Rename the Elliptic Curves extension to supported_groups

[openssl.git] / include / openssl / tls1.h
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h

index 11ad8e51e57226b94edda3779e9d4dae85ed70ab..1fd578893688d6faee6c8eb8f24e3dfc39502dbd 100644 (file)
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -65,7 +65,12 @@ extern "C" {
  # define TLS1_VERSION                    0x0301
  # define TLS1_1_VERSION                  0x0302
  # define TLS1_2_VERSION                  0x0303
-# define TLS_MAX_VERSION                 TLS1_2_VERSION
+# define TLS1_3_VERSION                  0x0304
+# define TLS_MAX_VERSION                 TLS1_3_VERSION
+
+/* TODO(TLS1.3) REMOVE ME: Version indicator for draft -18 */
+# define TLS1_3_VERSION_DRAFT            0x7f12
+# define TLS1_3_VERSION_DRAFT_TXT        "TLS 1.3 (draft 18)"
  
  /* Special value for method supporting multiple versions */
  # define TLS_ANY_VERSION                 0x10000
@@ -123,9 +128,15 @@ extern "C" {
  # define TLSEXT_TYPE_cert_type           9
  
  /* ExtensionType values from RFC4492 */
-# define TLSEXT_TYPE_elliptic_curves             10
+/*
+ * Prior to TLSv1.3 the supported_groups extension was known as
+ * elliptic_curves
+ */
+# define TLSEXT_TYPE_supported_groups            10
+# define TLSEXT_TYPE_elliptic_curves             TLSEXT_TYPE_supported_groups
  # define TLSEXT_TYPE_ec_point_formats            11
  
+
  /* ExtensionType value from RFC5054 */
  # define TLSEXT_TYPE_srp                         12
  
@@ -162,6 +173,9 @@ extern "C" {
  /* ExtensionType value from RFC4507 */
  # define TLSEXT_TYPE_session_ticket              35
  
+/* As defined for TLS1.3 */
+# define TLSEXT_TYPE_supported_versions          43
+
  /* Temporary extension type */
  # define TLSEXT_TYPE_renegotiate                 0xff01
  
@@ -292,9 +306,13 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
  # define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
          SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
  
+# define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb)
  # define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
  SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
  
+# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg
  # define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
  SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
  
@@ -595,6 +613,9 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
  # define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305           0x0300CCAD
  # define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305           0x0300CCAE
  
+/* TLS v1.3 ciphersuites */
+# define TLS1_3_CK_AES_128_GCM_SHA256                     0x03001301
+
  /*
   * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
   * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
@@ -864,6 +885,13 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
  # define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305           "DHE-PSK-CHACHA20-POLY1305"
  # define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305           "RSA-PSK-CHACHA20-POLY1305"
  
+/* TLSv1.3 ciphersuites */
+/*
+ * TODO(TLS1.3): Review the naming scheme for TLSv1.3 ciphers and also the
+ * cipherstring selection process for these ciphers
+ */
+# define TLS1_3_TXT_AES_128_GCM_SHA256                     "TLS13-AES-128-GCM-SHA256"
+
  # define TLS_CT_RSA_SIGN                 1
  # define TLS_CT_DSS_SIGN                 2
  # define TLS_CT_RSA_FIXED_DH             3