1 /* 2 * This file contains prototypes for the public SSL functions. 3 * 4 * ***** BEGIN LICENSE BLOCK ***** 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 6 * 7 * The contents of this file are subject to the Mozilla Public License Version 8 * 1.1 (the "License"); you may not use this file except in compliance with 9 * the License. You may obtain a copy of the License at 10 * http://www.mozilla.org/MPL/ 11 * 12 * Software distributed under the License is distributed on an "AS IS" basis, 13 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 14 * for the specific language governing rights and limitations under the 15 * License. 16 * 17 * The Original Code is the Netscape security libraries. 18 * 19 * The Initial Developer of the Original Code is 20 * Netscape Communications Corporation. 21 * Portions created by the Initial Developer are Copyright (C) 1994-2000 22 * the Initial Developer. All Rights Reserved. 23 * 24 * Contributor(s): 25 * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories 26 * 27 * Alternatively, the contents of this file may be used under the terms of 28 * either the GNU General Public License Version 2 or later (the "GPL"), or 29 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 30 * in which case the provisions of the GPL or the LGPL are applicable instead 31 * of those above. If you wish to allow use of your version of this file only 32 * under the terms of either the GPL or the LGPL, and not to allow others to 33 * use your version of this file under the terms of the MPL, indicate your 34 * decision by deleting the provisions above and replace them with the notice 35 * and other provisions required by the GPL or the LGPL. If you do not delete 36 * the provisions above, a recipient may use your version of this file under 37 * the terms of any one of the MPL, the GPL or the LGPL. 38 * 39 * ***** END LICENSE BLOCK ***** */ 40 /* $Id: sslt.h,v 1.13 2009/11/07 18:23:06 wtc%google.com Exp $ */ 41 42 #ifndef __sslt_h_ 43 #define __sslt_h_ 44 45 #include "prtypes.h" 46 47 typedef struct SSL3StatisticsStr { 48 /* statistics from ssl3_SendClientHello (sch) */ 49 long sch_sid_cache_hits; 50 long sch_sid_cache_misses; 51 long sch_sid_cache_not_ok; 52 53 /* statistics from ssl3_HandleServerHello (hsh) */ 54 long hsh_sid_cache_hits; 55 long hsh_sid_cache_misses; 56 long hsh_sid_cache_not_ok; 57 58 /* statistics from ssl3_HandleClientHello (hch) */ 59 long hch_sid_cache_hits; 60 long hch_sid_cache_misses; 61 long hch_sid_cache_not_ok; 62 63 /* statistics related to stateless resume */ 64 long sch_sid_stateless_resumes; 65 long hsh_sid_stateless_resumes; 66 long hch_sid_stateless_resumes; 67 long hch_sid_ticket_parse_failures; 68 } SSL3Statistics; 69 70 /* Key Exchange algorithm values */ 71 typedef enum { 72 ssl_kea_null = 0, 73 ssl_kea_rsa = 1, 74 ssl_kea_dh = 2, 75 ssl_kea_fortezza = 3, /* deprecated, now unused */ 76 ssl_kea_ecdh = 4, 77 ssl_kea_size /* number of ssl_kea_ algorithms */ 78 } SSLKEAType; 79 80 /* The following defines are for backwards compatibility. 81 ** They will be removed in a forthcoming release to reduce namespace pollution. 82 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols 83 ** soon. 84 */ 85 #define kt_null ssl_kea_null 86 #define kt_rsa ssl_kea_rsa 87 #define kt_dh ssl_kea_dh 88 #define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ 89 #define kt_ecdh ssl_kea_ecdh 90 #define kt_kea_size ssl_kea_size 91 92 typedef enum { 93 ssl_sign_null = 0, 94 ssl_sign_rsa = 1, 95 ssl_sign_dsa = 2, 96 ssl_sign_ecdsa = 3 97 } SSLSignType; 98 99 typedef enum { 100 ssl_auth_null = 0, 101 ssl_auth_rsa = 1, 102 ssl_auth_dsa = 2, 103 ssl_auth_kea = 3, 104 ssl_auth_ecdsa = 4 105 } SSLAuthType; 106 107 typedef enum { 108 ssl_calg_null = 0, 109 ssl_calg_rc4 = 1, 110 ssl_calg_rc2 = 2, 111 ssl_calg_des = 3, 112 ssl_calg_3des = 4, 113 ssl_calg_idea = 5, 114 ssl_calg_fortezza = 6, /* deprecated, now unused */ 115 ssl_calg_aes = 7, /* coming soon */ 116 ssl_calg_camellia = 8, 117 ssl_calg_seed = 9 118 } SSLCipherAlgorithm; 119 120 typedef enum { 121 ssl_mac_null = 0, 122 ssl_mac_md5 = 1, 123 ssl_mac_sha = 2, 124 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ 125 ssl_hmac_sha = 4 /* TLS HMAC version of mac_sha */ 126 } SSLMACAlgorithm; 127 128 typedef enum { 129 ssl_compression_null = 0, 130 ssl_compression_deflate = 1 /* RFC 3749 */ 131 } SSLCompressionMethod; 132 133 typedef struct SSLChannelInfoStr { 134 PRUint32 length; 135 PRUint16 protocolVersion; 136 PRUint16 cipherSuite; 137 138 /* server authentication info */ 139 PRUint32 authKeyBits; 140 141 /* key exchange algorithm info */ 142 PRUint32 keaKeyBits; 143 144 /* session info */ 145 PRUint32 creationTime; /* seconds since Jan 1, 1970 */ 146 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ 147 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ 148 PRUint32 sessionIDLength; /* up to 32 */ 149 PRUint8 sessionID [32]; 150 151 /* The following fields are added in NSS 3.12.5. */ 152 153 /* compression method info */ 154 const char * compressionMethodName; 155 SSLCompressionMethod compressionMethod; 156 } SSLChannelInfo; 157 158 typedef struct SSLCipherSuiteInfoStr { 159 PRUint16 length; 160 PRUint16 cipherSuite; 161 162 /* Cipher Suite Name */ 163 const char * cipherSuiteName; 164 165 /* server authentication info */ 166 const char * authAlgorithmName; 167 SSLAuthType authAlgorithm; 168 169 /* key exchange algorithm info */ 170 const char * keaTypeName; 171 SSLKEAType keaType; 172 173 /* symmetric encryption info */ 174 const char * symCipherName; 175 SSLCipherAlgorithm symCipher; 176 PRUint16 symKeyBits; 177 PRUint16 symKeySpace; 178 PRUint16 effectiveKeyBits; 179 180 /* MAC info */ 181 const char * macAlgorithmName; 182 SSLMACAlgorithm macAlgorithm; 183 PRUint16 macBits; 184 185 PRUintn isFIPS : 1; 186 PRUintn isExportable : 1; 187 PRUintn nonStandard : 1; 188 PRUintn reservedBits :29; 189 190 } SSLCipherSuiteInfo; 191 192 #endif /* __sslt_h_ */ 193