zh/hs__common_8h_source.html

/*

 * This file is part of the openHiTLS project.

 *

 * openHiTLS is licensed under the Mulan PSL v2.

 * You can use this software according to the terms and conditions of the Mulan PSL v2.

 * You may obtain a copy of Mulan PSL v2 at:

 *

 *     http://license.coscl.org.cn/MulanPSL2

 *

 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,

 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,

 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.

 * See the Mulan PSL v2 for more details.

 */


#ifndef HS_COMMON_H

#define HS_COMMON_H


#include <stdint.h>

#include "tls.h"

#include "hs_ctx.h"

#include "hs_msg.h"


#ifdef __cplusplus

extern "C" {

#endif


#define MAX_CERT_TYPE_LISTS_SIZE 256        /* Maximum length of the certificate type list */

#define HS_DOWNGRADE_RANDOM_SIZE 8u         /* downgrade protection random number field */


#define HITLS_CLIENT_HELLO_MAX_SIZE         131396

#define HITLS_SERVER_HELLO_MAX_SIZE         65607

#define HITLS_HELLO_VERIFY_REQUEST_MAX_SIZE 258

#define HITLS_END_OF_EARLY_DATA_MAX_SIZE    0

#define HITLS_HELLO_RETRY_REQUEST_MAX_SIZE  20000

#define HITLS_ENCRYPTED_EXTENSIONS_MAX_SIZE 20000

#define HITLS_SESSION_TICKET_MAX_SIZE_TLS13 131338

#define HITLS_SESSION_TICKET_MAX_SIZE_TLS12 65541

#define HITLS_SERVER_KEY_EXCH_MAX_SIZE      102400

#define HITLS_SERVER_HELLO_DONE_MAX_SIZE    0

#define HITLS_KEY_UPDATE_MAX_SIZE           1

#define HITLS_CLIENT_KEY_EXCH_MAX_SIZE      2048

#define HITLS_NEXT_PROTO_MAX_SIZE           514

#define HITLS_FINISHED_MAX_SIZE             64

#define HITLS_HELLO_REQUEST_MAX_SIZE        0


enum HITLS_CryptInfoCmd {

    HITLS_CRYPT_INFO_CMD_GET_PUBLIC_KEY_LEN = 0, /* Get the length of the public key, param is HITLS_NamedGroup */

    HITLS_CRYPT_INFO_CMD_GET_SHARED_KEY_LEN,     /* Get the length of the shared key, param is HITLS_NamedGroup */

    HITLS_CRYPT_INFO_CMD_GET_CIPHERTEXT_LEN,     /* Get the length of the ciphertext, param is HITLS_NamedGroup */

    HITLS_CRYPT_INFO_CMD_GET_HASH_LEN,           /* Get the length of the hash, param is HITLS_HashAlgo */

};


const uint8_t *HS_GetHrrRandom(uint32_t *len);


const uint8_t *HS_GetTls12DowngradeRandom(uint32_t *len);


const char *HS_GetMsgTypeStr(HS_MsgType type);


int32_t HS_ChangeState(TLS_Ctx *ctx, uint32_t nextState);


int32_t HS_CombineRandom(const uint8_t *random1, const uint8_t *random2, uint32_t randomSize,

                         uint8_t *dest, uint32_t destSize);


uint8_t *HS_PrepareSignData(const TLS_Ctx *ctx, const uint8_t *partSignData,

    uint32_t partSignDataLen, uint32_t *signDataLen);


uint8_t *HS_PrepareSignDataTlcp(

    const TLS_Ctx *ctx, const uint8_t *partSignData, uint32_t partSignDataLen, uint32_t *signDataLen);


#if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_SCTP)

int32_t HS_SetSctpAuthKey(TLS_Ctx *ctx);


int32_t HS_ActiveSctpAuthKey(TLS_Ctx *ctx);


int32_t HS_DeletePreviousSctpAuthKey(TLS_Ctx *ctx);

#endif /* #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_SCTP) */


bool IsNeedServerKeyExchange(const TLS_Ctx *ctx);


bool IsPskNegotiation(const TLS_Ctx *ctx);


bool IsNeedCertPrepare(const CipherSuiteInfo *cipherSuiteInfo);


bool IsTicketSupport(const TLS_Ctx *ctx);


int32_t CheckClientPsk(TLS_Ctx *ctx);


int32_t HS_ReSizeMsgBuf(TLS_Ctx *ctx, uint32_t msgSize);


int32_t HS_GrowMsgBuf(TLS_Ctx *ctx, uint32_t msgSize, bool keepOldData);


uint32_t HS_MaxMessageSize(TLS_Ctx *ctx, HS_MsgType type);


uint32_t HS_GetBinderLen(HITLS_Session *session, HITLS_HashAlgo* hashAlg);


bool GroupConformToVersion(const TLS_Ctx *ctx, uint16_t version, uint16_t group);


bool IsCipherSuiteAllowed(const HITLS_Ctx *ctx, uint16_t cipherSuite, bool checkNegoVersion);


uint16_t *CheckSupportSignAlgorithms(const TLS_Ctx *ctx, const uint16_t *signAlgorithms,

    uint32_t signAlgorithmsSize, uint32_t *newSignAlgorithmsSize);


uint32_t HS_GetExtensionTypeId(uint32_t hsExtensionsType);


int32_t HS_CheckReceivedExtension(HITLS_Ctx *ctx, HS_MsgType hsType, uint64_t hsMsgExtensionsMask,

    uint64_t hsMsgAllowedExtensionsMask);


uint32_t HS_GetCryptLength(const TLS_Ctx *ctx, int32_t cmd, int32_t param);


HITLS_CERT_KeyType HS_SignScheme2CertKeyType(const HITLS_Ctx *ctx, HITLS_SignHashAlgo signScheme);


#ifdef __cplusplus

}

#endif


#endif

HITLS_SignHashAlgo
HITLS_SignHashAlgo
Certificate Signature Algorithm Enumeration
定义 hitls_cert_type.h:177

HITLS_CERT_KeyType
HITLS_CERT_KeyType
Certificate Public Key Type
定义 hitls_cert_type.h:162

HITLS_Ctx
struct TlsCtx HITLS_Ctx
HITLS context
定义 hitls_type.h:35