1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include <stdint.h>
17 #include <stdbool.h>
18 #include "hitls_build.h"
19 #include "securec.h"
20 #include "bsl_log_internal.h"
21 #include "bsl_err_internal.h"
22 #include "bsl_log.h"
23 #include "bsl_sal.h"
24 #include "bsl_list.h"
25 #include "hitls_type.h"
26 #include "hitls_error.h"
27 #ifdef HITLS_TLS_FEATURE_PSK
28 #include "hitls_psk.h"
29 #endif
30 #ifdef HITLS_TLS_FEATURE_ALPN
31 #include "hitls_alpn.h"
32 #endif
33 #include "hitls_cert_type.h"
34 #ifdef HITLS_TLS_FEATURE_SNI
35 #include "hitls_sni.h"
36 #endif
37 #include "tls.h"
38 #include "tls_binlog_id.h"
39 #include "cert.h"
40 #include "crypt.h"
41 #ifdef HITLS_TLS_FEATURE_SESSION
42 #include "session_mgr.h"
43 #endif
44 #include "config_check.h"
45 #include "config_default.h"
46 #include "bsl_list.h"
47 #include "rec.h"
48 #include "hitls_cookie.h"
49
50 #ifdef HITLS_TLS_CONFIG_CIPHER_SUITE
51 /* Define the upper limit of the group type */
52 #define MAX_GROUP_TYPE_NUM 128u
53 #endif
54 #ifdef HITLS_TLS_EXTENSION_CERT_AUTH
HitlsTrustedCANodeFree(void * caNode)55 static void HitlsTrustedCANodeFree(void *caNode)
56 {
57 if (caNode == NULL) {
58 return;
59 }
60 HITLS_TrustedCANode *newCaNode = (HITLS_TrustedCANode *)caNode;
61 BSL_SAL_FREE(newCaNode->data);
62 newCaNode->data = NULL;
63 BSL_SAL_FREE(newCaNode);
64 }
65
HITLS_CFG_ClearCAList(HITLS_Config * config)66 void HITLS_CFG_ClearCAList(HITLS_Config *config)
67 {
68 if (config == NULL) {
69 return;
70 }
71 BSL_LIST_FREE(config->caList, HitlsTrustedCANodeFree);
72 config->caList = NULL;
73 return;
74 }
75 #endif
CFG_CleanConfig(HITLS_Config * config)76 void CFG_CleanConfig(HITLS_Config *config)
77 {
78 BSL_SAL_FREE(config->cipherSuites);
79 #ifdef HITLS_TLS_PROTO_TLS13
80 BSL_SAL_FREE(config->tls13CipherSuites);
81 #endif
82 BSL_SAL_FREE(config->pointFormats);
83 BSL_SAL_FREE(config->groups);
84 BSL_SAL_FREE(config->signAlgorithms);
85 #ifdef HITLS_TLS_FEATURE_PROVIDER
86 for (uint32_t i = 0; i < config->groupInfolen; i++) {
87 BSL_SAL_FREE(config->groupInfo[i].name);
88 }
89 BSL_SAL_FREE(config->groupInfo);
90 config->groupInfoSize = 0;
91 config->groupInfolen = 0;
92 for (uint32_t i = 0; i < config->sigSchemeInfolen; i++) {
93 BSL_SAL_FREE(config->sigSchemeInfo[i].name);
94 }
95 BSL_SAL_FREE(config->sigSchemeInfo);
96 config->sigSchemeInfoSize = 0;
97 config->sigSchemeInfolen = 0;
98 #endif
99
100 #if defined(HITLS_TLS_PROTO_TLS12) && defined(HITLS_TLS_FEATURE_PSK)
101 BSL_SAL_FREE(config->pskIdentityHint);
102 #endif
103 #ifdef HITLS_TLS_FEATURE_ALPN
104 BSL_SAL_FREE(config->alpnList);
105 #endif
106 #ifdef HITLS_TLS_FEATURE_SNI
107 BSL_SAL_FREE(config->serverName);
108 #endif
109 #ifdef HITLS_TLS_EXTENSION_CERT_AUTH
110 BSL_LIST_FREE(config->caList, HitlsTrustedCANodeFree);
111 #endif
112 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
113 SAL_CRYPT_FreeDhKey(config->dhTmp);
114 config->dhTmp = NULL;
115 #endif
116 #ifdef HITLS_TLS_FEATURE_SESSION
117 SESSMGR_Free(config->sessMgr);
118 config->sessMgr = NULL;
119 #endif
120 SAL_CERT_MgrCtxFree(config->certMgrCtx);
121 config->certMgrCtx = NULL;
122 #ifdef HITLS_TLS_FEATURE_CUSTOM_EXTENSION
123 FreeCustomExtensions(config->customExts);
124 config->customExts = NULL;
125 #endif /* HITLS_TLS_FEATURE_CUSTOM_EXTENSION */
126 BSL_SAL_ReferencesFree(&(config->references));
127 return;
128 }
129
130
ShallowCopy(HITLS_Ctx * ctx,const HITLS_Config * srcConfig)131 static void ShallowCopy(HITLS_Ctx *ctx, const HITLS_Config *srcConfig)
132 {
133 HITLS_Config *destConfig = &ctx->config.tlsConfig;
134
135 /*
136 * Other parameters except CipherSuite, PointFormats, Group, SignAlgorithms, Psk, SessionId, CertMgr, and SessMgr
137 * are shallowly copied, and some of them reference globalConfig.
138 */
139 destConfig->libCtx = LIBCTX_FROM_CONFIG(srcConfig);
140 destConfig->attrName = ATTRIBUTE_FROM_CONFIG(srcConfig);
141 destConfig->minVersion = srcConfig->minVersion;
142 destConfig->maxVersion = srcConfig->maxVersion;
143 destConfig->isQuietShutdown = srcConfig->isQuietShutdown;
144 destConfig->isSupportServerPreference = srcConfig->isSupportServerPreference;
145 destConfig->maxCertList = srcConfig->maxCertList;
146 destConfig->isSupportExtendMasterSecret = srcConfig->isSupportExtendMasterSecret;
147 destConfig->emptyRecordsNum = srcConfig->emptyRecordsNum;
148 destConfig->isKeepPeerCert = srcConfig->isKeepPeerCert;
149 destConfig->version = srcConfig->version;
150 destConfig->originVersionMask = srcConfig->originVersionMask;
151 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
152 destConfig->isSupportRenegotiation = srcConfig->isSupportRenegotiation;
153 destConfig->allowClientRenegotiate = srcConfig->allowClientRenegotiate;
154 #endif
155 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
156 destConfig->allowLegacyRenegotiate = srcConfig->allowLegacyRenegotiate;
157 #endif
158 #ifdef HITLS_TLS_SUITE_KX_RSA
159 destConfig->needCheckPmsVersion = srcConfig->needCheckPmsVersion;
160 #endif
161 #ifdef HITLS_TLS_CONFIG_KEY_USAGE
162 destConfig->needCheckKeyUsage = srcConfig->needCheckKeyUsage;
163 #endif
164 destConfig->userData = srcConfig->userData;
165 destConfig->userDataFreeCb = srcConfig->userDataFreeCb;
166 #ifdef HITLS_TLS_FEATURE_MODE
167 destConfig->modeSupport = srcConfig->modeSupport;
168 #endif
169 destConfig->readAhead = srcConfig->readAhead;
170 destConfig->recordPaddingCb = srcConfig->recordPaddingCb;
171 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
172 destConfig->isSupportDhAuto = srcConfig->isSupportDhAuto;
173 destConfig->dhTmpCb = srcConfig->dhTmpCb;
174 #endif
175
176 #if defined(HITLS_TLS_FEATURE_RENEGOTIATION) && defined(HITLS_TLS_FEATURE_SESSION)
177 destConfig->isResumptionOnRenego = srcConfig->isResumptionOnRenego;
178 #endif
179 #ifdef HITLS_TLS_FEATURE_CERT_MODE
180 destConfig->isSupportClientVerify = srcConfig->isSupportClientVerify;
181 destConfig->isSupportNoClientCert = srcConfig->isSupportNoClientCert;
182 destConfig->isSupportVerifyNone = srcConfig->isSupportVerifyNone;
183 #endif
184 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
185 destConfig->isSupportSessionTicket = srcConfig->isSupportSessionTicket;
186 #endif
187 #if defined(HITLS_TLS_FEATURE_RENEGOTIATION) && defined(HITLS_TLS_FEATURE_CERT_MODE)
188 destConfig->isSupportClientOnceVerify = srcConfig->isSupportClientOnceVerify;
189 #endif
190 #ifdef HITLS_TLS_FEATURE_PHA
191 destConfig->isSupportPostHandshakeAuth = srcConfig->isSupportPostHandshakeAuth;
192 #endif
193 #ifdef HITLS_TLS_FEATURE_PSK
194 destConfig->pskClientCb = srcConfig->pskClientCb;
195 destConfig->pskServerCb = srcConfig->pskServerCb;
196 #endif
197 #ifdef HITLS_TLS_PROTO_TLS13
198 destConfig->keyExchMode = srcConfig->keyExchMode;
199 #endif
200 #ifdef HITLS_TLS_FEATURE_INDICATOR
201 destConfig->infoCb = srcConfig->infoCb;
202 destConfig->msgCb = srcConfig->msgCb;
203 destConfig->msgArg = srcConfig->msgArg;
204 #endif
205 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
206 destConfig->dtlsTimerCb = srcConfig->dtlsTimerCb;
207 destConfig->dtlsPostHsTimeoutVal = srcConfig->dtlsPostHsTimeoutVal;
208 destConfig->isSupportDtlsCookieExchange = srcConfig->isSupportDtlsCookieExchange;
209 #endif
210 #ifdef HITLS_TLS_FEATURE_SECURITY
211 destConfig->securityCb = srcConfig->securityCb;
212 destConfig->securityExData = srcConfig->securityExData;
213 destConfig->securityLevel = srcConfig->securityLevel;
214 #endif
215 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
216 destConfig->isEncryptThenMac = srcConfig->isEncryptThenMac;
217 #endif
218 #if defined(HITLS_TLS_PROTO_TLS13) && defined(HITLS_TLS_FEATURE_PSK)
219 destConfig->pskFindSessionCb = srcConfig->pskFindSessionCb;
220 destConfig->pskUseSessionCb = srcConfig->pskUseSessionCb;
221 #endif
222 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
223 destConfig->ticketNums = srcConfig->ticketNums;
224 #endif
225 #ifdef HITLS_TLS_FEATURE_FLIGHT
226 destConfig->isFlightTransmitEnable = srcConfig->isFlightTransmitEnable;
227 #endif
228 }
229
DeepCopy(void ** destConfig,const void * srcConfig,uint32_t logId,uint32_t len)230 static int32_t DeepCopy(void** destConfig, const void* srcConfig, uint32_t logId, uint32_t len)
231 {
232 BSL_SAL_FREE(*destConfig);
233 *destConfig = BSL_SAL_Dump(srcConfig, len);
234 if (*destConfig == NULL) {
235 BSL_LOG_BINLOG_FIXLEN(logId, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
236 return HITLS_MEMALLOC_FAIL;
237 }
238 return HITLS_SUCCESS;
239 }
240
PointFormatsCfgDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)241 static int32_t PointFormatsCfgDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
242 {
243 if (srcConfig->pointFormats != NULL) {
244 int32_t ret = DeepCopy((void **)&destConfig->pointFormats, srcConfig->pointFormats, BINLOG_ID16584,
245 srcConfig->pointFormatsSize * sizeof(uint8_t));
246 if (ret != HITLS_SUCCESS) {
247 return ret;
248 }
249 destConfig->pointFormatsSize = srcConfig->pointFormatsSize;
250 }
251 return HITLS_SUCCESS;
252 }
253
GroupCfgDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)254 static int32_t GroupCfgDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
255 {
256 if (srcConfig->groups != NULL) {
257 int32_t ret = DeepCopy((void **)&destConfig->groups, srcConfig->groups, BINLOG_ID16585,
258 srcConfig->groupsSize * sizeof(uint16_t));
259 if (ret != HITLS_SUCCESS) {
260 return ret;
261 }
262 destConfig->groupsSize = srcConfig->groupsSize;
263 }
264 #ifdef HITLS_TLS_FEATURE_PROVIDER
265 if (srcConfig->groupInfo != NULL) {
266 if (destConfig->groupInfo != NULL) {
267 BSL_SAL_FREE(destConfig->groupInfo->name);
268 BSL_SAL_FREE(destConfig->groupInfo);
269 }
270 destConfig->groupInfo= BSL_SAL_Calloc(srcConfig->groupInfolen, sizeof(TLS_GroupInfo));
271 if (destConfig->groupInfo == NULL) {
272 return HITLS_MEMALLOC_FAIL;
273 }
274 for (uint32_t i = 0; i < srcConfig->groupInfolen; i++) {
275 destConfig->groupInfo[i] = srcConfig->groupInfo[i];
276 destConfig->groupInfo[i].name =
277 BSL_SAL_Dump(srcConfig->groupInfo[i].name, strlen(srcConfig->groupInfo[i].name) + 1);
278 if (destConfig->groupInfo[i].name == NULL) {
279 return HITLS_MEMALLOC_FAIL;
280 }
281 }
282 destConfig->groupInfoSize = srcConfig->groupInfolen;
283 destConfig->groupInfolen = srcConfig->groupInfolen;
284 }
285 #endif
286 return HITLS_SUCCESS;
287 }
288
289 #if defined(HITLS_TLS_PROTO_TLS12) && defined(HITLS_TLS_FEATURE_PSK)
PskCfgDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)290 static int32_t PskCfgDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
291 {
292 if (srcConfig->pskIdentityHint != NULL) {
293 BSL_SAL_FREE(destConfig->pskIdentityHint);
294 destConfig->pskIdentityHint = BSL_SAL_Dump(srcConfig->pskIdentityHint, srcConfig->hintSize * sizeof(uint8_t));
295 if (destConfig->pskIdentityHint == NULL) {
296 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16586, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
297 return HITLS_MEMALLOC_FAIL;
298 }
299 destConfig->hintSize = srcConfig->hintSize;
300 }
301 return HITLS_SUCCESS;
302 }
303 #endif
SignAlgorithmsCfgDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)304 static int32_t SignAlgorithmsCfgDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
305 {
306 if (srcConfig->signAlgorithms != NULL) {
307 int32_t ret = DeepCopy((void **)&destConfig->signAlgorithms, srcConfig->signAlgorithms, BINLOG_ID16587,
308 srcConfig->signAlgorithmsSize * sizeof(uint16_t));
309 if (ret != HITLS_SUCCESS) {
310 return ret;
311 }
312 destConfig->signAlgorithmsSize = srcConfig->signAlgorithmsSize;
313 }
314 #ifdef HITLS_TLS_FEATURE_PROVIDER
315 if (srcConfig->sigSchemeInfo != NULL) {
316 BSL_SAL_FREE(destConfig->sigSchemeInfo);
317 destConfig->sigSchemeInfo = BSL_SAL_Calloc(srcConfig->sigSchemeInfolen, sizeof(TLS_SigSchemeInfo));
318 if (destConfig->sigSchemeInfo == NULL) {
319 return HITLS_MEMALLOC_FAIL;
320 }
321 for (uint32_t i = 0; i < srcConfig->sigSchemeInfolen; i++) {
322 destConfig->sigSchemeInfo[i] = srcConfig->sigSchemeInfo[i];
323 destConfig->sigSchemeInfo[i].name =
324 BSL_SAL_Dump(srcConfig->sigSchemeInfo[i].name, strlen(srcConfig->sigSchemeInfo[i].name) + 1);
325 if (destConfig->sigSchemeInfo[i].name == NULL) {
326 return HITLS_MEMALLOC_FAIL;
327 }
328 }
329 destConfig->sigSchemeInfoSize = srcConfig->sigSchemeInfolen;
330 destConfig->sigSchemeInfolen = srcConfig->sigSchemeInfolen;
331 }
332 #endif
333 return HITLS_SUCCESS;
334 }
335
336 #ifdef HITLS_TLS_FEATURE_ALPN
AlpnListDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)337 static int32_t AlpnListDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
338 {
339 if (srcConfig->alpnListSize == 0 || srcConfig->alpnList == NULL) {
340 return HITLS_SUCCESS;
341 }
342 BSL_SAL_FREE(destConfig->alpnList);
343 destConfig->alpnList = BSL_SAL_Dump(srcConfig->alpnList, (srcConfig->alpnListSize + 1) * sizeof(uint8_t));
344 if (destConfig->alpnList == NULL) {
345 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16588, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
346 return HITLS_MEMALLOC_FAIL;
347 }
348 destConfig->alpnListSize = srcConfig->alpnListSize;
349 return HITLS_SUCCESS;
350 }
351 #endif
352 #ifdef HITLS_TLS_FEATURE_SNI
ServerNameDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)353 static int32_t ServerNameDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
354 {
355 if (srcConfig->serverNameSize != 0 && srcConfig->serverName != NULL) {
356 int32_t ret = DeepCopy((void **)&destConfig->serverName, srcConfig->serverName, BINLOG_ID16589,
357 srcConfig->serverNameSize * sizeof(uint8_t));
358 if (ret != HITLS_SUCCESS) {
359 return ret;
360 }
361 destConfig->serverNameSize = srcConfig->serverNameSize;
362 }
363 return HITLS_SUCCESS;
364 }
365 #endif
CipherSuiteDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)366 static int32_t CipherSuiteDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
367 {
368 if (srcConfig->cipherSuites != NULL) {
369 int32_t ret = DeepCopy((void **)&destConfig->cipherSuites, srcConfig->cipherSuites, BINLOG_ID16590,
370 srcConfig->cipherSuitesSize * sizeof(uint16_t));
371 if (ret != HITLS_SUCCESS) {
372 return ret;
373 }
374 destConfig->cipherSuitesSize = srcConfig->cipherSuitesSize;
375 }
376 #ifdef HITLS_TLS_PROTO_TLS13
377 if (srcConfig->tls13CipherSuites != NULL) {
378 int32_t ret = DeepCopy((void **)&destConfig->tls13CipherSuites, srcConfig->tls13CipherSuites, BINLOG_ID16591,
379 srcConfig->tls13cipherSuitesSize * sizeof(uint16_t));
380 if (ret != HITLS_SUCCESS) {
381 BSL_SAL_FREE(destConfig->cipherSuites);
382 return ret;
383 }
384 destConfig->tls13cipherSuitesSize = srcConfig->tls13cipherSuitesSize;
385 }
386 #endif
387 return HITLS_SUCCESS;
388 }
389
CertMgrDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)390 static int32_t CertMgrDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
391 {
392 if (!SAL_CERT_MgrIsEnable()) {
393 return HITLS_SUCCESS;
394 }
395 destConfig->certMgrCtx = SAL_CERT_MgrCtxDup(srcConfig->certMgrCtx);
396 if (destConfig->certMgrCtx == NULL) {
397 return HITLS_CERT_ERR_MGR_DUP;
398 }
399 return HITLS_SUCCESS;
400 }
401 #ifdef HITLS_TLS_FEATURE_SESSION_ID
SessionIdCtxCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)402 static int32_t SessionIdCtxCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
403 {
404 if (srcConfig->sessionIdCtxSize != 0 &&
405 memcpy_s(destConfig->sessionIdCtx, sizeof(destConfig->sessionIdCtx),
406 srcConfig->sessionIdCtx, srcConfig->sessionIdCtxSize) != EOK) {
407 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16592, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
408 return HITLS_MEMCPY_FAIL;
409 }
410
411 destConfig->sessionIdCtxSize = srcConfig->sessionIdCtxSize;
412 return HITLS_SUCCESS;
413 }
414 #endif /* HITLS_TLS_FEATURE_SESSION_ID */
415 #ifdef HITLS_TLS_FEATURE_SESSION
SessMgrDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)416 static int32_t SessMgrDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
417 {
418 destConfig->sessMgr = SESSMGR_Dup(srcConfig->sessMgr);
419 if (destConfig->sessMgr == NULL) {
420 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16593, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
421 "MGR_Dup fail", 0, 0, 0, 0);
422 return HITLS_MEMALLOC_FAIL;
423 }
424
425 return HITLS_SUCCESS;
426 }
427
HITLS_CFG_SetSessionTimeout(HITLS_Config * config,uint64_t timeout)428 int32_t HITLS_CFG_SetSessionTimeout(HITLS_Config *config, uint64_t timeout)
429 {
430 if (config == NULL || config->sessMgr == NULL) {
431 return HITLS_NULL_INPUT;
432 }
433
434 SESSMGR_SetTimeout(config->sessMgr, timeout);
435 return HITLS_SUCCESS;
436 }
437
HITLS_CFG_GetSessionTimeout(const HITLS_Config * config,uint64_t * timeout)438 int32_t HITLS_CFG_GetSessionTimeout(const HITLS_Config *config, uint64_t *timeout)
439 {
440 if (config == NULL || config->sessMgr == NULL || timeout == NULL) {
441 return HITLS_NULL_INPUT;
442 }
443
444 *timeout = SESSMGR_GetTimeout(config->sessMgr);
445 return HITLS_SUCCESS;
446 }
447
HITLS_CFG_SetNewSessionCb(HITLS_Config * config,const HITLS_NewSessionCb newSessionCb)448 int32_t HITLS_CFG_SetNewSessionCb(HITLS_Config *config, const HITLS_NewSessionCb newSessionCb)
449 {
450 if (config == NULL) {
451 return HITLS_NULL_INPUT;
452 }
453
454 config->newSessionCb = newSessionCb;
455 return HITLS_SUCCESS;
456 }
457 #endif
458
459 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
CryptKeyDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)460 static int32_t CryptKeyDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
461 {
462 if (srcConfig->dhTmp != NULL) {
463 destConfig->dhTmp = SAL_CRYPT_DupDhKey(srcConfig->dhTmp);
464 if (destConfig->dhTmp == NULL) {
465 return HITLS_CONFIG_DUP_DH_KEY_FAIL;
466 }
467 }
468
469 return HITLS_SUCCESS;
470 }
471 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
472
BasicConfigDeepCopy(HITLS_Config * destConfig,const HITLS_Config * srcConfig)473 static int32_t BasicConfigDeepCopy(HITLS_Config *destConfig, const HITLS_Config *srcConfig)
474 {
475 int32_t ret = HITLS_SUCCESS;
476 (void)destConfig;
477 (void)srcConfig;
478 #ifdef HITLS_TLS_FEATURE_SESSION_ID
479 ret = SessionIdCtxCopy(destConfig, srcConfig);
480 if (ret != HITLS_SUCCESS) {
481 return ret;
482 }
483 #endif
484 ret = CertMgrDeepCopy(destConfig, srcConfig);
485 if (ret != HITLS_SUCCESS) {
486 return ret;
487 }
488 #ifdef HITLS_TLS_FEATURE_SESSION
489 ret = SessMgrDeepCopy(destConfig, srcConfig);
490 if (ret != HITLS_SUCCESS) {
491 return ret;
492 }
493 #endif
494 #ifdef HITLS_TLS_FEATURE_ALPN
495 ret = AlpnListDeepCopy(destConfig, srcConfig);
496 if (ret != HITLS_SUCCESS) {
497 return ret;
498 }
499 #endif
500 #ifdef HITLS_TLS_FEATURE_SNI
501 ret = ServerNameDeepCopy(destConfig, srcConfig);
502 if (ret != HITLS_SUCCESS) {
503 return ret;
504 }
505 #endif
506 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
507 ret = CryptKeyDeepCopy(destConfig, srcConfig);
508 if (ret != HITLS_SUCCESS) {
509 return ret;
510 }
511 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
512 #ifdef HITLS_TLS_FEATURE_CUSTOM_EXTENSION
513 destConfig->customExts = DupCustomExtensions(srcConfig->customExts);
514 if (srcConfig->customExts != NULL && destConfig->customExts == NULL) {
515 return HITLS_MEMALLOC_FAIL;
516 }
517 #endif /* HITLS_TLS_FEATURE_CUSTOM_EXTENSION */
518 return HITLS_SUCCESS;
519 }
520
DumpConfig(HITLS_Ctx * ctx,const HITLS_Config * srcConfig)521 int32_t DumpConfig(HITLS_Ctx *ctx, const HITLS_Config *srcConfig)
522 {
523 int32_t ret;
524 HITLS_Config *destConfig = &ctx->config.tlsConfig;
525
526 // shallow copy
527 ShallowCopy(ctx, srcConfig);
528
529 ret = CipherSuiteDeepCopy(destConfig, srcConfig);
530 if (ret != HITLS_SUCCESS) {
531 goto EXIT;
532 }
533
534 ret = PointFormatsCfgDeepCopy(destConfig, srcConfig);
535 if (ret != HITLS_SUCCESS) {
536 goto EXIT;
537 }
538
539 ret = GroupCfgDeepCopy(destConfig, srcConfig);
540 if (ret != HITLS_SUCCESS) {
541 goto EXIT;
542 }
543
544 ret = SignAlgorithmsCfgDeepCopy(destConfig, srcConfig);
545 if (ret != HITLS_SUCCESS) {
546 goto EXIT;
547 }
548 #if defined(HITLS_TLS_PROTO_TLS12) && defined(HITLS_TLS_FEATURE_PSK)
549 ret = PskCfgDeepCopy(destConfig, srcConfig);
550 if (ret != HITLS_SUCCESS) {
551 goto EXIT;
552 }
553 #endif
554 ret = BasicConfigDeepCopy(destConfig, srcConfig);
555 if (ret != HITLS_SUCCESS) {
556 goto EXIT;
557 }
558
559 return HITLS_SUCCESS;
560 EXIT:
561 CFG_CleanConfig(destConfig);
562 return ret;
563 }
564
CreateConfig(void)565 HITLS_Config *CreateConfig(void)
566 {
567 HITLS_Config *newConfig = BSL_SAL_Calloc(1u, sizeof(HITLS_Config));
568 if (newConfig == NULL) {
569 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16594, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
570 return NULL;
571 }
572 if (BSL_SAL_ReferencesInit(&(newConfig->references)) != BSL_SUCCESS) {
573 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16595, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
574 "ReferencesInit fail", 0, 0, 0, 0);
575 BSL_SAL_FREE(newConfig);
576 return NULL;
577 }
578 return newConfig;
579 }
580
581 #ifdef HITLS_TLS_PROTO_DTLS12
HITLS_CFG_NewDTLS12Config(void)582 HITLS_Config *HITLS_CFG_NewDTLS12Config(void)
583 {
584 return HITLS_CFG_ProviderNewDTLS12Config(NULL, NULL);
585 }
586
HITLS_CFG_ProviderNewDTLS12Config(HITLS_Lib_Ctx * libCtx,const char * attrName)587 HITLS_Config *HITLS_CFG_ProviderNewDTLS12Config(HITLS_Lib_Ctx *libCtx, const char *attrName)
588 {
589 HITLS_Config *newConfig = CreateConfig();
590 if (newConfig == NULL) {
591 return NULL;
592 }
593 newConfig->version |= DTLS12_VERSION_BIT; // Enable DTLS 1.2
594 if (DefaultConfig(libCtx, attrName, HITLS_VERSION_DTLS12, newConfig) != HITLS_SUCCESS) {
595 BSL_SAL_FREE(newConfig);
596 return NULL;
597 }
598 newConfig->originVersionMask = newConfig->version;
599 return newConfig;
600 }
601
602 #endif
603
604 #ifdef HITLS_TLS_PROTO_DTLCP11
HITLS_CFG_NewDTLCPConfig(void)605 HITLS_Config *HITLS_CFG_NewDTLCPConfig(void)
606 {
607 return HITLS_CFG_ProviderNewDTLCPConfig(NULL, NULL);
608 }
609
HITLS_CFG_ProviderNewDTLCPConfig(HITLS_Lib_Ctx * libCtx,const char * attrName)610 HITLS_Config *HITLS_CFG_ProviderNewDTLCPConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
611 {
612 HITLS_Config *newConfig = CreateConfig();
613 if (newConfig == NULL) {
614 return NULL;
615 }
616
617 newConfig->version |= DTLCP11_VERSION_BIT; // Enable DTLCP 1.1
618 if (DefaultConfig(libCtx, attrName, HITLS_VERSION_TLCP_DTLCP11, newConfig) != HITLS_SUCCESS) {
619 BSL_SAL_FREE(newConfig);
620 return NULL;
621 }
622 newConfig->originVersionMask = newConfig->version;
623 return newConfig;
624 }
625
626 #endif
627
628 #ifdef HITLS_TLS_PROTO_TLCP11
HITLS_CFG_NewTLCPConfig(void)629 HITLS_Config *HITLS_CFG_NewTLCPConfig(void)
630 {
631 return HITLS_CFG_ProviderNewTLCPConfig(NULL, NULL);
632 }
633
HITLS_CFG_ProviderNewTLCPConfig(HITLS_Lib_Ctx * libCtx,const char * attrName)634 HITLS_Config *HITLS_CFG_ProviderNewTLCPConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
635 {
636 HITLS_Config *newConfig = CreateConfig();
637 if (newConfig == NULL) {
638 return NULL;
639 }
640 newConfig->version |= TLCP11_VERSION_BIT; // Enable TLCP 1.1
641 if (DefaultConfig(libCtx, attrName, HITLS_VERSION_TLCP_DTLCP11, newConfig) != HITLS_SUCCESS) {
642 BSL_SAL_FREE(newConfig);
643 return NULL;
644 }
645 newConfig->originVersionMask = newConfig->version;
646 return newConfig;
647 }
648 #endif
649
650 #ifdef HITLS_TLS_PROTO_TLS12
HITLS_CFG_NewTLS12Config(void)651 HITLS_Config *HITLS_CFG_NewTLS12Config(void)
652 {
653 return HITLS_CFG_ProviderNewTLS12Config(NULL, NULL);
654 }
655
HITLS_CFG_ProviderNewTLS12Config(HITLS_Lib_Ctx * libCtx,const char * attrName)656 HITLS_Config *HITLS_CFG_ProviderNewTLS12Config(HITLS_Lib_Ctx *libCtx, const char *attrName)
657 {
658 HITLS_Config *newConfig = CreateConfig();
659 if (newConfig == NULL) {
660 return NULL;
661 }
662 /* Initialize the version */
663 newConfig->version |= TLS12_VERSION_BIT; // Enable TLS 1.2
664 if (DefaultConfig(libCtx, attrName, HITLS_VERSION_TLS12, newConfig) != HITLS_SUCCESS) {
665 BSL_SAL_FREE(newConfig);
666 return NULL;
667 }
668 newConfig->originVersionMask = newConfig->version;
669 return newConfig;
670 }
671 #endif
672
673 #ifdef HITLS_TLS_PROTO_ALL
HITLS_CFG_NewTLSConfig(void)674 HITLS_Config *HITLS_CFG_NewTLSConfig(void)
675 {
676 return HITLS_CFG_ProviderNewTLSConfig(NULL, NULL);
677 }
678
HITLS_CFG_ProviderNewTLSConfig(HITLS_Lib_Ctx * libCtx,const char * attrName)679 HITLS_Config *HITLS_CFG_ProviderNewTLSConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
680 {
681 HITLS_Config *newConfig = CreateConfig();
682 if (newConfig == NULL) {
683 return NULL;
684 }
685 newConfig->version |= TLS_VERSION_MASK;
686
687 newConfig->libCtx = libCtx;
688 newConfig->attrName = attrName;
689
690 if (DefaultTlsAllConfig(newConfig) != HITLS_SUCCESS) {
691 BSL_SAL_FREE(newConfig);
692 return NULL;
693 }
694 newConfig->originVersionMask = newConfig->version;
695 return newConfig;
696 }
697 #endif
698 #ifdef HITLS_TLS_PROTO_DTLS
HITLS_CFG_NewDTLSConfig(void)699 HITLS_Config *HITLS_CFG_NewDTLSConfig(void)
700 {
701 return HITLS_CFG_ProviderNewDTLSConfig(NULL, NULL);
702 }
703
HITLS_CFG_ProviderNewDTLSConfig(HITLS_Lib_Ctx * libCtx,const char * attrName)704 HITLS_Config *HITLS_CFG_ProviderNewDTLSConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
705 {
706 HITLS_Config *newConfig = CreateConfig();
707 if (newConfig == NULL) {
708 return NULL;
709 }
710 newConfig->version |= DTLS_VERSION_MASK; // Enable All Versions
711
712 newConfig->libCtx = libCtx;
713 newConfig->attrName = attrName;
714
715 if (DefaultDtlsAllConfig(newConfig) != HITLS_SUCCESS) {
716 BSL_SAL_FREE(newConfig);
717 return NULL;
718 }
719 newConfig->originVersionMask = newConfig->version;
720 return newConfig;
721 }
722
723 #endif
724
HITLS_CFG_FreeConfig(HITLS_Config * config)725 void HITLS_CFG_FreeConfig(HITLS_Config *config)
726 {
727 if (config == NULL) {
728 return;
729 }
730 int ret = 0;
731 (void)BSL_SAL_AtomicDownReferences(&(config->references), &ret);
732 if (ret > 0) {
733 return;
734 }
735 CFG_CleanConfig(config);
736 #ifdef HITLS_TLS_CONFIG_USER_DATA
737 if (config->userData != NULL && config->userDataFreeCb != NULL) {
738 (void)config->userDataFreeCb(config->userData);
739 config->userData = NULL;
740 }
741 #endif
742 BSL_SAL_FREE(config);
743
744 return;
745 }
746
HITLS_CFG_UpRef(HITLS_Config * config)747 int32_t HITLS_CFG_UpRef(HITLS_Config *config)
748 {
749 if (config == NULL) {
750 return HITLS_NULL_INPUT;
751 }
752 int ret = 0;
753 (void)BSL_SAL_AtomicUpReferences(&(config->references), &ret);
754 (void)ret;
755
756 return HITLS_SUCCESS;
757 }
758
MapVersion2VersionBit(bool isDatagram,uint16_t version)759 uint32_t MapVersion2VersionBit(bool isDatagram, uint16_t version)
760 {
761 (void)isDatagram;
762 uint32_t ret = 0;
763 switch (version) {
764 case HITLS_VERSION_TLS12:
765 ret = TLS12_VERSION_BIT;
766 break;
767 case HITLS_VERSION_TLS13:
768 ret = TLS13_VERSION_BIT;
769 break;
770 case HITLS_VERSION_TLCP_DTLCP11:
771 if (isDatagram) {
772 ret = DTLCP11_VERSION_BIT;
773 } else {
774 ret = TLCP11_VERSION_BIT;
775 }
776 break;
777 case HITLS_VERSION_DTLS12:
778 ret = DTLS12_VERSION_BIT;
779 break;
780 default:
781 break;
782 }
783 return ret;
784 }
785
786 #ifdef HITLS_TLS_PROTO_ALL
ChangeVersionMask(HITLS_Config * config,uint16_t minVersion,uint16_t maxVersion)787 static int ChangeVersionMask(HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
788 {
789 uint32_t originVersionMask = config->originVersionMask;
790 uint32_t versionMask = 0;
791 uint32_t versionBit = 0;
792
793 /* Creating a DTLS version but setting a TLS version is invalid. */
794 if (originVersionMask == DTLS_VERSION_MASK) {
795 if (IS_DTLS_VERSION(minVersion) == 0) {
796 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16596, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
797 "Config min version [0x%x] err.", minVersion, 0, 0, 0);
798 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_VERSION);
799 return HITLS_CONFIG_INVALID_VERSION;
800 }
801 }
802
803 if (originVersionMask == TLS_VERSION_MASK) {
804 /* Creating a TLS version but setting a DTLS version is invalid. */
805 if (IS_DTLS_VERSION(minVersion)) {
806 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16597, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
807 "minVersion err", 0, 0, 0, 0);
808 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_VERSION);
809 return HITLS_CONFIG_INVALID_VERSION;
810 }
811
812 for (uint16_t version = minVersion; version <= maxVersion; version++) {
813 versionBit = MapVersion2VersionBit(IS_SUPPORT_DATAGRAM(originVersionMask), version);
814 versionMask |= versionBit;
815 }
816
817 if ((versionMask & originVersionMask) == 0) {
818 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16598, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
819 "Config version err", 0, 0, 0, 0);
820 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_VERSION);
821 return HITLS_CONFIG_INVALID_VERSION;
822 }
823
824 config->version = versionMask;
825 return HITLS_SUCCESS;
826 }
827
828 return HITLS_SUCCESS;
829 }
830
CheckVersionValid(HITLS_Config * config,uint16_t minVersion,uint16_t maxVersion)831 static int32_t CheckVersionValid(HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
832 {
833 if ((minVersion < HITLS_VERSION_SSL30 && minVersion != 0) ||
834 (minVersion == HITLS_VERSION_SSL30 && config->minVersion != HITLS_VERSION_SSL30) ||
835 (maxVersion <= HITLS_VERSION_SSL30 && maxVersion != 0)) {
836 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16599, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
837 "Config version err", 0, 0, 0, 0);
838 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_VERSION);
839 return HITLS_CONFIG_INVALID_VERSION;
840 }
841 return HITLS_SUCCESS;
842 }
843
ChangeTmpVersion(HITLS_Config * config,uint16_t * tmpMinVersion,uint16_t * tmpMaxVersion)844 static void ChangeTmpVersion(HITLS_Config *config, uint16_t *tmpMinVersion, uint16_t *tmpMaxVersion)
845 {
846 if (*tmpMinVersion == 0) {
847 if (config->originVersionMask == DTLS_VERSION_MASK) {
848 *tmpMinVersion = HITLS_VERSION_DTLS12;
849 } else {
850 *tmpMinVersion = HITLS_VERSION_TLS12;
851 }
852 } else if (*tmpMaxVersion == 0) {
853 if (config->originVersionMask == DTLS_VERSION_MASK) {
854 *tmpMaxVersion = HITLS_VERSION_DTLS12;
855 } else {
856 *tmpMaxVersion = HITLS_VERSION_TLS13;
857 }
858 }
859 return;
860 }
861 #endif
862
HITLS_CFG_SetVersion(HITLS_Config * config,uint16_t minVersion,uint16_t maxVersion)863 int32_t HITLS_CFG_SetVersion(HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
864 {
865 if (config == NULL) {
866 return HITLS_NULL_INPUT;
867 }
868 int32_t ret = 0;
869 #ifdef HITLS_TLS_PROTO_ALL
870 if (config->minVersion == minVersion && config->maxVersion == maxVersion && minVersion != 0 && maxVersion != 0) {
871 return HITLS_SUCCESS;
872 }
873
874 /* TLCP cannot be supported by setting the version number. They can be
875 * initialized only by using the corresponding configuration initialization interface.
876 */
877 ret = CheckVersionValid(config, minVersion, maxVersion);
878 if (ret != HITLS_SUCCESS) {
879 return ret;
880 }
881
882 config->minVersion = 0;
883 config->maxVersion = 0;
884
885 /* If both the latest version and the earliest version supported are 0, clear the versionMask. */
886 if (minVersion == maxVersion && minVersion == 0) {
887 config->version = 0;
888 return HITLS_SUCCESS;
889 }
890 #endif
891 uint16_t tmpMinVersion = minVersion;
892 uint16_t tmpMaxVersion = maxVersion;
893 #ifdef HITLS_TLS_PROTO_ALL
894 ChangeTmpVersion(config, &tmpMinVersion, &tmpMaxVersion);
895 #endif
896 ret = CheckVersion(tmpMinVersion, tmpMaxVersion);
897 if (ret != HITLS_SUCCESS) {
898 return ret;
899 }
900
901 #ifdef HITLS_TLS_PROTO_ALL
902 /* In invalid cases, both maxVersion and minVersion are 0 */
903 if (ChangeVersionMask(config, tmpMinVersion, tmpMaxVersion) == HITLS_SUCCESS) {
904 #endif
905 config->minVersion = tmpMinVersion;
906 config->maxVersion = tmpMaxVersion;
907 #ifdef HITLS_TLS_PROTO_ALL
908 }
909 #endif
910 return HITLS_SUCCESS;
911 }
912
913 #ifdef HITLS_TLS_PROTO_ALL
HITLS_CFG_SetVersionForbid(HITLS_Config * config,uint32_t noVersion)914 int32_t HITLS_CFG_SetVersionForbid(HITLS_Config *config, uint32_t noVersion)
915 {
916 if (config == NULL) {
917 return HITLS_NULL_INPUT;
918 }
919 // Now only DTLS1.2 is supported, so single version is not supported (disable to version 0)
920 if ((config->originVersionMask & TLS_VERSION_MASK) == TLS_VERSION_MASK) {
921 uint32_t noVersionBit = MapVersion2VersionBit(IS_SUPPORT_DATAGRAM(config->originVersionMask), noVersion);
922 if ((config->version & (~noVersionBit)) == 0) {
923 return HITLS_SUCCESS; // Not all is disabled but the return value is SUCCESS
924 }
925 config->version &= ~noVersionBit;
926 uint32_t versionBits[] = {
927 TLS12_VERSION_BIT, TLS13_VERSION_BIT};
928 uint16_t versions[] = {
929 HITLS_VERSION_TLS12, HITLS_VERSION_TLS13};
930 uint32_t versionBitsSize = sizeof(versionBits) / sizeof(uint32_t);
931 for (uint32_t i = 0; i < versionBitsSize; i++) {
932 if ((config->version & versionBits[i]) == versionBits[i]) {
933 config->minVersion = versions[i];
934 break;
935 }
936 }
937 for (int i = (int)versionBitsSize - 1; i >= 0; i--) {
938 if ((config->version & versionBits[i]) == versionBits[i]) {
939 config->maxVersion = versions[i];
940 break;
941 }
942 }
943 }
944 return HITLS_SUCCESS;
945 }
946 #endif
947
GetCipherSuitesCnt(const uint16_t * cipherSuites,uint32_t cipherSuitesSize,uint32_t * tls13CipherSize,uint32_t * tlsCipherSize)948 static void GetCipherSuitesCnt(const uint16_t *cipherSuites, uint32_t cipherSuitesSize,
949 uint32_t *tls13CipherSize, uint32_t *tlsCipherSize)
950 {
951 (void)cipherSuites;
952 uint32_t tmpCipherSize = *tlsCipherSize;
953 uint32_t tmpTls13CipherSize = *tls13CipherSize;
954 for (uint32_t i = 0; i < cipherSuitesSize; i++) {
955 #ifdef HITLS_TLS_PROTO_TLS13
956 if (cipherSuites[i] >= HITLS_AES_128_GCM_SHA256 && cipherSuites[i] <= HITLS_AES_128_CCM_8_SHA256) {
957 tmpTls13CipherSize++;
958 continue;
959 }
960 #endif
961 tmpCipherSize++;
962 }
963 *tls13CipherSize = tmpTls13CipherSize;
964 *tlsCipherSize = tmpCipherSize;
965 }
966
HITLS_CFG_SetCipherSuites(HITLS_Config * config,const uint16_t * cipherSuites,uint32_t cipherSuitesSize)967 int32_t HITLS_CFG_SetCipherSuites(HITLS_Config *config, const uint16_t *cipherSuites, uint32_t cipherSuitesSize)
968 {
969 if (config == NULL || cipherSuites == NULL || cipherSuitesSize == 0) {
970 return HITLS_NULL_INPUT;
971 }
972
973 if (cipherSuitesSize > HITLS_CFG_MAX_SIZE) {
974 return HITLS_CONFIG_INVALID_LENGTH;
975 }
976
977 uint32_t tlsCipherSize = 0;
978 uint32_t validTlsCipher = 0;
979 uint32_t tls13CipherSize = 0;
980 #ifdef HITLS_TLS_PROTO_TLS13
981 uint32_t validTls13Cipher = 0;
982 #endif
983 GetCipherSuitesCnt(cipherSuites, cipherSuitesSize, &tls13CipherSize, &tlsCipherSize);
984
985 uint16_t *cipherSuite = BSL_SAL_Calloc(1u, (tlsCipherSize + 1) * sizeof(uint16_t));
986 if (cipherSuite == NULL) {
987 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16600, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
988 return HITLS_MEMALLOC_FAIL;
989 }
990 #ifdef HITLS_TLS_PROTO_TLS13
991 uint16_t *tls13CipherSuite = BSL_SAL_Calloc(1u, (tls13CipherSize + 1) * sizeof(uint16_t));
992
993 if (tls13CipherSuite == NULL) {
994 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16601, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
995 BSL_SAL_FREE(cipherSuite);
996 return HITLS_MEMALLOC_FAIL;
997 }
998 #endif
999 for (uint32_t i = 0; i < cipherSuitesSize; i++) {
1000 if (CFG_CheckCipherSuiteSupported(cipherSuites[i]) != true) {
1001 continue;
1002 }
1003 if (cipherSuites[i] >= HITLS_AES_128_GCM_SHA256 && cipherSuites[i] <= HITLS_AES_128_CCM_8_SHA256) {
1004 #ifdef HITLS_TLS_PROTO_TLS13
1005 tls13CipherSuite[validTls13Cipher] = cipherSuites[i];
1006 validTls13Cipher++;
1007 #endif
1008 continue;
1009 }
1010 cipherSuite[validTlsCipher] = cipherSuites[i];
1011 validTlsCipher++;
1012 }
1013 #ifdef HITLS_TLS_PROTO_TLS13
1014 if (validTls13Cipher == 0) {
1015 BSL_SAL_FREE(tls13CipherSuite);
1016 } else {
1017 BSL_SAL_FREE(config->tls13CipherSuites);
1018 config->tls13CipherSuites = tls13CipherSuite;
1019 config->tls13cipherSuitesSize = validTls13Cipher;
1020 }
1021 #endif
1022 if (validTlsCipher == 0) {
1023 BSL_SAL_FREE(cipherSuite);
1024 } else {
1025 BSL_SAL_FREE(config->cipherSuites);
1026 config->cipherSuites = cipherSuite;
1027 config->cipherSuitesSize = validTlsCipher;
1028 }
1029
1030 if (validTlsCipher == 0
1031 #ifdef HITLS_TLS_PROTO_TLS13
1032 && validTls13Cipher == 0
1033 #endif
1034 ) {
1035 return HITLS_CONFIG_NO_SUITABLE_CIPHER_SUITE;
1036 }
1037
1038 return HITLS_SUCCESS;
1039 }
1040
HITLS_CFG_SetEcPointFormats(HITLS_Config * config,const uint8_t * pointFormats,uint32_t pointFormatsSize)1041 int32_t HITLS_CFG_SetEcPointFormats(HITLS_Config *config, const uint8_t *pointFormats, uint32_t pointFormatsSize)
1042 {
1043 if ((config == NULL) || (pointFormats == NULL) || (pointFormatsSize == 0)) {
1044 return HITLS_NULL_INPUT;
1045 }
1046
1047 if (pointFormatsSize > HITLS_CFG_MAX_SIZE) {
1048 return HITLS_CONFIG_INVALID_LENGTH;
1049 }
1050
1051 uint8_t *newData = BSL_SAL_Dump(pointFormats, pointFormatsSize * sizeof(uint8_t));
1052 if (newData == NULL) {
1053 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16602, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
1054 return HITLS_MEMALLOC_FAIL;
1055 }
1056
1057 BSL_SAL_FREE(config->pointFormats);
1058 config->pointFormats = newData;
1059 config->pointFormatsSize = pointFormatsSize;
1060 return HITLS_SUCCESS;
1061 }
1062
HITLS_CFG_SetGroups(HITLS_Config * config,const uint16_t * groups,uint32_t groupsSize)1063 int32_t HITLS_CFG_SetGroups(HITLS_Config *config, const uint16_t *groups, uint32_t groupsSize)
1064 {
1065 if ((config == NULL) || (groups == NULL) || (groupsSize == 0u)) {
1066 return HITLS_NULL_INPUT;
1067 }
1068
1069 if (groupsSize > HITLS_CFG_MAX_SIZE) {
1070 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_LENGTH);
1071 return HITLS_CONFIG_INVALID_LENGTH;
1072 }
1073
1074 uint16_t *newData = BSL_SAL_Dump(groups, groupsSize * sizeof(uint16_t));
1075 if (newData == NULL) {
1076 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16603, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
1077 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
1078 return HITLS_MEMALLOC_FAIL;
1079 }
1080
1081 BSL_SAL_FREE(config->groups);
1082 config->groups = newData;
1083 config->groupsSize = groupsSize;
1084 return HITLS_SUCCESS;
1085 }
1086
1087 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
HITLS_CFG_SetCookieGenCb(HITLS_Config * config,HITLS_AppGenCookieCb callback)1088 int32_t HITLS_CFG_SetCookieGenCb(HITLS_Config *config, HITLS_AppGenCookieCb callback)
1089 {
1090 if (config == NULL || callback == NULL) {
1091 return HITLS_NULL_INPUT;
1092 }
1093
1094 config->appGenCookieCb = callback;
1095 return HITLS_SUCCESS;
1096 }
1097
HITLS_CFG_SetCookieVerifyCb(HITLS_Config * config,HITLS_AppVerifyCookieCb callback)1098 int32_t HITLS_CFG_SetCookieVerifyCb(HITLS_Config *config, HITLS_AppVerifyCookieCb callback)
1099 {
1100 if (config == NULL || callback == NULL) {
1101 return HITLS_NULL_INPUT;
1102 }
1103
1104 config->appVerifyCookieCb = callback;
1105 return HITLS_SUCCESS;
1106 }
1107
HITLS_CFG_SetDtlsTimerCb(HITLS_Config * config,HITLS_DtlsTimerCb callback)1108 int32_t HITLS_CFG_SetDtlsTimerCb(HITLS_Config *config, HITLS_DtlsTimerCb callback)
1109 {
1110 if (config == NULL || callback == NULL) {
1111 return HITLS_NULL_INPUT;
1112 }
1113
1114 config->dtlsTimerCb = callback;
1115 return HITLS_SUCCESS;
1116 }
1117 #endif
1118
1119 #ifdef HITLS_TLS_FEATURE_SNI
HITLS_CFG_SetClientHelloCb(HITLS_Config * config,HITLS_ClientHelloCb callback,void * arg)1120 int32_t HITLS_CFG_SetClientHelloCb(HITLS_Config *config, HITLS_ClientHelloCb callback, void *arg)
1121 {
1122 if (config == NULL || callback == NULL) {
1123 return HITLS_NULL_INPUT;
1124 }
1125
1126 config->clientHelloCb = callback;
1127 config->clientHelloCbArg = arg;
1128 return HITLS_SUCCESS;
1129 }
1130 #endif
1131
1132 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
HITLS_CFG_SetDhAutoSupport(HITLS_Config * config,bool support)1133 int32_t HITLS_CFG_SetDhAutoSupport(HITLS_Config *config, bool support)
1134 {
1135 if (config == NULL) {
1136 return HITLS_NULL_INPUT;
1137 }
1138
1139 config->isSupportDhAuto = support;
1140 return HITLS_SUCCESS;
1141 }
1142
HITLS_CFG_SetTmpDh(HITLS_Config * config,HITLS_CRYPT_Key * dhPkey)1143 int32_t HITLS_CFG_SetTmpDh(HITLS_Config *config, HITLS_CRYPT_Key *dhPkey)
1144 {
1145 if ((config == NULL) || (dhPkey == NULL)) {
1146 return HITLS_NULL_INPUT;
1147 }
1148
1149 SAL_CRYPT_FreeDhKey(config->dhTmp);
1150 config->dhTmp = dhPkey;
1151 return HITLS_SUCCESS;
1152 }
1153
HITLS_CFG_GetDhAutoSupport(HITLS_Config * config,uint8_t * isSupport)1154 int32_t HITLS_CFG_GetDhAutoSupport(HITLS_Config *config, uint8_t *isSupport)
1155 {
1156 if (config == NULL || isSupport == NULL) {
1157 return HITLS_NULL_INPUT;
1158 }
1159
1160 *isSupport = (uint8_t)config->isSupportDhAuto;
1161 return HITLS_SUCCESS;
1162 }
1163 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
1164
1165 #ifdef HITLS_TLS_SUITE_KX_RSA
HITLS_CFG_SetNeedCheckPmsVersion(HITLS_Config * config,bool needCheck)1166 int32_t HITLS_CFG_SetNeedCheckPmsVersion(HITLS_Config *config, bool needCheck)
1167 {
1168 if (config == NULL) {
1169 return HITLS_NULL_INPUT;
1170 }
1171 config->needCheckPmsVersion = needCheck;
1172 return HITLS_SUCCESS;
1173 }
1174 #endif
1175
1176 #ifdef HITLS_TLS_FEATURE_MODE
HITLS_CFG_SetModeSupport(HITLS_Config * config,uint32_t mode)1177 int32_t HITLS_CFG_SetModeSupport(HITLS_Config *config, uint32_t mode)
1178 {
1179 if (config == NULL) {
1180 return HITLS_NULL_INPUT;
1181 }
1182
1183 config->modeSupport |= mode;
1184 return HITLS_SUCCESS;
1185 }
1186
HITLS_CFG_ClearModeSupport(HITLS_Config * config,uint32_t mode)1187 int32_t HITLS_CFG_ClearModeSupport(HITLS_Config *config, uint32_t mode)
1188 {
1189 if (config == NULL) {
1190 return HITLS_NULL_INPUT;
1191 }
1192
1193 config->modeSupport &= (~mode);
1194 return HITLS_SUCCESS;
1195 }
1196
HITLS_CFG_GetModeSupport(const HITLS_Config * config,uint32_t * mode)1197 int32_t HITLS_CFG_GetModeSupport(const HITLS_Config *config, uint32_t *mode)
1198 {
1199 if (config == NULL || mode == NULL) {
1200 return HITLS_NULL_INPUT;
1201 }
1202
1203 *mode = config->modeSupport;
1204 return HITLS_SUCCESS;
1205 }
1206 #endif
1207
1208 #ifdef HITLS_TLS_CONFIG_USER_DATA
HITLS_CFG_GetConfigUserData(const HITLS_Config * config)1209 void *HITLS_CFG_GetConfigUserData(const HITLS_Config *config)
1210 {
1211 if (config == NULL) {
1212 return NULL;
1213 }
1214
1215 return config->userData;
1216 }
1217
HITLS_CFG_SetConfigUserData(HITLS_Config * config,void * userData)1218 int32_t HITLS_CFG_SetConfigUserData(HITLS_Config *config, void *userData)
1219 {
1220 if (config == NULL) {
1221 return HITLS_NULL_INPUT;
1222 }
1223
1224 config->userData = userData;
1225 return HITLS_SUCCESS;
1226 }
1227
HITLS_CFG_SetConfigUserDataFreeCb(HITLS_Config * config,HITLS_ConfigUserDataFreeCb callback)1228 int32_t HITLS_CFG_SetConfigUserDataFreeCb(HITLS_Config *config, HITLS_ConfigUserDataFreeCb callback)
1229 {
1230 if (config == NULL) {
1231 return HITLS_NULL_INPUT;
1232 }
1233
1234 config->userDataFreeCb = callback;
1235 return HITLS_SUCCESS;
1236 }
1237 #endif
1238
1239 #ifdef HITLS_TLS_CONFIG_CERT
HITLS_CFG_SetMaxCertList(HITLS_Config * config,uint32_t maxSize)1240 int32_t HITLS_CFG_SetMaxCertList(HITLS_Config *config, uint32_t maxSize)
1241 {
1242 if (config == NULL) {
1243 return HITLS_NULL_INPUT;
1244 }
1245
1246 config->maxCertList = maxSize;
1247 return HITLS_SUCCESS;
1248 }
1249
HITLS_CFG_GetMaxCertList(const HITLS_Config * config,uint32_t * maxSize)1250 int32_t HITLS_CFG_GetMaxCertList(const HITLS_Config *config, uint32_t *maxSize)
1251 {
1252 if (config == NULL || maxSize == NULL) {
1253 return HITLS_NULL_INPUT;
1254 }
1255
1256 *maxSize = config->maxCertList;
1257 return HITLS_SUCCESS;
1258 }
1259 #endif
1260
1261 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
HITLS_CFG_SetTmpDhCb(HITLS_Config * config,HITLS_DhTmpCb callback)1262 int32_t HITLS_CFG_SetTmpDhCb(HITLS_Config *config, HITLS_DhTmpCb callback)
1263 {
1264 if (config == NULL) {
1265 return HITLS_NULL_INPUT;
1266 }
1267
1268 config->dhTmpCb = callback;
1269
1270 return HITLS_SUCCESS;
1271 }
1272 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
1273
1274 #ifdef HITLS_TLS_CONFIG_RECORD_PADDING
HITLS_CFG_SetRecordPaddingCb(HITLS_Config * config,HITLS_RecordPaddingCb callback)1275 int32_t HITLS_CFG_SetRecordPaddingCb(HITLS_Config *config, HITLS_RecordPaddingCb callback)
1276 {
1277 if (config == NULL) {
1278 return HITLS_NULL_INPUT;
1279 }
1280
1281 config->recordPaddingCb = callback;
1282
1283 return HITLS_SUCCESS;
1284 }
1285
HITLS_CFG_GetRecordPaddingCb(HITLS_Config * config)1286 HITLS_RecordPaddingCb HITLS_CFG_GetRecordPaddingCb(HITLS_Config *config)
1287 {
1288 if (config == NULL) {
1289 return NULL;
1290 }
1291
1292 return config->recordPaddingCb;
1293 }
1294
HITLS_CFG_SetRecordPaddingCbArg(HITLS_Config * config,void * arg)1295 int32_t HITLS_CFG_SetRecordPaddingCbArg(HITLS_Config *config, void *arg)
1296 {
1297 if (config == NULL) {
1298 return HITLS_NULL_INPUT;
1299 }
1300
1301 config->recordPaddingArg = arg;
1302
1303 return HITLS_SUCCESS;
1304 }
1305
HITLS_CFG_GetRecordPaddingCbArg(HITLS_Config * config)1306 void *HITLS_CFG_GetRecordPaddingCbArg(HITLS_Config *config)
1307 {
1308 if (config == NULL) {
1309 return NULL;
1310 }
1311 return config->recordPaddingArg;
1312 }
1313 #endif
1314
1315 #ifdef HITLS_TLS_CONFIG_KEY_USAGE
HITLS_CFG_SetCheckKeyUsage(HITLS_Config * config,bool isCheck)1316 int32_t HITLS_CFG_SetCheckKeyUsage(HITLS_Config *config, bool isCheck)
1317 {
1318 if (config == NULL) {
1319 return HITLS_NULL_INPUT;
1320 }
1321 config->needCheckKeyUsage = isCheck;
1322
1323 return HITLS_SUCCESS;
1324 }
1325 #endif
1326
HITLS_CFG_SetReadAhead(HITLS_Config * config,int32_t onOff)1327 int32_t HITLS_CFG_SetReadAhead(HITLS_Config *config, int32_t onOff)
1328 {
1329 if (config == NULL) {
1330 return HITLS_NULL_INPUT;
1331 }
1332
1333 config->readAhead = onOff;
1334
1335 return HITLS_SUCCESS;
1336 }
1337
HITLS_CFG_GetReadAhead(HITLS_Config * config,int32_t * onOff)1338 int32_t HITLS_CFG_GetReadAhead(HITLS_Config *config, int32_t *onOff)
1339 {
1340 if (config == NULL || onOff == NULL) {
1341 return HITLS_NULL_INPUT;
1342 }
1343
1344 *onOff = config->readAhead;
1345
1346 return HITLS_SUCCESS;
1347 }
1348
HITLS_CFG_SetSignature(HITLS_Config * config,const uint16_t * signAlgs,uint16_t signAlgsSize)1349 int32_t HITLS_CFG_SetSignature(HITLS_Config *config, const uint16_t *signAlgs, uint16_t signAlgsSize)
1350 {
1351 if ((config == NULL) || (signAlgs == NULL) || (signAlgsSize == 0)) {
1352 return HITLS_NULL_INPUT;
1353 }
1354
1355 if (signAlgsSize > HITLS_CFG_MAX_SIZE) {
1356 return HITLS_CONFIG_INVALID_LENGTH;
1357 }
1358
1359 uint16_t *newData = BSL_SAL_Dump(signAlgs, signAlgsSize * sizeof(uint16_t));
1360 if (newData == NULL) {
1361 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16605, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
1362 return HITLS_MEMALLOC_FAIL;
1363 }
1364
1365 BSL_SAL_FREE(config->signAlgorithms);
1366 config->signAlgorithms = newData;
1367 config->signAlgorithmsSize = signAlgsSize;
1368 return HITLS_SUCCESS;
1369 }
1370 #ifdef HITLS_TLS_FEATURE_SNI
HITLS_CFG_SetServerName(HITLS_Config * config,uint8_t * serverName,uint32_t serverNameStrlen)1371 int32_t HITLS_CFG_SetServerName(HITLS_Config *config, uint8_t *serverName, uint32_t serverNameStrlen)
1372 {
1373 if ((config == NULL) || (serverName == NULL) || (serverNameStrlen == 0)) {
1374 return HITLS_NULL_INPUT;
1375 }
1376
1377 if (serverNameStrlen > HITLS_CFG_MAX_SIZE) {
1378 return HITLS_CONFIG_INVALID_LENGTH;
1379 }
1380 uint32_t serverNameSize = serverNameStrlen;
1381 if (serverName[serverNameStrlen - 1] != '\0') {
1382 serverNameSize += 1;
1383 }
1384 uint8_t *newData = (uint8_t *) BSL_SAL_Malloc(serverNameSize * sizeof(uint8_t));
1385 if (newData == NULL) {
1386 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16606, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
1387 return HITLS_MEMALLOC_FAIL;
1388 }
1389 (void)memcpy_s(newData, serverNameSize, serverName, serverNameStrlen);
1390 newData[serverNameSize - 1] = '\0';
1391
1392 BSL_SAL_FREE(config->serverName);
1393 config->serverName = newData;
1394 config->serverNameSize = serverNameSize;
1395 return HITLS_SUCCESS;
1396 }
1397
HITLS_CFG_GetServerName(HITLS_Config * config,uint8_t ** serverName,uint32_t * serverNameStrlen)1398 int32_t HITLS_CFG_GetServerName(HITLS_Config *config, uint8_t **serverName, uint32_t *serverNameStrlen)
1399 {
1400 if (config == NULL || serverName == NULL || serverNameStrlen == NULL) {
1401 return HITLS_NULL_INPUT;
1402 }
1403
1404 *serverName = config->serverName;
1405 *serverNameStrlen = config->serverNameSize;
1406
1407 return HITLS_SUCCESS;
1408 }
HITLS_CFG_SetServerNameCb(HITLS_Config * config,HITLS_SniDealCb callback)1409 int32_t HITLS_CFG_SetServerNameCb(HITLS_Config *config, HITLS_SniDealCb callback)
1410 {
1411 if (config == NULL) {
1412 return HITLS_NULL_INPUT;
1413 }
1414
1415 config->sniDealCb = callback;
1416
1417 return HITLS_SUCCESS;
1418 }
1419
HITLS_CFG_SetServerNameArg(HITLS_Config * config,void * arg)1420 int32_t HITLS_CFG_SetServerNameArg(HITLS_Config *config, void *arg)
1421 {
1422 if (config == NULL) {
1423 return HITLS_NULL_INPUT;
1424 }
1425
1426 config->sniArg = arg;
1427
1428 return HITLS_SUCCESS;
1429 }
1430
HITLS_CFG_GetServerNameCb(HITLS_Config * config,HITLS_SniDealCb * callback)1431 int32_t HITLS_CFG_GetServerNameCb(HITLS_Config *config, HITLS_SniDealCb *callback)
1432 {
1433 if (config == NULL || callback == NULL) {
1434 return HITLS_NULL_INPUT;
1435 }
1436
1437 *callback = config->sniDealCb;
1438
1439 return HITLS_SUCCESS;
1440 }
1441
HITLS_CFG_GetServerNameArg(HITLS_Config * config,void ** arg)1442 int32_t HITLS_CFG_GetServerNameArg(HITLS_Config *config, void **arg)
1443 {
1444 if (config == NULL || arg == NULL) {
1445 return HITLS_NULL_INPUT;
1446 }
1447
1448 *arg = config->sniArg;
1449
1450 return HITLS_SUCCESS;
1451 }
1452 #endif
1453
HITLS_CFG_SetRenegotiationSupport(HITLS_Config * config,bool support)1454 int32_t HITLS_CFG_SetRenegotiationSupport(HITLS_Config *config, bool support)
1455 {
1456 if (config == NULL) {
1457 return HITLS_NULL_INPUT;
1458 }
1459 config->isSupportRenegotiation = support;
1460 return HITLS_SUCCESS;
1461 }
1462
1463 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
HITLS_CFG_SetClientRenegotiateSupport(HITLS_Config * config,bool support)1464 int32_t HITLS_CFG_SetClientRenegotiateSupport(HITLS_Config *config, bool support)
1465 {
1466 if (config == NULL) {
1467 return HITLS_NULL_INPUT;
1468 }
1469 config->allowClientRenegotiate = support;
1470 return HITLS_SUCCESS;
1471 }
1472 #endif
1473 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
HITLS_CFG_SetLegacyRenegotiateSupport(HITLS_Config * config,bool support)1474 int32_t HITLS_CFG_SetLegacyRenegotiateSupport(HITLS_Config *config, bool support)
1475 {
1476 if (config == NULL) {
1477 return HITLS_NULL_INPUT;
1478 }
1479 config->allowLegacyRenegotiate = support;
1480 return HITLS_SUCCESS;
1481 }
1482 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
1483 #if defined(HITLS_TLS_FEATURE_RENEGOTIATION) && defined(HITLS_TLS_FEATURE_SESSION)
HITLS_CFG_SetResumptionOnRenegoSupport(HITLS_Config * config,bool support)1484 int32_t HITLS_CFG_SetResumptionOnRenegoSupport(HITLS_Config *config, bool support)
1485 {
1486 if (config == NULL) {
1487 return HITLS_NULL_INPUT;
1488 }
1489 config->isResumptionOnRenego = support;
1490 return HITLS_SUCCESS;
1491 }
1492 #endif
1493
HITLS_CFG_SetExtenedMasterSecretSupport(HITLS_Config * config,bool support)1494 int32_t HITLS_CFG_SetExtenedMasterSecretSupport(HITLS_Config *config, bool support)
1495 {
1496 if (config == NULL) {
1497 return HITLS_NULL_INPUT;
1498 }
1499 config->isSupportExtendMasterSecret = support;
1500 return HITLS_SUCCESS;
1501 }
1502
1503 #if defined(HITLS_TLS_FEATURE_PSK) && (defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12))
HITLS_CFG_SetPskIdentityHint(HITLS_Config * config,const uint8_t * hint,uint32_t hintSize)1504 int32_t HITLS_CFG_SetPskIdentityHint(HITLS_Config *config, const uint8_t *hint, uint32_t hintSize)
1505 {
1506 if ((config == NULL) || (hint == NULL) || (hintSize == 0)) {
1507 return HITLS_NULL_INPUT;
1508 }
1509
1510 if (hintSize > HITLS_IDENTITY_HINT_MAX_SIZE) {
1511 return HITLS_CONFIG_INVALID_LENGTH;
1512 }
1513
1514 uint8_t *newData = BSL_SAL_Dump(hint, hintSize * sizeof(uint8_t));
1515 if (newData == NULL) {
1516 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16607, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
1517 return HITLS_MEMALLOC_FAIL;
1518 }
1519
1520 BSL_SAL_FREE(config->pskIdentityHint);
1521 config->pskIdentityHint = newData;
1522 config->hintSize = hintSize;
1523
1524 return HITLS_SUCCESS;
1525 }
1526 #endif
1527 #ifdef HITLS_TLS_FEATURE_PSK
1528 // Configure clientCb, which is used to obtain the PSK through identity hints
HITLS_CFG_SetPskClientCallback(HITLS_Config * config,HITLS_PskClientCb callback)1529 int32_t HITLS_CFG_SetPskClientCallback(HITLS_Config *config, HITLS_PskClientCb callback)
1530 {
1531 if (config == NULL || callback == NULL) {
1532 return HITLS_NULL_INPUT;
1533 }
1534
1535 config->pskClientCb = callback;
1536 return HITLS_SUCCESS;
1537 }
1538
1539 // Set serverCb to obtain the PSK through identity.
HITLS_CFG_SetPskServerCallback(HITLS_Config * config,HITLS_PskServerCb callback)1540 int32_t HITLS_CFG_SetPskServerCallback(HITLS_Config *config, HITLS_PskServerCb callback)
1541 {
1542 if (config == NULL || callback == NULL) {
1543 return HITLS_NULL_INPUT;
1544 }
1545
1546 config->pskServerCb = callback;
1547 return HITLS_SUCCESS;
1548 }
1549 #endif
1550
1551 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_CFG_SetSessionTicketSupport(HITLS_Config * config,bool support)1552 int32_t HITLS_CFG_SetSessionTicketSupport(HITLS_Config *config, bool support)
1553 {
1554 if (config == NULL) {
1555 return HITLS_NULL_INPUT;
1556 }
1557
1558 config->isSupportSessionTicket = support;
1559 return HITLS_SUCCESS;
1560 }
1561 #endif
1562
1563 #ifdef HITLS_TLS_FEATURE_RENEGOTIATION
HITLS_CFG_GetRenegotiationSupport(const HITLS_Config * config,uint8_t * isSupport)1564 int32_t HITLS_CFG_GetRenegotiationSupport(const HITLS_Config *config, uint8_t *isSupport)
1565 {
1566 if (config == NULL || isSupport == NULL) {
1567 return HITLS_NULL_INPUT;
1568 }
1569
1570 *isSupport = (uint8_t)config->isSupportRenegotiation;
1571 return HITLS_SUCCESS;
1572 }
1573 #endif
1574
HITLS_CFG_GetExtenedMasterSecretSupport(HITLS_Config * config,uint8_t * isSupport)1575 int32_t HITLS_CFG_GetExtenedMasterSecretSupport(HITLS_Config *config, uint8_t *isSupport)
1576 {
1577 if (config == NULL || isSupport == NULL) {
1578 return HITLS_NULL_INPUT;
1579 }
1580
1581 *isSupport = (uint8_t)config->isSupportExtendMasterSecret;
1582 return HITLS_SUCCESS;
1583 }
1584
1585 #if defined(HITLS_TLS_FEATURE_SESSION_TICKET)
HITLS_CFG_GetSessionTicketSupport(const HITLS_Config * config,uint8_t * isSupport)1586 int32_t HITLS_CFG_GetSessionTicketSupport(const HITLS_Config *config, uint8_t *isSupport)
1587 {
1588 if (config == NULL || isSupport == NULL) {
1589 return HITLS_NULL_INPUT;
1590 }
1591
1592 *isSupport = (uint8_t)config->isSupportSessionTicket;
1593 return HITLS_SUCCESS;
1594 }
1595
HITLS_CFG_SetTicketKeyCallback(HITLS_Config * config,HITLS_TicketKeyCb callback)1596 int32_t HITLS_CFG_SetTicketKeyCallback(HITLS_Config *config, HITLS_TicketKeyCb callback)
1597 {
1598 if (config == NULL || config->sessMgr == NULL) {
1599 return HITLS_NULL_INPUT;
1600 }
1601
1602 SESSMGR_SetTicketKeyCb(config->sessMgr, callback);
1603 return HITLS_SUCCESS;
1604 }
1605
HITLS_CFG_GetSessionTicketKey(const HITLS_Config * config,uint8_t * key,uint32_t keySize,uint32_t * outSize)1606 int32_t HITLS_CFG_GetSessionTicketKey(const HITLS_Config *config, uint8_t *key, uint32_t keySize, uint32_t *outSize)
1607 {
1608 if (config == NULL || config->sessMgr == NULL || key == NULL || outSize == NULL) {
1609 return HITLS_NULL_INPUT;
1610 }
1611
1612 return SESSMGR_GetTicketKey(config->sessMgr, key, keySize, outSize);
1613 }
1614
HITLS_CFG_SetSessionTicketKey(HITLS_Config * config,const uint8_t * key,uint32_t keySize)1615 int32_t HITLS_CFG_SetSessionTicketKey(HITLS_Config *config, const uint8_t *key, uint32_t keySize)
1616 {
1617 if (config == NULL || config->sessMgr == NULL || key == NULL ||
1618 (keySize != HITLS_TICKET_KEY_NAME_SIZE + HITLS_TICKET_KEY_SIZE + HITLS_TICKET_KEY_SIZE)) {
1619 return HITLS_NULL_INPUT;
1620 }
1621
1622 return SESSMGR_SetTicketKey(config->sessMgr, key, keySize);
1623 }
1624 #endif
1625
1626 #if defined(HITLS_TLS_FEATURE_CERT_MODE) && defined(HITLS_TLS_FEATURE_RENEGOTIATION)
HITLS_CFG_SetClientOnceVerifySupport(HITLS_Config * config,bool support)1627 int32_t HITLS_CFG_SetClientOnceVerifySupport(HITLS_Config *config, bool support)
1628 {
1629 if (config == NULL) {
1630 return HITLS_NULL_INPUT;
1631 }
1632 config->isSupportClientOnceVerify = support;
1633 return HITLS_SUCCESS;
1634 }
1635
HITLS_CFG_GetClientOnceVerifySupport(HITLS_Config * config,uint8_t * isSupport)1636 int32_t HITLS_CFG_GetClientOnceVerifySupport(HITLS_Config *config, uint8_t *isSupport)
1637 {
1638 if (config == NULL || isSupport == NULL) {
1639 return HITLS_NULL_INPUT;
1640 }
1641
1642 *isSupport = (uint8_t)config->isSupportClientOnceVerify;
1643 return HITLS_SUCCESS;
1644 }
1645 #endif
1646 #ifdef HITLS_TLS_PROTO_ALL
HITLS_CFG_GetMaxVersion(const HITLS_Config * config,uint16_t * maxVersion)1647 int32_t HITLS_CFG_GetMaxVersion(const HITLS_Config *config, uint16_t *maxVersion)
1648 {
1649 if (config == NULL || maxVersion == NULL) {
1650 return HITLS_NULL_INPUT;
1651 }
1652
1653 *maxVersion = config->maxVersion;
1654 return HITLS_SUCCESS;
1655 }
1656
HITLS_CFG_GetMinVersion(const HITLS_Config * config,uint16_t * minVersion)1657 int32_t HITLS_CFG_GetMinVersion(const HITLS_Config *config, uint16_t *minVersion)
1658 {
1659 if (config == NULL || minVersion == NULL) {
1660 return HITLS_NULL_INPUT;
1661 }
1662 *minVersion = config->minVersion;
1663 return HITLS_SUCCESS;
1664 }
1665 #endif
1666
1667 #ifdef HITLS_TLS_FEATURE_ALPN
AlpnListValidationCheck(const uint8_t * alpnList,uint32_t alpnProtosLen)1668 static int32_t AlpnListValidationCheck(const uint8_t *alpnList, uint32_t alpnProtosLen)
1669 {
1670 uint32_t index = 0u;
1671
1672 while (index < alpnProtosLen) {
1673 if (alpnList[index] == 0) {
1674 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16608, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1675 "alpnList null", 0, 0, 0, 0);
1676 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_LENGTH);
1677 return HITLS_CONFIG_INVALID_LENGTH;
1678 }
1679 index += (alpnList[index] + 1);
1680 }
1681
1682 if (index != alpnProtosLen) {
1683 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16609, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1684 "alpnProtosLen err", 0, 0, 0, 0);
1685 BSL_ERR_PUSH_ERROR(HITLS_CONFIG_INVALID_LENGTH);
1686 return HITLS_CONFIG_INVALID_LENGTH;
1687 }
1688
1689 return HITLS_SUCCESS;
1690 }
1691
HITLS_CFG_SetAlpnProtos(HITLS_Config * config,const uint8_t * alpnProtos,uint32_t alpnProtosLen)1692 int32_t HITLS_CFG_SetAlpnProtos(HITLS_Config *config, const uint8_t *alpnProtos, uint32_t alpnProtosLen)
1693 {
1694 if (config == NULL) {
1695 return HITLS_NULL_INPUT;
1696 }
1697
1698 /* If the input parameter is empty or the length is 0, clear the original alpn list */
1699 if (alpnProtosLen == 0 || alpnProtos == NULL) {
1700 BSL_SAL_FREE(config->alpnList);
1701 config->alpnListSize = 0;
1702 return HITLS_SUCCESS;
1703 }
1704
1705 /* Add the check on alpnList. The expected format is |protoLen1|proto1|protoLen2|proto2|...| */
1706 if (AlpnListValidationCheck(alpnProtos, alpnProtosLen) != HITLS_SUCCESS) {
1707 return HITLS_CONFIG_INVALID_LENGTH;
1708 }
1709
1710 uint8_t *alpnListTmp = (uint8_t *)BSL_SAL_Calloc(alpnProtosLen + 1, sizeof(uint8_t));
1711 if (alpnListTmp == NULL) {
1712 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16610, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
1713 return HITLS_MEMALLOC_FAIL;
1714 }
1715
1716 (void)memcpy_s(alpnListTmp, alpnProtosLen + 1, alpnProtos, alpnProtosLen);
1717
1718 BSL_SAL_FREE(config->alpnList);
1719 config->alpnList = alpnListTmp;
1720 /* Ignore ending 0s */
1721 config->alpnListSize = alpnProtosLen;
1722
1723 return HITLS_SUCCESS;
1724 }
1725
HITLS_CFG_SetAlpnProtosSelectCb(HITLS_Config * config,HITLS_AlpnSelectCb callback,void * userData)1726 int32_t HITLS_CFG_SetAlpnProtosSelectCb(HITLS_Config *config, HITLS_AlpnSelectCb callback, void *userData)
1727 {
1728 if (config == NULL) {
1729 return HITLS_NULL_INPUT;
1730 }
1731
1732 config->alpnSelectCb = callback;
1733 config->alpnUserData = userData;
1734
1735 return HITLS_SUCCESS;
1736 }
1737 #endif
1738 #if defined(HITLS_TLS_FEATURE_SESSION_ID)
HITLS_CFG_SetSessionIdCtx(HITLS_Config * config,const uint8_t * sessionIdCtx,uint32_t len)1739 int32_t HITLS_CFG_SetSessionIdCtx(HITLS_Config *config, const uint8_t *sessionIdCtx, uint32_t len)
1740 {
1741 if (config == NULL) {
1742 return HITLS_NULL_INPUT;
1743 }
1744
1745 if (len != 0 && memcpy_s(config->sessionIdCtx, sizeof(config->sessionIdCtx), sessionIdCtx, len) != EOK) {
1746 return HITLS_MEMCPY_FAIL;
1747 }
1748
1749 /* The allowed value is 0 */
1750 config->sessionIdCtxSize = len;
1751 return HITLS_SUCCESS;
1752 }
1753 #endif
1754
1755 #ifdef HITLS_TLS_FEATURE_SESSION
HITLS_CFG_SetSessionCacheMode(HITLS_Config * config,HITLS_SESS_CACHE_MODE mode)1756 int32_t HITLS_CFG_SetSessionCacheMode(HITLS_Config *config, HITLS_SESS_CACHE_MODE mode)
1757 {
1758 if (config == NULL || config->sessMgr == NULL) {
1759 return HITLS_NULL_INPUT;
1760 }
1761
1762 SESSMGR_SetCacheMode(config->sessMgr, mode);
1763 return HITLS_SUCCESS;
1764 }
1765
HITLS_CFG_GetSessionCacheMode(HITLS_Config * config,HITLS_SESS_CACHE_MODE * mode)1766 int32_t HITLS_CFG_GetSessionCacheMode(HITLS_Config *config, HITLS_SESS_CACHE_MODE *mode)
1767 {
1768 if (config == NULL || config->sessMgr == NULL || mode == NULL) {
1769 return HITLS_NULL_INPUT;
1770 }
1771
1772 *mode = SESSMGR_GetCacheMode(config->sessMgr);
1773 return HITLS_SUCCESS;
1774 }
1775
HITLS_CFG_SetSessionCacheSize(HITLS_Config * config,uint32_t size)1776 int32_t HITLS_CFG_SetSessionCacheSize(HITLS_Config *config, uint32_t size)
1777 {
1778 if (config == NULL || config->sessMgr == NULL) {
1779 return HITLS_NULL_INPUT;
1780 }
1781
1782 SESSMGR_SetCacheSize(config->sessMgr, size);
1783 return HITLS_SUCCESS;
1784 }
1785
HITLS_CFG_GetSessionCacheSize(HITLS_Config * config,uint32_t * size)1786 int32_t HITLS_CFG_GetSessionCacheSize(HITLS_Config *config, uint32_t *size)
1787 {
1788 if (config == NULL || config->sessMgr == NULL || size == NULL) {
1789 return HITLS_NULL_INPUT;
1790 }
1791
1792 *size = SESSMGR_GetCacheSize(config->sessMgr);
1793 return HITLS_SUCCESS;
1794 }
1795 #endif
1796
1797 #ifdef HITLS_TLS_PROTO_ALL
HITLS_CFG_GetVersionSupport(const HITLS_Config * config,uint32_t * version)1798 int32_t HITLS_CFG_GetVersionSupport(const HITLS_Config *config, uint32_t *version)
1799 {
1800 if ((config == NULL) || (version == NULL)) {
1801 return HITLS_NULL_INPUT;
1802 }
1803
1804 *version = config->version;
1805 return HITLS_SUCCESS;
1806 }
1807
ChangeSupportVersion(HITLS_Config * config)1808 static void ChangeSupportVersion(HITLS_Config *config)
1809 {
1810 uint32_t versionMask = config->version;
1811 uint32_t originVersionMask = config->originVersionMask;
1812
1813 config->maxVersion = 0;
1814 config->minVersion = 0;
1815 /* The original supported version is disabled. This is abnormal and packets cannot be sent */
1816 if ((versionMask & originVersionMask) == 0) {
1817 return;
1818 }
1819
1820 /* Currently, only DTLS1.2 is supported. DTLS1.0 is not supported */
1821 if ((versionMask & DTLS12_VERSION_BIT) == DTLS12_VERSION_BIT) {
1822 config->maxVersion = HITLS_VERSION_DTLS12;
1823 config->minVersion = HITLS_VERSION_DTLS12;
1824 return;
1825 }
1826
1827 /* Description TLS_ANY_VERSION */
1828 uint32_t versionBits[] = {TLS12_VERSION_BIT, TLS13_VERSION_BIT};
1829 uint16_t versions[] = {HITLS_VERSION_TLS12, HITLS_VERSION_TLS13};
1830
1831 uint32_t versionBitsSize = sizeof(versionBits) / sizeof(uint32_t);
1832 for (uint32_t i = 0; i < versionBitsSize; i++) {
1833 if ((versionMask & versionBits[i]) == versionBits[i]) {
1834 config->maxVersion = versions[i];
1835 if (config->minVersion == 0) {
1836 config->minVersion = versions[i];
1837 }
1838 }
1839 }
1840 }
1841
HITLS_CFG_SetVersionSupport(HITLS_Config * config,uint32_t version)1842 int32_t HITLS_CFG_SetVersionSupport(HITLS_Config *config, uint32_t version)
1843 {
1844 if (config == NULL) {
1845 return HITLS_NULL_INPUT;
1846 }
1847
1848 if ((version & SSLV3_VERSION_BIT) == SSLV3_VERSION_BIT) {
1849 return HITLS_CONFIG_INVALID_VERSION;
1850 }
1851
1852 config->version = version;
1853 /* Update the maximum supported version */
1854 ChangeSupportVersion(config);
1855 return HITLS_SUCCESS;
1856 }
1857
HITLS_SetVersion(HITLS_Ctx * ctx,uint32_t minVersion,uint32_t maxVersion)1858 int32_t HITLS_SetVersion(HITLS_Ctx *ctx, uint32_t minVersion, uint32_t maxVersion)
1859 {
1860 if (ctx == NULL) {
1861 return HITLS_NULL_INPUT;
1862 }
1863 return HITLS_CFG_SetVersion(&(ctx->config.tlsConfig), (uint16_t)minVersion, (uint16_t)maxVersion);
1864 }
1865
HITLS_SetVersionForbid(HITLS_Ctx * ctx,uint32_t noVersion)1866 int32_t HITLS_SetVersionForbid(HITLS_Ctx *ctx, uint32_t noVersion)
1867 {
1868 if (ctx == NULL) {
1869 return HITLS_NULL_INPUT;
1870 }
1871 return HITLS_CFG_SetVersionForbid(&(ctx->config.tlsConfig), noVersion);
1872 }
1873 #endif
1874
HITLS_CFG_SetQuietShutdown(HITLS_Config * config,int32_t mode)1875 int32_t HITLS_CFG_SetQuietShutdown(HITLS_Config *config, int32_t mode)
1876 {
1877 if (config == NULL) {
1878 return HITLS_NULL_INPUT;
1879 }
1880
1881 /* The value 0 indicates that the quiet disconnection mode is disabled. The value 1 indicates that the quiet
1882 * disconnection mode is enabled.
1883 */
1884 if (mode != 0 && mode != 1) {
1885 return HITLS_CONFIG_INVALID_SET;
1886 }
1887
1888 if (mode == 0) {
1889 config->isQuietShutdown = false;
1890 } else {
1891 config->isQuietShutdown = true;
1892 }
1893
1894 return HITLS_SUCCESS;
1895 }
1896
HITLS_CFG_GetQuietShutdown(const HITLS_Config * config,int32_t * mode)1897 int32_t HITLS_CFG_GetQuietShutdown(const HITLS_Config *config, int32_t *mode)
1898 {
1899 if (config == NULL || mode == NULL) {
1900 return HITLS_NULL_INPUT;
1901 }
1902
1903 *mode = (int32_t)config->isQuietShutdown;
1904 return HITLS_SUCCESS;
1905 }
1906
1907 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
HITLS_CFG_SetDtlsPostHsTimeoutVal(HITLS_Config * config,uint32_t timeoutVal)1908 int32_t HITLS_CFG_SetDtlsPostHsTimeoutVal(HITLS_Config *config, uint32_t timeoutVal)
1909 {
1910 if (config == NULL) {
1911 return HITLS_NULL_INPUT;
1912 }
1913
1914 config->dtlsPostHsTimeoutVal = timeoutVal;
1915 return HITLS_SUCCESS;
1916 }
1917 #endif
1918
1919 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
HITLS_CFG_SetEncryptThenMac(HITLS_Config * config,uint32_t encryptThenMacType)1920 int32_t HITLS_CFG_SetEncryptThenMac(HITLS_Config *config, uint32_t encryptThenMacType)
1921 {
1922 if (config == NULL) {
1923 return HITLS_NULL_INPUT;
1924 }
1925
1926 if (encryptThenMacType == 0) {
1927 config->isEncryptThenMac = false;
1928 } else {
1929 config->isEncryptThenMac = true;
1930 }
1931 return HITLS_SUCCESS;
1932 }
1933
HITLS_CFG_GetEncryptThenMac(const HITLS_Config * config,uint32_t * encryptThenMacType)1934 int32_t HITLS_CFG_GetEncryptThenMac(const HITLS_Config *config, uint32_t *encryptThenMacType)
1935 {
1936 if (config == NULL || encryptThenMacType == NULL) {
1937 return HITLS_NULL_INPUT;
1938 }
1939
1940 *encryptThenMacType = (uint32_t)config->isEncryptThenMac;
1941 return HITLS_SUCCESS;
1942 }
1943 #endif
1944
1945 #ifdef HITLS_TLS_PROTO_DTLS
HITLS_CFG_IsDtls(const HITLS_Config * config,uint8_t * isDtls)1946 int32_t HITLS_CFG_IsDtls(const HITLS_Config *config, uint8_t *isDtls)
1947 {
1948 if (config == NULL || isDtls == NULL) {
1949 return HITLS_NULL_INPUT;
1950 }
1951
1952 *isDtls = ((config->originVersionMask & DTLS12_VERSION_BIT) != 0);
1953 return HITLS_SUCCESS;
1954 }
1955 #endif
HITLS_CFG_SetCipherServerPreference(HITLS_Config * config,bool isSupport)1956 int32_t HITLS_CFG_SetCipherServerPreference(HITLS_Config *config, bool isSupport)
1957 {
1958 if (config == NULL) {
1959 return HITLS_NULL_INPUT;
1960 }
1961
1962 config->isSupportServerPreference = isSupport;
1963 return HITLS_SUCCESS;
1964 }
1965
HITLS_CFG_GetCipherServerPreference(const HITLS_Config * config,bool * isSupport)1966 int32_t HITLS_CFG_GetCipherServerPreference(const HITLS_Config *config, bool *isSupport)
1967 {
1968 if (config == NULL || isSupport == NULL) {
1969 return HITLS_NULL_INPUT;
1970 }
1971
1972 *isSupport = config->isSupportServerPreference;
1973 return HITLS_SUCCESS;
1974 }
1975 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_CFG_SetTicketNums(HITLS_Config * config,uint32_t ticketNums)1976 int32_t HITLS_CFG_SetTicketNums(HITLS_Config *config, uint32_t ticketNums)
1977 {
1978 if (config == NULL) {
1979 return HITLS_NULL_INPUT;
1980 }
1981
1982 config->ticketNums = ticketNums;
1983 return HITLS_SUCCESS;
1984 }
1985
HITLS_CFG_GetTicketNums(HITLS_Config * config)1986 uint32_t HITLS_CFG_GetTicketNums(HITLS_Config *config)
1987 {
1988 if (config == NULL) {
1989 return HITLS_NULL_INPUT;
1990 }
1991
1992 return config->ticketNums;
1993 }
1994 #endif
1995 #ifdef HITLS_TLS_FEATURE_FLIGHT
HITLS_CFG_SetFlightTransmitSwitch(HITLS_Config * config,uint8_t isEnable)1996 int32_t HITLS_CFG_SetFlightTransmitSwitch(HITLS_Config *config, uint8_t isEnable)
1997 {
1998 if (config == NULL) {
1999 return HITLS_NULL_INPUT;
2000 }
2001
2002 if (isEnable == 0) {
2003 config->isFlightTransmitEnable = false;
2004 } else {
2005 config->isFlightTransmitEnable = true;
2006 }
2007 return HITLS_SUCCESS;
2008 }
2009
HITLS_CFG_GetFlightTransmitSwitch(const HITLS_Config * config,uint8_t * isEnable)2010 int32_t HITLS_CFG_GetFlightTransmitSwitch(const HITLS_Config *config, uint8_t *isEnable)
2011 {
2012 if (config == NULL || isEnable == NULL) {
2013 return HITLS_NULL_INPUT;
2014 }
2015
2016 *isEnable = config->isFlightTransmitEnable;
2017 return HITLS_SUCCESS;
2018 }
2019 #endif
2020
2021 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
HITLS_CFG_SetDtlsCookieExchangeSupport(HITLS_Config * config,bool isSupport)2022 int32_t HITLS_CFG_SetDtlsCookieExchangeSupport(HITLS_Config *config, bool isSupport)
2023 {
2024 if (config == NULL) {
2025 return HITLS_NULL_INPUT;
2026 }
2027
2028 config->isSupportDtlsCookieExchange = isSupport;
2029 return HITLS_SUCCESS;
2030 }
2031
HITLS_CFG_GetDtlsCookieExchangeSupport(const HITLS_Config * config,bool * isSupport)2032 int32_t HITLS_CFG_GetDtlsCookieExchangeSupport(const HITLS_Config *config, bool *isSupport)
2033 {
2034 if (config == NULL || isSupport == NULL) {
2035 return HITLS_NULL_INPUT;
2036 }
2037
2038 *isSupport = config->isSupportDtlsCookieExchange;
2039 return HITLS_SUCCESS;
2040 }
2041 #endif
2042 #ifdef HITLS_TLS_MAINTAIN_KEYLOG
HITLS_CFG_SetKeyLogCb(HITLS_Config * config,HITLS_KeyLogCb callback)2043 int32_t HITLS_CFG_SetKeyLogCb(HITLS_Config *config, HITLS_KeyLogCb callback)
2044 {
2045 if (config == NULL) {
2046 return HITLS_NULL_INPUT;
2047 }
2048
2049 config->keyLogCb = callback;
2050 return HITLS_SUCCESS;
2051 }
2052
HITLS_CFG_GetKeyLogCb(HITLS_Config * config)2053 HITLS_KeyLogCb HITLS_CFG_GetKeyLogCb(HITLS_Config *config)
2054 {
2055 if (config == NULL) {
2056 return NULL;
2057 }
2058
2059 return config->keyLogCb;
2060 }
2061 #endif
2062
HITLS_CFG_SetEmptyRecordsNum(HITLS_Config * config,uint32_t emptyNum)2063 int32_t HITLS_CFG_SetEmptyRecordsNum(HITLS_Config *config, uint32_t emptyNum)
2064 {
2065 if (config == NULL) {
2066 return HITLS_NULL_INPUT;
2067 }
2068 config->emptyRecordsNum = emptyNum;
2069
2070 return HITLS_SUCCESS;
2071 }
2072
HITLS_CFG_GetEmptyRecordsNum(const HITLS_Config * config,uint32_t * emptyNum)2073 int32_t HITLS_CFG_GetEmptyRecordsNum(const HITLS_Config *config, uint32_t *emptyNum)
2074 {
2075 if (config == NULL || emptyNum == NULL) {
2076 return HITLS_NULL_INPUT;
2077 }
2078 *emptyNum = config->emptyRecordsNum;
2079
2080 return HITLS_SUCCESS;
2081 }
2082