diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-28 07:38:20 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-04-28 07:38:20 +0200 |
commit | 6b2bba06b433fb75979ab6daf7bbe8bc76c53875 (patch) | |
tree | 75803b4683889e6e0d2a3faef30415db3ff7b3ba /security/nss/lib/ssl/ssl3prot.h | |
parent | 72def35cd0cf3649b6d7ab72b66117df3e1c33fc (diff) | |
parent | c75dae3ed21bfa5a8ae46cd83d18329af5bea05a (diff) | |
download | UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.gz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.lz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.tar.xz UXP-6b2bba06b433fb75979ab6daf7bbe8bc76c53875.zip |
Merge branch 'master' of https://github.com/MoonchildProductions/UXP into pm_url_1
Diffstat (limited to 'security/nss/lib/ssl/ssl3prot.h')
-rw-r--r-- | security/nss/lib/ssl/ssl3prot.h | 126 |
1 files changed, 121 insertions, 5 deletions
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h index d1f46db97..ac31cf263 100644 --- a/security/nss/lib/ssl/ssl3prot.h +++ b/security/nss/lib/ssl/ssl3prot.h @@ -16,12 +16,13 @@ typedef PRUint16 SSL3ProtocolVersion; /* The TLS 1.3 draft version. Used to avoid negotiating * between incompatible pre-standard TLS 1.3 drafts. * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ -#define TLS_1_3_DRAFT_VERSION 23 +#define TLS_1_3_DRAFT_VERSION 18 typedef PRUint16 ssl3CipherSuite; /* The cipher suites are defined in sslproto.h */ #define MAX_CERT_TYPES 10 +#define MAX_COMPRESSION_METHODS 10 #define MAX_MAC_LENGTH 64 #define MAX_PADDING_LENGTH 64 #define MAX_KEY_LENGTH 64 @@ -29,6 +30,7 @@ typedef PRUint16 ssl3CipherSuite; #define SSL3_RANDOM_LENGTH 32 #define SSL3_RECORD_HEADER_LENGTH 5 +#define TLS13_RECORD_HEADER_LENGTH_SHORT 2 /* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ #define DTLS_RECORD_HEADER_LENGTH 13 @@ -39,18 +41,47 @@ typedef enum { content_change_cipher_spec = 20, content_alert = 21, content_handshake = 22, - content_application_data = 23, - content_alt_handshake = 24, - content_ack = 25 + content_application_data = 23 } SSL3ContentType; +typedef struct { + SSL3ContentType type; + SSL3ProtocolVersion version; + PRUint16 length; + SECItem fragment; +} SSL3Plaintext; + +typedef struct { + SSL3ContentType type; + SSL3ProtocolVersion version; + PRUint16 length; + SECItem fragment; +} SSL3Compressed; + +typedef struct { + SECItem content; + PRUint8 MAC[MAX_MAC_LENGTH]; +} SSL3GenericStreamCipher; + +typedef struct { + SECItem content; + PRUint8 MAC[MAX_MAC_LENGTH]; + PRUint8 padding[MAX_PADDING_LENGTH]; + PRUint8 padding_length; +} SSL3GenericBlockCipher; + typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; +typedef struct { + SSL3ChangeCipherSpecChoice choice; +} SSL3ChangeCipherSpec; + typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel; typedef enum { close_notify = 0, + end_of_early_data = 1, /* TLS 1.3 */ unexpected_message = 10, bad_record_mac = 20, decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ @@ -91,13 +122,64 @@ typedef enum { no_alert = 256 } SSL3AlertDescription; -typedef PRUint8 SSL3Random[SSL3_RANDOM_LENGTH]; +typedef struct { + SSL3AlertLevel level; + SSL3AlertDescription description; +} SSL3Alert; + +typedef enum { + hello_request = 0, + client_hello = 1, + server_hello = 2, + hello_verify_request = 3, + new_session_ticket = 4, + hello_retry_request = 6, + encrypted_extensions = 8, + certificate = 11, + server_key_exchange = 12, + certificate_request = 13, + server_hello_done = 14, + certificate_verify = 15, + client_key_exchange = 16, + finished = 20, + certificate_status = 22, + next_proto = 67 +} SSL3HandshakeType; + +typedef struct { + PRUint8 empty; +} SSL3HelloRequest; + +typedef struct { + PRUint8 rand[SSL3_RANDOM_LENGTH]; +} SSL3Random; typedef struct { PRUint8 id[32]; PRUint8 length; } SSL3SessionID; +typedef struct { + SSL3ProtocolVersion client_version; + SSL3Random random; + SSL3SessionID session_id; + SECItem cipher_suites; + PRUint8 cm_count; + SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; +} SSL3ClientHello; + +typedef struct { + SSL3ProtocolVersion server_version; + SSL3Random random; + SSL3SessionID session_id; + ssl3CipherSuite cipher_suite; + SSLCompressionMethod compression_method; +} SSL3ServerHello; + +typedef struct { + SECItem list; +} SSL3Certificate; + /* SSL3SignType moved to ssl.h */ /* The SSL key exchange method used */ @@ -119,6 +201,24 @@ typedef enum { kea_tls13_any, } SSL3KeyExchangeAlgorithm; +typedef struct { + SECItem modulus; + SECItem exponent; +} SSL3ServerRSAParams; + +typedef struct { + SECItem p; + SECItem g; + SECItem Ys; +} SSL3ServerDHParams; + +typedef struct { + union { + SSL3ServerDHParams dh; + SSL3ServerRSAParams rsa; + } u; +} SSL3ServerParams; + /* SSL3HashesIndividually contains a combination MD5/SHA1 hash, as used in TLS * prior to 1.2. */ typedef struct { @@ -135,9 +235,17 @@ typedef struct { union { PRUint8 raw[64]; SSL3HashesIndividually s; + unsigned int transcriptLen; } u; } SSL3Hashes; +typedef struct { + union { + PRUint8 anonymous; + SSL3Hashes certified; + } u; +} SSL3ServerKeyExchange; + typedef enum { ct_RSA_sign = 1, ct_DSS_sign = 2, @@ -148,8 +256,16 @@ typedef enum { ct_ECDSA_sign = 64, ct_RSA_fixed_ECDH = 65, ct_ECDSA_fixed_ECDH = 66 + } SSL3ClientCertificateType; +typedef struct { + PRUint8 client_version[2]; + PRUint8 random[46]; +} SSL3RSAPreMasterSecret; + +typedef PRUint8 SSL3MasterSecret[48]; + typedef enum { sender_client = 0x434c4e54, sender_server = 0x53525652 |