Initial NSS Open Source checkin

1 files changed, 158 insertions, 0 deletions

diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
new file mode 100644
index 000000000..51b780ca2
--- /dev/null
+++ b/security/nss/lib/ssl/sslproto.h
@@ -0,0 +1,158 @@
+/*
+ * Various and sundry protocol constants. DON'T CHANGE THESE. These values 
+ * are mostly defined by the SSL2, SSL3, or TLS protocol specifications.
+ * Cipher kinds and ciphersuites are part of the public API.
+ *
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ *
+ * $Id$
+ */
+
+#ifndef __sslproto_h_
+#define __sslproto_h_
+
+#define SSL_LIBRARY_VERSION_2			0x0002
+#define SSL_LIBRARY_VERSION_2_1			0x0201
+#define SSL_LIBRARY_VERSION_3_0			0x0300
+#define SSL_LIBRARY_VERSION_3_1_TLS		0x0301
+
+/* Header lengths of some of the messages */
+#define SSL_HL_ERROR_HBYTES			3
+#define SSL_HL_CLIENT_HELLO_HBYTES		9
+#define SSL_HL_CLIENT_MASTER_KEY_HBYTES		10
+#define SSL_HL_CLIENT_FINISHED_HBYTES		1
+#define SSL_HL_SERVER_HELLO_HBYTES		11
+#define SSL_HL_SERVER_VERIFY_HBYTES		1
+#define SSL_HL_SERVER_FINISHED_HBYTES		1
+#define SSL_HL_REQUEST_CERTIFICATE_HBYTES	2
+#define SSL_HL_CLIENT_CERTIFICATE_HBYTES	6
+
+/* Security handshake protocol codes */
+#define SSL_MT_ERROR				0
+#define SSL_MT_CLIENT_HELLO			1
+#define SSL_MT_CLIENT_MASTER_KEY		2
+#define SSL_MT_CLIENT_FINISHED			3
+#define SSL_MT_SERVER_HELLO			4
+#define SSL_MT_SERVER_VERIFY			5
+#define SSL_MT_SERVER_FINISHED			6
+#define SSL_MT_REQUEST_CERTIFICATE		7
+#define SSL_MT_CLIENT_CERTIFICATE		8
+
+/* Certificate types */
+#define SSL_CT_X509_CERTIFICATE			0x01
+#if 0 /* XXX Not implemented yet */
+#define SSL_PKCS6_CERTIFICATE			0x02
+#endif
+#define SSL_AT_MD5_WITH_RSA_ENCRYPTION		0x01
+
+/* Error codes */
+#define SSL_PE_NO_CYPHERS			0x0001
+#define SSL_PE_NO_CERTIFICATE			0x0002
+#define SSL_PE_BAD_CERTIFICATE			0x0004
+#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE	0x0006
+
+/* Cypher kinds (not the spec version!) */
+#define SSL_CK_RC4_128_WITH_MD5			0x01
+#define SSL_CK_RC4_128_EXPORT40_WITH_MD5	0x02
+#define SSL_CK_RC2_128_CBC_WITH_MD5		0x03
+#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5	0x04
+#define SSL_CK_IDEA_128_CBC_WITH_MD5		0x05
+#define SSL_CK_DES_64_CBC_WITH_MD5		0x06
+#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5	0x07
+
+/* Cipher enables.  These are used only for SSL_EnableCipher 
+ * These values define the SSL2 suites, and do not colide with the 
+ * SSL3 Cipher suites defined below.
+ */
+#define SSL_EN_RC4_128_WITH_MD5			0xFF01
+#define SSL_EN_RC4_128_EXPORT40_WITH_MD5	0xFF02
+#define SSL_EN_RC2_128_CBC_WITH_MD5		0xFF03
+#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5	0xFF04
+#define SSL_EN_IDEA_128_CBC_WITH_MD5		0xFF05
+#define SSL_EN_DES_64_CBC_WITH_MD5		0xFF06
+#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5	0xFF07
+
+/* SSL v3 Cipher Suites */
+#define SSL_NULL_WITH_NULL_NULL			0x0000
+
+#define SSL_RSA_WITH_NULL_MD5			0x0001
+#define SSL_RSA_WITH_NULL_SHA			0x0002
+#define SSL_RSA_EXPORT_WITH_RC4_40_MD5		0x0003
+#define SSL_RSA_WITH_RC4_128_MD5		0x0004
+#define SSL_RSA_WITH_RC4_128_SHA		0x0005
+#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5	0x0006
+#define SSL_RSA_WITH_IDEA_CBC_SHA		0x0007
+#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0008
+#define SSL_RSA_WITH_DES_CBC_SHA		0x0009
+#define SSL_RSA_WITH_3DES_EDE_CBC_SHA		0x000a
+						       
+#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA	0x000b
+#define SSL_DH_DSS_WITH_DES_CBC_SHA		0x000c
+#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA	0x000d
+#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA	0x000e
+#define SSL_DH_RSA_WITH_DES_CBC_SHA		0x000f
+#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA	0x0010
+						       
+#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	0x0011
+#define SSL_DHE_DSS_WITH_DES_CBC_SHA		0x0012
+#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA	0x0013
+#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0014
+#define SSL_DHE_RSA_WITH_DES_CBC_SHA		0x0015
+#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA	0x0016
+						       
+#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5	0x0017
+#define SSL_DH_ANON_WITH_RC4_128_MD5		0x0018
+#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA	0x0019
+#define SSL_DH_ANON_WITH_DES_CBC_SHA		0x001a
+#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA	0x001b
+
+#define SSL_FORTEZZA_DMS_WITH_NULL_SHA		0x001c
+#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA	0x001d
+#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA	0x001e
+
+/* New TLS cipher suites backported to SSL3. */
+#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     0x0062
+#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      0x0064
+
+#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063
+#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  0x0065
+#define TLS_DHE_DSS_WITH_RC4_128_SHA            0x0066
+
+/* Netscape "experimental" cipher suites. */
+#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA	0xffe0
+#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA	0xffe1
+
+/* New non-experimental openly spec'ed versions of those cipher suites. */
+#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 	0xfeff
+#define SSL_RSA_FIPS_WITH_DES_CBC_SHA      	0xfefe
+
+#endif /* __sslproto_h_ */