1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24
25 #include "nx_secure_tls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_tls_session_certificate_callback_set PORTABLE C */
32 /* 6.1 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function sets up a function pointer that TLS will invoke when */
40 /* a certificate is received from a remote host, allowing the */
41 /* application to perform validation checks such as DNS validation, */
42 /* certificate revocation, and certificate policy enforcement. */
43 /* */
44 /* NetX Secure TLS will perform basic validation on the certificate */
45 /* before invoking the callback to assure that the certificate can be */
46 /* traced to a certificate in the TLS trusted certificate store, but */
47 /* all other validation will be handled by this callback. */
48 /* */
49 /* The callback provides the TLS session pointer and a pointer to the */
50 /* remote host identity certificate (the leaf in the certificate */
51 /* chain). The callback should return NX_SUCCESS if all validation is */
52 /* successful, otherwise it should return an error code indicating the */
53 /* validation failure. Any value other than NX_SUCCESS will cause the */
54 /* TLS handshake to immediately abort. */
55 /* */
56 /* INPUT */
57 /* */
58 /* tls_session TLS control block */
59 /* func_ptr Pointer to callback function */
60 /* */
61 /* OUTPUT */
62 /* */
63 /* status Completion status */
64 /* */
65 /* CALLS */
66 /* */
67 /* None */
68 /* */
69 /* CALLED BY */
70 /* */
71 /* Application Code */
72 /* */
73 /* RELEASE HISTORY */
74 /* */
75 /* DATE NAME DESCRIPTION */
76 /* */
77 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
78 /* 09-30-2020 Timothy Stapko Modified comment(s), */
79 /* resulting in version 6.1 */
80 /* */
81 /**************************************************************************/
_nx_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION * tls_session,ULONG (* func_ptr)(NX_SECURE_TLS_SESSION * session,NX_SECURE_X509_CERT * certificate))82 UINT _nx_secure_tls_session_certificate_callback_set(NX_SECURE_TLS_SESSION *tls_session,
83 ULONG (*func_ptr)(NX_SECURE_TLS_SESSION *session,
84 NX_SECURE_X509_CERT *certificate))
85 {
86 /* Set the function pointer in the TLS session. */
87 tls_session -> nx_secure_tls_session_certificate_callback = func_ptr;
88
89 return(NX_SUCCESS);
90 }
91
92
