mcs/class/System/Mono.AppleTls/SecureTransport.cs

   1 #if MONO_FEATURE_APPLETLS
   2 // Copyright 2014 Xamarin Inc. All rights reserved.
   3
   4 namespace Mono.AppleTls {
   5
   6         // Security.framework/Headers/SecureTransport.h
   7         // untyped enum
   8         enum SslProtocol {
   9                 Unknown = 0,
  10                 // Ssl_3_0 = 2,
  11                 Tls_1_0 = 4,
  12                 Tls_1_1 = 7,
  13                 Tls_1_2 = 8,
  14                 // Dtls_1_0 = 9,
  15
  16                 /* Obsolete on iOS */
  17                 // Ssl_2_0 = 1,
  18                 // Ssl_3_0_only = 3,
  19                 // Tls_1_0_only = 5,
  20                 // All = 6,
  21         }
  22
  23         // subset of OSStatus (int)
  24         enum SslStatus {
  25                 Success                                 = 0,            // errSecSuccess in SecBase.h
  26                 Protocol                                = -9800,
  27                 Negotiation                             = -9801,
  28                 FatalAlert                              = -9802,
  29                 WouldBlock                              = -9803,
  30                 SessionNotFound                         = -9804,
  31                 ClosedGraceful                          = -9805,
  32                 ClosedAbort                             = -9806,
  33                 XCertChainInvalid                       = -9807,
  34                 BadCert                                 = -9808,
  35                 Crypto                                  = -9809,
  36                 Internal                                = -9810,
  37                 ModuleAttach                            = -9811,
  38                 UnknownRootCert                         = -9812,
  39                 NoRootCert                              = -9813,
  40                 CertExpired                             = -9814,
  41                 CertNotYetValid                         = -9815,
  42                 ClosedNotNotified                       = -9816,
  43                 BufferOverflow                          = -9817,
  44                 BadCipherSuite                          = -9818,
  45                 PeerUnexpectedMsg                       = -9819,
  46                 PeerBadRecordMac                        = -9820,
  47                 PeerDecryptionFail                      = -9821,
  48                 PeerRecordOverflow                      = -9822,
  49                 PeerDecompressFail                      = -9823,
  50                 PeerHandshakeFail                       = -9824,
  51                 PeerBadCert                             = -9825,
  52                 PeerUnsupportedCert                     = -9826,
  53                 PeerCertRevoked                         = -9827,
  54                 PeerCertExpired                         = -9828,
  55                 PeerCertUnknown                         = -9829,
  56                 IllegalParam                            = -9830,
  57                 PeerUnknownCA                           = -9831,
  58                 PeerAccessDenied                        = -9832,
  59                 PeerDecodeError                         = -9833,
  60                 PeerDecryptError                        = -9834,
  61                 PeerExportRestriction                   = -9835,
  62                 PeerProtocolVersion                     = -9836,
  63                 PeerInsufficientSecurity                = -9837,
  64                 PeerInternalError                       = -9838,
  65                 PeerUserCancelled                       = -9839,
  66                 PeerNoRenegotiation                     = -9840,
  67                 PeerAuthCompleted                       = -9841, // non fatal
  68                 PeerClientCertRequested                 = -9842, // non fatal
  69                 HostNameMismatch                        = -9843,
  70                 ConnectionRefused                       = -9844,
  71                 DecryptionFail                          = -9845,
  72                 BadRecordMac                            = -9846,
  73                 RecordOverflow                          = -9847,
  74                 BadConfiguration                        = -9848,
  75                 UnexpectedRecord                        = -9849,
  76                 SSLWeakPeerEphemeralDHKey               = -9850,
  77                 SSLClientHelloReceived                  = -9851 // non falta
  78         }
  79
  80         // Security.framework/Headers/SecureTransport.h
  81         // untyped enum
  82         enum SslSessionOption {
  83                 BreakOnServerAuth,
  84                 BreakOnCertRequested,
  85                 BreakOnClientAuth,
  86
  87                 // FalseStart,
  88
  89                 // SendOneByteRecord,
  90
  91                 // AllowServerIdentityChange = 5,
  92
  93                 // Fallback = 6,
  94
  95                 // BreakOnClientHello = 7,
  96
  97                 // AllowRenegotiation = 8,
  98         }
  99
 100         // Security.framework/Headers/SecureTransport.h
 101         // untyped enum
 102         enum SslAuthenticate {
 103                 // Never,
 104                 // Always,
 105                 Try = 2,
 106         }
 107
 108         // Security.framework/Headers/SecureTransport.h
 109         // untyped enum
 110         enum SslProtocolSide {
 111                 Server,
 112                 Client,
 113         }
 114
 115         // Security.framework/Headers/SecureTransport.h
 116         // untyped enum
 117         enum SslConnectionType {
 118                 Stream,
 119                 // Datagram
 120         }
 121
 122         // Security.framework/Headers/SecureTransport.h
 123         // untyped enum
 124         enum SslSessionState {
 125                 Invalid = -1,
 126                 // Idle,
 127                 // Handshake,
 128                 // Connected,
 129                 // Closed,
 130                 // Aborted
 131         }
 132
 133         // Security.framework/Headers/SecureTransport.h
 134         // untyped enum
 135         enum SslClientCertificateState {
 136                 None,
 137                 Requested,
 138                 Sent,
 139                 Rejected
 140         }
 141
 142         // Security.framework/Headers/CipherSuite.h
 143         // 32 bits (uint32_t) on OSX, 16 bits (uint16_t) on iOS
 144 #if XAMMAC || XAMMAC_4_5
 145         enum SslCipherSuite : uint {
 146 #else
 147         enum SslCipherSuite : ushort {
 148 #endif
 149                 // DO NOT RENAME VALUES - they don't look good but we need them to keep compatibility with our System.dll code
 150                 // it's how it's defined across most SSL/TLS implementation (from RFC)
 151
 152                 SSL_NULL_WITH_NULL_NULL                                         = 0x0000,       // value used before (not after) negotiation
 153                 TLS_NULL_WITH_NULL_NULL                                         = 0x0000,
 154
 155                 // Not the whole list (too much unneeed metadata) but only what's supported
 156                 // FIXME needs to be expended with OSX 10.9
 157
 158                 SSL_RSA_WITH_NULL_MD5                                           = 0x0001,
 159                 SSL_RSA_WITH_NULL_SHA                                           = 0x0002,
 160                 SSL_RSA_EXPORT_WITH_RC4_40_MD5                          = 0x0003,       // iOS 5.1 only
 161                 SSL_RSA_WITH_RC4_128_MD5                                        = 0x0004,
 162                 SSL_RSA_WITH_RC4_128_SHA                                        = 0x0005,
 163                 SSL_RSA_WITH_3DES_EDE_CBC_SHA                           = 0x000A,
 164                 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA                       = 0x0016,
 165                 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5                      = 0x0017,       // iOS 5.1 only
 166                 SSL_DH_anon_WITH_RC4_128_MD5                            = 0x0018,
 167                 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA                       = 0x001B,
 168
 169                 // TLS - identical values to SSL (above)
 170
 171                 TLS_RSA_WITH_NULL_MD5                                           = 0x0001,
 172                 TLS_RSA_WITH_NULL_SHA                                           = 0x0002,
 173                 TLS_RSA_WITH_RC4_128_MD5                                        = 0x0004,
 174                 TLS_RSA_WITH_RC4_128_SHA                                        = 0x0005,
 175                 TLS_RSA_WITH_3DES_EDE_CBC_SHA                           = 0x000A,
 176                 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA                       = 0x0016,
 177                 TLS_DH_anon_WITH_RC4_128_MD5                            = 0x0018,
 178                 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA                       = 0x001B,
 179
 180                 // TLS specific
 181
 182                 TLS_PSK_WITH_NULL_SHA                                           = 0x002C,
 183                 TLS_RSA_WITH_AES_128_CBC_SHA                            = 0x002F,
 184                 TLS_DHE_RSA_WITH_AES_128_CBC_SHA                        = 0x0033,
 185                 TLS_DH_anon_WITH_AES_128_CBC_SHA                        = 0x0034,
 186                 TLS_RSA_WITH_AES_256_CBC_SHA                            = 0x0035,
 187                 TLS_DHE_RSA_WITH_AES_256_CBC_SHA                        = 0x0039,
 188                 TLS_DH_anon_WITH_AES_256_CBC_SHA                        = 0x003A,
 189                 TLS_RSA_WITH_NULL_SHA256                                        = 0x003B,
 190                 TLS_RSA_WITH_AES_128_CBC_SHA256                         = 0x003C,
 191                 TLS_RSA_WITH_AES_256_CBC_SHA256                         = 0x003D,
 192                 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256                     = 0x0067,
 193                 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256                     = 0x006B,
 194                 TLS_DH_anon_WITH_AES_128_CBC_SHA256                     = 0x006C,
 195                 TLS_DH_anon_WITH_AES_256_CBC_SHA256                     = 0x006D,
 196                 TLS_PSK_WITH_RC4_128_SHA                                        = 0x008A,
 197                 TLS_PSK_WITH_3DES_EDE_CBC_SHA                           = 0x008B,
 198                 TLS_PSK_WITH_AES_128_CBC_SHA                            = 0x008C,
 199                 TLS_PSK_WITH_AES_256_CBC_SHA                            = 0x008D,
 200
 201                 TLS_RSA_WITH_AES_128_GCM_SHA256                         = 0x009C,       // iOS 9+
 202                 TLS_RSA_WITH_AES_256_GCM_SHA384                         = 0x009D,       // iOS 9+
 203                 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256                     = 0x009E,       // iOS 9+
 204                 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384                     = 0x009F,       // iOS 9+
 205
 206                 TLS_DH_anon_WITH_AES_128_GCM_SHA256                     = 0x00A6,       // iOS 5.1 only
 207                 TLS_DH_anon_WITH_AES_256_GCM_SHA384                     = 0x00A7,       // iOS 5.1 only
 208                 TLS_PSK_WITH_AES_128_CBC_SHA256                         = 0x00AE,
 209                 TLS_PSK_WITH_AES_256_CBC_SHA384                         = 0x00AF,
 210                 TLS_PSK_WITH_NULL_SHA256                                        = 0x00B0,
 211                 TLS_PSK_WITH_NULL_SHA384                                        = 0x00B1,
 212                 TLS_ECDH_ECDSA_WITH_NULL_SHA                            = 0xC001,
 213                 TLS_ECDH_ECDSA_WITH_RC4_128_SHA                         = 0xC002,
 214                 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA            = 0xC003,
 215                 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA                     = 0xC004,
 216                 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA                     = 0xC005,
 217                 TLS_ECDHE_ECDSA_WITH_NULL_SHA                           = 0xC006,
 218                 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA                        = 0xC007,
 219                 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA           = 0xC008,
 220                 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA            = 0xC009,
 221                 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA            = 0xC00A,
 222                 TLS_ECDH_RSA_WITH_NULL_SHA                                      = 0xC00B,
 223                 TLS_ECDH_RSA_WITH_RC4_128_SHA                           = 0xC00C,
 224                 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA                      = 0xC00D,
 225                 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA                       = 0xC00E,
 226                 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA                       = 0xC00F,
 227                 TLS_ECDHE_RSA_WITH_NULL_SHA                                     = 0xC010,
 228                 TLS_ECDHE_RSA_WITH_RC4_128_SHA                          = 0xC011,
 229                 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA                     = 0xC012,
 230                 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                      = 0xC013,
 231                 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                      = 0xC014,
 232                 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256         = 0xC023,
 233                 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384         = 0xC024,
 234                 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256          = 0xC025,
 235                 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384          = 0xC026,
 236                 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256           = 0xC027,
 237                 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384           = 0xC028,
 238                 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256            = 0xC029,
 239                 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384            = 0xC02A,
 240
 241                 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256         = 0xC02B,       // iOS 9+
 242                 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384         = 0xC02C,       // iOS 9+
 243                 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256          = 0xC02D,       // iOS 9+
 244                 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384          = 0xC02E,       // iOS 9+
 245                 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256           = 0xC02F,       // iOS 9+
 246                 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384           = 0xC030,       // iOS 9+
 247                 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256            = 0xC031,       // iOS 9+
 248                 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384            = 0xC032,       // iOS 9+
 249         }
 250 }
 251 #endif