Common functions for the TLS1.2 client/server exchange utility. It is an example of the programmatic use of the ateccx08 engine for TLS1.2 exchange. For details see https://wiki.openssl.org/index.php/SSL/TLS_Client and https://wiki.openssl.org/index.php/Simple_TLS_Server.
More...
|
| int | setup_engine (const char *engine_id) |
| | setup OpenSSL engine by engine ID More...
|
| |
|
void | init_openssl (void) |
| | Calls OpenSSL standard initialize methods.
|
| |
| SSL_CTX * | create_context (uint32_t is_server) |
| | Creates the SSL context for server or client. More...
|
| |
| int | configure_context (SSL_CTX *ctx, const char *ca_path, const char *chain_file, const char *cert_file) |
| | Configures the SSL context for server or client using provided certificates, chain files, and private keys (ATECCX08 token are encoded into the OpenSSL private key files) More...
|
| |
| int | load_private_key (const char *engine_id, SSL_CTX *ctx, const char *key_file) |
| | setup OpenSSL engine by engine ID More...
|
| |
| int | config_args_ssl_call (SSL_CTX *ctx, SSL_CONF_CTX *cctx) |
| | A modification of the args_ssl_call() function from the openssl aps/s_cb.c file. More...
|
| |
| int | verify_callback (int ok, X509_STORE_CTX *ctx) |
| | A modification of the verify_callback() function from the openssl aps/s_cb.c file. More...
|
| |
|
void | cleanup_openssl () |
| | Call OpenSSL standard cleanup methods.
|
| |
| int | save_private_key (EVP_PKEY *pkey, const char *privkey_fname) |
| |
| int | save_x509_certificate (X509 *x509, const char *cert_fname) |
| |
| int | run_engine_cmds (const char *engine_id, int cmd, char *buffer, int len) |
| |
|
|
int | verify_depth = 0 |
| |
|
int | verify_quiet = 0 |
| |
|
int | verify_error = X509_V_OK |
| |
|
int | verify_return_error = 0 |
| |
Common functions for the TLS1.2 client/server exchange utility. It is an example of the programmatic use of the ateccx08 engine for TLS1.2 exchange. For details see https://wiki.openssl.org/index.php/SSL/TLS_Client and https://wiki.openssl.org/index.php/Simple_TLS_Server.
Copyright (c) 2015 Atmel Corporation. All rights reserved.
| int config_args_ssl_call |
( |
SSL_CTX * |
ctx, |
|
|
SSL_CONF_CTX * |
cctx |
|
) |
| |
A modification of the args_ssl_call() function from the openssl aps/s_cb.c file.
- Parameters
-
| [in] | ctx | SSL context |
| [in,out] | cctx | SSL_CONF_CTX |
- Returns
- 0 for success
| int configure_context |
( |
SSL_CTX * |
ctx, |
|
|
const char * |
ca_path, |
|
|
const char * |
chain_file, |
|
|
const char * |
cert_file |
|
) |
| |
Configures the SSL context for server or client using provided certificates, chain files, and private keys (ATECCX08 token are encoded into the OpenSSL private key files)
- Parameters
-
| [in] | ctx | SSL context |
| [in] | ca_path | Path to CA (Certificate Authority) |
| [in] | chain_file | Chain File Name (Certificate Bundle) |
| [in] | cert_file | Certificate File Name |
- Returns
- 1 for success
| SSL_CTX* create_context |
( |
uint32_t |
is_server | ) |
|
Creates the SSL context for server or client.
- Parameters
-
| [in] | is_server | 1 - for server, 0 - for client |
- Returns
- a pointer to SSL_CTX for success, NULL for error
| int load_private_key |
( |
const char * |
engine_id, |
|
|
SSL_CTX * |
ctx, |
|
|
const char * |
key_file |
|
) |
| |
setup OpenSSL engine by engine ID
- Parameters
-
| [in] | engine_id | Engine ID |
| ctx[in] | SSL context |
| key_file[in] | Private Key File Name |
- Returns
- 1 for success, 0 for error
| int run_engine_cmds |
( |
const char * |
engine_id, |
|
|
int |
cmd, |
|
|
char * |
buffer, |
|
|
int |
len |
|
) |
| |
Calls different engine commands by CMD ID
- Parameters
-
| [in] | engine_id | Engine ID (just return if NULL) |
| [in] | cmd | a command to pass to the engine library (for the list of commands see ecc_meth.h file |
| [in,out] | buffer | an optional buffer to pass into the command |
| [in,out] | len | the buffer size |
- Returns
- 1 for success, 0 for error
| int save_private_key |
( |
EVP_PKEY * |
pkey, |
|
|
const char * |
privkey_fname |
|
) |
| |
Saves unencrypted private key in the PEM format. There is no reason to use password/encryption for keys tht are already in the hardware. Here we expect a pointer to the key, not a real key
- Parameters
-
| [in] | pkey | pointer to public/private key structure (private key may be just a tocken, pointing to the hardware) |
| [in] | privkey_fname | Private Key File Name |
- Returns
- 1 for success
| int save_x509_certificate |
( |
X509 * |
x509, |
|
|
const char * |
cert_fname |
|
) |
| |
Saves a certificate in the PEM format
- Parameters
-
| [in] | x509 | pointer to X509 structure with certificate |
| [in] | cert_fname | Certificate file name |
- Returns
- 1 for success
| int setup_engine |
( |
const char * |
engine_id | ) |
|
setup OpenSSL engine by engine ID
- Parameters
-
| [in] | engine_id | Engine ID (just return if NULL) |
- Returns
- 1 for success, 0 for error
| int verify_callback |
( |
int |
ok, |
|
|
X509_STORE_CTX * |
ctx |
|
) |
| |
A modification of the verify_callback() function from the openssl aps/s_cb.c file.
- Parameters
-
| [in] | ok | a parameter allowint to exit from the callback immediately |
| [in,out] | ctx | X509_STORE_CTX |
- Returns
- 0 for success
1.8.10