From eee27b06b41462aa0125e6df7b553576296213ff Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Tue, 10 Jun 2025 16:24:40 +0200 Subject: [PATCH 1/2] Splitting the definition of client into 2 interfaces - ClientConnect provides the abstraction required to address connection methods for TCP like sessions. - Client provides the same Features as before, but it is specialized to handle connections that are then handled like a stream, like a classical TCP connection This distinction will be used to differentiate stream like communication protocols, i.e. websocket, tcp, http streaming, from discrete sized packets communication, like MQTT. --- api/Client.h | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/api/Client.h b/api/Client.h index 5a1d99fe..4513e6bf 100644 --- a/api/Client.h +++ b/api/Client.h @@ -24,23 +24,28 @@ namespace arduino { -class Client : public Stream { +// The objective of this interface is to split the definition of a Client that +// works with streams and one that works with discrete sized messages +class ClientConnect { +public: + virtual ~ClientConnect() = default; + + virtual int connect(IPAddress ip, uint16_t port) = 0; + virtual int connect(const char *host, uint16_t port) = 0; + virtual void disconnect() = 0; + + virtual uint8_t connected() = 0; + virtual operator bool() = 0; +}; +class Client : public Stream, ClientConnect { public: - virtual int connect(IPAddress ip, uint16_t port) =0; - virtual int connect(const char *host, uint16_t port) =0; - virtual size_t write(uint8_t) =0; - virtual size_t write(const uint8_t *buf, size_t size) =0; - virtual int available() = 0; - virtual int read() = 0; + virtual size_t write(uint8_t) = 0; + virtual size_t write(const uint8_t *buf, size_t size) = 0; virtual int read(uint8_t *buf, size_t size) = 0; - virtual int peek() = 0; - virtual void flush() = 0; virtual void stop() = 0; - virtual uint8_t connected() = 0; - virtual operator bool() = 0; protected: - uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); }; + uint8_t* rawIPAddress(IPAddress& addr) { return addr.raw_address(); }; // FIXME this is a utility function }; -} \ No newline at end of file +} From 47eb8631ef45adf24c969d0c38e8053d3da28349 Mon Sep 17 00:00:00 2001 From: Andrea Gilardoni Date: Tue, 10 Jun 2025 16:32:24 +0200 Subject: [PATCH 2/2] Introducing Tls apis in Arduino Core api Added Interfaces to handle Tls api standardization in arduino core api. --- api/Tls.h | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 api/Tls.h diff --git a/api/Tls.h b/api/Tls.h new file mode 100644 index 00000000..3c9a9a98 --- /dev/null +++ b/api/Tls.h @@ -0,0 +1,46 @@ +#pragma once + +#include "Client.h" + + +namespace arduino { + +// Tls CertificatesKeys are strings +using CertificateKey = const char[]; + +enum class CertificateFormat { + Der, + Pem, +} + +class Tls: public ClientConnect { +public: + virtual ~Tls() = default; + + enum IdentityVerification { + MTls, // both ends identity needs to be verified + Tls, // The server side end is verified against CA + Insecure, // no check against server side identity + }; + + virtual void setIdentityVerification(IdentityVerification mode) { _mode = mode; }; + virtual void setCA(CertificateKey ca, CertificateFormat f=CertificateFormat::Pem) = 0; + virtual void setCertificate(CertificateKey public, CertificateKey private, CertificateFormat f=CertificateFormat::Pem) = 0; + + + // Tls protocol enables Server Name Indication usage, for which a client provides + // the hostname it is trying to connect to. This hostname may be required to be verified + // against the server provided one + virtual void sniVerification(bool) = 0; + + // manually provide an hostname that will be used together with sni + // if connect is called with hostname as parameter this will be automatically called + virtual void setHostname(const char hostname[]) = 0; +protected: + IdentityVerification _mode; +}; + +class TlsClient: public Client, Tls { + +}; +}