Ashley Mills / CyaSSL_DTLS_Ethernet

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependencies:   EthernetInterface NTPClient cyassl-lib mbed-rtos mbed-src CyaSSL_DTLS_Ethernet

Dependents:   CyaSSL_DTLS_Ethernet

Diff: main.cpp

Revision:
4:df1e7ada3ef2
Parent:
3:48795329999a
diff -r 48795329999a -r df1e7ada3ef2 main.cpp
--- a/main.cpp	Thu Sep 19 13:07:53 2013 +0000
+++ b/main.cpp	Thu Sep 19 13:26:15 2013 +0000
@@ -18,7 +18,8 @@
 #include "certs/device_private_key.h"
 #include "certs/root_certificate.h"
 
-/*
+/* 
+// this is how you would setup a client PSK
 static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint,
         char* identity, unsigned int id_max_len, unsigned char* key,
         unsigned int key_max_len)
@@ -42,30 +43,6 @@
 
     return 4;   // length of key in octets or 0 for error
 }
-
-
-static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity,
-        unsigned char* key, unsigned int key_max_len)
-{
-    (void)ssl;
-    (void)key_max_len;
-
-
-    DBG("PSK server callback called.");
-
-    // identity is OpenSSL testing default for openssl s_client, keep same
-    if (strncmp(identity, "Client_identity", 15) != 0)
-        return 0;
-
-    // test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
-    // unsigned binary
-    key[0] = 26;
-    key[1] = 43;
-    key[2] = 60;
-    key[3] = 77;
-
-    return 4;   // length of key in octets or 0 for error
-}
 */
 
 sockaddr_in bindAddr,serverAddress;
@@ -110,32 +87,6 @@
   return true;
 }
 
-bool connectToSocket(char *ipAddress, int port, int *sockfd) {
-  *sockfd = -1;
-  // create the socket
-  if((*sockfd=socket(AF_INET,SOCK_STREAM,0))<0) {
-     DBG("Error opening socket");
-     return false;
-  }
-         
-  // create the socket address
-  sockaddr_in serverAddress;
-  std::memset(&serverAddress, 0, sizeof(struct sockaddr_in));
-  serverAddress.sin_addr.s_addr = inet_addr(ipAddress);
-  serverAddress.sin_family = AF_INET;
-  serverAddress.sin_port = htons(port);
-
-  // do socket connect
-  //LOG("Connecting socket to %s:%d", inet_ntoa(serverAddress.sin_addr), ntohs(serverAddress.sin_port));
-  if(connect(*sockfd, (const struct sockaddr *)&serverAddress, sizeof(serverAddress))<0) {
-     shutdown(*sockfd,SHUT_RDWR);
-     close(*sockfd);
-     DBG("Could not connect");
-     return false;
-  }
-  return true;
-}
-
 DigitalOut myled(LED1);
 #define INTERFACE EthernetInterface
 
@@ -159,20 +110,17 @@
    
    int ret = 0;
    
-   // init modem
-   INTERFACE modem;
-   // connnect modem to cellular network
-   DBG("connecting to network interface");
-   //if(modem.connect(APN,APN_USERNAME,APN_PASSWORD)!=0) {
-   //   DBG("Error connecting to mobile network");
-   //}
-   modem.init();
-   if(modem.connect(10000)) {
+   // init ethernet
+   EthernetInterface ethernet;
+   // connnect ethernet
+   DBG("Cnnecting to network interface");
+   ethernet.init();
+   if(ethernet.connect(10000)) {
       DBG("Error initialising ethernet interface");
    }
    DBG("Connected to network interface");
    
-   DBG("IP: %s",modem.getIPAddress());
+   DBG("IP: %s",ethernet.getIPAddress());
     
    // need to set the time before doing anything else
    NTPClient ntp;
@@ -202,13 +150,11 @@
       DBG("CyaSSL debugging not compiled in");
    }
    
+   // use our own debugging system for CyaSSL debugging
    CyaSSL_SetLoggingCb(&debugCallback);
 
    // set client method
    
-   // TLS
-   //CYASSL_CTX* ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
-   
    // DTLS
    CYASSL_METHOD* method = CyaDTLSv1_2_client_method();
    if(method == NULL) {
@@ -225,10 +171,6 @@
    
    // use pre-shared keys
    //CyaSSL_CTX_set_psk_client_callback(ctx,my_psk_client_cb);
-   /*
-   if(CyaSSL_CTX_load_verify_buffer(ctx, serverCert, strlen((const char*)serverCert),SSL_FILETYPE_PEM)==0) {
-      DBG("loaded server cert OK");
-   }*/
    
    // load certificates for CA and us
    // load CA cert
@@ -256,13 +198,11 @@
    }
    DBG("CyaSSL_new OK");
    
-   // setup callbacks for handshake failure
-   /*
-   Timeval timeout;
-   timeout.tv_sec  = 5;
-   timeout.tv_usec = 0;
-   ret = CyaSSL_connect_ex(ssl, handshakeCallback, timeoutCallback, timeout);
-   */
+   // this is where you set the peer name for the server
+   // CyaSSL_connect() will return an error which resolves to
+   // DOMAIN_NAME_MISMATCH via CyaSSL_get_error()
+   // this is how you ensure that the peer is who you think it is
+   CyaSSL_check_domain_name(ssl, "DMServer");
    
    // attach to socket
    DBG("Attaching CyaSSL to socket");