An object of this class will be provided to the SSL/TLS Protocol client when it first requests a service from the TLS Provider token interface

The first call to CTLSProvider takes place before ClientHello is send, then as the handshake progress, the information relevant for Provider and token will be gradually filled in the structure returned by this API, If the structure already exists, then the pointer to the same structure is returned.

This method cancels all the asynchronous operations of CTLSProvider

This synchronous method cancels all the asynchronous operations of CTlsProvider

This asynchronous method reads the list of supported cipher suites from the available tokens. This list is used within the SSL/TLS Protocol's ClientHello message. This asynchronous method reads the list of supported cipher suites from the available tokens. This list is used within the SSL/TLS Protocol's ClientHello message. The list of cipher suites is constructed from the symmetric ciphers and digest algorithms supported by the Security subsystem and the union of all the key exchange and signature algorithms supported by the available tokens. If a previous call to GetSession was made, then the token information obtained with it would be used to get this list.

A list created in this way is then checked against iSupported and iPriority fields of TSetOfCipherSuites entries and unsupported cipher suites are removed from the list while the rest are ordered according to the priorities assigned in TSetOfCipherSuites. (It is guaranteed that all cipher suites in the TSetOfCipherSuites table marked as supported are implemented in Symbian software emulation of cryptographic token for both SSL v3.0 and TLS v1.0 protocols. The selection of cipher suite in the way described here ensures that whatever cipher suite and protocol version is eventually negotiated by the handshake peers, there will always be a token capable of providing required service).

This asynchronous method will clear the session identified by the ServerName and Session.iId in aServerNameAndId.This operation may fail if the session cached on a token is in use (this maybe possible if a hardware token, e.g. a WIM is used. It is unlikely in the case of a software token implementation). This asynchronous method will clear the session identified by Server Name and its Id.(This data is available to the caller as a result of the call to the GetSession() method). This operation may fail if the session cached on a token is in use (this maybe possible if a hardware token, e.g. a WIM is used.) When an abbevated handshake fails, Tls provider will ask the corresponding token to clear the cache. TlsProvider keeps track of this by storing the output from the last GetSession call.

For an explicit call to this API, the function internally will call GetSession to determine the token associated with this session and then attempts to clear it.

creates a new CTLSProvider object

This method provides a CTLSSession object to the protocol when the handshake has reached the stage where ServerHelloDone has been recevied. The main process of this function is to select the token and initialize it. This method provides a CTLSSession object to the protocol when the handshake has reached the stage where ServerHelloDone has been recevied. The main process of this function is to select the token and initialize it. If Client Authentication was required, appropriate cert and key selection will be done. If running in a DialogNonAttended Mode, then a certificate will be automatically selected. Pls note that ClientAuthentication can only be done with Dialog mode set to true If Client Authentication was not required, the Software Token will be selected and if any failures were encountered during its initialization, then the other available tokens will be entertained. If a call to GetSession was made earlier and if the SessionId passed from Server matches the one returned earlier, then this function attempts an Abbreviated handshake

This synchronous method is used to request a number of randomly generated bytes from the TLS Provider. This function will set a length of aBuffer to zero in case of any problems with random number generation. This synchronous method is used to request a number of randomly generated bytes from the TLS Provider 4bytes of time + 28 bytes of random numbers

RFC: The current time and date in standard UNIX 32-bit format (seconds since the midnight starting Jan 1, 1970, GMT) according to the sender's internal clock. Clocks are not required to be set correctly by the basic TLS Protocol; higher level or application protocols may define additional requirements. But having a 32bit signed format will mean we will encounter a "Year 2038 problem"

This asynchronous method will provide a session identifier object associated with a given server indicated by the aServerName argument This asynchronous method will provide a session identifier object associated with a given server indicated by the aServerName argument. If a session has previously been established to that server and remains held in the cache of one of the available tokens and is resumable, then the aSessionId parameter will contain that session id to that session. The client (SSL/TLS protocol) can attempt to perform an abbreviated handshake in this case. If no resumable session to the server is cached, then the session aSessionId member will be zero length, which would force the protocol to perform a full handshake.

For performace issues, if this is the first function to be called in a CTlsProviderImpl , then as we obtain the interface to the token, the Key and signature exchange algorithms are also retrieved from the token and any subsequent calls to CTlsProviderImpl::CipherSuites() will complete from this existing list.

reconnect the connection if it fails at initial stage of conneciton

This synchronous method saves the handshake parameters, creates a new implementation object and intitializes its CryptoAttributes with the handshake parameters. Also it retains a handle to the token and thereby holds on to the last saved session. The function is used for renegotiation and for abbreviated handshakes where handshake params differ but session has to live linger

This asynchronous method is used to validate a received Server certificate. This asynchronous method is used to validate a received Server certificate. If the validation fails then an UI will prompt the user to decide whether to continue with this handshake or cancel it.A dialog will be popped if the server certificate is invalid. The user then has the choice to close the connection or continue. The dialog mode can be turned off by setting the iDialogNonAttendedMode mode flag in CTlsCryptoAttributes

CTlsCryptoAttributes

This asynchronous method uses the server's public key to ensure that the signature was indeed created by the server. The result of this operation will be written in the aResult parameter.. This synchronous method uses the server's public key to ensure that the signature was indeed created by the server