| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
- *
- * SPDX-License-Identifier: Apache-2.0
- */
- #pragma once
- /**
- * @brief ESP-TLS Connection Handle
- */
- #include <stdbool.h>
- #include <sys/socket.h>
- #include <fcntl.h>
- #include "esp_err.h"
- #include "esp_tls_errors.h"
- #ifdef CONFIG_ESP_TLS_USING_MBEDTLS
- #include "mbedtls/platform.h"
- #include "mbedtls/net_sockets.h"
- #include "mbedtls/esp_debug.h"
- #include "mbedtls/ssl.h"
- #include "mbedtls/entropy.h"
- #include "mbedtls/ctr_drbg.h"
- #include "mbedtls/error.h"
- #ifdef CONFIG_ESP_TLS_SERVER_SESSION_TICKETS
- #include "mbedtls/ssl_ticket.h"
- #endif
- #ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_3
- #include "psa/crypto.h"
- #endif
- #elif CONFIG_ESP_TLS_USING_WOLFSSL
- #include "wolfssl/wolfcrypt/settings.h"
- #include "wolfssl/ssl.h"
- #endif
- struct esp_tls {
- #ifdef CONFIG_ESP_TLS_USING_MBEDTLS
- mbedtls_ssl_context ssl; /*!< TLS/SSL context */
- mbedtls_entropy_context entropy; /*!< mbedTLS entropy context structure */
- mbedtls_ctr_drbg_context ctr_drbg; /*!< mbedTLS ctr drbg context structure.
- CTR_DRBG is deterministic random
- bit generation based on AES-256 */
- mbedtls_ssl_config conf; /*!< TLS/SSL configuration to be shared
- between mbedtls_ssl_context
- structures */
- mbedtls_net_context server_fd; /*!< mbedTLS wrapper type for sockets */
- mbedtls_x509_crt cacert; /*!< Container for the X.509 CA certificate */
- mbedtls_x509_crt *cacert_ptr; /*!< Pointer to the cacert being used. */
- union {
- mbedtls_x509_crt clientcert; /*!< Container for the X.509 client certificate */
- mbedtls_x509_crt servercert; /*!< Container for the X.509 server certificate */
- };
- union {
- mbedtls_pk_context clientkey; /*!< Container for the private key of the client
- certificate */
- mbedtls_pk_context serverkey; /*!< Container for the private key of the server
- certificate */
- };
- #ifdef CONFIG_MBEDTLS_HARDWARE_ECDSA_SIGN
- bool use_ecdsa_peripheral; /*!< Use the ECDSA peripheral for the private key operations. */
- uint8_t ecdsa_efuse_blk; /*!< The efuse block number where the ECDSA key is stored. */
- #endif
- #elif CONFIG_ESP_TLS_USING_WOLFSSL
- void *priv_ctx;
- void *priv_ssl;
- #endif
- int sockfd; /*!< Underlying socket file descriptor. */
- ssize_t (*read)(esp_tls_t *tls, char *data, size_t datalen); /*!< Callback function for reading data from TLS/SSL
- connection. */
- ssize_t (*write)(esp_tls_t *tls, const char *data, size_t datalen); /*!< Callback function for writing data to TLS/SSL
- connection. */
- esp_tls_conn_state_t conn_state; /*!< ESP-TLS Connection state */
- fd_set rset; /*!< read file descriptors */
- fd_set wset; /*!< write file descriptors */
- bool is_tls; /*!< indicates connection type (TLS or NON-TLS) */
- esp_tls_role_t role; /*!< esp-tls role
- - ESP_TLS_CLIENT
- - ESP_TLS_SERVER */
- esp_tls_error_handle_t error_handle; /*!< handle to error descriptor */
- };
- // Function pointer for the server configuration API
- typedef esp_err_t (*set_server_config_func_ptr) (esp_tls_cfg_server_t *cfg, esp_tls_t *tls);
- // This struct contains any data that is only specific to the server session and not required by the client.
- typedef struct esp_tls_server_params {
- set_server_config_func_ptr set_server_cfg;
- } esp_tls_server_params_t;
|
