1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24
25 /* Include necessary system files. */
26
27 #include "nx_secure_tls.h"
28
29 /**************************************************************************/
30 /* */
31 /* FUNCTION RELEASE */
32 /* */
33 /* _nx_secure_tls_session_client_verify_enable PORTABLE C */
34 /* 6.1 */
35 /* AUTHOR */
36 /* */
37 /* Timothy Stapko, Microsoft Corporation */
38 /* */
39 /* DESCRIPTION */
40 /* */
41 /* This function enables Client Certificate Verification for TLS */
42 /* Server instances. If enabled, the TLS Server will request and */
43 /* verify a remote TLS Client Certificate using all available crypto */
44 /* signature routines. The certificate must have space allocated using */
45 /* nx_secure_tls_remote_certificate_allocate and will be checked */
46 /* against the trusted certificate store built using */
47 /* nx_secure_tls_trusted_certificate_add. */
48 /* */
49 /* Note that this will only happen for TLS Server sessions. Enabling */
50 /* Client Certificate Verification for TLS Client sessions will have */
51 /* no effect. */
52 /* */
53 /* INPUT */
54 /* */
55 /* tls_session Pointer to TLS Session */
56 /* */
57 /* OUTPUT */
58 /* */
59 /* status Completion status */
60 /* */
61 /* CALLS */
62 /* */
63 /* None */
64 /* */
65 /* CALLED BY */
66 /* */
67 /* Application Code */
68 /* */
69 /* RELEASE HISTORY */
70 /* */
71 /* DATE NAME DESCRIPTION */
72 /* */
73 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
74 /* 09-30-2020 Timothy Stapko Modified comment(s), */
75 /* resulting in version 6.1 */
76 /* */
77 /**************************************************************************/
_nx_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION * tls_session)78 UINT _nx_secure_tls_session_client_verify_enable(NX_SECURE_TLS_SESSION *tls_session)
79 {
80
81 /* Signal the TLS stack to request and verify remote Client certificates. */
82 tls_session -> nx_secure_tls_verify_client_certificate = NX_TRUE;
83
84 /* Return completion status. */
85 return(NX_SUCCESS);
86 }
87
88
