Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
DTLSSocketWrapper Class Reference
[Netsocket]
DTLSSocketWrapper implement DTLS stream over the existing Socket transport. More...
#include <DTLSSocketWrapper.h>
Inherits TLSSocketWrapper.
Inherited by DTLSSocket.
Public Types | |
enum | control_transport { TRANSPORT_KEEP, TRANSPORT_CONNECT_AND_CLOSE, TRANSPORT_CONNECT, TRANSPORT_CLOSE } |
Transport modes. More... | |
Public Member Functions | |
DTLSSocketWrapper (Socket *transport, const char *hostname=NULL, control_transport control=TRANSPORT_CONNECT_AND_CLOSE) | |
Create a DTLSSocketWrapper. | |
void | set_hostname (const char *hostname) |
Set hostname. | |
nsapi_error_t | set_root_ca_cert (const void *root_ca, size_t len) |
Sets the certification of Root CA. | |
nsapi_error_t | set_root_ca_cert (const char *root_ca_pem) |
Sets the certification of Root CA. | |
nsapi_error_t | set_client_cert_key (const void *client_cert, size_t client_cert_len, const void *client_private_key_pem, size_t client_private_key_len) |
Sets client certificate, and client private key. | |
nsapi_error_t | set_client_cert_key (const char *client_cert_pem, const char *client_private_key_pem) |
Sets client certificate, and client private key. | |
virtual nsapi_error_t | send (const void *data, nsapi_size_t size) |
Send data over a TLS socket. | |
virtual nsapi_size_or_error_t | recv (void *data, nsapi_size_t size) |
Receive data over a TLS socket. | |
virtual nsapi_error_t | close () |
Closes the socket. | |
virtual nsapi_error_t | connect (const SocketAddress &address=SocketAddress()) |
Connect the transport socket and start handshake. | |
virtual nsapi_size_or_error_t | sendto (const SocketAddress &address, const void *data, nsapi_size_t size) |
Send a message on a socket. | |
virtual nsapi_size_or_error_t | recvfrom (SocketAddress *address, void *data, nsapi_size_t size) |
Receive a data from a socket. | |
virtual nsapi_error_t | bind (const SocketAddress &address) |
Bind a specific address to a socket. | |
virtual void | set_blocking (bool blocking) |
Set blocking or non-blocking mode of the socket. | |
virtual void | set_timeout (int timeout) |
Set timeout on blocking socket operations. | |
virtual void | sigio (mbed::Callback< void()> func) |
Register a callback on state change of the socket. | |
virtual nsapi_error_t | setsockopt (int level, int optname, const void *optval, unsigned optlen) |
Set socket options. | |
virtual nsapi_error_t | getsockopt (int level, int optname, void *optval, unsigned *optlen) |
Get socket options. | |
virtual Socket * | accept (nsapi_error_t *error=NULL) |
Accepts a connection on a socket. | |
virtual nsapi_error_t | listen (int backlog=1) |
Listen for incoming connections. | |
virtual nsapi_error_t | getpeername (SocketAddress *address) |
Get the remote-end peer associated with this socket. | |
mbedtls_x509_crt * | get_own_cert () |
Get own certificate directly from Mbed TLS. | |
int | set_own_cert (mbedtls_x509_crt *crt) |
Set own certificate directly to Mbed TLS. | |
mbedtls_x509_crt * | get_ca_chain () |
Get CA chain structure. | |
void | set_ca_chain (mbedtls_x509_crt *crt) |
Set CA chain directly to Mbed TLS. | |
mbedtls_ssl_config * | get_ssl_config () |
Get internal Mbed TLS configuration structure. | |
void | set_ssl_config (mbedtls_ssl_config *conf) |
Override Mbed TLS configuration. | |
mbedtls_ssl_context * | get_ssl_context () |
Get internal Mbed TLS context structure. | |
Protected Member Functions | |
nsapi_error_t | start_handshake (bool first_call) |
Initiates TLS Handshake. |
Detailed Description
DTLSSocketWrapper implement DTLS stream over the existing Socket transport.
Definition at line 33 of file DTLSSocketWrapper.h.
Member Enumeration Documentation
enum control_transport [inherited] |
Transport modes.
- Enumerator:
TRANSPORT_KEEP TRANSPORT_CONNECT_AND_CLOSE TRANSPORT_CONNECT Does call only connect() on transport socket.
TRANSPORT_CLOSE Does call close() on transport socket.
Definition at line 47 of file TLSSocketWrapper.h.
Constructor & Destructor Documentation
DTLSSocketWrapper | ( | Socket * | transport, |
const char * | hostname = NULL , |
||
control_transport | control = TRANSPORT_CONNECT_AND_CLOSE |
||
) |
Create a DTLSSocketWrapper.
- Parameters:
-
transport Underlying transport socket to wrap. hostname Hostname of the remote host, used for certificate checking. control Transport control mode. See control_transport.
Definition at line 26 of file DTLSSocketWrapper.cpp.
Member Function Documentation
Socket * accept | ( | nsapi_error_t * | error = NULL ) |
[virtual, inherited] |
Accepts a connection on a socket.
The server socket must be bound and set to listen for connections. On a new connection, returns connected network socket to call close() that deallocates the resources. Referencing a returned pointer after a close() call is not allowed and leads to undefined behavior.
By default, accept blocks until incoming connection occurs. If socket is set to non-blocking or times out, error is set to NSAPI_ERROR_WOULD_BLOCK.
- Parameters:
-
error Pointer to storage of the error value or NULL.
- Returns:
- Pointer to a socket.
Implements Socket.
Definition at line 683 of file TLSSocketWrapper.cpp.
nsapi_error_t bind | ( | const SocketAddress & | address ) | [virtual, inherited] |
Bind a specific address to a socket.
Binding a socket specifies the address and port on which to receive data. If the IP address is zeroed, only the port is bound.
- Parameters:
-
address Local address to bind.
- Returns:
- NSAPI_ERROR_OK on success, negative subclass-dependent error code on failure.
Implements Socket.
Definition at line 635 of file TLSSocketWrapper.cpp.
nsapi_error_t close | ( | ) | [virtual, inherited] |
Closes the socket.
Closes any open connection and deallocates any memory associated with the socket. Called from destructor if socket is not closed.
- Returns:
- NSAPI_ERROR_OK on success. Negative subclass-dependent error code on failure.
Implements Socket.
Definition at line 589 of file TLSSocketWrapper.cpp.
nsapi_error_t connect | ( | const SocketAddress & | address = SocketAddress() ) |
[virtual, inherited] |
Connect the transport socket and start handshake.
- Note:
- : In case connect() returns an error, the state of the socket is unspecified. A new socket should be created before reconnecting.
See Socket::connect and start_handshake
Implements Socket.
Reimplemented in TLSSocket.
Definition at line 619 of file TLSSocketWrapper.cpp.
mbedtls_x509_crt * get_ca_chain | ( | ) | [inherited] |
Get CA chain structure.
- Returns:
- Mbed TLS X509 certificate chain.
Definition at line 530 of file TLSSocketWrapper.cpp.
mbedtls_x509_crt * get_own_cert | ( | ) | [inherited] |
Get own certificate directly from Mbed TLS.
- Returns:
- Internal Mbed TLS X509 structure.
Definition at line 508 of file TLSSocketWrapper.cpp.
mbedtls_ssl_config * get_ssl_config | ( | ) | [inherited] |
Get internal Mbed TLS configuration structure.
- Returns:
- Mbed TLS SSL config.
Definition at line 549 of file TLSSocketWrapper.cpp.
mbedtls_ssl_context * get_ssl_context | ( | ) | [inherited] |
Get internal Mbed TLS context structure.
- Returns:
- SSL context.
Definition at line 584 of file TLSSocketWrapper.cpp.
nsapi_error_t getpeername | ( | SocketAddress * | address ) | [virtual, inherited] |
Get the remote-end peer associated with this socket.
Copy the remote peer address to a SocketAddress structure pointed by address parameter. Socket must be connected to have a peer address associated.
- Parameters:
-
address Pointer to SocketAddress structure.
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_NO_SOCKET if socket is not connected. NSAPI_ERROR_NO_CONNECTION if the remote peer was not set.
Implements Socket.
Definition at line 710 of file TLSSocketWrapper.cpp.
nsapi_error_t getsockopt | ( | int | level, |
int | optname, | ||
void * | optval, | ||
unsigned * | optlen | ||
) | [virtual, inherited] |
Get socket options.
getsockopt() allows an application to retrieve stack-specific options from the underlying stack using stack-specific level and option names, or to request generic options using levels from nsapi_socket_level_t.
For unsupported options, NSAPI_ERROR_UNSUPPORTED is returned and the socket is unmodified.
- Parameters:
-
level Stack-specific protocol level or nsapi_socket_level_t. optname Level-specific option name. optval Destination for option value. optlen Length of the option value.
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_NO_SOCKET if socket is not open. int Negative error code on failure, see NetworkStack::getsockopt.
Implements Socket.
Definition at line 675 of file TLSSocketWrapper.cpp.
nsapi_error_t listen | ( | int | backlog = 1 ) |
[virtual, inherited] |
Listen for incoming connections.
Marks the socket as a passive socket that can be used to accept incoming connections.
- Parameters:
-
backlog Number of pending connections that can be queued simultaneously, defaults to 1.
- Returns:
- NSAPI_ERROR_OK on success, negative error code on failure.
Implements Socket.
Definition at line 691 of file TLSSocketWrapper.cpp.
nsapi_size_or_error_t recv | ( | void * | data, |
nsapi_size_t | size | ||
) | [virtual, inherited] |
Receive data over a TLS socket.
The socket must be connected to a remote host. Returns the number of bytes received into the buffer.
- Parameters:
-
data Destination buffer for data received from the host. size Size of the buffer in bytes.
- Return values:
-
int Number of sent bytes on success NSAPI_ERROR_NO_SOCKET in case socket was not created correctly. NSAPI_ERROR_WOULD_BLOCK in case non-blocking mode is enabled and send cannot be performed immediately. NSAPI_ERROR_DEVICE_ERROR in case of tls-related errors. See mbedtls_ssl_read.
- Returns:
- 0 if no data is available to be received and the peer has performed an orderly shutdown.
Implements Socket.
Definition at line 347 of file TLSSocketWrapper.cpp.
nsapi_size_or_error_t recvfrom | ( | SocketAddress * | address, |
void * | data, | ||
nsapi_size_t | size | ||
) | [virtual, inherited] |
Receive a data from a socket.
Receives a data and stores the source address in address if address is not NULL. Returns the number of bytes written into the buffer.
If socket is connected, only packets coming from connected peer address are accepted.
- Note:
- recvfrom() is allowed write to address and data buffers even if error occurs.
By default, recvfrom blocks until a datagram is received. If socket is set to non-blocking or times out with no data, NSAPI_ERROR_WOULD_BLOCK is returned.
- Parameters:
-
address Destination for the source address or NULL data Destination buffer for datagram received from the host size Size of the buffer in bytes
- Returns:
- Number of received bytes on success, negative subclass-dependent error code on failure
Implements Socket.
Definition at line 399 of file TLSSocketWrapper.cpp.
nsapi_error_t send | ( | const void * | data, |
nsapi_size_t | size | ||
) | [virtual, inherited] |
Send data over a TLS socket.
The socket must be connected to a remote host. Returns the number of bytes sent from the buffer.
- Parameters:
-
data Buffer of data to send to the host. size Size of the buffer in bytes.
- Return values:
-
int Number of sent bytes on success NSAPI_ERROR_NO_SOCKET in case socket was not created correctly. NSAPI_ERROR_WOULD_BLOCK in case non-blocking mode is enabled and send cannot be performed immediately. NSAPI_ERROR_DEVICE_ERROR in case of tls-related errors. See mbedtls_ssl_write.
Implements Socket.
Definition at line 292 of file TLSSocketWrapper.cpp.
nsapi_size_or_error_t sendto | ( | const SocketAddress & | address, |
const void * | data, | ||
nsapi_size_t | size | ||
) | [virtual, inherited] |
Send a message on a socket.
The sendto() function sends a message through a connection-mode or connectionless-mode socket. If the socket is a connectionless-mode socket, the message is sent to the address specified. If the socket is a connected-mode socket, address is ignored.
By default, sendto blocks until data is sent. If socket is set to non-blocking or times out, NSAPI_ERROR_WOULD_BLOCK is returned immediately.
- Parameters:
-
address Remote address data Buffer of data to send to the host size Size of the buffer in bytes
- Returns:
- Number of sent bytes on success, negative subclass-dependent error code on failure
Implements Socket.
Definition at line 341 of file TLSSocketWrapper.cpp.
void set_blocking | ( | bool | blocking ) | [virtual, inherited] |
Set blocking or non-blocking mode of the socket.
Initially all sockets are in blocking mode. In non-blocking mode blocking operations such as send/recv/accept return NSAPI_ERROR_WOULD_BLOCK if they cannot continue.
set_blocking(false) is equivalent to set_timeout(0) set_blocking(true) is equivalent to set_timeout(-1)
- Parameters:
-
blocking true for blocking mode, false for non-blocking mode.
Implements Socket.
Definition at line 643 of file TLSSocketWrapper.cpp.
void set_ca_chain | ( | mbedtls_x509_crt * | crt ) | [inherited] |
Set CA chain directly to Mbed TLS.
- Parameters:
-
crt Mbed TLS X509 certificate chain.
Definition at line 535 of file TLSSocketWrapper.cpp.
nsapi_error_t set_client_cert_key | ( | const char * | client_cert_pem, |
const char * | client_private_key_pem | ||
) | [inherited] |
Sets client certificate, and client private key.
- Parameters:
-
client_cert_pem Client certification in PEM format. client_private_key_pem Client private key in PEM format.
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_PARAMETER in case the provided root_ca parameter failed parsing.
Reimplemented in TLSSocket.
Definition at line 127 of file TLSSocketWrapper.cpp.
nsapi_error_t set_client_cert_key | ( | const void * | client_cert, |
size_t | client_cert_len, | ||
const void * | client_private_key_pem, | ||
size_t | client_private_key_len | ||
) | [inherited] |
Sets client certificate, and client private key.
- Parameters:
-
client_cert Client certification in PEM or DER format. client_cert_len Certificate size including the terminating null byte for PEM data. client_private_key_pem Client private key in PEM or DER format. client_private_key_len Key size including the terminating null byte for PEM data
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_PARAMETER in case the provided root_ca parameter failed parsing.
Reimplemented in TLSSocket.
Definition at line 132 of file TLSSocketWrapper.cpp.
void set_hostname | ( | const char * | hostname ) | [inherited] |
Set hostname.
TLSSocket requires hostname used to verify the certificate. If hostname is not given in constructor, this function must be used before starting the TLS handshake.
- Parameters:
-
hostname Hostname of the remote host, used for certificate checking.
Reimplemented in TLSSocket.
Definition at line 86 of file TLSSocketWrapper.cpp.
int set_own_cert | ( | mbedtls_x509_crt * | crt ) | [inherited] |
Set own certificate directly to Mbed TLS.
- Parameters:
-
crt Mbed TLS X509 certificate chain.
- Returns:
- error code from mbedtls_ssl_conf_own_cert().
Definition at line 513 of file TLSSocketWrapper.cpp.
nsapi_error_t set_root_ca_cert | ( | const char * | root_ca_pem ) | [inherited] |
Sets the certification of Root CA.
- Note:
- Must be called before calling connect()
- Parameters:
-
root_ca_pem Root CA Certificate in PEM format.
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_NO_MEMORY in case there is not enough memory to allocate certificate. NSAPI_ERROR_PARAMETER in case the provided root_ca parameter failed parsing.
Reimplemented in TLSSocket.
Definition at line 122 of file TLSSocketWrapper.cpp.
nsapi_error_t set_root_ca_cert | ( | const void * | root_ca, |
size_t | len | ||
) | [inherited] |
Sets the certification of Root CA.
- Note:
- Must be called before calling connect()
- Parameters:
-
root_ca Root CA Certificate in any Mbed TLS-supported format. len Length of certificate (including terminating 0 for PEM).
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_NO_MEMORY in case there is not enough memory to allocate certificate. NSAPI_ERROR_PARAMETER in case the provided root_ca parameter failed parsing.
Reimplemented in TLSSocket.
Definition at line 93 of file TLSSocketWrapper.cpp.
void set_ssl_config | ( | mbedtls_ssl_config * | conf ) | [inherited] |
Override Mbed TLS configuration.
- Parameters:
-
conf Mbed TLS SSL configuration structure.
Definition at line 574 of file TLSSocketWrapper.cpp.
void set_timeout | ( | int | timeout ) | [virtual, inherited] |
Set timeout on blocking socket operations.
Initially all sockets have unbounded timeouts. NSAPI_ERROR_WOULD_BLOCK is returned if a blocking operation takes longer than the specified timeout. A timeout of 0 removes the timeout from the socket. A negative value gives the socket an unbounded timeout.
set_timeout(0) is equivalent to set_blocking(false) set_timeout(-1) is equivalent to set_blocking(true)
- Parameters:
-
timeout Timeout in milliseconds
Implements Socket.
Definition at line 648 of file TLSSocketWrapper.cpp.
nsapi_error_t setsockopt | ( | int | level, |
int | optname, | ||
const void * | optval, | ||
unsigned | optlen | ||
) | [virtual, inherited] |
Set socket options.
setsockopt() allows an application to pass stack-specific options to the underlying stack using stack-specific level and option names, or to request generic options using levels from nsapi_socket_level_t.
For unsupported options, NSAPI_ERROR_UNSUPPORTED is returned and the socket is unmodified.
- Parameters:
-
level Stack-specific protocol level or nsapi_socket_level_t. optname Level-specific option name. optval Option value. optlen Length of the option value.
- Return values:
-
NSAPI_ERROR_OK on success. NSAPI_ERROR_NO_SOCKET if socket is not open. int Negative error code on failure, see NetworkStack::setsockopt.
Implements Socket.
Definition at line 667 of file TLSSocketWrapper.cpp.
void sigio | ( | mbed::Callback< void()> | func ) | [virtual, inherited] |
Register a callback on state change of the socket.
The specified callback is called on state changes, such as when the socket can receive/send/accept successfully and when an error occurs. The callback may also be called spuriously without reason.
The callback may be called in an interrupt context and should not perform expensive operations such as receive/send calls.
Note! This is not intended as a replacement for a poll or attach-like asynchronous API, but rather as a building block for constructing such functionality. The exact timing of the registered function is not guaranteed and susceptible to change.
- Parameters:
-
func Function to call on state change.
Implements Socket.
Definition at line 658 of file TLSSocketWrapper.cpp.
nsapi_error_t start_handshake | ( | bool | first_call ) | [protected, inherited] |
Initiates TLS Handshake.
Initiates a TLS handshake to a remote peer. Underlying transport socket should already be connected.
Root CA certification must be set by set_ssl_ca_pem() before calling this function.
For non-blocking purposes, this functions needs to know whether this was a first call to Socket::connect() API so that NSAPI_ERROR_INPROGRESS does not happen twice.
- Parameters:
-
first_call is this a first call to Socket::connect() API.
- Return values:
-
NSAPI_ERROR_OK if we happen to complete the request on the first call. NSAPI_ERROR_IN_PROGRESS if the first call did not complete the request. NSAPI_ERROR_NO_SOCKET in case the transport socket was not created correctly. NSAPI_ERROR_AUTH_FAILURE in case of tls-related authentication errors. See mbedtls_ctr_drbg_seed, mbedtls_ssl_setup. mbedtls_ssl_handshake.
Definition at line 165 of file TLSSocketWrapper.cpp.
Generated on Tue Jul 12 2022 13:55:30 by
