1 /* Private header file of libSSL. 2 * Various and sundry protocol constants. DON'T CHANGE THESE. These 3 * values are defined by the SSL 3.0 protocol specification. 4 * 5 * ***** BEGIN LICENSE BLOCK ***** 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 7 * 8 * The contents of this file are subject to the Mozilla Public License Version 9 * 1.1 (the "License"); you may not use this file except in compliance with 10 * the License. You may obtain a copy of the License at 11 * http://www.mozilla.org/MPL/ 12 * 13 * Software distributed under the License is distributed on an "AS IS" basis, 14 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 15 * for the specific language governing rights and limitations under the 16 * License. 17 * 18 * The Original Code is the Netscape security libraries. 19 * 20 * The Initial Developer of the Original Code is 21 * Netscape Communications Corporation. 22 * Portions created by the Initial Developer are Copyright (C) 1994-2000 23 * the Initial Developer. All Rights Reserved. 24 * 25 * Contributor(s): 26 * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories 27 * 28 * Alternatively, the contents of this file may be used under the terms of 29 * either the GNU General Public License Version 2 or later (the "GPL"), or 30 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 31 * in which case the provisions of the GPL or the LGPL are applicable instead 32 * of those above. If you wish to allow use of your version of this file only 33 * under the terms of either the GPL or the LGPL, and not to allow others to 34 * use your version of this file under the terms of the MPL, indicate your 35 * decision by deleting the provisions above and replace them with the notice 36 * and other provisions required by the GPL or the LGPL. If you do not delete 37 * the provisions above, a recipient may use your version of this file under 38 * the terms of any one of the MPL, the GPL or the LGPL. 39 * 40 * ***** END LICENSE BLOCK ***** */ 41 /* $Id: ssl3prot.h,v 1.15 2009/11/07 18:23:06 wtc%google.com Exp $ */ 42 43 #ifndef __ssl3proto_h_ 44 #define __ssl3proto_h_ 45 46 typedef uint8 SSL3Opaque; 47 48 typedef uint16 SSL3ProtocolVersion; 49 /* version numbers are defined in sslproto.h */ 50 51 typedef uint16 ssl3CipherSuite; 52 /* The cipher suites are defined in sslproto.h */ 53 54 #define MAX_CERT_TYPES 10 55 #define MAX_COMPRESSION_METHODS 10 56 #define MAX_MAC_LENGTH 64 57 #define MAX_PADDING_LENGTH 64 58 #define MAX_KEY_LENGTH 64 59 #define EXPORT_KEY_LENGTH 5 60 #define SSL3_RANDOM_LENGTH 32 61 62 #define SSL3_RECORD_HEADER_LENGTH 5 63 64 #define MAX_FRAGMENT_LENGTH 16384 65 66 typedef enum { 67 content_change_cipher_spec = 20, 68 content_alert = 21, 69 content_handshake = 22, 70 content_application_data = 23 71 } SSL3ContentType; 72 73 typedef struct { 74 SSL3ContentType type; 75 SSL3ProtocolVersion version; 76 uint16 length; 77 SECItem fragment; 78 } SSL3Plaintext; 79 80 typedef struct { 81 SSL3ContentType type; 82 SSL3ProtocolVersion version; 83 uint16 length; 84 SECItem fragment; 85 } SSL3Compressed; 86 87 typedef struct { 88 SECItem content; 89 SSL3Opaque MAC[MAX_MAC_LENGTH]; 90 } SSL3GenericStreamCipher; 91 92 typedef struct { 93 SECItem content; 94 SSL3Opaque MAC[MAX_MAC_LENGTH]; 95 uint8 padding[MAX_PADDING_LENGTH]; 96 uint8 padding_length; 97 } SSL3GenericBlockCipher; 98 99 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; 100 101 typedef struct { 102 SSL3ChangeCipherSpecChoice choice; 103 } SSL3ChangeCipherSpec; 104 105 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel; 106 107 typedef enum { 108 close_notify = 0, 109 unexpected_message = 10, 110 bad_record_mac = 20, 111 decryption_failed = 21, /* TLS only */ 112 record_overflow = 22, /* TLS only */ 113 decompression_failure = 30, 114 handshake_failure = 40, 115 no_certificate = 41, /* SSL3 only, NOT TLS */ 116 bad_certificate = 42, 117 unsupported_certificate = 43, 118 certificate_revoked = 44, 119 certificate_expired = 45, 120 certificate_unknown = 46, 121 illegal_parameter = 47, 122 123 /* All alerts below are TLS only. */ 124 unknown_ca = 48, 125 access_denied = 49, 126 decode_error = 50, 127 decrypt_error = 51, 128 export_restriction = 60, 129 protocol_version = 70, 130 insufficient_security = 71, 131 internal_error = 80, 132 user_canceled = 90, 133 no_renegotiation = 100, 134 135 /* Alerts for client hello extensions */ 136 unsupported_extension = 110, 137 certificate_unobtainable = 111, 138 unrecognized_name = 112, 139 bad_certificate_status_response = 113, 140 bad_certificate_hash_value = 114 141 142 } SSL3AlertDescription; 143 144 typedef struct { 145 SSL3AlertLevel level; 146 SSL3AlertDescription description; 147 } SSL3Alert; 148 149 typedef enum { 150 hello_request = 0, 151 client_hello = 1, 152 server_hello = 2, 153 new_session_ticket = 4, 154 certificate = 11, 155 server_key_exchange = 12, 156 certificate_request = 13, 157 server_hello_done = 14, 158 certificate_verify = 15, 159 client_key_exchange = 16, 160 finished = 20, 161 next_proto = 67 162 } SSL3HandshakeType; 163 164 typedef struct { 165 uint8 empty; 166 } SSL3HelloRequest; 167 168 typedef struct { 169 SSL3Opaque rand[SSL3_RANDOM_LENGTH]; 170 } SSL3Random; 171 172 typedef struct { 173 SSL3Opaque id[32]; 174 uint8 length; 175 } SSL3SessionID; 176 177 typedef struct { 178 SSL3ProtocolVersion client_version; 179 SSL3Random random; 180 SSL3SessionID session_id; 181 SECItem cipher_suites; 182 uint8 cm_count; 183 SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; 184 } SSL3ClientHello; 185 186 typedef struct { 187 SSL3ProtocolVersion server_version; 188 SSL3Random random; 189 SSL3SessionID session_id; 190 ssl3CipherSuite cipher_suite; 191 SSLCompressionMethod compression_method; 192 } SSL3ServerHello; 193 194 typedef struct { 195 SECItem list; 196 } SSL3Certificate; 197 198 /* SSL3SignType moved to ssl.h */ 199 200 /* The SSL key exchange method used */ 201 typedef enum { 202 kea_null, 203 kea_rsa, 204 kea_rsa_export, 205 kea_rsa_export_1024, 206 kea_dh_dss, 207 kea_dh_dss_export, 208 kea_dh_rsa, 209 kea_dh_rsa_export, 210 kea_dhe_dss, 211 kea_dhe_dss_export, 212 kea_dhe_rsa, 213 kea_dhe_rsa_export, 214 kea_dh_anon, 215 kea_dh_anon_export, 216 kea_rsa_fips, 217 kea_ecdh_ecdsa, 218 kea_ecdhe_ecdsa, 219 kea_ecdh_rsa, 220 kea_ecdhe_rsa, 221 kea_ecdh_anon 222 } SSL3KeyExchangeAlgorithm; 223 224 typedef struct { 225 SECItem modulus; 226 SECItem exponent; 227 } SSL3ServerRSAParams; 228 229 typedef struct { 230 SECItem p; 231 SECItem g; 232 SECItem Ys; 233 } SSL3ServerDHParams; 234 235 typedef struct { 236 union { 237 SSL3ServerDHParams dh; 238 SSL3ServerRSAParams rsa; 239 } u; 240 } SSL3ServerParams; 241 242 typedef struct { 243 uint8 md5[16]; 244 uint8 sha[20]; 245 } SSL3Hashes; 246 247 typedef struct { 248 union { 249 SSL3Opaque anonymous; 250 SSL3Hashes certified; 251 } u; 252 } SSL3ServerKeyExchange; 253 254 typedef enum { 255 ct_RSA_sign = 1, 256 ct_DSS_sign = 2, 257 ct_RSA_fixed_DH = 3, 258 ct_DSS_fixed_DH = 4, 259 ct_RSA_ephemeral_DH = 5, 260 ct_DSS_ephemeral_DH = 6, 261 ct_ECDSA_sign = 64, 262 ct_RSA_fixed_ECDH = 65, 263 ct_ECDSA_fixed_ECDH = 66 264 265 } SSL3ClientCertificateType; 266 267 typedef SECItem *SSL3DistinquishedName; 268 269 typedef struct { 270 SSL3Opaque client_version[2]; 271 SSL3Opaque random[46]; 272 } SSL3RSAPreMasterSecret; 273 274 typedef SECItem SSL3EncryptedPreMasterSecret; 275 276 277 typedef SSL3Opaque SSL3MasterSecret[48]; 278 279 typedef enum { implicit, explicit } SSL3PublicValueEncoding; 280 281 typedef struct { 282 union { 283 SSL3Opaque implicit; 284 SECItem explicit; 285 } dh_public; 286 } SSL3ClientDiffieHellmanPublic; 287 288 typedef struct { 289 union { 290 SSL3EncryptedPreMasterSecret rsa; 291 SSL3ClientDiffieHellmanPublic diffie_helman; 292 } exchange_keys; 293 } SSL3ClientKeyExchange; 294 295 typedef SSL3Hashes SSL3PreSignedCertificateVerify; 296 297 typedef SECItem SSL3CertificateVerify; 298 299 typedef enum { 300 sender_client = 0x434c4e54, 301 sender_server = 0x53525652 302 } SSL3Sender; 303 304 typedef SSL3Hashes SSL3Finished; 305 306 typedef struct { 307 SSL3Opaque verify_data[12]; 308 } TLSFinished; 309 310 /* 311 * TLS extension related data structures and constants. 312 */ 313 314 /* SessionTicket extension related data structures. */ 315 316 /* NewSessionTicket handshake message. */ 317 typedef struct { 318 uint32 received_timestamp; 319 uint32 ticket_lifetime_hint; 320 SECItem ticket; 321 } NewSessionTicket; 322 323 typedef enum { 324 CLIENT_AUTH_ANONYMOUS = 0, 325 CLIENT_AUTH_CERTIFICATE = 1 326 } ClientAuthenticationType; 327 328 typedef struct { 329 ClientAuthenticationType client_auth_type; 330 union { 331 SSL3Opaque *certificate_list; 332 } identity; 333 } ClientIdentity; 334 335 #define SESS_TICKET_KEY_NAME_LEN 16 336 #define SESS_TICKET_KEY_NAME_PREFIX "NSS!" 337 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4 338 #define SESS_TICKET_KEY_VAR_NAME_LEN 12 339 340 typedef struct { 341 unsigned char *key_name; 342 unsigned char *iv; 343 SECItem encrypted_state; 344 unsigned char *mac; 345 } EncryptedSessionTicket; 346 347 /* Supported extensions. */ 348 /* Update MAX_EXTENSIONS whenever a new extension type is added. */ 349 typedef enum { 350 server_name_xtn = 0, 351 #ifdef NSS_ENABLE_ECC 352 elliptic_curves_xtn = 10, 353 ec_point_formats_xtn = 11, 354 #endif 355 session_ticket_xtn = 35, 356 next_proto_neg_xtn = 13172 357 } ExtensionType; 358 359 #define MAX_EXTENSIONS 5 360 361 #define TLS_EX_SESS_TICKET_MAC_LENGTH 32 362 363 #endif /* __ssl3proto_h_ */ 364