yh Tang / Mbed OS NuMaker-mbed-AWS-IoT-example

NuMaker connection with AWS IoT thru MQTT/HTTPS

Dependencies:   MQTT_ON_AWS

my-tlssocket/MyTLSSocket.h@40:599eaf9deec3, 2020-12-01 (annotated)

Committer:
doudoutang
Date:
Tue Dec 01 03:36:42 2020 +0000
Revision:
40:599eaf9deec3
Parent:
25:edf568984d27 
YES

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ccli8 25:edf568984d27 1 #ifndef _MY_TLS_SOCKET_H_
ccli8 25:edf568984d27 2 #define _MY_TLS_SOCKET_H_
ccli8 25:edf568984d27 3
ccli8 25:edf568984d27 4 #include "mbedtls/platform.h"
ccli8 25:edf568984d27 5 #include "mbedtls/ssl.h"
ccli8 25:edf568984d27 6 #include "mbedtls/entropy.h"
ccli8 25:edf568984d27 7 #include "mbedtls/ctr_drbg.h"
ccli8 25:edf568984d27 8 #include "mbedtls/error.h"
ccli8 25:edf568984d27 9
ccli8 25:edf568984d27 10 #if MBED_CONF_MY_TLSSOCKET_TLS_DEBUG_LEVEL > 0
ccli8 25:edf568984d27 11 #include "mbedtls/debug.h"
ccli8 25:edf568984d27 12 #endif
ccli8 25:edf568984d27 13
ccli8 25:edf568984d27 14 #include "mbedtls_utils.h"
ccli8 25:edf568984d27 15
ccli8 25:edf568984d27 16 /**
ccli8 25:edf568984d27 17 * \brief MyTLSSocket a wrapper around TCPSocket for interacting with TLS servers
ccli8 25:edf568984d27 18 */
ccli8 25:edf568984d27 19 class MyTLSSocket {
ccli8 25:edf568984d27 20 public:
ccli8 25:edf568984d27 21 MyTLSSocket(NetworkInterface* net_iface, const char* ssl_ca_pem, const char* ssl_owncert_pem, const char* ssl_own_priv_key_pem);
ccli8 25:edf568984d27 22 ~MyTLSSocket();
ccli8 25:edf568984d27 23
ccli8 25:edf568984d27 24 /** Close the socket
ccli8 25:edf568984d27 25 *
ccli8 25:edf568984d27 26 * Closes any open connection and deallocates any memory associated
ccli8 25:edf568984d27 27 * with the socket. Called from destructor if socket is not closed.
ccli8 25:edf568984d27 28 *
ccli8 25:edf568984d27 29 * @return 0 on success, negative error code on failure
ccli8 25:edf568984d27 30 */
ccli8 25:edf568984d27 31 nsapi_error_t close();
ccli8 25:edf568984d27 32
ccli8 25:edf568984d27 33 nsapi_error_t connect(const char *hostname, uint16_t port);
ccli8 25:edf568984d27 34
ccli8 25:edf568984d27 35 /** Send data over a TCP socket
ccli8 25:edf568984d27 36 *
ccli8 25:edf568984d27 37 * The socket must be connected to a remote host. Returns the number of
ccli8 25:edf568984d27 38 * bytes sent from the buffer.
ccli8 25:edf568984d27 39 *
ccli8 25:edf568984d27 40 * By default, send blocks until all data is sent. If socket is set to
ccli8 25:edf568984d27 41 * non-blocking or times out, a partial amount can be written.
ccli8 25:edf568984d27 42 * NSAPI_ERROR_WOULD_BLOCK is returned if no data was written.
ccli8 25:edf568984d27 43 *
ccli8 25:edf568984d27 44 * @param data Buffer of data to send to the host
ccli8 25:edf568984d27 45 * @param size Size of the buffer in bytes
ccli8 25:edf568984d27 46 * @return Number of sent bytes on success, negative error
ccli8 25:edf568984d27 47 * code on failure
ccli8 25:edf568984d27 48 */
ccli8 25:edf568984d27 49 nsapi_size_or_error_t send(const void *data, nsapi_size_t size);
ccli8 25:edf568984d27 50
ccli8 25:edf568984d27 51 /** Receive data over a TCP socket
ccli8 25:edf568984d27 52 *
ccli8 25:edf568984d27 53 * The socket must be connected to a remote host. Returns the number of
ccli8 25:edf568984d27 54 * bytes received into the buffer.
ccli8 25:edf568984d27 55 *
ccli8 25:edf568984d27 56 * By default, recv blocks until some data is received. If socket is set to
ccli8 25:edf568984d27 57 * non-blocking or times out, NSAPI_ERROR_WOULD_BLOCK can be returned to
ccli8 25:edf568984d27 58 * indicate no data.
ccli8 25:edf568984d27 59 *
ccli8 25:edf568984d27 60 * @param data Destination buffer for data received from the host
ccli8 25:edf568984d27 61 * @param size Size of the buffer in bytes
ccli8 25:edf568984d27 62 * @return Number of received bytes on success, negative error
ccli8 25:edf568984d27 63 * code on failure
ccli8 25:edf568984d27 64 */
ccli8 25:edf568984d27 65 nsapi_size_or_error_t recv(void *data, nsapi_size_t size);
ccli8 25:edf568984d27 66
ccli8 25:edf568984d27 67 /** Set blocking or non-blocking mode of the socket
ccli8 25:edf568984d27 68 *
ccli8 25:edf568984d27 69 * Initially all sockets are in blocking mode. In non-blocking mode
ccli8 25:edf568984d27 70 * blocking operations such as send/recv/accept return
ccli8 25:edf568984d27 71 * NSAPI_ERROR_WOULD_BLOCK if they can not continue.
ccli8 25:edf568984d27 72 *
ccli8 25:edf568984d27 73 * set_blocking(false) is equivalent to set_timeout(-1)
ccli8 25:edf568984d27 74 * set_blocking(true) is equivalent to set_timeout(0)
ccli8 25:edf568984d27 75 *
ccli8 25:edf568984d27 76 * @param blocking true for blocking mode, false for non-blocking mode.
ccli8 25:edf568984d27 77 */
ccli8 25:edf568984d27 78 void set_blocking(bool blocking);
ccli8 25:edf568984d27 79
ccli8 25:edf568984d27 80 /** Set timeout on blocking socket operations
ccli8 25:edf568984d27 81 *
ccli8 25:edf568984d27 82 * Initially all sockets have unbounded timeouts. NSAPI_ERROR_WOULD_BLOCK
ccli8 25:edf568984d27 83 * is returned if a blocking operation takes longer than the specified
ccli8 25:edf568984d27 84 * timeout. A timeout of 0 removes the timeout from the socket. A negative
ccli8 25:edf568984d27 85 * value give the socket an unbounded timeout.
ccli8 25:edf568984d27 86 *
ccli8 25:edf568984d27 87 * set_timeout(0) is equivalent to set_blocking(false)
ccli8 25:edf568984d27 88 * set_timeout(-1) is equivalent to set_blocking(true)
ccli8 25:edf568984d27 89 *
ccli8 25:edf568984d27 90 * @param timeout Timeout in milliseconds
ccli8 25:edf568984d27 91 */
ccli8 25:edf568984d27 92 void set_timeout(int timeout);
ccli8 25:edf568984d27 93
ccli8 25:edf568984d27 94 bool connected();
ccli8 25:edf568984d27 95
ccli8 25:edf568984d27 96 nsapi_error_t error();
ccli8 25:edf568984d27 97
ccli8 25:edf568984d27 98 TCPSocket* get_tcp_socket();
ccli8 25:edf568984d27 99
ccli8 25:edf568984d27 100 mbedtls_ssl_context* get_ssl_context();
ccli8 25:edf568984d27 101
ccli8 25:edf568984d27 102 /**
ccli8 25:edf568984d27 103 * Set the debug flag.
ccli8 25:edf568984d27 104 *
ccli8 25:edf568984d27 105 * If this flag is set, debug information from mbed TLS will be logged to stdout.
ccli8 25:edf568984d27 106 */
ccli8 25:edf568984d27 107 void set_debug(bool debug);
ccli8 25:edf568984d27 108
ccli8 25:edf568984d27 109 /**
ccli8 25:edf568984d27 110 * Timed recv for MQTT lib
ccli8 25:edf568984d27 111 */
ccli8 25:edf568984d27 112 int read(unsigned char* buffer, int len, int timeout);
ccli8 25:edf568984d27 113
ccli8 25:edf568984d27 114 /**
ccli8 25:edf568984d27 115 * Timed send for MQTT lib
ccli8 25:edf568984d27 116 */
ccli8 25:edf568984d27 117 int write(unsigned char* buffer, int len, int timeout);
ccli8 25:edf568984d27 118
ccli8 25:edf568984d27 119 protected:
ccli8 25:edf568984d27 120
ccli8 25:edf568984d27 121 #if MBED_CONF_MY_TLSSOCKET_TLS_DEBUG_LEVEL > 0
ccli8 25:edf568984d27 122 /**
ccli8 25:edf568984d27 123 * Debug callback for mbed TLS
ccli8 25:edf568984d27 124 * Just prints on the USB serial port
ccli8 25:edf568984d27 125 */
ccli8 25:edf568984d27 126 static void my_debug(void *ctx, int level, const char *file, int line,
ccli8 25:edf568984d27 127 const char *str);
ccli8 25:edf568984d27 128
ccli8 25:edf568984d27 129 /**
ccli8 25:edf568984d27 130 * Certificate verification callback for mbed TLS
ccli8 25:edf568984d27 131 * Here we only use it to display information on each cert in the chain
ccli8 25:edf568984d27 132 */
ccli8 25:edf568984d27 133 static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags);
ccli8 25:edf568984d27 134 #endif
ccli8 25:edf568984d27 135
ccli8 25:edf568984d27 136 /**
ccli8 25:edf568984d27 137 * Receive callback for mbed TLS
ccli8 25:edf568984d27 138 */
ccli8 25:edf568984d27 139 static int ssl_recv(void *ctx, unsigned char *buf, size_t len);
ccli8 25:edf568984d27 140
ccli8 25:edf568984d27 141 /**
ccli8 25:edf568984d27 142 * Send callback for mbed TLS
ccli8 25:edf568984d27 143 */
ccli8 25:edf568984d27 144 static int ssl_send(void *ctx, const unsigned char *buf, size_t len);
ccli8 25:edf568984d27 145
ccli8 25:edf568984d27 146 private:
ccli8 25:edf568984d27 147 void onError(TCPSocket *s, int error);
ccli8 25:edf568984d27 148
ccli8 25:edf568984d27 149 TCPSocket* _tcpsocket;
ccli8 25:edf568984d27 150
ccli8 25:edf568984d27 151 const char* DRBG_PERS;
ccli8 25:edf568984d27 152 const char* _ssl_ca_pem;
ccli8 25:edf568984d27 153 const char* _ssl_owncert_pem;
ccli8 25:edf568984d27 154 const char* _ssl_own_priv_key_pem;
ccli8 25:edf568984d27 155 const char* _hostname;
ccli8 25:edf568984d27 156 uint16_t _port;
ccli8 25:edf568984d27 157
ccli8 25:edf568984d27 158 bool _debug;
ccli8 25:edf568984d27 159 bool _is_connected;
ccli8 25:edf568984d27 160
ccli8 25:edf568984d27 161 nsapi_error_t _error;
ccli8 25:edf568984d27 162
ccli8 25:edf568984d27 163 mbedtls_entropy_context _entropy;
ccli8 25:edf568984d27 164 mbedtls_ctr_drbg_context _ctr_drbg;
ccli8 25:edf568984d27 165 mbedtls_x509_crt _cacert;
ccli8 25:edf568984d27 166 mbedtls_x509_crt _owncert;
ccli8 25:edf568984d27 167 mbedtls_pk_context _own_priv_key;
ccli8 25:edf568984d27 168 mbedtls_ssl_context _ssl;
ccli8 25:edf568984d27 169 mbedtls_ssl_config _ssl_conf;
ccli8 25:edf568984d27 170 };
ccli8 25:edf568984d27 171
ccli8 25:edf568984d27 172 #endif // _MY_TLS_SOCKET_H_