sslt.h revision 868fa2fe829687343ffae624259930155e16dbd8
1/* 2 * This file contains prototypes for the public SSL functions. 3 * 4 * This Source Code Form is subject to the terms of the Mozilla Public 5 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 7/* $Id$ */ 8 9#ifndef __sslt_h_ 10#define __sslt_h_ 11 12#include "prtypes.h" 13 14/* SECItemArray is added in NSS 3.15. Define the type if compiling 15** against an older version of NSS. 16*/ 17#include "nssutil.h" 18#if NSSUTIL_VMAJOR == 3 && NSSUTIL_VMINOR < 15 19typedef struct SECItemArrayStr SECItemArray; 20 21struct SECItemArrayStr { 22 SECItem *items; 23 unsigned int len; 24}; 25#endif /* NSSUTIL_VMAJOR == 3 && NSSUTIL_VMINOR < 15 */ 26 27typedef struct SSL3StatisticsStr { 28 /* statistics from ssl3_SendClientHello (sch) */ 29 long sch_sid_cache_hits; 30 long sch_sid_cache_misses; 31 long sch_sid_cache_not_ok; 32 33 /* statistics from ssl3_HandleServerHello (hsh) */ 34 long hsh_sid_cache_hits; 35 long hsh_sid_cache_misses; 36 long hsh_sid_cache_not_ok; 37 38 /* statistics from ssl3_HandleClientHello (hch) */ 39 long hch_sid_cache_hits; 40 long hch_sid_cache_misses; 41 long hch_sid_cache_not_ok; 42 43 /* statistics related to stateless resume */ 44 long sch_sid_stateless_resumes; 45 long hsh_sid_stateless_resumes; 46 long hch_sid_stateless_resumes; 47 long hch_sid_ticket_parse_failures; 48} SSL3Statistics; 49 50/* Key Exchange algorithm values */ 51typedef enum { 52 ssl_kea_null = 0, 53 ssl_kea_rsa = 1, 54 ssl_kea_dh = 2, 55 ssl_kea_fortezza = 3, /* deprecated, now unused */ 56 ssl_kea_ecdh = 4, 57 ssl_kea_size /* number of ssl_kea_ algorithms */ 58} SSLKEAType; 59 60/* The following defines are for backwards compatibility. 61** They will be removed in a forthcoming release to reduce namespace pollution. 62** programs that use the kt_ symbols should convert to the ssl_kt_ symbols 63** soon. 64*/ 65#define kt_null ssl_kea_null 66#define kt_rsa ssl_kea_rsa 67#define kt_dh ssl_kea_dh 68#define kt_fortezza ssl_kea_fortezza /* deprecated, now unused */ 69#define kt_ecdh ssl_kea_ecdh 70#define kt_kea_size ssl_kea_size 71 72typedef enum { 73 ssl_sign_null = 0, 74 ssl_sign_rsa = 1, 75 ssl_sign_dsa = 2, 76 ssl_sign_ecdsa = 3 77} SSLSignType; 78 79typedef enum { 80 ssl_auth_null = 0, 81 ssl_auth_rsa = 1, 82 ssl_auth_dsa = 2, 83 ssl_auth_kea = 3, 84 ssl_auth_ecdsa = 4 85} SSLAuthType; 86 87typedef enum { 88 ssl_calg_null = 0, 89 ssl_calg_rc4 = 1, 90 ssl_calg_rc2 = 2, 91 ssl_calg_des = 3, 92 ssl_calg_3des = 4, 93 ssl_calg_idea = 5, 94 ssl_calg_fortezza = 6, /* deprecated, now unused */ 95 ssl_calg_aes = 7, /* coming soon */ 96 ssl_calg_camellia = 8, 97 ssl_calg_seed = 9 98} SSLCipherAlgorithm; 99 100typedef enum { 101 ssl_mac_null = 0, 102 ssl_mac_md5 = 1, 103 ssl_mac_sha = 2, 104 ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */ 105 ssl_hmac_sha = 4, /* TLS HMAC version of mac_sha */ 106 ssl_hmac_sha256 = 5 107} SSLMACAlgorithm; 108 109typedef enum { 110 ssl_compression_null = 0, 111 ssl_compression_deflate = 1 /* RFC 3749 */ 112} SSLCompressionMethod; 113 114typedef struct SSLChannelInfoStr { 115 PRUint32 length; 116 PRUint16 protocolVersion; 117 PRUint16 cipherSuite; 118 119 /* server authentication info */ 120 PRUint32 authKeyBits; 121 122 /* key exchange algorithm info */ 123 PRUint32 keaKeyBits; 124 125 /* session info */ 126 PRUint32 creationTime; /* seconds since Jan 1, 1970 */ 127 PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */ 128 PRUint32 expirationTime; /* seconds since Jan 1, 1970 */ 129 PRUint32 sessionIDLength; /* up to 32 */ 130 PRUint8 sessionID [32]; 131 132 /* The following fields are added in NSS 3.12.5. */ 133 134 /* compression method info */ 135 const char * compressionMethodName; 136 SSLCompressionMethod compressionMethod; 137} SSLChannelInfo; 138 139typedef struct SSLCipherSuiteInfoStr { 140 PRUint16 length; 141 PRUint16 cipherSuite; 142 143 /* Cipher Suite Name */ 144 const char * cipherSuiteName; 145 146 /* server authentication info */ 147 const char * authAlgorithmName; 148 SSLAuthType authAlgorithm; 149 150 /* key exchange algorithm info */ 151 const char * keaTypeName; 152 SSLKEAType keaType; 153 154 /* symmetric encryption info */ 155 const char * symCipherName; 156 SSLCipherAlgorithm symCipher; 157 PRUint16 symKeyBits; 158 PRUint16 symKeySpace; 159 PRUint16 effectiveKeyBits; 160 161 /* MAC info */ 162 const char * macAlgorithmName; 163 SSLMACAlgorithm macAlgorithm; 164 PRUint16 macBits; 165 166 PRUintn isFIPS : 1; 167 PRUintn isExportable : 1; 168 PRUintn nonStandard : 1; 169 PRUintn reservedBits :29; 170 171} SSLCipherSuiteInfo; 172 173typedef enum { 174 ssl_variant_stream = 0, 175 ssl_variant_datagram = 1 176} SSLProtocolVariant; 177 178typedef struct SSLVersionRangeStr { 179 PRUint16 min; 180 PRUint16 max; 181} SSLVersionRange; 182 183typedef enum { 184 SSL_sni_host_name = 0, 185 SSL_sni_type_total 186} SSLSniNameType; 187 188/* Supported extensions. */ 189/* Update SSL_MAX_EXTENSIONS whenever a new extension type is added. */ 190typedef enum { 191 ssl_server_name_xtn = 0, 192 ssl_cert_status_xtn = 5, 193#ifdef NSS_ENABLE_ECC 194 ssl_elliptic_curves_xtn = 10, 195 ssl_ec_point_formats_xtn = 11, 196#endif 197 ssl_signature_algorithms_xtn = 13, 198 ssl_use_srtp_xtn = 14, 199 ssl_session_ticket_xtn = 35, 200 ssl_next_proto_nego_xtn = 13172, 201 ssl_channel_id_xtn = 30031, 202 ssl_renegotiation_info_xtn = 0xff01 /* experimental number */ 203} SSLExtensionType; 204 205#define SSL_MAX_EXTENSIONS 10 206 207#endif /* __sslt_h_ */ 208