API参考
载入中...
搜索中...
未找到
Hitls_cert_reg

Certificate related interfaces to be registered 更多...

struct  HITLS_CERT_MgrMethod
 Structure for certificate management methods 更多...
struct  HITLS_CRYPT_BaseMethod
 Callback function that must be registered 更多...

类型定义

typedef HITLS_CERT_Store *(* CERT_StoreNewCallBack) (void)
 Create a certificate store
typedef HITLS_CERT_Store *(* CERT_StoreDupCallBack) (HITLS_CERT_Store *store)
 Duplicate the certificate store.
typedef void(* CERT_StoreFreeCallBack) (HITLS_CERT_Store *store)
 Release the certificate store.
typedef int32_t(* CERT_StoreCtrlCallBack) (HITLS_Config *config, HITLS_CERT_Store *store, HITLS_CERT_CtrlCmd cmd, void *input, void *output)
 ctrl interface
typedef int32_t(* CERT_BuildCertChainCallBack) (HITLS_Config *config, HITLS_CERT_Store *store, HITLS_CERT_X509 *cert, HITLS_CERT_X509 **certList, uint32_t *num)
 Create a certificate chain based on the device certificate in use.
typedef int32_t(* CERT_VerifyCertChainCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Store *store, HITLS_CERT_X509 **certList, uint32_t num)
 Verify the certificate chain
typedef int32_t(* CERT_CertEncodeCallBack) (HITLS_Ctx *ctx, HITLS_CERT_X509 *cert, uint8_t *buf, uint32_t len, uint32_t *usedLen)
 Encode the certificate in ASN.1 DER format.
typedef HITLS_CERT_X509 *(* CERT_CertParseCallBack) (HITLS_Config *config, const uint8_t *buf, uint32_t len, HITLS_ParseType type, HITLS_ParseFormat format)
 Read the certificate.
typedef HITLS_CERT_X509 *(* CERT_CertDupCallBack) (HITLS_CERT_X509 *cert)
 Duplicate the certificate.
typedef HITLS_CERT_X509 *(* CERT_CertRefCallBack) (HITLS_CERT_X509 *cert)
 Certificate reference counting plus one.
typedef void(* CERT_CertFreeCallBack) (HITLS_CERT_X509 *cert)
 Release the certificate.
typedef int32_t(* CERT_CertCtrlCallBack) (HITLS_Config *config, HITLS_CERT_X509 *cert, HITLS_CERT_CtrlCmd cmd, void *input, void *output)
 Ctrl interface
typedef HITLS_CERT_Key *(* CERT_KeyParseCallBack) (HITLS_Config *config, const uint8_t *buf, uint32_t len, HITLS_ParseType type, HITLS_ParseFormat format)
 Read the certificate key.
typedef HITLS_CERT_Key *(* CERT_KeyDupCallBack) (HITLS_CERT_Key *key)
 Duplicate the certificate key.
typedef void(* CERT_KeyFreeCallBack) (HITLS_CERT_Key *key)
 Release the certificate key.
typedef int32_t(* CERT_KeyCtrlCallBack) (HITLS_Config *config, HITLS_CERT_Key *key, HITLS_CERT_CtrlCmd cmd, void *input, void *output)
 Ctrl interface
typedef int32_t(* CERT_CreateSignCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, HITLS_SignAlgo signAlgo, HITLS_HashAlgo hashAlgo, const uint8_t *data, uint32_t dataLen, uint8_t *sign, uint32_t *signLen)
 Signature
typedef int32_t(* CERT_VerifySignCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, HITLS_SignAlgo signAlgo, HITLS_HashAlgo hashAlgo, const uint8_t *data, uint32_t dataLen, const uint8_t *sign, uint32_t signLen)
 Signature verification
typedef int32_t(* CERT_EncryptCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
 Encrypted by the certificate public key.
typedef int32_t(* CERT_DecryptCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
 Use the certificate private key to decrypt the data.
typedef int32_t(* CERT_CheckPrivateKeyCallBack) (HITLS_Config *config, HITLS_CERT_X509 *cert, HITLS_CERT_Key *key)
 Check whether the private key matches the certificate.

函数

int32_t SAL_CERT_KeyEncrypt (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
 Encrypted by the certificate public key, which is used for the RSA cipher suite.
int32_t SAL_CERT_KeyDecrypt (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
 Use the certificate private key to decrypt, which is used for the RSA cipher suite.
uint8_t * SAL_CERT_SrvrGmEncodeEncCert (HITLS_Ctx *ctx, uint32_t *useLen)
 Encoded content of the TLCP encryption certificate obtained by the server.
uint8_t * SAL_CERT_ClntGmEncodeEncCert (HITLS_Ctx *ctx, CERT_Pair *peerCert, uint32_t *useLen)
 The client obtains the encoded content of the TLCP encryption certificate.
bool SAL_CERT_CheckCertKeyUsage (HITLS_Ctx *ctx, HITLS_CERT_X509 *cert, HITLS_CERT_CtrlCmd keyusage)
 Check whether the certificate is an encrypted certificate, a digital signature, or a permission to issue the certificate.
int32_t SAL_CERT_CheckKeySecbits (HITLS_Ctx *ctx, HITLS_CERT_X509 *cert, HITLS_CERT_Key *key)
 Check the secbits of key
int32_t HITLS_CERT_RegisterMgrMethod (HITLS_CERT_MgrMethod *method)
 Callback function related to certificate registration
void HITLS_CERT_DeinitMgrMethod (void)
 Certificate deregistration callback function
int32_t HITLS_CFG_SetCheckPriKeyCb (HITLS_Config *config, CERT_CheckPrivateKeyCallBack checkPrivateKey)
 Register the private key with the config file and certificate matching Check Interface.
CERT_CheckPrivateKeyCallBack HITLS_CFG_GetCheckPriKeyCb (HITLS_Config *config)
 Interface for obtaining the registered private key and certificate matching check
HITLS_CERT_MgrMethodHITLS_CERT_GetMgrMethod (void)
 Get certificate callback function

详细描述

Certificate related interfaces to be registered

类型定义说明

◆ CERT_BuildCertChainCallBack

typedef int32_t(* CERT_BuildCertChainCallBack) (HITLS_Config *config, HITLS_CERT_Store *store, HITLS_CERT_X509 *cert, HITLS_CERT_X509 **certList, uint32_t *num)

Create a certificate chain based on the device certificate in use.

注意
If the function is successful, the certificate in the certificate chain is managed by the HiTLS, and the user does not need to release the memory. Otherwise, the certificate chain is an empty pointer array.
参数
config[IN] TLS link configuration
store[IN] Certificate store
cert[IN] Device certificate
certList[OUT] Certificate chain, which is a pointer array. Each element indicates a certificate. The first element is the device certificate.
num[IN/OUT] IN: maximum length of the certificate chain OUT: length of the certificate chain
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_CertCtrlCallBack

typedef int32_t(* CERT_CertCtrlCallBack) (HITLS_Config *config, HITLS_CERT_X509 *cert, HITLS_CERT_CtrlCmd cmd, void *input, void *output)

Ctrl interface

参数
config[IN] TLS link configuration
cert[IN] Certificate
cmd[IN] Ctrl option
input[IN] Input
output[IN] Output
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_CertDupCallBack

typedef HITLS_CERT_X509 *(* CERT_CertDupCallBack) (HITLS_CERT_X509 *cert)

Duplicate the certificate.

参数
cert[IN] Certificate
返回
New certificate, the memory is released using CERT_CertFreeCallBack.

◆ CERT_CertEncodeCallBack

typedef int32_t(* CERT_CertEncodeCallBack) (HITLS_Ctx *ctx, HITLS_CERT_X509 *cert, uint8_t *buf, uint32_t len, uint32_t *usedLen)

Encode the certificate in ASN.1 DER format.

参数
ctx[IN] TLS link object.
cert[IN] Certificate.
buf[OUT] Certificate encoding data.
len[IN] Maximum encoding length.
usedLen[OUT] Actual encoding length.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_CertFreeCallBack

typedef void(* CERT_CertFreeCallBack) (HITLS_CERT_X509 *cert)

Release the certificate.

参数
cert[IN] Certificate
返回
void

◆ CERT_CertParseCallBack

typedef HITLS_CERT_X509 *(* CERT_CertParseCallBack) (HITLS_Config *config, const uint8_t *buf, uint32_t len, HITLS_ParseType type, HITLS_ParseFormat format)

Read the certificate.

注意
If the data is loaded to config, config points to the TLS configuration. If the data is loaded to the TLS object, the config command is used only for a single link.
参数
config[IN] TLS link configuration, which can be used to obtain the passwd callback.
buf[IN] Certificate data.
len[IN] Certificate data length.
type[IN] Parsing type.
format[IN] Data format.
返回
Certificate

◆ CERT_CertRefCallBack

typedef HITLS_CERT_X509 *(* CERT_CertRefCallBack) (HITLS_CERT_X509 *cert)

Certificate reference counting plus one.

参数
cert[IN] Certificate
返回
certificate, the memory is released using CERT_CertFreeCallBack.

◆ CERT_CheckPrivateKeyCallBack

typedef int32_t(* CERT_CheckPrivateKeyCallBack) (HITLS_Config *config, HITLS_CERT_X509 *cert, HITLS_CERT_Key *key)

Check whether the private key matches the certificate.

参数
config[IN] TLS link configuration.
cert[IN] Certificate.
key[IN] Private key.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_CreateSignCallBack

typedef int32_t(* CERT_CreateSignCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, HITLS_SignAlgo signAlgo, HITLS_HashAlgo hashAlgo, const uint8_t *data, uint32_t dataLen, uint8_t *sign, uint32_t *signLen)

Signature

参数
ctx[IN] TLS link object
key[IN] Certificate private key
signAlgo[IN] Signature algorithm
hashAlgo[IN] Hash algorithm
data[IN] Data to be signed
dataLen[IN] Data length
sign[OUT] Signature
signLen[IN/OUT] IN: maximum signature length OUT: actual signature length
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_DecryptCallBack

typedef int32_t(* CERT_DecryptCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)

Use the certificate private key to decrypt the data.

参数
ctx[IN] TLS link object.
key[IN] Certificate private key.
in[IN] Ciphertext.
inLen[IN] Ciphertext length.
out[OUT] Plaintext.
outLen[IN/OUT] IN: maximum plaintext length OUT: actual plaintext length.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_EncryptCallBack

typedef int32_t(* CERT_EncryptCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)

Encrypted by the certificate public key.

参数
ctx[IN] TLS link object.
key[IN] Certificate public key.
in[IN] Plaintext.
inLen[IN] Plaintext length.
out[OUT] Ciphertext.
outLen[IN/OUT] IN: maximum ciphertext length OUT: actual ciphertext length.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_KeyCtrlCallBack

typedef int32_t(* CERT_KeyCtrlCallBack) (HITLS_Config *config, HITLS_CERT_Key *key, HITLS_CERT_CtrlCmd cmd, void *input, void *output)

Ctrl interface

参数
config[IN] TLS link configuration.
key[IN] Certificate key.
cmd[IN] Ctrl option.
input[IN] Input.
output[IN] Output.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_KeyDupCallBack

typedef HITLS_CERT_Key *(* CERT_KeyDupCallBack) (HITLS_CERT_Key *key)

Duplicate the certificate key.

参数
key[IN] Certificate key
返回
New certificate key, the memory is released using CERT_KeyFreeCallBack.

◆ CERT_KeyFreeCallBack

typedef void(* CERT_KeyFreeCallBack) (HITLS_CERT_Key *key)

Release the certificate key.

参数
key[IN] Certificate key
返回
void

◆ CERT_KeyParseCallBack

typedef HITLS_CERT_Key *(* CERT_KeyParseCallBack) (HITLS_Config *config, const uint8_t *buf, uint32_t len, HITLS_ParseType type, HITLS_ParseFormat format)

Read the certificate key.

注意
If the data is loaded to config, config points to the TLS configuration. If the data is loaded to the TLS object, the config command applies only to a single link.
参数
config[IN] LTS link configuration, which can be used to obtain the passwd callback.
buf[IN] Private key data
len[IN] Data length
type[IN] Parsing type
format[IN] Data format
返回
Certificate key

◆ CERT_StoreCtrlCallBack

typedef int32_t(* CERT_StoreCtrlCallBack) (HITLS_Config *config, HITLS_CERT_Store *store, HITLS_CERT_CtrlCmd cmd, void *input, void *output)

ctrl interface

参数
config[IN] TLS link configuration.
store[IN] Certificate store.
cmd[IN] Ctrl option.
input[IN] Input.
output[IN] Output.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_StoreDupCallBack

typedef HITLS_CERT_Store *(* CERT_StoreDupCallBack) (HITLS_CERT_Store *store)

Duplicate the certificate store.

参数
store[IN] Certificate store.
返回
New certificate store, the memory is released using CERT_StoreFreeCallBack.

◆ CERT_StoreFreeCallBack

typedef void(* CERT_StoreFreeCallBack) (HITLS_CERT_Store *store)

Release the certificate store.

参数
store[IN] Certificate store.
返回
void

◆ CERT_StoreNewCallBack

typedef HITLS_CERT_Store *(* CERT_StoreNewCallBack) (void)

Create a certificate store

参数
void
返回
Certificate store, the memory is released using CERT_StoreFreeCallBack.

◆ CERT_VerifyCertChainCallBack

typedef int32_t(* CERT_VerifyCertChainCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Store *store, HITLS_CERT_X509 **certList, uint32_t num)

Verify the certificate chain

参数
ctx[IN] TLS link object
store[IN] Certificate store.
certList[IN] Certificate chain, a pointer array, each element indicates a certificate. The first element indicates the device certificate.
num[IN] Certificate chain length.
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

◆ CERT_VerifySignCallBack

typedef int32_t(* CERT_VerifySignCallBack) (HITLS_Ctx *ctx, HITLS_CERT_Key *key, HITLS_SignAlgo signAlgo, HITLS_HashAlgo hashAlgo, const uint8_t *data, uint32_t dataLen, const uint8_t *sign, uint32_t signLen)

Signature verification

参数
ctx[IN] TLS link object
key[IN] Certificate public key
signAlgo[IN] Signature algorithm
hashAlgo[IN] Hash algorithm
data[IN] Data to be signed
dataLen[IN] Data length
sign[IN] Signature
signLen[IN] Signature length
返回
HITLS_SUCCESS indicates success. Other values are considered as failure.

函数说明

◆ HITLS_CERT_DeinitMgrMethod()

void HITLS_CERT_DeinitMgrMethod ( void )

Certificate deregistration callback function

参数
method[IN] Callback function
返回值

◆ HITLS_CERT_GetMgrMethod()

HITLS_CERT_MgrMethod * HITLS_CERT_GetMgrMethod ( void )

Get certificate callback function

返回
Cert callback function

◆ HITLS_CERT_RegisterMgrMethod()

int32_t HITLS_CERT_RegisterMgrMethod ( HITLS_CERT_MgrMethod * method)

Callback function related to certificate registration

参数
method[IN] Callback function
返回值
HITLS_SUCCESS,succeeded.
HITLS_NULL_INPUT,thecallback function is NULL.

◆ HITLS_CFG_GetCheckPriKeyCb()

CERT_CheckPrivateKeyCallBack HITLS_CFG_GetCheckPriKeyCb ( HITLS_Config * config)

Interface for obtaining the registered private key and certificate matching check

参数
config[IN] Config context
返回值
Theinterface for checking whether the registered private key matches the certificate is returned. If the registered private key does not match the certificate, NULL is returned.

◆ HITLS_CFG_SetCheckPriKeyCb()

int32_t HITLS_CFG_SetCheckPriKeyCb ( HITLS_Config * config,
CERT_CheckPrivateKeyCallBack checkPrivateKey )

Register the private key with the config file and certificate matching Check Interface.

参数
config[IN/OUT] Config context
checkPrivateKey[IN] API registration
返回值
HITLS_SUCCESS.
Forother error codes, see hitls_error.h.

◆ SAL_CERT_CheckCertKeyUsage()

bool SAL_CERT_CheckCertKeyUsage ( HITLS_Ctx * ctx,
HITLS_CERT_X509 * cert,
HITLS_CERT_CtrlCmd keyusage )

Check whether the certificate is an encrypted certificate, a digital signature, or a permission to issue the certificate.

参数
ctx[IN] tls Context
cert[IN] Certificate to be verified
返回值
trueindicates that is the encryption certificate.

◆ SAL_CERT_CheckKeySecbits()

int32_t SAL_CERT_CheckKeySecbits ( HITLS_Ctx * ctx,
HITLS_CERT_X509 * cert,
HITLS_CERT_Key * key )

Check the secbits of key

参数
ctx[IN] tls Context
cert[IN] Certificate
key[IN] key
返回值
HITLS_SUCCESSsucceeded.
Forother error codes, see hitls_error.h.

◆ SAL_CERT_ClntGmEncodeEncCert()

uint8_t * SAL_CERT_ClntGmEncodeEncCert ( HITLS_Ctx * ctx,
CERT_Pair * peerCert,
uint32_t * useLen )

The client obtains the encoded content of the TLCP encryption certificate.

参数
ctx[IN] tls Context
peerCert[IN] Peer certificate information
outLen[OUT] OUT: length after encoding
返回值
Encodedcontent

◆ SAL_CERT_KeyDecrypt()

int32_t SAL_CERT_KeyDecrypt ( HITLS_Ctx * ctx,
HITLS_CERT_Key * key,
const uint8_t * in,
uint32_t inLen,
uint8_t * out,
uint32_t * outLen )

Use the certificate private key to decrypt, which is used for the RSA cipher suite.

参数
ctx[IN] tls Context
key[IN] Certificate private key
in[IN] Ciphertext
inLen[IN] length of ciphertext
out[IN] Plaintext
outLen[IN/OUT] IN: Maximum length of plaintext padding. OUT: Plaintext length
返回值
HITLS_SUCCESSsucceeded

◆ SAL_CERT_KeyEncrypt()

int32_t SAL_CERT_KeyEncrypt ( HITLS_Ctx * ctx,
HITLS_CERT_Key * key,
const uint8_t * in,
uint32_t inLen,
uint8_t * out,
uint32_t * outLen )

Encrypted by the certificate public key, which is used for the RSA cipher suite.

参数
ctx[IN] tls Context
key[IN] Certificate public key
in[IN] Plaintext
inLen[IN] length of plaintext
out[IN] Ciphertext
outLen[IN/OUT] IN: Maximum length of the ciphertext padding. OUT: Length of the ciphertext
返回值
HITLS_SUCCESSsucceeded

◆ SAL_CERT_SrvrGmEncodeEncCert()

uint8_t * SAL_CERT_SrvrGmEncodeEncCert ( HITLS_Ctx * ctx,
uint32_t * useLen )

Encoded content of the TLCP encryption certificate obtained by the server.

参数
ctx[IN] tls Context
outLen[OUT] OUT: length after encoding
返回值
Encodedcontent