SecPkgContext_ConnectionInfo structure (schannel.h)

Article
01/26/2024

The SecPkgContext_ConnectionInfo structure contains protocol and cipher information. This structure is used by the InitializeSecurityContext (Schannel) function.

This attribute is supported only by the Schannel security support provider (SSP).

Syntax

typedef struct _SecPkgContext_ConnectionInfo {
  DWORD  dwProtocol;
  ALG_ID aiCipher;
  DWORD  dwCipherStrength;
  ALG_ID aiHash;
  DWORD  dwHashStrength;
  ALG_ID aiExch;
  DWORD  dwExchStrength;
} SecPkgContext_ConnectionInfo, *PSecPkgContext_ConnectionInfo;

Members

dwProtocol

Protocol used to establish this connection. The following table describes the constants valid for this member.

Value	Meaning
SP_PROT_SSL2_CLIENT 8 (0x8)	Secure Sockets Layer 2.0 client-side. Superseded by SP_PROT_TLS1_CLIENT.
SP_PROT_SSL2_SERVER 4 (0x4)	Secure Sockets Layer 2.0 server-side. Superseded by SP_PROT_TLS1_SERVER.
SP_PROT_SSL3_CLIENT 32 (0x20)	Secure Sockets Layer 3.0 client-side.
SP_PROT_SSL3_SERVER 16 (0x10)	Secure Sockets Layer 3.0 server-side.
SP_PROT_TLS1_0_CLIENT 128 (0x80)	Transport Layer Security 1.0 client-side.
SP_PROT_TLS1_0_SERVER 64 (0x40)	Transport Layer Security 1.0 server-side.
SP_PROT_TLS1_1_CLIENT 512 (0x200)	Transport Layer Security 1.1 client-side.
SP_PROT_TLS1_1_SERVER 256 (0x100)	Transport Layer Security 1.1 server-side.
SP_PROT_TLS1_2_CLIENT 2048 (0x800)	Transport Layer Security 1.2 client-side.
SP_PROT_TLS1_2_SERVER 1024 (0x400)	Transport Layer Security 1.2 server-side.
SP_PROT_TLS1_3_CLIENT 8192 (0x2000)	Transport Layer Security 1.3 client-side.
SP_PROT_TLS1_3_SERVER 4096 (0x1000)	Transport Layer Security 1.3 server-side.
SP_PROT_DTLS1_0_CLIENT 131072 (0x00020000)	Datagram Transport Layer Security 1.0 client-side.
SP_PROT_DTLS1_0_SERVER 65536 (0x00010000)	Datagram Transport Layer Security 1.0 server-side.
SP_PROT_DTLS1_2_CLIENT 524288 (0x00080000)	Datagram Transport Layer Security 1.2 client-side.
SP_PROT_DTLS1_2_SERVER 262144 (0x00040000)	Datagram Transport Layer Security 1.2 server-side.

aiCipher

Algorithm identifier (ALG_ID) for the bulk encryption cipher used by this connection. The following table describes the constants valid for this member.

Value	Meaning
CALG_3DES	3DES block encryption algorithm
CALG_AES_128	AES 128-bit encryption algorithm
CALG_AES_256	AES 256-bit encryption algorithm
CALG_DES	DES encryption algorithm
CALG_RC2	RC2 block encryption algorithm
CALG_RC4	RC4 stream encryption algorithm
0 (Zero)	No encryption

dwCipherStrength

Strength of the bulk encryption cipher, in bits. Can be one of the following values: 0, 40, 56, 128, 168, or 256.

aiHash

ALG_ID indicating the hash used for generating Message Authentication Codes (MACs). The following table describes the constants valid for this member.

Value	Meaning
CALG_MD5	MD5 hashing algorithm.
CALG_SHA	SHA hashing algorithm.

dwHashStrength

Strength of the hash, in bits: 128 or 160.

aiExch

ALG_ID indicating the key exchange algorithm used to generate the shared master secret. The following table describes the constants valid for this member.

Value	Meaning
ALG_TYPE_ANY	Any key exchange algorithm.
CALG_RSA_KEYX	RSA key exchange.
CALG_DH_EPHEM	Diffie-Hellman key exchange.

dwExchStrength

Key length, in bits. For RSA key exchange, this member will typically contain one of the following values: 512, 768, 1024, or 2048. For Diffie-Hellman key exchange, this member will typically contain one of the following values: 224, 256, 384 or 512.

Requirements

Requirement	Value
Minimum supported client	Windows XP [desktop apps only]
Minimum supported server	Windows Server 2003 [desktop apps only]
Header	schannel.h

Share via

SecPkgContext_ConnectionInfo structure (schannel.h)

Syntax

Members

Requirements

Feedback

Additional resources