119 * |
42 * |
120 * (Ciphersuite TLS_NULL_WITH_NULL_NULL is never supported). |
43 * (Ciphersuite TLS_NULL_WITH_NULL_NULL is never supported). |
121 * |
44 * |
122 * An argument of 0 disables the ciphersuites and non-zero enables them. |
45 * An argument of 0 disables the ciphersuites and non-zero enables them. |
123 */ |
46 */ |
124 const TUint KSoEnableNullCiphers = 0x408; ///< Enable/disable NULL ciphers |
47 const TUint KSoEnableNullCiphers = 0x408; //< Enable/disable NULL ciphers |
125 |
48 |
126 /** |
49 /** |
127 * @publishedAll |
50 * @publishedAll |
128 * @released |
51 * @released |
129 * |
52 * |
130 * Set the PSK Key Exchange configuration. Argument is a TPckgBuf<MSoPskKeyHandler *>. |
53 * Set the PSK Key Exchange configuration. Argument is a TPckgBuf<MSoPskKeyHandler *>. |
131 * The structure and buffers will be copied. |
54 * The structure and buffers will be copied. |
132 * |
55 * |
133 * @see MSoPskKeyHandler |
56 * @see MSoPskKeyHandler |
134 */ |
57 */ |
135 const TUint KSoPskConfig = 0x409; ///< Set PSK key exchange configuration |
58 const TUint KSoPskConfig = 0x409; //< Set PSK key exchange configuration |
136 |
|
137 /** |
|
138 * Interface to the client code which decides which PSK identity and value should be used to secure the connection. |
|
139 */ |
|
140 class MSoPskKeyHandler |
|
141 { |
|
142 public: |
|
143 /** |
|
144 Called during the TLS PSK handshake to get the PSK identity and value to be used to secure the connection. |
|
145 |
|
146 @param aPskIdentityHint A ptr to an HBufC8 containing the "PSK identity hint", or NULL if the server did not send one. |
|
147 @param aPskIdentity NULL passed in, must be set to an HBufC8 containing the PSK Identity to be used. |
|
148 @param aPskKey NULL passed in, must be set to an HBufC8 containing the PSK key value to be used. |
|
149 |
|
150 Note: The caller takes ownership of the aPskIdentity and aPskKey buffers. |
|
151 Note: The meaning of the PSK identity hint is NOT defined by the TLS standard, therefore any application |
|
152 using PSK must previously agree the source of the PSK to be used and the interpretion of the (optional) PSK identity |
|
153 hint. |
|
154 */ |
|
155 virtual void GetPskL(const HBufC8 * aPskIdentityHint, HBufC8 *& aPskIdentity, HBufC8 *& aPskKey) = 0; |
|
156 }; |
|
157 |
59 |
158 /** |
60 /** |
159 * @publishedAll |
61 * @publishedAll |
160 * @released |
62 * @released |
161 * |
63 * |
162 * Set the list of server names to be passed to the server in the ClientHello as described in RFC3546 "Server Name Indication". |
64 * Set the list of server names to be passed to the server in the ClientHello as described in RFC3546 "Server Name Indication". |
163 * The argument should be a TPckgBuf<CDesC8Array *>. |
65 * The argument should be a TPckgBuf<CDesC8Array *>. |
164 */ |
66 */ |
165 const TUint KSoServerNameIndication = 0x40a; ///< Set Server Name Indication |
67 const TUint KSoServerNameIndication = 0x40a; //< Set Server Name Indication |
166 |
|
167 /** |
|
168 * |
|
169 * @internalComponent |
|
170 */ |
|
171 const TUint KSoSSLDomainName = 0x505; ///< Set Domain name |
|
172 |
|
173 // Adaptor layer specific options |
|
174 // all SSL related options are supposed to be here |
|
175 // rather then in insock/inc/in_sock.h |
|
176 /** |
|
177 * Use SSL v2 handschake. |
|
178 * |
|
179 * @internalAll |
|
180 * @deprecated the option is no longer supported |
|
181 */ |
|
182 const TUint KSoUseSSLv2Handshake = 0x500; |
|
183 |
|
184 // For KSoDialogMode |
|
185 const TUint KSSLDialogUnattendedMode= 0x01; ///< No dialogs |
|
186 const TUint KSSLDialogAttendedMode = 0x00; ///< dialogs |
|
187 |
|
188 |
|
189 // A version must be specified when creating an SSL factory |
|
190 /** |
|
191 * SSL module major version number. |
|
192 * |
|
193 * @internalComponent |
|
194 */ |
|
195 const TUint KSSLMajorVersionNumber=1; |
|
196 /** |
|
197 * SSL module minor version number. |
|
198 * |
|
199 * @internalComponent |
|
200 */ |
|
201 const TUint KSSLMinorVersionNumber=0; |
|
202 /** |
|
203 * SSL module build version number. |
|
204 * |
|
205 * @internalComponent |
|
206 */ |
|
207 const TUint KSSLBuildVersionNumber=500; |
|
208 |
|
209 class RMBufChain; |
|
210 class CSSLSessionStore; |
|
211 class CSSLSessionState; |
|
212 class CNifFactory; |
|
213 class CSSLProviderBase; |
|
214 class CSymmetricCipher; |
|
215 class CCryptoFactory; |
|
216 class CCertFactory; |
|
217 class CSSLTimers; |
|
218 class MSSLSocketNotify |
|
219 /** |
|
220 * Abstract base class used to notify the SSL socket server that various events |
|
221 * have occurred. The class provides several up-call member functions. |
|
222 * |
|
223 * @internalComponent |
|
224 * |
|
225 * @since v5.0 |
|
226 * |
|
227 * @deprecated No longer used by networking |
|
228 */ |
|
229 { |
|
230 public: |
|
231 // NOTE: THESE ARE A SUBSET OF MSocketNotify |
|
232 /** Called with unencrypted data to be given to the client application. |
|
233 * |
|
234 * @param aDesc Descriptor holding the unencrypted data. |
|
235 * @param aRestingData |
|
236 */ |
|
237 virtual void SSLDeliver(const TDesC8 &aDesc, TUint aRestingData)=0; |
|
238 |
|
239 virtual TUint SSLWrite(const TDesC8 &aDesc,TUint options, TSockAddr* aAddr=NULL)=0; |
|
240 |
|
241 /** Indicates that new buffer space is available. */ |
|
242 virtual void SSLCanSend()=0; |
|
243 |
|
244 /** Indicates that a connection attempt has completed successfully. */ |
|
245 virtual void SSLConnectComplete()=0; |
|
246 |
|
247 /** Indicates that the SAP has finished closing down. */ |
|
248 virtual void SSLCanClose()=0; |
|
249 |
|
250 /** Tells the socket server that an error state has arisen within the protocol. |
|
251 * |
|
252 * It should not be used to report programmatic errors, either in the protocol |
|
253 * itself or the socket server (a panic should be used in these cases). |
|
254 * |
|
255 * @param anError Error that has arisen. */ |
|
256 virtual void SSLError(TInt anError)=0; |
|
257 |
|
258 /** Called when the connection is closed due to an error. */ |
|
259 virtual void SSLDisconnectIndication(void)=0; |
|
260 |
|
261 /** Called when the connection is closed due to an error. |
|
262 * |
|
263 * @param aDisconnectData Descriptor holding the disconnect data. */ |
|
264 virtual void SSLDisconnectIndication(TDesC8& aDisconnectData)=0; |
|
265 |
|
266 /** Called when the connection is closed due to an error. |
|
267 * |
|
268 * @param aError The disconnect error. */ |
|
269 virtual void SSLDisconnectIndication(TInt aError)=0; |
|
270 |
|
271 virtual void SSLIoctlComplete(TDesC8 *aBuf)=0; |
|
272 }; |
|
273 |
|
274 class CSSLTimers : public CBase |
|
275 /** |
|
276 * Base class for SSL timers. |
|
277 * |
|
278 * @internalComponent |
|
279 * |
|
280 * @since v5.0 |
|
281 * |
|
282 * @deprecated No longer used by networking |
|
283 */ |
|
284 { |
|
285 public: |
|
286 /** Stops the SSLTimer, if it is running and destructs the object. */ |
|
287 virtual ~CSSLTimers(); |
|
288 |
|
289 /** Creates a new SSL Timer. |
|
290 * |
|
291 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
292 static CSSLTimers *NewL(); |
|
293 |
|
294 /** Starts the SSL timer. |
|
295 * |
|
296 * @param aCallBack Call back function. |
|
297 * @param aTimeout Time. */ |
|
298 void StartSSLTimer(TCallBack aCallBack,TInt aTimeout); |
|
299 |
|
300 /** Stops the timer. */ |
|
301 void StopSSLTimer(); |
|
302 |
|
303 /** Stops and cancels the time recorded by the timer. */ |
|
304 void DoSSLTimerExpired(); |
|
305 private: |
|
306 CSSLTimers(); |
|
307 private: |
|
308 TDeltaTimerEntry iSSLTimer; |
|
309 TDeltaTimerEntry *iSSLTimerH; |
|
310 }; |
|
311 |
|
312 class SSLGlobals |
|
313 /** |
|
314 * @internalComponent |
|
315 * |
|
316 * @deprecated No longer used by networking |
|
317 */ |
|
318 { |
|
319 public: |
|
320 CObjectConIx *iContainer; |
|
321 CObjectCon *iSSLFactories; |
|
322 TInt iSSLUnloadTimeout; |
|
323 TInt iSecureSocketCount; |
|
324 }; |
|
325 |
|
326 class RSSLDialogServer; |
|
327 class CSSLFactory : public CObject |
|
328 /** |
|
329 * Factory base for creating a concrete instance of a CSSLBase. |
|
330 * |
|
331 * @internalComponent |
|
332 * |
|
333 * @since v5.0 |
|
334 * @deprecated No longer used by networking |
|
335 */ |
|
336 { |
|
337 public: |
|
338 CSSLFactory(); |
|
339 virtual ~CSSLFactory(); |
|
340 virtual CSSLProviderBase* NewSecureSocketL(MSSLSocketNotify* aParent); |
|
341 virtual TInt Open(); |
|
342 virtual void Close(); |
|
343 virtual void InitL(RLibrary& aLib, CObjectCon& aCon); |
|
344 virtual TVersion Version() const; |
|
345 // static void Cleanup(TAny* aObject); |
|
346 // static TInt ControlledDelete(TAny* aSSLFactory); |
|
347 void SecureSocketShutdown(CSSLProviderBase *aSecureSocket); |
|
348 // other public members |
|
349 void SetSessionStateL(CSSLSessionState* aState,const TDesC8&);//const TDesC8& aSessionID,const TDesC8& aMasterSecret); |
|
350 TPtrC8 GetSession(const TDesC8&,CSSLSessionState*); |
|
351 void ConstructL(); |
|
352 private: |
|
353 void InitCryptoL(); |
|
354 public: |
|
355 RLibrary iLib; |
|
356 private: |
|
357 // RLibrary iCryptLibrary; |
|
358 // RLibrary iCertLibrary; |
|
359 TDblQue<CSSLProviderBase> iSecureSocketsList; |
|
360 TUint iSecureSocketsCount; |
|
361 CSSLSessionStore *iSessStore; |
|
362 }; |
|
363 |
|
364 class CSSLProviderBase : public CBase |
|
365 /** |
|
366 * Abstract base class for all SSL protocol implementations. |
|
367 * |
|
368 * @internalComponent |
|
369 * |
|
370 * @since v5.0 |
|
371 * |
|
372 * @deprecated No longer used by networking |
|
373 */ |
|
374 { |
|
375 public: |
|
376 friend class CSSLFactory; |
|
377 /** Connection closing type. */ |
|
378 enum TCloseType |
|
379 { |
|
380 /** Normal. */ |
|
381 ENormal, |
|
382 /** Stop input. */ |
|
383 EStopInput, |
|
384 /** Stop output. */ |
|
385 EStopOutput, |
|
386 /** Close immediately. */ |
|
387 EImmediate |
|
388 }; |
|
389 |
|
390 CSSLProviderBase(CSSLFactory& aFactory); |
|
391 virtual ~CSSLProviderBase(); |
|
392 |
|
393 /** Set the notification parent, |
|
394 * |
|
395 * @param aNotify Parent to be notified. */ |
|
396 inline void SetNotify(MSSLSocketNotify* aNotify); |
|
397 public: |
|
398 // NOTE I'VE COPIED THESE DIRECTLY FROM CServProviderBase |
|
399 virtual const TInt GetOption(TUint level,TUint name,TDes8& anOption) =0; |
|
400 virtual void Ioctl(TUint level,TUint name,TDes8* anOption)=0; |
|
401 virtual void CancelIoctl(TUint aLevel,TUint aName)=0; |
|
402 |
|
403 /** Sets an option. |
|
404 * |
|
405 * @param level Integer constant identifying the option. |
|
406 * @param name Option name. |
|
407 * @param anOption Option value packaged in a descriptor. |
|
408 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
409 virtual TInt SetOption(TUint level,TUint name,const TDesC8 &anOption)=0; |
|
410 |
|
411 virtual TUint Write(const TDesC8& aDesc,TUint options,TSockAddr* anAddr=NULL)=0; |
|
412 |
|
413 /** Process the event in the buffer. |
|
414 * |
|
415 * @param aBuf Chain with events to process. */ |
|
416 virtual void Process(RMBufChain& aBuf)=0; |
|
417 |
|
418 virtual void ProcessL(const TDesC8 &aDesc)=0; |
|
419 |
|
420 /** Initiates a connection operation. |
|
421 * |
|
422 * This means that it tells the protocol to |
|
423 * attempt to connect to a peer. It is called by the socket server in response |
|
424 * to a connect request from a client. ActiveOpen() is only ever called on connection-oriented |
|
425 * sockets. Such a socket should always have both the local address and the remote |
|
426 * address specified before ActiveOpen() is called. If this is not the case, |
|
427 * then the protocol should panic. When a connection has completed, the protocol |
|
428 * should call ConnectComplete() on its TNotify. |
|
429 * |
|
430 * If an error occurs during connection the protocol should not call ConnectComplete() |
|
431 * at all; instead it should call Error(). |
|
432 * |
|
433 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
434 virtual TInt ActiveOpen()=0; |
|
435 |
|
436 /** Same as ActiveOpen(), but with user data in the connection frame. |
|
437 * |
|
438 * @param aConnectionData User specified connection data. |
|
439 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
440 virtual TInt ActiveOpen(const TDesC8& aConnectionData)=0; |
|
441 |
|
442 /** Tells the protocol to start waiting for an incoming connection request on this |
|
443 * socket (i.e. port). |
|
444 * |
|
445 * It is called by the socket server in response to a listen request from a client. |
|
446 * |
|
447 * PassiveOpen() is only ever called on connection-oriented sockets. Such a socket |
|
448 * should always have both the local address and the remote address specified |
|
449 * before PassiveOpen() is called. If this is not the case, then the protocol |
|
450 * should panic. |
|
451 * |
|
452 * The protocol should keep a count of sockets in Start state - incrementing |
|
453 * a variable in ConnectComplete(), and decrementing it in Start(). |
|
454 * |
|
455 * When a connection has completed, the protocol should call ConnectComplete() |
|
456 * on its TNotify. |
|
457 * |
|
458 * If an error occurs during connection the protocol should not call ConnectComplete() |
|
459 * at all; instead it should call Error(). |
|
460 * |
|
461 * @param aQueSize The number of sockets which can be waiting for an outstanding |
|
462 * Start() after calling ConnectComplete(). |
|
463 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
464 virtual TInt PassiveOpen(TUint aQueSize)=0; |
|
465 |
|
466 /** Same as PassiveOpen(), but with user data in the connection frame. |
|
467 * |
|
468 * @param aQueSize The number of sockets which can be waiting for an outstanding |
|
469 * Start() after calling ConnectComplete(). |
|
470 * @param aConnectionData User specified connection data |
|
471 * @return KErrNone if successful, a system-wide error code if not. */ |
|
472 virtual TInt PassiveOpen(TUint aQueSize,const TDesC8& aConnectionData)=0; |
|
473 |
|
474 /** Terminates a connection (or closes a non connection-oriented socket down). |
|
475 * |
|
476 * Normally, when the socket server has called Shutdown() for a socket, it will |
|
477 * wait for the socket to call CanClose() before destroying the CServProviderBase |
|
478 * object. */ |
|
479 virtual void Shutdown()=0; |
|
480 |
|
481 /** Closes the connection. */ |
|
482 virtual void Close()=0; |
|
483 /** Second phase contructor. |
|
484 * |
|
485 * @param aParent Parent to be notified. */ |
|
486 virtual void ConstructL(MSSLSocketNotify *aParent)=0; |
|
487 /** Indicates that the connection has been completed. */ |
|
488 virtual void ConnectCompleted()=0; |
|
489 |
|
490 public: |
|
491 TDblQueLink iLink; |
|
492 protected: |
|
493 CSSLFactory* iFactory; |
|
494 private: |
|
495 MSSLSocketNotify* iSocket; |
|
496 }; |
|
497 |
68 |
498 #endif |
69 #endif |