ThingWorx C SDK
Macros | Functions | Variables
twOpenSSL.h File Reference

Portable ThingWorx OpenSSL wrapper layer. More...

#include "twOSPort.h"
#include "twLogger.h"
#include "stdio.h"
#include "string.h"
#include "stringUtils.h"
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/x509_vfy.h>
#include <openssl/sha.h>
#include <openssl/md5.h>

Go to the source code of this file.

Macros

#define TW_SSL_CTX   SSL_CTX
 
#define TW_SSL   SSL
 
#define TW_SSL_SESSION_ID_SIZE   sizeof(void *)
 
#define TW_SSL_SESSION_ID(a)   SSL_get1_session(a)
 
#define TW_GET_CERT_SIZE   ssl_get_config(SSL_MAX_CERT_CFG_OFFSET)
 
#define TW_GET_CA_CERT_SIZE   ssl_get_config(SSL_MAX_CA_CERT_CFG_OFFSET)
 
#define TW_HANDSHAKE_SUCCEEDED(a)   (a && SSL_get_state(a) == SSL_ST_OK)
 
#define TW_SSL_FREE(a)   SSL_free(a)
 
#define TW_SSL_CTX_FREE(a)   SSL_CTX_free(a)
 
#define TW_USE_CERT_FILE(a, b, c)   SSL_CTX_use_PrivateKey_file(a, b, SSL_FILETYPE_PEM)
 
#define TW_USE_CERT_CHAIN_FILE(a, b, c)   SSL_CTX_load_verify_locations(a, b, NULL)
 
#define TW_SET_CLIENT_CA_LIST(a, b)   SSL_CTX_use_certificate_chain_file(a,b)
 
#define DATA_AVAILABLE(a, b, c)   (twSocket_WaitFor(a, b) || SSL_pending(c))
 
#define TW_NEW_SSL_CTX   TW_NEW_SSL_CTX_FUNC()
 

Functions

static INLINE int TW_ENABLE_FIPS_MODE (TW_SSL_CTX *ctx)
 Enables FIPS mode for a twTlsClient. More...
 
static INLINE TW_SSL * TW_NEW_SSL_CLIENT (TW_SSL_CTX *ctx, twSocket *sock, void *session_id, int session_size)
 Creates a new #TW_SSL structure for connection with the specified settings (see SSL_new(), SSL_connect()). More...
 
static INLINE TW_SSL * TW_NEW_SERVER (TW_SSL_CTX *ctx, twSocket *sock)
 Creates a new #TW_SSL connection structure (see SSL_new()). More...
 
static INLINE int TW_SSL_ACCEPT (TW_SSL *s)
 Waits for a #TW_SSL client to initiate a handshake with the server. Wrapper function for SSL_accept(). More...
 
static INLINE int TW_USE_KEY_FILE (SSL_CTX *ctx, const char *file, int type, char *passwd)
 Loads the certificate authority cert chain used to validate the server's certificate in file into ctx. Wrapper function for SSL_CTX_use_PrivateKey_file(). More...
 
static INLINE SSL_CTX * TW_NEW_SSL_CTX_FUNC ()
 Create a new #SSL_CTX stucture as framework for TLS/SSL enabled functions. Wrapper function for SSL_CTX_new(). More...
 
static INLINE int TW_SSL_READ (TW_SSL *ssl, char *buf, int len, int32_t timeout)
 Reads len bytes of data from ssl into buf (see SSL_read()). More...
 
static INLINE int TW_SSL_WRITE (TW_SSL *ssl, char *buf, int len)
 Writes len bytes of data in buf to ssl. More...
 
static INLINE int TW_VALIDATE_CERT (TW_SSL *ssl, char selfSignedOk)
 Validates the certificate of ssl. More...
 
static INLINE char * TW_GET_X509_FIELD (TW_SSL *ssl, char field)
 Gets an X509 field of ssl. More...
 

Variables

static char fips_enabled = FALSE
 
unsigned char default_private_key []
 
int default_private_key_len
 
unsigned char default_certificate []
 
int default_certificate_len
 
static const unsigned char s_server_session_id_context [SSL_MAX_SSL_SESSION_ID_LENGTH] = {""}
 

Detailed Description

Portable ThingWorx OpenSSL wrapper layer.

Function Documentation

static INLINE int TW_ENABLE_FIPS_MODE ( TW_SSL_CTX *  ctx)
static

Enables FIPS mode for a twTlsClient.

Parameters
[in]ctxA pointer to the context to associate with the new
Returns
#TW_OK if successful, positive integral on error code (see twErrors.h) if an error was encountered.
static INLINE char* TW_GET_X509_FIELD ( TW_SSL *  ssl,
char  field 
)
static

Gets an X509 field of ssl.

Parameters
[in]sslThe #TW_SSL connection to get a field of.
[in]fieldThe field to get.
Returns
A string containing the requested field. NULL if an error was encountered.
Note
The calling function will gain ownership of the returned string and is responsible for freeing it.
static INLINE TW_SSL* TW_NEW_SERVER ( TW_SSL_CTX *  ctx,
twSocket sock 
)
static

Creates a new #TW_SSL connection structure (see SSL_new()).

Parameters
[in]ctxA pointer to the context to associate with the connection.
[in]sockA pointer to the twSocket to use for the connection.
Returns
A pointer to the newly allocated #TW_SSL structure.
Note
The calling function will gain ownership of the returned structure and is responsible for freeing it via TW_SSL_FREE().
static INLINE TW_SSL* TW_NEW_SSL_CLIENT ( TW_SSL_CTX *  ctx,
twSocket sock,
void *  session_id,
int  session_size 
)
static

Creates a new #TW_SSL structure for connection with the specified settings (see SSL_new(), SSL_connect()).

Parameters
[in]ctxA pointer to the context to associate with the connection.
[in]sockA pointer to the twSocket for the connection to use.
[in]session_idAn optional session ID to associate with the connection.
Returns
A pointer to the newly allocated #TW_SSL structure.
Note
The calling function will gain ownership of the returned structure and is responsible for freeing it via TW_SSL_FREE().
static INLINE SSL_CTX* TW_NEW_SSL_CTX_FUNC ( )
static

Create a new #SSL_CTX stucture as framework for TLS/SSL enabled functions. Wrapper function for SSL_CTX_new().

Returns
A pointer to the newly allocated #SSL_CTX structure.
Note
The calling function will gain ownership of the returned structure and is responsible for freeing it via TW_SSL_CTX_FREE().
static INLINE int TW_SSL_ACCEPT ( TW_SSL *  s)
static

Waits for a #TW_SSL client to initiate a handshake with the server. Wrapper function for SSL_accept().

Parameters
[in]sA pointer to the #TW_SSL client to utilize.
Returns
0 on success, -1 if an error was encountered.
static INLINE int TW_SSL_READ ( TW_SSL *  ssl,
char *  buf,
int  len,
int32_t  timeout 
)
static

Reads len bytes of data from ssl into buf (see SSL_read()).

Parameters
[in]sslA pointer to the #TW_SSL connection to read from.
[out]bufA buffer to store the read data.
[in]lenThe length of data to read.
[in]timeoutThe amount of time (in milliseconds) to wait for I/O before timing out.
Returns
0 on success, -1 if an error was encountered.
Note
The calling function will retain ownership of buf and is responsible for freeing it.
static INLINE int TW_SSL_WRITE ( TW_SSL *  ssl,
char *  buf,
int  len 
)
static

Writes len bytes of data in buf to ssl.

Parameters
[in]sslA pointer to the #TW_SSL connection to write to.
[out]bufA buffer containing the data to be written.
[in]lenThe length of data to write.
Returns
#TW_OK if successful, positive integral on error code (see twErrors.h) if an error was encountered.
Note
The calling function will retain ownership of buf and is responsible for freeing it.
static INLINE int TW_USE_KEY_FILE ( SSL_CTX *  ctx,
const char *  file,
int  type,
char *  passwd 
)
static

Loads the certificate authority cert chain used to validate the server's certificate in file into ctx. Wrapper function for SSL_CTX_use_PrivateKey_file().

Parameters
[in]ctxThe context to load the key into.
[in]fileThe file to get the certificate from.
[in]typeThe container format of file (should be #SSL_FILETYPE_PEM).
[in]passwdThe password callback to use for encrypted PEM file handling.
static INLINE int TW_VALIDATE_CERT ( TW_SSL *  ssl,
char  selfSignedOk 
)
static

Validates the certificate of ssl.

Parameters
[in]sslA pointer to the #TW_SSL to validate the certificate of.
Returns
0 on success, -1 on error.