• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Private header file of libSSL.
2  * Various and sundry protocol constants. DON'T CHANGE THESE. These
3  * values are defined by the SSL 3.0 protocol specification.
4  *
5  * ***** BEGIN LICENSE BLOCK *****
6  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
7  *
8  * The contents of this file are subject to the Mozilla Public License Version
9  * 1.1 (the "License"); you may not use this file except in compliance with
10  * the License. You may obtain a copy of the License at
11  * http://www.mozilla.org/MPL/
12  *
13  * Software distributed under the License is distributed on an "AS IS" basis,
14  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
15  * for the specific language governing rights and limitations under the
16  * License.
17  *
18  * The Original Code is the Netscape security libraries.
19  *
20  * The Initial Developer of the Original Code is
21  * Netscape Communications Corporation.
22  * Portions created by the Initial Developer are Copyright (C) 1994-2000
23  * the Initial Developer. All Rights Reserved.
24  *
25  * Contributor(s):
26  *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
27  *
28  * Alternatively, the contents of this file may be used under the terms of
29  * either the GNU General Public License Version 2 or later (the "GPL"), or
30  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
31  * in which case the provisions of the GPL or the LGPL are applicable instead
32  * of those above. If you wish to allow use of your version of this file only
33  * under the terms of either the GPL or the LGPL, and not to allow others to
34  * use your version of this file under the terms of the MPL, indicate your
35  * decision by deleting the provisions above and replace them with the notice
36  * and other provisions required by the GPL or the LGPL. If you do not delete
37  * the provisions above, a recipient may use your version of this file under
38  * the terms of any one of the MPL, the GPL or the LGPL.
39  *
40  * ***** END LICENSE BLOCK ***** */
41 /* $Id: ssl3prot.h,v 1.15 2009/11/07 18:23:06 wtc%google.com Exp $ */
42 
43 #ifndef __ssl3proto_h_
44 #define __ssl3proto_h_
45 
46 typedef uint8 SSL3Opaque;
47 
48 typedef uint16 SSL3ProtocolVersion;
49 /* version numbers are defined in sslproto.h */
50 
51 typedef uint16 ssl3CipherSuite;
52 /* The cipher suites are defined in sslproto.h */
53 
54 #define MAX_CERT_TYPES			10
55 #define MAX_COMPRESSION_METHODS		10
56 #define MAX_MAC_LENGTH			64
57 #define MAX_PADDING_LENGTH		64
58 #define MAX_KEY_LENGTH			64
59 #define EXPORT_KEY_LENGTH		 5
60 #define SSL3_RANDOM_LENGTH		32
61 
62 #define SSL3_RECORD_HEADER_LENGTH	 5
63 
64 #define MAX_FRAGMENT_LENGTH		16384
65 
66 typedef enum {
67     content_change_cipher_spec = 20,
68     content_alert              = 21,
69     content_handshake          = 22,
70     content_application_data   = 23
71 } SSL3ContentType;
72 
73 typedef struct {
74     SSL3ContentType     type;
75     SSL3ProtocolVersion version;
76     uint16              length;
77     SECItem             fragment;
78 } SSL3Plaintext;
79 
80 typedef struct {
81     SSL3ContentType     type;
82     SSL3ProtocolVersion version;
83     uint16              length;
84     SECItem             fragment;
85 } SSL3Compressed;
86 
87 typedef struct {
88     SECItem    content;
89     SSL3Opaque MAC[MAX_MAC_LENGTH];
90 } SSL3GenericStreamCipher;
91 
92 typedef struct {
93     SECItem    content;
94     SSL3Opaque MAC[MAX_MAC_LENGTH];
95     uint8      padding[MAX_PADDING_LENGTH];
96     uint8      padding_length;
97 } SSL3GenericBlockCipher;
98 
99 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
100 
101 typedef struct {
102     SSL3ChangeCipherSpecChoice choice;
103 } SSL3ChangeCipherSpec;
104 
105 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
106 
107 typedef enum {
108     close_notify            = 0,
109     unexpected_message      = 10,
110     bad_record_mac          = 20,
111     decryption_failed       = 21,	/* TLS only */
112     record_overflow         = 22,	/* TLS only */
113     decompression_failure   = 30,
114     handshake_failure       = 40,
115     no_certificate          = 41,	/* SSL3 only, NOT TLS */
116     bad_certificate         = 42,
117     unsupported_certificate = 43,
118     certificate_revoked     = 44,
119     certificate_expired     = 45,
120     certificate_unknown     = 46,
121     illegal_parameter       = 47,
122 
123 /* All alerts below are TLS only. */
124     unknown_ca              = 48,
125     access_denied           = 49,
126     decode_error            = 50,
127     decrypt_error           = 51,
128     export_restriction      = 60,
129     protocol_version        = 70,
130     insufficient_security   = 71,
131     internal_error          = 80,
132     user_canceled           = 90,
133     no_renegotiation        = 100,
134 
135 /* Alerts for client hello extensions */
136     unsupported_extension           = 110,
137     certificate_unobtainable        = 111,
138     unrecognized_name               = 112,
139     bad_certificate_status_response = 113,
140     bad_certificate_hash_value      = 114
141 
142 } SSL3AlertDescription;
143 
144 typedef struct {
145     SSL3AlertLevel       level;
146     SSL3AlertDescription description;
147 } SSL3Alert;
148 
149 typedef enum {
150     hello_request	= 0,
151     client_hello	= 1,
152     server_hello	= 2,
153     new_session_ticket	= 4,
154     certificate 	= 11,
155     server_key_exchange = 12,
156     certificate_request	= 13,
157     server_hello_done	= 14,
158     certificate_verify	= 15,
159     client_key_exchange	= 16,
160     finished		= 20,
161     next_proto		= 67
162 } SSL3HandshakeType;
163 
164 typedef struct {
165     uint8 empty;
166 } SSL3HelloRequest;
167 
168 typedef struct {
169     SSL3Opaque rand[SSL3_RANDOM_LENGTH];
170 } SSL3Random;
171 
172 typedef struct {
173     SSL3Opaque id[32];
174     uint8 length;
175 } SSL3SessionID;
176 
177 typedef struct {
178     SSL3ProtocolVersion   client_version;
179     SSL3Random            random;
180     SSL3SessionID         session_id;
181     SECItem               cipher_suites;
182     uint8                 cm_count;
183     SSLCompressionMethod  compression_methods[MAX_COMPRESSION_METHODS];
184 } SSL3ClientHello;
185 
186 typedef struct  {
187     SSL3ProtocolVersion   server_version;
188     SSL3Random            random;
189     SSL3SessionID         session_id;
190     ssl3CipherSuite       cipher_suite;
191     SSLCompressionMethod  compression_method;
192 } SSL3ServerHello;
193 
194 typedef struct {
195     SECItem list;
196 } SSL3Certificate;
197 
198 /* SSL3SignType moved to ssl.h */
199 
200 /* The SSL key exchange method used */
201 typedef enum {
202     kea_null,
203     kea_rsa,
204     kea_rsa_export,
205     kea_rsa_export_1024,
206     kea_dh_dss,
207     kea_dh_dss_export,
208     kea_dh_rsa,
209     kea_dh_rsa_export,
210     kea_dhe_dss,
211     kea_dhe_dss_export,
212     kea_dhe_rsa,
213     kea_dhe_rsa_export,
214     kea_dh_anon,
215     kea_dh_anon_export,
216     kea_rsa_fips,
217     kea_ecdh_ecdsa,
218     kea_ecdhe_ecdsa,
219     kea_ecdh_rsa,
220     kea_ecdhe_rsa,
221     kea_ecdh_anon
222 } SSL3KeyExchangeAlgorithm;
223 
224 typedef struct {
225     SECItem modulus;
226     SECItem exponent;
227 } SSL3ServerRSAParams;
228 
229 typedef struct {
230     SECItem p;
231     SECItem g;
232     SECItem Ys;
233 } SSL3ServerDHParams;
234 
235 typedef struct {
236     union {
237 	SSL3ServerDHParams dh;
238 	SSL3ServerRSAParams rsa;
239     } u;
240 } SSL3ServerParams;
241 
242 typedef struct {
243     uint8 md5[16];
244     uint8 sha[20];
245 } SSL3Hashes;
246 
247 typedef struct {
248     union {
249 	SSL3Opaque anonymous;
250 	SSL3Hashes certified;
251     } u;
252 } SSL3ServerKeyExchange;
253 
254 typedef enum {
255     ct_RSA_sign 	=  1,
256     ct_DSS_sign 	=  2,
257     ct_RSA_fixed_DH 	=  3,
258     ct_DSS_fixed_DH 	=  4,
259     ct_RSA_ephemeral_DH =  5,
260     ct_DSS_ephemeral_DH =  6,
261     ct_ECDSA_sign	=  64,
262     ct_RSA_fixed_ECDH	=  65,
263     ct_ECDSA_fixed_ECDH	=  66
264 
265 } SSL3ClientCertificateType;
266 
267 typedef SECItem *SSL3DistinquishedName;
268 
269 typedef struct {
270     SSL3Opaque client_version[2];
271     SSL3Opaque random[46];
272 } SSL3RSAPreMasterSecret;
273 
274 typedef SECItem SSL3EncryptedPreMasterSecret;
275 
276 
277 typedef SSL3Opaque SSL3MasterSecret[48];
278 
279 typedef enum { implicit, explicit } SSL3PublicValueEncoding;
280 
281 typedef struct {
282     union {
283 	SSL3Opaque implicit;
284 	SECItem    explicit;
285     } dh_public;
286 } SSL3ClientDiffieHellmanPublic;
287 
288 typedef struct {
289     union {
290 	SSL3EncryptedPreMasterSecret  rsa;
291 	SSL3ClientDiffieHellmanPublic diffie_helman;
292     } exchange_keys;
293 } SSL3ClientKeyExchange;
294 
295 typedef SSL3Hashes SSL3PreSignedCertificateVerify;
296 
297 typedef SECItem SSL3CertificateVerify;
298 
299 typedef enum {
300     sender_client = 0x434c4e54,
301     sender_server = 0x53525652
302 } SSL3Sender;
303 
304 typedef SSL3Hashes SSL3Finished;
305 
306 typedef struct {
307     SSL3Opaque verify_data[12];
308 } TLSFinished;
309 
310 /*
311  * TLS extension related data structures and constants.
312  */
313 
314 /* SessionTicket extension related data structures. */
315 
316 /* NewSessionTicket handshake message. */
317 typedef struct {
318     uint32  received_timestamp;
319     uint32  ticket_lifetime_hint;
320     SECItem ticket;
321 } NewSessionTicket;
322 
323 typedef enum {
324     CLIENT_AUTH_ANONYMOUS   = 0,
325     CLIENT_AUTH_CERTIFICATE = 1
326 } ClientAuthenticationType;
327 
328 typedef struct {
329     ClientAuthenticationType client_auth_type;
330     union {
331 	SSL3Opaque *certificate_list;
332     } identity;
333 } ClientIdentity;
334 
335 #define SESS_TICKET_KEY_NAME_LEN       16
336 #define SESS_TICKET_KEY_NAME_PREFIX    "NSS!"
337 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
338 #define SESS_TICKET_KEY_VAR_NAME_LEN   12
339 
340 typedef struct {
341     unsigned char *key_name;
342     unsigned char *iv;
343     SECItem encrypted_state;
344     unsigned char *mac;
345 } EncryptedSessionTicket;
346 
347 /* Supported extensions. */
348 /* Update MAX_EXTENSIONS whenever a new extension type is added. */
349 typedef enum {
350     server_name_xtn              = 0,
351 #ifdef NSS_ENABLE_ECC
352     elliptic_curves_xtn          = 10,
353     ec_point_formats_xtn         = 11,
354 #endif
355     session_ticket_xtn           = 35,
356     next_proto_neg_xtn           = 13172
357 } ExtensionType;
358 
359 #define MAX_EXTENSIONS             5
360 
361 #define TLS_EX_SESS_TICKET_MAC_LENGTH       32
362 
363 #endif /* __ssl3proto_h_ */
364