boting ren / Mbed OS BLEClient_mbedDevConn

This is an example of BLE GATT Client, which receives broadcast data from BLE_Server_BME280 ( a GATT server) , then transfers values up to mbed Device Connector (cloud).

Please refer details about BLEClient_mbedDevConn below. https://github.com/soramame21/BLEClient_mbedDevConn

The location of required BLE GATT server, BLE_Server_BME280, is at here. https://developer.mbed.org/users/edamame22/code/BLE_Server_BME280/

mbed-client/mbed-client-mbed-tls/source/m2mconnectionsecuritypimpl.cpp@0:29983394c6b6, 2017-04-13 (annotated)

Committer:
edamame22
Date:
Thu Apr 13 04:48:11 2017 +0000
Revision:
0:29983394c6b6
Initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
edamame22 0:29983394c6b6 1 /*
edamame22 0:29983394c6b6 2 * Copyright (c) 2015 ARM Limited. All rights reserved.
edamame22 0:29983394c6b6 3 * SPDX-License-Identifier: Apache-2.0
edamame22 0:29983394c6b6 4 * Licensed under the Apache License, Version 2.0 (the License); you may
edamame22 0:29983394c6b6 5 * not use this file except in compliance with the License.
edamame22 0:29983394c6b6 6 * You may obtain a copy of the License at
edamame22 0:29983394c6b6 7 *
edamame22 0:29983394c6b6 8 * http://www.apache.org/licenses/LICENSE-2.0
edamame22 0:29983394c6b6 9 *
edamame22 0:29983394c6b6 10 * Unless required by applicable law or agreed to in writing, software
edamame22 0:29983394c6b6 11 * distributed under the License is distributed on an AS IS BASIS, WITHOUT
edamame22 0:29983394c6b6 12 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
edamame22 0:29983394c6b6 13 * See the License for the specific language governing permissions and
edamame22 0:29983394c6b6 14 * limitations under the License.
edamame22 0:29983394c6b6 15 */
edamame22 0:29983394c6b6 16
edamame22 0:29983394c6b6 17 #include "mbed-client/m2mconnectionhandler.h"
edamame22 0:29983394c6b6 18 #include "mbed-client-mbedtls/m2mconnectionsecuritypimpl.h"
edamame22 0:29983394c6b6 19 #include "mbed-client/m2mtimer.h"
edamame22 0:29983394c6b6 20 #include "mbed-client/m2msecurity.h"
edamame22 0:29983394c6b6 21 #include "mbed-trace/mbed_trace.h"
edamame22 0:29983394c6b6 22 #include "mbedtls/debug.h"
edamame22 0:29983394c6b6 23 #include <string.h>
edamame22 0:29983394c6b6 24
edamame22 0:29983394c6b6 25 #define TRACE_GROUP "mClt"
edamame22 0:29983394c6b6 26
edamame22 0:29983394c6b6 27 void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
edamame22 0:29983394c6b6 28 int mbedtls_timing_get_delay( void *data );
edamame22 0:29983394c6b6 29 int entropy_poll( void *data, unsigned char *output, size_t len, size_t *olen );
edamame22 0:29983394c6b6 30 //Point these back to M2MConnectionHandler!!!
edamame22 0:29983394c6b6 31 int f_send( void *ctx, const unsigned char *buf, size_t len );
edamame22 0:29983394c6b6 32 int f_recv(void *ctx, unsigned char *buf, size_t len);
edamame22 0:29983394c6b6 33 int f_recv_timeout(void *ctx, unsigned char *buf, size_t len, uint32_t some);
edamame22 0:29983394c6b6 34
edamame22 0:29983394c6b6 35 bool cancelled;
edamame22 0:29983394c6b6 36 random_number_cb __random_number_callback;
edamame22 0:29983394c6b6 37 entropy_cb __entropy_callback;
edamame22 0:29983394c6b6 38
edamame22 0:29983394c6b6 39 //Comment out following define to enable tracing from mbedtls
edamame22 0:29983394c6b6 40 //#define ENABLE_MBED_CLIENT_MBED_TLS_DEBUGS
edamame22 0:29983394c6b6 41 #ifdef ENABLE_MBED_CLIENT_MBED_TLS_DEBUGS
edamame22 0:29983394c6b6 42 static void mbedtls_debug( void *ctx, int level,
edamame22 0:29983394c6b6 43 const char *file, int line, const char *str )
edamame22 0:29983394c6b6 44 {
edamame22 0:29983394c6b6 45 ((void) level);
edamame22 0:29983394c6b6 46 tr_debug("%s", str);
edamame22 0:29983394c6b6 47 }
edamame22 0:29983394c6b6 48
edamame22 0:29983394c6b6 49 static int verify_cert_chains(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags)
edamame22 0:29983394c6b6 50 {
edamame22 0:29983394c6b6 51 char buf[1024];
edamame22 0:29983394c6b6 52 (void) data;
edamame22 0:29983394c6b6 53
edamame22 0:29983394c6b6 54 printf("\nVerifying certificate at depth %d:\n", depth);
edamame22 0:29983394c6b6 55 mbedtls_x509_crt_info(buf, sizeof (buf) - 1, " ", crt);
edamame22 0:29983394c6b6 56 printf("%s", buf);
edamame22 0:29983394c6b6 57
edamame22 0:29983394c6b6 58 if (*flags == 0)
edamame22 0:29983394c6b6 59 printf("No verification issue for this certificate\n");
edamame22 0:29983394c6b6 60 else
edamame22 0:29983394c6b6 61 {
edamame22 0:29983394c6b6 62 mbedtls_x509_crt_verify_info(buf, sizeof (buf), " ! ", *flags);
edamame22 0:29983394c6b6 63 printf("%s\n", buf);
edamame22 0:29983394c6b6 64 }
edamame22 0:29983394c6b6 65
edamame22 0:29983394c6b6 66 return 0;
edamame22 0:29983394c6b6 67 }
edamame22 0:29983394c6b6 68 #endif
edamame22 0:29983394c6b6 69
edamame22 0:29983394c6b6 70 M2MConnectionSecurityPimpl::M2MConnectionSecurityPimpl(M2MConnectionSecurity::SecurityMode mode)
edamame22 0:29983394c6b6 71 : _flags(0),
edamame22 0:29983394c6b6 72 _sec_mode(mode)
edamame22 0:29983394c6b6 73 {
edamame22 0:29983394c6b6 74 _init_done = false;
edamame22 0:29983394c6b6 75 cancelled = true;
edamame22 0:29983394c6b6 76 _timer = new M2MTimer(*this);
edamame22 0:29983394c6b6 77 mbedtls_ssl_init( &_ssl );
edamame22 0:29983394c6b6 78 mbedtls_ssl_config_init( &_conf );
edamame22 0:29983394c6b6 79 mbedtls_x509_crt_init( &_cacert );
edamame22 0:29983394c6b6 80 mbedtls_x509_crt_init(&_owncert);
edamame22 0:29983394c6b6 81 mbedtls_pk_init(&_pkey);
edamame22 0:29983394c6b6 82 mbedtls_ctr_drbg_init( &_ctr_drbg );
edamame22 0:29983394c6b6 83 mbedtls_entropy_init( &_entropy );
edamame22 0:29983394c6b6 84 }
edamame22 0:29983394c6b6 85
edamame22 0:29983394c6b6 86 M2MConnectionSecurityPimpl::~M2MConnectionSecurityPimpl(){
edamame22 0:29983394c6b6 87 mbedtls_ssl_config_free(&_conf);
edamame22 0:29983394c6b6 88 mbedtls_ssl_free(&_ssl);
edamame22 0:29983394c6b6 89 mbedtls_x509_crt_free(&_cacert);
edamame22 0:29983394c6b6 90 mbedtls_x509_crt_free(&_owncert);
edamame22 0:29983394c6b6 91 mbedtls_pk_free(&_pkey);
edamame22 0:29983394c6b6 92 mbedtls_ctr_drbg_free( &_ctr_drbg );
edamame22 0:29983394c6b6 93 mbedtls_entropy_free( &_entropy );
edamame22 0:29983394c6b6 94 delete _timer;
edamame22 0:29983394c6b6 95 }
edamame22 0:29983394c6b6 96
edamame22 0:29983394c6b6 97 void M2MConnectionSecurityPimpl::timer_expired(M2MTimerObserver::Type type){
edamame22 0:29983394c6b6 98 tr_debug("M2MConnectionSecurityPimpl::timer_expired");
edamame22 0:29983394c6b6 99 if(type == M2MTimerObserver::Dtls && !cancelled){
edamame22 0:29983394c6b6 100 int error = continue_connecting();
edamame22 0:29983394c6b6 101 if(MBEDTLS_ERR_SSL_TIMEOUT == error || error == -1) {
edamame22 0:29983394c6b6 102 tr_error("M2MConnectionSecurityPimpl::timer_expired - handshake timeout");
edamame22 0:29983394c6b6 103 if(_ssl.p_bio) {
edamame22 0:29983394c6b6 104 M2MConnectionHandler* ptr = (M2MConnectionHandler*)_ssl.p_bio;
edamame22 0:29983394c6b6 105 ptr->handle_connection_error(M2MConnectionHandler::SSL_HANDSHAKE_ERROR);
edamame22 0:29983394c6b6 106 }
edamame22 0:29983394c6b6 107 reset();
edamame22 0:29983394c6b6 108 }
edamame22 0:29983394c6b6 109 }
edamame22 0:29983394c6b6 110 }
edamame22 0:29983394c6b6 111
edamame22 0:29983394c6b6 112 void M2MConnectionSecurityPimpl::reset(){
edamame22 0:29983394c6b6 113 _init_done = false;
edamame22 0:29983394c6b6 114 cancelled = true;
edamame22 0:29983394c6b6 115 mbedtls_ssl_config_free(&_conf);
edamame22 0:29983394c6b6 116 mbedtls_ssl_free(&_ssl);
edamame22 0:29983394c6b6 117 mbedtls_x509_crt_free(&_cacert);
edamame22 0:29983394c6b6 118 mbedtls_x509_crt_free(&_owncert);
edamame22 0:29983394c6b6 119 mbedtls_pk_free(&_pkey);
edamame22 0:29983394c6b6 120 mbedtls_ctr_drbg_free( &_ctr_drbg );
edamame22 0:29983394c6b6 121 mbedtls_entropy_free( &_entropy );
edamame22 0:29983394c6b6 122 _timer->stop_timer();
edamame22 0:29983394c6b6 123 }
edamame22 0:29983394c6b6 124
edamame22 0:29983394c6b6 125 int M2MConnectionSecurityPimpl::init(const M2MSecurity *security)
edamame22 0:29983394c6b6 126 {
edamame22 0:29983394c6b6 127 tr_debug("M2MConnectionSecurityPimpl::init");
edamame22 0:29983394c6b6 128 int ret = -1;
edamame22 0:29983394c6b6 129 if (security != NULL) {
edamame22 0:29983394c6b6 130 const char *pers = "dtls_client";
edamame22 0:29983394c6b6 131 mbedtls_ssl_init( &_ssl );
edamame22 0:29983394c6b6 132 mbedtls_ssl_config_init( &_conf );
edamame22 0:29983394c6b6 133 mbedtls_x509_crt_init( &_cacert );
edamame22 0:29983394c6b6 134 mbedtls_x509_crt_init(&_owncert);
edamame22 0:29983394c6b6 135 mbedtls_pk_init(&_pkey);
edamame22 0:29983394c6b6 136 mbedtls_ctr_drbg_init( &_ctr_drbg );
edamame22 0:29983394c6b6 137 mbedtls_entropy_init( &_entropy );
edamame22 0:29983394c6b6 138
edamame22 0:29983394c6b6 139 int mode = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
edamame22 0:29983394c6b6 140 if( _sec_mode == M2MConnectionSecurity::TLS ){
edamame22 0:29983394c6b6 141 mode = MBEDTLS_SSL_TRANSPORT_STREAM;
edamame22 0:29983394c6b6 142 }
edamame22 0:29983394c6b6 143
edamame22 0:29983394c6b6 144 if( mbedtls_entropy_add_source( &_entropy, entropy_poll, NULL,
edamame22 0:29983394c6b6 145 128, 0 ) < 0 ){
edamame22 0:29983394c6b6 146 return -1;
edamame22 0:29983394c6b6 147 }
edamame22 0:29983394c6b6 148 if(__entropy_callback.entropy_source_ptr) {
edamame22 0:29983394c6b6 149 if( mbedtls_entropy_add_source( &_entropy, __entropy_callback.entropy_source_ptr,
edamame22 0:29983394c6b6 150 __entropy_callback.p_source,__entropy_callback.threshold,
edamame22 0:29983394c6b6 151 __entropy_callback.strong ) < 0 ){
edamame22 0:29983394c6b6 152 return -1;
edamame22 0:29983394c6b6 153 }
edamame22 0:29983394c6b6 154 }
edamame22 0:29983394c6b6 155
edamame22 0:29983394c6b6 156 if( mbedtls_ctr_drbg_seed( &_ctr_drbg, mbedtls_entropy_func, &_entropy,
edamame22 0:29983394c6b6 157 (const unsigned char *) pers,
edamame22 0:29983394c6b6 158 strlen( pers ) ) != 0 ) {
edamame22 0:29983394c6b6 159 return -1;
edamame22 0:29983394c6b6 160 }
edamame22 0:29983394c6b6 161
edamame22 0:29983394c6b6 162 if( mbedtls_ssl_config_defaults( &_conf,
edamame22 0:29983394c6b6 163 MBEDTLS_SSL_IS_CLIENT,
edamame22 0:29983394c6b6 164 mode, 0 ) != 0 ) {
edamame22 0:29983394c6b6 165 return -1;
edamame22 0:29983394c6b6 166 }
edamame22 0:29983394c6b6 167
edamame22 0:29983394c6b6 168 M2MSecurity::SecurityModeType cert_mode =
edamame22 0:29983394c6b6 169 (M2MSecurity::SecurityModeType)security->resource_value_int(M2MSecurity::SecurityMode);
edamame22 0:29983394c6b6 170
edamame22 0:29983394c6b6 171 // Note: these are relatively large buffers, no point to make copy of them here as mbedtls will make a copy of them.
edamame22 0:29983394c6b6 172 const uint8_t *srv_public_key = NULL;
edamame22 0:29983394c6b6 173 const uint8_t *public_key = NULL;
edamame22 0:29983394c6b6 174 const uint8_t *sec_key = NULL;
edamame22 0:29983394c6b6 175
edamame22 0:29983394c6b6 176 uint32_t srv_public_key_size = security->resource_value_buffer(M2MSecurity::ServerPublicKey, srv_public_key);
edamame22 0:29983394c6b6 177 uint32_t public_key_size = security->resource_value_buffer(M2MSecurity::PublicKey, public_key);
edamame22 0:29983394c6b6 178 uint32_t sec_key_size = security->resource_value_buffer(M2MSecurity::Secretkey, sec_key);
edamame22 0:29983394c6b6 179 if( srv_public_key == NULL || public_key == NULL || sec_key == NULL ||
edamame22 0:29983394c6b6 180 srv_public_key_size == 0 || public_key_size == 0 || sec_key_size == 0 ){
edamame22 0:29983394c6b6 181 return -1;
edamame22 0:29983394c6b6 182 }
edamame22 0:29983394c6b6 183
edamame22 0:29983394c6b6 184 if( cert_mode == M2MSecurity::Certificate ){
edamame22 0:29983394c6b6 185 if ( mbedtls_x509_crt_parse( &_cacert, (const unsigned char *) srv_public_key,
edamame22 0:29983394c6b6 186 srv_public_key_size + 1) < 0 ||
edamame22 0:29983394c6b6 187 mbedtls_x509_crt_parse( &_owncert, (const unsigned char *) public_key,
edamame22 0:29983394c6b6 188 public_key_size + 1) < 0 ||
edamame22 0:29983394c6b6 189 mbedtls_pk_parse_key(&_pkey, (const unsigned char *) sec_key,
edamame22 0:29983394c6b6 190 sec_key_size + 1, NULL, 0 ) < 0 ) {
edamame22 0:29983394c6b6 191 ret = -1;
edamame22 0:29983394c6b6 192 } else {
edamame22 0:29983394c6b6 193 ret = 0;
edamame22 0:29983394c6b6 194 }
edamame22 0:29983394c6b6 195
edamame22 0:29983394c6b6 196 if ( ret == 0 ) {
edamame22 0:29983394c6b6 197 mbedtls_ssl_conf_own_cert(&_conf, &_owncert, &_pkey);
edamame22 0:29983394c6b6 198 mbedtls_ssl_conf_authmode( &_conf, MBEDTLS_SSL_VERIFY_REQUIRED );
edamame22 0:29983394c6b6 199 mbedtls_ssl_conf_ca_chain( &_conf, &_cacert, NULL );
edamame22 0:29983394c6b6 200 }
edamame22 0:29983394c6b6 201
edamame22 0:29983394c6b6 202 } else if ( cert_mode == M2MSecurity::Psk ){
edamame22 0:29983394c6b6 203 if (mbedtls_ssl_conf_psk(&_conf, sec_key, sec_key_size, public_key, public_key_size) == 0) {
edamame22 0:29983394c6b6 204 ret = 0;
edamame22 0:29983394c6b6 205 }
edamame22 0:29983394c6b6 206 mbedtls_ssl_conf_ciphersuites(&_conf, PSK_SUITES);
edamame22 0:29983394c6b6 207 } else {
edamame22 0:29983394c6b6 208 ret = -1;
edamame22 0:29983394c6b6 209 }
edamame22 0:29983394c6b6 210
edamame22 0:29983394c6b6 211 #ifdef ENABLE_MBED_CLIENT_MBED_TLS_DEBUGS
edamame22 0:29983394c6b6 212 mbedtls_ssl_conf_dbg( &_conf, mbedtls_debug, stdout );
edamame22 0:29983394c6b6 213 mbedtls_debug_set_threshold(5);
edamame22 0:29983394c6b6 214 mbedtls_ssl_conf_verify(&_conf, verify_cert_chains, NULL);
edamame22 0:29983394c6b6 215 #endif
edamame22 0:29983394c6b6 216 }
edamame22 0:29983394c6b6 217
edamame22 0:29983394c6b6 218 if( ret == 0 ){
edamame22 0:29983394c6b6 219 _init_done = true;
edamame22 0:29983394c6b6 220 }
edamame22 0:29983394c6b6 221 tr_debug("M2MConnectionSecurityPimpl::init - ret %d", ret);
edamame22 0:29983394c6b6 222 return ret;
edamame22 0:29983394c6b6 223 }
edamame22 0:29983394c6b6 224
edamame22 0:29983394c6b6 225
edamame22 0:29983394c6b6 226 int M2MConnectionSecurityPimpl::start_handshake(){
edamame22 0:29983394c6b6 227 tr_debug("M2MConnectionSecurityPimpl::start_handshake");
edamame22 0:29983394c6b6 228 int ret = -1;
edamame22 0:29983394c6b6 229 do
edamame22 0:29983394c6b6 230 {
edamame22 0:29983394c6b6 231 ret = mbedtls_ssl_handshake( &_ssl );
edamame22 0:29983394c6b6 232 }
edamame22 0:29983394c6b6 233 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
edamame22 0:29983394c6b6 234 ret == MBEDTLS_ERR_SSL_WANT_WRITE);
edamame22 0:29983394c6b6 235
edamame22 0:29983394c6b6 236 if( ret != 0 ) {
edamame22 0:29983394c6b6 237 ret = -1;
edamame22 0:29983394c6b6 238 }else {
edamame22 0:29983394c6b6 239 if( ( _flags = mbedtls_ssl_get_verify_result( &_ssl ) ) != 0 ) {
edamame22 0:29983394c6b6 240 ret = -1;
edamame22 0:29983394c6b6 241 }
edamame22 0:29983394c6b6 242 }
edamame22 0:29983394c6b6 243 tr_debug("M2MConnectionSecurityPimpl::start_handshake - OUT");
edamame22 0:29983394c6b6 244 return ret;
edamame22 0:29983394c6b6 245 }
edamame22 0:29983394c6b6 246
edamame22 0:29983394c6b6 247 int M2MConnectionSecurityPimpl::connect(M2MConnectionHandler* connHandler){
edamame22 0:29983394c6b6 248
edamame22 0:29983394c6b6 249 tr_debug("M2MConnectionSecurityPimpl::connect");
edamame22 0:29983394c6b6 250 int ret=-1;
edamame22 0:29983394c6b6 251 if(!_init_done){
edamame22 0:29983394c6b6 252 return ret;
edamame22 0:29983394c6b6 253 }
edamame22 0:29983394c6b6 254
edamame22 0:29983394c6b6 255 mbedtls_ssl_conf_rng( &_conf, mbedtls_ctr_drbg_random, &_ctr_drbg );
edamame22 0:29983394c6b6 256
edamame22 0:29983394c6b6 257 if( ( ret = mbedtls_ssl_setup( &_ssl, &_conf ) ) != 0 ) {
edamame22 0:29983394c6b6 258 return -1;
edamame22 0:29983394c6b6 259 }
edamame22 0:29983394c6b6 260
edamame22 0:29983394c6b6 261 mbedtls_ssl_set_bio( &_ssl, connHandler,
edamame22 0:29983394c6b6 262 f_send, f_recv, f_recv_timeout );
edamame22 0:29983394c6b6 263
edamame22 0:29983394c6b6 264 mbedtls_ssl_set_timer_cb( &_ssl, _timer, mbedtls_timing_set_delay,
edamame22 0:29983394c6b6 265 mbedtls_timing_get_delay );
edamame22 0:29983394c6b6 266
edamame22 0:29983394c6b6 267 ret = start_handshake();
edamame22 0:29983394c6b6 268 _timer->stop_timer();
edamame22 0:29983394c6b6 269 tr_debug("M2MConnectionSecurityPimpl::connect - handshake ret: %d, ssl state: %d", ret, _ssl.state);
edamame22 0:29983394c6b6 270 return ret;
edamame22 0:29983394c6b6 271 }
edamame22 0:29983394c6b6 272
edamame22 0:29983394c6b6 273 int M2MConnectionSecurityPimpl::start_connecting_non_blocking(M2MConnectionHandler* connHandler)
edamame22 0:29983394c6b6 274 {
edamame22 0:29983394c6b6 275 tr_debug("M2MConnectionSecurityPimpl::start_connecting_non_blocking");
edamame22 0:29983394c6b6 276 int ret=-1;
edamame22 0:29983394c6b6 277 if(!_init_done){
edamame22 0:29983394c6b6 278 return ret;
edamame22 0:29983394c6b6 279 }
edamame22 0:29983394c6b6 280
edamame22 0:29983394c6b6 281 int mode = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
edamame22 0:29983394c6b6 282 if( _sec_mode == M2MConnectionSecurity::TLS ){
edamame22 0:29983394c6b6 283 mode = MBEDTLS_SSL_TRANSPORT_STREAM;
edamame22 0:29983394c6b6 284 }
edamame22 0:29983394c6b6 285
edamame22 0:29983394c6b6 286 if( ( ret = mbedtls_ssl_config_defaults( &_conf,
edamame22 0:29983394c6b6 287 MBEDTLS_SSL_IS_CLIENT,
edamame22 0:29983394c6b6 288 mode, 0 ) ) != 0 )
edamame22 0:29983394c6b6 289 {
edamame22 0:29983394c6b6 290 return -1;
edamame22 0:29983394c6b6 291 }
edamame22 0:29983394c6b6 292
edamame22 0:29983394c6b6 293 // This is for non-blocking sockets total timeout is 1+2+4+8+16+29=60 seconds
edamame22 0:29983394c6b6 294 mbedtls_ssl_conf_handshake_timeout( &_conf, 10000, 29000 );
edamame22 0:29983394c6b6 295 mbedtls_ssl_conf_rng( &_conf, mbedtls_ctr_drbg_random, &_ctr_drbg );
edamame22 0:29983394c6b6 296
edamame22 0:29983394c6b6 297 if( ( ret = mbedtls_ssl_setup( &_ssl, &_conf ) ) != 0 )
edamame22 0:29983394c6b6 298 {
edamame22 0:29983394c6b6 299 return -1;
edamame22 0:29983394c6b6 300 }
edamame22 0:29983394c6b6 301
edamame22 0:29983394c6b6 302 mbedtls_ssl_set_bio( &_ssl, connHandler,
edamame22 0:29983394c6b6 303 f_send, f_recv, f_recv_timeout );
edamame22 0:29983394c6b6 304
edamame22 0:29983394c6b6 305 mbedtls_ssl_set_timer_cb( &_ssl, _timer, mbedtls_timing_set_delay,
edamame22 0:29983394c6b6 306 mbedtls_timing_get_delay );
edamame22 0:29983394c6b6 307
edamame22 0:29983394c6b6 308 ret = mbedtls_ssl_handshake_step( &_ssl );
edamame22 0:29983394c6b6 309 if( ret == 0 ){
edamame22 0:29983394c6b6 310 ret = mbedtls_ssl_handshake_step( &_ssl );
edamame22 0:29983394c6b6 311 }
edamame22 0:29983394c6b6 312
edamame22 0:29983394c6b6 313 if( ret >= 0){
edamame22 0:29983394c6b6 314 ret = 1;
edamame22 0:29983394c6b6 315 } else {
edamame22 0:29983394c6b6 316 ret = -1;
edamame22 0:29983394c6b6 317 }
edamame22 0:29983394c6b6 318 tr_debug("M2MConnectionSecurityPimpl::start_connecting_non_blocking - handshake ret: %d, ssl state: %d", ret, _ssl.state);
edamame22 0:29983394c6b6 319 return ret;
edamame22 0:29983394c6b6 320 }
edamame22 0:29983394c6b6 321
edamame22 0:29983394c6b6 322 int M2MConnectionSecurityPimpl::continue_connecting()
edamame22 0:29983394c6b6 323 {
edamame22 0:29983394c6b6 324 tr_debug("M2MConnectionSecurityPimpl::continue_connecting");
edamame22 0:29983394c6b6 325 int ret=-1;
edamame22 0:29983394c6b6 326 while( ret != M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ ){
edamame22 0:29983394c6b6 327 ret = mbedtls_ssl_handshake_step( &_ssl );
edamame22 0:29983394c6b6 328 if( MBEDTLS_ERR_SSL_WANT_READ == ret ){
edamame22 0:29983394c6b6 329 ret = M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ;
edamame22 0:29983394c6b6 330 }
edamame22 0:29983394c6b6 331 else if (ret != 0) {
edamame22 0:29983394c6b6 332 break;
edamame22 0:29983394c6b6 333 }
edamame22 0:29983394c6b6 334
edamame22 0:29983394c6b6 335 if( _ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ){
edamame22 0:29983394c6b6 336 return 0;
edamame22 0:29983394c6b6 337 }
edamame22 0:29983394c6b6 338 }
edamame22 0:29983394c6b6 339 tr_debug("M2MConnectionSecurityPimpl::continue_connecting, ret: %d", ret);
edamame22 0:29983394c6b6 340 return ret;
edamame22 0:29983394c6b6 341 }
edamame22 0:29983394c6b6 342
edamame22 0:29983394c6b6 343 int M2MConnectionSecurityPimpl::send_message(unsigned char *message, int len){
edamame22 0:29983394c6b6 344 tr_debug("M2MConnectionSecurityPimpl::send_message");
edamame22 0:29983394c6b6 345 int ret=-1;
edamame22 0:29983394c6b6 346 if(!_init_done){
edamame22 0:29983394c6b6 347 return ret;
edamame22 0:29983394c6b6 348 }
edamame22 0:29983394c6b6 349
edamame22 0:29983394c6b6 350 do ret = mbedtls_ssl_write( &_ssl, (unsigned char *) message, len );
edamame22 0:29983394c6b6 351 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
edamame22 0:29983394c6b6 352 ret == MBEDTLS_ERR_SSL_WANT_WRITE );
edamame22 0:29983394c6b6 353
edamame22 0:29983394c6b6 354 tr_debug("M2MConnectionSecurityPimpl::send_message - ret: %d", ret);
edamame22 0:29983394c6b6 355 return ret; //bytes written
edamame22 0:29983394c6b6 356 }
edamame22 0:29983394c6b6 357
edamame22 0:29983394c6b6 358 int M2MConnectionSecurityPimpl::read(unsigned char* buffer, uint16_t len){
edamame22 0:29983394c6b6 359 int ret=-1;
edamame22 0:29983394c6b6 360 if(!_init_done){
edamame22 0:29983394c6b6 361 tr_error("M2MConnectionSecurityPimpl::read - init not done!");
edamame22 0:29983394c6b6 362 return ret;
edamame22 0:29983394c6b6 363 }
edamame22 0:29983394c6b6 364
edamame22 0:29983394c6b6 365 memset( buffer, 0, len );
edamame22 0:29983394c6b6 366 do ret = mbedtls_ssl_read( &_ssl, buffer, len-1 );
edamame22 0:29983394c6b6 367 while( ret == MBEDTLS_ERR_SSL_WANT_READ ||
edamame22 0:29983394c6b6 368 ret == MBEDTLS_ERR_SSL_WANT_WRITE );
edamame22 0:29983394c6b6 369
edamame22 0:29983394c6b6 370 return ret; //bytes read
edamame22 0:29983394c6b6 371 }
edamame22 0:29983394c6b6 372
edamame22 0:29983394c6b6 373 int f_send( void *ctx, const unsigned char *buf, size_t len){
edamame22 0:29983394c6b6 374 M2MConnectionHandler* handler = ((M2MConnectionHandler *) ctx);
edamame22 0:29983394c6b6 375 return handler->send_to_socket(buf, len);
edamame22 0:29983394c6b6 376 }
edamame22 0:29983394c6b6 377
edamame22 0:29983394c6b6 378 int f_recv(void *ctx, unsigned char *buf, size_t len){
edamame22 0:29983394c6b6 379 M2MConnectionHandler* handler = ((M2MConnectionHandler *) ctx);
edamame22 0:29983394c6b6 380 return handler->receive_from_socket(buf, len);
edamame22 0:29983394c6b6 381 }
edamame22 0:29983394c6b6 382
edamame22 0:29983394c6b6 383 int f_recv_timeout(void *ctx, unsigned char *buf, size_t len, uint32_t /*some*/){
edamame22 0:29983394c6b6 384 return f_recv(ctx, buf, len);
edamame22 0:29983394c6b6 385 }
edamame22 0:29983394c6b6 386
edamame22 0:29983394c6b6 387 int entropy_poll( void *, unsigned char *output, size_t len,
edamame22 0:29983394c6b6 388 size_t *olen )
edamame22 0:29983394c6b6 389 {
edamame22 0:29983394c6b6 390 uint32_t rdm = 0;
edamame22 0:29983394c6b6 391 if(__random_number_callback) {
edamame22 0:29983394c6b6 392 rdm = __random_number_callback();
edamame22 0:29983394c6b6 393 } else {
edamame22 0:29983394c6b6 394 rdm = time(NULL);
edamame22 0:29983394c6b6 395 }
edamame22 0:29983394c6b6 396 for(uint16_t i=0; i < len; i++){
edamame22 0:29983394c6b6 397 srand(rdm);
edamame22 0:29983394c6b6 398 output[i] = rand() % 256;
edamame22 0:29983394c6b6 399 }
edamame22 0:29983394c6b6 400 *olen = len;
edamame22 0:29983394c6b6 401
edamame22 0:29983394c6b6 402 return( 0 );
edamame22 0:29983394c6b6 403 }
edamame22 0:29983394c6b6 404
edamame22 0:29983394c6b6 405 void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ){
edamame22 0:29983394c6b6 406 tr_debug("mbedtls_timing_set_delay - intermediate: %d", int_ms);
edamame22 0:29983394c6b6 407 tr_debug("mbedtls_timing_set_delay - final: %d", fin_ms);
edamame22 0:29983394c6b6 408 M2MTimer* timer = static_cast<M2MTimer*> (data);
edamame22 0:29983394c6b6 409 if(!timer) {
edamame22 0:29983394c6b6 410 return;
edamame22 0:29983394c6b6 411 }
edamame22 0:29983394c6b6 412 if( int_ms > 0 && fin_ms > 0 ){
edamame22 0:29983394c6b6 413 tr_debug("mbedtls_timing_set_delay - start");
edamame22 0:29983394c6b6 414 cancelled = false;
edamame22 0:29983394c6b6 415 timer->stop_timer();
edamame22 0:29983394c6b6 416 timer->start_dtls_timer(int_ms, fin_ms);
edamame22 0:29983394c6b6 417 }else{
edamame22 0:29983394c6b6 418 tr_debug("mbedtls_timing_set_delay - stop");
edamame22 0:29983394c6b6 419 cancelled = true;
edamame22 0:29983394c6b6 420 timer->stop_timer();
edamame22 0:29983394c6b6 421 }
edamame22 0:29983394c6b6 422 }
edamame22 0:29983394c6b6 423
edamame22 0:29983394c6b6 424 int mbedtls_timing_get_delay( void *data ){
edamame22 0:29983394c6b6 425 tr_debug("mbedtls_timing_get_delay");
edamame22 0:29983394c6b6 426 M2MTimer* timer = static_cast<M2MTimer*> (data);
edamame22 0:29983394c6b6 427 if(!timer){
edamame22 0:29983394c6b6 428 return 0;
edamame22 0:29983394c6b6 429 }
edamame22 0:29983394c6b6 430 if(true == cancelled) {
edamame22 0:29983394c6b6 431 tr_debug("mbedtls_timing_get_delay - ret -1");
edamame22 0:29983394c6b6 432 return -1;
edamame22 0:29983394c6b6 433 } else if( timer->is_total_interval_passed() ){
edamame22 0:29983394c6b6 434 tr_debug("mbedtls_timing_get_delay - ret 2");
edamame22 0:29983394c6b6 435 return 2;
edamame22 0:29983394c6b6 436 }else if( timer->is_intermediate_interval_passed() ){
edamame22 0:29983394c6b6 437 tr_debug("mbedtls_timing_get_delay - ret 1");
edamame22 0:29983394c6b6 438 return 1;
edamame22 0:29983394c6b6 439 }else{
edamame22 0:29983394c6b6 440 tr_debug("mbedtls_timing_get_delay - ret 0");
edamame22 0:29983394c6b6 441 return 0;
edamame22 0:29983394c6b6 442 }
edamame22 0:29983394c6b6 443 }
edamame22 0:29983394c6b6 444
edamame22 0:29983394c6b6 445 void M2MConnectionSecurityPimpl::set_random_number_callback(random_number_cb callback)
edamame22 0:29983394c6b6 446 {
edamame22 0:29983394c6b6 447 __random_number_callback = callback;
edamame22 0:29983394c6b6 448 }
edamame22 0:29983394c6b6 449
edamame22 0:29983394c6b6 450 void M2MConnectionSecurityPimpl::set_entropy_callback(entropy_cb callback)
edamame22 0:29983394c6b6 451 {
edamame22 0:29983394c6b6 452 __entropy_callback = callback;
edamame22 0:29983394c6b6 453 }
edamame22 0:29983394c6b6 454