Developer

API Reference

SSLSecurityInfo

Brew Release
Brew MP 1.0.2
See Also
ISSL_Negotiate(), ISSL_NegotiateV(), ISSL_Renegotiate(), ISSL_RenegotiateV()
Description
This data type is a negotiated SSL security level including cipher suite.
Members
  • uProtoVersion:       SSL protocol version negotiated. One of SSL_VERSION_*
  • uKeyExchange:        The key exchange algorithm. One of SSL_KEYPROT_*
  • uCryptAlgo:          Symmetric algorithm negotiated. One of SSL_CRYPT_*
  • uHashAlgo:           Hash function negotiated. One of SSL_HASH_*
  • uCipherSuite:        Cipher suite negotiated. One of SSL_CSUITE_*  
    
Definition
   typedef struct {
      uint16  uProtoVersion; 
      uint8   uKeyExchange;
      uint8   uCryptAlgo;
      uint8   uHashAlgo;
      uint16  uCipherSuite;
   } SSLSecurityInfo;;
Comment
When the security level negotiated for the current session is reported it is in the SSLSecurityInfo data structure.
The following constants define the protocol version. SSL versions prior to 3.0 are not supported.
   SSL_VERSION_30             SSL version 3.0
   SSL_VERSION_TLS10          TLS version 1.0
   SSL_VERSION_UNKNOWN        Protocol unknown

The following constants define the key exchange / agreement / protection scheme or algorithm. Note that all of these algorithms may not be available with a particular version of BREW or on a particular handset.
   SSL_KEYPROT_NONE           No key exchange       
   SSL_KEYPROT_DH_ANONYMOUS   Anonymous Diffie-Hellman
   SSL_KEYPROT_DH_EPHEMERAL   Ephemeral Diffie-Hellman   
   SSL_KEYPROT_DH_DSS_SIGN    Diffie-Hellman w/ DSS signature
   SSL_KEYPROT_DH_RSA_SIGN    Diffie-Hellman w/ RSA signature
   SSL_KEYPROT_DH_DSS_CERT    Diffie-Hellman w/ DSS certificate
   SSL_KEYPROT_DH_RSA_CERT    Diffie-Hellman w/ RSA certificate
   SSL_KEYPROT_RSA            Standard RSA with certs
   SSL_KEYPROT_UNKNOWN        Don't know what the exchange was

The following constants define the symmetric cipher used. Note that just because a constant is defined here doesn't mean that a particular version of BREW or handset supports it. ARC4 is generally always available and performs well. This is the same algorithm in the cipher suite separated out for convenience.
   SSL_CRYPT_NONE            No encryption
   SSL_CRYPT_RC4             ARC4 algorithm
   SSL_CRYPT_DES             DES algorithm
   SSL_CRYPT_3DES            3DES algorithm
   SSL_CRYPT_SEED            SEED algorithm
   SSL_CRYPT_AES             AES128 algorithm
   SSL_CRYPT_AES128          AES128 algorithm
   SSL_CRYPT_AES256          AES256 algorithm
   SSL_CRYPT_UNKNOWN         Don't know what was used 

The following constants define the hash function used. They are usually available with any BREW version or handsets.
   SSL_HASH_NONE             No hash function 
   SSL_HASH_SHA              SHA-1 hash function 
   SSL_HASH_MD5              MD5 hash function 
   SSL_HASH_UNKNOWN          Don't know what was used 

The following constants indicate the cipher suite used. This is some what redundant with the above set of constants, but included for convenience. Not all cipher suites are supported on a given version of BREW or a given handset. They correspond to the standard cipher suites for SSL and TLS.
   SSL_CSUITE_RSA_WITH_RC4_128_MD5  
   SSL_CSUITE_RSA_WITH_RC4_128_SHA  
   SSL_CSUITE_RSA_WITH_DES_CBC_SHA   
   SSL_CSUITE_RSA_WITH_3DES_EDE_CBC_SHA  
   SSL_CSUITE_RSA_WITH_SEED_CBC_SHA
   SSL_CSUITE_RSA_WITH_AES_128_CBC_SHA
   SSL_CSUITE_RSA_WITH_AES_256_CBC_SHA
   SSL_CSUITE_UNKNOWN  

The above constants are also used to request a particular set of protocol versions and cipher suites before a negotiation.
  • Follow