1OpenSSL-APIs 2------------ 3 4.. note:: The OpenSSL-API will be discontinued in ESP-IDF from v5.0. Please use ESP-TLS <esp_tls> instead. 5 6The code of this API (located in :component:`openssl` directory), does not contain OpenSSL itself but is intended as a wrapper for applications using the OpenSSL API. 7It uses mbedTLS to do the actual work, so anyone compiling openssl code needs the mbedtls library and header file. 8 9OpenSSL APIs not mentioned in this article are not open to public for the time, 10also do not have the corresponding function. 11If user calls it directly, it will always return an error or may show cannot link at compiling time. 12 13Chapter Introduction 14==================== 15 16- Chapter 1. SSL Context Method Create 17- Chapter 2. SSL Context Function 18- Chapter 3. SSL Function 19- Chapter 4. SSL X509 Certification and Private Key Function 20 21 22Chapter 1. SSL Context Method Create 23==================================== 24 25.. highlight:: none 26 271.1 const SSL_METHOD* ``SSLv3_client_method`` (void) 28 29 Arguments:: 30 31 none 32 33 Return:: 34 35 SSLV3.0 version SSL context client method point 36 37 Description:: 38 39 create the target SSL context method 40 41 Example:: 42 43 void example(void) 44 { 45 const SSL_METHOD *method = SSLv3_client_method(); 46 47 ... 48 } 49 501.2 const SSL_METHOD* ``TLSv1_client_method`` (void) 51 52 Arguments:: 53 54 none 55 56 Return:: 57 58 TLSV1.0 version SSL context client method point 59 60 Description:: 61 62 create the target SSL context method 63 64 Example:: 65 66 void example(void) 67 { 68 const SSL_METHOD *method = TLSv1_client_method(); 69 70 ... 71 } 72 731.3 const SSL_METHOD* ``TLSv1_1_client_method`` (void) 74 75 Arguments:: 76 77 none 78 79 Return:: 80 81 TLSV1.1 version SSL context client method point 82 83 Description:: 84 85 create the target SSL context method 86 87 Example:: 88 89 void example(void) 90 { 91 const SSL_METHOD *method = TLSv1_1_client_method(); 92 93 ... 94 } 95 961.4 const SSL_METHOD* ``TLSv1_2_client_method`` (void) 97 98 Arguments:: 99 100 none 101 102 Return:: 103 104 TLSV1.2 version SSL context client method point 105 106 Description:: 107 108 create the target SSL context method 109 110 Example:: 111 112 void example(void) 113 { 114 const SSL_METHOD *method = TLSv1_2_client_method(); 115 116 ... 117 } 118 1191.5 const SSL_METHOD* ``TLS_client_method`` (void) 120 121 Arguments:: 122 123 none 124 125 Return:: 126 127 TLSV1.2 version SSL context client method point 128 129 Description:: 130 131 create the default SSL context method, it's always to be TLSV1.2 132 133 Example:: 134 135 void example(void) 136 { 137 const SSL_METHOD *method = TLSv1_2_client_method(); 138 139 ... 140 } 141 1421.6 const SSL_METHOD* ``SSLv3_server_method`` (void) 143 144 Arguments:: 145 146 none 147 148 Return:: 149 150 SSLV3.0 version SSL context server method point 151 152 Description:: 153 154 create the target SSL context method 155 156 Example:: 157 158 void example(void) 159 { 160 const SSL_METHOD *method = SSLv3_server_method(); 161 162 ... 163 } 164 1651.7 const SSL_METHOD* ``TLSv1_server_method`` (void) 166 167 Arguments:: 168 169 none 170 171 Return:: 172 173 TLSV1.0 version SSL context server method point 174 175 Description:: 176 177 create the target SSL context method 178 179 Example:: 180 181 void example(void) 182 { 183 const SSL_METHOD *method = TLSv1_server_method(); 184 185 ... 186 } 187 1881.8 const SSL_METHOD* ``TLSv1_1_server_method`` (void) 189 190 Arguments:: 191 192 none 193 194 Return:: 195 196 TLSV1.1 version SSL context server method point 197 198 Description:: 199 200 create the target SSL context method 201 202 Example:: 203 204 void example(void) 205 { 206 const SSL_METHOD *method = TLSv1_1_server_method(); 207 208 ... 209 } 210 211 2121.9 const SSL_METHOD* ``TLSv1_2_server_method`` (void) 213 214 Arguments:: 215 216 none 217 218 Return:: 219 220 TLSV1.2 version SSL context server method point 221 222 Description:: 223 224 create the target SSL context method 225 226 Example:: 227 228 void example(void) 229 { 230 const SSL_METHOD *method = TLSv1_2_server_method(); 231 232 ... 233 } 234 2351.10 const SSL_METHOD* ``TLS_server_method`` (void) 236 237 Arguments:: 238 239 none 240 241 Return:: 242 243 TLSV1.2 version SSL context server method point 244 245 Description:: 246 247 create the default SSL context method, it's always to be TLSV1.2 248 249 Example:: 250 251 void example(void) 252 { 253 const SSL_METHOD *method = TLSv1_2_server_method(); 254 255 ... 256 } 257 258 259Chapter 2. SSL Context Function 260=============================== 261 262 2632.1 SSL_CTX* ``SSL_CTX_new`` (const SSL_METHOD * method) 264 265 Arguments:: 266 267 method - the SSL context method point 268 269 Return:: 270 271 context point 272 273 Description:: 274 275 create a SSL context 276 277 Example:: 278 279 void example(void) 280 { 281 SSL_CTX *ctx = SSL_CTX_new(SSLv3_server_method()); 282 283 ... 284 } 285 286 2872.2 ``void SSL_CTX_free`` (SSL_CTX * ctx) 288 289 Arguments:: 290 291 ctx - the SSL context point 292 293 Return:: 294 295 none 296 297 Description:: 298 299 free a SSL context 300 301 Example:: 302 303 void example(void) 304 { 305 SSL_CTX *ctx; 306 307 ... ... 308 309 SSL_CTX_free(ctx); 310 } 311 312 3132.3 ``int SSL_CTX_set_ssl_version`` (SSL_CTX * ctx, const SSL_METHOD * meth) 314 315 Arguments:: 316 317 ctx - SSL context point 318 meth - SSL method point 319 320 Return:: 321 322 1 : OK 323 0 : failed 324 325 Description:: 326 327 set the SSL context version 328 329 Example:: 330 331 void example(void) 332 { 333 SSL_CTX *ctx; 334 const SSL_METHOD *meth; 335 336 ... ... 337 338 SSL_CTX_set_ssl_version(ctx, meth); 339 } 340 341 3422.4 const SSL_METHOD* ``SSL_CTX_get_ssl_method`` (SSL_CTX * ctx) 343 344 Arguments:: 345 346 ctx - SSL context point 347 348 Return:: 349 350 SSL context method 351 352 Description:: 353 354 get the SSL context method 355 356 Example:: 357 358 void example(void) 359 { 360 const SSL_METHOD *method; 361 SSL_CTX *ctx; 362 363 ... ... 364 365 method = SSL_CTX_get_ssl_method(ctx); 366 } 367 368 369 370Chapter 3. SSL Function 371======================= 372 373 3743.1 SSL* ``SSL_new`` (SSL_CTX * ctx) 375 376 Arguments:: 377 378 ctx - SSL context point 379 380 Return:: 381 382 SSL method 383 384 Description:: 385 386 create a SSL 387 388 Example:: 389 390 void example(void) 391 { 392 SSL *ssl; 393 SSL_CTX *ctx; 394 395 ... ... 396 397 ssl = SSL_new(ctx); 398 } 399 400 4013.2 void ``SSL_free`` (SSL * ssl) 402 403 Arguments:: 404 405 ssl - SSL point 406 407 Return:: 408 409 none 410 411 Description:: 412 413 free SSL 414 415 Example:: 416 417 void example(void) 418 { 419 SSL *ssl; 420 421 ... ... 422 423 SSL_free(ssl); 424 } 425 426 4273.3 int ``SSL_do_handshake`` (SSL * ssl) 428 429 Arguments:: 430 431 ssl - SSL point 432 433 Return:: 434 435 1 : OK 436 0 : failed, connect is close by remote 437 -1 : a error catch 438 439 Description:: 440 441 perform the SSL handshake 442 443 Example:: 444 445 void example(void) 446 { 447 SSL *ssl; 448 int ret; 449 450 ... ... 451 452 ret = SSL_do_handshake(ssl); 453 } 454 455 4563.4 int ``SSL_connect`` (SSL * ssl) 457 458 Arguments:: 459 460 ssl - SSL point 461 462 Return:: 463 464 1 : OK 465 0 : failed, connect is close by remote 466 -1 : a error catch 467 468 Description:: 469 470 connect to the remote SSL server 471 472 Example:: 473 474 void example(void) 475 { 476 SSL *ssl; 477 int ret; 478 479 ... ... 480 481 ret = SSL_connect(ssl); 482 } 483 484 4853.5 int ``SSL_accept`` (SSL * ssl) 486 487 Arguments:: 488 489 ssl - SSL point 490 491 Return:: 492 493 1 : OK 494 0 : failed, connect is close by remote 495 -1 : a error catch 496 497 Description:: 498 499 accept the remote connection 500 501 Example:: 502 503 void example(void) 504 { 505 SSL *ssl; 506 int ret; 507 508 ... ... 509 510 ret = SSL_accept(ssl); 511 } 512 513 5143.6 int ``SSL_shutdown`` (SSL * ssl) 515 516 Arguments:: 517 518 ssl - SSL point 519 520 Return:: 521 522 1 : OK 523 0 : failed, connect is close by remote 524 -1 : a error catch 525 526 Description:: 527 528 shutdown the connection 529 530 Example:: 531 532 void example(void) 533 { 534 SSL *ssl; 535 int ret; 536 537 ... ... 538 539 ret = SSL_shutdown(ssl); 540 } 541 542 5433.7 int ``SSL_clear`` (SSL * ssl) 544 545 Arguments:: 546 547 ssl - SSL point 548 549 Return:: 550 551 1 : OK 552 0 : failed 553 554 Description:: 555 556 shutdown the connection 557 558 Example:: 559 560 void example(void) 561 { 562 SSL *ssl; 563 int ret; 564 565 ... ... 566 567 ret = SSL_clear(ssl); 568 } 569 570 5713.8 int ``SSL_read`` (SSL * ssl, void * buffer, int len) 572 573 Arguments:: 574 575 ssl - point 576 buffer - data buffer point 577 len - data length 578 579 Return:: 580 581 > 0 : OK, and return received data bytes 582 = 0 : no data received or connection is closed 583 < 0 : an error catch 584 585 Description:: 586 587 read data from remote 588 589 Example:: 590 591 void example(void) 592 { 593 SSL *ssl; 594 char *buf; 595 int len; 596 int ret; 597 598 ... ... 599 600 ret = SSL_read(ssl, buf, len); 601 } 602 6033.9 int ``SSL_write`` (SSL * ssl, const void * buffer, int len) 604 605 Arguments:: 606 607 ssl - SSL point 608 buffer - data buffer point 609 len - data length 610 611 Return:: 612 613 > 0 : OK, and return received data bytes 614 = 0 : no data sent or connection is closed 615 < 0 : an error catch 616 617 Description:: 618 619 send the data to remote 620 621 Example:: 622 623 void example(void) 624 { 625 SSL *ssl; 626 char *buf; 627 int len; 628 int ret; 629 630 ... ... 631 632 ret = SSL_write(ssl, buf, len); 633 } 634 635 6363.10 ``SSL_CTX *SSL_get_SSL_CTX`` (const SSL * ssl) 637 638 Arguments:: 639 640 ssl - SSL point 641 642 Return:: 643 644 SSL context 645 646 Description:: 647 648 get SSL context of the SSL 649 650 Example:: 651 652 void example(void) 653 { 654 SSL *ssl; 655 SSL_CTX *ctx; 656 657 ... ... 658 659 ctx = SSL_get_SSL_CTX(ssl); 660 } 661 662 6633.11 int ``SSL_get_shutdown`` (const SSL * ssl) 664 665 Arguments:: 666 667 ssl - SSL point 668 669 Return:: 670 671 shutdown mode 672 673 Description:: 674 675 get SSL shutdown mode 676 677 Example:: 678 679 void example(void) 680 { 681 SSL *ssl; 682 int mode; 683 684 ... ... 685 686 mode = SSL_get_SSL_CTX(ssl); 687 } 688 689 6903.12 void ``SSL_set_shutdown`` (SSL * ssl, int mode) 691 692 Arguments:: 693 694 ssl - SSL point 695 696 Return:: 697 698 shutdown mode 699 700 Description:: 701 702 set SSL shutdown mode 703 704 Example:: 705 706 void example(void) 707 { 708 SSL *ssl; 709 int mode = 0; 710 711 ... ... 712 713 SSL_set_shutdown(ssl, mode); 714 } 715 716 7173.13 const SSL_METHOD* ``SSL_get_ssl_method`` (SSL * ssl) 718 719 Arguments:: 720 721 ssl - SSL point 722 723 Return:: 724 725 SSL method 726 727 Description:: 728 729 set SSL shutdown mode 730 731 Example:: 732 733 void example(void) 734 { 735 SSL *ssl; 736 const SSL_METHOD *method; 737 738 ... ... 739 740 method = SSL_get_ssl_method(ssl); 741 } 742 743 7443.14 int ``SSL_set_ssl_method`` (SSL * ssl, const SSL_METHOD * method) 745 746 Arguments:: 747 748 ssl - SSL point 749 meth - SSL method point 750 751 Return:: 752 753 1 : OK 754 0 : failed 755 756 Description:: 757 758 set the SSL method 759 760 Example:: 761 762 void example(void) 763 { 764 int ret; 765 SSL *ssl; 766 const SSL_METHOD *method; 767 768 ... ... 769 770 ret = SSL_set_ssl_method(ssl, method); 771 } 772 773 7743.15 int ``SSL_pending`` (const SSL * ssl) 775 776 Arguments:: 777 778 ssl - SSL point 779 780 Return:: 781 782 data bytes 783 784 Description:: 785 786 get received data bytes 787 788 Example:: 789 790 void example(void) 791 { 792 int ret; 793 SSL *ssl; 794 795 ... ... 796 797 ret = SSL_pending(ssl); 798 } 799 800 8013.16 int ``SSL_has_pending`` (const SSL * ssl) 802 803 Arguments:: 804 805 ssl - SSL point 806 807 Return:: 808 809 1 : Yes 810 0 : No 811 812 Description:: 813 814 check if data is received 815 816 Example:: 817 818 void example(void) 819 { 820 int ret; 821 SSL *ssl; 822 823 ... ... 824 825 ret = SSL_has_pending(ssl); 826 } 827 828 8293.17 int ``SSL_get_fd`` (const SSL * ssl) 830 831 Arguments:: 832 833 ssl - SSL point 834 835 Return:: 836 837 >= 0 : socket id 838 < 0 : a error catch 839 840 Description:: 841 842 get the socket of the SSL 843 844 Example:: 845 846 void example(void) 847 { 848 int ret; 849 SSL *ssl; 850 851 ... ... 852 853 ret = SSL_get_fd(ssl); 854 } 855 856 8573.18 int ``SSL_get_rfd`` (const SSL * ssl) 858 859 Arguments:: 860 861 ssl - SSL point 862 863 Return:: 864 865 >= 0 : socket id 866 < 0 : a error catch 867 868 Description:: 869 870 get the read only socket of the SSL 871 872 Example:: 873 874 void example(void) 875 { 876 int ret; 877 SSL *ssl; 878 879 ... ... 880 881 ret = SSL_get_rfd(ssl); 882 } 883 884 8853.19 int ``SSL_get_wfd`` (const SSL * ssl) 886 887 Arguments:: 888 889 ssl - SSL point 890 891 Return:: 892 893 >= 0 : socket id 894 < 0 : a error catch 895 896 Description:: 897 898 get the write only socket of the SSL 899 900 Example:: 901 902 void example(void) 903 { 904 int ret; 905 SSL *ssl; 906 907 ... ... 908 909 ret = SSL_get_wfd(ssl); 910 } 911 912 9133.20 int ``SSL_set_fd`` (SSL * ssl, int fd) 914 915 Arguments:: 916 917 ssl - SSL point 918 fd - socket id 919 920 Return:: 921 922 1 : OK 923 0 : failed 924 925 Description:: 926 927 set socket to SSL 928 929 Example:: 930 931 void example(void) 932 { 933 int ret; 934 SSL *ssl; 935 int socket; 936 937 ... ... 938 939 ret = SSL_set_fd(ssl, socket); 940 } 941 942 9433.21 int ``SSL_set_rfd`` (SSL * ssl, int fd) 944 945 Arguments:: 946 947 ssl - SSL point 948 fd - socket id 949 950 Return:: 951 952 1 : OK 953 0 : failed 954 955 Description:: 956 957 set read only socket to SSL 958 959 Example:: 960 961 void example(void) 962 { 963 int ret; 964 SSL *ssl; 965 int socket; 966 967 ... ... 968 969 ret = SSL_set_rfd(ssl, socket); 970 } 971 972 9733.22 int ``SSL_set_wfd`` (SSL * ssl, int fd) 974 975 Arguments:: 976 977 ssl - SSL point 978 fd - socket id 979 980 Return:: 981 982 1 : OK 983 0 : failed 984 985 Description:: 986 987 set write only socket to SSL 988 989 Example:: 990 991 void example(void) 992 { 993 int ret; 994 SSL *ssl; 995 int socket; 996 997 ... ... 998 999 ret = SSL_set_wfd(ssl, socket); 1000 } 1001 1002 10033.23 int ``SSL_version`` (const SSL * ssl) 1004 1005 Arguments:: 1006 1007 ssl - SSL point 1008 1009 Return:: 1010 1011 SSL version 1012 1013 Description:: 1014 1015 get SSL version 1016 1017 Example:: 1018 1019 void example(void) 1020 { 1021 int version; 1022 SSL *ssl; 1023 1024 ... ... 1025 1026 version = SSL_version(ssl); 1027 } 1028 1029 10303.24 const char* ``SSL_get_version`` (const SSL * ssl) 1031 1032 Arguments:: 1033 1034 ssl - SSL point 1035 1036 Return:: 1037 1038 SSL version string 1039 1040 Description:: 1041 1042 get the SSL current version string 1043 1044 Example:: 1045 1046 void example(void) 1047 { 1048 char *version; 1049 SSL *ssl; 1050 1051 ... ... 1052 1053 version = SSL_get_version(ssl); 1054 } 1055 1056 10573.25 OSSL_HANDSHAKE_STATE ``SSL_get_state`` (const SSL * ssl) 1058 1059 Arguments:: 1060 1061 ssl - SSL point 1062 1063 Return:: 1064 1065 SSL state 1066 1067 Description:: 1068 1069 get the SSL state 1070 1071 Example:: 1072 1073 void example(void) 1074 { 1075 OSSL_HANDSHAKE_STATE state; 1076 SSL *ssl; 1077 1078 ... ... 1079 1080 state = SSL_get_state(ssl); 1081 } 1082 1083 10843.26 const char* ``SSL_alert_desc_string`` (int value) 1085 1086 Arguments:: 1087 1088 value - SSL description 1089 1090 Return:: 1091 1092 alert value string 1093 1094 Description:: 1095 1096 get alert description string 1097 1098 Example:: 1099 1100 void example(void) 1101 { 1102 int val; 1103 char *str; 1104 1105 ... ... 1106 1107 str = SSL_alert_desc_string(val); 1108 } 1109 1110 11113.27 const char* ``SSL_alert_desc_string_long`` (int value) 1112 1113 Arguments:: 1114 1115 value - SSL description 1116 1117 Return:: 1118 1119 alert value long string 1120 1121 Description:: 1122 1123 get alert description long string 1124 1125 Example:: 1126 1127 void example(void) 1128 { 1129 int val; 1130 char *str; 1131 1132 ... ... 1133 1134 str = SSL_alert_desc_string_long(val); 1135 } 1136 1137 11383.28 const char* ``SSL_alert_type_string`` (int value) 1139 1140 Arguments:: 1141 1142 value - SSL type description 1143 1144 Return:: 1145 1146 alert type string 1147 1148 Description:: 1149 1150 get alert type string 1151 1152 Example:: 1153 1154 void example(void) 1155 { 1156 int val; 1157 char *str; 1158 1159 ... ... 1160 1161 str = SSL_alert_type_string(val); 1162 } 1163 1164 11653.29 const char* ``SSL_alert_type_string_long`` (int value) 1166 1167 Arguments:: 1168 1169 value - SSL type description 1170 1171 Return:: 1172 1173 alert type long string 1174 1175 Description:: 1176 1177 get alert type long string 1178 1179 Example:: 1180 1181 void example(void) 1182 { 1183 int val; 1184 char *str; 1185 1186 ... ... 1187 1188 str = SSL_alert_type_string_long(val); 1189 } 1190 11913.30 const char* ``SSL_rstate_string`` (SSL * ssl) 1192 1193 Arguments:: 1194 1195 ssl - SSL point 1196 1197 Return:: 1198 1199 state string 1200 1201 Description:: 1202 1203 get the state string where SSL is reading 1204 1205 Example:: 1206 1207 void example(void) 1208 { 1209 SSL *ssl; 1210 char *str; 1211 1212 ... ... 1213 1214 str = SSL_rstate_string(ssl); 1215 } 1216 1217 12183.31 const char* ``SSL_rstate_string_long`` (SSL * ssl) 1219 1220 Arguments:: 1221 1222 ssl - SSL point 1223 1224 Return:: 1225 1226 state long string 1227 1228 Description:: 1229 1230 get the state long string where SSL is reading 1231 1232 Example:: 1233 1234 void example(void) 1235 { 1236 SSL *ssl; 1237 char *str; 1238 1239 ... ... 1240 1241 str = SSL_rstate_string_long(ssl); 1242 } 1243 1244 12453.32 const char* ``SSL_state_string`` (const SSL * ssl) 1246 1247 Arguments:: 1248 1249 ssl - SSL point 1250 1251 Return:: 1252 1253 state string 1254 1255 Description:: 1256 1257 get the state string 1258 1259 Example:: 1260 1261 void example(void) 1262 { 1263 SSL *ssl; 1264 const char *str; 1265 1266 ... ... 1267 1268 str = SSL_state_string(ssl); 1269 } 1270 1271 12723.33 char* ``SSL_state_string_long`` (const SSL * ssl) 1273 1274 Arguments:: 1275 1276 ssl - SSL point 1277 1278 Return:: 1279 1280 state long string 1281 1282 Description:: 1283 1284 get the state long string 1285 1286 Example:: 1287 1288 void example(void) 1289 { 1290 SSL *ssl; 1291 char *str; 1292 1293 ... ... 1294 1295 str = SSL_state_string(ssl); 1296 } 1297 1298 12993.34 int ``SSL_get_error`` (const SSL * ssl, int ret_code) 1300 1301 Arguments:: 1302 1303 ssl - SSL point 1304 ret_code - SSL return code 1305 1306 Return:: 1307 1308 SSL error number 1309 1310 Description:: 1311 1312 get SSL error code 1313 1314 Example:: 1315 1316 void example(void) 1317 { 1318 SSL *ssl; 1319 int ret; 1320 int err; 1321 1322 ... ... 1323 1324 err = SSL_get_error(ssl, ret); 1325 } 1326 13273.35 int ``SSL_want`` (const SSL * ssl) 1328 1329 Arguments:: 1330 1331 ssl - SSL point 1332 1333 Return:: 1334 1335 specifical statement 1336 1337 Description:: 1338 1339 get the SSL specifical statement 1340 1341 Example:: 1342 1343 void example(void) 1344 { 1345 SSL *ssl; 1346 int state; 1347 1348 ... ... 1349 1350 state = SSL_want(ssl); 1351 } 1352 1353 13543.36 int ``SSL_want_nothing`` (const SSL * ssl) 1355 1356 Arguments:: 1357 1358 ssl - SSL point 1359 1360 Return:: 1361 1362 0 : false 1363 1 : true 1364 1365 Description:: 1366 1367 check if SSL want nothing 1368 1369 Example:: 1370 1371 void example(void) 1372 { 1373 SSL *ssl; 1374 int ret; 1375 1376 ... ... 1377 1378 ret = SSL_want(ssl); 1379 } 1380 1381 13823.37 int ``SSL_want_read`` (const SSL * ssl) 1383 1384 Arguments:: 1385 1386 ssl - SSL point 1387 1388 Return:: 1389 1390 0 : false 1391 1 : true 1392 1393 Description:: 1394 1395 check if SSL want to read 1396 1397 Example:: 1398 1399 void example(void) 1400 { 1401 SSL *ssl; 1402 int ret; 1403 1404 ... ... 1405 1406 ret = SSL_want_read(ssl); 1407 } 1408 1409 14103.38 int ``SSL_want_write`` (const SSL * ssl) 1411 1412 Arguments:: 1413 1414 ssl - SSL point 1415 1416 Return:: 1417 1418 0 : false 1419 1 : true 1420 1421 Description:: 1422 1423 check if SSL want to write 1424 1425 Example:: 1426 1427 void example(void) 1428 { 1429 SSL *ssl; 1430 int ret; 1431 1432 ... ... 1433 1434 ret = SSL_want_write(ssl); 1435 } 1436 1437 1438Chapter 4. SSL X509 Certification and Private Key Function 1439========================================================== 1440 1441 14424.1 X509 * ``d2i_X509`` (X509 ** cert, const unsigned char * buffer, long len) 1443 1444 Arguments:: 1445 1446 cert - a point pointed to X509 certification 1447 buffer - a point pointed to the certification context memory point 1448 length - certification bytes 1449 1450 Return:: 1451 1452 X509 certification object point 1453 1454 Description:: 1455 1456 load a character certification context into system context. If '*cert' is pointed to the 1457 certification, then load certification into it. Or create a new X509 certification object 1458 1459 Example:: 1460 1461 void example(void) 1462 { 1463 X509 *new; 1464 X509 *cert; 1465 unsigned char *buffer; 1466 long len; 1467 ... ... 1468 1469 new = d2i_X509(&cert, buffer, len); 1470 } 1471 1472 14734.2 int ``SSL_add_client_CA`` (SSL * ssl, X509 * x) 1474 1475 Arguments:: 1476 1477 ssl - SSL point 1478 x - CA certification point 1479 1480 Return:: 1481 1482 1 : OK 1483 0 : failed 1484 1485 Description:: 1486 1487 add CA client certification into the SSL 1488 1489 Example:: 1490 1491 void example(void) 1492 { 1493 int ret; 1494 SSL *ssl; 1495 X509 *new; 1496 1497 ... ... 1498 1499 ret = SSL_add_client_CA(ssl, new); 1500 } 1501 1502 15034.3 int ``SSL_CTX_add_client_CA`` (SSL_CTX * ctx, X509 * x) 1504 1505 Arguments:: 1506 1507 ctx - SSL context point 1508 x - CA certification point 1509 1510 Return:: 1511 1512 1 : OK 1513 0 : failed 1514 1515 Description:: 1516 1517 add CA client certification into the SSL context 1518 1519 Example:: 1520 1521 void example(void) 1522 { 1523 int ret; 1524 SSL_CTX *ctx; 1525 X509 *new; 1526 1527 ... ... 1528 1529 ret = SSL_add_clSSL_CTX_add_client_CAient_CA(ctx, new); 1530 } 1531 1532 15334.4 X509* ``SSL_get_certificate`` (const SSL * ssl) 1534 1535 Arguments:: 1536 1537 ssl - SSL point 1538 1539 Return:: 1540 1541 SSL certification point 1542 1543 Description:: 1544 1545 get the SSL certification point 1546 1547 Example:: 1548 1549 void example(void) 1550 { 1551 SSL *ssl; 1552 X509 *cert; 1553 1554 ... ... 1555 1556 cert = SSL_get_certificate(ssl); 1557 } 1558 1559 15604.5 long ``SSL_get_verify_result`` (const SSL * ssl) 1561 1562 Arguments:: 1563 1564 ssl - SSL point 1565 1566 Return:: 1567 1568 the result of verifying 1569 1570 Description:: 1571 1572 get the verifying result of the SSL certification 1573 1574 Example:: 1575 1576 void example(void) 1577 { 1578 SSL *ssl; 1579 long ret; 1580 1581 ... ... 1582 1583 ret = SSL_get_verify_result(ssl); 1584 } 1585 1586 15874.6 int ``SSL_CTX_use_certificate`` (SSL_CTX * ctx, X509 * x) 1588 1589 Arguments:: 1590 1591 ctx - the SSL context point 1592 pkey - certification object point 1593 1594 Return:: 1595 1596 1 : OK 1597 0 : failed 1598 1599 Description:: 1600 1601 load the certification into the SSL_CTX or SSL object 1602 1603 Example:: 1604 1605 void example(void) 1606 { 1607 int ret; 1608 SSL_CTX *ctx 1609 X509 *new; 1610 1611 ... ... 1612 1613 ret = SSL_CTX_use_certificate(ctx, new); 1614 } 1615 1616 16174.7 int ``SSL_CTX_use_certificate_ASN1`` (SSL_CTX * ctx, int len, const unsigned char * d) 1618 1619 Arguments:: 1620 1621 ctx - SSL context point 1622 len - certification length 1623 d - data point 1624 1625 Return:: 1626 1627 1 : OK 1628 0 : failed 1629 1630 Description:: 1631 1632 load the ASN1 certification into SSL context 1633 1634 Example:: 1635 1636 void example(void) 1637 { 1638 int ret; 1639 SSL_CTX *ctx; 1640 const unsigned char *buf; 1641 int len; 1642 1643 ... ... 1644 1645 ret = SSL_CTX_use_certificate_ASN1(ctx, len, buf); 1646 } 1647 1648 16494.8 int ``SSL_CTX_use_PrivateKey`` (SSL_CTX * ctx, EVP_PKEY * pkey) 1650 1651 Arguments:: 1652 1653 ctx - SSL context point 1654 pkey - private key object point 1655 1656 Return:: 1657 1658 1 : OK 1659 0 : failed 1660 1661 Description:: 1662 1663 load the private key into the context object 1664 1665 Example:: 1666 1667 void example(void) 1668 { 1669 int ret; 1670 SSL_CTX *ctx; 1671 EVP_PKEY *pkey; 1672 1673 ... ... 1674 1675 ret = SSL_CTX_use_PrivateKey(ctx, pkey); 1676 } 1677 1678 16794.9 int ``SSL_CTX_use_PrivateKey_ASN1`` (int pk, SSL_CTX * ctx, const unsigned char * d, long len) 1680 1681 Arguments:: 1682 1683 ctx - SSL context point 1684 d - data point 1685 len - private key length 1686 1687 Return:: 1688 1689 1 : OK 1690 0 : failed 1691 1692 Description:: 1693 1694 load the ASN1 private key into SSL context 1695 1696 Example:: 1697 1698 void example(void) 1699 { 1700 int ret; 1701 int pk; 1702 SSL_CTX *ctx; 1703 const unsigned char *buf; 1704 long len; 1705 1706 ... ... 1707 1708 ret = SSL_CTX_use_PrivateKey_ASN1(pk, ctx, buf, len); 1709 } 1710 1711 17124.10 int ``SSL_CTX_use_RSAPrivateKey_ASN1`` (SSL_CTX * ctx, const unsigned char * d, long len) 1713 1714 Arguments:: 1715 1716 ctx - SSL context point 1717 d - data point 1718 len - private key length 1719 1720 Return:: 1721 1722 1 : OK 1723 0 : failed 1724 1725 Description:: 1726 1727 load the RSA ASN1 private key into SSL context 1728 1729 Example:: 1730 1731 void example(void) 1732 { 1733 int ret; 1734 SSL_CTX *ctx; 1735 const unsigned char *buf; 1736 long len; 1737 1738 ... ... 1739 1740 ret = SSL_CTX_use_RSAPrivateKey_ASN1(ctx, buf, len); 1741 } 1742 1743 17444.11 int ``SSL_use_certificate_ASN1`` (SSL * ssl, int len, const unsigned char * d) 1745 1746 Arguments:: 1747 1748 ssl - SSL point 1749 len - data bytes 1750 d - data point 1751 1752 Return:: 1753 1754 1 : OK 1755 0 : failed 1756 1757 Description:: 1758 1759 load certification into the SSL 1760 1761 Example:: 1762 1763 void example(void) 1764 { 1765 int ret; 1766 SSL *ssl; 1767 const unsigned char *buf; 1768 long len; 1769 1770 ... ... 1771 1772 ret = SSL_use_certificate_ASN1(ssl, len, buf); 1773 } 1774 1775 17764.12 X509* ``SSL_get_peer_certificate`` (const SSL * ssl) 1777 1778 Arguments:: 1779 1780 ssl - SSL point 1781 1782 Return:: 1783 1784 peer certification 1785 1786 Description:: 1787 1788 get peer certification 1789 1790 Example:: 1791 1792 void example(void) 1793 { 1794 SSL *ssl; 1795 X509 *peer; 1796 1797 ... ... 1798 1799 peer = SSL_get_peer_certificate(ssl); 1800 } 1801 1802
