aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tls_magic.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/tls_magic.h')
-rw-r--r--src/tls/tls_magic.h145
1 files changed, 145 insertions, 0 deletions
diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h
new file mode 100644
index 000000000..dced09964
--- /dev/null
+++ b/src/tls/tls_magic.h
@@ -0,0 +1,145 @@
+/*
+* SSL/TLS Protocol Constants
+* (C) 2004-2010 Jack Lloyd
+*
+* Released under the terms of the Botan license
+*/
+
+#ifndef BOTAN_TLS_PROTOCOL_MAGIC_H__
+#define BOTAN_TLS_PROTOCOL_MAGIC_H__
+
+namespace Botan {
+
+namespace TLS {
+
+/**
+* Protocol Constants for SSL/TLS
+*/
+enum Size_Limits {
+ TLS_HEADER_SIZE = 5,
+ MAX_PLAINTEXT_SIZE = 16*1024,
+ MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024,
+ MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024,
+
+ MAX_TLS_RECORD_SIZE = MAX_CIPHERTEXT_SIZE + TLS_HEADER_SIZE,
+};
+
+enum Connection_Side { CLIENT = 1, SERVER = 2 };
+
+enum Record_Type {
+ CONNECTION_CLOSED = 0,
+
+ CHANGE_CIPHER_SPEC = 20,
+ ALERT = 21,
+ HANDSHAKE = 22,
+ APPLICATION_DATA = 23
+};
+
+enum Handshake_Type {
+ HELLO_REQUEST = 0,
+ CLIENT_HELLO = 1,
+ CLIENT_HELLO_SSLV2 = 200, // Not a wire value
+ SERVER_HELLO = 2,
+ NEW_SESSION_TICKET = 4, // RFC 5077
+ CERTIFICATE = 11,
+ SERVER_KEX = 12,
+ CERTIFICATE_REQUEST = 13,
+ SERVER_HELLO_DONE = 14,
+ CERTIFICATE_VERIFY = 15,
+ CLIENT_KEX = 16,
+ FINISHED = 20,
+
+ NEXT_PROTOCOL = 67,
+
+ HANDSHAKE_CCS = 100, // Not a wire value
+ HANDSHAKE_NONE = 255 // Null value
+};
+
+enum Ciphersuite_Code {
+ TLS_RSA_WITH_RC4_128_MD5 = 0x0004,
+ TLS_RSA_WITH_RC4_128_SHA = 0x0005,
+
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A,
+ TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
+ TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
+ TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
+ TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
+ TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
+ TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007,
+
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099,
+ TLS_DHE_DSS_WITH_RC4_128_SHA = 0x0066,
+
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067,
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
+
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007,
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
+
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011,
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027,
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
+
+ TLS_PSK_WITH_RC4_128_SHA = 0x008A,
+ TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B,
+ TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C,
+ TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D,
+ TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE,
+ TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF,
+
+ TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E,
+ TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F,
+ TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090,
+ TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091,
+ TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
+ TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3,
+
+ TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033,
+ TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034,
+ TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
+ TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036,
+ TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037,
+ TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038,
+
+ TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A,
+ TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D,
+ TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020,
+
+ TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C,
+ TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F,
+ TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022,
+
+ TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B,
+ TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E,
+ TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021,
+
+ /* signalling values that cannot be negotiated */
+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF
+};
+
+enum Compression_Method {
+ NO_COMPRESSION = 0x00,
+ DEFLATE_COMPRESSION = 0x01
+};
+
+}
+
+}
+
+#endif