1
/* Private header file of libSSL.
2
* Various and sundry protocol constants. DON'T CHANGE THESE. These
3
* values are defined by the SSL 3.0 protocol specification.
5
* ***** BEGIN LICENSE BLOCK *****
6
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
8
* The contents of this file are subject to the Mozilla Public License Version
9
* 1.1 (the "License"); you may not use this file except in compliance with
10
* the License. You may obtain a copy of the License at
11
* http://www.mozilla.org/MPL/
13
* Software distributed under the License is distributed on an "AS IS" basis,
14
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
15
* for the specific language governing rights and limitations under the
18
* The Original Code is the Netscape security libraries.
20
* The Initial Developer of the Original Code is
21
* Netscape Communications Corporation.
22
* Portions created by the Initial Developer are Copyright (C) 1994-2000
23
* the Initial Developer. All Rights Reserved.
26
* Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
28
* Alternatively, the contents of this file may be used under the terms of
29
* either the GNU General Public License Version 2 or later (the "GPL"), or
30
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
31
* in which case the provisions of the GPL or the LGPL are applicable instead
32
* of those above. If you wish to allow use of your version of this file only
33
* under the terms of either the GPL or the LGPL, and not to allow others to
34
* use your version of this file under the terms of the MPL, indicate your
35
* decision by deleting the provisions above and replace them with the notice
36
* and other provisions required by the GPL or the LGPL. If you do not delete
37
* the provisions above, a recipient may use your version of this file under
38
* the terms of any one of the MPL, the GPL or the LGPL.
40
* ***** END LICENSE BLOCK ***** */
41
/* $Id: ssl3prot.h,v 1.10.2.2 2006/04/13 07:41:16 nelson%bolyard.com Exp $ */
43
#ifndef __ssl3proto_h_
44
#define __ssl3proto_h_
46
typedef uint8 SSL3Opaque;
48
typedef uint16 SSL3ProtocolVersion;
49
/* version numbers are defined in sslproto.h */
51
typedef uint16 ssl3CipherSuite;
52
/* The cipher suites are defined in sslproto.h */
54
#define MAX_CERT_TYPES 10
55
#define MAX_COMPRESSION_METHODS 10
56
#define MAX_MAC_LENGTH 64
57
#define MAX_PADDING_LENGTH 64
58
#define MAX_KEY_LENGTH 64
59
#define EXPORT_KEY_LENGTH 5
60
#define SSL3_RANDOM_LENGTH 32
62
#define SSL3_RECORD_HEADER_LENGTH 5
64
#define MAX_FRAGMENT_LENGTH 16384
67
content_change_cipher_spec = 20,
69
content_handshake = 22,
70
content_application_data = 23
75
SSL3ProtocolVersion version;
82
SSL3ProtocolVersion version;
89
SSL3Opaque MAC[MAX_MAC_LENGTH];
90
} SSL3GenericStreamCipher;
94
SSL3Opaque MAC[MAX_MAC_LENGTH];
95
uint8 padding[MAX_PADDING_LENGTH];
97
} SSL3GenericBlockCipher;
99
typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
102
SSL3ChangeCipherSpecChoice choice;
103
} SSL3ChangeCipherSpec;
105
typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
109
unexpected_message = 10,
111
decryption_failed = 21, /* TLS only */
112
record_overflow = 22, /* TLS only */
113
decompression_failure = 30,
114
handshake_failure = 40,
115
no_certificate = 41, /* SSL3 only, NOT TLS */
116
bad_certificate = 42,
117
unsupported_certificate = 43,
118
certificate_revoked = 44,
119
certificate_expired = 45,
120
certificate_unknown = 46,
121
illegal_parameter = 47,
123
/* All alerts below are TLS only. */
128
export_restriction = 60,
129
protocol_version = 70,
130
insufficient_security = 71,
133
no_renegotiation = 100,
135
/* Alerts for client hello extensions */
136
unsupported_extension = 110,
137
certificate_unobtainable = 111,
138
unrecognized_name = 112,
139
bad_certificate_status_response = 113,
140
bad_certificate_hash_value = 114
142
} SSL3AlertDescription;
145
SSL3AlertLevel level;
146
SSL3AlertDescription description;
154
server_key_exchange = 12,
155
certificate_request = 13,
156
server_hello_done = 14,
157
certificate_verify = 15,
158
client_key_exchange = 16,
167
SSL3Opaque rand[SSL3_RANDOM_LENGTH];
175
typedef enum { compression_null = 0 } SSL3CompressionMethod;
178
SSL3ProtocolVersion client_version;
180
SSL3SessionID session_id;
181
SECItem cipher_suites;
183
SSL3CompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
187
SSL3ProtocolVersion server_version;
189
SSL3SessionID session_id;
190
ssl3CipherSuite cipher_suite;
191
SSL3CompressionMethod compression_method;
198
/* SSL3SignType moved to ssl.h */
200
/* The SSL key exchange method used */
222
} SSL3KeyExchangeAlgorithm;
227
} SSL3ServerRSAParams;
233
} SSL3ServerDHParams;
237
SSL3ServerDHParams dh;
238
SSL3ServerRSAParams rsa;
249
SSL3Opaque anonymous;
250
SSL3Hashes certified;
252
} SSL3ServerKeyExchange;
259
ct_RSA_ephemeral_DH = 5,
260
ct_DSS_ephemeral_DH = 6,
262
ct_RSA_fixed_ECDH = 65,
263
ct_ECDSA_fixed_ECDH = 66
265
} SSL3ClientCertificateType;
267
typedef SECItem *SSL3DistinquishedName;
270
SSL3Opaque client_version[2];
271
SSL3Opaque random[46];
272
} SSL3RSAPreMasterSecret;
274
typedef SECItem SSL3EncryptedPreMasterSecret;
277
typedef SSL3Opaque SSL3MasterSecret[48];
279
typedef enum { implicit, explicit } SSL3PublicValueEncoding;
286
} SSL3ClientDiffieHellmanPublic;
290
SSL3EncryptedPreMasterSecret rsa;
291
SSL3ClientDiffieHellmanPublic diffie_helman;
293
} SSL3ClientKeyExchange;
295
typedef SSL3Hashes SSL3PreSignedCertificateVerify;
297
typedef SECItem SSL3CertificateVerify;
300
sender_client = 0x434c4e54,
301
sender_server = 0x53525652
304
typedef SSL3Hashes SSL3Finished;
307
SSL3Opaque verify_data[12];
310
#endif /* __ssl3proto_h_ */