Re: Proposal: new function to get SSL connection security info

[Nelson B. Bolyard]

In light of recent suggestions, I have made a couple of new proposals for
this API.  Both are now recorded in
http://bugzilla.mozilla.org/show_bug.cgi?id=78959

Here's a quick synopsis:

Proposal 2:

typedef struct SSLChannelInfoStr {
        PRUint32             length;
        PRUint16             protocolVersion;     
        PRUint16             cipherSuite; 
        SSL3SignType         authAlgorithm;
        PRUint32             authKeyBits;
        SSLKEAType           keaType;
        PRUint32             keaKeyBits;
        SSL3CipherAlgorithm  bulkCipher;
        PRUint16             symKeyBits;
        PRUint16             symKeySpace;
        PRUint16             effectiveKeyBits;
        SSL3MACAlgorithm     macAlgorithm;
        PRUint16             macBits;
        PRUint8              reserved[64];
} SSLChannelInfo;

Notes:

- The structure has space reserved for future expansion.  Future versions
  of the structure will replace some of the reserved elements, but the 
  overall length will remain unchanged.  The length field at the beginning 
  indicates how much of the structure has been filled in by the present 
  version of NSS (not counting the unused reserved portion).

- protocolVersion is the SSL protocol version.  Zero means SSL was not used.
  See SSL_LIBRARY_VERSION macros in sslproto.h for defined versions.

- symKeyBits is the number of bits in the derived key for the symmetric 
  bulk encryption cipher. 

- symKeySpace is the logarithm (base 2) of the number of unique keys that
  can be derived for the symmetric cipher given the known values for the
  client and server "random" variables, and (for SSL2 only) the known bits
  for the master secret.  This number is not greater than symKeyBits.

- effectiveKeyBits is the logarithm (base 2) of the number of keys that
  must be tried (worst case) to find the symmetric cipher key, given the
  best available cryptanalysis of the cipher. This number is not greater
  than symKeySpace.

Proposal 3:

This alternative proposal uses short arrays of char rather than integer 
values for the names of the algorithms.  This proposal asserts that
the names of the algorithms (e.g. "RSA", "DSA", "DES", "MD5", etc.) 
do not need localization.

typedef struct SSLChannelInfoStr {
        PRUint32             length;
        PRUint16             protocolVersion;     
        PRUint16             cipherSuite; 
        PRUint32             authKeyBits;
        PRUint32             keaKeyBits;
        PRUint16             symKeyBits;
        PRUint16             symKeySpace;
        PRUint16             effectiveKeyBits;
        PRUint16             macBits;
        char                 authAlgorithm[32];
        char                 keaType      [32];
        char                 bulkCipher   [32];
        char                 macAlgorithm [32];
        PRUint8              reserved     [64];
} SSLChannelInfo;


Comments on these proposals are invited.


--
Nelson Bolyard               Sun / Netscape Alliance
Disclaimer:                  I speak for myself, not for Netscape