Toyomasa Watarai
/
simple-mbed-cloud-client
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
pal_TLS.c
00001 /******************************************************************************* 00002 * Copyright 2016, 2017 ARM Ltd. 00003 * 00004 * Licensed under the Apache License, Version 2.0 (the "License"); 00005 * you may not use this file except in compliance with the License. 00006 * You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 *******************************************************************************/ 00016 00017 00018 #include "pal.h" 00019 #include "pal_plat_TLS.h" 00020 #include "sotp.h" 00021 00022 PAL_PRIVATE uint8_t g_storedCertSerial[PAL_CERT_ID_SIZE] __attribute__ ((aligned(4))) = {0}; 00023 PAL_PRIVATE bool g_trustedServerValid = false; 00024 PAL_PRIVATE palMutexID_t g_palTLSHandshakeMutex = NULLPTR; 00025 00026 typedef struct palTLSService 00027 { 00028 bool retryHandShake; 00029 uint64_t serverTime; 00030 palTLSHandle_t platTlsHandle; 00031 }palTLSService_t; 00032 00033 typedef struct palTLSConfService 00034 { 00035 bool trustedTimeServer; 00036 palTLSConfHandle_t platTlsConfHandle; 00037 }palTLSConfService_t; 00038 00039 palStatus_t pal_initTLSLibrary(void) 00040 { 00041 palStatus_t status = PAL_SUCCESS; 00042 status = pal_osMutexCreate(&g_palTLSHandshakeMutex); 00043 if(PAL_SUCCESS != status) 00044 { 00045 PAL_LOG(ERR, "Failed to Create TLS handshake Mutex error: %" PRId32 ".", status); 00046 } 00047 else 00048 { 00049 status = pal_plat_initTLSLibrary (); 00050 } 00051 return status; 00052 } 00053 00054 palStatus_t pal_cleanupTLS(void) 00055 { 00056 palStatus_t status = PAL_SUCCESS; 00057 status = pal_osMutexDelete(&g_palTLSHandshakeMutex); 00058 if(PAL_SUCCESS != status) 00059 { 00060 PAL_LOG(ERR, "Failed to Delete TLS handshake Mutex error: %" PRId32 ".", status); 00061 } 00062 status = pal_plat_cleanupTLS (); 00063 return status; 00064 } 00065 00066 00067 palStatus_t pal_initTLS(palTLSConfHandle_t palTLSConf, palTLSHandle_t* palTLSHandle) 00068 { 00069 palStatus_t status = PAL_SUCCESS; 00070 palStatus_t mutexStatus = PAL_SUCCESS; 00071 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf; 00072 palTLSService_t* palTLSCtx = NULL; 00073 00074 PAL_VALIDATE_ARGUMENTS ((NULLPTR == palTLSConf || NULLPTR == palTLSHandle)); 00075 00076 mutexStatus = pal_osMutexWait(g_palTLSHandshakeMutex, PAL_RTOS_WAIT_FOREVER); 00077 if (PAL_SUCCESS != mutexStatus) 00078 { 00079 PAL_LOG(ERR, "Failed to get TLS context init Mutex error: %" PRId32 ".", mutexStatus); 00080 goto finish; 00081 } 00082 00083 palTLSCtx = (palTLSService_t*)malloc(sizeof(palTLSService_t)); 00084 if (NULL == palTLSCtx) 00085 { 00086 status = PAL_ERR_NO_MEMORY ; 00087 goto finish; 00088 } 00089 status = pal_plat_initTLS (palTLSConfCtx->platTlsConfHandle, &palTLSCtx->platTlsHandle); 00090 if (PAL_SUCCESS == status) 00091 { 00092 *palTLSHandle = (palTLSHandle_t)palTLSCtx; 00093 } 00094 00095 memset(g_storedCertSerial, 0, sizeof(g_storedCertSerial)); 00096 g_trustedServerValid = false; 00097 palTLSCtx->retryHandShake = false; 00098 00099 finish: 00100 if (PAL_SUCCESS == mutexStatus) 00101 { 00102 mutexStatus = pal_osMutexRelease(g_palTLSHandshakeMutex); 00103 if (PAL_SUCCESS != mutexStatus) 00104 { 00105 PAL_LOG(ERR, "Failed to release TLS context init Mutex error: %" PRId32 ".", mutexStatus); 00106 } 00107 } 00108 00109 if (PAL_SUCCESS == status) 00110 { 00111 status = mutexStatus; 00112 } 00113 00114 if (PAL_SUCCESS != status) 00115 { 00116 free(palTLSCtx); 00117 } 00118 return status; 00119 } 00120 00121 00122 palStatus_t pal_freeTLS(palTLSHandle_t* palTLSHandle) 00123 { 00124 palStatus_t status = PAL_SUCCESS; 00125 palStatus_t mutexStatus = PAL_SUCCESS; 00126 00127 palTLSService_t* palTLSCtx = NULL; 00128 00129 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSHandle || NULLPTR == *palTLSHandle); 00130 00131 mutexStatus = pal_osMutexWait(g_palTLSHandshakeMutex, PAL_RTOS_WAIT_FOREVER); 00132 if (PAL_SUCCESS != mutexStatus) 00133 { 00134 PAL_LOG(ERR, "Failed to get TLS context init Mutex error: %" PRId32 ".", mutexStatus); 00135 goto finish; 00136 } 00137 00138 palTLSCtx = (palTLSService_t*)*palTLSHandle; 00139 status = pal_plat_freeTLS (&palTLSCtx->platTlsHandle); 00140 if (PAL_SUCCESS == status) 00141 { 00142 free(palTLSCtx); 00143 *palTLSHandle = NULLPTR; 00144 } 00145 00146 mutexStatus = pal_osMutexRelease(g_palTLSHandshakeMutex); 00147 if (PAL_SUCCESS != mutexStatus) 00148 { 00149 PAL_LOG(ERR, "Failed to release TLS context init Mutex error: %" PRId32 ".", mutexStatus); 00150 } 00151 finish: 00152 if (PAL_SUCCESS == status) 00153 { 00154 status = mutexStatus; 00155 } 00156 return status; 00157 } 00158 00159 00160 palStatus_t pal_initTLSConfiguration(palTLSConfHandle_t* palTLSConf, palTLSTransportMode_t transportationMode) 00161 { 00162 palStatus_t status = PAL_SUCCESS; 00163 palTLSConfService_t* palTLSConfCtx = NULL; 00164 00165 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConf); 00166 00167 00168 palTLSConfCtx = (palTLSConfService_t*)malloc(sizeof(palTLSConfService_t)); 00169 if (NULL == palTLSConfCtx) 00170 { 00171 status = PAL_ERR_NO_MEMORY ; 00172 goto finish; 00173 } 00174 status = pal_plat_initTLSConf (&palTLSConfCtx->platTlsConfHandle, transportationMode, PAL_TLS_IS_CLIENT); 00175 if (PAL_SUCCESS != status) 00176 { 00177 goto finish; 00178 } 00179 00180 status = pal_plat_setAuthenticationMode (palTLSConfCtx->platTlsConfHandle, PAL_TLS_VERIFY_OPTIONAL); 00181 if (PAL_SUCCESS != status) 00182 { 00183 goto finish; 00184 } 00185 //#define PAL_TLS_SUPPORT_ALL_AVAILABLE_SUITES 1 00186 #if (PAL_TLS_CIPHER_SUITE & PAL_TLS_PSK_WITH_AES_128_CBC_SHA256_SUITE) 00187 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_PSK_WITH_AES_128_CBC_SHA256); 00188 #elif (PAL_TLS_CIPHER_SUITE & PAL_TLS_PSK_WITH_AES_128_CCM_8_SUITE) 00189 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_PSK_WITH_AES_128_CCM_8); 00190 #elif (PAL_TLS_CIPHER_SUITE & PAL_TLS_PSK_WITH_AES_256_CCM_8_SUITE) 00191 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_PSK_WITH_AES_256_CCM_8); 00192 #elif (PAL_TLS_CIPHER_SUITE & PAL_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_SUITE) 00193 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8); 00194 #elif (PAL_TLS_CIPHER_SUITE & PAL_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_SUITE) 00195 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8); 00196 #elif (PAL_TLS_CIPHER_SUITE & PAL_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_SUITE) 00197 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8); 00198 #elif PAL_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_SUITE 00199 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); 00200 #elif PAL_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_SUITE 00201 status = pal_plat_setCipherSuites (palTLSConfCtx->platTlsConfHandle, PAL_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384); 00202 #elif PAL_TLS_SUPPORT_ALL_AVAILABLE_SUITES 00203 status = PAL_SUCCESS; 00204 #else 00205 #error : No CipherSuite was defined! 00206 #endif 00207 if (PAL_SUCCESS != status) 00208 { 00209 goto finish; 00210 } 00211 palTLSConfCtx->trustedTimeServer = false; 00212 *palTLSConf = (palTLSHandle_t)palTLSConfCtx; 00213 finish: 00214 if (PAL_SUCCESS != status) 00215 { 00216 free(palTLSConfCtx); 00217 } 00218 return status; 00219 } 00220 00221 00222 palStatus_t pal_tlsConfigurationFree(palTLSConfHandle_t* palTLSConf) 00223 { 00224 palStatus_t status = PAL_SUCCESS; 00225 palTLSConfService_t* palTLSConfCtx = NULL; 00226 00227 PAL_VALIDATE_ARGUMENTS ((NULLPTR == palTLSConf || NULLPTR == *palTLSConf)); 00228 00229 palTLSConfCtx = (palTLSConfService_t*)*palTLSConf; 00230 status = pal_plat_tlsConfigurationFree (&palTLSConfCtx->platTlsConfHandle); 00231 if (PAL_SUCCESS == status) 00232 { 00233 free(palTLSConfCtx); 00234 *palTLSConf = NULLPTR; 00235 } 00236 return status; 00237 } 00238 00239 00240 palStatus_t pal_addEntropySource(palEntropySource_f entropyCallback) 00241 { 00242 palStatus_t status = PAL_SUCCESS; 00243 status = pal_plat_addEntropySource (entropyCallback); 00244 return status; 00245 } 00246 00247 palStatus_t pal_setOwnCertAndPrivateKey(palTLSConfHandle_t palTLSConf, palX509_t* ownCert, palPrivateKey_t* privateKey) 00248 { 00249 #if (PAL_ENABLE_X509 == 1) 00250 palStatus_t status = PAL_SUCCESS; 00251 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf;; 00252 00253 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConf); 00254 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConfCtx->platTlsConfHandle || NULL == ownCert || NULL == privateKey); 00255 00256 status = pal_plat_setOwnCertAndPrivateKey (palTLSConfCtx->platTlsConfHandle, ownCert, privateKey); 00257 return status; 00258 #else 00259 return PAL_ERR_NOT_SUPPORTED ; 00260 #endif 00261 } 00262 00263 00264 palStatus_t pal_setCAChain(palTLSConfHandle_t palTLSConf, palX509_t* caChain, palX509CRL_t* caCRL) 00265 { 00266 #if (PAL_ENABLE_X509 == 1) 00267 palStatus_t status = PAL_SUCCESS; 00268 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf;; 00269 palX509Handle_t x509Ctx = NULLPTR; 00270 00271 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConf); 00272 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConfCtx->platTlsConfHandle || NULL == caChain); 00273 00274 00275 status = pal_plat_setCAChain (palTLSConfCtx->platTlsConfHandle, caChain, caCRL); 00276 #if PAL_USE_SECURE_TIME 00277 if (PAL_SUCCESS == status) 00278 { 00279 uint8_t certID[PAL_CERT_ID_SIZE] = {0}; 00280 size_t actualCertIDLen = 0; 00281 00282 status = pal_x509Initiate(&x509Ctx); 00283 if (PAL_SUCCESS != status) 00284 { 00285 goto finish; 00286 } 00287 00288 status = pal_x509CertParse(x509Ctx, caChain->buffer, caChain->size); 00289 if (PAL_SUCCESS != status) 00290 { 00291 goto finish; 00292 } 00293 00294 status = pal_x509CertGetAttribute(x509Ctx, PAL_X509_CERT_ID_ATTR, certID, sizeof(certID), &actualCertIDLen); 00295 if (PAL_SUCCESS != status) 00296 { 00297 goto finish; 00298 } 00299 00300 if (!g_trustedServerValid) 00301 { 00302 sotp_result_e sotpRes; 00303 uint16_t actualLenBytes = 0; 00304 00305 sotpRes = sotp_get(SOTP_TYPE_TRUSTED_TIME_SRV_ID, (uint16_t)sizeof(g_storedCertSerial), (uint32_t*)g_storedCertSerial, &actualLenBytes); 00306 if (SOTP_SUCCESS == sotpRes) 00307 { 00308 g_trustedServerValid = true; 00309 } 00310 } 00311 00312 if ( (sizeof(g_storedCertSerial) == actualCertIDLen) && (0 == memcmp(certID, g_storedCertSerial, sizeof(g_storedCertSerial)))) 00313 { 00314 palTLSConfCtx->trustedTimeServer = true; 00315 } 00316 } 00317 finish: 00318 #endif //PAL_USE_SECURE_TIME 00319 if (NULLPTR != x509Ctx) 00320 { 00321 pal_x509Free(&x509Ctx); 00322 } 00323 return status; 00324 #else 00325 return PAL_ERR_NOT_SUPPORTED ; 00326 #endif 00327 } 00328 00329 00330 palStatus_t pal_setPSK(palTLSConfHandle_t palTLSConf, const unsigned char *identity, uint32_t maxIdentityLenInBytes, const unsigned char *psk, uint32_t maxPskLenInBytes) 00331 { 00332 #if (PAL_ENABLE_PSK == 1) 00333 palStatus_t status = PAL_SUCCESS; 00334 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf;; 00335 00336 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConf); 00337 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConfCtx->platTlsConfHandle || NULL == identity || NULL == psk); 00338 00339 00340 status = pal_plat_setPSK (palTLSConfCtx->platTlsConfHandle, identity, maxIdentityLenInBytes, psk, maxPskLenInBytes); 00341 return status; 00342 #else 00343 return PAL_ERR_NOT_SUPPORTED ; 00344 #endif 00345 } 00346 00347 00348 palStatus_t pal_tlsSetSocket(palTLSConfHandle_t palTLSConf, palTLSSocket_t* socket) 00349 { //palSocket_t depend on the library (socket or bio pointer) 00350 palStatus_t status = PAL_SUCCESS; 00351 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf; 00352 00353 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConf); 00354 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConfCtx->platTlsConfHandle || NULL == socket); 00355 00356 status = pal_plat_tlsSetSocket (palTLSConfCtx->platTlsConfHandle, socket); 00357 return status; 00358 } 00359 00360 #if PAL_USE_SECURE_TIME 00361 PAL_PRIVATE palStatus_t pal_updateTime(uint64_t serverTime, bool trustedTimeServer) 00362 { 00363 palStatus_t status = PAL_SUCCESS; 00364 if (trustedTimeServer) 00365 { 00366 status = pal_osSetStrongTime(serverTime); 00367 if (PAL_SUCCESS != status) 00368 { 00369 PAL_LOG(DBG, "Setting strong time failed! return code %" PRId32 ".", status); 00370 } 00371 } 00372 else 00373 { 00374 status = pal_osSetWeakTime(serverTime); 00375 if (PAL_SUCCESS != status) 00376 { 00377 PAL_LOG(DBG, "Setting weak time failed! return code %" PRId32 ".", status); 00378 } 00379 } 00380 return status; 00381 } 00382 #endif //PAL_USE_SECURE_TIME 00383 00384 palStatus_t pal_handShake(palTLSHandle_t palTLSHandle, palTLSConfHandle_t palTLSConf) 00385 { 00386 palStatus_t status = PAL_SUCCESS; 00387 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf; 00388 palTLSService_t* palTLSCtx = (palTLSService_t*)palTLSHandle;; 00389 00390 PAL_VALIDATE_ARGUMENTS((NULLPTR == palTLSConfCtx || NULLPTR == palTLSCtx)); 00391 PAL_VALIDATE_ARGUMENTS((NULLPTR == palTLSCtx->platTlsHandle || NULLPTR == palTLSConfCtx->platTlsConfHandle)); 00392 00393 status = pal_plat_sslSetup (palTLSCtx->platTlsHandle, palTLSConfCtx->platTlsConfHandle); 00394 if (PAL_SUCCESS != status) 00395 { 00396 goto finish; 00397 } 00398 00399 if (!palTLSCtx->retryHandShake) 00400 { 00401 status = pal_plat_handShake (palTLSCtx->platTlsHandle, &palTLSCtx->serverTime); 00402 if (PAL_SUCCESS == status) 00403 { 00404 int32_t verifyResult = 0; 00405 status = pal_sslGetVerifyResultExtended(palTLSHandle, &verifyResult); 00406 #if PAL_USE_SECURE_TIME 00407 if (PAL_ERR_X509_CERT_VERIFY_FAILED == status) 00408 { 00409 if ((PAL_ERR_X509_BADCERT_FUTURE & verifyResult) || ((true == palTLSConfCtx->trustedTimeServer) && (PAL_ERR_X509_BADCERT_EXPIRED & verifyResult))) 00410 { 00411 PAL_LOG(DBG, "SSL EXPIRED OR FUTURE - retry"); 00412 palTLSCtx->retryHandShake = true; 00413 status = PAL_SUCCESS; 00414 } 00415 else if (PAL_SUCCESS != status) 00416 { 00417 status = PAL_ERR_X509_CERT_VERIFY_FAILED; 00418 palTLSCtx->serverTime = 0; 00419 } 00420 } 00421 #else 00422 if (PAL_SUCCESS != status) 00423 { 00424 status = PAL_ERR_X509_CERT_VERIFY_FAILED; 00425 palTLSCtx->serverTime = 0; 00426 } 00427 #endif //PAL_USE_SECURE_TIME 00428 } 00429 } 00430 #if PAL_USE_SECURE_TIME 00431 if ((PAL_SUCCESS == status) && (palTLSCtx->retryHandShake)) 00432 { 00433 PAL_LOG(DBG, "SSL START RENEGOTIATE"); 00434 if (!palTLSConfCtx->trustedTimeServer) //! if we are not proccessing handshake with the time trusted server we 00435 { //! will use PAL_TLS_VERIFY_REQUIRED authentication mode 00436 status = pal_plat_setAuthenticationMode (palTLSConfCtx->platTlsConfHandle, PAL_TLS_VERIFY_REQUIRED); 00437 if (PAL_SUCCESS != status) 00438 { 00439 goto finish; 00440 } 00441 } 00442 status = pal_plat_renegotiate (palTLSCtx->platTlsHandle, palTLSCtx->serverTime); 00443 if (PAL_SUCCESS == status) 00444 { 00445 int32_t verifyResult = 0; 00446 status = pal_sslGetVerifyResultExtended(palTLSHandle, &verifyResult); 00447 if ((palTLSConfCtx->trustedTimeServer) && 00448 ((PAL_ERR_X509_CERT_VERIFY_FAILED == status) && ((PAL_ERR_X509_BADCERT_EXPIRED & verifyResult) || (PAL_ERR_X509_BADCERT_FUTURE & verifyResult)))) 00449 { 00450 status = PAL_SUCCESS; 00451 } 00452 } 00453 } 00454 00455 if (PAL_SUCCESS == status) 00456 { 00457 //! We ignore the pal_updateTime() result, because it should not cause a failure to the handshake process. 00458 //! Logs are printed in the pal_updateTime() function in case of failure. 00459 pal_updateTime(palTLSCtx->serverTime, palTLSConfCtx->trustedTimeServer); 00460 } 00461 #endif //PAL_USE_SECURE_TIME 00462 finish: 00463 return status; 00464 } 00465 00466 00467 palStatus_t pal_sslGetVerifyResultExtended(palTLSHandle_t palTLSHandle, int32_t* verifyResult) 00468 { 00469 palStatus_t status = PAL_SUCCESS; 00470 palTLSService_t* palTLSCtx = NULL; 00471 00472 PAL_VALIDATE_ARGUMENTS((NULLPTR == palTLSHandle) || (NULL == verifyResult)); 00473 00474 palTLSCtx = (palTLSService_t*)palTLSHandle; 00475 PAL_VALIDATE_ARGUMENTS(NULLPTR == palTLSCtx->platTlsHandle); 00476 00477 status = pal_plat_sslGetVerifyResultExtended (palTLSCtx->platTlsHandle, verifyResult); 00478 if (0 != *verifyResult) 00479 { 00480 status = PAL_ERR_X509_CERT_VERIFY_FAILED; 00481 *verifyResult = *verifyResult ^ PAL_ERR_MODULE_BITMASK_BASE; //! in order to turn off the MSB bit. 00482 } 00483 00484 return status; 00485 } 00486 00487 00488 palStatus_t pal_sslGetVerifyResult(palTLSHandle_t palTLSHandle) 00489 { 00490 palStatus_t status = PAL_SUCCESS; 00491 palTLSService_t* palTLSCtx = NULL; 00492 int32_t verifyResult = 0; 00493 00494 PAL_VALIDATE_ARGUMENTS(NULLPTR == palTLSHandle); 00495 00496 palTLSCtx = (palTLSService_t*)palTLSHandle; 00497 PAL_VALIDATE_ARGUMENTS(NULLPTR == palTLSCtx->platTlsHandle); 00498 00499 status = pal_plat_sslGetVerifyResultExtended (palTLSCtx->platTlsHandle, &verifyResult); 00500 return status; 00501 } 00502 00503 00504 palStatus_t pal_setHandShakeTimeOut(palTLSConfHandle_t palTLSConf, uint32_t timeoutInMilliSec) 00505 { 00506 palStatus_t status = PAL_SUCCESS; 00507 palTLSConfService_t* palTLSConfCtx = (palTLSConfService_t*)palTLSConf;; 00508 00509 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSConfCtx || 0 == timeoutInMilliSec); 00510 00511 status = pal_plat_setHandShakeTimeOut (palTLSConfCtx->platTlsConfHandle, timeoutInMilliSec); 00512 return status; 00513 } 00514 00515 00516 palStatus_t pal_sslRead(palTLSHandle_t palTLSHandle, void *buffer, uint32_t len, uint32_t* actualLen) 00517 { 00518 palStatus_t status = PAL_SUCCESS; 00519 palTLSService_t* palTLSCtx = (palTLSService_t*)palTLSHandle;; 00520 00521 PAL_VALIDATE_ARGUMENTS (NULLPTR == palTLSHandle); 00522 PAL_VALIDATE_ARGUMENTS ((NULLPTR == palTLSCtx->platTlsHandle || NULL == buffer || NULL == actualLen)); 00523 00524 status = pal_plat_sslRead (palTLSCtx->platTlsHandle, buffer, len, actualLen); 00525 return status; 00526 } 00527 00528 00529 palStatus_t pal_sslWrite(palTLSHandle_t palTLSHandle, const void *buffer, uint32_t len, uint32_t *bytesWritten) 00530 { 00531 palStatus_t status = PAL_SUCCESS; 00532 palTLSService_t* palTLSCtx = (palTLSService_t*)palTLSHandle; 00533 00534 PAL_VALIDATE_ARGUMENTS((NULLPTR == palTLSHandle || NULL == buffer || NULL == bytesWritten)); 00535 00536 status = pal_plat_sslWrite (palTLSCtx->platTlsHandle, buffer, len, bytesWritten); 00537 return status; 00538 } 00539 00540 palStatus_t pal_sslDebugging(uint8_t turnOn) 00541 { 00542 palStatus_t status = PAL_SUCCESS; 00543 status = pal_plat_sslDebugging (turnOn); 00544 return status; 00545 } 00546
Generated on Tue Jul 12 2022 19:01:36 by
1.7.2