sslt.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd 
1/*
2 * This file contains prototypes for the public SSL functions.
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7/* $Id: sslt.h,v 1.23 2012/06/07 02:06:19 wtc%google.com Exp $ */
8
9#ifndef __sslt_h_
10#define __sslt_h_
11
12#include "prtypes.h"
13
14typedef struct SSL3StatisticsStr {
15    /* statistics from ssl3_SendClientHello (sch) */
16    long sch_sid_cache_hits;
17    long sch_sid_cache_misses;
18    long sch_sid_cache_not_ok;
19
20    /* statistics from ssl3_HandleServerHello (hsh) */
21    long hsh_sid_cache_hits;
22    long hsh_sid_cache_misses;
23    long hsh_sid_cache_not_ok;
24
25    /* statistics from ssl3_HandleClientHello (hch) */
26    long hch_sid_cache_hits;
27    long hch_sid_cache_misses;
28    long hch_sid_cache_not_ok;
29
30    /* statistics related to stateless resume */
31    long sch_sid_stateless_resumes;
32    long hsh_sid_stateless_resumes;
33    long hch_sid_stateless_resumes;
34    long hch_sid_ticket_parse_failures;
35} SSL3Statistics;
36
37/* Key Exchange algorithm values */
38typedef enum {
39    ssl_kea_null     = 0,
40    ssl_kea_rsa      = 1,
41    ssl_kea_dh       = 2,
42    ssl_kea_fortezza = 3,       /* deprecated, now unused */
43    ssl_kea_ecdh     = 4,
44    ssl_kea_size		/* number of ssl_kea_ algorithms */
45} SSLKEAType;
46
47/* The following defines are for backwards compatibility.
48** They will be removed in a forthcoming release to reduce namespace pollution.
49** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
50** soon.
51*/
52#define kt_null   	ssl_kea_null
53#define kt_rsa   	ssl_kea_rsa
54#define kt_dh   	ssl_kea_dh
55#define kt_fortezza	ssl_kea_fortezza       /* deprecated, now unused */
56#define kt_ecdh   	ssl_kea_ecdh
57#define kt_kea_size	ssl_kea_size
58
59typedef enum {
60    ssl_sign_null   = 0,
61    ssl_sign_rsa    = 1,
62    ssl_sign_dsa    = 2,
63    ssl_sign_ecdsa  = 3
64} SSLSignType;
65
66typedef enum {
67    ssl_auth_null   = 0,
68    ssl_auth_rsa    = 1,
69    ssl_auth_dsa    = 2,
70    ssl_auth_kea    = 3,
71    ssl_auth_ecdsa  = 4
72} SSLAuthType;
73
74typedef enum {
75    ssl_calg_null     = 0,
76    ssl_calg_rc4      = 1,
77    ssl_calg_rc2      = 2,
78    ssl_calg_des      = 3,
79    ssl_calg_3des     = 4,
80    ssl_calg_idea     = 5,
81    ssl_calg_fortezza = 6,      /* deprecated, now unused */
82    ssl_calg_aes      = 7,      /* coming soon */
83    ssl_calg_camellia = 8,
84    ssl_calg_seed     = 9
85} SSLCipherAlgorithm;
86
87typedef enum {
88    ssl_mac_null      = 0,
89    ssl_mac_md5       = 1,
90    ssl_mac_sha       = 2,
91    ssl_hmac_md5      = 3, 	/* TLS HMAC version of mac_md5 */
92    ssl_hmac_sha      = 4 	/* TLS HMAC version of mac_sha */
93} SSLMACAlgorithm;
94
95typedef enum {
96    ssl_compression_null = 0,
97    ssl_compression_deflate = 1  /* RFC 3749 */
98} SSLCompressionMethod;
99
100typedef struct SSLChannelInfoStr {
101    PRUint32             length;
102    PRUint16             protocolVersion;
103    PRUint16             cipherSuite;
104
105    /* server authentication info */
106    PRUint32             authKeyBits;
107
108    /* key exchange algorithm info */
109    PRUint32             keaKeyBits;
110
111    /* session info */
112    PRUint32             creationTime;		/* seconds since Jan 1, 1970 */
113    PRUint32             lastAccessTime;	/* seconds since Jan 1, 1970 */
114    PRUint32             expirationTime;	/* seconds since Jan 1, 1970 */
115    PRUint32             sessionIDLength;	/* up to 32 */
116    PRUint8              sessionID    [32];
117
118    /* The following fields are added in NSS 3.12.5. */
119
120    /* compression method info */
121    const char *         compressionMethodName;
122    SSLCompressionMethod compressionMethod;
123} SSLChannelInfo;
124
125typedef struct SSLCipherSuiteInfoStr {
126    PRUint16             length;
127    PRUint16             cipherSuite;
128
129    /* Cipher Suite Name */
130    const char *         cipherSuiteName;
131
132    /* server authentication info */
133    const char *         authAlgorithmName;
134    SSLAuthType          authAlgorithm;
135
136    /* key exchange algorithm info */
137    const char *         keaTypeName;
138    SSLKEAType           keaType;
139
140    /* symmetric encryption info */
141    const char *         symCipherName;
142    SSLCipherAlgorithm   symCipher;
143    PRUint16             symKeyBits;
144    PRUint16             symKeySpace;
145    PRUint16             effectiveKeyBits;
146
147    /* MAC info */
148    const char *         macAlgorithmName;
149    SSLMACAlgorithm      macAlgorithm;
150    PRUint16             macBits;
151
152    PRUintn              isFIPS       : 1;
153    PRUintn              isExportable : 1;
154    PRUintn              nonStandard  : 1;
155    PRUintn              reservedBits :29;
156
157} SSLCipherSuiteInfo;
158
159typedef enum {
160    ssl_variant_stream = 0,
161    ssl_variant_datagram = 1
162} SSLProtocolVariant;
163
164typedef struct SSLVersionRangeStr {
165    PRUint16 min;
166    PRUint16 max;
167} SSLVersionRange;
168
169typedef enum {
170    SSL_sni_host_name                    = 0,
171    SSL_sni_type_total
172} SSLSniNameType;
173
174/* Supported extensions. */
175/* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */
176typedef enum {
177    ssl_server_name_xtn              = 0,
178    ssl_cert_status_xtn              = 5,
179#ifdef NSS_ENABLE_ECC
180    ssl_elliptic_curves_xtn          = 10,
181    ssl_ec_point_formats_xtn         = 11,
182#endif
183    ssl_use_srtp_xtn                 = 14,
184    ssl_session_ticket_xtn           = 35,
185    ssl_next_proto_nego_xtn          = 13172,
186    ssl_channel_id_xtn               = 30031,
187    ssl_renegotiation_info_xtn       = 0xff01	/* experimental number */
188} SSLExtensionType;
189
190#define SSL_MAX_EXTENSIONS             9
191
192#endif /* __sslt_h_ */
193