1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 #ifndef HLT_H 17 #define HLT_H 18 19 #include <stddef.h> 20 #include "hlt_type.h" 21 22 #ifdef __cplusplus 23 extern "C" { 24 #endif 25 26 27 // Create a process 28 HLT_Process* InitSrcProcess(TLS_TYPE tlsType, char* srcDomainPath); 29 HLT_Process* InitPeerProcess(TLS_TYPE tlsType, HILT_TransportType connType, int port, bool isBlock); 30 #define HLT_InitLocalProcess(tlsType) InitSrcProcess(tlsType, __FILE__) 31 #define HLT_CreateRemoteProcess(tlsType) InitPeerProcess(tlsType, NONE_TYPE, 0, 0) 32 #define HLT_LinkRemoteProcess(tlsType, connType, port, isBlock) InitPeerProcess(tlsType, connType, port, isBlock) 33 34 // Clear all process resources 35 void HLT_FreeAllProcess(void); 36 int HLT_FreeResFormSsl(const void *ssl); 37 38 // Create a local data connection 39 HLT_FD HLT_CreateDataChannel(HLT_Process* process1, HLT_Process* process2, DataChannelParam channelParam); 40 int HLT_DataChannelConnect(DataChannelParam* dstChannelParam); 41 pthread_t HLT_DataChannelAccept(DataChannelParam* channelParam); 42 void HLT_CloseFd(int fd, int linkType); 43 44 // Interface for setting connection information 45 int HLT_SetVersion(HLT_Ctx_Config* ctxConfig, uint16_t minVersion, uint16_t maxVersion); 46 int HLT_SetSecurityLevel(HLT_Ctx_Config *ctxConfig, int32_t level); 47 int HLT_SetRenegotiationSupport(HLT_Ctx_Config* ctxConfig, bool support); 48 int HLT_SetLegacyRenegotiateSupport(HLT_Ctx_Config* ctxConfig, bool support); 49 int HLT_SetClientRenegotiateSupport(HLT_Ctx_Config* ctxConfig, bool support); 50 int HLT_SetEmptyRecordsNum(HLT_Ctx_Config *ctxConfig, uint32_t emptyNum); 51 int HLT_SetFlightTransmitSwitch(HLT_Ctx_Config *ctxConfig, bool support); 52 int HLT_SetClientVerifySupport(HLT_Ctx_Config* ctxConfig, bool support); 53 int HLT_SetNoClientCertSupport(HLT_Ctx_Config* ctxConfig, bool support); 54 int HLT_SetPostHandshakeAuth(HLT_Ctx_Config *ctxConfig, bool support); 55 int HLT_SetExtenedMasterSecretSupport(HLT_Ctx_Config* ctxConfig, bool support); 56 int HLT_SetEncryptThenMac(HLT_Ctx_Config *ctxConfig, int support); 57 int HLT_SetModeSupport(HLT_Ctx_Config *ctxConfig, uint32_t mode); 58 int HLT_SetCipherSuites(HLT_Ctx_Config* ctxConfig, const char* cipherSuites); 59 int HLT_SetProviderPath(HLT_Ctx_Config *ctxConfig, char *providerPath); 60 int HLT_SetProviderAttrName(HLT_Ctx_Config *ctxConfig, char *attrName); 61 int HLT_AddProviderInfo(HLT_Ctx_Config *ctxConfig, char *providerName, int providerLibFmt); 62 int HLT_SetTls13CipherSuites(HLT_Ctx_Config *ctxConfig, const char *cipherSuites); 63 int HLT_SetEcPointFormats(HLT_Ctx_Config* ctxConfig, const char* pointFormat); 64 int HLT_SetGroups(HLT_Ctx_Config* ctxConfig, const char* groups); 65 int HLT_SetSignature(HLT_Ctx_Config* ctxConfig, const char* signature); 66 int HLT_SetCaCertPath(HLT_Ctx_Config* ctxConfig, const char* caCertPath); 67 int HLT_SetChainCertPath(HLT_Ctx_Config* ctxConfig, const char* chainCertPath); 68 int HLT_SetEeCertPath(HLT_Ctx_Config* ctxConfig, const char* eeCertPath); 69 int HLT_SetPrivKeyPath(HLT_Ctx_Config* ctxConfig, const char* privKeyPath); 70 int HLT_SetPassword(HLT_Ctx_Config* ctxConfig, const char* password); 71 void HLT_SetCertPath(HLT_Ctx_Config* ctxConfig, const char *caPath, 72 const char *chainPath, const char *EePath, const char *PrivPath, const char *signCert, const char *signPrivKey); 73 74 int HLT_SetPsk(HLT_Ctx_Config *ctxConfig, char *psk); 75 int HLT_SetKeyExchMode(HLT_Ctx_Config *config, uint32_t mode); 76 int HLT_SetTicketKeyCb(HLT_Ctx_Config *ctxConfig, char *ticketKeyCbName); 77 78 int HLT_SetServerName(HLT_Ctx_Config *ctxConfig, const char *serverName); 79 int HLT_SetServerNameArg(HLT_Ctx_Config *ctxConfig, char *arg); 80 int HLT_SetServerNameCb(HLT_Ctx_Config *ctxConfig, char *sniCbName); 81 82 int HLT_SetAlpnProtos(HLT_Ctx_Config *ctxConfig, const char *alpnProtos); 83 int HLT_SetAlpnProtosSelectCb(HLT_Ctx_Config *ctxConfig, char *callback, char *userData); 84 85 // Interface for setting abnormal message operations 86 int HLT_SetFrameHandle(HLT_FrameHandle *frameHandle); 87 void HLT_CleanFrameHandle(void); 88 int HLT_FreeResFromSsl(const void *ssl); 89 90 // General initialization interface 91 int HLT_LibraryInit(TLS_TYPE tlsType); 92 93 // The local process invokes TLS functions 94 HLT_Tls_Res* HLT_ProcessTlsInit(HLT_Process *process, TLS_VERSION tlsVersion, 95 HLT_Ctx_Config *ctxConfig, HLT_Ssl_Config *sslConfig); 96 void* HLT_TlsNewCtx(TLS_VERSION tlsVersion); 97 void* HLT_TlsProviderNewCtx(char *providerPath, char (*providerNames)[MAX_PROVIDER_NAME_LEN], int *providerLibFmts, 98 int providerCnt, char *attrName, TLS_VERSION tlsVersion); 99 HLT_Ctx_Config* HLT_NewCtxConfig(char* setFile, const char* key); 100 HLT_Ctx_Config* HLT_NewCtxConfigTLCP(char *setFile, const char *key, bool isClient); 101 int HLT_TlsSetCtx(void* ctx, HLT_Ctx_Config* config); 102 HLT_Ssl_Config* HLT_NewSslConfig(char* setFile); 103 void* HLT_TlsNewSsl(void* ctx); 104 int HLT_TlsSetSsl(void* ssl, HLT_Ssl_Config* config); 105 unsigned long int HLT_TlsListen(void *ssl); 106 unsigned long int HLT_TlsAccept(void* ssl); 107 int HLT_TlsListenBlock(void* ssl); 108 int HLT_TlsAcceptBlock(void* ssl); 109 int HLT_GetTlsAcceptResultFromId(unsigned long int threadId); 110 int HLT_GetTlsAcceptResult(HLT_Tls_Res* tlsRes); 111 int HLT_TlsConnect(void* ssl); 112 int HLT_TlsRead(void* ssl, uint8_t *data, uint32_t bufSize, uint32_t *readLen); 113 int HLT_TlsWrite(void* ssl, uint8_t *data, uint32_t dataLen); 114 int HLT_TlsRegCallback(TlsCallbackType type); 115 int HLT_TlsRenegotiate(void *ssl); 116 int HLT_TlsVerifyClientPostHandshake(void *ssl); 117 int HLT_TlsClose(void *ssl); 118 int HLT_TlsSetSession(void *ssl, void *session); 119 int HLT_TlsSessionReused(void *ssl); 120 void *HLT_TlsGet1Session(void *ssl); 121 int32_t HLT_SetSessionCacheMode(HLT_Ctx_Config* config, HITLS_SESS_CACHE_MODE mode); 122 int32_t HLT_SetSessionTicketSupport(HLT_Ctx_Config* config, bool issupport); 123 int HLT_TlsSessionHasTicket(void *session); 124 int HLT_TlsSessionIsResumable(void *session); 125 void HLT_TlsFreeSession(void *session); 126 127 // The RPC controls the remote process to invoke TLS functions 128 int HLT_RpcTlsNewCtx(HLT_Process* peerProcess, TLS_VERSION tlsVersion, bool isClient); 129 int HLT_RpcProviderTlsNewCtx(HLT_Process *peerProcess, TLS_VERSION tlsVersion, bool isClient, char *providerPath, 130 char (*providerNames)[MAX_PROVIDER_NAME_LEN], int32_t *providerLibFmts, int32_t providerCnt, char *attrName); 131 int HLT_RpcTlsSetCtx(HLT_Process* peerProcess, int ctxId, HLT_Ctx_Config* config); 132 int HLT_RpcTlsNewSsl(HLT_Process* peerProcess, int ctxId); 133 int HLT_RpcTlsSetSsl(HLT_Process* peerProcess, int sslId, HLT_Ssl_Config* config); 134 int HLT_RpcTlsListen(HLT_Process* peerProcess, int sslId); 135 int HLT_RpcTlsAccept(HLT_Process* peerProcess, int sslId); 136 int HLT_RpcGetTlsListenResult(int acceptId); 137 int HLT_RpcGetTlsAcceptResult(int acceptId); 138 int HLT_RpcTlsConnect(HLT_Process* peerProcess, int sslId); 139 int HLT_RpcTlsConnectUnBlock(HLT_Process *peerProcess, int sslId); 140 int HLT_RpcGetTlsConnectResult(int cmdIndex); 141 int HLT_RpcTlsRead(HLT_Process* peerProcess, int sslId, uint8_t *data, uint32_t bufSize, uint32_t *readLen); 142 int HLT_RpcTlsReadUnBlock(HLT_Process *peerProcess, int sslId, uint8_t *data, uint32_t bufSize, uint32_t *readLen); 143 int HLT_RpcGetTlsReadResult(int cmdIndex, uint8_t *data, uint32_t bufSize, uint32_t *readLen); 144 int HLT_RpcTlsWrite(HLT_Process* peerProcess, int sslId, uint8_t *data, uint32_t bufSize); 145 int HLT_RpcTlsWriteUnBlock(HLT_Process *peerProcess, int sslId, uint8_t *data, uint32_t bufSize); 146 int HLT_RpcGetTlsWriteResult(int cmdIndex); 147 int HLT_RpcTlsRenegotiate(HLT_Process *peerProcess, int sslId); 148 int HLT_RpcTlsVerifyClientPostHandshake(HLT_Process *peerProcess, int sslId); 149 int HLT_RpcTlsRegCallback(HLT_Process* peerProcess, TlsCallbackType type); 150 int HLT_RpcProcessExit(HLT_Process* peerProcess); 151 int HLT_RpcDataChannelBind(HLT_Process *peerProcess, DataChannelParam *channelParam); 152 int HLT_RpcDataChannelAccept(HLT_Process* peerProcess, DataChannelParam* channelParam); 153 int HLT_RpcGetAcceptFd(int acceptId); 154 int HLT_RpcDataChannelConnect(HLT_Process* peerProcess, DataChannelParam* channelParam); 155 int HLT_RpcTlsGetStatus(HLT_Process *peerProcess, int sslId); 156 int HLT_RpcTlsGetAlertFlag(HLT_Process *peerProcess, int sslId); 157 int HLT_RpcTlsGetAlertLevel(HLT_Process *peerProcess, int sslId); 158 int HLT_RpcTlsGetAlertDescription(HLT_Process *peerProcess, int sslId); 159 int HLT_RpcTlsClose(HLT_Process *peerProcess, int sslId); 160 int HLT_RpcFreeResFormSsl(HLT_Process *peerProcess, int sslId); 161 int HLT_RpcSctpClose(HLT_Process *peerProcess, int fd); 162 int HLT_RpcCloseFd(HLT_Process *peerProcess, int fd, int linkType); 163 int HLT_RpcTlsSetMtu(HLT_Process *peerProcess, int sslId, uint16_t mtu); 164 int HLT_RpcTlsGetErrorCode(HLT_Process *peerProcess, int sslId); 165 166 // TLS connection establishment encapsulation interface 167 HLT_Tls_Res* HLT_ProcessTlsAccept(HLT_Process *process, TLS_VERSION tlsVersion, 168 HLT_Ctx_Config *ctxConfig, HLT_Ssl_Config *sslConfig); 169 HLT_Tls_Res* HLT_ProcessTlsConnect(HLT_Process *process, TLS_VERSION tlsVersion, 170 HLT_Ctx_Config *ctxConfig, HLT_Ssl_Config *sslConfig); 171 int HLT_ProcessTlsRead(HLT_Process *process, HLT_Tls_Res* tlsRes, uint8_t *data, uint32_t bufSize, uint32_t *dataLen); 172 int HLT_ProcessTlsWrite(HLT_Process *process, HLT_Tls_Res* tlsRes, uint8_t *data, uint32_t dataLen); 173 174 int HLT_TlsSetMtu(void *ssl, uint16_t mtu); 175 int HLT_TlsGetErrorCode(void *ssl); 176 177 bool IsEnableSctpAuth(void); 178 #ifdef __cplusplus 179 } 180 #endif 181 182 #endif // HLT_H