Provides detail on the available APIs for the SSL Layer.
Functions | |
NMI_API void | m2m_ssl_ecc_process_done (void) |
Allow SSL driver to tidy up after application has finished processing ECC message. More... | |
NMI_API sint8 | m2m_ssl_handshake_rsp (tstrEccReqInfo *strECCResp, uint8 *pu8RspDataBuff, uint16 u16RspDataSz) |
Sends ECC responses to the WINC. More... | |
NMI_API sint8 | m2m_ssl_init (tpfAppSSLCb pfAppSSLCb) |
Initializes the SSL layer. More... | |
NMI_API sint8 | m2m_ssl_retrieve_cert (uint16 *pu16Curve, uint8 *pu8Value, uint8 *pu8Sig, tstrECPoint *pstrKey) |
Retrieve the next set of information from the WINC for ECDSA verification. More... | |
NMI_API sint8 | m2m_ssl_retrieve_hash (uint8 *pu8Value, uint16 u16ValueSz) |
Retrieve the value from the WINC for ECDSA signing. More... | |
NMI_API sint8 | m2m_ssl_retrieve_next_for_verifying (tenuEcNamedCurve *penuCurve, uint8 *pu8Value, uint16 *pu16ValueSz, uint8 *pu8Sig, uint16 *pu16SigSz, tstrECPoint *pstrKey) |
Retrieve the next set of information from the WINC for ECDSA verification. More... | |
NMI_API sint8 | m2m_ssl_send_certs_to_winc (uint8 *pu8Buffer, uint32 u32BufferSz) |
Sends certificates to the WINC. More... | |
NMI_API sint8 | m2m_ssl_set_active_ciphersuites (uint32 u32SslCsBMP) |
Sets the active ciphersuites. More... | |
NMI_API void | m2m_ssl_stop_processing_certs (void) |
Allow SSL driver to tidy up in case application does not read all available certificates. More... | |
NMI_API void | m2m_ssl_stop_retrieving (void) |
Allow SSL driver to tidy up when the application chooses not to retrieve all available information. More... | |
NMI_API void m2m_ssl_ecc_process_done | ( | void | ) |
Allow SSL driver to tidy up after application has finished processing ECC message.
References gu32HIFAddr.
NMI_API sint8 m2m_ssl_handshake_rsp | ( | tstrEccReqInfo * | strECCResp, |
uint8 * | pu8RspDataBuff, | ||
uint16 | u16RspDataSz | ||
) |
Sends ECC responses to the WINC.
[in] | strECCResp | ECC Response struct. |
[in] | pu8RspDataBuff | Pointer of the response data to be sent. |
[in] | u16RspDataSz | Response data size. |
@param [in] strECCResp ECC Response struct. @param [in] pu8RspDataBuff Pointer of the response data to be sent. @param [in] u16RspDataSz Response data size.
References hif_send(), M2M_REQ_DATA_PKT, M2M_REQ_GROUP_SSL, M2M_SSL_RESP_ECC, and M2M_SUCCESS.
NMI_API sint8 m2m_ssl_init | ( | tpfAppSSLCb | pfAppSSLCb | ) |
Initializes the SSL layer.
[in] | pfAppSslCb | Application SSL callback function. |
[in] | pfAppSSLCb | Application SSL callback function. |
References genuStatus, gpfAppSSLCb, gu32HIFAddr, hif_register_cb(), M2M_ERR, M2M_REQ_GROUP_SSL, m2m_ssl_cb(), M2M_SUCCESS, and TLS_FLASH_ERR_UNKNOWN.
NMI_API sint8 m2m_ssl_retrieve_cert | ( | uint16 * | pu16Curve, |
uint8 * | pu8Value, | ||
uint8 * | pu8Sig, | ||
tstrECPoint * | pstrKey | ||
) |
Retrieve the next set of information from the WINC for ECDSA verification.
[out] | pu16Curve | The named curve, to be cast to type tenuEcNamedCurve. |
[out] | pu8Value | Value retrieved for verification. This is the digest of the message, truncated/prepended to the appropriate size. The size of the value is equal to the field size of the curve, hence is determined by pu16Curve. |
[out] | pu8Sig | Signature retrieved for verification. The size of the signature is equal to twice the field size of the curve, hence is determined by pu16Curve. |
[out] | pstrKey | Public key retrieved for verification. |
References m2m_ssl_retrieve_next_for_verifying().
Retrieve the value from the WINC for ECDSA signing.
[out] | pu8Value | Value retrieved for signing. This is the digest of the message, truncated/prepended to the appropriate size. |
[in] | u16ValueSz | Size of value to be retrieved. (The application should obtain this information, along with the curve, from the associated ECC_REQ_SIGN_GEN notification.) |
References gu32HIFAddr, hif_receive(), M2M_ERR_FAIL, M2M_ERR_INVALID_ARG, M2M_SUCCESS, and NULL.
NMI_API sint8 m2m_ssl_retrieve_next_for_verifying | ( | tenuEcNamedCurve * | penuCurve, |
uint8 * | pu8Value, | ||
uint16 * | pu16ValueSz, | ||
uint8 * | pu8Sig, | ||
uint16 * | pu16SigSz, | ||
tstrECPoint * | pstrKey | ||
) |
Retrieve the next set of information from the WINC for ECDSA verification.
[out] | penuCurve | The named curve. |
[out] | pu8Value | Value retrieved for verification. This is the digest of the message, truncated/prepended to the appropriate size. |
[in,out] | pu16ValueSz | in: Size of value buffer provided by caller. out: Size of value retrieved (provided for convenience; the value size is in fact determined by the curve). |
[out] | pu8Sig | Signature retrieved for verification. |
[in,out] | pu16SigSz | in: Size of signature buffer provided by caller. out: Size of signature retrieved (provided for convenience; the signature size is in fact determined by the curve). |
[out] | pstrKey | Public key retrieved for verification. |
References _htons, gu32HIFAddr, hif_receive(), M2M_ERR_FAIL, M2M_ERR_INVALID_ARG, M2M_SUCCESS, and NULL.
Referenced by m2m_ssl_retrieve_cert().
Sends certificates to the WINC.
[in] | pu8Buffer | Pointer to the certificates. |
[in] | u32BufferSz | Size of the certificates. |
[in] | pu8Buffer | Pointer to the certificates. The buffer format must match the format of tstrTlsSrvSecHdr. |
[in] | u32BufferSz | Size of the certificates. |
References CHUNKHDRSZ, CHUNKSZ, hif_send(), M2M_INFO, m2m_memcpy(), M2M_REQ_DATA_PKT, M2M_REQ_GROUP_SSL, M2M_SSL_REQ_WRITE_OWN_CERTS, M2M_SUCCESS, min, NULL, TLS_CERTS_CHUNKED_SIG_VALUE, TXLIMIT, tstrTlsSrvChunkHdr::u16Offset32, tstrTlsSrvChunkHdr::u16Sig, tstrTlsSrvChunkHdr::u16Size32, and tstrTlsSrvChunkHdr::u16TotalSize32.
Sets the active ciphersuites.
Override the default Active SSL ciphers in the SSL module with a certain combination selected by the caller in the form of a bitmap containing the required ciphers to be on. There is no need to call this function if the application will not change the default ciphersuites.
[in] | u32SslCsBMP | Bitmap containing the desired ciphers to be enabled for the SSL module. The ciphersuites are defined in TLS Cipher Suite IDs. The default ciphersuites are all ciphersuites supported by the firmware with the exception of ECC ciphersuites. The caller can override the default with any desired combination. If u32SslCsBMP does not contain any ciphersuites supported by firmware, then the current active list will not change. |
Override the default Active SSL ciphers in the SSL module with a certain combination selected by the caller in the form of a bitmap containing the required ciphers to be on.
There is no need to call this function if the application will not change the default ciphersuites.
[in] | u32SslCsBMP | Bitmap containing the desired ciphers to be enabled for the SSL module. The ciphersuites are defined in TLS Cipher Suite IDs. The default ciphersuites are all ciphersuites supported by the firmware with the exception of ECC ciphersuites. The caller can override the default with any desired combination. If u32SslCsBMP does not contain any ciphersuites supported by firmware, then the current active list will not change. |
References hif_send(), M2M_REQ_GROUP_SSL, M2M_SSL_REQ_SET_CS_LIST, M2M_SUCCESS, NULL, and tstrSslSetActiveCsList::u32CsBMP.
NMI_API void m2m_ssl_stop_processing_certs | ( | void | ) |
Allow SSL driver to tidy up in case application does not read all available certificates.
References m2m_ssl_stop_retrieving().
NMI_API void m2m_ssl_stop_retrieving | ( | void | ) |
Allow SSL driver to tidy up when the application chooses not to retrieve all available information.
References hif_receive(), and NULL.
Referenced by m2m_ssl_stop_processing_certs().