API参考
载入中...
搜索中...
未找到
tls
tls 的协作图:

专题

 Hitls_alpn
 TLS ALPN related type
 Hitls_cert
 TLS Certificate Operation Interface
 Hitls_cert_init
 TLS certificate abstraction layer initialization
 Hitls_cert_type
 Structures related to a certificate
 Hitls_config
 TLS parameter configuration
 Hitls_cookie
 DTLS cookie generation and verification callbacks.
 Hitls_crypt_init
 algorithm abstraction layer initialization
 Hitls_crypt_reg
 Algorithm related interfaces to be registered
 Hitls_custom_extensions
 TLS Custom Extensions
 Hitls_errno
 error module
 Hitls_psk
 Basic functions for link establishment based on PSK
 Hitls_security
 TLS security features
 Hitls_session
 TLS session
 Hitls_sni
 TLS SNI correlation type
 Hitls_type
 TLS type definition, provides the TLS type required by the user

函数

HITLS_CtxHITLS_New (HITLS_Config *config)
 Create a TLS object and deep copy the HITLS_Config to the HITLS_Ctx.
void HITLS_Free (HITLS_Ctx *ctx)
 Release the TLS connection.
int32_t HITLS_Clear (HITLS_Ctx *ctx)
 Reset the TLS handle to allow it to be used for another connection.
int32_t HITLS_SetUio (HITLS_Ctx *ctx, BSL_UIO *uio)
 Set the UIO object for the HiTLS context.
int32_t HITLS_SetReadUio (HITLS_Ctx *ctx, BSL_UIO *uio)
 Read UIO for the HiTLS context.
BSL_UIOHITLS_GetUio (const HITLS_Ctx *ctx)
 Obtain the UIO object from the HiTLS context.
BSL_UIOHITLS_GetReadUio (const HITLS_Ctx *ctx)
 Obtain the UIO object of the read data.
int32_t HITLS_Connect (HITLS_Ctx *ctx)
 The client starts the handshake with the TLS server.
int32_t HITLS_SetEndPoint (HITLS_Ctx *ctx, bool isClient)
 Set the initial status of the connection.
int32_t HITLS_Accept (HITLS_Ctx *ctx)
 The server waits for the client to start handshake.
int32_t HITLS_Listen (HITLS_Ctx *ctx, BSL_SAL_SockAddr clientAddr)
 The server statelessly listens for new incoming DTLS connections.
int32_t HITLS_Read (HITLS_Ctx *ctx, uint8_t *data, uint32_t bufSize, uint32_t *readLen)
 Read application data
int32_t HITLS_Peek (HITLS_Ctx *ctx, uint8_t *data, uint32_t bufSize, uint32_t *readLen)
 read application data from a TLS/SSL connection
int32_t HITLS_Write (HITLS_Ctx *ctx, const uint8_t *data, uint32_t dataLen, uint32_t *writeLen)
 Write data.
int32_t HITLS_GetMaxWriteSize (const HITLS_Ctx *ctx, uint32_t *len)
 Obtain the maximum writable (plaintext) length.
void * HITLS_GetUserData (const HITLS_Ctx *ctx)
 Obtain user data from the HiTLS context. This interface is called in the callback registered with the HiTLS.
int32_t HITLS_SetUserData (HITLS_Ctx *ctx, void *userData)
 Save the user data in the HiTLS context, which can be obtained from the callback registered with the HiTLS.
int32_t HITLS_Close (HITLS_Ctx *ctx)
 Close the TLS connection.
int32_t HITLS_SetShutdownState (HITLS_Ctx *ctx, uint32_t mode)
 Set the shutdown status of the TLS link.
int32_t HITLS_GetShutdownState (const HITLS_Ctx *ctx, uint32_t *mode)
 Obtain the shutdown status of the TLS link.
int32_t HITLS_GetNegotiatedVersion (const HITLS_Ctx *ctx, uint16_t *version)
 Obtain the HiTLS negotiation version.
int32_t HITLS_GetMaxProtoVersion (const HITLS_Ctx *ctx, uint16_t *maxVersion)
 Obtain the latest protocol version.
int32_t HITLS_GetMinProtoVersion (const HITLS_Ctx *ctx, uint16_t *minVersion)
 Obtain the latest protocol version.
int32_t HITLS_SetMinProtoVersion (HITLS_Ctx *ctx, uint16_t version)
 Set the minimum protocol version based on the specified version.
int32_t HITLS_SetMaxProtoVersion (HITLS_Ctx *ctx, uint16_t version)
 Set the maximum protocol version that is supported based on the specified version.
int32_t HITLS_IsAead (const HITLS_Ctx *ctx, bool *isAead)
 Obtain whether to use the AEAD algorithm.
int32_t HITLS_IsDtls (const HITLS_Ctx *ctx, bool *isDtls)
 Check whether DTLS is used.
int32_t HITLS_SetErrorCode (HITLS_Ctx *ctx, int32_t errorCode)
 Record the error value of the HiTLS link.
int32_t HITLS_GetErrorCode (const HITLS_Ctx *ctx)
 Obtain the error value of the HiTLS link.
int32_t HITLS_IsHandShakeDone (const HITLS_Ctx *ctx, uint8_t *isDone)
 Obtain the information about whether the handshake is complete.
int32_t HITLS_IsServer (const HITLS_Ctx *ctx, bool *isServer)
 Indicates whether the HiTLS object functions as the server.
int32_t HITLS_ReadHasPending (const HITLS_Ctx *ctx, bool *isPending)
 Check the HiTLS object in the read cache. (including processed and unprocessed data, excluding the network layer) Whether there is data
uint32_t HITLS_GetReadPendingBytes (const HITLS_Ctx *ctx)
 Obtain the number of bytes of application data to be read from the current record from the HiTLS object.
int32_t HITLS_GetPeerSignScheme (const HITLS_Ctx *ctx, HITLS_SignHashAlgo *peerSignScheme)
 Obtain the signature hash algorithm used by the peer end.
int32_t HITLS_GetLocalSignScheme (const HITLS_Ctx *ctx, HITLS_SignHashAlgo *localSignScheme)
 Obtain the signature hash algorithm used by the local end.
int32_t HITLS_GetSharedSigAlgs (const HITLS_Ctx *ctx, int32_t idx, uint16_t *signatureScheme, int32_t *keyType, int32_t *paraId)
 Get shared signature algorithms (negotiated)
int32_t HITLS_SetEcGroups (HITLS_Ctx *ctx, uint16_t *lst, uint32_t groupSize)
 Set the group supported by the hitls object.
int32_t HITLS_SetGroupList (HITLS_Ctx *ctx, const char *groups, uint32_t groupNamesLen)
 Set the group supported during key exchange, the group supported by HiTLS can be queried in HITLS_NamedGroup.
int32_t HITLS_SetSigalgsList (HITLS_Ctx *ctx, const uint16_t *signAlgs, uint16_t signAlgsSize)
 Set the signature algorithm supported by the hitls object.
int32_t HITLS_SetEcPointFormats (HITLS_Ctx *ctx, const uint8_t *pointFormats, uint32_t pointFormatsSize)
 Set the EC point format of the hitls.
int32_t HITLS_SetClientVerifySupport (HITLS_Ctx *ctx, bool support)
 Set whether to verify the client certificate.
int32_t HITLS_SetNoClientCertSupport (HITLS_Ctx *ctx, bool support)
 Set whether to support the function without the client certificate, Takes effect only when the client certificate is verified. Client: This setting has no impact Server: When an NULL certificate is received from the client, indicates whether the certificate passes the verification, the verification fails by default.
int32_t HITLS_SetPostHandshakeAuthSupport (HITLS_Ctx *ctx, bool support)
 Set whether to support post-handshake AUTH.
int32_t HITLS_SetVerifyNoneSupport (HITLS_Ctx *ctx, bool support)
 Set whether to support do not proceed dual-ended verification.
int32_t HITLS_SetClientOnceVerifySupport (HITLS_Ctx *ctx, bool support)
 Set whether the client certificate can be requested only once.
const HITLS_ConfigHITLS_GetConfig (const HITLS_Ctx *ctx)
 Obtain the value of hitlsConfig.
HITLS_ConfigHITLS_GetGlobalConfig (const HITLS_Ctx *ctx)
 Obtain the point of GlobalConfig
int32_t HITLS_ClearTLS13CipherSuites (HITLS_Ctx *ctx)
 Clears the configured TLS1.3 cipher suite.
int32_t HITLS_SetCipherSuites (HITLS_Ctx *ctx, const uint16_t *cipherSuites, uint32_t cipherSuitesSize)
 Set the supported cipher suites. The sequence of the cipher suites affects the priority of the selected cipher suites. The cipher suites with the highest priority are selected first.
int32_t HITLS_GetCipherSuites (HITLS_Ctx *ctx, uint16_t *data, uint32_t dataLen, uint32_t *cipherSuitesSize)
 Get the supported cipher suites array.
int32_t HITLS_GetClientCipherSuites (HITLS_Ctx *ctx, uint16_t *data, uint32_t dataLen, uint32_t *cipherSuitesSize)
 Get the received cipher suites array from the client.
const HITLS_CipherHITLS_GetCurrentCipher (const HITLS_Ctx *ctx)
 Obtain the negotiated cipher suite pointer.
HITLS_CIPHER_List * HITLS_GetSupportedCiphers (const HITLS_Ctx *ctx)
 Obtain the supported cipher suites list for HITLS_Ctx.
int32_t HITLS_GetHsRandom (const HITLS_Ctx *ctx, uint8_t *out, uint32_t *outlen, bool isClient)
 Obtain the random number of the client and server during the handshake.
int32_t HITLS_GetHandShakeState (const HITLS_Ctx *ctx, uint32_t *state)
 Obtain the current handshake status.
const char * HITLS_GetStateString (uint32_t state)
 Obtain the handshake status character string.
int32_t HITLS_IsHandShaking (const HITLS_Ctx *ctx, bool *isHandShaking)
 Check whether a handshake is being performed.
int32_t HITLS_GetRenegotiationSupport (const HITLS_Ctx *ctx, bool *isSupportRenegotiation)
 Obtain whether renegotiation is supported.
int32_t HITLS_IsBeforeHandShake (const HITLS_Ctx *ctx, bool *isBefore)
 Check whether the handshake has not been performed.
int32_t HITLS_SetLinkMtu (HITLS_Ctx *ctx, uint16_t linkMtu)
 Set the MTU of Data Link layer.
int32_t HITLS_SetMtu (HITLS_Ctx *ctx, uint16_t mtu)
 Set the MTU of a path.
int32_t HITLS_SetNoQueryMtu (HITLS_Ctx *ctx, bool noQueryMtu)
 Set the option that don't query mtu from the bio.
int32_t HITLS_GetNeedQueryMtu (HITLS_Ctx *ctx, bool *needQueryMtu)
 Querying whether the EMSGSIZE error occur and mtu need be modified
int32_t HITLS_GetClientVersion (const HITLS_Ctx *ctx, uint16_t *clientVersion)
 Obtain the version number set by the client in ClientHello.
int32_t HITLS_DoHandShake (HITLS_Ctx *ctx)
 The client/server starts handshake.
int32_t HITLS_IsClient (const HITLS_Ctx *ctx, bool *isClient)
 Check whether the current end is client.
int32_t HITLS_KeyUpdate (HITLS_Ctx *ctx, uint32_t updateType)
 Set the keyupdate type of the current context and send the keyupdate message.
int32_t HITLS_GetKeyUpdateType (HITLS_Ctx *ctx)
 Return the keyupdate type of the current context.
int32_t HITLS_GetSharedGroup (const HITLS_Ctx *ctx, int32_t nmatch, uint16_t *groupId)
 Obtain the supported peer group or the number of supported peer groups of the nth match. nmatch Value range: - 1 or a positive integer This function can be called only after negotiation and can be called only by the server. If nmatch is a positive integer, check the intersection of groups on the client and server, and return the nmatch group in the intersection by groupId. If the value of nmatch is - 1, the number of intersection groups on the client and server is returned based on groupId.
int32_t HITLS_SetDtlsTimerCb (HITLS_Ctx *ctx, HITLS_DtlsTimerCb cb)
 Set the DTLS timeout interval callback.
int32_t HITLS_GetVersionSupport (const HITLS_Ctx *ctx, uint32_t *version)
 Obtain the supported version number.
int32_t HITLS_SetVersionSupport (HITLS_Ctx *ctx, uint32_t version)
 Set the supported version number.
int32_t HITLS_SetVersion (HITLS_Ctx *ctx, uint32_t minVersion, uint32_t maxVersion)
 Set the supported version number range.
int32_t HITLS_SetVersionForbid (HITLS_Ctx *ctx, uint32_t noVersion)
 Set the version number to be disabled.
int32_t HITLS_SetNeedCheckPmsVersion (HITLS_Ctx *ctx, bool needCheck)
 Sets whether to verify the version in the premaster secret.
int32_t HITLS_SetQuietShutdown (HITLS_Ctx *ctx, int32_t mode)
 Set the silent disconnection mode.
int32_t HITLS_GetQuietShutdown (const HITLS_Ctx *ctx, int32_t *mode)
 Obtain the current silent disconnection mode.
int32_t HITLS_SetDhAutoSupport (HITLS_Ctx *ctx, bool support)
 Sets whether to support the function of automatically selecting DH parameters. If the value is true, the DH parameter is automatically selected based on the length of the certificate private key. If the value is false, the DH parameter needs to be set.
int32_t HITLS_SetTmpDh (HITLS_Ctx *ctx, HITLS_CRYPT_Key *dhPkey)
 Set the DH parameter specified by the user.
int32_t HITLS_SetTmpDhCb (HITLS_Ctx *ctx, HITLS_DhTmpCb callback)
 Set the TmpDh callback function.
int32_t HITLS_SetRecordPaddingCb (HITLS_Ctx *ctx, HITLS_RecordPaddingCb callback)
 Sets the RecordPadding callback.
HITLS_RecordPaddingCb HITLS_GetRecordPaddingCb (HITLS_Ctx *ctx)
 Obtains the RecordPadding callback function.
int32_t HITLS_SetRecordPaddingCbArg (HITLS_Ctx *ctx, void *arg)
 Sets the parameters arg required by the RecordPadding callback function.
void * HITLS_GetRecordPaddingCbArg (HITLS_Ctx *ctx)
 Obtains the parameter arg required by the RecordPadding callback function.
int32_t HITLS_GetPeerFinishVerifyData (const HITLS_Ctx *ctx, void *buf, uint32_t bufLen, uint32_t *dataLen)
 Obtain the verification data and length of the peer end based on the received finished message.
int32_t HITLS_SetCheckKeyUsage (HITLS_Ctx *ctx, bool isCheck)
 Disables the verification of keyusage in the certificate. This function is enabled by default.
int32_t HITLS_GetFinishVerifyData (const HITLS_Ctx *ctx, void *buf, uint32_t bufLen, uint32_t *dataLen)
 Obtain the verification data and length of the local end based on the sent finished message.
int32_t HITLS_GetSecureRenegotiationSupport (const HITLS_Ctx *ctx, bool *isSecureRenegotiation)
 Obtains whether security renegotiation is supported.
int32_t HITLS_Renegotiate (HITLS_Ctx *ctx)
 Perform renegotiation.
int32_t HITLS_GetRenegotiationState (const HITLS_Ctx *ctx, bool *isRenegotiationState)
 Obtain the current is whether in the renegotiation state.
int32_t HITLS_GetRwstate (const HITLS_Ctx *ctx, uint8_t *rwstate)
 Obtain the current internal status.
int32_t HITLS_GetClientVerifySupport (HITLS_Ctx *ctx, bool *isSupport)
 Check whether the client certificate can be verified.
int32_t HITLS_GetNoClientCertSupport (HITLS_Ctx *ctx, bool *isSupport)
 Check whether no client certificate is supported, This command is valid only when client certificate verification is enabled.
int32_t HITLS_GetPostHandshakeAuthSupport (HITLS_Ctx *ctx, bool *isSupport)
 Query whether post-handshake AUTH is supported
int32_t HITLS_GetVerifyNoneSupport (HITLS_Ctx *ctx, bool *isSupport)
 Query if support is available for not performing dual-end verification.
int32_t HITLS_GetClientOnceVerifySupport (HITLS_Ctx *ctx, bool *isSupport)
 Query whether the client certificate can be requested only once.
int32_t HITLS_ClearRenegotiationNum (HITLS_Ctx *ctx, uint32_t *renegotiationNum)
 Clears the renegotiation count.
int32_t HITLS_GetNegotiateGroup (const HITLS_Ctx *ctx, uint16_t *group)
 Obtain the negotiated group information.
int32_t HITLS_SetModeSupport (HITLS_Ctx *ctx, uint32_t mode)
 Set the function to support the specified feature.
int32_t HITLS_ClearModeSupport (HITLS_Ctx *ctx, uint32_t mode)
 Function to clear the specified feature.
int32_t HITLS_GetModeSupport (const HITLS_Ctx *ctx, uint32_t *mode)
 Obtains the functional characteristics mode in the config.
int32_t HITLS_SetEncryptThenMac (HITLS_Ctx *ctx, bool encryptThenMacType)
 Setting the Encrypt-Then-Mac mode.
int32_t HITLS_GetEncryptThenMac (const HITLS_Ctx *ctx, bool *encryptThenMacType)
 Obtains the Encrypt-Then-Mac type
int32_t HITLS_SetServerName (HITLS_Ctx *ctx, uint8_t *serverName, uint32_t serverNameStrlen)
 Setting the value of server_name.
int32_t HITLS_SetCipherServerPreference (HITLS_Ctx *ctx, bool isSupport)
 The algorithm suite can be preferentially selected from the algorithm list supported by the server.
int32_t HITLS_GetCipherServerPreference (const HITLS_Ctx *ctx, bool *isSupport)
 Obtains whether the current cipher suite supports preferential selection from the list of algorithms supported by the server.
int32_t HITLS_SetRenegotiationSupport (HITLS_Ctx *ctx, bool isSupport)
 Sets whether to support renegotiation.
int32_t HITLS_SetClientRenegotiateSupport (HITLS_Ctx *ctx, bool isSupport)
 Set whether to allow a renegotiate request from the client
int32_t HITLS_SetLegacyRenegotiateSupport (HITLS_Ctx *ctx, bool isSupport)
 Set whether to abort handshake when server doesn't support SecRenegotiation
int32_t HITLS_SetSessionTicketSupport (HITLS_Ctx *ctx, bool isSupport)
 Sets whether to support session tickets.
int32_t HITLS_GetSessionTicketSupport (const HITLS_Ctx *ctx, bool *isSupport)
 Check whether the session ticket is supported.
int32_t HITLS_SetDtlsCookieExangeSupport (HITLS_Ctx *ctx, bool isSupport)
 Sets whether to perform cookie exchange in the dtls.
int32_t HITLS_GetDtlsCookieExangeSupport (const HITLS_Ctx *ctx, bool *isSupport)
 Querying whether the DTLS performs cookie exchange.
int32_t HITLS_SetFlightTransmitSwitch (HITLS_Ctx *ctx, bool isEnable)
 Sets whether to send handshake messages by flight distance.
int32_t HITLS_GetFlightTransmitSwitch (const HITLS_Ctx *ctx, bool *isEnable)
 Obtains the status of whether to send handshake information according to the flight distance.
int32_t HITLS_SetEmptyRecordsNum (HITLS_Ctx *ctx, uint32_t emptyNum)
 set the max empty records number can be received
int32_t HITLS_SetMaxSendFragment (HITLS_Ctx *ctx, uint16_t maxSendFragment)
 set the max send fragment to restrict the amount of plaintext bytes in any record
int32_t HITLS_GetMaxSendFragment (const HITLS_Ctx *ctx, uint16_t *maxSendFragment)
 Obtain the max send fragment to restrict the amount of plaintext bytes in any record
int32_t HITLS_SetRecInbufferSize (HITLS_Ctx *ctx, uint32_t recInbufferSize)
 Set the rec inbuffer inital size
int32_t HITLS_GetRecInbufferSize (const HITLS_Ctx *ctx, uint32_t *recInbufferSize)
 Obtain the rec inbuffer inital size
int32_t HITLS_GetEmptyRecordsNum (const HITLS_Ctx *ctx, uint32_t *emptyNum)
 Obtain the max empty records number can be received
int32_t HITLS_SetMaxCertList (HITLS_Ctx *ctx, uint32_t maxSize)
 Sets the maximum size of the certificate chain that can be sent from the peer end.
int32_t HITLS_GetMaxCertList (const HITLS_Ctx *ctx, uint32_t *maxSize)
 Obtains the maximum size of the certificate chain that can be sent by the peer end.
int32_t HITLS_ExportKeyingMaterial (HITLS_Ctx *ctx, uint8_t *out, size_t outLen, const char *label, size_t labelLen, const uint8_t *context, size_t contextLen, int32_t useContext)
 This API is designed for upper layer applications to export key materials based on RFC5705 (version < tls1.2) or RFC8446 (tls1.3).
int32_t HITLS_VerifyClientPostHandshake (HITLS_Ctx *ctx)
 This interface is valid only on the server. When the post-handshake command is configured, the client identity is verified through this interface.
int32_t HITLS_SetKeepPeerCertificate (HITLS_Ctx *ctx, bool isKeepPeerCert)
 Set whether to save the peer certificate.
int32_t HITLS_SetRecordSizeLimit (HITLS_Ctx *ctx, uint16_t recordSize)
 The default record size limit is 0 to unsupport the record size limit extension (RFC 8449). If negotiated, it is used only to limit the size of records sent by the peer in the receive direction. However, the record size sent to the peer is limited by the record size limit value of the peer.
int32_t HITLS_GetRecordSizeLimit (HITLS_Ctx *ctx, uint16_t *recordSize)
 Obtains the record size limit value of ctx.
int32_t HITLS_ClientHelloGetLegacyVersion (HITLS_Ctx *ctx, uint16_t *version)
 Obtain the legacy version from client hello.
int32_t HITLS_ClientHelloGetRandom (HITLS_Ctx *ctx, uint8_t **out, uint8_t *outlen)
 Obtain the random value from client hello.
int32_t HITLS_ClientHelloGetSessionID (HITLS_Ctx *ctx, uint8_t **out, uint8_t *outlen)
 Obtain the session ID from client hello.
int32_t HITLS_ClientHelloGetCiphers (HITLS_Ctx *ctx, uint16_t **out, uint16_t *outlen)
 Obtain the cipher suites from client hello.
int32_t HITLS_ClientHelloGetExtensionsPresent (HITLS_Ctx *ctx, uint16_t **out, uint8_t *outlen)
 Obtain the all extension types from client hello.
int32_t HITLS_ClientHelloGetExtension (HITLS_Ctx *ctx, uint16_t type, uint8_t **out, uint32_t *outlen)
 Obtain a specific extension from client hello.
int32_t HITLS_DtlsProcessTimeout (HITLS_Ctx *ctx)
 Handle the timeout of sending and receiving DTLS messages.
int32_t HITLS_DtlsGetTimeout (HITLS_Ctx *ctx, uint64_t *remainTimeOut)
 Get the remaining timeout time for timeout retransmission.
int32_t HITLS_SetMiddleBoxCompat (HITLS_Ctx *ctx, bool isMiddleBox)
 Sets whether to support middle box compat mode.
int32_t HITLS_GetMiddleBoxCompat (HITLS_Ctx *ctx, bool *isMiddleBox)
 Obtain whether middle box compat mode is supported.
int32_t HITLS_GetOutPendingSize (const HITLS_Ctx *ctx, uint32_t *size)
 Obtain the record out buffer remaining size
int32_t HITLS_Flush (HITLS_Ctx *ctx)
 Flush the record out buffer
int32_t HITLS_SetExtendedMasterSecretSupport (HITLS_Ctx *ctx, bool support)
 Sets whether to forcibly support extended master keys.
int32_t HITLS_GetExtendedMasterSecretSupport (HITLS_Ctx *ctx, bool *isSupport)
 Query whether extended master keys are supported.
int32_t HITLS_SetExtendedMasterSecretMode (HITLS_Ctx *ctx, int32_t mode)
 Set extended master secret mode.
int32_t HITLS_GetExtendedMasterSecretMode (HITLS_Ctx *ctx, int32_t *mode)
 Get extended master secret mode.
int32_t HITLS_SetResumptionOnRenegoSupport (HITLS_Ctx *ctx, bool support)
 Set whether to support session restoration during renegotiation. By default, session restoration is not supported.
int32_t HITLS_GetResumptionOnRenegoSupport (HITLS_Ctx *ctx, bool *isSupport)
 Get whether to support session restoration during renegotiation. By default, session restoration is not supported.
int32_t HITLS_GetClientRenegotiateSupport (HITLS_Ctx *ctx, bool *isSupport)
 Get whether to allow a renegotiate request from the client
int32_t HITLS_CFG_SetMiddleBoxCompat (HITLS_Config *config, bool isMiddleBox)
 Sets whether to support middle box compat mode.
int32_t HITLS_CFG_GetMiddleBoxCompat (HITLS_Config *config, bool *isMiddleBox)
 Obtain whether middle box compat mode is supported.

详细描述

函数说明

◆ HITLS_Accept()

int32_t HITLS_Accept ( HITLS_Ctx * ctx)

The server waits for the client to start handshake.

The server waits for the client to initiate the handshake. The UIO object must be created and bound to the HiTLS context.
HITLS_Accept is designed for non-blocking interfaces. If the handshake cannot be continued, the system returns. The return value is not success. If the return value is HITLS_REC_NORMAL_RECV_BUF_EMPTY or HITLS_REC_NORMAL_IO_BUSY, no fatal error occurs. Problems such as network congestion or network delay may occur. You can continue to call HITLS_Accept. Note that if the UIO is blocked, the HITLS_Accept will also be blocked, but the processing of the returned value is the same.

注意
Only the server calls this API.
参数
ctx[IN] TLS connection handle.
返回值
HITLS_SUCCESS,thehandshake is successful.
HITLS_REC_NORMAL_RECV_BUF_EMPTY,recordThe receiving buffer is NULL and the handshake can continue.
HITLS_REC_NORMAL_IO_BUSY,thenetwork I/O is busy and needs to wait for the next sending. You can continue the handshake.
Forother error codes, see hitls_error.h.

◆ HITLS_CFG_GetMiddleBoxCompat()

int32_t HITLS_CFG_GetMiddleBoxCompat ( HITLS_Config * config,
bool * isMiddleBox )

Obtain whether middle box compat mode is supported.

参数
config[IN] Config context
isMiddleBox[OUT] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_CFG_SetMiddleBoxCompat()

int32_t HITLS_CFG_SetMiddleBoxCompat ( HITLS_Config * config,
bool isMiddleBox )

Sets whether to support middle box compat mode.

参数
config[OUT] Config context
isMiddleBox[IN] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_Clear()

int32_t HITLS_Clear ( HITLS_Ctx * ctx)

Reset the TLS handle to allow it to be used for another connection.

参数
ctx[IN] TLS connection handle.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_ClearModeSupport()

int32_t HITLS_ClearModeSupport ( HITLS_Ctx * ctx,
uint32_t mode )

Function to clear the specified feature.

参数
ctx[OUT] TLS Connection Handle
mode[IN] Mode features to clear.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is null.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_ClearRenegotiationNum()

int32_t HITLS_ClearRenegotiationNum ( HITLS_Ctx * ctx,
uint32_t * renegotiationNum )

Clears the renegotiation count.

参数
ctx[IN] hitls context.
renegotiationNum[OUT] Number of incoming renegotiations.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClearTLS13CipherSuites()

int32_t HITLS_ClearTLS13CipherSuites ( HITLS_Ctx * ctx)

Clears the configured TLS1.3 cipher suite.

参数
ctx[IN] TLS connection handle.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetCiphers()

int32_t HITLS_ClientHelloGetCiphers ( HITLS_Ctx * ctx,
uint16_t ** out,
uint16_t * outlen )

Obtain the cipher suites from client hello.

注意
This interface is valid only in client hello callback.
参数
ctx[IN] TLS connection handle.
out[OUT] Pointer to the output buffer for cipher suites.
outlen[OUT] Length of the output buffer.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetExtension()

int32_t HITLS_ClientHelloGetExtension ( HITLS_Ctx * ctx,
uint16_t type,
uint8_t ** out,
uint32_t * outlen )

Obtain a specific extension from client hello.

注意
This interface is valid only in client hello callback.
参数
ctx[IN] TLS connection handle.
type[IN] Type of the extension to be obtained.
out[OUT] Pointer to the output buffer for the extension.
outlen[OUT] Length of the output buffer.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetExtensionsPresent()

int32_t HITLS_ClientHelloGetExtensionsPresent ( HITLS_Ctx * ctx,
uint16_t ** out,
uint8_t * outlen )

Obtain the all extension types from client hello.

注意
This interface is valid only in client hello callback.
the caller must release the storage allocated for *out using BSL_SAL_FREE().
参数
ctx[IN] TLS connection handle.
out[OUT] Pointer to the output buffer for all extensions.
outlen[OUT] Length of the output buffer.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetLegacyVersion()

int32_t HITLS_ClientHelloGetLegacyVersion ( HITLS_Ctx * ctx,
uint16_t * version )

Obtain the legacy version from client hello.

注意
This interface is valid only in client hello callback.
参数
ctx[IN] TLS connection handle.
version[OUT] Pointer to the output buffer for legacy version.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetRandom()

int32_t HITLS_ClientHelloGetRandom ( HITLS_Ctx * ctx,
uint8_t ** out,
uint8_t * outlen )

Obtain the random value from client hello.

注意
This interface is valid only in client hello callback.
参数
ctx[IN] TLS connection handle.
out[OUT] Pointer to the output buffer for random value.
outlen[IN] Length of the output buffer.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_ClientHelloGetSessionID()

int32_t HITLS_ClientHelloGetSessionID ( HITLS_Ctx * ctx,
uint8_t ** out,
uint8_t * outlen )

Obtain the session ID from client hello.

注意
This interface is valid only in client hello callback.
参数
ctx[IN] TLS connection handle.
out[OUT] Pointer to the output buffer for session ID.
outlen[OUT] Length of the output buffer.
返回值
HITLS_SUCCESS,ifsuccessful. For details about other error codes, see hitls_error.h.

◆ HITLS_Close()

int32_t HITLS_Close ( HITLS_Ctx * ctx)

Close the TLS connection.

Description:
If the peer end is not closed, the system sends a closed notify message to the peer end. HITLS_Close must not be called if a fatal error has occurred on the link.
参数
ctx[IN] TLS connection handle.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_Connect()

int32_t HITLS_Connect ( HITLS_Ctx * ctx)

The client starts the handshake with the TLS server.

Starting the handshake with the TLS server using HITLS_Connect. The UIO object must be created and bound to the HiTLS context. HITLS_Connect is designed as a non-blocking interface. If the handshake cannot be continued, the returned value will not be HITLS_SUCCESS. If the return value is HITLS_REC_NORMAL_RECV_BUF_EMPTY or HITLS_REC_NORMAL_IO_BUSY, no fatal error occurs. Problems such as network congestion or network delay may occur. You can continue to call HITLS_Connect. Note that if UIO is blocked, HITLS_Connect will also block, but the return value is processed in the same way.

注意
Only clients can call this interface.
参数
ctx[IN] TLS connection handle.
返回值
HITLS_SUCCESS
HITLS_REC_NORMAL_RECV_BUF_EMPTY,recordThe receiving buffer is NULL and the handshake can be continued.
HITLS_REC_NORMAL_IO_BUSY,thenetwork I/O is busy and needs to wait for the next sending. You can continue the handshake.
Forother error codes, see hitls_error.h.

◆ HITLS_DoHandShake()

int32_t HITLS_DoHandShake ( HITLS_Ctx * ctx)

The client/server starts handshake.

注意
In the IDLE state, the HITLS_SetEndPoint must be called first.
参数
ctx[IN] TLS connection handle
返回
HITLS_SUCCESS, obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_DtlsGetTimeout()

int32_t HITLS_DtlsGetTimeout ( HITLS_Ctx * ctx,
uint64_t * remainTimeOut )

Get the remaining timeout time for timeout retransmission.

参数
ctx[IN] TLS Connection Handle
remainTimeOut[OUT] remaining timeout time for timeout retransmission, unit: us
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_MSG_HANDLE_ERR_WITHOUT_TIMEOUT_ACTION,Indicatesnon UDP links or absence of timeout behavior.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_DtlsProcessTimeout()

int32_t HITLS_DtlsProcessTimeout ( HITLS_Ctx * ctx)

Handle the timeout of sending and receiving DTLS messages.

参数
ctx[IN] TLS Connection Handle
返回值
HITLS_SUCCESS,ifretransmit the message successful.
HITLS_MSG_HANDLE_DTLS_RETRANSMIT_NOT_TIMEOUT,Ithasn't timed out yet.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_ExportKeyingMaterial()

int32_t HITLS_ExportKeyingMaterial ( HITLS_Ctx * ctx,
uint8_t * out,
size_t outLen,
const char * label,
size_t labelLen,
const uint8_t * context,
size_t contextLen,
int32_t useContext )

This API is designed for upper layer applications to export key materials based on RFC5705 (version < tls1.2) or RFC8446 (tls1.3).

参数
ctx[IN] TLS connection handle.
out[OUT] Cache for receiving the exported key.
outLen[IN/OUT] Length of the exported key.
label[IN] Key export parameter.
labelLen[IN] Length of the key export parameter.
context[IN] Key export parameter.
contextLen[IN] Length of the key export parameter.
useContext[IN] Whether to use the context field.
返回值
HITLS_INVALID_INPUT,invalidinput parameter.
HITLS_SUCCESS,ifsuccessful.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_Flush()

int32_t HITLS_Flush ( HITLS_Ctx * ctx)

Flush the record out buffer

参数
ctx[IN] TLS connection handle
返回值
HITLS_SUCCESSOut buffer is empty or flush success
HITLS_REC_NORMAL_IO_BUSYOut buffer is not empty, but the IO operation is busy

◆ HITLS_Free()

void HITLS_Free ( HITLS_Ctx * ctx)

Release the TLS connection.

参数
ctx[IN] TLS connection handle.
返回
void

◆ HITLS_GetCipherServerPreference()

int32_t HITLS_GetCipherServerPreference ( const HITLS_Ctx * ctx,
bool * isSupport )

Obtains whether the current cipher suite supports preferential selection from the list of algorithms supported by the server.

参数
ctx[IN] TLS connection handle.
isSupport[OUT] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetCipherSuites()

int32_t HITLS_GetCipherSuites ( HITLS_Ctx * ctx,
uint16_t * data,
uint32_t dataLen,
uint32_t * cipherSuitesSize )

Get the supported cipher suites array.

参数
ctx[IN] TLS connection handle.
data[OUT] Array for storing cipher suites.
dataLen[IN] Array length.
cipherSuitesSize[OUT] cipher suite array length.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetClientCipherSuites()

int32_t HITLS_GetClientCipherSuites ( HITLS_Ctx * ctx,
uint16_t * data,
uint32_t dataLen,
uint32_t * cipherSuitesSize )

Get the received cipher suites array from the client.

参数
ctx[IN] TLS connection handle.
data[OUT] Array for storing cipher suites.
dataLen[IN] Array length.
cipherSuitesSize[OUT] cipher suite array length.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetClientOnceVerifySupport()

int32_t HITLS_GetClientOnceVerifySupport ( HITLS_Ctx * ctx,
bool * isSupport )

Query whether the client certificate can be requested only once.

参数
ctx[IN] TLS Connection Handle.
isSupport[OUT] Indicates whether the client certificate can be requested only once.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetClientRenegotiateSupport()

int32_t HITLS_GetClientRenegotiateSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Get whether to allow a renegotiate request from the client

参数
ctx[IN] TLS connection handle.
isSupport[OUT] Indicates whether to allow a renegotiate request from the client
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_GetClientVerifySupport()

int32_t HITLS_GetClientVerifySupport ( HITLS_Ctx * ctx,
bool * isSupport )

Check whether the client certificate can be verified.

参数
ctx[IN] TLS connection Handle.
isSupport[OUT] Indicates whether to verify the client certificate.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetClientVersion()

int32_t HITLS_GetClientVersion ( const HITLS_Ctx * ctx,
uint16_t * clientVersion )

Obtain the version number set by the client in ClientHello.

参数
ctx[IN] TLS connection handle
clientVersion[OUT] Obtained version number
返回
HITLS_SUCCESS, obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_GetConfig()

const HITLS_Config * HITLS_GetConfig ( const HITLS_Ctx * ctx)

Obtain the value of hitlsConfig.

参数
ctx[IN] TLS connection handle
返回
NULL, The input parameter pointer is null.
hitlsConfig in ctx.

◆ HITLS_GetCurrentCipher()

const HITLS_Cipher * HITLS_GetCurrentCipher ( const HITLS_Ctx * ctx)

Obtain the negotiated cipher suite pointer.

参数
ctx[IN] TLS connection handle
返回
Pointer to the negotiated cipher suite. NULL, the input parameter pointer is null.

◆ HITLS_GetDtlsCookieExangeSupport()

int32_t HITLS_GetDtlsCookieExangeSupport ( const HITLS_Ctx * ctx,
bool * isSupport )

Querying whether the DTLS performs cookie exchange.

参数
ctx[IN] TLS connection handle.
isSupport[IN] Indicates whether to perform cookie exchange.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetEmptyRecordsNum()

int32_t HITLS_GetEmptyRecordsNum ( const HITLS_Ctx * ctx,
uint32_t * emptyNum )

Obtain the max empty records number can be received

参数
ctx[IN] TLS connection handle.
emptyNum[OUT] Indicates the max number of empty records can be received
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetEncryptThenMac()

int32_t HITLS_GetEncryptThenMac ( const HITLS_Ctx * ctx,
bool * encryptThenMacType )

Obtains the Encrypt-Then-Mac type

参数
ctx[IN] TLS connection Handle.
encryptThenMacType[OUT] Current Encrypt-Then-Mac mode.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetErrorCode()

int32_t HITLS_GetErrorCode ( const HITLS_Ctx * ctx)

Obtain the error value of the HiTLS link.

参数
ctx[OUT] TLS connection handle
返回值
Linkerror value

◆ HITLS_GetExtendedMasterSecretMode()

int32_t HITLS_GetExtendedMasterSecretMode ( HITLS_Ctx * ctx,
int32_t * mode )

Get extended master secret mode.

参数
ctx[IN] TLS connection handle
mode[OUT] EMS mode. See HITLS_EMS_MODE_*.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ifctx or mode is NULL.

◆ HITLS_GetExtendedMasterSecretSupport()

int32_t HITLS_GetExtendedMasterSecretSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Query whether extended master keys are supported.

参数
ctx[IN] TLS connection handle
isSupport[OUT] Indicates whether to support the extended master key.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis NULL.

◆ HITLS_GetFinishVerifyData()

int32_t HITLS_GetFinishVerifyData ( const HITLS_Ctx * ctx,
void * buf,
uint32_t bufLen,
uint32_t * dataLen )

Obtain the verification data and length of the local end based on the sent finished message.

参数
ctx[IN] TLS context
buf[OUT] verify data
bufLen[IN] Length of the buffer to be obtained
dataLen[OUT] Indicates the actual length of the buffer
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetFlightTransmitSwitch()

int32_t HITLS_GetFlightTransmitSwitch ( const HITLS_Ctx * ctx,
bool * isEnable )

Obtains the status of whether to send handshake information according to the flight distance.

参数
ctx[IN] TLS connection handle.
isEnable[OUT] Indicates whether to send handshake information by flight distance
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetGlobalConfig()

HITLS_Config * HITLS_GetGlobalConfig ( const HITLS_Ctx * ctx)

Obtain the point of GlobalConfig

参数
ctx[IN] TLS connection handle
返回
NULL The input parameter pointer is null
GlobalConfig in ctx

◆ HITLS_GetHandShakeState()

int32_t HITLS_GetHandShakeState ( const HITLS_Ctx * ctx,
uint32_t * state )

Obtain the current handshake status.

参数
ctx[IN] TLS connection handle
state[OUT] Current handshake status
返回
HITLS_SUCCESS, Obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_GetHsRandom()

int32_t HITLS_GetHsRandom ( const HITLS_Ctx * ctx,
uint8_t * out,
uint32_t * outlen,
bool isClient )

Obtain the random number of the client and server during the handshake.

参数
ctx[IN] TLS connection handle
out[OUT] Random number obtained
outlen[OUT] Length of the input parameter out. If the length is greater than the maximum random number length, the value will be changed.
isClient[IN] True, obtain the random number of the client. False, obtain the random number of the server.
返回
HITLS_SUCCESS, obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_GetKeyUpdateType()

int32_t HITLS_GetKeyUpdateType ( HITLS_Ctx * ctx)

Return the keyupdate type of the current context.

参数
ctx[IN] TLS connection handle
返回值
KeyUpdateTypein ctx
NULL,theinput parameter pointer is null.

◆ HITLS_GetLocalSignScheme()

int32_t HITLS_GetLocalSignScheme ( const HITLS_Ctx * ctx,
HITLS_SignHashAlgo * localSignScheme )

Obtain the signature hash algorithm used by the local end.

参数
ctx[IN] TLS connection handle
localSignScheme[OUT] Local signature hash algorithm
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_GetMaxCertList()

int32_t HITLS_GetMaxCertList ( const HITLS_Ctx * ctx,
uint32_t * maxSize )

Obtains the maximum size of the certificate chain that can be sent by the peer end.

参数
ctx[IN] TLS connection handle.
maxSize[OUT] Maximum size of the certificate chain that can be sent from the peer end.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetMaxProtoVersion()

int32_t HITLS_GetMaxProtoVersion ( const HITLS_Ctx * ctx,
uint16_t * maxVersion )

Obtain the latest protocol version.

参数
ctx[IN] TLS object
minVersion[OUT] Latest protocol version supported
返回
HITLS_SUCCESS, obtained successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_GetMaxSendFragment()

int32_t HITLS_GetMaxSendFragment ( const HITLS_Ctx * ctx,
uint16_t * maxSendFragment )

Obtain the max send fragment to restrict the amount of plaintext bytes in any record

参数
ctx[IN] TLS connection handle.
maxSendFragment[OUT] Indicates the max send fragment
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetMaxWriteSize()

int32_t HITLS_GetMaxWriteSize ( const HITLS_Ctx * ctx,
uint32_t * len )

Obtain the maximum writable (plaintext) length.

参数
ctx[OUT] TLS connection handle.
len[OUT] Maximum writable plaintext length (within 16 KB)
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_GetMiddleBoxCompat()

int32_t HITLS_GetMiddleBoxCompat ( HITLS_Ctx * ctx,
bool * isMiddleBox )

Obtain whether middle box compat mode is supported.

参数
ctx[IN] TLS connection handle.
isMiddleBox[OUT] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetMinProtoVersion()

int32_t HITLS_GetMinProtoVersion ( const HITLS_Ctx * ctx,
uint16_t * minVersion )

Obtain the latest protocol version.

参数
ctx[IN] TLS object
maxVersion[OUT] Latest protocol version supported
返回
HITLS_SUCCESS, obtained successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_GetModeSupport()

int32_t HITLS_GetModeSupport ( const HITLS_Ctx * ctx,
uint32_t * mode )

Obtains the functional characteristics mode in the config.

参数
ctx[IN] TLS Connection Handle.
mode[OUT] Output parameter for obtaining the mode.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetNeedQueryMtu()

int32_t HITLS_GetNeedQueryMtu ( HITLS_Ctx * ctx,
bool * needQueryMtu )

Querying whether the EMSGSIZE error occur and mtu need be modified

参数
ctx[IN] TLS connection handle.
needQueryMtu[IN] Indicates whether the EMSGSIZE error occur and mtu need be modified
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetNegotiatedVersion()

int32_t HITLS_GetNegotiatedVersion ( const HITLS_Ctx * ctx,
uint16_t * version )

Obtain the HiTLS negotiation version.

参数
ctx[IN] TLS object
version[OUT] Negotiated version
返回
HITLS_SUCCESS, obtained successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_GetNegotiateGroup()

int32_t HITLS_GetNegotiateGroup ( const HITLS_Ctx * ctx,
uint16_t * group )

Obtain the negotiated group information.

参数
ctx[IN] TLS Connection Handle.
group[OUT] Negotiated group information.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetNoClientCertSupport()

int32_t HITLS_GetNoClientCertSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Check whether no client certificate is supported, This command is valid only when client certificate verification is enabled.

参数
ctx[IN] TLS Connection Handle.
isSupport[OUT] Whether no client certificate is supported.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetOutPendingSize()

int32_t HITLS_GetOutPendingSize ( const HITLS_Ctx * ctx,
uint32_t * size )

Obtain the record out buffer remaining size

参数
ctx[IN] TLS connection handle
size[OUT] record out buffer remaining size
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetPeerFinishVerifyData()

int32_t HITLS_GetPeerFinishVerifyData ( const HITLS_Ctx * ctx,
void * buf,
uint32_t bufLen,
uint32_t * dataLen )

Obtain the verification data and length of the peer end based on the received finished message.

参数
ctx[IN] TLS context
buf[OUT] verify data
bufLen[IN] Length of the buffer to be obtained
dataLen[OUT] Actual length of the buf
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetPeerSignScheme()

int32_t HITLS_GetPeerSignScheme ( const HITLS_Ctx * ctx,
HITLS_SignHashAlgo * peerSignScheme )

Obtain the signature hash algorithm used by the peer end.

参数
ctx[IN] TLS connection handle
peerSignScheme[OUT] Peer signature hash algorithm
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_GetPostHandshakeAuthSupport()

int32_t HITLS_GetPostHandshakeAuthSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Query whether post-handshake AUTH is supported

参数
ctx[IN] TLS connection Handle.
isSupport[OUT] indicates whether to support post-handshake AUTH.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetQuietShutdown()

int32_t HITLS_GetQuietShutdown ( const HITLS_Ctx * ctx,
int32_t * mode )

Obtain the current silent disconnection mode.

参数
ctx[IN] TLS connection handle
mode[OUT] Mode type.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetReadPendingBytes()

uint32_t HITLS_GetReadPendingBytes ( const HITLS_Ctx * ctx)

Obtain the number of bytes of application data to be read from the current record from the HiTLS object.

注意
When the HiTLS works in data packet transmission (DTLS), the HITLS_Read may copy part of the application packet because the input buffer is not large enough. This function is used to obtain the remaining size of the application packet. This is useful for transport over DTLS.
参数
ctx[IN] TLS connection handle
返回值
Numberof bytes of application data that can be read.

◆ HITLS_GetReadUio()

BSL_UIO * HITLS_GetReadUio ( const HITLS_Ctx * ctx)

Obtain the UIO object of the read data.

参数
ctx[IN] TLS object
返回
UIO object

◆ HITLS_GetRecInbufferSize()

int32_t HITLS_GetRecInbufferSize ( const HITLS_Ctx * ctx,
uint32_t * recInbufferSize )

Obtain the rec inbuffer inital size

参数
ctx[IN] TLS connection handle.
recInbufferSize[OUT] Indicates the rec inbuffer inital size
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetRecordPaddingCb()

HITLS_RecordPaddingCb HITLS_GetRecordPaddingCb ( HITLS_Ctx * ctx)

Obtains the RecordPadding callback function.

参数
ctx[IN/OUT] TLS Connection Handle
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_GetRecordPaddingCbArg()

void * HITLS_GetRecordPaddingCbArg ( HITLS_Ctx * ctx)

Obtains the parameter arg required by the RecordPadding callback function.

参数
ctx[IN/OUT] TLS Connection Handle
返回
HITLS_NULL_INPUT, the input parameter pointer is NULL.
HITLS_SUCCESS, if successful.

◆ HITLS_GetRecordSizeLimit()

int32_t HITLS_GetRecordSizeLimit ( HITLS_Ctx * ctx,
uint16_t * recordSize )

Obtains the record size limit value of ctx.

参数
ctx[OUT] Hitls ctx
recordSize[IN] the currently in ctx configured record size limit value
返回值
HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_GetRenegotiationState()

int32_t HITLS_GetRenegotiationState ( const HITLS_Ctx * ctx,
bool * isRenegotiationState )

Obtain the current is whether in the renegotiation state.

注意
For the server, the server does not enter the renegotiation state by sending only the hello request message, The server enters the renegotiation state only after receiving the client hello message.
参数
ctx[IN] TLS Connection Handle.
isRenegotiationState[OUT] Indicates whether the renegotiation is in the renegotiation state. true: in the renegotiation state; false: not in the renegotiation state.
返回值
HITLS_SUCCESS,ifsuccessful.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_GetRenegotiationSupport()

int32_t HITLS_GetRenegotiationSupport ( const HITLS_Ctx * ctx,
bool * isSupportRenegotiation )

Obtain whether renegotiation is supported.

参数
ctx[IN] hitls Context
isSupportRenegotiation[OUT] Whether to support renegotiation
返回
HITLS_SUCCESS, obtain successful. For details about other error codes, see hitls_error.h.

◆ HITLS_GetResumptionOnRenegoSupport()

int32_t HITLS_GetResumptionOnRenegoSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Get whether to support session restoration during renegotiation. By default, session restoration is not supported.

参数
ctx[IN] TLS connection handle
isSupport[OUT] Indicates whether to support session restoration during renegotiation.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetRwstate()

int32_t HITLS_GetRwstate ( const HITLS_Ctx * ctx,
uint8_t * rwstate )

Obtain the current internal status.

参数
ctx[IN] TLS connection Handle.
rwstate[OUT] Current internal status information.
返回值
HITLS_SUCCESS,ifsuccessful.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_GetSecureRenegotiationSupport()

int32_t HITLS_GetSecureRenegotiationSupport ( const HITLS_Ctx * ctx,
bool * isSecureRenegotiation )

Obtains whether security renegotiation is supported.

参数
ctx[IN] hitls context.
isSecureRenegotiation[OUT] Whether to support security renegotiation
返回
HITLS_SUCCESS, obtained successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_GetSessionTicketSupport()

int32_t HITLS_GetSessionTicketSupport ( const HITLS_Ctx * ctx,
bool * isSupport )

Check whether the session ticket is supported.

参数
ctx[IN] TLS connection handle.
isSupport[OUT] whether to support session tickets, true: yes; false: no
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_GetSharedGroup()

int32_t HITLS_GetSharedGroup ( const HITLS_Ctx * ctx,
int32_t nmatch,
uint16_t * groupId )

Obtain the supported peer group or the number of supported peer groups of the nth match. nmatch Value range: - 1 or a positive integer This function can be called only after negotiation and can be called only by the server. If nmatch is a positive integer, check the intersection of groups on the client and server, and return the nmatch group in the intersection by groupId. If the value of nmatch is - 1, the number of intersection groups on the client and server is returned based on groupId.

参数
ctx[IN] TLS connection handle.
nmatch[IN] Sequence number of the group to be obtained, -1 Return the number of supported peer groups.
groupId[OUT] Returned result.
返回
HITLS_SUCCESS, Obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_GetSharedSigAlgs()

int32_t HITLS_GetSharedSigAlgs ( const HITLS_Ctx * ctx,
int32_t idx,
uint16_t * signatureScheme,
int32_t * keyType,
int32_t * paraId )

Get shared signature algorithms (negotiated)

This function returns the list of signature algorithms supported by both client and server. The algorithms are sorted according to the configured priority policy:

  • If server preference is enabled (isSupportServerPreference), sorted by server configuration order
  • Otherwise sorted by peer's sending order
注意
  • Must be called after peer sends signature_algorithms extension
  • Only supports TLS 1.2 and above
  • Server side: after receiving ClientHello
  • Client side: after receiving CertificateRequest
参数
ctx[IN] TLS connection handle
idx[IN] Index of algorithm to query (starting from 0)
  • idx >= 0: return information for the specified index
  • idx = -1: only return total count, do not fill output parameters
signatureScheme[OUT] IANA-defined signature scheme value (uint16_t), can be NULL
keyType[OUT] Certificate key type (HITLS_CERT_KeyType), can be NULL
paraId[OUT] Key parameter ID (CRYPT_PKEY_ParaId), can be NULL
返回值
>0 Total number of shared signature algorithms
0Failed (no shared algorithms/idx out of range/version not supported/parameter is NULL)

◆ HITLS_GetShutdownState()

int32_t HITLS_GetShutdownState ( const HITLS_Ctx * ctx,
uint32_t * mode )

Obtain the shutdown status of the TLS link.

参数
ctx[IN] TLS connection handle.
mode[OUT] TLS shutdown status: HITLS_SENT_SHUTDOWN / HITLS_RECEIVED_SHUTDOWN.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_GetStateString()

const char * HITLS_GetStateString ( uint32_t state)

Obtain the handshake status character string.

参数
state[IN] Handshake status
返回
Character string corresponding to the handshake status

◆ HITLS_GetSupportedCiphers()

HITLS_CIPHER_List * HITLS_GetSupportedCiphers ( const HITLS_Ctx * ctx)

Obtain the supported cipher suites list for HITLS_Ctx.

参数
ctx[IN] TLS connection handle
返回
Pointer to the supported cipher suites list NULL

◆ HITLS_GetUio()

BSL_UIO * HITLS_GetUio ( const HITLS_Ctx * ctx)

Obtain the UIO object from the HiTLS context.

参数
ctx[IN] TLS object.
返回
UIO object.

◆ HITLS_GetUserData()

void * HITLS_GetUserData ( const HITLS_Ctx * ctx)

Obtain user data from the HiTLS context. This interface is called in the callback registered with the HiTLS.

注意
must be called before HITLS_Connect and HITLS_Accept. The life cycle of the user data pointer must be longer than the life cycle of the TLS object.
参数
ctx[OUT] TLS connection handle.
返回
HITLS_SUCCESS, if successful.
HITLS_NULL_INPUT, the TLS object pointer of the input parameter is null.

Obtain user data from the HiTLS context. This interface is called in the callback registered with the HiTLS.

注意
must be invoked before HITLS_Connect and HITLS_Accept. The life cycle of the user identifier must be longer than the life cycle of the TLS object.
参数
ctx[OUT] TLS connection handle.
userData[IN] User identifier.
返回值
HITLS_SUCCESSsucceeded.
HITLS_NULL_INPUTThe input parameter TLS object is a null pointer.

◆ HITLS_GetVerifyNoneSupport()

int32_t HITLS_GetVerifyNoneSupport ( HITLS_Ctx * ctx,
bool * isSupport )

Query if support is available for not performing dual-end verification.

参数
ctx[IN] TLS Connection Handle.
isSupport[OUT] if support is available for not performing dual-end verification.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_GetVersionSupport()

int32_t HITLS_GetVersionSupport ( const HITLS_Ctx * ctx,
uint32_t * version )

Obtain the supported version number.

参数
ctx[IN] TLS connection handle.
version[OUT] Supported version number.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_IsAead()

int32_t HITLS_IsAead ( const HITLS_Ctx * ctx,
bool * isAead )

Obtain whether to use the AEAD algorithm.

参数
ctx[IN] TLS object
isAead[OUT] Indicates whether to use the AEAD algorithm.
返回
HITLS_SUCCESS, obtained successfully. HITLS_NULL_INPUT, The input parameter pointer is null.

◆ HITLS_IsBeforeHandShake()

int32_t HITLS_IsBeforeHandShake ( const HITLS_Ctx * ctx,
bool * isBefore )

Check whether the handshake has not been performed.

参数
ctx[IN] TLS connection handle
isBefore[OUT] Indicates whether the handshake has not been performed.
返回
HITLS_SUCCESS, obtaining the status succeeded. For other error codes, see hitls_error.h.

◆ HITLS_IsClient()

int32_t HITLS_IsClient ( const HITLS_Ctx * ctx,
bool * isClient )

Check whether the current end is client.

参数
ctx[IN] TLS connection handle
isClient[OUT] Client or not.
返回
HITLS_SUCCESS, obtaining the status succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_IsDtls()

int32_t HITLS_IsDtls ( const HITLS_Ctx * ctx,
bool * isDtls )

Check whether DTLS is used.

参数
ctx[IN] TLS object
isDtls[OUT] Indicates whether to use DTLS.
返回
HITLS_SUCCESS, is obtained successfully. HITLS_NULL_INPUT, The input parameter pointer is null.

◆ HITLS_IsHandShakeDone()

int32_t HITLS_IsHandShakeDone ( const HITLS_Ctx * ctx,
uint8_t * isDone )

Obtain the information about whether the handshake is complete.

参数
ctx[OUT] TLS connection handle
isDone[IN] Indicates whether the handshake is complete.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_IsHandShaking()

int32_t HITLS_IsHandShaking ( const HITLS_Ctx * ctx,
bool * isHandShaking )

Check whether a handshake is being performed.

参数
ctx[IN] TLS connection handle
isHandShaking[OUT] Indicates whether the handshake is in progress.
返回
HITLS_SUCCESS, Obtaining the status succeeded. For other error codes, see hitls_error.h.

◆ HITLS_IsServer()

int32_t HITLS_IsServer ( const HITLS_Ctx * ctx,
bool * isServer )

Indicates whether the HiTLS object functions as the server.

参数
ctx[OUT] TLS connection handle
isServer[IN] Indicates whether to function as the server.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_KeyUpdate()

int32_t HITLS_KeyUpdate ( HITLS_Ctx * ctx,
uint32_t updateType )

Set the keyupdate type of the current context and send the keyupdate message.

参数
ctx[IN] TLS connection handle
updateType[IN] keyupdate type
返回
HITLS_SUCCESS, if successful. For other error codes, see hitls_error.h.

◆ HITLS_Listen()

int32_t HITLS_Listen ( HITLS_Ctx * ctx,
BSL_SAL_SockAddr clientAddr )

The server statelessly listens for new incoming DTLS connections.

If a ClientHello is received that does not contain a cookie, then server respond with a Hello Verify Request for a new ClientHello that does contain a cookie. If a ClientHello is received with a cookie that is verified, then the function returns in order to enable the handshake to be completed for HITLS_Accept.

注意
Only the DTLS server over udp calls this API. HITLS_Listen only supports ClientHellos that fit inside a single datagram.
参数
ctx[IN/OUT] TLS connection handle.
clientAddr[IN/OUT] BSL_SOCKADDR_STORAGE pointed to by peer that sent the ClientHello.
返回值
HITLS_SUCCESS,thehandshake is successful.
Forother error codes, see hitls_error.h.

◆ HITLS_New()

HITLS_Ctx * HITLS_New ( HITLS_Config * config)

Create a TLS object and deep copy the HITLS_Config to the HITLS_Ctx.

This is the main TLS structure, which starts to establish a secure link through the client or server on the basis that the link has been established at the network layer.

注意
The HITLS_Config can be released after the creation is successful.
参数
config[IN] Config context
返回
HITLS_Ctx pointer. If the operation fails, a null value is returned.

Create a TLS object and deep copy the HITLS_Config to the HITLS_Ctx.

注意
After the creation is successful, the HITLS_Config can be released.
参数
config[IN] config Context
返回
HITLS_Ctx Pointer. If the operation fails, null is returned.

◆ HITLS_Peek()

int32_t HITLS_Peek ( HITLS_Ctx * ctx,
uint8_t * data,
uint32_t bufSize,
uint32_t * readLen )

read application data from a TLS/SSL connection

注意
HITLS_Peek() is identical to HITLS_Read() except no bytes are actually removed from the underlying BIO during the read
参数
ctx[IN] TLS context
data[OUT] data buffer
bufSize[IN] data buffer size
readLen[OUT] store the number of bytes actually read in *readLen
返回值
HITLS_SUCCESS
HITLS_REC_NORMAL_RECV_BUF_EMPTY,readbuffer is empty, more bytes can be read.
HITLS_REC_NORMAL_IO_BUSY,IObudy, waiting for next calling to read more.
Referto hitls_error.h for more

◆ HITLS_Read()

int32_t HITLS_Read ( HITLS_Ctx * ctx,
uint8_t * data,
uint32_t bufSize,
uint32_t * readLen )

Read application data

注意
Only the application data decrypted by one record can be read by HiTLS at a time HiTLS copies the application data to the input cache. If the cache size is less than 16 KB, the maximum size of the application message decrypted by a single record is 16 KB. This will result in a partial copy of the application data You can call HITLS_GetReadPendingBytes to obtain the size of the remaining readable application data in the current record. This is useful in DTLS scenarios.
参数
ctx[IN] TLS context
data[OUT] Read data
bufSize[IN] Size of the buffer
readLen[OUT] Read length
返回值
HITLS_SUCCESS,ifsuccessful
HITLS_REC_NORMAL_RECV_BUF_EMPTY,recordThe receiving buffer is NULL and can be read again.
HITLS_REC_NORMAL_IO_BUSY,thenetwork I/O is busy and needs to wait for the next sending You can continue to read the I/O.
Forother error codes, see hitls_error.h.

◆ HITLS_ReadHasPending()

int32_t HITLS_ReadHasPending ( const HITLS_Ctx * ctx,
bool * isPending )

Check the HiTLS object in the read cache. (including processed and unprocessed data, excluding the network layer) Whether there is data

参数
ctx[IN] TLS connection handle
isPending[OUT] Whether there is data. The options are as follows: 1: yes; 0: no.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_Renegotiate()

int32_t HITLS_Renegotiate ( HITLS_Ctx * ctx)

Perform renegotiation.

注意
1. After this interface is called, the user needs to call one of the HITLS_Connect / HITLS_Accept / HITLS_Read / HITLS_Write interfaces again, The HITLS_Renegotiate interface is used only for setting and initialization of renegotiation, The renegotiation process is performed when the user calls the HITLS_Connect / HITLS_Accept / HITLS_Read / HITLS_Write.
  1. You are advised to use the HITLS_Connect / HITLS_Accept interface for renegotiation. After the negotiation is complete, call the HITLS_Read / HITLS_Write interface.
  2. If the user uses HITLS_Read to perform renegotiation, the user may receive the app message from the peer end during the renegotiation. (1) If the renegotiation has not started, the HiTLS will return the message to the user. (2) If the renegotiation is in progress, no app message is received in this scenario, and the HiTLS sends an alert message to disconnect the link.
  3. If the user uses the HITLS_Connect / HITLS_Accept / HITLS_Write for renegotiation, the user may receive the app message from the peer end during the renegotiation, HiTLS caches the message, the message is returned when a user calls HITLS_Read. Maximum of 50 app messages can be cached, if the cache is full, subsequent app messages will be ignored.
  4. In the DTLS over UDP scenario, if the user functions as the server, packet loss occurs in the renegotiation request(hello request). (1) If the user calls the HITLS_Write for renegotiation, the app message to be sent is sent to the peer end after packet loss occurs in the renegotiation request. (2) The HiTLS does not retransmit the renegotiation request. The user needs to call the HITLS_Renegotiate and HITLS_Accept interfaces again to continue the renegotiation. You can call the HITLS_GetRenegotiationState interface to determine whether the current renegotiation is in the renegotiation state, If the renegotiation is not in the renegotiation state, call the HITLS_Renegotiate and HITLS_Accept interfaces again to continue the renegotiation.
  5. In the DTLS over UDP scenario, if the user as the client, packet loss occurs in the renegotiation request (client hello). (1) If the user calls the HITLS_Write to perform renegotiation, the app message is not sent to the peer end after packet loss occurs in the renegotiation request. Instead, the user waits for the response from the peer end. (2) The client hello message is retransmitted inside the HiTLS, and the user does not need to initiate renegotiation again.
参数
ctx[IN] TLS Connection Handle
返回值
HITLS_SUCCESS,ifsuccessful.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_SetCheckKeyUsage()

int32_t HITLS_SetCheckKeyUsage ( HITLS_Ctx * ctx,
bool isCheck )

Disables the verification of keyusage in the certificate. This function is enabled by default.

参数
ctx[OUT] config context
isCheck[IN] Sets whether to check key usage.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetCipherServerPreference()

int32_t HITLS_SetCipherServerPreference ( HITLS_Ctx * ctx,
bool isSupport )

The algorithm suite can be preferentially selected from the algorithm list supported by the server.

参数
ctx[IN] TLS Connection Handle.
isSupport[IN] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetCipherSuites()

int32_t HITLS_SetCipherSuites ( HITLS_Ctx * ctx,
const uint16_t * cipherSuites,
uint32_t cipherSuitesSize )

Set the supported cipher suites. The sequence of the cipher suites affects the priority of the selected cipher suites. The cipher suites with the highest priority are selected first.

注意
Do not check the cipher suite to meet the changes in the supported version.
参数
ctx[OUT] TLS connection handle.
cipherSuites[IN] Key suite array, corresponding to the HITLS_CipherSuite enumerated value.
cipherSuitesSize[IN] Key suite array length.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetClientOnceVerifySupport()

int32_t HITLS_SetClientOnceVerifySupport ( HITLS_Ctx * ctx,
bool support )

Set whether the client certificate can be requested only once.

参数
ctx[OUT] TLS connection handle
support[IN] true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetClientRenegotiateSupport()

int32_t HITLS_SetClientRenegotiateSupport ( HITLS_Ctx * ctx,
bool isSupport )

Set whether to allow a renegotiate request from the client

参数
ctx[IN/OUT] TLS connection handle.
isSupport[IN] Support or Not,true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_SetClientVerifySupport()

int32_t HITLS_SetClientVerifySupport ( HITLS_Ctx * ctx,
bool support )

Set whether to verify the client certificate.

参数
ctx[OUT] TLS connection handle
support[IN] Indicates whether to verify the client certificate, the options are as follows: true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetDhAutoSupport()

int32_t HITLS_SetDhAutoSupport ( HITLS_Ctx * ctx,
bool support )

Sets whether to support the function of automatically selecting DH parameters. If the value is true, the DH parameter is automatically selected based on the length of the certificate private key. If the value is false, the DH parameter needs to be set.

参数
ctx[IN/OUT] hitls context.
support[IN] Whether to support. The options are as follows: true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_SetDtlsCookieExangeSupport()

int32_t HITLS_SetDtlsCookieExangeSupport ( HITLS_Ctx * ctx,
bool isSupport )

Sets whether to perform cookie exchange in the dtls.

参数
ctx[IN] TLS connection handle.
isSupport[IN] Indicates whether to perform cookie exchange
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetDtlsTimerCb()

int32_t HITLS_SetDtlsTimerCb ( HITLS_Ctx * ctx,
HITLS_DtlsTimerCb cb )

Set the DTLS timeout interval callback.

参数
ctx[IN] TLS connection handle.
cb[IN] DTLS obtaining timeout interval callback.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetEcGroups()

int32_t HITLS_SetEcGroups ( HITLS_Ctx * ctx,
uint16_t * lst,
uint32_t groupSize )

Set the group supported by the hitls object.

参数
ctx[OUT] hitls context
lst[IN] group list
groupSize[IN] List length
返回
HITLS_SUCCESS is set successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_SetEcPointFormats()

int32_t HITLS_SetEcPointFormats ( HITLS_Ctx * ctx,
const uint8_t * pointFormats,
uint32_t pointFormatsSize )

Set the EC point format of the hitls.

注意
Currently, the value can only be HITLS_ECPOINTFORMAT_UNCOMPRESSED.
参数
ctx[OUT] hitls context.
pointFormats[IN] ec point format, corresponding to the HITLS_ECPointFormat enumerated value.
pointFormatsSize[IN] Length of the ec point format
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetEmptyRecordsNum()

int32_t HITLS_SetEmptyRecordsNum ( HITLS_Ctx * ctx,
uint32_t emptyNum )

set the max empty records number can be received

参数
ctx[IN/OUT] TLS connection handle.
emptyNum[IN] Indicates the max number of empty records can be received
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetEncryptThenMac()

int32_t HITLS_SetEncryptThenMac ( HITLS_Ctx * ctx,
bool encryptThenMacType )

Setting the Encrypt-Then-Mac mode.

参数
ctx[IN] TLS connection handle.
encryptThenMacType[IN] Current Encrypt-Then-Mac mode.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetEndPoint()

int32_t HITLS_SetEndPoint ( HITLS_Ctx * ctx,
bool isClient )

Set the initial status of the connection.

参数
ctx[IN] TLS connection handle.
isClient[IN] Set the current client or server.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetErrorCode()

int32_t HITLS_SetErrorCode ( HITLS_Ctx * ctx,
int32_t errorCode )

Record the error value of the HiTLS link.

参数
ctx[OUT] TLS connection handle
errorCode[IN] Error value
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetExtendedMasterSecretMode()

int32_t HITLS_SetExtendedMasterSecretMode ( HITLS_Ctx * ctx,
int32_t mode )

Set extended master secret mode.

参数
ctx[IN] TLS connection handle
mode[IN] EMS mode. See HITLS_EMS_MODE_*.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ifctx is NULL.

◆ HITLS_SetExtendedMasterSecretSupport()

int32_t HITLS_SetExtendedMasterSecretSupport ( HITLS_Ctx * ctx,
bool support )

Sets whether to forcibly support extended master keys.

参数
ctx[IN] TLS connection handle
support[IN] Indicates whether to forcibly support extended master keys. The options are as follows: True: yes; False: no. The default value is true.
返回值
HITLS_SUCCESS.
HITLS_NULL_INPUT,ctxis NULL.

◆ HITLS_SetFlightTransmitSwitch()

int32_t HITLS_SetFlightTransmitSwitch ( HITLS_Ctx * ctx,
bool isEnable )

Sets whether to send handshake messages by flight distance.

参数
ctx[IN/OUT] TLS connection handle.
isEnable[IN] Indicates whether to enable handshake information sending by flight distance. The value 0 indicates disable, other values indicate enable.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetGroupList()

int32_t HITLS_SetGroupList ( HITLS_Ctx * ctx,
const char * groups,
uint32_t groupNamesLen )

Set the group supported during key exchange, the group supported by HiTLS can be queried in HITLS_NamedGroup.

注意
If a group is not supported, an error will be reported during configuration check.
参数
ctx[OUT] HiTLS context
groups[IN] Key exchange group. Separate with colons, for example, "HITLS_EC_GROUP_SECP256R1: HITLS_EC_GROUP_SECP384R1"
groupNamesLen[IN] Key exchange group string length
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetKeepPeerCertificate()

int32_t HITLS_SetKeepPeerCertificate ( HITLS_Ctx * ctx,
bool isKeepPeerCert )

Set whether to save the peer certificate.

参数
ctx[IN] TLS connection handle.
isKeepPeerCert[IN] Set whether to save the peer certificate.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetLegacyRenegotiateSupport()

int32_t HITLS_SetLegacyRenegotiateSupport ( HITLS_Ctx * ctx,
bool isSupport )

Set whether to abort handshake when server doesn't support SecRenegotiation

参数
ctx[IN/OUT] TLS connection handle.
isSupport[IN] Support or Not,true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_SetLinkMtu()

int32_t HITLS_SetLinkMtu ( HITLS_Ctx * ctx,
uint16_t linkMtu )

Set the MTU of Data Link layer.

参数
ctx[IN] TLS connection handle
linkMtu[IN] MTU of Data Link layer.
返回值
HITLS_SUCCESS,setthe mtu succeeded.
HITLS_CONFIG_INVALID_LENGTH,themtu is invalid For details about other error codes, see hitls_error.h.

◆ HITLS_SetMaxCertList()

int32_t HITLS_SetMaxCertList ( HITLS_Ctx * ctx,
uint32_t maxSize )

Sets the maximum size of the certificate chain that can be sent from the peer end.

参数
ctx[IN/OUT] TLS connection handle.
maxSize[IN] Sets the maximum size of the certificate chain that can be sent from the peer end.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetMaxProtoVersion()

int32_t HITLS_SetMaxProtoVersion ( HITLS_Ctx * ctx,
uint16_t version )

Set the maximum protocol version that is supported based on the specified version.

参数
ctx[OUT] TLS object
version[IN] The given version
注意
The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2 is supported. This function is used together with the full configuration interfaces, such as HITLS_CFG_NewDTLSConfig and HITLS_CFG_NewTLSConfig. If the TLS full configuration is configured, only the TLS version can be set. If full DTLS configuration is configured, only the DTLS version can be set.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetMaxSendFragment()

int32_t HITLS_SetMaxSendFragment ( HITLS_Ctx * ctx,
uint16_t maxSendFragment )

set the max send fragment to restrict the amount of plaintext bytes in any record

参数
ctx[IN/OUT] TLS connection handle.
maxSendFragment[IN] Indicates the max send fragment
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_CONFIG_INVALID_LENGTH,themaxSendFragment is less than 64 or greater than 16384.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetMiddleBoxCompat()

int32_t HITLS_SetMiddleBoxCompat ( HITLS_Ctx * ctx,
bool isMiddleBox )

Sets whether to support middle box compat mode.

参数
ctx[IN] TLS Connection Handle.
isMiddleBox[IN] Support or Not.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetMinProtoVersion()

int32_t HITLS_SetMinProtoVersion ( HITLS_Ctx * ctx,
uint16_t version )

Set the minimum protocol version based on the specified version.

参数
ctx[OUT] TLS object
version[IN] The given version
注意
The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2 is supported. This interface is used together with the full configuration interfaces, such as HITLS_CFG_NewDTLSConfig and HITLS_CFG_NewTLSConfig. If the TLS full configuration is configured, only the TLS version can be set. If full DTLS configuration is configured, only the DTLS version can be set.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetModeSupport()

int32_t HITLS_SetModeSupport ( HITLS_Ctx * ctx,
uint32_t mode )

Set the function to support the specified feature.

参数
ctx[OUT] TLS connection handle.
mode[IN] features to be enabled.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null

◆ HITLS_SetMtu()

int32_t HITLS_SetMtu ( HITLS_Ctx * ctx,
uint16_t mtu )

Set the MTU of a path.

参数
ctx[IN] TLS connection handle
mtu[IN] Set the MTU.
返回
HITLS_SUCCESS, obtaining the status succeeded. HITLS_CONFIG_INVALID_LENGTH, the mtu is invalid For details about other error codes, see hitls_error.h.

◆ HITLS_SetNeedCheckPmsVersion()

int32_t HITLS_SetNeedCheckPmsVersion ( HITLS_Ctx * ctx,
bool needCheck )

Sets whether to verify the version in the premaster secret.

参数
ctx[OUT] TLS Connection Handle.
needCheck[IN] Indicates whether to perform check.
注意
This parameter is valid for versions earlier than TLS1.1. true indicates that verification is supported, and false indicates that verification is not supported. In this case, rollback attacks may occur. For versions later than TLS1.1, forcible verification is supported. This interface takes effect on the server.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetNoClientCertSupport()

int32_t HITLS_SetNoClientCertSupport ( HITLS_Ctx * ctx,
bool support )

Set whether to support the function without the client certificate, Takes effect only when the client certificate is verified. Client: This setting has no impact Server: When an NULL certificate is received from the client, indicates whether the certificate passes the verification, the verification fails by default.

参数
ctx[OUT] TLS connection handle
support[IN] Indicates whether the authentication is successful when there is no client certificate. true: If the certificate sent by the client is NULL, the server still passes the verification. false: If the certificate sent by the client is NULL, the server fails the verification.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetNoQueryMtu()

int32_t HITLS_SetNoQueryMtu ( HITLS_Ctx * ctx,
bool noQueryMtu )

Set the option that don't query mtu from the bio.

参数
ctx[IN] TLS connection handle
noQueryMtu[IN] whether not to query the mtu from the bio.
返回值
HITLS_SUCCESS,setthe option succeeded. For details about other error codes, see hitls_error.h.

◆ HITLS_SetPostHandshakeAuthSupport()

int32_t HITLS_SetPostHandshakeAuthSupport ( HITLS_Ctx * ctx,
bool support )

Set whether to support post-handshake AUTH.

参数
ctx[OUT] TLS connection handle
support[IN] true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetQuietShutdown()

int32_t HITLS_SetQuietShutdown ( HITLS_Ctx * ctx,
int32_t mode )

Set the silent disconnection mode.

参数
ctx[IN] TLS connection handle.
mode[IN] Mode type. The value 0 indicates that the quiet disconnection mode is disabled, and the value 1 indicates that the quiet disconnection mode is enabled.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetReadUio()

int32_t HITLS_SetReadUio ( HITLS_Ctx * ctx,
BSL_UIO * uio )

Read UIO for the HiTLS context.

注意
Must be called before HITLS_Connect and HITLS_Accept and released after HITLS_Free. If this function has been called, you must call BSL_UIO_Free to release the UIO.
参数
ctx[OUT] TLS connection handle.
uio[IN] UIO object.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetRecInbufferSize()

int32_t HITLS_SetRecInbufferSize ( HITLS_Ctx * ctx,
uint32_t recInbufferSize )

Set the rec inbuffer inital size

参数
ctx[IN/OUT] TLS connection handle.
recInbufferSize[IN] Indicates the rec inbuffer inital size
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_CONFIG_INVALID_LENGTH,therecInbufferSize is less than 512 or greater than 18432.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetRecordPaddingCb()

int32_t HITLS_SetRecordPaddingCb ( HITLS_Ctx * ctx,
HITLS_RecordPaddingCb callback )

Sets the RecordPadding callback.

参数
ctx[IN/OUT] TLS Connection Handle
callback[IN] Sets the RecordPadding callback.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetRecordPaddingCbArg()

int32_t HITLS_SetRecordPaddingCbArg ( HITLS_Ctx * ctx,
void * arg )

Sets the parameters arg required by the RecordPadding callback function.

参数
ctx[IN/OUT] TLS Connection Handle
arg[IN] Related Parameter arg
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetRecordSizeLimit()

int32_t HITLS_SetRecordSizeLimit ( HITLS_Ctx * ctx,
uint16_t recordSize )

The default record size limit is 0 to unsupport the record size limit extension (RFC 8449). If negotiated, it is used only to limit the size of records sent by the peer in the receive direction. However, the record size sent to the peer is limited by the record size limit value of the peer.

参数
ctx[OUT] Hitls config
recordSize[IN] Set the default record size limit value to be negotiated (64 to 16385)
返回值
HITLS_NULL_INPUT
HITLS_SUCCESS

◆ HITLS_SetRenegotiationSupport()

int32_t HITLS_SetRenegotiationSupport ( HITLS_Ctx * ctx,
bool isSupport )

Sets whether to support renegotiation.

参数
ctx[IN/OUT] TLS connection handle.
isSupport[IN] Support or Not,true: yes; false: no.
注意
If you enable this feature, it is recommended to also set HITLS_CFG_SetLegacyRenegotiateSupport to false and HITLS_CFG_GetExtendedMasterSecretMode to HITLS_EMS_MODE_FORCE, otherwise renegotiation attacks and triple handshake attacks may be possible.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_SetResumptionOnRenegoSupport()

int32_t HITLS_SetResumptionOnRenegoSupport ( HITLS_Ctx * ctx,
bool support )

Set whether to support session restoration during renegotiation. By default, session restoration is not supported.

参数
ctx[IN] TLS connection handle
support[IN] Whether to support the function. The options are as follows: True: yes; False: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,ctxis null.

◆ HITLS_SetServerName()

int32_t HITLS_SetServerName ( HITLS_Ctx * ctx,
uint8_t * serverName,
uint32_t serverNameStrlen )

Setting the value of server_name.

参数
ctx[IN] TLS connection handle.
serverName[IN] serverName.
serverNameStrlen[IN] serverName length.
返回
HITLS_SUCCESS, if successful. For details about other error codes, see hitls_error.h.

◆ HITLS_SetSessionTicketSupport()

int32_t HITLS_SetSessionTicketSupport ( HITLS_Ctx * ctx,
bool isSupport )

Sets whether to support session tickets.

参数
ctx[IN/OUT] TLS connection handle.
isSupport[IN] whether to support session tickets, true: yes; false: no
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theinput parameter pointer is NULL.

◆ HITLS_SetShutdownState()

int32_t HITLS_SetShutdownState ( HITLS_Ctx * ctx,
uint32_t mode )

Set the shutdown status of the TLS link.

Description:
In HITLS_Close, if the peer end is not closed, a closed notification message is sent to the peer end. When the local end sends a closed notify message, the HiTLS sets the HITLS_SENT_SHUTDOWN flag bit. When the local end receives the closed notify message, the HiTLS sets the HITLS_RECEIVED_SHUTDOWN flag bit. By default, the HiTLS needs to send and receive closed notifications. The actual condition for properly closing a session is HITLS_SENT_SHUTDOWN. (According to the TLS RFC, it is acceptable to send only close_notify alerts without waiting for a reply from the peer.) If HITLS_RECEIVED_SHUTDOWN is set, it indicates that the peer end does not need to wait for the closed notification.
参数
ctx[IN] TLS connection handle.
mode[IN] TLS shutdown status: HITLS_SENT_SHUTDOWN / HITLS_RECEIVED_SHUTDOWN.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

◆ HITLS_SetSigalgsList()

int32_t HITLS_SetSigalgsList ( HITLS_Ctx * ctx,
const uint16_t * signAlgs,
uint16_t signAlgsSize )

Set the signature algorithm supported by the hitls object.

参数
ctx[OUT] hitls context.
signAlgs[IN] List of supported signature algorithms.
signAlgsSize[IN] Length of the signature algorithm list.
返回
HITLS_SUCCESS, set successfully. For details about other error codes, see hitls_error.h.

◆ HITLS_SetTmpDh()

int32_t HITLS_SetTmpDh ( HITLS_Ctx * ctx,
HITLS_CRYPT_Key * dhPkey )

Set the DH parameter specified by the user.

参数
ctx[IN/OUT] hitls context.
dhPkey[IN] User-specified DH key.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUTctx or dhPkey field is NULL

◆ HITLS_SetTmpDhCb()

int32_t HITLS_SetTmpDhCb ( HITLS_Ctx * ctx,
HITLS_DhTmpCb callback )

Set the TmpDh callback function.

参数
ctx[IN/OUT] TLS connection handle.
callback[IN] Set the TmpDh callback.
返回值
HITLS_NULL_INPUT,theinput parameter pointer is NULL.
HITLS_SUCCESS,ifsuccessful.

◆ HITLS_SetUio()

int32_t HITLS_SetUio ( HITLS_Ctx * ctx,
BSL_UIO * uio )

Set the UIO object for the HiTLS context.

Bind the HiTLS context to the UIO object, through which the TLS object sends data, reads data, and controls the connection status at the network layer. After successfully setting, the number of times the UIO object is referenced increases by 1. BSL_UIO_Free is called to release the association between the HiTLS and UIO when HITLS_Free is called.

注意
After a HiTLS context is bound to a UIO object, the UIO object cannot be bound to other HiTLS contexts. This function must be called before HITLS_Connect and HITLS_Accept.
参数
ctx[OUT] TLS connection handle.
uio[IN] UIO object.
返回值
HITLS_SUCCESS,ifsuccessful.
Forother error codes, see hitls_error.h.

Set the UIO object for the HiTLS context.

注意
This function must be called before HITLS_Connect and HITLS_Accept and released after HITLS_Free. If this function has been called, you must call BSL_UIO_Free to release the UIO.
参数
ctx[OUT] TLS connection handle.
uio[IN] UIO object
返回
HITLS_SUCCESS succeeded Other Error Codes, see hitls_error.h

◆ HITLS_SetUserData()

int32_t HITLS_SetUserData ( HITLS_Ctx * ctx,
void * userData )

Save the user data in the HiTLS context, which can be obtained from the callback registered with the HiTLS.

注意
must be called before HITLS_Connect and HITLS_Accept. The life cycle of the user data pointer must be greater than the life cycle of the TLS object.
If the user data needs to be cleared, the HITLS_SetUserData(ctx, NULL) interface can be called directly. The Clean interface is not provided separately.
参数
ctx[OUT] TLS connection handle.
userData[IN] Pointer to the user data.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,theTLS object pointer of the input parameter is null.

Save the user data in the HiTLS context, which can be obtained from the callback registered with the HiTLS.

注意
must be invoked before HITLS_Connect and HITLS_Accept. The life cycle of the user identifier must be longer than the life cycle of the TLS object. If the user data needs to be cleared, the HITLS_SetUserData(ctx, NULL) interface can be invoked directly. The Clean interface is not provided separately.
参数
ctx[OUT] TLS connection handle.
userData[IN] User identifier.
返回值
HITLS_SUCCESSsucceeded.
HITLS_NULL_INPUTThe input parameter TLS object is a null pointer.

◆ HITLS_SetVerifyNoneSupport()

int32_t HITLS_SetVerifyNoneSupport ( HITLS_Ctx * ctx,
bool support )

Set whether to support do not proceed dual-ended verification.

参数
ctx[OUT] TLS connection handle
support[IN] true: yes; false: no.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetVersion()

int32_t HITLS_SetVersion ( HITLS_Ctx * ctx,
uint32_t minVersion,
uint32_t maxVersion )

Set the supported version number range.

参数
ctx[OUT] TLS connection handle
minVersion[IN] Minimum version number supported.
maxVersion[IN] Maximum version number supported.
注意
The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2 is supported. This function is used together with the full configuration interfaces, such as HITLS_CFG_NewDTLSConfig and HITLS_CFG_NewTLSConfig. If the TLS full configuration is configured, only the TLS version can be set. If full DTLS configuration is configured, only the DTLS version can be set.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetVersionForbid()

int32_t HITLS_SetVersionForbid ( HITLS_Ctx * ctx,
uint32_t noVersion )

Set the version number to be disabled.

参数
ctx[OUT] TLS connection handle
noVersion[IN] Disabled version number.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_SetVersionSupport()

int32_t HITLS_SetVersionSupport ( HITLS_Ctx * ctx,
uint32_t version )

Set the supported version number.

参数
ctx[OUT] TLS connection handle
version[IN] Supported version number.
注意
The maximum version number and minimum version number must be both TLS and DTLS. Currently, only DTLS 1.2 is supported. This function is used together with the full configuration interfaces, such as HITLS_CFG_NewDTLSConfig and HITLS_CFG_NewTLSConfig. If the TLS full configuration is configured, only the TLS version can be set. If full DTLS configuration is configured, only the DTLS version can be set. The versions must be consecutive. By default, the minimum and maximum versions are supported.
返回值
HITLS_SUCCESS,ifsuccessful.
HITLS_NULL_INPUT,configis null.

◆ HITLS_VerifyClientPostHandshake()

int32_t HITLS_VerifyClientPostHandshake ( HITLS_Ctx * ctx)

This interface is valid only on the server. When the post-handshake command is configured, the client identity is verified through this interface.

参数
ctx[IN] TLS Connection Handle
返回值
HITLS_INVALID_INPUT,invalidinput parameter.
HITLS_SUCCESS,ifsuccessful.
Fordetails about other error codes, see hitls_error.h.

◆ HITLS_Write()

int32_t HITLS_Write ( HITLS_Ctx * ctx,
const uint8_t * data,
uint32_t dataLen,
uint32_t * writeLen )

Write data.

: Encrypts and packs data with the specified length dataLen into a single record and sends the record.

注意
The length of the data to be sent cannot exceed the maximum writable length, which can be obtained by calling HITLS_GetMaxWriteSize.
参数
ctx[IN] TLS context
data[IN] Data to be written
dataLen[IN] Length to be written
writeLen[OUT] Length of Successful Writes
返回值
HITLS_SUCCESSis sent successfully.
HITLS_REC_NORMAL_RECV_BUF_EMPTY,recordIf the receiving buffer is NULL, the message can be sent again.
HITLS_REC_NORMAL_IO_BUSY,Thenetwork I/O is busy and needs to wait for the next sending. You can continue sending the I/O.
Forother error codes, see hitls_error.h.