m2mb API docs  30.00.007
m2mb API sets documentation
Data Structures | Macros | Typedefs | Enumerations | Functions
m2mb_ssl.h File Reference

SSL TLS support. More...

Go to the source code of this file.

Data Structures

struct  M2MB_SSL_PSK_TABLE_T
 
struct  M2MB_SSL_CERT_T
 
struct  M2MB_SSL_CA_INFO_T
 
struct  M2MB_SSL_CA_LIST_T
 
union  M2MB_SSL_SEC_INFO_U
 
struct  M2MB_SSL_CONFIG_T
 

Macros

#define M2MB_SSL_SUCCESS   0 /* Generic Success */
 
#define M2MB_SSL_FAILURE   -1 /* Generic failure */
 
#define M2MB_SSL_ARG_FAIL   -6 /* Failure due to bad function param */
 
#define M2MB_SSL_PLATFORM_FAIL   -7 /* Not used */
 
#define M2MB_SSL_MEM_FAIL   -8 /* Not used */
 
#define M2MB_SSL_LIMIT_FAIL   -9 /* Not used */
 
#define M2MB_SSL_UNSUPPORTED_FAIL   -10 /* Not used */
 
#define M2MB_SSL_PROTOCOL_FAIL   -12 /* A protocol error occurred */
 
#define M2MB_SSL_TIMEOUT_FAIL   -13 /* A timeout occurred and MAY be an error */
 
#define M2MB_SSL_INTERRUPT_FAIL   -14 /* An interrupt occurred and MAY be an error */
 
#define M2MB_SSL_WRITE_ERROR   -15 /* An error occured while encoding on socket */
 
#define M2MB_SSL_READ_ERROR   -16 /* An error occured while decoding from socket */
 
#define M2MB_SSL_END_OF_FILE   -17 /* Ther's no data to read in SSL */
 
#define M2MB_SSL_CLOSE_NOTIFY   -18 /* SSL connection has been closed by remote host */
 
#define M2MB_SSL_CERT_AUTH_FAIL   -35 /* Authentication fails */
 
#define M2MB_SSL_FULL   -50 /* Not used */
 
#define M2MB_SSL_ALERT   -54 /* We've decoded an alert */
 
#define M2MB_SSL_FILE_NOT_FOUND   -55 /* File not found */
 
#define M2MB_SSL_FALSE   0 /* FALSE */
 
#define M2MB__SSL_TRUE   1 /* TRUE */
 
#define M2MB_SSL_MAX_CA_LIST   10
 
#define M2MB_SSL_MAX_CIPHERSUITES   8
 
#define M2MB_QC_NOT_VALID_CIPHER   0
 

Typedefs

typedef HANDLE M2MB_SSL_CTXT_HANDLE
 
typedef HANDLE M2MB_SSL_CONFIG_HANDLE
 
typedef uiHANDLE M2MB_SSL_CONNECTION_HANDLE
 
typedef enum M2MB_SSL_PROTOCOL_VERSION_E M2MB_SSL_PROTOCOL_VERSION_E
 
typedef enum M2MB_SSL_CIPHER_SUITE_E M2MB_SSL_CIPHER_SUITE_E
 
typedef enum M2MB_SSL_CERT_TYPE_E M2MB_SSL_CERT_TYPE_E
 
typedef struct M2MB_SSL_PSK_TABLE_T M2MB_SSL_PSK_TABLE_T
 
typedef struct M2MB_SSL_CERT_T M2MB_SSL_CERT_T
 
typedef struct M2MB_SSL_CA_INFO_T M2MB_SSL_CA_INFO_T
 
typedef struct M2MB_SSL_CA_LIST_T M2MB_SSL_CA_LIST_T
 
typedef enum M2MB_SSL_AUTH_TYPE_E M2MB_SSL_AUTH_TYPE_E
 
typedef struct M2MB_SSL_CONFIG_T M2MB_SSL_CONFIG_T
 

Enumerations

enum  M2MB_SSL_PROTOCOL_VERSION_E {
  M2MB_SSL_PROTOCOL_TLS_1_0, M2MB_SSL_PROTOCOL_TLS_1_1, M2MB_SSL_PROTOCOL_TLS_1_2, M2MB_SSL_PROTOCOL_TLS_1_3,
  M2MB_SSL_PROTOCOL_DTLS_1_0, M2MB_SSL_PROTOCOL_DTLS_1_2, M2MB_SSL_PROTOCOL_TLS
}
 
enum  M2MB_SSL_CIPHER_SUITE_E {
  M2MB_TLS_PSK_WITH_RC4_128_SHA, M2MB_TLS_PSK_WITH_3DES_EDE_CBC_SHA, M2MB_TLS_PSK_WITH_AES_128_CBC_SHA, M2MB_TLS_PSK_WITH_AES_256_CBC_SHA,
  M2MB_TLS_PSK_WITH_AES_128_GCM_SHA256, M2MB_TLS_PSK_WITH_AES_256_GCM_SHA384, M2MB_TLS_PSK_WITH_AES_128_CBC_SHA256, M2MB_TLS_PSK_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_RSA_WITH_AES_256_CBC_SHA, M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_RSA_WITH_AES_256_CBC_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  M2MB_TLS_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_RSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, M2MB_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, M2MB_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CCM, M2MB_TLS_RSA_WITH_AES_256_CCM, M2MB_TLS_DHE_RSA_WITH_AES_128_CCM, M2MB_TLS_DHE_RSA_WITH_AES_256_CCM,
  M2MB_TLS_RSA_WITH_AES_128_CCM_8, M2MB_TLS_RSA_WITH_AES_256_CCM_8, M2MB_TLS_DHE_RSA_WITH_AES_128_CCM_8, M2MB_TLS_DHE_RSA_WITH_AES_256_CCM_8,
  M2MB_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, M2MB_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, M2MB_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, M2MB_TLS_AES_128_GCM_SHA256,
  M2MB_TLS_AES_256_GCM_SHA384, M2MB_TLS_CHACHA20_POLY1305_SHA256, M2MB_TLS_AES_128_CCM_SHA256, M2MB_TLS_AES_128_CCM_8_SHA256
}
 
enum  M2MB_SSL_CERT_TYPE_E { M2MB_SSL_CACERT, M2MB_SSL_CERT, M2MB_SSL_PSKTABLE }
 
enum  M2MB_SSL_AUTH_TYPE_E { M2MB_SSL_NO_AUTH, M2MB_SSL_SERVER_AUTH, M2MB_SSL_SERVER_CLIENT_AUTH }
 
enum  M2MB_SSL_CONF_REQUEST_E { M2MB_SSL_NAME_CHECK = 0, M2MB_SSL_NAME_SNI = 1, M2MB_SSL_DTLS_SET_SOCKET_NAME = 2 }
 

Functions

M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt (void)
 creates SSL TLS context More...
 
M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config (M2MB_SSL_CONFIG_T sslConfig, INT32 *result)
 creates an SSL TLS configuration More...
 
INT32 m2mb_ssl_delete_config (M2MB_SSL_CONFIG_HANDLE sslConfigHndl)
 deletes an SSL TLS configuration More...
 
M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket (M2MB_SSL_CONFIG_HANDLE sslConfigHndl, M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SOCKET_BSD_SOCKET socket_fd, INT32 *result)
 creates secure socket connection More...
 
INT32 m2mb_ssl_connect (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
 performs SSL TLS connection More...
 
INT32 m2mb_ssl_write (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
 writes len bytes from buf into sslConnectionHandle SSL TLS connection More...
 
INT32 m2mb_ssl_read (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
 read len bytes from sslConnectionHandle SSL TLS connection into buf More...
 
INT32 m2mb_ssl_shutdown (M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
 shutdown SSL TLS connection More...
 
INT32 m2mb_ssl_cert_store (M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_SEC_INFO_U sslSecInfo, CHAR *name)
 store certificates from buffer More...
 
INT32 m2mb_ssl_cert_load (M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 load certificates in the SSL context More...
 
INT32 m2mb_ssl_cert_delete (M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 delete certificates More...
 
void m2mb_ssl_delete_ctxt (M2MB_SSL_CTXT_HANDLE sslCtxtHndl)
 delete context More...
 
INT32 m2mb_ssl_config (M2MB_SSL_CONFIG_HANDLE sslConfigHndl, INT32 cmd, void *argp)
 to configure the paramaters More...
 

Detailed Description

SSL TLS support.

m2m/m2m_common/m2mb_inc/m2mb_ssl.h

SSL TLS secure socket APIs

@notes Dependencies: #include <m2mb_types.h> #include <m2mb_socket.h> #include <m2mb_trace.h>

Author
Andrea Pirnetti Atul Chavan
Date
12/11/2019

Function Documentation

◆ m2mb_ssl_cert_delete()

INT32 m2mb_ssl_cert_delete ( M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR *  name 
)

delete certificates

delete CA list or client certificate and key or PSK table depending on first parameter(SSL cert type)

Parameters
[in]CHAR*name specifies name of the SSL certificate to be deleted
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
res = m2mb_ssl_cert_delete( M2MB_SSL_CACERT, (CHAR*)SSLCERTCA ); //SSLCERTCA is name gievn to CA cert in m2mb_ssl_cert_store() API
if(res==0)
{
printf("m2mb_ssl_cert_delete PASS");
}
else
{
printf("m2mb_ssl_cert_delete failed with code %d",res);
}
}

◆ m2mb_ssl_cert_load()

INT32 m2mb_ssl_cert_load ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR *  name 
)

load certificates in the SSL context

load in the SSL context CA list or client cert and key or PSK table previously stored with m2mb_ssl_cert_store

Parameters
[in]M2MB_SSL_CTXT_HANDLEsslCtxtHndl specifies the SSL context handle of the context to be loaded
[in]M2MB_SSL_CERT_TYPE_EsslCertType specifies the SSL certificate type
[in]CHAR*name specifies name of the SSL certificate
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
res = m2mb_ssl_cert_load( hSSLCtx,M2MB_SSL_CACERT,(CHAR*) SSLCERTCA ); hSSLCtx of type M2MB_SSL_CTXT_HANDLE return by m2mb_ssl_create_ctxt()
if(res != 0)
{
printf("m2mb_ssl_cert_load FAILED");
}
}

◆ m2mb_ssl_cert_store()

INT32 m2mb_ssl_cert_store ( M2MB_SSL_CERT_TYPE_E  sslCertType,
M2MB_SSL_SEC_INFO_U  sslSecInfo,
CHAR *  name 
)

store certificates from buffer

store CA list or client certificate and key or PSK table depending on first parameter(SSL cert type)

Parameters
[in]M2MB_SSL_CERT_TYPE_EsslCertType specifies the SSL certificate type
[in]M2MB_SSL_SEC_INFO_UsslSecInfo specifies the SSL certificate(CA list or client certificate and key or PSK table depending on first parameter)
[in]CHAR*name specifies name of the SSL certificate
Returns
0 on success otherwise returns < 0
Note
client key should be in .pem or .der format

Example

#define CACERTFILE "CA_20170710_1732_sha2_2048.crt"
#define SSLCERTCA "mycacert"
void main(void)
{
INT32 res;
INT32 fd = -1;
struct M2MB_STAT st ={0x00};
UINT8 CA_BUF[4096] = "";
printf("ca cert file %s \r\n",CACERTFILE);
if (0 ==m2mb_fs_stat(CACERTFILE, &st))
{
printf("file size: %u\r\n", st.st_size);
}
fd = m2mb_fs_open(CACERTFILE,
M2MB_O_RDONLY //open in read only mode
);
if (fd == -1 )
{
printf("Cannot open file %s \r\n",CACERTFILE);
exit:
}
printf("Reading content from file. Size: %u\r\n", st.st_size);
res = m2mb_fs_read(fd, CA_BUF, st.st_size);
if (res != st.st_size)
{
printf("Failed reading buffer into file.\r\n");
m2mb_fs_close(fd);
}
else
{
printf("Buffer successfully received from file. %d bytes were loaded.\r\n", res);
}
res = m2mb_fs_close(fd);
printf("res: %d", res);
SSL_info.ca_List.ca_Cnt = 1;
SSL_info.ca_List.ca_Info[0] = &ca_Info[0];
SSL_info.ca_List.ca_Info[0]->ca_Size = st.st_size;
SSL_info.ca_List.ca_Info[0]->ca_Buf = CA_BUF;
res = m2mb_ssl_cert_store( M2MB_SSL_CACERT,SSL_info,(CHAR*) SSLCERTCA );
if(res != 0)
{
printf("m2mb_ssl_cert_store FAILED");
}
else
{
printf("m2mb_ssl_cert_store succeeded");
}
}

◆ m2mb_ssl_config()

INT32 m2mb_ssl_config ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl,
INT32  cmd,
void *  argp 
)

to configure the paramaters

this API can be used to set configurations for DTLS and SNI. for DTLS, use this API to set sock address. for SNI, use this API to pass server name.

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the SSL configuration handler previously created through m2mb_ssl_create_config
[in]INT32cmd Integer value 0, 1, or 2 specifies the action.
[in]void*argp pointer to the value to set for that action in cmd
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

void main(void)
{
INT32 ret;
struct M2MB_SOCKET_BSD_SOCKADDR *sock_addr;
struct M2MB_SOCKET_BSD_SOCKADDR_IN stSockAddrClient;
sock_addr = (struct M2MB_SOCKET_BSD_SOCKADDR *)&stSockAddrClient;
ret=m2mb_ssl_config(hSSLConfig,2,sock_addr); //hSSLConfig is of type M2MB_SSL_CONFIG_HANDLE return by m2mb_ssl_create_config()
if(ret != 0)
{
printf("m2mb_ssl_config falied");
}
else
{
printf("m2mb_ssl_config succeeded");
}
ret=m2mb_ssl_config(hSSLConfig,1,"www.telit.com"); //hSSLConfig is of type M2MB_SSL_CONFIG_HANDLE return by m2mb_ssl_create_config()
if(ret != 0)
{
printf("m2mb_ssl_config falied");
}
else
{
printf("m2mb_ssl_config succeeded");
}
}

◆ m2mb_ssl_connect()

INT32 m2mb_ssl_connect ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle)

performs SSL TLS connection

performs SSL TLS handshake over sslConnectionHandle

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle previously returned by m2mb_ssl_secure_socket
Returns
0 on success otherwise returns < 0
Note
<Notes>

Example

void main(void)
{
INT32 res;
res = m2mb_ssl_connect( hSSLConn ); //hSSLConn of type M2MB_SSL_CONNECTION_HANDLE rerutn by m2mb_ssl_secure_socket
if( res != 0 )
{
printf("m2mb_ssl_connect FAILED error %d ",res);
}
else
{
printf("m2mb_ssl_connect succeeded");
}
}

◆ m2mb_ssl_create_config()

M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config ( M2MB_SSL_CONFIG_T  sslConfig,
INT32 *  result 
)

creates an SSL TLS configuration

creates an SSL TLS configuration with specified configuration parameters and returns an handler to be used when creating secure socket connection(m2mb_ssl_secure_socket)

Parameters
[in]M2MB_SSL_CONFIG_TsslConfig specifies SSL configuration parameters(TLS version, auth type and ciphersuites)
[out]INT32*result returns result < 0 in case of error
Returns
On success, handle of type M2MB_SSL_CONFIG_HANDLE is returned
Note
<Notes>

Example

void main(void)
{
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( (hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
}

◆ m2mb_ssl_create_ctxt()

M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt ( void  )

creates SSL TLS context

creates SSL TLS context that permits to load certificates(m2mb_ssl_cert_load) if needed and to create a secure socket connection(m2mb_ssl_secure_socket)

Returns
On success, handle of type M2MB_SSL_CTXT_HANDLE is returned otherwise returns NULL
Note
<Notes>

Example

void main(void)
{
M2MB_SSL_CTXT_HANDLE hSSLCtx = NULL;
hSSLCtx = m2mb_ssl_create_ctxt();
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
}

◆ m2mb_ssl_delete_config()

INT32 m2mb_ssl_delete_config ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl)

deletes an SSL TLS configuration

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the config handler to be deleted
Returns
returns 0 on success otherwise returns < 0
Note
<Notes>

Example

void main( void )
{
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( ( hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
res = m2mb_ssl_delete_config( hSSLConfig);
if(res != 0 )
{
printf("m2mb_ssl_delete_config() failed");
}
else
{
printf("m2mb_ssl_delete_config() succeeded");
}
}

◆ m2mb_ssl_delete_ctxt()

void m2mb_ssl_delete_ctxt ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl)

delete context

Parameters
[in]M2MB_SSL_CTXT_HANDLEsslCtxtHndl specifies handle of the context to be deleted
Returns
Note
<Notes>

Example

void main(void)
{
m2mb_ssl_delete_ctxt( hSSLCtx ); hSSLCtx of type M2MB_SSL_CTXT_HANDLE return by m2mb_ssl_create_ctxt()
}

◆ m2mb_ssl_read()

INT32 m2mb_ssl_read ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle,
void *  buf,
UINT32  len 
)

read len bytes from sslConnectionHandle SSL TLS connection into buf

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
[in]UINT8*buf specifies the input buffer
[in]UINT32len specifies the input len
Returns
On success, number of bytes read otherwise returns <= 0
Note
<Notes>

Example

void main(void)
{
INT32 res;
CHAR* buf = NULL;
const INT32 buflen=100;
buf = (CHAR*) m2mb_os_calloc(buflen*sizeof(CHAR));
res = m2mb_ssl_read(hSSLConn,buf,buflen); //hSSLConn of type M2MB_SSL_CONNECTION_HANDLE rerutn by m2mb_ssl_secure_socket
if(res <= 0)
{
printf("nothing read");
}
else
{
printf("m2mb_ssl_read >> %s \r\n",buf);
}
}

◆ m2mb_ssl_secure_socket()

M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket ( M2MB_SSL_CONFIG_HANDLE  sslConfigHndl,
M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SOCKET_BSD_SOCKET  socket_fd,
INT32 *  result 
)

creates secure socket connection

creates secure socket connection retrieving context and configuration parameters and linking a secure socket connection id to socket fd

Parameters
[in]M2MB_SSL_CONFIG_HANDLEsslConfigHndl specifies the SSL configuration handler previously created through m2mb_ssl_create_config
[in]M2MB_SSL_CONTEXT_HANDLEsslCtxtHndl specifies the SSL context previously created through m2mb_ssl_create_ctxt
[in]M2MB_SOCKET_BSD_SOCKETsocket_fd specifies the socket fd
[out]INT32*result returns result < 0 in case of error
Returns
On success, handle of type M2MB_SSL_CONNECTION_HANDLE is returned, to be used by successive APIs like m2mb_ssl_connect, m2mb_ssl_write, m2mb_ssl_read, m2mb_ssl_shutdown otherwise returns NULL
Note
M2MB_SSL_CONNECTION_HANDLE is valid until m2mb_ssl_shutdown() is called;

Example

#define SERVER_PORT_SERVER_AUTH 20518
#define SERVER_IP IP_Nimurta_Ext // for Nimurta
void main(void)
{
static struct M2MB_SOCKET_BSD_SOCKADDR_IN stSockAddr, sock_name;
INT32 argp = 0; // 0 is for blocking, 1 is not blocking ( set timeout below )
M2MB_SOCKET_BSD_SOCKET socket;
static struct M2MB_SOCKET_BSD_TIMEVAL RecvTimeOut = {0,0};
CHAR sockIPaddr[32] ="";
INT32 sock_len = 0;
M2MB_SSL_CTXT_HANDLE hSSLCtx = NULL;
M2MB_SSL_CONNECTION_HANDLE hSSLConn;
M2MB_SOCKET_BSD_SOCKET socket;
INT32 res;
M2MB_SSL_CONFIG_T SSLConfig;
M2MB_SSL_AUTH_TYPE_E SSL_AUTH_MODE;
M2MB_SSL_CIPHER_SUITE_E CipherSuite[2];
M2MB_SSL_CONFIG_HANDLE hSSLConfig;
SSL_AUTH_MODE = M2MB_SSL_SERVER_AUTH;
SSLConfig.ProtVers = M2MB_SSL_PROTOCOL_TLS_1_2;
SSLConfig.CipherSuites = CipherSuite;
SSLConfig.CipherSuites[0] = M2MB_TLS_RSA_WITH_AES_128_CBC_SHA;
SSLConfig.CipherSuites[1] = M2MB_TLS_RSA_WITH_AES_256_CBC_SHA;
SSLConfig.CipherSuitesNum = 2;
SSLConfig.AuthType = SSL_AUTH_MODE;
socket = m2mb_socket_bsd_socket(M2MB_SOCKET_BSD_PF_INET, M2MB_SOCKET_BSD_SOCK_STREAM, M2MB_SOCKET_BSD_IPPROTO_TCP);
if (M2MB_SOCKET_BSD_INVALID_SOCKET == socket)
{
printf( "invalid socket");
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
if ( m2mb_socket_set_cid( socket, 2 ) != 0 )
{
printf( "Socket not set to ctx: %d", 2 );
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
memset(&stSockAddr, 0, sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
memset(&sock_name, 0, sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
stSockAddr.sin_port = m2mb_socket_bsd_htons( SERVER_PORT_SERVER_AUTH );
stSockAddr.sin_family = M2MB_SOCKET_BSD_PF_INET;
m2mb_socket_bsd_inet_pton( M2MB_SOCKET_BSD_AF_INET, SERVER_IP, &stSockAddr.sin_addr.s_addr );
m2mb_os_taskSleep( M2MB_OS_MS2TICKS( 1000 ) );
res = m2mb_socket_bsd_connect(socket, (struct M2MB_SOCKET_BSD_SOCKADDR*)&stSockAddr,
sizeof(struct M2MB_SOCKET_BSD_SOCKADDR_IN));
if(-1 == res)
{
printf( "m2mb_socket_bsd_connect failed on port %d",SERVER_PORT_SERVER_AUTH );
printf("errno >> %d \r\n",m2mb_socket_errno());
return;
}
res = m2mb_socket_bsd_get_sock_name(socket ,(struct M2MB_SOCKET_BSD_SOCKADDR *)&sock_name, &sock_len );
m2mb_socket_bsd_inet_ntop( M2MB_SOCKET_BSD_AF_INET, &sock_name.sin_addr.s_addr, ( CHAR * )&( sockIPaddr ), sizeof( sockIPaddr ) );
printf( "Local IP : %s\r\n", sockIPaddr );
printf( "Local PORT: %u\r\n", m2mb_socket_bsd_ntohs(sock_name.sin_port) );
argp=0; //not blocking argp=1, blocking argp=0
m2mb_socket_bsd_ioctl(socket, M2MB_SOCKET_BSD_FIONBIO, &argp);
RecvTimeOut.m_tv_sec = 30; // 30 seconds.
m2mb_socket_bsd_set_sock_opt(socket, M2MB_SOCKET_BSD_SOL_SOCKET, M2MB_SOCKET_BSD_SO_RCVTIMEO, &RecvTimeOut, sizeof(RecvTimeOut));
hSSLConfig = m2mb_ssl_create_config( SSLConfig, &res );
if( ( hSSLConfig == NULL ) || ( res != 0 ) )
{
printf("m2mb_ssl_create_config() failed");
}
else
{
printf("m2mb_ssl_create_config() succeeded");
}
hSSLCtx = m2mb_ssl_create_ctxt();
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
hSSLConn = m2mb_ssl_secure_socket( hSSLConfig,hSSLCtx,socket,&res );
if(hSSLCtx == NULL)
{
printf("m2mb_ssl_create_ctxt() failed");
}
else
{
printf("m2mb_ssl_create_ctxt() succeeded");
}
}

◆ m2mb_ssl_shutdown()

INT32 m2mb_ssl_shutdown ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle)

shutdown SSL TLS connection

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
Returns
0 on success
Note
It always returns error in case connection was fail in m2mb_ssl_connect. This function executes also free of sslConnectionHandle.

Example

void main(void)
{
INT32 res;
res = m2mb_ssl_shutdown(hSSLConn); //hSSLConn of type M2MB_SSL_CONNECTION_HANDLE rerutn by m2mb_ssl_secure_socket
if(res != 0)
{
printf("m2mb_ssl_shutdown FAILED");
}
else
{
printf("m2mb_ssl_shutdown succeeded");
}
}

◆ m2mb_ssl_write()

INT32 m2mb_ssl_write ( M2MB_SSL_CONNECTION_HANDLE  sslConnectionHandle,
void *  buf,
UINT32  len 
)

writes len bytes from buf into sslConnectionHandle SSL TLS connection

Parameters
[in]M2MB_SSL_CONNECTION_HANDLEsslConnectionHandle specifies the sslConnectionHandle
[in]UINT8*buf specifies the input buffer
[in]UINT32len specifies the input len
Returns
On success, number of bytes written otherwise returns < 0
Note
<Notes>

Example

#define ECHO_STRING (const CHAR*) "my appzone message\n"
void main(void)
{
INT32 res;
CHAR* query = NULL;
const INT32 querylen=100;
query = (CHAR*)m2mb_os_calloc(querylen*sizeof(CHAR));
strcpy(query,ECHO_STRING);
res = m2mb_ssl_write( hSSLConn, query, querylen ); //hSSLConn of type M2MB_SSL_CONNECTION_HANDLE rerutn by m2mb_ssl_secure_socket
if(res < 0)
{
printf("m2mb_ssl_write FAILED");
}
else
{
printf("m2mb_ssl_write succeeded");
}
}
m2mb_socket_bsd_htons
UINT16 m2mb_socket_bsd_htons(UINT16 x)
convertion between host and network byte order
m2mb_socket_bsd_ioctl
INT32 m2mb_socket_bsd_ioctl(M2MB_SOCKET_BSD_SOCKET s, INT32 cmd, void *argp)
IO control function.
m2mb_ssl_delete_config
INT32 m2mb_ssl_delete_config(M2MB_SSL_CONFIG_HANDLE sslConfigHndl)
deletes an SSL TLS configuration
m2mb_ssl_secure_socket
M2MB_SSL_CONNECTION_HANDLE m2mb_ssl_secure_socket(M2MB_SSL_CONFIG_HANDLE sslConfigHndl, M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SOCKET_BSD_SOCKET socket_fd, INT32 *result)
creates secure socket connection
m2mb_ssl_shutdown
INT32 m2mb_ssl_shutdown(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
shutdown SSL TLS connection
m2mb_ssl_create_config
M2MB_SSL_CONFIG_HANDLE m2mb_ssl_create_config(M2MB_SSL_CONFIG_T sslConfig, INT32 *result)
creates an SSL TLS configuration
M2MB_SOCKET_BSD_SOCKADDR_IN
Definition: m2mb_socket.h:204
m2mb_socket_errno
INT32 m2mb_socket_errno(void)
Gets the last error occured.
M2MB_SOCKET_BSD_TIMEVAL
Definition: m2mb_socket.h:255
m2mb_socket_bsd_socket
M2MB_SOCKET_BSD_SOCKET m2mb_socket_bsd_socket(INT32 domain, INT32 type, INT32 protocol)
create an endpoint for communication
m2mb_ssl_cert_load
INT32 m2mb_ssl_cert_load(M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
load certificates in the SSL context
m2mb_ssl_create_ctxt
M2MB_SSL_CTXT_HANDLE m2mb_ssl_create_ctxt(void)
creates SSL TLS context
m2mb_socket_bsd_get_sock_name
INT32 m2mb_socket_bsd_get_sock_name(M2MB_SOCKET_BSD_SOCKET s, struct M2MB_SOCKET_BSD_SOCKADDR *name, INT32 *namelen)
get socket name
m2mb_fs_stat
INT32 m2mb_fs_stat(const CHAR *path, struct M2MB_STAT *buf)
File status.
m2mb_os_calloc
void * m2mb_os_calloc(UINT32 size)
Allocates bytes of memory and init space with 0.
M2MB_OS_MS2TICKS
UINT32 M2MB_OS_MS2TICKS(UINT32 ms)
Convert ms to ticks.
M2MB_SOCKET_BSD_SOCKADDR
Definition: m2mb_socket.h:188
M2MB_STAT
Definition: m2mb_fs_posix.h:82
m2mb_ssl_write
INT32 m2mb_ssl_write(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
writes len bytes from buf into sslConnectionHandle SSL TLS connection
m2mb_socket_bsd_connect
INT32 m2mb_socket_bsd_connect(M2MB_SOCKET_BSD_SOCKET s, const struct M2MB_SOCKET_BSD_SOCKADDR *name, INT32 namelen)
connect a socket
m2mb_fs_open
INT32 m2mb_fs_open(const CHAR *path, INT32 oflag,...)
Open file.
m2mb_fs_close
INT32 m2mb_fs_close(INT32 fd)
Close file.
m2mb_socket_set_cid
INT32 m2mb_socket_set_cid(M2MB_SOCKET_BSD_SOCKET s, UINT8 cid)
link a socket to a cid
m2mb_socket_bsd_inet_pton
INT32 m2mb_socket_bsd_inet_pton(INT32 af, const CHAR *src, void *dst)
convert IPv4 and IPv6 addresses from text to binary form
m2mb_ssl_config
INT32 m2mb_ssl_config(M2MB_SSL_CONFIG_HANDLE sslConfigHndl, INT32 cmd, void *argp)
to configure the paramaters
m2mb_ssl_cert_delete
INT32 m2mb_ssl_cert_delete(M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
delete certificates
m2mb_os_taskSleep
M2MB_OS_RESULT_E m2mb_os_taskSleep(UINT32 ticks)
Suspend current task for specified time in ticks.
m2mb_fs_read
SSIZE_T m2mb_fs_read(INT32 fd, void *buf, SIZE_T nbyte)
Read file.
m2mb_socket_bsd_ntohs
UINT16 m2mb_socket_bsd_ntohs(UINT16 x)
convertion between host and network byte order
m2mb_ssl_read
INT32 m2mb_ssl_read(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle, void *buf, UINT32 len)
read len bytes from sslConnectionHandle SSL TLS connection into buf
m2mb_ssl_cert_store
INT32 m2mb_ssl_cert_store(M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_SEC_INFO_U sslSecInfo, CHAR *name)
store certificates from buffer
M2MB_SSL_CONFIG_T
Definition: m2mb_ssl.h:204
m2mb_socket_bsd_inet_ntop
CHAR * m2mb_socket_bsd_inet_ntop(INT32 af, const void *src, CHAR *dst, SIZE_T size)
convert IPv4 and IPv6 addresses from binary to text form
m2mb_ssl_delete_ctxt
void m2mb_ssl_delete_ctxt(M2MB_SSL_CTXT_HANDLE sslCtxtHndl)
delete context
m2mb_socket_bsd_set_sock_opt
INT32 m2mb_socket_bsd_set_sock_opt(M2MB_SOCKET_BSD_SOCKET s, INT32 level, INT32 optname, const void *optval, INT32 optlen)
set options on sockets
m2mb_ssl_connect
INT32 m2mb_ssl_connect(M2MB_SSL_CONNECTION_HANDLE sslConnectionHandle)
performs SSL TLS connection