32#define HITLS_VERSION_TLCP11 0x0101u
38#define HITLS_TLS_ANY_VERSION 0x03ffu
44#define HITLS_VERSION_SSL30 0x0300u
50#define HITLS_VERSION_TLS10 0x0301u
56#define HITLS_VERSION_TLS11 0x0302u
62#define HITLS_VERSION_TLS12 0x0303u
68#define HITLS_VERSION_TLS13 0x0304u
74#define HITLS_VERSION_TLS_MAJOR 0x03u
80#define HITLS_DTLS_ANY_VERSION 0xfe00u
86#define HITLS_VERSION_DTLS12 0xfefdu
92#define HITLS_CFG_MAX_SIZE 1024
98#define TLS13_CIPHERSUITES_MAX_LEN 80
227#ifndef HITLS_NO_TLCP11
746#define HITLS_CONTINUE_HANDHSAKE 1
748#define HITLS_ALERT_HANDSHAKE 0
uint64_t(* HITLS_RecordPaddingCb)(HITLS_Ctx *ctx, int32_t type, uint64_t length, void *arg)
Definition hitls_config.h:1174
HITLS_MacAlgo
MAC algorithm enumerated value
Definition hitls_crypt_type.h:94
void HITLS_CRYPT_Key
Key handle, which is converted into the corresponding structure based on the algorithm library used b...
Definition hitls_crypt_type.h:29
HITLS_KeyExchAlgo
Key exchange algorithm enumerated value
Definition hitls_crypt_type.h:126
HITLS_HashAlgo
Hash algorithm enumeration
Definition hitls_crypt_type.h:77
HITLS_CipherAlgo
Enumerated value of the symmetric encryption algorithm.
Definition hitls_crypt_type.h:58
HITLS_AuthAlgo
Enumerated value of the authentication algorithm
Definition hitls_crypt_type.h:111
int32_t HITLS_CFG_SetConfigUserDataFreeCb(HITLS_Config *config, HITLS_ConfigUserDataFreeCb callback)
Sets the UserData free callback
void * HITLS_CFG_GetConfigUserData(const HITLS_Config *config)
Obtain the user data from the HiTLS Config object. Generally, this function is called during the call...
void(* HITLS_ConfigUserDataFreeCb)(void *)
UserData free callback
Definition hitls_config.h:1070
int32_t HITLS_CFG_SetConfigUserData(HITLS_Config *config, void *userData)
User data is stored in the HiTLS Config. The user data can be obtained from the callback registered w...
HITLS_TrustedCAType
Trusted CA ID Type
Definition hitls_cert_type.h:189
HITLS_Config * HITLS_CFG_NewTLCPConfig(void)
Create TLCP configuration items, including default settings.
int32_t HITLS_CFG_GetMinVersion(const HITLS_Config *config, uint16_t *minVersion)
Obtaining the Minimum Supported Version Number
int32_t HITLS_CFG_GetMiniaturizationSwitch(const HITLS_Config *config, uint8_t *isEnable)
Obtain whether to enable the miniaturization function. By default, the miniaturization function is di...
int32_t HITLS_CFG_GetMaxCertList(const HITLS_Config *config, uint32_t *maxSize)
Obtain the maximum size of the certificate chain that can be sent by the peer end.
int32_t HITLS_CFG_GetVerifyNoneSupport(HITLS_Config *config, uint8_t *isSupport)
Query whether not perform dual-ended verification is supported
int32_t HITLS_CFG_SetRecordPaddingCb(HITLS_Config *config, HITLS_RecordPaddingCb callback)
Set the RecordPadding callback.
int32_t HITLS_CFG_SetVersionForbid(HITLS_Config *config, uint32_t noVersion)
Setting the disabled version number.
int32_t HITLS_CFG_GetVersionSupport(const HITLS_Config *config, uint32_t *version)
Obtain the supported version number.
int32_t HITLS_CFG_GetKeyExchId(const HITLS_Cipher *cipher, HITLS_KeyExchAlgo *kxAlg)
Obtain the key exchange algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetCipherSuite(const HITLS_Cipher *cipher, uint16_t *cipherSuite)
Obtain the encryption ID in the cipher suite.
HITLS_Config * HITLS_CFG_NewDTLSConfig(void)
Create full DTLS configurations. The HITLS_CFG_SetXXX interface can be called to modify the DTLS conf...
const uint8_t * HITLS_CFG_GetCipherSuiteStdName(const HITLS_Cipher *cipher)
Obtain the RFC standard name of the cipher suite based on the cipher suite.
HITLS_Config * HITLS_CFG_NewTLSConfig(void)
Create full TLS configurations. The HITLS_CFG_SetXXX interface can be used to modify the configuratio...
HITLS_Config * HITLS_CFG_NewTLS13Config(void)
Creates the default TLS13 configuration.
int32_t HITLS_CFG_SetNoSecRenegotiationCb(HITLS_Config *config, HITLS_NoSecRenegotiationCb callback)
Set the callback function when the peer end does not support security renegotiation.
int32_t HITLS_CFG_SetPostHandshakeAuthSupport(HITLS_Config *config, bool support)
Setting whether to support post-handshake auth takes effect only for TLS1.3. client: If the client su...
int32_t HITLS_CFG_SetQuietShutdown(HITLS_Config *config, int32_t mode)
Set the quiet disconnection mode.
int32_t HITLS_CFG_IsDtls(const HITLS_Config *config, uint8_t *isDtls)
Determine whether to use DTLS.
int32_t HITLS_CFG_GetHashId(const HITLS_Cipher *cipher, HITLS_HashAlgo *hashAlg)
Obtain the hash algorithm type based on the cipher suite.
HITLS_Config * HITLS_CFG_NewDTLS12Config(void)
Create DTLS12 configuration items, including the default settings. The user can call the HITLS_CFG_Se...
int32_t HITLS_CFG_SetCipherSuites(HITLS_Config *config, const uint16_t *cipherSuites, uint32_t cipherSuitesSize)
Set the supported key suites. The sequence of the key suites affects the priority of the selected key...
HITLS_TrustedCAList * HITLS_CFG_GetCAList(const HITLS_Config *config)
Obtain the CA list.
int32_t HITLS_CFG_GetEncryptThenMac(const HITLS_Config *config, uint32_t *encryptThenMacType)
Obtain the Encrypt-Then-Mac type.
int32_t HITLS_CFG_SetCloseCheckKeyUsage(HITLS_Config *config, bool isClose)
Disables the verification of keyusage in the certificate. This function is enabled by default.
int32_t HITLS_CFG_SetVersionSupport(HITLS_Config *config, uint32_t version)
Set the supported version number.
int32_t HITLS_CFG_SetRenegotiationSupport(HITLS_Config *config, bool support)
Set whether to support renegotiation.
int32_t HITLS_CFG_SetGroups(HITLS_Config *config, const uint16_t *groups, uint32_t groupsSize)
Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_Nam...
int32_t HITLS_CFG_SetRecordPaddingCbArg(HITLS_Config *config, void *arg)
Sets the parameters arg required by the RecordPadding callback function.
int32_t HITLS_CFG_SetEncryptThenMac(HITLS_Config *config, uint32_t encryptThenMacType)
Set the Encrypt-Then-Mac mode.
int32_t HITLS_CFG_ClearTLS13CipherSuites(HITLS_Config *config)
Clear the TLS1.3 cipher suite.
const HITLS_Cipher * HITLS_CFG_GetCipherByID(uint16_t cipherSuite)
Obtain the cipher suite pointer based on the cipher suite ID.
int32_t HITLS_CFG_GetNoClientCertSupport(HITLS_Config *config, uint8_t *isSupport)
Query whether support there is no client certificate. This parameter takes effect only when the clien...
int32_t HITLS_CFG_SetVersion(HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
Set the supported version number range.
int32_t HITLS_CFG_SetExtenedMasterSecretSupport(HITLS_Config *config, bool support)
Sets whether to forcibly support extended master keys.
void HITLS_CFG_FreeConfig(HITLS_Config *config)
Release the config file.
void * HITLS_CFG_GetRecordPaddingCbArg(HITLS_Config *config)
Obtains the parameter arg required by the RecordPadding callback function.
int32_t HITLS_CFG_GetCipherId(const HITLS_Cipher *cipher, HITLS_CipherAlgo *cipherAlg)
Obtain the symmetric encryption algorithm type based on the cipher suite.
int32_t(* HITLS_NoSecRenegotiationCb)(HITLS_Ctx *ctx)
Callback function when the peer end does not support security renegotiation
Definition hitls_config.h:783
int32_t HITLS_CFG_GetPostHandshakeAuthSupport(HITLS_Config *config, uint8_t *isSupport)
Query whether the post-handshake AUTH function is supported.
int32_t HITLS_CFG_SetSignature(HITLS_Config *config, const uint16_t *signAlgs, uint16_t signAlgsSize)
Set the signature algorithms supported during negotiation. The signature algorithms supported by the ...
HITLS_RecordPaddingCb HITLS_CFG_GetRecordPaddingCb(HITLS_Config *config)
Obtains the RecordPadding callback function.
int32_t HITLS_CFG_GetAuthId(const HITLS_Cipher *cipher, HITLS_AuthAlgo *authAlg)
Obtain the server authorization algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetRenegotiationSupport(const HITLS_Config *config, uint8_t *isSupport)
Query whether renegotiation is supported.
int32_t HITLS_CFG_SetVerifyNoneSupport(HITLS_Config *config, bool support)
Sets whether to support not perform dual-ended verification
int32_t HITLS_CFG_SetNeedCheckPmsVersion(HITLS_Config *config, bool needCheck)
This interface is used to verify the version in the premaster secret. This interface takes effect on ...
int32_t HITLS_CFG_GetDescription(const HITLS_Cipher *cipher, uint8_t *buf, int32_t len)
Outputs the description of the cipher suite as a string.
int32_t HITLS_CFG_SetKeyExchMode(HITLS_Config *config, uint32_t mode)
Set the key exchange mode, which is used by TLS1.3.
int32_t HITLS_CFG_SetResumptionOnRenegoSupport(HITLS_Config *config, bool support)
Set whether to support session restoration during renegotiation.By default, session restoration is no...
uint32_t HITLS_CFG_GetKeyExchMode(HITLS_Config *config)
Obtain the key exchange mode, which is used by TLS1.3.
HITLS_Config * HITLS_CFG_NewTLS12Config(void)
Create a TLS12 configuration item, including the default configuration.
int32_t HITLS_CFG_SetClientHelloCb(HITLS_Config *config, HITLS_ClientHelloCb callback, void *arg)
Set the cookie verification callback on the server.
int32_t HITLS_CFG_UpRef(HITLS_Config *config)
The reference counter of config increases by 1.
int32_t HITLS_CFG_GetQuietShutdown(const HITLS_Config *config, int32_t *mode)
Obtain the current quiet disconnection mode.
int32_t HITLS_CFG_SetClientVerifySupport(HITLS_Config *config, bool support)
Sets whether to verify the client certificate. Client: This setting has no impact Server: The certifi...
int32_t HITLS_CFG_AddCAIndication(HITLS_Config *config, HITLS_TrustedCAType caType, const uint8_t *data, uint32_t len)
Add the CA indicator, which is used when the peer certificate is requested.
int32_t(* HITLS_ClientHelloCb)(HITLS_Ctx *ctx, int32_t *alert, void *arg)
ClientHello callback prototype for the server to process the callback.
Definition hitls_config.h:759
const uint8_t * HITLS_CFG_GetCipherSuiteName(const HITLS_Cipher *cipher)
Obtain the cipher suite name based on the cipher suite.
int32_t HITLS_CFG_GetCipherVersion(const HITLS_Cipher *cipher, int32_t *version)
Obtain the earliest TLS version supported by the cipher suite based on the cipher suite.
int32_t HITLS_CFG_GetDhAutoSupport(HITLS_Config *config, uint8_t *isSupport)
Query whether the DH parameter can be automatically selected by the user. If yes, the DH parameter wi...
int32_t HITLS_CFG_SetTmpDh(HITLS_Config *config, HITLS_CRYPT_Key *dhPkey)
Set the DH parameter specified by the user.
int32_t HITLS_CIPHER_IsAead(const HITLS_Cipher *cipher, uint8_t *isAead)
Determine whether to use the AEAD algorithm based on the cipher suite information.
int32_t HITLS_CFG_GetClientOnceVerifySupport(HITLS_Config *config, uint8_t *isSupport)
Query whether request client certificate only once is supported
int32_t HITLS_CFG_GetMacId(const HITLS_Cipher *cipher, HITLS_MacAlgo *macAlg)
Obtain the MAC algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetMaxVersion(const HITLS_Config *config, uint16_t *maxVersion)
Obtaining the Maximum supported version number
int32_t HITLS_CFG_GetCipherServerPreference(const HITLS_Config *config, bool *isSupport)
Obtains whether the current cipher suite supports preferential selection from the list of algorithms ...
int32_t HITLS_CFG_GetExtenedMasterSecretSupport(HITLS_Config *config, uint8_t *isSupport)
Query whether extended master keys are supported.
int32_t HITLS_CFG_GetFlightTransmitSwitch(const HITLS_Config *config, uint8_t *isEnable)
Obtains the status of whether to send handshake information according to the route.
int32_t HITLS_CFG_SetClientOnceVerifySupport(HITLS_Config *config, bool support)
Set whether request client certificate only once is supported
int32_t HITLS_CFG_SetMaxCertList(HITLS_Config *config, uint32_t maxSize)
Set the maximum size of the certificate chain that can be sent by the peer end.
int32_t HITLS_CFG_GetClientVerifySupport(HITLS_Config *config, uint8_t *isSupport)
Query whether the client certificate can be verified.
int32_t HITLS_CFG_SetDhAutoSupport(HITLS_Config *config, bool support)
Set whether the DH parameter can be automatically selected by users.
HITLS_CipherSuite
enumerate ciphersuites supported by HITLS with IANA coding
Definition hitls_config.h:104
@ HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:177
@ HITLS_DHE_RSA_WITH_AES_128_CCM
Definition hitls_config.h:167
@ HITLS_DHE_DSS_WITH_AES_256_CBC_SHA
Definition hitls_config.h:110
@ HITLS_RSA_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:127
@ HITLS_AES_128_CCM_8_SHA256
Definition hitls_config.h:192
@ HITLS_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:190
@ HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:163
@ HITLS_RSA_WITH_AES_256_CBC_SHA256
Definition hitls_config.h:114
@ HITLS_RSA_WITH_AES_256_CBC_SHA
Definition hitls_config.h:109
@ HITLS_PSK_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:141
@ HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:154
@ HITLS_DHE_PSK_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:144
@ HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Definition hitls_config.h:147
@ HITLS_PSK_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:135
@ HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:164
@ HITLS_RSA_PSK_WITH_AES_256_CBC_SHA
Definition hitls_config.h:126
@ HITLS_PSK_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:179
@ HITLS_RSA_PSK_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:146
@ HITLS_DH_ANON_WITH_AES_128_CBC_SHA
Definition hitls_config.h:108
@ HITLS_PSK_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:136
@ HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:131
@ HITLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:183
@ HITLS_DHE_DSS_WITH_AES_128_CBC_SHA
Definition hitls_config.h:106
@ HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:176
@ HITLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:181
@ HITLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
Definition hitls_config.h:185
@ HITLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:184
@ HITLS_RSA_PSK_WITH_AES_128_CBC_SHA
Definition hitls_config.h:125
@ HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:157
@ HITLS_DH_ANON_WITH_AES_256_CBC_SHA
Definition hitls_config.h:112
@ HITLS_DHE_PSK_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:137
@ HITLS_ECDHE_ECDSA_WITH_AES_256_CCM
Definition hitls_config.h:175
@ HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
Definition hitls_config.h:161
@ HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Definition hitls_config.h:150
@ HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:153
@ HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Definition hitls_config.h:149
@ HITLS_DHE_PSK_WITH_AES_128_CBC_SHA
Definition hitls_config.h:123
@ HITLS_DHE_PSK_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:138
@ HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:160
@ HITLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Definition hitls_config.h:118
@ HITLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:182
@ HITLS_ECDH_ANON_WITH_AES_256_CBC_SHA
Definition hitls_config.h:152
@ HITLS_RSA_WITH_AES_128_CBC_SHA
Definition hitls_config.h:105
@ HITLS_DH_ANON_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:133
@ HITLS_RSA_WITH_AES_256_CCM_8
Definition hitls_config.h:170
@ HITLS_DH_ANON_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:119
@ HITLS_DHE_PSK_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:143
@ HITLS_DHE_RSA_WITH_AES_128_CBC_SHA
Definition hitls_config.h:107
@ HITLS_DHE_PSK_WITH_AES_128_CCM
Definition hitls_config.h:172
@ HITLS_AES_128_CCM_SHA256
Definition hitls_config.h:191
@ HITLS_ECDHE_ECDSA_WITH_AES_128_CCM
Definition hitls_config.h:174
@ HITLS_ECDH_ANON_WITH_AES_128_CBC_SHA
Definition hitls_config.h:151
@ HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:158
@ HITLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Definition hitls_config.h:117
@ HITLS_RSA_PSK_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:145
@ HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
Definition hitls_config.h:162
@ HITLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:180
@ HITLS_PSK_WITH_AES_128_CBC_SHA
Definition hitls_config.h:121
@ HITLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:115
@ HITLS_RSA_PSK_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:140
@ HITLS_PSK_WITH_AES_256_CBC_SHA
Definition hitls_config.h:122
@ HITLS_PSK_WITH_AES_256_CCM
Definition hitls_config.h:171
@ HITLS_AES_256_GCM_SHA384
Definition hitls_config.h:189
@ HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:132
@ HITLS_RSA_WITH_AES_256_CCM
Definition hitls_config.h:166
@ HITLS_DHE_PSK_WITH_AES_256_CCM
Definition hitls_config.h:173
@ HITLS_RSA_PSK_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:139
@ HITLS_DHE_RSA_WITH_AES_256_CBC_SHA
Definition hitls_config.h:111
@ HITLS_RSA_WITH_AES_128_CCM
Definition hitls_config.h:165
@ HITLS_AES_128_GCM_SHA256
Definition hitls_config.h:188
@ HITLS_RSA_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:113
@ HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Definition hitls_config.h:178
@ HITLS_RSA_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:128
@ HITLS_DHE_RSA_WITH_AES_256_CCM
Definition hitls_config.h:168
@ HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Definition hitls_config.h:148
@ HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:129
@ HITLS_PSK_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:142
@ HITLS_DH_ANON_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:134
@ HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:155
@ HITLS_ECDHE_SM4_CBC_SM3
Definition hitls_config.h:194
@ HITLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Definition hitls_config.h:116
@ HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Definition hitls_config.h:156
@ HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Definition hitls_config.h:159
@ HITLS_RSA_WITH_AES_128_CCM_8
Definition hitls_config.h:169
@ HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Definition hitls_config.h:130
@ HITLS_DH_ANON_WITH_AES_256_CBC_SHA256
Definition hitls_config.h:120
@ HITLS_ECC_SM4_CBC_SM3
Definition hitls_config.h:195
@ HITLS_DHE_PSK_WITH_AES_256_CBC_SHA
Definition hitls_config.h:124
int32_t HITLS_CFG_SetNoClientCertSupport(HITLS_Config *config, bool support)
Sets whether to allow the client certificate to be empty. This parameter takes effect only when clien...
int32_t HITLS_CFG_SetCipherServerPreference(HITLS_Config *config, bool isSupport)
cipher suites are preferentially selected from the list of algorithms supported by the server.
int32_t HITLS_CFG_SetEcPointFormats(HITLS_Config *config, const uint8_t *pointFormats, uint32_t pointFormatsSize)
Set the format of the ec point.
int32_t HITLS_CFG_SetFlightTransmitSwitch(HITLS_Config *config, uint8_t isEnable)
Set whether to send handshake messages by route.
struct TlsCtx HITLS_Ctx
HITLS context
Definition hitls_type.h:28
struct TlsConfig HITLS_Config
config context
Definition hitls_type.h:34
struct TlsCipherSuiteInfo HITLS_Cipher
cipherSuite information
Definition hitls_type.h:40
