SecPkgContext_ConnectionInfo structure (schannel.h)

The SecPkgContext_ConnectionInfo structure contains protocol and cipher information. This structure is used by the InitializeSecurityContext (Schannel) function.

This attribute is supported only by the Schannel security support provider (SSP).

Syntax

typedef struct _SecPkgContext_ConnectionInfo {
  DWORD  dwProtocol;
  ALG_ID aiCipher;
  DWORD  dwCipherStrength;
  ALG_ID aiHash;
  DWORD  dwHashStrength;
  ALG_ID aiExch;
  DWORD  dwExchStrength;
} SecPkgContext_ConnectionInfo, *PSecPkgContext_ConnectionInfo;

Members

dwProtocol

Protocol used to establish this connection. The following table describes the constants valid for this member.

Value Meaning
SP_PROT_SSL2_CLIENT
8 (0x8)
Secure Sockets Layer 2.0 client-side. Superseded by SP_PROT_TLS1_CLIENT.
SP_PROT_SSL2_SERVER
4 (0x4)
Secure Sockets Layer 2.0 server-side. Superseded by SP_PROT_TLS1_SERVER.
SP_PROT_SSL3_CLIENT
32 (0x20)
Secure Sockets Layer 3.0 client-side.
SP_PROT_SSL3_SERVER
16 (0x10)
Secure Sockets Layer 3.0 server-side.
SP_PROT_TLS1_0_CLIENT
128 (0x80)
Transport Layer Security 1.0 client-side.
SP_PROT_TLS1_0_SERVER
64 (0x40)
Transport Layer Security 1.0 server-side.
SP_PROT_TLS1_1_CLIENT
512 (0x200)
Transport Layer Security 1.1 client-side.
SP_PROT_TLS1_1_SERVER
256 (0x100)
Transport Layer Security 1.1 server-side.
SP_PROT_TLS1_2_CLIENT
2048 (0x800)
Transport Layer Security 1.2 client-side.
SP_PROT_TLS1_2_SERVER
1024 (0x400)
Transport Layer Security 1.2 server-side.
SP_PROT_TLS1_3_CLIENT
8192 (0x2000)
Transport Layer Security 1.3 client-side.
SP_PROT_TLS1_3_SERVER
4096 (0x1000)
Transport Layer Security 1.3 server-side.
SP_PROT_DTLS1_0_CLIENT
131072 (0x00020000)
Datagram Transport Layer Security 1.0 client-side.
SP_PROT_DTLS1_0_SERVER
65536 (0x00010000)
Datagram Transport Layer Security 1.0 server-side.
SP_PROT_DTLS1_2_CLIENT
524288 (0x00080000)
Datagram Transport Layer Security 1.2 client-side.
SP_PROT_DTLS1_2_SERVER
262144 (0x00040000)
Datagram Transport Layer Security 1.2 server-side.

aiCipher

Algorithm identifier (ALG_ID) for the bulk encryption cipher used by this connection. The following table describes the constants valid for this member.

Value Meaning
CALG_3DES
3DES block encryption algorithm
CALG_AES_128
AES 128-bit encryption algorithm
CALG_AES_256
AES 256-bit encryption algorithm
CALG_DES
DES encryption algorithm
CALG_RC2
RC2 block encryption algorithm
CALG_RC4
RC4 stream encryption algorithm
0 (Zero)
No encryption

dwCipherStrength

Strength of the bulk encryption cipher, in bits. Can be one of the following values: 0, 40, 56, 128, 168, or 256.

aiHash

ALG_ID indicating the hash used for generating Message Authentication Codes (MACs). The following table describes the constants valid for this member.

Value Meaning
CALG_MD5
MD5 hashing algorithm.
CALG_SHA
SHA hashing algorithm.

dwHashStrength

Strength of the hash, in bits: 128 or 160.

aiExch

ALG_ID indicating the key exchange algorithm used to generate the shared master secret. The following table describes the constants valid for this member.

Value Meaning
ALG_TYPE_ANY
Any key exchange algorithm.
CALG_RSA_KEYX
RSA key exchange.
CALG_DH_EPHEM
Diffie-Hellman key exchange.

dwExchStrength

Key length, in bits. For RSA key exchange, this member will typically contain one of the following values: 512, 768, 1024, or 2048. For Diffie-Hellman key exchange, this member will typically contain one of the following values: 224, 256, 384 or 512.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header schannel.h