27#include "hitls_type.h"
28#include "hitls_crypt_type.h"
29#include "hitls_cert_type.h"
39#define HITLS_VERSION_TLCP_DTLCP11 0x0101u
45#define HITLS_TLS_ANY_VERSION 0x03ffu
51#define HITLS_VERSION_SSL30 0x0300u
57#define HITLS_VERSION_TLS10 0x0301u
63#define HITLS_VERSION_TLS11 0x0302u
69#define HITLS_VERSION_TLS12 0x0303u
75#define HITLS_VERSION_TLS13 0x0304u
81#define HITLS_VERSION_TLS_MAJOR 0x03u
87#define HITLS_DTLS_ANY_VERSION 0xfe00u
93#define HITLS_VERSION_DTLS12 0xfefdu
99#define HITLS_CFG_MAX_SIZE 1024
105#define TLS13_CIPHERSUITES_MAX_LEN 80
112 HITLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
113 HITLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
114 HITLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
115 HITLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034,
116 HITLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
117 HITLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
118 HITLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
119 HITLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A,
120 HITLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
121 HITLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
122 HITLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
123 HITLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067,
124 HITLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
125 HITLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
126 HITLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C,
127 HITLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D,
128 HITLS_PSK_WITH_AES_128_CBC_SHA = 0x008C,
129 HITLS_PSK_WITH_AES_256_CBC_SHA = 0x008D,
130 HITLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090,
131 HITLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091,
132 HITLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094,
133 HITLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095,
134 HITLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
135 HITLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
136 HITLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E,
137 HITLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F,
138 HITLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2,
139 HITLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3,
140 HITLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6,
141 HITLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7,
142 HITLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
143 HITLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9,
144 HITLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA,
145 HITLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB,
146 HITLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC,
147 HITLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD,
148 HITLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE,
149 HITLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF,
150 HITLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
151 HITLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3,
152 HITLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6,
153 HITLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7,
154 HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009,
155 HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
156 HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
157 HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
158 HITLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018,
159 HITLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019,
160 HITLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023,
161 HITLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
162 HITLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027,
163 HITLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
164 HITLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B,
165 HITLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C,
166 HITLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F,
167 HITLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030,
168 HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
169 HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036,
170 HITLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037,
171 HITLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038,
172 HITLS_RSA_WITH_AES_128_CCM = 0xC09C,
173 HITLS_RSA_WITH_AES_256_CCM = 0xC09D,
174 HITLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E,
175 HITLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F,
176 HITLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0,
177 HITLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1,
178 HITLS_PSK_WITH_AES_256_CCM = 0xC0A5,
179 HITLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6,
180 HITLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7,
181 HITLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC,
182 HITLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD,
183 HITLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8,
184 HITLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9,
185 HITLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA,
186 HITLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB,
187 HITLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC,
188 HITLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD,
189 HITLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE,
190 HITLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xD001,
191 HITLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = 0xD002,
192 HITLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD005,
195 HITLS_AES_128_GCM_SHA256 = 0x1301,
196 HITLS_AES_256_GCM_SHA384 = 0x1302,
197 HITLS_CHACHA20_POLY1305_SHA256 = 0x1303,
198 HITLS_AES_128_CCM_SHA256 = 0x1304,
199 HITLS_AES_128_CCM_8_SHA256 = 0x1305,
201 HITLS_SM4_GCM_SM3 = 0x00C6,
202 HITLS_SM4_CCM_SM3 = 0x00C7,
204 HITLS_ECDHE_SM4_CBC_SM3 = 0xE011,
205 HITLS_ECC_SM4_CBC_SM3 = 0xE013,
206 HITLS_ECDHE_SM4_GCM_SM3 = 0xE051,
207 HITLS_ECC_SM4_GCM_SM3 = 0xE053,
956#define HITLS_CLIENT_HELLO_SUCCESS 1
958#define HITLS_CLIENT_HELLO_FAILED 0
960#define HITLS_CLIENT_HELLO_RETRY (-1)
1522typedef HITLS_CRYPT_Key *(*HITLS_DhTmpCb)(
HITLS_Ctx *ctx, int32_t isExport, uint32_t keyLen);
struct BslList HITLS_TrustedCAList
Describes the list of trusted CAs
定义 hitls_cert_type.h:67
HITLS_TrustedCAType
Trusted CA ID Type
定义 hitls_cert_type.h:217
int32_t HITLS_CFG_IsDtls(const HITLS_Config *config, bool *isDtls)
Determine whether to use DTLS.
int32_t HITLS_CFG_SetKeepPeerCertificate(HITLS_Config *config, bool isKeepPeerCert)
Set whether to save the peer certificate.
HITLS_Config * HITLS_CFG_NewTLCPConfig(void)
Create TLCP configuration items, including default settings. The user can call the HITLS_CFG_SetXXX i...
int32_t HITLS_CFG_GetMinVersion(const HITLS_Config *config, uint16_t *minVersion)
Obtaining the Minimum Supported Version Number
int32_t HITLS_CFG_SetEmptyRecordsNum(HITLS_Config *config, uint32_t emptyNum)
Set the max empty records number can be received
定义 config.c:1540
int32_t HITLS_CFG_SetClientRenegotiateSupport(HITLS_Config *config, bool support)
Set whether to allow a renegotiate request from the client
int32_t HITLS_CFG_SetConfigUserDataFreeCb(HITLS_Config *config, HITLS_ConfigUserDataFreeCb callback)
Sets the UserData free callback
int32_t HITLS_CFG_GetMaxCertList(const HITLS_Config *config, uint32_t *maxSize)
Obtain the maximum size of the certificate chain that can be sent by the peer end.
int32_t HITLS_CFG_SetDtlsCookieExchangeSupport(HITLS_Config *config, bool isSupport)
Set whether the DTLS performs cookie exchange.
void * HITLS_CFG_GetConfigUserData(const HITLS_Config *config)
Obtain the user data from the HiTLS Config object. Generally, this function is called during the call...
int32_t HITLS_CFG_SetDtlsTimerCb(HITLS_Config *config, HITLS_DtlsTimerCb callback)
Set the DTLS obtaining timeout interval callback.
int32_t HITLS_CFG_GetRecordSizeLimit(HITLS_Config *config, uint16_t *recordSize)
Obtains the record size limit value of ctx.
int32_t HITLS_CFG_SetRecordPaddingCb(HITLS_Config *config, HITLS_RecordPaddingCb callback)
Set the RecordPadding callback.
int32_t HITLS_CFG_SetTmpDhCb(HITLS_Config *config, HITLS_DhTmpCb callback)
Set the TmpDh callback, cb can be NULL.
int32_t HITLS_CFG_SetVersionForbid(HITLS_Config *config, uint32_t noVersion)
Setting the disabled version number.
int32_t HITLS_CFG_GetVersionSupport(const HITLS_Config *config, uint32_t *version)
Obtain the supported version number.
int32_t HITLS_CFG_GetKeyExchId(const HITLS_Cipher *cipher, HITLS_KeyExchAlgo *kxAlg)
Obtain the key exchange algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetCipherSuite(const HITLS_Cipher *cipher, uint16_t *cipherSuite)
Obtain the encryption ID in the cipher suite.
HITLS_Config * HITLS_CFG_NewDTLSConfig(void)
Create full DTLS configurations. The HITLS_CFG_SetXXX interface can be called to modify the DTLS conf...
const uint8_t * HITLS_CFG_GetCipherSuiteStdName(const HITLS_Cipher *cipher)
Obtain the RFC standard name of the cipher suite based on the cipher suite.
int32_t HITLS_CFG_GetRenegotiationSupport(const HITLS_Config *config, bool *isSupport)
Query whether renegotiation is supported.
int32_t HITLS_CFG_GetFlightTransmitSwitch(const HITLS_Config *config, bool *isEnable)
Obtains the status of whether to send handshake information according to the route.
int32_t HITLS_CFG_SetDtlsPostHsTimeoutVal(HITLS_Config *config, uint32_t timeoutVal)
Set the timeout period after the DTLS over UDP connection is complete. If the timer expires,...
HITLS_Config * HITLS_CFG_NewTLSConfig(void)
Create full TLS configurations. The HITLS_CFG_SetXXX interface can be used to modify the configuratio...
HITLS_Config * HITLS_CFG_NewTLS13Config(void)
Creates the default TLS13 configuration. The HITLS_CFG_SetXXX interface can be used to modify the def...
int32_t HITLS_CFG_GetRecInbufferSize(const HITLS_Config *config, uint32_t *recInbufferSize)
Obtain the rec inbuffer inital size
int32_t HITLS_CFG_GetClientRenegotiateSupport(HITLS_Config *config, bool *isSupport)
Get whether to allow a renegotiate request from the client
HITLS_CRYPT_Key *(* HITLS_DhTmpCb)(HITLS_Ctx *ctx, int32_t isExport, uint32_t keyLen)
Generate temporary DH key.
定义 hitls_config.h:1522
int32_t HITLS_CFG_SetMaxSendFragment(HITLS_Config *config, uint16_t maxSendFragment)
Set the max send fragment to restrict the amount of plaintext bytes in any record
HITLS_Config * HITLS_CFG_ProviderNewTLCPConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create TLCP configuration items with provider, including the default settings. Same as HITLS_CFG_NewT...
int32_t HITLS_CFG_SetPostHandshakeAuthSupport(HITLS_Config *config, bool support)
Setting whether to support post-handshake auth takes effect only for TLS1.3. client: If the client su...
int32_t HITLS_CFG_SetQuietShutdown(HITLS_Config *config, int32_t mode)
Set the quiet disconnection mode.
int32_t HITLS_CFG_GetClientVerifySupport(HITLS_Config *config, bool *isSupport)
Query whether the client certificate can be verified.
int32_t HITLS_CFG_GetHashId(const HITLS_Cipher *cipher, HITLS_HashAlgo *hashAlg)
Obtain the hash algorithm type based on the cipher suite.
HITLS_Config * HITLS_CFG_NewDTLS12Config(void)
Create DTLS12 configuration items, including the default settings. The user can call the HITLS_CFG_Se...
int32_t HITLS_CFG_ClearModeSupport(HITLS_Config *config, uint32_t mode)
Disable the specified feature.
uint64_t(* HITLS_RecordPaddingCb)(HITLS_Ctx *ctx, int32_t type, uint64_t length, void *arg)
Callback function for handling TLS record padding.
定义 hitls_config.h:1545
int32_t HITLS_CFG_SetCipherSuites(HITLS_Config *config, const uint16_t *cipherSuites, uint32_t cipherSuitesSize)
Set the supported cipher suites. The sequence of the cipher suites affects the priority of the select...
定义 config.c:856
HITLS_TrustedCAList * HITLS_CFG_GetCAList(const HITLS_Config *config)
Obtain the CA list.
int32_t HITLS_CFG_SetModeSupport(HITLS_Config *config, uint32_t mode)
Set the function to support the specified feature.
int32_t HITLS_CFG_GetReadAhead(HITLS_Config *config, int32_t *onOff)
Get whether reading ahead has been set or not
定义 config.c:1250
int32_t HITLS_CFG_GetVerifyNoneSupport(HITLS_Config *config, bool *isSupport)
Query whether not perform dual-ended verification is supported
HITLS_Config * HITLS_CFG_ProviderNewTLS13Config(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create TLS13 configuration items with provider, including the default settings. Same as HITLS_CFG_New...
int32_t HITLS_CFG_SetRecordSizeLimit(HITLS_Config *config, uint16_t recordSize)
The default record size limit is 0 to unsupport the record size limit extension (RFC 8449)....
int32_t HITLS_CFG_SetVersionSupport(HITLS_Config *config, uint32_t version)
Set the supported version number.
int32_t HITLS_CFG_GetNoClientCertSupport(HITLS_Config *config, bool *isSupport)
Query whether support there is no client certificate. This parameter takes effect only when the clien...
int32_t HITLS_CFG_SetRenegotiationSupport(HITLS_Config *config, bool support)
Set whether to support renegotiation.
定义 config.c:1283
int32_t HITLS_CFG_SetGroups(HITLS_Config *config, const uint16_t *groups, uint32_t groupsSize)
Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_Nam...
定义 config.c:979
int32_t HITLS_CFG_SetRecordPaddingCbArg(HITLS_Config *config, void *arg)
Sets the parameters arg required by the RecordPadding callback function.
int32_t HITLS_CFG_ClearTLS13CipherSuites(HITLS_Config *config)
Clear the TLS1.3 cipher suite.
int32_t HITLS_CFG_GetExtendedMasterSecretSupport(HITLS_Config *config, bool *isSupport)
Query whether extended master keys are supported.
定义 config.c:1336
int32_t HITLS_CIPHER_IsAead(const HITLS_Cipher *cipher, bool *isAead)
Determine whether to use the AEAD algorithm based on the cipher suite information.
const HITLS_Cipher * HITLS_CFG_GetCipherByID(uint16_t cipherSuite)
Obtain the cipher suite pointer based on the cipher suite ID.
int32_t HITLS_CFG_SetVersion(HITLS_Config *config, uint16_t minVersion, uint16_t maxVersion)
Set the supported version number range.
void HITLS_CFG_FreeConfig(HITLS_Config *config)
Release the config file.
定义 config.c:614
void * HITLS_CFG_GetRecordPaddingCbArg(HITLS_Config *config)
Obtains the parameter arg required by the RecordPadding callback function.
int32_t HITLS_CFG_GetCipherId(const HITLS_Cipher *cipher, HITLS_CipherAlgo *cipherAlg)
Obtain the symmetric encryption algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetModeSupport(const HITLS_Config *config, uint32_t *mode)
Obtain the mode of the function feature in the config file.
void(* HITLS_ConfigUserDataFreeCb)(void *)
UserData free callback
定义 hitls_config.h:1331
HITLS_Config * HITLS_CFG_ProviderNewTLS12Config(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create TLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_New...
int32_t HITLS_CFG_SetSignature(HITLS_Config *config, const uint16_t *signAlgs, uint16_t signAlgsSize)
Set the signature algorithms supported during negotiation. The signature algorithms supported by the ...
定义 config.c:1261
HITLS_RecordPaddingCb HITLS_CFG_GetRecordPaddingCb(HITLS_Config *config)
Obtains the RecordPadding callback function.
int32_t HITLS_CFG_GetAuthId(const HITLS_Cipher *cipher, HITLS_AuthAlgo *authAlg)
Obtain the server authorization algorithm type based on the cipher suite.
int32_t HITLS_CFG_SetEncryptThenMac(HITLS_Config *config, bool encryptThenMacType)
Set the Encrypt-Then-Mac mode.
定义 config.c:1465
int32_t HITLS_CFG_SetVerifyNoneSupport(HITLS_Config *config, bool support)
Sets whether to support not perform dual-ended verification
int32_t HITLS_CFG_SetNeedCheckPmsVersion(HITLS_Config *config, bool needCheck)
This interface is used to verify the version in the premaster secret. This interface takes effect on ...
HITLS_Config * HITLS_CFG_ProviderNewDTLS12Config(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create DTLS12 configuration items with provider, including the default settings. Same as HITLS_CFG_Ne...
int32_t HITLS_CFG_GetDtlsCookieExchangeSupport(const HITLS_Config *config, bool *isSupport)
Return whether the DTLS performs cookie exchange.
int32_t HITLS_CFG_GetDescription(const HITLS_Cipher *cipher, uint8_t *buf, int32_t len)
Outputs the description of the cipher suite as a string.
int32_t HITLS_CFG_GetPostHandshakeAuthSupport(HITLS_Config *config, bool *isSupport)
Query whether the post-handshake AUTH function is supported.
int32_t HITLS_CFG_SetKeyExchMode(HITLS_Config *config, uint32_t mode)
Set the key exchange mode, which is used by TLS1.3.
int32_t HITLS_CFG_SetReadAhead(HITLS_Config *config, int32_t onOff)
Set read ahead flag to indicate whether read more data than user required to buffer in advance
定义 config.c:1239
int32_t HITLS_CFG_SetResumptionOnRenegoSupport(HITLS_Config *config, bool support)
Set whether to support session restoration during renegotiation. By default, session restoration is n...
HITLS_Config * HITLS_CFG_ProviderNewDTLSConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create DTLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewD...
int32_t HITLS_CFG_SetEndPoint(HITLS_Config *config, bool isClient)
Set whether the current configuration is a client configuration.
定义 config.c:1560
uint32_t HITLS_CFG_GetKeyExchMode(HITLS_Config *config)
Obtain the key exchange mode, which is used by TLS1.3.
HITLS_Config * HITLS_CFG_NewTLS12Config(void)
Create a TLS12 configuration item, including the default configuration. The user can call the HITLS_C...
HITLS_Config * HITLS_CFG_ProviderNewTLSConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create TLS configuration items with provider, including the default settings. Same as HITLS_CFG_NewTL...
int32_t HITLS_CFG_SetExtendedMasterSecretMode(HITLS_Config *config, int32_t mode)
Set extended master secret mode.
定义 config.c:1345
int32_t HITLS_CFG_SetClientHelloCb(HITLS_Config *config, HITLS_ClientHelloCb callback, void *arg)
Set the cookie verification callback on the server.
int32_t HITLS_CFG_UpRef(HITLS_Config *config)
The reference counter of config increases by 1.
定义 config.c:634
void HITLS_CFG_ClearCAList(HITLS_Config *config)
Clear the CA list.
int32_t HITLS_CFG_GetQuietShutdown(const HITLS_Config *config, int32_t *mode)
Obtain the current quiet disconnection mode.
int32_t HITLS_CFG_SetClientVerifySupport(HITLS_Config *config, bool support)
Sets whether to verify the client certificate. Client: This setting has no impact Server: The certifi...
HITLS_Config * HITLS_CFG_NewDTLCPConfig(void)
Create DTLCP configuration items, including the default settings. The user can call the HITLS_CFG_Set...
int32_t HITLS_CFG_AddCAIndication(HITLS_Config *config, HITLS_TrustedCAType caType, const uint8_t *data, uint32_t len)
Add the CA indicator, which is used when the peer certificate is requested.
int32_t HITLS_CFG_SetConfigUserData(HITLS_Config *config, void *userData)
User data is stored in the HiTLS Config. The user data can be obtained from the callback registered w...
int32_t HITLS_CFG_GetClientOnceVerifySupport(HITLS_Config *config, bool *isSupport)
Query whether request client certificate only once is supported
int32_t(* HITLS_ClientHelloCb)(HITLS_Ctx *ctx, int32_t *alert, void *arg)
ClientHello callback prototype for the server to process the callback.
定义 hitls_config.h:973
const uint8_t * HITLS_CFG_GetCipherSuiteName(const HITLS_Cipher *cipher)
Obtain the cipher suite name based on the cipher suite.
int32_t HITLS_CFG_GetCipherVersion(const HITLS_Cipher *cipher, int32_t *version)
Obtain the earliest TLS version supported by the cipher suite based on the cipher suite.
int32_t HITLS_CFG_GetCipherSuites(HITLS_Config *config, uint16_t *data, uint32_t dataLen, uint32_t *cipherSuitesSize)
Get the supported cipher suites array.
int32_t HITLS_CFG_SetTmpDh(HITLS_Config *config, HITLS_CRYPT_Key *dhPkey)
Set the DH parameter specified by the user.
int32_t HITLS_CFG_GetExtendedMasterSecretMode(HITLS_Config *config, int32_t *mode)
Get extended master secret mode.
定义 config.c:1357
int32_t HITLS_CFG_SetExtendedMasterSecretSupport(HITLS_Config *config, bool support)
Sets whether to forcibly support extended master keys.
定义 config.c:1303
int32_t HITLS_CFG_GetMacId(const HITLS_Cipher *cipher, HITLS_MacAlgo *macAlg)
Obtain the MAC algorithm type based on the cipher suite.
int32_t HITLS_CFG_GetMaxVersion(const HITLS_Config *config, uint16_t *maxVersion)
Obtaining the Maximum supported version number
int32_t HITLS_CFG_SetFlightTransmitSwitch(HITLS_Config *config, bool isEnable)
Set whether to send handshake messages by route. DTLS over SCTP does not support this ability.
HITLS_Config * HITLS_CFG_ProviderNewDTLCPConfig(HITLS_Lib_Ctx *libCtx, const char *attrName)
Create DTLCP configuration items with provider, including the default settings. Same as HITLS_CFG_New...
int32_t HITLS_CFG_GetCipherServerPreference(const HITLS_Config *config, bool *isSupport)
Obtains whether the current cipher suite supports preferential selection from the list of algorithms ...
int32_t HITLS_CFG_SetClientOnceVerifySupport(HITLS_Config *config, bool support)
Set whether request client certificate only once is supported
int32_t HITLS_CFG_SetCheckKeyUsage(HITLS_Config *config, bool isCheck)
Disables the verification of keyusage in the certificate. This function is enabled by default.
int32_t HITLS_CFG_SetMaxCertList(HITLS_Config *config, uint32_t maxSize)
Set the maximum size of the certificate chain that can be sent by the peer end.
int32_t HITLS_CFG_GetEmptyRecordsNum(const HITLS_Config *config, uint32_t *emptyNum)
Obtain the max empty records number can be received
定义 config.c:1550
int32_t HITLS_CFG_SetLegacyRenegotiateSupport(HITLS_Config *config, bool support)
Set whether to abort handshake when server doesn't support SecRenegotiation
uint32_t(* HITLS_DtlsTimerCb)(HITLS_Ctx *ctx, uint32_t us)
DTLS callback prototype for obtaining the timeout interval
定义 hitls_config.h:993
int32_t HITLS_CFG_SetDhAutoSupport(HITLS_Config *config, bool support)
Set whether the DH parameter can be automatically selected by users. If the value is true,...
int32_t HITLS_CFG_EnableTls13SM(HITLS_Config *config, bool isOnlySupportSM)
Set enable support tls1.3 SM
HITLS_CipherSuite
enumerate ciphersuites supported by HITLS with IANA coding
定义 hitls_config.h:111
int32_t HITLS_CFG_SetNoClientCertSupport(HITLS_Config *config, bool support)
Sets whether to allow the client certificate to be empty. This parameter takes effect only when clien...
int32_t HITLS_CFG_SetCipherServerPreference(HITLS_Config *config, bool isSupport)
cipher suites are preferentially selected from the list of algorithms supported by the server.
int32_t HITLS_CFG_GetMaxSendFragment(const HITLS_Config *config, uint16_t *maxSendFragment)
Obtain the max send fragment to restrict the amount of plaintext bytes in any record
int32_t HITLS_CFG_GetResumptionOnRenegoSupport(HITLS_Config *config, bool *isSupport)
Get whether to support session restoration during renegotiation. By default, session restoration is n...
const HITLS_Cipher * HITLS_CFG_GetCipherSuiteByStdName(const uint8_t *stdName)
Obtain the corresponding cipher suite pointer based on the RFC Standard Name.
int32_t HITLS_CFG_GetEncryptThenMac(const HITLS_Config *config, bool *encryptThenMacType)
Obtain the Encrypt-Then-Mac type.
定义 config.c:1481
int32_t HITLS_CFG_SetEcPointFormats(HITLS_Config *config, const uint8_t *pointFormats, uint32_t pointFormatsSize)
Set the format of the ec point.
定义 config.c:957
int32_t HITLS_CFG_SetCAList(HITLS_Config *config, HITLS_TrustedCAList *list)
Set the CA list.
int32_t HITLS_CFG_GetDhAutoSupport(HITLS_Config *config, bool *isSupport)
Query whether the DH parameter can be automatically selected by the user. If yes, the DH parameter wi...
int32_t HITLS_CFG_SetGroupList(HITLS_Config *config, const char *groupNames, uint32_t groupNamesLen)
Set the group supported during key exchange. The group supported by HiTLS can be queried in HITLS_Nam...
int32_t HITLS_CFG_SetRecInbufferSize(HITLS_Config *config, uint32_t recInbufferSize)
Set the rec inbuffer inital size
struct TlsCtx HITLS_Ctx
HITLS context
定义 hitls_type.h:35
struct TlsConfig HITLS_Config
config context
定义 hitls_type.h:41
struct TlsCipherSuiteInfo HITLS_Cipher
cipherSuite information
定义 hitls_type.h:47
int32_t HITLS_CFG_GetMiddleBoxCompat(HITLS_Config *config, bool *isMiddleBox)
Obtain whether middle box compat mode is supported.
int32_t HITLS_CFG_SetMiddleBoxCompat(HITLS_Config *config, bool isMiddleBox)
Sets whether to support middle box compat mode.
1.15.0