Ashley Mills
cyassl re-port with cellular comms, PSK test
Dependencies: VodafoneUSBModem_bleedingedge2 mbed-rtos mbed-src
main.cpp@1:b211d97b0068, 2013-04-26 (annotated)
- Committer:
- ashleymills
- Date:
- Fri Apr 26 16:59:36 2013 +0000
- Revision:
- 1:b211d97b0068
- Parent:
- 0:e979170e02e7
nothing
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| ashleymills | 0:e979170e02e7 | 1 | #define __DEBUG__ 4 //Maximum verbosity |
| ashleymills | 0:e979170e02e7 | 2 | #ifndef __MODULE__ |
| ashleymills | 0:e979170e02e7 | 3 | #define __MODULE__ "main.cpp" |
| ashleymills | 0:e979170e02e7 | 4 | #endif |
| ashleymills | 0:e979170e02e7 | 5 | |
| ashleymills | 0:e979170e02e7 | 6 | |
| ashleymills | 0:e979170e02e7 | 7 | #define DEBUG_CYASSL 1 |
| ashleymills | 0:e979170e02e7 | 8 | |
| ashleymills | 0:e979170e02e7 | 9 | #include "mbed.h" |
| ashleymills | 0:e979170e02e7 | 10 | #include "rtos.h" |
| ashleymills | 0:e979170e02e7 | 11 | #include "ssl.h" |
| ashleymills | 0:e979170e02e7 | 12 | #include "VodafoneUSBModem.h" |
| ashleymills | 0:e979170e02e7 | 13 | #include "socket.h" |
| ashleymills | 0:e979170e02e7 | 14 | |
| ashleymills | 0:e979170e02e7 | 15 | |
| ashleymills | 0:e979170e02e7 | 16 | #define APN_PAYG |
| ashleymills | 0:e979170e02e7 | 17 | |
| ashleymills | 0:e979170e02e7 | 18 | #ifdef APN_GDSP |
| ashleymills | 0:e979170e02e7 | 19 | #define APN "ppinternetd.gdsp" |
| ashleymills | 0:e979170e02e7 | 20 | #define APN_USERNAME "" |
| ashleymills | 0:e979170e02e7 | 21 | #define APN_PASSWORD "" |
| ashleymills | 0:e979170e02e7 | 22 | #endif |
| ashleymills | 0:e979170e02e7 | 23 | |
| ashleymills | 0:e979170e02e7 | 24 | #ifdef APN_CONTRACT |
| ashleymills | 0:e979170e02e7 | 25 | #define APN "internet" |
| ashleymills | 0:e979170e02e7 | 26 | #define APN_USERNAME "web" |
| ashleymills | 0:e979170e02e7 | 27 | #define APN_PASSWORD "web" |
| ashleymills | 0:e979170e02e7 | 28 | #endif |
| ashleymills | 0:e979170e02e7 | 29 | |
| ashleymills | 0:e979170e02e7 | 30 | #ifdef APN_PAYG |
| ashleymills | 0:e979170e02e7 | 31 | #define APN "smart" |
| ashleymills | 0:e979170e02e7 | 32 | #define APN_USERNAME "web" |
| ashleymills | 0:e979170e02e7 | 33 | #define APN_PASSWORD "web" |
| ashleymills | 0:e979170e02e7 | 34 | #endif |
| ashleymills | 0:e979170e02e7 | 35 | |
| ashleymills | 0:e979170e02e7 | 36 | static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint, |
| ashleymills | 0:e979170e02e7 | 37 | char* identity, unsigned int id_max_len, unsigned char* key, |
| ashleymills | 0:e979170e02e7 | 38 | unsigned int key_max_len) |
| ashleymills | 0:e979170e02e7 | 39 | { |
| ashleymills | 0:e979170e02e7 | 40 | (void)ssl; |
| ashleymills | 0:e979170e02e7 | 41 | (void)hint; |
| ashleymills | 0:e979170e02e7 | 42 | (void)key_max_len; |
| ashleymills | 0:e979170e02e7 | 43 | |
| ashleymills | 0:e979170e02e7 | 44 | /* identity is OpenSSL testing default for openssl s_client, keep same */ |
| ashleymills | 0:e979170e02e7 | 45 | strncpy(identity, "Client_identity", id_max_len); |
| ashleymills | 0:e979170e02e7 | 46 | |
| ashleymills | 0:e979170e02e7 | 47 | |
| ashleymills | 0:e979170e02e7 | 48 | /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using |
| ashleymills | 0:e979170e02e7 | 49 | unsigned binary */ |
| ashleymills | 0:e979170e02e7 | 50 | key[0] = 26; |
| ashleymills | 0:e979170e02e7 | 51 | key[1] = 43; |
| ashleymills | 0:e979170e02e7 | 52 | key[2] = 60; |
| ashleymills | 0:e979170e02e7 | 53 | key[3] = 77; |
| ashleymills | 0:e979170e02e7 | 54 | |
| ashleymills | 0:e979170e02e7 | 55 | return 4; /* length of key in octets or 0 for error */ |
| ashleymills | 0:e979170e02e7 | 56 | } |
| ashleymills | 0:e979170e02e7 | 57 | |
| ashleymills | 0:e979170e02e7 | 58 | |
| ashleymills | 0:e979170e02e7 | 59 | static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, |
| ashleymills | 0:e979170e02e7 | 60 | unsigned char* key, unsigned int key_max_len) |
| ashleymills | 0:e979170e02e7 | 61 | { |
| ashleymills | 0:e979170e02e7 | 62 | (void)ssl; |
| ashleymills | 0:e979170e02e7 | 63 | (void)key_max_len; |
| ashleymills | 0:e979170e02e7 | 64 | |
| ashleymills | 0:e979170e02e7 | 65 | /* identity is OpenSSL testing default for openssl s_client, keep same */ |
| ashleymills | 0:e979170e02e7 | 66 | if (strncmp(identity, "Client_identity", 15) != 0) |
| ashleymills | 0:e979170e02e7 | 67 | return 0; |
| ashleymills | 0:e979170e02e7 | 68 | |
| ashleymills | 0:e979170e02e7 | 69 | /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using |
| ashleymills | 0:e979170e02e7 | 70 | unsigned binary */ |
| ashleymills | 0:e979170e02e7 | 71 | key[0] = 26; |
| ashleymills | 0:e979170e02e7 | 72 | key[1] = 43; |
| ashleymills | 0:e979170e02e7 | 73 | key[2] = 60; |
| ashleymills | 0:e979170e02e7 | 74 | key[3] = 77; |
| ashleymills | 0:e979170e02e7 | 75 | |
| ashleymills | 0:e979170e02e7 | 76 | return 4; /* length of key in octets or 0 for error */ |
| ashleymills | 0:e979170e02e7 | 77 | } |
| ashleymills | 0:e979170e02e7 | 78 | |
| ashleymills | 0:e979170e02e7 | 79 | bool connectToSocket(char *ipAddress, int port, int *sockfd) { |
| ashleymills | 0:e979170e02e7 | 80 | *sockfd = -1; |
| ashleymills | 0:e979170e02e7 | 81 | // create the socket |
| ashleymills | 0:e979170e02e7 | 82 | if((*sockfd=socket(AF_INET,SOCK_STREAM,0))<0) { |
| ashleymills | 0:e979170e02e7 | 83 | DBG("Error opening socket"); |
| ashleymills | 0:e979170e02e7 | 84 | return false; |
| ashleymills | 0:e979170e02e7 | 85 | } |
| ashleymills | 0:e979170e02e7 | 86 | |
| ashleymills | 0:e979170e02e7 | 87 | // create the socket address |
| ashleymills | 0:e979170e02e7 | 88 | sockaddr_in serverAddress; |
| ashleymills | 0:e979170e02e7 | 89 | std::memset(&serverAddress, 0, sizeof(struct sockaddr_in)); |
| ashleymills | 0:e979170e02e7 | 90 | serverAddress.sin_addr.s_addr = inet_addr(ipAddress); |
| ashleymills | 0:e979170e02e7 | 91 | serverAddress.sin_family = AF_INET; |
| ashleymills | 0:e979170e02e7 | 92 | serverAddress.sin_port = htons(port); |
| ashleymills | 0:e979170e02e7 | 93 | |
| ashleymills | 0:e979170e02e7 | 94 | // do socket connect |
| ashleymills | 0:e979170e02e7 | 95 | //LOG("Connecting socket to %s:%d", inet_ntoa(serverAddress.sin_addr), ntohs(serverAddress.sin_port)); |
| ashleymills | 0:e979170e02e7 | 96 | if(connect(*sockfd, (const struct sockaddr *)&serverAddress, sizeof(serverAddress))<0) { |
| ashleymills | 0:e979170e02e7 | 97 | ::close(*sockfd); |
| ashleymills | 0:e979170e02e7 | 98 | DBG("Could not connect"); |
| ashleymills | 0:e979170e02e7 | 99 | return false; |
| ashleymills | 0:e979170e02e7 | 100 | } |
| ashleymills | 0:e979170e02e7 | 101 | return true; |
| ashleymills | 0:e979170e02e7 | 102 | } |
| ashleymills | 0:e979170e02e7 | 103 | |
| ashleymills | 0:e979170e02e7 | 104 | |
| ashleymills | 0:e979170e02e7 | 105 | DigitalOut myled(LED1); |
| ashleymills | 0:e979170e02e7 | 106 | |
| ashleymills | 0:e979170e02e7 | 107 | |
| ashleymills | 0:e979170e02e7 | 108 | //const unsigned char *serverCert = "-----BEGIN CERTIFICATE-----\r\nMIIDCjCCAnOgAwIBAgIJAM/U0HS+lzWAMA0GCSqGSIb3DQEBBQUAMGIxCzAJBgNV\r\nBAYTAlVLMRAwDgYDVQQIEwdFbmdsYW5kMRAwDgYDVQQHEwdOZXdidXJ5MRAwDgYD\r\nVQQKEwdBc2hsZXlzMQwwCgYDVQQLFANSJkQxDzANBgNVBAMTBkFzaGxleTAeFw0x\r\nMzA0MjYxNTIyNTFaFw0xNDA0MjYxNTIyNTFaMGIxCzAJBgNVBAYTAlVLMRAwDgYD\r\nVQQIEwdFbmdsYW5kMRAwDgYDVQQHEwdOZXdidXJ5MRAwDgYDVQQKEwdBc2hsZXlz\r\nMQwwCgYDVQQLFANSJkQxDzANBgNVBAMTBkFzaGxleTCBnzANBgkqhkiG9w0BAQEF\r\nAAOBjQAwgYkCgYEAwbLJUkH8ESIzW+6/k+ZNwt4fSvm0SsnVrmPgJMaoIghIx+EY\r\nxwjGUl5mdNIaOFyj9It1n+BT1uXIBewMTUdXXMDTHU60i+1Q0NtU2uWHoEj9Jf4T\r\nLyG5Jyuellu8zS4A+D5nTUdhxyZDz27BzHZ3XTod8670Zq2kYwjruE/2u+kCAwEA\r\nAaOBxzCBxDAdBgNVHQ4EFgQUff4ginSFEsol4OxS6MQlCfmtLYowgZQGA1UdIwSB\r\njDCBiYAUff4ginSFEsol4OxS6MQlCfmtLYqhZqRkMGIxCzAJBgNVBAYTAlVLMRAw\r\nDgYDVQQIEwdFbmdsYW5kMRAwDgYDVQQHEwdOZXdidXJ5MRAwDgYDVQQKEwdBc2hs\r\nZXlzMQwwCgYDVQQLFANSJkQxDzANBgNVBAMTBkFzaGxleYIJAM/U0HS+lzWAMAwG\r\nA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEArAQgHKW2FcszoxoQxp//waWV\r\n8d8zA2P2TB6QungJeo7GBys/q5JlyZ+XrpNfcGE52qwwHo68JqD4BhOGd3botyhg\r\nHX2+LXavi/cisqwgmmIKN/WtTKBv6MLNxW79WPhmvbkLIRUdTxaUBlKTFYDmNP02\r\n8o7kKH44sPrPaGOeidU=\r\n-----END CERTIFICATE-----"; |
| ashleymills | 0:e979170e02e7 | 109 | |
| ashleymills | 0:e979170e02e7 | 110 | int main() { |
| ashleymills | 0:e979170e02e7 | 111 | DBG_INIT(); |
| ashleymills | 0:e979170e02e7 | 112 | DBG_SET_SPEED(115200); |
| ashleymills | 0:e979170e02e7 | 113 | DBG_SET_NEWLINE("\r\n"); |
| ashleymills | 0:e979170e02e7 | 114 | |
| ashleymills | 0:e979170e02e7 | 115 | // init modem |
| ashleymills | 0:e979170e02e7 | 116 | VodafoneUSBModem modem; |
| ashleymills | 0:e979170e02e7 | 117 | |
| ashleymills | 0:e979170e02e7 | 118 | // set SSL method to SSL v3 (TLS v1.2) |
| ashleymills | 0:e979170e02e7 | 119 | //CyaSSLv23_client_method(); |
| ashleymills | 0:e979170e02e7 | 120 | |
| ashleymills | 0:e979170e02e7 | 121 | CyaSSL_Init();// Initialize CyaSSL |
| ashleymills | 0:e979170e02e7 | 122 | if(CyaSSL_Debugging_ON()==0) { |
| ashleymills | 0:e979170e02e7 | 123 | DBG("CyaSSL debugging enabled"); |
| ashleymills | 0:e979170e02e7 | 124 | } else { |
| ashleymills | 0:e979170e02e7 | 125 | DBG("CyaSSL debugging not compiled in"); |
| ashleymills | 0:e979170e02e7 | 126 | } |
| ashleymills | 0:e979170e02e7 | 127 | |
| ashleymills | 0:e979170e02e7 | 128 | |
| ashleymills | 0:e979170e02e7 | 129 | // setup certificates for server authentication |
| ashleymills | 0:e979170e02e7 | 130 | CYASSL_CTX* ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); |
| ashleymills | 0:e979170e02e7 | 131 | if(ctx == NULL){ |
| ashleymills | 0:e979170e02e7 | 132 | DBG("CyaSSL_CTX_new error.\n"); |
| ashleymills | 0:e979170e02e7 | 133 | exit(EXIT_FAILURE); |
| ashleymills | 0:e979170e02e7 | 134 | } |
| ashleymills | 0:e979170e02e7 | 135 | DBG("Setup SSL context"); |
| ashleymills | 0:e979170e02e7 | 136 | |
| ashleymills | 0:e979170e02e7 | 137 | |
| ashleymills | 0:e979170e02e7 | 138 | // use pre-shared keys |
| ashleymills | 0:e979170e02e7 | 139 | CyaSSL_CTX_set_psk_client_callback(ctx,my_psk_client_cb); |
| ashleymills | 0:e979170e02e7 | 140 | /* |
| ashleymills | 0:e979170e02e7 | 141 | if(CyaSSL_CTX_load_verify_buffer(ctx, serverCert, strlen((const char*)serverCert),SSL_FILETYPE_PEM)==0) { |
| ashleymills | 0:e979170e02e7 | 142 | DBG("loaded server cert OK"); |
| ashleymills | 0:e979170e02e7 | 143 | }*/ |
| ashleymills | 0:e979170e02e7 | 144 | |
| ashleymills | 0:e979170e02e7 | 145 | // connnect modem to cellular network |
| ashleymills | 0:e979170e02e7 | 146 | DBG("connecting to mobile network"); |
| ashleymills | 0:e979170e02e7 | 147 | if(modem.connect(APN,APN_USERNAME,APN_PASSWORD)!=0) { |
| ashleymills | 0:e979170e02e7 | 148 | DBG("Error connecting to mobile network"); |
| ashleymills | 0:e979170e02e7 | 149 | } |
| ashleymills | 0:e979170e02e7 | 150 | DBG("Connected to mobile network"); |
| ashleymills | 0:e979170e02e7 | 151 | |
| ashleymills | 0:e979170e02e7 | 152 | |
| ashleymills | 0:e979170e02e7 | 153 | // connect to SSL enabled webserver |
| ashleymills | 0:e979170e02e7 | 154 | int sockfd = NULL; |
| ashleymills | 0:e979170e02e7 | 155 | if(!connectToSocket("176.56.234.81", 11111, &sockfd)) { |
| ashleymills | 0:e979170e02e7 | 156 | DBG("Error connecting to socket"); |
| ashleymills | 0:e979170e02e7 | 157 | } |
| ashleymills | 0:e979170e02e7 | 158 | DBG("Connected to non-SSL socket"); |
| ashleymills | 0:e979170e02e7 | 159 | |
| ashleymills | 0:e979170e02e7 | 160 | // hook into SSL |
| ashleymills | 0:e979170e02e7 | 161 | // Create CYASSL object |
| ashleymills | 0:e979170e02e7 | 162 | CYASSL* ssl; |
| ashleymills | 0:e979170e02e7 | 163 | ssl = CyaSSL_new(ctx); |
| ashleymills | 0:e979170e02e7 | 164 | if(ssl == NULL) { |
| ashleymills | 0:e979170e02e7 | 165 | DBG("CyaSSL_new error."); |
| ashleymills | 0:e979170e02e7 | 166 | exit(EXIT_FAILURE); |
| ashleymills | 0:e979170e02e7 | 167 | } |
| ashleymills | 0:e979170e02e7 | 168 | DBG("CyaSSL_new OK"); |
| ashleymills | 0:e979170e02e7 | 169 | |
| ashleymills | 0:e979170e02e7 | 170 | // attach to socket |
| ashleymills | 0:e979170e02e7 | 171 | DBG("Attaching CyaSSL to socket"); |
| ashleymills | 0:e979170e02e7 | 172 | CyaSSL_set_fd(ssl, sockfd); |
| ashleymills | 0:e979170e02e7 | 173 | DBG("Attached CyaSSL to socket"); |
| ashleymills | 0:e979170e02e7 | 174 | |
| ashleymills | 0:e979170e02e7 | 175 | DBG("Issuing CyaSSL_connect"); |
| ashleymills | 0:e979170e02e7 | 176 | if(CyaSSL_connect(ssl)!=SSL_SUCCESS) { |
| ashleymills | 0:e979170e02e7 | 177 | DBG("CyaSSL_connect failed"); |
| ashleymills | 0:e979170e02e7 | 178 | } |
| ashleymills | 0:e979170e02e7 | 179 | DBG("CyaSSL_connect OK"); |
| ashleymills | 0:e979170e02e7 | 180 | |
| ashleymills | 0:e979170e02e7 | 181 | CyaSSL_write(ssl,"hello",5); |
| ashleymills | 0:e979170e02e7 | 182 | |
| ashleymills | 0:e979170e02e7 | 183 | // clean up |
| ashleymills | 0:e979170e02e7 | 184 | CyaSSL_CTX_free(ctx); |
| ashleymills | 0:e979170e02e7 | 185 | CyaSSL_Cleanup(); |
| ashleymills | 0:e979170e02e7 | 186 | } |
| ashleymills | 0:e979170e02e7 | 187 |