sslt.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1/* 2 * This file contains prototypes for the public SSL functions. 3 * 4 * This Source Code Form is subject to the terms of the Mozilla Public 5 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 7/* $Id: sslt.h,v 1.23 2012/06/07 02:06:19 wtc%google.com Exp $ */ 8 9#ifndef __sslt_h_ 10#define __sslt_h_ 11 12#include "prtypes.h" 13 14typedef struct SSL3StatisticsStr { 15 /* statistics from ssl3_SendClientHello (sch) */ 16 long sch_sid_cache_hits; 17 long sch_sid_cache_misses; 18 long sch_sid_cache_not_ok; 19 20 /* statistics from ssl3_HandleServerHello (hsh) */ 21 long hsh_sid_cache_hits; 22 long hsh_sid_cache_misses; 23 long hsh_sid_cache_not_ok; 24 25 /* statistics from ssl3_HandleClientHello (hch) */ 26 long hch_sid_cache_hits; 27 long hch_sid_cache_misses; 28 long hch_sid_cache_not_ok; 29 30 /* statistics related to stateless resume */ 31 long sch_sid_stateless_resumes; 32 long hsh_sid_stateless_resumes; 33 long hch_sid_stateless_resumes; 34 long hch_sid_ticket_parse_failures; 35} SSL3Statistics; 36 37/* Key Exchange algorithm values */ 38typedef enum { 39 ssl_kea_null = 0, 40 ssl_kea_rsa = 1, 41 ssl_kea_dh = 2, 42 ssl_kea_fortezza = 3, /* deprecated, now unused */ 43 ssl_kea_ecdh = 4, 44 ssl_kea_size /* number of ssl_kea_ algorithms */ 45} SSLKEAType; 46 47/* The following defines are for backwards compatibility. 48** They will be removed in a forthcoming release to reduce namespace pollution. 49** programs that use the kt_ symbols should convert to the ssl_kt_ symbols 50** soon. 51*/ 52#define kt_null ssl_kea_null 53#define kt_rsa ssl_kea_rsa 54#define kt_dh ssl_kea_dh 55#define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ 56#define kt_ecdh ssl_kea_ecdh 57#define kt_kea_size ssl_kea_size 58 59typedef enum { 60 ssl_sign_null = 0, 61 ssl_sign_rsa = 1, 62 ssl_sign_dsa = 2, 63 ssl_sign_ecdsa = 3 64} SSLSignType; 65 66typedef enum { 67 ssl_auth_null = 0, 68 ssl_auth_rsa = 1, 69 ssl_auth_dsa = 2, 70 ssl_auth_kea = 3, 71 ssl_auth_ecdsa = 4 72} SSLAuthType; 73 74typedef enum { 75 ssl_calg_null = 0, 76 ssl_calg_rc4 = 1, 77 ssl_calg_rc2 = 2, 78 ssl_calg_des = 3, 79 ssl_calg_3des = 4, 80 ssl_calg_idea = 5, 81 ssl_calg_fortezza = 6, /* deprecated, now unused */ 82 ssl_calg_aes = 7, /* coming soon */ 83 ssl_calg_camellia = 8, 84 ssl_calg_seed = 9 85} SSLCipherAlgorithm; 86 87typedef enum { 88 ssl_mac_null = 0, 89 ssl_mac_md5 = 1, 90 ssl_mac_sha = 2, 91 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ 92 ssl_hmac_sha = 4 /* TLS HMAC version of mac_sha */ 93} SSLMACAlgorithm; 94 95typedef enum { 96 ssl_compression_null = 0, 97 ssl_compression_deflate = 1 /* RFC 3749 */ 98} SSLCompressionMethod; 99 100typedef struct SSLChannelInfoStr { 101 PRUint32 length; 102 PRUint16 protocolVersion; 103 PRUint16 cipherSuite; 104 105 /* server authentication info */ 106 PRUint32 authKeyBits; 107 108 /* key exchange algorithm info */ 109 PRUint32 keaKeyBits; 110 111 /* session info */ 112 PRUint32 creationTime; /* seconds since Jan 1, 1970 */ 113 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ 114 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ 115 PRUint32 sessionIDLength; /* up to 32 */ 116 PRUint8 sessionID [32]; 117 118 /* The following fields are added in NSS 3.12.5. */ 119 120 /* compression method info */ 121 const char * compressionMethodName; 122 SSLCompressionMethod compressionMethod; 123} SSLChannelInfo; 124 125typedef struct SSLCipherSuiteInfoStr { 126 PRUint16 length; 127 PRUint16 cipherSuite; 128 129 /* Cipher Suite Name */ 130 const char * cipherSuiteName; 131 132 /* server authentication info */ 133 const char * authAlgorithmName; 134 SSLAuthType authAlgorithm; 135 136 /* key exchange algorithm info */ 137 const char * keaTypeName; 138 SSLKEAType keaType; 139 140 /* symmetric encryption info */ 141 const char * symCipherName; 142 SSLCipherAlgorithm symCipher; 143 PRUint16 symKeyBits; 144 PRUint16 symKeySpace; 145 PRUint16 effectiveKeyBits; 146 147 /* MAC info */ 148 const char * macAlgorithmName; 149 SSLMACAlgorithm macAlgorithm; 150 PRUint16 macBits; 151 152 PRUintn isFIPS : 1; 153 PRUintn isExportable : 1; 154 PRUintn nonStandard : 1; 155 PRUintn reservedBits :29; 156 157} SSLCipherSuiteInfo; 158 159typedef enum { 160 ssl_variant_stream = 0, 161 ssl_variant_datagram = 1 162} SSLProtocolVariant; 163 164typedef struct SSLVersionRangeStr { 165 PRUint16 min; 166 PRUint16 max; 167} SSLVersionRange; 168 169typedef enum { 170 SSL_sni_host_name = 0, 171 SSL_sni_type_total 172} SSLSniNameType; 173 174/* Supported extensions. */ 175/* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */ 176typedef enum { 177 ssl_server_name_xtn = 0, 178 ssl_cert_status_xtn = 5, 179#ifdef NSS_ENABLE_ECC 180 ssl_elliptic_curves_xtn = 10, 181 ssl_ec_point_formats_xtn = 11, 182#endif 183 ssl_use_srtp_xtn = 14, 184 ssl_session_ticket_xtn = 35, 185 ssl_next_proto_nego_xtn = 13172, 186 ssl_channel_id_xtn = 30031, 187 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ 188} SSLExtensionType; 189 190#define SSL_MAX_EXTENSIONS 9 191 192#endif /* __sslt_h_ */ 193