Example TLS client with wolfSSL
Dependencies: EthernetInterface-FRDM-k64F mbed-rtos mbed wolfSSL-TLS13-Beta Example-client-tls
Dependents: Example-client-tls
Revision 10:37e38ee43b8f, committed 2017-08-22
- Comitter:
- wolfSSL
- Date:
- Tue Aug 22 11:02:42 2017 +0000
- Parent:
- 9:0b93e8d9a31c
- Parent:
- 7:15faa4a16892
- Child:
- 11:d542a6eed78a
- Commit message:
- wolfSSL 3.12.0 - TLS1.3
Changed in this revision
--- a/client-tls.cpp Tue Aug 22 10:59:36 2017 +0000 +++ b/client-tls.cpp Tue Aug 22 11:02:42 2017 +0000 @@ -43,7 +43,7 @@ static int getline(char *prompt, char *buff, int size) { int sz ; - + printf("%s", prompt) ; for(sz = 0 ; (sz < size) && ((*buff = getchar()) != '\r'); sz++, buff++) { putchar(*buff) ; @@ -84,7 +84,7 @@ /* * clients initial contact with server. Socket to connect to: sock */ - int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl) +int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl) { /* data to send to the server, data recieved from the server */ char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0}; @@ -98,21 +98,16 @@ printf("Write error[%d]\n", ret, wc_GetErrorString(ret)); return EXIT_FAILURE; } - printf("Recieved:\n"); - while(1) { - if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) { - if(ret == 0)break ; - /* the server failed to send data, or error trying */ - ret = wolfSSL_get_error(ssl, 0); - printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret)); - return EXIT_FAILURE; - } - rcvBuff[ret] = '\0' ; - printf("%s", rcvBuff); - if((rcvBuff[ret-3] == '\n')&& - (rcvBuff[ret-2] == '\n')&& - (rcvBuff[ret-1] == '\n'))break ; + + if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) { + /* the server failed to send data, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret)); + return EXIT_FAILURE; } + rcvBuff[ret] = '\0' ; + printf("Recieved: %s\n", rcvBuff); + return ret; } @@ -154,7 +149,7 @@ } else { ret = wolfSSL_get_error(ssl, 0); printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret)); - return EXIT_FAILURE; + return EXIT_FAILURE; } /* frees all data before client termination */ wolfSSL_free(ssl); @@ -171,7 +166,7 @@ { char server_addr[40] ; char server_port[10] ; - + printf("Starting TLS Client,...\n") ; wolfSSL_Init(); /* initialize wolfSSL */ /* wolfSSL_Debugging_ON(); */ @@ -187,7 +182,7 @@ getline("Server Addr: ", server_addr, sizeof(server_addr)) ; getline("Server Port: ", server_port, sizeof(server_port)) ; - + while (socket.connect(server_addr, atoi(server_port)) < 0) { printf("Unable to connect to (%s) on port (%s)\n", server_addr, server_port); wait(1.0);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/client-tls.cpp.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,207 @@ +/* client-tcp.c + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include "mbed.h" +#include "EthernetInterface.h" +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <wolfssl/ssl.h> /* wolfSSL security library */ +#include <wolfssl/wolfcrypt/error-crypt.h> +#include <user_settings.h> + +#define MAXDATASIZE (1024*4) + +static int SocketReceive(WOLFSSL* ssl, char *buf, int sz, void *sock) +{ + return ((TCPSocketConnection *)sock)->receive(buf, sz) ; +} + +static int SocketSend(WOLFSSL* ssl, char *buf, int sz, void *sock) +{ + return ((TCPSocketConnection *)sock)->send(buf, sz); +} + +static int getline(char *prompt, char *buff, int size) +{ + int sz ; + + printf("%s", prompt) ; + for(sz = 0 ; (sz < size) && ((*buff = getchar()) != '\r'); sz++, buff++) { + putchar(*buff) ; + if(*buff == '\\') { + if(++sz >= size)break ; + *buff = getchar() ; + putchar(*buff) ; + switch(*buff) { + case 'n' : + *buff = '\n' ; + break ; + case 'r' : + *buff = '\r' ; + break ; + case 't' : + *buff = '\t' ; + break ; + case '\\': + *buff = '\\' ; + break ; + default: + buff[1] = buff[0] ; + buff[0] = '\\' ; + buff++ ; + } + } else if(*buff == '\b') { + if(sz >= 2) { + buff-=2 ; + sz-=2; + } + } + } ; + putchar('\n') ; + *buff = '\0' ; + return sz ; +} + +/* + * clients initial contact with server. Socket to connect to: sock + */ + int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl) +{ + /* data to send to the server, data recieved from the server */ + char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0}; + int ret ; + + ret = getline("Message for server: ", sendBuff, MAXDATASIZE); + printf("Send[%d]:\n%s\n", ret, sendBuff) ; + if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) < 0) { + /* the message is not able to send, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Write error[%d]\n", ret, wc_GetErrorString(ret)); + return EXIT_FAILURE; + } + printf("Recieved:\n"); + while(1) { + if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) { + if(ret == 0)break ; + /* the server failed to send data, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret)); + return EXIT_FAILURE; + } + rcvBuff[ret] = '\0' ; + printf("%s", rcvBuff); + if((rcvBuff[ret-3] == '\n')&& + (rcvBuff[ret-2] == '\n')&& + (rcvBuff[ret-1] == '\n'))break ; + } + return ret; +} + + +/* + * applies TLS 1.2 security layer to data being sent. + */ +int Security(TCPSocketConnection *socket) +{ + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; /* create WOLFSSL object */ + int ret = 0; + + /* create and initiLize WOLFSSL_CTX structure */ + #ifdef WOLFSSL_TLS13 + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())) == NULL) { + #else + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { + #endif + printf("SSL_CTX_new error.\n"); + return EXIT_FAILURE; + } + wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + wolfSSL_SetIORecv(ctx, SocketReceive) ; + wolfSSL_SetIOSend(ctx, SocketSend) ; + + if ((ssl = wolfSSL_new(ctx)) == NULL) { + printf("wolfSSL_new error.\n"); + return EXIT_FAILURE; + } + + wolfSSL_SetIOReadCtx(ssl, (void *)socket) ; + wolfSSL_SetIOWriteCtx(ssl, (void *)socket) ; + + ret = wolfSSL_connect(ssl); + if (ret == SSL_SUCCESS) { + printf("TLS Connected\n") ; + ret = ClientGreet(socket, ssl); + } else { + ret = wolfSSL_get_error(ssl, 0); + printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret)); + return EXIT_FAILURE; + } + /* frees all data before client termination */ + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); + + return ret; +} + +/* + * command line argumentCount and argumentValues + */ +void net_main(const void *av) +{ + char server_addr[40] ; + char server_port[10] ; + + printf("Starting TLS Client,...\n") ; + wolfSSL_Init(); /* initialize wolfSSL */ + /* wolfSSL_Debugging_ON(); */ + EthernetInterface eth; + TCPSocketConnection socket; + + eth.init(); //Use DHCP + while(1) { + if(eth.connect() == 0)break ; + printf("Retry\n") ; + } + printf("Client Addr: %s\n", eth.getIPAddress()); + + getline("Server Addr: ", server_addr, sizeof(server_addr)) ; + getline("Server Port: ", server_port, sizeof(server_port)) ; + + while (socket.connect(server_addr, atoi(server_port)) < 0) { + printf("Unable to connect to (%s) on port (%s)\n", server_addr, server_port); + wait(1.0); + } + printf("TCP Connected\n") ; + + Security(&socket); + return ; +} + +int main(void) +{ + +#define STACK_SIZE 24000 + Thread t(net_main, NULL, osPriorityNormal, STACK_SIZE); + while(1)wait(1.0) ; +} \ No newline at end of file
--- a/mbed-rtos.lib Tue Aug 22 10:59:36 2017 +0000 +++ b/mbed-rtos.lib Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -http://mbed.org/users/mbed_official/code/mbed-rtos/#5713cbbdb706 +http://mbed.org/users/mbed_official/code/mbed-rtos/#58563e6cba1e \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mbed-rtos.lib.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +http://mbed.org/users/mbed_official/code/mbed-rtos/#5713cbbdb706
--- a/mbed.bld Tue Aug 22 10:59:36 2017 +0000 +++ b/mbed.bld Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -https://mbed.org/users/mbed_official/code/mbed/builds/e2bfab296f20 \ No newline at end of file +https://mbed.org/users/mbed_official/code/mbed/builds/86740a56073b \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mbed.bld.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +https://mbed.org/users/mbed_official/code/mbed/builds/e2bfab296f20 \ No newline at end of file
--- a/wolfSSL.lib Tue Aug 22 10:59:36 2017 +0000 +++ b/wolfSSL.lib Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -http://developer.mbed.org/users/wolfSSL/code/wolfSSL/#f67a6c6013ca +https://developer.mbed.org/users/wolfSSL/code/wolfSSL-TLS13-Beta/#80fb167dafdf \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/wolfSSL.lib.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +http://developer.mbed.org/users/wolfSSL/code/wolfSSL/#f67a6c6013ca