Michael Ansolis / TLS_cyassl

A fork of the TLS_cyassl embedded SSL library with certificate validation disabled.

Dependencies:   cyassl-lib

Fork of TLS_cyassl by Francois Berder

TLSConnection.cpp@7:5c1e73469291, 2015-01-24 (annotated)

Committer:
glbast
Date:
Sat Jan 24 00:30:50 2015 +0000
Revision:
7:5c1e73469291
Parent:
3:0e5471a26490 
Disabled SSL certificate checking.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
feb11 0:815067fd66c9 1 #include "TLSConnection.h"
feb11 0:815067fd66c9 2 #include <stdlib.h>
feb11 0:815067fd66c9 3 #include <stdio.h>
feb11 0:815067fd66c9 4 #include "cert.h"
feb11 2:63ad554f6ca4 5 #include <string.h>
feb11 0:815067fd66c9 6
feb11 2:63ad554f6ca4 7 static int receiveFunc(CYASSL* ssl, char *buf, int sz, void *ctx)
feb11 2:63ad554f6ca4 8 {
feb11 2:63ad554f6ca4 9 int fd = *(int*)ctx;
feb11 2:63ad554f6ca4 10 fd_set rfds;
feb11 2:63ad554f6ca4 11 FD_ZERO(&rfds);
feb11 2:63ad554f6ca4 12 FD_SET(fd, &rfds);
feb11 2:63ad554f6ca4 13
feb11 2:63ad554f6ca4 14 if (lwip_select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0)
feb11 2:63ad554f6ca4 15 return -1;
feb11 2:63ad554f6ca4 16
feb11 2:63ad554f6ca4 17 return lwip_recv(fd, buf, sz, 0);
feb11 2:63ad554f6ca4 18 }
feb11 2:63ad554f6ca4 19
feb11 2:63ad554f6ca4 20 static int sendFunc(CYASSL* ssl, char *buf, int sz, void *ctx)
feb11 2:63ad554f6ca4 21 {
feb11 2:63ad554f6ca4 22 int fd = *(int*)ctx;
feb11 2:63ad554f6ca4 23 fd_set wfds;
feb11 2:63ad554f6ca4 24 FD_ZERO(&wfds);
feb11 2:63ad554f6ca4 25 FD_SET(fd, &wfds);
feb11 2:63ad554f6ca4 26
feb11 2:63ad554f6ca4 27 if (lwip_select(FD_SETSIZE, NULL, &wfds, NULL, NULL) < 0)
feb11 2:63ad554f6ca4 28 return -1;
feb11 2:63ad554f6ca4 29
feb11 2:63ad554f6ca4 30 return lwip_send(fd, buf, sz, 0);
feb11 2:63ad554f6ca4 31 }
feb11 1:9494492e9bf7 32
feb11 0:815067fd66c9 33 const static int HTTPS_PORT = 443;
feb11 0:815067fd66c9 34
feb11 0:815067fd66c9 35 TLSConnection::TLSConnection():
feb11 0:815067fd66c9 36 Socket(),
feb11 0:815067fd66c9 37 Endpoint(),
feb11 0:815067fd66c9 38 _is_connected(false),
feb11 0:815067fd66c9 39 _ssl_ctx(),
feb11 0:815067fd66c9 40 _ssl()
feb11 0:815067fd66c9 41 {
feb11 0:815067fd66c9 42 }
feb11 0:815067fd66c9 43
feb11 0:815067fd66c9 44
feb11 0:815067fd66c9 45 bool TLSConnection::connect(const char *host)
feb11 0:815067fd66c9 46 {
feb11 0:815067fd66c9 47 if (init_socket(SOCK_STREAM) < 0)
feb11 0:815067fd66c9 48 return false;
feb11 0:815067fd66c9 49
feb11 0:815067fd66c9 50 if (set_address(host, HTTPS_PORT) != 0)
feb11 0:815067fd66c9 51 return false;
feb11 0:815067fd66c9 52
feb11 0:815067fd66c9 53 if (lwip_connect(_sock_fd, (const struct sockaddr *) &_remoteHost, sizeof(_remoteHost)) < 0) {
feb11 0:815067fd66c9 54 close();
feb11 0:815067fd66c9 55 return false;
feb11 0:815067fd66c9 56 }
feb11 1:9494492e9bf7 57
feb11 0:815067fd66c9 58 CyaSSL_Init();
feb11 2:63ad554f6ca4 59
feb11 0:815067fd66c9 60 CYASSL_METHOD* method = CyaTLSv1_2_client_method();
feb11 1:9494492e9bf7 61 if(method == NULL)
feb11 0:815067fd66c9 62 {
feb11 0:815067fd66c9 63 return false;
feb11 0:815067fd66c9 64 }
feb11 1:9494492e9bf7 65
feb11 0:815067fd66c9 66 _ssl_ctx = CyaSSL_CTX_new(method);
feb11 0:815067fd66c9 67 if(_ssl_ctx == NULL)
feb11 0:815067fd66c9 68 {
feb11 0:815067fd66c9 69 return false;
glbast 7:5c1e73469291 70 }
glbast 7:5c1e73469291 71 CyaSSL_CTX_set_verify(_ssl_ctx, SSL_VERIFY_NONE, 0);
feb11 2:63ad554f6ca4 72 CyaSSL_SetIOSend(_ssl_ctx, &sendFunc);
feb11 2:63ad554f6ca4 73 CyaSSL_SetIORecv(_ssl_ctx, &receiveFunc);
feb11 0:815067fd66c9 74 CyaSSL_CTX_load_verify_buffer(_ssl_ctx,(unsigned char*)root_cert, root_cert_len,SSL_FILETYPE_ASN1);
feb11 1:9494492e9bf7 75
feb11 0:815067fd66c9 76 _ssl = CyaSSL_new(_ssl_ctx);
feb11 0:815067fd66c9 77 if(_ssl == NULL)
feb11 0:815067fd66c9 78 {
feb11 0:815067fd66c9 79 return false;
feb11 0:815067fd66c9 80 }
feb11 0:815067fd66c9 81 CyaSSL_set_fd(_ssl, _sock_fd);
feb11 0:815067fd66c9 82
feb11 0:815067fd66c9 83 int result = CyaSSL_connect(_ssl);
feb11 0:815067fd66c9 84 if(result!=SSL_SUCCESS)
feb11 0:815067fd66c9 85 {
feb11 2:63ad554f6ca4 86 printf("error=%d\n", result);
feb11 0:815067fd66c9 87 return false;
feb11 0:815067fd66c9 88 }
feb11 0:815067fd66c9 89
feb11 0:815067fd66c9 90 _is_connected = true;
feb11 0:815067fd66c9 91
feb11 0:815067fd66c9 92 return true;
feb11 0:815067fd66c9 93 }
feb11 0:815067fd66c9 94
feb11 0:815067fd66c9 95 bool TLSConnection::is_connected(void)
feb11 0:815067fd66c9 96 {
feb11 0:815067fd66c9 97 return _is_connected;
feb11 0:815067fd66c9 98 }
feb11 0:815067fd66c9 99
feb11 0:815067fd66c9 100 int TLSConnection::send_all(char *data, int length)
feb11 0:815067fd66c9 101 {
feb11 1:9494492e9bf7 102 if(!_is_connected)
feb11 1:9494492e9bf7 103 return 0;
feb11 1:9494492e9bf7 104
feb11 1:9494492e9bf7 105 return CyaSSL_write(_ssl, data, length);
feb11 0:815067fd66c9 106 }
feb11 0:815067fd66c9 107
feb11 0:815067fd66c9 108 int TLSConnection::receive(char *data, int length)
feb11 0:815067fd66c9 109 {
feb11 1:9494492e9bf7 110 if(!_is_connected)
feb11 1:9494492e9bf7 111 return 0;
feb11 1:9494492e9bf7 112
feb11 1:9494492e9bf7 113 return CyaSSL_read(_ssl, data, length);
feb11 0:815067fd66c9 114 }
feb11 0:815067fd66c9 115
feb11 0:815067fd66c9 116 bool TLSConnection::close(bool shutdown)
feb11 0:815067fd66c9 117 {
feb11 0:815067fd66c9 118 if(!_is_connected)
feb11 0:815067fd66c9 119 return true;
feb11 0:815067fd66c9 120
feb11 0:815067fd66c9 121 _is_connected = false;
feb11 0:815067fd66c9 122
glbast 7:5c1e73469291 123 CyaSSL_free(_ssl);
feb11 0:815067fd66c9 124 CyaSSL_CTX_free(_ssl_ctx);
glbast 7:5c1e73469291 125 CyaSSL_Cleanup();
feb11 0:815067fd66c9 126
feb11 0:815067fd66c9 127 return Socket::close(shutdown) == 0;
feb11 0:815067fd66c9 128 }
feb11 0:815067fd66c9 129