1 files changed, 151 insertions, 0 deletions
diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h
new file mode 100644
index 000000000..72a430bf2
--- /dev/null
+++ b/src/tls/tls_magic.h
@@ -0,0 +1,151 @@
+/*
+* SSL/TLS Protocol Constants
+* (C) 2004-2010 Jack Lloyd
+*
+* Released under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TLS_PROTOCOL_MAGIC_H__
+#define BOTAN_TLS_PROTOCOL_MAGIC_H__
+
+namespace Botan {
+
+namespace TLS {
+
+/**
+* Protocol Constants for SSL/TLS
+*/
+enum Size_Limits {
+   TLS_HEADER_SIZE    = 5,
+   MAX_PLAINTEXT_SIZE = 16*1024,
+   MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024,
+   MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024,
+
+   MAX_TLS_RECORD_SIZE = MAX_CIPHERTEXT_SIZE + TLS_HEADER_SIZE,
+};
+
+enum Connection_Side { CLIENT = 1, SERVER = 2 };
+
+enum Record_Type {
+   CONNECTION_CLOSED  = 0,
+
+   CHANGE_CIPHER_SPEC = 20,
+   ALERT              = 21,
+   HANDSHAKE          = 22,
+   APPLICATION_DATA   = 23
+};
+
+enum Handshake_Type {
+   HELLO_REQUEST       = 0,
+   CLIENT_HELLO        = 1,
+   CLIENT_HELLO_SSLV2  = 200, // Not a wire value
+   SERVER_HELLO        = 2,
+   NEW_SESSION_TICKET  = 4, // RFC 5077
+   CERTIFICATE         = 11,
+   SERVER_KEX          = 12,
+   CERTIFICATE_REQUEST = 13,
+   SERVER_HELLO_DONE   = 14,
+   CERTIFICATE_VERIFY  = 15,
+   CLIENT_KEX          = 16,
+   FINISHED            = 20,
+
+   NEXT_PROTOCOL       = 67,
+
+   HANDSHAKE_CCS       = 100, // Not a wire value
+   HANDSHAKE_NONE      = 255  // Null value
+};
+
+enum Ciphersuite_Code {
+   TLS_RSA_WITH_RC4_128_MD5                 = 0x0004,
+   TLS_RSA_WITH_RC4_128_SHA                 = 0x0005,
+
+   TLS_RSA_WITH_3DES_EDE_CBC_SHA            = 0x000A,
+   TLS_RSA_WITH_AES_128_CBC_SHA             = 0x002F,
+   TLS_RSA_WITH_AES_256_CBC_SHA             = 0x0035,
+   TLS_RSA_WITH_AES_128_CBC_SHA256          = 0x003C,
+   TLS_RSA_WITH_AES_256_CBC_SHA256          = 0x003D,
+   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        = 0x0041,
+   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        = 0x0084,
+   TLS_RSA_WITH_SEED_CBC_SHA                = 0x0096,
+   TLS_RSA_WITH_IDEA_CBC_SHA                = 0x0007,
+
+   TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        = 0x0013,
+   TLS_DHE_DSS_WITH_AES_128_CBC_SHA         = 0x0032,
+   TLS_DHE_DSS_WITH_AES_256_CBC_SHA         = 0x0038,
+   TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      = 0x0040,
+   TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      = 0x006A,
+   TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA    = 0x0044,
+   TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA    = 0x0087,
+   TLS_DHE_DSS_WITH_SEED_CBC_SHA            = 0x0099,
+   TLS_DHE_DSS_WITH_RC4_128_SHA             = 0x0066,
+
+   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        = 0x0016,
+   TLS_DHE_RSA_WITH_AES_128_CBC_SHA         = 0x0033,
+   TLS_DHE_RSA_WITH_AES_256_CBC_SHA         = 0x0039,
+   TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      = 0x0067,
+   TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      = 0x006B,
+   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    = 0x0045,
+   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    = 0x0088,
+   TLS_DHE_RSA_WITH_SEED_CBC_SHA            = 0x009A,
+
+   TLS_ECDHE_ECDSA_WITH_RC4_128_SHA         = 0xC007,
+   TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA    = 0xC008,
+   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA     = 0xC009,
+   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA     = 0xC00A,
+   TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256  = 0xC023,
+   TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384  = 0xC024,
+
+   TLS_ECDHE_RSA_WITH_RC4_128_SHA           = 0xC011,
+   TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA      = 0xC012,
+   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       = 0xC013,
+   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       = 0xC014,
+   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256    = 0xC027,
+   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384    = 0xC028,
+
+   TLS_PSK_WITH_RC4_128_SHA                 = 0x008A,
+   TLS_PSK_WITH_3DES_EDE_CBC_SHA            = 0x008B,
+   TLS_PSK_WITH_AES_128_CBC_SHA             = 0x008C,
+   TLS_PSK_WITH_AES_256_CBC_SHA             = 0x008D,
+   TLS_PSK_WITH_AES_128_CBC_SHA256          = 0x00AE,
+   TLS_PSK_WITH_AES_256_CBC_SHA384          = 0x00AF,
+
+   TLS_DHE_PSK_WITH_RC4_128_SHA             = 0x008E,
+   TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA        = 0x008F,
+   TLS_DHE_PSK_WITH_AES_128_CBC_SHA         = 0x0090,
+   TLS_DHE_PSK_WITH_AES_256_CBC_SHA         = 0x0091,
+   TLS_DHE_PSK_WITH_AES_128_CBC_SHA256      = 0x00B2,
+   TLS_DHE_PSK_WITH_AES_256_CBC_SHA384      = 0x00B3,
+
+   TLS_ECDHE_PSK_WITH_RC4_128_SHA           = 0xC033,
+   TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA      = 0xC034,
+   TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       = 0xC035,
+   TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       = 0xC036,
+   TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256    = 0xC037,
+   TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384    = 0xC038,
+
+   TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA        = 0xC01A,
+   TLS_SRP_SHA_WITH_AES_128_CBC_SHA         = 0xC01D,
+   TLS_SRP_SHA_WITH_AES_256_CBC_SHA         = 0xC020,
+
+   TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA    = 0xC01C,
+   TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA     = 0xC01F,
+   TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA     = 0xC022,
+
+   TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA    = 0xC01B,
+   TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA     = 0xC01E,
+   TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA     = 0xC021,
+
+   /* signalling values that cannot be negotiated */
+   TLS_EMPTY_RENEGOTIATION_INFO_SCSV        = 0x00FF
+};
+
+enum Compression_Method {
+   NO_COMPRESSION       = 0x00,
+   DEFLATE_COMPRESSION  = 0x01
+};
+
+}
+
+}
+
+#endif