22 #ifndef _MBED_HTTPS_TLS_SOCKET_WRAPPER_H_ 23 #define _MBED_HTTPS_TLS_SOCKET_WRAPPER_H_ 26 #include "rtos/EventFlags.h" 27 #include "platform/Callback.h" 28 #include "mbedtls/platform.h" 29 #include "mbedtls/ssl.h" 30 #include "mbedtls/entropy.h" 31 #include "mbedtls/ctr_drbg.h" 32 #include "mbedtls/hmac_drbg.h" 33 #include "mbedtls/error.h" 36 #if defined(MBEDTLS_SSL_CLI_C) || defined(DOXYGEN_ONLY) 38 #if defined(MBEDTLS_CTR_DRBG_C) 39 #define DRBG_CTX mbedtls_ctr_drbg_context 40 #define DRBG_INIT mbedtls_ctr_drbg_init 41 #define DRBG_RANDOM mbedtls_ctr_drbg_random 42 #define DRBG_FREE mbedtls_ctr_drbg_free 43 #elif defined(MBEDTLS_HMAC_DRBG_C) 44 #define DRBG_CTX mbedtls_hmac_drbg_context 45 #define DRBG_INIT mbedtls_hmac_drbg_init 46 #define DRBG_RANDOM mbedtls_hmac_drbg_random 47 #define DRBG_FREE mbedtls_hmac_drbg_free 49 #error "CTR or HMAC must be defined for TLSSocketWrapper!" 129 const void *client_private_key_pem,
size_t client_private_key_len);
198 #if defined(MBEDTLS_X509_CRT_PARSE_C) || defined(DOXYGEN_ONLY) 266 bool is_handshake_started()
const;
279 static void print_mbedtls_error(
const char *name,
int err);
281 #if MBED_CONF_TLS_SOCKET_DEBUG_LEVEL > 0 286 static void my_debug(
void *ctx,
int level,
const char *file,
int line,
293 static int my_verify(
void *data, mbedtls_x509_crt *crt,
int depth, uint32_t *flags);
300 static int ssl_recv(
void *ctx,
unsigned char *buf,
size_t len);
305 static int ssl_send(
void *ctx,
const unsigned char *buf,
size_t len);
307 mbedtls_ssl_context _ssl;
308 #ifdef MBEDTLS_X509_CRT_PARSE_C 309 mbedtls_pk_context _pkctx;
314 mbedtls_entropy_context _entropy;
321 #ifdef MBEDTLS_X509_CRT_PARSE_C 322 mbedtls_x509_crt *_cacert =
nullptr;
323 mbedtls_x509_crt *_clicert =
nullptr;
325 mbedtls_ssl_config *_ssl_conf =
nullptr;
327 bool _connect_transport: 1;
328 bool _close_transport: 1;
329 bool _tls_initialized: 1;
330 bool _handshake_completed: 1;
331 bool _cacert_allocated: 1;
332 bool _clicert_allocated: 1;
333 bool _ssl_conf_allocated: 1;
338 #endif // _MBED_HTTPS_TLS_SOCKET_WRAPPER_H_ nsapi_size_or_error_t recvfrom(SocketAddress *address, void *data, nsapi_size_t size) override
Receive a data from a socket.
nsapi_error_t listen(int backlog=1) override
Listen for incoming connections.
nsapi_error_t getsockopt(int level, int optname, void *optval, unsigned *optlen) override
Get socket options.
The EventFlags class is used to control event flags or wait for event flags other threads control...
Socket * accept(nsapi_error_t *error=NULL) override
Accepts a connection on a socket.
TLSSocket is a wrapper around Socket for interacting with TLS servers.
nsapi_error_t close() override
Closes the socket.
signed int nsapi_error_t
Type used to represent error codes.
mbedtls_ssl_config * get_ssl_config()
Get internal Mbed TLS configuration structure.
nsapi_error_t bind(const SocketAddress &address) override
Bind a specific address to a socket.
signed int nsapi_size_or_error_t
Type used to represent either a size or error passed through sockets.
nsapi_size_or_error_t sendto(const SocketAddress &address, const void *data, nsapi_size_t size) override
Send a message on a socket.
Abstract Socket interface.
Does call only connect() on transport socket.
Does call close() on transport socket.
mbedtls_x509_crt * get_ca_chain()
Get CA chain structure.
int set_own_cert(mbedtls_x509_crt *crt)
Set own certificate directly to Mbed TLS.
nsapi_error_t getpeername(SocketAddress *address) override
Get the remote-end peer associated with this socket.
nsapi_error_t set_root_ca_cert(const void *root_ca, size_t len)
Sets the certification of Root CA.
void set_timeout(int timeout) override
Set timeout on blocking socket operations.
nsapi_error_t set_client_cert_key(const void *client_cert, size_t client_cert_len, const void *client_private_key_pem, size_t client_private_key_len)
Sets client certificate, and client private key.
void set_ca_chain(mbedtls_x509_crt *crt)
Set CA chain directly to Mbed TLS.
void set_hostname(const char *hostname)
Set hostname.
nsapi_size_or_error_t recv(void *data, nsapi_size_t size) override
Receive data over a TLS socket.
nsapi_error_t setsockopt(int level, int optname, const void *optval, unsigned optlen) override
Set socket options.
mbedtls_x509_crt * get_own_cert()
Get own certificate directly from Mbed TLS.
~TLSSocketWrapper() override
Destroy a socket wrapper.
Doesn't call connect() or close() on transport socket.
void set_ssl_config(mbedtls_ssl_config *conf)
Override Mbed TLS configuration.
Does call connect() and close() on transport socket.
unsigned int nsapi_size_t
Type used to represent the size of data passed through sockets.
control_transport
Transport modes.
void sigio(mbed::Callback< void()> func) override
Register a callback on state change of the socket.
nsapi_error_t connect(const SocketAddress &address=SocketAddress()) override
Connect the transport socket and start handshake.
TLSSocketWrapper(Socket *transport, const char *hostname=NULL, control_transport control=TRANSPORT_CONNECT_AND_CLOSE)
Create a TLSSocketWrapper.
Callback class based on template specialization.
nsapi_error_t send(const void *data, nsapi_size_t size) override
Send data over a TLS socket.
mbedtls_ssl_context * get_ssl_context()
Get internal Mbed TLS context structure.
void set_blocking(bool blocking) override
Set blocking or non-blocking mode of the socket.