SSL上使用nanopb的客户端服务器

SSL_write和SSL_read是用于通过SSL传输数据的功能。在network_server示例中，examples/network_server/common.c中使用了libc send()和recv()。

您可以替换那里的功能，以使nanopb直接写入SSL管道。另外，您始终可以从内存缓冲区进行编码和解码（例如在examples/simple/simple.c中），然后分别发送和接收该内存缓冲区。

wolfSSL支持自定义输入/输出（I / O），并允许用户插入自己的回调以进行发送和接收。

这意味着wolfSSL与基础传输层无关。默认情况下，wolfSSL假定使用BSD套接字和TCP / IP堆栈，但是用户可以简单地编写自己的发送和接收函数，并在设置过程中对其进行注册，以删除TCP / IP或BSD套接字的默认依赖项。

下面，我提供了一些有关如何设置自定义发送和接收的基本文档，并且还提供了一个示例的链接，其中我们在同一台PC上使用两个文件在客户端和服务器之间交换TLS数据包。使用文件系统作为传输层（没有套接字，端口，TCP / IP等！）

int myReceive(WOLFSSL *ssl,char *buf,int sz,void *ctx)
{
    // ssl = the current SSL object,cast to void if unused
    // buf = the buffer to receive the message,always used
    // sz = the size in bytes to receive,always used
    // ctx = a custom user context,can be anything,a structure,char buf,variable,cast to the correct type and use as needed,cast to void if unused.

    // RULE1: Only return the amount received.
    // RULE2: In the case of a failed receive return one of the following errors as appropriate,returning 0 will
    //        trigger an automatic re-receive attempt without returning control to the calling application.
    //        WOLFSSL_CBIO_ERR_GENERAL    = -1,/* general unexpected err */           
    //        WOLFSSL_CBIO_ERR_WANT_READ  = -2,/* need to call read  again */         
    //        WOLFSSL_CBIO_ERR_WANT_WRITE = -2,/* need to call write again */         
    //        WOLFSSL_CBIO_ERR_CONN_RST   = -3,/* connection reset */                 
    //        WOLFSSL_CBIO_ERR_ISR        = -4,/* interrupt */                        
    //        WOLFSSL_CBIO_ERR_CONN_CLOSE = -5,/* connection closed or epipe */       
    //        WOLFSSL_CBIO_ERR_TIMEOUT    = -6      /* socket timeout */ 
    // RULE3: In the case of a partial receive,only return the amount read,call wolfSSL_read again
    //        with the exact same parameters (including sz),the state machine will internally keep
    //        track of received vs remainder and will handle the remainder appropriately.
}

int mySend(WOLFSSL *ssl,cast to void if unused
    // buf = the message to send,always used
    // sz = the size in bytes to send,cast to void if unused.

    // RULE1: Only return the amount sent.
    // RULE2: In the case of a failed send return one of the following errors as appropriate,returning 0 will
    //        trigger an automatic re-send attempt without returning control to the calling application.
    //        WOLFSSL_CBIO_ERR_GENERAL    = -1,/* connection closed or epipe */       
    //        WOLFSSL_CBIO_ERR_TIMEOUT    = -6      /* socket timeout */ 
    // RULE3: In the case of a partial send,only return the amount written,call wolfSSL_write again
    //        with the exact same parameters (including sz),the state machine will internally keep
    //        track of send vs remainder and will handle the remainder appropriately.
}

    // Register your callbacks in place of the defaults:
    wolfSSL_CTX_SetIORecv(ctx,mySend);
    wolfSSL_CTX_SetIOSend(ctx,myReceive);

https://github.com/wolfSSL/wolfssl-examples/tree/master/custom-io-callbacks

我包含此链接的原因是，您可以在https://github.com/wolfSSL/wolfssl-examples/blob/master/custom-io-callbacks/file-client/file-client.c#L73-L119签出客户端的自定义I / O回调，并了解如何简单地替换使用文件系统的read（）和write（）调用而是使用您的pb_encode_delimited（）和pb_decode_delimited（）。

如果您有关于如何使用wolfSSL设置自定义I / O的后续问题，或者正在努力通过nanopb实施该问题，请随时发送电子邮件至wolfSSL支持团队：

“在wolfssl [点] com上提供支持”

谢谢！

• KH

jpa的意见之后，在common.c中添加了ssl读写回调。

static bool ssl_write_callback(pb_ostream_t *stream,const uint8_t *buf,size_t count)
{
    WOLFSSL * sslfd = (WOLFSSL *) stream->state;
    int ret = wolfSSL_write(sslfd,buf,count);
    return (ret == count) ; // true if success or false
}
pb_ostream_t pb_ostream_from_ssl_socket(WOLFSSL * ssl)
{

    pb_ostream_t stream = {&ssl_write_callback,(void *) (WOLFSSL *)ssl,SIZE_MAX,0};

    return stream;
}

从客户端主体

//initialize WOLFSSL and associate socket fd
pb_ostream_t output = pb_ostream_from_ssl_socket(ssl); // WOLFSSL * ssl;

正在工作。感谢所有提供帮助的人