wolf SSL
Example TLS client with wolfSSL
Dependencies: EthernetInterface-FRDM-k64F mbed-rtos mbed wolfSSL-TLS13-Beta Example-client-tls
Dependents: Example-client-tls
Revision 10:37e38ee43b8f, committed 2017-08-22
- Comitter:
- wolfSSL
- Date:
- Tue Aug 22 11:02:42 2017 +0000
- Parent:
- 9:0b93e8d9a31c
- Parent:
- 7:15faa4a16892
- Child:
- 11:d542a6eed78a
- Commit message:
- wolfSSL 3.12.0 - TLS1.3
Changed in this revision
--- a/client-tls.cpp Tue Aug 22 10:59:36 2017 +0000
+++ b/client-tls.cpp Tue Aug 22 11:02:42 2017 +0000
@@ -43,7 +43,7 @@
static int getline(char *prompt, char *buff, int size)
{
int sz ;
-
+
printf("%s", prompt) ;
for(sz = 0 ; (sz < size) && ((*buff = getchar()) != '\r'); sz++, buff++) {
putchar(*buff) ;
@@ -84,7 +84,7 @@
/*
* clients initial contact with server. Socket to connect to: sock
*/
- int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl)
+int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl)
{
/* data to send to the server, data recieved from the server */
char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0};
@@ -98,21 +98,16 @@
printf("Write error[%d]\n", ret, wc_GetErrorString(ret));
return EXIT_FAILURE;
}
- printf("Recieved:\n");
- while(1) {
- if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) {
- if(ret == 0)break ;
- /* the server failed to send data, or error trying */
- ret = wolfSSL_get_error(ssl, 0);
- printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret));
- return EXIT_FAILURE;
- }
- rcvBuff[ret] = '\0' ;
- printf("%s", rcvBuff);
- if((rcvBuff[ret-3] == '\n')&&
- (rcvBuff[ret-2] == '\n')&&
- (rcvBuff[ret-1] == '\n'))break ;
+
+ if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) {
+ /* the server failed to send data, or error trying */
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret));
+ return EXIT_FAILURE;
}
+ rcvBuff[ret] = '\0' ;
+ printf("Recieved: %s\n", rcvBuff);
+
return ret;
}
@@ -154,7 +149,7 @@
} else {
ret = wolfSSL_get_error(ssl, 0);
printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret));
- return EXIT_FAILURE;
+ return EXIT_FAILURE;
}
/* frees all data before client termination */
wolfSSL_free(ssl);
@@ -171,7 +166,7 @@
{
char server_addr[40] ;
char server_port[10] ;
-
+
printf("Starting TLS Client,...\n") ;
wolfSSL_Init(); /* initialize wolfSSL */
/* wolfSSL_Debugging_ON(); */
@@ -187,7 +182,7 @@
getline("Server Addr: ", server_addr, sizeof(server_addr)) ;
getline("Server Port: ", server_port, sizeof(server_port)) ;
-
+
while (socket.connect(server_addr, atoi(server_port)) < 0) {
printf("Unable to connect to (%s) on port (%s)\n", server_addr, server_port);
wait(1.0);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/client-tls.cpp.orig Tue Aug 22 11:02:42 2017 +0000
@@ -0,0 +1,207 @@
+/* client-tcp.c
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include "mbed.h"
+#include "EthernetInterface.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <wolfssl/ssl.h> /* wolfSSL security library */
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <user_settings.h>
+
+#define MAXDATASIZE (1024*4)
+
+static int SocketReceive(WOLFSSL* ssl, char *buf, int sz, void *sock)
+{
+ return ((TCPSocketConnection *)sock)->receive(buf, sz) ;
+}
+
+static int SocketSend(WOLFSSL* ssl, char *buf, int sz, void *sock)
+{
+ return ((TCPSocketConnection *)sock)->send(buf, sz);
+}
+
+static int getline(char *prompt, char *buff, int size)
+{
+ int sz ;
+
+ printf("%s", prompt) ;
+ for(sz = 0 ; (sz < size) && ((*buff = getchar()) != '\r'); sz++, buff++) {
+ putchar(*buff) ;
+ if(*buff == '\\') {
+ if(++sz >= size)break ;
+ *buff = getchar() ;
+ putchar(*buff) ;
+ switch(*buff) {
+ case 'n' :
+ *buff = '\n' ;
+ break ;
+ case 'r' :
+ *buff = '\r' ;
+ break ;
+ case 't' :
+ *buff = '\t' ;
+ break ;
+ case '\\':
+ *buff = '\\' ;
+ break ;
+ default:
+ buff[1] = buff[0] ;
+ buff[0] = '\\' ;
+ buff++ ;
+ }
+ } else if(*buff == '\b') {
+ if(sz >= 2) {
+ buff-=2 ;
+ sz-=2;
+ }
+ }
+ } ;
+ putchar('\n') ;
+ *buff = '\0' ;
+ return sz ;
+}
+
+/*
+ * clients initial contact with server. Socket to connect to: sock
+ */
+ int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl)
+{
+ /* data to send to the server, data recieved from the server */
+ char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0};
+ int ret ;
+
+ ret = getline("Message for server: ", sendBuff, MAXDATASIZE);
+ printf("Send[%d]:\n%s\n", ret, sendBuff) ;
+ if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) < 0) {
+ /* the message is not able to send, or error trying */
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("Write error[%d]\n", ret, wc_GetErrorString(ret));
+ return EXIT_FAILURE;
+ }
+ printf("Recieved:\n");
+ while(1) {
+ if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) {
+ if(ret == 0)break ;
+ /* the server failed to send data, or error trying */
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret));
+ return EXIT_FAILURE;
+ }
+ rcvBuff[ret] = '\0' ;
+ printf("%s", rcvBuff);
+ if((rcvBuff[ret-3] == '\n')&&
+ (rcvBuff[ret-2] == '\n')&&
+ (rcvBuff[ret-1] == '\n'))break ;
+ }
+ return ret;
+}
+
+
+/*
+ * applies TLS 1.2 security layer to data being sent.
+ */
+int Security(TCPSocketConnection *socket)
+{
+ WOLFSSL_CTX* ctx;
+ WOLFSSL* ssl; /* create WOLFSSL object */
+ int ret = 0;
+
+ /* create and initiLize WOLFSSL_CTX structure */
+ #ifdef WOLFSSL_TLS13
+ if ((ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())) == NULL) {
+ #else
+ if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
+ #endif
+ printf("SSL_CTX_new error.\n");
+ return EXIT_FAILURE;
+ }
+ wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+ wolfSSL_SetIORecv(ctx, SocketReceive) ;
+ wolfSSL_SetIOSend(ctx, SocketSend) ;
+
+ if ((ssl = wolfSSL_new(ctx)) == NULL) {
+ printf("wolfSSL_new error.\n");
+ return EXIT_FAILURE;
+ }
+
+ wolfSSL_SetIOReadCtx(ssl, (void *)socket) ;
+ wolfSSL_SetIOWriteCtx(ssl, (void *)socket) ;
+
+ ret = wolfSSL_connect(ssl);
+ if (ret == SSL_SUCCESS) {
+ printf("TLS Connected\n") ;
+ ret = ClientGreet(socket, ssl);
+ } else {
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret));
+ return EXIT_FAILURE;
+ }
+ /* frees all data before client termination */
+ wolfSSL_free(ssl);
+ wolfSSL_CTX_free(ctx);
+ wolfSSL_Cleanup();
+
+ return ret;
+}
+
+/*
+ * command line argumentCount and argumentValues
+ */
+void net_main(const void *av)
+{
+ char server_addr[40] ;
+ char server_port[10] ;
+
+ printf("Starting TLS Client,...\n") ;
+ wolfSSL_Init(); /* initialize wolfSSL */
+ /* wolfSSL_Debugging_ON(); */
+ EthernetInterface eth;
+ TCPSocketConnection socket;
+
+ eth.init(); //Use DHCP
+ while(1) {
+ if(eth.connect() == 0)break ;
+ printf("Retry\n") ;
+ }
+ printf("Client Addr: %s\n", eth.getIPAddress());
+
+ getline("Server Addr: ", server_addr, sizeof(server_addr)) ;
+ getline("Server Port: ", server_port, sizeof(server_port)) ;
+
+ while (socket.connect(server_addr, atoi(server_port)) < 0) {
+ printf("Unable to connect to (%s) on port (%s)\n", server_addr, server_port);
+ wait(1.0);
+ }
+ printf("TCP Connected\n") ;
+
+ Security(&socket);
+ return ;
+}
+
+int main(void)
+{
+
+#define STACK_SIZE 24000
+ Thread t(net_main, NULL, osPriorityNormal, STACK_SIZE);
+ while(1)wait(1.0) ;
+}
\ No newline at end of file
--- a/mbed-rtos.lib Tue Aug 22 10:59:36 2017 +0000 +++ b/mbed-rtos.lib Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -http://mbed.org/users/mbed_official/code/mbed-rtos/#5713cbbdb706 +http://mbed.org/users/mbed_official/code/mbed-rtos/#58563e6cba1e \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mbed-rtos.lib.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +http://mbed.org/users/mbed_official/code/mbed-rtos/#5713cbbdb706
--- a/mbed.bld Tue Aug 22 10:59:36 2017 +0000 +++ b/mbed.bld Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -https://mbed.org/users/mbed_official/code/mbed/builds/e2bfab296f20 \ No newline at end of file +https://mbed.org/users/mbed_official/code/mbed/builds/86740a56073b \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mbed.bld.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +https://mbed.org/users/mbed_official/code/mbed/builds/e2bfab296f20 \ No newline at end of file
--- a/wolfSSL.lib Tue Aug 22 10:59:36 2017 +0000 +++ b/wolfSSL.lib Tue Aug 22 11:02:42 2017 +0000 @@ -1,1 +1,1 @@ -http://developer.mbed.org/users/wolfSSL/code/wolfSSL/#f67a6c6013ca +https://developer.mbed.org/users/wolfSSL/code/wolfSSL-TLS13-Beta/#80fb167dafdf \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/wolfSSL.lib.orig Tue Aug 22 11:02:42 2017 +0000 @@ -0,0 +1,1 @@ +http://developer.mbed.org/users/wolfSSL/code/wolfSSL/#f67a6c6013ca