|
1 // Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // SSL exported functions. |
|
15 // |
|
16 // |
|
17 |
|
18 /** |
|
19 * @file ssl_internal.h |
|
20 * SSL internal constants and classes. |
|
21 */ |
|
22 |
|
23 #ifndef __TCPSSL_INTERNAL_H__ |
|
24 #define __TCPSSL_INTERNAL_H__ |
|
25 |
|
26 #include <e32base.h> |
|
27 #include <es_sock.h> |
|
28 |
|
29 //TDNInfo & TCertInfo moved to a header file owned by HTTP |
|
30 //included their file here to reduce impact of this move |
|
31 // next 3 lines xfer from ssldata.h |
|
32 /* |
|
33 Code using this const has been commented out. |
|
34 Be careful 0x406 could have been defined in the in_sock.h in the mean time... |
|
35 const TUint KSoCurrentConnectStatus =0x406; |
|
36 */ |
|
37 /** |
|
38 * The SSL connection status. |
|
39 * |
|
40 * @internalComponent |
|
41 * |
|
42 * @since v6.0 * |
|
43 * @deprecated No longer used by networking |
|
44 */ |
|
45 enum TSSLConnectStatus |
|
46 { |
|
47 /** Connected. */ |
|
48 ESSLConnected, |
|
49 /** Waiting for user to answer. */ |
|
50 ESSLWaitingUserAnswer, |
|
51 /** Connection failed. */ |
|
52 ESSLConnectFailed |
|
53 }; |
|
54 |
|
55 /** |
|
56 * No dialogs. |
|
57 * |
|
58 * @internalComponent |
|
59 */ |
|
60 const TUint KSSLUserDialogMode = 0x02; // no dialogs |
|
61 |
|
62 /** |
|
63 * SSL Protocol Module's UID. |
|
64 * |
|
65 * @internalComponent |
|
66 */ |
|
67 const TInt KUidSSLProtocolModule = 0x100011b2; |
|
68 |
|
69 /** |
|
70 * Unicode SSL Protocol Module's UID. |
|
71 * |
|
72 * @internalComponent |
|
73 */ |
|
74 const TInt KUidUnicodeSSLProtocolModule = 0x1000183d; |
|
75 |
|
76 /** |
|
77 * SSL v3 Protocol Module's UID. |
|
78 * |
|
79 * @internalComponent |
|
80 */ |
|
81 const TInt KUidSSLv3ProtocolModule = 0x10001699; |
|
82 |
|
83 /** |
|
84 * Socket reads from SSL. |
|
85 * |
|
86 * @internalComponent |
|
87 */ |
|
88 const TUint KSockReadFromSSL = 0x10040000; |
|
89 |
|
90 /** |
|
91 * Socket writes to SSL. |
|
92 * |
|
93 * @internalComponent |
|
94 */ |
|
95 const TUint KSockWriteFromSSL = 0x10044000; |
|
96 |
|
97 // SSL/TLS connection Option taken from previous releases. This information has been |
|
98 // removed from in_sock.h. All adaptor options have been removed. |
|
99 const TUint KSolInetSSL = 0x205; //< SSL setopts/ioctls |
|
100 |
|
101 const TUint KSoCurrentCipherSuite = 0x402; //< Get current cipher suites |
|
102 const TUint KSoSSLServerCert = 0x403; //< Get server certificate |
|
103 const TUint KSoDialogMode = 0x404; //< Get/Set current dialog mode |
|
104 const TUint KSoAvailableCipherSuites = 0x405; //< Get available cipher suites |
|
105 // 0x406 skipped - See KSoCurrentConnectStatus |
|
106 const TUint KSoKeyingMaterial = 0x407; //< Get Keying Material for EAP |
|
107 |
|
108 |
|
109 /** |
|
110 * Interface to the client code which decides which PSK identity and value should be used to secure the connection. |
|
111 */ |
|
112 class MSoPskKeyHandler |
|
113 { |
|
114 public: |
|
115 /** |
|
116 Called during the TLS PSK handshake to get the PSK identity and value to be used to secure the connection. |
|
117 |
|
118 @param aPskIdentityHint A ptr to an HBufC8 containing the "PSK identity hint", or NULL if the server did not send one. |
|
119 @param aPskIdentity NULL passed in, must be set to an HBufC8 containing the PSK Identity to be used. |
|
120 @param aPskKey NULL passed in, must be set to an HBufC8 containing the PSK key value to be used. |
|
121 |
|
122 Note that the meaning of the PSK identity hint is NOT defined by the TLS standard, therefore any application |
|
123 using PSK must previously agree the source of the PSK to be used and the interpretion of the (optional) PSK identity |
|
124 hint. |
|
125 */ |
|
126 virtual void GetPskL(const HBufC8 * aPskIdentityHint, HBufC8 *& aPskIdentity, HBufC8 *& aPskKey) = 0; |
|
127 }; |
|
128 |
|
129 /** |
|
130 * |
|
131 * @internalComponent |
|
132 */ |
|
133 const TUint KSoSSLDomainName = 0x505; //< Set Domain name |
|
134 |
|
135 // Adaptor layer specific options |
|
136 // all SSL related options are supposed to be here |
|
137 // rather then in insock/inc/in_sock.h |
|
138 /** |
|
139 * Use SSL v2 handschake. |
|
140 * |
|
141 * @internalAll |
|
142 * @deprecated the option is no longer supported |
|
143 */ |
|
144 const TUint KSoUseSSLv2Handshake = 0x500; |
|
145 |
|
146 // For KSoDialogMode |
|
147 const TUint KSSLDialogUnattendedMode= 0x01; //< No dialogs |
|
148 const TUint KSSLDialogAttendedMode = 0x00; //< dialogs |
|
149 |
|
150 |
|
151 // A version must be specified when creating an SSL factory |
|
152 /** |
|
153 * SSL module major version number. |
|
154 * |
|
155 * @internalComponent |
|
156 */ |
|
157 const TUint KSSLMajorVersionNumber=1; |
|
158 /** |
|
159 * SSL module minor version number. |
|
160 * |
|
161 * @internalComponent |
|
162 */ |
|
163 const TUint KSSLMinorVersionNumber=0; |
|
164 /** |
|
165 * SSL module build version number. |
|
166 * |
|
167 * @internalComponent |
|
168 */ |
|
169 const TUint KSSLBuildVersionNumber=500; |
|
170 |
|
171 class RMBufChain; |
|
172 class CSSLSessionStore; |
|
173 class CSSLSessionState; |
|
174 class CNifFactory; |
|
175 class CSSLProviderBase; |
|
176 class CSymmetricCipher; |
|
177 class CCryptoFactory; |
|
178 class CCertFactory; |
|
179 class CSSLTimers; |
|
180 class MSSLSocketNotify |
|
181 /** |
|
182 * Abstract base class used to notify the SSL socket server that various events |
|
183 * have occurred. The class provides several up-call member functions. |
|
184 * |
|
185 * @internalComponent |
|
186 * |
|
187 * @since v5.0 |
|
188 * |
|
189 * @deprecated No longer used by networking |
|
190 */ |
|
191 { |
|
192 public: |
|
193 // NOTE: THESE ARE A SUBSET OF MSocketNotify |
|
194 /** Called with unencrypted data to be given to the client application. |
|
195 * |
|
196 * @param aDesc Descriptor holding the unencrypted data. |
|
197 * @param aRestingData |
|
198 */ |
|
199 virtual void SSLDeliver(const TDesC8 &aDesc, TUint aRestingData)=0; |
|
200 |
|
201 virtual TUint SSLWrite(const TDesC8 &aDesc,TUint options, TSockAddr* aAddr=NULL)=0; |
|
202 |
|
203 /** Indicates that new buffer space is available. */ |
|
204 virtual void SSLCanSend()=0; |
|
205 |
|
206 /** Indicates that a connection attempt has completed successfully. */ |
|
207 virtual void SSLConnectComplete()=0; |
|
208 |
|
209 /** Indicates that the SAP has finished closing down. */ |
|
210 virtual void SSLCanClose()=0; |
|
211 |
|
212 /** Tells the socket server that an error state has arisen within the protocol. |
|
213 * |
|
214 * It should not be used to report programmatic errors, either in the protocol |
|
215 * itself or the socket server (a panic should be used in these cases). |
|
216 * |
|
217 * @param anError Error that has arisen. */ |
|
218 virtual void SSLError(TInt anError)=0; |
|
219 |
|
220 /** Called when the connection is closed due to an error. */ |
|
221 virtual void SSLDisconnectIndication(void)=0; |
|
222 |
|
223 /** Called when the connection is closed due to an error. |
|
224 * |
|
225 * @param aDisconnectData Descriptor holding the disconnect data. */ |
|
226 virtual void SSLDisconnectIndication(TDesC8& aDisconnectData)=0; |
|
227 |
|
228 /** Called when the connection is closed due to an error. |
|
229 * |
|
230 * @param aError The disconnect error. */ |
|
231 virtual void SSLDisconnectIndication(TInt aError)=0; |
|
232 |
|
233 virtual void SSLIoctlComplete(TDesC8 *aBuf)=0; |
|
234 }; |
|
235 |
|
236 class CSSLTimers : public CBase |
|
237 /** |
|
238 * Base class for SSL timers. |
|
239 * |
|
240 * @internalComponent |
|
241 * |
|
242 * @since v5.0 |
|
243 * |
|
244 * @deprecated No longer used by networking |
|
245 */ |
|
246 { |
|
247 public: |
|
248 /** Stops the SSLTimer, if it is running and destructs the object. */ |
|
249 virtual ~CSSLTimers(); |
|
250 |
|
251 /** Creates a new SSL Timer. |
|
252 * |
|
253 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
254 static CSSLTimers *NewL(); |
|
255 |
|
256 /** Starts the SSL timer. |
|
257 * |
|
258 * @param aCallBack Call back function. |
|
259 * @param aTimeout Time. */ |
|
260 void StartSSLTimer(TCallBack aCallBack,TInt aTimeout); |
|
261 |
|
262 /** Stops the timer. */ |
|
263 void StopSSLTimer(); |
|
264 |
|
265 /** Stops and cancels the time recorded by the timer. */ |
|
266 void DoSSLTimerExpired(); |
|
267 private: |
|
268 CSSLTimers(); |
|
269 private: |
|
270 TDeltaTimerEntry iSSLTimer; |
|
271 TDeltaTimerEntry *iSSLTimerH; |
|
272 }; |
|
273 |
|
274 class SSLGlobals |
|
275 /** |
|
276 * @internalComponent |
|
277 * |
|
278 * @deprecated No longer used by networking |
|
279 */ |
|
280 { |
|
281 public: |
|
282 CObjectConIx *iContainer; |
|
283 CObjectCon *iSSLFactories; |
|
284 TInt iSSLUnloadTimeout; |
|
285 TInt iSecureSocketCount; |
|
286 }; |
|
287 |
|
288 class RSSLDialogServer; |
|
289 class CSSLFactory : public CObject |
|
290 /** |
|
291 * Factory base for creating a concrete instance of a CSSLBase. |
|
292 * |
|
293 * @internalComponent |
|
294 * |
|
295 * @since v5.0 |
|
296 * @deprecated No longer used by networking |
|
297 */ |
|
298 { |
|
299 public: |
|
300 CSSLFactory(); |
|
301 virtual ~CSSLFactory(); |
|
302 virtual CSSLProviderBase* NewSecureSocketL(MSSLSocketNotify* aParent); |
|
303 virtual TInt Open(); |
|
304 virtual void Close(); |
|
305 virtual void InitL(RLibrary& aLib, CObjectCon& aCon); |
|
306 virtual TVersion Version() const; |
|
307 // static void Cleanup(TAny* aObject); |
|
308 // static TInt ControlledDelete(TAny* aSSLFactory); |
|
309 void SecureSocketShutdown(CSSLProviderBase *aSecureSocket); |
|
310 // other public members |
|
311 void SetSessionStateL(CSSLSessionState* aState,const TDesC8&);//const TDesC8& aSessionID,const TDesC8& aMasterSecret); |
|
312 TPtrC8 GetSession(const TDesC8&,CSSLSessionState*); |
|
313 void ConstructL(); |
|
314 private: |
|
315 void InitCryptoL(); |
|
316 public: |
|
317 RLibrary iLib; |
|
318 private: |
|
319 // RLibrary iCryptLibrary; |
|
320 // RLibrary iCertLibrary; |
|
321 TDblQue<CSSLProviderBase> iSecureSocketsList; |
|
322 TUint iSecureSocketsCount; |
|
323 CSSLSessionStore *iSessStore; |
|
324 }; |
|
325 |
|
326 class CSSLProviderBase : public CBase |
|
327 /** |
|
328 * Abstract base class for all SSL protocol implementations. |
|
329 * |
|
330 * @internalComponent |
|
331 * |
|
332 * @since v5.0 |
|
333 * |
|
334 * @deprecated No longer used by networking |
|
335 */ |
|
336 { |
|
337 public: |
|
338 friend class CSSLFactory; |
|
339 /** Connection closing type. */ |
|
340 enum TCloseType |
|
341 { |
|
342 /** Normal. */ |
|
343 ENormal, |
|
344 /** Stop input. */ |
|
345 EStopInput, |
|
346 /** Stop output. */ |
|
347 EStopOutput, |
|
348 /** Close immediately. */ |
|
349 EImmediate |
|
350 }; |
|
351 |
|
352 CSSLProviderBase(CSSLFactory& aFactory); |
|
353 virtual ~CSSLProviderBase(); |
|
354 |
|
355 /** Set the notification parent, |
|
356 * |
|
357 * @param aNotify Parent to be notified. */ |
|
358 inline void SetNotify(MSSLSocketNotify* aNotify); |
|
359 public: |
|
360 // NOTE I'VE COPIED THESE DIRECTLY FROM CServProviderBase |
|
361 virtual const TInt GetOption(TUint level,TUint name,TDes8& anOption) =0; |
|
362 virtual void Ioctl(TUint level,TUint name,TDes8* anOption)=0; |
|
363 virtual void CancelIoctl(TUint aLevel,TUint aName)=0; |
|
364 |
|
365 /** Sets an option. |
|
366 * |
|
367 * @param level Integer constant identifying the option. |
|
368 * @param name Option name. |
|
369 * @param anOption Option value packaged in a descriptor. |
|
370 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
371 virtual TInt SetOption(TUint level,TUint name,const TDesC8 &anOption)=0; |
|
372 |
|
373 virtual TUint Write(const TDesC8& aDesc,TUint options,TSockAddr* anAddr=NULL)=0; |
|
374 |
|
375 /** Process the event in the buffer. |
|
376 * |
|
377 * @param aBuf Chain with events to process. */ |
|
378 virtual void Process(RMBufChain& aBuf)=0; |
|
379 |
|
380 virtual void ProcessL(const TDesC8 &aDesc)=0; |
|
381 |
|
382 /** Initiates a connection operation. |
|
383 * |
|
384 * This means that it tells the protocol to |
|
385 * attempt to connect to a peer. It is called by the socket server in response |
|
386 * to a connect request from a client. ActiveOpen() is only ever called on connection-oriented |
|
387 * sockets. Such a socket should always have both the local address and the remote |
|
388 * address specified before ActiveOpen() is called. If this is not the case, |
|
389 * then the protocol should panic. When a connection has completed, the protocol |
|
390 * should call ConnectComplete() on its TNotify. |
|
391 * |
|
392 * If an error occurs during connection the protocol should not call ConnectComplete() |
|
393 * at all; instead it should call Error(). |
|
394 * |
|
395 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
396 virtual TInt ActiveOpen()=0; |
|
397 |
|
398 /** Same as ActiveOpen(), but with user data in the connection frame. |
|
399 * |
|
400 * @param aConnectionData User specified connection data. |
|
401 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
402 virtual TInt ActiveOpen(const TDesC8& aConnectionData)=0; |
|
403 |
|
404 /** Tells the protocol to start waiting for an incoming connection request on this |
|
405 * socket (i.e. port). |
|
406 * |
|
407 * It is called by the socket server in response to a listen request from a client. |
|
408 * |
|
409 * PassiveOpen() is only ever called on connection-oriented sockets. Such a socket |
|
410 * should always have both the local address and the remote address specified |
|
411 * before PassiveOpen() is called. If this is not the case, then the protocol |
|
412 * should panic. |
|
413 * |
|
414 * The protocol should keep a count of sockets in Start state - incrementing |
|
415 * a variable in ConnectComplete(), and decrementing it in Start(). |
|
416 * |
|
417 * When a connection has completed, the protocol should call ConnectComplete() |
|
418 * on its TNotify. |
|
419 * |
|
420 * If an error occurs during connection the protocol should not call ConnectComplete() |
|
421 * at all; instead it should call Error(). |
|
422 * |
|
423 * @param aQueSize The number of sockets which can be waiting for an outstanding |
|
424 * Start() after calling ConnectComplete(). |
|
425 * @return KErrNone if successful; otherwise, a system-wide error code. */ |
|
426 virtual TInt PassiveOpen(TUint aQueSize)=0; |
|
427 |
|
428 /** Same as PassiveOpen(), but with user data in the connection frame. |
|
429 * |
|
430 * @param aQueSize The number of sockets which can be waiting for an outstanding |
|
431 * Start() after calling ConnectComplete(). |
|
432 * @param aConnectionData User specified connection data |
|
433 * @return KErrNone if successful, a system-wide error code if not. */ |
|
434 virtual TInt PassiveOpen(TUint aQueSize,const TDesC8& aConnectionData)=0; |
|
435 |
|
436 /** Terminates a connection (or closes a non connection-oriented socket down). |
|
437 * |
|
438 * Normally, when the socket server has called Shutdown() for a socket, it will |
|
439 * wait for the socket to call CanClose() before destroying the CServProviderBase |
|
440 * object. */ |
|
441 virtual void Shutdown()=0; |
|
442 |
|
443 /** Closes the connection. */ |
|
444 virtual void Close()=0; |
|
445 /** Second phase contructor. |
|
446 * |
|
447 * @param aParent Parent to be notified. */ |
|
448 virtual void ConstructL(MSSLSocketNotify *aParent)=0; |
|
449 /** Indicates that the connection has been completed. */ |
|
450 virtual void ConnectCompleted()=0; |
|
451 |
|
452 public: |
|
453 TDblQueLink iLink; |
|
454 protected: |
|
455 CSSLFactory* iFactory; |
|
456 private: |
|
457 MSSLSocketNotify* iSocket; |
|
458 }; |
|
459 |
|
460 #endif |