1 /* tls_wolfssl.c
2 *
3 * Copyright (C) 2006-2021 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22 #include <wolfssl/wolfcrypt/settings.h>
23 #include <wolfssl/ssl.h>
24 #include <wolfcrypt/test/test.h>
25 #include <wolfcrypt/benchmark/benchmark.h>
26 #include <wolfssl/wolfcrypt/logging.h> /* to use WOLFSSL_MSG */
27 #include <tls_wolfssl.h>
28
29
setupTransport(clientConnectionHandleType * connectionHandle,char * connectionId)30 int setupTransport(clientConnectionHandleType* connectionHandle,
31 char* connectionId) {
32 int ret, error;
33 void * sendBuffer;
34 DWORD bufferSizeInBytes;
35
36 if ((ret = socketTransportInitialize("mailbox-transport.config",
37 "transportConfigurationId",
38 (DWORD)waitIndefinitely,&error)) != transportSuccess)
39 printf("Initialize 0x%x, error=%d\n", ret, error);
40
41 else if ((ret = socketTransportClientInitialize((DWORD)waitIndefinitely,
42 &error)) != transportSuccess)
43 printf("ClientInitialize 0x%x, error=%d\n", ret, error);
44
45 else if ((ret = socketTransportCreateConnection(connectionId,
46 (DWORD)waitIndefinitely,
47 COMPATIBILITY_ID_2,
48 connectionHandle,
49 &sendBuffer,
50 &bufferSizeInBytes,
51 &error)) != transportSuccess)
52 printf("CreateConnection 0x%x, error=%d\n", ret, error);
53
54 else if ((ret = socketTransportSetConnectionForThread(currentThreadHandle(),
55 *connectionHandle,
56 (DWORD)waitIndefinitely,
57 &error)) != transportSuccess)
58 printf("SetConnectionForThread 0x%x, error=%d\n", ret, error);
59
60 return ret;
61 }
62
63 #if !defined(NO_WOLFSSL_CLIENT )
64
65 /* 172.217.3.174 is the IP address of https://www.google.com */
66 #define TCP_SERVER_IP_ADDR "172.217.3.174"
67 #define TCP_SERVER_DOMAIN_NAME "www.google.com"
68 #define TCP_SERVER_PORT 443
69
70 #define TX_BUF_SIZE 64
71 #define RX_BUF_SIZE 1024
72
73 #define TX_MSG "GET /index.html HTTP/1.0\n\n"
74 #define TX_MSG_SIZE sizeof(TX_MSG)
75
76 static const unsigned char google_certs_ca[]="\n\
77 ## Google Internet Authority G3 \n\
78 -----BEGIN CERTIFICATE-----\n\
79 MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
80 HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
81 U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
82 MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
83 U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
84 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
85 XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
86 71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
87 RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
88 ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
89 kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
90 AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
91 AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
92 Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
93 MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
94 b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
95 cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
96 aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
97 HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
98 ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
99 wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
100 FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
101 7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
102 c7o835DLAFshEWfC7TIe3g==\n\
103 -----END CERTIFICATE-----\n\
104 ## Google Trust Services- GlobalSign Root CA-R2\n\
105 -----BEGIN CERTIFICATE-----\n\
106 MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
107 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
108 Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
109 MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
110 A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
111 hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
112 v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
113 eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
114 tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
115 C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
116 zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
117 mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
118 V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
119 bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
120 3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
121 J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
122 291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
123 ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
124 AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
125 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
126 -----END CERTIFICATE-----\n\
127 ";
128
wolfssl_client_test(uintData_t statusPtr)129 void wolfssl_client_test(uintData_t statusPtr) {
130 int sock;
131 char rx_buf[RX_BUF_SIZE];
132 char tx_buf[TX_BUF_SIZE];
133 int ret = 0, error = 0;
134
135 sockaddr_in server_addr;
136 clientConnectionHandleType TCPclientHandle;
137
138 WOLFSSL* ssl;
139 WOLFSSL_CTX* ctx;
140
141 /* set up the mailbox transport */
142
143 if (setupTransport(&TCPclientHandle, (char*)"connectionId1") != transportSuccess){
144 printf("TCP transport set up failed \n");
145 return;
146 }
147
148 printf("Creating a network socket...\n");
149
150 sock = socket(AF_INET, SOCK_STREAM, 0);
151
152 if (sock == SOCKET_ERROR) {
153 printf("ERROR: Failed to create socket, err = %d\n", errno);
154 return;
155 }
156
157 printf("Clearing memory for server_addr struct\n");
158
159 XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
160
161 printf("Connecting to server IP address: %s, port: %d\n",
162 TCP_SERVER_IP_ADDR, TCP_SERVER_PORT);
163
164 server_addr.sin_family = AF_INET;
165 server_addr.sin_addr = inet_addr(TCP_SERVER_IP_ADDR);
166 server_addr.sin_port = htons(TCP_SERVER_PORT);
167
168 printf("Calling connect on socket\n");
169 if (connect(sock, (sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
170 printf("ERROR: connect, err = %d\n", errno);
171 closesocket(sock);
172 return;
173 }
174
175 #ifdef DEBUG_WOLFSSL
176 wolfSSL_Debugging_ON();
177 #endif
178
179 /* wolfSSL INIT and CTX SETUP */
180
181 wolfSSL_Init();
182
183 /* chooses the highest possible TLS version */
184
185 ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
186
187 /* SET UP NETWORK SOCKET */
188 if (ctx == 0) {
189 printf("ERROR: wolfSSL_CTX_new failed\n");
190 closesocket(sock);
191 return;
192 }
193
194 WOLFSSL_MSG("wolfSSL_CTX_new done");
195
196 wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
197
198 ret = wolfSSL_CTX_load_verify_buffer(ctx,
199 google_certs_ca,
200 sizeof(google_certs_ca),
201 SSL_FILETYPE_PEM);
202
203 if (ret != SSL_SUCCESS) {
204 printf("ERROR: wolfSSL_CTX_load_verify_buffer() failed\n");
205 closesocket(sock);
206 wolfSSL_CTX_free(ctx);
207 return;
208 }
209 ssl = wolfSSL_new(ctx);
210 if (ssl == NULL) {
211 printf("ERROR: wolfSSL_new() failed\n");
212 closesocket(sock);
213 wolfSSL_CTX_free(ctx);
214 return;
215 }
216
217 WOLFSSL_MSG("wolfSSL_new done");
218 ret = wolfSSL_set_fd(ssl, sock);
219 if (ret != SSL_SUCCESS) {
220 printf("ERROR: wolfSSL_set_fd() failed\n");
221 closesocket(sock);
222 wolfSSL_free(ssl);
223 wolfSSL_CTX_free(ctx);
224 return;
225 }
226 WOLFSSL_MSG("wolfSSL_set_fd done");
227 do {
228 error = 0; /* reset error */
229 ret = wolfSSL_connect(ssl);
230 if (ret != SSL_SUCCESS) {
231 error = wolfSSL_get_error(ssl, 0);
232 printf("ERROR: wolfSSL_connect() failed, err = %d\n", error);
233 if (error != SSL_ERROR_WANT_READ) {
234 closesocket(sock);
235 wolfSSL_free(ssl);
236 wolfSSL_CTX_free(ctx);
237 return;
238 }
239 /* goToSleep() for 1 sec*/
240 }
241 } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
242
243 printf("wolfSSL_connect() ok... sending GET\n");
244 XSTRNCPY(tx_buf, TX_MSG, TX_MSG_SIZE);
245 if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
246 error = wolfSSL_get_error(ssl, 0);
247 printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
248 closesocket(sock);
249 wolfSSL_free(ssl);
250 wolfSSL_CTX_free(ctx);
251 return;
252 }
253 do {
254 error = 0; /* reset error */
255 ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
256 if (ret < 0) {
257 error = wolfSSL_get_error(ssl, 0);
258 if (error != SSL_ERROR_WANT_READ) {
259 printf("wolfSSL_read failed, error = %d\n", error);
260 closesocket(sock);
261 wolfSSL_free(ssl);
262 wolfSSL_CTX_free(ctx);
263 return;
264 }
265 /* goToSleep() for 1 second*/
266 } else if (ret > 0) {
267 rx_buf[ret] = 0;
268 printf("%s\n", rx_buf);
269 }
270 } while (error == SSL_ERROR_WANT_READ);
271 wolfSSL_shutdown(ssl);
272 wolfSSL_free(ssl);
273 wolfSSL_CTX_free(ctx);
274 wolfSSL_Cleanup();
275 closesocket(sock);
276 return;
277 }
278
279 #endif /* NO_WOLFSSL_CLIENT */
280
281 #if !defined(NO_WOLFSSL_SERVER)
282
283 #define TLS_SERVER_PORT 11111
284 #define TX_BUF_SIZE 64
285 #define RX_BUF_SIZE 1024
286 #define TCP_SERVER_CONN_Q_SIZE 1
287
288 /* derived from wolfSSL/certs/server-ecc.der */
289
290 static const unsigned char server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
291 0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
292 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
293 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
294 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
295 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
296 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
297 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
298 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
299 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
300 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
301 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
302 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
303 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
304 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
305 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
306 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
307 0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
308 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
309 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
310 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
311 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
312 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
313 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
314 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
315 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
316 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
317 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
318 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
319 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
320 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
321 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
322 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
323 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
324 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
325 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
326 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
327 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
328 0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
329 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
330 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
331 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
332 0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
333 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
334 0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
335 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
336 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
337 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
338 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
339 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
340 0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
341 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
342 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
343 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
344 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
345 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
346 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
347 0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
348 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
349 0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
350 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
351 0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
352 0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
353 0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
354 0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
355 0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
356 0xBD, 0x62, 0xC9, 0x20 };
357
358 /* derived from wolfSSL/certs/ecc-key.der */
359
360 static const unsigned char ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
361 0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
362 0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
363 0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
364 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
365 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
366 0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
367 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
368 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
369 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
370 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
371
372
wolfssl_server_test(uintData_t statusPtr)373 void wolfssl_server_test(uintData_t statusPtr)
374 {
375 int sock_listen;
376 int bindStatus;
377 int sock_req;
378 sockaddr_in socketAddr;
379 sockaddr_in server_addr;
380 int socketAddrLen=sizeof(sockaddr);
381 char rx_buf[RX_BUF_SIZE];
382 char tx_buf[TX_BUF_SIZE];
383 clientConnectionHandleType TCPserverHandle;
384
385 WOLFSSL * ssl;
386 WOLFSSL_CTX * ctx;
387 int tx_buf_sz = 0, ret = 0, error = 0;
388
389 /* set up the mailbox transport */
390 /* connectionId2 is defined in the mailbox-transport.config*/
391 if (setupTransport(&TCPserverHandle, (char*)"connectionId2") != transportSuccess){
392 printf("TCP transport set up failed \n");
393 return;
394 }
395
396 /* SET UP NETWORK SOCKET */
397
398 printf("Opening network socket...\n");
399 sock_listen = socket(AF_INET, SOCK_STREAM, 0);
400 if (sock_listen == SOCKET_ERROR) {
401 printf("ERROR: socket, err = %d\n", errno);
402 return;
403 }
404
405 printf("Clearing memory for server_addr struct\n");
406 XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
407
408 printf("Setting up server_addr struct\n");
409 server_addr.sin_family = AF_INET;
410 server_addr.sin_addr = INADDR_ANY;
411 server_addr.sin_port = htons(TLS_SERVER_PORT);
412
413 bindStatus = bind(sock_listen, (sockaddr *) &server_addr, sizeof(server_addr));
414 if (bindStatus == SOCKET_ERROR) {
415 printf("ERROR: bind, err = %d\n", errno);
416 closesocket(sock_listen);
417 return;
418 }
419
420 /* wolfSSL INIT and CTX SETUP */
421
422 wolfSSL_Init();
423
424 /* chooses the highest possible TLS version */
425
426 ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
427
428 if (ctx == 0) {
429 printf("ERROR: wolfSSL_CTX_new failed\n");
430 closesocket(sock_listen);
431 return;
432 }
433 WOLFSSL_MSG("wolfSSL_CTX_new done");
434
435 ret = wolfSSL_CTX_use_certificate_buffer(ctx,
436 server_ecc_der_256,
437 sizeof(server_ecc_der_256),
438 SSL_FILETYPE_ASN1);
439 if (ret != SSL_SUCCESS) {
440 printf("ERROR: wolfSSL_CTX_use_certificate_buffer() failed, \
441 err = %d\n", ret);
442 closesocket(sock_listen);
443 wolfSSL_CTX_free(ctx);
444 return;
445 }
446 ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
447 ecc_key_der_256,
448 sizeof(ecc_key_der_256),
449 SSL_FILETYPE_ASN1);
450 if (ret != SSL_SUCCESS) {
451 printf("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\n");
452 closesocket(sock_listen);
453 wolfSSL_CTX_free(ctx);
454 return;
455 }
456 /* accept client socket connections */
457 printf("Listening for client connection\n");
458 printf("E.g, you can use ./examples/client/client.exe -h 192.168.219.100\n");
459 printf(" \n");
460
461 listen(sock_listen, TCP_SERVER_CONN_Q_SIZE);
462
463 sock_req = accept(sock_listen,
464 (sockaddr *) &socketAddr,
465 &socketAddrLen);
466
467 if (sock_req == -1) {
468 printf("ERROR: accept, err = %d\n", errno);
469 closesocket(sock_listen);
470 return;
471 }
472
473 printf("Got client connection! Starting TLS negotiation\n");
474
475 #ifdef DEBUG_WOLFSSL
476 wolfSSL_Debugging_ON();
477 #endif
478
479 /* set up wolfSSL session */
480 ssl = wolfSSL_new(ctx);
481 if (ssl == NULL) {
482 printf("ERROR: wolfSSL_new() failed\n");
483 closesocket(sock_req);
484 closesocket(sock_listen);
485 wolfSSL_CTX_free(ctx);
486 return;
487 }
488
489 WOLFSSL_MSG("wolfSSL_new done");
490 ret = wolfSSL_set_fd(ssl, sock_req);
491 if (ret != SSL_SUCCESS) {
492 printf("ERROR: wolfSSL_set_fd() failed\n");
493 closesocket(sock_req);
494 closesocket(sock_listen);
495 wolfSSL_free(ssl);
496 wolfSSL_CTX_free(ctx);
497 return;
498 }
499
500 WOLFSSL_MSG("wolfSSL_set_fd done");
501 do {
502 error = 0; /* reset error */
503 if (ret != SSL_SUCCESS) {
504 error = wolfSSL_get_error(ssl, 0);
505 printf("ERROR: wolfSSL_accept() failed, err = %d\n", error);
506 if (error != SSL_ERROR_WANT_READ) {
507 closesocket(sock_req);
508 closesocket(sock_listen);
509 wolfSSL_free(ssl);
510 wolfSSL_CTX_free(ctx);
511 return;
512 }
513 /* goToSleep() for 500 milli sec*/
514 }
515 } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
516
517 printf("wolfSSL_accept() ok...\n");
518
519 /* read client data */
520
521 error = 0;
522 XMEMSET(rx_buf, 0u, RX_BUF_SIZE);
523 ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
524 if (ret < 0) {
525 error = wolfSSL_get_error(ssl, 0);
526 if (error != SSL_ERROR_WANT_READ) {
527 printf("wolfSSL_read failed, error = %d\n", error);
528 closesocket(sock_req);
529 closesocket(sock_listen);
530 wolfSSL_free(ssl);
531 wolfSSL_CTX_free(ctx);
532 return;
533 }
534 }
535
536 printf("AFTER wolfSSL_read() call, ret = %d\n", ret);
537 if (ret > 0) {
538 rx_buf[ret] = 0;
539 printf("Client sent: %s\n", rx_buf);
540 }
541 /* write response to client */
542 XMEMSET(tx_buf, 0u, TX_BUF_SIZE);
543 tx_buf_sz = 22;
544 XSTRNCPY(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
545 if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
546 error = wolfSSL_get_error(ssl, 0);
547 printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
548 closesocket(sock_req);
549 closesocket(sock_listen);
550 wolfSSL_free(ssl);
551 wolfSSL_CTX_free(ctx);
552 return;
553 }
554 ret = wolfSSL_shutdown(ssl);
555 if (ret == SSL_SHUTDOWN_NOT_DONE)
556 wolfSSL_shutdown(ssl);
557
558 wolfSSL_free(ssl);
559 wolfSSL_CTX_free(ctx);
560 wolfSSL_Cleanup();
561 closesocket(sock_req);
562 closesocket(sock_listen);
563 return;
564 }
565
566 #endif /* NO_WOLFSSL_SERVER */
567
wolfsslRunTests(void)568 int wolfsslRunTests (void)
569 {
570 thread_handle_t TCPhandle;
571 threadStatus ts;
572
573 #if !defined(NO_CRYPT_TEST)
574 wolfcrypt_test(NULL);
575 #endif
576 #if !defined(NO_CRYPT_BENCHMARK)
577 benchmark_test(NULL);
578 #endif
579 #if !defined(NO_WOLFSSL_CLIENT)
580 ts = createThread("TCPclient", "TCPThreadTemplate", wolfssl_client_test,
581 0, &TCPhandle );
582 if (ts != threadSuccess) {
583 printf("Unable to create TCP client thread, %i ", (DWORD)ts);
584 }
585 #endif
586 #if !defined(NO_WOLFSSL_SERVER)
587 ts = createThread("TCPserver", "TCPThreadTemplate", wolfssl_server_test,
588 0, &TCPhandle );
589 if (ts != threadSuccess) {
590 printf("Unable to create TCP server thread, %i ", (DWORD)ts);
591 }
592 #endif
593
594 return 0;
595 }
596