- This page is part of the SSL Reference that we are migrating into the format described in the MDN Style Guide. If you are inclined to help with this migration, your help would be very much appreciated.
- Upgraded documentation may be found in the Current NSS Reference
Overview of an SSL Application
Chapter 1
Overview of an SSL Application
SSL and related APIs allow compliant applications to configure sockets for authenticated, tamper-proof, and encrypted communications. This chapter introduces some of the basic SSL functions. Chapter 2, "Getting Started With SSL" illustrates their use in sample client and server applications.
An SSL application typically includes five parts:
Initialization
Configuration
Communication
Functions Used by Callbacks
Cleanup
WARNING: Some of the SSL header files provided as part of NSS 2.0 include both public APIs documented in the NSS 2.0 documentation set and private APIs intended for internal use by the NSS implementation of SSL. You should use only the SSL APIs (and related certificate, key, and PKCS #11 APIs) that are described in this document, the SSL Reference. Other APIs that may be exposed in the header files are not supported for application use.
Initialization
-
PR_Init
. Initializes NSPR. Must be called before any other NSS functions. -
PK11_SetPasswordFunc
. Sets the global callback function to obtain passwords for PKCS #11 modules. Required. -
NSS_Init
. Sets up configuration files and performs other tasks required to run Network Security Services.NSS_Init
is not idempotent, so call it only once. Required. -
SSL_OptionSetDefault
. Changes default values for all subsequently opened sockets as long as the application is running (compare withSSL_SetURL
which only configures the socket that is currently open). This function must be called once for each default value that needs to be changed. Optional. -
NSS_SetDomesticPolicy
,NSS_SetExportPolicy
,NSS_SetFrancePolicy
, orSSL_CipherPolicySet
. These functions tell the library which cipher suites are permitted by policy (for example, to comply with export restrictions). Cipher suites disabled by policy cannot be enabled by user preference. One of these functions must be called before any cryptographic operations can be performed with NSS. -
SSL_CipherPrefSetDefault
. Enables all ciphers chosen by user preference. Optional.
Initializing Caches
By default, SSL allocates one session cache. This default cache is called the client session ID cache, (also known as the client session cache, or simply the client cache). The client cache is used for all sessions where the program handshakes as an SSL client. It is not configurable. You can initialize the client cache with the function SSL_ClearSessionCache
.
If an application will use SSL sockets that handshake as a server, you must specifically create and configure a server cache, using either SSL_ConfigServerSessionIDCache
or SSL_ConfigMPServerSIDCache
. The server cache is used for all sessions where the program handshakes as an SSL server.
-
SSL_ClearSessionCache
. Clears all sessions from the client session cache. Optional. -
SSL_ConfigServerSessionIDCache
. Sets up parameters for a server session cache for a single-process application. Required for single-process server applications. -
SSL_ConfigMPServerSIDCache
. Sets up parameters for a server cache for a multi-process application. Required for multi-process server applications. You can use either this function orSSL_ConfigServerSessionIDCache
, not both.
Configuration
-
PR_NewTCPSocket
. Opens a new socket. A legal NSPR socket is required to be passed toSSL_ImportFD
, whether it is created with this function or by another method. -
SSL_ImportFD
. Makes an NSPR socket into an SSL socket. Required. Brings an ordinary NSPR socket into the SSL library, returning a new NSPR socket that can be used to make SSL calls. You can pass this function a model file descriptor to create the new SSL socket with the same configuration state as the model.
It is also possible for an application to import a socket into SSL after the TCP connection on that socket has already been established. In this case, initial configuration takes place in the same way: pass the existing NSPR file descriptor to SSL_ImportFD
and perform any additional configuration that has not already been determined by the model file descriptor.
Configuration functions control the configuration of an individual socket.
-
PR_GetSocketOption
. Retrieves the socket options currently set for a specified socket. Optional. -
PR_SetSocketOption
. Sets the socket options for a specified socket., including making it blocking or nonblocking. Optional. -
SSL_OptionSet
. Sets a single configuration parameter of a specified socket. This function must be called once for each parameter whose settings you want to change from those established withSSL_OptionSetDefault
. Optional. -
SSL_ConfigSecureServer
. For servers only. Configures the socket with the information needed to handshake as an SSL server. Required for servers. -
SSL_SetURL
. For clients only. Records the target server URL for comparison with the URL specified by the server certificate. Required for clients.
-
SSL_SetPKCS11PinArg
. Sets the argument passed to the PKCS #11 password callback function. Required. -
SSL_AuthCertificateHook
. Specifies a callback function used to authenticate an incoming certificate (optional for servers, necessary for clients to avoid "man-in-the-middle" attacks). Optional. If not specified, SSL uses the default callback function,SSL_AuthCertificate
. -
SSL_BadCertHook
. Specifies a callback function to deal with a situation where authentication has failed. Optional. -
SSL_GetClientAuthDataHook
. Specifies a callback function for SSL to use when the server asks for client authentication information. This callback is required if you want to do client authentication. You can set the callback function to a standard one that is provided,NSS_GetClientAuthData
. -
SSL_HandshakeCallback
. Specifies a callback function that will be used by SSL to inform either a client application or a server application when the SSL handshake is completed. Optional.
Communication
Communication between SSL sockets always begins with the SSL handshake. The handshake occurs automatically the first time communication is requested with a socket read/write or send/receive call. It is also possible to force the handshake explicitly with SSL_ForceHandshake
or repeat it explicitly with SSL_ReHandshake
.
A server application typically uses these functions to establish a connection:
PR_Bind
PR_Listen
PR_Accept
PR_GetSockName
A client application typically uses these functions to establish a connection:
PR_GetHostByName
PR_EnumerateHostEnt
PR_Connect
PR_GetConnectStatus
When an application imports a socket into SSL after the TCP connection on that socket has already been established, it must call SSL_ResetHandshake to determine whether SSL should behave like an SSL client or an SSL server. Note that this step would not be necessary if the socket weren't already connected. For an SSL socket that is configured before it is connected, SSL figures this out when the application calls PR_Connect
or PR_Accept
. If the socket is already connected before SSL gets involved, you must provide this extra hint.
Functions that can be used by both clients and servers during communication include the following:
PR_Send
or PR_Write
PR_Read
or PR_Recv
PR_GetError
PR_GetPeerName
PR_Sleep
PR_Malloc
PR_Free
PR_Poll
PR_Now
PR_IntervalToMilliseconds
PR_MillisecondsToInterval
PR_Shutdown
PR_Close
SSL_InvalidateSession
Use SSL_ForceHandshake
when the socket has been prepared for a handshake but neither end has anything to say immediately. This occurs, for example, when an HTTPS server has received a request and determines that before it can answer the request, it needs to request an authentication certificate from the client. At the HTTP protocol level, nothing more is being said (that is, no HTTP request or response is being sent), so the server first uses SSL_ReHandshake
to begin a new handshake and then call SSL_ForceHandshake
to drive the handshake to completion.
Functions Used by Callbacks
CERT_CheckCertValidTimes
CERT_GetDefaultCertDB
CERT_DestroyCertificate
CERT_DupCertificate
CERT_FindCertByName
CERT_FreeNicknames
CERT_GetCertNicknames
CERT_VerifyCertName
CERT_VerifyCertNow
PK11_FindCertFromNickname
PK11_FindKeyByAnyCert
PK11_SetPasswordFunc
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
SSL_PeerCertificate
SSL_RevealURL
SSL_RevealPinArg
Cleanup
This portion of an SSL-enabled application consists primarily of closing the socket and freeing memory. After these tasks have been performed, call NSS_Shutdown
to close the certificate and key databases opened by NSS_Init
, and PR_Cleanup
to coordinate a graceful shutdown of NSPR.