1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "tls_configuration.h"
17 
18 #include <openssl/x509.h>
19 
20 #include "secure_data.h"
21 #include "tls.h"
22 #include "tls_key.h"
23 
24 namespace OHOS {
25 namespace NetStack {
26 namespace TlsSocket {
TLSConfiguration(const TLSConfiguration & other)27 TLSConfiguration::TLSConfiguration(const TLSConfiguration &other)
28 {
29     privateKey_ = other.privateKey_;
30     localCertificate_ = other.localCertificate_;
31     caCertificate_ = other.caCertificate_;
32     minProtocol_ = other.minProtocol_;
33     maxProtocol_ = other.maxProtocol_;
34     cipherSuite_ = other.cipherSuite_;
35     tlsVerifyMode_ = other.tlsVerifyMode_;
36     whetherToSkip_ = other.whetherToSkip_;
37 }
38 
PrivateKey() const39 const TLSKey &TLSConfiguration::PrivateKey() const
40 {
41     return privateKey_;
42 }
43 
operator =(const TLSConfiguration & other)44 TLSConfiguration &TLSConfiguration::operator=(const TLSConfiguration &other)
45 {
46     privateKey_ = other.privateKey_;
47     localCertificate_ = other.localCertificate_;
48     caCertificate_ = other.caCertificate_;
49     minProtocol_ = other.minProtocol_;
50     maxProtocol_ = other.maxProtocol_;
51     cipherSuite_ = other.cipherSuite_;
52     caCertificateChain_ = other.caCertificateChain_;
53     signatureAlgorithms_ = other.signatureAlgorithms_;
54     privateKey_ = other.privateKey_;
55     tlsVerifyMode_ = other.tlsVerifyMode_;
56     whetherToSkip_ = other.whetherToSkip_;
57     return *this;
58 }
59 
SetLocalCertificate(const TLSCertificate & certificate)60 void TLSConfiguration::SetLocalCertificate(const TLSCertificate &certificate)
61 {
62     localCertificate_ = certificate;
63 }
64 
SetCaCertificate(const TLSCertificate & certificate)65 void TLSConfiguration::SetCaCertificate(const TLSCertificate &certificate)
66 {
67     caCertificate_ = certificate;
68 }
69 
SetPrivateKey(const TLSKey & key)70 void TLSConfiguration::SetPrivateKey(const TLSKey &key)
71 {
72     privateKey_ = key;
73 }
74 
SetPrivateKey(const SecureData & key,const SecureData & keyPass)75 void TLSConfiguration::SetPrivateKey(const SecureData &key, const SecureData &keyPass)
76 {
77     TLSKey pkey(key, keyPass);
78     privateKey_ = pkey;
79 }
80 
SetLocalCertificate(const std::string & certificate)81 void TLSConfiguration::SetLocalCertificate(const std::string &certificate)
82 {
83     TLSCertificate local(certificate, LOCAL_CERT);
84     localCertificate_ = local;
85 }
86 
SetCaCertificate(const std::vector<std::string> & certificate)87 void TLSConfiguration::SetCaCertificate(const std::vector<std::string> &certificate)
88 {
89     caCertificateChain_ = certificate;
90 }
91 
SetProtocol(const std::vector<std::string> & Protocol)92 void TLSConfiguration::SetProtocol(const std::vector<std::string> &Protocol)
93 {
94     bool isTls1_3 = false;
95     bool isTls1_2 = false;
96     for (const auto &p : Protocol) {
97         if (p == PROTOCOL_TLS_V13) {
98             maxProtocol_ = TLS_V1_3;
99             isTls1_3 = true;
100         }
101         if (p == PROTOCOL_TLS_V12) {
102             minProtocol_ = TLS_V1_2;
103             isTls1_2 = true;
104         }
105     }
106     if (!isTls1_3) {
107         maxProtocol_ = TLS_V1_2;
108     }
109     if (!isTls1_2) {
110         minProtocol_ = TLS_V1_3;
111     }
112     protocol_ = maxProtocol_;
113 }
114 
GetMinProtocol() const115 TLSProtocol TLSConfiguration::GetMinProtocol() const
116 {
117     return minProtocol_;
118 }
119 
GetMaxProtocol() const120 TLSProtocol TLSConfiguration::GetMaxProtocol() const
121 {
122     return maxProtocol_;
123 }
124 
GetProtocol() const125 TLSProtocol TLSConfiguration::GetProtocol() const
126 {
127     return protocol_;
128 }
129 
GetCipherSuite() const130 std::string TLSConfiguration::GetCipherSuite() const
131 {
132     return cipherSuite_;
133 }
134 
GetCipherSuiteVec() const135 std::vector<CipherSuite> TLSConfiguration::GetCipherSuiteVec() const
136 {
137     return cipherSuiteVec_;
138 }
139 
GetCertificate() const140 const X509CertRawData &TLSConfiguration::GetCertificate() const
141 {
142     return localCertificate_.GetLocalCertRawData();
143 }
144 
SetCipherSuite(const std::string & cipherSuite)145 void TLSConfiguration::SetCipherSuite(const std::string &cipherSuite)
146 {
147     cipherSuite_ = cipherSuite;
148 }
149 
SetSignatureAlgorithms(const std::string & signatureAlgorithms)150 void TLSConfiguration::SetSignatureAlgorithms(const std::string &signatureAlgorithms)
151 {
152     signatureAlgorithms_ = signatureAlgorithms;
153 }
154 
GetSignatureAlgorithms() const155 const std::string &TLSConfiguration::GetSignatureAlgorithms() const
156 {
157     return signatureAlgorithms_;
158 }
159 
SetUseRemoteCipherPrefer(bool useRemoteCipherPrefer)160 void TLSConfiguration::SetUseRemoteCipherPrefer(bool useRemoteCipherPrefer)
161 {
162     useRemoteCipherPrefer_ = useRemoteCipherPrefer;
163 }
164 
GetUseRemoteCipherPrefer() const165 bool TLSConfiguration::GetUseRemoteCipherPrefer() const
166 {
167     return useRemoteCipherPrefer_;
168 }
169 
GetCaCertificate() const170 std::vector<std::string> TLSConfiguration::GetCaCertificate() const
171 {
172     return caCertificateChain_;
173 }
174 
GetLocalCertificate() const175 TLSCertificate TLSConfiguration::GetLocalCertificate() const
176 {
177     return localCertificate_;
178 }
179 
GetPrivateKey() const180 TLSKey TLSConfiguration::GetPrivateKey() const
181 {
182     return privateKey_;
183 }
SetVerifyMode(VerifyMode verifyMode)184 void TLSConfiguration::SetVerifyMode(VerifyMode verifyMode)
185 {
186     tlsVerifyMode_ = verifyMode;
187 }
GetVerifyMode() const188 VerifyMode TLSConfiguration::GetVerifyMode() const
189 {
190     return tlsVerifyMode_;
191 }
SetNetAddress(const Socket::NetAddress & netAddress)192 void TLSConfiguration::SetNetAddress(const Socket::NetAddress& netAddress)
193 {
194     netAddress_ = netAddress;
195 }
196 
GetNetAddress() const197 Socket::NetAddress TLSConfiguration::GetNetAddress() const
198 {
199     return netAddress_;
200 }
201 
SetSkipFlag(bool whetherToSkip)202 void TLSConfiguration::SetSkipFlag(bool whetherToSkip)
203 {
204     whetherToSkip_ = whetherToSkip;
205 }
206 
GetSkipFlag() const207 bool TLSConfiguration::GetSkipFlag() const
208 {
209     return whetherToSkip_;
210 }
211 } // namespace TlsSocket
212 } // namespace NetStack
213 } // namespace OHOS
214