1 (edited by todaysSawer 2014-04-01 19:34:21)

Topic: wolfSSL embedded SSL without Sockets - Is it Possible?

I'm in a deep discussion with a colleague about the basics of connecting a client and server.

I read the wolfSSL manual and ran the Linux as well as Windows versions (on Linux and on a Windows 8.1 via Visual Studio).

The client and server tests use sockets. Each creates a ssl object and calls the ssl_set_fd to associate the ssl object with a socket descriptor after the client does the TCP_Connect and the server finishes the TCP_Accept.

I know that the ssl object has fields which include the connection state of the client and server. These fields are used in the handshake by both. For example, the client's wolfSSL_Connect executes a while loop to wait for the needed state, which nominally would be server_hello_done or something like that.

The underlying socket software, I claim, is allowing both the client and server to access the ssl object between them. If not for the ssl_set_fd, then each executable has its own ssl and the handshake would never complete.

Am I right? Or is there a different way without modifying my wolfSSL to use it without sockets? I'm interested in the context of connection establishment mainly and I am aware of being able to customize input/ioutput with the callbacks (to skip tcp/ip). But the callbacks still do not preclude the use of sockets for a connection establishment.

thanks

Bill

Share

Re: wolfSSL embedded SSL without Sockets - Is it Possible?

Hi Bill,

By default, wolfSSL will use a BSD-style socket API, but as you mentioned with the use of the custom wolfSSL I/O callback mechanism, wolfSSL can be used without sockets.  We have several users using wolfSSL without sockets - instead using us over alternative transport mediums such as serial links or memory buffers.

The wolfSSL_set_fd() function isn't required when using custom I/O callbacks.  SSL related functions such as wolfSSL_connect(), wolfSSL_accept(), wolfSSL_read(), wolfSSL_write(), etc. take a WOLFSSL session object as a parameter.  wolfSSL embedded SSL handles managing the state of the handshake/connection internally.

Hopefully this helps make things a little clearer.

Best Regards,
Chris