• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 
16 /**
17  * @defgroup hitls_session
18  * @ingroup hitls
19  * @brief TLS session
20  */
21 
22 #ifndef HITLS_SESSION_H
23 #define HITLS_SESSION_H
24 
25 #include <stdint.h>
26 #include <stddef.h>
27 #include <stdbool.h>
28 #include "hitls_type.h"
29 #include "hitls_crypt_type.h"
30 #include "bsl_uio.h"
31 
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35 
36 /**
37  * @ingroup hitls_session
38  * @brief Session id Maximum size of the CTX.
39  */
40 #define HITLS_SESSION_ID_CTX_MAX_SIZE 32u
41 
42 /**
43  * @ingroup hitls_session
44  * @brief Maximum size of a session ID
45  */
46 #define HITLS_SESSION_ID_MAX_SIZE 32u
47 
48 /**
49  * @ingroup hitls_session
50  * @brief   Set whether to support the session ticket function.
51  *
52  * @param   config  [OUT] Config handle
53  * @param   support [IN] Whether to support the session ticket. The options are as follows: true: yes; false: no.
54  * @retval  HITLS_SUCCESS, if successful.
55  * @retval  HITLS_NULL_INPUT, config is null.
56  */
57 int32_t HITLS_CFG_SetSessionTicketSupport(HITLS_Config *config, bool support);
58 
59 /**
60  * @ingroup hitls_session
61  * @brief   Query whether the session ticket function is supported.
62  *
63  * @param   config      [IN] Config handle
64  * @param   isSupport   [OUT] Whether to support the session ticket.
65  * @retval  HITLS_SUCCESS, if successful.
66  * @retval  HITLS_NULL_INPUT, config is null.
67  */
68 int32_t HITLS_CFG_GetSessionTicketSupport(const HITLS_Config *config, uint8_t *isSupport);
69 
70 /**
71  * @ingroup hitls_session
72  * @brief   Setting TLS1.3, number of new session tickets sent after a complete link is established.
73  *
74  * This interface should be called before handshake. The default number is 2.
75  * If the number is greater than or equal to 1, only one ticket is sent after the session is resumed.
76  * When this parameter is set to 0, the ticket is not sent for the complete handshake and session resumption.
77  *
78  * @param   config     [OUT] Config handle
79  * @param   ticketNums [IN] Number of new session tickets sent.
80  * @retval  HITLS_SUCCESS, if successful.
81  * @retval  HITLS_NULL_INPUT, config is empty.
82  */
83 int32_t HITLS_CFG_SetTicketNums(HITLS_Config *config, uint32_t ticketNums);
84 
85 /**
86  * @ingroup hitls_session
87  * @brief   Obtain TLS1.3, number of new session tickets sent after complete link establishment.
88  *
89  * @param   config [IN] config handle
90  * @retval  Number of tickets.
91  */
92 uint32_t HITLS_CFG_GetTicketNums(HITLS_Config *config);
93 
94 /**
95  * @ingroup hitls_session
96  * @brief   Setting TLS1.3, number of new session tickets sent after complete link establishment.
97  *
98  * This interface should be called before handshake. The default number is 2.
99  * If the number is greater than or equal to 1, only one ticket is sent after the session is resumed.
100  * When this parameter is set to 0, tickets will not be sent for the complete handshake and session recovery.
101  *
102  * @param   ctx        [OUT] ctx context
103  * @param   ticketNums [IN] Number of sent new session tickets.
104  * @retval  HITLS_SUCCESS, if successful.
105  * @retval  HITLS_NULL_INPUT, ctx is null.
106  */
107 int32_t HITLS_SetTicketNums(HITLS_Ctx *ctx, uint32_t ticketNums);
108 
109 /**
110  * @ingroup hitls_session
111  * @brief   Obtain TLS1.3, Number of new session tickets sent after complete link establishment.
112  *
113  * @param   ctx  [IN] ctx context
114  * @retval  Number of tickets.
115  */
116 uint32_t HITLS_GetTicketNums(HITLS_Ctx *ctx);
117 
118 /**
119  * @ingroup hitls_session
120  * @brief   This callback is called when a new session is negotiated. Users can use sessions.
121  *
122  * @param   ctx     [IN] ctx context
123  * @param   session [IN] Session handle
124  * @retval  1 Success. If a user removes a session, the user needs to release the session handle.
125  * @retval  0 failed. The user does not use the session.
126  */
127 typedef int32_t (*HITLS_NewSessionCb) (HITLS_Ctx *ctx, HITLS_Session *session);
128 
129 /**
130  * @ingroup hitls_session
131  * @brief   Set a callback for negotiating a new session call.
132  *
133  * @param   config       [OUT] config handle
134  * @param   newSessionCb [IN] Callback.
135  * @retval  HITLS_SUCCESS, if successful.
136  * @retval  HITLS_NULL_INPUT, config is null.
137  */
138 int32_t HITLS_CFG_SetNewSessionCb(HITLS_Config *config, const HITLS_NewSessionCb newSessionCb);
139 
140 #define HITLS_TICKET_KEY_RET_NEED_ALERT    (-1)   // callback fails. A fatal error occurs.
141                                                   // You need to send an alert
142 #define HITLS_TICKET_KEY_RET_FAIL          0      // callback returns a failure, but the error is not a fatal error,
143                                                   // for example, key_name matching fails.
144 #define HITLS_TICKET_KEY_RET_SUCCESS       1      // If the callback is successful,
145                                                   // the key can be used for encryption and decryption
146 #define HITLS_TICKET_KEY_RET_SUCCESS_RENEW 2      // If the callback is successful, the key can be used for encryption
147                                                   // and decryption. In the decryption scenario,
148                                                   // the ticket needs to be renewed
149 /**
150  * @ingroup hitls_session
151  * @brief   Obtain and verify ticket_key on the server.
152  *
153  * @attention  keyName is fixed at 16 bytes, and iv is fixed at 16 bytes.
154  *     During encryption, the keyName and cipher need to be returned.
155  * The encryption type, encryption algorithm, key, iv, and hmacKey need to be filled in.
156  *     During decryption, the HiTLS transfers the keyName.
157  * The user needs to find the corresponding key based on the keyName and return the corresponding encryption type,
158  * encryption algorithm, and key. (HiTLS uses the iv value sent by the client,
159  * so the iv value does not need to be returned.)
160  *
161  * @param   keyName     [IN/OUT] name values corresponding to aes_key and hmac_key
162  * @param   keyNameSize [IN] length of keyName
163  * @param   cipher      [IN/OUT] Encryption information
164  * @param   isEncrypt   [IN] Indicates whether to encrypt data. true: encrypt data. false: decrypt data.
165  *
166  * @retval  TICKET_KEY_RET_NEED_ALERT     : indicates that the function fails to be called. A fatal error occurs.
167  *                                          An alert message needs to be sent.
168  *          TICKET_KEY_RET_FAIL           : During encryption, the failure to obtain the key_name is not a fatal error.
169  *                                          In this case, the HiTLS sends an empty new session ticket message
170  *                                          to the client.During decryption, the key_name matching fails,
171  *                                          but it is not a fatal error. If the return value is the same,
172  *                                          the HiTLS performs a complete handshake process or uses the
173  *                                          session ID to restore the session.
174  *          TICKET_KEY_RET_SUCCESS        : indicates that the encryption is successful. Decryption succeeds.
175  *          TICKET_KEY_RET_SUCCESS_RENEW  : indicates that the encryption is successful.
176  *                                          The value is the same as the returned value TICKET_KEY_RET_SUCCESS.
177  *                                          If the decryption succeeds and the ticket needs to be renewed or changed,
178  *                                          the HiTLS calls the callback again to encrypt the ticket
179  *                                          when sending a new session ticket.
180  */
181 typedef int32_t (*HITLS_TicketKeyCb)(uint8_t *keyName, uint32_t keyNameSize, HITLS_CipherParameters *cipher,
182     uint8_t isEncrypt);
183 
184 /**
185  * @ingroup hitls_session
186  * @brief   Set the ticket key callback, which is used only by the server, cb can be NULL.
187  *
188  * @param   config  [OUT] Config Context
189  * @param   callback    [IN] Ticket key callback
190  * @retval  HITLS_SUCCESS, if successful.
191  *          For details about other error codes, see hitls_error.h.
192  */
193 int32_t HITLS_CFG_SetTicketKeyCallback(HITLS_Config *config, HITLS_TicketKeyCb callback);
194 
195 /**
196  * @ingroup hitls_session
197  * @brief   Obtain the default ticket key of the HiTLS.
198  *
199  * The key is used to encrypt and decrypt the ticket in the new session ticket when the HITLS_TicketKeyCb callback
200  * function is not set.
201  *
202  * @attention The returned key value is as follows: 16-byte key name + 32-byte AES key + 32-byte HMAC key
203  *
204  * @param   config [IN] Config Context.
205  * @param   key [OUT] Obtained ticket key.
206  * @param   keySize [IN] Size of the key array.
207  * @param   outSize [OUT] Size of the obtained ticket key.
208  *
209  * @retval  HITLS_SUCCESS, if successful.
210  * @retval  For other error codes, see hitls_error.h.
211  */
212 int32_t HITLS_CFG_GetSessionTicketKey(const HITLS_Config *config, uint8_t *key, uint32_t keySize, uint32_t *outSize);
213 
214 /**
215  * @ingroup hitls_session
216  * @brief   Set the default ticket key of the HiTLS. The key is used to encrypt and decrypt tickets in the new
217  * session ticket when the HITLS_TicketKeyCb callback function is not set.
218  *
219  * @attention The returned key value is as follows: 16-byte key name + 32-byte AES key + 32-byte HMAC key
220  *
221  * @param   config [OUT] Config Context.
222  * @param   key [IN] Ticket key to be set.
223  * @param   keySize [IN] Size of the ticket key.
224  *
225  * @retval  HITLS_SUCCESS, if successful.
226  * @retval  For other error codes, see hitls_error.h.
227  */
228 int32_t HITLS_CFG_SetSessionTicketKey(HITLS_Config *config, const uint8_t *key, uint32_t keySize);
229 
230 /**
231  * @ingroup hitls_session
232  * @brief   Set the user-specific session ID ctx, only on the server.
233  *
234  * @attention session id ctx is different from session id, session recovery can be performed only after
235  * session id ctx matching.
236  * @param   config  [OUT] Config context.
237  * @param   sessionIdCtx [IN] Session ID Context.
238  * @param   len [IN] Session id context length, a maximum of 32 bytes.
239  * @retval  HITLS_SUCCESS, if successful.
240  *          For other error codes, see hitls_error.h.
241  */
242 int32_t HITLS_CFG_SetSessionIdCtx(HITLS_Config *config, const uint8_t *sessionIdCtx, uint32_t len);
243 
244 /**
245  * @ingroup hitls_session
246  * @brief   Set the session cache mode.
247  *
248  * @param   config  [OUT] Config context.
249  * @param   mode [IN] Cache mode, corresponding to the HITLS_SESS_CACHE_MODE enumerated value.
250  * @retval  HITLS_SUCCESS, if successful.
251  *          For details about other error codes, see hitls_error.h.
252  */
253 int32_t HITLS_CFG_SetSessionCacheMode(HITLS_Config *config, HITLS_SESS_CACHE_MODE mode);
254 
255 /**
256  * @ingroup hitls_session
257  * @brief   Obtain the session cache mode.
258  *
259  * @param   config  [IN] config Context.
260  * @param   mode [OUT] Cache mode, corresponding to the HITLS_SESS_CACHE_MODE enumerated value.
261  * @retval  HITLS_SUCCESS, if successful.
262  *          For details about other error codes, see hitls_error.h.
263  */
264 int32_t HITLS_CFG_GetSessionCacheMode(HITLS_Config *config, HITLS_SESS_CACHE_MODE *mode);
265 
266 /**
267  * @ingroup hitls_session
268  * @brief   Set the maximum number of sessions in the session cache.
269  *
270  * @param   config  [OUT] Config context.
271  * @param   size [IN] Maximum number of sessions in the cache.
272  * @retval  HITLS_SUCCESS, if successful.
273  *          For details about other error codes, see hitls_error.h.
274  */
275 int32_t HITLS_CFG_SetSessionCacheSize(HITLS_Config *config, uint32_t size);
276 
277 /**
278  * @ingroup hitls_session
279  * @brief   Obtain the maximum number of sessions in the session cache.
280  *
281  * @param   config  [IN] Config context.
282  * @param   size [OUT] Maximum number of sessions in the cache.
283  * @retval  HITLS_SUCCESS, if successful.
284  *          For details about other error codes, see hitls_error.h.
285  */
286 int32_t HITLS_CFG_GetSessionCacheSize(HITLS_Config *config, uint32_t *size);
287 
288 /**
289  * @ingroup hitls_session
290  * @brief   Set the session timeout interval.
291  *
292  * @param   config  [OUT] Config context.
293  * @param   timeout [IN] Session timeout interval, in seconds.
294  * @retval  HITLS_SUCCESS, if successful.
295  *          For details about other error codes, see hitls_error.h.
296  */
297 int32_t HITLS_CFG_SetSessionTimeout(HITLS_Config *config, uint64_t timeout);
298 
299 /**
300  * @ingroup hitls_session
301  * @brief   Obtain the timeout interval of a session.
302  *
303  * @param   config  [IN] Config context.
304  * @param   timeout [OUT] Session timeout interval, in seconds.
305  * @retval  HITLS_SUCCESS, if successful.
306  *          For details about other error codes, see hitls_error.h.
307  */
308 int32_t HITLS_CFG_GetSessionTimeout(const HITLS_Config *config, uint64_t *timeout);
309 
310 /**
311  * @ingroup hitls_session
312  * @brief   Whether the link is multiplexed with a session.
313  *
314  * @param   ctx  [IN] config Context.
315  * @param   isReused [OUT] Indicates whether to reuse a session.
316  * @retval  HITLS_SUCCESS, if successful.
317  *          For details about other error codes, see hitls_error.h.
318  */
319 int32_t HITLS_IsSessionReused(HITLS_Ctx *ctx, uint8_t *isReused);
320 
321 /**
322  * @ingroup hitls_session
323  * @brief   Set the user-specific session ID ctx of the HiTLS link, only on the server.
324  *
325  * @attention session id ctx is different from sessio id, session recovery can be performed only after
326  * session id ctx matching.
327  * @param   ctx  [OUT] Config context.
328  * @param   sessionIdCtx [IN] Session ID Context.
329  * @param   len [IN] Session ID context length, which cannot exceed 32 bytes.
330  * @retval  HITLS_SUCCESS, if successful.
331  *          For details about other error codes, see hitls_error.h.
332  */
333 int32_t HITLS_SetSessionIdCtx(HITLS_Ctx *ctx, const uint8_t *sessionIdCtx, uint32_t len);
334 
335 /**
336  * @ingroup hitls_session
337  * @brief   Obtain the default ticket key of the HiTLS.
338  *
339  * The key is used to encrypt and decrypt the ticket in the new session ticket
340  * when the HITLS_TicketKeyCb callback function is not set.
341  *
342  * @attention The returned key value is as follows: 16-byte key name + 32-byte AES key + 32-byte HMAC key
343  *
344  * @param   ctx [OUT] TLS connection handle
345  * @param   key [OUT] Obtained ticket key
346  * @param   keySize [IN] Size of the key array
347  * @param   outSize [OUT] Size of the obtained ticket key.
348  *
349  * @retval  HITLS_SUCCESS, if successful.
350  * @retval  For other error codes, see hitls_error.h.
351  */
352 int32_t HITLS_GetSessionTicketKey(const HITLS_Ctx *ctx, uint8_t *key, uint32_t keySize, uint32_t *outSize);
353 
354 /**
355  * @ingroup hitls_session
356  * @brief   Set the default ticket key of the HiTLS. The key is used to encrypt and decrypt the ticket
357  * in the new session ticket when the HITLS_TicketKeyCb callback function is not set.
358  *
359  * @attention The returned key value is as follows: 16-byte key name + 32-byte AES key + 32-byte HMAC key
360  *
361  * @param   ctx [OUT] TLS connection handle.
362  * @param   key [IN] Ticket key to be set.
363  * @param   keySize [IN] Size of the ticket key.
364  *
365  * @retval  HITLS_SUCCESS, if successful.
366  * @retval  For other error codes, see hitls_error.h.
367  */
368 int32_t HITLS_SetSessionTicketKey(HITLS_Ctx *ctx, const uint8_t *key, uint32_t keySize);
369 
370 /**
371  * @ingroup hitls_session
372  * @brief   Set the handle for the session information about the HiTLS link.
373  *
374  * @attention Used only by the client.
375  * @param   ctx [OUT] TLS connection handle
376  * @param   session [IN] Session information handle.
377  * @retval  HITLS_SUCCESS, if successful.
378  * @retval  For other error codes, see hitls_error.h.
379  */
380 int32_t HITLS_SetSession(HITLS_Ctx *ctx, HITLS_Session *session);
381 
382 /**
383  * @ingroup hitls_session
384  * @brief   Obtain the handle of the session information and directly obtain the pointer.
385  *
386  * @attention Directly obtain the pointer.
387  * Ensure that the invoking is correct and avoid the pointer being a wild pointer.
388  * @param   ctx [IN] TLS connection handle
389  * @retval  Session information handle
390  */
391 HITLS_Session *HITLS_GetSession(const HITLS_Ctx *ctx);
392 
393 /**
394  * @ingroup hitls_session
395  * @brief   Obtain the handle of the copied session information.
396  *
397  * @attention The number of times that the call is called increases by 1.
398  *            The call is released by calling HITLS_SESS_Free.
399  * @param   ctx [IN] TLS connection handle
400  * @retval  Session information handle
401  */
402 HITLS_Session *HITLS_GetDupSession(HITLS_Ctx *ctx);
403 
404 /**
405  * @ingroup hitls_session
406  * @brief   Obtain the sign type of the peer
407  *
408  * @param   ctx [IN] TLS connection handle
409  * @param   sigType [OUT] sign type.
410  * @retval  HITLS_SUCCESS, if successful.
411  * @retval  For other error codes, see hitls_error.h.
412  */
413 int32_t HITLS_GetPeerSignatureType(const HITLS_Ctx *ctx, HITLS_SignAlgo *sigType);
414 
415 /**
416  * @ingroup hitls_session
417  * @brief   Apply for a new session.
418  *
419  * @param   void
420  * @retval Session handle.
421  */
422 HITLS_Session *HITLS_SESS_New(void);
423 
424 /**
425  * @ingroup hitls_session
426  * @brief   Duplicate a session, the number of reference times increases by 1.
427  *
428  * @param   sess
429  * @retval Session handle.
430  */
431 HITLS_Session *HITLS_SESS_Dup(HITLS_Session *sess);
432 
433 /**
434  * @ingroup hitls_session
435  * @brief   Release the session information handle.
436  *
437  * @param   sess [IN] Session information handle
438  * @retval  void
439  */
440 void HITLS_SESS_Free(HITLS_Session *sess);
441 
442 /**
443  * @ingroup hitls_session
444  * @brief   Set the master key of a session.
445  *
446  * @param   sess [OUT] Session information handle.
447  * @param   masterKey [IN] Master key.
448  * @param   masterKeySize [IN] Size of the master key.
449  * @retval  HITLS_SUCCESS, if successful.
450  * @retval  For other error codes, see hitls_error.h.
451  */
452 int32_t HITLS_SESS_SetMasterKey(HITLS_Session *sess, const uint8_t *masterKey, uint32_t masterKeySize);
453 
454 /**
455  * @ingroup hitls_session
456  * @brief   Obtain the master key length of a session.
457  *
458  * @param   sess [IN] Session information handle
459  * @retval  Size of the master key
460  */
461 uint32_t HITLS_SESS_GetMasterKeyLen(const HITLS_Session *sess);
462 
463 /**
464  * @ingroup hitls_session
465  * @brief   Obtain the master key of a session.
466  *
467  * @param   sess [IN] Session information handle.
468  * @param   masterKey [OUT] Master key.
469  * @param   masterKeySize [OUT] Size of the master key.
470  * @retval  HITLS_SUCCESS, if successful.
471  * @retval  For other error codes, see hitls_error.h.
472  */
473 int32_t HITLS_SESS_GetMasterKey(const HITLS_Session *sess, uint8_t *masterKey, uint32_t *masterKeySize);
474 
475 /**
476  * @ingroup hitls_session
477  * @brief   Obtain the session protocol version.
478  *
479  * @param   sess [IN] Session information handle.
480  * @param   version [OUT] Protocol version.
481  * @retval  HITLS_SUCCESS, if successful.
482  * @retval  For other error codes, see hitls_error.h.
483  */
484 int32_t HITLS_SESS_GetProtocolVersion(const HITLS_Session *sess, uint16_t *version);
485 
486 /**
487  * @ingroup hitls_session
488  * @brief   Set the session protocol version.
489  *
490  * @param   sess [OUT] Session information handle
491  * @param   version [IN] Protocol version
492  * @retval  HITLS_SUCCESS, if successful.
493  * @retval  For other error codes, see hitls_error.h.
494  */
495 int32_t HITLS_SESS_SetProtocolVersion(HITLS_Session *sess, uint16_t version);
496 
497 /**
498  * @ingroup hitls_session
499  * @brief   Set the session password suite.
500  *
501  * @param   sess [OUT] Session information handle.
502  * @param   cipherSuite [IN] Password suite.
503  * @retval  HITLS_SUCCESS, if successful.
504  * @retval  For other error codes, see hitls_error.h.
505  */
506 int32_t HITLS_SESS_SetCipherSuite(HITLS_Session *sess, uint16_t cipherSuite);
507 
508 /**
509  * @ingroup hitls_session
510  * @brief   Obtain the session password suite.
511  *
512  * @param   sess [IN] Session information handle.
513  * @param   cipherSuite [OUT] Cipher suite.
514  * @retval  HITLS_SUCCESS, if successful.
515  * @retval  For other error codes, see hitls_error.h.
516  */
517 int32_t HITLS_SESS_GetCipherSuite(const HITLS_Session *sess, uint16_t *cipherSuite);
518 
519 /**
520  * @ingroup hitls_session
521  * @brief   Set the session ID ctx.
522  *
523  * @param   sess [OUT] Session information handle.
524  * @param   sessionIdCtx [IN] Session ID Context.
525  * @param   sessionIdCtxSize [IN] Session ID Context length. The maximum length is 32 bytes.
526  * @retval  HITLS_SUCCESS, if successful.
527  * @retval  For other error codes, see hitls_error.h.
528  */
529 int32_t HITLS_SESS_SetSessionIdCtx(HITLS_Session *sess, uint8_t *sessionIdCtx, uint32_t sessionIdCtxSize);
530 
531 /**
532  * @ingroup hitls_session
533  * @brief   Obtain the session ID ctx.
534  *
535  * @param   sess [IN] Session information handle.
536  * @param   sessionIdCtx [OUT] Session ID Context.
537  * @param   sessionIdCtxSize [OUT] Session id Context length.
538  * @retval  HITLS_SUCCESS, if successful.
539  * @retval  For other error codes, see hitls_error.h.
540 */
541 int32_t HITLS_SESS_GetSessionIdCtx(const HITLS_Session *sess, uint8_t *sessionIdCtx, uint32_t *sessionIdCtxSize);
542 
543 /**
544  * @ingroup hitls_session
545  * @brief   Set the session ID.
546  *
547  * @param   sess [OUT] Session information handle.
548  * @param   sessionId [IN] Session id.
549  * @param   sessionIdSize [IN] The session ID contains a maximum of 32 bytes.
550  * @retval  HITLS_SUCCESS, if successful.
551  * @retval  For other error codes, see hitls_error.h.
552  */
553 int32_t HITLS_SESS_SetSessionId(HITLS_Session *sess, uint8_t *sessionId, uint32_t sessionIdSize);
554 
555 /**
556  * @ingroup hitls_session
557  * @brief   Obtain the session ID.
558  *
559  * @param   sess [IN] Session information handle
560  * @param   sessionId [OUT] Session id
561  * @param   sessionIdSize [OUT] Session ID length
562  * @retval  HITLS_SUCCESS, if successful.
563  * @retval  For other error codes, see hitls_error.h.
564  */
565 int32_t HITLS_SESS_GetSessionId(const HITLS_Session *sess, uint8_t *sessionId, uint32_t *sessionIdSize);
566 
567 /**
568  * @ingroup hitls_session
569  * @brief   Set whether to contain the master key extension.
570  *
571  * @param   sess [OUT] Session information handle.
572  * @param   haveExtMasterSecret [IN] Whether the master key extension is include.
573  * @retval  HITLS_SUCCESS, if successful.
574  * @retval  For other error codes, see hitls_error.h.
575  */
576 int32_t HITLS_SESS_SetHaveExtMasterSecret(HITLS_Session *sess, uint8_t haveExtMasterSecret);
577 
578 /**
579  * @ingroup hitls_session
580  * @brief   Obtain the master key extension.
581  *
582  * @param   sess [IN] Session information handle.
583  * @param   haveExtMasterSecret [OUT] Whether the master key extension is contained.
584  * @retval  HITLS_SUCCESS, if successful.
585  * @retval  For other error codes, see hitls_error.h.
586  */
587 int32_t HITLS_SESS_GetHaveExtMasterSecret(HITLS_Session *sess, uint8_t *haveExtMasterSecret);
588 
589 /**
590  * @ingroup hitls_session
591  * @brief   Set the timeout interval, in seconds.
592  *
593  * @param   sess [OUT] Session information handle
594  * @param   timeout [IN] Timeout interval, in seconds.
595  * @retval  HITLS_SUCCESS, if successful.
596  * @retval  For other error codes, see hitls_error.h.
597  */
598 int32_t HITLS_SESS_SetTimeout(HITLS_Session *sess, uint64_t timeout);
599 
600 /**
601  * @ingroup hitls_session
602  * @brief   Check whether the session can be recovered. Only simple check is performed, but the validity period
603  * is not checked.
604  *
605  * @param   sess [IN] Session information handle.
606  * @retval  Indicates whether the recovery can be performed.
607  */
608 bool HITLS_SESS_IsResumable(const HITLS_Session *sess);
609 
610 /**
611  * @ingroup hitls_session
612  * @brief   Check whether the session has a ticket.
613  *
614  * @param   sess [IN] Session information handle
615  * @retval  Indicates whether a ticket exists.
616  */
617 bool HITLS_SESS_HasTicket(const HITLS_Session *sess);
618 
619 #ifdef __cplusplus
620 }
621 #endif
622 
623 #endif /* HITLS_SESSION_H */
624