uFCoder 2.62
Loading...
Searching...
No Matches
TLS 1.2 with TLS/SSL Client Certificate Authentication using Generic Identity Device Specification (GIDS) smart card support

Functions

UFR_STATUS DL_API DL_TLS_Request (VAR char **read_buffer, VAR uint32_t *received_len, IN const char *url, IN const char *resource_path, uint16_t port, IN char *PIN, uint8_t PIN_len)
 This function transceive HTTPS GET request over TLS 1.2 secure connection implementing TLS/SSL user certificate authentication on server request.
 
UFR_STATUS DL_API DL_TLS_SetClientCertificate (uint32_t cert_type, IN const char *cert, uint32_t cert_len)
 Although we do not recommend the use of software digital signing during TLS/SSL client certificate authentication, the uFCoder library still allows its use.
 
UFR_STATUS DL_API DL_TLS_SetClientX509PrivateKey_PEM (IN const char *priv_key, uint32_t key_bytes_len)
 Although we do not recommend the use of software digital signing during TLS/SSL client certificate authentication, the uFCoder library still allows its use.
 

Detailed Description

Function Documentation

◆ DL_TLS_Request()

UFR_STATUS DL_API DL_TLS_Request ( VAR char ** read_buffer,
VAR uint32_t * received_len,
IN const char * url,
IN const char * resource_path,
uint16_t port,
IN char * PIN,
uint8_t PIN_len )

This function transceive HTTPS GET request over TLS 1.2 secure connection implementing TLS/SSL user certificate authentication on server request.

Request doesn’t contain HTTP body and use minimal of the HTTP headers: GET resource_path HTTP/1.1 Host: url:port Accept: */* Connection: close Important: Once this method completes the request, the library does not use HTTPS any further. The result, if successfully received - can be used at the user's discretion. Any other operation with the result received, requiring HTTP/HTTPS, needs to be implemented separately in the user’s software, uFCoder library does not provide any other methods in our API for this purpose.

Parameters
read_bufferPointer to char pointer which will, after successful function execution, points to a HTTP response, including HTTP response headers and content. In case of request failure *read_buffer will have NULL value. User is obligated to cleanup allocated memory space, occupied by the *read_buffer, after use (e.g. by calling DLFree(sbuffer) or directly free(sbuffer) from the C/C++ code).
received_lenLength of the HTTP response after successful function execution. In case of request failure *received_len will be 0.
urlChar pointer to the zero terminated string, contains request URL. e.g. “certificates.d-logic.com”.
resource_pathChar pointer to the zero terminated string, contains a request path to the resource e.g. “/” or “/favicon.ico”.
portTCP port, 443 in general for HTTPS protocol PIN In case of GIDS smart card in use, this char pointer should point to a string containing GIDS applet ASCII encoded PIN code. Otherwise, this char pointer should have NULL value. PIN_len In case of GIDS smart card applet is in use, this parameter should contain PIN code size. Otherwise, this parameter should be 0.
PINIn case of GIDS smart card in use, this char pointer should point to a string containing GIDS applet ASCII encoded PIN code. Otherwise, this char pointer should have NULL value.
PIN_lenIn case of GIDS smart card applet is in use, this parameter should contain PIN code size. Otherwise, this parameter should be 0.
Returns
Operation status

◆ DL_TLS_SetClientCertificate()

UFR_STATUS DL_API DL_TLS_SetClientCertificate ( uint32_t cert_type,
IN const char * cert,
uint32_t cert_len )

Although we do not recommend the use of software digital signing during TLS/SSL client certificate authentication, the uFCoder library still allows its use.

If you use X509_PEM as a parameter of the DL_TLS_SetClientCertificate() function call, you have to invoke this function thereafter.

Parameters
cert_typefor this parameter you can use one of two enumerated: X509_PEM = 0 or X509_GIDS_NFC = 3.
certpointer to certificate
cert_lencertificate len
Returns
Operation status

◆ DL_TLS_SetClientX509PrivateKey_PEM()

UFR_STATUS DL_API DL_TLS_SetClientX509PrivateKey_PEM ( IN const char * priv_key,
uint32_t key_bytes_len )

Although we do not recommend the use of software digital signing during TLS/SSL client certificate authentication, the uFCoder library still allows its use.

Parameters
priv_keypointer to the private key in PEM format, base64 encoded beginning with “--—BEGIN RSA PRIVATE KEY--—” string and ending with “--—END RSA PRIVATE KEY--—” string. Base64 encoded values should be separated with CR and/or LF ASCII characters on every 64 characters, as stated in the X.509 specification.
key_bytes_lenPEM key size in bytes
Returns
Operation status