Kentaro Sekimoto / HTTPClient-SSL

Change buffer sizes to support GR-PEACH

Dependencies:   CyaSSL

Dependents:   GR-PEACH_Azure_Speech

Fork of HTTPClient-SSL by MultiTech

Diff: HTTPClient.h

Revision:
38:a4ccad70be9d
Parent:
33:3b2809748a9e
Child:
39:d7c5541a9124
--- a/HTTPClient.h	Tue Jan 06 16:46:44 2015 +0000
+++ b/HTTPClient.h	Wed Jan 14 22:39:59 2015 +0000
@@ -32,6 +32,13 @@
 #include "mbed.h"
 #include "TCPSocketConnection.h"
 
+///SSL peer verification setting    
+enum SSLMethod {
+    VERIFY_NONE                 = 0, ///Don't check peer certificate
+    VERIFY_PEER                 = 1, ///Check peer certificate and skip if none available (insecure)
+    VERIFY_FAIL_IF_NO_PEER_CERT = 2, ///Check peer certificate and fail if unavailable
+};
+
 ///HTTP client results
 enum HTTPResult {
     HTTP_OK = 0, ///<Success
@@ -123,9 +130,35 @@
     */
     int getHTTPResponseCode();
     
-    void setHeader(const char *header) ;   /* set http headers */
-    HTTPResult setSSLversion(int minorV) ; /* set SSL/TLS version. 0: SSL3, 1: TLS1.0, 2: TLS1.1, 3: TLS1.2 */
-    void setLocationBuf(char *url, int size) ; /* set URL buffer for redirection */
+    /** Set headers to be included in the following HTTP requests. Pass a NULL pointer to reset the headers stored. 
+    * Make sure the headers are formatted with a "\r\n" after each header.
+    * @param header pointer to array containing the headers to be added*/
+    void setHeader(const char *header) ;
+    
+    /** Set SSL/TLS version. 
+    * @param minorV integer witha a value between 0 and 3
+    * 0: SSL3, 1: TLS1.0, 2: TLS1.1, 3: TLS1.2 
+    * @returns HTTPResult based on success*/
+    HTTPResult setSSLversion(int minorV) ; 
+    
+    /* set URL buffer for redirection */
+    void setLocationBuf(char *url, int size) ; 
+    
+    /** Stores a root CA certificate for host authentication of a website.
+    * Each new line should end with "\r\n" including the last line of each certificate.
+    * Pass a pointer to the char array containing the certificate stored as a c-string.
+    * Pass a NULL pointer to reset all certificates stored. 
+    * (Can pass in multiple certificates with one function call if the array contains concatenated certificates) */
+    HTTPResult addRootCACertificate(const char* cert) ;
+    
+    /** Sets the verification for peer authenticity when connecting with SSL
+    * @param method specifies the method to use for peer verification
+    * @VERIFY_NONE Sets the client to not verify the peer's certificates
+    * @VERIFY_PEER Sets the client to verify the peer's certificates but skips if certificates unavailable
+    * @VERIFY_FAIL_IF_NO_PEER_CERT Sets the client to verify the peer's certificates and throw an error if the 
+    * certificates are unavailable.
+    * */
+    void setPeerVerification(SSLMethod method);
 
 private:
     enum HTTP_METH {
@@ -149,7 +182,7 @@
     TCPSocketConnection _m_sock;
 
     int m_timeout;
-
+    
     const char* m_basicAuthUser;
     const char* m_basicAuthPassword;
     int m_httpResponseCode;
@@ -160,6 +193,8 @@
     int    redirect ;
     
     /* for CyaSSL */
+    const char* certificates; //CA certificates
+    SSLMethod peerMethod;
     int    SSLver ;
     uint16_t port;
     struct CYASSL_CTX* ctx ;