/*************************************************************************** * Copyright (c) 2024 Microsoft Corporation * * This program and the accompanying materials are made available under the * terms of the MIT License which is available at * https://opensource.org/licenses/MIT. * * SPDX-License-Identifier: MIT **************************************************************************/ /**************************************************************************/ /**************************************************************************/ /** */ /** NetX Secure Component */ /** */ /** Transport Layer Security (TLS) */ /** */ /**************************************************************************/ /**************************************************************************/ #define NX_SECURE_SOURCE_CODE /* Include necessary system files. */ #include "nx_secure_tls.h" /**************************************************************************/ /* */ /* FUNCTION RELEASE */ /* */ /* _nx_secure_tls_active_certificate_set PORTABLE C */ /* 6.2.1 */ /* AUTHOR */ /* */ /* Timothy Stapko, Microsoft Corporation */ /* */ /* DESCRIPTION */ /* */ /* This function sets the active local certificate, overriding any */ /* previously added local certificates. Normally, a single certificate */ /* is used for a TLS instance, but in some cases the server or client */ /* may need to choose a specific certificate during the handshake. By */ /* calling this function in the TLS server or client callback, an */ /* application can choose the active local certificate at runtime */ /* after a ClientHello or ServerHello is received. */ /* */ /* NOTE: The certificate MUST be in the local store before calling */ /* this function (using nx_secure_tls_local_certificate_add) or the */ /* proper certificate chain may not be sent to the remote host! */ /* */ /* INPUT */ /* */ /* tls_session Pointer to TLS Session */ /* certificate Pointer to certificate */ /* */ /* OUTPUT */ /* */ /* status Completion status */ /* */ /* CALLS */ /* */ /* None */ /* */ /* CALLED BY */ /* */ /* Application Code */ /* */ /* RELEASE HISTORY */ /* */ /* DATE NAME DESCRIPTION */ /* */ /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ /* 09-30-2020 Timothy Stapko Modified comment(s), */ /* resulting in version 6.1 */ /* 03-08-2023 Yanwu Cai Modified comment(s), */ /* fixed compiler errors when */ /* x509 is disabled, */ /* resulting in version 6.2.1 */ /* */ /**************************************************************************/ UINT _nx_secure_tls_active_certificate_set(NX_SECURE_TLS_SESSION *tls_session, NX_SECURE_X509_CERT *certificate) { #ifdef NX_SECURE_DISABLE_X509 NX_PARAMETER_NOT_USED(tls_session); NX_PARAMETER_NOT_USED(certificate); return(NX_NOT_SUPPORTED); #else /* Set the active certificate (should be in the store). */ tls_session -> nx_secure_tls_credentials.nx_secure_tls_active_certificate = certificate; /* Return completion status. */ return(NX_SUCCESS); #endif }