1 /*************************************************************************** 2 * Copyright (c) 2024 Microsoft Corporation 3 * 4 * This program and the accompanying materials are made available under the 5 * terms of the MIT License which is available at 6 * https://opensource.org/licenses/MIT. 7 * 8 * SPDX-License-Identifier: MIT 9 **************************************************************************/ 10 11 12 /**************************************************************************/ 13 /**************************************************************************/ 14 /** */ 15 /** NetX Secure Component */ 16 /** */ 17 /** Transport Layer Security (TLS) */ 18 /** */ 19 /**************************************************************************/ 20 /**************************************************************************/ 21 22 #define NX_SECURE_SOURCE_CODE 23 24 25 /* Include necessary system files. */ 26 27 #include "nx_secure_tls.h" 28 29 /**************************************************************************/ 30 /* */ 31 /* FUNCTION RELEASE */ 32 /* */ 33 /* _nx_secure_tls_remote_certificate_free_all PORTABLE C */ 34 /* 6.2.1 */ 35 /* AUTHOR */ 36 /* */ 37 /* Timothy Stapko, Microsoft Corporation */ 38 /* */ 39 /* DESCRIPTION */ 40 /* */ 41 /* This function moves all remote certificate buffers back into the */ 42 /* free certificate store, allowing them to be used for a new TLS */ 43 /* session. */ 44 /* */ 45 /* INPUT */ 46 /* */ 47 /* tls_session Pointer to TLS Session */ 48 /* */ 49 /* OUTPUT */ 50 /* */ 51 /* status Completion status */ 52 /* */ 53 /* CALLS */ 54 /* */ 55 /* _nx_secure_tls_remote_certificate_free */ 56 /* Free remote certificate */ 57 /* */ 58 /* CALLED BY */ 59 /* */ 60 /* Application Code */ 61 /* _nx_secure_tls_client_handshake TLS client state machine */ 62 /* _nx_secure_tls_process_clienthello Process ClientHello */ 63 /* _nx_secure_tls_session_renegotiate Renegotiate TLS session */ 64 /* _nx_secure_tls_session_reset Clear TLS control block */ 65 /* */ 66 /* RELEASE HISTORY */ 67 /* */ 68 /* DATE NAME DESCRIPTION */ 69 /* */ 70 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */ 71 /* 09-30-2020 Timothy Stapko Modified comment(s), */ 72 /* resulting in version 6.1 */ 73 /* 03-08-2023 Yanwu Cai Modified comment(s), */ 74 /* fixed compiler errors when */ 75 /* x509 is disabled, */ 76 /* resulting in version 6.2.1 */ 77 /* */ 78 /**************************************************************************/ _nx_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION * tls_session)79UINT _nx_secure_tls_remote_certificate_free_all(NX_SECURE_TLS_SESSION *tls_session) 80 { 81 #ifndef NX_SECURE_DISABLE_X509 82 UINT status = NX_SUCCESS; 83 NX_SECURE_X509_CERTIFICATE_STORE *store; 84 NX_SECURE_X509_CERT *certificate; 85 86 87 /* Reset the packet buffer if we allocated certificates from it. */ 88 tls_session -> nx_secure_tls_packet_buffer_size = tls_session -> nx_secure_tls_packet_buffer_original_size; 89 90 /* Get the remote certificate store from our TLS session. */ 91 store = &tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store; 92 93 certificate = store -> nx_secure_x509_remote_certificates; 94 95 /* Loop through all remote certificates and remove each. */ 96 while (certificate != NX_NULL) 97 { 98 status = _nx_secure_tls_remote_certificate_free(tls_session, &certificate -> nx_secure_x509_distinguished_name); 99 100 if (status != NX_SUCCESS) 101 { 102 return(status); 103 } 104 105 /* Get the new certificate list head after removal. */ 106 certificate = store -> nx_secure_x509_remote_certificates; 107 } 108 109 110 /* Return completion status. */ 111 return(status); 112 #else 113 NX_PARAMETER_NOT_USED(tls_session); 114 115 return(NX_NOT_SUPPORTED); 116 #endif 117 } 118 119
