRSAParams rsa;
|
|
} u;
|
|
} SSL3ServerParams;
|
|
|
|
/* This enum reflects HashAlgorithm enum from
|
|
* https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
|
|
*
|
|
* When updating, be sure to also update ssl3_TLSHashAlgorithmToOID. */
|
|
enum {
|
|
tls_hash_md5 = 1,
|
|
tls_hash_sha1 = 2,
|
|
tls_hash_sha224 = 3,
|
|
tls_hash_sha256 = 4,
|
|
tls_hash_sha384 = 5,
|
|
tls_hash_sha512 = 6
|
|
};
|
|
|
|
/* This enum reflects SignatureAlgorithm enum from
|
|
* https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
|
|
typedef enum {
|
|
tls_sig_rsa = 1,
|
|
tls_sig_dsa = 2,
|
|
tls_sig_ecdsa = 3
|
|
} TLSSignatureAlgorithm;
|
|
|
|
typedef struct {
|
|
SECOidTag hashAlg;
|
|
TLSSignatureAlgorithm sigAlg;
|
|
} SSL3SignatureAndHashAlgorithm;
|
|
|
|
/* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS
|
|
* prior to 1.2. */
|
|
typedef struct {
|
|
PRUint8 md5[16];
|
|
PRUint8 sha[20];
|
|
} SSL3HashesIndividually;
|
|
|
|
/* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw|
|
|
* which, if |hashAlg==SEC_OID_UNKNOWN| is also a SSL3HashesIndividually
|
|
* struct. */
|
|
typedef struct {
|
|
unsigned int len;
|
|
SECOidTag hashAlg;
|
|
union {
|
|
PRUint8 raw[64];
|
|
SSL3HashesIndividually s;
|
|
} u;
|
|
} SSL3Hashes;
|
|
|
|
typedef struct {
|
|
union {
|
|
SSL3Opaque anonymous;
|
|
SSL3Hashes certified;
|
|
} u;
|
|
} SSL3ServerKeyExchange;
|
|
|
|
typedef enum {
|
|
ct_RSA_sign = 1,
|
|
ct_DSS_sign = 2,
|
|
ct_RSA_fixed_DH = 3,
|
|
ct_DSS_fixed_DH = 4,
|
|
ct_RSA_ephemeral_DH = 5,
|
|
ct_DSS_ephemeral_DH = 6,
|
|
ct_ECDSA_sign = 64,
|
|
ct_RSA_fixed_ECDH = 65,
|
|
ct_ECDSA_fixed_ECDH = 66
|
|
|
|
} SSL3ClientCertificateType;
|
|
|
|
typedef SECItem *SSL3DistinquishedName;
|
|
|
|
typedef struct {
|
|
SSL3Opaque client_version[2];
|
|
SSL3Opaque random[46];
|
|
} SSL3RSAPreMasterSecret;
|
|
|
|
typedef SECItem SSL3EncryptedPreMasterSecret;
|
|
|
|
|
|
typedef SSL3Opaque SSL3MasterSecret[48];
|
|
|
|
typedef enum { implicit, explicit } SSL3PublicValueEncoding;
|
|
|
|
typedef struct {
|
|
union {
|
|
SSL3Opaque implicit;
|
|
SECItem explicit;
|
|
} dh_public;
|
|
} SSL3ClientDiffieHellmanPublic;
|
|
|
|
typedef struct {
|
|
union {
|
|
SSL3EncryptedPreMasterSecret rsa;
|
|
SSL3ClientDiffieHellmanPublic diffie_helman;
|
|
} exchange_keys;
|
|
} SSL3ClientKeyExchange;
|
|
|
|
typedef SSL3Hashes SSL3PreSignedCertificateVerify;
|
|
|
|
typedef SECItem SSL3CertificateVerify;
|
|
|
|
typedef enum {
|
|
sender_client = 0x434c4e54,
|
|
sender_server = 0x53525652
|
|
} SSL3Sender;
|
|
|
|
typedef SSL3HashesIndividually SSL3Finished;
|
|
|
|
typedef struct {
|
|
SSL3Opaque verify_data[12];
|
|
} TLSFinished;
|
|
|
|
/*
|
|
* TLS extension related data structures and constants.
|
|
*/
|
|
|
|
/* SessionTicket extension related data structures. */
|
|
|
|
/* NewSessionTicket handshake message. */
|
|
typedef struct {
|
|
PRUint32 received_timestamp;
|
|
PRUint32 ticket_lifetime_hint;
|
|
SECItem ticket;
|
|
} NewSessionTicket;
|
|
|
|
typedef enum {
|
|
CLIENT_AUTH_ANONYMOUS = 0,
|
|
CLIENT_AUTH_CERTIFICATE = 1
|
|
} ClientAuthenticationType;
|
|
|
|
typedef struct {
|
|
ClientAuthenticationType client_auth_type;
|
|
union {
|
|
SSL3Opaque *certificate_list;
|
|
} identity;
|
|
} ClientIdentity;
|
|
|
|
#define SESS_TICKET_KEY_NAME_LEN 16
|
|
#define SESS_TICKET_KEY_NAME_PREFIX "NSS!"
|
|
#define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
|
|
#define SESS_TICKET_KEY_VAR_NAME_LEN 12
|
|
|
|
typedef struct {
|
|
unsigned char *key_name;
|
|
unsigned char *iv;
|
|
SECItem encrypted_state;
|
|
unsigned char *mac;
|
|
} EncryptedSessionTicket;
|
|
|
|
#define TLS_EX_SESS_TICKET_MAC_LENGTH 32
|
|
|
|
#define TLS_STE_NO_SERVER_NAME -1
|
|
|
|
#endif /* __ssl3proto_h_ */
|