WL865E4-P  36.07.001
M2MB SSL
Network group

This section describes the M2MB APIs for Layer Security (TLS) and the Secure Socket Layer (SSL). More...

#define M2MB_SSL_FAILURE   -1
 
#define M2MB_SSL_ARG_FAIL   -6
 
#define M2MB_SSL_PLATFORM_FAIL   -7
 
#define M2MB_SSL_MEM_FAIL   -8
 
#define M2MB_SSL_LIMIT_FAIL   -9
 
#define M2MB_SSL_UNSUPPORTED_FAIL   -10
 
#define M2MB_SSL_PROTOCOL_FAIL   -12
 
#define M2MB_SSL_TIMEOUT_FAIL   -13
 
#define M2MB_SSL_INTERRUPT_FAIL   -14
 
#define M2MB_SSL_WRITE_ERROR   -15
 
#define M2MB_SSL_READ_ERROR   -16
 
#define M2MB_SSL_END_OF_FILE   -17
 
#define M2MB_SSL_CLOSE_NOTIFY   -18
 
#define M2MB_SSL_CERT_AUTH_FAIL   -35
 
#define M2MB_SSL_FULL   -50
 
#define M2MB_SSL_ALERT   -54
 
#define M2MB_SSL_FILE_NOT_FOUND   -55
 
#define M2MB_SSL_FALSE   0
 
#define M2MB__SSL_TRUE   1
 
#define M2MB_SSL_MAX_CA_LIST   10
 
#define M2MB_SSL_INVALID_HANDLE   (0)
 
#define M2MB_SSL_MAX_CIPHER_COUNT   64
 
#define M2MB_SSL_MAX_CERT_NAME_LEN   64
 
#define M2MB_SSL_MAX_SNI_NAME_LEN   (64)
 
enum  SSL_CFG_PARAM {
  M2MB_SSL_CONF_INVALID = 0,
  M2MB_SSL_CONF_PROTOCOL,
  M2MB_SSL_CONF_CACERT,
  M2MB_SSL_CONF_CERT,
  M2MB_SSL_CONF_CIPHER,
  M2MB_SSL_CONF_TIME,
  M2MB_SSL_CONF_ALERT,
  M2MB_SSL_CONF_DOMAIN,
  M2MB_SSL_CONF_MAX_FRAG_LEN,
  M2MB_SSL_CONF_NEG_DISABLE,
  M2MB_SSL_CONF_SNI,
  M2MB_SSL_CONF_ALPN
}
 
enum  M2MB_SSL_PROTOCOL_VERSION_E {
  M2MB_SSL_PROTOCOL_TLS_1_0,
  M2MB_SSL_PROTOCOL_TLS_1_1,
  M2MB_SSL_PROTOCOL_TLS_1_2,
  M2MB_SSL_PROTOCOL_DTLS_1_0,
  M2MB_SSL_PROTOCOL_DTLS_1_2
}
 TLS protocol version enum. More...
 
enum  M2MB_SSL_CIPHER_SUITE_E {
  M2MB_TLS_PSK_WITH_RC4_128_SHA,
  M2MB_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
  M2MB_TLS_PSK_WITH_AES_128_CBC_SHA,
  M2MB_TLS_PSK_WITH_AES_256_CBC_SHA,
  M2MB_TLS_PSK_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_PSK_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_PSK_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_PSK_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_RSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_RSA_WITH_AES_256_CBC_SHA256,
  M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  M2MB_TLS_RSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
  M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
  M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
  M2MB_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  M2MB_TLS_RSA_WITH_AES_128_CCM,
  M2MB_TLS_RSA_WITH_AES_256_CCM,
  M2MB_TLS_DHE_RSA_WITH_AES_128_CCM,
  M2MB_TLS_DHE_RSA_WITH_AES_256_CCM,
  M2MB_TLS_RSA_WITH_AES_128_CCM_8,
  M2MB_TLS_RSA_WITH_AES_256_CCM_8,
  M2MB_TLS_DHE_RSA_WITH_AES_128_CCM_8,
  M2MB_TLS_DHE_RSA_WITH_AES_256_CCM_8,
  M2MB_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
  M2MB_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
  M2MB_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
}
 TLS ciphersuites enum. More...
 
enum  M2MB_SSL_CERT_TYPE_E {
  M2MB_SSL_CACERT,
  M2MB_SSL_CERT,
  M2MB_SSL_PRIVKEY,
  M2MB_SSL_PSKTABLE,
  M2MB_SSL_CERTALL
}
 SSL certificate type enum. More...
 
enum  M2MB_SSL_PEMCERT_TYPE_E {
  M2MB_SSL_PEM_CERT,
  M2MB_SSL_PEM_PKCS1_PRIVKEY,
  M2MB_SSL_PEM_PKCS8_PRIVKEY,
  M2MB_SSL_PEM_PKCS8_ENC_PRIVKEY,
  M2MB_SSL_PEM_EC_PRIVKEY
}
 SSL certificate type enum. More...
 
enum  M2MB_SSL_CERT_FMT_E {
  M2MB_SSL_DER,
  M2MB_SSL_PEM
}
 SSL certificate format enum. More...
 
enum  M2MB_SSL_UPPROTO_TYPE {
  M2MB_SSL_CLIENT,
  M2MB_SSL_HTTPC,
  M2MB_SSL_HTTPD,
  M2MB_SSL_MQTT,
  M2MB_SSL_WEBSOCKET
}
 
enum  M2MB_SSL_AUTH_TYPE_E {
  M2MB_SSL_NO_AUTH,
  M2MB_SSL_SERVER_AUTH,
  M2MB_SSL_SERVER_CLIENT_AUTH
}
 SSL authentication types enum. More...
 
enum  M2MB_SSL_SSL_ROLE_E {
  M2MB_SSL_SSL_ROLE_SERVER_E = 0,
  M2MB_SSL_SSL_ROLE_CLIENT_E = 1
}
 SSL object role. More...
 
typedef enum SSL_CFG_PARAM SSL_CFG_PARAM_E
 
typedef HANDLE M2MB_SSL_CTXT_HANDLE
 SSL context handle.
This is obtained from m2mb_ssl_create_ctxt API and then used in subsequent SSL APIs. More...
 
typedef enum M2MB_SSL_PROTOCOL_VERSION_E M2MB_SSL_PROTOCOL_VERSION_E
 TLS protocol version enum. More...
 
typedef enum M2MB_SSL_CIPHER_SUITE_E M2MB_SSL_CIPHER_SUITE_E
 TLS ciphersuites enum. More...
 
typedef enum M2MB_SSL_CERT_TYPE_E M2MB_SSL_CERT_TYPE_E
 SSL certificate type enum. More...
 
typedef enum M2MB_SSL_PEMCERT_TYPE_E M2MB_SSL_PEMCERT_TYPE_E
 SSL certificate type enum. More...
 
typedef enum M2MB_SSL_CERT_FMT_E M2MB_SSL_CERT_FMT_E
 SSL certificate format enum. More...
 
typedef enum M2MB_SSL_UPPROTO_TYPE M2MB_SSL_UPPROTO_TYPE_E
 
typedef struct M2MB_SSL_PSK_TABLE_T M2MB_SSL_PSK_TABLE_T
 PSK table structure. Structure to hold a preshared key (PSK) used to populate the PSK table. The PSK table is used by TLS PSK cipher suites. More...
 
typedef struct M2MB_SSL_CERT_T M2MB_SSL_CERT_T
 SSL certificate information for conversion and storage. More...
 
typedef struct M2MB_SSL_CA_INFO_T M2MB_SSL_CA_INFO_T
 SSL certificate authority list information. More...
 
typedef struct M2MB_SSL_CA_LIST_T M2MB_SSL_CA_LIST_T
 SSL certificate authority information for conversion and storage. More...
 
typedef struct M2MB_SSL_CERT_LIST_T M2MB_SSL_CERT_LIST_T
 SSL Cert list structure. More...
 
typedef enum M2MB_SSL_AUTH_TYPE_E M2MB_SSL_AUTH_TYPE_E
 SSL authentication types enum. More...
 
typedef enum M2MB_SSL_SSL_ROLE_E M2MB_SSL_SSL_ROLE_E
 SSL object role. More...
 
typedef struct M2MB_SSL_CONFIG_T M2MB_SSL_CONFIG_T
 Structure to configure an SSL connection. More...
 
M2MB_SSL_CTXT_HANDLE m2mb_ssl_init (M2MB_SSL_SSL_ROLE_E role)
 Initialize SSL TLS context. More...
 
INT32 m2mb_ssl_set_config (M2MB_SSL_CTXT_HANDLE sslContextHndl, SSL_CFG_PARAM_E CONF_ID, INT8 *CONF_VAL)
 Set SSL configuration on the previously created SSL context. More...
 
void m2mb_ssl_close (M2MB_SSL_CTXT_HANDLE sslContextHndl)
 deletes an m2mb SSL context created during m2mb_ssl_init() More...
 
INT32 m2mb_ssl_secure_protocol (M2MB_SSL_CTXT_HANDLE sslContextHndl, M2MB_SSL_UPPROTO_TYPE_E protoType, VOID *protoCtxHndl)
 Configures the SSL security on the given protocol connection. More...
 
INT32 m2mb_ssl_connect (M2MB_SSL_CTXT_HANDLE sslContextHndl, M2MB_SOCKET_BSD_SOCKET socket_fd)
 Performs SSL Client connection. More...
 
INT32 m2mb_ssl_write (M2MB_SSL_CTXT_HANDLE sslContextHndl, void *buf, UINT32 len)
 Writes data to the SSL connection. More...
 
INT32 m2mb_ssl_read (M2MB_SSL_CTXT_HANDLE sslContextHndl, void *buf, UINT32 len)
 Read len bytes from SSL connection into buf. More...
 
INT32 m2mb_ssl_cert_store (M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_SEC_INFO_U sslSecInfo, CHAR *name, M2MB_SSL_CERT_FMT_E format)
 Store certificates from buffer. More...
 
INT32 m2mb_ssl_cert_load (M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 Load certificates in the SSL context. More...
 
UINT8 m2mb_ssl_get_certloadStatus (M2MB_SSL_CTXT_HANDLE sslCtxtHndl, M2MB_SSL_CERT_TYPE_E sslCertType)
 Check if the certificate is loaded in the SSL context. More...
 
INT32 m2mb_ssl_cert_delete (M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *name)
 Delete certificates. More...
 
INT32 m2mb_ssl_status (M2MB_SSL_CTXT_HANDLE sslContextHndl)
 Returns the status of an SSL connection. More...
 
INT32 m2mb_ssl_accept (M2MB_SSL_CTXT_HANDLE sslSvrContextHndl, M2MB_SOCKET_BSD_SOCKET socket_fd, M2MB_SSL_CTXT_HANDLE *sslClientCtxHndl)
 Accepts an incoming SSL connection from the client. More...
 
INT32 m2mb_ssl_cert_get (M2MB_SSL_CERT_TYPE_E sslCertType, M2MB_SSL_CERT_LIST_T *sslCertList)
 It gets the list of the certificates stored. More...
 
UINT32 m2mb_ssl_get_internal_ssl_obj (M2MB_SSL_CTXT_HANDLE sslContextHndl)
 It get the list of certificates stored. More...
 
INT32 m2mb_ssl_cert_search (M2MB_SSL_CERT_TYPE_E sslCertType, CHAR *certName)
 Search for the given certificate in the system. More...
 

Detailed Description

This section describes the M2MB APIs for Layer Security (TLS) and the Secure Socket Layer (SSL).

TLS/SSL is used to provide security and data integrity between two pers communicating over TCP. After a TCP/UDP connection is established, the two pers use a handshake mechanism to establish the keys used for encryption/decryption and data verification. Once the handshake is successful, data can be transmitted/received over the SSL connection.

Macro Definition Documentation

◆ M2MB__SSL_TRUE

#define M2MB__SSL_TRUE   1

Denotes TRUE

Definition at line 80 of file m2mb_ssl.h.

◆ M2MB_SSL_ALERT

#define M2MB_SSL_ALERT   -54

Macro for a decoded alert

Definition at line 76 of file m2mb_ssl.h.

◆ M2MB_SSL_ARG_FAIL

#define M2MB_SSL_ARG_FAIL   -6

Macro for Failure due to bad function param

Definition at line 62 of file m2mb_ssl.h.

◆ M2MB_SSL_CERT_AUTH_FAIL

#define M2MB_SSL_CERT_AUTH_FAIL   -35

Macro for authentication failure

Definition at line 74 of file m2mb_ssl.h.

◆ M2MB_SSL_CLOSE_NOTIFY

#define M2MB_SSL_CLOSE_NOTIFY   -18

Macro for a SSL connection closure by remote host

Definition at line 73 of file m2mb_ssl.h.

◆ M2MB_SSL_END_OF_FILE

#define M2MB_SSL_END_OF_FILE   -17

Macro for no data to read in SSL

Definition at line 72 of file m2mb_ssl.h.

◆ M2MB_SSL_FAILURE

#define M2MB_SSL_FAILURE   -1

Macro for Generic failure

Definition at line 61 of file m2mb_ssl.h.

◆ M2MB_SSL_FALSE

#define M2MB_SSL_FALSE   0

Denotes FALSE

Definition at line 79 of file m2mb_ssl.h.

◆ M2MB_SSL_FILE_NOT_FOUND

#define M2MB_SSL_FILE_NOT_FOUND   -55

Macro for File not found

Definition at line 77 of file m2mb_ssl.h.

◆ M2MB_SSL_FULL

#define M2MB_SSL_FULL   -50

Not used

Definition at line 75 of file m2mb_ssl.h.

◆ M2MB_SSL_INTERRUPT_FAIL

#define M2MB_SSL_INTERRUPT_FAIL   -14

Macro for an interrupt and MAY be an error

Definition at line 69 of file m2mb_ssl.h.

◆ M2MB_SSL_INVALID_HANDLE

#define M2MB_SSL_INVALID_HANDLE   (0)

Macro for invalid SSL handle

Definition at line 83 of file m2mb_ssl.h.

◆ M2MB_SSL_LIMIT_FAIL

#define M2MB_SSL_LIMIT_FAIL   -9

Not used

Definition at line 65 of file m2mb_ssl.h.

◆ M2MB_SSL_MAX_CA_LIST

#define M2MB_SSL_MAX_CA_LIST   10

Macro for mavimum number of CA certs

Definition at line 81 of file m2mb_ssl.h.

◆ M2MB_SSL_MAX_CERT_NAME_LEN

#define M2MB_SSL_MAX_CERT_NAME_LEN   64

Macro for Maximum length of name of a certificate

Definition at line 286 of file m2mb_ssl.h.

◆ M2MB_SSL_MAX_CIPHER_COUNT

#define M2MB_SSL_MAX_CIPHER_COUNT   64

Macro for Maximum ciphers

Definition at line 285 of file m2mb_ssl.h.

◆ M2MB_SSL_MAX_SNI_NAME_LEN

#define M2MB_SSL_MAX_SNI_NAME_LEN   (64)

Macro for Maximum length of SNI name

Definition at line 287 of file m2mb_ssl.h.

◆ M2MB_SSL_MEM_FAIL

#define M2MB_SSL_MEM_FAIL   -8

Not used

Definition at line 64 of file m2mb_ssl.h.

◆ M2MB_SSL_PLATFORM_FAIL

#define M2MB_SSL_PLATFORM_FAIL   -7

Not used

Definition at line 63 of file m2mb_ssl.h.

◆ M2MB_SSL_PROTOCOL_FAIL

#define M2MB_SSL_PROTOCOL_FAIL   -12

Macro for protocol error

Definition at line 67 of file m2mb_ssl.h.

◆ M2MB_SSL_READ_ERROR

#define M2MB_SSL_READ_ERROR   -16

Macro for an error while decoding from socket

Definition at line 71 of file m2mb_ssl.h.

◆ M2MB_SSL_TIMEOUT_FAIL

#define M2MB_SSL_TIMEOUT_FAIL   -13

Macro for timeout and MAY be an error

Definition at line 68 of file m2mb_ssl.h.

◆ M2MB_SSL_UNSUPPORTED_FAIL

#define M2MB_SSL_UNSUPPORTED_FAIL   -10

Not used

Definition at line 66 of file m2mb_ssl.h.

◆ M2MB_SSL_WRITE_ERROR

#define M2MB_SSL_WRITE_ERROR   -15

Macro for an error while encoding on socket

Definition at line 70 of file m2mb_ssl.h.

Typedef Documentation

◆ M2MB_SSL_AUTH_TYPE_E

typedef enum M2MB_SSL_AUTH_TYPE_E M2MB_SSL_AUTH_TYPE_E

SSL authentication types enum.

◆ M2MB_SSL_CA_INFO_T

typedef struct M2MB_SSL_CA_INFO_T M2MB_SSL_CA_INFO_T

SSL certificate authority list information.

◆ M2MB_SSL_CA_LIST_T

typedef struct M2MB_SSL_CA_LIST_T M2MB_SSL_CA_LIST_T

SSL certificate authority information for conversion and storage.

◆ M2MB_SSL_CERT_FMT_E

typedef enum M2MB_SSL_CERT_FMT_E M2MB_SSL_CERT_FMT_E

SSL certificate format enum.

◆ M2MB_SSL_CERT_LIST_T

typedef struct M2MB_SSL_CERT_LIST_T M2MB_SSL_CERT_LIST_T

SSL Cert list structure.

◆ M2MB_SSL_CERT_T

typedef struct M2MB_SSL_CERT_T M2MB_SSL_CERT_T

SSL certificate information for conversion and storage.

◆ M2MB_SSL_CERT_TYPE_E

typedef enum M2MB_SSL_CERT_TYPE_E M2MB_SSL_CERT_TYPE_E

SSL certificate type enum.

◆ M2MB_SSL_CIPHER_SUITE_E

typedef enum M2MB_SSL_CIPHER_SUITE_E M2MB_SSL_CIPHER_SUITE_E

TLS ciphersuites enum.

◆ M2MB_SSL_CONFIG_T

typedef struct M2MB_SSL_CONFIG_T M2MB_SSL_CONFIG_T

Structure to configure an SSL connection.

◆ M2MB_SSL_CTXT_HANDLE

typedef HANDLE M2MB_SSL_CTXT_HANDLE

SSL context handle.
This is obtained from m2mb_ssl_create_ctxt API and then used in subsequent SSL APIs.

Definition at line 107 of file m2mb_ssl.h.

◆ M2MB_SSL_PEMCERT_TYPE_E

typedef enum M2MB_SSL_PEMCERT_TYPE_E M2MB_SSL_PEMCERT_TYPE_E

SSL certificate type enum.

◆ M2MB_SSL_PROTOCOL_VERSION_E

typedef enum M2MB_SSL_PROTOCOL_VERSION_E M2MB_SSL_PROTOCOL_VERSION_E

TLS protocol version enum.

◆ M2MB_SSL_PSK_TABLE_T

typedef struct M2MB_SSL_PSK_TABLE_T M2MB_SSL_PSK_TABLE_T

PSK table structure. Structure to hold a preshared key (PSK) used to populate the PSK table. The PSK table is used by TLS PSK cipher suites.

◆ M2MB_SSL_SSL_ROLE_E

typedef enum M2MB_SSL_SSL_ROLE_E M2MB_SSL_SSL_ROLE_E

SSL object role.

◆ M2MB_SSL_UPPROTO_TYPE_E

typedef enum M2MB_SSL_UPPROTO_TYPE M2MB_SSL_UPPROTO_TYPE_E

◆ SSL_CFG_PARAM_E

typedef enum SSL_CFG_PARAM SSL_CFG_PARAM_E

Enumeration Type Documentation

◆ M2MB_SSL_AUTH_TYPE_E

enum M2MB_SSL_AUTH_TYPE_E

SSL authentication types enum.

Enumerator
M2MB_SSL_NO_AUTH 
M2MB_SSL_SERVER_AUTH 
M2MB_SSL_SERVER_CLIENT_AUTH 

Definition at line 269 of file m2mb_ssl.h.

◆ M2MB_SSL_CERT_FMT_E

enum M2MB_SSL_CERT_FMT_E

SSL certificate format enum.

Enumerator
M2MB_SSL_DER 
M2MB_SSL_PEM 

DER format certificate or key

Definition at line 202 of file m2mb_ssl.h.

◆ M2MB_SSL_CERT_TYPE_E

enum M2MB_SSL_CERT_TYPE_E

SSL certificate type enum.

Enumerator
M2MB_SSL_CACERT 

root CA certificate to authenticate the server

M2MB_SSL_CERT 

client certificate in case of client authentication

M2MB_SSL_PRIVKEY 

client private key in case of client authentication

M2MB_SSL_PSKTABLE 

PSK table in case of DTLS

M2MB_SSL_CERTALL 

used for get certinfo

Definition at line 180 of file m2mb_ssl.h.

◆ M2MB_SSL_CIPHER_SUITE_E

enum M2MB_SSL_CIPHER_SUITE_E

TLS ciphersuites enum.

Enumerator
M2MB_TLS_PSK_WITH_RC4_128_SHA 

Cipher TLS_PSK_WITH_RC4_128_SHA.

M2MB_TLS_PSK_WITH_3DES_EDE_CBC_SHA 

Cipher TLS_PSK_WITH_3DES_EDE_CBC_SHA

M2MB_TLS_PSK_WITH_AES_128_CBC_SHA 

Cipher TLS_PSK_WITH_AES_128_CBC_SHA

M2MB_TLS_PSK_WITH_AES_256_CBC_SHA 

Cipher TLS_PSK_WITH_AES_256_CBC_SHA

M2MB_TLS_PSK_WITH_AES_128_GCM_SHA256 

Cipher TLS_PSK_WITH_AES_128_GCM_SHA256

M2MB_TLS_PSK_WITH_AES_256_GCM_SHA384 

Cipher TLS_PSK_WITH_AES_256_GCM_SHA384

M2MB_TLS_PSK_WITH_AES_128_CBC_SHA256 

Cipher TLS_PSK_WITH_AES_128_CBC_SHA256

M2MB_TLS_PSK_WITH_AES_256_CBC_SHA384 

Cipher TLS_PSK_WITH_AES_256_CBC_SHA384

M2MB_TLS_RSA_WITH_AES_128_CBC_SHA 

Cipher TLS_RSA_WITH_AES_128_CBC_SHA

M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 

Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA

M2MB_TLS_RSA_WITH_AES_256_CBC_SHA 

Cipher TLS_RSA_WITH_AES_256_CBC_SHA

M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 

Cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA

M2MB_TLS_RSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_RSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_RSA_WITH_AES_256_CBC_SHA256 

Cipher TLS_RSA_WITH_AES_256_CBC_SHA256

M2MB_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 

Cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

M2MB_TLS_RSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_RSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_RSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_RSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 

Cipher TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 

Cipher TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 

Cipher TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 

Cipher TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 

Cipher TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 

Cipher TLS_ECDH_RSA_WITH_AES_256_CBC_SHA

M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 

Cipher TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 

Cipher TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 

Cipher TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

M2MB_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 

Cipher TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384

M2MB_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 

Cipher TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

M2MB_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 

Cipher TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256

M2MB_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 

Cipher TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384

M2MB_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 

Cipher TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256

M2MB_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 

Cipher TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384

M2MB_TLS_RSA_WITH_AES_128_CCM 

Cipher TLS_RSA_WITH_AES_128_CCM

M2MB_TLS_RSA_WITH_AES_256_CCM 

Cipher TLS_RSA_WITH_AES_256_CCM

M2MB_TLS_DHE_RSA_WITH_AES_128_CCM 

Cipher TLS_DHE_RSA_WITH_AES_128_CCM

M2MB_TLS_DHE_RSA_WITH_AES_256_CCM 

Cipher TLS_DHE_RSA_WITH_AES_256_CCM

M2MB_TLS_RSA_WITH_AES_128_CCM_8 

Cipher TLS_RSA_WITH_AES_128_CCM_8

M2MB_TLS_RSA_WITH_AES_256_CCM_8 

Cipher TLS_RSA_WITH_AES_256_CCM_8

M2MB_TLS_DHE_RSA_WITH_AES_128_CCM_8 

Cipher TLS_DHE_RSA_WITH_AES_128_CCM_8

M2MB_TLS_DHE_RSA_WITH_AES_256_CCM_8 

Cipher TLS_DHE_RSA_WITH_AES_256_CCM_8

M2MB_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 

Cipher TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

M2MB_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 

Cipher TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

M2MB_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 

Cipher TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

Definition at line 120 of file m2mb_ssl.h.

◆ M2MB_SSL_PEMCERT_TYPE_E

enum M2MB_SSL_PEMCERT_TYPE_E

SSL certificate type enum.

Enumerator
M2MB_SSL_PEM_CERT 

client certificate in case of client authentication

M2MB_SSL_PEM_PKCS1_PRIVKEY 

client private key in case of client authentication

M2MB_SSL_PEM_PKCS8_PRIVKEY 
M2MB_SSL_PEM_PKCS8_ENC_PRIVKEY 
M2MB_SSL_PEM_EC_PRIVKEY 

PSK table in case of DTLS

Definition at line 191 of file m2mb_ssl.h.

◆ M2MB_SSL_PROTOCOL_VERSION_E

enum M2MB_SSL_PROTOCOL_VERSION_E

TLS protocol version enum.

Enumerator
M2MB_SSL_PROTOCOL_TLS_1_0 

SSL protocol TLS 1.0

M2MB_SSL_PROTOCOL_TLS_1_1 

SSL protocol TLS 1.1

M2MB_SSL_PROTOCOL_TLS_1_2 

SSL protocol TLS 1.2

M2MB_SSL_PROTOCOL_DTLS_1_0 

SSL protocol TLS 1.0

M2MB_SSL_PROTOCOL_DTLS_1_2 

SSL protocol DTLS 1.2

Definition at line 110 of file m2mb_ssl.h.

◆ M2MB_SSL_SSL_ROLE_E

enum M2MB_SSL_SSL_ROLE_E

SSL object role.

Enumerator
M2MB_SSL_SSL_ROLE_SERVER_E 

Server role.

M2MB_SSL_SSL_ROLE_CLIENT_E 

Client role.

Definition at line 277 of file m2mb_ssl.h.

◆ M2MB_SSL_UPPROTO_TYPE

enum M2MB_SSL_UPPROTO_TYPE
Enumerator
M2MB_SSL_CLIENT 
M2MB_SSL_HTTPC 

root CA certificate to authenticate the server

M2MB_SSL_HTTPD 
M2MB_SSL_MQTT 

client certificate in case of client authentication

M2MB_SSL_WEBSOCKET 

client private key in case of client authentication

Definition at line 209 of file m2mb_ssl.h.

◆ SSL_CFG_PARAM

enum SSL_CFG_PARAM
Enumerator
M2MB_SSL_CONF_INVALID 
M2MB_SSL_CONF_PROTOCOL 
M2MB_SSL_CONF_CACERT 
M2MB_SSL_CONF_CERT 
M2MB_SSL_CONF_CIPHER 
M2MB_SSL_CONF_TIME 
M2MB_SSL_CONF_ALERT 
M2MB_SSL_CONF_DOMAIN 
M2MB_SSL_CONF_MAX_FRAG_LEN 
M2MB_SSL_CONF_NEG_DISABLE 
M2MB_SSL_CONF_SNI 
M2MB_SSL_CONF_ALPN 

Definition at line 85 of file m2mb_ssl.h.

Function Documentation

◆ m2mb_ssl_accept()

INT32 m2mb_ssl_accept ( M2MB_SSL_CTXT_HANDLE  sslSvrContextHndl,
M2MB_SOCKET_BSD_SOCKET  socket_fd,
M2MB_SSL_CTXT_HANDLE sslClientCtxHndl 
)

Accepts an incoming SSL connection from the client.

It creates a client context, sets configuration passed to the incoming client context, links a secure socket connection id to socket fd and accepts the incoming client connection. This should be called only by a server SSL object. This will respond to the incoming client hello message and complete the SSL handshake.

Parameters
[in]sslSvrContextHndlspecifies the SSL context of the server previously created through m2mb_ssl_init
[in]socket_fdspecifies the socket fd for the incoming client
[out]sslClientCtxHndlclient context handle
Returns
On success, M2MB_SSL_FAILURE otherwise
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl;
M2M_S2W_SSL_INST_T *pSsl_ClientInst = NULL;
M2MB_SOCKET_BSD_SOCKET sd;
//role: M2MB_SSL_SSL_ROLE_E
sslContextHndl = m2mb_ssl_init(role);
pSsl_ClientInst = MALLOC(sizeof(M2M_S2W_SSL_INST_T));
memset(pSsl_ClientInst, 0, sizeof(M2M_S2W_SSL_INST_T));
...
//socket descriptor :sd
// socket creation : family belongs to Socket Address Families defined in m2mb_socket.h
sd = m2mb_socket_bsd_socket( (INT32 )family, M2MB_SOCKET_BSD_SOCK_STREAM , 0);
...
pSsl_ClientInst->role = M2MB_SSL_SSL_ROLE_CLIENT_E;
status = m2mb_ssl_accept( sslContextHndl, client_sd, &pSsl_ClientInst->sslCtxHndl);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_cert_delete()

INT32 m2mb_ssl_cert_delete ( M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR name 
)

Delete certificates.

Delete CA list or client certificate and key or PSK table depending on first parameter(SSL cert type)

Parameters
[in]sslCertTypeSpecifies the type of certificate to be deleted
[in]nameSpecifies name of the SSL certificate to be deleted
Returns
0 on success
Note
<Notes>

Example

int main()
{
// If M2MB_SSL_CACERT
status = m2mb_ssl_cert_delete( M2MB_SSL_CACERT, caCertName );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
// If M2MB_SSL_CERT
status = m2mb_ssl_cert_delete( M2MB_SSL_CERT, certName );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_cert_get()

INT32 m2mb_ssl_cert_get ( M2MB_SSL_CERT_TYPE_E  sslCertType,
M2MB_SSL_CERT_LIST_T sslCertList 
)

It gets the list of the certificates stored.

This command is used to get the list of the certificates.

Parameters
[in]sslCertType
[in]sslCertList
Returns
0 if success, M2MB_SSL_FAILURE if error.
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CERT_LIST_T sslCertList;
//If M2MB_SSL_CERT_TYPE_E is M2MB_SSL_CERT
status = m2mb_ssl_cert_get(M2MB_SSL_CERT, &sslCertList);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}

◆ m2mb_ssl_cert_load()

INT32 m2mb_ssl_cert_load ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR name 
)

Load certificates in the SSL context.

Load in the SSL context CA list or client cert and key or PSK table previously stored with m2mb_ssl_cert_store

Parameters
[in]sslCtxtHndlSpecifies the SSL context handle of the SSL connection
[in]sslCertTypeSpecifies the SSL certificate type
[in]nameSpecifies name of the SSL certificate
Returns
0 on success
Note
<Notes>

Example

INT32 m2mb_ssl_set_config( M2MB_SSL_CTXT_HANDLE sslContextHndl, INT32 CONF_ID, INT8* CONF_VAL )
{
M2MB_OS_RESULT status;
M2MB_SSL_CERT_TYPE_E certType;
...
//If CONF_ID is M2MB_SSL_CONF_CACERT
status = m2mb_ssl_cert_load(sslContextHndl, M2MB_SSL_CACERT, CONF_VAL);
//If CONF_ID is M2MB_SSL_CONF_CERT
status = m2mb_ssl_cert_load(sslContextHndl, M2MB_SSL_CERT, CONF_VAL);
...
return status;
}
int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CERT_TYPE_E confId;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
M2MB_SSL_CTXT_HANDLE sslContextHndl = m2mb_ssl_init(role);
...
// configure the certificate
status = m2mb_ssl_set_config(sslContextHndl, confId, certificate );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_cert_search()

INT32 m2mb_ssl_cert_search ( M2MB_SSL_CERT_TYPE_E  sslCertType,
CHAR certName 
)

Search for the given certificate in the system.

This command is used to find the certificate from the list of the certificates stored in the system.

Parameters
[in]sslCertType
[in]certName
Returns
0 if success, M2MB_SSL_FAILURE if error.
Note
<Notes>

Example

int main()
{
//If M2MB_SSL_CERT_TYPE_E is M2MB_SSL_CACERT
status = m2mb_ssl_cert_search(M2MB_SSL_CACERT , "certName");
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_cert_store()

INT32 m2mb_ssl_cert_store ( M2MB_SSL_CERT_TYPE_E  sslCertType,
M2MB_SSL_SEC_INFO_U  sslSecInfo,
CHAR name,
M2MB_SSL_CERT_FMT_E  format 
)

Store certificates from buffer.

Store CA list or client certificate and key or PSK table depending on the first parameter(SSL cert type)

Parameters
[in]sslCertTypeSpecifies the SSL certificate type
[in]sslSecInfoSpecifies the SSL certificate(CA list or client certificate and key or PSK table depending on first parameter)
[in]nameSpecifies name of the SSL certificate
[in]formatSpecifies the ssl certificate format
Returns
0 on success
Note
<Notes>

Example

int main()
{
M2MB_SSL_CTXT_HANDLE sslContextHndl,
M2MB_SSL_SEC_INFO_U m2mbsslsecinfo;
//role: M2MB_SSL_SSL_ROLE_E
sslContextHndl = m2mb_ssl_init(role);
memset(&m2mbsslsecinfo, 0, sizeof(m2mbsslsecinfo));
// If M2MB_SSL_CACERT
M2MB_SSL_CA_INFO_T m2mb_ca_info;
m2mbsslsecinfo.ca_List.ca_Cnt = 1;
m2mb_ca_info.ca_Buf = (uint8_t*)tls_io_instance->certificate;
m2mb_ca_info.ca_Size = strlen(tls_io_instance->certificate);
m2mbsslsecinfo.ca_List.ca_Info[0] = &m2mb_ca_info;
status = m2mb_ssl_cert_store( M2MB_SSL_CACERT, m2mbsslsecinfo, "ca_certName" , 0);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
// If M2MB_SSL_CERT
M2MB_SSL_CERT_T m2mb_cert_info;
// required cert_data, cert_size, key_data, key_size
m2mb_cert_info.cert.cert_Buf = malloc(cert_size);
m2mb_cert_info.cert.key_Buf = malloc(key_size);
memcpy(m2mb_cert_info.cert_Buf, cert_data, cert_size);
m2mb_cert_info.cert_Size = cert_size;
memcpy(m2mb_cert_infokey_Buf , key_data, key_size);
m2mb_cert_info.key_Size = key_size;
m2mbsslsecinfo.cert = m2mb_cert_info;
status = m2mb_ssl_cert_store( M2MB_SSL_CERT, m2mbsslsecinfo, "certName", 0);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_close()

void m2mb_ssl_close ( M2MB_SSL_CTXT_HANDLE  sslContextHndl)

deletes an m2mb SSL context created during m2mb_ssl_init()

Parameters
[in]sslContextHndl
Returns
On success, result 0 is returned. returns result < 0 in case of error
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
M2MB_SSL_CTXT_HANDLE sslContextHndl;
sslContextHndl = m2mb_ssl_init(role);
...
...
status = m2mb_ssl_close(sslContextHndl);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_connect()

INT32 m2mb_ssl_connect ( M2MB_SSL_CTXT_HANDLE  sslContextHndl,
M2MB_SOCKET_BSD_SOCKET  socket_fd 
)

Performs SSL Client connection.

Performs SSL client connection

Parameters
[in]sslContextHndlSpecifies the sslContextHndl previously returned by m2mb_ssl_init
[in]socket_fdSpecifies the socket ID to make the connection.
Returns
0 on success returns result < 0 in case of error
Note
Socket must be created and socket connect must be successful prior to this call.

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl;
M2MB_SOCKET_BSD_SOCKET sd;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
sslContextHndl = m2mb_ssl_init(role);
...
// configure the certificate
status = m2mb_ssl_set_config(sslContextHndl, M2MB_SSL_CONF_CERT, certificate );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
...
//socket descriptor :sd
// socket creation : family belongs to Socket Address Families defined in m2mb_socket.h
sd = m2mb_socket_bsd_socket( (INT32 )family, M2MB_SOCKET_BSD_SOCK_STREAM , 0);
...
// connect to server
status = m2mb_socket_bsd_connect( sd, (struct M2MB_SOCKET_BSD_SOCKADDR *)&serv_addr, sizeof(serv_addr))
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
status = m2mb_ssl_connect(sslContextHndl, sd);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
}

◆ m2mb_ssl_get_certloadStatus()

UINT8 m2mb_ssl_get_certloadStatus ( M2MB_SSL_CTXT_HANDLE  sslCtxtHndl,
M2MB_SSL_CERT_TYPE_E  sslCertType 
)

Check if the certificate is loaded in the SSL context.

Check if the certificate is loaded in SSL context

Parameters
[in]sslCtxtHndlSpecifies the SSL context handle of the context to be loaded
[in]sslCertTypeSpecifies the SSL certificate type
Returns
0 on success
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
sslContextHndl = m2mb_ssl_init(role);
...
// If M2MB_SSL_CACERT
status = m2mb_ssl_get_certloadStatus( sslContextHndl, M2MB_SSL_CACERT );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
// If M2MB_SSL_CERT
status = m2mb_ssl_get_certloadStatus( sslContextHndl, M2MB_SSL_CERT );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_get_internal_ssl_obj()

UINT32 m2mb_ssl_get_internal_ssl_obj ( M2MB_SSL_CTXT_HANDLE  sslContextHndl)

It get the list of certificates stored.

This command is used to get the list of certificates.

Parameters
[in]sslContextHndlSpecifies the SSL context handle previously created through m2mb_ssl_init
Returns
0 if success, M2MB_SSL_FAILURE if error.
Note
<Notes>

Example

int main()
{
//role: M2MB_SSL_SSL_ROLE_E
M2MB_SSL_CTXT_HANDLE sslContextHndl = m2mb_ssl_init(role);
...
int ssl_obj = m2mb_ssl_get_internal_ssl_obj(sslContextHndl);
...
}

◆ m2mb_ssl_init()

M2MB_SSL_CTXT_HANDLE m2mb_ssl_init ( M2MB_SSL_SSL_ROLE_E  role)

Initialize SSL TLS context.

Creates SSL TLS context that which will be used in all the future calls to m2mb SSL module

Parameters
[in]roleRole of the SSL handle i.e. server or client
Returns
On success, handle of type M2MB_SSL_CTXT_HANDLE is returned
Note
<Notes>

Example

int main()
{
//role: M2MB_SSL_SSL_ROLE_E
M2MB_SSL_CTXT_HANDLE sslContextHndl;
sslContextHndl = m2mb_ssl_init(role);
}

◆ m2mb_ssl_read()

INT32 m2mb_ssl_read ( M2MB_SSL_CTXT_HANDLE  sslContextHndl,
void *  buf,
UINT32  len 
)

Read len bytes from SSL connection into buf.

Parameters
[in]sslContextHndlSpecifies the sslContextHndl previously created during m2mb_ssl_init
[out]bufSpecifies the read buffer
[in]lenSpecifies the input len
Returns
On success, number of bytes read
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl;
M2MB_SOCKET_BSD_SOCKET sd;
UINT8* buf;
UINT32 numBytes;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
sslContextHndl = m2mb_ssl_init(role);
...
// configure the certificate
status = m2mb_ssl_set_config(sslContextHndl, M2MB_SSL_CONF_CERT, certificate );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
...
//socket descriptor :sd
// socket creation : family belongs to Socket Address Families defined in m2mb_socket.h
sd = m2mb_socket_bsd_socket( (INT32 )family, M2MB_SOCKET_BSD_SOCK_STREAM , 0);
...
// connect to server
status = m2mb_socket_bsd_connect( sd, (struct M2MB_SOCKET_BSD_SOCKADDR *)&serv_addr, sizeof(serv_addr));
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
status = m2mb_ssl_connect(sslContextHndl, sd);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
//numBytes to be read
status = m2mb_ssl_read(sslContextHndl, (void *)buf, numBytes );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
}

◆ m2mb_ssl_secure_protocol()

INT32 m2mb_ssl_secure_protocol ( M2MB_SSL_CTXT_HANDLE  sslContextHndl,
M2MB_SSL_UPPROTO_TYPE_E  protoType,
VOID protoCtxHndl 
)

Configures the SSL security on the given protocol connection.

Configures SSL configuration in the given protocol context.

Parameters
[in]sslContextHndlSpecifies the SSL context previously created through m2mb_ssl_init
[in]protoTypeSpecifies the protocol type M2MB_SSL_CLIENT M2MB_SSL_HTTPC
M2MB_SSL_HTTPC,
M2MB_SSL_HTTPD, M2MB_SSL_MQTT, M2MB_SSL_WEBSOCKET,
[in]protoCtxHndlSpecify the protocol context handle
Returns
On success, return 0 returns result < 0 in case of error
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
M2MB_SSL_CTXT_HANDLE sslContextHndl;
sslContextHndl = m2mb_ssl_init(role);
...
status = m2mb_ssl_secure_protocol(sslContextHndl, M2MB_SSL_CLIENT, NULL);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
}

◆ m2mb_ssl_set_config()

INT32 m2mb_ssl_set_config ( M2MB_SSL_CTXT_HANDLE  sslContextHndl,
SSL_CFG_PARAM_E  CONF_ID,
INT8 CONF_VAL 
)

Set SSL configuration on the previously created SSL context.

Set an SSL TLS configuration with specified configuration parameters and sets the config on the provided SSL context handle.

Parameters
[in]sslContextHndlSpecify the SSL context pointer created previously during m2mb_ssl_init();
[in]CONF_IDSpecify the confd id as defined below:

0 : Invalid config param 1 : To Set SSL Protocol Vertion 2 : To Set SSL CA Certificate 3 : To Set SSL Certificate 4 : To Set Cipher Information 5 : To Enable/Disable Time Validation 6 : To Enable/Disable SSL Alert 7 : To Set The Domain 8 : To Set the Max Fragment Length 9 : To Set Negotiation 10 : To Set the SNI 11 : To Set the ALPN Extension

Parameters
[in]CONF_VAL
    Specifies string value specific to the configuration provided in CONF_ID.
CONF_ID : CONF_VAL
0 : Invalid 1 : Values for CONF_VAL:
0 : TLS Version 1.0
1 : TLS Version 1_1
2 : TLS Version 1_2
3 : DTLS Version 1.0
4 : DTLS Version 1_2
2 : SSL CA Certificate Name 3 : SSL certificate Name 4 : Cipher Information 5 : Time Validation 0 : Disable Time validation 1 : Enable Time validation 6 : Enable/Disable SSL Alert 0 : Disable SSL Alert Indication 1 : Enable SSL Alert 7 : Domain name in String format 8 : Set the Max Fragment Length 9 : Set Negotiation 10 : To Set the SNI 11 : To Set the ALPN Extension
Returns
On success, result 0 is returned. returns result < 0 in case of error
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CERT_TYPE_E confId;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
M2MB_SSL_CTXT_HANDLE sslContextHndl;
sslContextHndl = m2mb_ssl_init(role);
...
// configure the certificate
status = m2mb_ssl_set_config(sslContextHndl, confId, certificate );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_status()

INT32 m2mb_ssl_status ( M2MB_SSL_CTXT_HANDLE  sslContextHndl)

Returns the status of an SSL connection.

Returns the status of an SSL connection.

Parameters
[in]sslContextHndlSpecifies the SSL context handle previously created through m2mb_ssl_init
Returns
0 if connection is valid. M2MB_SSL_ARG_FAIL if the handle passed is not a valid handle M2MB_SSL_FAILURE if the connection is not valid
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl,
//role: M2MB_SSL_SSL_ROLE_E
sslContextHndl = m2mb_ssl_init(role);
status = m2mb_ssl_status(sslContextHndl);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
}

◆ m2mb_ssl_write()

INT32 m2mb_ssl_write ( M2MB_SSL_CTXT_HANDLE  sslContextHndl,
void *  buf,
UINT32  len 
)

Writes data to the SSL connection.

Parameters
[in]sslContextHndlSpecifies the sslContextHndl
[in]bufSpecifies the input buffer
[in]lenSpecifies the input len
Returns
On success, number of bytes written
Note
<Notes>

Example

int main()
{
M2MB_OS_RESULT status;
M2MB_SSL_CTXT_HANDLE sslContextHndl;
M2MB_SOCKET_BSD_SOCKET sd;
UINT8 *buf;
...
//role: M2MB_SSL_SSL_ROLE_E (Server or Client)
sslContextHndl = m2mb_ssl_init(role);
...
// configure the certificate
status = m2mb_ssl_set_config(sslContextHndl, M2MB_SSL_CONF_CERT, certificate );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
...
//socket descriptor :sd
// socket creation : family belongs to Socket Address Families defined in m2mb_socket.h
sd = m2mb_socket_bsd_socket( (INT32 )family, M2MB_SOCKET_BSD_SOCK_STREAM , 0);
...
// connet to server
status = m2mb_socket_bsd_connect( sd, (struct M2MB_SOCKET_BSD_SOCKADDR *)&serv_addr, sizeof(serv_addr));
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
status = m2mb_ssl_connect(sslContextHndl, sd);
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
status = m2mb_ssl_write( sslContextHndl, buf, sizeof(buf) );
if (status != M2MB_OK)
{
return M2MB_ERROR;
}
...
}