TLS parameter configuration 更多...
Hitls 的协作图:
模块 | |
| Hitls_alpn | |
| TLS ALPN related type | |
| Hitls_cert | |
| TLS Certificate Operation Interface | |
| Hitls_cert_reg | |
| Certificate related interfaces to be registered | |
| Hitls_cert_type | |
| Structures related to a certificate | |
| Hitls_config | |
| TLS parameter configuration | |
| Hitls_crypt_init | |
| algorithm abstraction layer initialization | |
| Hitls_crypt_reg | |
| Algorithm related interfaces to be registered | |
| Hitls_errno | |
| error module | |
| Hitls_psk | |
| Basic functions for link establishment based on PSK | |
| Hitls_security | |
| TLS security features | |
| Hitls_session | |
| TLS session | |
| Hitls_sni | |
| TLS SNI correlation type | |
| Hitls_type | |
| TLS type definition, provides the TLS type required by the user | |
类型定义 | |
| typedef void(* | HITLS_ConfigUserDataFreeCb) (void *) |
| UserData free callback | |
函数 | |
| HITLS_Ctx * | HITLS_New (HITLS_Config *config) |
| Create a TLS object and deep copy the HITLS_Config to the HITLS_Ctx. | |
| void | HITLS_Free (HITLS_Ctx *ctx) |
| Release the TLS connection. | |
| int32_t | HITLS_SetUio (HITLS_Ctx *ctx, BSL_UIO *uio) |
| Set the UIO object for the HiTLS context. | |
| int32_t | HITLS_SetReadUio (HITLS_Ctx *ctx, BSL_UIO *uio) |
| Read UIO for the HiTLS context. | |
| BSL_UIO * | HITLS_GetUio (const HITLS_Ctx *ctx) |
| Obtain the UIO object from the HiTLS context. | |
| BSL_UIO * | HITLS_GetReadUio (const HITLS_Ctx *ctx) |
| Obtain the UIO object of the read data. | |
| int32_t | HITLS_Connect (HITLS_Ctx *ctx) |
| The client starts the handshake with the TLS server. | |
| int32_t | HITLS_SetEndPoint (HITLS_Ctx *ctx, bool isClient) |
| Set the initial status of the connection. | |
| int32_t | HITLS_Accept (HITLS_Ctx *ctx) |
| The server waits for the client to start handshake. | |
| int32_t | HITLS_Read (HITLS_Ctx *ctx, uint8_t *data, uint32_t bufSize, uint32_t *readLen) |
| Read application data | |
| int32_t | HITLS_Write (HITLS_Ctx *ctx, const uint8_t *data, uint32_t dataLen) |
| Write data. | |
| int32_t | HITLS_GetMaxWriteSize (const HITLS_Ctx *ctx, uint32_t *len) |
| Obtain the maximum writable (plaintext) length. | |
| void * | HITLS_GetUserData (const HITLS_Ctx *ctx) |
| Obtain user data from the HiTLS context. This interface is called in the callback registered with the HiTLS. | |
| int32_t | HITLS_SetUserData (HITLS_Ctx *ctx, void *userData) |
| Save the user data in the HiTLS context, which can be obtained from the callback registered with the HiTLS. | |
| int32_t | HITLS_Close (HITLS_Ctx *ctx) |
| Close the TLS connection. | |
| int32_t | HITLS_SetShutdownState (HITLS_Ctx *ctx, uint32_t mode) |
| Set the shutdown status of the TLS link. | |
| int32_t | HITLS_GetShutdownState (const HITLS_Ctx *ctx, uint32_t *mode) |
| Obtain the shutdown status of the TLS link. | |
| int32_t | HITLS_GetNegotiatedVersion (const HITLS_Ctx *ctx, uint16_t *version) |
| Obtain the HiTLS negotiation version. | |
| int32_t | HITLS_GetMaxProtoVersion (const HITLS_Ctx *ctx, uint16_t *maxVersion) |
| Obtain the latest protocol version. | |
| int32_t | HITLS_GetMinProtoVersion (const HITLS_Ctx *ctx, uint16_t *minVersion) |
| Obtain the latest protocol version. | |
| int32_t | HITLS_SetMinProtoVersion (HITLS_Ctx *ctx, uint16_t version) |
| Set the minimum protocol version based on the specified version. | |
| int32_t | HITLS_SetMaxProtoVersion (HITLS_Ctx *ctx, uint16_t version) |
| Set the maximum protocol version that is supported based on the specified version. | |
| int32_t | HITLS_IsAead (const HITLS_Ctx *ctx, uint8_t *isAead) |
| Obtain whether to use the AEAD algorithm. | |
| int32_t | HITLS_IsDtls (const HITLS_Ctx *ctx, uint8_t *isDtls) |
| Check whether DTLS is used. | |
| int32_t | HITLS_SetErrorCode (HITLS_Ctx *ctx, int32_t errorCode) |
| Record the error value of the HiTLS link. | |
| int32_t | HITLS_GetErrorCode (const HITLS_Ctx *ctx) |
| Obtain the error value of the HiTLS link. | |
| int32_t | HITLS_IsHandShakeDone (const HITLS_Ctx *ctx, uint8_t *isDone) |
| Obtain the information about whether the handshake is complete. | |
| int32_t | HITLS_IsServer (const HITLS_Ctx *ctx, uint8_t *isServer) |
| Indicates whether the HiTLS object functions as the server. | |
| int32_t | HITLS_ReadHasPending (const HITLS_Ctx *ctx, uint8_t *isPending) |
| Check the HiTLS object in the read cache. | |
| uint32_t | HITLS_GetReadPendingBytes (const HITLS_Ctx *ctx) |
| Obtain the number of bytes of application data to be read from the current record from the HiTLS object. | |
| int32_t | HITLS_GetPeerSignScheme (const HITLS_Ctx *ctx, HITLS_SignHashAlgo *peerSignScheme) |
| Obtain the signature hash algorithm used by the peer end. | |
| int32_t | HITLS_GetLocalSignScheme (const HITLS_Ctx *ctx, HITLS_SignHashAlgo *localSignScheme) |
| Obtain the signature hash algorithm used by the local end. | |
| int32_t | HITLS_SetEcGroups (HITLS_Ctx *ctx, uint16_t *lst, uint32_t groupSize) |
| Set the group supported by the hitls object. | |
| int32_t | HITLS_SetSigalgsList (HITLS_Ctx *ctx, const uint16_t *signAlgs, uint16_t signAlgsSize) |
| Set the signature algorithm supported by the hitls object. | |
| int32_t | HITLS_SetEcPointFormats (HITLS_Ctx *ctx, const uint8_t *pointFormats, uint32_t pointFormatsSize) |
| Set the EC point format of the hitls. | |
| int32_t | HITLS_SetClientVerifySupport (HITLS_Ctx *ctx, bool support) |
| Set whether to verify the client certificate. | |
| int32_t | HITLS_SetNoClientCertSupport (HITLS_Ctx *ctx, bool support) |
| Set whether to support the function without the client certificate, Takes effect only when the client certificate is verified. | |
| int32_t | HITLS_SetPostHandshakeAuthSupport (HITLS_Ctx *ctx, bool support) |
| Set whether to support post-handshake AUTH. | |
| int32_t | HITLS_SetVerifyNoneSupport (HITLS_Ctx *ctx, bool support) |
| Set whether to support do not proceed dual-ended verification. | |
| int32_t | HITLS_SetClientOnceVerifySupport (HITLS_Ctx *ctx, bool support) |
| Set whether the client certificate can be requested only once. | |
| const HITLS_Config * | HITLS_GetConfig (const HITLS_Ctx *ctx) |
| Obtain the value of hitlsConfig. | |
| int32_t | HITLS_ClearTLS13CipherSuites (HITLS_Ctx *ctx) |
| Clears the configured TLS1.3 cipher suite. | |
| int32_t | HITLS_SetCipherSuites (HITLS_Ctx *ctx, const uint16_t *cipherSuites, uint32_t cipherSuitesSize) |
| Set the supported key suites. | |
| const HITLS_Cipher * | HITLS_GetCurrentCipher (const HITLS_Ctx *ctx) |
| Obtain the negotiated cipher suite pointer. | |
| int32_t | HITLS_GetRandom (const HITLS_Ctx *ctx, uint8_t *out, uint32_t *outlen, bool isClient) |
| Obtain the random number of the client and server during the handshake. | |
| int32_t | HITLS_GetHandShakeState (const HITLS_Ctx *ctx, uint32_t *state) |
| Obtain the current handshake status. | |
| int32_t | HITLS_IsHandShaking (const HITLS_Ctx *ctx, uint8_t *isHandShaking) |
| Check whether a handshake is being performed. | |
| int32_t | HITLS_GetRenegotiationSupport (const HITLS_Ctx *ctx, uint8_t *isSupportRenegotiation) |
| Obtain whether renegotiation is supported. | |
| int32_t | HITLS_IsBeforeHandShake (const HITLS_Ctx *ctx, uint8_t *isBefore) |
| Check whether the handshake has not been performed. | |
| int32_t | HITLS_SetMtu (HITLS_Ctx *ctx, long mtu) |
| Set the MTU of a path. | |
| int32_t | HITLS_GetClientVersion (const HITLS_Ctx *ctx, uint16_t *clientVersion) |
| Obtain the version number set by the client in ClientHello. | |
| int32_t | HITLS_DoHandShake (HITLS_Ctx *ctx) |
| The client/server starts handshake. | |
| int32_t | HITLS_IsClient (const HITLS_Ctx *ctx, bool *isClient) |
| Check whether the current end is client. | |
| int32_t | HITLS_KeyUpdate (HITLS_Ctx *ctx, uint32_t updateType) |
| Set the keyupdate type of the current context and send the keyupdate message. | |
| int32_t | HITLS_GetKeyUpdateType (HITLS_Ctx *ctx) |
| Return the keyupdate type of the current context. | |
| int32_t | HITLS_GetSharedGroup (const HITLS_Ctx *ctx, int32_t nmatch, uint16_t *groupId) |
| Obtain the supported peer group or the number of supported peer groups of the nth match. | |
| int32_t | HITLS_GetVersionSupport (const HITLS_Ctx *ctx, uint32_t *version) |
| Obtain the supported version number. | |
| int32_t | HITLS_SetVersionSupport (HITLS_Ctx *ctx, uint32_t version) |
| Set the supported version number. | |
| int32_t | HITLS_SetVersion (HITLS_Ctx *ctx, uint32_t minVersion, uint32_t maxVersion) |
| Set the supported version number range. | |
| int32_t | HITLS_SetVersionForbid (HITLS_Ctx *ctx, uint32_t noVersion) |
| Set the version number to be disabled. | |
| int32_t | HITLS_SetNeedCheckPmsVersion (HITLS_Ctx *ctx, bool needCheck) |
| Sets whether to verify the version in the premaster secret. | |
| int32_t | HITLS_SetQuietShutdown (HITLS_Ctx *ctx, int32_t mode) |
| Set the silent disconnection mode. | |
| int32_t | HITLS_GetQuietShutdown (const HITLS_Ctx *ctx, int32_t *mode) |
| Obtain the current silent disconnection mode. | |
| int32_t | HITLS_SetDhAutoSupport (HITLS_Ctx *ctx, bool support) |
| Sets whether to support the function of automatically selecting DH parameters. | |
| int32_t | HITLS_SetTmpDh (HITLS_Ctx *ctx, HITLS_CRYPT_Key *dhPkey) |
| Set the DH parameter specified by the user. | |
| int32_t | HITLS_SetRecordPaddingCb (HITLS_Ctx *ctx, HITLS_RecordPaddingCb callback) |
| Sets the RecordPadding callback. | |
| HITLS_RecordPaddingCb | HITLS_GetRecordPaddingCb (HITLS_Ctx *ctx) |
| Obtains the RecordPadding callback function. | |
| int32_t | HITLS_SetRecordPaddingCbArg (HITLS_Ctx *ctx, void *arg) |
| Sets the parameters arg required by the RecordPadding callback function. | |
| void * | HITLS_GetRecordPaddingCbArg (HITLS_Ctx *ctx) |
| Obtains the parameter arg required by the RecordPadding callback function. | |
| int32_t | HITLS_GetPeerFinishVerifyData (const HITLS_Ctx *ctx, void *buf, uint32_t bufLen, uint32_t *dataLen) |
| Obtain the verification data and length of the peer end based on the received finished message. | |
| int32_t | HITLS_SetCloseCheckKeyUsage (HITLS_Ctx *ctx, bool isClose) |
| Disables the verification of keyusage in the certificate. This function is enabled by default. | |
| int32_t | HITLS_GetFinishVerifyData (const HITLS_Ctx *ctx, void *buf, uint32_t bufLen, uint32_t *dataLen) |
| Obtain the verification data and length of the local end based on the sent finished message. | |
| int32_t | HITLS_GetSecureRenegotiationSupport (const HITLS_Ctx *ctx, uint8_t *isSecureRenegotiation) |
| Obtains whether security renegotiation is supported. | |
| int32_t | HITLS_Renegotiate (HITLS_Ctx *ctx) |
| Perform renegotiation. | |
| int32_t | HITLS_GetRenegotiationState (const HITLS_Ctx *ctx, uint8_t *isRenegotiationState) |
| Obtain the current is whether in the renegotiation state. | |
| int32_t | HITLS_GetRwstate (const HITLS_Ctx *ctx, uint8_t *rwstate) |
| Obtain the current internal status. | |
| int32_t | HITLS_GetClientVerifySupport (HITLS_Ctx *ctx, uint8_t *isSupport) |
| Check whether the client certificate can be verified. | |
| int32_t | HITLS_GetNoClientCertSupport (HITLS_Ctx *ctx, uint8_t *isSupport) |
| Check whether no client certificate is supported, This command is valid only when client certificate verification is enabled. | |
| int32_t | HITLS_GetPostHandshakeAuthSupport (HITLS_Ctx *ctx, uint8_t *isSupport) |
| Query whether post-handshake AUTH is supported | |
| int32_t | HITLS_GetVerifyNoneSupport (HITLS_Ctx *ctx, uint8_t *isSupport) |
| Query if support is available for not performing dual-end verification. | |
| int32_t | HITLS_GetClientOnceVerifySupport (HITLS_Ctx *ctx, uint8_t *isSupport) |
| Query whether the client certificate can be requested only once. | |
| int32_t | HITLS_ClearRenegotiationNum (HITLS_Ctx *ctx, uint32_t *renegotiationNum) |
| Clears the renegotiation count. | |
| int32_t | HITLS_GetNegotiateGroup (const HITLS_Ctx *ctx, uint16_t *group) |
| Obtain the negotiated group information. | |
| int32_t | HITLS_SetEncryptThenMac (HITLS_Ctx *ctx, uint32_t encryptThenMacType) |
| Setting the Encrypt-Then-Mac mode. | |
| int32_t | HITLS_GetEncryptThenMac (const HITLS_Ctx *ctx, uint32_t *encryptThenMacType) |
| Obtains the Encrypt-Then-Mac type | |
| int32_t | HITLS_SetServerName (HITLS_Ctx *ctx, uint8_t *serverName, uint32_t serverNameStrlen) |
| Setting the value of server_name. | |
| int32_t | HITLS_SetCipherServerPreference (HITLS_Ctx *ctx, bool isSupport) |
| The algorithm suite can be preferentially selected from the algorithm list supported by the server. | |
| int32_t | HITLS_GetCipherServerPreference (const HITLS_Ctx *ctx, bool *isSupport) |
| Obtains whether the current cipher suite supports preferential selection from the list of algorithms supported by the server. | |
| int32_t | HITLS_SetRenegotiationSupport (HITLS_Ctx *ctx, bool isSupport) |
| Sets whether to support renegotiation. | |
| int32_t | HITLS_SetSessionTicketSupport (HITLS_Ctx *ctx, bool isSupport) |
| Sets whether to support session tickets. | |
| int32_t | HITLS_GetSessionTicketSupport (const HITLS_Ctx *ctx, uint8_t *isSupport) |
| Check whether the session ticket is supported. | |
| int32_t | HITLS_SetFlightTransmitSwitch (HITLS_Ctx *ctx, uint8_t isEnable) |
| Sets whether to send handshake messages by flight distance. | |
| int32_t | HITLS_GetFlightTransmitSwitch (const HITLS_Ctx *ctx, uint8_t *isEnable) |
| Obtains the status of whether to send handshake information according to the flight distance. | |
| int32_t | HITLS_GetAllAsyncFds (HITLS_Ctx *ctx, int *fd, int *fdNums) |
| Obtains all asynchronous fd. | |
| int32_t | HITLS_get_ex_data_X509_STORE_CTX_idx (void) |
| Obtains the certificate-based user data index number. | |
| int32_t | HITLS_SetMaxCertList (HITLS_Ctx *ctx, uint32_t maxSize) |
| Sets the maximum size of the certificate chain that can be sent from the peer end. | |
| int32_t | HITLS_GetMaxCertList (const HITLS_Ctx *ctx, uint32_t *maxSize) |
| Obtains the maximum size of the certificate chain that can be sent by the peer end. | |
| int32_t | HITLS_VerifyClientPostHandshake (HITLS_Ctx *ctx) |
| This interface is valid only on the server. When the post-handshake command is configured, the client identity is verified through this interface. | |
| void * | HITLS_CFG_GetConfigUserData (const HITLS_Config *config) |
| Obtain the user data from the HiTLS Config object. Generally, this function is called during the callback registered with the HiTLS. | |
| int32_t | HITLS_CFG_SetConfigUserData (HITLS_Config *config, void *userData) |
| User data is stored in the HiTLS Config. The user data can be obtained from the callback registered with the HiTLS. | |
| int32_t | HITLS_CFG_SetConfigUserDataFreeCb (HITLS_Config *config, HITLS_ConfigUserDataFreeCb callback) |
| Sets the UserData free callback | |
详细描述
TLS parameter configuration
