Francois Berder / TLS_cyassl

wrapper of the mbed port of Cyassl. It's based of the work of Ashley Mills

Dependencies:   cyassl-lib

Dependents:   TLS_cyassl-Example TLS_cyassl-Example2 HTTPSClientExample2

Fork of TLS_cyassl by Francois Berder

Import programTLS_cyassl-Example

This program shows how to use TLS_cyassl to connect to mbed.org

Last commit 18 Sep 2013 by Francois Berder

Import programTLS_cyassl-Example2

This example show how to create a small TLS server using the TLS_cyassl library.

Last commit 18 Sep 2013 by Francois Berder

TLSConnection.cpp@1:9494492e9bf7, 2013-09-13 (annotated)

Committer:
feb11
Date:
Fri Sep 13 12:59:14 2013 +0000
Revision:
1:9494492e9bf7
Parent:
0:815067fd66c9
Child:
2:63ad554f6ca4
add read and write

Who changed what in which revision?

UserRevisionLine numberNew contents of line
feb11 0:815067fd66c9 1 #define __DEBUG__ 4 //Maximum verbosity
feb11 0:815067fd66c9 2 #ifndef __MODULE__
feb11 0:815067fd66c9 3 #define __MODULE__ "TLSConnection.cpp"
feb11 0:815067fd66c9 4 #endif
feb11 0:815067fd66c9 5
feb11 1:9494492e9bf7 6 #define DEBUG_CYASSL 1
feb11 0:815067fd66c9 7 #include "dbg.h"
feb11 0:815067fd66c9 8 #include "TLSConnection.h"
feb11 0:815067fd66c9 9 #include <stdlib.h>
feb11 0:815067fd66c9 10 #include <stdio.h>
feb11 0:815067fd66c9 11 #include "bsd_socket.h"
feb11 0:815067fd66c9 12 #include "cert.h"
feb11 0:815067fd66c9 13 #undef NO_CERTS
feb11 0:815067fd66c9 14 #undef NO_FILESYSTEM
feb11 0:815067fd66c9 15 #include "ssl.h"
feb11 0:815067fd66c9 16 #include "logging.h"
feb11 0:815067fd66c9 17
feb11 1:9494492e9bf7 18
feb11 0:815067fd66c9 19 const static int HTTPS_PORT = 443;
feb11 0:815067fd66c9 20
feb11 0:815067fd66c9 21 void printError(CYASSL *ssl, int resultCode) {
feb11 1:9494492e9bf7 22
feb11 0:815067fd66c9 23 int err = CyaSSL_get_error(ssl, resultCode);
feb11 0:815067fd66c9 24 char errorString[80];
feb11 0:815067fd66c9 25 CyaSSL_ERR_error_string(err, errorString);
feb11 0:815067fd66c9 26 printf("Error: CyaSSL_write %s\n", errorString);
feb11 1:9494492e9bf7 27
feb11 0:815067fd66c9 28 }
feb11 0:815067fd66c9 29
feb11 0:815067fd66c9 30 TLSConnection::TLSConnection():
feb11 0:815067fd66c9 31 Socket(),
feb11 0:815067fd66c9 32 Endpoint(),
feb11 0:815067fd66c9 33 _is_connected(false),
feb11 0:815067fd66c9 34 _ssl_ctx(),
feb11 0:815067fd66c9 35 _ssl()
feb11 0:815067fd66c9 36 {
feb11 0:815067fd66c9 37 }
feb11 0:815067fd66c9 38
feb11 0:815067fd66c9 39 void debugCallback(const int logLevel,const char *const logMessage) {
feb11 1:9494492e9bf7 40 DBG(logMessage);
feb11 0:815067fd66c9 41 }
feb11 0:815067fd66c9 42
feb11 0:815067fd66c9 43 bool TLSConnection::connect(const char *host)
feb11 0:815067fd66c9 44 {
feb11 0:815067fd66c9 45 if (init_socket(SOCK_STREAM) < 0)
feb11 0:815067fd66c9 46 return false;
feb11 0:815067fd66c9 47
feb11 0:815067fd66c9 48 if (set_address(host, HTTPS_PORT) != 0)
feb11 0:815067fd66c9 49 return false;
feb11 0:815067fd66c9 50
feb11 0:815067fd66c9 51 if (lwip_connect(_sock_fd, (const struct sockaddr *) &_remoteHost, sizeof(_remoteHost)) < 0) {
feb11 0:815067fd66c9 52 close();
feb11 0:815067fd66c9 53 return false;
feb11 0:815067fd66c9 54 }
feb11 1:9494492e9bf7 55
feb11 0:815067fd66c9 56 CyaSSL_Init();
feb11 0:815067fd66c9 57 CyaSSL_Debugging_ON();
feb11 0:815067fd66c9 58
feb11 0:815067fd66c9 59 CyaSSL_SetLoggingCb(&debugCallback);
feb11 0:815067fd66c9 60 CYASSL_METHOD* method = CyaTLSv1_2_client_method();
feb11 1:9494492e9bf7 61 if(method == NULL)
feb11 0:815067fd66c9 62 {
feb11 0:815067fd66c9 63 return false;
feb11 0:815067fd66c9 64 }
feb11 1:9494492e9bf7 65
feb11 0:815067fd66c9 66 _ssl_ctx = CyaSSL_CTX_new(method);
feb11 0:815067fd66c9 67 if(_ssl_ctx == NULL)
feb11 0:815067fd66c9 68 {
feb11 0:815067fd66c9 69 return false;
feb11 0:815067fd66c9 70 }
feb11 0:815067fd66c9 71 CyaSSL_CTX_load_verify_buffer(_ssl_ctx,(unsigned char*)root_cert, root_cert_len,SSL_FILETYPE_ASN1);
feb11 1:9494492e9bf7 72
feb11 0:815067fd66c9 73 _ssl = CyaSSL_new(_ssl_ctx);
feb11 0:815067fd66c9 74 if(_ssl == NULL)
feb11 0:815067fd66c9 75 {
feb11 0:815067fd66c9 76 return false;
feb11 0:815067fd66c9 77 }
feb11 0:815067fd66c9 78 CyaSSL_set_fd(_ssl, _sock_fd);
feb11 0:815067fd66c9 79
feb11 0:815067fd66c9 80 int result = CyaSSL_connect(_ssl);
feb11 0:815067fd66c9 81 if(result!=SSL_SUCCESS)
feb11 0:815067fd66c9 82 {
feb11 0:815067fd66c9 83 printError(_ssl,result);
feb11 0:815067fd66c9 84 return false;
feb11 0:815067fd66c9 85 }
feb11 0:815067fd66c9 86
feb11 0:815067fd66c9 87 _is_connected = true;
feb11 0:815067fd66c9 88
feb11 0:815067fd66c9 89 return true;
feb11 0:815067fd66c9 90 }
feb11 0:815067fd66c9 91
feb11 0:815067fd66c9 92 bool TLSConnection::is_connected(void)
feb11 0:815067fd66c9 93 {
feb11 0:815067fd66c9 94 return _is_connected;
feb11 0:815067fd66c9 95 }
feb11 0:815067fd66c9 96
feb11 0:815067fd66c9 97 int TLSConnection::send_all(char *data, int length)
feb11 0:815067fd66c9 98 {
feb11 1:9494492e9bf7 99 if(!_is_connected)
feb11 1:9494492e9bf7 100 return 0;
feb11 1:9494492e9bf7 101
feb11 1:9494492e9bf7 102 return CyaSSL_write(_ssl, data, length);
feb11 0:815067fd66c9 103 }
feb11 0:815067fd66c9 104
feb11 0:815067fd66c9 105 int TLSConnection::receive(char *data, int length)
feb11 0:815067fd66c9 106 {
feb11 1:9494492e9bf7 107 if(!_is_connected)
feb11 1:9494492e9bf7 108 return 0;
feb11 1:9494492e9bf7 109
feb11 1:9494492e9bf7 110 return CyaSSL_read(_ssl, data, length);
feb11 0:815067fd66c9 111 }
feb11 0:815067fd66c9 112
feb11 0:815067fd66c9 113 bool TLSConnection::close(bool shutdown)
feb11 0:815067fd66c9 114 {
feb11 0:815067fd66c9 115 if(!_is_connected)
feb11 0:815067fd66c9 116 return true;
feb11 0:815067fd66c9 117
feb11 0:815067fd66c9 118 _is_connected = false;
feb11 0:815067fd66c9 119
feb11 0:815067fd66c9 120 CyaSSL_CTX_free(_ssl_ctx);
feb11 0:815067fd66c9 121 CyaSSL_Cleanup();
feb11 0:815067fd66c9 122
feb11 0:815067fd66c9 123 return Socket::close(shutdown) == 0;
feb11 0:815067fd66c9 124 }
feb11 0:815067fd66c9 125