2021-05-31 08:06:09 -04:00
/*
2023-07-27 06:10:03 -04:00
* SPDX - FileCopyrightText : 2018 - 2023 Espressif Systems ( Shanghai ) CO LTD
2021-05-31 08:06:09 -04:00
*
* SPDX - License - Identifier : Apache - 2.0
*/
2018-10-31 18:17:00 -04:00
# ifndef _ESP_HTTPS_SERVER_H_
# define _ESP_HTTPS_SERVER_H_
# include <stdbool.h>
# include "esp_err.h"
# include "esp_http_server.h"
2021-10-08 04:49:57 -04:00
# include "esp_tls.h"
2018-10-31 18:17:00 -04:00
2018-12-31 00:52:42 -05:00
# ifdef __cplusplus
extern " C " {
# endif
2018-11-12 03:49:20 -05:00
typedef enum {
HTTPD_SSL_TRANSPORT_SECURE , // SSL Enabled
HTTPD_SSL_TRANSPORT_INSECURE // SSL disabled
} httpd_ssl_transport_mode_t ;
2022-03-29 02:08:34 -04:00
/**
* @ brief Indicates the state at which the user callback is executed ,
* i . e at session creation or session close
*/
typedef enum {
HTTPD_SSL_USER_CB_SESS_CREATE ,
HTTPD_SSL_USER_CB_SESS_CLOSE
} httpd_ssl_user_cb_state_t ;
2021-10-08 04:49:57 -04:00
/**
* @ brief Callback data struct , contains the ESP - TLS connection handle
2022-03-29 02:08:34 -04:00
* and the connection state at which the callback is executed
2021-10-08 04:49:57 -04:00
*/
typedef struct esp_https_server_user_cb_arg {
2022-05-11 03:52:09 -04:00
httpd_ssl_user_cb_state_t user_cb_state ; /*!< State of user callback */
esp_tls_t * tls ; /*!< ESP-TLS connection handle */
2021-10-08 04:49:57 -04:00
} esp_https_server_user_cb_arg_t ;
/**
* @ brief Callback function prototype
* Can be used to get connection or client information ( SSL context )
* E . g . Client certificate , Socket FD , Connection state , etc .
*
* @ param user_cb Callback data struct
*/
typedef void esp_https_server_user_cb ( esp_https_server_user_cb_arg_t * user_cb ) ;
2018-10-31 18:17:00 -04:00
/**
* HTTPS server config struct
*
* Please use HTTPD_SSL_CONFIG_DEFAULT ( ) to initialize it .
*/
struct httpd_ssl_config {
/**
* Underlying HTTPD server config
*
* Parameters like task stack size and priority can be adjusted here .
*/
httpd_config_t httpd ;
2022-01-24 23:33:31 -05:00
/** Server certificate */
const uint8_t * servercert ;
/** Server certificate byte length */
size_t servercert_len ;
/** CA certificate ((CA used to sign clients, or client cert itself) */
2018-10-31 18:17:00 -04:00
const uint8_t * cacert_pem ;
/** CA certificate byte length */
size_t cacert_len ;
/** Private key */
const uint8_t * prvtkey_pem ;
/** Private key byte length */
size_t prvtkey_len ;
2023-07-27 06:10:03 -04:00
/** Use ECDSA peripheral to use private key */
bool use_ecdsa_peripheral ;
/** The efuse block where ECDSA key is stored */
uint8_t ecdsa_key_efuse_blk ;
2018-11-12 03:49:20 -05:00
/** Transport Mode (default secure) */
httpd_ssl_transport_mode_t transport_mode ;
2018-10-31 18:17:00 -04:00
2018-11-12 03:49:20 -05:00
/** Port used when transport mode is secure (default 443) */
2018-10-31 18:17:00 -04:00
uint16_t port_secure ;
2018-11-12 03:49:20 -05:00
/** Port used when transport mode is insecure (default 80) */
2018-10-31 18:17:00 -04:00
uint16_t port_insecure ;
2021-05-19 11:16:59 -04:00
/** Enable tls session tickets */
bool session_tickets ;
2021-10-08 04:49:57 -04:00
2022-03-27 05:01:30 -04:00
/** Enable secure element for server session */
bool use_secure_element ;
2021-10-08 04:49:57 -04:00
/** User callback for esp_https_server */
esp_https_server_user_cb * user_cb ;
2022-09-26 10:14:09 -04:00
void * ssl_userdata ; /*!< user data to add to the ssl context */
2023-10-10 06:57:59 -04:00
# if CONFIG_ESP_TLS_SERVER_CERT_SELECT_HOOK
2022-10-21 03:21:31 -04:00
esp_tls_handshake_callback cert_select_cb ; /*!< Certificate selection callback to use */
2023-10-10 06:57:59 -04:00
# endif
2022-11-07 09:27:00 -05:00
const char * * alpn_protos ; /*!< Application protocols the server supports in order of prefernece. Used for negotiating during the TLS handshake, first one the client supports is selected. The data structure must live as long as the https server itself! */
2018-10-31 18:17:00 -04:00
} ;
typedef struct httpd_ssl_config httpd_ssl_config_t ;
2023-10-10 06:57:59 -04:00
/* Macro kept for compatibility reasons */
# define HTTPD_SSL_CONFIG_DEFAULT httpd_ssl_config_default
2018-10-31 18:17:00 -04:00
/**
2023-10-10 06:57:59 -04:00
* Returns the httpd config struct with default initialisation
2018-10-31 18:17:00 -04:00
*
2023-10-10 06:57:59 -04:00
* @ return
* httpd_ssl_config_t HTTPD ssl config struct
* with default initialisation
2018-10-31 18:17:00 -04:00
* Notes :
2018-11-12 03:49:20 -05:00
* - port is set when starting the server , according to ' transport_mode '
2018-10-31 18:17:00 -04:00
* - one socket uses ~ 40 kB RAM with SSL , we reduce the default socket count to 4
* - SSL sockets are usually long - lived , closing LRU prevents pool exhaustion DOS
* - Stack size may need adjustments depending on the user application
*/
2023-10-10 06:57:59 -04:00
httpd_ssl_config_t httpd_ssl_config_default ( void ) ;
2018-10-31 18:17:00 -04:00
/**
* Create a SSL capable HTTP server ( secure mode may be disabled in config )
*
* @ param [ in , out ] config - server config , must not be const . Does not have to stay valid after
* calling this function .
* @ param [ out ] handle - storage for the server handle , must be a valid pointer
* @ return success
*/
esp_err_t httpd_ssl_start ( httpd_handle_t * handle , httpd_ssl_config_t * config ) ;
/**
* Stop the server . Blocks until the server is shut down .
*
* @ param [ in ] handle
2022-05-11 02:07:42 -04:00
* @ return
* - ESP_OK : Server stopped successfully
* - ESP_ERR_INVALID_ARG : Invalid argument
* - ESP_FAIL : Failure to shut down server
2018-10-31 18:17:00 -04:00
*/
2022-04-22 06:19:27 -04:00
esp_err_t httpd_ssl_stop ( httpd_handle_t handle ) ;
2018-10-31 18:17:00 -04:00
2018-12-31 00:52:42 -05:00
# ifdef __cplusplus
}
# endif
2018-10-31 18:17:00 -04:00
# endif // _ESP_HTTPS_SERVER_H_