21 #ifndef NB_SSL_SUPPORTED 22 #error SSL/TLS cannot be used without NB_SSL_SUPPORTED. Please uncomment in 'predef.h' and recompile all libraries. 25 #include <crypto/SharkSsl.h> 51 #define SSL_ERROR_FAILED_NEGOTIATION (-256) 52 #define SSL_ERROR_HASH_FAILED (-257) 53 #define SSL_ERROR_CERTIFICATE_UNKNOWN (-258) 54 #define SSL_ERROR_WRITE_FAIL (-259) 55 #define SSL_ERROR_CERTIFICATE_NAME_FAILED (-260) 56 #define SSL_ERROR_CERTIFICATE_VERIFY_FAILED (-261) 57 #define SSL_ERROR_NO_BUFFER (-262) 58 #define SSL_ERROR_CLIENT_NOT_EN (-263) 59 #define SSL_ERROR_SERVER_NOT_EN (-264) 60 #define SSL_ERROR_HANDSHAKE_INCOMPLETE (-265) 61 #define TLS_ERROR_FAILED_NEG_NO_DHE_PARAMS (-270) 62 #define TLS_ERROR_FAILED_DHE_NO_ALG (-271) 65 #ifndef SSL_LIB_REPLACEMENT 67 extern BOOL bPrintNamesTested;
97 int SSL_accept(
int fdListen,
IPADDR *address, uint16_t *port, uint16_t accept_timeout, uint16_t negotiation_timeout = 0);
297 uint16_t remote_port,
299 const char *common_name,
300 bool verifyPeer =
false,
301 bool waitForNegotiation =
true,
302 SharkSslCAList caList =
nullptr);
332 const char *common_name,
333 bool verifyPeer =
false,
334 bool waitForNegotiation =
true,
335 SharkSslCAList caList =
nullptr,
336 bool bIsClient =
true);
365 const char *common_name,
366 bool reuseSessionPort =
true,
367 bool verifyPeer =
false,
368 SharkSslCAList caList =
nullptr,
369 bool bIsClient =
true);
440 bool IsSSL_CertNKeyValid(
const char *keyPEM, ssize_t keylen,
const char *certPEM, ssize_t certlen);
IPADDR SSL_GetSocketLocalAddr(int fd)
Returns the local address of this connected socket.
int SSL_makeSecure(int fds, uint32_t timeout, const char *common_name, bool verifyPeer=false, bool waitForNegotiation=true, SharkSslCAList caList=nullptr, bool bIsClient=true)
Executes the TLS negotiation over a given socket, to establish a secure communication channel through...
const char * GetPrivateKeyPEM()
Function that returns a pointer to the compiled in server key.
Definition: SSH/SecureSerToEthFactoryApp/ssluser.cpp:161
int SSL_accept(int fdListen, IPADDR *address, uint16_t *port, uint16_t accept_timeout, uint16_t negotiation_timeout=0)
This call is a mirror of the TCP::accept() call.
BOOL IsSSLfd(int fd)
Returns whether or not a file descriptor is an SSL file descriptor.
int SSL_getsocketerror(int fd)
Returns the socket error state for the specified SSL socket.
int SSL_negotiate(int fds, uint32_t timeout, const char *common_name, bool reuseSessionPort=true, bool verifyPeer=false, SharkSslCAList caList=nullptr, bool bIsClient=true)
SSL mirror of the TCP::connect() call, but uses an existing TCP file descriptor.
void SSL_TcpSendKeepAlive(int fd)
SSL mirror of TcpSendKeepAlive().
uint32_t SSL_TcpGetLastRxTime(int fd)
SSL mirror of TcpGetLastRxTime().
Used to hold and manipulate IPv4 and IPv6 addresses in dual stack mode.
Definition: ipv6_addr.h:28
const char * GetCertificatePEM()
Function that returns a pointer to the compiled in server certificate.
Definition: SSH/SecureSerToEthFactoryApp/ssluser.cpp:181
uint16_t SSLGetTxBufferAvailSpace(int fd)
Returns the amount of data buffered to be read from the socket.
bool SSL_SetServerCAList(SharkSslCAList *CAList)
Attempts to set the Certificate Authority List for the SharkSsl serverCtx
int SSL_clrsockoption(int fd, int option)
Clear SSL TCP socket options.
int SSL_setsockoption(int fd, int option)
Set SSL TCP socket options.
int SSL_getsockoption(int fd)
Returns the options for the specified SSL TCP socket.
bool SSL_SetClientCAList(SharkSslCAList *CAList)
Attempts to set the Certificate Authority List for the SharkSsl clientCtx
int SSL_connect(IPADDR ip, uint16_t local_port, uint16_t remote_port, uint32_t timeout, const char *common_name, bool verifyPeer=false, bool waitForNegotiation=true, SharkSslCAList caList=nullptr)
SSL mirror of the TCP::connect() call.
int SSL_GetSocketInterface(int fd)
Return the network interface associated with a TCP socket.
uint16_t SSL_GetSocketLocalPort(int fd)
Returns the local port of this connected socket.
uint16_t SSL_GetSocketRemotePort(int fd)
Returns the remote port of this connected socket.
IPADDR SSL_GetSocketRemoteAddr(int fd)
Returns the remote address of this connected socket.
int SSLReadWithTimeout(int fd, char *cp, int size, uint32_t timeout)
SSL mirror of the ReadWithTiemout() function.
uint32_t SetMaxSessionReuseTime(uint32_t newLifetimeTicks)
Allows one to specify at runtime what the longest duration that an established session can be used fo...
bool IsSSL_CertNKeyValid(const char *keyPEM, ssize_t keylen, const char *certPEM, ssize_t certlen)
Validate candidate certificate and private key.
uint16_t SSLGetRxBufferSpaceUsed(int fd)
Returns the amount of data buffered to be read from the socket.