• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Private header file of libSSL.
2  * Various and sundry protocol constants. DON'T CHANGE THESE. These
3  * values are defined by the SSL 3.0 protocol specification.
4  *
5  * This Source Code Form is subject to the terms of the Mozilla Public
6  * License, v. 2.0. If a copy of the MPL was not distributed with this
7  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 
9 #ifndef __ssl3proto_h_
10 #define __ssl3proto_h_
11 
12 typedef PRUint8 SSL3Opaque;
13 
14 typedef PRUint16 SSL3ProtocolVersion;
15 /* version numbers are defined in sslproto.h */
16 
17 typedef PRUint16 ssl3CipherSuite;
18 /* The cipher suites are defined in sslproto.h */
19 
20 #define MAX_CERT_TYPES			10
21 #define MAX_COMPRESSION_METHODS		10
22 #define MAX_MAC_LENGTH			64
23 #define MAX_PADDING_LENGTH		64
24 #define MAX_KEY_LENGTH			64
25 #define EXPORT_KEY_LENGTH		 5
26 #define SSL3_RANDOM_LENGTH		32
27 
28 #define SSL3_RECORD_HEADER_LENGTH	 5
29 
30 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */
31 #define DTLS_RECORD_HEADER_LENGTH       13
32 
33 #define MAX_FRAGMENT_LENGTH		16384
34 
35 typedef enum {
36     content_change_cipher_spec = 20,
37     content_alert              = 21,
38     content_handshake          = 22,
39     content_application_data   = 23
40 } SSL3ContentType;
41 
42 typedef struct {
43     SSL3ContentType     type;
44     SSL3ProtocolVersion version;
45     PRUint16            length;
46     SECItem             fragment;
47 } SSL3Plaintext;
48 
49 typedef struct {
50     SSL3ContentType     type;
51     SSL3ProtocolVersion version;
52     PRUint16            length;
53     SECItem             fragment;
54 } SSL3Compressed;
55 
56 typedef struct {
57     SECItem    content;
58     SSL3Opaque MAC[MAX_MAC_LENGTH];
59 } SSL3GenericStreamCipher;
60 
61 typedef struct {
62     SECItem    content;
63     SSL3Opaque MAC[MAX_MAC_LENGTH];
64     PRUint8    padding[MAX_PADDING_LENGTH];
65     PRUint8    padding_length;
66 } SSL3GenericBlockCipher;
67 
68 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
69 
70 typedef struct {
71     SSL3ChangeCipherSpecChoice choice;
72 } SSL3ChangeCipherSpec;
73 
74 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
75 
76 typedef enum {
77     close_notify            = 0,
78     unexpected_message      = 10,
79     bad_record_mac          = 20,
80     decryption_failed_RESERVED = 21,	/* do not send; see RFC 5246 */
81     record_overflow         = 22,	/* TLS only */
82     decompression_failure   = 30,
83     handshake_failure       = 40,
84     no_certificate          = 41,	/* SSL3 only, NOT TLS */
85     bad_certificate         = 42,
86     unsupported_certificate = 43,
87     certificate_revoked     = 44,
88     certificate_expired     = 45,
89     certificate_unknown     = 46,
90     illegal_parameter       = 47,
91 
92 /* All alerts below are TLS only. */
93     unknown_ca              = 48,
94     access_denied           = 49,
95     decode_error            = 50,
96     decrypt_error           = 51,
97     export_restriction      = 60,
98     protocol_version        = 70,
99     insufficient_security   = 71,
100     internal_error          = 80,
101     inappropriate_fallback  = 86,	/* could also be sent for SSLv3 */
102     user_canceled           = 90,
103     no_renegotiation        = 100,
104 
105 /* Alerts for client hello extensions */
106     unsupported_extension           = 110,
107     certificate_unobtainable        = 111,
108     unrecognized_name               = 112,
109     bad_certificate_status_response = 113,
110     bad_certificate_hash_value      = 114
111 
112 } SSL3AlertDescription;
113 
114 typedef struct {
115     SSL3AlertLevel       level;
116     SSL3AlertDescription description;
117 } SSL3Alert;
118 
119 typedef enum {
120     hello_request	= 0,
121     client_hello	= 1,
122     server_hello	= 2,
123     hello_verify_request = 3,
124     new_session_ticket	= 4,
125     certificate 	= 11,
126     server_key_exchange = 12,
127     certificate_request	= 13,
128     server_hello_done	= 14,
129     certificate_verify	= 15,
130     client_key_exchange	= 16,
131     finished		= 20,
132     certificate_status  = 22,
133     next_proto		= 67,
134     encrypted_extensions= 203
135 } SSL3HandshakeType;
136 
137 typedef struct {
138     PRUint8 empty;
139 } SSL3HelloRequest;
140 
141 typedef struct {
142     SSL3Opaque rand[SSL3_RANDOM_LENGTH];
143 } SSL3Random;
144 
145 typedef struct {
146     SSL3Opaque id[32];
147     PRUint8 length;
148 } SSL3SessionID;
149 
150 typedef struct {
151     SSL3ProtocolVersion   client_version;
152     SSL3Random            random;
153     SSL3SessionID         session_id;
154     SECItem               cipher_suites;
155     PRUint8                 cm_count;
156     SSLCompressionMethod  compression_methods[MAX_COMPRESSION_METHODS];
157 } SSL3ClientHello;
158 
159 typedef struct  {
160     SSL3ProtocolVersion   server_version;
161     SSL3Random            random;
162     SSL3SessionID         session_id;
163     ssl3CipherSuite       cipher_suite;
164     SSLCompressionMethod  compression_method;
165 } SSL3ServerHello;
166 
167 typedef struct {
168     SECItem list;
169 } SSL3Certificate;
170 
171 /* SSL3SignType moved to ssl.h */
172 
173 /* The SSL key exchange method used */
174 typedef enum {
175     kea_null,
176     kea_rsa,
177     kea_rsa_export,
178     kea_rsa_export_1024,
179     kea_dh_dss,
180     kea_dh_dss_export,
181     kea_dh_rsa,
182     kea_dh_rsa_export,
183     kea_dhe_dss,
184     kea_dhe_dss_export,
185     kea_dhe_rsa,
186     kea_dhe_rsa_export,
187     kea_dh_anon,
188     kea_dh_anon_export,
189     kea_rsa_fips,
190     kea_ecdh_ecdsa,
191     kea_ecdhe_ecdsa,
192     kea_ecdh_rsa,
193     kea_ecdhe_rsa,
194     kea_ecdh_anon
195 } SSL3KeyExchangeAlgorithm;
196 
197 typedef struct {
198     SECItem modulus;
199     SECItem exponent;
200 } SSL3ServerRSAParams;
201 
202 typedef struct {
203     SECItem p;
204     SECItem g;
205     SECItem Ys;
206 } SSL3ServerDHParams;
207 
208 typedef struct {
209     union {
210 	SSL3ServerDHParams dh;
211 	SSL3ServerRSAParams rsa;
212     } u;
213 } SSL3ServerParams;
214 
215 /* This enum reflects HashAlgorithm enum from
216  * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
217  *
218  * When updating, be sure to also update ssl3_TLSHashAlgorithmToOID. */
219 enum {
220     tls_hash_md5 = 1,
221     tls_hash_sha1 = 2,
222     tls_hash_sha224 = 3,
223     tls_hash_sha256 = 4,
224     tls_hash_sha384 = 5,
225     tls_hash_sha512 = 6
226 };
227 
228 /* This enum reflects SignatureAlgorithm enum from
229  * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 */
230 typedef enum {
231     tls_sig_rsa = 1,
232     tls_sig_dsa = 2,
233     tls_sig_ecdsa = 3
234 } TLSSignatureAlgorithm;
235 
236 typedef struct {
237     SECOidTag hashAlg;
238     TLSSignatureAlgorithm sigAlg;
239 } SSL3SignatureAndHashAlgorithm;
240 
241 /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS
242  * prior to 1.2. */
243 typedef struct {
244     PRUint8 md5[16];
245     PRUint8 sha[20];
246 } SSL3HashesIndividually;
247 
248 /* SSL3Hashes contains an SSL hash value. The digest is contained in |u.raw|
249  * which, if |hashAlg==SEC_OID_UNKNOWN| is also a SSL3HashesIndividually
250  * struct. */
251 typedef struct {
252     unsigned int len;
253     SECOidTag hashAlg;
254     union {
255 	PRUint8 raw[64];
256 	SSL3HashesIndividually s;
257     } u;
258 } SSL3Hashes;
259 
260 typedef struct {
261     union {
262 	SSL3Opaque anonymous;
263 	SSL3Hashes certified;
264     } u;
265 } SSL3ServerKeyExchange;
266 
267 typedef enum {
268     ct_RSA_sign 	=  1,
269     ct_DSS_sign 	=  2,
270     ct_RSA_fixed_DH 	=  3,
271     ct_DSS_fixed_DH 	=  4,
272     ct_RSA_ephemeral_DH =  5,
273     ct_DSS_ephemeral_DH =  6,
274     ct_ECDSA_sign	=  64,
275     ct_RSA_fixed_ECDH	=  65,
276     ct_ECDSA_fixed_ECDH	=  66
277 
278 } SSL3ClientCertificateType;
279 
280 typedef SECItem *SSL3DistinquishedName;
281 
282 typedef struct {
283     SSL3Opaque client_version[2];
284     SSL3Opaque random[46];
285 } SSL3RSAPreMasterSecret;
286 
287 typedef SECItem SSL3EncryptedPreMasterSecret;
288 
289 
290 typedef SSL3Opaque SSL3MasterSecret[48];
291 
292 typedef enum { implicit, explicit } SSL3PublicValueEncoding;
293 
294 typedef struct {
295     union {
296 	SSL3Opaque implicit;
297 	SECItem    explicit;
298     } dh_public;
299 } SSL3ClientDiffieHellmanPublic;
300 
301 typedef struct {
302     union {
303 	SSL3EncryptedPreMasterSecret  rsa;
304 	SSL3ClientDiffieHellmanPublic diffie_helman;
305     } exchange_keys;
306 } SSL3ClientKeyExchange;
307 
308 typedef SSL3Hashes SSL3PreSignedCertificateVerify;
309 
310 typedef SECItem SSL3CertificateVerify;
311 
312 typedef enum {
313     sender_client = 0x434c4e54,
314     sender_server = 0x53525652
315 } SSL3Sender;
316 
317 typedef SSL3HashesIndividually SSL3Finished;
318 
319 typedef struct {
320     SSL3Opaque verify_data[12];
321 } TLSFinished;
322 
323 /*
324  * TLS extension related data structures and constants.
325  */
326 
327 /* SessionTicket extension related data structures. */
328 
329 /* NewSessionTicket handshake message. */
330 typedef struct {
331     PRUint32 received_timestamp;
332     PRUint32 ticket_lifetime_hint;
333     SECItem  ticket;
334 } NewSessionTicket;
335 
336 typedef enum {
337     CLIENT_AUTH_ANONYMOUS   = 0,
338     CLIENT_AUTH_CERTIFICATE = 1
339 } ClientAuthenticationType;
340 
341 typedef struct {
342     ClientAuthenticationType client_auth_type;
343     union {
344 	SSL3Opaque *certificate_list;
345     } identity;
346 } ClientIdentity;
347 
348 #define SESS_TICKET_KEY_NAME_LEN       16
349 #define SESS_TICKET_KEY_NAME_PREFIX    "NSS!"
350 #define SESS_TICKET_KEY_NAME_PREFIX_LEN 4
351 #define SESS_TICKET_KEY_VAR_NAME_LEN   12
352 
353 typedef struct {
354     unsigned char *key_name;
355     unsigned char *iv;
356     SECItem encrypted_state;
357     unsigned char *mac;
358 } EncryptedSessionTicket;
359 
360 #define TLS_EX_SESS_TICKET_MAC_LENGTH       32
361 
362 #define TLS_STE_NO_SERVER_NAME        -1
363 
364 #endif /* __ssl3proto_h_ */
365