Back to index

lightning-sunbird  0.9+nobinonly
ssl3prot.h
Go to the documentation of this file.
00001 /* Private header file of libSSL.
00002  * Various and sundry protocol constants. DON'T CHANGE THESE. These
00003  * values are defined by the SSL 3.0 protocol specification.
00004  *
00005  * ***** BEGIN LICENSE BLOCK *****
00006  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00007  *
00008  * The contents of this file are subject to the Mozilla Public License Version
00009  * 1.1 (the "License"); you may not use this file except in compliance with
00010  * the License. You may obtain a copy of the License at
00011  * http://www.mozilla.org/MPL/
00012  *
00013  * Software distributed under the License is distributed on an "AS IS" basis,
00014  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00015  * for the specific language governing rights and limitations under the
00016  * License.
00017  *
00018  * The Original Code is the Netscape security libraries.
00019  *
00020  * The Initial Developer of the Original Code is
00021  * Netscape Communications Corporation.
00022  * Portions created by the Initial Developer are Copyright (C) 1994-2000
00023  * the Initial Developer. All Rights Reserved.
00024  *
00025  * Contributor(s):
00026  *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
00027  *
00028  * Alternatively, the contents of this file may be used under the terms of
00029  * either the GNU General Public License Version 2 or later (the "GPL"), or
00030  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00031  * in which case the provisions of the GPL or the LGPL are applicable instead
00032  * of those above. If you wish to allow use of your version of this file only
00033  * under the terms of either the GPL or the LGPL, and not to allow others to
00034  * use your version of this file under the terms of the MPL, indicate your
00035  * decision by deleting the provisions above and replace them with the notice
00036  * and other provisions required by the GPL or the LGPL. If you do not delete
00037  * the provisions above, a recipient may use your version of this file under
00038  * the terms of any one of the MPL, the GPL or the LGPL.
00039  *
00040  * ***** END LICENSE BLOCK ***** */
00041 /* $Id: ssl3prot.h,v 1.10.2.2 2006/04/13 07:41:16 nelson%bolyard.com Exp $ */
00042 
00043 #ifndef __ssl3proto_h_
00044 #define __ssl3proto_h_
00045 
00046 typedef uint8 SSL3Opaque;
00047 
00048 typedef uint16 SSL3ProtocolVersion;
00049 /* version numbers are defined in sslproto.h */
00050 
00051 typedef uint16 ssl3CipherSuite;
00052 /* The cipher suites are defined in sslproto.h */
00053 
00054 #define MAX_CERT_TYPES                    10
00055 #define MAX_COMPRESSION_METHODS           10
00056 #define MAX_MAC_LENGTH                    64
00057 #define MAX_PADDING_LENGTH         64
00058 #define MAX_KEY_LENGTH                    64
00059 #define EXPORT_KEY_LENGTH           5
00060 #define SSL3_RANDOM_LENGTH         32
00061 
00062 #define SSL3_RECORD_HEADER_LENGTH   5
00063 
00064 #define MAX_FRAGMENT_LENGTH        16384
00065      
00066 typedef enum {
00067     content_change_cipher_spec = 20, 
00068     content_alert              = 21,
00069     content_handshake          = 22, 
00070     content_application_data   = 23
00071 } SSL3ContentType;
00072 
00073 typedef struct {
00074     SSL3ContentType     type;
00075     SSL3ProtocolVersion version;
00076     uint16              length;
00077     SECItem             fragment;
00078 } SSL3Plaintext;
00079 
00080 typedef struct {
00081     SSL3ContentType     type;
00082     SSL3ProtocolVersion version;
00083     uint16              length;
00084     SECItem             fragment;
00085 } SSL3Compressed;
00086 
00087 typedef struct {
00088     SECItem    content;
00089     SSL3Opaque MAC[MAX_MAC_LENGTH];
00090 } SSL3GenericStreamCipher;
00091 
00092 typedef struct {
00093     SECItem    content;
00094     SSL3Opaque MAC[MAX_MAC_LENGTH];
00095     uint8      padding[MAX_PADDING_LENGTH];
00096     uint8      padding_length;
00097 } SSL3GenericBlockCipher;
00098 
00099 typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
00100 
00101 typedef struct {
00102     SSL3ChangeCipherSpecChoice choice;
00103 } SSL3ChangeCipherSpec;
00104 
00105 typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
00106 
00107 typedef enum {
00108     close_notify            = 0,
00109     unexpected_message      = 10,
00110     bad_record_mac          = 20,
00111     decryption_failed       = 21,  /* TLS only */
00112     record_overflow         = 22,  /* TLS only */
00113     decompression_failure   = 30,
00114     handshake_failure       = 40,
00115     no_certificate          = 41,  /* SSL3 only, NOT TLS */
00116     bad_certificate         = 42,
00117     unsupported_certificate = 43,
00118     certificate_revoked     = 44,
00119     certificate_expired     = 45,
00120     certificate_unknown     = 46,
00121     illegal_parameter       = 47,
00122 
00123 /* All alerts below are TLS only. */
00124     unknown_ca              = 48,
00125     access_denied           = 49,
00126     decode_error            = 50,
00127     decrypt_error           = 51,
00128     export_restriction      = 60,
00129     protocol_version        = 70,
00130     insufficient_security   = 71,
00131     internal_error          = 80,
00132     user_canceled           = 90,
00133     no_renegotiation        = 100,
00134 
00135 /* Alerts for client hello extensions */
00136     unsupported_extension           = 110,
00137     certificate_unobtainable        = 111,
00138     unrecognized_name               = 112,
00139     bad_certificate_status_response = 113,
00140     bad_certificate_hash_value      = 114
00141 
00142 } SSL3AlertDescription;
00143 
00144 typedef struct {
00145     SSL3AlertLevel       level;
00146     SSL3AlertDescription description;
00147 } SSL3Alert;
00148 
00149 typedef enum {
00150     hello_request    = 0, 
00151     client_hello     = 1, 
00152     server_hello     = 2,
00153     certificate      = 11, 
00154     server_key_exchange = 12,
00155     certificate_request     = 13, 
00156     server_hello_done       = 14,
00157     certificate_verify      = 15, 
00158     client_key_exchange     = 16, 
00159     finished         = 20
00160 } SSL3HandshakeType;
00161 
00162 typedef struct {
00163     uint8 empty;
00164 } SSL3HelloRequest;
00165      
00166 typedef struct {
00167     SSL3Opaque rand[SSL3_RANDOM_LENGTH];
00168 } SSL3Random;
00169      
00170 typedef struct {
00171     SSL3Opaque id[32];
00172     uint8 length;
00173 } SSL3SessionID;
00174      
00175 typedef enum { compression_null = 0 } SSL3CompressionMethod;
00176      
00177 typedef struct {
00178     SSL3ProtocolVersion   client_version;
00179     SSL3Random            random;
00180     SSL3SessionID         session_id;
00181     SECItem               cipher_suites;
00182     uint8                 cm_count;
00183     SSL3CompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
00184 } SSL3ClientHello;
00185      
00186 typedef struct  {
00187     SSL3ProtocolVersion   server_version;
00188     SSL3Random            random;
00189     SSL3SessionID         session_id;
00190     ssl3CipherSuite       cipher_suite;
00191     SSL3CompressionMethod compression_method;
00192 } SSL3ServerHello;
00193      
00194 typedef struct {
00195     SECItem list;
00196 } SSL3Certificate;
00197 
00198 /* SSL3SignType moved to ssl.h */
00199 
00200 /* The SSL key exchange method used */     
00201 typedef enum {
00202     kea_null, 
00203     kea_rsa, 
00204     kea_rsa_export,
00205     kea_rsa_export_1024,
00206     kea_dh_dss, 
00207     kea_dh_dss_export, 
00208     kea_dh_rsa, 
00209     kea_dh_rsa_export,
00210     kea_dhe_dss, 
00211     kea_dhe_dss_export, 
00212     kea_dhe_rsa, 
00213     kea_dhe_rsa_export,
00214     kea_dh_anon, 
00215     kea_dh_anon_export, 
00216     kea_rsa_fips,
00217     kea_ecdh_ecdsa,
00218     kea_ecdhe_ecdsa,
00219     kea_ecdh_rsa,
00220     kea_ecdhe_rsa,
00221     kea_ecdh_anon
00222 } SSL3KeyExchangeAlgorithm;
00223      
00224 typedef struct {
00225     SECItem modulus;
00226     SECItem exponent;
00227 } SSL3ServerRSAParams;
00228 
00229 typedef struct {
00230     SECItem p;
00231     SECItem g;
00232     SECItem Ys;
00233 } SSL3ServerDHParams;
00234 
00235 typedef struct {
00236     union {
00237        SSL3ServerDHParams dh;
00238        SSL3ServerRSAParams rsa;
00239     } u;
00240 } SSL3ServerParams;
00241 
00242 typedef struct {
00243     uint8 md5[16];
00244     uint8 sha[20];
00245 } SSL3Hashes;
00246      
00247 typedef struct {
00248     union {
00249        SSL3Opaque anonymous;
00250        SSL3Hashes certified;
00251     } u;
00252 } SSL3ServerKeyExchange;
00253      
00254 typedef enum {
00255     ct_RSA_sign      =  1, 
00256     ct_DSS_sign      =  2, 
00257     ct_RSA_fixed_DH  =  3,
00258     ct_DSS_fixed_DH  =  4, 
00259     ct_RSA_ephemeral_DH =  5, 
00260     ct_DSS_ephemeral_DH =  6,
00261     ct_ECDSA_sign    =  64, 
00262     ct_RSA_fixed_ECDH       =  65, 
00263     ct_ECDSA_fixed_ECDH     =  66 
00264 
00265 } SSL3ClientCertificateType;
00266      
00267 typedef SECItem *SSL3DistinquishedName;
00268 
00269 typedef struct {
00270     SSL3Opaque client_version[2];
00271     SSL3Opaque random[46];
00272 } SSL3RSAPreMasterSecret;
00273      
00274 typedef SECItem SSL3EncryptedPreMasterSecret;
00275 
00276 
00277 typedef SSL3Opaque SSL3MasterSecret[48];
00278 
00279 typedef enum { implicit, explicit } SSL3PublicValueEncoding;
00280      
00281 typedef struct {
00282     union {
00283        SSL3Opaque implicit;
00284        SECItem    explicit;
00285     } dh_public;
00286 } SSL3ClientDiffieHellmanPublic;
00287      
00288 typedef struct {
00289     union {
00290        SSL3EncryptedPreMasterSecret  rsa;
00291        SSL3ClientDiffieHellmanPublic diffie_helman;
00292     } exchange_keys;
00293 } SSL3ClientKeyExchange;
00294 
00295 typedef SSL3Hashes SSL3PreSignedCertificateVerify;
00296 
00297 typedef SECItem SSL3CertificateVerify;
00298 
00299 typedef enum {
00300     sender_client = 0x434c4e54,
00301     sender_server = 0x53525652
00302 } SSL3Sender;
00303 
00304 typedef SSL3Hashes SSL3Finished;   
00305 
00306 typedef struct {
00307     SSL3Opaque verify_data[12];
00308 } TLSFinished;
00309 
00310 #endif /* __ssl3proto_h_ */