1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15 #include "hitls_build.h"
16 #ifdef HITLS_TLS_FEATURE_SESSION
17 #include <stdbool.h>
18 #include <time.h>
19 #include <stdarg.h>
20 #include "securec.h"
21 #include "bsl_sal.h"
22 #include "hitls_error.h"
23 #include "bsl_list.h"
24 #include "bsl_err_internal.h"
25 #include "bsl_errno.h"
26 #include "tls_binlog_id.h"
27 #include "cert_method.h"
28 #include "cert.h"
29 #include "cert_mgr.h"
30 #include "session_type.h"
31 #include "session.h"
32 #include "cert_mgr_ctx.h"
33 #ifdef HITLS_TLS_FEATURE_SESSION
34 #define MAX_PRINTF_BUF 1024
35 #define CTIME_BUF 26
36 #endif
37 /**
38 * Apply for a session
39 */
HITLS_SESS_New(void)40 HITLS_Session *HITLS_SESS_New(void)
41 {
42 HITLS_Session *sess = (HITLS_Session *)BSL_SAL_Calloc(1u, sizeof(HITLS_Session));
43 if (sess == NULL) {
44 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16714, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Calloc fail", 0, 0, 0, 0);
45 return NULL;
46 }
47
48 sess->certMgrCtx = SAL_CERT_MgrCtxNew();
49 if (sess->certMgrCtx == NULL) {
50 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16715, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MgrCtxNew fail", 0, 0, 0, 0);
51 BSL_SAL_FREE(sess);
52 return NULL;
53 }
54
55 if (BSL_SAL_ThreadLockNew(&sess->lock) != BSL_SUCCESS) {
56 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16716, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
57 "ThreadLockNew fail", 0, 0, 0, 0);
58 SAL_CERT_MgrCtxFree(sess->certMgrCtx);
59 BSL_SAL_FREE(sess);
60 return NULL;
61 }
62
63 sess->startTime = (uint64_t)BSL_SAL_CurrentSysTimeGet(); // default value
64 sess->references = 1;
65 sess->enable = true;
66 sess->cipherSuite = HITLS_AES_128_GCM_SHA256;
67 return sess;
68 }
69
70 /**
71 * To copy a session, increase the number of references by 1
72 */
HITLS_SESS_Dup(HITLS_Session * sess)73 HITLS_Session *HITLS_SESS_Dup(HITLS_Session *sess)
74 {
75 if (sess == NULL) {
76 return NULL;
77 }
78
79 BSL_SAL_ThreadWriteLock(sess->lock);
80 sess->references++;
81 BSL_SAL_ThreadUnlock(sess->lock);
82
83 return sess;
84 }
85
86 /**
87 * Increase the number of references by 1
88 */
HITLS_SESS_UpRef(HITLS_Session * sess)89 void HITLS_SESS_UpRef(HITLS_Session *sess)
90 {
91 if (sess == NULL) {
92 return;
93 }
94
95 BSL_SAL_ThreadWriteLock(sess->lock);
96 sess->references++;
97 BSL_SAL_ThreadUnlock(sess->lock);
98
99 return;
100 }
101
HITLS_SESS_Free(HITLS_Session * sess)102 void HITLS_SESS_Free(HITLS_Session *sess)
103 {
104 if (sess != NULL) {
105 BSL_SAL_ThreadWriteLock(sess->lock);
106 sess->references--;
107 if (sess->references > 0) {
108 BSL_SAL_ThreadUnlock(sess->lock);
109 return;
110 }
111 BSL_SAL_ThreadUnlock(sess->lock);
112 if (sess->peerCert != NULL) {
113 SAL_CERT_PairFree(sess->certMgrCtx, sess->peerCert);
114 }
115 sess->peerCert = NULL;
116 BSL_SAL_FREE(sess->ticket);
117 #ifdef HITLS_TLS_FEATURE_SNI
118 BSL_SAL_FREE(sess->hostName);
119 #endif
120 memset_s(sess->masterKey, MAX_MASTER_KEY_SIZE, 0, MAX_MASTER_KEY_SIZE);
121 SAL_CERT_MgrCtxFree(sess->certMgrCtx);
122 BSL_SAL_ThreadLockFree(sess->lock);
123 BSL_SAL_FREE(sess);
124 }
125 }
126
DeepCopySess(HITLS_Session * src,HITLS_Session * dest)127 static HITLS_Session *DeepCopySess(HITLS_Session *src, HITLS_Session *dest)
128 {
129 dest->certMgrCtx = SAL_CERT_MgrCtxProviderNew(LIBCTX_FROM_CERT_MGR_CTX(src->certMgrCtx),
130 ATTRIBUTE_FROM_CERT_MGR_CTX(src->certMgrCtx));
131 if (dest->certMgrCtx == NULL) {
132 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16717, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MgrCtxNew fail", 0, 0, 0, 0);
133 return NULL;
134 }
135
136 if (src->peerCert != NULL) {
137 dest->peerCert = SAL_CERT_PairDup(dest->certMgrCtx, src->peerCert);
138 if (dest->peerCert == NULL) {
139 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16718, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
140 "PairDup fail", 0, 0, 0, 0);
141 return NULL;
142 }
143 }
144
145 #ifdef HITLS_TLS_FEATURE_SNI
146 if (src->hostNameSize > 0) {
147 if (SESS_SetHostName(dest, src->hostNameSize, src->hostName) != HITLS_SUCCESS) {
148 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16719, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
149 "SetHostName fail", 0, 0, 0, 0);
150 return NULL;
151 }
152 }
153 #endif
154
155 if (src->ticketSize > 0) {
156 if (SESS_SetTicket(dest, src->ticket, src->ticketSize) != HITLS_SUCCESS) {
157 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16722, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
158 "SetTicket fail", 0, 0, 0, 0);
159 return NULL;
160 }
161 }
162 return dest;
163 }
164
SESS_Copy(HITLS_Session * src)165 HITLS_Session *SESS_Copy(HITLS_Session *src)
166 {
167 HITLS_Session *dest = (HITLS_Session *)BSL_SAL_Dump(src, sizeof(HITLS_Session));
168 if (dest == NULL) {
169 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16723, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "dump fail", 0, 0, 0, 0);
170 return NULL;
171 }
172
173 if (BSL_SAL_ThreadLockNew(&dest->lock) != BSL_SUCCESS) {
174 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16724, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
175 "ThreadLockNew fail", 0, 0, 0, 0);
176 BSL_SAL_FREE(dest);
177 return NULL;
178 }
179
180 dest->references = 1;
181 dest->enable = true;
182
183 dest->peerCert = NULL;
184 #ifdef HITLS_TLS_FEATURE_SNI
185 dest->hostName = NULL;
186 #endif
187 dest->ticket = NULL;
188
189 if (DeepCopySess(src, dest) == NULL) {
190 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16725, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
191 "DeepCopySess fail", 0, 0, 0, 0);
192 HITLS_SESS_Free(dest);
193 return NULL;
194 }
195
196 return dest;
197 }
198
199 /* Just make a simple judgment */
HITLS_SESS_IsResumable(const HITLS_Session * sess)200 bool HITLS_SESS_IsResumable(const HITLS_Session *sess)
201 {
202 bool isResumable = 0;
203 if (sess != NULL) {
204 BSL_SAL_ThreadReadLock(sess->lock);
205 isResumable = (sess->enable && (sess->sessionIdSize > 0 || sess->ticketSize > 0));
206 BSL_SAL_ThreadUnlock(sess->lock);
207 }
208 return isResumable;
209 }
210 /**
211 * Session is deprecated
212 */
SESS_Disable(HITLS_Session * sess)213 void SESS_Disable(HITLS_Session *sess)
214 {
215 if (sess != NULL) {
216 BSL_SAL_ThreadWriteLock(sess->lock);
217 sess->enable = false;
218 BSL_SAL_ThreadUnlock(sess->lock);
219 }
220 return;
221 }
222
223 #ifdef HITLS_TLS_FEATURE_SESSION_ID
HITLS_SESS_GetSessionId(const HITLS_Session * sess,uint8_t * sessionId,uint32_t * sessionIdSize)224 int32_t HITLS_SESS_GetSessionId(const HITLS_Session *sess, uint8_t *sessionId, uint32_t *sessionIdSize)
225 {
226 if (sess == NULL || sessionId == NULL || sessionIdSize == NULL) {
227 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16726, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
228 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
229 return HITLS_NULL_INPUT;
230 }
231
232 BSL_SAL_ThreadReadLock(sess->lock);
233 if (memcpy_s(sessionId, *sessionIdSize, sess->sessionId, sess->sessionIdSize) != EOK) {
234 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16727, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
235 BSL_SAL_ThreadUnlock(sess->lock);
236 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
237 return HITLS_MEMCPY_FAIL;
238 }
239
240 *sessionIdSize = sess->sessionIdSize;
241 BSL_SAL_ThreadUnlock(sess->lock);
242 return HITLS_SUCCESS;
243 }
244
HITLS_SESS_SetSessionIdCtx(HITLS_Session * sess,uint8_t * sessionIdCtx,uint32_t sessionIdCtxSize)245 int32_t HITLS_SESS_SetSessionIdCtx(HITLS_Session *sess, uint8_t *sessionIdCtx, uint32_t sessionIdCtxSize)
246 {
247 if (sess == NULL || sessionIdCtx == NULL) {
248 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16728, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
249 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
250 return HITLS_NULL_INPUT;
251 }
252
253 BSL_SAL_ThreadWriteLock(sess->lock);
254 if (sessionIdCtxSize != 0 &&
255 memcpy_s(sess->sessionIdCtx, sizeof(sess->sessionIdCtx), sessionIdCtx, sessionIdCtxSize) != EOK) {
256 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16729, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
257 BSL_SAL_ThreadUnlock(sess->lock);
258 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
259 return HITLS_MEMCPY_FAIL;
260 }
261
262 /* The allowed value for sessionIdCtxSize is 0 */
263 sess->sessionIdCtxSize = sessionIdCtxSize;
264
265 BSL_SAL_ThreadUnlock(sess->lock);
266 return HITLS_SUCCESS;
267 }
268
HITLS_SESS_GetSessionIdCtx(const HITLS_Session * sess,uint8_t * sessionIdCtx,uint32_t * sessionIdCtxSize)269 int32_t HITLS_SESS_GetSessionIdCtx(const HITLS_Session *sess, uint8_t *sessionIdCtx, uint32_t *sessionIdCtxSize)
270 {
271 if (sess == NULL || sessionIdCtx == NULL || sessionIdCtxSize == NULL) {
272 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16730, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
273 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
274 return HITLS_NULL_INPUT;
275 }
276
277 BSL_SAL_ThreadReadLock(sess->lock);
278 if (memcpy_s(sessionIdCtx, *sessionIdCtxSize, sess->sessionIdCtx, sess->sessionIdCtxSize) != EOK) {
279 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16731, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
280 BSL_SAL_ThreadUnlock(sess->lock);
281 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
282 return HITLS_MEMCPY_FAIL;
283 }
284
285 *sessionIdCtxSize = sess->sessionIdCtxSize;
286 BSL_SAL_ThreadUnlock(sess->lock);
287 return HITLS_SUCCESS;
288 }
289 #endif /* HITLS_TLS_FEATURE_SESSION_ID */
290
HITLS_SESS_SetSessionId(HITLS_Session * sess,uint8_t * sessionId,uint32_t sessionIdSize)291 int32_t HITLS_SESS_SetSessionId(HITLS_Session *sess, uint8_t *sessionId, uint32_t sessionIdSize)
292 {
293 if (sess == NULL || sessionId == NULL || sessionIdSize == 0) {
294 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16732, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
295 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
296 return HITLS_NULL_INPUT;
297 }
298
299 BSL_SAL_ThreadWriteLock(sess->lock);
300 if (memcpy_s(sess->sessionId, sizeof(sess->sessionId), sessionId, sessionIdSize) != EOK) {
301 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16733, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
302 BSL_SAL_ThreadUnlock(sess->lock);
303 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
304 return HITLS_MEMCPY_FAIL;
305 }
306
307 sess->sessionIdSize = sessionIdSize;
308
309 BSL_SAL_ThreadUnlock(sess->lock);
310 return HITLS_SUCCESS;
311 }
312
HITLS_SESS_SetHaveExtMasterSecret(HITLS_Session * sess,uint8_t haveExtMasterSecret)313 int32_t HITLS_SESS_SetHaveExtMasterSecret(HITLS_Session *sess, uint8_t haveExtMasterSecret)
314 {
315 if (sess == NULL) {
316 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16734, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
317 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
318 return HITLS_NULL_INPUT;
319 }
320
321 BSL_SAL_ThreadWriteLock(sess->lock);
322 sess->haveExtMasterSecret = (haveExtMasterSecret > 0);
323 BSL_SAL_ThreadUnlock(sess->lock);
324 return HITLS_SUCCESS;
325 }
326
HITLS_SESS_GetHaveExtMasterSecret(HITLS_Session * sess,uint8_t * haveExtMasterSecret)327 int32_t HITLS_SESS_GetHaveExtMasterSecret(HITLS_Session *sess, uint8_t *haveExtMasterSecret)
328 {
329 if (sess == NULL || haveExtMasterSecret == NULL) {
330 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16735, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
331 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
332 return HITLS_NULL_INPUT;
333 }
334
335 BSL_SAL_ThreadReadLock(sess->lock);
336 *haveExtMasterSecret = (uint8_t)sess->haveExtMasterSecret;
337 BSL_SAL_ThreadUnlock(sess->lock);
338 return HITLS_SUCCESS;
339 }
340
341 #if defined(HITLS_TLS_FEATURE_SNI) && defined(HITLS_TLS_FEATURE_SESSION)
342 /* Set the server_name extension required for TLS1.2 session resumption */
SESS_SetHostName(HITLS_Session * sess,uint32_t hostNameSize,uint8_t * hostName)343 int32_t SESS_SetHostName(HITLS_Session *sess, uint32_t hostNameSize, uint8_t *hostName)
344 {
345 if (sess == NULL || hostName == NULL || hostNameSize == 0) {
346 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16736, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
347 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
348 return HITLS_NULL_INPUT;
349 }
350
351 BSL_SAL_ThreadWriteLock(sess->lock);
352 BSL_SAL_FREE(sess->hostName);
353 sess->hostName = (uint8_t *)BSL_SAL_Dump(hostName, hostNameSize * sizeof(uint8_t));
354 if (sess->hostName == NULL) {
355 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16737, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
356 BSL_SAL_ThreadUnlock(sess->lock);
357 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
358 return HITLS_MEMCPY_FAIL;
359 }
360
361 sess->hostNameSize = hostNameSize;
362 BSL_SAL_ThreadUnlock(sess->lock);
363
364 return HITLS_SUCCESS;
365 }
366 /* Get the server_name extension required for TLS1.2 session resumption */
SESS_GetHostName(HITLS_Session * sess,uint32_t * hostNameSize,uint8_t ** hostName)367 int32_t SESS_GetHostName(HITLS_Session *sess, uint32_t *hostNameSize, uint8_t **hostName)
368 {
369 if (sess == NULL || hostNameSize == NULL || hostName == NULL) {
370 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16738, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
371 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
372 return HITLS_NULL_INPUT;
373 }
374
375 BSL_SAL_ThreadReadLock(sess->lock);
376 *hostName = sess->hostName;
377 *hostNameSize = sess->hostNameSize;
378 BSL_SAL_ThreadUnlock(sess->lock);
379
380 return HITLS_SUCCESS;
381 }
382 #endif /* HITLS_TLS_FEATURE_SNI */
383
HITLS_SESS_SetProtocolVersion(HITLS_Session * sess,uint16_t version)384 int32_t HITLS_SESS_SetProtocolVersion(HITLS_Session *sess, uint16_t version)
385 {
386 if (sess == NULL) {
387 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16739, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
388 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
389 return HITLS_NULL_INPUT;
390 }
391
392 BSL_SAL_ThreadWriteLock(sess->lock);
393 sess->version = version;
394 BSL_SAL_ThreadUnlock(sess->lock);
395 return HITLS_SUCCESS;
396 }
397
HITLS_SESS_GetProtocolVersion(const HITLS_Session * sess,uint16_t * version)398 int32_t HITLS_SESS_GetProtocolVersion(const HITLS_Session *sess, uint16_t *version)
399 {
400 if (sess == NULL || version == NULL) {
401 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16740, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
402 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
403 return HITLS_NULL_INPUT;
404 }
405
406 BSL_SAL_ThreadReadLock(sess->lock);
407 *version = sess->version;
408 BSL_SAL_ThreadUnlock(sess->lock);
409 return HITLS_SUCCESS;
410 }
411
412 #ifdef HITLS_TLS_CONNECTION_INFO_NEGOTIATION
SESS_SetPeerCert(HITLS_Session * sess,CERT_Pair * peerCert,bool isClient)413 int32_t SESS_SetPeerCert(HITLS_Session *sess, CERT_Pair *peerCert, bool isClient)
414 {
415 int32_t ret = HITLS_SUCCESS;
416 if (sess == NULL) {
417 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
418 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16741, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "sess null", 0, 0, 0, 0);
419 return HITLS_NULL_INPUT;
420 }
421
422 BSL_SAL_ThreadWriteLock(sess->lock);
423 sess->peerCert = peerCert;
424 /* The peer_cert_chain of the client stores the device certificate of the server */
425 if (isClient && peerCert != NULL) {
426 /* Obtain the cert */
427 HITLS_CERT_X509 *tmpCert = SAL_CERT_PairGetX509(peerCert);
428 if (tmpCert == NULL) {
429 /* If cert in CERT_Pair is empty, the unlocking is returned */
430 goto EXIT;
431 }
432 /* Obtain the chain */
433 HITLS_CERT_Chain *tmpChain = SAL_CERT_PairGetChain(peerCert);
434 if (tmpChain == NULL) {
435 /* If the chain in CERT_Pair is empty, the unlocking is returned */
436 goto EXIT;
437 }
438
439 /* Make a copy of the cert */
440 HITLS_CERT_X509 *newSubjectCert = SAL_CERT_X509Dup(sess->certMgrCtx, tmpCert);
441 if (newSubjectCert == NULL) {
442 ret = HITLS_CERT_ERR_X509_DUP;
443 goto EXIT;
444 }
445
446 ret = (int32_t)BSL_LIST_AddElement(tmpChain, newSubjectCert, BSL_LIST_POS_BEGIN);
447 if (ret != 0) {
448 SAL_CERT_X509Free(newSubjectCert);
449 }
450 }
451 EXIT:
452 BSL_SAL_ThreadUnlock(sess->lock);
453 return ret;
454 }
455
SESS_GetPeerCert(HITLS_Session * sess,CERT_Pair ** peerCert)456 int32_t SESS_GetPeerCert(HITLS_Session *sess, CERT_Pair **peerCert)
457 {
458 if (sess == NULL || peerCert == NULL) {
459 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16742, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
460 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
461 return HITLS_NULL_INPUT;
462 }
463
464 BSL_SAL_ThreadReadLock(sess->lock);
465 *peerCert = sess->peerCert;
466 BSL_SAL_ThreadUnlock(sess->lock);
467 return HITLS_SUCCESS;
468 }
469 #endif /* HITLS_TLS_CONNECTION_INFO_NEGOTIATION */
470
SESS_GetStartTime(HITLS_Session * sess)471 uint64_t SESS_GetStartTime(HITLS_Session *sess)
472 {
473 if (sess == NULL) {
474 return 0;
475 }
476
477 uint64_t startTime = 0u;
478
479 BSL_SAL_ThreadReadLock(sess->lock);
480 startTime = sess->startTime;
481 BSL_SAL_ThreadUnlock(sess->lock);
482
483 return startTime;
484 }
485
SESS_SetStartTime(HITLS_Session * sess,uint64_t startTime)486 int32_t SESS_SetStartTime(HITLS_Session *sess, uint64_t startTime)
487 {
488 if (sess == NULL) {
489 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16743, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
490 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
491 return HITLS_NULL_INPUT;
492 }
493
494 BSL_SAL_ThreadWriteLock(sess->lock);
495 sess->startTime = startTime;
496 BSL_SAL_ThreadUnlock(sess->lock);
497
498 return HITLS_SUCCESS;
499 }
500
HITLS_SESS_SetTimeout(HITLS_Session * sess,uint64_t timeout)501 int32_t HITLS_SESS_SetTimeout(HITLS_Session *sess, uint64_t timeout)
502 {
503 if (sess == NULL) {
504 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16744, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
505 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
506 return HITLS_NULL_INPUT;
507 }
508
509 BSL_SAL_ThreadWriteLock(sess->lock);
510 sess->timeout = timeout;
511 BSL_SAL_ThreadUnlock(sess->lock);
512 return HITLS_SUCCESS;
513 }
514
HITLS_SESS_SetCipherSuite(HITLS_Session * sess,uint16_t cipherSuite)515 int32_t HITLS_SESS_SetCipherSuite(HITLS_Session *sess, uint16_t cipherSuite)
516 {
517 if (sess == NULL) {
518 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16745, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
519 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
520 return HITLS_NULL_INPUT;
521 }
522
523 BSL_SAL_ThreadWriteLock(sess->lock);
524 sess->cipherSuite = cipherSuite;
525 BSL_SAL_ThreadUnlock(sess->lock);
526 return HITLS_SUCCESS;
527 }
HITLS_SESS_GetCipherSuite(const HITLS_Session * sess,uint16_t * cipherSuite)528 int32_t HITLS_SESS_GetCipherSuite(const HITLS_Session *sess, uint16_t *cipherSuite)
529 {
530 if (sess == NULL || cipherSuite == NULL) {
531 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16746, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
532 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
533 return HITLS_NULL_INPUT;
534 }
535
536 BSL_SAL_ThreadReadLock(sess->lock);
537 *cipherSuite = sess->cipherSuite;
538 BSL_SAL_ThreadUnlock(sess->lock);
539 return HITLS_SUCCESS;
540 }
541
HITLS_SESS_SetMasterKey(HITLS_Session * sess,const uint8_t * masterKey,uint32_t masterKeySize)542 int32_t HITLS_SESS_SetMasterKey(HITLS_Session *sess, const uint8_t *masterKey, uint32_t masterKeySize)
543 {
544 if (sess == NULL || masterKey == NULL || masterKeySize == 0) {
545 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16747, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
546 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
547 return HITLS_NULL_INPUT;
548 }
549
550 BSL_SAL_ThreadWriteLock(sess->lock);
551 if (memcpy_s(sess->masterKey, sizeof(sess->masterKey), masterKey, masterKeySize) != EOK) {
552 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16748, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
553 BSL_SAL_ThreadUnlock(sess->lock);
554 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
555 return HITLS_MEMCPY_FAIL;
556 }
557
558 sess->masterKeySize = masterKeySize;
559
560 BSL_SAL_ThreadUnlock(sess->lock);
561 return HITLS_SUCCESS;
562 }
563
564 #ifdef HITLS_TLS_FEATURE_SESSION
HITLS_SESS_GetMasterKeyLen(const HITLS_Session * sess)565 uint32_t HITLS_SESS_GetMasterKeyLen(const HITLS_Session *sess)
566 {
567 uint32_t masterKeySize = 0;
568 if (sess == NULL) {
569 return 0;
570 }
571
572 BSL_SAL_ThreadReadLock(sess->lock);
573 masterKeySize = sess->masterKeySize;
574 BSL_SAL_ThreadUnlock(sess->lock);
575 return masterKeySize;
576 }
577 #endif
578
HITLS_SESS_GetMasterKey(const HITLS_Session * sess,uint8_t * masterKey,uint32_t * masterKeySize)579 int32_t HITLS_SESS_GetMasterKey(const HITLS_Session *sess, uint8_t *masterKey, uint32_t *masterKeySize)
580 {
581 if (sess == NULL || masterKey == NULL || masterKeySize == NULL) {
582 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16749, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
583 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
584 return HITLS_NULL_INPUT;
585 }
586
587 BSL_SAL_ThreadReadLock(sess->lock);
588 if (memcpy_s(masterKey, *masterKeySize, sess->masterKey, sess->masterKeySize) != EOK) {
589 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16750, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "memcpy fail", 0, 0, 0, 0);
590 BSL_SAL_ThreadUnlock(sess->lock);
591 BSL_ERR_PUSH_ERROR(HITLS_MEMCPY_FAIL);
592 return HITLS_MEMCPY_FAIL;
593 }
594
595 *masterKeySize = sess->masterKeySize;
596 BSL_SAL_ThreadUnlock(sess->lock);
597 return HITLS_SUCCESS;
598 }
599
SESS_SetTicket(HITLS_Session * sess,uint8_t * ticket,uint32_t ticketSize)600 int32_t SESS_SetTicket(HITLS_Session *sess, uint8_t *ticket, uint32_t ticketSize)
601 {
602 if (sess == NULL || ticket == NULL || ticketSize == 0) {
603 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16751, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
604 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
605 return HITLS_NULL_INPUT;
606 }
607
608 BSL_SAL_ThreadWriteLock(sess->lock);
609
610 BSL_SAL_FREE(sess->ticket);
611 sess->ticket = (uint8_t *)BSL_SAL_Dump(ticket, ticketSize);
612 if (sess->ticket == NULL) {
613 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16752, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "Dump fail", 0, 0, 0, 0);
614 BSL_SAL_ThreadUnlock(sess->lock);
615 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
616 return HITLS_MEMALLOC_FAIL;
617 }
618
619 sess->ticketSize = ticketSize;
620 BSL_SAL_ThreadUnlock(sess->lock);
621 return HITLS_SUCCESS;
622 }
623
SESS_GetTicket(const HITLS_Session * sess,uint8_t ** ticket,uint32_t * ticketSize)624 int32_t SESS_GetTicket(const HITLS_Session *sess, uint8_t **ticket, uint32_t *ticketSize)
625 {
626 if (sess == NULL || ticket == NULL || ticketSize == NULL) {
627 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
628 return HITLS_NULL_INPUT;
629 }
630
631 BSL_SAL_ThreadReadLock(sess->lock);
632 *ticket = sess->ticket;
633 *ticketSize = sess->ticketSize;
634 BSL_SAL_ThreadUnlock(sess->lock);
635 return HITLS_SUCCESS;
636 }
637
638 #ifdef HITLS_TLS_FEATURE_SESSION_TICKET
HITLS_SESS_HasTicket(const HITLS_Session * sess)639 bool HITLS_SESS_HasTicket(const HITLS_Session *sess)
640 {
641 if (sess == NULL) {
642 return false;
643 }
644
645 bool flag = 0;
646 BSL_SAL_ThreadReadLock(sess->lock);
647 flag = (sess->ticket != NULL);
648 BSL_SAL_ThreadUnlock(sess->lock);
649
650 return flag;
651 }
652 #endif
653
SESS_CheckValidity(HITLS_Session * sess,uint64_t curTime)654 bool SESS_CheckValidity(HITLS_Session *sess, uint64_t curTime)
655 {
656 if (sess == NULL) {
657 return false;
658 }
659
660 bool flag = false;
661
662 BSL_SAL_ThreadReadLock(sess->lock);
663 if ((sess->enable) && (curTime < sess->startTime + sess->timeout)) {
664 flag = true;
665 }
666 BSL_SAL_ThreadUnlock(sess->lock);
667
668 return flag;
669 }
670
SESS_SetTicketAgeAdd(HITLS_Session * sess,uint32_t ticketAgeAdd)671 int32_t SESS_SetTicketAgeAdd(HITLS_Session *sess, uint32_t ticketAgeAdd)
672 {
673 if (sess == NULL) {
674 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16754, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "input null", 0, 0, 0, 0);
675 BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
676 return HITLS_NULL_INPUT;
677 }
678
679 BSL_SAL_ThreadWriteLock(sess->lock);
680 sess->ticketAgeAdd = ticketAgeAdd;
681 BSL_SAL_ThreadUnlock(sess->lock);
682 return HITLS_SUCCESS;
683 }
684
SESS_GetTicketAgeAdd(const HITLS_Session * sess)685 uint32_t SESS_GetTicketAgeAdd(const HITLS_Session *sess)
686 {
687 uint32_t ticketAgeAdd = 0;
688 if (sess == NULL) {
689 return 0;
690 }
691
692 BSL_SAL_ThreadReadLock(sess->lock);
693 ticketAgeAdd = sess->ticketAgeAdd;
694 BSL_SAL_ThreadUnlock(sess->lock);
695 return ticketAgeAdd;
696 }
697
698 #endif /* HITLS_TLS_FEATURE_SESSION */