/* * SSL/TLS Protocol Constants * (C) 2004-2010 Jack Lloyd * * Released under the terms of the Botan license */ #ifndef BOTAN_TLS_PROTOCOL_MAGIC_H__ #define BOTAN_TLS_PROTOCOL_MAGIC_H__ namespace Botan { namespace TLS { /** * Protocol Constants for SSL/TLS */ enum Size_Limits { TLS_HEADER_SIZE = 5, MAX_PLAINTEXT_SIZE = 16*1024, MAX_COMPRESSED_SIZE = MAX_PLAINTEXT_SIZE + 1024, MAX_CIPHERTEXT_SIZE = MAX_COMPRESSED_SIZE + 1024, MAX_TLS_RECORD_SIZE = MAX_CIPHERTEXT_SIZE + TLS_HEADER_SIZE, }; enum Connection_Side { CLIENT = 1, SERVER = 2 }; enum Record_Type { CONNECTION_CLOSED = 0, CHANGE_CIPHER_SPEC = 20, ALERT = 21, HANDSHAKE = 22, APPLICATION_DATA = 23 }; enum Handshake_Type { HELLO_REQUEST = 0, CLIENT_HELLO = 1, CLIENT_HELLO_SSLV2 = 200, // Not a wire value SERVER_HELLO = 2, NEW_SESSION_TICKET = 4, // RFC 5077 CERTIFICATE = 11, SERVER_KEX = 12, CERTIFICATE_REQUEST = 13, SERVER_HELLO_DONE = 14, CERTIFICATE_VERIFY = 15, CLIENT_KEX = 16, FINISHED = 20, NEXT_PROTOCOL = 67, HANDSHAKE_CCS = 100, // Not a wire value HANDSHAKE_NONE = 255 // Null value }; enum Ciphersuite_Code { TLS_RSA_WITH_RC4_128_MD5 = 0x0004, TLS_RSA_WITH_RC4_128_SHA = 0x0005, TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D, TLS_RSA_WITH_SEED_CBC_SHA = 0x0096, TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A, TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099, TLS_DHE_DSS_WITH_RC4_128_SHA = 0x0066, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B, TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, TLS_PSK_WITH_RC4_128_SHA = 0x008A, TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00B0, TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E, TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F, TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2, TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033, TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037, TLS_SRP_SHA_DSS_WITH_3DES_EDE_SHA = 0xC01C, TLS_SRP_SHA_DSS_WITH_AES_128_SHA = 0xC01F, TLS_SRP_SHA_DSS_WITH_AES_256_SHA = 0xC022, TLS_SRP_SHA_RSA_WITH_3DES_EDE_SHA = 0xC01B, TLS_SRP_SHA_RSA_WITH_AES_128_SHA = 0xC01E, TLS_SRP_SHA_RSA_WITH_AES_256_SHA = 0xC021, /* signalling values that cannot be negotiated */ TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF }; enum Compression_Method { NO_COMPRESSION = 0x00, DEFLATE_COMPRESSION = 0x01 }; } } #endif