Qpid Proton C API  0.32.0
ssl.h File Reference

SSL secure transport layer. More...

#include <proton/import_export.h>
#include <proton/type_compat.h>
#include <proton/types.h>

Go to the source code of this file.

Typedefs

typedef struct pn_ssl_domain_t pn_ssl_domain_t
 API for using SSL with the Transport Layer. More...
 
typedef struct pn_ssl_t pn_ssl_t
 

Enumerations

enum  pn_ssl_mode_t { PN_SSL_MODE_CLIENT, PN_SSL_MODE_SERVER }
 Determines the type of SSL endpoint. More...
 
enum  pn_ssl_resume_status_t { PN_SSL_RESUME_UNKNOWN, PN_SSL_RESUME_NEW, PN_SSL_RESUME_REUSED }
 Indicates whether an SSL session has been resumed. More...
 
enum  pn_ssl_verify_mode_t { PN_SSL_VERIFY_NULL, PN_SSL_VERIFY_PEER, PN_SSL_ANONYMOUS_PEER, PN_SSL_VERIFY_PEER_NAME }
 Determines the level of peer validation. More...
 
enum  pn_ssl_cert_subject_subfield {
  PN_SSL_CERT_SUBJECT_COUNTRY_NAME, PN_SSL_CERT_SUBJECT_STATE_OR_PROVINCE, PN_SSL_CERT_SUBJECT_CITY_OR_LOCALITY, PN_SSL_CERT_SUBJECT_ORGANIZATION_NAME,
  PN_SSL_CERT_SUBJECT_ORGANIZATION_UNIT, PN_SSL_CERT_SUBJECT_COMMON_NAME
}
 Enumeration identifying the sub fields of the subject field in the ssl certificate.
 
enum  pn_ssl_hash_alg { PN_SSL_SHA1, PN_SSL_SHA256, PN_SSL_SHA512, PN_SSL_MD5 }
 Enumeration identifying hashing algorithm.
 

Functions

bool pn_ssl_present (void)
 Tests for SSL implementation present. More...
 
pn_ssl_domain_tpn_ssl_domain (pn_ssl_mode_t mode)
 Create an SSL configuration domain. More...
 
void pn_ssl_domain_free (pn_ssl_domain_t *domain)
 Release an SSL configuration domain. More...
 
int pn_ssl_domain_set_credentials (pn_ssl_domain_t *domain, const char *credential_1, const char *credential_2, const char *password)
 Set the certificate that identifies the local node to the remote. More...
 
int pn_ssl_domain_set_trusted_ca_db (pn_ssl_domain_t *domain, const char *certificate_db)
 Configure the set of trusted CA certificates used by this domain to verify peers. More...
 
int pn_ssl_domain_set_peer_authentication (pn_ssl_domain_t *domain, const pn_ssl_verify_mode_t mode, const char *trusted_CAs)
 Configure the level of verification used on the peer certificate. More...
 
int pn_ssl_domain_set_protocols (pn_ssl_domain_t *domain, const char *protocols)
 Configure the list of permitted TLS protocols. More...
 
int pn_ssl_domain_set_ciphers (pn_ssl_domain_t *domain, const char *ciphers)
 Configure the list of permitted ciphers. More...
 
int pn_ssl_domain_allow_unsecured_client (pn_ssl_domain_t *domain)
 Deprecated - Use pn_transport_require_encryption() More...
 
pn_ssl_tpn_ssl (pn_transport_t *transport)
 Create a new SSL session object associated with a transport. More...
 
int pn_ssl_init (pn_ssl_t *ssl, pn_ssl_domain_t *domain, const char *session_id)
 Initialize an SSL session. More...
 
bool pn_ssl_get_cipher_name (pn_ssl_t *ssl, char *buffer, size_t size)
 Get the name of the Cipher that is currently in use. More...
 
int pn_ssl_get_ssf (pn_ssl_t *ssl)
 Get the SSF (security strength factor) of the Cipher that is currently in use. More...
 
bool pn_ssl_get_protocol_name (pn_ssl_t *ssl, char *buffer, size_t size)
 Get the name of the SSL protocol that is currently in use. More...
 
pn_ssl_resume_status_t pn_ssl_resume_status (pn_ssl_t *ssl)
 Check whether the state has been resumed. More...
 
int pn_ssl_set_peer_hostname (pn_ssl_t *ssl, const char *hostname)
 Set the expected identity of the remote peer. More...
 
int pn_ssl_get_peer_hostname (pn_ssl_t *ssl, char *hostname, size_t *bufsize)
 Access the configured peer identity. More...
 
const char * pn_ssl_get_remote_subject (pn_ssl_t *ssl)
 Get the subject from the peers certificate. More...
 
int pn_ssl_get_cert_fingerprint (pn_ssl_t *ssl0, char *fingerprint, size_t fingerprint_length, pn_ssl_hash_alg hash_alg)
 Get the fingerprint of the certificate. More...
 
const char * pn_ssl_get_remote_subject_subfield (pn_ssl_t *ssl0, pn_ssl_cert_subject_subfield field)
 Returns a char pointer that contains the value of the sub field of the subject field in the ssl certificate. More...
 

Detailed Description

SSL secure transport layer.