Type Alias esp_idf_sys::esp_tls_cfg_t

source ·
pub type esp_tls_cfg_t = esp_tls_cfg;
Expand description

@brief ESP-TLS configuration parameters

@note Note about format of certificates: - This structure includes certificates of a Certificate Authority, of client or server as well as private keys, which may be of PEM or DER format. In case of PEM format, the buffer must be NULL terminated (with NULL character included in certificate size). - Certificate Authority’s certificate may be a chain of certificates in case of PEM format, but could be only one certificate in case of DER format - Variables names of certificates and private key buffers and sizes are defined as unions providing backward compatibility for legacy *_pem_buf and *_pem_bytes names which suggested only PEM format was supported. It is encouraged to use generic names such as cacert_buf and cacert_bytes.

Aliased Type§

struct esp_tls_cfg_t {
Show 26 fields pub alpn_protos: *mut *const i8, pub __bindgen_anon_1: esp_tls_cfg__bindgen_ty_1, pub __bindgen_anon_2: esp_tls_cfg__bindgen_ty_2, pub __bindgen_anon_3: esp_tls_cfg__bindgen_ty_3, pub __bindgen_anon_4: esp_tls_cfg__bindgen_ty_4, pub __bindgen_anon_5: esp_tls_cfg__bindgen_ty_5, pub __bindgen_anon_6: esp_tls_cfg__bindgen_ty_6, pub clientkey_password: *const u8, pub clientkey_password_len: u32, pub use_ecdsa_peripheral: bool, pub ecdsa_key_efuse_blk: u8, pub non_block: bool, pub use_secure_element: bool, pub timeout_ms: i32, pub use_global_ca_store: bool, pub common_name: *const i8, pub skip_common_name: bool, pub keep_alive_cfg: *mut tls_keep_alive_cfg, pub psk_hint_key: *const psk_key_hint, pub crt_bundle_attach: Option<unsafe extern "C" fn(_: *mut c_void) -> i32>, pub ds_data: *mut c_void, pub is_plain_tcp: bool, pub if_name: *mut ifreq, pub addr_family: u32, pub ciphersuites_list: *const i32, pub tls_version: u32,
}

Fields§

§alpn_protos: *mut *const i8

< Application protocols required for HTTP2. If HTTP2/ALPN support is required, a list of protocols that should be negotiated. The format is length followed by protocol name. For the most common cases the following is ok: const char **alpn_protos = { “h2”, NULL };

  • where ‘h2’ is the protocol name
§__bindgen_anon_1: esp_tls_cfg__bindgen_ty_1§__bindgen_anon_2: esp_tls_cfg__bindgen_ty_2§__bindgen_anon_3: esp_tls_cfg__bindgen_ty_3§__bindgen_anon_4: esp_tls_cfg__bindgen_ty_4§__bindgen_anon_5: esp_tls_cfg__bindgen_ty_5§__bindgen_anon_6: esp_tls_cfg__bindgen_ty_6§clientkey_password: *const u8

< Client key decryption password string

§clientkey_password_len: u32

< String length of the password pointed to by clientkey_password

§use_ecdsa_peripheral: bool

< Use the ECDSA peripheral for the private key operations

§ecdsa_key_efuse_blk: u8

< The efuse block where the ECDSA key is stored

§non_block: bool

< Configure non-blocking mode. If set to true the underneath socket will be configured in non blocking mode after tls session is established

§use_secure_element: bool

< Enable this option to use secure element or atecc608a chip ( Integrated with ESP32-WROOM-32SE )

§timeout_ms: i32

< Network timeout in milliseconds. Note: If this value is not set, by default the timeout is set to 10 seconds. If you wish that the session should wait indefinitely then please use a larger value e.g., INT32_MAX

§use_global_ca_store: bool

< Use a global ca_store for all the connections in which this bool is set.

§common_name: *const i8

< If non-NULL, server certificate CN must match this name. If NULL, server certificate CN must match hostname.

§skip_common_name: bool

< Skip any validation of server certificate CN field

§keep_alive_cfg: *mut tls_keep_alive_cfg

< Enable TCP keep-alive timeout for SSL connection

§psk_hint_key: *const psk_key_hint

< Pointer to PSK hint and key. if not NULL (and certificates are NULL) then PSK authentication is enabled with configured setup. Important note: the pointer must be valid for connection

§crt_bundle_attach: Option<unsafe extern "C" fn(_: *mut c_void) -> i32>§ds_data: *mut c_void

< Pointer for digital signature peripheral context

§is_plain_tcp: bool

< Use non-TLS connection: When set to true, the esp-tls uses plain TCP transport rather then TLS/SSL connection. Note, that it is possible to connect using a plain tcp transport directly with esp_tls_plain_tcp_connect() API

§if_name: *mut ifreq

< The name of interface for data to go through. Use the default interface without setting

§addr_family: u32

< The address family to use when connecting to a host.

§ciphersuites_list: *const i32

< Pointer to a zero-terminated array of IANA identifiers of TLS ciphersuites. Please check the list validity by esp_tls_get_ciphersuites_list() API

§tls_version: u32

< TLS protocol version of the connection, e.g., TLS 1.2, TLS 1.3 (default - no preference)