Qpid Proton C API  0.38.0
tls.h File Reference
#include <proton/import_export.h>
#include <proton/raw_connection.h>

Go to the source code of this file.

Macros

#define PN_TLS_OK
 Error codes. More...
 
#define PN_TLS_INIT_ERR
 Failure in initialization, unrelated to activity with the peer.
 
#define PN_TLS_PROTOCOL_ERR
 Failure in the TLS protocol between peers.
 
#define PN_TLS_AUTHENTICATION_ERR
 Peer authentication failure.
 
#define PN_TLS_STATE_ERR
 Requested action not possible due to session state.
 

Typedefs

typedef struct pn_tls_config_t pn_tls_config_t
 API for using TLS separate from AMQP connections. More...
 
typedef struct pn_tls_t pn_tls_t
 

Enumerations

enum  pn_tls_mode_t { PN_TLS_MODE_CLIENT , PN_TLS_MODE_SERVER }
 Determines the type of TLS endpoint. More...
 
enum  pn_tls_verify_mode_t { PN_TLS_VERIFY_NULL , PN_TLS_VERIFY_PEER , PN_TLS_ANONYMOUS_PEER , PN_TLS_VERIFY_PEER_NAME }
 Determines the level of peer validation. More...
 
enum  pn_tls_cert_subject_subfield {
  PN_TLS_CERT_SUBJECT_COUNTRY_NAME , PN_TLS_CERT_SUBJECT_STATE_OR_PROVINCE , PN_TLS_CERT_SUBJECT_CITY_OR_LOCALITY , PN_TLS_CERT_SUBJECT_ORGANIZATION_NAME ,
  PN_TLS_CERT_SUBJECT_ORGANIZATION_UNIT , PN_TLS_CERT_SUBJECT_COMMON_NAME
}
 Enumeration identifying the sub fields of the subject field in the tls certificate.
 
enum  pn_tls_hash_alg { PN_TLS_SHA1 , PN_TLS_SHA256 , PN_TLS_SHA512 , PN_TLS_MD5 }
 Enumeration identifying hashing algorithm.
 

Functions

PN_TLS_EXTERN pn_tls_config_tpn_tls_config (pn_tls_mode_t mode)
 Create an TLS configuration domain. More...
 
PN_TLS_EXTERN void pn_tls_config_free (pn_tls_config_t *domain)
 Release an TLS configuration domain. More...
 
PN_TLS_EXTERN int pn_tls_config_set_credentials (pn_tls_config_t *domain, const char *credential_1, const char *credential_2, const char *password)
 Set the certificate that identifies the local node to the remote. More...
 
PN_TLS_EXTERN int pn_tls_config_set_trusted_certs (pn_tls_config_t *domain, const char *certificate_db)
 Configure the set of trusted CA certificates used by this domain to verify peers. More...
 
PN_TLS_EXTERN int pn_tls_config_set_peer_authentication (pn_tls_config_t *domain, const pn_tls_verify_mode_t mode, const char *trusted_CAs)
 Configure the level of verification used on the peer certificate. More...
 
PN_TLS_EXTERN int pn_tls_config_set_impl_ciphers (pn_tls_config_t *domain, const char *ciphers)
 Configure the list of permitted ciphers. More...
 
PN_TLS_EXTERN pn_tls_tpn_tls (pn_tls_config_t *domain)
 Create a new TLS session object derived from a domain. More...
 
PN_TLS_EXTERN int pn_tls_start (pn_tls_t *tls)
 Start a TLS session. More...
 
PN_TLS_EXTERN void pn_tls_free (pn_tls_t *tls)
 
PN_TLS_EXTERN bool pn_tls_get_cipher (pn_tls_t *tls, const char **cipher, size_t *size)
 Get the name of the Cipher that is currently in use. More...
 
PN_TLS_EXTERN int pn_tls_get_ssf (pn_tls_t *tls)
 Get the SSF (security strength factor) of the Cipher that is currently in use. More...
 
PN_TLS_EXTERN bool pn_tls_get_protocol_version (pn_tls_t *tls, const char **version, size_t *size)
 Get the name of the TLS protocol that is currently in use. More...
 
PN_TLS_EXTERN int pn_tls_set_peer_hostname (pn_tls_t *tls, const char *hostname)
 Set the expected identity of the remote peer. More...
 
PN_TLS_EXTERN int pn_tls_get_peer_hostname (pn_tls_t *tls, char *hostname, size_t *bufsize)
 Access the configured peer identity. More...
 
PN_TLS_EXTERN const char * pn_tls_get_remote_subject (pn_tls_t *tls)
 Get the subject from the peers certificate. More...
 
PN_TLS_EXTERN int pn_tls_get_cert_fingerprint (pn_tls_t *tls0, char *fingerprint, size_t fingerprint_length, pn_tls_hash_alg hash_alg)
 Get the fingerprint of the certificate. More...
 
PN_TLS_EXTERN const char * pn_tls_get_remote_subject_subfield (pn_tls_t *tls, pn_tls_cert_subject_subfield field)
 Returns a char pointer that contains the value of the sub field of the subject field in the tls certificate. More...
 
PN_TLS_EXTERN bool pn_tls_is_encrypt_output_pending (pn_tls_t *tls)
 
PN_TLS_EXTERN bool pn_tls_is_decrypt_output_pending (pn_tls_t *tls)
 
PN_TLS_EXTERN bool pn_tls_is_secure (pn_tls_t *tls)
 
PN_TLS_EXTERN size_t pn_tls_give_encrypt_output_buffers (pn_tls_t *, pn_raw_buffer_t const *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_give_decrypt_output_buffers (pn_tls_t *, pn_raw_buffer_t const *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_take_decrypt_output_buffers (pn_tls_t *, pn_raw_buffer_t *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_take_encrypt_output_buffers (pn_tls_t *, pn_raw_buffer_t *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_give_encrypt_input_buffers (pn_tls_t *, pn_raw_buffer_t const *bufs, size_t count_bufs)
 
PN_TLS_EXTERN size_t pn_tls_give_decrypt_input_buffers (pn_tls_t *, pn_raw_buffer_t const *bufs, size_t count_bufs)
 
PN_TLS_EXTERN size_t pn_tls_take_encrypt_input_buffers (pn_tls_t *, pn_raw_buffer_t *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_take_decrypt_input_buffers (pn_tls_t *, pn_raw_buffer_t *, size_t count)
 
PN_TLS_EXTERN size_t pn_tls_get_encrypt_input_buffer_capacity (pn_tls_t *)
 
PN_TLS_EXTERN size_t pn_tls_get_decrypt_input_buffer_capacity (pn_tls_t *)
 
PN_TLS_EXTERN bool pn_tls_need_encrypt_output_buffers (pn_tls_t *)
 
PN_TLS_EXTERN bool pn_tls_need_decrypt_output_buffers (pn_tls_t *)
 
PN_TLS_EXTERN size_t pn_tls_get_encrypt_output_buffer_capacity (pn_tls_t *)
 
PN_TLS_EXTERN size_t pn_tls_get_decrypt_output_buffer_capacity (pn_tls_t *)
 
PN_TLS_EXTERN size_t pn_tls_get_decrypt_output_buffer_count (pn_tls_t *)
 
PN_TLS_EXTERN size_t pn_tls_get_encrypt_output_buffer_count (pn_tls_t *)
 
PN_TLS_EXTERN uint32_t pn_tls_get_last_decrypt_output_buffer_size (pn_tls_t *)
 
PN_TLS_EXTERN uint32_t pn_tls_get_last_encrypt_output_buffer_size (pn_tls_t *)
 
PN_TLS_EXTERN void pn_tls_set_encrypt_input_buffer_max_capacity (pn_tls_t *, size_t s)
 
PN_TLS_EXTERN void pn_tls_set_decrypt_input_buffer_max_capacity (pn_tls_t *, size_t s)
 
PN_TLS_EXTERN void pn_tls_set_encrypt_output_buffer_max_capacity (pn_tls_t *, size_t s)
 
PN_TLS_EXTERN void pn_tls_set_decrypt_output_buffer_max_capacity (pn_tls_t *, size_t s)
 
PN_TLS_EXTERN int pn_tls_process (pn_tls_t *tls)
 
PN_TLS_EXTERN int pn_tls_stop (pn_tls_t *tls)
 
PN_TLS_EXTERN bool pn_tls_is_input_closed (pn_tls_t *tls)
 
PN_TLS_EXTERN void pn_tls_close_output (pn_tls_t *tls)
 
PN_TLS_EXTERN int pn_tls_get_session_error (pn_tls_t *tls)
 
PN_TLS_EXTERN size_t pn_tls_get_session_error_string (pn_tls_t *tls, char *buf, size_t buf_len)
 
PN_TLS_EXTERN int pn_tls_config_set_alpn_protocols (pn_tls_config_t *domain, const char **protocols, size_t protocol_count)
 Provide an ordered list of application protols for RFC 7301 negotiation. More...
 
PN_TLS_EXTERN bool pn_tls_get_alpn_protocol (pn_tls_t *tls, const char **protocol_name, size_t *size)
 Get the name of the negotiated application protocol. More...
 

Detailed Description