Struct w5500_tls::Client

pub struct Client<'hn, 'psk, 'b, const N: usize> { /* private fields */ }

TLS Client.

RX Buffer

The generic N is the size of the RX buffer, this must be set to a valid socket BufferSize.

This buffer must be large enough to contain the largest handshake fragment. The socket RX buffer size will be set to match N. When using pre-shared keys the default value of N=2048 is typically sufficient.

This buffer is necessary because handshakes may be fragmented across multiple records, and due to the gaps left by the headers and footers is is not feasible to reassemble fragments within the socket buffers.

Implementations

impl<'hn, 'psk, 'b, const N: usize> Client<'hn, 'psk, 'b, N>

pub fn new( sn: Sn, src_port: u16, hostname: Hostname<'hn>, dst: SocketAddrV4, identity: &'psk [u8], psk: &'psk [u8], rx: &'b mut [u8; N], ) -> Self

Create a new TLS client.

You must resolve the hostname to an Ipv4Addr externally.

Arguments

• sn Socket number for the TLS client.
• src_port Source port, use any unused port.
• hostname Server hostname.
• dst Server address.
• identity PSK identity
• psk pre-shared key
• rx RX buffer, this must be 1024, 2048, 4096, 8192, or 16384 bytes in length

Example

use w5500_tls::{
    Client,
    {
        hl::Hostname,
        ll::{
            net::{Ipv4Addr, SocketAddrV4},
            Sn,
        },
    },
};

static mut RX: [u8; 2048] = [0; 2048];

const DST: SocketAddrV4 = SocketAddrV4::new(Ipv4Addr::new(192, 168, 0, 4), 8883);
const HOSTNAME: Hostname = Hostname::new_unwrapped("server.local");
const SRC_PORT: u16 = 1234;
const TLS_SN: Sn = Sn::Sn4;

let tls_client: Client<2048> = Client::new(
    TLS_SN,
    SRC_PORT,
    HOSTNAME,
    DST,
    b"mykeyidentity",
    &MY_KEY,
    unsafe { &mut RX },
);

pub fn process<W5500: Registers, R: RngCore + CryptoRng>( &mut self, w5500: &mut W5500, rng: &mut R, monotonic_secs: u32, ) -> Result<Event, Error>

Process the MQTT client.

This should be called repeatedly until it returns:

• Err(_) What to do upon errors is up to you.
• Ok(Event::CallAfter(seconds)) Call this method again after the number of seconds indicated.
• Ok(Event::None) The client is idle; you can call writer.

This should also be called when there is a pending socket interrupt.

Arguments

• w5500 W5500 device implementing the Registers trait.
• rng secure random number generator. This is assumed to be infallible. If you have a fallible secure hardware RNG you can use that to seed an infallible software RNG.
• monotonic_secs Monotonically increasing (never decreasing) seconds since an epoch (typically system boot).

pub fn connected(&self) -> bool

Returns true if the TLS handshake has completed and the client is connected.

Example

use w5500_tls::{
    Client,
    {
        hl::Hostname,
        ll::{
            net::{Ipv4Addr, SocketAddrV4},
            Sn,
        },
    },
};

static mut RX: [u8; 2048] = [0; 2048];

const DST: SocketAddrV4 = SocketAddrV4::new(Ipv4Addr::new(192, 168, 0, 4), 8883);
const HOSTNAME: Hostname = Hostname::new_unwrapped("server.local");
const SRC_PORT: u16 = 1234;
const TLS_SN: Sn = Sn::Sn4;

let tls_client: Client<2048> = Client::new(
    TLS_SN,
    SRC_PORT,
    HOSTNAME,
    DST,
    b"mykeyidentity",
    &MY_KEY,
    unsafe { &mut RX },
);

pub fn writer<'w, 'ks, W5500: Registers>( &'ks mut self, w5500: &'w mut W5500, ) -> Result<TlsWriter<'w, 'ks, W5500>, Error>

where Self: Sized,

Create a TLS writer.

This returns a TlsWriter structure, which contains functions to stream data to the W5500 socket buffers incrementally.

This is similar to TcpWriter, except it will encrypt the data before sending.

This is slower than write_all, it will write all your data, read it back, encrypt it, then write it back before sending. This is useful for low-memory applications.

Errors

This method can only return:

• Error::Client with AlertDescription::InternalError
• Error::NotConnected

Example

See TlsWriter.

pub fn write_all<W5500: Registers>( &mut self, w5500: &mut W5500, data: &[u8], ) -> Result<(), Error>

Send data to the remote host.

This is more efficient than writer because the data size is known up-front and a round-trip to the socket buffers to encrypt the record can be avoided.

This should only be used when the handshake has completed, otherwise the server will send an unexpected_message alert.

Errors

This method can only return:

• Error::Client with AlertDescription::InternalError
• Error::NotConnected

pub fn reader<'ptr>( &'ptr mut self, ) -> Result<TlsReader<'b, 'ptr>, HlError<Infallible>>

Create a TLS reader.

Errors

This method can only return:

• HlError::Other
• HlError::WouldBlock

Example

See TlsReader.