Mistake on this page? Email us
pal_TLS.h
Go to the documentation of this file.
1 // ----------------------------------------------------------------------------
2 // Copyright 2016-2019 ARM Ltd.
3 //
4 // SPDX-License-Identifier: Apache-2.0
5 //
6 // Licensed under the Apache License, Version 2.0 (the "License");
7 // you may not use this file except in compliance with the License.
8 // You may obtain a copy of the License at
9 //
10 // http://www.apache.org/licenses/LICENSE-2.0
11 //
12 // Unless required by applicable law or agreed to in writing, software
13 // distributed under the License is distributed on an "AS IS" BASIS,
14 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 // See the License for the specific language governing permissions and
16 // limitations under the License.
17 // ----------------------------------------------------------------------------
18 
19 #ifndef _PAL_DTLS_H_
20 #define _PAL_DTLS_H_
21 
22 #ifndef _PAL_H
23  #error "Please do not include this file directly, use pal.h instead"
24 #endif
25 
33 /***************************************************/
34 /**** PAL DTLS data structures *********************/
35 /***************************************************/
36 
37 // Index in the static array of the TLSs.
38 typedef uintptr_t palTLSHandle_t;
39 typedef uintptr_t palTLSConfHandle_t;
40 
41 typedef enum palTLSTranportMode{
42 #ifdef PAL_NET_TCP_AND_TLS_SUPPORT
43  PAL_TLS_MODE, //(STREAM)
44 #endif //PAL_NET_TCP_AND_TLS_SUPPORT
45  PAL_DTLS_MODE //(DATAGRAM)
47 
48 typedef struct palTLSSocket{
54 
55 
56 typedef struct palTLSBuffer{
57  const void* buffer;
58  uint32_t size;
60 
63 #ifdef MBED_CONF_MBED_CLOUD_CLIENT_PSA_SUPPORT
64 typedef uintptr_t palPrivateKey_t;
65 #else
67 #endif
68 
73 typedef int(*palEntropySource_f)(void *data, unsigned char *output, size_t len, size_t *olen);
74 
75 typedef void(*palSocketCallback_f)(void*);
76 
77 /***************************************************/
78 /**** PAL DTLS Client APIs *************************/
79 /***************************************************/
80 
87 
94 
102 palStatus_t pal_initTLS(palTLSConfHandle_t palTLSConf, palTLSHandle_t* palTLSHandle, bool is_server_ping);
103 
110 palStatus_t pal_freeTLS(palTLSHandle_t* palTLSHandle);
111 
122 
131 
139 
148 
159 palStatus_t pal_initPrivateKey(const void *buf, size_t buf_size, palPrivateKey_t* privateKey);
160 
169 
179 
190 palStatus_t pal_setPSK(palTLSConfHandle_t palTLSConf, const unsigned char *identity, uint32_t maxIdentityLenInBytes, const unsigned char *psk, uint32_t maxPskLenInBytes);
191 
200 
211 
221 palStatus_t pal_setHandShakeTimeOut(palTLSConfHandle_t palTLSConf, uint32_t minTimeout, uint32_t maxTimeout);
222 
223 #if PAL_USE_SECURE_TIME
224 
230 palStatus_t pal_sslGetVerifyResult(palTLSHandle_t palTLSHandle);
231 
241 palStatus_t pal_sslGetVerifyResultExtended(palTLSHandle_t palTLSHandle, int32_t* verifyResult);
242 #endif //PAL_USE_SECURE_TIME
243 
253 palStatus_t pal_sslRead(palTLSHandle_t palTLSHandle, void *buffer, uint32_t len, uint32_t* actualLen);
254 
265 palStatus_t pal_sslWrite(palTLSHandle_t palTLSHandle, palTLSConfHandle_t palTLSConf, const void *buffer, uint32_t len, uint32_t *bytesWritten);
266 
275 palStatus_t pal_sslSetDebugging(palTLSConfHandle_t palTLSConf,uint8_t turnOn);
276 
284 palStatus_t pal_sslDebugging(uint8_t turnOn);
285 
289 void pal_store_cid();
290 
294 void pal_remove_cid();
295 
299 bool pal_is_cid_available();
300 
307 
308 #if (PAL_USE_SSL_SESSION_RESUME == 1)
309 
317 void pal_enableSslSessionStoring(palTLSConfHandle_t palTLSConf, bool enable);
318 
319 #endif // PAL_USE_SSL_SESSION_RESUME
320 
330 void pal_setDTLSSocketCallback(palTLSConfHandle_t palTLSConf, palSocketCallback_f callback, void *argument);
331 
332 #endif // _PAL_DTLS_H_
void pal_store_cid()
Stores CID context persistently for DTLS based setup.
int(* palEntropySource_f)(void *data, unsigned char *output, size_t len, size_t *olen)
This callback is useful ONLY when mbed TLS is used as TLS platform library.
Definition: pal_TLS.h:73
palStatus_t pal_initTLS(palTLSConfHandle_t palTLSConf, palTLSHandle_t *palTLSHandle, bool is_server_ping)
Initiate a new TLS context.
palStatus_t pal_sslSetDebugging(palTLSConfHandle_t palTLSConf, uint8_t turnOn)
Turn the debugging on or off for the given TLS library configuration handle. The logs are sent via th...
palStatus_t pal_initTLSConfiguration(palTLSConfHandle_t *palTLSConf, palTLSTransportMode_t transportationMode)
Initiate a new configuration context.
palStatus_t pal_sslDebugging(uint8_t turnOn)
Definition: pal_TLS.h:48
palTLSTranportMode
Definition: pal_TLS.h:41
palStatus_t pal_handShake_ping(palTLSHandle_t palTLSHandle)
DTLS ping to Cloud to check connectivity status.
uintptr_t palTLSConfHandle_t
Definition: pal_TLS.h:39
palStatus_t pal_setCAChain(palTLSConfHandle_t palTLSConf, palX509_t *caChain, palX509CRL_t *caCRL)
Set the data required to verify the peer certificate.
uintptr_t palTLSHandle_t
Definition: pal_TLS.h:38
palStatus_t pal_initTLSLibrary(void)
Initiate the TLS library.
uint32_t palSocketLength_t
The length of data.
Definition: pal_network.h:43
palSocketLength_t addressLength
Definition: pal_TLS.h:51
palStatus_t pal_setHandShakeTimeOut(palTLSConfHandle_t palTLSConf, uint32_t minTimeout, uint32_t maxTimeout)
Set the retransmit timeout values for the DTLS handshake. DTLS only, no effect on TLS...
palStatus_t pal_setPSK(palTLSConfHandle_t palTLSConf, const unsigned char *identity, uint32_t maxIdentityLenInBytes, const unsigned char *psk, uint32_t maxPskLenInBytes)
Set the Pre-Shared Key (PSK) and the expected identity name.
palStatus_t pal_setOwnCertChain(palTLSConfHandle_t palTLSConf, palX509_t *ownCert)
Set your own certificate chain.
struct palTLSBuffer palTLSBuffer_t
void * palSocket_t
PAL socket handle type.
Definition: pal_network.h:44
palStatus_t pal_setOwnPrivateKey(palTLSConfHandle_t palTLSConf, palPrivateKey_t *privateKey)
Set your own private key.
const void * buffer
Definition: pal_TLS.h:57
palStatus_t pal_addEntropySource(palEntropySource_f entropyCallback)
Add an entropy source to the TLS/DTLS library. NOT available in all TLS/DTLS platforms, see note.
palStatus_t pal_initPrivateKey(const void *buf, size_t buf_size, palPrivateKey_t *privateKey)
void pal_remove_cid()
Removes CID context for DTLS based setup.
palSocketAddress_t * socketAddress
Definition: pal_TLS.h:50
Definition: pal_TLS.h:56
palTLSBuffer_t palPrivateKey_t
Definition: pal_TLS.h:66
palStatus_t pal_sslWrite(palTLSHandle_t palTLSHandle, palTLSConfHandle_t palTLSConf, const void *buffer, uint32_t len, uint32_t *bytesWritten)
Write the exact length of application data bytes.
enum palTLSTranportMode palTLSTransportMode_t
void(* palSocketCallback_f)(void *)
Definition: pal_TLS.h:75
struct palTLSSocket palTLSSocket_t
palStatus_t pal_handShake(palTLSHandle_t palTLSHandle, palTLSConfHandle_t palTLSConf)
Perform the TLS handshake. This function is blocking.
uint32_t size
Definition: pal_TLS.h:58
palStatus_t pal_tlsSetSocket(palTLSConfHandle_t palTLSConf, palTLSSocket_t *socket)
Set the socket used by the TLS configuration context.
palStatus_t pal_cleanupTLS(void)
Free resources for the TLS library.
palStatus_t pal_tlsConfigurationFree(palTLSConfHandle_t *palTLSConf)
Destroy and free the resources of the TLS configurtion context.
void pal_setDTLSSocketCallback(palTLSConfHandle_t palTLSConf, palSocketCallback_f callback, void *argument)
Set the socket callback function pointer for the DTLS handshake retransmission. DTLS only...
palStatus_t pal_freeTLS(palTLSHandle_t *palTLSHandle)
Destroy and free the resources of the TLS context.
palSocket_t socket
Definition: pal_TLS.h:49
palTLSTransportMode_t transportationMode
Definition: pal_TLS.h:52
palTLSBuffer_t palX509_t
Definition: pal_TLS.h:61
Definition: pal_TLS.h:45
bool pal_is_cid_available()
Status of CID availability in client.
int32_t palStatus_t
Definition: pal_types.h:55
palTLSBuffer_t palX509CRL_t
Definition: pal_TLS.h:62
Definition: pal_network.h:48
palStatus_t pal_sslRead(palTLSHandle_t palTLSHandle, void *buffer, uint32_t len, uint32_t *actualLen)
Read the application data bytes (the max number of bytes).