Part Number: CC3220SF
Greetings.
I have CC3220SF-based board running web-server. This web server uses bsd-compliant API (socket(), accept(), setsockopt() etc.) to handle requests. My goal is to move available REST API to https. It looks like using simplelink secure sockets API is the best option to go. Using means provided by my application I uploaded two files from certificate playground to internal simplelink memory - dummy-trusted-cert-key and trusted-chain.pem. They are stored as simple files - not encrypted. Problem with migrating to secured sockets is that all guides I've found (Including those from TI training series) describe sl_ API calls from ti/drivers/net/wifi. My goal instead is to use SlNetSock API as suggested by TI. The only example that uses SlNetSock is tcp-echo, so I want to complete my task using this example as a reference. Looking through code from this example few questions arises:
1. What is the purpose of SlNetIf_loadSecObj() API. Documentation says that the function loads buffer/files into the inputted network stack for future usage of the socket SSL/TLS connection. In this example file is loaded from an array in memory, but in my case certificate and key are already available in file. Should I call it in this case and if so what should I pass as an objBuff argument?
2. In this example socket is created by call to socket(AF_INET, SOCK_STREAM, 0). Shouldn't third parameter be SLNETSOCK_PROTO_SECURE, or at least SLNETSOCK_PROTO_TCP? If everything is correct, then what is the use case for SLNETSOCK_PROTO_SECURE parameter?
3. I see some sort of security context SlNetSock_secAttribCreate is created, what is the correct way to maintain it's lifecycle: when socket should it be destroyed and created in socket open/close? Or maybe it is created once on application startup and then only call SlNetSock_startSec() on when new socket is created?
4. In this example time is synchronized by means of SNTP before server is started. Unfortunately in my application there is no RTC and there might be usage scenarios when CC3220SF is started in AP mode and https API should be available.How will absence of time synchronization affect https functionality in this case?
Thanks in advance, Vadym.