Definition of the MSecureSocket class.
Server client certificate mode. Specifies if client certificates will be asked for when in server mode, and also if they are optional or must be provided to complete the handshake successfully.
| Enumerator | Value | Description |
|---|---|---|
| EClientCertModeIgnore |
Client certificates won't be asked for during handshake negotiation. | |
| EClientCertModeOptional |
Client certificates will be requested, but are not compulsory, and the handshake will continue if the client doesn't supply one. | |
| EClientCertModeRequired |
Client certificates must be supplied, and the handshake will fail if the client does not provide a one. |
Untrusted certificate dialog mode. When an untrusted certificate is received, the dialog mode determines if the handshake fails automatically, or if a dialog is displayed allowing the user the option of continuing anyway.
| Enumerator | Value | Description |
|---|---|---|
| EDialogModeAttended |
All untrusted certificates result in a user dialog. | |
| EDialogModeUnattended |
Untrusted certificates are canceled without user confirmation. | |
| EDialogModeAllowAutomatic |
Untrusted certificates are automatically allowed without user confirmation. |
Untrusted certificate validations. These dialugue values are provisioned by the application to TLS. Incase multiple validation selection, respective enums are logically ORed into single 32bit integer and provisioned to TLS. 1. TLS triggers the provisioned dialog in EDialogModeUnattended mode and supresses other dialogue. 2. TLS report KErrNotSupported error in EDialogModeAttended mode.
| Enumerator | Value | Description |
|---|---|---|
| ECertNoValidation | 0 |
No Validation |
| ECertChainHasNoRoot | 0x1 |
Certificate chain has no root |
| ECertSignatureInvalid | 0x2 |
Invalid signature |
| ECertDateOutOfRange | 0x4 |
Date out of range |
| ECertNameIsExcluded | 0x8 |
Name is excluded |
| ECertNameNotPermitted | 0x10 |
Name is not permitted |
| ECertNotCACert | 0x20 |
Not a CA certificate |
| ECertCertificateRevoked | 0x40 |
Certificate revoked |
| ECertUnrecognizedCriticalExtension | 0x80 |
Unrecognized critical extension |
| ECertNoBasicConstraintInCACert | 0x100 |
No basic constraint in CA certificate |
| ECertNoAcceptablePolicy | 0x200 |
No acceptable policy |
| ECertPathTooLong | 0x400 |
Path too long |
| ECertNegativePathLengthSpecified | 0x800 |
Negative path length specified |
| ECertNamesDontChain | 0x1000 |
Names do not chain |
| ECertRequiredPolicyNotFound | 0x2000 |
Required policy not found |
| ECertBadKeyUsage | 0x4000 |
Bad key usage |
| ECertRootCertNotSelfSigned | 0x8000 |
Root certificate not self-signed |
| ECertCriticalExtendedKeyUsage | 0x10000 |
Critical extended key usage |
| ECertCriticalCertPoliciesWithQualifiers | 0x20000 |
Critical certificate policies with qualifiers |
| ECertCriticalPolicyMapping | 0x40000 |
Critical policy mapping |
| ECertCriticalDeviceId | 0x80000 |
Critical Device Id |
| ECertCriticalSid | 0x100000 |
Critical Sid |
| ECertCriticalVid | 0x200000 |
Critical Vid |
| ECertCriticalCapabilities | 0x400000 |
Critical Capabilities |
| ECertAllValidations | 0x7FFFFF |
Logically ORed value of all Certificate Validations |