diff -r 000000000000 -r af10295192d8 networksecurity/tls/inc/SSLCONST.H --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/networksecurity/tls/inc/SSLCONST.H Tue Jan 26 15:23:49 2010 +0200 @@ -0,0 +1,372 @@ +// Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies). +// All rights reserved. +// This component and the accompanying materials are made available +// under the terms of "Eclipse Public License v1.0" +// which accompanies this distribution, and is available +// at the URL "http://www.eclipse.org/legal/epl-v10.html". +// +// Initial Contributors: +// Nokia Corporation - initial contribution. +// +// Contributors: +// +// Description: +// SSL DLL entry code +// +// + +#if !defined(__SSLCONST_H__) +#define __SSLCONST_H__ + +#define __USE_TLSV1__ +#include +#include + +const TInt KSSLActiveHighPriority=10; +const TInt KSSLActiveMedPriority=0; +const TInt KSSLActiveLowPriority=-10; + +// this constants are arbitrary and define high limits for the length of some tmp descriptors +const TUint KHSMessMax=0x100000; //TODO isnt it too big or too small? +const TInt KMaxBlkSize=32; +const TInt KMaxMac=32; // +const TInt KMaxPad=8; // +const TInt KOutRecBufLen=1024; +const TUint KCiphTextLengLimit=0x8000; //TODO ssl defines +// this value as 2^14+2048 but it seems that some servers exeed this limit +// so I put greater value. Need to check this. (Artem) + +// $$VR 21/09/2001 +const TUint KHSversionOffset=4; +const TUint KHSrandomOffset=6; +const TUint KHSrandomLength=32; +const TUint KHSsessionLenOffset=38; +const TUint KHSciperOffset=39; + +// CT 18/10/00 +// Maximum size of buffers used to hold keys during exchange. 512 will allow a 4096bit key. +const TInt KMaxKeyBufferSize=512; + +//error const +const TInt KErrRecProt=1; +//const KErr + +/** States for the record protocol parser. +* @since v6.0 */ +enum TRecordProtocol + { + /** Changing ciphers. */ + EChangeCipherSpec=20, + /** Alerting. */ + EAlert=21, + /** Handshake. */ + EHandshake=22, + /** Application data. */ + EApplicationData=23 + }; + +const TUint8 KCHCiphSpecByte=1; + +/** Hanshake protocol state. +* @since v6.0 */ +enum THandshakeProtocol + { + /** Hello request. */ + EHelloRequest, + /** Client hello. */ + EClientHello, + /** Server hello. */ + EServerHello, + /** Certificate. */ + ECert, + /** Certificate request. */ + ECertRequest, + /** Certificate verify. */ + ECertVerify, + /** Server hello done. */ + EServerHelloDone, + /** Server key exchange. */ + EServKeyExchange, + /** Client key exchange. */ + ECliKeyExchange, + /** Finished. */ + EFinished + }; + +class THandshakeProtocolTag +/** @since v6.0 */ + { +public: + THandshakeProtocol iHSMess; + TUint8 iValue; + }; + +/** @since v6.0 */ +const THandshakeProtocolTag THSMessTypes[10] = + { + {EHelloRequest,0}, + {EClientHello,1}, + {EServerHello,2}, + {ECert,11}, + {EServKeyExchange,12}, + {ECertRequest,13}, + {EServerHelloDone,14}, + {ECertVerify,15}, + {ECliKeyExchange,16}, + {EFinished,20} + }; + +/** Handshake message item. */ +enum THSMessItemType + { + /** Version. */ + EVersion, + /** Random. */ + ERandom, + /** Session ID. */ + ESessionID, + /** Cipher suite. */ + ECipherSuite, + /** Compression method. */ + ECompressionMethod, + /** Parameter. */ + EParameter, + /** Signature. */ + ESignature, + /** Raw data. */ + ERawData, + /** ASN1 certificate. */ + EASN1Cert, + /** Select. */ + ESelect, + /** End. */ + EEnd + }; + +/** Handshake message item quantity. */ +enum THSMessItemQuantity + { + /** Single item. */ + ESingle, + /** Item list. */ + EList + }; + +/** Handshake vector length. */ +enum THSVectorLengthType + { + /** Length fixed. */ + EFixed, + /** Length variable. */ + EVariable + }; + +class THSMessItem + { +public: + THSMessItemType iItemType; + TInt iValue; + THSVectorLengthType iLenType; + THSMessItemQuantity iQuantity; + }; + +/** Protocol alerts. */ +enum TAlertProtocol + { + /** Close notification. */ + ECloseNotify, + /** Unexpected message. */ + EUnexpectedMes, + /** Bad MAC received. */ + EBadRecordMac, + /** Decompression failure. */ + EDecompressionFailure, + /** Handshake failure. */ + EHandshakeFailure, + /** No certificate. */ + ENoCertificate, + /** Bad certificate. */ + EBadCertificate, + /** Unsupported certificate. */ + EUnsupportedCertificate, + /** Certificate is revoked. */ + ETLSCertificateRevoked, + /** Certificate is expired. */ + ECertificateExpired, + /** Certificate unknown. */ + ECertificateUnknown, + /** Illegal parameter. */ + EIllegalParameter + }; + +/** SSL Alert levels */ +enum TAlertLevel + { + /** Warning. */ + EWarning=1, + /** Fatal. */ + EFatal=2 + }; + + +class TAlertLevelTag +/** @since v6.0 */ +{ +public: + TAlertProtocol iAlert; + TUint8 iValue; + TAlertLevel iLevel; +}; + +/** @since v6.0 */ +const TAlertLevelTag Alerts[12]= +{ + {ECloseNotify,0,EWarning}, + {EUnexpectedMes,10,EFatal}, + {EBadRecordMac,20,EFatal}, + {EDecompressionFailure,30,EFatal}, + {EHandshakeFailure,40,EFatal}, + {ENoCertificate,41,EWarning}, + {EBadCertificate,42,EWarning}, + {EUnsupportedCertificate,43,EWarning}, + {ETLSCertificateRevoked,44,EWarning}, + {ECertificateExpired,45,EWarning}, + {ECertificateUnknown,46,EWarning}, + {EIllegalParameter,47,EFatal} +}; + +class TTLSVersion +/** @since v6.0 */ + { +public: + TUint8 iMajor; + TUint8 iMinor; + }; + +const TTLSVersion SSLv3Version= {3,0}; +const TTLSVersion TLSv1Version= {3,1}; +//const TTLSVersion DefaultVersion= TLSv1Version; + +//#define RSA_PKCS1_PADDING 11 +//#define RSA_SSLV23_PADDING 12 + +// Client/Server Hello frame constants, +const TUint KServerHelloMajorOffset = 0; +const TUint KServerHelloMinorOffset = 1; +const TUint KHelloRandomLength = 32; +//const TUint KServerHelloRandomOffset = 2; +//const TUint KServerHelloSessionIDLengthOffset = 34; +//const TUint KServerHelloSessionIDOffset = 35; +//const TUint KServerHelloCipherSuiteLengthOffset = 35; + +// Server cert frame constants +const TInt KServerCertOffset= 0x00; + +//Look RFC 2104 for explanation of ipad & opad +const TUint8 KIpad=0x36; +const TUint8 KOpad=0x5C; +//pg Note +//These following definitions used to be part of the previous crypto lib +/** Symmetric cipher types +* +* @since v6.0 */ +enum TSymmetricCipherType + { + /** default cipher. */ + EDefaultCipher, + /** null cipher. */ + ENullCipher, + /** DES in ecb mode, iv=0, block=8, key= 8. */ + EDes_ecb, + /** DES in ecb ede mode, iv=0, block=8, key=16. */ + EDes_ede, + /** DES in ecb ede mode, iv=0, block=8, key=24. */ + EDes_ede3, + /** DES in cfb mode, iv=8, block=1, key= 8. */ + EDes_cfb, + /** DES in ede cfb mode, iv=8, block=1, key=16. */ + EDes_ede_cfb, + /** DES in ede cfb mode, iv=8, block=1, key=24. */ + EDes_ede3_cfb, + /** DES in ofb mode, iv=8, block=1, key= 8. */ + EDes_ofb, + /** DES in ede ofb mode, iv=8, block=1, key=16. */ + EDes_ede_ofb, + /** DES in ede ofb mode, iv=8, block=1, key=24. */ + EDes_ede3_ofb, + /** DES in cbc mode, iv=8, block=8, key= 8. */ + EDes_cbc, + /** DES in cbc ede mode, iv=8, block=8, key=16. */ + EDes_ede_cbc, + /** DES in cbc ede mode, iv=8, block=8, key=24. */ + EDes_ede3_cbc, + /** DES in desx cbc mode,iv=8, block=8, key=24 */ + EDesx_cbc, + /** ARC4, iv=0, block=1, key=16. */ + ERc4, + /** RC5 in ecb mode. */ + ERc5_ecb, // RC5, + /** RC5 in cbc mode. */ + ERc5_cbc, + /** RC5 in cfb mode. */ + ERc5_cfb, + /** RC5 in ofb mode. */ + ERc5_ofb, + /** IDEA in ecb mode, iv=0, block=8, key=16. */ + EIdea_ecb, + /** IDEA in cfb mode, iv=8, block=1, key=16. */ + EIdea_cfb, + /** IDEA in ofb mode, iv=8, block=1, key=16. */ + EIdea_ofb, + /** IDEA in cbc mode, iv=8, block=8, key=16. */ + EIdea_cbc, + /** RC2 in ecb mode. */ + ERc2_ecb, + /** RC2 in cbc mode. */ + ERc2_cbc +// ERc2_cfb, +// ERc2_ofb + }; + +/** Message digest types. */ +enum TMessageDigestType + { + /** Default. */ + EDefaultDigest, + /** None. */ + EMdNull, + /** RSA sign/verify. */ + EMd5, + /** RSA sign/verify. */ + ESha, + /** RSA sign/verify. */ + ESha1, + /** DSA sign/verify. */ + EDss, + /** DSA sign/verify. */ + EDss1, + /** MAC sign/verify. */ + EHMac + }; + +/** Public key algorithm. */ +enum TPublicKeyAlg + { + /** RSA encryption. */ + ERsa, + /** DH encryption. */ + EDh, + /** DSA encryption. */ + EDsa + }; + +class TAlgorithmInfo + { +public: + TInt iType;//TODO enum + TInt iSize; + }; + + +#endif +