netxduo
Select one of the symbols to view example projects that use it.
 
Outline
...
...
...
...
#define NX_SECURE_SOURCE_CODE
#include "nx_secure_tls.h"
...
...
_nx_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *, UINT, void *, ULONG)
Files
loading...
CodeScopeSTM32 Libraries and Samplesnetxduonx_secure/src/nx_secure_tls_session_x509_client_verify_configure.c
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
/**************************************************************************/ /* */ /* Copyright (c) Microsoft Corporation. All rights reserved. */ /* */ /* This software is licensed under the Microsoft Software License */ /* Terms for Microsoft Azure RTOS. Full text of the license can be */ /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */ /* and in the root directory of this software. */ /* */... /**************************************************************************/ ... /**************************************************************************/ /**************************************************************************/ /** */ /** NetX Secure Component */ /** */ /** Transport Layer Security (TLS) */ /** */... /**************************************************************************/ /**************************************************************************/ #define NX_SECURE_SOURCE_CODE /* Include necessary system files. */ #include "nx_secure_tls.h" ... /**************************************************************************/ /* */ /* FUNCTION RELEASE */ /* */ /* _nx_secure_tls_session_x509_client_verify_configure PORTABLE C */ /* 6.1 */ /* AUTHOR */ /* */ /* Timothy Stapko, Microsoft Corporation */ /* */ /* DESCRIPTION */ /* */ /* This function enables Client Certificate Verification for TLS */ /* Server instances and accepts buffer space to hold incoming */ /* certificates sent by the remote host. If enabled, the TLS Server */ /* will request and verify a remote TLS Client Certificate using all */ /* available crypto signature routines. The provided buffer must have */ /* enough space allocated for the maximum size of a certificate that */ /* may be provided by a client times the expected size of the */ /* certificate chain that may be provided. The size needed can be */ /* calculated using the following formula: */ /* */ /* size = (<# of certs>) * (sizeof(NX_SECURE_X509_CERT) + */ /* <expected max cert size (~2KB)>) */ /* */ /* The space will be divided equally amongst the number of certificates*/ /* that can be carved from the provided buffer. */ /* */ /* The incoming certificate chain will be verified against the trusted */ /* certificate store built using nx_secure_tls_trusted_certificate_add.*/ /* Client X509 certificate verification in TLS Server proceeds in the */ /* same manner as the default TLS Client behavior in verifying server */ /* certificates. */ /* */ /* Note that this will only work for TLS Server sessions. Enabling */ /* Client Certificate Verification for TLS Client sessions will have */ /* no effect. */ /* */ /* As of 5.12, the certificate buffer may be set to NX_NULL to */ /* indicate that internal certificate buffering should be used. If the */ /* certificate_buffer parameter is NX_NULL, the buffer_size parameter */ /* should be set to 0. */ /* */ /* INPUT */ /* */ /* tls_session Pointer to TLS Session */ /* certs_number Number of client certs */ /* certificate_buffer Buffer allocated for certs */ /* buffer_size Buffer size in bytes */ /* */ /* OUTPUT */ /* */ /* status Completion status */ /* */ /* CALLS */ /* */ /* _nx_secure_tls_remote_certificate_buffer_allocate */ /* Allocate certificate buffers */ /* */ /* CALLED BY */ /* */ /* Application Code */ /* */ /* RELEASE HISTORY */ /* */ /* DATE NAME DESCRIPTION */ /* */ /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ /* 09-30-2020 Timothy Stapko Modified comment(s), */ /* resulting in version 6.1 */ /* */... /**************************************************************************/ UINT _nx_secure_tls_session_x509_client_verify_configure(NX_SECURE_TLS_SESSION *tls_session, UINT certs_number, VOID *certificate_buffer, ULONG buffer_size) { UINT status = NX_SUCCESS; /* Signal the TLS stack to request and verify remote Client certificates. */ tls_session -> nx_secure_tls_verify_client_certificate = NX_TRUE; /* Allocate the certificate space. If buffer is NULL, then use internal in-place certificate buffering. */ if(certificate_buffer != NX_NULL && buffer_size != 0) { status = _nx_secure_tls_remote_certificate_buffer_allocate(tls_session, certs_number, certificate_buffer, buffer_size); }if (certificate_buffer != NX_NULL && buffer_size != 0) { ... } return(status); }{ ... }