Francois Berder / TLS_cyassl

wrapper of the mbed port of Cyassl. It's based of the work of Ashley Mills

Dependencies:   cyassl-lib

Dependents:   TLS_cyassl-Example TLS_cyassl-Example2 HTTPSClientExample2

Fork of TLS_cyassl by Francois Berder

Import programTLS_cyassl-Example

This program shows how to use TLS_cyassl to connect to mbed.org

Last commit 18 Sep 2013 by Francois Berder

Import programTLS_cyassl-Example2

This example show how to create a small TLS server using the TLS_cyassl library.

Last commit 18 Sep 2013 by Francois Berder

TLSConnection.cpp@6:c12f49c210c2, 2013-09-18 (annotated)

Committer:
feb11
Date:
Wed Sep 18 15:18:51 2013 +0000
Revision:
6:c12f49c210c2
Parent:
3:0e5471a26490 
added some comments

Who changed what in which revision?

UserRevisionLine numberNew contents of line
feb11 0:815067fd66c9 1 #include "TLSConnection.h"
feb11 0:815067fd66c9 2 #include <stdlib.h>
feb11 0:815067fd66c9 3 #include <stdio.h>
feb11 0:815067fd66c9 4 #include "cert.h"
feb11 2:63ad554f6ca4 5 #include <string.h>
feb11 0:815067fd66c9 6
feb11 2:63ad554f6ca4 7 static int receiveFunc(CYASSL* ssl, char *buf, int sz, void *ctx)
feb11 2:63ad554f6ca4 8 {
feb11 2:63ad554f6ca4 9 int fd = *(int*)ctx;
feb11 2:63ad554f6ca4 10 fd_set rfds;
feb11 2:63ad554f6ca4 11 FD_ZERO(&rfds);
feb11 2:63ad554f6ca4 12 FD_SET(fd, &rfds);
feb11 2:63ad554f6ca4 13
feb11 2:63ad554f6ca4 14 if (lwip_select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0)
feb11 2:63ad554f6ca4 15 return -1;
feb11 2:63ad554f6ca4 16
feb11 2:63ad554f6ca4 17 return lwip_recv(fd, buf, sz, 0);
feb11 2:63ad554f6ca4 18 }
feb11 2:63ad554f6ca4 19
feb11 2:63ad554f6ca4 20 static int sendFunc(CYASSL* ssl, char *buf, int sz, void *ctx)
feb11 2:63ad554f6ca4 21 {
feb11 2:63ad554f6ca4 22 int fd = *(int*)ctx;
feb11 2:63ad554f6ca4 23 fd_set wfds;
feb11 2:63ad554f6ca4 24 FD_ZERO(&wfds);
feb11 2:63ad554f6ca4 25 FD_SET(fd, &wfds);
feb11 2:63ad554f6ca4 26
feb11 2:63ad554f6ca4 27 if (lwip_select(FD_SETSIZE, NULL, &wfds, NULL, NULL) < 0)
feb11 2:63ad554f6ca4 28 return -1;
feb11 2:63ad554f6ca4 29
feb11 2:63ad554f6ca4 30 return lwip_send(fd, buf, sz, 0);
feb11 2:63ad554f6ca4 31 }
feb11 1:9494492e9bf7 32
feb11 0:815067fd66c9 33 const static int HTTPS_PORT = 443;
feb11 0:815067fd66c9 34
feb11 0:815067fd66c9 35 TLSConnection::TLSConnection():
feb11 0:815067fd66c9 36 Socket(),
feb11 0:815067fd66c9 37 Endpoint(),
feb11 0:815067fd66c9 38 _is_connected(false),
feb11 0:815067fd66c9 39 _ssl_ctx(),
feb11 0:815067fd66c9 40 _ssl()
feb11 0:815067fd66c9 41 {
feb11 0:815067fd66c9 42 }
feb11 0:815067fd66c9 43
feb11 0:815067fd66c9 44
feb11 0:815067fd66c9 45 bool TLSConnection::connect(const char *host)
feb11 0:815067fd66c9 46 {
feb11 0:815067fd66c9 47 if (init_socket(SOCK_STREAM) < 0)
feb11 0:815067fd66c9 48 return false;
feb11 0:815067fd66c9 49
feb11 0:815067fd66c9 50 if (set_address(host, HTTPS_PORT) != 0)
feb11 0:815067fd66c9 51 return false;
feb11 0:815067fd66c9 52
feb11 0:815067fd66c9 53 if (lwip_connect(_sock_fd, (const struct sockaddr *) &_remoteHost, sizeof(_remoteHost)) < 0) {
feb11 0:815067fd66c9 54 close();
feb11 0:815067fd66c9 55 return false;
feb11 0:815067fd66c9 56 }
feb11 1:9494492e9bf7 57
feb11 0:815067fd66c9 58 CyaSSL_Init();
feb11 2:63ad554f6ca4 59
feb11 0:815067fd66c9 60 CYASSL_METHOD* method = CyaTLSv1_2_client_method();
feb11 1:9494492e9bf7 61 if(method == NULL)
feb11 0:815067fd66c9 62 {
feb11 0:815067fd66c9 63 return false;
feb11 0:815067fd66c9 64 }
feb11 1:9494492e9bf7 65
feb11 0:815067fd66c9 66 _ssl_ctx = CyaSSL_CTX_new(method);
feb11 0:815067fd66c9 67 if(_ssl_ctx == NULL)
feb11 0:815067fd66c9 68 {
feb11 0:815067fd66c9 69 return false;
feb11 0:815067fd66c9 70 }
feb11 2:63ad554f6ca4 71 CyaSSL_SetIOSend(_ssl_ctx, &sendFunc);
feb11 2:63ad554f6ca4 72 CyaSSL_SetIORecv(_ssl_ctx, &receiveFunc);
feb11 0:815067fd66c9 73 CyaSSL_CTX_load_verify_buffer(_ssl_ctx,(unsigned char*)root_cert, root_cert_len,SSL_FILETYPE_ASN1);
feb11 1:9494492e9bf7 74
feb11 0:815067fd66c9 75 _ssl = CyaSSL_new(_ssl_ctx);
feb11 0:815067fd66c9 76 if(_ssl == NULL)
feb11 0:815067fd66c9 77 {
feb11 0:815067fd66c9 78 return false;
feb11 0:815067fd66c9 79 }
feb11 0:815067fd66c9 80 CyaSSL_set_fd(_ssl, _sock_fd);
feb11 0:815067fd66c9 81
feb11 0:815067fd66c9 82 int result = CyaSSL_connect(_ssl);
feb11 0:815067fd66c9 83 if(result!=SSL_SUCCESS)
feb11 0:815067fd66c9 84 {
feb11 2:63ad554f6ca4 85 printf("error=%d\n", result);
feb11 0:815067fd66c9 86 return false;
feb11 0:815067fd66c9 87 }
feb11 0:815067fd66c9 88
feb11 0:815067fd66c9 89 _is_connected = true;
feb11 0:815067fd66c9 90
feb11 0:815067fd66c9 91 return true;
feb11 0:815067fd66c9 92 }
feb11 0:815067fd66c9 93
feb11 0:815067fd66c9 94 bool TLSConnection::is_connected(void)
feb11 0:815067fd66c9 95 {
feb11 0:815067fd66c9 96 return _is_connected;
feb11 0:815067fd66c9 97 }
feb11 0:815067fd66c9 98
feb11 0:815067fd66c9 99 int TLSConnection::send_all(char *data, int length)
feb11 0:815067fd66c9 100 {
feb11 1:9494492e9bf7 101 if(!_is_connected)
feb11 1:9494492e9bf7 102 return 0;
feb11 1:9494492e9bf7 103
feb11 1:9494492e9bf7 104 return CyaSSL_write(_ssl, data, length);
feb11 0:815067fd66c9 105 }
feb11 0:815067fd66c9 106
feb11 0:815067fd66c9 107 int TLSConnection::receive(char *data, int length)
feb11 0:815067fd66c9 108 {
feb11 1:9494492e9bf7 109 if(!_is_connected)
feb11 1:9494492e9bf7 110 return 0;
feb11 1:9494492e9bf7 111
feb11 1:9494492e9bf7 112 return CyaSSL_read(_ssl, data, length);
feb11 0:815067fd66c9 113 }
feb11 0:815067fd66c9 114
feb11 0:815067fd66c9 115 bool TLSConnection::close(bool shutdown)
feb11 0:815067fd66c9 116 {
feb11 0:815067fd66c9 117 if(!_is_connected)
feb11 0:815067fd66c9 118 return true;
feb11 0:815067fd66c9 119
feb11 0:815067fd66c9 120 _is_connected = false;
feb11 0:815067fd66c9 121
feb11 0:815067fd66c9 122 CyaSSL_CTX_free(_ssl_ctx);
feb11 0:815067fd66c9 123 CyaSSL_Cleanup();
feb11 0:815067fd66c9 124
feb11 0:815067fd66c9 125 return Socket::close(shutdown) == 0;
feb11 0:815067fd66c9 126 }
feb11 0:815067fd66c9 127