esp-idf/components/esp-tls/esp-tls.h

#ifndef _ESP_TLS_H_
#define _ESP_TLS_H_

#include <stdbool.h>
#include <sys/socket.h>
#include <openssl/ssl.h>

#ifdef __cplusplus
extern "C" {
#endif

struct esp_tls_cfg {
    /* If HTTP2/ALPN support is required, a list of protocols that
     * should be negotiated. The format is length followed by protocol
     * name.
     * For the most common cases the following is ok:
     * "\x02h2"
     * - where the first '2' is the length of the protocol and
     * - the subsequent 'h2' is the protocol name
     */
    const unsigned char *alpn_protos;
    const unsigned char *cacert_pem_buf;
    const unsigned int cacert_pem_bytes;
};

struct esp_tls {
    SSL_CTX  *ctx;
    SSL      *ssl;
    int       sockfd;
    ssize_t (*read)(struct esp_tls *tls, char *data, size_t datalen);
    ssize_t (*write)(struct esp_tls *tls, const char *data, size_t datalen);
};

/*
 *
 * cfg: If you wish to open non-TLS connection, keep this NULL. For TLS
 * connection, a pass pointer to 'struct esp_tls_cfg'. At a minimum, this
 * structure should be zero-initialized.
 */
struct esp_tls *esp_tls_conn_new(const char *hostname, int hostlen, int port, struct esp_tls_cfg *cfg);

/* Convenience API for HTTP URIs */
struct esp_tls *esp_tls_conn_http_new(const char *url, struct esp_tls_cfg *cfg);
    
static inline ssize_t esp_tls_conn_write(struct esp_tls *tls, const char *data, size_t datalen)
{
    return tls->write(tls, data, datalen);
}

static inline ssize_t esp_tls_conn_read(struct esp_tls *tls, char *data, size_t datalen)
{
    return tls->read(tls, data, datalen);
}

void esp_tls_conn_delete(struct esp_tls *tls);

#ifdef __cplusplus
}
#endif

#endif /* ! _ESP_TLS_H_ */
esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`#ifndef _ESP_TLS_H_`
			`#define _ESP_TLS_H_`

			`#include <stdbool.h>`
			`#include <sys/socket.h>`
			`#include <openssl/ssl.h>`

Supports TLS with HTTP2 client 2017-11-30 01:05:34 -05:00			`#ifdef __cplusplus`
			`extern "C" {`
			`#endif`

			`struct esp_tls_cfg {`
			`/* If HTTP2/ALPN support is required, a list of protocols that`
			`* should be negotiated. The format is length followed by protocol`
			`* name.`
			`* For the most common cases the following is ok:`
			`* "\x02h2"`
			`* - where the first '2' is the length of the protocol and`
			`* - the subsequent 'h2' is the protocol name`
			`*/`
			`const unsigned char *alpn_protos;`
CA Certificate verification 2018-02-12 13:08:51 -05:00			`const unsigned char *cacert_pem_buf;`
			`const unsigned int cacert_pem_bytes;`
Supports TLS with HTTP2 client 2017-11-30 01:05:34 -05:00			`};`

esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`struct esp_tls {`
Make read/write function pointers as per Ivan's feedback 2017-11-17 05:19:12 -05:00			`SSL_CTX *ctx;`
			`SSL *ssl;`
			`int sockfd;`
			`ssize_t (read)(struct esp_tls tls, char *data, size_t datalen);`
			`ssize_t (write)(struct esp_tls tls, const char *data, size_t datalen);`
esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`};`

Supports TLS with HTTP2 client 2017-11-30 01:05:34 -05:00			`/*`
			`*`
			`* cfg: If you wish to open non-TLS connection, keep this NULL. For TLS`
			`* connection, a pass pointer to 'struct esp_tls_cfg'. At a minimum, this`
			`* structure should be zero-initialized.`
			`*/`
			`struct esp_tls esp_tls_conn_new(const char hostname, int hostlen, int port, struct esp_tls_cfg *cfg);`
esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00
Use esp-tls in the http2 example 2018-02-03 23:32:31 -05:00			`/* Convenience API for HTTP URIs */`
			`struct esp_tls esp_tls_conn_http_new(const char url, struct esp_tls_cfg *cfg);`

esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`static inline ssize_t esp_tls_conn_write(struct esp_tls tls, const char data, size_t datalen)`
			`{`
Make read/write function pointers as per Ivan's feedback 2017-11-17 05:19:12 -05:00			`return tls->write(tls, data, datalen);`
esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`}`

			`static inline ssize_t esp_tls_conn_read(struct esp_tls tls, char data, size_t datalen)`
			`{`
Make read/write function pointers as per Ivan's feedback 2017-11-17 05:19:12 -05:00			`return tls->read(tls, data, datalen);`
esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`}`

			`void esp_tls_conn_delete(struct esp_tls *tls);`

Supports TLS with HTTP2 client 2017-11-30 01:05:34 -05:00			`#ifdef __cplusplus`
			`}`
			`#endif`

esp-tls: Basic structure Purpose: 1. TLS calls can be too many, and require a user to know the expected behaviour. A simple TLS socket wrapper that can be used in any higher level protocol. 2. Uses OpenSSL compatibility layer, so applications using esp-tls can be built on the host, and it should just work on ESP 2018-02-02 22:31:45 -05:00			`#endif /* ! _ESP_TLS_H_ */`