1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include <stdint.h>
17 #include "securec.h"
18 #include "tls_binlog_id.h"
19 #include "bsl_log_internal.h"
20 #include "bsl_log.h"
21 #include "bsl_err_internal.h"
22 #include "bsl_sal.h"
23 #include "hitls_error.h"
24 #include "cert_method.h"
25 #include "cert.h"
26 #include "cert_mgr_ctx.h"
27
SAL_CERT_SetCertStore(CERT_MgrCtx * mgrCtx,HITLS_CERT_Store * store)28 int32_t SAL_CERT_SetCertStore(CERT_MgrCtx *mgrCtx, HITLS_CERT_Store *store)
29 {
30 if (mgrCtx == NULL) {
31 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
32 return HITLS_NULL_INPUT;
33 }
34 SAL_CERT_StoreFree(mgrCtx, mgrCtx->certStore);
35 mgrCtx->certStore = store;
36 return HITLS_SUCCESS;
37 }
38
SAL_CERT_GetCertStore(CERT_MgrCtx * mgrCtx)39 HITLS_CERT_Store *SAL_CERT_GetCertStore(CERT_MgrCtx *mgrCtx)
40 {
41 if (mgrCtx == NULL) {
42 return NULL;
43 }
44
45 return mgrCtx->certStore;
46 }
47
SAL_CERT_SetChainStore(CERT_MgrCtx * mgrCtx,HITLS_CERT_Store * store)48 int32_t SAL_CERT_SetChainStore(CERT_MgrCtx *mgrCtx, HITLS_CERT_Store *store)
49 {
50 if (mgrCtx == NULL) {
51 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
52 return HITLS_NULL_INPUT;
53 }
54 SAL_CERT_StoreFree(mgrCtx, mgrCtx->chainStore);
55 mgrCtx->chainStore = store;
56 return HITLS_SUCCESS;
57 }
58
SAL_CERT_GetChainStore(CERT_MgrCtx * mgrCtx)59 HITLS_CERT_Store *SAL_CERT_GetChainStore(CERT_MgrCtx *mgrCtx)
60 {
61 if (mgrCtx == NULL) {
62 return NULL;
63 }
64
65 return mgrCtx->chainStore;
66 }
67
SAL_CERT_SetVerifyStore(CERT_MgrCtx * mgrCtx,HITLS_CERT_Store * store)68 int32_t SAL_CERT_SetVerifyStore(CERT_MgrCtx *mgrCtx, HITLS_CERT_Store *store)
69 {
70 if (mgrCtx == NULL) {
71 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
72 return HITLS_NULL_INPUT;
73 }
74 SAL_CERT_StoreFree(mgrCtx, mgrCtx->verifyStore);
75 mgrCtx->verifyStore = store;
76 return HITLS_SUCCESS;
77 }
78
SAL_CERT_GetVerifyStore(CERT_MgrCtx * mgrCtx)79 HITLS_CERT_Store *SAL_CERT_GetVerifyStore(CERT_MgrCtx *mgrCtx)
80 {
81 if (mgrCtx == NULL) {
82 return NULL;
83 }
84
85 return mgrCtx->verifyStore;
86 }
GetOrInsertCertPair(CERT_MgrCtx * mgrCtx,HITLS_CERT_KeyType keyType,CERT_Pair ** certPair)87 static int32_t GetOrInsertCertPair(CERT_MgrCtx *mgrCtx, HITLS_CERT_KeyType keyType, CERT_Pair **certPair)
88 {
89 CERT_Pair *newCertPair = NULL;
90 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&newCertPair);
91 if (ret != HITLS_SUCCESS || newCertPair == NULL) {
92 newCertPair = BSL_SAL_Calloc(1u, sizeof(CERT_Pair));
93 if (newCertPair == NULL) {
94 return RETURN_ERROR_NUMBER_PROCESS(HITLS_MEMALLOC_FAIL, BINLOG_ID16102, "certPair calloc fail");
95 }
96 ret = BSL_HASH_Insert(mgrCtx->certPairs, keyType, 0, (uintptr_t)newCertPair, sizeof(CERT_Pair));
97 if (ret != HITLS_SUCCESS) {
98 BSL_SAL_FREE(newCertPair);
99 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID17339, "insert fail");
100 }
101 }
102 *certPair = newCertPair;
103 return HITLS_SUCCESS;
104 }
105
SAL_CERT_SetCurrentCert(HITLS_Config * config,HITLS_CERT_X509 * cert,bool isTlcpEncCert)106 int32_t SAL_CERT_SetCurrentCert(HITLS_Config *config, HITLS_CERT_X509 *cert, bool isTlcpEncCert)
107 {
108 (void)isTlcpEncCert;
109 if (cert == NULL || config == NULL) {
110 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
111 return HITLS_NULL_INPUT;
112 }
113 CERT_MgrCtx *mgrCtx = config->certMgrCtx;
114 if (mgrCtx == NULL) {
115 BSL_ERR_PUSH_ERROR(HITLS_UNREGISTERED_CALLBACK);
116 return RETURN_ERROR_NUMBER_PROCESS(HITLS_UNREGISTERED_CALLBACK, BINLOG_ID16286, "unregistered callback");
117 }
118
119 HITLS_CERT_Key *pubkey = NULL;
120 int32_t ret = SAL_CERT_X509Ctrl(config, cert, CERT_CTRL_GET_PUB_KEY, NULL, (void *)&pubkey);
121 if (ret != HITLS_SUCCESS) {
122 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16099, "GET PUB KEY fail");
123 }
124
125 uint32_t keyType = TLS_CERT_KEY_TYPE_UNKNOWN;
126 ret = SAL_CERT_KeyCtrl(config, pubkey, CERT_KEY_CTRL_GET_TYPE, NULL, (void *)&keyType);
127 SAL_CERT_KeyFree(mgrCtx, pubkey);
128 if (ret != HITLS_SUCCESS) {
129 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16100, "GET KEY TYPE fail");
130 }
131
132 CERT_Pair *certPair = NULL;
133 ret = GetOrInsertCertPair(mgrCtx, keyType, &certPair);
134 if (ret != HITLS_SUCCESS || certPair == NULL) {
135 return HITLS_MEMALLOC_FAIL;
136 }
137
138 HITLS_CERT_Key **privateKey = NULL;
139 HITLS_CERT_X509 **certPairCert = NULL;
140 #ifdef HITLS_TLS_PROTO_TLCP11
141 if (isTlcpEncCert) {
142 privateKey = &certPair->encPrivateKey;
143 certPairCert = &certPair->encCert;
144 } else
145 #endif
146 {
147 privateKey = &certPair->privateKey;
148 certPairCert = &certPair->cert;
149 }
150 if (*privateKey != NULL) {
151 ret = SAL_CERT_CheckPrivateKey(config, cert, *privateKey);
152 if (ret != HITLS_SUCCESS) {
153 /* If the certificate does not match the private key, release the private key. */
154 SAL_CERT_KeyFree(mgrCtx, *privateKey);
155 *privateKey = NULL;
156 }
157 }
158 SAL_CERT_X509Free(*certPairCert);
159 *certPairCert = cert;
160 mgrCtx->currentCertKeyType = keyType;
161 return HITLS_SUCCESS;
162 }
163
SAL_CERT_GetCurrentCert(CERT_MgrCtx * mgrCtx)164 HITLS_CERT_X509 *SAL_CERT_GetCurrentCert(CERT_MgrCtx *mgrCtx)
165 {
166 if (mgrCtx == NULL) {
167 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16287, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
168 return NULL;
169 }
170 uint32_t keyType = mgrCtx->currentCertKeyType;
171 CERT_Pair *certPair = NULL;
172 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&certPair);
173 if (ret != HITLS_SUCCESS || certPair == NULL) {
174 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16288, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "idx err", 0, 0, 0, 0);
175 return NULL;
176 }
177 return certPair->cert;
178 }
179
SAL_CERT_GetCert(CERT_MgrCtx * mgrCtx,HITLS_CERT_KeyType keyType)180 HITLS_CERT_X509 *SAL_CERT_GetCert(CERT_MgrCtx *mgrCtx, HITLS_CERT_KeyType keyType)
181 {
182 if (mgrCtx == NULL) {
183 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16289, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
184 return NULL;
185 }
186
187 CERT_Pair *certPair = NULL;
188 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&certPair);
189 if (ret != HITLS_SUCCESS || certPair == NULL) {
190 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16290, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "idx err", 0, 0, 0, 0);
191 return NULL;
192 }
193 return certPair->cert;
194 }
195
SAL_CERT_SetCurrentPrivateKey(HITLS_Config * config,HITLS_CERT_Key * key,bool isTlcpEncCertPriKey)196 int32_t SAL_CERT_SetCurrentPrivateKey(HITLS_Config *config, HITLS_CERT_Key *key, bool isTlcpEncCertPriKey)
197 {
198 (void)isTlcpEncCertPriKey;
199 if (key == NULL || config == NULL) {
200 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
201 return HITLS_NULL_INPUT;
202 }
203 CERT_MgrCtx *mgrCtx = config->certMgrCtx;
204 if (mgrCtx == NULL) {
205 BSL_ERR_PUSH_ERROR(HITLS_UNREGISTERED_CALLBACK);
206 return HITLS_UNREGISTERED_CALLBACK;
207 }
208
209 uint32_t keyType = TLS_CERT_KEY_TYPE_UNKNOWN;
210 int32_t ret = SAL_CERT_KeyCtrl(config, key, CERT_KEY_CTRL_GET_TYPE, NULL, (void *)&keyType);
211 if (ret != HITLS_SUCCESS) {
212 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16104, "get key type fail");
213 }
214
215 CERT_Pair *certPair = NULL;
216 ret = GetOrInsertCertPair(mgrCtx, keyType, &certPair);
217 if (ret != HITLS_SUCCESS || certPair == NULL) {
218 return HITLS_MEMALLOC_FAIL;
219 }
220
221 HITLS_CERT_Key **certPairPrivateKey = NULL;
222 HITLS_CERT_X509 **cert = NULL;
223 #ifdef HITLS_TLS_PROTO_TLCP11
224 if (isTlcpEncCertPriKey) {
225 certPairPrivateKey = &certPair->encPrivateKey;
226 cert = &certPair->encCert;
227 } else
228 #endif
229 {
230 certPairPrivateKey = &certPair->privateKey;
231 cert = &certPair->cert;
232 }
233 if (*cert != NULL) {
234 ret = SAL_CERT_CheckPrivateKey(config, *cert, key);
235 if (ret != HITLS_SUCCESS) {
236 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16107, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
237 "set private key error: cert and key mismatch, key type = %u.", keyType, 0, 0, 0);
238 /* The certificate does not match the private key. */
239 return ret;
240 }
241 }
242 SAL_CERT_KeyFree(mgrCtx, *certPairPrivateKey);
243 *certPairPrivateKey = key;
244 mgrCtx->currentCertKeyType = keyType;
245 return HITLS_SUCCESS;
246 }
247
SAL_CERT_GetCurrentPrivateKey(CERT_MgrCtx * mgrCtx,bool isTlcpEncCert)248 HITLS_CERT_Key *SAL_CERT_GetCurrentPrivateKey(CERT_MgrCtx *mgrCtx, bool isTlcpEncCert)
249 {
250 (void)isTlcpEncCert;
251 if (mgrCtx == NULL) {
252 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16291, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
253 return NULL;
254 }
255 uint32_t keyType = mgrCtx->currentCertKeyType;
256 CERT_Pair *certPair = NULL;
257 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&certPair);
258 if (ret != HITLS_SUCCESS || certPair == NULL) {
259 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16292, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "certPair null", 0, 0, 0, 0);
260 return NULL;
261 }
262 #ifdef HITLS_TLS_PROTO_TLCP11
263 if (isTlcpEncCert) {
264 return certPair->encPrivateKey;
265 }
266 #endif
267 return certPair->privateKey;
268 }
269
SAL_CERT_GetPrivateKey(CERT_MgrCtx * mgrCtx,HITLS_CERT_KeyType keyType)270 HITLS_CERT_Key *SAL_CERT_GetPrivateKey(CERT_MgrCtx *mgrCtx, HITLS_CERT_KeyType keyType)
271 {
272 if (mgrCtx == NULL) {
273 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16293, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
274 return NULL;
275 }
276 CERT_Pair *certPair = NULL;
277 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&certPair);
278 if (ret != HITLS_SUCCESS || certPair == NULL) {
279 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16294, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "certPair null", 0, 0, 0, 0);
280 return NULL;
281 }
282
283 return certPair->privateKey;
284 }
285
SAL_CERT_AddChainCert(CERT_MgrCtx * mgrCtx,HITLS_CERT_X509 * cert)286 int32_t SAL_CERT_AddChainCert(CERT_MgrCtx *mgrCtx, HITLS_CERT_X509 *cert)
287 {
288 if (mgrCtx == NULL || cert == NULL) {
289 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
290 return RETURN_ERROR_NUMBER_PROCESS(HITLS_NULL_INPUT, BINLOG_ID16392, "null input");
291 }
292
293 uint32_t keyType = mgrCtx->currentCertKeyType;
294 if (keyType == TLS_CERT_KEY_TYPE_UNKNOWN) {
295 BSL_ERR_PUSH_ERROR(HITLS_CERT_ERR_ADD_CHAIN_CERT);
296 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CERT_ERR_ADD_CHAIN_CERT, BINLOG_ID16390, "keyType unknown");
297 }
298 CERT_Pair *certPair = NULL;
299 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)keyType, (uintptr_t *)&certPair);
300 if (ret != HITLS_SUCCESS || certPair == NULL) {
301 /* the certificate has not been loaded yet */
302 BSL_ERR_PUSH_ERROR(HITLS_CERT_ERR_ADD_CHAIN_CERT);
303 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CERT_ERR_ADD_CHAIN_CERT, BINLOG_ID16391, "certPair null");
304 }
305
306 HITLS_CERT_Chain *newChain = NULL;
307 HITLS_CERT_Chain *chain = certPair->chain;
308 if (chain == NULL) {
309 newChain = SAL_CERT_ChainNew();
310 if (newChain == NULL) {
311 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
312 return RETURN_ERROR_NUMBER_PROCESS(HITLS_MEMALLOC_FAIL, BINLOG_ID16295, "ChainNew fail");
313 }
314 chain = newChain;
315 }
316
317 ret = SAL_CERT_ChainAppend(chain, cert);
318 if (ret != HITLS_SUCCESS) {
319 BSL_SAL_FREE(newChain);
320 return ret;
321 }
322 certPair->chain = chain;
323 return HITLS_SUCCESS;
324 }
325
SAL_CERT_GetCurrentChainCerts(CERT_MgrCtx * mgrCtx)326 HITLS_CERT_Chain *SAL_CERT_GetCurrentChainCerts(CERT_MgrCtx *mgrCtx)
327 {
328 if (mgrCtx == NULL) {
329 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16296, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
330 return NULL;
331 }
332
333 CERT_Pair *certPair = NULL;
334 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)mgrCtx->currentCertKeyType, (uintptr_t *)&certPair);
335 if (ret != HITLS_SUCCESS || certPair == NULL) {
336 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16297, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "certPair null", 0, 0, 0, 0);
337 return NULL;
338 }
339
340 return certPair->chain;
341 }
342
SAL_CERT_ClearCurrentChainCerts(CERT_MgrCtx * mgrCtx)343 void SAL_CERT_ClearCurrentChainCerts(CERT_MgrCtx *mgrCtx)
344 {
345 if (mgrCtx == NULL) {
346 return;
347 }
348
349 CERT_Pair *certPair = NULL;
350 int32_t ret = BSL_HASH_At(mgrCtx->certPairs, (uintptr_t)mgrCtx->currentCertKeyType, (uintptr_t *)&certPair);
351 if (ret != HITLS_SUCCESS || certPair == NULL || certPair->chain == NULL) {
352 return;
353 }
354 SAL_CERT_ChainFree(certPair->chain);
355 certPair->chain = NULL;
356 return;
357 }
358
SAL_CERT_ClearCertAndKey(CERT_MgrCtx * mgrCtx)359 void SAL_CERT_ClearCertAndKey(CERT_MgrCtx *mgrCtx)
360 {
361 if (mgrCtx == NULL) {
362 return;
363 }
364
365 BSL_HASH_Hash *certPairs = mgrCtx->certPairs;
366 for (BSL_HASH_Iterator it = BSL_HASH_IterBegin(certPairs); it != BSL_HASH_IterEnd(certPairs);) {
367 uint32_t keyType = (uint32_t)BSL_HASH_HashIterKey(certPairs, it);
368 CERT_Pair *certPair = (CERT_Pair *)BSL_HASH_IterValue(certPairs, it);
369 SAL_CERT_PairClear(mgrCtx, certPair);
370 BSL_SAL_FREE(certPair);
371 it = BSL_HASH_Erase(certPairs, keyType);
372 }
373 mgrCtx->currentCertKeyType = TLS_CERT_KEY_TYPE_UNKNOWN;
374 return;
375 }
376
SAL_CERT_AddExtraChainCert(CERT_MgrCtx * mgrCtx,HITLS_CERT_X509 * cert)377 int32_t SAL_CERT_AddExtraChainCert(CERT_MgrCtx *mgrCtx, HITLS_CERT_X509 *cert)
378 {
379 if (mgrCtx == NULL || cert == NULL) {
380 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
381 return HITLS_NULL_INPUT;
382 }
383
384 HITLS_CERT_Chain *newChain = NULL;
385 HITLS_CERT_Chain *chain = mgrCtx->extraChain;
386 if (chain == NULL) {
387 newChain = SAL_CERT_ChainNew();
388 if (newChain == NULL) {
389 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
390 return RETURN_ERROR_NUMBER_PROCESS(HITLS_MEMALLOC_FAIL, BINLOG_ID16298, "ChainNew fail");
391 }
392 chain = newChain;
393 }
394
395 int32_t ret = SAL_CERT_ChainAppend(chain, cert);
396 if (ret != HITLS_SUCCESS) {
397 BSL_SAL_FREE(newChain);
398 return ret;
399 }
400 mgrCtx->extraChain = chain;
401 return HITLS_SUCCESS;
402 }
403
SAL_CERT_GetExtraChainCerts(CERT_MgrCtx * mgrCtx)404 HITLS_CERT_Chain *SAL_CERT_GetExtraChainCerts(CERT_MgrCtx *mgrCtx)
405 {
406 if (mgrCtx == NULL) {
407 return NULL;
408 }
409
410 return mgrCtx->extraChain;
411 }
412
SAL_CERT_ClearExtraChainCerts(CERT_MgrCtx * mgrCtx)413 void SAL_CERT_ClearExtraChainCerts(CERT_MgrCtx *mgrCtx)
414 {
415 if (mgrCtx == NULL) {
416 return;
417 }
418
419 HITLS_CERT_Chain *chain = mgrCtx->extraChain;
420 if (chain == NULL) {
421 return;
422 }
423 SAL_CERT_ChainFree(chain);
424 mgrCtx->extraChain = NULL;
425 return;
426 }
427
SAL_CERT_SetVerifyDepth(CERT_MgrCtx * mgrCtx,uint32_t depth)428 int32_t SAL_CERT_SetVerifyDepth(CERT_MgrCtx *mgrCtx, uint32_t depth)
429 {
430 if (mgrCtx == NULL) {
431 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
432 return HITLS_NULL_INPUT;
433 }
434 mgrCtx->verifyParam.verifyDepth = depth;
435 return HITLS_SUCCESS;
436 }
437
SAL_CERT_GetVerifyDepth(CERT_MgrCtx * mgrCtx,uint32_t * depth)438 int32_t SAL_CERT_GetVerifyDepth(CERT_MgrCtx *mgrCtx, uint32_t *depth)
439 {
440 if (mgrCtx == NULL || depth == NULL) {
441 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
442 return HITLS_NULL_INPUT;
443 }
444 *depth = mgrCtx->verifyParam.verifyDepth;
445 return HITLS_SUCCESS;
446 }
447
SAL_CERT_SetDefaultPasswordCb(CERT_MgrCtx * mgrCtx,HITLS_PasswordCb cb)448 int32_t SAL_CERT_SetDefaultPasswordCb(CERT_MgrCtx *mgrCtx, HITLS_PasswordCb cb)
449 {
450 if (mgrCtx == NULL) {
451 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
452 return HITLS_NULL_INPUT;
453 }
454 mgrCtx->defaultPasswdCb = cb;
455 return HITLS_SUCCESS;
456 }
457
SAL_CERT_GetDefaultPasswordCb(CERT_MgrCtx * mgrCtx)458 HITLS_PasswordCb SAL_CERT_GetDefaultPasswordCb(CERT_MgrCtx *mgrCtx)
459 {
460 if (mgrCtx == NULL) {
461 return NULL;
462 }
463 return mgrCtx->defaultPasswdCb;
464 }
465
SAL_CERT_SetDefaultPasswordCbUserdata(CERT_MgrCtx * mgrCtx,void * userdata)466 int32_t SAL_CERT_SetDefaultPasswordCbUserdata(CERT_MgrCtx *mgrCtx, void *userdata)
467 {
468 if (mgrCtx == NULL) {
469 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
470 return HITLS_NULL_INPUT;
471 }
472 mgrCtx->defaultPasswdCbUserData = userdata;
473 return HITLS_SUCCESS;
474 }
475
SAL_CERT_GetDefaultPasswordCbUserdata(CERT_MgrCtx * mgrCtx)476 void *SAL_CERT_GetDefaultPasswordCbUserdata(CERT_MgrCtx *mgrCtx)
477 {
478 if (mgrCtx == NULL) {
479 return NULL;
480 }
481 return mgrCtx->defaultPasswdCbUserData;
482 }
483
SAL_CERT_SetVerifyCb(CERT_MgrCtx * mgrCtx,HITLS_VerifyCb cb)484 int32_t SAL_CERT_SetVerifyCb(CERT_MgrCtx *mgrCtx, HITLS_VerifyCb cb)
485 {
486 if (mgrCtx == NULL) {
487 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
488 return HITLS_NULL_INPUT;
489 }
490 mgrCtx->verifyCb = cb;
491 return HITLS_SUCCESS;
492 }
493
SAL_CERT_GetVerifyCb(CERT_MgrCtx * mgrCtx)494 HITLS_VerifyCb SAL_CERT_GetVerifyCb(CERT_MgrCtx *mgrCtx)
495 {
496 if (mgrCtx == NULL) {
497 return NULL;
498 }
499 return mgrCtx->verifyCb;
500 }