1.1 --- a/epoc32/include/ssl.h Wed Mar 31 12:27:01 2010 +0100
1.2 +++ b/epoc32/include/ssl.h Wed Mar 31 12:33:34 2010 +0100
1.3 @@ -1,9 +1,9 @@
1.4 // Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 // All rights reserved.
1.6 // This component and the accompanying materials are made available
1.7 -// under the terms of the License "Symbian Foundation License v1.0" to Symbian Foundation members and "Symbian Foundation End User License Agreement v1.0" to non-members
1.8 +// under the terms of "Eclipse Public License v1.0"
1.9 // which accompanies this distribution, and is available
1.10 -// at the URL "http://www.symbianfoundation.org/legal/licencesv10.html".
1.11 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.12 //
1.13 // Initial Contributors:
1.14 // Nokia Corporation - initial contribution.
1.15 @@ -15,8 +15,6 @@
1.16 //
1.17 //
1.18
1.19 -
1.20 -
1.21 /**
1.22 @file
1.23 */
1.24 @@ -27,86 +25,11 @@
1.25 #include <in_sock.h>
1.26 #include <sslerr.h>
1.27
1.28 -//TDNInfo & TCertInfo moved to a header file owned by HTTP
1.29 -//included their file here to reduce impact of this move
1.30 #include <ssl_compatibility.h>
1.31
1.32 -// next 3 lines xfer from ssldata.h
1.33 -/*
1.34 -Code using this const has been commented out.
1.35 -Be careful 0x406 could have been defined in the in_sock.h in the mean time...
1.36 -const TUint KSoCurrentConnectStatus =0x406;
1.37 -*/
1.38 -/**
1.39 - * The SSL connection status.
1.40 - *
1.41 - * @internalComponent
1.42 - *
1.43 - * @since v6.0 *
1.44 - * @deprecated No longer used by networking
1.45 - */
1.46 -enum TSSLConnectStatus
1.47 - {
1.48 - /** Connected. */
1.49 - ESSLConnected,
1.50 - /** Waiting for user to answer. */
1.51 - ESSLWaitingUserAnswer,
1.52 - /** Connection failed. */
1.53 - ESSLConnectFailed
1.54 - };
1.55 -
1.56 -/**
1.57 - * No dialogs.
1.58 - *
1.59 - * @internalComponent
1.60 - */
1.61 -const TUint KSSLUserDialogMode = 0x02; // no dialogs
1.62 -
1.63 -/**
1.64 - * SSL Protocol Module's UID.
1.65 - *
1.66 - * @internalComponent
1.67 - */
1.68 -const TInt KUidSSLProtocolModule = 0x100011b2;
1.69 -
1.70 -/**
1.71 - * Unicode SSL Protocol Module's UID.
1.72 - *
1.73 - * @internalComponent
1.74 - */
1.75 -const TInt KUidUnicodeSSLProtocolModule = 0x1000183d;
1.76 -
1.77 -/**
1.78 - * SSL v3 Protocol Module's UID.
1.79 - *
1.80 - * @internalComponent
1.81 - */
1.82 -const TInt KUidSSLv3ProtocolModule = 0x10001699;
1.83 -
1.84 -/**
1.85 - * Socket reads from SSL.
1.86 - *
1.87 - * @internalComponent
1.88 - */
1.89 -const TUint KSockReadFromSSL = 0x10040000;
1.90 -
1.91 -/**
1.92 - * Socket writes to SSL.
1.93 - *
1.94 - * @internalComponent
1.95 - */
1.96 -const TUint KSockWriteFromSSL = 0x10044000;
1.97 -
1.98 -// SSL/TLS connection Option taken from previous releases. This information has been
1.99 -// removed from in_sock.h. All adaptor options have been removed.
1.100 -const TUint KSolInetSSL = 0x205; ///< SSL setopts/ioctls
1.101 -
1.102 -const TUint KSoCurrentCipherSuite = 0x402; ///< Get current cipher suites
1.103 -const TUint KSoSSLServerCert = 0x403; ///< Get server certificate
1.104 -const TUint KSoDialogMode = 0x404; ///< Get/Set current dialog mode
1.105 -const TUint KSoAvailableCipherSuites = 0x405; ///< Get available cipher suites
1.106 - // 0x406 skipped - See KSoCurrentConnectStatus
1.107 -const TUint KSoKeyingMaterial = 0x407; ///< Get Keying Material for EAP
1.108 +#ifndef SYMBIAN_ENABLE_SPLIT_HEADERS
1.109 +#include <ssl_internal.h>
1.110 +#endif
1.111
1.112 /**
1.113 * @publishedAll
1.114 @@ -121,7 +44,7 @@
1.115 *
1.116 * An argument of 0 disables the ciphersuites and non-zero enables them.
1.117 */
1.118 -const TUint KSoEnableNullCiphers = 0x408; ///< Enable/disable NULL ciphers
1.119 +const TUint KSoEnableNullCiphers = 0x408; //< Enable/disable NULL ciphers
1.120
1.121 /**
1.122 * @publishedAll
1.123 @@ -132,28 +55,7 @@
1.124 *
1.125 * @see MSoPskKeyHandler
1.126 */
1.127 -const TUint KSoPskConfig = 0x409; ///< Set PSK key exchange configuration
1.128 -
1.129 -/**
1.130 - * Interface to the client code which decides which PSK identity and value should be used to secure the connection.
1.131 -*/
1.132 -class MSoPskKeyHandler
1.133 - {
1.134 -public:
1.135 - /**
1.136 - Called during the TLS PSK handshake to get the PSK identity and value to be used to secure the connection.
1.137 -
1.138 - @param aPskIdentityHint A ptr to an HBufC8 containing the "PSK identity hint", or NULL if the server did not send one.
1.139 - @param aPskIdentity NULL passed in, must be set to an HBufC8 containing the PSK Identity to be used.
1.140 - @param aPskKey NULL passed in, must be set to an HBufC8 containing the PSK key value to be used.
1.141 -
1.142 - Note: The caller takes ownership of the aPskIdentity and aPskKey buffers.
1.143 - Note: The meaning of the PSK identity hint is NOT defined by the TLS standard, therefore any application
1.144 - using PSK must previously agree the source of the PSK to be used and the interpretion of the (optional) PSK identity
1.145 - hint.
1.146 - */
1.147 - virtual void GetPskL(const HBufC8 * aPskIdentityHint, HBufC8 *& aPskIdentity, HBufC8 *& aPskKey) = 0;
1.148 - };
1.149 +const TUint KSoPskConfig = 0x409; //< Set PSK key exchange configuration
1.150
1.151 /**
1.152 * @publishedAll
1.153 @@ -162,337 +64,6 @@
1.154 * Set the list of server names to be passed to the server in the ClientHello as described in RFC3546 "Server Name Indication".
1.155 * The argument should be a TPckgBuf<CDesC8Array *>.
1.156 */
1.157 -const TUint KSoServerNameIndication = 0x40a; ///< Set Server Name Indication
1.158 -
1.159 -/**
1.160 - *
1.161 - * @internalComponent
1.162 - */
1.163 -const TUint KSoSSLDomainName = 0x505; ///< Set Domain name
1.164 -
1.165 -// Adaptor layer specific options
1.166 -// all SSL related options are supposed to be here
1.167 -// rather then in insock/inc/in_sock.h
1.168 -/**
1.169 - * Use SSL v2 handschake.
1.170 - *
1.171 - * @internalAll
1.172 - * @deprecated the option is no longer supported
1.173 - */
1.174 -const TUint KSoUseSSLv2Handshake = 0x500;
1.175 -
1.176 -// For KSoDialogMode
1.177 -const TUint KSSLDialogUnattendedMode= 0x01; ///< No dialogs
1.178 -const TUint KSSLDialogAttendedMode = 0x00; ///< dialogs
1.179 -
1.180 -
1.181 -// A version must be specified when creating an SSL factory
1.182 -/**
1.183 - * SSL module major version number.
1.184 - *
1.185 - * @internalComponent
1.186 - */
1.187 -const TUint KSSLMajorVersionNumber=1;
1.188 -/**
1.189 - * SSL module minor version number.
1.190 - *
1.191 - * @internalComponent
1.192 - */
1.193 -const TUint KSSLMinorVersionNumber=0;
1.194 -/**
1.195 - * SSL module build version number.
1.196 - *
1.197 - * @internalComponent
1.198 - */
1.199 -const TUint KSSLBuildVersionNumber=500;
1.200 -
1.201 -class RMBufChain;
1.202 -class CSSLSessionStore;
1.203 -class CSSLSessionState;
1.204 -class CNifFactory;
1.205 -class CSSLProviderBase;
1.206 -class CSymmetricCipher;
1.207 -class CCryptoFactory;
1.208 -class CCertFactory;
1.209 -class CSSLTimers;
1.210 -class MSSLSocketNotify
1.211 - /**
1.212 - * Abstract base class used to notify the SSL socket server that various events
1.213 - * have occurred. The class provides several up-call member functions.
1.214 - *
1.215 - * @internalComponent
1.216 - *
1.217 - * @since v5.0
1.218 - *
1.219 - * @deprecated No longer used by networking
1.220 - */
1.221 - {
1.222 -public:
1.223 -// NOTE: THESE ARE A SUBSET OF MSocketNotify
1.224 - /** Called with unencrypted data to be given to the client application.
1.225 - *
1.226 - * @param aDesc Descriptor holding the unencrypted data.
1.227 - * @param aRestingData
1.228 - */
1.229 - virtual void SSLDeliver(const TDesC8 &aDesc, TUint aRestingData)=0;
1.230 -
1.231 - virtual TUint SSLWrite(const TDesC8 &aDesc,TUint options, TSockAddr* aAddr=NULL)=0;
1.232 -
1.233 - /** Indicates that new buffer space is available. */
1.234 - virtual void SSLCanSend()=0;
1.235 -
1.236 - /** Indicates that a connection attempt has completed successfully. */
1.237 - virtual void SSLConnectComplete()=0;
1.238 -
1.239 - /** Indicates that the SAP has finished closing down. */
1.240 - virtual void SSLCanClose()=0;
1.241 -
1.242 - /** Tells the socket server that an error state has arisen within the protocol.
1.243 - *
1.244 - * It should not be used to report programmatic errors, either in the protocol
1.245 - * itself or the socket server (a panic should be used in these cases).
1.246 - *
1.247 - * @param anError Error that has arisen. */
1.248 - virtual void SSLError(TInt anError)=0;
1.249 -
1.250 - /** Called when the connection is closed due to an error. */
1.251 - virtual void SSLDisconnectIndication(void)=0;
1.252 -
1.253 - /** Called when the connection is closed due to an error.
1.254 - *
1.255 - * @param aDisconnectData Descriptor holding the disconnect data. */
1.256 - virtual void SSLDisconnectIndication(TDesC8& aDisconnectData)=0;
1.257 -
1.258 - /** Called when the connection is closed due to an error.
1.259 - *
1.260 - * @param aError The disconnect error. */
1.261 - virtual void SSLDisconnectIndication(TInt aError)=0;
1.262 -
1.263 - virtual void SSLIoctlComplete(TDesC8 *aBuf)=0;
1.264 - };
1.265 -
1.266 -class CSSLTimers : public CBase
1.267 - /**
1.268 - * Base class for SSL timers.
1.269 - *
1.270 - * @internalComponent
1.271 - *
1.272 - * @since v5.0
1.273 - *
1.274 - * @deprecated No longer used by networking
1.275 - */
1.276 - {
1.277 -public:
1.278 - /** Stops the SSLTimer, if it is running and destructs the object. */
1.279 - virtual ~CSSLTimers();
1.280 -
1.281 - /** Creates a new SSL Timer.
1.282 - *
1.283 - * @return KErrNone if successful; otherwise, a system-wide error code. */
1.284 - static CSSLTimers *NewL();
1.285 -
1.286 - /** Starts the SSL timer.
1.287 - *
1.288 - * @param aCallBack Call back function.
1.289 - * @param aTimeout Time. */
1.290 - void StartSSLTimer(TCallBack aCallBack,TInt aTimeout);
1.291 -
1.292 - /** Stops the timer. */
1.293 - void StopSSLTimer();
1.294 -
1.295 - /** Stops and cancels the time recorded by the timer. */
1.296 - void DoSSLTimerExpired();
1.297 -private:
1.298 - CSSLTimers();
1.299 -private:
1.300 - TDeltaTimerEntry iSSLTimer;
1.301 - TDeltaTimerEntry *iSSLTimerH;
1.302 - };
1.303 -
1.304 -class SSLGlobals
1.305 - /**
1.306 - * @internalComponent
1.307 - *
1.308 - * @deprecated No longer used by networking
1.309 - */
1.310 - {
1.311 -public:
1.312 - CObjectConIx *iContainer;
1.313 - CObjectCon *iSSLFactories;
1.314 - TInt iSSLUnloadTimeout;
1.315 - TInt iSecureSocketCount;
1.316 - };
1.317 -
1.318 -class RSSLDialogServer;
1.319 -class CSSLFactory : public CObject
1.320 - /**
1.321 - * Factory base for creating a concrete instance of a CSSLBase.
1.322 - *
1.323 - * @internalComponent
1.324 - *
1.325 - * @since v5.0
1.326 - * @deprecated No longer used by networking
1.327 - */
1.328 - {
1.329 -public:
1.330 - CSSLFactory();
1.331 - virtual ~CSSLFactory();
1.332 - virtual CSSLProviderBase* NewSecureSocketL(MSSLSocketNotify* aParent);
1.333 - virtual TInt Open();
1.334 - virtual void Close();
1.335 - virtual void InitL(RLibrary& aLib, CObjectCon& aCon);
1.336 - virtual TVersion Version() const;
1.337 -// static void Cleanup(TAny* aObject);
1.338 -// static TInt ControlledDelete(TAny* aSSLFactory);
1.339 - void SecureSocketShutdown(CSSLProviderBase *aSecureSocket);
1.340 - // other public members
1.341 - void SetSessionStateL(CSSLSessionState* aState,const TDesC8&);//const TDesC8& aSessionID,const TDesC8& aMasterSecret);
1.342 - TPtrC8 GetSession(const TDesC8&,CSSLSessionState*);
1.343 - void ConstructL();
1.344 -private:
1.345 - void InitCryptoL();
1.346 -public:
1.347 - RLibrary iLib;
1.348 -private:
1.349 -// RLibrary iCryptLibrary;
1.350 -// RLibrary iCertLibrary;
1.351 - TDblQue<CSSLProviderBase> iSecureSocketsList;
1.352 - TUint iSecureSocketsCount;
1.353 - CSSLSessionStore *iSessStore;
1.354 - };
1.355 -
1.356 -class CSSLProviderBase : public CBase
1.357 - /**
1.358 - * Abstract base class for all SSL protocol implementations.
1.359 - *
1.360 - * @internalComponent
1.361 - *
1.362 - * @since v5.0
1.363 - *
1.364 - * @deprecated No longer used by networking
1.365 - */
1.366 - {
1.367 -public:
1.368 - friend class CSSLFactory;
1.369 -/** Connection closing type. */
1.370 - enum TCloseType
1.371 - {
1.372 - /** Normal. */
1.373 - ENormal,
1.374 - /** Stop input. */
1.375 - EStopInput,
1.376 - /** Stop output. */
1.377 - EStopOutput,
1.378 - /** Close immediately. */
1.379 - EImmediate
1.380 - };
1.381 -
1.382 - CSSLProviderBase(CSSLFactory& aFactory);
1.383 - virtual ~CSSLProviderBase();
1.384 -
1.385 - /** Set the notification parent,
1.386 - *
1.387 - * @param aNotify Parent to be notified. */
1.388 - inline void SetNotify(MSSLSocketNotify* aNotify);
1.389 -public:
1.390 -// NOTE I'VE COPIED THESE DIRECTLY FROM CServProviderBase
1.391 - virtual const TInt GetOption(TUint level,TUint name,TDes8& anOption) =0;
1.392 - virtual void Ioctl(TUint level,TUint name,TDes8* anOption)=0;
1.393 - virtual void CancelIoctl(TUint aLevel,TUint aName)=0;
1.394 -
1.395 - /** Sets an option.
1.396 - *
1.397 - * @param level Integer constant identifying the option.
1.398 - * @param name Option name.
1.399 - * @param anOption Option value packaged in a descriptor.
1.400 - * @return KErrNone if successful; otherwise, a system-wide error code. */
1.401 - virtual TInt SetOption(TUint level,TUint name,const TDesC8 &anOption)=0;
1.402 -
1.403 - virtual TUint Write(const TDesC8& aDesc,TUint options,TSockAddr* anAddr=NULL)=0;
1.404 -
1.405 - /** Process the event in the buffer.
1.406 - *
1.407 - * @param aBuf Chain with events to process. */
1.408 - virtual void Process(RMBufChain& aBuf)=0;
1.409 -
1.410 - virtual void ProcessL(const TDesC8 &aDesc)=0;
1.411 -
1.412 - /** Initiates a connection operation.
1.413 - *
1.414 - * This means that it tells the protocol to
1.415 - * attempt to connect to a peer. It is called by the socket server in response
1.416 - * to a connect request from a client. ActiveOpen() is only ever called on connection-oriented
1.417 - * sockets. Such a socket should always have both the local address and the remote
1.418 - * address specified before ActiveOpen() is called. If this is not the case,
1.419 - * then the protocol should panic. When a connection has completed, the protocol
1.420 - * should call ConnectComplete() on its TNotify.
1.421 - *
1.422 - * If an error occurs during connection the protocol should not call ConnectComplete()
1.423 - * at all; instead it should call Error().
1.424 - *
1.425 - * @return KErrNone if successful; otherwise, a system-wide error code. */
1.426 - virtual TInt ActiveOpen()=0;
1.427 -
1.428 - /** Same as ActiveOpen(), but with user data in the connection frame.
1.429 - *
1.430 - * @param aConnectionData User specified connection data.
1.431 - * @return KErrNone if successful; otherwise, a system-wide error code. */
1.432 - virtual TInt ActiveOpen(const TDesC8& aConnectionData)=0;
1.433 -
1.434 - /** Tells the protocol to start waiting for an incoming connection request on this
1.435 - * socket (i.e. port).
1.436 - *
1.437 - * It is called by the socket server in response to a listen request from a client.
1.438 - *
1.439 - * PassiveOpen() is only ever called on connection-oriented sockets. Such a socket
1.440 - * should always have both the local address and the remote address specified
1.441 - * before PassiveOpen() is called. If this is not the case, then the protocol
1.442 - * should panic.
1.443 - *
1.444 - * The protocol should keep a count of sockets in Start state - incrementing
1.445 - * a variable in ConnectComplete(), and decrementing it in Start().
1.446 - *
1.447 - * When a connection has completed, the protocol should call ConnectComplete()
1.448 - * on its TNotify.
1.449 - *
1.450 - * If an error occurs during connection the protocol should not call ConnectComplete()
1.451 - * at all; instead it should call Error().
1.452 - *
1.453 - * @param aQueSize The number of sockets which can be waiting for an outstanding
1.454 - * Start() after calling ConnectComplete().
1.455 - * @return KErrNone if successful; otherwise, a system-wide error code. */
1.456 - virtual TInt PassiveOpen(TUint aQueSize)=0;
1.457 -
1.458 - /** Same as PassiveOpen(), but with user data in the connection frame.
1.459 - *
1.460 - * @param aQueSize The number of sockets which can be waiting for an outstanding
1.461 - * Start() after calling ConnectComplete().
1.462 - * @param aConnectionData User specified connection data
1.463 - * @return KErrNone if successful, a system-wide error code if not. */
1.464 - virtual TInt PassiveOpen(TUint aQueSize,const TDesC8& aConnectionData)=0;
1.465 -
1.466 - /** Terminates a connection (or closes a non connection-oriented socket down).
1.467 - *
1.468 - * Normally, when the socket server has called Shutdown() for a socket, it will
1.469 - * wait for the socket to call CanClose() before destroying the CServProviderBase
1.470 - * object. */
1.471 - virtual void Shutdown()=0;
1.472 -
1.473 - /** Closes the connection. */
1.474 - virtual void Close()=0;
1.475 - /** Second phase contructor.
1.476 - *
1.477 - * @param aParent Parent to be notified. */
1.478 - virtual void ConstructL(MSSLSocketNotify *aParent)=0;
1.479 - /** Indicates that the connection has been completed. */
1.480 - virtual void ConnectCompleted()=0;
1.481 -
1.482 -public:
1.483 - TDblQueLink iLink;
1.484 -protected:
1.485 - CSSLFactory* iFactory;
1.486 -private:
1.487 - MSSLSocketNotify* iSocket;
1.488 - };
1.489 +const TUint KSoServerNameIndication = 0x40a; //< Set Server Name Indication
1.490
1.491 #endif