FUNCTION_BLOCK PUBLIC FINAL TLSContext IMPLEMENTS ITLSContext, ITLSContext_Internal
Encapsulates all the data neccecray to handle encrypted tcp connections
Static initialization, as shown in the following code snippet.
VAR
commonName : STRING := 'MyRrasPi';
ciCertInfo : NBS.CERT_INFO := (psInfo:=ADR(commonName), udiSize:=LEN(commonName));
myTLSContext : NBS.TLSContext := (
ePurpose:=NBS.PURPOSE.CLIENT_SIDE,
sUseCaseName:='NBSTest',
sTLSVersion:='1.3',
ciCertInfo:=ciCertInfo,
udiVerificationMode:=2
);
END_VAR
|
InOut:
|
|
Scope
|
Name
|
Type
|
Initial
|
Comment
|
|
Input
|
sUseCaseName
|
STRING
|
|
A name to identify this context in the security manager
|
|
ePurpose
|
PURPOSE
|
|
This context can be used on the server side or on the client side.
|
|
sTLSVersion
|
TLS_VERSION
|
'1.2'
|
A string to select the correct protocol version
|
|
sCipherList
|
CIPHER_LIST
|
STRUCT(psList := ADR('HIGH'), udiSize := 5)
|
|
|
sHostname
|
HOSTNAME
|
|
A hostname to select the correct certificate on the server side.
|
|
udiVerificationMode
|
UDINT
|
1
|
1 => No peer verification
2 => Active Peer verification
(4) => 2+4 = 6 => Force termination, if no client certificate
(8) => 2+8=10 or 2+4+8 = 14 => Request client certificate only whithin initial handshake
|
|
ciCertInfo
|
REFERENCE TO CERT_INFO
|
|
A string to select the correct certificate in local certificate store
|
|
itfCertVerifer
|
ICertificateVerifier
|
|
A callback for application specific cerificate verification
|
|