m2mb API docs  25.30.003
m2mb API sets documentation
Data Structures | Macros | Typedefs | Enumerations | Functions
m2mb_ssl.h File Reference

SSL TLS support. More...

Go to the source code of this file.

Data Structures

struct  M2MB_SSL_PSK_TABLE_T
 
struct  M2MB_SSL_CERT_T
 
struct  M2MB_SSL_CA_INFO_T
 
struct  M2MB_SSL_CA_LIST_T
 
union  M2MB_SSL_SEC_INFO_U
 
struct  M2MB_SSL_CONFIG_T
 

Macros

#define M2MB_SSL_SUCCESS   0 /* Generic Success */
 
#define M2MB_SSL_FAILURE   -1 /* Generic failure */
 
#define M2MB_SSL_ARG_FAIL   -6 /* Failure due to bad function param */
 
#define M2MB_SSL_PLATFORM_FAIL   -7 /* Not used */
 
#define M2MB_SSL_MEM_FAIL   -8 /* Not used */
 
#define M2MB_SSL_LIMIT_FAIL   -9 /* Not used */
 
#define M2MB_SSL_UNSUPPORTED_FAIL   -10 /* Not used */
 
#define M2MB_SSL_PROTOCOL_FAIL   -12 /* A protocol error occurred */
 
#define M2MB_SSL_TIMEOUT_FAIL   -13 /* A timeout occurred and MAY be an error */
 
#define M2MB_SSL_INTERRUPT_FAIL   -14 /* An interrupt occurred and MAY be an error */
 
#define M2MB_SSL_WRITE_ERROR   -15 /* An error occured while encoding on socket */
 
#define M2MB_SSL_READ_ERROR   -16 /* An error occured while decoding from socket */
 
#define M2MB_SSL_END_OF_FILE   -17 /* There is no data to read in SSL */
 
#define M2MB_SSL_CLOSE_NOTIFY   -18 /* SSL connection has been closed by remote host */
 
#define M2MB_SSL_CERT_AUTH_FAIL   -35 /* Authentication fails */
 
#define M2MB_SSL_FULL   -50 /* Not used */
 
#define M2MB_SSL_ALERT   -54 /* We've decoded an alert */
 
#define M2MB_SSL_FILE_NOT_FOUND   -55 /* File not found */
 
#define M2MB_SSL_MAX_CA_LIST   10
 
#define M2MB_SSL_MAX_CIPHERSUITES   8
 

Typedefs

typedef HANDLE M2MB_SSL_CTXT_HANDLE
 
typedef HANDLE M2MB_SSL_CONFIG_HANDLE
 
typedef uiHANDLE M2MB_SSL_CONNECTION_HANDLE
 
typedef enum M2MB_SSL_PROTOCOL_VERSION_E M2MB_SSL_PROTOCOL_VERSION_E
 
typedef enum M2MB_SSL_CIPHER_SUITE_E M2MB_SSL_CIPHER_SUITE_E
 
typedef enum M2MB_SSL_CERT_TYPE_E M2MB_SSL_CERT_TYPE_E
 
typedef struct M2MB_SSL_PSK_TABLE_T M2MB_SSL_PSK_TABLE_T
 
typedef struct M2MB_SSL_CERT_T M2MB_SSL_CERT_T
 
typedef struct M2MB_SSL_CA_INFO_T M2MB_SSL_CA_INFO_T
 
typedef struct M2MB_SSL_CA_LIST_T M2MB_SSL_CA_LIST_T
 
typedef enum M2MB_SSL_AUTH_TYPE_E M2MB_SSL_AUTH_TYPE_E
 
typedef struct M2MB_SSL_CONFIG_T M2MB_SSL_CONFIG_T
 

Enumerations

enum  M2MB_SSL_PROTOCOL_VERSION_E {
  M2MB_SSL_PROTOCOL_TLS_1_0, M2MB_SSL_PROTOCOL_TLS_1_1, M2MB_SSL_PROTOCOL_TLS_1_2, M2MB_SSL_PROTOCOL_TLS_1_3,
  M2MB_SSL_PROTOCOL_DTLS_1_0, M2MB_SSL_PROTOCOL_DTLS_1_2, M2MB_SSL_PROTOCOL_TLS
}
 
enum  M2MB_SSL_CIPHER_SUITE_E {
  M2MB_TLS_PSK_WITH_RC4_128_SHA, M2MB_TLS_PSK_WITH_3DES_EDE_CBC_SHA, M2MB_TLS_PSK_WITH_AES_128_CBC_SHA, M2MB_TLS_PSK_WITH_AES_256_CBC_SHA,
  M2MB_TLS_PSK_WITH_AES_128_GCM_SHA256, M2MB_TLS_PSK_WITH_AES_256_GCM_SHA384, M2MB_TLS_PSK_WITH_AES_128_CBC_SHA256, M2MB_TLS_PSK_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_RSA_WITH_AES_256_CBC_SHA, M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_RSA_WITH_AES_256_CBC_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  M2MB_TLS_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_RSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CCM_8, M2MB_TLS_RSA_WITH_AES_256_CCM_8, M2MB_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
  M2MB_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, M2MB_TLS_AES_128_GCM_SHA256, M2MB_TLS_AES_256_GCM_SHA384, M2MB_TLS_CHACHA20_POLY1305_SHA256,
  M2MB_TLS_AES_128_CCM_SHA256, M2MB_TLS_AES_128_CCM_8_SHA256, M2MB_TLS_PSK_WITH_AES_128_CCM_8, M2MB_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
}
 
enum  M2MB_SSL_CERT_TYPE_E { M2MB_SSL_CACERT, M2MB_SSL_CERT, M2MB_SSL_PSKTABLE }
 
enum  M2MB_SSL_AUTH_TYPE_E { M2MB_SSL_NO_AUTH, M2MB_SSL_SERVER_AUTH, M2MB_SSL_SERVER_CLIENT_AUTH }
 
enum  M2MB_SSL_CONF_REQUEST_E { M2MB_SSL_NAME_CHECK = 0, M2MB_SSL_NAME_SNI = 1, M2MB_SSL_DTLS_SET_SOCKET_NAME = 2, M2MB_SSL_CONNECT_TIMEOUT = 3 }
 

Functions

M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt (void)
 creates SSL TLS context More...
 
M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config (M2MB_SSL_CONFIG_T sslConfig, INT32 *result)
 creates an SSL TLS configuration More...
 
INT32 m2mb_ssl_delete_config (M2MB_SSL_CONFIG_HANDLE sslConfigHndl)
 deletes an SSL TLS configuration More...
 
M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket (M2MB_SSL_CONFIG_HANDLE sslConfigHndl, M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SOCKET_BSD_SOCKET socket_fd, INT32 *result)
 creates secure socket connection More...
 
INT32 m2mb_ssl_connect (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
 performs SSL TLS connection More...
 
INT32 m2mb_ssl_write (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
 writes len bytes from buf into sslConnectionHandle SSL TLS connection More...
 
INT32 m2mb_ssl_read (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
 read len bytes from sslConnectionHandle SSL TLS connection into buf More...
 
INT32 m2mb_ssl_shutdown (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
 shutdown SSL TLS connection More...
 
INT32 m2mb_ssl_cert_store (M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_SEC_INFO_U sslSecInfo, CHAR *name)
 store certificates from buffer More...
 
INT32 m2mb_ssl_cert_load (M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 load certificates in the SSL context More...
 
INT32 m2mb_ssl_cert_delete (M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 delete certificates More...
 
void m2mb_ssl_delete_ctxt (M2MB_SSL_CTXT_HANDLE sslCtxtHndl)
 delete context More...
 
INT32 m2mb_ssl_config (M2MB_SSL_CONFIG_HANDLE sslConfigHndl, INT32 cmd, void *argp)
 to configure SSL parameters More...
 
INT32 m2mb_ssl_get_pending_bytes (M2MB_SOCKET_BSD_SOCKET socket_fd, M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
 to get pending bytes. More...
 

Detailed Description

SSL TLS support.

m2m/m2m_common/m2mb_inc/m2mb_ssl.h

SSL TLS secure socket APIs

@notes Dependencies: #include <m2mb_types.h> #include <m2mb_socket.h> #include <m2mb_trace.h>

Author
Andrea Pirnetti Atul Chavan
Date
12/11/2019

Function Documentation

◆ m2mb_ssl_cert_delete()

INT32 m2mb_ssl_cert_delete ( M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR *  name 
)

delete certificates

delete CA list or client certificate and key or PSK table depending on first parameter(SSL cert type)

Parameters
[in]CHAR*name specifies name of the SSL certificate to be deleted
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
// SSLCERTCA is name given to CA cert in m2mb_ssl_cert_store() API
res = m2mb_ssl_cert_delete( M2MB_SSL_CACERT, (CHAR*)SSLCERTCA );
if(res==0)
{
printf("m2mb_ssl_cert_delete PASS");
}
else
{
printf("m2mb_ssl_cert_delete failed with code %d",res);
}
}

◆ m2mb_ssl_cert_load()

INT32 m2mb_ssl_cert_load ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR *  name 
)

load certificates in the SSL context

load in the SSL context CA list or client cert and key or PSK table previously stored with m2mb_ssl_cert_store

Parameters
[in]M2MB_SSL_CTXT_HANDLEsslCtxtHndl specifies the SSL context handle of the context to be loaded
[in]M2MB_SSL_CERT_TYPE_EsslCertType specifies the SSL certificate type
[in]CHAR*name specifies name of the SSL certificate
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
// hSSLCtx of type M2MB_SSL_CTXT_HANDLE return by m2mb_ssl_create_ctxt()
res = m2mb_ssl_cert_load( hSSLCtx,M2MB_SSL_CACERT,(CHAR*) SSLCERTCA );
if(res != 0)
{
printf("m2mb_ssl_cert_load FAILED");
}
}

◆ m2mb_ssl_cert_store()

INT32 m2mb_ssl_cert_store ( M2MB_SSL_CERT_TYPE_E  sslCertType,
M2MB_SSL_SEC_INFO_U  sslSecInfo,
CHAR *  name 
)

store certificates from buffer

store CA list or client certificate and key or PSK table depending on first parameter(SSL cert type)

Parameters
[in]M2MB_SSL_CERT_TYPE_EsslCertType specifies the SSL certificate type
[in]M2MB_SSL_SEC_INFO_UsslSecInfo specifies the SSL certificate(CA list or client certificate and key or PSK table depending on first parameter)
[in]CHAR*name specifies name of the SSL certificate
Returns
0 on success otherwise returns < 0
Note
client key should be in .pem or .der format

Example

#define CACERTFILE "CA_20170710_1732_sha2_2048.crt"
#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
INT32 fd = -1;
struct M2MB_STAT st ={0x00};
UINT8 CA_BUF[4096] = "";
printf("ca cert file %s \r\n",CACERTFILE);
if (0 ==m2mb_fs_stat(CACERTFILE, &st))
{
printf("file size: %u\r\n", st.st_size);
}
fd = m2mb_fs_open(CACERTFILE,
M2MB_O_RDONLY //open in read only mode
);
if (fd == -1 )
{
printf("Cannot open file %s \r\n",CACERTFILE);
exit:
}
printf("Reading content from file. Size: %u\r\n", st.st_size);
res = m2mb_fs_read(fd, CA_BUF, st.st_size);
if (res != st.st_size)
{
printf("Failed reading buffer into file.\r\n");
m2mb_fs_close(fd);
}
else
{
printf("Buffer successfully received from file. %d bytes were loaded.\r\n", res);
}
res = m2mb_fs_close(fd);
printf("res: %d", res);
SSL_info.ca_List.ca_Cnt = 1;
SSL_info.ca_List.ca_Info[0] = &ca_Info[0];
SSL_info.ca_List.ca_Info[0]->ca_Size = st.st_size;
SSL_info.ca_List.ca_Info[0]->ca_Buf = CA_BUF;
res = m2mb_ssl_cert_store( M2MB_SSL_CACERT,SSL_info,(CHAR*) SSLCERTCA );
if(res != 0)
{
printf("m2mb_ssl_cert_store FAILED");
}
else
{
printf("m2mb_ssl_cert_store succeeded");
}
}

◆ m2mb_ssl_config()

INT32 m2mb_ssl_config ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl,
INT32  cmd,
void *  argp 
)

to configure SSL parameters

this API can be used to set SSL configurations like Domain name check, SNI, socket address and connection timeout

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the SSL configuration handler previously created through m2mb_ssl_create_config
[in]INT32cmd Integer value of type M2MB_SSL_CONF_REQUEST_E, specifies the action
[in]void*argp pointer to the value to set for that action in cmd
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

void main( void )
{
INT32 ret;
// pass domain name to set domain name check
// hSSLConfig is of type M2MB_SSL_CONFIG_HANDLE return by m2mb_ssl_create_config()
ret = m2mb_ssl_config( hSSLConfig, M2MB_SSL_NAME_CHECK, "www.telit.com" );
if( ret != 0 )
{
printf( "m2mb_ssl_config failed" );
}
else
{
printf( "m2mb_ssl_config succeeded" );
}
// pass server name indication to set SNI
ret = m2mb_ssl_config( hSSLConfig, M2MB_SSL_NAME_SNI, "www.telit.com" );
// pass socket address for DTLS connection
struct M2MB_SOCKET_BSD_SOCKADDR *sock_addr;
struct M2MB_SOCKET_BSD_SOCKADDR_IN stSockAddrClient;
sock_addr = ( struct M2MB_SOCKET_BSD_SOCKADDR* )&stSockAddrClient;
ret = m2mb_ssl_config( hSSLConfig, M2MB_SSL_DTLS_SET_SOCKET_NAME, sock_addr );
// pass timeout value for SSL connection
// timeout value is in milliseconds, here timeout value is 500ms
ret = m2mb_ssl_config( hSSLConfig, M2MB_SSL_CONNECT_TIMEOUT, 500 );
}

◆ m2mb_ssl_connect()

INT32 m2mb_ssl_connect ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle)

performs SSL TLS connection

performs SSL TLS handshake over sslConnectionHandle

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle previously returned by m2mb_ssl_secure_socket
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

void main(void)
{
INT32 res;
// hSSLConn of type M2MB_SSL_CONNECTION_HANDLE returned by m2mb_ssl_secure_socket
res = m2mb_ssl_connect( hSSLConn );
if( res != 0 )
{
printf("m2mb_ssl_connect FAILED error %d ",res);
}
else
{
printf("m2mb_ssl_connect succeeded");
}
}

◆ m2mb_ssl_create_config()

M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config ( M2MB_SSL_CONFIG_T  sslConfig,
INT32 *  result 
)

creates an SSL TLS configuration

creates an SSL TLS configuration with specified configuration parameters and returns an handler to be used when creating secure socket connection(m2mb_ssl_secure_socket)

Parameters
[in]M2MB_SSL_CONFIG_TsslConfig specifies SSL configuration parameters(TLS version, auth type and ciphersuites)
[out]INT32*result returns result < 0 in case of error
Returns
On success, handle of type M2MB_SSL_CONFIG_HANDLE is returned
Note
<Notes>

Example

void main(void)
{
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( (hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
}

◆ m2mb_ssl_create_ctxt()

M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt ( void  )

creates SSL TLS context

creates SSL TLS context that permits to load certificates(m2mb_ssl_cert_load) if needed and to create a secure socket connection(m2mb_ssl_secure_socket)

Returns
On success, handle of type M2MB_SSL_CTXT_HANDLE is returned otherwise returns NULL
Note
<Notes>

Example

void main(void)
{
M2MB_SSL_CTXT_HANDLE hSSLCtx = NULL;
hSSLCtx = m2mb_ssl_create_ctxt();
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
}

◆ m2mb_ssl_delete_config()

INT32 m2mb_ssl_delete_config ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl)

deletes an SSL TLS configuration

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the config handler to be deleted
Returns
returns 0 on success otherwise returns < 0
Note
<Notes>

Example

void main( void )
{
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( ( hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
res = m2mb_ssl_delete_config( hSSLConfig);
if(res != 0 )
{
printf("m2mb_ssl_delete_config() failed");
}
else
{
printf("m2mb_ssl_delete_config() succeeded");
}
}

◆ m2mb_ssl_delete_ctxt()

void m2mb_ssl_delete_ctxt ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl)

delete context

Parameters
[in]M2MB_SSL_CTXT_HANDLEsslCtxtHndl specifies handle of the context to be deleted
Returns
Note
<Notes>

Example

void main(void)
{
m2mb_ssl_delete_ctxt( hSSLCtx );//hSSLCtx of type M2MB_SSL_CTXT_HANDLE return by m2mb_ssl_create_ctxt()
}

◆ m2mb_ssl_get_pending_bytes()

INT32 m2mb_ssl_get_pending_bytes ( M2MB_SOCKET_BSD_SOCKET  socket_fd,
M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle 
)

to get pending bytes.

Parameters
[in]M2MB_SOCKET_BSD_SOCKETsocket_fd socket descriptor
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle SSL Connection Handle
Returns
pending bytes value on success.
negative value in case of fail.
Note
<Notes>

Example

void main( void )
{
INT32 res;
res = m2mb_ssl_get_pending_bytes( socket_fd, sslConnectionHandle); // socket_fd is socket fd obtained from m2mb_socket_bsd_socket() API
// and sslConnectionHandle is connection handle obtained from m2mb_ssl_secure_socket() API
if( res < 0)
{
printf("m2mb_ssl_get_pending_bytes failed ");
}
else
{
printf("m2mb_ssl_get_pending_bytes: %d ", res);
}
}

◆ m2mb_ssl_read()

INT32 m2mb_ssl_read ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle,
void *  buf,
UINT32  len 
)

read len bytes from sslConnectionHandle SSL TLS connection into buf

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
[in]UINT8*buf specifies the input buffer
[in]UINT32len specifies the input len
Returns
On success, number of bytes read otherwise returns <= 0
Note
<Notes>

Example

void main(void)
{
INT32 res;
CHAR* buf = NULL;
const INT32 buflen=100;
buf = (CHAR*) m2mb_os_calloc(buflen*sizeof(CHAR));
// hSSLConn of type M2MB_SSL_CONNECTION_HANDLE returned by m2mb_ssl_secure_socket
res = m2mb_ssl_read(hSSLConn,buf,buflen);
if(res <= 0)
{
printf("nothing read");
}
else
{
printf("m2mb_ssl_read >> %s \r\n",buf);
}
}

◆ m2mb_ssl_secure_socket()

M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl,
M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SOCKET_BSD_SOCKET  socket_fd,
INT32 *  result 
)

creates secure socket connection

creates secure socket connection retrieving context and configuration parameters and linking a secure socket connection id to socket fd

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the SSL configuration handler previously created through m2mb_ssl_create_config
[in]M2MB_SSL_CONTEXT_HANDLEsslCtxtHndl specifies the SSL context previously created through m2mb_ssl_create_ctxt
[in]M2MB_SOCKET_BSD_SOCKETsocket_fd specifies the socket fd
[out]INT32*result returns result < 0 in case of error
Returns
On success, handle of type M2MB_SSL_CONNECTION_HANDLE is returned, to be used by successive APIs like m2mb_ssl_connect, m2mb_ssl_write, m2mb_ssl_read, m2mb_ssl_shutdown otherwise returns NULL
Note
M2MB_SSL_CONNECTION_HANDLE is valid until m2mb_ssl_shutdown() is called;

Example

#define SERVER_PORT_SERVER_AUTH 20518
#define SERVER_IP IP_Nimurta_Ext // for Nimurta
void main(void)
{
static struct M2MB_SOCKET_BSD_SOCKADDR_IN stSockAddr, sock_name;
INT32 argp = 0; // 0 is for blocking, 1 is not blocking ( set timeout below )
M2MB_SOCKET_BSD_SOCKET socket;
static struct M2MB_SOCKET_BSD_TIMEVAL RecvTimeOut = {0,0};
CHAR sockIPaddr[32] ="";
INT32 sock_len = 0;
M2MB_SSL_CTXT_HANDLE hSSLCtx = NULL;
M2MB_SSL_CONNECTION_HANDLE hSSLConn;
M2MB_SOCKET_BSD_SOCKET socket;
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
socket = m2mb_socket_bsd_socket(M2MB_SOCKET_BSD_PF_INET, M2MB_SOCKET_BSD_SOCK_STREAM,
M2MB_SOCKET_BSD_IPPROTO_TCP);
if (M2MB_SOCKET_BSD_INVALID_SOCKET == socket)
{
printf( "invalid socket");
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
if ( m2mb_socket_set_cid( socket, 2 ) != 0 )
{
printf( "Socket not set to ctx: %d", 2 );
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
memset(&stSockAddr, 0, sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
memset(&sock_name, 0, sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
stSockAddr.sin_port = m2mb_socket_bsd_htons( SERVER_PORT_SERVER_AUTH );
stSockAddr.sin_family = M2MB_SOCKET_BSD_PF_INET;
m2mb_socket_bsd_inet_pton( M2MB_SOCKET_BSD_AF_INET, SERVER_IP, &stSockAddr.sin_addr.s_addr );
m2mb_os_taskSleep( M2MB_OS_MS2TICKS( 1000 ) );
res = m2mb_socket_bsd_connect(socket, (struct M2MB_SOCKET_BSD_SOCKADDR*)&stSockAddr,
sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
if(-1 == res)
{
printf( "m2mb_socket_bsd_connect failed on port %d",SERVER_PORT_SERVER_AUTH );
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
res = m2mb_socket_bsd_get_sock_name(socket ,(struct M2MB_SOCKET_BSD_SOCKADDR *)&sock_name, &sock_len );
m2mb_socket_bsd_inet_ntop( M2MB_SOCKET_BSD_AF_INET, &sock_name.sin_addr.s_addr, ( CHAR * )&( sockIPaddr)
, sizeof( sockIPaddr ) );
printf( "Local IP : %s\r\n", sockIPaddr );
printf( "Local PORT: %u\r\n", m2mb_socket_bsd_ntohs(sock_name.sin_port) );
argp=0; //not blocking argp=1, blocking argp=0
m2mb_socket_bsd_ioctl(socket, M2MB_SOCKET_BSD_FIONBIO, &argp);
RecvTimeOut.m_tv_sec = 30; // 30 seconds.
m2mb_socket_bsd_set_sock_opt(socket, M2MB_SOCKET_BSD_SOL_SOCKET, M2MB_SOCKET_BSD_SO_RCVTIMEO,
&RecvTimeOut, sizeof(RecvTimeOut));
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( ( hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
hSSLCtx = m2mb_ssl_create_ctxt();
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
hSSLConn = m2mb_ssl_secure_socket( hSSLConfig,hSSLCtx,socket,&res );
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
}

◆ m2mb_ssl_shutdown()

INT32 m2mb_ssl_shutdown ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle)

shutdown SSL TLS connection

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
Returns
0 on success
Note
It always returns error in case connection was fail in m2mb_ssl_connect. This function executes also free of sslConnectionHandle.

Example

void main(void)
{
INT32 res;
// hSSLConn of type M2MB_SSL_CONNECTION_HANDLE returned by m2mb_ssl_secure_socket
res = m2mb_ssl_shutdown(hSSLConn);
if(res != 0)
{
printf("m2mb_ssl_shutdown FAILED");
}
else
{
printf("m2mb_ssl_shutdown succeeded");
}
}

◆ m2mb_ssl_write()

INT32 m2mb_ssl_write ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle,
void *  buf,
UINT32  len 
)

writes len bytes from buf into sslConnectionHandle SSL TLS connection

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
[in]UINT8*buf specifies the input buffer
[in]UINT32len specifies the input len
Returns
On success, number of bytes written otherwise returns < 0
Note
<Notes>

Example

#define ECHO_STRING (const CHAR*) "my appzone message\n"
void main(void)
{
INT32 res;
CHAR* query = NULL;
const INT32 querylen=100;
query = (CHAR*)m2mb_os_calloc(querylen*sizeof(CHAR));
strcpy(query,ECHO_STRING);
// hSSLConn of type M2MB_SSL_CONNECTION_HANDLE returned by m2mb_ssl_secure_socket
res = m2mb_ssl_write( hSSLConn, query, querylen );
if(res < 0)
{
printf("m2mb_ssl_write FAILED");
}
else
{
printf("m2mb_ssl_write succeeded");
}
}
m2mb_socket_bsd_htons
UINT16 m2mb_socket_bsd_htons(UINT16 x)
convertion between host and network byte order
m2mb_socket_bsd_ioctl
INT32 m2mb_socket_bsd_ioctl(M2MB_SOCKET_BSD_SOCKET s, INT32 cmd, void *argp)
IO control function.
m2mb_ssl_delete_config
INT32 m2mb_ssl_delete_config(M2MB_SSL_CONFIG_HANDLE sslConfigHndl)
deletes an SSL TLS configuration
m2mb_ssl_secure_socket
M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket(M2MB_SSL_CONFIG_HANDLE sslConfigHndl, M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SOCKET_BSD_SOCKET socket_fd, INT32 *result)
creates secure socket connection
m2mb_ssl_shutdown
INT32 m2mb_ssl_shutdown(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
shutdown SSL TLS connection
m2mb_ssl_create_config
M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config(M2MB_SSL_CONFIG_T sslConfig, INT32 *result)
creates an SSL TLS configuration
M2MB_SOCKET_BSD_SOCKADDR_IN
Definition: m2mb_socket.h:198
m2mb_socket_errno
INT32 m2mb_socket_errno(void)
Gets the last error occured.
m2mb_ssl_get_pending_bytes
INT32 m2mb_ssl_get_pending_bytes(M2MB_SOCKET_BSD_SOCKET socket_fd, M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
to get pending bytes.
M2MB_SOCKET_BSD_TIMEVAL
Definition: m2mb_socket.h:249
m2mb_socket_bsd_socket
M2MB_SOCKET_BSD_SOCKET m2mb_socket_bsd_socket(INT32 domain, INT32 type, INT32 protocol)
create an endpoint for communication
m2mb_ssl_cert_load
INT32 m2mb_ssl_cert_load(M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
load certificates in the SSL context
m2mb_ssl_create_ctxt
M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt(void)
creates SSL TLS context
m2mb_socket_bsd_get_sock_name
INT32 m2mb_socket_bsd_get_sock_name(M2MB_SOCKET_BSD_SOCKET s, struct M2MB_SOCKET_BSD_SOCKADDR *name, INT32 *namelen)
get socket name
m2mb_fs_stat
INT32 m2mb_fs_stat(const CHAR *path, struct M2MB_STAT *buf)
File status.
m2mb_os_calloc
void * m2mb_os_calloc(UINT32 size)
Allocates bytes of memory and init space with 0.
M2MB_OS_MS2TICKS
UINT32 M2MB_OS_MS2TICKS(UINT32 ms)
Convert ms to ticks.
M2MB_SOCKET_BSD_SOCKADDR
Definition: m2mb_socket.h:182
M2MB_STAT
Definition: m2mb_fs_posix.h:84
m2mb_ssl_write
INT32 m2mb_ssl_write(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
writes len bytes from buf into sslConnectionHandle SSL TLS connection
m2mb_socket_bsd_connect
INT32 m2mb_socket_bsd_connect(M2MB_SOCKET_BSD_SOCKET s, const struct M2MB_SOCKET_BSD_SOCKADDR *name, INT32 namelen)
connect a socket
m2mb_fs_open
INT32 m2mb_fs_open(const CHAR *path, INT32 oflag,...)
Open file.
m2mb_fs_close
INT32 m2mb_fs_close(INT32 fd)
Close file.
m2mb_socket_set_cid
INT32 m2mb_socket_set_cid(M2MB_SOCKET_BSD_SOCKET s, UINT8 cid)
link a socket to a cid
m2mb_socket_bsd_inet_pton
INT32 m2mb_socket_bsd_inet_pton(INT32 af, const CHAR *src, void *dst)
convert IPv4 and IPv6 addresses from text to binary form
m2mb_ssl_config
INT32 m2mb_ssl_config(M2MB_SSL_CONFIG_HANDLE sslConfigHndl, INT32 cmd, void *argp)
to configure SSL parameters
m2mb_ssl_cert_delete
INT32 m2mb_ssl_cert_delete(M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
delete certificates
m2mb_os_taskSleep
M2MB_OS_RESULT_E m2mb_os_taskSleep(UINT32 ticks)
Suspend current task for specified time in ticks.
m2mb_fs_read
SSIZE_T m2mb_fs_read(INT32 fd, void *buf, SIZE_T nbyte)
Read file.
m2mb_socket_bsd_ntohs
UINT16 m2mb_socket_bsd_ntohs(UINT16 x)
convertion between host and network byte order
m2mb_ssl_read
INT32 m2mb_ssl_read(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
read len bytes from sslConnectionHandle SSL TLS connection into buf
m2mb_ssl_cert_store
INT32 m2mb_ssl_cert_store(M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_SEC_INFO_U sslSecInfo, CHAR *name)
store certificates from buffer
M2MB_SSL_CONFIG_T
Definition: m2mb_ssl.h:198
m2mb_socket_bsd_inet_ntop
CHAR * m2mb_socket_bsd_inet_ntop(INT32 af, const void *src, CHAR *dst, SIZE_T size)
convert IPv4 and IPv6 addresses from binary to text form
m2mb_ssl_delete_ctxt
void m2mb_ssl_delete_ctxt(M2MB_SSL_CTXT_HANDLE sslCtxtHndl)
delete context
m2mb_socket_bsd_set_sock_opt
INT32 m2mb_socket_bsd_set_sock_opt(M2MB_SOCKET_BSD_SOCKET s, INT32 level, INT32 optname, const void *optval, INT32 optlen)
set options on sockets
m2mb_ssl_connect
INT32 m2mb_ssl_connect(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
performs SSL TLS connection