1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NET_SSL_C_H
17 #define NET_SSL_C_H
18 
19 /**
20  * @addtogroup netstack
21  * @{
22  *
23  * @brief Provides C APIs for the SSL/TLS certificate chain verification module.
24  *
25  * @since 11
26  * @version 1.0
27  */
28 
29 /**
30  * @file net_ssl_c.h
31  *
32  * @brief Defines C APIs for the SSL/TLS certificate chain verification module.
33  *
34  * @library libnet_ssl.so
35  * @syscap SystemCapability.Communication.NetStack
36  * @since 11
37  * @version 1.0
38  */
39 
40 #include "net_ssl_c_type.h"
41 
42 #ifdef __cplusplus
43 extern "C" {
44 #endif
45 
46 /**
47  * @brief Provides certificate chain verification APIs for external systems.
48  *
49  * @param cert Certificate to be verified.
50  * @param caCert CA certificate specified by the user. If this parameter is left blank, the preset certificate is used.
51  * @return 0 - success.
52  * 2305001 - Unspecified error.
53  * 2305002 - Unable to get issuer certificate.
54  * 2305003 - Unable to get certificate revocation list (CRL).
55  * 2305004 - Unable to decrypt certificate signature.
56  * 2305005 - Unable to decrypt CRL signature.
57  * 2305006 - Unable to decode issuer public key.
58  * 2305007 - Certificate signature failure.
59  * 2305008 - CRL signature failure.
60  * 2305009 - Certificate is not yet valid.
61  * 2305010 - Certificate has expired.
62  * 2305011 - CRL is not yet valid.
63  * 2305012 - CRL has expired.
64  * 2305023 - Certificate has been revoked.
65  * 2305024 - Invalid certificate authority (CA).
66  * 2305027 - Certificate is untrusted.
67  * @syscap SystemCapability.Communication.NetStack
68  * @since 11
69  * @version 1.0
70  */
71 uint32_t OH_NetStack_CertVerification(const struct NetStack_CertBlob *cert, const struct NetStack_CertBlob *caCert);
72 
73 int32_t OH_NetStack_GetPinSetForHostName(const char *hostname, NetStack_CertificatePinning *pin);
74 
75 int32_t OH_NetStack_GetCertificatesForHostName(const char *hostname, NetStack_Certificates *certs);
76 
77 void OH_Netstack_DestroyCertificatesContent(NetStack_Certificates *certs);
78 
79 #ifdef __cplusplus
80 }
81 #endif
82 
83 #endif // NET_SSL_C_H
84