1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164
|
%%
%% %CopyrightBegin%
%%
%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
%%
%% %CopyrightEnd%
%%
%%
%%----------------------------------------------------------------------
%% Purpose: Record and constant defenitions for the SSL-record protocol
% see RFC 2246
%%----------------------------------------------------------------------
-ifndef(ssl_record).
-define(ssl_record, true).
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%% Connection states - RFC 4346 section 6.1
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-record(connection_state, {
security_parameters,
compression_state,
cipher_state,
mac_secret,
epoch, %% Only used by DTLS
sequence_number,
%% RFC 5746
secure_renegotiation,
client_verify_data,
server_verify_data
}).
-record(connection_states, {
current_read,
pending_read,
current_write,
pending_write
}).
-record(security_parameters, {
cipher_suite,
connection_end,
bulk_cipher_algorithm,
cipher_type,
iv_size,
key_size, % unit 8
key_material_length, % unit 8
expanded_key_material_length, % unit 8
mac_algorithm, % unit 8
prf_algorithm, % unit 8
hash_size, % unit 8
compression_algorithm, % unit 8
master_secret, % opaque 48
client_random, % opaque 32
server_random, % opaque 32
exportable % boolean
}).
-define(INITIAL_BYTES, 5).
-define(MAX_SEQENCE_NUMBER, 18446744073709551615). %% (1 bsl 64) - 1 = 18446744073709551615
%% Sequence numbers can not wrap so when max is about to be reached we should renegotiate.
%% We will renegotiate a little before so that there will be sequence numbers left
%% for the rehandshake and a little data. Currently we decided to renegotiate a little more
%% often as we can have a cheaper test to check if it is time to renegotiate. It will still
%% be fairly seldom.
-define(DEFAULT_RENEGOTIATE_AT, 268435456). %% math:pow(2, 28)
%% ConnectionEnd
-define(SERVER, 0).
-define(CLIENT, 1).
%% BulkCipherAlgorithm
%-define(NULL, 0). %% Already defined by ssl_internal.hrl
-define(RC4, 1).
-define(RC2, 2).
-define(DES, 3).
-define('3DES', 4).
-define(DES40, 5).
-define(IDEA, 6).
-define(AES, 7).
%% CipherType
-define(STREAM, 0).
-define(BLOCK, 1).
%% IsExportable
%-define(TRUE, 0). %% Already defined by ssl_internal.hrl
%-define(FALSE, 1). %% Already defined by ssl_internal.hrl
%% MAC and PRF Algorithms
%-define(NULL, 0). %% Already defined by ssl_internal.hrl
-define(MD5, 1).
-define(SHA, 2).
-define(MD5SHA, 4711). %% Not defined in protocol used to represent old prf
-define(SHA224, 3).
-define(SHA256, 4).
-define(SHA384, 5).
-define(SHA512, 6).
%% CompressionMethod
% -define(NULL, 0). %% Already defined by ssl_internal.hrl
-record(compression_state, {
method,
state
}).
%% See also cipher.hrl for #cipher_state{}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%% Record layer - RFC 2246 section 6.2
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%enum {
%% change_cipher_spec(20), alert(21), handshake(22),
%% application_data(23), (255)
%% } ContentType;
-define(CHANGE_CIPHER_SPEC, 20).
-define(ALERT, 21).
-define(HANDSHAKE, 22).
-define(APPLICATION_DATA, 23).
-define(MAX_PLAIN_TEXT_LENGTH, 16384).
-define(MAX_COMPRESSED_LENGTH, (?MAX_PLAIN_TEXT_LENGTH+1024)).
-define(MAX_CIPHER_TEXT_LENGTH, (?MAX_PLAIN_TEXT_LENGTH+2048)).
%% -record(protocol_version, {
%% major, % unit 8
%% minor % unit 8
%% }).
-define(LOWEST_MAJOR_SUPPORTED_VERSION, 3).
-define(LOWEST_MINOR_SUPPORTED_VERSION, 1).
-record(generic_stream_cipher, {
content, % opaque content[TLSCompressed.length];
mac % opaque MAC[CipherSpec.hash_size];
}).
-record(generic_block_cipher, {
iv, % opaque IV[CipherSpec.block_length];
content, % opaque content[TLSCompressed.length];
mac, % opaque MAC[CipherSpec.hash_size];
padding, % unit 8 padding[GenericBlockCipher.padding_length];
padding_length, % uint8 padding_length;
next_iv % opaque IV[SecurityParameters.record_iv_length];
}).
-endif. % -ifdef(ssl_record).
|