Skip to content

TLS networking APIs #252

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

TLS networking APIs #252

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eee27b0
Splitting the definition of client into 2 interfaces
andreagilardoni Jun 10, 2025
47eb863
Introducing Tls apis in Arduino Core api
andreagilardoni Jun 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 18 additions & 13 deletions api/Client.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,23 +24,28 @@

namespace arduino {

class Client : public Stream {
// The objective of this interface is to split the definition of a Client that
// works with streams and one that works with discrete sized messages
class ClientConnect {
public:
virtual ~ClientConnect() = default;

virtual int connect(IPAddress ip, uint16_t port) = 0;
virtual int connect(const char *host, uint16_t port) = 0;
virtual void disconnect() = 0;

virtual uint8_t connected() = 0;
virtual operator bool() = 0;
};

class Client : public Stream, ClientConnect {
public:
virtual int connect(IPAddress ip, uint16_t port) =0;
virtual int connect(const char *host, uint16_t port) =0;
virtual size_t write(uint8_t) =0;
virtual size_t write(const uint8_t *buf, size_t size) =0;
virtual int available() = 0;
virtual int read() = 0;
virtual size_t write(uint8_t) = 0;
virtual size_t write(const uint8_t *buf, size_t size) = 0;
virtual int read(uint8_t *buf, size_t size) = 0;
virtual int peek() = 0;
virtual void flush() = 0;
virtual void stop() = 0;
virtual uint8_t connected() = 0;
virtual operator bool() = 0;
protected:
uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); };
uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); }; // FIXME this is a utility function
};

}
}
46 changes: 46 additions & 0 deletions api/Tls.h
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
#pragma once

#include "Client.h"


namespace arduino {

// Tls CertificatesKeys are strings
using CertificateKey = const char[];

enum class CertificateFormat {
Der,
Pem,
}

class Tls: public ClientConnect {
public:
virtual ~Tls() = default;

enum IdentityVerification {
MTls, // both ends identity needs to be verified
Tls, // The server side end is verified against CA
Insecure, // no check against server side identity
};

virtual void setIdentityVerification(IdentityVerification mode) { _mode = mode; };
virtual void setCA(CertificateKey ca, CertificateFormat f=CertificateFormat::Pem) = 0;
virtual void setCertificate(CertificateKey public, CertificateKey private, CertificateFormat f=CertificateFormat::Pem) = 0;


// Tls protocol enables Server Name Indication usage, for which a client provides
// the hostname it is trying to connect to. This hostname may be required to be verified
// against the server provided one
virtual void sniVerification(bool) = 0;

// manually provide an hostname that will be used together with sni
// if connect is called with hostname as parameter this will be automatically called
virtual void setHostname(const char hostname[]) = 0;
protected:
IdentityVerification _mode;
};

class TlsClient: public Client, Tls {

};
}
Loading