Mistake on this page?
Report an issue in GitHub or email us

DTLSSocket

DTLSSocket class hierarchy

DTLSSocket and DTLSSocketWrapper implement DTLS stream over the existing Socket transport. You can find design and implementation details in the Secure Socket page.

To use secure DTLS connections, application use the DTLSSocketWrapper through the Socket API, so existing applications and libraries are compatible.

DTLSSocketWrapper inherits TLSSocketWrapper and uses the same API. The only difference is that it uses timers to keep track of DTLS timeouts. Please see TLSSocket for an example.

DTLSSocket class reference

Public Types
Public Member Functions
 DTLSSocket ()
 Create an uninitialized DTLS socket. More...
 ~DTLSSocket () override
 Destroy the DTLSSocket and closes the transport. More...
template<typename S >
 DTLSSocket (S *stack, const char *hostname=NULL)
 Create a socket on a network interface. More...
nsapi_error_t open (NetworkStack *stack)
 Opens a socket. More...
void set_hostname (const char *hostname)
 Set hostname. More...
nsapi_error_t set_root_ca_cert (const void *root_ca, size_t len)
 Sets the certification of Root CA. More...
nsapi_error_t set_root_ca_cert (const char *root_ca_pem)
 Sets the certification of Root CA. More...
nsapi_error_t set_client_cert_key (const void *client_cert, size_t client_cert_len, const void *client_private_key_pem, size_t client_private_key_len)
 Sets client certificate, and client private key. More...
nsapi_error_t set_client_cert_key (const char *client_cert_pem, const char *client_private_key_pem)
 Sets client certificate, and client private key. More...
nsapi_error_t send (const void *data, nsapi_size_t size) override
 Send data over a TLS socket. More...
nsapi_size_or_error_t recv (void *data, nsapi_size_t size) override
 Receive data over a TLS socket. More...
nsapi_error_t close () override
 Closes the socket. More...
nsapi_error_t connect (const SocketAddress &address=SocketAddress()) override
 Connect the transport socket and start handshake. More...
nsapi_size_or_error_t sendto (const SocketAddress &address, const void *data, nsapi_size_t size) override
 Send a message on a socket. More...
nsapi_size_or_error_t recvfrom (SocketAddress *address, void *data, nsapi_size_t size) override
 Receive a data from a socket. More...
nsapi_error_t bind (const SocketAddress &address) override
 Bind a specific address to a socket. More...
void set_blocking (bool blocking) override
 Set blocking or non-blocking mode of the socket. More...
void set_timeout (int timeout) override
 Set timeout on blocking socket operations. More...
void sigio (mbed::Callback< void()> func) override
 Register a callback on state change of the socket. More...
nsapi_error_t setsockopt (int level, int optname, const void *optval, unsigned optlen) override
 Set socket options. More...
nsapi_error_t getsockopt (int level, int optname, void *optval, unsigned *optlen) override
 Get socket options. More...
Socketaccept (nsapi_error_t *error=NULL) override
 Accepts a connection on a socket. More...
nsapi_error_t listen (int backlog=1) override
 Listen for incoming connections. More...
nsapi_error_t getpeername (SocketAddress *address) override
 Get the remote-end peer associated with this socket. More...
mbedtls_x509_crt * get_own_cert ()
 Get own certificate directly from Mbed TLS. More...
int set_own_cert (mbedtls_x509_crt *crt)
 Set own certificate directly to Mbed TLS. More...
mbedtls_x509_crt * get_ca_chain ()
 Get CA chain structure. More...
void set_ca_chain (mbedtls_x509_crt *crt)
 Set CA chain directly to Mbed TLS. More...
mbedtls_ssl_config * get_ssl_config ()
 Get internal Mbed TLS configuration structure. More...
void set_ssl_config (mbedtls_ssl_config *conf)
 Override Mbed TLS configuration. More...
mbedtls_ssl_context * get_ssl_context ()
 Get internal Mbed TLS context structure. More...

DTLSSocket example

Please see the TLSSocket example:

#include "mbed.h"
#include "mbed_trace.h"

#ifndef DEVICE_TRNG
#error "mbed-os-example-tls-socket requires a device which supports TRNG"
#else

const char cert[] = \
    "-----BEGIN CERTIFICATE-----\n"
    "MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ\n"
    "RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD\n"
    "VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX\n"
    "DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y\n"
    "ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy\n"
    "VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr\n"
    "mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr\n"
    "IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK\n"
    "mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu\n"
    "XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy\n"
    "dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye\n"
    "jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1\n"
    "BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3\n"
    "DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92\n"
    "9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx\n"
    "jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0\n"
    "Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz\n"
    "ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS\n"
    "R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp\n"
    "-----END CERTIFICATE-----";


int main(void)
{
    char *buffer = new char[256];
    nsapi_size_or_error_t result;
    nsapi_size_t size;
    const char query[] = "GET / HTTP/1.1\r\nHost: ifconfig.io\r\nConnection: close\r\n\r\n";

    mbed_trace_init();

    printf("TLSSocket Example.\n");
    printf("Mbed OS version: %d.%d.%d\n\n", MBED_MAJOR_VERSION, MBED_MINOR_VERSION, MBED_PATCH_VERSION);

    NetworkInterface *net = NetworkInterface::get_default_instance();

    if (!net) {
        printf("Error! No network inteface found.\n");
        return 0;
    }

    printf("Connecting to network\n");
    result = net->connect();
    if (result != NSAPI_ERROR_OK) {
        printf("Error! net->connect() returned: %d\n", result);
        return result;
    }

    printf("Connecting to ifconfig.io\n");
    SocketAddress addr;
    result = net->gethostbyname("ifconfig.io", &addr);
    if (result != NSAPI_ERROR_OK) {
	printf("Error! DNS resolution for ifconfig.io failed with %d\n", result);
    }
    addr.set_port(443);

    TLSSocket *socket = new TLSSocket;
    result = socket->open(net);
    if (result != NSAPI_ERROR_OK) {
        printf("Error! socket->open() returned: %d\n", result);
        return result;
    }

    socket->set_hostname("ifconfig.io");

    result = socket->set_root_ca_cert(cert);
    if (result != NSAPI_ERROR_OK) {
        printf("Error: socket->set_root_ca_cert() returned %d\n", result);
        return result;
    }

    result = socket->connect(addr);
    if (result != NSAPI_ERROR_OK) {
        printf("Error! socket->connect() returned: %d\n", result);
        goto DISCONNECT;
    }

    // Send a simple http request
    size = strlen(query);
    result = socket->send(query, size);
    if (result != size) {
        printf("Error! socket->send() returned: %d\n", result);
        goto DISCONNECT;
    }

    // Receieve an HTTP response and print out the response line
    while ((result = socket->recv(buffer, 255)) > 0) {
        buffer[result] = 0;
        printf("%s", buffer);
    }
    printf("\n");

    if (result < 0) {
        printf("Error! socket->recv() returned: %d\n", result);
        goto DISCONNECT;
    }


DISCONNECT:
    delete[] buffer;
    // Close the socket to return its memory
    socket->close();
    delete socket;

    // Bring down the network interface
    net->disconnect();
    printf("Done\n");
}
#endif

Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.