Todd Ouska
Example CyaSSL SSL client connects to SSL server
Dependencies: EthernetNetIf mbed CyaSSL
main.cpp@0:32e3f3831d3a, 2011-02-05 (annotated)
- Committer:
- toddouska
- Date:
- Sat Feb 05 01:28:02 2011 +0000
- Revision:
- 0:32e3f3831d3a
Beta Version
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| toddouska | 0:32e3f3831d3a | 1 | #include "mbed.h" |
| toddouska | 0:32e3f3831d3a | 2 | #include "EthernetNetIf.h" |
| toddouska | 0:32e3f3831d3a | 3 | #include "TCPSocket.h" |
| toddouska | 0:32e3f3831d3a | 4 | #include "ssl.h" |
| toddouska | 0:32e3f3831d3a | 5 | |
| toddouska | 0:32e3f3831d3a | 6 | |
| toddouska | 0:32e3f3831d3a | 7 | /* CyaSSL example client |
| toddouska | 0:32e3f3831d3a | 8 | |
| toddouska | 0:32e3f3831d3a | 9 | This example uses a static IP Address of 192.168.2.4 |
| toddouska | 0:32e3f3831d3a | 10 | Change that in the eth variable if yours is different |
| toddouska | 0:32e3f3831d3a | 11 | |
| toddouska | 0:32e3f3831d3a | 12 | If you're using dhcp uncomment the dhcp line and comment out the static ip |
| toddouska | 0:32e3f3831d3a | 13 | |
| toddouska | 0:32e3f3831d3a | 14 | This example assumes the SSL server is at 10.0.1.2 on port 11111 |
| toddouska | 0:32e3f3831d3a | 15 | Change those in the main loop if yours is differnt |
| toddouska | 0:32e3f3831d3a | 16 | |
| toddouska | 0:32e3f3831d3a | 17 | The example connects and then writes "secure hello from mbed" to server |
| toddouska | 0:32e3f3831d3a | 18 | Any repsonse will written to stdout |
| toddouska | 0:32e3f3831d3a | 19 | |
| toddouska | 0:32e3f3831d3a | 20 | */ |
| toddouska | 0:32e3f3831d3a | 21 | |
| toddouska | 0:32e3f3831d3a | 22 | //EthernetNetIf eth; // dhcp |
| toddouska | 0:32e3f3831d3a | 23 | |
| toddouska | 0:32e3f3831d3a | 24 | EthernetNetIf eth( |
| toddouska | 0:32e3f3831d3a | 25 | IpAddr(192,168,2,4), //IP Address |
| toddouska | 0:32e3f3831d3a | 26 | IpAddr(255,255,255,0), //Network Mask |
| toddouska | 0:32e3f3831d3a | 27 | IpAddr(192,168,2,1), //Gateway |
| toddouska | 0:32e3f3831d3a | 28 | IpAddr(192,168,2,1) //DNS |
| toddouska | 0:32e3f3831d3a | 29 | ); |
| toddouska | 0:32e3f3831d3a | 30 | |
| toddouska | 0:32e3f3831d3a | 31 | |
| toddouska | 0:32e3f3831d3a | 32 | TCPSocket sock; |
| toddouska | 0:32e3f3831d3a | 33 | SSL_CTX* ctx = 0; |
| toddouska | 0:32e3f3831d3a | 34 | SSL* ssl = 0; |
| toddouska | 0:32e3f3831d3a | 35 | int SSL_connected = 0; |
| toddouska | 0:32e3f3831d3a | 36 | |
| toddouska | 0:32e3f3831d3a | 37 | |
| toddouska | 0:32e3f3831d3a | 38 | |
| toddouska | 0:32e3f3831d3a | 39 | int recvf(char* buf, int sz, void* vp) |
| toddouska | 0:32e3f3831d3a | 40 | { |
| toddouska | 0:32e3f3831d3a | 41 | int got = sock.recv(buf, sz); |
| toddouska | 0:32e3f3831d3a | 42 | |
| toddouska | 0:32e3f3831d3a | 43 | if (got == 0) |
| toddouska | 0:32e3f3831d3a | 44 | return -2; // IO_ERR_WANT_READ; |
| toddouska | 0:32e3f3831d3a | 45 | |
| toddouska | 0:32e3f3831d3a | 46 | return got; |
| toddouska | 0:32e3f3831d3a | 47 | } |
| toddouska | 0:32e3f3831d3a | 48 | |
| toddouska | 0:32e3f3831d3a | 49 | |
| toddouska | 0:32e3f3831d3a | 50 | int sendf(char* buf, int sz, void* vp) |
| toddouska | 0:32e3f3831d3a | 51 | { |
| toddouska | 0:32e3f3831d3a | 52 | |
| toddouska | 0:32e3f3831d3a | 53 | int sent = sock.send(buf, sz); |
| toddouska | 0:32e3f3831d3a | 54 | |
| toddouska | 0:32e3f3831d3a | 55 | if (sent == 0) |
| toddouska | 0:32e3f3831d3a | 56 | return -2; // IO_ERR_WANT_WRITE |
| toddouska | 0:32e3f3831d3a | 57 | |
| toddouska | 0:32e3f3831d3a | 58 | return sent; |
| toddouska | 0:32e3f3831d3a | 59 | } |
| toddouska | 0:32e3f3831d3a | 60 | |
| toddouska | 0:32e3f3831d3a | 61 | |
| toddouska | 0:32e3f3831d3a | 62 | void err_str(const char* from, SSL* ssl) |
| toddouska | 0:32e3f3831d3a | 63 | { |
| toddouska | 0:32e3f3831d3a | 64 | int err; |
| toddouska | 0:32e3f3831d3a | 65 | char str[80]; |
| toddouska | 0:32e3f3831d3a | 66 | |
| toddouska | 0:32e3f3831d3a | 67 | printf("got error from %s\n", from); |
| toddouska | 0:32e3f3831d3a | 68 | err = SSL_get_error(ssl, 0); |
| toddouska | 0:32e3f3831d3a | 69 | if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) |
| toddouska | 0:32e3f3831d3a | 70 | printf("non-blocking IO couldn't complete, will continue when can\n"); |
| toddouska | 0:32e3f3831d3a | 71 | else |
| toddouska | 0:32e3f3831d3a | 72 | printf("err = %d, %s\n", err, ERR_error_string(err, str)); |
| toddouska | 0:32e3f3831d3a | 73 | } |
| toddouska | 0:32e3f3831d3a | 74 | |
| toddouska | 0:32e3f3831d3a | 75 | |
| toddouska | 0:32e3f3831d3a | 76 | void onTCPSocketEvent(TCPSocketEvent e) |
| toddouska | 0:32e3f3831d3a | 77 | { |
| toddouska | 0:32e3f3831d3a | 78 | int err; |
| toddouska | 0:32e3f3831d3a | 79 | char buffer[1024]; |
| toddouska | 0:32e3f3831d3a | 80 | |
| toddouska | 0:32e3f3831d3a | 81 | switch (e) { |
| toddouska | 0:32e3f3831d3a | 82 | case TCPSOCKET_CONNECTED : |
| toddouska | 0:32e3f3831d3a | 83 | printf("we connected\n"); |
| toddouska | 0:32e3f3831d3a | 84 | |
| toddouska | 0:32e3f3831d3a | 85 | ctx = SSL_CTX_new(TLSv1_client_method()); |
| toddouska | 0:32e3f3831d3a | 86 | |
| toddouska | 0:32e3f3831d3a | 87 | if (ctx == 0) { |
| toddouska | 0:32e3f3831d3a | 88 | printf("oops, bad SSL ctx\n"); |
| toddouska | 0:32e3f3831d3a | 89 | break; |
| toddouska | 0:32e3f3831d3a | 90 | } |
| toddouska | 0:32e3f3831d3a | 91 | |
| toddouska | 0:32e3f3831d3a | 92 | SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); |
| toddouska | 0:32e3f3831d3a | 93 | |
| toddouska | 0:32e3f3831d3a | 94 | CyaSSL_SetIORecv(ctx, recvf); |
| toddouska | 0:32e3f3831d3a | 95 | CyaSSL_SetIOSend(ctx, sendf); |
| toddouska | 0:32e3f3831d3a | 96 | |
| toddouska | 0:32e3f3831d3a | 97 | |
| toddouska | 0:32e3f3831d3a | 98 | ssl = SSL_new(ctx); |
| toddouska | 0:32e3f3831d3a | 99 | |
| toddouska | 0:32e3f3831d3a | 100 | if (ssl == 0) { |
| toddouska | 0:32e3f3831d3a | 101 | printf("oops, bad SSL ptr\n"); |
| toddouska | 0:32e3f3831d3a | 102 | break; |
| toddouska | 0:32e3f3831d3a | 103 | } |
| toddouska | 0:32e3f3831d3a | 104 | |
| toddouska | 0:32e3f3831d3a | 105 | CyaSSL_SetIOReadCtx(ssl, (void*)&sock); |
| toddouska | 0:32e3f3831d3a | 106 | CyaSSL_SetIOWriteCtx(ssl, (void*)&sock); |
| toddouska | 0:32e3f3831d3a | 107 | err = SSL_connect(ssl); |
| toddouska | 0:32e3f3831d3a | 108 | |
| toddouska | 0:32e3f3831d3a | 109 | if (err != SSL_SUCCESS) { |
| toddouska | 0:32e3f3831d3a | 110 | err_str("SSL connect", ssl); |
| toddouska | 0:32e3f3831d3a | 111 | } |
| toddouska | 0:32e3f3831d3a | 112 | break; |
| toddouska | 0:32e3f3831d3a | 113 | |
| toddouska | 0:32e3f3831d3a | 114 | case TCPSOCKET_READABLE : |
| toddouska | 0:32e3f3831d3a | 115 | printf("we're readable\n"); |
| toddouska | 0:32e3f3831d3a | 116 | |
| toddouska | 0:32e3f3831d3a | 117 | if (SSL_connected == 0) { |
| toddouska | 0:32e3f3831d3a | 118 | err = SSL_connect(ssl); |
| toddouska | 0:32e3f3831d3a | 119 | if (err < 0) { |
| toddouska | 0:32e3f3831d3a | 120 | err_str("SSL connect", ssl); |
| toddouska | 0:32e3f3831d3a | 121 | } |
| toddouska | 0:32e3f3831d3a | 122 | else { |
| toddouska | 0:32e3f3831d3a | 123 | const char msg[] = "secure hello from mbed\n"; |
| toddouska | 0:32e3f3831d3a | 124 | SSL_connected = 1; |
| toddouska | 0:32e3f3831d3a | 125 | printf("we did SSL connect!\n"); |
| toddouska | 0:32e3f3831d3a | 126 | err = SSL_write(ssl, msg, sizeof(msg)); |
| toddouska | 0:32e3f3831d3a | 127 | if (err < 0) { |
| toddouska | 0:32e3f3831d3a | 128 | err_str("SSL wirte", ssl); |
| toddouska | 0:32e3f3831d3a | 129 | } |
| toddouska | 0:32e3f3831d3a | 130 | } |
| toddouska | 0:32e3f3831d3a | 131 | } else { |
| toddouska | 0:32e3f3831d3a | 132 | err = SSL_read(ssl, buffer, sizeof(buffer)); |
| toddouska | 0:32e3f3831d3a | 133 | if (err < 0) { |
| toddouska | 0:32e3f3831d3a | 134 | err_str("SSL read", ssl); |
| toddouska | 0:32e3f3831d3a | 135 | } |
| toddouska | 0:32e3f3831d3a | 136 | else { |
| toddouska | 0:32e3f3831d3a | 137 | buffer[err] = 0; |
| toddouska | 0:32e3f3831d3a | 138 | printf("got message %s\n", buffer); |
| toddouska | 0:32e3f3831d3a | 139 | } |
| toddouska | 0:32e3f3831d3a | 140 | } |
| toddouska | 0:32e3f3831d3a | 141 | break; |
| toddouska | 0:32e3f3831d3a | 142 | |
| toddouska | 0:32e3f3831d3a | 143 | case TCPSOCKET_WRITEABLE : |
| toddouska | 0:32e3f3831d3a | 144 | |
| toddouska | 0:32e3f3831d3a | 145 | break; |
| toddouska | 0:32e3f3831d3a | 146 | |
| toddouska | 0:32e3f3831d3a | 147 | default: |
| toddouska | 0:32e3f3831d3a | 148 | printf("default, case e = %d\n", e); |
| toddouska | 0:32e3f3831d3a | 149 | break; |
| toddouska | 0:32e3f3831d3a | 150 | } |
| toddouska | 0:32e3f3831d3a | 151 | } |
| toddouska | 0:32e3f3831d3a | 152 | |
| toddouska | 0:32e3f3831d3a | 153 | |
| toddouska | 0:32e3f3831d3a | 154 | |
| toddouska | 0:32e3f3831d3a | 155 | int main() { |
| toddouska | 0:32e3f3831d3a | 156 | |
| toddouska | 0:32e3f3831d3a | 157 | EthernetErr ethErr = eth.setup(); |
| toddouska | 0:32e3f3831d3a | 158 | if(ethErr) |
| toddouska | 0:32e3f3831d3a | 159 | { |
| toddouska | 0:32e3f3831d3a | 160 | printf("Error %d in setup.\n", ethErr); |
| toddouska | 0:32e3f3831d3a | 161 | return -1; |
| toddouska | 0:32e3f3831d3a | 162 | } |
| toddouska | 0:32e3f3831d3a | 163 | printf("\r\nSetup OK\r\n"); |
| toddouska | 0:32e3f3831d3a | 164 | |
| toddouska | 0:32e3f3831d3a | 165 | sock.setOnEvent(&onTCPSocketEvent); |
| toddouska | 0:32e3f3831d3a | 166 | |
| toddouska | 0:32e3f3831d3a | 167 | Host server(IpAddr(10,0,1,2), 11111); |
| toddouska | 0:32e3f3831d3a | 168 | TCPSocketErr bindErr = sock.connect(server); |
| toddouska | 0:32e3f3831d3a | 169 | |
| toddouska | 0:32e3f3831d3a | 170 | printf("socket connect ret = %d\n", bindErr); |
| toddouska | 0:32e3f3831d3a | 171 | |
| toddouska | 0:32e3f3831d3a | 172 | |
| toddouska | 0:32e3f3831d3a | 173 | while(1) { |
| toddouska | 0:32e3f3831d3a | 174 | Net::poll(); |
| toddouska | 0:32e3f3831d3a | 175 | } |
| toddouska | 0:32e3f3831d3a | 176 | } |