HTTP Services: Difference between revisions
| Line 342: | Line 342: | ||
| Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s). | Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s). | ||
| RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only  | RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only 2. | ||
| When using the context-specific RootCA commands such as [[HTTPC:AddTrustedRootCA]] where [[HTTPC:SelectRootCertChain]] was already used, the cert will just be added to the selected RootCertChain. | When using the context-specific RootCA commands such as [[HTTPC:AddTrustedRootCA]] where [[HTTPC:SelectRootCertChain]] was already used, the cert will just be added to the selected RootCertChain. | ||
Revision as of 04:27, 1 April 2016
HTTP service "http:C"
| Command Header | Available since system-version | Available from service-sessions | Description | 
|---|---|---|---|
| 0x00010044 | 1.0.0-0 | Initialize | |
| 0x00020082 | 1.0.0-0 | Main-only | CreateContext | 
| 0x00030040 | 1.0.0-0 | All | CloseContext | 
| 0x00040040 | 1.0.0-0 | CancelConnection | |
| 0x00050040 | 1.0.0-0 | GetRequestState | |
| 0x00060040 | 1.0.0-0 | GetDownloadSizeState | |
| 0x00070040 | 1.0.0-0 | GetRequestError | |
| 0x00080042 | 1.0.0-0 | InitializeConnectionSession | |
| 0x00090040 | 1.0.0-0 | BeginRequest | |
| 0x000A0040 | 1.0.0-0 | BeginRequestAsync | |
| 0x000B0082 | 1.0.0-0 | ReceiveData | |
| 0x000C0102 | 1.0.0-0 | ReceiveDataTimeout | |
| 0x000D0146 | 1.0.0-0 | SetProxy | |
| 0x000E0040 | 1.0.0-0 | SetProxyDefault | |
| 0x000F00C4 | 1.0.0-0 | SetBasicAuthorization | |
| 0x00100080 | 1.0.0-0 | Context-only | SetSocketBufferSize | 
| 0x001100C4 | 1.0.0-0 | AddRequestHeader | |
| 0x001200C4 | 1.0.0-0 | AddPostDataAscii | |
| 0x001300C4 | 1.0.0-0 | AddPostDataBinary | |
| 0x00140082 | 1.0.0-0 | AddPostDataRaw | |
| 0x00150080 | 1.0.0-0 | SetPostDataType(u8 enum) | |
| 0x001600C4 | 1.0.0-0 | SendPostDataAscii | |
| 0x00170144 | 1.0.0-0 | SendPostDataAsciiTimeout | |
| 0x001800C4 | 1.0.0-0 | SendPostDataBinary | |
| 0x00190144 | 1.0.0-0 | SendPostDataBinaryTimeout | |
| 0x001A0082 | 1.0.0-0 | SendPostDataRaw | |
| 0x001B0102 | 1.0.0-0 | SendPOSTDataRawTimeout | |
| 0x001C0080 | 1.0.0-0 | SetPostDataEncoding | |
| 0x001D0040 | 1.0.0-0 | NotifyFinishSendPostData | |
| 0x001E00C4 | 1.0.0-0 | GetResponseHeader | |
| 0x001F0144 | 1.0.0-0 | GetResponseHeaderTimeout | |
| 0x00200082 | 1.0.0-0 | GetResponseData | |
| 0x00210102 | 1.0.0-0 | GetResponseDataTimeout | |
| 0x00220040 | 1.0.0-0 | GetResponseStatusCode | |
| 0x002300C0 | 1.0.0-0 | GetResponseStatusCodeTimeout | |
| 0x00240082 | 1.0.0-0 | AddTrustedRootCA | |
| 0x00250080 | 1.0.0-0 | AddDefaultCert | |
| 0x00260080 | 1.0.0-0 | SelectRootCertChain | |
| 0x002700C4 | 1.0.0-0 | SetClientCert | |
| 0x00280080 | 1.0.0-0 | Context-only | SetClientCertDefault | 
| 0x00290080 | 1.0.0-0 | Context-only | SetClientCertContext | 
| 0x002A0040 | 1.0.0-0 | All | (u32 contexthandle) GetSSLError? This loads a value from state, this doesn't seem to use any sslc command. | 
| 0x002B0080 | 1.0.0-0 | Context-only | SetSSLOpt | 
| 0x002C0080 | 1.0.0-0 | Context-only | SetSSLClearOpt | 
| 0x002D0000 | 1.0.0-0 | Main-only | CreateRootCertChain | 
| 0x002E0040 | 1.0.0-0 | Main-only | DestroyRootCertChain | 
| 0x002F0082 | 1.0.0-0 | Main-only | RootCertChainAddCert | 
| 0x00300080 | 1.0.0-0 | Main-only | RootCertChainAddDefaultCert | 
| 0x00310080 | 1.0.0-0 | Main-only | RootCertChainRemoveCert | 
| 0x00320084 | 1.0.0-0 | Main-only | OpenClientCertContext | 
| 0x00330040 | 1.0.0-0 | Main-only | OpenDefaultClientCertContext | 
| 0x00340040 | 1.0.0-0 | Main-only | CloseClientCertContext | 
| 0x00350186 | 1.0.0-0 | Main-only | SetDefaultProxy | 
| 0x00360000 | 1.0.0-0 | ClearDNSCache | |
| 0x00370080 | 2.0.0-X | SetKeepAlive (bool) | |
| 0x003800C0 | 3.0.0-X. | SetPostDataTypeSize (u8 enum, u32 size) (similar to SetPostDataType) | |
| 0x00390000 | 3.0.0-X. | Finalize | |
| 0x003A0080 | 8.0.0-X | ||
| 0x003B0082 | 9.0.0-X | ||
| 0x003C0080 | 9.0.0-X | ||
| 0x003D0080 | 9.0.0-X | ||
| 0x003E0000 | 9.0.0-X | ||
| 0x003F0040 | 9.0.0-X | ||
| 0x00400082 | 9.0.0-X | ||
| 0x00410080 | 9.0.0-X | ||
| 0x00420080 | 9.0.0-X | 
TLS Root CAs
Initially a HTTP context will not trust any root-CAs at all. Which root-CAs to trust must be explicitly specified via the add-root-CA service command(s).
RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only 2.
When using the context-specific RootCA commands such as HTTPC:AddTrustedRootCA where HTTPC:SelectRootCertChain was already used, the cert will just be added to the selected RootCertChain.
ClientCert Contexts
These are basically the same as RootCertChains except for TLS client cert+privk. The maximum number of ClientCert-contexts that can exist for an user-process, is only 1.
Error codes
| Error code | Description | 
|---|---|
| 0xd8a0a03c | Failed to verify the HTTPS server's TLS certificate. | 
| 0xd8a0a046 | This is returned by HTTPC:Initialize when no network connection is available(or at least when wifi is disabled via Home Menu on New3DS). | 
| 0xd8a0a066 | This indicates that the context handle is wrong. |