MbedTLSSocket

class WiFiMbedTLSSocket

A wrapper over a socket that adds SSL using Mbed TLS

This class is only available if Mbed TLS is present during the compilation. It is detected via presence of <mbedtls/ssl.h> header. Mbed TLS is available on Mbed OS based Nano boards and you can also obtain a newer and faster version via MbedNanoTLS library

This class takes a pre-existing socket obtained from elsewhere and assumes ownership over it. Like the original socket it is movable and move assignable but not copyable or copy assignable.

Both blocking and non-blocking sockets are supported.

Public Functions

WiFiMbedTLSSocket() = default

Creates an invalid socket.

inline WiFiMbedTLSSocket(WiFiSocket &&socket, mbedtls_ssl_context *context)

Creates a socket

This method never fails. The source socket should be in connected state and ready to use - you will not be able to access it after this call.

Parameters:

  • socket – the plain socket to assume ownership of

  • context – Mbed TLS session context.

inline WiFiMbedTLSSocket(WiFiMbedTLSSocket &&src)

Moving a socket

The source socket is left in an invalid state

inline WiFiMbedTLSSocket &operator=(WiFiMbedTLSSocket &&src)

Move-assigning a socket

The source socket is left in an invalid state

inline explicit operator bool() const

Tests whether the socket is invalid.

A socket is in an invalid state when it represents “no socket”. A valid socket never becomes invalid unless it is moved out or closed. Similarly an invalid socket never becomes valid unless moved-in from a valid socket.

inline void close()

Manually close the socket

This makes this object an invalid socket. Note that this method does NOT gracefully close SSL connection. It just brute-force closes the socket. Call finish() to gracefully close.

bool handshake()

Perform an SSL handshake.

Returns:

success flag. Check lastError() for more information about failure

int32_t send(const void *buf, uint16_t size)

Sends data to remote endpoint

Returns:

the amount of data actually sent or -1 on failure. Check lastError() for more information about failure. The type of the return value is int32_t to accommodate -1. When non-negative it will never be bigger than the size parameter.

int32_t recv(void *buf, uint16_t size)

Receives data from remote endpoint

Returns:

the amount of data actually read or -1 on failure. Check lastError() for more information about failure. The type of the return value is int32_t to accommodate -1. When non-negative it will never be bigger than the size parameter.

inline bool flush()

Does nothing

This function is provided for compatibility with other SSL implementations that might require you to manually flush buffered data.

Returns:

true

bool finish()

Gracefully closes SSL connection

When this method returns true the underlying socket is also closed. For non-blocking sockets it might return MBEDTLS_ERR_SSL_WANT_READ/WRITE so be prepared to call it multiple times.

Returns:

success flag. Check lastError() for more information about failure

Public Static Functions

static inline int lastError()

Retrieves error (if any) of the last method call.

Last error is always set, whether the call failed or succeeded.

Returns:

one of the MBed TLS error codes.