Zilog EZ80F91AZA User Manual

UM020107-1211

Introduction

ZTP Network Security SSL Plug-In

User Manual

5

•

SSL3_ClientInit

•

SSL3_ServerInit

•

TLS1_ClientInit

•

TLs1_ServerInit



Client mode support is enabled by calling the corresponding

xxx_ClientInit

API.

Server mode support is enabled by calling the corresponding

xxx_ServerInit

API. Cli-

ent-Server mode is enabled by calling

xxx_ClientInit

and

xxx_ServerInit

API. An

optional HTTPS server can also be created by calling the

https_init

API.

The code fragment that follows shows an example of each of these initialization steps.

/*

* Initialize the SSL Layer

*/

Initialize_SSL();

/*

* Initialize each handshake protocol for client

* and server support. Each protocol is configured

* to use the same certificate chain. Ephemeral

* Diffie-Hellman parameters are used for SSLv3

* and TLSv1.

*/

SSL2_ClientInit();

SSL2_ServerInit( &CertChain, NULLPTR );

SSL3_ClientInit();

SSL3_ServerInit( &CertChain, &DheParams );

TLS1_ClientInit();

TLS1_ServerInit( &CertChain, &DheParams );

/*

* Launch the HTTPS server over SSL

*/

https_init(http_defmethods,httpdefheaders,website,443);

After the initialization steps are complete, the application programs set up SSL sessions
and securely transfer data using an API that is almost identical to that of the TCP API run-
ning on the underlying ZTP system.

TCP-based applications in ZTP use the

open

,

bind

,

send

, and

receive

API sockets to

establish TCP connections and transfer data. To use SSL, ZTP applications still use the
same API. The only difference is the use of the

SOCK_SSL

socket type instead of the

SOCK_STREAM

socket type.