1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15 #include "hitls_build.h"
16 #include "hitls_error.h"
17 #include "bsl_err_internal.h"
18 #include "tls_binlog_id.h"
19 #include "hitls_type.h"
20 #include "hitls_config.h"
21 #include "tls.h"
22 #ifdef HITLS_TLS_FEATURE_SESSION
23 #include "session.h"
24 #endif
25 #include "cert_method.h"
26
27 #ifdef HITLS_TLS_CONNECTION_INFO_NEGOTIATION
HITLS_GetNegotiatedVersion(const HITLS_Ctx * ctx,uint16_t * version)28 int32_t HITLS_GetNegotiatedVersion(const HITLS_Ctx *ctx, uint16_t *version)
29 {
30 if (ctx == NULL || version == NULL) {
31 return HITLS_NULL_INPUT;
32 }
33 *version = ctx->negotiatedInfo.version;
34 return HITLS_SUCCESS;
35 }
36 #endif
37
38 #ifdef HITLS_TLS_PROTO_ALL
HITLS_GetMaxProtoVersion(const HITLS_Ctx * ctx,uint16_t * maxVersion)39 int32_t HITLS_GetMaxProtoVersion(const HITLS_Ctx *ctx, uint16_t *maxVersion)
40 {
41 if (ctx == NULL || maxVersion == NULL) {
42 return HITLS_NULL_INPUT;
43 }
44
45 *maxVersion = ctx->config.tlsConfig.maxVersion;
46 return HITLS_SUCCESS;
47 }
48
HITLS_GetMinProtoVersion(const HITLS_Ctx * ctx,uint16_t * minVersion)49 int32_t HITLS_GetMinProtoVersion(const HITLS_Ctx *ctx, uint16_t *minVersion)
50 {
51 if (ctx == NULL || minVersion == NULL) {
52 return HITLS_NULL_INPUT;
53 }
54
55 *minVersion = ctx->config.tlsConfig.minVersion;
56 return HITLS_SUCCESS;
57 }
58
HITLS_SetMinProtoVersion(HITLS_Ctx * ctx,uint16_t version)59 int32_t HITLS_SetMinProtoVersion(HITLS_Ctx *ctx, uint16_t version)
60 {
61 if (ctx == NULL) {
62 return HITLS_NULL_INPUT;
63 }
64
65 uint16_t maxVersion = ctx->config.tlsConfig.maxVersion;
66 return HITLS_CFG_SetVersion(&(ctx->config.tlsConfig), version, maxVersion);
67 }
68
HITLS_SetMaxProtoVersion(HITLS_Ctx * ctx,uint16_t version)69 int32_t HITLS_SetMaxProtoVersion(HITLS_Ctx *ctx, uint16_t version)
70 {
71 if (ctx == NULL) {
72 return HITLS_NULL_INPUT;
73 }
74
75 uint16_t minVersion = ctx->config.tlsConfig.minVersion;
76 return HITLS_CFG_SetVersion(&(ctx->config.tlsConfig), minVersion, version);
77 }
78 #endif
79
80 #ifdef HITLS_TLS_CONNECTION_INFO_NEGOTIATION
HITLS_IsAead(const HITLS_Ctx * ctx,uint8_t * isAead)81 int32_t HITLS_IsAead(const HITLS_Ctx *ctx, uint8_t *isAead)
82 {
83 if (ctx == NULL) {
84 return HITLS_NULL_INPUT;
85 }
86 /* Check whether the input parameter is empty. The system does not need to check whether the input parameter is
87 * empty */
88 return HITLS_CIPHER_IsAead(&(ctx->negotiatedInfo.cipherSuiteInfo), isAead);
89 }
90 #endif
91 #ifdef HITLS_TLS_PROTO_DTLS
HITLS_IsDtls(const HITLS_Ctx * ctx,uint8_t * isDtls)92 int32_t HITLS_IsDtls(const HITLS_Ctx *ctx, uint8_t *isDtls)
93 {
94 if (ctx == NULL) {
95 return HITLS_NULL_INPUT;
96 }
97 return HITLS_CFG_IsDtls(&(ctx->config.tlsConfig), isDtls);
98 }
99 #endif
100
101 #ifdef HITLS_TLS_FEATURE_SESSION
HITLS_IsSessionReused(HITLS_Ctx * ctx,uint8_t * isReused)102 int32_t HITLS_IsSessionReused(HITLS_Ctx *ctx, uint8_t *isReused)
103 {
104 if (ctx == NULL || isReused == NULL) {
105 return HITLS_NULL_INPUT;
106 }
107
108 *isReused = (uint8_t)ctx->negotiatedInfo.isResume;
109 return HITLS_SUCCESS;
110 }
111 #endif
112
113 #ifdef HITLS_TLS_FEATURE_SESSION_ID
HITLS_SetSessionIdCtx(HITLS_Ctx * ctx,const uint8_t * sessionIdCtx,uint32_t len)114 int32_t HITLS_SetSessionIdCtx(HITLS_Ctx *ctx, const uint8_t *sessionIdCtx, uint32_t len)
115 {
116 if (ctx == NULL) {
117 return HITLS_NULL_INPUT;
118 }
119
120 return HITLS_CFG_SetSessionIdCtx(&ctx->config.tlsConfig, sessionIdCtx, len);
121 }
122 #endif
123
124 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_GetSessionTicketKey(const HITLS_Ctx * ctx,uint8_t * key,uint32_t keySize,uint32_t * outSize)125 int32_t HITLS_GetSessionTicketKey(const HITLS_Ctx *ctx, uint8_t *key, uint32_t keySize, uint32_t *outSize)
126 {
127 if (ctx == NULL) {
128 return HITLS_NULL_INPUT;
129 }
130
131 return HITLS_CFG_GetSessionTicketKey(&ctx->config.tlsConfig, key, keySize, outSize);
132 }
133
HITLS_SetSessionTicketKey(HITLS_Ctx * ctx,const uint8_t * key,uint32_t keySize)134 int32_t HITLS_SetSessionTicketKey(HITLS_Ctx *ctx, const uint8_t *key, uint32_t keySize)
135 {
136 if (ctx == NULL) {
137 return HITLS_NULL_INPUT;
138 }
139
140 return HITLS_CFG_SetSessionTicketKey(&ctx->config.tlsConfig, key, keySize);
141 }
142 #endif
143
HITLS_SetVerifyResult(HITLS_Ctx * ctx,HITLS_ERROR verifyResult)144 int32_t HITLS_SetVerifyResult(HITLS_Ctx *ctx, HITLS_ERROR verifyResult)
145 {
146 if (ctx == NULL) {
147 return HITLS_NULL_INPUT;
148 }
149
150 ctx->peerInfo.verifyResult = verifyResult;
151 return HITLS_SUCCESS;
152 }
153
HITLS_GetVerifyResult(const HITLS_Ctx * ctx,HITLS_ERROR * verifyResult)154 int32_t HITLS_GetVerifyResult(const HITLS_Ctx *ctx, HITLS_ERROR *verifyResult)
155 {
156 if (ctx == NULL || verifyResult == NULL) {
157 return HITLS_NULL_INPUT;
158 }
159
160 *verifyResult = ctx->peerInfo.verifyResult;
161 return HITLS_SUCCESS;
162 }
163
164 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
HITLS_SetDtlsTimerCb(HITLS_Ctx * ctx,HITLS_DtlsTimerCb cb)165 int32_t HITLS_SetDtlsTimerCb(HITLS_Ctx *ctx, HITLS_DtlsTimerCb cb)
166 {
167 if (ctx == NULL) {
168 return HITLS_NULL_INPUT;
169 }
170
171 return HITLS_CFG_SetDtlsTimerCb(&(ctx->config.tlsConfig), cb);
172 }
173 #endif
174
175 #if defined(HITLS_TLS_CONNECTION_INFO_NEGOTIATION) && defined(HITLS_TLS_FEATURE_SESSION)
HITLS_GetPeerCertificate(const HITLS_Ctx * ctx)176 HITLS_CERT_X509 *HITLS_GetPeerCertificate(const HITLS_Ctx *ctx)
177 {
178 if (ctx == NULL) {
179 return NULL;
180 }
181
182 CERT_Pair *peerCert = NULL;
183
184 int32_t ret = SESS_GetPeerCert(ctx->session, &peerCert);
185 if (ret != HITLS_SUCCESS) {
186 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17157, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
187 "GetPeerCert fail", 0, 0, 0, 0);
188 return NULL;
189 }
190
191 HITLS_CERT_X509 *cert = SAL_CERT_PairGetX509(peerCert);
192 /* Certificate reference increments by one */
193 return cert == NULL ? NULL : SAL_CERT_X509Ref(ctx->config.tlsConfig.certMgrCtx, cert);
194 }
195 #endif
196
HITLS_SetQuietShutdown(HITLS_Ctx * ctx,int32_t mode)197 int32_t HITLS_SetQuietShutdown(HITLS_Ctx *ctx, int32_t mode)
198 {
199 if (ctx == NULL) {
200 return HITLS_NULL_INPUT;
201 }
202
203 // The mode value 0 indicates that the quiet disconnection mode is disabled. The mode value 1 indicates that the
204 // quiet disconnection mode is enabled
205 if (mode != 0 && mode != 1) {
206 return HITLS_CONFIG_INVALID_SET;
207 }
208
209 ctx->config.tlsConfig.isQuietShutdown = (mode != 0);
210
211 return HITLS_SUCCESS;
212 }
213
HITLS_GetQuietShutdown(const HITLS_Ctx * ctx,int32_t * mode)214 int32_t HITLS_GetQuietShutdown(const HITLS_Ctx *ctx, int32_t *mode)
215 {
216 if (ctx == NULL || mode == NULL) {
217 return HITLS_NULL_INPUT;
218 }
219
220 *mode = (int32_t)ctx->config.tlsConfig.isQuietShutdown;
221
222 return HITLS_SUCCESS;
223 }
224 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
HITLS_GetRenegotiationState(const HITLS_Ctx * ctx,uint8_t * isRenegotiationState)225 int32_t HITLS_GetRenegotiationState(const HITLS_Ctx *ctx, uint8_t *isRenegotiationState)
226 {
227 if (ctx == NULL || isRenegotiationState == NULL) {
228 return HITLS_NULL_INPUT;
229 }
230
231 *isRenegotiationState = (uint8_t)ctx->negotiatedInfo.isRenegotiation;
232
233 return HITLS_SUCCESS;
234 }
235 #endif
236 #ifdef HITLS_TLS_CONFIG_STATE
HITLS_GetRwstate(const HITLS_Ctx * ctx,uint8_t * rwstate)237 int32_t HITLS_GetRwstate(const HITLS_Ctx *ctx, uint8_t *rwstate)
238 {
239 if (ctx == NULL || rwstate == NULL) {
240 return HITLS_NULL_INPUT;
241 }
242
243 *rwstate = ctx->rwstate;
244 return HITLS_SUCCESS;
245 }
246 #endif
HITLS_SetShutdownState(HITLS_Ctx * ctx,uint32_t mode)247 int32_t HITLS_SetShutdownState(HITLS_Ctx *ctx, uint32_t mode)
248 {
249 if (ctx == NULL) {
250 return HITLS_NULL_INPUT;
251 }
252
253 ctx->shutdownState = mode;
254 return HITLS_SUCCESS;
255 }
256
HITLS_GetShutdownState(const HITLS_Ctx * ctx,uint32_t * mode)257 int32_t HITLS_GetShutdownState(const HITLS_Ctx *ctx, uint32_t *mode)
258 {
259 if (ctx == NULL || mode == NULL) {
260 return HITLS_NULL_INPUT;
261 }
262
263 *mode = ctx->shutdownState;
264 return HITLS_SUCCESS;
265 }
266
267 #ifdef HITLS_TLS_FEATURE_CERT_MODE
HITLS_GetClientVerifySupport(HITLS_Ctx * ctx,uint8_t * isSupport)268 int32_t HITLS_GetClientVerifySupport(HITLS_Ctx *ctx, uint8_t *isSupport)
269 {
270 if (ctx == NULL) {
271 return HITLS_NULL_INPUT;
272 }
273
274 return HITLS_CFG_GetClientVerifySupport(&(ctx->config.tlsConfig), isSupport);
275 }
276
HITLS_GetNoClientCertSupport(HITLS_Ctx * ctx,uint8_t * isSupport)277 int32_t HITLS_GetNoClientCertSupport(HITLS_Ctx *ctx, uint8_t *isSupport)
278 {
279 if (ctx == NULL) {
280 return HITLS_NULL_INPUT;
281 }
282
283 return HITLS_CFG_GetNoClientCertSupport(&(ctx->config.tlsConfig), isSupport);
284 }
285 #endif
286
287 #ifdef HITLS_TLS_FEATURE_PHA
HITLS_GetPostHandshakeAuthSupport(HITLS_Ctx * ctx,uint8_t * isSupport)288 int32_t HITLS_GetPostHandshakeAuthSupport(HITLS_Ctx *ctx, uint8_t *isSupport)
289 {
290 if (ctx == NULL) {
291 return HITLS_NULL_INPUT;
292 }
293
294 return HITLS_CFG_GetPostHandshakeAuthSupport(&(ctx->config.tlsConfig), isSupport);
295 }
296 #endif
297 #ifdef HITLS_TLS_FEATURE_CERT_MODE
HITLS_GetVerifyNoneSupport(HITLS_Ctx * ctx,uint8_t * isSupport)298 int32_t HITLS_GetVerifyNoneSupport(HITLS_Ctx *ctx, uint8_t *isSupport)
299 {
300 if (ctx == NULL) {
301 return HITLS_NULL_INPUT;
302 }
303
304 return HITLS_CFG_GetVerifyNoneSupport(&(ctx->config.tlsConfig), isSupport);
305 }
306 #endif
307
308 #if defined(HITLS_TLS_FEATURE_CERT_MODE) && defined(HITLS_TLS_FEATURE_RENEGOTIATION)
HITLS_GetClientOnceVerifySupport(HITLS_Ctx * ctx,uint8_t * isSupport)309 int32_t HITLS_GetClientOnceVerifySupport(HITLS_Ctx *ctx, uint8_t *isSupport)
310 {
311 if (ctx == NULL) {
312 return HITLS_NULL_INPUT;
313 }
314
315 return HITLS_CFG_GetClientOnceVerifySupport(&(ctx->config.tlsConfig), isSupport);
316 }
317 #endif
318
319 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
HITLS_ClearRenegotiationNum(HITLS_Ctx * ctx,uint32_t * renegotiationNum)320 int32_t HITLS_ClearRenegotiationNum(HITLS_Ctx *ctx, uint32_t *renegotiationNum)
321 {
322 if (ctx == NULL || renegotiationNum == NULL) {
323 return HITLS_NULL_INPUT;
324 }
325
326 *renegotiationNum = ctx->negotiatedInfo.renegotiationNum;
327 ctx->negotiatedInfo.renegotiationNum = 0;
328 return HITLS_SUCCESS;
329 }
330 #endif
331
332 #ifdef HITLS_TLS_FEATURE_MODE
HITLS_SetModeSupport(HITLS_Ctx * ctx,uint32_t mode)333 int32_t HITLS_SetModeSupport(HITLS_Ctx *ctx, uint32_t mode)
334 {
335 if (ctx == NULL) {
336 return HITLS_NULL_INPUT;
337 }
338 return HITLS_CFG_SetModeSupport(&(ctx->config.tlsConfig), mode);
339 }
340
HITLS_GetModeSupport(const HITLS_Ctx * ctx,uint32_t * mode)341 int32_t HITLS_GetModeSupport(const HITLS_Ctx *ctx, uint32_t *mode)
342 {
343 if (ctx == NULL) {
344 return HITLS_NULL_INPUT;
345 }
346 return HITLS_CFG_GetModeSupport(&(ctx->config.tlsConfig), mode);
347 }
348 #endif
349
350 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
HITLS_SetEncryptThenMac(HITLS_Ctx * ctx,uint32_t encryptThenMacType)351 int32_t HITLS_SetEncryptThenMac(HITLS_Ctx *ctx, uint32_t encryptThenMacType)
352 {
353 if (ctx == NULL) {
354 return HITLS_NULL_INPUT;
355 }
356
357 return HITLS_CFG_SetEncryptThenMac(&(ctx->config.tlsConfig), encryptThenMacType);
358 }
359
HITLS_GetEncryptThenMac(const HITLS_Ctx * ctx,uint32_t * encryptThenMacType)360 int32_t HITLS_GetEncryptThenMac(const HITLS_Ctx *ctx, uint32_t *encryptThenMacType)
361 {
362 if (ctx == NULL || encryptThenMacType == NULL) {
363 return HITLS_NULL_INPUT;
364 }
365
366 // Returns the negotiated value if it has been negotiated
367 if (ctx->negotiatedInfo.version > 0) {
368 *encryptThenMacType = (uint32_t)ctx->negotiatedInfo.isEncryptThenMac;
369 return HITLS_SUCCESS;
370 } else {
371 return HITLS_CFG_GetEncryptThenMac(&(ctx->config.tlsConfig), encryptThenMacType);
372 }
373 }
374 #endif
375
376 #ifdef HITLS_TLS_FEATURE_SNI
HITLS_SetServerName(HITLS_Ctx * ctx,uint8_t * serverName,uint32_t serverNameStrlen)377 int32_t HITLS_SetServerName(HITLS_Ctx *ctx, uint8_t *serverName, uint32_t serverNameStrlen)
378 {
379 if (ctx == NULL) {
380 return HITLS_NULL_INPUT;
381 }
382
383 return HITLS_CFG_SetServerName(&(ctx->config.tlsConfig), serverName, serverNameStrlen);
384 }
385 #endif
HITLS_SetCipherServerPreference(HITLS_Ctx * ctx,bool isSupport)386 int32_t HITLS_SetCipherServerPreference(HITLS_Ctx *ctx, bool isSupport)
387 {
388 if (ctx == NULL) {
389 return HITLS_NULL_INPUT;
390 }
391
392 return HITLS_CFG_SetCipherServerPreference(&(ctx->config.tlsConfig), isSupport);
393 }
394
HITLS_GetCipherServerPreference(const HITLS_Ctx * ctx,bool * isSupport)395 int32_t HITLS_GetCipherServerPreference(const HITLS_Ctx *ctx, bool *isSupport)
396 {
397 if (ctx == NULL) {
398 return HITLS_NULL_INPUT;
399 }
400
401 return HITLS_CFG_GetCipherServerPreference(&(ctx->config.tlsConfig), isSupport);
402 }
403
HITLS_SetRenegotiationSupport(HITLS_Ctx * ctx,bool isSupport)404 int32_t HITLS_SetRenegotiationSupport(HITLS_Ctx *ctx, bool isSupport)
405 {
406 if (ctx == NULL) {
407 return HITLS_NULL_INPUT;
408 }
409
410 return HITLS_CFG_SetRenegotiationSupport(&(ctx->config.tlsConfig), isSupport);
411 }
412 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
HITLS_SetClientRenegotiateSupport(HITLS_Ctx * ctx,bool isSupport)413 int32_t HITLS_SetClientRenegotiateSupport(HITLS_Ctx *ctx, bool isSupport)
414 {
415 if (ctx == NULL) {
416 return HITLS_NULL_INPUT;
417 }
418
419 return HITLS_CFG_SetClientRenegotiateSupport(&(ctx->config.tlsConfig), isSupport);
420 }
421 #endif
422 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
HITLS_SetLegacyRenegotiateSupport(HITLS_Ctx * ctx,bool isSupport)423 int32_t HITLS_SetLegacyRenegotiateSupport(HITLS_Ctx *ctx, bool isSupport)
424 {
425 if (ctx == NULL) {
426 return HITLS_NULL_INPUT;
427 }
428
429 return HITLS_CFG_SetLegacyRenegotiateSupport(&(ctx->config.tlsConfig), isSupport);
430 }
431 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
432 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_SetSessionTicketSupport(HITLS_Ctx * ctx,bool isSupport)433 int32_t HITLS_SetSessionTicketSupport(HITLS_Ctx *ctx, bool isSupport)
434 {
435 if (ctx == NULL) {
436 return HITLS_NULL_INPUT;
437 }
438
439 return HITLS_CFG_SetSessionTicketSupport(&(ctx->config.tlsConfig), isSupport);
440 }
441
HITLS_GetSessionTicketSupport(const HITLS_Ctx * ctx,uint8_t * isSupport)442 int32_t HITLS_GetSessionTicketSupport(const HITLS_Ctx *ctx, uint8_t *isSupport)
443 {
444 if (ctx == NULL) {
445 return HITLS_NULL_INPUT;
446 }
447
448 return HITLS_CFG_GetSessionTicketSupport(&(ctx->config.tlsConfig), isSupport);
449 }
450 #endif
HITLS_SetEmptyRecordsNum(HITLS_Ctx * ctx,uint32_t emptyNum)451 int32_t HITLS_SetEmptyRecordsNum(HITLS_Ctx *ctx, uint32_t emptyNum)
452 {
453 if (ctx == NULL) {
454 return HITLS_NULL_INPUT;
455 }
456
457 return HITLS_CFG_SetEmptyRecordsNum(&(ctx->config.tlsConfig), emptyNum);
458 }
459
HITLS_GetEmptyRecordsNum(const HITLS_Ctx * ctx,uint32_t * emptyNum)460 int32_t HITLS_GetEmptyRecordsNum(const HITLS_Ctx *ctx, uint32_t *emptyNum)
461 {
462 if (ctx == NULL) {
463 return HITLS_NULL_INPUT;
464 }
465
466 return HITLS_CFG_GetEmptyRecordsNum(&(ctx->config.tlsConfig), emptyNum);
467 }
468
469 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_SetTicketNums(HITLS_Ctx * ctx,uint32_t ticketNums)470 int32_t HITLS_SetTicketNums(HITLS_Ctx *ctx, uint32_t ticketNums)
471 {
472 if (ctx == NULL) {
473 return HITLS_NULL_INPUT;
474 }
475
476 return HITLS_CFG_SetTicketNums(&ctx->config.tlsConfig, ticketNums);
477 }
478
HITLS_GetTicketNums(HITLS_Ctx * ctx)479 uint32_t HITLS_GetTicketNums(HITLS_Ctx *ctx)
480 {
481 if (ctx == NULL) {
482 return HITLS_NULL_INPUT;
483 }
484
485 return HITLS_CFG_GetTicketNums(&ctx->config.tlsConfig);
486 }
487 #endif
488 #ifdef HITLS_TLS_FEATURE_FLIGHT
HITLS_SetFlightTransmitSwitch(HITLS_Ctx * ctx,uint8_t isEnable)489 int32_t HITLS_SetFlightTransmitSwitch(HITLS_Ctx *ctx, uint8_t isEnable)
490 {
491 if (ctx == NULL) {
492 return HITLS_NULL_INPUT;
493 }
494
495 return HITLS_CFG_SetFlightTransmitSwitch(&(ctx->config.tlsConfig), isEnable);
496 }
497
HITLS_GetFlightTransmitSwitch(const HITLS_Ctx * ctx,uint8_t * isEnable)498 int32_t HITLS_GetFlightTransmitSwitch(const HITLS_Ctx *ctx, uint8_t *isEnable)
499 {
500 if (ctx == NULL) {
501 return HITLS_NULL_INPUT;
502 }
503
504 return HITLS_CFG_GetFlightTransmitSwitch(&(ctx->config.tlsConfig), isEnable);
505 }
506 #endif
507
508 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
HITLS_SetDtlsCookieExangeSupport(HITLS_Ctx * ctx,bool isEnable)509 int32_t HITLS_SetDtlsCookieExangeSupport(HITLS_Ctx *ctx, bool isEnable)
510 {
511 if (ctx == NULL) {
512 return HITLS_NULL_INPUT;
513 }
514
515 return HITLS_CFG_SetDtlsCookieExchangeSupport(&(ctx->config.tlsConfig), isEnable);
516 }
517
HITLS_GetDtlsCookieExangeSupport(const HITLS_Ctx * ctx,bool * isEnable)518 int32_t HITLS_GetDtlsCookieExangeSupport(const HITLS_Ctx *ctx, bool *isEnable)
519 {
520 if (ctx == NULL) {
521 return HITLS_NULL_INPUT;
522 }
523
524 return HITLS_CFG_GetDtlsCookieExchangeSupport(&(ctx->config.tlsConfig), isEnable);
525 }
526 #endif
527
528 #ifdef HITLS_TLS_CONFIG_CERT
529 /**
530 * @ingroup hitls
531 * @brief Set the maximum size of the certificate chain that can be sent by the peer end.
532 *
533 * @param ctx [IN/OUT] TLS connection handle
534 * @param maxSize [IN] Set the maximum size of the certificate chain that can be sent by the peer end.
535 * @retval HITLS_NULL_INPUT The input parameter pointer is null.
536 * @retval HITLS_SUCCESS succeeded.
537 */
HITLS_SetMaxCertList(HITLS_Ctx * ctx,uint32_t maxSize)538 int32_t HITLS_SetMaxCertList(HITLS_Ctx *ctx, uint32_t maxSize)
539 {
540 if (ctx == NULL) {
541 return HITLS_NULL_INPUT;
542 }
543
544 return HITLS_CFG_SetMaxCertList(&(ctx->config.tlsConfig), maxSize);
545 }
546
547 /**
548 * @ingroup hitls
549 * @brief Obtain the maximum size of the certificate chain that can be sent by the peer end.
550 *
551 * @param ctx [IN] TLS connection handle
552 * @param maxSize [OUT] Maximum size of the certificate chain that can be sent by the peer end
553 * @retval HITLS_NULL_INPUT The input parameter pointer is null.
554 * @retval HITLS_SUCCESS succeeded.
555 */
HITLS_GetMaxCertList(const HITLS_Ctx * ctx,uint32_t * maxSize)556 int32_t HITLS_GetMaxCertList(const HITLS_Ctx *ctx, uint32_t *maxSize)
557 {
558 if (ctx == NULL) {
559 return HITLS_NULL_INPUT;
560 }
561
562 return HITLS_CFG_GetMaxCertList(&(ctx->config.tlsConfig), maxSize);
563 }
564 #endif
565
566 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
HITLS_SetTmpDhCb(HITLS_Ctx * ctx,HITLS_DhTmpCb cb)567 int32_t HITLS_SetTmpDhCb(HITLS_Ctx *ctx, HITLS_DhTmpCb cb)
568 {
569 if (ctx == NULL || cb == NULL) {
570 return HITLS_NULL_INPUT;
571 }
572
573 return HITLS_CFG_SetTmpDhCb(&(ctx->config.tlsConfig), cb);
574 }
575 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
576
577 #ifdef HITLS_TLS_CONFIG_RECORD_PADDING
HITLS_SetRecordPaddingCb(HITLS_Ctx * ctx,HITLS_RecordPaddingCb cb)578 int32_t HITLS_SetRecordPaddingCb(HITLS_Ctx *ctx, HITLS_RecordPaddingCb cb)
579 {
580 if (ctx == NULL) {
581 return HITLS_NULL_INPUT;
582 }
583
584 return HITLS_CFG_SetRecordPaddingCb(&(ctx->config.tlsConfig), cb);
585 }
586
HITLS_GetRecordPaddingCb(HITLS_Ctx * ctx)587 HITLS_RecordPaddingCb HITLS_GetRecordPaddingCb(HITLS_Ctx *ctx)
588 {
589 if (ctx == NULL) {
590 return NULL;
591 }
592
593 return HITLS_CFG_GetRecordPaddingCb(&(ctx->config.tlsConfig));
594 }
595
HITLS_SetRecordPaddingCbArg(HITLS_Ctx * ctx,void * arg)596 int32_t HITLS_SetRecordPaddingCbArg(HITLS_Ctx *ctx, void *arg)
597 {
598 if (ctx == NULL) {
599 return HITLS_NULL_INPUT;
600 }
601
602 return HITLS_CFG_SetRecordPaddingCbArg(&(ctx->config.tlsConfig), arg);
603 }
604
HITLS_GetRecordPaddingCbArg(HITLS_Ctx * ctx)605 void *HITLS_GetRecordPaddingCbArg(HITLS_Ctx *ctx)
606 {
607 if (ctx == NULL) {
608 return NULL;
609 }
610
611 return HITLS_CFG_GetRecordPaddingCbArg(&(ctx->config.tlsConfig));
612 }
613 #endif
614
615 #ifdef HITLS_TLS_CONFIG_KEY_USAGE
HITLS_SetCheckKeyUsage(HITLS_Ctx * ctx,bool isCheck)616 int32_t HITLS_SetCheckKeyUsage(HITLS_Ctx *ctx, bool isCheck)
617 {
618 if (ctx == NULL) {
619 return HITLS_NULL_INPUT;
620 }
621 return HITLS_CFG_SetCheckKeyUsage(&(ctx->config.tlsConfig), isCheck);
622 }
623 #endif
624