Towards a secure API client generator for IoT devices

Given the success of IoT platforms, more developers and companies want to include the technology in their portfolio. However, in the case of single board microcontrollers, the support for networking operations is not ideal, and different IoT platforms allow access to the networking submodule via different libraries and system calls, leading to a steeper learning curve. Code generators for API clients can enhance productivity, but they tend to generate universal purpose code, and on the other hand the networking primitives of IoT devices are platform specific, especially when security mechanisms such as Transport Layer Security are part of the picture. This paper presents \texttt{cpp-tiny-client}, an API client generator developed as a plugin for the OpenAPI Generator project, which can tailor the generated code based on the IoT platform specified by the user. Our work allows to generate correct code for API clients for IoT devices, and thus can empower a developer with more productivity and a faster time-to-market for its own applications. By combining together mainstream technologies only, \texttt{cpp-tiny-client} offers a gentle learning curve. Moreover, experiments show that the generated code has a reasonable footprint, at least with respect to the IoT devices that were used in the validation of the work. The code related to this work is available through the OpenAPI Generator project~\cite{OpenAPIGenerator}. This technical report is an extension of~\cite{acmsac22}, and it integrates the information presented at the ACM SAC 2022 conference.