conexus logo

Conexus::NSS Namespace Reference


Classes

class  Certificate
class  CertificateDB
class  CertificateNicknames
class  PK11Slot
class  PrivateKey
class  SSLSocket
 A NSS based SSL endpoint. More...
struct  password_accumulator

Typedefs

typedef enum
Conexus::NSS::EXPORT_POLICY 
EXPORT_POLICY
typedef enum Conexus::NSS::POLICY POLICY
typedef enum
Conexus::NSS::CERT_USAGE 
CERT_USAGE
typedef enum
Conexus::NSS::CERT_VALIDITY 
CERT_VALIDITY
typedef enum
Conexus::NSS::NICKNAMES 
NICKNAMES
typedef enum Conexus::NSS::KEA KEA
typedef enum
Conexus::NSS::SECURITY_STATUS 
SECURITY_STATUS

Enumerations

enum  EXPORT_POLICY { EXPORT_NONE, US_DOMESTIC, US_EXPORTABLE, FRANCE }
enum  POLICY { ALLOWED = SSL_ALLOWED, RESTRICTED = SSL_RESTRICTED, NOT_ALLOWED = SSL_NOT_ALLOWED }
enum  CERT_USAGE {
  USAGE_SSL_CLIENT = certUsageSSLClient, USAGE_SSL_SERVER = certUsageSSLServer, USAGE_SSL_SERVER_WITH_STEP_UP = certUsageSSLServerWithStepUp, USAGE_SSLCA = certUsageSSLCA,
  USAGE_EMAIL_SIGNER = certUsageEmailSigner, USAGE_EMAIL_RECIPIENT = certUsageEmailRecipient, USAGE_OBJECT_SIGNER = certUsageObjectSigner, USAGE_USER_CERT_IMPORT = certUsageUserCertImport,
  USAGE_VERIFY_CA = certUsageVerifyCA, USAGE_PROTECTED_OBJECT_SIGNER = certUsageProtectedObjectSigner
}
enum  CERT_VALIDITY { VALID = secCertTimeValid, EXPIRED = secCertTimeExpired, NOT_VALID_YET = secCertTimeNotValidYet }
enum  NICKNAMES { NICKNAMES_ALL = SEC_CERT_NICKNAMES_ALL, NICKNAMES_USER = SEC_CERT_NICKNAMES_USER, NICKNAMES_SERVER = SEC_CERT_NICKNAMES_SERVER, NICKNAMES_CA = SEC_CERT_NICKNAMES_CA }
enum  KEA {
  KEA_NONE = kt_null, RSA = kt_rsa, DH = kt_dh, FORTEZZA = kt_fortezza,
  KEA_SIZE = kt_kea_size
}
enum  SECURITY_STATUS { STATUS_OFF = 0, STATUS_ON_HIGH = 1, STATUS_ON_LOW = 2 }

Functions

char * pk11_password_callback (PK11SlotInfo *slot, PRBool retry, void *arg)
bool init (bool use_dispatcher_default=false, const std::string &nss_config_dir=std::string(), EXPORT_POLICY policy=EXPORT_NONE, bool read_write=false)
 Sets up configuration files and performs other tasks required to run Network Security Services.
bool initialized ()
bool set_ssl_default_option (uint32_t option, bool on)
bool is_ssl_default_option_set (uint32_t option)
bool enable_default_cipher (uint32_t cipher, bool enabled)
bool is_default_cipher_enabled (uint32_t cipher)
void clear_session_cache ()
bool configure_server_session_cache (int max_cache_entries, uint32_t timeout, uint32_t ssl3_timeout, const char *cache_directory, bool multi_processor)
bool inherit_server_session_cache (const char *env_string)
bool set_export_policy (EXPORT_POLICY export_policy)
bool set_cipher_policy (uint32_t cipher, POLICY policy)
POLICY get_cipher_policy (uint32_t cipher)
long int send_client_hello_cache_hits ()
long int send_client_hello_cache_misses ()
long int send_client_hello_cache_not_ok ()
long int handle_server_hello_cache_hits ()
long int handle_server_hello_cache_misses ()
long int handle_server_hello_cache_not_ok ()
long int handle_client_hello_cache_hits ()
long int handle_client_hello_cache_misses ()
long int handle_client_hello_cache_not_ok ()
void finalize ()
void set_nss_password_function (PK11PasswordFunc func)
char * default_nss_password_function (PK11SlotInfo *slot, PRBool retry, void *arg)
void disable_all_ssl_ciphers ()

Variables

bool __initialized = false
sigc::signal< std::string,
PK11SlotInfo *, PRBool, void * >
::accumulated
< password_accumulator
signal_pk11_password_request

Typedef Documentation


Enumeration Type Documentation

Enumerator:
USAGE_SSL_CLIENT 
USAGE_SSL_SERVER 
USAGE_SSL_SERVER_WITH_STEP_UP 
USAGE_SSLCA 
USAGE_EMAIL_SIGNER 
USAGE_EMAIL_RECIPIENT 
USAGE_OBJECT_SIGNER 
USAGE_USER_CERT_IMPORT 
USAGE_VERIFY_CA 
USAGE_PROTECTED_OBJECT_SIGNER 

Enumerator:
VALID 
EXPIRED 
NOT_VALID_YET 

Enumerator:
EXPORT_NONE 
US_DOMESTIC 
US_EXPORTABLE 
FRANCE 

Enumerator:
KEA_NONE 
RSA 
DH 
FORTEZZA 
KEA_SIZE 

Enumerator:
NICKNAMES_ALL 
NICKNAMES_USER 
NICKNAMES_SERVER 
NICKNAMES_CA 

Enumerator:
ALLOWED 
RESTRICTED 
NOT_ALLOWED 

Enumerator:
STATUS_OFF 
STATUS_ON_HIGH 
STATUS_ON_LOW 


Function Documentation

void Conexus::NSS::clear_session_cache (  ) 

bool Conexus::NSS::configure_server_session_cache ( int  max_cache_entries,
uint32_t  timeout,
uint32_t  ssl3_timeout,
const char *  cache_directory,
bool  multi_processor 
)

char* Conexus::NSS::default_nss_password_function ( PK11SlotInfo *  slot,
PRBool  retry,
void *  arg 
)

void Conexus::NSS::disable_all_ssl_ciphers (  ) 

bool Conexus::NSS::enable_default_cipher ( uint32_t  cipher,
bool  enabled 
)

void Conexus::NSS::finalize (  ) 

POLICY Conexus::NSS::get_cipher_policy ( uint32_t  cipher  ) 

long int Conexus::NSS::handle_client_hello_cache_hits (  ) 

long int Conexus::NSS::handle_client_hello_cache_misses (  ) 

long int Conexus::NSS::handle_client_hello_cache_not_ok (  ) 

long int Conexus::NSS::handle_server_hello_cache_hits (  ) 

long int Conexus::NSS::handle_server_hello_cache_misses (  ) 

long int Conexus::NSS::handle_server_hello_cache_not_ok (  ) 

bool Conexus::NSS::inherit_server_session_cache ( const char *  env_string  ) 

bool Conexus::NSS::init ( bool  use_dispatcher_default = false,
const std::string &  nss_config_dir = std::string(),
EXPORT_POLICY  policy = EXPORT_NONE,
bool  read_write = false 
)

Sets up configuration files and performs other tasks required to run Network Security Services.

Parameters:
nss_config_dir C string containing the pathname of the directory where the certificate, key and security module databases reside. If NULL, NSS is initialized in a no-certificate-database mode. Certificate databases are required for SSL communication.
policy Sets the default cipher suite policy if anything other than POLICY_NONE
read_write Opens the certificate database in a read/write mode.

References __initialized, Conexus::initialized(), Conexus::NSPR::initialized(), pk11_password_callback(), and set_export_policy().

bool Conexus::NSS::initialized (  ) 

References __initialized.

bool Conexus::NSS::is_default_cipher_enabled ( uint32_t  cipher  ) 

bool Conexus::NSS::is_ssl_default_option_set ( uint32_t  option  ) 

char* Conexus::NSS::pk11_password_callback ( PK11SlotInfo *  slot,
PRBool  retry,
void *  arg 
)

References signal_pk11_password_request.

Referenced by init().

long int Conexus::NSS::send_client_hello_cache_hits (  ) 

long int Conexus::NSS::send_client_hello_cache_misses (  ) 

long int Conexus::NSS::send_client_hello_cache_not_ok (  ) 

bool Conexus::NSS::set_cipher_policy ( uint32_t  cipher,
POLICY  policy 
)

bool Conexus::NSS::set_export_policy ( EXPORT_POLICY  export_policy  ) 

References EXPORT_NONE, FRANCE, US_DOMESTIC, and US_EXPORTABLE.

Referenced by init().

void Conexus::NSS::set_nss_password_function ( PK11PasswordFunc  func  ) 

bool Conexus::NSS::set_ssl_default_option ( uint32_t  option,
bool  on 
)


Variable Documentation

Referenced by init(), and initialized().

sigc::signal< std::string, PK11SlotInfo *, PRBool, void * >::accumulated< password_accumulator > Conexus::NSS::signal_pk11_password_request

Referenced by pk11_password_callback().


Generated on Wed Jul 8 15:51:29 2009 for conexus by doxygen 1.5.8