11e934351Sopenharmony_ci/* 21e934351Sopenharmony_ci * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 31e934351Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 41e934351Sopenharmony_ci * you may not use this file except in compliance with the License. 51e934351Sopenharmony_ci * You may obtain a copy of the License at 61e934351Sopenharmony_ci * 71e934351Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 81e934351Sopenharmony_ci * 91e934351Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 101e934351Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 111e934351Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 121e934351Sopenharmony_ci * See the License for the specific language governing permissions and 131e934351Sopenharmony_ci * limitations under the License. 141e934351Sopenharmony_ci */ 151e934351Sopenharmony_ci 161e934351Sopenharmony_ci#ifndef COMMUNICATIONNETSTACK_TLS_SOCEKT_H 171e934351Sopenharmony_ci#define COMMUNICATIONNETSTACK_TLS_SOCEKT_H 181e934351Sopenharmony_ci 191e934351Sopenharmony_ci#include <any> 201e934351Sopenharmony_ci#include <condition_variable> 211e934351Sopenharmony_ci#include <cstring> 221e934351Sopenharmony_ci#include <functional> 231e934351Sopenharmony_ci#include <map> 241e934351Sopenharmony_ci#include <thread> 251e934351Sopenharmony_ci#include <tuple> 261e934351Sopenharmony_ci#include <unistd.h> 271e934351Sopenharmony_ci#include <vector> 281e934351Sopenharmony_ci 291e934351Sopenharmony_ci#include "extra_options_base.h" 301e934351Sopenharmony_ci#include "net_address.h" 311e934351Sopenharmony_ci#include "socket_error.h" 321e934351Sopenharmony_ci#include "socket_remote_info.h" 331e934351Sopenharmony_ci#include "socket_state_base.h" 341e934351Sopenharmony_ci#include "tcp_connect_options.h" 351e934351Sopenharmony_ci#include "tcp_extra_options.h" 361e934351Sopenharmony_ci#include "tcp_send_options.h" 371e934351Sopenharmony_ci#include "tls.h" 381e934351Sopenharmony_ci#include "tls_certificate.h" 391e934351Sopenharmony_ci#include "tls_configuration.h" 401e934351Sopenharmony_ci#include "tls_context.h" 411e934351Sopenharmony_ci#include "tls_key.h" 421e934351Sopenharmony_ci 431e934351Sopenharmony_cinamespace OHOS { 441e934351Sopenharmony_cinamespace NetStack { 451e934351Sopenharmony_cinamespace TlsSocket { 461e934351Sopenharmony_ci 471e934351Sopenharmony_ciusing BindCallback = std::function<void(int32_t errorNumber)>; 481e934351Sopenharmony_ciusing ConnectCallback = std::function<void(int32_t errorNumber)>; 491e934351Sopenharmony_ciusing SendCallback = std::function<void(int32_t errorNumber)>; 501e934351Sopenharmony_ciusing CloseCallback = std::function<void(int32_t errorNumber)>; 511e934351Sopenharmony_ciusing GetRemoteAddressCallback = std::function<void(int32_t errorNumber, const Socket::NetAddress &address)>; 521e934351Sopenharmony_ciusing GetLocalAddressCallback = std::function<void(int32_t errorNumber, const Socket::NetAddress &address)>; 531e934351Sopenharmony_ciusing GetStateCallback = std::function<void(int32_t errorNumber, const Socket::SocketStateBase &state)>; 541e934351Sopenharmony_ciusing SetExtraOptionsCallback = std::function<void(int32_t errorNumber)>; 551e934351Sopenharmony_ciusing GetCertificateCallback = std::function<void(int32_t errorNumber, const X509CertRawData &cert)>; 561e934351Sopenharmony_ciusing GetRemoteCertificateCallback = std::function<void(int32_t errorNumber, const X509CertRawData &cert)>; 571e934351Sopenharmony_ciusing GetProtocolCallback = std::function<void(int32_t errorNumber, const std::string &protocol)>; 581e934351Sopenharmony_ciusing GetCipherSuiteCallback = std::function<void(int32_t errorNumber, const std::vector<std::string> &suite)>; 591e934351Sopenharmony_ciusing GetSignatureAlgorithmsCallback = 601e934351Sopenharmony_ci std::function<void(int32_t errorNumber, const std::vector<std::string> &algorithms)>; 611e934351Sopenharmony_ci 621e934351Sopenharmony_ciusing OnMessageCallback = std::function<void(const std::string &data, const Socket::SocketRemoteInfo &remoteInfo)>; 631e934351Sopenharmony_ciusing OnConnectCallback = std::function<void(void)>; 641e934351Sopenharmony_ciusing OnCloseCallback = std::function<void(void)>; 651e934351Sopenharmony_ciusing OnErrorCallback = std::function<void(int32_t errorNumber, const std::string &errorString)>; 661e934351Sopenharmony_ci 671e934351Sopenharmony_ciusing CheckServerIdentity = 681e934351Sopenharmony_ci std::function<void(const std::string &hostName, const std::vector<std::string> &x509Certificates)>; 691e934351Sopenharmony_ci 701e934351Sopenharmony_ciconstexpr const char *ALPN_PROTOCOLS_HTTP_1_1 = "http1.1"; 711e934351Sopenharmony_ciconstexpr const char *ALPN_PROTOCOLS_HTTP_2 = "h2"; 721e934351Sopenharmony_ci 731e934351Sopenharmony_ciconstexpr size_t MAX_ERR_LEN = 1024; 741e934351Sopenharmony_ci 751e934351Sopenharmony_ci/** 761e934351Sopenharmony_ci * Parameters required during communication 771e934351Sopenharmony_ci */ 781e934351Sopenharmony_ciclass TLSSecureOptions { 791e934351Sopenharmony_cipublic: 801e934351Sopenharmony_ci TLSSecureOptions() = default; 811e934351Sopenharmony_ci ~TLSSecureOptions() = default; 821e934351Sopenharmony_ci 831e934351Sopenharmony_ci TLSSecureOptions(const TLSSecureOptions &tlsSecureOptions); 841e934351Sopenharmony_ci TLSSecureOptions &operator=(const TLSSecureOptions &tlsSecureOptions); 851e934351Sopenharmony_ci /** 861e934351Sopenharmony_ci * Set root CA Chain to verify the server cert 871e934351Sopenharmony_ci * @param caChain root certificate chain used to validate server certificates 881e934351Sopenharmony_ci */ 891e934351Sopenharmony_ci void SetCaChain(const std::vector<std::string> &caChain); 901e934351Sopenharmony_ci 911e934351Sopenharmony_ci /** 921e934351Sopenharmony_ci * Set digital certificate for server verification 931e934351Sopenharmony_ci * @param cert digital certificate sent to the server to verify validity 941e934351Sopenharmony_ci */ 951e934351Sopenharmony_ci void SetCert(const std::string &cert); 961e934351Sopenharmony_ci 971e934351Sopenharmony_ci /** 981e934351Sopenharmony_ci * Set key to decrypt server data 991e934351Sopenharmony_ci * @param keyChain key used to decrypt server data 1001e934351Sopenharmony_ci */ 1011e934351Sopenharmony_ci void SetKey(const SecureData &key); 1021e934351Sopenharmony_ci 1031e934351Sopenharmony_ci /** 1041e934351Sopenharmony_ci * Set the password to read the private key 1051e934351Sopenharmony_ci * @param keyPass read the password of the private key 1061e934351Sopenharmony_ci */ 1071e934351Sopenharmony_ci void SetKeyPass(const SecureData &keyPass); 1081e934351Sopenharmony_ci 1091e934351Sopenharmony_ci /** 1101e934351Sopenharmony_ci * Set the protocol used in communication 1111e934351Sopenharmony_ci * @param protocolChain protocol version number used 1121e934351Sopenharmony_ci */ 1131e934351Sopenharmony_ci void SetProtocolChain(const std::vector<std::string> &protocolChain); 1141e934351Sopenharmony_ci 1151e934351Sopenharmony_ci /** 1161e934351Sopenharmony_ci * Whether the peer cipher suite is preferred for communication 1171e934351Sopenharmony_ci * @param useRemoteCipherPrefer whether the peer cipher suite is preferred 1181e934351Sopenharmony_ci */ 1191e934351Sopenharmony_ci void SetUseRemoteCipherPrefer(bool useRemoteCipherPrefer); 1201e934351Sopenharmony_ci 1211e934351Sopenharmony_ci /** 1221e934351Sopenharmony_ci * Encryption algorithm used in communication 1231e934351Sopenharmony_ci * @param signatureAlgorithms encryption algorithm e.g: rsa 1241e934351Sopenharmony_ci */ 1251e934351Sopenharmony_ci void SetSignatureAlgorithms(const std::string &signatureAlgorithms); 1261e934351Sopenharmony_ci 1271e934351Sopenharmony_ci /** 1281e934351Sopenharmony_ci * Crypto suite used in communication 1291e934351Sopenharmony_ci * @param cipherSuite cipher suite e.g:AES256-SHA256 1301e934351Sopenharmony_ci */ 1311e934351Sopenharmony_ci void SetCipherSuite(const std::string &cipherSuite); 1321e934351Sopenharmony_ci 1331e934351Sopenharmony_ci /** 1341e934351Sopenharmony_ci * Set a revoked certificate 1351e934351Sopenharmony_ci * @param crlChain certificate Revocation List 1361e934351Sopenharmony_ci */ 1371e934351Sopenharmony_ci void SetCrlChain(const std::vector<std::string> &crlChain); 1381e934351Sopenharmony_ci 1391e934351Sopenharmony_ci /** 1401e934351Sopenharmony_ci * Get root CA Chain to verify the server cert 1411e934351Sopenharmony_ci * @return root CA chain 1421e934351Sopenharmony_ci */ 1431e934351Sopenharmony_ci [[nodiscard]] const std::vector<std::string> &GetCaChain() const; 1441e934351Sopenharmony_ci 1451e934351Sopenharmony_ci /** 1461e934351Sopenharmony_ci * Obtain a certificate to send to the server for checking 1471e934351Sopenharmony_ci * @return digital certificate obtained 1481e934351Sopenharmony_ci */ 1491e934351Sopenharmony_ci [[nodiscard]] const std::string &GetCert() const; 1501e934351Sopenharmony_ci 1511e934351Sopenharmony_ci /** 1521e934351Sopenharmony_ci * Obtain the private key in the communication process 1531e934351Sopenharmony_ci * @return private key during communication 1541e934351Sopenharmony_ci */ 1551e934351Sopenharmony_ci [[nodiscard]] const SecureData &GetKey() const; 1561e934351Sopenharmony_ci 1571e934351Sopenharmony_ci /** 1581e934351Sopenharmony_ci * Get the password to read the private key 1591e934351Sopenharmony_ci * @return read the password of the private key 1601e934351Sopenharmony_ci */ 1611e934351Sopenharmony_ci [[nodiscard]] const SecureData &GetKeyPass() const; 1621e934351Sopenharmony_ci 1631e934351Sopenharmony_ci /** 1641e934351Sopenharmony_ci * Get the protocol of the communication process 1651e934351Sopenharmony_ci * @return protocol of communication process 1661e934351Sopenharmony_ci */ 1671e934351Sopenharmony_ci [[nodiscard]] const std::vector<std::string> &GetProtocolChain() const; 1681e934351Sopenharmony_ci 1691e934351Sopenharmony_ci /** 1701e934351Sopenharmony_ci * Is the remote cipher suite being used for communication 1711e934351Sopenharmony_ci * @return is use Remote Cipher Prefer 1721e934351Sopenharmony_ci */ 1731e934351Sopenharmony_ci [[nodiscard]] bool UseRemoteCipherPrefer() const; 1741e934351Sopenharmony_ci 1751e934351Sopenharmony_ci /** 1761e934351Sopenharmony_ci * Obtain the encryption algorithm used in the communication process 1771e934351Sopenharmony_ci * @return encryption algorithm used in communication 1781e934351Sopenharmony_ci */ 1791e934351Sopenharmony_ci [[nodiscard]] const std::string &GetSignatureAlgorithms() const; 1801e934351Sopenharmony_ci 1811e934351Sopenharmony_ci /** 1821e934351Sopenharmony_ci * Obtain the cipher suite used in communication 1831e934351Sopenharmony_ci * @return crypto suite used in communication 1841e934351Sopenharmony_ci */ 1851e934351Sopenharmony_ci [[nodiscard]] const std::string &GetCipherSuite() const; 1861e934351Sopenharmony_ci 1871e934351Sopenharmony_ci /** 1881e934351Sopenharmony_ci * Get revoked certificate chain 1891e934351Sopenharmony_ci * @return revoked certificate chain 1901e934351Sopenharmony_ci */ 1911e934351Sopenharmony_ci [[nodiscard]] const std::vector<std::string> &GetCrlChain() const; 1921e934351Sopenharmony_ci 1931e934351Sopenharmony_ci void SetVerifyMode(VerifyMode verifyMode); 1941e934351Sopenharmony_ci 1951e934351Sopenharmony_ci [[nodiscard]] VerifyMode GetVerifyMode() const; 1961e934351Sopenharmony_ci 1971e934351Sopenharmony_ciprivate: 1981e934351Sopenharmony_ci std::vector<std::string> caChain_; 1991e934351Sopenharmony_ci std::string cert_; 2001e934351Sopenharmony_ci SecureData key_; 2011e934351Sopenharmony_ci SecureData keyPass_; 2021e934351Sopenharmony_ci std::vector<std::string> protocolChain_; 2031e934351Sopenharmony_ci bool useRemoteCipherPrefer_ = false; 2041e934351Sopenharmony_ci std::string signatureAlgorithms_; 2051e934351Sopenharmony_ci std::string cipherSuite_; 2061e934351Sopenharmony_ci std::vector<std::string> crlChain_; 2071e934351Sopenharmony_ci VerifyMode TLSVerifyMode_ = VerifyMode::ONE_WAY_MODE; 2081e934351Sopenharmony_ci}; 2091e934351Sopenharmony_ci 2101e934351Sopenharmony_ci/** 2111e934351Sopenharmony_ci * Some options required during tls connection 2121e934351Sopenharmony_ci */ 2131e934351Sopenharmony_ciclass TLSConnectOptions { 2141e934351Sopenharmony_cipublic: 2151e934351Sopenharmony_ci friend class TLSSocketExec; 2161e934351Sopenharmony_ci /** 2171e934351Sopenharmony_ci * Communication parameters required for connection establishment 2181e934351Sopenharmony_ci * @param address communication parameters during connection 2191e934351Sopenharmony_ci */ 2201e934351Sopenharmony_ci void SetNetAddress(const Socket::NetAddress &address); 2211e934351Sopenharmony_ci 2221e934351Sopenharmony_ci /** 2231e934351Sopenharmony_ci * Parameters required during communication 2241e934351Sopenharmony_ci * @param tlsSecureOptions certificate and other relevant parameters 2251e934351Sopenharmony_ci */ 2261e934351Sopenharmony_ci void SetTlsSecureOptions(TLSSecureOptions &tlsSecureOptions); 2271e934351Sopenharmony_ci 2281e934351Sopenharmony_ci /** 2291e934351Sopenharmony_ci * Set the callback function to check the validity of the server 2301e934351Sopenharmony_ci * @param checkServerIdentity callback function passed in by API caller 2311e934351Sopenharmony_ci */ 2321e934351Sopenharmony_ci void SetCheckServerIdentity(const CheckServerIdentity &checkServerIdentity); 2331e934351Sopenharmony_ci 2341e934351Sopenharmony_ci /** 2351e934351Sopenharmony_ci * Set application layer protocol negotiation 2361e934351Sopenharmony_ci * @param alpnProtocols application layer protocol negotiation 2371e934351Sopenharmony_ci */ 2381e934351Sopenharmony_ci void SetAlpnProtocols(const std::vector<std::string> &alpnProtocols); 2391e934351Sopenharmony_ci 2401e934351Sopenharmony_ci /** 2411e934351Sopenharmony_ci * Set whether to skip remote validation 2421e934351Sopenharmony_ci * @param skipRemoteValidation flag to choose whether to skip validation 2431e934351Sopenharmony_ci */ 2441e934351Sopenharmony_ci void SetSkipRemoteValidation(bool skipRemoteValidation); 2451e934351Sopenharmony_ci 2461e934351Sopenharmony_ci /** 2471e934351Sopenharmony_ci * Obtain the network address of the communication process 2481e934351Sopenharmony_ci * @return network address 2491e934351Sopenharmony_ci */ 2501e934351Sopenharmony_ci [[nodiscard]] Socket::NetAddress GetNetAddress() const; 2511e934351Sopenharmony_ci 2521e934351Sopenharmony_ci /** 2531e934351Sopenharmony_ci * Obtain the parameters required in the communication process 2541e934351Sopenharmony_ci * @return certificate and other relevant parameters 2551e934351Sopenharmony_ci */ 2561e934351Sopenharmony_ci [[nodiscard]] TLSSecureOptions GetTlsSecureOptions() const; 2571e934351Sopenharmony_ci 2581e934351Sopenharmony_ci /** 2591e934351Sopenharmony_ci * Get the check server ID callback function passed in by the API caller 2601e934351Sopenharmony_ci * @return check the server identity callback function 2611e934351Sopenharmony_ci */ 2621e934351Sopenharmony_ci [[nodiscard]] CheckServerIdentity GetCheckServerIdentity() const; 2631e934351Sopenharmony_ci 2641e934351Sopenharmony_ci /** 2651e934351Sopenharmony_ci * Obtain the application layer protocol negotiation in the communication process 2661e934351Sopenharmony_ci * @return application layer protocol negotiation 2671e934351Sopenharmony_ci */ 2681e934351Sopenharmony_ci [[nodiscard]] const std::vector<std::string> &GetAlpnProtocols() const; 2691e934351Sopenharmony_ci 2701e934351Sopenharmony_ci /** 2711e934351Sopenharmony_ci * Get the choice of whether to skip remote validaion 2721e934351Sopenharmony_ci * @return skipRemoteValidaion result 2731e934351Sopenharmony_ci */ 2741e934351Sopenharmony_ci [[nodiscard]] bool GetSkipRemoteValidation() const; 2751e934351Sopenharmony_ci 2761e934351Sopenharmony_ciprivate: 2771e934351Sopenharmony_ci Socket::NetAddress address_; 2781e934351Sopenharmony_ci TLSSecureOptions tlsSecureOptions_; 2791e934351Sopenharmony_ci CheckServerIdentity checkServerIdentity_; 2801e934351Sopenharmony_ci std::vector<std::string> alpnProtocols_; 2811e934351Sopenharmony_ci bool skipRemoteValidation_ = false; 2821e934351Sopenharmony_ci}; 2831e934351Sopenharmony_ci 2841e934351Sopenharmony_ci/** 2851e934351Sopenharmony_ci * TLS socket interface class 2861e934351Sopenharmony_ci */ 2871e934351Sopenharmony_ciclass TLSSocket { 2881e934351Sopenharmony_cipublic: 2891e934351Sopenharmony_ci TLSSocket(const TLSSocket &) = delete; 2901e934351Sopenharmony_ci TLSSocket(TLSSocket &&) = delete; 2911e934351Sopenharmony_ci 2921e934351Sopenharmony_ci TLSSocket &operator=(const TLSSocket &) = delete; 2931e934351Sopenharmony_ci TLSSocket &operator=(TLSSocket &&) = delete; 2941e934351Sopenharmony_ci 2951e934351Sopenharmony_ci TLSSocket() = default; 2961e934351Sopenharmony_ci ~TLSSocket() = default; 2971e934351Sopenharmony_ci 2981e934351Sopenharmony_ci explicit TLSSocket(int sockFd): sockFd_(sockFd), isExtSock_(true) {} 2991e934351Sopenharmony_ci 3001e934351Sopenharmony_ci /** 3011e934351Sopenharmony_ci * Create a socket and bind to the address specified by address 3021e934351Sopenharmony_ci * @param address ip address 3031e934351Sopenharmony_ci * @param callback callback to the caller if bind ok or not 3041e934351Sopenharmony_ci */ 3051e934351Sopenharmony_ci void Bind(Socket::NetAddress &address, const BindCallback &callback); 3061e934351Sopenharmony_ci 3071e934351Sopenharmony_ci /** 3081e934351Sopenharmony_ci * Establish a secure connection based on the created socket 3091e934351Sopenharmony_ci * @param tlsConnectOptions some options required during tls connection 3101e934351Sopenharmony_ci * @param callback callback to the caller if connect ok or not 3111e934351Sopenharmony_ci */ 3121e934351Sopenharmony_ci void Connect(TLSConnectOptions &tlsConnectOptions, const ConnectCallback &callback); 3131e934351Sopenharmony_ci 3141e934351Sopenharmony_ci /** 3151e934351Sopenharmony_ci * Send data based on the created socket 3161e934351Sopenharmony_ci * @param tcpSendOptions some options required during tcp data transmission 3171e934351Sopenharmony_ci * @param callback callback to the caller if send ok or not 3181e934351Sopenharmony_ci */ 3191e934351Sopenharmony_ci void Send(const Socket::TCPSendOptions &tcpSendOptions, const SendCallback &callback); 3201e934351Sopenharmony_ci 3211e934351Sopenharmony_ci /** 3221e934351Sopenharmony_ci * Disconnect by releasing the socket when communicating 3231e934351Sopenharmony_ci * @param callback callback to the caller 3241e934351Sopenharmony_ci */ 3251e934351Sopenharmony_ci void Close(const CloseCallback &callback); 3261e934351Sopenharmony_ci 3271e934351Sopenharmony_ci /** 3281e934351Sopenharmony_ci * Get the peer network address 3291e934351Sopenharmony_ci * @param callback callback to the caller 3301e934351Sopenharmony_ci */ 3311e934351Sopenharmony_ci void GetRemoteAddress(const GetRemoteAddressCallback &callback); 3321e934351Sopenharmony_ci 3331e934351Sopenharmony_ci /** 3341e934351Sopenharmony_ci * Get the status of the current socket 3351e934351Sopenharmony_ci * @param callback callback to the caller 3361e934351Sopenharmony_ci */ 3371e934351Sopenharmony_ci void GetState(const GetStateCallback &callback); 3381e934351Sopenharmony_ci 3391e934351Sopenharmony_ci /** 3401e934351Sopenharmony_ci * Gets or sets the options associated with the current socket 3411e934351Sopenharmony_ci * @param tcpExtraOptions options associated with the current socket 3421e934351Sopenharmony_ci * @param callback callback to the caller 3431e934351Sopenharmony_ci */ 3441e934351Sopenharmony_ci void SetExtraOptions(const Socket::TCPExtraOptions &tcpExtraOptions, const SetExtraOptionsCallback &callback); 3451e934351Sopenharmony_ci 3461e934351Sopenharmony_ci /** 3471e934351Sopenharmony_ci * Get a local digital certificate 3481e934351Sopenharmony_ci * @param callback callback to the caller 3491e934351Sopenharmony_ci */ 3501e934351Sopenharmony_ci void GetCertificate(const GetCertificateCallback &callback); 3511e934351Sopenharmony_ci 3521e934351Sopenharmony_ci /** 3531e934351Sopenharmony_ci * Get the peer digital certificate 3541e934351Sopenharmony_ci * @param needChain need chain 3551e934351Sopenharmony_ci * @param callback callback to the caller 3561e934351Sopenharmony_ci */ 3571e934351Sopenharmony_ci void GetRemoteCertificate(const GetRemoteCertificateCallback &callback); 3581e934351Sopenharmony_ci 3591e934351Sopenharmony_ci /** 3601e934351Sopenharmony_ci * Obtain the protocol used in communication 3611e934351Sopenharmony_ci * @param callback callback to the caller 3621e934351Sopenharmony_ci */ 3631e934351Sopenharmony_ci void GetProtocol(const GetProtocolCallback &callback); 3641e934351Sopenharmony_ci 3651e934351Sopenharmony_ci /** 3661e934351Sopenharmony_ci * Obtain the cipher suite used in communication 3671e934351Sopenharmony_ci * @param callback callback to the caller 3681e934351Sopenharmony_ci */ 3691e934351Sopenharmony_ci void GetCipherSuite(const GetCipherSuiteCallback &callback); 3701e934351Sopenharmony_ci 3711e934351Sopenharmony_ci /** 3721e934351Sopenharmony_ci * Obtain the encryption algorithm used in the communication process 3731e934351Sopenharmony_ci * @param callback callback to the caller 3741e934351Sopenharmony_ci */ 3751e934351Sopenharmony_ci void GetSignatureAlgorithms(const GetSignatureAlgorithmsCallback &callback); 3761e934351Sopenharmony_ci 3771e934351Sopenharmony_ci /** 3781e934351Sopenharmony_ci * Register a callback which is called when message is received 3791e934351Sopenharmony_ci * @param onMessageCallback callback which is called when message is received 3801e934351Sopenharmony_ci */ 3811e934351Sopenharmony_ci void OnMessage(const OnMessageCallback &onMessageCallback); 3821e934351Sopenharmony_ci 3831e934351Sopenharmony_ci /** 3841e934351Sopenharmony_ci * Register the callback that is called when the connection is established 3851e934351Sopenharmony_ci * @param onConnectCallback callback invoked when connection is established 3861e934351Sopenharmony_ci */ 3871e934351Sopenharmony_ci void OnConnect(const OnConnectCallback &onConnectCallback); 3881e934351Sopenharmony_ci 3891e934351Sopenharmony_ci /** 3901e934351Sopenharmony_ci * Register the callback that is called when the connection is disconnected 3911e934351Sopenharmony_ci * @param onCloseCallback callback invoked when disconnected 3921e934351Sopenharmony_ci */ 3931e934351Sopenharmony_ci void OnClose(const OnCloseCallback &onCloseCallback); 3941e934351Sopenharmony_ci 3951e934351Sopenharmony_ci /** 3961e934351Sopenharmony_ci * Register the callback that is called when an error occurs 3971e934351Sopenharmony_ci * @param onErrorCallback callback invoked when an error occurs 3981e934351Sopenharmony_ci */ 3991e934351Sopenharmony_ci void OnError(const OnErrorCallback &onErrorCallback); 4001e934351Sopenharmony_ci 4011e934351Sopenharmony_ci /** 4021e934351Sopenharmony_ci * Unregister the callback which is called when message is received 4031e934351Sopenharmony_ci */ 4041e934351Sopenharmony_ci void OffMessage(); 4051e934351Sopenharmony_ci 4061e934351Sopenharmony_ci /** 4071e934351Sopenharmony_ci * Off Connect 4081e934351Sopenharmony_ci */ 4091e934351Sopenharmony_ci void OffConnect(); 4101e934351Sopenharmony_ci 4111e934351Sopenharmony_ci /** 4121e934351Sopenharmony_ci * Off Close 4131e934351Sopenharmony_ci */ 4141e934351Sopenharmony_ci void OffClose(); 4151e934351Sopenharmony_ci 4161e934351Sopenharmony_ci /** 4171e934351Sopenharmony_ci * Off Error 4181e934351Sopenharmony_ci */ 4191e934351Sopenharmony_ci void OffError(); 4201e934351Sopenharmony_ci 4211e934351Sopenharmony_ci /** 4221e934351Sopenharmony_ci * Get the socket file description of the server 4231e934351Sopenharmony_ci */ 4241e934351Sopenharmony_ci int GetSocketFd(); 4251e934351Sopenharmony_ci 4261e934351Sopenharmony_ci /** 4271e934351Sopenharmony_ci * Set the current socket file description address of the server 4281e934351Sopenharmony_ci */ 4291e934351Sopenharmony_ci void SetLocalAddress(const Socket::NetAddress &address); 4301e934351Sopenharmony_ci 4311e934351Sopenharmony_ci /** 4321e934351Sopenharmony_ci * Get the current socket file description address of the server 4331e934351Sopenharmony_ci */ 4341e934351Sopenharmony_ci Socket::NetAddress GetLocalAddress(); 4351e934351Sopenharmony_ci 4361e934351Sopenharmony_ci bool GetCloseState(); 4371e934351Sopenharmony_ci 4381e934351Sopenharmony_ci void SetCloseState(bool flag); 4391e934351Sopenharmony_ci 4401e934351Sopenharmony_ci std::mutex &GetCloseLock(); 4411e934351Sopenharmony_ciprivate: 4421e934351Sopenharmony_ci class TLSSocketInternal final { 4431e934351Sopenharmony_ci public: 4441e934351Sopenharmony_ci TLSSocketInternal() = default; 4451e934351Sopenharmony_ci ~TLSSocketInternal() = default; 4461e934351Sopenharmony_ci 4471e934351Sopenharmony_ci /** 4481e934351Sopenharmony_ci * Establish an encrypted connection on the specified socket 4491e934351Sopenharmony_ci * @param sock socket for establishing encrypted connection 4501e934351Sopenharmony_ci * @param options some options required during tls connection 4511e934351Sopenharmony_ci * @param isExtSock socket fd is originated from external source when constructing tls socket 4521e934351Sopenharmony_ci * @return whether the encrypted connection is successfully established 4531e934351Sopenharmony_ci */ 4541e934351Sopenharmony_ci bool TlsConnectToHost(int sock, const TLSConnectOptions &options, bool isExtSock); 4551e934351Sopenharmony_ci 4561e934351Sopenharmony_ci /** 4571e934351Sopenharmony_ci * Set the configuration items for establishing encrypted connections 4581e934351Sopenharmony_ci * @param config configuration item when establishing encrypted connection 4591e934351Sopenharmony_ci */ 4601e934351Sopenharmony_ci void SetTlsConfiguration(const TLSConnectOptions &config); 4611e934351Sopenharmony_ci 4621e934351Sopenharmony_ci /** 4631e934351Sopenharmony_ci * Send data through an established encrypted connection 4641e934351Sopenharmony_ci * @param data data sent over an established encrypted connection 4651e934351Sopenharmony_ci * @return whether the data is successfully sent to the server 4661e934351Sopenharmony_ci */ 4671e934351Sopenharmony_ci bool Send(const std::string &data); 4681e934351Sopenharmony_ci 4691e934351Sopenharmony_ci /** 4701e934351Sopenharmony_ci * Receive the data sent by the server through the established encrypted connection 4711e934351Sopenharmony_ci * @param buffer receive the data sent by the server 4721e934351Sopenharmony_ci * @param maxBufferSize the size of the data received from the server 4731e934351Sopenharmony_ci * @return whether the data sent by the server is successfully received 4741e934351Sopenharmony_ci */ 4751e934351Sopenharmony_ci int Recv(char *buffer, int maxBufferSize); 4761e934351Sopenharmony_ci 4771e934351Sopenharmony_ci /** 4781e934351Sopenharmony_ci * Disconnect encrypted connection 4791e934351Sopenharmony_ci * @return whether the encrypted connection was successfully disconnected 4801e934351Sopenharmony_ci */ 4811e934351Sopenharmony_ci bool Close(); 4821e934351Sopenharmony_ci 4831e934351Sopenharmony_ci /** 4841e934351Sopenharmony_ci * Set the application layer negotiation protocol in the encrypted communication process 4851e934351Sopenharmony_ci * @param alpnProtocols application layer negotiation protocol 4861e934351Sopenharmony_ci * @return set whether the application layer negotiation protocol is successful during encrypted communication 4871e934351Sopenharmony_ci */ 4881e934351Sopenharmony_ci bool SetAlpnProtocols(const std::vector<std::string> &alpnProtocols); 4891e934351Sopenharmony_ci 4901e934351Sopenharmony_ci /** 4911e934351Sopenharmony_ci * Storage of server communication related network information 4921e934351Sopenharmony_ci * @param remoteInfo communication related network information 4931e934351Sopenharmony_ci */ 4941e934351Sopenharmony_ci void MakeRemoteInfo(Socket::SocketRemoteInfo &remoteInfo); 4951e934351Sopenharmony_ci 4961e934351Sopenharmony_ci /** 4971e934351Sopenharmony_ci * convert the code to ssl error code 4981e934351Sopenharmony_ci * @return the value for ssl error code. 4991e934351Sopenharmony_ci */ 5001e934351Sopenharmony_ci int ConvertSSLError(void); 5011e934351Sopenharmony_ci 5021e934351Sopenharmony_ci /** 5031e934351Sopenharmony_ci * Get configuration options for encrypted communication process 5041e934351Sopenharmony_ci * @return configuration options for encrypted communication processes 5051e934351Sopenharmony_ci */ 5061e934351Sopenharmony_ci [[nodiscard]] TLSConfiguration GetTlsConfiguration() const; 5071e934351Sopenharmony_ci 5081e934351Sopenharmony_ci /** 5091e934351Sopenharmony_ci * Obtain the cipher suite during encrypted communication 5101e934351Sopenharmony_ci * @return crypto suite used in encrypted communication 5111e934351Sopenharmony_ci */ 5121e934351Sopenharmony_ci [[nodiscard]] std::vector<std::string> GetCipherSuite() const; 5131e934351Sopenharmony_ci 5141e934351Sopenharmony_ci /** 5151e934351Sopenharmony_ci * Obtain the peer certificate used in encrypted communication 5161e934351Sopenharmony_ci * @return peer certificate used in encrypted communication 5171e934351Sopenharmony_ci */ 5181e934351Sopenharmony_ci [[nodiscard]] std::string GetRemoteCertificate() const; 5191e934351Sopenharmony_ci 5201e934351Sopenharmony_ci /** 5211e934351Sopenharmony_ci * Obtain the peer certificate used in encrypted communication 5221e934351Sopenharmony_ci * @return peer certificate serialization data used in encrypted communication 5231e934351Sopenharmony_ci */ 5241e934351Sopenharmony_ci [[nodiscard]] const X509CertRawData &GetRemoteCertRawData() const; 5251e934351Sopenharmony_ci 5261e934351Sopenharmony_ci /** 5271e934351Sopenharmony_ci * Obtain the certificate used in encrypted communication 5281e934351Sopenharmony_ci * @return certificate serialization data used in encrypted communication 5291e934351Sopenharmony_ci */ 5301e934351Sopenharmony_ci [[nodiscard]] const X509CertRawData &GetCertificate() const; 5311e934351Sopenharmony_ci 5321e934351Sopenharmony_ci /** 5331e934351Sopenharmony_ci * Get the encryption algorithm used in encrypted communication 5341e934351Sopenharmony_ci * @return encryption algorithm used in encrypted communication 5351e934351Sopenharmony_ci */ 5361e934351Sopenharmony_ci [[nodiscard]] std::vector<std::string> GetSignatureAlgorithms() const; 5371e934351Sopenharmony_ci 5381e934351Sopenharmony_ci /** 5391e934351Sopenharmony_ci * Obtain the communication protocol used in encrypted communication 5401e934351Sopenharmony_ci * @return communication protocol used in encrypted communication 5411e934351Sopenharmony_ci */ 5421e934351Sopenharmony_ci [[nodiscard]] std::string GetProtocol() const; 5431e934351Sopenharmony_ci 5441e934351Sopenharmony_ci /** 5451e934351Sopenharmony_ci * Set the information about the shared signature algorithm supported by peers during encrypted communication 5461e934351Sopenharmony_ci * @return information about peer supported shared signature algorithms 5471e934351Sopenharmony_ci */ 5481e934351Sopenharmony_ci [[nodiscard]] bool SetSharedSigals(); 5491e934351Sopenharmony_ci 5501e934351Sopenharmony_ci /** 5511e934351Sopenharmony_ci * Obtain the ssl used in encrypted communication 5521e934351Sopenharmony_ci * @return SSL used in encrypted communication 5531e934351Sopenharmony_ci */ 5541e934351Sopenharmony_ci [[nodiscard]] ssl_st *GetSSL(); 5551e934351Sopenharmony_ci 5561e934351Sopenharmony_ci private: 5571e934351Sopenharmony_ci bool SendRetry(ssl_st *ssl, const char *curPos, size_t curSendSize, int sockfd); 5581e934351Sopenharmony_ci bool StartTlsConnected(const TLSConnectOptions &options); 5591e934351Sopenharmony_ci bool CreatTlsContext(); 5601e934351Sopenharmony_ci bool StartShakingHands(const TLSConnectOptions &options); 5611e934351Sopenharmony_ci bool GetRemoteCertificateFromPeer(); 5621e934351Sopenharmony_ci bool SetRemoteCertRawData(); 5631e934351Sopenharmony_ci bool PollSend(int sockfd, ssl_st *ssl, const char *pdata, int sendSize); 5641e934351Sopenharmony_ci std::string CheckServerIdentityLegal(const std::string &hostName, const X509 *x509Certificates); 5651e934351Sopenharmony_ci std::string CheckServerIdentityLegal(const std::string &hostName, X509_EXTENSION *ext, 5661e934351Sopenharmony_ci const X509 *x509Certificates); 5671e934351Sopenharmony_ci 5681e934351Sopenharmony_ci private: 5691e934351Sopenharmony_ci std::mutex mutexForSsl_; 5701e934351Sopenharmony_ci ssl_st *ssl_ = nullptr; 5711e934351Sopenharmony_ci X509 *peerX509_ = nullptr; 5721e934351Sopenharmony_ci uint16_t port_ = 0; 5731e934351Sopenharmony_ci sa_family_t family_ = 0; 5741e934351Sopenharmony_ci int32_t socketDescriptor_ = 0; 5751e934351Sopenharmony_ci 5761e934351Sopenharmony_ci TLSContext tlsContext_; 5771e934351Sopenharmony_ci TLSConfiguration configuration_; 5781e934351Sopenharmony_ci Socket::NetAddress address_; 5791e934351Sopenharmony_ci X509CertRawData remoteRawData_; 5801e934351Sopenharmony_ci 5811e934351Sopenharmony_ci std::string hostName_; 5821e934351Sopenharmony_ci std::string remoteCert_; 5831e934351Sopenharmony_ci 5841e934351Sopenharmony_ci std::vector<std::string> signatureAlgorithms_; 5851e934351Sopenharmony_ci std::unique_ptr<TLSContext> tlsContextPointer_ = nullptr; 5861e934351Sopenharmony_ci }; 5871e934351Sopenharmony_ci 5881e934351Sopenharmony_ciprivate: 5891e934351Sopenharmony_ci TLSSocketInternal tlsSocketInternal_; 5901e934351Sopenharmony_ci 5911e934351Sopenharmony_ci static std::string MakeAddressString(sockaddr *addr); 5921e934351Sopenharmony_ci 5931e934351Sopenharmony_ci static void GetAddr(const Socket::NetAddress &address, sockaddr_in *addr4, sockaddr_in6 *addr6, sockaddr **addr, 5941e934351Sopenharmony_ci socklen_t *len); 5951e934351Sopenharmony_ci 5961e934351Sopenharmony_ci void CallOnMessageCallback(const std::string &data, const Socket::SocketRemoteInfo &remoteInfo); 5971e934351Sopenharmony_ci void CallOnConnectCallback(); 5981e934351Sopenharmony_ci void CallOnCloseCallback(); 5991e934351Sopenharmony_ci void CallOnErrorCallback(int32_t err, const std::string &errString); 6001e934351Sopenharmony_ci 6011e934351Sopenharmony_ci void CallBindCallback(int32_t err, BindCallback callback); 6021e934351Sopenharmony_ci void CallConnectCallback(int32_t err, ConnectCallback callback); 6031e934351Sopenharmony_ci void CallSendCallback(int32_t err, SendCallback callback); 6041e934351Sopenharmony_ci void CallCloseCallback(int32_t err, CloseCallback callback); 6051e934351Sopenharmony_ci void CallGetRemoteAddressCallback(int32_t err, const Socket::NetAddress &address, 6061e934351Sopenharmony_ci GetRemoteAddressCallback callback); 6071e934351Sopenharmony_ci void CallGetStateCallback(int32_t err, const Socket::SocketStateBase &state, GetStateCallback callback); 6081e934351Sopenharmony_ci void CallSetExtraOptionsCallback(int32_t err, SetExtraOptionsCallback callback); 6091e934351Sopenharmony_ci void CallGetCertificateCallback(int32_t err, const X509CertRawData &cert, GetCertificateCallback callback); 6101e934351Sopenharmony_ci void CallGetRemoteCertificateCallback(int32_t err, const X509CertRawData &cert, 6111e934351Sopenharmony_ci GetRemoteCertificateCallback callback); 6121e934351Sopenharmony_ci void CallGetProtocolCallback(int32_t err, const std::string &protocol, GetProtocolCallback callback); 6131e934351Sopenharmony_ci void CallGetCipherSuiteCallback(int32_t err, const std::vector<std::string> &suite, 6141e934351Sopenharmony_ci GetCipherSuiteCallback callback); 6151e934351Sopenharmony_ci void CallGetSignatureAlgorithmsCallback(int32_t err, const std::vector<std::string> &algorithms, 6161e934351Sopenharmony_ci GetSignatureAlgorithmsCallback callback); 6171e934351Sopenharmony_ci 6181e934351Sopenharmony_ci int ReadMessage(); 6191e934351Sopenharmony_ci void StartReadMessage(); 6201e934351Sopenharmony_ci 6211e934351Sopenharmony_ci void GetIp4RemoteAddress(const GetRemoteAddressCallback &callback); 6221e934351Sopenharmony_ci void GetIp6RemoteAddress(const GetRemoteAddressCallback &callback); 6231e934351Sopenharmony_ci 6241e934351Sopenharmony_ci [[nodiscard]] bool SetBaseOptions(const Socket::ExtraOptionsBase &option) const; 6251e934351Sopenharmony_ci [[nodiscard]] bool SetExtraOptions(const Socket::TCPExtraOptions &option) const; 6261e934351Sopenharmony_ci 6271e934351Sopenharmony_ci void MakeIpSocket(sa_family_t family); 6281e934351Sopenharmony_ci 6291e934351Sopenharmony_ci template<class T> 6301e934351Sopenharmony_ci void DealCallback(int32_t err, T &callback) 6311e934351Sopenharmony_ci { 6321e934351Sopenharmony_ci T func = nullptr; 6331e934351Sopenharmony_ci { 6341e934351Sopenharmony_ci std::lock_guard<std::mutex> lock(mutex_); 6351e934351Sopenharmony_ci if (callback) { 6361e934351Sopenharmony_ci func = callback; 6371e934351Sopenharmony_ci } 6381e934351Sopenharmony_ci } 6391e934351Sopenharmony_ci 6401e934351Sopenharmony_ci if (func) { 6411e934351Sopenharmony_ci func(err); 6421e934351Sopenharmony_ci } 6431e934351Sopenharmony_ci } 6441e934351Sopenharmony_ci 6451e934351Sopenharmony_ciprivate: 6461e934351Sopenharmony_ci static constexpr const size_t MAX_ERROR_LEN = 128; 6471e934351Sopenharmony_ci static constexpr const size_t MAX_BUFFER_SIZE = 8192; 6481e934351Sopenharmony_ci 6491e934351Sopenharmony_ci OnMessageCallback onMessageCallback_; 6501e934351Sopenharmony_ci OnConnectCallback onConnectCallback_; 6511e934351Sopenharmony_ci OnCloseCallback onCloseCallback_; 6521e934351Sopenharmony_ci OnErrorCallback onErrorCallback_; 6531e934351Sopenharmony_ci 6541e934351Sopenharmony_ci std::mutex mutex_; 6551e934351Sopenharmony_ci std::mutex recvMutex_; 6561e934351Sopenharmony_ci std::mutex cvMutex_; 6571e934351Sopenharmony_ci bool isRunning_ = false; 6581e934351Sopenharmony_ci bool isRunOver_ = true; 6591e934351Sopenharmony_ci std::condition_variable cvSslFree_; 6601e934351Sopenharmony_ci int sockFd_ = -1; 6611e934351Sopenharmony_ci bool isExtSock_ = false; 6621e934351Sopenharmony_ci Socket::NetAddress localAddress_; 6631e934351Sopenharmony_ci bool isClosed = false; 6641e934351Sopenharmony_ci std::mutex mutexForClose_; 6651e934351Sopenharmony_ci}; 6661e934351Sopenharmony_ci} // namespace TlsSocket 6671e934351Sopenharmony_ci} // namespace NetStack 6681e934351Sopenharmony_ci} // namespace OHOS 6691e934351Sopenharmony_ci 6701e934351Sopenharmony_ci#endif // COMMUNICATIONNETSTACK_TLS_SOCEKT_H 671