Changeset 2950 for pjproject/trunk/pjlib/include/pj/ssl_sock.h
- Timestamp:
- Oct 16, 2009 3:06:13 AM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib/include/pj/ssl_sock.h
r2913 r2950 46 46 */ 47 47 48 /** 49 * Opaque declaration of certificate or endpoint credentials. This may contains 50 * certificate, private key, and trusted Certificate Authorities lists. 48 49 /** 50 * This opaque structure describes the secure socket. 51 */ 52 typedef struct pj_ssl_sock_t pj_ssl_sock_t; 53 54 55 /** 56 * Opaque declaration of endpoint certificate or credentials. This may contains 57 * certificate, private key, and trusted Certificate Authorities list. 51 58 */ 52 59 typedef struct pj_ssl_cert_t pj_ssl_cert_t; 53 60 54 /** 55 * This opaque structure describes the secure socket. 56 */ 57 typedef struct pj_ssl_sock_t pj_ssl_sock_t; 61 62 /** 63 * Create credential from files. 64 * 65 * @param CA_file The file of trusted CA list. 66 * @param cert_file The file of certificate. 67 * @param privkey_file The file of private key. 68 * @param privkey_pass The password of private key, if any. 69 * 70 * @return PJ_SUCCESS when successful. 71 */ 72 PJ_DECL(pj_status_t) pj_ssl_cert_load_from_files(pj_pool_t *pool, 73 const pj_str_t *CA_file, 74 const pj_str_t *cert_file, 75 const pj_str_t *privkey_file, 76 const pj_str_t *privkey_pass, 77 pj_ssl_cert_t **p_cert); 78 79 80 /** 81 * Cipher suites enumeration. 82 */ 83 typedef enum pj_ssl_cipher { 84 85 /* NULL */ 86 TLS_NULL_WITH_NULL_NULL = 0x00000000, 87 88 /* TLS/SSLv3 */ 89 TLS_RSA_WITH_NULL_MD5 = 0x00000001, 90 TLS_RSA_WITH_NULL_SHA = 0x00000002, 91 TLS_RSA_WITH_NULL_SHA256 = 0x0000003B, 92 TLS_RSA_WITH_RC4_128_MD5 = 0x00000004, 93 TLS_RSA_WITH_RC4_128_SHA = 0x00000005, 94 TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A, 95 TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F, 96 TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035, 97 TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C, 98 TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D, 99 TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D, 100 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010, 101 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013, 102 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016, 103 TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030, 104 TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031, 105 TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032, 106 TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033, 107 TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036, 108 TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037, 109 TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038, 110 TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039, 111 TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E, 112 TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F, 113 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040, 114 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067, 115 TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068, 116 TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069, 117 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A, 118 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B, 119 TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018, 120 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B, 121 TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034, 122 TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A, 123 TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C, 124 TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D, 125 126 /* TLS (deprecated) */ 127 TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003, 128 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006, 129 TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007, 130 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008, 131 TLS_RSA_WITH_DES_CBC_SHA = 0x00000009, 132 TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B, 133 TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C, 134 TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E, 135 TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F, 136 TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011, 137 TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012, 138 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014, 139 TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015, 140 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017, 141 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019, 142 TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A, 143 144 /* SSLv3 */ 145 SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C, 146 SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA= 0x0000001D, 147 SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E, 148 149 /* SSLv2 */ 150 SSL_CK_RC4_128_WITH_MD5 = 0x00010080, 151 SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080, 152 SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080, 153 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080, 154 SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080, 155 SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040, 156 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0 157 158 } pj_ssl_cipher; 159 160 161 /** 162 * Get cipher list supported by SSL/TLS backend. 163 * 164 * @param ciphers The ciphers buffer to receive cipher list. 165 * @param cipher_num Maximum number of ciphers to be received. 166 * 167 * @return PJ_SUCCESS when successful. 168 */ 169 PJ_DECL(pj_status_t) pj_ssl_cipher_get_availables(pj_ssl_cipher ciphers[], 170 unsigned *cipher_num); 171 172 173 /** 174 * Get cipher name string. 175 * 176 * @param cipher The cipher. 177 * 178 * @return The cipher name or NULL if cipher is not recognized. 179 */ 180 PJ_DECL(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher); 181 58 182 59 183 /** … … 181 305 PJ_SSL_SOCK_PROTO_DEFAULT, /**< Default protocol of backend. */ 182 306 PJ_SSL_SOCK_PROTO_TLS1, /**< TLSv1.0 protocol. */ 183 PJ_SSL_SOCK_PROTO_SSL2, /**< SSLv2.0 protocol. */184 307 PJ_SSL_SOCK_PROTO_SSL3, /**< SSLv3.0 protocol. */ 185 308 PJ_SSL_SOCK_PROTO_SSL23, /**< SSLv3.0 but can roll back to 186 309 SSLv2.0. */ 310 PJ_SSL_SOCK_PROTO_SSL2, /**< SSLv2.0 protocol. */ 187 311 PJ_SSL_SOCK_PROTO_DTLS1 /**< DTLSv1.0 protocol. */ 188 312 } pj_ssl_sock_proto; … … 204 328 pj_ssl_sock_proto proto; 205 329 /** 206 * Describes cipher suite being used, this can be known only when207 * connectionis established.208 */ 209 pj_s tr_tcipher;330 * Describes cipher suite being used, this will only be set when connection 331 * is established. 332 */ 333 pj_ssl_cipher cipher; 210 334 /** 211 335 * Describes local address. … … 218 342 219 343 } pj_ssl_sock_info; 344 220 345 221 346 /** … … 317 442 318 443 /** 319 * Cipher list string. If empty, then default cipher list of the backend 444 * Specify buffer size for receiving encrypted (and perhaps compressed) 445 * data on underlying socket. This setting is unused on Symbian, since 446 * SSL/TLS Symbian backend, CSecureSocket, can use application buffer 447 * directly. 448 * 449 * Default value is 1500. 450 */ 451 pj_size_t read_buffer_size; 452 453 /** 454 * Number of ciphers contained in the specified cipher preference. 455 * If this is set to zero, then default cipher list of the backend 320 456 * will be used. 321 457 */ 322 pj_str_t ciphers; 458 unsigned ciphers_num; 459 460 /** 461 * Ciphers and order preference. If empty, then default cipher list and 462 * its default order of the backend will be used. 463 */ 464 pj_ssl_cipher *ciphers; 323 465 324 466 /**
Note: See TracChangeset
for help on using the changeset viewer.