diff --git a/docs/html/_s_s_l_client_8h.html b/docs/html/_s_s_l_client_8h.html index 945261d..df7d798 100644 --- a/docs/html/_s_s_l_client_8h.html +++ b/docs/html/_s_s_l_client_8h.html @@ -98,6 +98,7 @@ $(document).ready(function(){initNavTree('_s_s_l_client_8h.html','');}); #include "SSLClientImpl.h"
#include "SSLSession.h"
#include "SSLClientParameters.h"
+#include "SSLObj.h"

Go to the source code of this file.

diff --git a/docs/html/_s_s_l_client_8h_source.html b/docs/html/_s_s_l_client_8h_source.html index 090a4ef..69d4620 100644 --- a/docs/html/_s_s_l_client_8h_source.html +++ b/docs/html/_s_s_l_client_8h_source.html @@ -91,53 +91,55 @@ $(document).ready(function(){initNavTree('_s_s_l_client_8h_source.html','');});
SSLClient.h
-Go to the documentation of this file.
1 /* Copyright 2019 OSU OPEnS Lab
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy of this
4  * software and associated documentation files (the "Software"), to deal in the Software
5  * without restriction, including without limitation the rights to use, copy, modify,
6  * merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
7  * permit persons to whom the Software is furnished to do so, subject to the following
8  * conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in all
11  * copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
14  * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
15  * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
16  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
17  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
18  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19  */
20 
21 #include "Client.h"
22 #include "SSLClientImpl.h"
23 #include "SSLSession.h"
24 #include "SSLClientParameters.h"
25 
26 #ifndef SSLClient_H_
27 #define SSLClient_H_
28 
34 template <class C, size_t SessionCache = 1>
35 class SSLClient : public SSLClientImpl {
36 /*
37  * static checks
38  * I'm a java developer, so I want to ensure that my inheritance is safe.
39  * These checks ensure that all the functions we use on class C are
40  * actually present on class C. It does this by checking that the
41  * class inherits from Client.
42  *
43  * Additionally, I ran into a lot of memory issues with large sessions caches.
44  * Since each session contains at max 352 bytes of memory, they eat of the
45  * stack quite quickly and can cause overflows. As a result, I have added a
46  * warning here to discourage the use of more than 3 sessions at a time. Any
47  * amount past that will require special modification of this library, and
48  * assumes you know what you are doing.
49  */
50 static_assert(SessionCache > 0 && SessionCache < 255, "There can be no less than one and no more than 255 sessions in the cache!");
51 static_assert(SessionCache <= 3, "You need to decrease the size of m_iobuf in order to have more than 3 sessions at once, otherwise memory issues will occur.");
52 
53 public:
71  explicit SSLClient( const C& client,
72  const br_x509_trust_anchor *trust_anchors,
73  const size_t trust_anchors_num,
74  const int analog_pin,
75  const DebugLevel debug = SSL_WARN)
76  : SSLClientImpl(trust_anchors, trust_anchors_num, analog_pin, debug)
77  , m_client(client)
78  , m_sessions{}
79  {
80  // set the timeout to a reasonable number (it can always be changes later)
81  // SSL Connections take a really long time so we don't want to time out a legitimate thing
82  setTimeout(30 * 1000);
83  }
84 
89  explicit SSLClient( const C& client,
90  const br_x509_trust_anchor *trust_anchors,
91  const size_t trust_anchors_num,
92  const int analog_pin,
93  const DebugLevel debug,
94  const SSLClientParameters* mutual_auth_params)
95  : SSLClientImpl(trust_anchors, trust_anchors_num, analog_pin, debug, mutual_auth_params)
96  , m_client(client)
97  , m_sessions{}
98  {
99  // set the timeout to a reasonable number (it can always be changes later)
100  // SSL Connections take a really long time so we don't want to time out a legitimate thing
101  setTimeout(30 * 1000);
102  }
103 
104  //========================================
105  //= Functions implemented in SSLClientImpl
106  //========================================
107 
147  int connect(IPAddress ip, uint16_t port) override { return connect_impl(ip, port); }
148 
185  int connect(const char *host, uint16_t port) override { return connect_impl(host, port); }
186 
188  size_t write(uint8_t b) override { return write_impl(&b, 1); }
212  size_t write(const uint8_t *buf, size_t size) override { return write_impl(buf, size); }
213 
232  int available() override { return available_impl(); }
233 
238  int read() override { uint8_t read_val; return read(&read_val, 1) > 0 ? read_val : -1; };
260  int read(uint8_t *buf, size_t size) override { return read_impl(buf, size); }
261 
270  int peek() override { return peek_impl(); }
271 
279  void flush() override { return flush_impl(); }
280 
289  void stop() override { return stop_impl(); }
290 
304  uint8_t connected() override { return connected_impl(); }
305 
306  //========================================
307  //= Functions Not in the Client Interface
308  //========================================
309 
324  SSLSession& getSession(const char* host, const IPAddress& addr) { return get_session_impl(host, addr); }
325 
334  void removeSession(const char* host, const IPAddress& addr) { return remove_session_impl(host, addr); }
335 
341  size_t getSessionCount() const override { return SessionCache; }
342 
348  operator bool() { return connected() > 0; }
350  bool operator==(const bool value) { return bool() == value; }
352  bool operator!=(const bool value) { return bool() != value; }
354  bool operator==(const C& rhs) { return m_client == rhs; }
356  bool operator!=(const C& rhs) { return m_client != rhs; }
358  uint16_t localPort() override { return m_client.localPort(); }
360  IPAddress remoteIP() override { return m_client.remoteIP(); }
362  uint16_t remotePort() override { return m_client.remotePort(); }
363 
365  C& getClient() { return m_client; }
366 
367 protected:
369  Client& get_arduino_client() override { return m_client; }
370  const Client& get_arduino_client() const override { return m_client; }
372  SSLSession* get_session_array() override { return m_sessions; }
373  const SSLSession* get_session_array() const override { return m_sessions; }
374 
375 private:
376  // create a copy of the client
377  C m_client;
378  // also store an array of SSLSessions, so we can resume communication with multiple websites
379  SSLSession m_sessions[SessionCache];
380 };
381 
382 #endif
SSLClientImpl::write_impl
size_t write_impl(const uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:147
-
SSLClient::get_session_array
const SSLSession * get_session_array() const override
Definition: SSLClient.h:373
-
SSLClient::remoteIP
IPAddress remoteIP() override
Returns the remote IP, if C::remoteIP exists.
Definition: SSLClient.h:360
-
SSLClient::write
size_t write(uint8_t b) override
Definition: SSLClient.h:188
+Go to the documentation of this file.
1 /* Copyright 2019 OSU OPEnS Lab
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy of this
4  * software and associated documentation files (the "Software"), to deal in the Software
5  * without restriction, including without limitation the rights to use, copy, modify,
6  * merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
7  * permit persons to whom the Software is furnished to do so, subject to the following
8  * conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in all
11  * copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
14  * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
15  * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
16  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
17  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
18  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19  */
20 
21 #include "Client.h"
22 #include "SSLClientImpl.h"
23 #include "SSLSession.h"
24 #include "SSLClientParameters.h"
25 #include "SSLObj.h"
26 
27 #ifndef SSLClient_H_
28 #define SSLClient_H_
29 
35 template <class C, size_t SessionCache = 1>
36 class SSLClient : public SSLClientImpl {
37 /*
38  * static checks
39  * I'm a java developer, so I want to ensure that my inheritance is safe.
40  * These checks ensure that all the functions we use on class C are
41  * actually present on class C. It does this by checking that the
42  * class inherits from Client.
43  *
44  * Additionally, I ran into a lot of memory issues with large sessions caches.
45  * Since each session contains at max 352 bytes of memory, they eat of the
46  * stack quite quickly and can cause overflows. As a result, I have added a
47  * warning here to discourage the use of more than 3 sessions at a time. Any
48  * amount past that will require special modification of this library, and
49  * assumes you know what you are doing.
50  */
51 static_assert(SessionCache > 0 && SessionCache < 255, "There can be no less than one and no more than 255 sessions in the cache!");
52 static_assert(SessionCache <= 3, "You need to decrease the size of m_iobuf in order to have more than 3 sessions at once, otherwise memory issues will occur.");
53 
54 public:
72  explicit SSLClient( const C& client,
73  const br_x509_trust_anchor *trust_anchors,
74  const size_t trust_anchors_num,
75  const int analog_pin,
76  const DebugLevel debug = SSL_WARN)
77  : SSLClientImpl(trust_anchors, trust_anchors_num, analog_pin, debug)
78  , m_client(client)
79  , m_sessions{}
80  {
81  // set the timeout to a reasonable number (it can always be changes later)
82  // SSL Connections take a really long time so we don't want to time out a legitimate thing
83  setTimeout(30 * 1000);
84  }
85 
86  //========================================
87  //= Functions implemented in SSLClientImpl
88  //========================================
89 
129  int connect(IPAddress ip, uint16_t port) override { return connect_impl(ip, port); }
130 
167  int connect(const char *host, uint16_t port) override { return connect_impl(host, port); }
168 
170  size_t write(uint8_t b) override { return write_impl(&b, 1); }
194  size_t write(const uint8_t *buf, size_t size) override { return write_impl(buf, size); }
195 
214  int available() override { return available_impl(); }
215 
220  int read() override { uint8_t read_val; return read(&read_val, 1) > 0 ? read_val : -1; };
242  int read(uint8_t *buf, size_t size) override { return read_impl(buf, size); }
243 
252  int peek() override { return peek_impl(); }
253 
261  void flush() override { return flush_impl(); }
262 
271  void stop() override { return stop_impl(); }
272 
286  uint8_t connected() override { return connected_impl(); }
287 
288  //========================================
289  //= Functions Not in the Client Interface
290  //========================================
291 
297  void setMutualAuthParams(const SSLClientParameters* params) { return set_mutual_impl(params); }
298 
313  SSLSession& getSession(const char* host, const IPAddress& addr) { return get_session_impl(host, addr); }
314 
323  void removeSession(const char* host, const IPAddress& addr) { return remove_session_impl(host, addr); }
324 
330  size_t getSessionCount() const override { return SessionCache; }
331 
337  operator bool() { return connected() > 0; }
339  bool operator==(const bool value) { return bool() == value; }
341  bool operator!=(const bool value) { return bool() != value; }
343  bool operator==(const C& rhs) { return m_client == rhs; }
345  bool operator!=(const C& rhs) { return m_client != rhs; }
347  uint16_t localPort() override { return m_client.localPort(); }
349  IPAddress remoteIP() override { return m_client.remoteIP(); }
351  uint16_t remotePort() override { return m_client.remotePort(); }
352 
354  C& getClient() { return m_client; }
355 
356 protected:
358  Client& get_arduino_client() override { return m_client; }
359  const Client& get_arduino_client() const override { return m_client; }
361  SSLSession* get_session_array() override { return m_sessions; }
362  const SSLSession* get_session_array() const override { return m_sessions; }
363 
364 private:
365  // create a copy of the client
366  C m_client;
367  // also store an array of SSLSessions, so we can resume communication with multiple websites
368  SSLSession m_sessions[SessionCache];
369 };
370 
371 #endif
SSLClient::setMutualAuthParams
void setMutualAuthParams(const SSLClientParameters *params)
Add a client certificate and enable support for mutual auth.
Definition: SSLClient.h:297
+
SSLClientImpl::write_impl
size_t write_impl(const uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:130
+
SSLClient::get_session_array
const SSLSession * get_session_array() const override
Definition: SSLClient.h:362
+
SSLClient::remoteIP
IPAddress remoteIP() override
Returns the remote IP, if C::remoteIP exists.
Definition: SSLClient.h:349
+
SSLClient::write
size_t write(uint8_t b) override
Definition: SSLClient.h:170
SSL_WARN
Definition: SSLClientImpl.h:66
-
SSLClientImpl::get_session_impl
SSLSession & get_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:305
+
SSLClientImpl::get_session_impl
SSLSession & get_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:286
SSLSession
This class stores values which allow SSLClient to save and resume SSL sessions.
Definition: SSLSession.h:52
-
SSLClient::SSLClient
SSLClient(const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)
Definition: SSLClient.h:89
-
SSLClient::operator!=
bool operator!=(const C &rhs)
Returns whether or not two SSLClient objects do not have the same underlying client object.
Definition: SSLClient.h:356
-
SSLClient::available
int available() override
Returns the number of bytes available to read from the data that has been received and decrypted.
Definition: SSLClient.h:232
-
SSLClient::getClient
C & getClient()
Returns a reference to the client object stored in this class. Take care not to break it.
Definition: SSLClient.h:365
-
SSLClientImpl::peek_impl
int peek_impl()
Definition: SSLClientImpl.cpp:226
+
SSLClient::operator!=
bool operator!=(const C &rhs)
Returns whether or not two SSLClient objects do not have the same underlying client object.
Definition: SSLClient.h:345
+
SSLClient::available
int available() override
Returns the number of bytes available to read from the data that has been received and decrypted.
Definition: SSLClient.h:214
+
SSLClient::getClient
C & getClient()
Returns a reference to the client object stored in this class. Take care not to break it.
Definition: SSLClient.h:354
+
SSLClientImpl::peek_impl
int peek_impl()
Definition: SSLClientImpl.cpp:209
SSLClientParameters
This struct stores data required for SSLClient to use mutual authentication.
Definition: SSLClientParameters.h:52
-
SSLClient::flush
void flush() override
Force writing the buffered bytes from SSLClient::write to the network.
Definition: SSLClient.h:279
-
SSLClient
The main SSLClient class. Check out README.md for more info.
Definition: SSLClient.h:35
-
SSLClient::operator!=
bool operator!=(const bool value)
Definition: SSLClient.h:352
-
SSLClient::stop
void stop() override
Close the connection.
Definition: SSLClient.h:289
-
SSLClient::write
size_t write(const uint8_t *buf, size_t size) override
Write some bytes to the SSL connection.
Definition: SSLClient.h:212
-
SSLClient::SSLClient
SSLClient(const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug=SSL_WARN)
Initialize SSLClient with all of the prerequisites needed.
Definition: SSLClient.h:71
-
SSLClient::peek
int peek() override
View the first byte of the buffer, without removing it from the SSLClient Buffer.
Definition: SSLClient.h:270
-
SSLClientImpl::available_impl
int available_impl()
Definition: SSLClientImpl.cpp:190
-
SSLClient::operator==
bool operator==(const C &rhs)
Returns whether or not two SSLClient objects have the same underlying client object.
Definition: SSLClient.h:354
-
SSLClientImpl::read_impl
int read_impl(uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:211
-
SSLClient::get_session_array
SSLSession * get_session_array() override
Returns an instance of the session array that is on the stack.
Definition: SSLClient.h:372
-
SSLClientImpl::remove_session_impl
void remove_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:324
-
SSLClient::get_arduino_client
Client & get_arduino_client() override
Returns an instance of m_client that is polymorphic and can be used by SSLClientImpl.
Definition: SSLClient.h:369
-
SSLClient::localPort
uint16_t localPort() override
Returns the local port, if C::localPort exists.
Definition: SSLClient.h:358
+
SSLClient::flush
void flush() override
Force writing the buffered bytes from SSLClient::write to the network.
Definition: SSLClient.h:261
+
SSLClient
The main SSLClient class. Check out README.md for more info.
Definition: SSLClient.h:36
+
SSLClient::operator!=
bool operator!=(const bool value)
Definition: SSLClient.h:341
+
SSLClient::stop
void stop() override
Close the connection.
Definition: SSLClient.h:271
+
SSLClient::write
size_t write(const uint8_t *buf, size_t size) override
Write some bytes to the SSL connection.
Definition: SSLClient.h:194
+
SSLClient::SSLClient
SSLClient(const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug=SSL_WARN)
Initialize SSLClient with all of the prerequisites needed.
Definition: SSLClient.h:72
+
SSLClient::peek
int peek() override
View the first byte of the buffer, without removing it from the SSLClient Buffer.
Definition: SSLClient.h:252
+
SSLClientImpl::available_impl
int available_impl()
Definition: SSLClientImpl.cpp:173
+
SSLClient::operator==
bool operator==(const C &rhs)
Returns whether or not two SSLClient objects have the same underlying client object.
Definition: SSLClient.h:343
+
SSLClientImpl::read_impl
int read_impl(uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:194
+
SSLClient::get_session_array
SSLSession * get_session_array() override
Returns an instance of the session array that is on the stack.
Definition: SSLClient.h:361
+
SSLClientImpl::remove_session_impl
void remove_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:305
+
SSLClient::get_arduino_client
Client & get_arduino_client() override
Returns an instance of m_client that is polymorphic and can be used by SSLClientImpl.
Definition: SSLClient.h:358
+
SSLClient::localPort
uint16_t localPort() override
Returns the local port, if C::localPort exists.
Definition: SSLClient.h:347
SSLClientImpl.h
-
SSLClient::read
int read() override
Read a single byte, or -1 if none is available.
Definition: SSLClient.h:238
+
SSLClientImpl::set_mutual_impl
void set_mutual_impl(const SSLClientParameters *params)
Definition: SSLClientImpl.cpp:316
+
SSLClient::read
int read() override
Read a single byte, or -1 if none is available.
Definition: SSLClient.h:220
SSLClientParameters.h
-
SSLClient::connected
uint8_t connected() override
Check if the device is connected.
Definition: SSLClient.h:304
+
SSLClient::connected
uint8_t connected() override
Check if the device is connected.
Definition: SSLClient.h:286
SSLSession.h
-
SSLClient::get_arduino_client
const Client & get_arduino_client() const override
Definition: SSLClient.h:370
-
SSLClient::connect
int connect(const char *host, uint16_t port) override
Connect over SSL to a host specified by a hostname.
Definition: SSLClient.h:185
-
SSLClient::operator==
bool operator==(const bool value)
Definition: SSLClient.h:350
-
SSLClient::remotePort
uint16_t remotePort() override
Returns the remote port, if C::remotePort exists. Else return 0.
Definition: SSLClient.h:362
-
SSLClientImpl::connect_impl
int connect_impl(IPAddress ip, uint16_t port)
Definition: SSLClientImpl.cpp:90
-
SSLClient::getSessionCount
size_t getSessionCount() const override
Get the maximum number of SSL sessions that can be stored at once.
Definition: SSLClient.h:341
-
SSLClientImpl::stop_impl
void stop_impl()
Definition: SSLClientImpl.cpp:246
-
SSLClientImpl::flush_impl
void flush_impl()
Definition: SSLClientImpl.cpp:238
+
SSLClient::get_arduino_client
const Client & get_arduino_client() const override
Definition: SSLClient.h:359
+
SSLClient::connect
int connect(const char *host, uint16_t port) override
Connect over SSL to a host specified by a hostname.
Definition: SSLClient.h:167
+
SSLClient::operator==
bool operator==(const bool value)
Definition: SSLClient.h:339
+
SSLClient::remotePort
uint16_t remotePort() override
Returns the remote port, if C::remotePort exists. Else return 0.
Definition: SSLClient.h:351
+
SSLClientImpl::connect_impl
int connect_impl(IPAddress ip, uint16_t port)
Definition: SSLClientImpl.cpp:73
+
SSLClient::getSessionCount
size_t getSessionCount() const override
Get the maximum number of SSL sessions that can be stored at once.
Definition: SSLClient.h:330
+
SSLClientImpl::stop_impl
void stop_impl()
Definition: SSLClientImpl.cpp:227
+
SSLClientImpl::flush_impl
void flush_impl()
Definition: SSLClientImpl.cpp:221
+
SSLObj.h
SSLClientImpl
Implementation code to be inherited by SSLClient.
Definition: SSLClientImpl.h:72
-
SSLClient::removeSession
void removeSession(const char *host, const IPAddress &addr)
Clear the session corresponding to a host and IP.
Definition: SSLClient.h:334
-
SSLClientImpl::connected_impl
uint8_t connected_impl()
Definition: SSLClientImpl.cpp:274
-
SSLClient::getSession
SSLSession & getSession(const char *host, const IPAddress &addr)
Gets a session reference corresponding to a host and IP, or a reference to a empty session if none ex...
Definition: SSLClient.h:324
+
SSLClient::removeSession
void removeSession(const char *host, const IPAddress &addr)
Clear the session corresponding to a host and IP.
Definition: SSLClient.h:323
+
SSLClientImpl::connected_impl
uint8_t connected_impl()
Definition: SSLClientImpl.cpp:255
+
SSLClient::getSession
SSLSession & getSession(const char *host, const IPAddress &addr)
Gets a session reference corresponding to a host and IP, or a reference to a empty session if none ex...
Definition: SSLClient.h:313
DebugLevel
DebugLevel
Level of verbosity used in logging for SSLClient.
Definition: SSLClientImpl.h:60
-
SSLClient::read
int read(uint8_t *buf, size_t size) override
Read size bytes from the SSL client buffer, copying them into *buf, and return the number of bytes re...
Definition: SSLClient.h:260
-
SSLClient::connect
int connect(IPAddress ip, uint16_t port) override
Connect over SSL to a host specified by an IP address.
Definition: SSLClient.h:147
+
SSLClient::read
int read(uint8_t *buf, size_t size) override
Read size bytes from the SSL client buffer, copying them into *buf, and return the number of bytes re...
Definition: SSLClient.h:242
+
SSLClient::connect
int connect(IPAddress ip, uint16_t port) override
Connect over SSL to a host specified by an IP address.
Definition: SSLClient.h:129
diff --git a/docs/html/_s_s_l_client_impl_8h_source.html b/docs/html/_s_s_l_client_impl_8h_source.html index 6e50fd6..b7ff5ee 100644 --- a/docs/html/_s_s_l_client_impl_8h_source.html +++ b/docs/html/_s_s_l_client_impl_8h_source.html @@ -91,17 +91,17 @@ $(document).ready(function(){initNavTree('_s_s_l_client_impl_8h_source.html','')
SSLClientImpl.h
-Go to the documentation of this file.
1 /* Copyright 2019 OSU OPEnS Lab
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy of this
4  * software and associated documentation files (the "Software"), to deal in the Software
5  * without restriction, including without limitation the rights to use, copy, modify,
6  * merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
7  * permit persons to whom the Software is furnished to do so, subject to the following
8  * conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in all
11  * copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
14  * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
15  * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
16  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
17  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
18  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19  */
20 
21 #include "bearssl.h"
22 #include "Arduino.h"
23 #include "Client.h"
24 #include "SSLSession.h"
25 #include "SSLClientParameters.h"
26 
27 #ifndef SSLClientImpl_H_
28 #define SSLClientImpl_H_
29 
38 enum Error {
39  SSL_OK = 0,
41  SSL_CLIENT_CONNECT_FAIL,
43  SSL_BR_CONNECT_FAIL,
45  SSL_CLIENT_WRTIE_ERROR,
47  SSL_BR_WRITE_ERROR,
49  SSL_INTERNAL_ERROR,
51  SSL_OUT_OF_MEMORY
52 };
53 
60 enum DebugLevel {
62  SSL_NONE = 0,
64  SSL_ERROR = 1,
66  SSL_WARN = 2,
68  SSL_INFO = 3,
69 };
70 
72 class SSLClientImpl : public Client {
73 public:
75  explicit SSLClientImpl(const br_x509_trust_anchor *trust_anchors,
76  const size_t trust_anchors_num, const int analog_pin,
77  const DebugLevel debug);
78 
80  explicit SSLClientImpl(const br_x509_trust_anchor *trust_anchors,
81  const size_t trust_anchors_num, const int analog_pin,
82  const DebugLevel debug, const SSLClientParameters* mutual_auth_params);
83 
84  //============================================
85  //= Functions implemented in SSLClientImpl.cpp
86  //============================================
87 
89  int connect_impl(IPAddress ip, uint16_t port);
91  int connect_impl(const char *host, uint16_t port);
93  size_t write_impl(const uint8_t *buf, size_t size);
95  int available_impl();
97  int read_impl(uint8_t *buf, size_t size);
99  int peek_impl();
101  void flush_impl();
103  void stop_impl();
105  uint8_t connected_impl();
107  SSLSession& get_session_impl(const char* host, const IPAddress& addr);
109  void remove_session_impl(const char* host, const IPAddress& addr);
110 
111  //============================================
112  //= Functions implemented in SSLClient.h
113  //============================================
115  virtual uint16_t localPort() = 0;
117  virtual IPAddress remoteIP() = 0;
119  virtual uint16_t remotePort() = 0;
121  virtual size_t getSessionCount() const = 0;
122 
123 protected:
125  virtual Client& get_arduino_client() = 0;
126  virtual const Client& get_arduino_client() const = 0;
128  virtual SSLSession* get_session_array() = 0;
129  virtual const SSLSession* get_session_array() const = 0;
130 
131  //============================================
132  //= Functions implemented in SSLClientImpl.cpp
133  //============================================
134 
136  void m_print_prefix(const char* func_name, const DebugLevel level) const;
137 
139  void m_print_ssl_error(const int ssl_error, const DebugLevel level) const;
140 
142  void m_print_br_error(const unsigned br_error_code, const DebugLevel level) const;
143 
145  template<typename T>
146  void m_print(const T str, const char* func_name, const DebugLevel level) const {
147  // check the current debug level and serial status
148  if (level > m_debug || !Serial) return;
149  // print prefix
150  m_print_prefix(func_name, level);
151  // print the message
152  Serial.println(str);
153  }
154 
156  template<typename T>
157  void m_info(const T str, const char* func_name) const { m_print(str, func_name, SSL_INFO); }
158 
159  template<typename T>
160  void m_warn(const T str, const char* func_name) const { m_print(str, func_name, SSL_WARN); }
161 
162  template<typename T>
163  void m_error(const T str, const char* func_name) const { m_print(str, func_name, SSL_ERROR); }
164 
165 private:
167  bool m_soft_connected(const char* func_name);
169  int m_start_ssl(const char* host, SSLSession& ssl_ses);
171  int m_run_until(const unsigned target);
173  unsigned m_update_engine();
175  int m_get_session_index(const char* host, const IPAddress& addr) const;
176 
177  //============================================
178  //= Data Members
179  //============================================
180 
181  // store the pin to fetch an RNG see from
182  const int m_analog_pin;
183  // store an index of where a new session can be placed if we don't have any corresponding sessions
184  size_t m_session_index;
185  // store whether to enable debug logging
186  const DebugLevel m_debug;
187  // store if we are connected in bearssl or not
188  bool m_is_connected;
189  // store the context values required for SSL
190  br_ssl_client_context m_sslctx;
191  br_x509_minimal_context m_x509ctx;
192  // use a mono-directional buffer by default to cut memory in half
193  // can expand to a bi-directional buffer with maximum of BR_SSL_BUFSIZE_BIDI
194  // or shrink to below BR_SSL_BUFSIZE_MONO, and bearSSL will adapt automatically
195  // simply edit this value to change the buffer size to the desired value
196  // additionally, we need to correct buffer size based off of how many sessions we decide to cache
197  // since SSL takes so much memory if we don't it will cause the stack and heap to collide
205  unsigned char m_iobuf[2048];
206  // store the index of where we are writing in the buffer
207  // so we can send our records all at once to prevent
208  // weird timing issues
209  size_t m_write_idx;
210 };
211 
212 #endif /* SSLClientImpl_H_ */
SSLClientImpl::write_impl
size_t write_impl(const uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:147
+Go to the documentation of this file.
1 /* Copyright 2019 OSU OPEnS Lab
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy of this
4  * software and associated documentation files (the "Software"), to deal in the Software
5  * without restriction, including without limitation the rights to use, copy, modify,
6  * merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
7  * permit persons to whom the Software is furnished to do so, subject to the following
8  * conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in all
11  * copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
14  * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
15  * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
16  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
17  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
18  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19  */
20 
21 #include "bearssl.h"
22 #include "Arduino.h"
23 #include "Client.h"
24 #include "SSLSession.h"
25 #include "SSLClientParameters.h"
26 
27 #ifndef SSLClientImpl_H_
28 #define SSLClientImpl_H_
29 
38 enum Error {
39  SSL_OK = 0,
41  SSL_CLIENT_CONNECT_FAIL,
43  SSL_BR_CONNECT_FAIL,
45  SSL_CLIENT_WRTIE_ERROR,
47  SSL_BR_WRITE_ERROR,
49  SSL_INTERNAL_ERROR,
51  SSL_OUT_OF_MEMORY
52 };
53 
60 enum DebugLevel {
62  SSL_NONE = 0,
64  SSL_ERROR = 1,
66  SSL_WARN = 2,
68  SSL_INFO = 3,
69 };
70 
72 class SSLClientImpl : public Client {
73 public:
75  explicit SSLClientImpl(const br_x509_trust_anchor *trust_anchors,
76  const size_t trust_anchors_num, const int analog_pin,
77  const DebugLevel debug);
78 
80  explicit SSLClientImpl(const br_x509_trust_anchor *trust_anchors,
81  const size_t trust_anchors_num, const int analog_pin,
82  const DebugLevel debug, const SSLClientParameters* mutual_auth_params);
83 
84  //============================================
85  //= Functions implemented in SSLClientImpl.cpp
86  //============================================
87 
89  int connect_impl(IPAddress ip, uint16_t port);
91  int connect_impl(const char *host, uint16_t port);
93  size_t write_impl(const uint8_t *buf, size_t size);
95  int available_impl();
97  int read_impl(uint8_t *buf, size_t size);
99  int peek_impl();
101  void flush_impl();
103  void stop_impl();
105  uint8_t connected_impl();
107  SSLSession& get_session_impl(const char* host, const IPAddress& addr);
109  void remove_session_impl(const char* host, const IPAddress& addr);
111  void set_mutual_impl(const SSLClientParameters* params);
112  //============================================
113  //= Functions implemented in SSLClient.h
114  //============================================
116  virtual uint16_t localPort() = 0;
118  virtual IPAddress remoteIP() = 0;
120  virtual uint16_t remotePort() = 0;
122  virtual size_t getSessionCount() const = 0;
123 
124 protected:
126  virtual Client& get_arduino_client() = 0;
127  virtual const Client& get_arduino_client() const = 0;
129  virtual SSLSession* get_session_array() = 0;
130  virtual const SSLSession* get_session_array() const = 0;
131 
132  //============================================
133  //= Functions implemented in SSLClientImpl.cpp
134  //============================================
135 
137  void m_print_prefix(const char* func_name, const DebugLevel level) const;
138 
140  void m_print_ssl_error(const int ssl_error, const DebugLevel level) const;
141 
143  void m_print_br_error(const unsigned br_error_code, const DebugLevel level) const;
144 
146  template<typename T>
147  void m_print(const T str, const char* func_name, const DebugLevel level) const {
148  // check the current debug level and serial status
149  if (level > m_debug || !Serial) return;
150  // print prefix
151  m_print_prefix(func_name, level);
152  // print the message
153  Serial.println(str);
154  }
155 
157  template<typename T>
158  void m_info(const T str, const char* func_name) const { m_print(str, func_name, SSL_INFO); }
159 
160  template<typename T>
161  void m_warn(const T str, const char* func_name) const { m_print(str, func_name, SSL_WARN); }
162 
163  template<typename T>
164  void m_error(const T str, const char* func_name) const { m_print(str, func_name, SSL_ERROR); }
165 
166 private:
168  bool m_soft_connected(const char* func_name);
170  int m_start_ssl(const char* host, SSLSession& ssl_ses);
172  int m_run_until(const unsigned target);
174  unsigned m_update_engine();
176  int m_get_session_index(const char* host, const IPAddress& addr) const;
177 
178  //============================================
179  //= Data Members
180  //============================================
181 
182  // store the pin to fetch an RNG see from
183  const int m_analog_pin;
184  // store an index of where a new session can be placed if we don't have any corresponding sessions
185  size_t m_session_index;
186  // store whether to enable debug logging
187  const DebugLevel m_debug;
188  // store if we are connected in bearssl or not
189  bool m_is_connected;
190  // store the context values required for SSL
191  br_ssl_client_context m_sslctx;
192  br_x509_minimal_context m_x509ctx;
193  // use a mono-directional buffer by default to cut memory in half
194  // can expand to a bi-directional buffer with maximum of BR_SSL_BUFSIZE_BIDI
195  // or shrink to below BR_SSL_BUFSIZE_MONO, and bearSSL will adapt automatically
196  // simply edit this value to change the buffer size to the desired value
197  // additionally, we need to correct buffer size based off of how many sessions we decide to cache
198  // since SSL takes so much memory if we don't it will cause the stack and heap to collide
206  unsigned char m_iobuf[2048];
207  // store the index of where we are writing in the buffer
208  // so we can send our records all at once to prevent
209  // weird timing issues
210  size_t m_write_idx;
211 };
212 
213 #endif /* SSLClientImpl_H_ */
SSLClientImpl::write_impl
size_t write_impl(const uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:130
SSLClientImpl::remotePort
virtual uint16_t remotePort()=0
-
SSLClientImpl::m_print
void m_print(const T str, const char *func_name, const DebugLevel level) const
debugging print function, only prints if m_debug is true
Definition: SSLClientImpl.h:146
+
SSLClientImpl::m_print
void m_print(const T str, const char *func_name, const DebugLevel level) const
debugging print function, only prints if m_debug is true
Definition: SSLClientImpl.h:147
SSL_WARN
Definition: SSLClientImpl.h:66
SSLClientImpl::remoteIP
virtual IPAddress remoteIP()=0
-
SSLClientImpl::get_session_impl
SSLSession & get_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:305
+
SSLClientImpl::get_session_impl
SSLSession & get_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:286
SSLSession
This class stores values which allow SSLClient to save and resume SSL sessions.
Definition: SSLSession.h:52
-
SSLClientImpl::m_info
void m_info(const T str, const char *func_name) const
Prints a info message to serial, if info messages are enabled.
Definition: SSLClientImpl.h:157
+
SSLClientImpl::m_info
void m_info(const T str, const char *func_name) const
Prints a info message to serial, if info messages are enabled.
Definition: SSLClientImpl.h:158
SSLClientImpl::SSLClientImpl
SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug)
Definition: SSLClientImpl.cpp:53
-
SSLClientImpl::m_error
void m_error(const T str, const char *func_name) const
Definition: SSLClientImpl.h:163
-
SSLClientImpl::peek_impl
int peek_impl()
Definition: SSLClientImpl.cpp:226
+
SSLClientImpl::m_error
void m_error(const T str, const char *func_name) const
Definition: SSLClientImpl.h:164
+
SSLClientImpl::peek_impl
int peek_impl()
Definition: SSLClientImpl.cpp:209
SSL_INFO
Definition: SSLClientImpl.h:68
SSL_ERROR
Definition: SSLClientImpl.h:64
SSLClientParameters
This struct stores data required for SSLClient to use mutual authentication.
Definition: SSLClientParameters.h:52
@@ -110,28 +110,29 @@ $(document).ready(function(){initNavTree('_s_s_l_client_impl_8h_source.html','')
SSLClientImpl::get_session_array
virtual SSLSession * get_session_array()=0
SSL_BR_WRITE_ERROR
Definition: SSLClientImpl.h:47
SSL_OK
Definition: SSLClientImpl.h:39
-
SSLClientImpl::m_print_ssl_error
void m_print_ssl_error(const int ssl_error, const DebugLevel level) const
Prints the string associated with a write error.
Definition: SSLClientImpl.cpp:671
-
SSLClientImpl::available_impl
int available_impl()
Definition: SSLClientImpl.cpp:190
+
SSLClientImpl::m_print_ssl_error
void m_print_ssl_error(const int ssl_error, const DebugLevel level) const
Prints the string associated with a write error.
Definition: SSLClientImpl.cpp:668
+
SSLClientImpl::available_impl
int available_impl()
Definition: SSLClientImpl.cpp:173
Error
Error
Static constants defining the possible errors encountered.
Definition: SSLClientImpl.h:38
SSL_BR_CONNECT_FAIL
Definition: SSLClientImpl.h:43
-
SSLClientImpl::read_impl
int read_impl(uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:211
-
SSLClientImpl::remove_session_impl
void remove_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:324
+
SSLClientImpl::read_impl
int read_impl(uint8_t *buf, size_t size)
Definition: SSLClientImpl.cpp:194
+
SSLClientImpl::remove_session_impl
void remove_session_impl(const char *host, const IPAddress &addr)
Definition: SSLClientImpl.cpp:305
SSL_CLIENT_WRTIE_ERROR
Definition: SSLClientImpl.h:45
SSLClientImpl::get_arduino_client
virtual Client & get_arduino_client()=0
SSL_CLIENT_CONNECT_FAIL
Definition: SSLClientImpl.h:41
-
SSLClientImpl::m_print_prefix
void m_print_prefix(const char *func_name, const DebugLevel level) const
Prints a debugging prefix to all logs, so we can attatch them to useful information.
Definition: SSLClientImpl.cpp:653
+
SSLClientImpl::m_print_prefix
void m_print_prefix(const char *func_name, const DebugLevel level) const
Prints a debugging prefix to all logs, so we can attatch them to useful information.
Definition: SSLClientImpl.cpp:650
+
SSLClientImpl::set_mutual_impl
void set_mutual_impl(const SSLClientParameters *params)
Definition: SSLClientImpl.cpp:316
SSL_NONE
Definition: SSLClientImpl.h:62
-
SSLClientImpl::m_print_br_error
void m_print_br_error(const unsigned br_error_code, const DebugLevel level) const
Print the text string associated with a BearSSL error code.
Definition: SSLClientImpl.cpp:686
-
SSLClientImpl::m_warn
void m_warn(const T str, const char *func_name) const
Definition: SSLClientImpl.h:160
+
SSLClientImpl::m_print_br_error
void m_print_br_error(const unsigned br_error_code, const DebugLevel level) const
Print the text string associated with a BearSSL error code.
Definition: SSLClientImpl.cpp:683
+
SSLClientImpl::m_warn
void m_warn(const T str, const char *func_name) const
Definition: SSLClientImpl.h:161
SSLClientParameters.h
SSLSession.h
-
SSLClientImpl::connect_impl
int connect_impl(IPAddress ip, uint16_t port)
Definition: SSLClientImpl.cpp:90
+
SSLClientImpl::connect_impl
int connect_impl(IPAddress ip, uint16_t port)
Definition: SSLClientImpl.cpp:73
SSL_OUT_OF_MEMORY
Definition: SSLClientImpl.h:51
-
SSLClientImpl::stop_impl
void stop_impl()
Definition: SSLClientImpl.cpp:246
-
SSLClientImpl::flush_impl
void flush_impl()
Definition: SSLClientImpl.cpp:238
+
SSLClientImpl::stop_impl
void stop_impl()
Definition: SSLClientImpl.cpp:227
+
SSLClientImpl::flush_impl
void flush_impl()
Definition: SSLClientImpl.cpp:221
SSLClientImpl
Implementation code to be inherited by SSLClient.
Definition: SSLClientImpl.h:72
SSLClientImpl::localPort
virtual uint16_t localPort()=0
-
SSLClientImpl::connected_impl
uint8_t connected_impl()
Definition: SSLClientImpl.cpp:274
+
SSLClientImpl::connected_impl
uint8_t connected_impl()
Definition: SSLClientImpl.cpp:255
DebugLevel
DebugLevel
Level of verbosity used in logging for SSLClient.
Definition: SSLClientImpl.h:60
diff --git a/docs/html/_s_s_l_obj_8cpp.html b/docs/html/_s_s_l_obj_8cpp.html new file mode 100644 index 0000000..b720439 --- /dev/null +++ b/docs/html/_s_s_l_obj_8cpp.html @@ -0,0 +1,115 @@ + + + + + + + +SSLClient: C:/Users/Noah/Documents/Arduino/libraries/SSLClient/src/SSLObj.cpp File Reference + + + + + + + + + + + + + + +
+
+
+ + + + + +
+
SSLClient +  v1.1.1 +
+
Add TLS 1.2 functionality to any network library.
+
+ + + + + + + + + +
+ +
+
+
+ +
+ +
+
+ + +
+ +
+ +
+
+Classes
+
+
SSLObj.cpp File Reference
+
+
+
#include "SSLObj.h"
+
+ + + +

+Classes

struct  ssl_pem_decode_state
 
+
+
+ + + + diff --git a/docs/html/_s_s_l_obj_8cpp.js b/docs/html/_s_s_l_obj_8cpp.js new file mode 100644 index 0000000..41eb738 --- /dev/null +++ b/docs/html/_s_s_l_obj_8cpp.js @@ -0,0 +1,4 @@ +var _s_s_l_obj_8cpp = +[ + [ "ssl_pem_decode_state", "structssl__pem__decode__state.html", "structssl__pem__decode__state" ] +]; \ No newline at end of file diff --git a/docs/html/_s_s_l_obj_8h.html b/docs/html/_s_s_l_obj_8h.html new file mode 100644 index 0000000..c50d212 --- /dev/null +++ b/docs/html/_s_s_l_obj_8h.html @@ -0,0 +1,127 @@ + + + + + + + +SSLClient: C:/Users/Noah/Documents/Arduino/libraries/SSLClient/src/SSLObj.h File Reference + + + + + + + + + + + + + + +
+
+ + + + + + +
+
SSLClient +  v1.1.1 +
+
Add TLS 1.2 functionality to any network library.
+
+
+ + + + + + + +
+
+ +
+
+
+ +
+ +
+
+ + +
+ +
+ +
+
+Namespaces | +Functions
+
+
SSLObj.h File Reference
+
+
+
#include <cstring>
+#include "bearssl_pem.h"
+#include <vector>
+
+

Go to the source code of this file.

+ + + + + +

+Namespaces

 SSLObj
 This namespace works with raw DER byte arrays for use later with TLS mutual auth.
 
+ + + + +

+Functions

const std::vector< unsigned char > SSLObj::make_vector_pem (const char *data, const size_t len)
 Convert a PEM buffer into a vector of raw DER bytes. More...
 
+
+
+ + + + diff --git a/docs/html/_s_s_l_obj_8h.js b/docs/html/_s_s_l_obj_8h.js new file mode 100644 index 0000000..815a655 --- /dev/null +++ b/docs/html/_s_s_l_obj_8h.js @@ -0,0 +1,4 @@ +var _s_s_l_obj_8h = +[ + [ "make_vector_pem", "_s_s_l_obj_8h.html#a9a58d01c9073b90f2b42c655828aea6d", null ] +]; \ No newline at end of file diff --git a/docs/html/_s_s_l_obj_8h_source.html b/docs/html/_s_s_l_obj_8h_source.html new file mode 100644 index 0000000..d32ef25 --- /dev/null +++ b/docs/html/_s_s_l_obj_8h_source.html @@ -0,0 +1,108 @@ + + + + + + + +SSLClient: C:/Users/Noah/Documents/Arduino/libraries/SSLClient/src/SSLObj.h Source File + + + + + + + + + + + + + + +
+
+ + + + + + +
+
SSLClient +  v1.1.1 +
+
Add TLS 1.2 functionality to any network library.
+
+
+ + + + + + + +
+
+ +
+
+
+ +
+ +
+
+ + +
+ +
+ +
+
+
SSLObj.h
+
+
+Go to the documentation of this file.
1 /* Copyright 2019 OSU OPEnS Lab
2  *
3  * Permission is hereby granted, free of charge, to any person obtaining a copy of this
4  * software and associated documentation files (the "Software"), to deal in the Software
5  * without restriction, including without limitation the rights to use, copy, modify,
6  * merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
7  * permit persons to whom the Software is furnished to do so, subject to the following
8  * conditions:
9  *
10  * The above copyright notice and this permission notice shall be included in all
11  * copies or substantial portions of the Software.
12  *
13  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
14  * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
15  * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
16  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
17  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
18  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19  */
20 
27 #include <cstring>
28 #include "bearssl_pem.h"
29 
30 #ifndef SSLObj_H_
31 #define SSLObj_H_
32 
33 #undef min
34 #undef max
35 #include <vector>
36 
47 namespace SSLObj {
60  const std::vector<unsigned char> make_vector_pem(const char* data, const size_t len);
61 }
62 
63 #endif
SSLObj
This namespace works with raw DER byte arrays for use later with TLS mutual auth.
Definition: SSLObj.h:47
+
SSLObj::make_vector_pem
const std::vector< unsigned char > make_vector_pem(const char *data, const size_t len)
Convert a PEM buffer into a vector of raw DER bytes.
Definition: SSLObj.cpp:22
+
+
+ + + + diff --git a/docs/html/annotated.html b/docs/html/annotated.html index 2f4d32a..c49db68 100644 --- a/docs/html/annotated.html +++ b/docs/html/annotated.html @@ -93,10 +93,11 @@ $(document).ready(function(){initNavTree('annotated.html','');});
Here are the classes, structs, unions and interfaces with brief descriptions:
- - - - + + + + +
 CSSLClientThe main SSLClient class. Check out README.md for more info
 CSSLClientImplImplementation code to be inherited by SSLClient
 CSSLClientParametersThis struct stores data required for SSLClient to use mutual authentication
 CSSLSessionThis class stores values which allow SSLClient to save and resume SSL sessions
 Cssl_pem_decode_state
 CSSLClientThe main SSLClient class. Check out README.md for more info
 CSSLClientImplImplementation code to be inherited by SSLClient
 CSSLClientParametersThis struct stores data required for SSLClient to use mutual authentication
 CSSLSessionThis class stores values which allow SSLClient to save and resume SSL sessions
diff --git a/docs/html/annotated_dup.js b/docs/html/annotated_dup.js index 1a3e527..72e17b0 100644 --- a/docs/html/annotated_dup.js +++ b/docs/html/annotated_dup.js @@ -1,5 +1,6 @@ var annotated_dup = [ + [ "ssl_pem_decode_state", "structssl__pem__decode__state.html", "structssl__pem__decode__state" ], [ "SSLClient", "class_s_s_l_client.html", "class_s_s_l_client" ], [ "SSLClientImpl", "class_s_s_l_client_impl.html", "class_s_s_l_client_impl" ], [ "SSLClientParameters", "struct_s_s_l_client_parameters.html", "struct_s_s_l_client_parameters" ], diff --git a/docs/html/class_s_s_l_client-members.html b/docs/html/class_s_s_l_client-members.html index 2685ca5..24a725e 100644 --- a/docs/html/class_s_s_l_client-members.html +++ b/docs/html/class_s_s_l_client-members.html @@ -134,15 +134,16 @@ $(document).ready(function(){initNavTree('class_s_s_l_client.html','');}); remotePort() overrideSSLClient< C, SessionCache >inlinevirtual remove_session_impl(const char *host, const IPAddress &addr)SSLClientImpl removeSession(const char *host, const IPAddress &addr)SSLClient< C, SessionCache >inline + set_mutual_impl(const SSLClientParameters *params)SSLClientImpl + setMutualAuthParams(const SSLClientParameters *params)SSLClient< C, SessionCache >inline SSLClient(const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug=SSL_WARN)SSLClient< C, SessionCache >inlineexplicit - SSLClient(const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)SSLClient< C, SessionCache >inlineexplicit - SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug)SSLClientImplexplicit - SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)SSLClientImplexplicit - stop() overrideSSLClient< C, SessionCache >inline - stop_impl()SSLClientImpl - write(uint8_t b) overrideSSLClient< C, SessionCache >inline - write(const uint8_t *buf, size_t size) overrideSSLClient< C, SessionCache >inline - write_impl(const uint8_t *buf, size_t size)SSLClientImpl + SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug)SSLClientImplexplicit + SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)SSLClientImplexplicit + stop() overrideSSLClient< C, SessionCache >inline + stop_impl()SSLClientImpl + write(uint8_t b) overrideSSLClient< C, SessionCache >inline + write(const uint8_t *buf, size_t size) overrideSSLClient< C, SessionCache >inline + write_impl(const uint8_t *buf, size_t size)SSLClientImpl diff --git a/docs/html/class_s_s_l_client.html b/docs/html/class_s_s_l_client.html index b9d4812..d8df6fe 100644 --- a/docs/html/class_s_s_l_client.html +++ b/docs/html/class_s_s_l_client.html @@ -115,8 +115,6 @@ Public Member Functions  SSLClient (const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug=SSL_WARN)  Initialize SSLClient with all of the prerequisites needed. More...
  - SSLClient (const C &client, const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params) -  int connect (IPAddress ip, uint16_t port) override  Connect over SSL to a host specified by an IP address. More...
  @@ -149,6 +147,9 @@ Public Member Functions uint8_t connected () override  Check if the device is connected. More...
  +void setMutualAuthParams (const SSLClientParameters *params) + Add a client certificate and enable support for mutual auth. More...
SSLSessiongetSession (const char *host, const IPAddress &addr)  Gets a session reference corresponding to a host and IP, or a reference to a empty session if none exist. More...
  @@ -210,6 +211,8 @@ Public Member Functions   void remove_session_impl (const char *host, const IPAddress &addr)   +void set_mutual_impl (const SSLClientParameters *params) +  @@ -255,7 +258,7 @@ class SSLClient< C, SessionCache >

The main SSLClient class. Check out README.md for more info.

Constructor & Destructor Documentation

-

◆ SSLClient() [1/2]

+

◆ SSLClient()

@@ -324,69 +327,6 @@ The analog_pin should be set to input. -
-
- -

◆ SSLClient() [2/2]

- -
-
-
-template<class C , size_t SessionCache = 1>
-

Protected Member Functions

- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SSLClient< C, SessionCache >::SSLClient (const C & client,
const br_x509_trust_anchor * trust_anchors,
const size_t trust_anchors_num,
const int analog_pin,
const DebugLevel debug,
const SSLClientParametersmutual_auth_params 
)
- 		-inlineexplicit
-
-

Same as SSLClient::SSLClient(const C &, const br_x509_trust_anchor*, const size_t, const int, const DebugLevel), but can compile support for mutual authentication.

-

Member Function Documentation

@@ -1234,6 +1174,37 @@ template<class C , size_t SessionCache = 1> + + + +

◆ setMutualAuthParams()

+ +
+
+
+template<class C , size_t SessionCache = 1>
+ + + + + +
+ + + + + + + + +
void SSLClient< C, SessionCache >::setMutualAuthParams (const SSLClientParametersparams)
+ 		+inline
+
+ +

Add a client certificate and enable support for mutual auth.

+

This function must be called BEFORE making an SSL connection.

+
diff --git a/docs/html/class_s_s_l_client.js b/docs/html/class_s_s_l_client.js index 814f6b3..029693f 100644 --- a/docs/html/class_s_s_l_client.js +++ b/docs/html/class_s_s_l_client.js @@ -1,7 +1,6 @@ var class_s_s_l_client = [ [ "SSLClient", "class_s_s_l_client.html#ae9a7509bc8a18f67e286547c19deb3c0", null ], - [ "SSLClient", "class_s_s_l_client.html#ad7b20a2ac220d346a8047db77d97723d", null ], [ "available", "class_s_s_l_client.html#a5d13fd2f32ee2ea65a1f3820f758e77e", null ], [ "connect", "class_s_s_l_client.html#a4a2172aedfcc483ba2a256ad12148630", null ], [ "connect", "class_s_s_l_client.html#a91c63e35f31652c20faa5b9be95984bf", null ], @@ -26,6 +25,7 @@ var class_s_s_l_client = [ "remoteIP", "class_s_s_l_client.html#af76a0df76834e0d0999dbf44c7c0a174", null ], [ "remotePort", "class_s_s_l_client.html#a5974a5f8722a752f121af4fac498bb22", null ], [ "removeSession", "class_s_s_l_client.html#a5b626703a24089dbb0480a9b6ddf348c", null ], + [ "setMutualAuthParams", "class_s_s_l_client.html#a16aa9765bd450dcbba21c598456f464f", null ], [ "stop", "class_s_s_l_client.html#ad30db47248d78df7c12dedfb27f06529", null ], [ "write", "class_s_s_l_client.html#a6b8ff53c10fe34aab1dc2561410f70bb", null ], [ "write", "class_s_s_l_client.html#a6bcb7579ebc051c097acb794b95771a9", null ] diff --git a/docs/html/class_s_s_l_client_impl-members.html b/docs/html/class_s_s_l_client_impl-members.html index a54731c..d522108 100644 --- a/docs/html/class_s_s_l_client_impl-members.html +++ b/docs/html/class_s_s_l_client_impl-members.html @@ -118,10 +118,11 @@ $(document).ready(function(){initNavTree('class_s_s_l_client_impl.html','');}); remoteIP()=0SSLClientImplpure virtual remotePort()=0SSLClientImplpure virtual remove_session_impl(const char *host, const IPAddress &addr)SSLClientImpl - SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug)SSLClientImplexplicit - SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)SSLClientImplexplicit - stop_impl()SSLClientImpl - write_impl(const uint8_t *buf, size_t size)SSLClientImpl + set_mutual_impl(const SSLClientParameters *params)SSLClientImpl + SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug)SSLClientImplexplicit + SSLClientImpl(const br_x509_trust_anchor *trust_anchors, const size_t trust_anchors_num, const int analog_pin, const DebugLevel debug, const SSLClientParameters *mutual_auth_params)SSLClientImplexplicit + stop_impl()SSLClientImpl + write_impl(const uint8_t *buf, size_t size)SSLClientImpl diff --git a/docs/html/class_s_s_l_client_impl.html b/docs/html/class_s_s_l_client_impl.html index bd14620..ce4a622 100644 --- a/docs/html/class_s_s_l_client_impl.html +++ b/docs/html/class_s_s_l_client_impl.html @@ -138,6 +138,8 @@ Public Member Functions   void remove_session_impl (const char *host, const IPAddress &addr)   +void set_mutual_impl (const SSLClientParameters *params) +  virtual uint16_t localPort ()=0   virtual IPAddress remoteIP ()=0 @@ -1002,6 +1004,25 @@ template<typename T >
See also
SSLClient::removeSession
+
+ + +

◆ set_mutual_impl()

+ +
+
+ + + + + + + + +
void SSLClientImpl::set_mutual_impl (const SSLClientParametersparams)
+
+
See also
SSLClient::setMutualAuthParams
+
diff --git a/docs/html/class_s_s_l_client_impl.js b/docs/html/class_s_s_l_client_impl.js index a423c6a..d862475 100644 --- a/docs/html/class_s_s_l_client_impl.js +++ b/docs/html/class_s_s_l_client_impl.js @@ -26,6 +26,7 @@ var class_s_s_l_client_impl = [ "remoteIP", "class_s_s_l_client_impl.html#ae97adc55212c1aa96880aac28dd71387", null ], [ "remotePort", "class_s_s_l_client_impl.html#a93cdb32491fc08b035e40f840ff2e8f5", null ], [ "remove_session_impl", "class_s_s_l_client_impl.html#a6baed094969874fb9d2bea3a00ecbee1", null ], + [ "set_mutual_impl", "class_s_s_l_client_impl.html#a9dd694f8e0e65624b103dc781a7744af", null ], [ "stop_impl", "class_s_s_l_client_impl.html#a81eb5ede3a894f281ae586d463b624e6", null ], [ "write_impl", "class_s_s_l_client_impl.html#a807656f814f24cf6cd711e429b716c4d", null ] ]; \ No newline at end of file diff --git a/docs/html/classes.html b/docs/html/classes.html index e47714d..c18aed9 100644 --- a/docs/html/classes.html +++ b/docs/html/classes.html @@ -94,10 +94,10 @@ $(document).ready(function(){initNavTree('classes.html','');});
s
- - - + + + +
  s  
-		SSLClientImpl   SSLSession   
SSLClientParameters   
SSLClient   
SSLClient   SSLClientParameters   
SSLClientImpl   SSLSession   
ssl_pem_decode_state   
s
diff --git a/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.html b/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.html index 8c0fd50..b4482c9 100644 --- a/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.html +++ b/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.html @@ -104,6 +104,10 @@ Files   file  SSLClientParameters.h [code]   +file  SSLObj.cpp +  +file  SSLObj.h [code] +  file  SSLSession.cpp   file  SSLSession.h [code] diff --git a/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.js b/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.js index 703b1e3..6b5c86a 100644 --- a/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.js +++ b/docs/html/dir_68267d1309a1af8e8297ef4c3efbcdba.js @@ -7,6 +7,8 @@ var dir_68267d1309a1af8e8297ef4c3efbcdba = [ "SSLClientParameters.h", "_s_s_l_client_parameters_8h.html", [ [ "SSLClientParameters", "struct_s_s_l_client_parameters.html", "struct_s_s_l_client_parameters" ] ] ], + [ "SSLObj.cpp", "_s_s_l_obj_8cpp.html", "_s_s_l_obj_8cpp" ], + [ "SSLObj.h", "_s_s_l_obj_8h.html", "_s_s_l_obj_8h" ], [ "SSLSession.cpp", "_s_s_l_session_8cpp.html", null ], [ "SSLSession.h", "_s_s_l_session_8h.html", [ [ "SSLSession", "class_s_s_l_session.html", "class_s_s_l_session" ] diff --git a/docs/html/files.html b/docs/html/files.html index 40e5214..6f99fdf 100644 --- a/docs/html/files.html +++ b/docs/html/files.html @@ -106,10 +106,12 @@ $(document).ready(function(){initNavTree('files.html','');});  SSLClientImpl.cpp  SSLClientImpl.h  SSLClientParameters.h - SSLSession.cpp - SSLSession.h - time_macros.h - TLS12_only_profile.c + SSLObj.cpp + SSLObj.h + SSLSession.cpp + SSLSession.h + time_macros.h + TLS12_only_profile.c diff --git a/docs/html/functions.html b/docs/html/functions.html index b78e046..549139d 100644 --- a/docs/html/functions.html +++ b/docs/html/functions.html @@ -113,7 +113,7 @@ $(document).ready(function(){initNavTree('functions.html','');}); : SSLClient< C, SessionCache >
  • connect_impl() -: SSLClientImpl +: SSLClientImpl
  • connected() : SSLClient< C, SessionCache > @@ -144,7 +144,7 @@ $(document).ready(function(){initNavTree('functions.html','');});

    - g -