• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file contains prototypes for the public SSL functions.
3  *
4  * ***** BEGIN LICENSE BLOCK *****
5  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6  *
7  * The contents of this file are subject to the Mozilla Public License Version
8  * 1.1 (the "License"); you may not use this file except in compliance with
9  * the License. You may obtain a copy of the License at
10  * http://www.mozilla.org/MPL/
11  *
12  * Software distributed under the License is distributed on an "AS IS" basis,
13  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
14  * for the specific language governing rights and limitations under the
15  * License.
16  *
17  * The Original Code is the Netscape security libraries.
18  *
19  * The Initial Developer of the Original Code is
20  * Netscape Communications Corporation.
21  * Portions created by the Initial Developer are Copyright (C) 1994-2000
22  * the Initial Developer. All Rights Reserved.
23  *
24  * Contributor(s):
25  *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
26  *
27  * Alternatively, the contents of this file may be used under the terms of
28  * either the GNU General Public License Version 2 or later (the "GPL"), or
29  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
30  * in which case the provisions of the GPL or the LGPL are applicable instead
31  * of those above. If you wish to allow use of your version of this file only
32  * under the terms of either the GPL or the LGPL, and not to allow others to
33  * use your version of this file under the terms of the MPL, indicate your
34  * decision by deleting the provisions above and replace them with the notice
35  * and other provisions required by the GPL or the LGPL. If you do not delete
36  * the provisions above, a recipient may use your version of this file under
37  * the terms of any one of the MPL, the GPL or the LGPL.
38  *
39  * ***** END LICENSE BLOCK ***** */
40 /* $Id: sslt.h,v 1.13 2009/11/07 18:23:06 wtc%google.com Exp $ */
41 
42 #ifndef __sslt_h_
43 #define __sslt_h_
44 
45 #include "prtypes.h"
46 
47 typedef struct SSL3StatisticsStr {
48     /* statistics from ssl3_SendClientHello (sch) */
49     long sch_sid_cache_hits;
50     long sch_sid_cache_misses;
51     long sch_sid_cache_not_ok;
52 
53     /* statistics from ssl3_HandleServerHello (hsh) */
54     long hsh_sid_cache_hits;
55     long hsh_sid_cache_misses;
56     long hsh_sid_cache_not_ok;
57 
58     /* statistics from ssl3_HandleClientHello (hch) */
59     long hch_sid_cache_hits;
60     long hch_sid_cache_misses;
61     long hch_sid_cache_not_ok;
62 
63     /* statistics related to stateless resume */
64     long sch_sid_stateless_resumes;
65     long hsh_sid_stateless_resumes;
66     long hch_sid_stateless_resumes;
67     long hch_sid_ticket_parse_failures;
68 } SSL3Statistics;
69 
70 /* Key Exchange algorithm values */
71 typedef enum {
72     ssl_kea_null     = 0,
73     ssl_kea_rsa      = 1,
74     ssl_kea_dh       = 2,
75     ssl_kea_fortezza = 3,       /* deprecated, now unused */
76     ssl_kea_ecdh     = 4,
77     ssl_kea_size		/* number of ssl_kea_ algorithms */
78 } SSLKEAType;
79 
80 /* The following defines are for backwards compatibility.
81 ** They will be removed in a forthcoming release to reduce namespace pollution.
82 ** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
83 ** soon.
84 */
85 #define kt_null   	ssl_kea_null
86 #define kt_rsa   	ssl_kea_rsa
87 #define kt_dh   	ssl_kea_dh
88 #define kt_fortezza	ssl_kea_fortezza       /* deprecated, now unused */
89 #define kt_ecdh   	ssl_kea_ecdh
90 #define kt_kea_size	ssl_kea_size
91 
92 typedef enum {
93     ssl_sign_null   = 0,
94     ssl_sign_rsa    = 1,
95     ssl_sign_dsa    = 2,
96     ssl_sign_ecdsa  = 3
97 } SSLSignType;
98 
99 typedef enum {
100     ssl_auth_null   = 0,
101     ssl_auth_rsa    = 1,
102     ssl_auth_dsa    = 2,
103     ssl_auth_kea    = 3,
104     ssl_auth_ecdsa  = 4
105 } SSLAuthType;
106 
107 typedef enum {
108     ssl_calg_null     = 0,
109     ssl_calg_rc4      = 1,
110     ssl_calg_rc2      = 2,
111     ssl_calg_des      = 3,
112     ssl_calg_3des     = 4,
113     ssl_calg_idea     = 5,
114     ssl_calg_fortezza = 6,      /* deprecated, now unused */
115     ssl_calg_aes      = 7,      /* coming soon */
116     ssl_calg_camellia = 8,
117     ssl_calg_seed     = 9
118 } SSLCipherAlgorithm;
119 
120 typedef enum {
121     ssl_mac_null      = 0,
122     ssl_mac_md5       = 1,
123     ssl_mac_sha       = 2,
124     ssl_hmac_md5      = 3, 	/* TLS HMAC version of mac_md5 */
125     ssl_hmac_sha      = 4 	/* TLS HMAC version of mac_sha */
126 } SSLMACAlgorithm;
127 
128 typedef enum {
129     ssl_compression_null = 0,
130     ssl_compression_deflate = 1  /* RFC 3749 */
131 } SSLCompressionMethod;
132 
133 typedef struct SSLChannelInfoStr {
134     PRUint32             length;
135     PRUint16             protocolVersion;
136     PRUint16             cipherSuite;
137 
138     /* server authentication info */
139     PRUint32             authKeyBits;
140 
141     /* key exchange algorithm info */
142     PRUint32             keaKeyBits;
143 
144     /* session info */
145     PRUint32             creationTime;		/* seconds since Jan 1, 1970 */
146     PRUint32             lastAccessTime;	/* seconds since Jan 1, 1970 */
147     PRUint32             expirationTime;	/* seconds since Jan 1, 1970 */
148     PRUint32             sessionIDLength;	/* up to 32 */
149     PRUint8              sessionID    [32];
150 
151     /* The following fields are added in NSS 3.12.5. */
152 
153     /* compression method info */
154     const char *         compressionMethodName;
155     SSLCompressionMethod compressionMethod;
156 } SSLChannelInfo;
157 
158 typedef struct SSLCipherSuiteInfoStr {
159     PRUint16             length;
160     PRUint16             cipherSuite;
161 
162     /* Cipher Suite Name */
163     const char *         cipherSuiteName;
164 
165     /* server authentication info */
166     const char *         authAlgorithmName;
167     SSLAuthType          authAlgorithm;
168 
169     /* key exchange algorithm info */
170     const char *         keaTypeName;
171     SSLKEAType           keaType;
172 
173     /* symmetric encryption info */
174     const char *         symCipherName;
175     SSLCipherAlgorithm   symCipher;
176     PRUint16             symKeyBits;
177     PRUint16             symKeySpace;
178     PRUint16             effectiveKeyBits;
179 
180     /* MAC info */
181     const char *         macAlgorithmName;
182     SSLMACAlgorithm      macAlgorithm;
183     PRUint16             macBits;
184 
185     PRUintn              isFIPS       : 1;
186     PRUintn              isExportable : 1;
187     PRUintn              nonStandard  : 1;
188     PRUintn              reservedBits :29;
189 
190 } SSLCipherSuiteInfo;
191 
192 #endif /* __sslt_h_ */
193