15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * Various and sundry protocol constants. DON'T CHANGE THESE. These values 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * are mostly defined by the SSL2, SSL3, or TLS protocol specifications. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * Cipher kinds and ciphersuites are part of the public API. 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * This Source Code Form is subject to the terms of the Mozilla Public 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * License, v. 2.0. If a copy of the MPL was not distributed with this 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef __sslproto_h_ 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define __sslproto_h_ 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* All versions less than 3_0 are treated as SSL version 2 */ 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_2 0x0002 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_3_0 0x0300 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_TLS_1_0 0x0301 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_TLS_1_1 0x0302 18868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define SSL_LIBRARY_VERSION_TLS_1_2 0x0303 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Note: this is the internal format, not the wire format */ 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_DTLS_1_0 0x0302 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* deprecated old name */ 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_3_1_TLS SSL_LIBRARY_VERSION_TLS_1_0 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* The DTLS version used in the spec */ 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_LIBRARY_VERSION_DTLS_1_0_WIRE ((~0x0100) & 0xffff) 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Header lengths of some of the messages */ 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_ERROR_HBYTES 3 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_CLIENT_HELLO_HBYTES 9 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_CLIENT_MASTER_KEY_HBYTES 10 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_CLIENT_FINISHED_HBYTES 1 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_SERVER_HELLO_HBYTES 11 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_SERVER_VERIFY_HBYTES 1 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_SERVER_FINISHED_HBYTES 1 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_REQUEST_CERTIFICATE_HBYTES 2 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_HL_CLIENT_CERTIFICATE_HBYTES 6 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Security handshake protocol codes */ 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_ERROR 0 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_CLIENT_HELLO 1 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_CLIENT_MASTER_KEY 2 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_CLIENT_FINISHED 3 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_SERVER_HELLO 4 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_SERVER_VERIFY 5 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_SERVER_FINISHED 6 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_REQUEST_CERTIFICATE 7 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_MT_CLIENT_CERTIFICATE 8 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Certificate types */ 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CT_X509_CERTIFICATE 0x01 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if 0 /* XXX Not implemented yet */ 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_PKCS6_CERTIFICATE 0x02 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_AT_MD5_WITH_RSA_ENCRYPTION 0x01 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Error codes */ 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_PE_NO_CYPHERS 0x0001 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_PE_NO_CERTIFICATE 0x0002 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_PE_BAD_CERTIFICATE 0x0004 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Cypher kinds (not the spec version!) */ 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_RC4_128_WITH_MD5 0x01 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_RC4_128_EXPORT40_WITH_MD5 0x02 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_RC2_128_CBC_WITH_MD5 0x03 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x04 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_IDEA_128_CBC_WITH_MD5 0x05 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_DES_64_CBC_WITH_MD5 0x06 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 0x07 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Cipher enables. These are used only for SSL_EnableCipher 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * These values define the SSL2 suites, and do not colide with the 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * SSL3 Cipher suites defined below. 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) */ 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_RC4_128_WITH_MD5 0xFF01 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_RC4_128_EXPORT40_WITH_MD5 0xFF02 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_RC2_128_CBC_WITH_MD5 0xFF03 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 0xFF04 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_IDEA_128_CBC_WITH_MD5 0xFF05 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_DES_64_CBC_WITH_MD5 0xFF06 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5 0xFF07 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* SSL v3 Cipher Suites */ 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_NULL_WITH_NULL_NULL 0x0000 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_NULL_MD5 0x0001 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_NULL_SHA 0x0002 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_EXPORT_WITH_RC4_40_MD5 0x0003 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_RC4_128_MD5 0x0004 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_RC4_128_SHA 0x0005 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_IDEA_CBC_SHA 0x0007 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_DES_CBC_SHA 0x0009 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000a 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000b 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_DSS_WITH_DES_CBC_SHA 0x000c 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000d 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000e 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_RSA_WITH_DES_CBC_SHA 0x000f 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_DSS_WITH_DES_CBC_SHA 0x0012 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_RSA_WITH_DES_CBC_SHA 0x0015 1105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016 1115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5 0x0017 1135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_ANON_WITH_RC4_128_MD5 0x0018 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_ANON_WITH_DES_CBC_SHA 0x001a 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA 0x001b 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_FORTEZZA_DMS_WITH_NULL_SHA 0x001c /* deprecated */ 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA 0x001d /* deprecated */ 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA 0x001e /* deprecated */ 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* New TLS cipher suites */ 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_ANON_WITH_AES_128_CBC_SHA 0x0034 1295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039 1355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_ANON_WITH_AES_256_CBC_SHA 0x003A 136868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_RSA_WITH_NULL_SHA256 0x003B 137868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x003C 138868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x003D 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0041 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0042 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0043 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x0044 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x0045 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA 0x0046 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x0062 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 0x0064 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065 1525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066 153868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x0067 154868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x006B 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0084 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0085 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0086 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x0087 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x0088 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA 0x0089 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_RSA_WITH_SEED_CBC_SHA 0x0096 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1653551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C 1663551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009E 1673551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 0x00A2 1683551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* TLS "Signaling Cipher Suite Value" (SCSV). May be requested by client. 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * Must NEVER be chosen by server. SSL 3.0 server acknowledges by sending 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * back an empty Renegotiation Info (RI) server hello extension. 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) */ 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_EMPTY_RENEGOTIATION_INFO_SCSV 0x00FF 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 175a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)/* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates that a 176a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) * handshake is the result of TLS version fallback. This value is not IANA 177a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) * assigned. */ 178a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#define TLS_FALLBACK_SCSV 0x5600 179a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 1805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Cipher Suite Values starting with 0xC000 are defined in informational 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) * RFCs. 1825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) */ 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 1845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 1855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 1865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_anon_WITH_NULL_SHA 0xC015 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_anon_WITH_RC4_128_SHA 0xC016 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 0xC017 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_anon_WITH_AES_128_CBC_SHA 0xC018 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define TLS_ECDH_anon_WITH_AES_256_CBC_SHA 0xC019 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 213868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 214868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 215868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 2163551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B 2173551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D 2183551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F 2193551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 2203551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 221d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#define TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 0xCC13 222d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#define TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0xCC14 223d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* Netscape "experimental" cipher suites. */ 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* New non-experimental openly spec'ed versions of those cipher suites. */ 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff 2305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe 2315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* DTLS-SRTP cipher suites from RFC 5764 */ 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)/* If you modify this, also modify MAX_DTLS_SRTP_CIPHER_SUITES in sslimpl.h */ 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SRTP_AES128_CM_HMAC_SHA1_80 0x0001 2355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SRTP_AES128_CM_HMAC_SHA1_32 0x0002 2365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SRTP_NULL_HMAC_SHA1_80 0x0005 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SRTP_NULL_HMAC_SHA1_32 0x0006 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif /* __sslproto_h_ */ 240