1  /*
  2   * Copyright (c) 1999-2001,2005-2007,2010-2013 Apple Inc. All Rights Reserved.
  3   *
  4   * @APPLE_LICENSE_HEADER_START@
  5   *
  6   * This file contains Original Code and/or Modifications of Original Code
  7   * as defined in and that are subject to the Apple Public Source License
  8   * Version 2.0 (the 'License'). You may not use this file except in
  9   * compliance with the License. Please obtain a copy of the License at
 10   * http://www.opensource.apple.com/apsl/ and read it before using this
 11   * file.
 12   *
 13   * The Original Code and all software distributed under the License are
 14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 18   * Please see the License for the specific language governing rights and
 19   * limitations under the License.
 20   *
 21   * @APPLE_LICENSE_HEADER_END@
 22   */
 23  
 24  /*
 25   * tls_ciphersuites.h
 26   */
 27  
 28  #ifndef	_TLS_CIPHERSUITES_H_
 29  #define _TLS_CIPHERSUITES_H_
 30  
 31  #include <stdint.h>
 32  #include "tls_types.h"
 33  
 34  #ifdef __cplusplus
 35  extern "C" {
 36  #endif
 37  
 38  /* Cipher Algorithm */
 39  typedef enum {
 40      SSL_CipherAlgorithmNull,
 41      SSL_CipherAlgorithmRC2_128,
 42      SSL_CipherAlgorithmRC4_128,
 43      SSL_CipherAlgorithmDES_CBC,
 44      SSL_CipherAlgorithm3DES_CBC,
 45      SSL_CipherAlgorithmAES_128_CBC,
 46      SSL_CipherAlgorithmAES_256_CBC,
 47      SSL_CipherAlgorithmAES_128_GCM,
 48      SSL_CipherAlgorithmAES_256_GCM,
 49      SSL_CipherAlgorithmChaCha20_Poly1305,
 50  } SSL_CipherAlgorithm;
 51  
 52  /* The HMAC algorithms we support */
 53  typedef enum {
 54      HA_Null = 0,		// i.e., uninitialized
 55      HA_MD5,
 56      HA_SHA1,
 57      HA_SHA256,
 58      HA_SHA384,
 59  } HMAC_Algs;
 60  
 61  typedef enum
 62  {
 63      SSL_NULL_auth,
 64      SSL_RSA,
 65      SSL_RSA_EXPORT,
 66      SSL_DH_DSS,
 67      SSL_DH_DSS_EXPORT,
 68      SSL_DH_RSA,
 69      SSL_DH_RSA_EXPORT,
 70      SSL_DHE_DSS,
 71      SSL_DHE_DSS_EXPORT,
 72      SSL_DHE_RSA,
 73      SSL_DHE_RSA_EXPORT,
 74      SSL_DH_anon,
 75      SSL_DH_anon_EXPORT,
 76      SSL_Fortezza,
 77  
 78      /* ECDSA addenda, RFC 4492 */
 79      SSL_ECDH_ECDSA,
 80      SSL_ECDHE_ECDSA,
 81      SSL_ECDH_RSA,
 82      SSL_ECDHE_RSA,
 83      SSL_ECDH_anon,
 84  
 85      /* PSK, RFC 4279 */
 86      TLS_PSK,
 87      TLS_DHE_PSK,
 88      TLS_RSA_PSK,
 89  } KeyExchangeMethod;
 90  
 91  
 92  HMAC_Algs sslCipherSuiteGetMacAlgorithm(uint16_t cipherSuite);
 93  SSL_CipherAlgorithm sslCipherSuiteGetSymmetricCipherAlgorithm(uint16_t cipherSuite);
 94  KeyExchangeMethod sslCipherSuiteGetKeyExchangeMethod(uint16_t cipherSuite);
 95  tls_protocol_version sslCipherSuiteGetMinSupportedTLSVersion(uint16_t cipherSuite);
 96  
 97  uint8_t sslCipherSuiteGetMacSize(uint16_t cipherSuite);
 98  uint8_t sslCipherSuiteGetSymmetricCipherKeySize(uint16_t cipherSuite);
 99  uint8_t sslCipherSuiteGetSymmetricCipherBlockIvSize(uint16_t cipherSuite);
100  size_t  sslCipherSuiteGetKeydataSize(uint16_t cipherSuite);
101  
102  /*
103   * Determine if an SSLCipherSuite is SSLv2 only.
104   */
105  #define CIPHER_SUITE_IS_SSLv2(suite)	((suite & 0xff00) == 0xff00)
106  
107  #ifdef __cplusplus
108  }
109  #endif
110  
111  #endif	/* _TLS_CIPHERSUITES_H_ */