| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * This file is PRIVATE to SSL and should be the first thing included by | 2 * This file is PRIVATE to SSL and should be the first thing included by |
| 3 * any SSL implementation file. | 3 * any SSL implementation file. |
| 4 * | 4 * |
| 5 * ***** BEGIN LICENSE BLOCK ***** | 5 * ***** BEGIN LICENSE BLOCK ***** |
| 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 7 * | 7 * |
| 8 * The contents of this file are subject to the Mozilla Public License Version | 8 * The contents of this file are subject to the Mozilla Public License Version |
| 9 * 1.1 (the "License"); you may not use this file except in compliance with | 9 * 1.1 (the "License"); you may not use this file except in compliance with |
| 10 * the License. You may obtain a copy of the License at | 10 * the License. You may obtain a copy of the License at |
| (...skipping 310 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 321 unsigned char isPresent : 1; | 321 unsigned char isPresent : 1; |
| 322 #endif | 322 #endif |
| 323 } ssl3CipherSuiteCfg; | 323 } ssl3CipherSuiteCfg; |
| 324 | 324 |
| 325 #ifdef NSS_ENABLE_ECC | 325 #ifdef NSS_ENABLE_ECC |
| 326 #define ssl_V3_SUITES_IMPLEMENTED 50 | 326 #define ssl_V3_SUITES_IMPLEMENTED 50 |
| 327 #else | 327 #else |
| 328 #define ssl_V3_SUITES_IMPLEMENTED 30 | 328 #define ssl_V3_SUITES_IMPLEMENTED 30 |
| 329 #endif /* NSS_ENABLE_ECC */ | 329 #endif /* NSS_ENABLE_ECC */ |
| 330 | 330 |
| 331 #define MAX_DTLS_SRTP_CIPHER_SUITES 4 |
| 332 |
| 331 typedef struct sslOptionsStr { | 333 typedef struct sslOptionsStr { |
| 332 /* If SSL_SetNextProtoNego has been called, then this contains the | 334 /* If SSL_SetNextProtoNego has been called, then this contains the |
| 333 * list of supported protocols. */ | 335 * list of supported protocols. */ |
| 334 SECItem nextProtoNego; | 336 SECItem nextProtoNego; |
| 335 | 337 |
| 336 unsigned int useSecurity : 1; /* 1 */ | 338 unsigned int useSecurity : 1; /* 1 */ |
| 337 unsigned int useSocks : 1; /* 2 */ | 339 unsigned int useSocks : 1; /* 2 */ |
| 338 unsigned int requestCertificate : 1; /* 3 */ | 340 unsigned int requestCertificate : 1; /* 3 */ |
| 339 unsigned int requireCertificate : 2; /* 4-5 */ | 341 unsigned int requireCertificate : 2; /* 4-5 */ |
| 340 unsigned int handshakeAsClient : 1; /* 6 */ | 342 unsigned int handshakeAsClient : 1; /* 6 */ |
| (...skipping 313 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 654 union { | 656 union { |
| 655 struct { | 657 struct { |
| 656 /* the V2 code depends upon the size of sessionID. */ | 658 /* the V2 code depends upon the size of sessionID. */ |
| 657 unsigned char sessionID[SSL2_SESSIONID_BYTES]; | 659 unsigned char sessionID[SSL2_SESSIONID_BYTES]; |
| 658 | 660 |
| 659 /* Stuff used to recreate key and read/write cipher objects */ | 661 /* Stuff used to recreate key and read/write cipher objects */ |
| 660 SECItem masterKey; /* never wrapped */ | 662 SECItem masterKey; /* never wrapped */ |
| 661 int cipherType; | 663 int cipherType; |
| 662 SECItem cipherArg; | 664 SECItem cipherArg; |
| 663 int keyBits; | 665 int keyBits; |
| 664 » int secretKeyBits; | 666 » » » » » » » » » »
» » » » » int secretKeyBits; |
| 665 } ssl2; | 667 } ssl2; |
| 666 struct { | 668 struct { |
| 667 /* values that are copied into the server's on-disk SID cache. */ | 669 /* values that are copied into the server's on-disk SID cache. */ |
| 668 uint8 sessionIDLength; | 670 uint8 sessionIDLength; |
| 669 SSL3Opaque sessionID[SSL3_SESSIONID_BYTES]; | 671 SSL3Opaque sessionID[SSL3_SESSIONID_BYTES]; |
| 670 | 672 |
| 671 ssl3CipherSuite cipherSuite; | 673 ssl3CipherSuite cipherSuite; |
| 672 SSLCompressionMethod compression; | 674 SSLCompressionMethod compression; |
| 673 int policy; | 675 int policy; |
| 674 ssl3SidKeys keys; | 676 ssl3SidKeys keys; |
| (...skipping 271 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 946 SSL3HandshakeState hs; | 948 SSL3HandshakeState hs; |
| 947 ssl3CipherSpec specs[2]; /* one is current, one is pending. */ | 949 ssl3CipherSpec specs[2]; /* one is current, one is pending. */ |
| 948 | 950 |
| 949 /* In a client: if the server supports Next Protocol Negotiation, then | 951 /* In a client: if the server supports Next Protocol Negotiation, then |
| 950 * this is the protocol that was negotiated. | 952 * this is the protocol that was negotiated. |
| 951 */ | 953 */ |
| 952 SECItem nextProto; | 954 SECItem nextProto; |
| 953 SSLNextProtoState nextProtoState; | 955 SSLNextProtoState nextProtoState; |
| 954 | 956 |
| 955 PRUint16 mtu; /* Our estimate of the MTU */ | 957 PRUint16 mtu; /* Our estimate of the MTU */ |
| 958 |
| 959 /* |
| 960 * DTLS-SRTP cipher suite preferences (if any) |
| 961 */ |
| 962 PRUint16 dtlsSRTPCiphers[MAX_DTLS_SRTP_CIPHER_SUITES]; |
| 963 PRUint16 dtlsSRTPCipherCt; |
| 964 PRUint16 dtlsSRTPCipherSuite; /* 0 if not selected */ |
| 956 }; | 965 }; |
| 957 | 966 |
| 958 #define DTLS_MAX_MTU 1500 /* Ethernet MTU but without subtracting the | 967 #define DTLS_MAX_MTU 1500 /* Ethernet MTU but without subtracting the |
| 959 * headers, so slightly larger than expected */ | 968 * headers, so slightly larger than expected */ |
| 960 #define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram) | 969 #define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram) |
| 961 | 970 |
| 962 typedef struct { | 971 typedef struct { |
| 963 SSL3ContentType type; | 972 SSL3ContentType type; |
| 964 SSL3ProtocolVersion version; | 973 SSL3ProtocolVersion version; |
| 965 SSL3SequenceNumber seq_num; /* DTLS only */ | 974 SSL3SequenceNumber seq_num; /* DTLS only */ |
| (...skipping 916 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1882 SECStatus SSL_DisableDefaultExportCipherSuites(void); | 1891 SECStatus SSL_DisableDefaultExportCipherSuites(void); |
| 1883 SECStatus SSL_DisableExportCipherSuites(PRFileDesc * fd); | 1892 SECStatus SSL_DisableExportCipherSuites(PRFileDesc * fd); |
| 1884 PRBool SSL_IsExportCipherSuite(PRUint16 cipherSuite); | 1893 PRBool SSL_IsExportCipherSuite(PRUint16 cipherSuite); |
| 1885 | 1894 |
| 1886 extern SECStatus | 1895 extern SECStatus |
| 1887 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, | 1896 ssl3_TLSPRFWithMasterSecret(ssl3CipherSpec *spec, |
| 1888 const char *label, unsigned int labelLen, | 1897 const char *label, unsigned int labelLen, |
| 1889 const unsigned char *val, unsigned int valLen, | 1898 const unsigned char *val, unsigned int valLen, |
| 1890 unsigned char *out, unsigned int outLen); | 1899 unsigned char *out, unsigned int outLen); |
| 1891 | 1900 |
| 1901 |
| 1892 #ifdef TRACE | 1902 #ifdef TRACE |
| 1893 #define SSL_TRACE(msg) ssl_Trace msg | 1903 #define SSL_TRACE(msg) ssl_Trace msg |
| 1894 #else | 1904 #else |
| 1895 #define SSL_TRACE(msg) | 1905 #define SSL_TRACE(msg) |
| 1896 #endif | 1906 #endif |
| 1897 | 1907 |
| 1898 void ssl_Trace(const char *format, ...); | 1908 void ssl_Trace(const char *format, ...); |
| 1899 | 1909 |
| 1900 SEC_END_PROTOS | 1910 SEC_END_PROTOS |
| 1901 | 1911 |
| 1902 #if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS) | 1912 #if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS) |
| 1903 #define SSL_GETPID getpid | 1913 #define SSL_GETPID getpid |
| 1904 #elif defined(_WIN32_WCE) | 1914 #elif defined(_WIN32_WCE) |
| 1905 #define SSL_GETPID GetCurrentProcessId | 1915 #define SSL_GETPID GetCurrentProcessId |
| 1906 #elif defined(WIN32) | 1916 #elif defined(WIN32) |
| 1907 extern int __cdecl _getpid(void); | 1917 extern int __cdecl _getpid(void); |
| 1908 #define SSL_GETPID _getpid | 1918 #define SSL_GETPID _getpid |
| 1909 #else | 1919 #else |
| 1910 #define SSL_GETPID() 0 | 1920 #define SSL_GETPID() 0 |
| 1911 #endif | 1921 #endif |
| 1912 | 1922 |
| 1913 #endif /* __sslimpl_h_ */ | 1923 #endif /* __sslimpl_h_ */ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9982019:
Implement RFC 5764 (DTLS-SRTP). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/