..

Files at this revision

API Documentation at this revision

Comitter:
ImranBilalButt
Date:
Thu Aug 29 06:43:11 2019 +0000
Parent:
0:5f745af3ec9b
Commit message:
..;

Changed in this revision

TLSSocket.cpp Show annotated file Show diff for this revision Revisions of this file
TLSSocket.h Show annotated file Show diff for this revision Revisions of this file
TLSSocketWrapper.cpp Show annotated file Show diff for this revision Revisions of this file
TLSSocketWrapper.h Show annotated file Show diff for this revision Revisions of this file
--- a/TLSSocket.cpp	Fri Aug 23 13:29:35 2019 +0000
+++ b/TLSSocket.cpp	Thu Aug 29 06:43:11 2019 +0000
@@ -26,9 +26,21 @@
 }*/
 
 
-nsapi_error_t TLSSocket::connect(const char *host, uint16_t port)
+nsapi_error_t TLSSocket::connect1(const char *host, uint16_t port)
 {
-    printf("[.] Hello from TLSSocket::connect() \n");
+    pc.printf("[.] Hello from TLSSocket::connect() \n");
+    int ret;
+    
+    sock_addr.set_ip_address(host);
+    sock_addr.set_port(port);
+    set_hostname(host);
+    
+    return TLSSocketWrapper::connect(sock_addr);
+}
+
+nsapi_error_t TLSSocket::connect2(const char *host, uint16_t port)
+{
+    pc.printf("[.] Hello from TLSSocket::connect() \n");
     int ret;
     
     sock_addr.set_ip_address(host);
@@ -40,18 +52,18 @@
     /* Send a 'Client Hello' buffer in order to start a thread on the server */ 
     const char* buffer = "Client Hello";
     if ((ret = udp_socket.sendto(host, port, (const char*) buffer, strlen(buffer))) <= 0)
-        printf("Couldn't send 'Client Hello' \n");
+        pc.printf("Couldn't send 'Client Hello' \n");
     else
-        printf("sent 'Client Hello' \n"); 
+        pc.printf("sent 'Client Hello' \n"); 
     wait(1);     
     final = osKernelGetTickCount();
     
     TCPH = final - init;
     TTPH = TCPH/osKernelGetTickFreq();
     
-    printf("\nTCPH: %d\n", TCPH);
-    printf("\nTTPH: %d\n", TTPH); 
-    printf("\nTickFreq: %d\n", osKernelGetTickFreq()); 
+    pc.printf("\nTCPH: %d\n", TCPH);
+    pc.printf("\nTTPH: %d\n", TTPH); 
+    pc.printf("\nTickFreq: %d\n", osKernelGetTickFreq()); 
     
     return TLSSocketWrapper::connect(sock_addr);
-}
+}
\ No newline at end of file
--- a/TLSSocket.h	Fri Aug 23 13:29:35 2019 +0000
+++ b/TLSSocket.h	Thu Aug 29 06:43:11 2019 +0000
@@ -90,7 +90,8 @@
      *  @param port     Port of the remote host
      *  @return         0 on success, negative error code on failure
      */
-    nsapi_error_t connect(const char *host, uint16_t port);
+    nsapi_error_t connect1(const char *host, uint16_t port);
+    nsapi_error_t connect2(const char *host, uint16_t port);
     //SocketAddress getsock();
     SocketAddress sock_addr;
 private:
--- a/TLSSocketWrapper.cpp	Fri Aug 23 13:29:35 2019 +0000
+++ b/TLSSocketWrapper.cpp	Thu Aug 29 06:43:11 2019 +0000
@@ -47,7 +47,7 @@
 void TLSSocketWrapper::set_hostname(const char *hostname)
 {
     if (is_tls_allocated()) {
-        printf("ssl hostname is set\n");
+        pc.printf("ssl hostname is set\n");
         mbedtls_ssl_set_hostname(_ssl, hostname);
     }
 }
@@ -69,7 +69,7 @@
         print_mbedtls_error("mbedtls_x509_crt_parse", ret);
         return NSAPI_ERROR_PARAMETER;
     }
-        printf("Root CA Certificate Setting ... OK\n");                                     
+        pc.printf("Root CA Certificate Setting ... OK\n");                                     
     return NSAPI_ERROR_OK;
 
 }
@@ -98,23 +98,19 @@
             print_mbedtls_error("mbedtls_x509_crt_parse", ret);
             return NSAPI_ERROR_PARAMETER;
         }
-                printf("Client Certificate Setting ... ok\n");              
+                pc.printf("Client Certificate Setting ... ok\n");              
         mbedtls_pk_init(_pkctx);
         if((ret = mbedtls_pk_parse_key(_pkctx, static_cast<const unsigned char *>(client_private_key_pem),
                 client_private_key_len, NULL, 0)) != 0) {
             print_mbedtls_error("mbedtls_pk_parse_key", ret);
             return NSAPI_ERROR_PARAMETER;
         }
-                printf("Client pvt. Key Setting ... ok\n");                 
+                pc.printf("Client pvt. Key Setting ... ok\n");                 
         _client_auth = true;
     }
     return NSAPI_ERROR_OK;
 }
 
-int TLSSocketWrapper::set_client_kpsa_kpsaID_cipher(){ 
-    const unsigned char _kpsa[5] = { 0x05, 0x04, 0x03, 0x02, 0x01 }; 
-    // const unsigned char *_kpsa = "1a2b3c4d5e1a2b3c4d5e"; // 4 Bytes PSK
-    const unsigned char *_kpsaID = "AE456-LOCK@in.provider.com"; // 15 Bytes PSK-ID     
      /* The supported CERT ciphersuites are as follows:     
              CipherSuite TLS_RSA_WITH_AES_128_CCM       = {0xC0,0x9C}
              CipherSuite TLS_RSA_WITH_AES_256_CCM       = {0xC0,0x9D)
@@ -137,33 +133,41 @@
              TLS_PSK_WITH_RC4_128_SHA          = { 0x00, 0x8A };
              TLS_PSK_WITH_3DES_EDE_CBC_SHA     = { 0x00, 0x8B };
              TLS_PSK_WITH_AES_128_CBC_SHA      = { 0x00, 0x8C };
-             TLS_PSK_WITH_AES_256_CBC_SHA      = { 0x00, 0x8D };    */ 
-    /*int cipher[10];
-    for(int i=0; i<4; i++) {  
-        cipher[i*2]=0;
-        cipher[i*2+1]=0x8A+i;  
-    }
-    cipher[8] = 0;
-    cipher[9] = 0; */
+             TLS_PSK_WITH_AES_256_CBC_SHA      = { 0x00, 0x8D };    */
+
+int TLSSocketWrapper::set_client1_kpsa_kpsaID_cipher(){ 
+    const unsigned char _kpsa[5] = { 0x01, 0x02, 0x03, 0x04, 0x05 }; 
+    const unsigned char *_kpsaID = "AE123-LOCK@in.provider.com"; // 15 Bytes PSK-ID     
     
-    /*mbedtls_ssl_conf_ciphersuites(_ssl_conf, cipher); 
-    printf("mbedtls_ssl_conf_ciphersuites() .. ok\n");
-
-    int cipher;
-    const int *cipherPTR;
-    cipher = MBEDTLS_SSL_CIPHERSUITES;
-    cipherPTR = &cipher;  */
-
     int kpsa_len = strlen((const char*) _kpsa);
     int kpsaID_len = strlen((const char*) _kpsaID);
     int ret;
+    
     mbedtls_ssl_set_hs_psk(_ssl, _kpsa, kpsa_len);
     if( (ret = mbedtls_ssl_conf_psk(_ssl_conf, _kpsa, kpsa_len , _kpsaID, kpsaID_len)) != 0){
         print_mbedtls_error("mbedtls_psk_error", ret);
         // return NSAPI_ERROR_PARAMETER;
         return -1;
     } 
-    printf("Ok.\n"); 
+    pc.printf("Ok.\n"); 
+    return 0; 
+}
+
+int TLSSocketWrapper::set_client2_kpsa_kpsaID_cipher(){ 
+    const unsigned char _kpsa[5] = { 0x05, 0x04, 0x03, 0x02, 0x01 }; 
+    const unsigned char *_kpsaID = "AE456-LOCK@in.provider.com"; // 15 Bytes PSK-ID     
+    
+    int kpsa_len = strlen((const char*) _kpsa);
+    int kpsaID_len = strlen((const char*) _kpsaID);
+    int ret;
+    
+    mbedtls_ssl_set_hs_psk(_ssl, _kpsa, kpsa_len);
+    if( (ret = mbedtls_ssl_conf_psk(_ssl_conf, _kpsa, kpsa_len , _kpsaID, kpsaID_len)) != 0){
+        print_mbedtls_error("mbedtls_psk_error", ret);
+        // return NSAPI_ERROR_PARAMETER;
+        return -1;
+    } 
+    pc.printf("Ok.\n"); 
     return 0; 
 }
 
@@ -173,19 +177,19 @@
    
         const int *cipherArray;
     cipherArray = mbedtls_ssl_list_ciphersuites();
-    printf("[+] The allowed ciphersuites are: \n");
+    pc.printf("[+] The allowed ciphersuites are: \n");
     int i = 0;
     while (cipherArray[i] != 0) {
-        printf("[.] cipherArray[%d] = %d\n", i, cipherArray[i]);
+        pc.printf("[.] cipherArray[%d] = %d\n", i, cipherArray[i]);
         i++;
     } 
     
     if (!_transport) {
-        printf("[-] transport/socket not available\n");
+        pc.printf("[-] transport/socket not available\n");
         return NSAPI_ERROR_NO_SOCKET;
     }
     if (!is_tls_allocated()) {
-        printf("[-] no tls allocated\n");
+        pc.printf("[-] no tls allocated\n");
         return NSAPI_ERROR_NO_SOCKET;
     }
 
@@ -202,7 +206,7 @@
         return _error;
     }
 
-    printf("[+] Configuring a dtls-client session initiation ... ");
+    pc.printf("[+] Configuring a dtls-client session initiation ... ");
     mbedtls_ssl_conf_endpoint(_ssl_conf, MBEDTLS_SSL_IS_CLIENT);
     mbedtls_ssl_conf_transport(_ssl_conf, MBEDTLS_SSL_TRANSPORT_DATAGRAM);
 
@@ -219,12 +223,12 @@
     mbedtls_ssl_conf_ca_chain(_ssl_conf, _cacert, NULL);     
     tr_info("mbedtls_ssl_conf_rng()");
     mbedtls_ssl_conf_rng(_ssl_conf, mbedtls_ctr_drbg_random, _ctr_drbg);
-    printf("ok\n");
+    pc.printf("ok\n");
     
     /* It is possible to disable authentication by passing
       MBEDTLS_SSL_VERIFY_NONE in the call to mbedtls_ssl_conf_authmode()
      */
-    printf("[+] Configuring the Session Information ... ");
+    pc.printf("[+] Configuring the Session Information ... ");
     tr_info("mbedtls_ssl_conf_authmode()");
     mbedtls_ssl_conf_authmode(_ssl_conf, MBEDTLS_SSL_VERIFY_NONE);
     
@@ -252,45 +256,45 @@
         _error = ret;
         return _error;
     }
-    printf("ok\n");
+    pc.printf("ok\n");
     
-    printf("[+] Configuring the Bio ... ");
+    pc.printf("[+] Configuring the Bio ... ");
     mbedtls_ssl_set_bio(_ssl, this, ssl_send, ssl_recv, NULL );
-    printf("ok\n");
+    pc.printf("ok\n");
     
     if(_client_auth) {
-                printf("[+] Configuring Client's pvtKey & certKey ... "); 
+                pc.printf("[+] Configuring Client's pvtKey & certKey ... "); 
         if((ret = mbedtls_ssl_conf_own_cert(_ssl_conf, _clicert, _pkctx)) != 0) {
             print_mbedtls_error("mbedtls_ssl_conf_own_cert", ret);
             _error = ret;
             return _error;
         }
-                printf("ok\n");
+                pc.printf("ok\n");
     } 
     
-    printf("[+] Timing Call-Back Setting ... "); 
+    pc.printf("[+] Timing Call-Back Setting ... "); 
     mbedtls_ssl_set_timer_cb(_ssl, _ssl_timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay);
-    printf("ok\n");
+    pc.printf("ok\n");
 
     /* Start the handshake, the rest will be done in onReceive() */ 
     //uint32_t init, final, TCPH, TTPH;
-    printf("[+] DTLS Handshake Connecting \n");    
+    pc.printf("[+] DTLS Handshake Connecting \n");    
     //init = osKernelGetTickCount(); 
     if ((ret = mbedtls_ssl_handshake(_ssl)) != 0) {
-        printf("[-] mbedtls_ssl_handshake error %d\n", ret);
+        pc.printf("[-] mbedtls_ssl_handshake error %d\n", ret);
         return ret;
     } 
     else {
         //final = osKernelGetTickCount();
-        printf("[+] DTLS Hanshake Connected \n");
+        pc.printf("[+] DTLS Hanshake Connected \n");
     } 
     
     //TCPH = final - init;
     //TTPH = TCPH/osKernelGetTickFreq();
     
-    //printf("\nTCPH: %d\n", TCPH);
-    //printf("\nTTPH: %d\n", TTPH); 
-    //printf("\nTickFreq: %d\n", osKernelGetTickFreq()); 
+    //pc.printf("\nTCPH: %d\n", TCPH);
+    //pc.printf("\nTTPH: %d\n", TTPH); 
+    //pc.printf("\nTickFreq: %d\n", osKernelGetTickFreq()); 
     
     /* It also means the handshake is done, time to print info */
     tr_info("[+] TLS connection to %s established\r\n", _ssl->hostname);
@@ -332,9 +336,9 @@
     /*TCPH = final - init;
     TTPH = TCPH/osKernelGetTickFreq();
     
-    printf("\nTCPH: %d\n", TCPH);
-    printf("\nTTPH: %d\n", TTPH); 
-    printf("\nTickFreq: %d\n", osKernelGetTickFreq()); */
+    pc.printf("\nTCPH: %d\n", TCPH);
+    pc.printf("\nTTPH: %d\n", TTPH); 
+    pc.printf("\nTickFreq: %d\n", osKernelGetTickFreq()); */
 
     if (ret == MBEDTLS_ERR_SSL_WANT_WRITE ||
         ret == MBEDTLS_ERR_SSL_WANT_READ) {
@@ -555,16 +559,16 @@
 
 nsapi_error_t TLSSocketWrapper::connect(const SocketAddress &address)
 {
-    printf("Hello from TLSSocketWrapper::connect().\n");
+    pc.printf("Hello from TLSSocketWrapper::connect().\n");
     if (!_transport) {
-        printf("transport not available\n");
+        pc.printf("transport not available\n");
         return NSAPI_ERROR_NO_SOCKET;
     }
     //TODO: We could initiate the hanshake here, if there would be separate function call to set the target hostname
     nsapi_error_t ret = _transport->connect(address);
     if (ret) {
-        printf("transport->connect() failed, %d\n", ret);
-        printf("error return from TLSSocketWrapper::connect %d\n", ret);
+        pc.printf("transport->connect() failed, %d\n", ret);
+        pc.printf("error return from TLSSocketWrapper::connect %d\n", ret);
         return ret;
     } 
     return do_handshake();
--- a/TLSSocketWrapper.h	Fri Aug 23 13:29:35 2019 +0000
+++ b/TLSSocketWrapper.h	Thu Aug 29 06:43:11 2019 +0000
@@ -28,6 +28,8 @@
 #include "mbedtls/timing.h"
 #include <Timer.h>
 
+static RawSerial pc(USBTX, USBRX); // tx, rx
+
 //#include "timing_alt.h"
 /**
  * \brief TLSSocket a wrapper around Socket for interacting with TLS servers
@@ -85,7 +87,8 @@
      */
     nsapi_error_t set_client_cert_key(const char *client_cert_pem, const char *client_private_key_pem);
     
-    int set_client_kpsa_kpsaID_cipher();
+    int set_client1_kpsa_kpsaID_cipher();
+    int set_client2_kpsa_kpsaID_cipher();
     /** Initiates TLS Handshake
      *
      *  Initiates a TLS hanshake to a remote speer