summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/ssl/sslspec.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/ssl/sslspec.h')
-rw-r--r--security/nss/lib/ssl/sslspec.h194
1 files changed, 0 insertions, 194 deletions
diff --git a/security/nss/lib/ssl/sslspec.h b/security/nss/lib/ssl/sslspec.h
deleted file mode 100644
index 729ac1006..000000000
--- a/security/nss/lib/ssl/sslspec.h
+++ /dev/null
@@ -1,194 +0,0 @@
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/*
- * This file is PRIVATE to SSL.
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef __sslspec_h_
-#define __sslspec_h_
-
-#include "sslexp.h"
-#include "prclist.h"
-
-typedef enum {
- TrafficKeyClearText = 0,
- TrafficKeyEarlyApplicationData = 1,
- TrafficKeyHandshake = 2,
- TrafficKeyApplicationData = 3
-} TrafficKeyType;
-
-typedef enum {
- CipherSpecRead,
- CipherSpecWrite,
-} CipherSpecDirection;
-
-#define SPEC_DIR(spec) \
- ((spec->direction == CipherSpecRead) ? "read" : "write")
-
-typedef struct ssl3CipherSpecStr ssl3CipherSpec;
-typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef;
-typedef struct ssl3MACDefStr ssl3MACDef;
-typedef struct ssl3CipherSuiteDefStr ssl3CipherSuiteDef;
-typedef PRUint64 sslSequenceNumber;
-typedef PRUint16 DTLSEpoch;
-
-/* The SSL bulk cipher definition */
-typedef enum {
- cipher_null,
- cipher_rc4,
- cipher_des,
- cipher_3des,
- cipher_aes_128,
- cipher_aes_256,
- cipher_camellia_128,
- cipher_camellia_256,
- cipher_seed,
- cipher_aes_128_gcm,
- cipher_aes_256_gcm,
- cipher_chacha20,
- cipher_missing /* reserved for no such supported cipher */
- /* This enum must match ssl3_cipherName[] in ssl3con.c. */
-} SSL3BulkCipher;
-
-typedef enum {
- type_stream,
- type_block,
- type_aead
-} CipherType;
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3BulkCipherDefStr {
- SSL3BulkCipher cipher;
- SSLCipherAlgorithm calg;
- unsigned int key_size;
- unsigned int secret_key_size;
- CipherType type;
- unsigned int iv_size;
- unsigned int block_size;
- unsigned int tag_size; /* for AEAD ciphers. */
- unsigned int explicit_nonce_size; /* for AEAD ciphers. */
- SECOidTag oid;
- const char *short_name;
- /* The maximum number of records that can be sent/received with the same
- * symmetric key before the connection will be terminated. */
- PRUint64 max_records;
-};
-
-/* to make some of these old enums public without namespace pollution,
-** it was necessary to prepend ssl_ to the names.
-** These #defines preserve compatibility with the old code here in libssl.
-*/
-typedef SSLMACAlgorithm SSL3MACAlgorithm;
-
-/*
- * There are tables of these, all const.
- */
-struct ssl3MACDefStr {
- SSL3MACAlgorithm mac;
- CK_MECHANISM_TYPE mmech;
- int pad_size;
- int mac_size;
- SECOidTag oid;
-};
-
-#define MAX_IV_LENGTH 24
-
-typedef struct {
- PK11SymKey *key;
- PK11SymKey *macKey;
- PK11Context *macContext;
- PRUint8 iv[MAX_IV_LENGTH];
-} ssl3KeyMaterial;
-
-typedef SECStatus (*SSLCipher)(void *context,
- unsigned char *out,
- int *outlen,
- int maxout,
- const unsigned char *in,
- int inlen);
-typedef SECStatus (*SSLAEADCipher)(
- ssl3KeyMaterial *keys,
- PRBool doDecrypt,
- unsigned char *out,
- int *outlen,
- int maxout,
- const unsigned char *in,
- int inlen,
- const unsigned char *additionalData,
- int additionalDataLen);
-
-/* The DTLS anti-replay window in number of packets. Defined here because we
- * need it in the cipher spec. Note that this is a ring buffer but left and
- * right represent the true window, with modular arithmetic used to map them
- * onto the buffer.
- */
-#define DTLS_RECVD_RECORDS_WINDOW 1024
-#define RECORD_SEQ_MASK ((1ULL << 48) - 1)
-#define RECORD_SEQ_MAX RECORD_SEQ_MASK
-PR_STATIC_ASSERT(DTLS_RECVD_RECORDS_WINDOW % 8 == 0);
-
-typedef struct DTLSRecvdRecordsStr {
- unsigned char data[DTLS_RECVD_RECORDS_WINDOW / 8];
- sslSequenceNumber left;
- sslSequenceNumber right;
-} DTLSRecvdRecords;
-
-/*
- * These are the "specs" used for reading and writing records. Access to the
- * pointers to these specs, and all the specs' contents (direct and indirect) is
- * protected by the reader/writer lock ss->specLock.
- */
-struct ssl3CipherSpecStr {
- PRCList link;
- PRUint8 refCt;
-
- CipherSpecDirection direction;
- SSL3ProtocolVersion version;
- SSL3ProtocolVersion recordVersion;
-
- const ssl3BulkCipherDef *cipherDef;
- const ssl3MACDef *macDef;
-
- SSLCipher cipher;
- SSLAEADCipher aead;
- void *cipherContext;
-
- PK11SymKey *masterSecret;
- ssl3KeyMaterial keyMaterial;
-
- DTLSEpoch epoch;
- const char *phase;
- sslSequenceNumber seqNum;
- DTLSRecvdRecords recvdRecords;
-
- /* The number of 0-RTT bytes that can be sent or received in TLS 1.3. This
- * will be zero for everything but 0-RTT. */
- PRUint32 earlyDataRemaining;
-};
-
-typedef void (*sslCipherSpecChangedFunc)(void *arg,
- PRBool sending,
- ssl3CipherSpec *newSpec);
-
-const ssl3BulkCipherDef *ssl_GetBulkCipherDef(const ssl3CipherSuiteDef *cipher_def);
-const ssl3MACDef *ssl_GetMacDefByAlg(SSL3MACAlgorithm mac);
-const ssl3MACDef *ssl_GetMacDef(const sslSocket *ss, const ssl3CipherSuiteDef *suiteDef);
-
-ssl3CipherSpec *ssl_CreateCipherSpec(sslSocket *ss, CipherSpecDirection direction);
-void ssl_SaveCipherSpec(sslSocket *ss, ssl3CipherSpec *spec);
-void ssl_CipherSpecAddRef(ssl3CipherSpec *spec);
-void ssl_CipherSpecRelease(ssl3CipherSpec *spec);
-void ssl_DestroyCipherSpecs(PRCList *list);
-SECStatus ssl_SetupNullCipherSpec(sslSocket *ss, CipherSpecDirection dir);
-
-ssl3CipherSpec *ssl_FindCipherSpecByEpoch(sslSocket *ss,
- CipherSpecDirection direction,
- DTLSEpoch epoch);
-void ssl_CipherSpecReleaseByEpoch(sslSocket *ss, CipherSpecDirection direction,
- DTLSEpoch epoch);
-
-#endif /* __sslspec_h_ */