TLSContext (FB)¶

FUNCTION_BLOCK PUBLIC FINAL TLSContext IMPLEMENTS ITLSContext, ITLSContext_Internal

Encapsulates all the data neccecray to handle encrypted tcp connections

Static initialization, as shown in the following code snippet.

VAR
    commonName : STRING := 'MyRrasPi';
    ciCertInfo : NBS.CERT_INFO := (psInfo:=ADR(commonName), udiSize:=LEN(commonName));
    myTLSContext : NBS.TLSContext := (
        ePurpose:=NBS.PURPOSE.CLIENT_SIDE,
        sUseCaseName:='NBSTest',
        sTLSVersion:='1.3',
        ciCertInfo:=ciCertInfo,
        udiVerificationMode:=2
    );
END_VAR

InOut:

Scope	Name	Type	Initial	Comment
Input	`sUseCaseName`	`STRING`		A name to identify this context in the security manager
	`ePurpose`	PURPOSE		This context can be used on the server side or on the client side.
	`sTLSVersion`	TLS_VERSION	‘1.2’	A string to select the correct protocol version
	`sCipherList`	CIPHER_LIST	STRUCT(psList := ADR(‘HIGH’), udiSize := 5)	A string to select the correct encryption cipher suites. See for example: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html#CIPHER-LIST-FORMAT
	`sHostname`	HOSTNAME		A hostname to select the correct certificate on the server side.
	`udiVerificationMode`	`UDINT`	1	1 => No peer verification 2 => Active Peer verification (4) => 2+4 = 6 => Force termination, if no client certificate (8) => 2+8=10 or 2+4+8 = 14 => Request client certificate only whithin initial handshake
	`ciCertInfo`	REFERENCE TO CERT_INFO		A string to select the correct certificate in local certificate store
	`itfCertVerifer`	ICertificateVerifier		A callback for application specific cerificate verification

Methods:

SetInitialValue

Structure:

SetInitialValue (Method)