1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef COMMUNICATION_NETSTACK_TLS_H 17 #define COMMUNICATION_NETSTACK_TLS_H 18 19 #include <string> 20 21 #include "net_address.h" 22 #include "secure_data.h" 23 24 namespace OHOS { 25 namespace NetStack { 26 using Handle = void *; 27 constexpr const char *PROTOCOL_TLS_V12 = "TLSv1.2"; 28 constexpr const char *PROTOCOL_TLS_V13 = "TLSv1.3"; 29 constexpr const char *CERT_PATH = "/system/lib"; 30 constexpr int CERT_PATH_LEN = 11; 31 32 struct CipherSuite { 33 uint64_t cipherId_; 34 std::string cipherName_; 35 }; 36 37 enum EncodingFormat { 38 DER, 39 PEM 40 }; 41 42 struct X509CertRawData { 43 SecureData data; 44 EncodingFormat encodingFormat; 45 }; 46 47 enum TlsMode { 48 UNENCRYPTED_MODE, 49 SSL_CLIENT_MODE, 50 SSL_SERVER_MODE 51 }; 52 53 enum PeerVerifyMode { 54 VERIFY_NONE, 55 QUERY_PEER, 56 VERIFY_PEER, 57 AUTO_VERIFY_PEER 58 }; 59 60 enum KeyType { 61 PRIVATE_KEY, 62 PUBLIC_KEY 63 }; 64 65 enum CertType { 66 CA_CERT, 67 LOCAL_CERT 68 }; 69 70 enum KeyAlgorithm { 71 OPAQUE, 72 ALGORITHM_RSA, 73 ALGORITHM_DSA, 74 ALGORITHM_EC, 75 ALGORITHM_DH 76 }; 77 78 enum AlternativeNameEntryType { 79 EMAIL_ENTRY, 80 DNS_ENTRY, 81 IPADDRESS_ENTRY 82 }; 83 84 enum OpenMode { 85 NOT_OPEN, 86 READ_ONLY, 87 WRITE_ONLY, 88 READ_WRITE = READ_ONLY | WRITE_ONLY, 89 APPEND, 90 TRUNCATE, 91 TEXT, 92 UNBUFFERED, 93 NEW_ONLY, 94 EXISTION_ONLY 95 }; 96 97 enum NetworkLayerProtocol { 98 IPV4_PROTOCOL, 99 IPV6_PROTOCOL, 100 ANY_IP_PROTOCOL, 101 UNKNOW_NETWORK_LAYER_PROTOCOL = -1 102 }; 103 104 enum class ImplementedClass { 105 KEY, 106 CERTIFICATE, 107 SOCKET, 108 DIFFIE_HELLMAN, 109 ELLIPTIC_CURVE 110 }; 111 112 enum class SupportedFeature { 113 CERTIFICATE_VERIFICATION, 114 CLIENT_SIDE_ALPN, 115 SERVER_SIDE_ALPN, 116 OCSP, 117 PSK, 118 SESSION_TICKET, 119 ALERTS 120 }; 121 122 enum TlsOptions { 123 SSL_OPTION_DISABLE_EMPTY_FRAGMENTS = 0x01, 124 SSL_OPTION_DISABLE_SESSION_TICKETS = 0x02, 125 SSL_OPTION_DISABLE_COMPRESSION = 0x04, 126 SSL_OPTION_DISABLE_SERVER_NAME_INDICATION = 0x08, 127 SSL_OPTION_DISABLE_LEGACY_RENEGOTIATION = 0x10, 128 SSL_OPTION_DISABLE_SESSION_SHARING = 0x20, 129 SSL_OPTION_DISABLE_SESSION_PERSISTENCE = 0x40, 130 SSL_OPTION_DISABLE_SERVER_CIPHER_PREFERENCE = 0x80 131 }; 132 133 enum TLSProtocol { 134 TLS_V1_2, 135 TLS_V1_3, 136 UNKNOW_PROTOCOL 137 }; 138 139 enum class Cipher { 140 DES_CBC, 141 DES_EDE3_CBC, 142 RC2_CBC, 143 AES_128_CBC, 144 AES_192_CBC, 145 AES_256_CBC 146 }; 147 148 enum VerifyMode { 149 ONE_WAY_MODE = 0, 150 TWO_WAY_MODE 151 }; 152 } // namespace NetStack 153 } // namespace OHOS 154 #endif // COMMUNICATION_NETSTACK_TLS_H 155