client-lwip-lightswitch-demo-expanded - mbed client lightswitch demo

Users » mbedAustin » Code » client-lwip-lightswitch-demo-expanded

Austin Blackstone / Mbed 2 deprecated client-lwip-lightswitch-demo-expanded

mbed client lightswitch demo

Dependencies: mbed Socket lwip-eth lwip-sys lwip

Fork of mbed-client-classic-example-lwip by Austin Blackstone

mbed-client-mbedtls/source/m2mconnectionsecuritypimpl.cpp@11:cada08fc8a70, 2016-06-09 (annotated)

Committer:: mbedAustin
Date:: Thu Jun 09 17:08:36 2016 +0000
Revision:: 11:cada08fc8a70

Commit for public Consumption

Who changed what in which revision?

User	Revision	Line number	New contents of line
mbedAustin	11:cada08fc8a70	1	/*
mbedAustin	11:cada08fc8a70	2	* Copyright (c) 2015 ARM Limited. All rights reserved.
mbedAustin	11:cada08fc8a70	3	* SPDX-License-Identifier: Apache-2.0
mbedAustin	11:cada08fc8a70	4	* Licensed under the Apache License, Version 2.0 (the License); you may
mbedAustin	11:cada08fc8a70	5	* not use this file except in compliance with the License.
mbedAustin	11:cada08fc8a70	6	* You may obtain a copy of the License at
mbedAustin	11:cada08fc8a70	7	*
mbedAustin	11:cada08fc8a70	8	* http://www.apache.org/licenses/LICENSE-2.0
mbedAustin	11:cada08fc8a70	9	*
mbedAustin	11:cada08fc8a70	10	* Unless required by applicable law or agreed to in writing, software
mbedAustin	11:cada08fc8a70	11	* distributed under the License is distributed on an AS IS BASIS, WITHOUT
mbedAustin	11:cada08fc8a70	12	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mbedAustin	11:cada08fc8a70	13	* See the License for the specific language governing permissions and
mbedAustin	11:cada08fc8a70	14	* limitations under the License.
mbedAustin	11:cada08fc8a70	15	*/
mbedAustin	11:cada08fc8a70	16
mbedAustin	11:cada08fc8a70	17	#include "mbed-client/m2mconnectionhandler.h"
mbedAustin	11:cada08fc8a70	18	#include "mbed-client-mbedtls/m2mconnectionsecuritypimpl.h"
mbedAustin	11:cada08fc8a70	19	#include "mbed-client/m2mtimer.h"
mbedAustin	11:cada08fc8a70	20	#include "mbed-client/m2msecurity.h"
mbedAustin	11:cada08fc8a70	21	#include <string.h>
mbedAustin	11:cada08fc8a70	22
mbedAustin	11:cada08fc8a70	23	void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
mbedAustin	11:cada08fc8a70	24	int mbedtls_timing_get_delay( void *data );
mbedAustin	11:cada08fc8a70	25	int entropy_poll( void data, unsigned char output, size_t len, size_t *olen );
mbedAustin	11:cada08fc8a70	26	//Point these back to M2MConnectionHandler!!!
mbedAustin	11:cada08fc8a70	27	int f_send( void ctx, const unsigned char buf, size_t len );
mbedAustin	11:cada08fc8a70	28	int f_recv(void ctx, unsigned char buf, size_t len);
mbedAustin	11:cada08fc8a70	29	int f_recv_timeout(void ctx, unsigned char buf, size_t len, uint32_t some);
mbedAustin	11:cada08fc8a70	30
mbedAustin	11:cada08fc8a70	31	bool cancelled;
mbedAustin	11:cada08fc8a70	32
mbedAustin	11:cada08fc8a70	33	M2MConnectionSecurityPimpl::M2MConnectionSecurityPimpl(M2MConnectionSecurity::SecurityMode mode)
mbedAustin	11:cada08fc8a70	34	: _flags(0),
mbedAustin	11:cada08fc8a70	35	_sec_mode(mode),
mbedAustin	11:cada08fc8a70	36	_is_blocking(false)
mbedAustin	11:cada08fc8a70	37	{
mbedAustin	11:cada08fc8a70	38	_init_done = false;
mbedAustin	11:cada08fc8a70	39	cancelled = true;
mbedAustin	11:cada08fc8a70	40	_timmer = new M2MTimer(*this);
mbedAustin	11:cada08fc8a70	41	mbedtls_ssl_init( &_ssl );
mbedAustin	11:cada08fc8a70	42	mbedtls_ssl_config_init( &_conf );
mbedAustin	11:cada08fc8a70	43	mbedtls_x509_crt_init( &_cacert );
mbedAustin	11:cada08fc8a70	44	mbedtls_x509_crt_init(&_owncert);
mbedAustin	11:cada08fc8a70	45	mbedtls_pk_init(&_pkey);
mbedAustin	11:cada08fc8a70	46	mbedtls_ctr_drbg_init( &_ctr_drbg );
mbedAustin	11:cada08fc8a70	47	mbedtls_entropy_init( &_entropy );
mbedAustin	11:cada08fc8a70	48	}
mbedAustin	11:cada08fc8a70	49
mbedAustin	11:cada08fc8a70	50	M2MConnectionSecurityPimpl::~M2MConnectionSecurityPimpl(){
mbedAustin	11:cada08fc8a70	51	mbedtls_ssl_config_free(&_conf);
mbedAustin	11:cada08fc8a70	52	mbedtls_ssl_free(&_ssl);
mbedAustin	11:cada08fc8a70	53	mbedtls_x509_crt_free(&_cacert);
mbedAustin	11:cada08fc8a70	54	mbedtls_x509_crt_free(&_owncert);
mbedAustin	11:cada08fc8a70	55	mbedtls_pk_free(&_pkey);
mbedAustin	11:cada08fc8a70	56	mbedtls_ctr_drbg_free( &_ctr_drbg );
mbedAustin	11:cada08fc8a70	57	mbedtls_entropy_free( &_entropy );
mbedAustin	11:cada08fc8a70	58	delete _timmer;
mbedAustin	11:cada08fc8a70	59	}
mbedAustin	11:cada08fc8a70	60
mbedAustin	11:cada08fc8a70	61	void M2MConnectionSecurityPimpl::timer_expired(M2MTimerObserver::Type type){
mbedAustin	11:cada08fc8a70	62	if(type == M2MTimerObserver::Dtls && !cancelled && !_is_blocking){
mbedAustin	11:cada08fc8a70	63	int error = continue_connecting();
mbedAustin	11:cada08fc8a70	64	if(MBEDTLS_ERR_SSL_TIMEOUT == error) {
mbedAustin	11:cada08fc8a70	65	if(_ssl.p_bio) {
mbedAustin	11:cada08fc8a70	66	M2MConnectionHandler* ptr = (M2MConnectionHandler*)_ssl.p_bio;
mbedAustin	11:cada08fc8a70	67	ptr->handle_connection_error(4);
mbedAustin	11:cada08fc8a70	68	}
mbedAustin	11:cada08fc8a70	69	}
mbedAustin	11:cada08fc8a70	70	} else {
mbedAustin	11:cada08fc8a70	71	if(_ssl.p_bio) {
mbedAustin	11:cada08fc8a70	72	M2MConnectionHandler* ptr = (M2MConnectionHandler*)_ssl.p_bio;
mbedAustin	11:cada08fc8a70	73	ptr->handle_connection_error(4);
mbedAustin	11:cada08fc8a70	74	}
mbedAustin	11:cada08fc8a70	75	}
mbedAustin	11:cada08fc8a70	76	}
mbedAustin	11:cada08fc8a70	77
mbedAustin	11:cada08fc8a70	78	void M2MConnectionSecurityPimpl::reset(){
mbedAustin	11:cada08fc8a70	79	_init_done = false;
mbedAustin	11:cada08fc8a70	80	cancelled = true;
mbedAustin	11:cada08fc8a70	81	mbedtls_ssl_config_free(&_conf);
mbedAustin	11:cada08fc8a70	82	mbedtls_ssl_free(&_ssl);
mbedAustin	11:cada08fc8a70	83	mbedtls_x509_crt_free(&_cacert);
mbedAustin	11:cada08fc8a70	84	mbedtls_x509_crt_free(&_owncert);
mbedAustin	11:cada08fc8a70	85	mbedtls_pk_free(&_pkey);
mbedAustin	11:cada08fc8a70	86	mbedtls_ctr_drbg_free( &_ctr_drbg );
mbedAustin	11:cada08fc8a70	87	mbedtls_entropy_free( &_entropy );
mbedAustin	11:cada08fc8a70	88	_timmer->stop_timer();
mbedAustin	11:cada08fc8a70	89	}
mbedAustin	11:cada08fc8a70	90
mbedAustin	11:cada08fc8a70	91	int M2MConnectionSecurityPimpl::init(const M2MSecurity *security){
mbedAustin	11:cada08fc8a70	92	int ret=-1;
mbedAustin	11:cada08fc8a70	93	if( security != NULL ){
mbedAustin	11:cada08fc8a70	94	const char *pers = "dtls_client";
mbedAustin	11:cada08fc8a70	95	mbedtls_ssl_init( &_ssl );
mbedAustin	11:cada08fc8a70	96	mbedtls_ssl_config_init( &_conf );
mbedAustin	11:cada08fc8a70	97	mbedtls_x509_crt_init( &_cacert );
mbedAustin	11:cada08fc8a70	98	mbedtls_x509_crt_init(&_owncert);
mbedAustin	11:cada08fc8a70	99	mbedtls_pk_init(&_pkey);
mbedAustin	11:cada08fc8a70	100	mbedtls_ctr_drbg_init( &_ctr_drbg );
mbedAustin	11:cada08fc8a70	101
mbedAustin	11:cada08fc8a70	102	mbedtls_entropy_init( &_entropy );
mbedAustin	11:cada08fc8a70	103
mbedAustin	11:cada08fc8a70	104	uint8_t *serPub = 0;
mbedAustin	11:cada08fc8a70	105	uint32_t serPubSize = security->resource_value_buffer(M2MSecurity::ServerPublicKey, serPub);
mbedAustin	11:cada08fc8a70	106
mbedAustin	11:cada08fc8a70	107	uint8_t *pubCert = 0;
mbedAustin	11:cada08fc8a70	108	uint32_t pubCertSize = security->resource_value_buffer(M2MSecurity::PublicKey, pubCert);
mbedAustin	11:cada08fc8a70	109
mbedAustin	11:cada08fc8a70	110	uint8_t *secKey = 0;
mbedAustin	11:cada08fc8a70	111	uint32_t secKeySize = security->resource_value_buffer(M2MSecurity::Secretkey, secKey);
mbedAustin	11:cada08fc8a70	112
mbedAustin	11:cada08fc8a70	113
mbedAustin	11:cada08fc8a70	114	if( serPub == NULL \|\| pubCert == NULL \|\| secKey == NULL \|\|
mbedAustin	11:cada08fc8a70	115	serPubSize == 0 \|\| pubCertSize == 0 \|\| secKeySize == 0 ){
mbedAustin	11:cada08fc8a70	116	return -1;
mbedAustin	11:cada08fc8a70	117	}
mbedAustin	11:cada08fc8a70	118
mbedAustin	11:cada08fc8a70	119
mbedAustin	11:cada08fc8a70	120	if( mbedtls_entropy_add_source( &_entropy, entropy_poll, NULL,
mbedAustin	11:cada08fc8a70	121	128, 0 ) < 0 ){
mbedAustin	11:cada08fc8a70	122	free(serPub);
mbedAustin	11:cada08fc8a70	123	free(pubCert);
mbedAustin	11:cada08fc8a70	124	free(secKey);
mbedAustin	11:cada08fc8a70	125	return -1;
mbedAustin	11:cada08fc8a70	126	}
mbedAustin	11:cada08fc8a70	127
mbedAustin	11:cada08fc8a70	128	if( ( ret = mbedtls_ctr_drbg_seed( &_ctr_drbg, mbedtls_entropy_func, &_entropy,
mbedAustin	11:cada08fc8a70	129	(const unsigned char *) pers,
mbedAustin	11:cada08fc8a70	130	strlen( pers ) ) ) != 0 )
mbedAustin	11:cada08fc8a70	131	{
mbedAustin	11:cada08fc8a70	132	free(serPub);
mbedAustin	11:cada08fc8a70	133	free(pubCert);
mbedAustin	11:cada08fc8a70	134	free(secKey);
mbedAustin	11:cada08fc8a70	135	return -1;
mbedAustin	11:cada08fc8a70	136	}
mbedAustin	11:cada08fc8a70	137
mbedAustin	11:cada08fc8a70	138	int mode = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
mbedAustin	11:cada08fc8a70	139	if( _sec_mode == M2MConnectionSecurity::TLS ){
mbedAustin	11:cada08fc8a70	140	mode = MBEDTLS_SSL_TRANSPORT_STREAM;
mbedAustin	11:cada08fc8a70	141	}
mbedAustin	11:cada08fc8a70	142
mbedAustin	11:cada08fc8a70	143	if( ( ret = mbedtls_ssl_config_defaults( &_conf,
mbedAustin	11:cada08fc8a70	144	MBEDTLS_SSL_IS_CLIENT,
mbedAustin	11:cada08fc8a70	145	mode, 0 ) ) != 0 )
mbedAustin	11:cada08fc8a70	146	{
mbedAustin	11:cada08fc8a70	147	free(serPub);
mbedAustin	11:cada08fc8a70	148	free(pubCert);
mbedAustin	11:cada08fc8a70	149	free(secKey);
mbedAustin	11:cada08fc8a70	150	return -1;
mbedAustin	11:cada08fc8a70	151	}
mbedAustin	11:cada08fc8a70	152
mbedAustin	11:cada08fc8a70	153	if( security->resource_value_int(M2MSecurity::SecurityMode) == M2MSecurity::Certificate ){
mbedAustin	11:cada08fc8a70	154
mbedAustin	11:cada08fc8a70	155	ret = mbedtls_x509_crt_parse( &_cacert, (const unsigned char *) serPub,
mbedAustin	11:cada08fc8a70	156	serPubSize );
mbedAustin	11:cada08fc8a70	157	if( ret < 0 )
mbedAustin	11:cada08fc8a70	158	{
mbedAustin	11:cada08fc8a70	159	free(serPub);
mbedAustin	11:cada08fc8a70	160	free(pubCert);
mbedAustin	11:cada08fc8a70	161	free(secKey);
mbedAustin	11:cada08fc8a70	162	return -1;
mbedAustin	11:cada08fc8a70	163	}
mbedAustin	11:cada08fc8a70	164
mbedAustin	11:cada08fc8a70	165	ret = mbedtls_x509_crt_parse( &_owncert, (const unsigned char *) pubCert,
mbedAustin	11:cada08fc8a70	166	pubCertSize );
mbedAustin	11:cada08fc8a70	167	if( ret < 0 )
mbedAustin	11:cada08fc8a70	168	{
mbedAustin	11:cada08fc8a70	169
mbedAustin	11:cada08fc8a70	170	free(serPub);
mbedAustin	11:cada08fc8a70	171	free(pubCert);
mbedAustin	11:cada08fc8a70	172	free(secKey);
mbedAustin	11:cada08fc8a70	173	return -1;
mbedAustin	11:cada08fc8a70	174	}
mbedAustin	11:cada08fc8a70	175
mbedAustin	11:cada08fc8a70	176	ret = mbedtls_pk_parse_key(&_pkey, (const unsigned char *) secKey, secKeySize, NULL, 0);
mbedAustin	11:cada08fc8a70	177	free(serPub);
mbedAustin	11:cada08fc8a70	178	free(pubCert);
mbedAustin	11:cada08fc8a70	179	free(secKey);
mbedAustin	11:cada08fc8a70	180
mbedAustin	11:cada08fc8a70	181	if( ret < 0 )
mbedAustin	11:cada08fc8a70	182	{
mbedAustin	11:cada08fc8a70	183	return -1;
mbedAustin	11:cada08fc8a70	184	}
mbedAustin	11:cada08fc8a70	185
mbedAustin	11:cada08fc8a70	186	mbedtls_ssl_conf_own_cert(&_conf, &_owncert, &_pkey);
mbedAustin	11:cada08fc8a70	187	//TODO: use MBEDTLS_SSL_VERIFY_REQUIRED instead of optional
mbedAustin	11:cada08fc8a70	188	//MBEDTLS_SSL_VERIFY_NONE to test without verification (was MBEDTLS_SSL_VERIFY_OPTIONAL)
mbedAustin	11:cada08fc8a70	189	mbedtls_ssl_conf_authmode( &_conf, MBEDTLS_SSL_VERIFY_NONE );
mbedAustin	11:cada08fc8a70	190	mbedtls_ssl_conf_ca_chain( &_conf, &_cacert, NULL );
mbedAustin	11:cada08fc8a70	191	}else if(security->resource_value_int(M2MSecurity::SecurityMode) == M2MSecurity::Psk ){
mbedAustin	11:cada08fc8a70	192	ret = mbedtls_ssl_conf_psk(&_conf, secKey, secKeySize, pubCert, pubCertSize);
mbedAustin	11:cada08fc8a70	193	mbedtls_ssl_conf_ciphersuites(&_conf, PSK_SUITES);
mbedAustin	11:cada08fc8a70	194	free(serPub);
mbedAustin	11:cada08fc8a70	195	free(pubCert);
mbedAustin	11:cada08fc8a70	196	free(secKey);
mbedAustin	11:cada08fc8a70	197	}else{
mbedAustin	11:cada08fc8a70	198	free(serPub);
mbedAustin	11:cada08fc8a70	199	free(pubCert);
mbedAustin	11:cada08fc8a70	200	free(secKey);
mbedAustin	11:cada08fc8a70	201	}
mbedAustin	11:cada08fc8a70	202
mbedAustin	11:cada08fc8a70	203	if( ret >= 0 ){
mbedAustin	11:cada08fc8a70	204	_init_done = true;
mbedAustin	11:cada08fc8a70	205	}
mbedAustin	11:cada08fc8a70	206	}
mbedAustin	11:cada08fc8a70	207
mbedAustin	11:cada08fc8a70	208	return ret;
mbedAustin	11:cada08fc8a70	209	}
mbedAustin	11:cada08fc8a70	210
mbedAustin	11:cada08fc8a70	211	int M2MConnectionSecurityPimpl::connect(M2MConnectionHandler* connHandler){
mbedAustin	11:cada08fc8a70	212	int ret=-1;
mbedAustin	11:cada08fc8a70	213	if(!_init_done){
mbedAustin	11:cada08fc8a70	214	return ret;
mbedAustin	11:cada08fc8a70	215	}
mbedAustin	11:cada08fc8a70	216
mbedAustin	11:cada08fc8a70	217	_is_blocking = true;
mbedAustin	11:cada08fc8a70	218
mbedAustin	11:cada08fc8a70	219	// This is for blocking sockets timeout happens once at 60 seconds
mbedAustin	11:cada08fc8a70	220	mbedtls_ssl_conf_handshake_timeout( &_conf, 60000, 61000 );
mbedAustin	11:cada08fc8a70	221	mbedtls_ssl_conf_rng( &_conf, mbedtls_ctr_drbg_random, &_ctr_drbg );
mbedAustin	11:cada08fc8a70	222
mbedAustin	11:cada08fc8a70	223	if( ( ret = mbedtls_ssl_setup( &_ssl, &_conf ) ) != 0 )
mbedAustin	11:cada08fc8a70	224	{
mbedAustin	11:cada08fc8a70	225	return -1;
mbedAustin	11:cada08fc8a70	226	}
mbedAustin	11:cada08fc8a70	227
mbedAustin	11:cada08fc8a70	228	//TODO: check is this needed
mbedAustin	11:cada08fc8a70	229	// if( ( ret = mbedtls_ssl_set_hostname( &_ssl, "linux-secure-endpoint" ) ) != 0 )
mbedAustin	11:cada08fc8a70	230	// {
mbedAustin	11:cada08fc8a70	231	// return -1;
mbedAustin	11:cada08fc8a70	232	// }
mbedAustin	11:cada08fc8a70	233
mbedAustin	11:cada08fc8a70	234	mbedtls_ssl_set_bio( &_ssl, connHandler,
mbedAustin	11:cada08fc8a70	235	f_send, f_recv, f_recv_timeout );
mbedAustin	11:cada08fc8a70	236
mbedAustin	11:cada08fc8a70	237	mbedtls_ssl_set_timer_cb( &_ssl, _timmer, mbedtls_timing_set_delay,
mbedAustin	11:cada08fc8a70	238	mbedtls_timing_get_delay );
mbedAustin	11:cada08fc8a70	239
mbedAustin	11:cada08fc8a70	240	do ret = mbedtls_ssl_handshake( &_ssl );
mbedAustin	11:cada08fc8a70	241	while( ret == MBEDTLS_ERR_SSL_WANT_READ \|\|
mbedAustin	11:cada08fc8a70	242	ret == MBEDTLS_ERR_SSL_WANT_WRITE );
mbedAustin	11:cada08fc8a70	243
mbedAustin	11:cada08fc8a70	244	if( ret != 0 )
mbedAustin	11:cada08fc8a70	245	{
mbedAustin	11:cada08fc8a70	246	ret = -1;
mbedAustin	11:cada08fc8a70	247	}else{
mbedAustin	11:cada08fc8a70	248	if( ( _flags = mbedtls_ssl_get_verify_result( &_ssl ) ) != 0 )
mbedAustin	11:cada08fc8a70	249	{
mbedAustin	11:cada08fc8a70	250	ret = -1;
mbedAustin	11:cada08fc8a70	251	}
mbedAustin	11:cada08fc8a70	252	}
mbedAustin	11:cada08fc8a70	253	return ret;
mbedAustin	11:cada08fc8a70	254	}
mbedAustin	11:cada08fc8a70	255
mbedAustin	11:cada08fc8a70	256	int M2MConnectionSecurityPimpl::start_connecting_non_blocking(M2MConnectionHandler* connHandler)
mbedAustin	11:cada08fc8a70	257	{
mbedAustin	11:cada08fc8a70	258	int ret=-1;
mbedAustin	11:cada08fc8a70	259	if(!_init_done){
mbedAustin	11:cada08fc8a70	260	return ret;
mbedAustin	11:cada08fc8a70	261	}
mbedAustin	11:cada08fc8a70	262
mbedAustin	11:cada08fc8a70	263	_is_blocking = false;
mbedAustin	11:cada08fc8a70	264	int mode = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
mbedAustin	11:cada08fc8a70	265	if( _sec_mode == M2MConnectionSecurity::TLS ){
mbedAustin	11:cada08fc8a70	266	mode = MBEDTLS_SSL_TRANSPORT_STREAM;
mbedAustin	11:cada08fc8a70	267	}
mbedAustin	11:cada08fc8a70	268
mbedAustin	11:cada08fc8a70	269	if( ( ret = mbedtls_ssl_config_defaults( &_conf,
mbedAustin	11:cada08fc8a70	270	MBEDTLS_SSL_IS_CLIENT,
mbedAustin	11:cada08fc8a70	271	mode, 0 ) ) != 0 )
mbedAustin	11:cada08fc8a70	272	{
mbedAustin	11:cada08fc8a70	273	return -1;
mbedAustin	11:cada08fc8a70	274	}
mbedAustin	11:cada08fc8a70	275
mbedAustin	11:cada08fc8a70	276	// This is for non-blocking sockets total timeout is 1+2+4+8+16+29=60 seconds
mbedAustin	11:cada08fc8a70	277	mbedtls_ssl_conf_handshake_timeout( &_conf, 10000, 29000 );
mbedAustin	11:cada08fc8a70	278	mbedtls_ssl_conf_rng( &_conf, mbedtls_ctr_drbg_random, &_ctr_drbg );
mbedAustin	11:cada08fc8a70	279
mbedAustin	11:cada08fc8a70	280	if( ( ret = mbedtls_ssl_setup( &_ssl, &_conf ) ) != 0 )
mbedAustin	11:cada08fc8a70	281	{
mbedAustin	11:cada08fc8a70	282	return -1;
mbedAustin	11:cada08fc8a70	283	}
mbedAustin	11:cada08fc8a70	284
mbedAustin	11:cada08fc8a70	285	mbedtls_ssl_set_bio( &_ssl, connHandler,
mbedAustin	11:cada08fc8a70	286	f_send, f_recv, f_recv_timeout );
mbedAustin	11:cada08fc8a70	287
mbedAustin	11:cada08fc8a70	288	mbedtls_ssl_set_timer_cb( &_ssl, _timmer, mbedtls_timing_set_delay,
mbedAustin	11:cada08fc8a70	289	mbedtls_timing_get_delay );
mbedAustin	11:cada08fc8a70	290
mbedAustin	11:cada08fc8a70	291	ret = mbedtls_ssl_handshake_step( &_ssl );
mbedAustin	11:cada08fc8a70	292	if( ret == 0 ){
mbedAustin	11:cada08fc8a70	293	ret = mbedtls_ssl_handshake_step( &_ssl );
mbedAustin	11:cada08fc8a70	294	}
mbedAustin	11:cada08fc8a70	295
mbedAustin	11:cada08fc8a70	296	if( ret >= 0){
mbedAustin	11:cada08fc8a70	297	ret = 1;
mbedAustin	11:cada08fc8a70	298	}else
mbedAustin	11:cada08fc8a70	299	{
mbedAustin	11:cada08fc8a70	300	ret = -1;
mbedAustin	11:cada08fc8a70	301	}
mbedAustin	11:cada08fc8a70	302	return ret;
mbedAustin	11:cada08fc8a70	303	}
mbedAustin	11:cada08fc8a70	304
mbedAustin	11:cada08fc8a70	305	int M2MConnectionSecurityPimpl::continue_connecting()
mbedAustin	11:cada08fc8a70	306	{
mbedAustin	11:cada08fc8a70	307	int ret=-1;
mbedAustin	11:cada08fc8a70	308	while( ret != M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ){
mbedAustin	11:cada08fc8a70	309	ret = mbedtls_ssl_handshake_step( &_ssl );
mbedAustin	11:cada08fc8a70	310	if( MBEDTLS_ERR_SSL_WANT_READ == ret ){
mbedAustin	11:cada08fc8a70	311	ret = M2MConnectionHandler::CONNECTION_ERROR_WANTS_READ;
mbedAustin	11:cada08fc8a70	312	}
mbedAustin	11:cada08fc8a70	313	if(MBEDTLS_ERR_SSL_TIMEOUT == ret \|\|
mbedAustin	11:cada08fc8a70	314	MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO == ret \|\|
mbedAustin	11:cada08fc8a70	315	MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE == ret \|\|
mbedAustin	11:cada08fc8a70	316	MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST == ret \|\|
mbedAustin	11:cada08fc8a70	317	MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE == ret \|\|
mbedAustin	11:cada08fc8a70	318	MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE == ret \|\|
mbedAustin	11:cada08fc8a70	319	MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC == ret \|\|
mbedAustin	11:cada08fc8a70	320	MBEDTLS_ERR_SSL_BAD_HS_FINISHED == ret) {
mbedAustin	11:cada08fc8a70	321	return MBEDTLS_ERR_SSL_TIMEOUT;
mbedAustin	11:cada08fc8a70	322	}
mbedAustin	11:cada08fc8a70	323	if( _ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ){
mbedAustin	11:cada08fc8a70	324	return 0;
mbedAustin	11:cada08fc8a70	325	}
mbedAustin	11:cada08fc8a70	326	}
mbedAustin	11:cada08fc8a70	327	return ret;
mbedAustin	11:cada08fc8a70	328	}
mbedAustin	11:cada08fc8a70	329
mbedAustin	11:cada08fc8a70	330	int M2MConnectionSecurityPimpl::send_message(unsigned char *message, int len){
mbedAustin	11:cada08fc8a70	331	int ret=-1;
mbedAustin	11:cada08fc8a70	332	if(!_init_done){
mbedAustin	11:cada08fc8a70	333	return ret;
mbedAustin	11:cada08fc8a70	334	}
mbedAustin	11:cada08fc8a70	335
mbedAustin	11:cada08fc8a70	336	do ret = mbedtls_ssl_write( &_ssl, (unsigned char *) message, len );
mbedAustin	11:cada08fc8a70	337	while( ret == MBEDTLS_ERR_SSL_WANT_READ \|\|
mbedAustin	11:cada08fc8a70	338	ret == MBEDTLS_ERR_SSL_WANT_WRITE );
mbedAustin	11:cada08fc8a70	339
mbedAustin	11:cada08fc8a70	340	return ret; //bytes written
mbedAustin	11:cada08fc8a70	341	}
mbedAustin	11:cada08fc8a70	342
mbedAustin	11:cada08fc8a70	343	int M2MConnectionSecurityPimpl::read(unsigned char* buffer, uint16_t len){
mbedAustin	11:cada08fc8a70	344	int ret=-1;
mbedAustin	11:cada08fc8a70	345	if(!_init_done){
mbedAustin	11:cada08fc8a70	346	return 0;
mbedAustin	11:cada08fc8a70	347	}
mbedAustin	11:cada08fc8a70	348
mbedAustin	11:cada08fc8a70	349	memset( buffer, 0, len );
mbedAustin	11:cada08fc8a70	350	do ret = mbedtls_ssl_read( &_ssl, buffer, len-1 );
mbedAustin	11:cada08fc8a70	351	while( ret == MBEDTLS_ERR_SSL_WANT_READ \|\|
mbedAustin	11:cada08fc8a70	352	ret == MBEDTLS_ERR_SSL_WANT_WRITE );
mbedAustin	11:cada08fc8a70	353
mbedAustin	11:cada08fc8a70	354	return ret; //bytes read
mbedAustin	11:cada08fc8a70	355	}
mbedAustin	11:cada08fc8a70	356
mbedAustin	11:cada08fc8a70	357	int f_send( void ctx, const unsigned char buf, size_t len){
mbedAustin	11:cada08fc8a70	358	M2MConnectionHandler* handler = ((M2MConnectionHandler *) ctx);
mbedAustin	11:cada08fc8a70	359	return handler->send_to_socket(buf, len);
mbedAustin	11:cada08fc8a70	360	}
mbedAustin	11:cada08fc8a70	361
mbedAustin	11:cada08fc8a70	362	int f_recv(void ctx, unsigned char buf, size_t len){
mbedAustin	11:cada08fc8a70	363	M2MConnectionHandler* handler = ((M2MConnectionHandler *) ctx);
mbedAustin	11:cada08fc8a70	364	return handler->receive_from_socket(buf, len);
mbedAustin	11:cada08fc8a70	365	}
mbedAustin	11:cada08fc8a70	366
mbedAustin	11:cada08fc8a70	367	int f_recv_timeout(void ctx, unsigned char buf, size_t len, uint32_t /some/){
mbedAustin	11:cada08fc8a70	368	return f_recv(ctx, buf, len);
mbedAustin	11:cada08fc8a70	369	}
mbedAustin	11:cada08fc8a70	370
mbedAustin	11:cada08fc8a70	371	int entropy_poll( void , unsigned char output, size_t len,
mbedAustin	11:cada08fc8a70	372	size_t *olen )
mbedAustin	11:cada08fc8a70	373	{
mbedAustin	11:cada08fc8a70	374	srand(time(NULL));
mbedAustin	11:cada08fc8a70	375	char c = (char)malloc(len);
mbedAustin	11:cada08fc8a70	376	memset(c, 0, len);
mbedAustin	11:cada08fc8a70	377	for(uint16_t i=0; i < len; i++){
mbedAustin	11:cada08fc8a70	378	c[i] = rand() % 256;
mbedAustin	11:cada08fc8a70	379	}
mbedAustin	11:cada08fc8a70	380	memmove(output, c, len);
mbedAustin	11:cada08fc8a70	381	*olen = len;
mbedAustin	11:cada08fc8a70	382
mbedAustin	11:cada08fc8a70	383	free(c);
mbedAustin	11:cada08fc8a70	384	return( 0 );
mbedAustin	11:cada08fc8a70	385	}
mbedAustin	11:cada08fc8a70	386
mbedAustin	11:cada08fc8a70	387	void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ){
mbedAustin	11:cada08fc8a70	388	M2MTimer* timer = (M2MTimer*) data;
mbedAustin	11:cada08fc8a70	389	if(!timer) {
mbedAustin	11:cada08fc8a70	390	return;
mbedAustin	11:cada08fc8a70	391	}
mbedAustin	11:cada08fc8a70	392	if( int_ms > 0 && fin_ms > 0 ){
mbedAustin	11:cada08fc8a70	393	cancelled = false;
mbedAustin	11:cada08fc8a70	394	timer->start_dtls_timer(int_ms, fin_ms);
mbedAustin	11:cada08fc8a70	395	}else{
mbedAustin	11:cada08fc8a70	396	cancelled = true;
mbedAustin	11:cada08fc8a70	397	timer->stop_timer();
mbedAustin	11:cada08fc8a70	398	}
mbedAustin	11:cada08fc8a70	399	}
mbedAustin	11:cada08fc8a70	400
mbedAustin	11:cada08fc8a70	401	int mbedtls_timing_get_delay( void *data ){
mbedAustin	11:cada08fc8a70	402	M2MTimer* timer = (M2MTimer*) data;
mbedAustin	11:cada08fc8a70	403	if(!timer){
mbedAustin	11:cada08fc8a70	404	return 0;
mbedAustin	11:cada08fc8a70	405	}
mbedAustin	11:cada08fc8a70	406	if(true == cancelled) {
mbedAustin	11:cada08fc8a70	407	return -1;
mbedAustin	11:cada08fc8a70	408	} else if( timer->is_total_interval_passed() ){
mbedAustin	11:cada08fc8a70	409	return 2;
mbedAustin	11:cada08fc8a70	410	}else if( timer->is_intermediate_interval_passed() ){
mbedAustin	11:cada08fc8a70	411	return 1;
mbedAustin	11:cada08fc8a70	412	}else{
mbedAustin	11:cada08fc8a70	413	return 0;
mbedAustin	11:cada08fc8a70	414	}
mbedAustin	11:cada08fc8a70	415	}

Repository toolbox

Export to desktop IDE

Build repository

Repository details

Type:	Program
Mbed OS support:	Mbed 2 deprecated
Created:	16 Jun 2016
Imports:	15
Forks:	0
Commits:	12
Dependents:	0
Dependencies:	5
Followers:	2

The code in this repository is Apache licensed.

mbed-client-mbedtls/source/m2mconnectionsecuritypimpl.cpp@11:cada08fc8a70, 2016-06-09 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning