TLS parameter configuration 更多...

Hitls_config 的协作图:

宏定义
#define	HITLS_VERSION_TLCP_DTLCP11 0x0101u
	(D)TLCP 1.1 version
#define	HITLS_TLS_ANY_VERSION 0x03ffu
	TLS any version
#define	HITLS_VERSION_SSL30 0x0300u
	SSL3.0 version number
#define	HITLS_VERSION_TLS10 0x0301u
	TLS1.0 version number
#define	HITLS_VERSION_TLS11 0x0302u
	TLS1.1 version number
#define	HITLS_VERSION_TLS12 0x0303u
	TLS1.2 version
#define	HITLS_DTLS_ANY_VERSION 0xfe00u
	DTLS any version
#define	HITLS_VERSION_DTLS12 0xfefdu
	DTLS 1.2 version
#define	HITLS_CFG_MAX_SIZE 1024
	Maximum size of the configuration data
#define	TLS13_CIPHERSUITES_MAX_LEN 80
	Configure the maximum size of the TLS1_3 cipher suite
#define	HITLS_EMS_MODE_FORBID (-1)
	Extended Master Secret (EMS) mode - Forbidden The EMS extension is not supported.
#define	HITLS_EMS_MODE_PREFER (0)
	Extended Master Secret (EMS) mode - Prefer Send EMS extension and allow non-EMS connections.
#define	HITLS_EMS_MODE_FORCE (1)
	Extended Master Secret (EMS) mode - Force Require EMS negotiation, otherwise fail the handshake.

类型定义
typedef int32_t(*	HITLS_ClientHelloCb) (HITLS_Ctx ctx, int32_t alert, void *arg)
	ClientHello callback prototype for the server to process the callback.
typedef uint32_t(*	HITLS_DtlsTimerCb) (HITLS_Ctx *ctx, uint32_t us)
	DTLS callback prototype for obtaining the timeout interval
typedef void(*	HITLS_ConfigUserDataFreeCb) (void *)
	UserData free callback
typedef HITLS_CRYPT_Key (	HITLS_DhTmpCb) (HITLS_Ctx *ctx, int32_t isExport, uint32_t keyLen)
	Generate temporary DH key.
typedef uint64_t(*	HITLS_RecordPaddingCb) (HITLS_Ctx ctx, int32_t type, uint64_t length, void arg)
	Callback function for handling TLS record padding.

枚举
enum	HITLS_CipherSuite { HITLS_RSA_WITH_AES_128_CBC_SHA = 0x002F , HITLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032 , HITLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 , HITLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 , HITLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 , HITLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038 , HITLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 , HITLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A , HITLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C , HITLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D , HITLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040 , HITLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 , HITLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A , HITLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B , HITLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C , HITLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D , HITLS_PSK_WITH_AES_128_CBC_SHA = 0x008C , HITLS_PSK_WITH_AES_256_CBC_SHA = 0x008D , HITLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090 , HITLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091 , HITLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094 , HITLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095 , HITLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C , HITLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D , HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E , HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F , HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2 , HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3 , HITLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6 , HITLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7 , HITLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8 , HITLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9 , HITLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA , HITLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB , HITLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC , HITLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD , HITLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE , HITLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF , HITLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2 , HITLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3 , HITLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6 , HITLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7 , HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009 , HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A , HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013 , HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014 , HITLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018 , HITLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019 , HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023 , HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024 , HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027 , HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 , HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B , HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C , HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F , HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030 , HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035 , HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036 , HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037 , HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038 , HITLS_RSA_WITH_AES_128_CCM = 0xC09C , HITLS_RSA_WITH_AES_256_CCM = 0xC09D , HITLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E , HITLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F , HITLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0 , HITLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1 , HITLS_PSK_WITH_AES_256_CCM = 0xC0A5 , HITLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6 , HITLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7 , HITLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC , HITLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD , HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8 , HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9 , HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA , HITLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB , HITLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC , HITLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD , HITLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE , HITLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xD001 , HITLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = 0xD002 , HITLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD005 , HITLS_AES_128_GCM_SHA256 = 0x1301 , HITLS_AES_256_GCM_SHA384 = 0x1302 , HITLS_CHACHA20_POLY1305_SHA256 = 0x1303 , HITLS_AES_128_CCM_SHA256 = 0x1304 , HITLS_AES_128_CCM_8_SHA256 = 0x1305 , HITLS_SM4_GCM_SM3 = 0x00C6 , HITLS_SM4_CCM_SM3 = 0x00C7 , HITLS_ECDHE_SM4_CBC_SM3 = 0xE011 , HITLS_ECC_SM4_CBC_SM3 = 0xE013 , HITLS_ECDHE_SM4_GCM_SM3 = 0xE051 , HITLS_ECC_SM4_GCM_SM3 = 0xE053 }
	enumerate ciphersuites supported by HITLS with IANA coding

函数
HITLS_Config *	HITLS_CFG_NewDTLS12Config (void)
	Create DTLS12 configuration items, including the default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.
HITLS_Config *	HITLS_CFG_ProviderNewDTLS12Config (HITLS_Lib_Ctx libCtx, const char attrName)
	Create DTLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLS12Config except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewTLCPConfig (void)
	Create TLCP configuration items, including default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.
HITLS_Config *	HITLS_CFG_ProviderNewTLCPConfig (HITLS_Lib_Ctx libCtx, const char attrName)
	Create TLCP configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLCPConfig except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewDTLCPConfig (void)
	Create DTLCP configuration items, including the default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.
HITLS_Config *	HITLS_CFG_ProviderNewDTLCPConfig (HITLS_Lib_Ctx libCtx, const char attrName)
	Create DTLCP configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLCPConfig except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewTLS12Config (void)
	Create a TLS12 configuration item, including the default configuration. The user can call the HITLS_CFG_SetXXX interface to modify the configuration.
HITLS_Config *	HITLS_CFG_ProviderNewTLS12Config (HITLS_Lib_Ctx libCtx, const char attrName)
	Create TLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLS12Config, except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewTLS13Config (void)
	Creates the default TLS13 configuration. The HITLS_CFG_SetXXX interface can be used to modify the default TLS13 configuration.
HITLS_Config *	HITLS_CFG_ProviderNewTLS13Config (HITLS_Lib_Ctx libCtx, const char attrName)
	Create TLS13 configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLS13Config, except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewTLSConfig (void)
	Create full TLS configurations. The HITLS_CFG_SetXXX interface can be used to modify the configurations.
HITLS_Config *	HITLS_CFG_ProviderNewTLSConfig (HITLS_Lib_Ctx libCtx, const char attrName)
	Create TLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLSConfig except that it requires libCtx and attribute parameters.
HITLS_Config *	HITLS_CFG_NewDTLSConfig (void)
	Create full DTLS configurations. The HITLS_CFG_SetXXX interface can be called to modify the DTLS configuration.
HITLS_Config *	HITLS_CFG_ProviderNewDTLSConfig (HITLS_Lib_Ctx libCtx, const char attrName)
	Create DTLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLSConfig, except that it requires libCtx and attribute parameters.
void	HITLS_CFG_FreeConfig (HITLS_Config *config)
	Release the config file.
int32_t	HITLS_CFG_UpRef (HITLS_Config *config)
	The reference counter of config increases by 1.
int32_t	HITLS_CFG_SetVersion (HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
	Set the supported version number range.
int32_t	HITLS_CFG_SetVersionForbid (HITLS_Config *config, uint32_t noVersion)
	Setting the disabled version number.
int32_t	HITLS_CFG_SetRenegotiationSupport (HITLS_Config *config, bool support)
	Set whether to support renegotiation.
int32_t	HITLS_CFG_SetClientRenegotiateSupport (HITLS_Config *config, bool support)
	Set whether to allow a renegotiate request from the client
int32_t	HITLS_CFG_SetLegacyRenegotiateSupport (HITLS_Config *config, bool support)
	Set whether to abort handshake when server doesn't support SecRenegotiation
int32_t	HITLS_CFG_SetResumptionOnRenegoSupport (HITLS_Config *config, bool support)
	Set whether to support session restoration during renegotiation. By default, session restoration is not supported.
int32_t	HITLS_CFG_SetClientVerifySupport (HITLS_Config *config, bool support)
	Sets whether to verify the client certificate. Client: This setting has no impact Server: The certificate request will be sent.
int32_t	HITLS_CFG_SetNoClientCertSupport (HITLS_Config *config, bool support)
	Sets whether to allow the client certificate to be empty. This parameter takes effect only when client certificate verification is enabled. Client: This setting has no impact Server: Check whether the certificate passes the verification when receiving an empty certificate from the client. The verification fails by default.
int32_t	HITLS_CFG_SetExtendedMasterSecretSupport (HITLS_Config *config, bool support)
	Sets whether to forcibly support extended master keys.
int32_t	HITLS_CFG_SetDhAutoSupport (HITLS_Config *config, bool support)
	Set whether the DH parameter can be automatically selected by users. If the value is true, the DH parameter is automatically selected based on the length of the certificate private key. If the value is false, the DH parameter needs to be set.
int32_t	HITLS_CFG_SetTmpDh (HITLS_Config config, HITLS_CRYPT_Key dhPkey)
	Set the DH parameter specified by the user.
int32_t	HITLS_CFG_GetRenegotiationSupport (const HITLS_Config config, bool isSupport)
	Query whether renegotiation is supported.
int32_t	HITLS_CFG_GetClientVerifySupport (HITLS_Config config, bool isSupport)
	Query whether the client certificate can be verified.
int32_t	HITLS_CFG_GetNoClientCertSupport (HITLS_Config config, bool isSupport)
	Query whether support there is no client certificate. This parameter takes effect only when the client certificate is verified.
int32_t	HITLS_CFG_GetExtendedMasterSecretSupport (HITLS_Config config, bool isSupport)
	Query whether extended master keys are supported.
int32_t	HITLS_CFG_SetExtendedMasterSecretMode (HITLS_Config *config, int32_t mode)
	Set extended master secret mode.
int32_t	HITLS_CFG_GetExtendedMasterSecretMode (HITLS_Config config, int32_t mode)
	Get extended master secret mode.
int32_t	HITLS_CFG_GetDhAutoSupport (HITLS_Config config, bool isSupport)
	Query whether the DH parameter can be automatically selected by the user. If yes, the DH parameter will be automatically selected based on the length of the certificate private key.
int32_t	HITLS_CFG_SetPostHandshakeAuthSupport (HITLS_Config *config, bool support)
	Setting whether to support post-handshake auth takes effect only for TLS1.3. client: If the client supports pha, the client sends pha extensions. Server: supports pha. After the handshake, the upper-layer interface HITLS_VerifyClientPostHandshake initiates certificate verification.
int32_t	HITLS_CFG_GetPostHandshakeAuthSupport (HITLS_Config config, bool isSupport)
	Query whether the post-handshake AUTH function is supported.
int32_t	HITLS_CFG_SetVerifyNoneSupport (HITLS_Config *config, bool support)
	Sets whether to support not perform dual-ended verification
int32_t	HITLS_CFG_GetVerifyNoneSupport (HITLS_Config config, bool isSupport)
	Query whether not perform dual-ended verification is supported
int32_t	HITLS_CFG_SetClientOnceVerifySupport (HITLS_Config *config, bool support)
	Set whether request client certificate only once is supported
int32_t	HITLS_CFG_GetClientOnceVerifySupport (HITLS_Config config, bool isSupport)
	Query whether request client certificate only once is supported
int32_t	HITLS_CFG_SetCipherSuites (HITLS_Config config, const uint16_t cipherSuites, uint32_t cipherSuitesSize)
	Set the supported cipher suites. The sequence of the cipher suites affects the priority of the selected cipher suites. The cipher suite with the highest priority is the first.
int32_t	HITLS_CFG_GetCipherSuites (HITLS_Config config, uint16_t data, uint32_t dataLen, uint32_t *cipherSuitesSize)
	Get the supported cipher suites array.
int32_t	HITLS_CFG_ClearTLS13CipherSuites (HITLS_Config *config)
	Clear the TLS1.3 cipher suite.
int32_t	HITLS_CFG_SetEcPointFormats (HITLS_Config config, const uint8_t pointFormats, uint32_t pointFormatsSize)
	Set the format of the ec point.
int32_t	HITLS_CFG_SetGroups (HITLS_Config config, const uint16_t groups, uint32_t groupsSize)
	Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_NamedGroup.
int32_t	HITLS_CFG_SetGroupList (HITLS_Config config, const char groupNames, uint32_t groupNamesLen)
	Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_NamedGroup.
int32_t	HITLS_CFG_SetSignature (HITLS_Config config, const uint16_t signAlgs, uint16_t signAlgsSize)
	Set the signature algorithms supported during negotiation. The signature algorithms supported by the HiTLS can be queried in the HITLS_SignHashAlgo file.
int32_t	HITLS_CFG_AddCAIndication (HITLS_Config config, HITLS_TrustedCAType caType, const uint8_t data, uint32_t len)
	Add the CA indicator, which is used when the peer certificate is requested.
HITLS_TrustedCAList *	HITLS_CFG_GetCAList (const HITLS_Config *config)
	Obtain the CA list.
int32_t	HITLS_CFG_SetCAList (HITLS_Config config, HITLS_TrustedCAList list)
	Set the CA list.
void	HITLS_CFG_ClearCAList (HITLS_Config *config)
	Clear the CA list.
int32_t	HITLS_CFG_SetKeyExchMode (HITLS_Config *config, uint32_t mode)
	Set the key exchange mode, which is used by TLS1.3.
uint32_t	HITLS_CFG_GetKeyExchMode (HITLS_Config *config)
	Obtain the key exchange mode, which is used by TLS1.3.
int32_t	HITLS_CFG_SetClientHelloCb (HITLS_Config config, HITLS_ClientHelloCb callback, void arg)
	Set the cookie verification callback on the server.
int32_t	HITLS_CFG_SetDtlsTimerCb (HITLS_Config *config, HITLS_DtlsTimerCb callback)
	Set the DTLS obtaining timeout interval callback.
int32_t	HITLS_CFG_GetMinVersion (const HITLS_Config config, uint16_t minVersion)
	Obtaining the Minimum Supported Version Number
int32_t	HITLS_CFG_GetMaxVersion (const HITLS_Config config, uint16_t maxVersion)
	Obtaining the Maximum supported version number
int32_t	HITLS_CFG_GetCipherId (const HITLS_Cipher cipher, HITLS_CipherAlgo cipherAlg)
	Obtain the symmetric encryption algorithm type based on the cipher suite.
int32_t	HITLS_CFG_GetHashId (const HITLS_Cipher cipher, HITLS_HashAlgo hashAlg)
	Obtain the hash algorithm type based on the cipher suite.
int32_t	HITLS_CFG_GetMacId (const HITLS_Cipher cipher, HITLS_MacAlgo macAlg)
	Obtain the MAC algorithm type based on the cipher suite.
int32_t	HITLS_CFG_GetAuthId (const HITLS_Cipher cipher, HITLS_AuthAlgo authAlg)
	Obtain the server authorization algorithm type based on the cipher suite.
int32_t	HITLS_CFG_GetKeyExchId (const HITLS_Cipher cipher, HITLS_KeyExchAlgo kxAlg)
	Obtain the key exchange algorithm type based on the cipher suite.
const uint8_t *	HITLS_CFG_GetCipherSuiteName (const HITLS_Cipher *cipher)
	Obtain the cipher suite name based on the cipher suite.
const uint8_t *	HITLS_CFG_GetCipherSuiteStdName (const HITLS_Cipher *cipher)
	Obtain the RFC standard name of the cipher suite based on the cipher suite.
const HITLS_Cipher *	HITLS_CFG_GetCipherSuiteByStdName (const uint8_t *stdName)
	Obtain the corresponding cipher suite pointer based on the RFC Standard Name.
int32_t	HITLS_CFG_GetDescription (const HITLS_Cipher cipher, uint8_t buf, int32_t len)
	Outputs the description of the cipher suite as a string.
int32_t	HITLS_CIPHER_IsAead (const HITLS_Cipher cipher, bool isAead)
	Determine whether to use the AEAD algorithm based on the cipher suite information.
int32_t	HITLS_CFG_GetCipherVersion (const HITLS_Cipher cipher, int32_t version)
	Obtain the earliest TLS version supported by the cipher suite based on the cipher suite.
const HITLS_Cipher *	HITLS_CFG_GetCipherByID (uint16_t cipherSuite)
	Obtain the cipher suite pointer based on the cipher suite ID.
int32_t	HITLS_CFG_GetCipherSuite (const HITLS_Cipher cipher, uint16_t cipherSuite)
	Obtain the encryption ID in the cipher suite.
int32_t	HITLS_CFG_GetVersionSupport (const HITLS_Config config, uint32_t version)
	Obtain the supported version number.
int32_t	HITLS_CFG_SetVersionSupport (HITLS_Config *config, uint32_t version)
	Set the supported version number.
int32_t	HITLS_CFG_SetNeedCheckPmsVersion (HITLS_Config *config, bool needCheck)
	This interface is used to verify the version in the premaster secret. This interface takes effect on the server. The version must be earlier than 1.0, including 1.0.
int32_t	HITLS_CFG_SetModeSupport (HITLS_Config *config, uint32_t mode)
	Set the function to support the specified feature.
int32_t	HITLS_CFG_ClearModeSupport (HITLS_Config *config, uint32_t mode)
	Disable the specified feature.
int32_t	HITLS_CFG_GetModeSupport (const HITLS_Config config, uint32_t mode)
	Obtain the mode of the function feature in the config file.
int32_t	HITLS_CFG_SetQuietShutdown (HITLS_Config *config, int32_t mode)
	Set the quiet disconnection mode.
int32_t	HITLS_CFG_GetQuietShutdown (const HITLS_Config config, int32_t mode)
	Obtain the current quiet disconnection mode.
int32_t	HITLS_CFG_SetDtlsPostHsTimeoutVal (HITLS_Config *config, uint32_t timeoutVal)
	Set the timeout period after the DTLS over UDP connection is complete. If the timer expires, the system does not receive the finished message resent by the peer end. If this parameter is set to 0, the default value 240 seconds is used.
int32_t	HITLS_CFG_SetEncryptThenMac (HITLS_Config *config, bool encryptThenMacType)
	Set the Encrypt-Then-Mac mode.
int32_t	HITLS_CFG_GetEncryptThenMac (const HITLS_Config config, bool encryptThenMacType)
	Obtain the Encrypt-Then-Mac type.
void *	HITLS_CFG_GetConfigUserData (const HITLS_Config *config)
	Obtain the user data from the HiTLS Config object. Generally, this function is called during the callback registered with the HiTLS.
int32_t	HITLS_CFG_SetConfigUserData (HITLS_Config config, void userData)
	User data is stored in the HiTLS Config. The user data can be obtained from the callback registered with the HiTLS.
int32_t	HITLS_CFG_SetConfigUserDataFreeCb (HITLS_Config *config, HITLS_ConfigUserDataFreeCb callback)
	Sets the UserData free callback
int32_t	HITLS_CFG_IsDtls (const HITLS_Config config, bool isDtls)
	Determine whether to use DTLS.
int32_t	HITLS_CFG_SetCipherServerPreference (HITLS_Config *config, bool isSupport)
	cipher suites are preferentially selected from the list of algorithms supported by the server.
int32_t	HITLS_CFG_GetCipherServerPreference (const HITLS_Config config, bool isSupport)
	Obtains whether the current cipher suite supports preferential selection from the list of algorithms supported by the server.
int32_t	HITLS_CFG_SetFlightTransmitSwitch (HITLS_Config *config, bool isEnable)
	Set whether to send handshake messages by route. DTLS over SCTP does not support this ability.
int32_t	HITLS_CFG_GetFlightTransmitSwitch (const HITLS_Config config, bool isEnable)
	Obtains the status of whether to send handshake information according to the route.
int32_t	HITLS_CFG_SetDtlsCookieExchangeSupport (HITLS_Config *config, bool isSupport)
	Set whether the DTLS performs cookie exchange.
int32_t	HITLS_CFG_GetDtlsCookieExchangeSupport (const HITLS_Config config, bool isSupport)
	Return whether the DTLS performs cookie exchange.
int32_t	HITLS_CFG_SetEmptyRecordsNum (HITLS_Config *config, uint32_t emptyNum)
	Set the max empty records number can be received
int32_t	HITLS_CFG_GetEmptyRecordsNum (const HITLS_Config config, uint32_t emptyNum)
	Obtain the max empty records number can be received
int32_t	HITLS_CFG_SetMaxSendFragment (HITLS_Config *config, uint16_t maxSendFragment)
	Set the max send fragment to restrict the amount of plaintext bytes in any record
int32_t	HITLS_CFG_GetMaxSendFragment (const HITLS_Config config, uint16_t maxSendFragment)
	Obtain the max send fragment to restrict the amount of plaintext bytes in any record
int32_t	HITLS_CFG_SetRecInbufferSize (HITLS_Config *config, uint32_t recInbufferSize)
	Set the rec inbuffer inital size
int32_t	HITLS_CFG_GetRecInbufferSize (const HITLS_Config config, uint32_t recInbufferSize)
	Obtain the rec inbuffer inital size
int32_t	HITLS_CFG_SetMaxCertList (HITLS_Config *config, uint32_t maxSize)
	Set the maximum size of the certificate chain that can be sent by the peer end.
int32_t	HITLS_CFG_GetMaxCertList (const HITLS_Config config, uint32_t maxSize)
	Obtain the maximum size of the certificate chain that can be sent by the peer end.
int32_t	HITLS_CFG_SetTmpDhCb (HITLS_Config *config, HITLS_DhTmpCb callback)
	Set the TmpDh callback, cb can be NULL.
int32_t	HITLS_CFG_SetRecordPaddingCb (HITLS_Config *config, HITLS_RecordPaddingCb callback)
	Set the RecordPadding callback.
HITLS_RecordPaddingCb	HITLS_CFG_GetRecordPaddingCb (HITLS_Config *config)
	Obtains the RecordPadding callback function.
int32_t	HITLS_CFG_SetRecordPaddingCbArg (HITLS_Config config, void arg)
	Sets the parameters arg required by the RecordPadding callback function.
void *	HITLS_CFG_GetRecordPaddingCbArg (HITLS_Config *config)
	Obtains the parameter arg required by the RecordPadding callback function.
int32_t	HITLS_CFG_SetCheckKeyUsage (HITLS_Config *config, bool isCheck)
	Disables the verification of keyusage in the certificate. This function is enabled by default.
int32_t	HITLS_CFG_SetReadAhead (HITLS_Config *config, int32_t onOff)
	Set read ahead flag to indicate whether read more data than user required to buffer in advance
int32_t	HITLS_CFG_GetReadAhead (HITLS_Config config, int32_t onOff)
	Get whether reading ahead has been set or not
int32_t	HITLS_CFG_SetKeepPeerCertificate (HITLS_Config *config, bool isKeepPeerCert)
	Set whether to save the peer certificate.
int32_t	HITLS_CFG_SetRecordSizeLimit (HITLS_Config *config, uint16_t recordSize)
	The default record size limit is 0 to unsupport the record size limit extension (RFC 8449). If negotiated, it is used only to limit the size of records sent by the peer in the receive direction. However, the record size sent to the peer is limited by the record size limit value of the peer.
int32_t	HITLS_CFG_GetRecordSizeLimit (HITLS_Config config, uint16_t recordSize)
	Obtains the record size limit value of ctx.
int32_t	HITLS_CFG_SetEndPoint (HITLS_Config *config, bool isClient)
	Set whether the current configuration is a client configuration.
int32_t	HITLS_CFG_GetResumptionOnRenegoSupport (HITLS_Config config, bool isSupport)
	Get whether to support session restoration during renegotiation. By default, session restoration is not supported.
int32_t	HITLS_CFG_GetClientRenegotiateSupport (HITLS_Config config, bool isSupport)
	Get whether to allow a renegotiate request from the client
int32_t	HITLS_CFG_EnableTls13SM (HITLS_Config *config, bool isOnlySupportSM)
	Set enable support tls1.3 SM

详细描述

TLS parameter configuration

类型定义说明

◆ HITLS_ClientHelloCb

typedef int32_t(* HITLS_ClientHelloCb) (HITLS_Ctx *ctx, int32_t *alert, void *arg)

ClientHello callback prototype for the server to process the callback.

参数

ctx	[IN] Ctx context
alert	[OUT] The callback that returns a failure should indicate the alert value to be sent in al.
arg	[IN] Product input context

返回值

HITLS_CLIENT_HELLO_SUCCESS	successful.
HITLS_CLIENT_HELLO_RETRY	suspend the handshake process
HITLS_CLIENT_HELLO_FAILED	failed, send an alert message and terminate the handshake

◆ HITLS_ConfigUserDataFreeCb

typedef void(* HITLS_ConfigUserDataFreeCb) (void *)

UserData free callback

参数

userData [IN] Pointer to user data to be freed.

返回: void

◆ HITLS_DhTmpCb

typedef HITLS_CRYPT_Key *(* HITLS_DhTmpCb) (HITLS_Ctx *ctx, int32_t isExport, uint32_t keyLen)

Generate temporary DH key.

参数

ctx	[IN] Ctx context
isExport	[IN] Flag indicating whether the key is for export.
keyLen	[IN] Length of the key to generate.

返回: HITLS_CRYPT_Key, The memory created by this interface is released using SAL_CRYPT_FreeDhKey.

◆ HITLS_DtlsTimerCb

typedef uint32_t(* HITLS_DtlsTimerCb) (HITLS_Ctx *ctx, uint32_t us)

DTLS callback prototype for obtaining the timeout interval

参数

ctx	[IN] Ctx context
us	[IN] Current timeout interval, Unit: microsecond

返回: Obtained timeout interval

◆ HITLS_RecordPaddingCb

typedef uint64_t(* HITLS_RecordPaddingCb) (HITLS_Ctx *ctx, int32_t type, uint64_t length, void *arg)

Callback function for handling TLS record padding.

参数

ctx	[IN] Ctx context
type	[IN] Record type
length	[IN] Original record length.
arg	[IN] User-defined argument for padding.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

函数说明

◆ HITLS_CFG_AddCAIndication()

int32_t HITLS_CFG_AddCAIndication	(	HITLS_Config *	config,
		HITLS_TrustedCAType	caType,
		const uint8_t *	data,
		uint32_t	len )

Add the CA indicator, which is used when the peer certificate is requested.

参数

config	[OUT] TLS link configuration
caType	[IN] CA indication type
data	[IN] CA indication data
len	[IN] Data length

返回: HITLS_SUCCESS, if successful. For other error codes, see hitls_error.h.

◆ HITLS_CFG_ClearCAList()

void HITLS_CFG_ClearCAList ( HITLS_Config * config )

Clear the CA list.

参数

config [OUT] TLS link configuration

返回: CA list

◆ HITLS_CFG_ClearModeSupport()

int32_t HITLS_CFG_ClearModeSupport	(	HITLS_Config *	config,
		uint32_t	mode )

Disable the specified feature.

参数

config	[OUT] Config handle.
mode	[IN] Mode features to be disabled.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_ClearTLS13CipherSuites()

int32_t HITLS_CFG_ClearTLS13CipherSuites ( HITLS_Config * config )

Clear the TLS1.3 cipher suite.

参数

config [IN] Config handle.

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_EnableTls13SM()

int32_t HITLS_CFG_EnableTls13SM	(	HITLS_Config *	config,
		bool	isOnlySupportSM )

Set enable support tls1.3 SM

参数

config	[IN] Config handle
isOnlySupportSM	[OUT] Indicates whether to only support tls1.3 SM

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_FreeConfig()

void HITLS_CFG_FreeConfig ( HITLS_Config * config )

Release the config file.

参数

config [OUT] Config handle.

返回: void

◆ HITLS_CFG_GetAuthId()

int32_t HITLS_CFG_GetAuthId	(	const HITLS_Cipher *	cipher,
		HITLS_AuthAlgo *	authAlg )

Obtain the server authorization algorithm type based on the cipher suite.

参数

cipher	[IN] Cipher suite
authAlg	[OUT] Obtained server authorization type.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetCAList()

HITLS_TrustedCAList * HITLS_CFG_GetCAList ( const HITLS_Config * config )

Obtain the CA list.

参数

config [OUT] TLS link configuration

返回: CA list

◆ HITLS_CFG_GetCipherByID()

const HITLS_Cipher * HITLS_CFG_GetCipherByID ( uint16_t cipherSuite )

Obtain the cipher suite pointer based on the cipher suite ID.

参数

cipherSuite [IN] Cipher suite ID

返回: HITLS_CONFIG_UNSUPPORT_CIPHER_SUITE, Unsupported cipher suites; Pointer to the obtained cipher suite information.

◆ HITLS_CFG_GetCipherId()

int32_t HITLS_CFG_GetCipherId	(	const HITLS_Cipher *	cipher,
		HITLS_CipherAlgo *	cipherAlg )

Obtain the symmetric encryption algorithm type based on the cipher suite.

参数

cipher[IN]	Cipher suite
cipherAlg	[OUT] Obtained symmetric encryption algorithm type.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetCipherServerPreference()

int32_t HITLS_CFG_GetCipherServerPreference	(	const HITLS_Config *	config,
		bool *	isSupport )

Obtains whether the current cipher suite supports preferential selection from the list of algorithms supported by the server.

参数

config	[IN] TLS link configuration
isSupport	[OUT] Support or not

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetCipherSuite()

int32_t HITLS_CFG_GetCipherSuite	(	const HITLS_Cipher *	cipher,
		uint16_t *	cipherSuite )

Obtain the encryption ID in the cipher suite.

参数

cipher	[IN] Cipher suite.
cipherSuite	[OUT] Cipher suite ID.

返回值

HITLS_CONFIG_UNSUPPORT_CIPHER_SUITE,Unsupported	cipher suites.
Minimum	TLS version supported by the given cipher suite.

◆ HITLS_CFG_GetCipherSuiteByStdName()

const HITLS_Cipher * HITLS_CFG_GetCipherSuiteByStdName ( const uint8_t * stdName )

Obtain the corresponding cipher suite pointer based on the RFC Standard Name.

参数

stdName [IN] RFC Standard Name

返回: NULL. Failed to obtain the cipher suite.; Pointer to the obtained cipher suite information.

◆ HITLS_CFG_GetCipherSuiteName()

const uint8_t * HITLS_CFG_GetCipherSuiteName ( const HITLS_Cipher * cipher )

Obtain the cipher suite name based on the cipher suite.

参数

cipher [IN] Cipher suite

返回: "(NONE)" Invalid cipher suite.; Name of the given cipher suite

◆ HITLS_CFG_GetCipherSuites()

int32_t HITLS_CFG_GetCipherSuites	(	HITLS_Config *	config,
		uint16_t *	data,
		uint32_t	dataLen,
		uint32_t *	cipherSuitesSize )

Get the supported cipher suites array.

参数

config	[IN] Config handle.
data	[OUT] Array for storing cipher suites.
dataLen	[IN] Array length.
cipherSuitesSize	[OUT] cipher suite array length.

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_GetCipherSuiteStdName()

const uint8_t * HITLS_CFG_GetCipherSuiteStdName ( const HITLS_Cipher * cipher )

Obtain the RFC standard name of the cipher suite based on the cipher suite.

参数

cipherSuite [IN] cipher suite

返回: "(NONE)" Invalid cipher suite.; RFC standard name for the given cipher suite

◆ HITLS_CFG_GetCipherVersion()

int32_t HITLS_CFG_GetCipherVersion	(	const HITLS_Cipher *	cipher,
		int32_t *	version )

Obtain the earliest TLS version supported by the cipher suite based on the cipher suite.

参数

cipher	[IN] Cipher suite
version	[OUT] Obtain the earliest TLS version supported by the cipher suite.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetClientOnceVerifySupport()

int32_t HITLS_CFG_GetClientOnceVerifySupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether request client certificate only once is supported

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether the client certificate can be requested only once.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetClientRenegotiateSupport()

int32_t HITLS_CFG_GetClientRenegotiateSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Get whether to allow a renegotiate request from the client

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to allow a renegotiate request from the client

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetClientVerifySupport()

int32_t HITLS_CFG_GetClientVerifySupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether the client certificate can be verified.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to verify the client certificate.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetConfigUserData()

void * HITLS_CFG_GetConfigUserData ( const HITLS_Config * config )

Obtain the user data from the HiTLS Config object. Generally, this function is called during the callback registered with the HiTLS.

注意: must be called before HITLS_Connect and HITLS_Accept. The life cycle of the user identifier must be longer than that of the TLS object.

参数

config [OUT] TLS connection handle.

返回: HITLS_SUCCESS, if successful.; HITLS_NULL_INPUT, The TLS object pointer of the input parameter is null.

◆ HITLS_CFG_GetDescription()

int32_t HITLS_CFG_GetDescription	(	const HITLS_Cipher *	cipher,
		uint8_t *	buf,
		int32_t	len )

Outputs the description of the cipher suite as a string.

参数

cipherSuite	[IN] Cipher suite
buf	[OUT] Output the description.
len	[IN] Description length

返回值

NULL,Failed	to obtain the description.
Description	of the cipher suite

◆ HITLS_CFG_GetDhAutoSupport()

int32_t HITLS_CFG_GetDhAutoSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether the DH parameter can be automatically selected by the user. If yes, the DH parameter will be automatically selected based on the length of the certificate private key.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to support the function of automatically selecting the DH parameter.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetDtlsCookieExchangeSupport()

int32_t HITLS_CFG_GetDtlsCookieExchangeSupport	(	const HITLS_Config *	config,
		bool *	isSupport )

Return whether the DTLS performs cookie exchange.

参数

config	[IN] TLS link configuration.
isSupport	[OUT] Support or not.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetEmptyRecordsNum()

int32_t HITLS_CFG_GetEmptyRecordsNum	(	const HITLS_Config *	config,
		uint32_t *	emptyNum )

Obtain the max empty records number can be received

参数

config	[IN] TLS link configuration.
emptyNum	[OUT] Indicates the max number of empty records can be received

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetEncryptThenMac()

int32_t HITLS_CFG_GetEncryptThenMac	(	const HITLS_Config *	config,
		bool *	encryptThenMacType )

Obtain the Encrypt-Then-Mac type.

参数

config	[IN] TLS link configuration
encryptThenMacType	[OUT] Current Encrypt-Then-Mac mode

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetExtendedMasterSecretMode()

int32_t HITLS_CFG_GetExtendedMasterSecretMode	(	HITLS_Config *	config,
		int32_t *	mode )

Get extended master secret mode.

参数

config	[IN] TLS config handle
mode	[OUT] EMS mode. See HITLS_EMS_MODE_*.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,if	config or mode is NULL.

◆ HITLS_CFG_GetExtendedMasterSecretSupport()

int32_t HITLS_CFG_GetExtendedMasterSecretSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether extended master keys are supported.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to support the extended master key.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetFlightTransmitSwitch()

int32_t HITLS_CFG_GetFlightTransmitSwitch	(	const HITLS_Config *	config,
		bool *	isEnable )

Obtains the status of whether to send handshake information according to the route.

参数

config	[IN] TLS link configuration.
isEnable	[OUT] Indicates whether to send handshake information by route.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetHashId()

int32_t HITLS_CFG_GetHashId	(	const HITLS_Cipher *	cipher,
		HITLS_HashAlgo *	hashAlg )

Obtain the hash algorithm type based on the cipher suite.

参数

cipher	[IN] Cipher suite
hashAlg	[OUT] Obtained hash algorithm type.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetKeyExchId()

int32_t HITLS_CFG_GetKeyExchId	(	const HITLS_Cipher *	cipher,
		HITLS_KeyExchAlgo *	kxAlg )

Obtain the key exchange algorithm type based on the cipher suite.

参数

cipher	[IN] Cipher suite
kxAlg	[OUT] Obtained key exchange algorithm type.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetKeyExchMode()

uint32_t HITLS_CFG_GetKeyExchMode ( HITLS_Config * config )

Obtain the key exchange mode, which is used by TLS1.3.

参数

config [OUT] TLS link configuration

返回: Key exchange mode

◆ HITLS_CFG_GetMacId()

int32_t HITLS_CFG_GetMacId	(	const HITLS_Cipher *	cipher,
		HITLS_MacAlgo *	macAlg )

Obtain the MAC algorithm type based on the cipher suite.

参数

cipher	[IN] Cipher suite
macAlg	[OUT] Obtained MAC algorithm type.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetMaxCertList()

int32_t HITLS_CFG_GetMaxCertList	(	const HITLS_Config *	config,
		uint32_t *	maxSize )

Obtain the maximum size of the certificate chain that can be sent by the peer end.

参数

config	[IN] TLS link configuration
maxSize	[OUT] Maximum size of the certificate chain that can be sent by the peer end.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetMaxSendFragment()

int32_t HITLS_CFG_GetMaxSendFragment	(	const HITLS_Config *	config,
		uint16_t *	maxSendFragment )

Obtain the max send fragment to restrict the amount of plaintext bytes in any record

参数

config	[IN] TLS link configuration.
maxSendFragment	[OUT] Indicates the max send fragment

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetMaxVersion()

int32_t HITLS_CFG_GetMaxVersion	(	const HITLS_Config *	config,
		uint16_t *	maxVersion )

Obtaining the Maximum supported version number

参数

config	[IN] Config context
maxVersion	[OUT] Maximum supported version

返回: HITLS_SUCCESS is obtained successfully. For other error codes, see hitls_error.h.

◆ HITLS_CFG_GetMinVersion()

int32_t HITLS_CFG_GetMinVersion	(	const HITLS_Config *	config,
		uint16_t *	minVersion )

Obtaining the Minimum Supported Version Number

参数

config	[IN] Config context
minVersion	[OUT] Minimum version supported

返回: HITLS_SUCCESS is obtained successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_GetModeSupport()

int32_t HITLS_CFG_GetModeSupport	(	const HITLS_Config *	config,
		uint32_t *	mode )

Obtain the mode of the function feature in the config file.

参数

config	[OUT] Config handle
mode	[OUT] Mode obtains the output parameters of the mode.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetNoClientCertSupport()

int32_t HITLS_CFG_GetNoClientCertSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether support there is no client certificate. This parameter takes effect only when the client certificate is verified.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to support the function of not having a client certificate.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetPostHandshakeAuthSupport()

int32_t HITLS_CFG_GetPostHandshakeAuthSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether the post-handshake AUTH function is supported.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to support post-handshake AUTH.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetQuietShutdown()

int32_t HITLS_CFG_GetQuietShutdown	(	const HITLS_Config *	config,
		int32_t *	mode )

Obtain the current quiet disconnection mode.

参数

config	[IN] TLS link configuration
mode	[OUT] Current quiet disconnection mode

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetReadAhead()

int32_t HITLS_CFG_GetReadAhead	(	HITLS_Config *	config,
		int32_t *	onOff )

Get whether reading ahead has been set or not

参数

config	[IN] Hitls config
onOff	[OUT] Read ahead flag

返回值

HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_CFG_GetRecInbufferSize()

int32_t HITLS_CFG_GetRecInbufferSize	(	const HITLS_Config *	config,
		uint32_t *	recInbufferSize )

Obtain the rec inbuffer inital size

参数

config	[IN] TLS link configuration.
recInbufferSize	[OUT] Indicates the rec inbuffer inital size

返回值

HITLS_NULL_INPUT,the	input parameter pointer is NULL.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetRecordPaddingCb()

HITLS_RecordPaddingCb HITLS_CFG_GetRecordPaddingCb ( HITLS_Config * config )

Obtains the RecordPadding callback function.

参数

config [OUT] Config context

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_GetRecordPaddingCbArg()

void * HITLS_CFG_GetRecordPaddingCbArg ( HITLS_Config * config )

Obtains the parameter arg required by the RecordPadding callback function.

参数

config [OUT] Config context

返回: HITLS_NULL_INPUT, the input parameter pointer is null.; HITLS_SUCCESS, if successful.

◆ HITLS_CFG_GetRecordSizeLimit()

int32_t HITLS_CFG_GetRecordSizeLimit	(	HITLS_Config *	config,
		uint16_t *	recordSize )

Obtains the record size limit value of ctx.

参数

config	[OUT] Hitls config
recordSize	[IN] the currently in config configured record size limit value

返回值

HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_CFG_GetRenegotiationSupport()

int32_t HITLS_CFG_GetRenegotiationSupport	(	const HITLS_Config *	config,
		bool *	isSupport )

Query whether renegotiation is supported.

参数

config	[IN] Config handle
isSupport	[OUT] Whether to support renegotiation

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetResumptionOnRenegoSupport()

int32_t HITLS_CFG_GetResumptionOnRenegoSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Get whether to support session restoration during renegotiation. By default, session restoration is not supported.

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether to support session restoration during renegotiation.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_GetVerifyNoneSupport()

int32_t HITLS_CFG_GetVerifyNoneSupport	(	HITLS_Config *	config,
		bool *	isSupport )

Query whether not perform dual-ended verification is supported

参数

config	[IN] Config handle
isSupport	[OUT] Indicates whether not perform dual-ended verification is supported

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_GetVersionSupport()

int32_t HITLS_CFG_GetVersionSupport	(	const HITLS_Config *	config,
		uint32_t *	version )

Obtain the supported version number.

参数

config	[IN] Config handle
version	[OUT] Supported version number.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_IsDtls()

int32_t HITLS_CFG_IsDtls	(	const HITLS_Config *	config,
		bool *	isDtls )

Determine whether to use DTLS.

参数

config	[IN] TLS link configuration.
isDtls	[OUT] Indicates whether to use DTLS.

返回: HITLS_SUCCESS, obtained successfully. HITLS_NULL_INPUT, the input parameter pointer is null.

◆ HITLS_CFG_NewDTLCPConfig()

HITLS_Config * HITLS_CFG_NewDTLCPConfig ( void )

Create DTLCP configuration items, including the default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.

注意: The default configuration is as follows: Version number: HITLS_VERSION_TLCP_DTLCP11 Algorithm suite: HITLS_ECDHE_SM4_CBC_SM3, HITLS_ECC_SM4_CBC_SM3, HITLS_ECDHE_SM4_GCM_SM3, HITLS_ECC_SM4_GCM_SM3 EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:sm2 Extended Master Key: Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed Renegotiation: Not supported This API is a version-specific API. After the configuration context is created, the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, or HITLS_SetMaxProtoVersion interface cannot be used to set other supported versions.

返回值

HITLS_Config,object	pointer succeeded.
NULL,object	application failed.

◆ HITLS_CFG_NewDTLS12Config()

HITLS_Config * HITLS_CFG_NewDTLS12Config ( void )

Create DTLS12 configuration items, including the default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.

注意: The default configuration is as follows: Version number: HITLS_VERSION_DTLS12 Algorithm suite: HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384, HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256, HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256 EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:secp256r1, secp384r1, secp521r1, x25519, x448 Extended Master Key: Not Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed Renegotiation: Not supported This API is a version-specific API. After the configuration context is created, the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, or HITLS_SetMaxProtoVersion interface cannot be used to set other supported versions.

返回: HITLS_Config, object pointer succeeded.; NULL, failed to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_NewDTLSConfig()

HITLS_Config * HITLS_CFG_NewDTLSConfig ( void )

Create full DTLS configurations. The HITLS_CFG_SetXXX interface can be called to modify the DTLS configuration.

注意: The default configuration is as follows: Version number: HITLS_VERSION_DTLS10, HITLS_VERSION_DTLS12 Algorithm suite: HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384, HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256, HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256, EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:secp256r1, secp384r1, secp521r1, x25519, x448, brainpool256r1, brainpool384r1, brainpool521r1 Extended Master Key: Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed This interface is a unified configuration interface. After a configuration context is created, it can be used with the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, and HITLS_SetMaxProtoVersion are used together, Set the supported version. However, only the DTLS configuration item is configured in this interface. Therefore, the TLS version cannot be set.

返回: HITLS_Config, object pointer succeeded.; NULL, Object application failed.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_NewTLCPConfig()

HITLS_Config * HITLS_CFG_NewTLCPConfig ( void )

Create TLCP configuration items, including default settings. The user can call the HITLS_CFG_SetXXX interface to modify the settings.

注意: The default configuration is as follows: Version number: HITLS_VERSION_TLCP_DTLCP11 Algorithm suite: HITLS_ECDHE_SM4_CBC_SM3, HITLS_ECC_SM4_CBC_SM3 EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:sm2 Extended Master Key: Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed Renegotiation: Not supported This API is a version-specific API. After the configuration context is created, the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, or HITLS_SetMaxProtoVersion interface cannot be used to set other supported versions.

返回: HITLS_Config, object pointer succeeded.; NULL, object application failed.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_NewTLS12Config()

HITLS_Config * HITLS_CFG_NewTLS12Config ( void )

Create a TLS12 configuration item, including the default configuration. The user can call the HITLS_CFG_SetXXX interface to modify the configuration.

注意: The default configuration is as follows: Version number: HITLS_VERSION_TLS12 Algorithm suite: HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384, HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256, HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256 EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:secp256r1, secp384r1, secp521r1, x25519, x448 Extended Master Key: Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed Renegotiation: Not supported This API is a version-specific API. After the configuration context is created, the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, or HITLS_SetMaxProtoVersion interface cannot be used to set other supported versions.

返回: HITLS_Config, object pointer succeeded.; NULL, object application failed.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_NewTLS13Config()

HITLS_Config * HITLS_CFG_NewTLS13Config ( void )

Creates the default TLS13 configuration. The HITLS_CFG_SetXXX interface can be used to modify the default TLS13 configuration.

注意: The default configuration is as follows: Version number: HITLS_VERSION_TLS13 Algorithm suite: HITLS_AES_128_GCM_SHA256, HITLS_CHACHA20_POLY1305_SHA256, HITLS_AES_128_GCM_SHA256 EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:secp256r1, secp384r1, secp521r1, x25519, x448 Extended Master Key: Enabled Signature algorithm: rsa, ecdsa, eddsa Dual-ended check: Disabled Allow Client No Certificate: Not Allowed This API is a version-specific API. After the configuration context is created, the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, and HITLS_SetMaxProtoVersion interface cannot be used to set other supported versions.

返回: HITLS_Config, object pointer succeeded.; NULL, failed to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_NewTLSConfig()

HITLS_Config * HITLS_CFG_NewTLSConfig ( void )

Create full TLS configurations. The HITLS_CFG_SetXXX interface can be used to modify the configurations.

注意: The default configuration is as follows: Version number: HITLS_VERSION_SSL30, HITLS_VERSION_TLS10, HITLS_VERSION_TLS11, HITLS_VERSION_TLS12, HITLS_VERSION_TLS13 Algorithm suite: HITLS_AES_128_GCM_SHA256, HITLS_CHACHA20_POLY1305_SHA256, HITLS_AES_128_GCM_SHA256 HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384, HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384, HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256, HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256, HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, HITLS_DHE_RSA_WITH_AES_256_CBC_SHA, HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, HITLS_DHE_RSA_WITH_AES_128_CBC_SHA, HITLS_RSA_WITH_AES_256_CBC_SHA, HITLS_RSA_WITH_AES_128_CBC_SHA, EC point format: HITLS_POINT_FORMAT_UNCOMPRESSED groups:secp256r1, secp384r1, secp521r1, x25519, x448, brainpool256r1, brainpool384r1, brainpool521r1 Extended Master Key: Enabled Signature algorithm: All signature algorithms in the HITLS_SignHashAlgo table Dual-ended check: Disabled Allow Client No Certificate: Not Allowed This interface is a unified configuration interface. After a configuration context is created, it can be used with the HITLS_SetVersion, HITLS_CFG_SetVersion, HITLS_SetVersionSupport, HITLS_CFG_SetVersionSupport, HITLS_SetMinProtoVersion, and HITLS_SetMaxProtoVersion are used together, Set the supported version. However, only the TLS configuration item is configured in this interface. Therefore, the DTLS version cannot be set.

返回: HITLS_Config, object pointer succeeded.; NULL, object application failed.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewDTLCPConfig()

HITLS_Config * HITLS_CFG_ProviderNewDTLCPConfig	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create DTLCP configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLCPConfig except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewDTLS12Config()

HITLS_Config * HITLS_CFG_ProviderNewDTLS12Config	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create DTLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLS12Config except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewDTLSConfig()

HITLS_Config * HITLS_CFG_ProviderNewDTLSConfig	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create DTLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewDTLSConfig, except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewTLCPConfig()

HITLS_Config * HITLS_CFG_ProviderNewTLCPConfig	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create TLCP configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLCPConfig except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewTLS12Config()

HITLS_Config * HITLS_CFG_ProviderNewTLS12Config	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create TLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLS12Config, except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewTLS13Config()

HITLS_Config * HITLS_CFG_ProviderNewTLS13Config	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create TLS13 configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLS13Config, except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_ProviderNewTLSConfig()

HITLS_Config * HITLS_CFG_ProviderNewTLSConfig	(	HITLS_Lib_Ctx *	libCtx,
		const char *	attrName )

Create TLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewTLSConfig except that it requires libCtx and attribute parameters.

参数

[in]	libCtx	The library context.
[in]	attrName	The attribute name.

返回值

HITLS_Config,object	pointer succeeded.
NULL,failed	to apply for the object.

参见: HITLS_CFG_FreeConfig

◆ HITLS_CFG_SetCAList()

int32_t HITLS_CFG_SetCAList	(	HITLS_Config *	config,
		HITLS_TrustedCAList *	list )

Set the CA list.

参数

config	[in] TLS link configuration
list	[in] CA list

返回值

HITLS_SUCCESS,if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetCheckKeyUsage()

int32_t HITLS_CFG_SetCheckKeyUsage	(	HITLS_Config *	config,
		bool	isCheck )

Disables the verification of keyusage in the certificate. This function is enabled by default.

参数

config	[OUT] Config context
isCheck	[IN] Sets whether to check key usage.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetCipherServerPreference()

int32_t HITLS_CFG_SetCipherServerPreference	(	HITLS_Config *	config,
		bool	isSupport )

cipher suites are preferentially selected from the list of algorithms supported by the server.

参数

config	[IN] TLS link configuration.
isSupport	[IN] Support or not.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetCipherSuites()

int32_t HITLS_CFG_SetCipherSuites	(	HITLS_Config *	config,
		const uint16_t *	cipherSuites,
		uint32_t	cipherSuitesSize )

Set the supported cipher suites. The sequence of the cipher suites affects the priority of the selected cipher suites. The cipher suite with the highest priority is the first.

注意: This setting will automatically filter out unsupported cipher suites.

参数

config	[OUT] Config handle.
cipherSuites	[IN] cipher suite array, corresponding to the HITLS_CipherSuite enumerated value.
cipherSuitesSize	[IN] cipher suite array length.

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetClientHelloCb()

int32_t HITLS_CFG_SetClientHelloCb	(	HITLS_Config *	config,
		HITLS_ClientHelloCb	callback,
		void *	arg )

Set the cookie verification callback on the server.

参数

config	[OUT] Config context
callback	[IN] ClientHello callback
arg	[IN] Product input context

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetClientOnceVerifySupport()

int32_t HITLS_CFG_SetClientOnceVerifySupport	(	HITLS_Config *	config,
		bool	support )

Set whether request client certificate only once is supported

参数

config	[OUT] TLS link configuration
support	[IN] True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetClientRenegotiateSupport()

int32_t HITLS_CFG_SetClientRenegotiateSupport	(	HITLS_Config *	config,
		bool	support )

Set whether to allow a renegotiate request from the client

参数

config	[OUT] Config handle
support	[IN] Whether to support the function. The options are as follows: True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetClientVerifySupport()

int32_t HITLS_CFG_SetClientVerifySupport	(	HITLS_Config *	config,
		bool	support )

Sets whether to verify the client certificate. Client: This setting has no impact Server: The certificate request will be sent.

参数

config	[OUT] Config handle
support	[IN] Indicates whether the client certificate can be verified.True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,The	config parameter is empty.

注意: The settings on the client are invalid. Only the settings on the server take effect. If this parameter is not set, single-ended verification is used by default.

◆ HITLS_CFG_SetConfigUserData()

int32_t HITLS_CFG_SetConfigUserData	(	HITLS_Config *	config,
		void *	userData )

User data is stored in the HiTLS Config. The user data can be obtained from the callback registered with the HiTLS.

注意: must be called before HITLS_Connect and HITLS_Accept. The life cycle of the user identifier must be longer than that of the TLS object. If the user data needs to be cleared, the HITLS_SetUserData(ctx, NULL) interface can be called directly. The Clean interface is not provided separately.

参数

config	[OUT] TLS connection handle.
userData	[IN] User identifier.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,The	TLS object pointer of the input parameter is null.

◆ HITLS_CFG_SetConfigUserDataFreeCb()

int32_t HITLS_CFG_SetConfigUserDataFreeCb	(	HITLS_Config *	config,
		HITLS_ConfigUserDataFreeCb	callback )

Sets the UserData free callback

参数

config	[OUT] TLS connection handle
userData	[IN] User Data

返回值

HITLS_SUCCESS
HITLS_NULL_INPUT	The input pointer is null

◆ HITLS_CFG_SetDhAutoSupport()

int32_t HITLS_CFG_SetDhAutoSupport	(	HITLS_Config *	config,
		bool	support )

Set whether the DH parameter can be automatically selected by users. If the value is true, the DH parameter is automatically selected based on the length of the certificate private key. If the value is false, the DH parameter needs to be set.

参数

config	[OUT] Config handle
support	[IN] Whether to support the function. The options are as follows: True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetDtlsCookieExchangeSupport()

int32_t HITLS_CFG_SetDtlsCookieExchangeSupport	(	HITLS_Config *	config,
		bool	isSupport )

Set whether the DTLS performs cookie exchange.

参数

config	[IN] TLS link configuration
isSupport	[IN] Indicates whether to perform cookie exchange.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetDtlsPostHsTimeoutVal()

int32_t HITLS_CFG_SetDtlsPostHsTimeoutVal	(	HITLS_Config *	config,
		uint32_t	timeoutVal )

Set the timeout period after the DTLS over UDP connection is complete. If the timer expires, the system does not receive the finished message resent by the peer end. If this parameter is set to 0, the default value 240 seconds is used.

参数

config	[IN] TLS link configuration
timeoutVal	[IN] Timeout time

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetDtlsTimerCb()

int32_t HITLS_CFG_SetDtlsTimerCb	(	HITLS_Config *	config,
		HITLS_DtlsTimerCb	callback )

Set the DTLS obtaining timeout interval callback.

参数

config	[OUT] Config context
callback	[IN] DTLS callback for obtaining the timeout interval

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetEcPointFormats()

int32_t HITLS_CFG_SetEcPointFormats	(	HITLS_Config *	config,
		const uint8_t *	pointFormats,
		uint32_t	pointFormatsSize )

Set the format of the ec point.

注意: Currently, this parameter can only be set to HITLS_ECPOINTFORMAT_UNCOMPRESSED.

参数

config	[OUT] Config context.
pointFormats	[IN] EC point format, corresponding to the HITLS_ECPointFormat enumerated value.
pointFormatsSize	[IN] EC point format length

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetEmptyRecordsNum()

int32_t HITLS_CFG_SetEmptyRecordsNum	(	HITLS_Config *	config,
		uint32_t	emptyNum )

Set the max empty records number can be received

参数

config	[IN/OUT] TLS link configuration
emptyNum	[IN] Indicates the max number of empty records can be received

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetEncryptThenMac()

int32_t HITLS_CFG_SetEncryptThenMac	(	HITLS_Config *	config,
		bool	encryptThenMacType )

Set the Encrypt-Then-Mac mode.

参数

config	[IN] TLS link configuration
encryptThenMacType	[IN] Current Encrypt-Then-Mac mode.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetEndPoint()

int32_t HITLS_CFG_SetEndPoint	(	HITLS_Config *	config,
		bool	isClient )

Set whether the current configuration is a client configuration.

参数

config	[OUT] Config context.
isClient	[IN] Indicates whether it is a client configuration.

返回值

HITLS_SUCCESS,if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetExtendedMasterSecretMode()

int32_t HITLS_CFG_SetExtendedMasterSecretMode	(	HITLS_Config *	config,
		int32_t	mode )

Set extended master secret mode.

参数

config	[IN] TLS config handle
mode	[IN] EMS mode. See HITLS_EMS_MODE_*.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,if	config is NULL.
HITLS_INVALID_INPUT,if	mode is invalid.

◆ HITLS_CFG_SetExtendedMasterSecretSupport()

int32_t HITLS_CFG_SetExtendedMasterSecretSupport	(	HITLS_Config *	config,
		bool	support )

Sets whether to forcibly support extended master keys.

参数

config	[OUT] Config handle
support	[IN] Indicates whether to forcibly support extended master keys. The options are as follows: True: yes; False: no. The default value is true.

返回值

HITLS_SUCCESS.
HITLS_NULL_INPUT,config	is NULL

◆ HITLS_CFG_SetFlightTransmitSwitch()

int32_t HITLS_CFG_SetFlightTransmitSwitch	(	HITLS_Config *	config,
		bool	isEnable )

Set whether to send handshake messages by route. DTLS over SCTP does not support this ability.

参数

config	[IN/OUT] TLS link configuration
isEnable	[IN] Indicates whether to enable the function of sending handshake information by range. 0 indicates that the function is disabled. Other values indicate that the function is enabled.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetGroupList()

int32_t HITLS_CFG_SetGroupList	(	HITLS_Config *	config,
		const char *	groupNames,
		uint32_t	groupNamesLen )

Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_NamedGroup.

注意: If a group is not supported, an error will be reported during configuration check.

参数

config	[OUT] Config context.
groupNames	[IN] Key exchange group. Separate with colons, for example, "HITLS_EC_GROUP_SECP256R1:HITLS_EC_GROUP_SECP384R1"
groupNamesLen	[IN] Key exchange group string length

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetGroups()

int32_t HITLS_CFG_SetGroups	(	HITLS_Config *	config,
		const uint16_t *	groups,
		uint32_t	groupsSize )

Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_NamedGroup.

注意: If a group is not supported, an error will be reported during configuration check.

参数

config	[OUT] Config context.
groups	[IN] Key exchange group. Corresponds to the HITLS_NamedGroup enumerated value.
groupsSize	[IN] Group length

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetKeepPeerCertificate()

int32_t HITLS_CFG_SetKeepPeerCertificate	(	HITLS_Config *	config,
		bool	isKeepPeerCert )

Set whether to save the peer certificate.

参数

config	[IN] Hitls config.
isKeepPeerCert	[IN] Set whether to save the peer certificate.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_SetKeyExchMode()

int32_t HITLS_CFG_SetKeyExchMode	(	HITLS_Config *	config,
		uint32_t	mode )

Set the key exchange mode, which is used by TLS1.3.

参数

config	[OUT] TLS link configuration
mode	[IN] PSK key exchange mode. Currently, only TLS13_KE_MODE_PSK_ONLY and TLS13_KE_MODE_PSK_WITH_DHE are supported. The corresponding bit is set to 1.

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetLegacyRenegotiateSupport()

int32_t HITLS_CFG_SetLegacyRenegotiateSupport	(	HITLS_Config *	config,
		bool	support )

Set whether to abort handshake when server doesn't support SecRenegotiation

参数

config	[OUT] Config handle
support	[IN] Whether to support the function. The options are as follows: True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetMaxCertList()

int32_t HITLS_CFG_SetMaxCertList	(	HITLS_Config *	config,
		uint32_t	maxSize )

Set the maximum size of the certificate chain that can be sent by the peer end.

参数

config	[IN/OUT] TLS link configuration.
maxSize	[IN] Set the maximum size of the certificate chain that can be sent by the peer end.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetMaxSendFragment()

int32_t HITLS_CFG_SetMaxSendFragment	(	HITLS_Config *	config,
		uint16_t	maxSendFragment )

Set the max send fragment to restrict the amount of plaintext bytes in any record

参数

config	[IN/OUT] TLS link configuration
maxSendFragment	[IN] Indicates the max send fragment to restrict the amount of plaintext bytes in any record

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_CONFIG_INVALID_LENGTH,the	maxSendFragment is less than 64 or greater than 16384.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetModeSupport()

int32_t HITLS_CFG_SetModeSupport	(	HITLS_Config *	config,
		uint32_t	mode )

Set the function to support the specified feature.

参数

config	[OUT] Config handle.
mode	[IN] Mode features to be enabled.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetNeedCheckPmsVersion()

int32_t HITLS_CFG_SetNeedCheckPmsVersion	(	HITLS_Config *	config,
		bool	needCheck )

This interface is used to verify the version in the premaster secret. This interface takes effect on the server. The version must be earlier than 1.0, including 1.0.

参数

config	[OUT] Config handle.
needCheck	[IN] Indicates whether to perform verification.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetNoClientCertSupport()

int32_t HITLS_CFG_SetNoClientCertSupport	(	HITLS_Config *	config,
		bool	support )

Sets whether to allow the client certificate to be empty. This parameter takes effect only when client certificate verification is enabled. Client: This setting has no impact Server: Check whether the certificate passes the verification when receiving an empty certificate from the client. The verification fails by default.

参数

config	[OUT] Config handle
support	[IN] Indicates whether the authentication is successful when no client certificate is available. true: The server still passes the verification when the certificate sent by the client is empty. false: The server fails to pass the verification when the certificate sent by the client is empty.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,The	config parameter is empty.

◆ HITLS_CFG_SetPostHandshakeAuthSupport()

int32_t HITLS_CFG_SetPostHandshakeAuthSupport	(	HITLS_Config *	config,
		bool	support )

Setting whether to support post-handshake auth takes effect only for TLS1.3. client: If the client supports pha, the client sends pha extensions. Server: supports pha. After the handshake, the upper-layer interface HITLS_VerifyClientPostHandshake initiates certificate verification.

参数

config	[OUT] Config handle
support	[IN] Whether to support pha True: pha is supported. False: pha is not supported.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,The	config parameter is empty.

注意: Before enabling this function on the server, enable HITLS_CFG_SetClientVerifySupport. Otherwise, the configuration does not take effect.

◆ HITLS_CFG_SetQuietShutdown()

int32_t HITLS_CFG_SetQuietShutdown	(	HITLS_Config *	config,
		int32_t	mode )

Set the quiet disconnection mode.

参数

config	[IN] TLS link configuration
mode	[IN] Mode type. The value 0 indicates that the quiet disconnection mode is disabled, and the value 1 indicates that the quiet disconnection mode is enabled.

返回值

HITLS_SUCCESS,if	successful.
For	other error codes, see hitls_error.h.

◆ HITLS_CFG_SetReadAhead()

int32_t HITLS_CFG_SetReadAhead	(	HITLS_Config *	config,
		int32_t	onOff )

Set read ahead flag to indicate whether read more data than user required to buffer in advance

参数

config	[OUT] Hitls config
onOff	[IN] Read ahead flag, nonzero value indicates open, zero indicates close

返回值

HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_CFG_SetRecInbufferSize()

int32_t HITLS_CFG_SetRecInbufferSize	(	HITLS_Config *	config,
		uint32_t	recInbufferSize )

Set the rec inbuffer inital size

参数

config	[IN/OUT] TLS link configuration
recInbufferSize	[IN] Indicates the rec inbuffer inital size

返回值

HITLS_NULL_INPUT,the	input parameter pointer is NULL.
HITLS_CONFIG_INVALID_LENGTH,the	recInbufferSize is less than 512 or greater than 18432.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetRecordPaddingCb()

int32_t HITLS_CFG_SetRecordPaddingCb	(	HITLS_Config *	config,
		HITLS_RecordPaddingCb	callback )

Set the RecordPadding callback.

参数

config	[OUT] Config context
callback	[IN] RecordPadding Callback

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetRecordPaddingCbArg()

int32_t HITLS_CFG_SetRecordPaddingCbArg	(	HITLS_Config *	config,
		void *	arg )

Sets the parameters arg required by the RecordPadding callback function.

参数

config	[OUT] Config context
arg	[IN] Related parameters arg

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetRecordSizeLimit()

int32_t HITLS_CFG_SetRecordSizeLimit	(	HITLS_Config *	config,
		uint16_t	recordSize )

The default record size limit is 0 to unsupport the record size limit extension (RFC 8449). If negotiated, it is used only to limit the size of records sent by the peer in the receive direction. However, the record size sent to the peer is limited by the record size limit value of the peer.

参数

config	[OUT] Hitls config
recordSize	[IN] Set the default record size limit value to be negotiated (64 to 16385)

返回值

HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_CFG_SetRenegotiationSupport()

int32_t HITLS_CFG_SetRenegotiationSupport	(	HITLS_Config *	config,
		bool	support )

Set whether to support renegotiation.

参数

config	[OUT] Config handle
support	[IN] Whether to support the function. The options are as follows: True: yes; False: no.

注意: If you enable this feature, it is recommended to also set HITLS_CFG_SetLegacyRenegotiateSupport to false and HITLS_CFG_GetExtendedMasterSecretMode to HITLS_EMS_MODE_FORCE, otherwise renegotiation attacks and triple handshake attacks may be possible.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetResumptionOnRenegoSupport()

int32_t HITLS_CFG_SetResumptionOnRenegoSupport	(	HITLS_Config *	config,
		bool	support )

Set whether to support session restoration during renegotiation. By default, session restoration is not supported.

参数

config	[OUT] Config handle
support	[IN] Whether to support the function. The options are as follows: True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetSignature()

int32_t HITLS_CFG_SetSignature	(	HITLS_Config *	config,
		const uint16_t *	signAlgs,
		uint16_t	signAlgsSize )

Set the signature algorithms supported during negotiation. The signature algorithms supported by the HiTLS can be queried in the HITLS_SignHashAlgo file.

注意: If an unsupported signature algorithm is set, an error will be reported during configuration check.

参数

config	[OUT] Config context
signAlgs	[IN] Signature algorithm array, that is, the enumerated value of HITLS_SignHashAlgo.
signAlgsSize	[IN] Signature algorithm array length

返回: HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_CFG_SetTmpDh()

int32_t HITLS_CFG_SetTmpDh	(	HITLS_Config *	config,
		HITLS_CRYPT_Key *	dhPkey )

Set the DH parameter specified by the user.

参数

config	[OUT] Config handle
dhPkey	[IN] User-specified DH key.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is empty, or dhPkey is empty.

◆ HITLS_CFG_SetTmpDhCb()

int32_t HITLS_CFG_SetTmpDhCb	(	HITLS_Config *	config,
		HITLS_DhTmpCb	callback )

Set the TmpDh callback, cb can be NULL.

参数

config	[OUT] Config Context.
callback	[IN] TmpDh Callback.

返回值

HITLS_NULL_INPUT,the	input parameter pointer is null.
HITLS_SUCCESS,if	successful.

◆ HITLS_CFG_SetVerifyNoneSupport()

int32_t HITLS_CFG_SetVerifyNoneSupport	(	HITLS_Config *	config,
		bool	support )

Sets whether to support not perform dual-ended verification

参数

config	[IN] Config handle
support	[IN] True: yes; False: no.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetVersion()

int32_t HITLS_CFG_SetVersion	(	HITLS_Config *	config,
		uint16_t	minVersion,
		uint16_t	maxVersion )

Set the supported version number range.

参数

config	[OUT] Config handle
minVersion	[IN] Minimum version number
maxVersion	[IN] Maximum version number

注意: The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2. HITLS_CFG_NewDTLSConfig, HITLS_CFG_NewTLSConfig can be used with full configuration interfaces. If TLS full configuration is configured, only the TLS version can be set. If DTLS full configuration is configured, only the DTLS version can be set.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetVersionForbid()

int32_t HITLS_CFG_SetVersionForbid	(	HITLS_Config *	config,
		uint32_t	noVersion )

Setting the disabled version number.

参数

config	[OUT] Config handle
noversion	[IN] Disabled version number.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_SetVersionSupport()

int32_t HITLS_CFG_SetVersionSupport	(	HITLS_Config *	config,
		uint32_t	version )

Set the supported version number.

参数

config	[OUT] Config handle
version	[IN] Supported version number.

注意: The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2 is supported. This function is used together with the full configuration interfaces, such as HITLS_CFG_NewDTLSConfig and HITLS_CFG_NewTLSConfig. If the TLS full configuration is configured, only the TLS version can be set. If full DTLS configuration is configured, only the DTLS version can be set. The versions must be consecutive. By default, the minimum and maximum versions are supported.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CFG_UpRef()

int32_t HITLS_CFG_UpRef ( HITLS_Config * config )

The reference counter of config increases by 1.

参数

config [OUT] Config handle.

返回值

HITLS_SUCCESS,if	successful.
HITLS_NULL_INPUT,config	is null.

◆ HITLS_CIPHER_IsAead()

int32_t HITLS_CIPHER_IsAead	(	const HITLS_Cipher *	cipher,
		bool *	isAead )

Determine whether to use the AEAD algorithm based on the cipher suite information.

参数

cipher	[IN] Cipher suite information
isAead	[OUT] Indicates whether to use the AEAD algorithm.

返回: HITLS_SUCCESS, obtained successfully. HITLS_NULL_INPUT, the input parameter pointer is null.

宏定义

类型定义

枚举

函数

详细描述

类型定义说明

◆ HITLS_ClientHelloCb

◆ HITLS_ConfigUserDataFreeCb

◆ HITLS_DhTmpCb

◆ HITLS_DtlsTimerCb

◆ HITLS_RecordPaddingCb

函数说明

◆ HITLS_CFG_AddCAIndication()

◆ HITLS_CFG_ClearCAList()

◆ HITLS_CFG_ClearModeSupport()

◆ HITLS_CFG_ClearTLS13CipherSuites()

◆ HITLS_CFG_EnableTls13SM()

◆ HITLS_CFG_FreeConfig()

◆ HITLS_CFG_GetAuthId()

◆ HITLS_CFG_GetCAList()

◆ HITLS_CFG_GetCipherByID()

◆ HITLS_CFG_GetCipherId()

◆ HITLS_CFG_GetCipherServerPreference()

◆ HITLS_CFG_GetCipherSuite()

◆ HITLS_CFG_GetCipherSuiteByStdName()

◆ HITLS_CFG_GetCipherSuiteName()

◆ HITLS_CFG_GetCipherSuites()

◆ HITLS_CFG_GetCipherSuiteStdName()

◆ HITLS_CFG_GetCipherVersion()

◆ HITLS_CFG_GetClientOnceVerifySupport()

◆ HITLS_CFG_GetClientRenegotiateSupport()

◆ HITLS_CFG_GetClientVerifySupport()

◆ HITLS_CFG_GetConfigUserData()

◆ HITLS_CFG_GetDescription()

◆ HITLS_CFG_GetDhAutoSupport()

◆ HITLS_CFG_GetDtlsCookieExchangeSupport()

◆ HITLS_CFG_GetEmptyRecordsNum()

◆ HITLS_CFG_GetEncryptThenMac()

◆ HITLS_CFG_GetExtendedMasterSecretMode()

◆ HITLS_CFG_GetExtendedMasterSecretSupport()

◆ HITLS_CFG_GetFlightTransmitSwitch()

◆ HITLS_CFG_GetHashId()

◆ HITLS_CFG_GetKeyExchId()

◆ HITLS_CFG_GetKeyExchMode()

◆ HITLS_CFG_GetMacId()

◆ HITLS_CFG_GetMaxCertList()

◆ HITLS_CFG_GetMaxSendFragment()

◆ HITLS_CFG_GetMaxVersion()

◆ HITLS_CFG_GetMinVersion()

◆ HITLS_CFG_GetModeSupport()

◆ HITLS_CFG_GetNoClientCertSupport()

◆ HITLS_CFG_GetPostHandshakeAuthSupport()

◆ HITLS_CFG_GetQuietShutdown()

◆ HITLS_CFG_GetReadAhead()

◆ HITLS_CFG_GetRecInbufferSize()

◆ HITLS_CFG_GetRecordPaddingCb()

◆ HITLS_CFG_GetRecordPaddingCbArg()

◆ HITLS_CFG_GetRecordSizeLimit()

◆ HITLS_CFG_GetRenegotiationSupport()

◆ HITLS_CFG_GetResumptionOnRenegoSupport()

◆ HITLS_CFG_GetVerifyNoneSupport()

◆ HITLS_CFG_GetVersionSupport()

◆ HITLS_CFG_IsDtls()

◆ HITLS_CFG_NewDTLCPConfig()

◆ HITLS_CFG_NewDTLS12Config()

◆ HITLS_CFG_NewDTLSConfig()

◆ HITLS_CFG_NewTLCPConfig()

◆ HITLS_CFG_NewTLS12Config()

◆ HITLS_CFG_NewTLS13Config()

◆ HITLS_CFG_NewTLSConfig()

◆ HITLS_CFG_ProviderNewDTLCPConfig()

◆ HITLS_CFG_ProviderNewDTLS12Config()

◆ HITLS_CFG_ProviderNewDTLSConfig()

◆ HITLS_CFG_ProviderNewTLCPConfig()

◆ HITLS_CFG_ProviderNewTLS12Config()

◆ HITLS_CFG_ProviderNewTLS13Config()

◆ HITLS_CFG_ProviderNewTLSConfig()

◆ HITLS_CFG_SetCAList()

◆ HITLS_CFG_SetCheckKeyUsage()

◆ HITLS_CFG_SetCipherServerPreference()