Example TLS client with wolfSSL
Dependencies: EthernetInterface-FRDM-k64F mbed-rtos mbed wolfSSL-TLS13-Beta Example-client-tls
Dependents: Example-client-tls
Diff: client-tls.cpp
- Revision:
- 2:76d10d65ce5b
- Parent:
- 1:c9a3dbb712d0
- Child:
- 3:97197dea8a38
--- a/client-tls.cpp Tue Jul 21 22:37:00 2015 +0000 +++ b/client-tls.cpp Tue Jul 21 22:47:09 2015 +0000 @@ -24,9 +24,22 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <wolfssl/ssl.h> /* wolfSSL security library */ +#include <wolfssl/wolfcrypt/error-crypt.h> +#include <user_settings.h> #define MAXDATASIZE (1024*4) +static int SocketReceive(WOLFSSL* ssl, char *buf, int sz, void *sock) +{ + return ((TCPSocketConnection *)sock)->receive(buf, sz) ; +} + +static int SocketSend(WOLFSSL* ssl, char *buf, int sz, void *sock) +{ + return ((TCPSocketConnection *)sock)->send(buf, sz); +} + static int getline(char *prompt, char *buff, int size) { int sz ; @@ -71,7 +84,7 @@ /* * clients initial contact with server. Socket to connect to: sock */ - int ClientGreet(TCPSocketConnection *socket) + int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl) { /* data to send to the server, data recieved from the server */ char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0}; @@ -79,15 +92,19 @@ ret = getline("Message for server: ", sendBuff, MAXDATASIZE); printf("Send[%d]:\n%s\n", ret, sendBuff) ; - if ((ret = socket->send(sendBuff, strlen(sendBuff))) < 0) { - printf("Send error: %i", ret); + if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) < 0) { + /* the message is not able to send, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Write error[%d]\n", ret, wc_GetErrorString(ret)); return EXIT_FAILURE; } printf("Recieved:\n"); while(1) { - if ((ret = socket->receive(rcvBuff, sizeof(rcvBuff)-1)) < 0) { + if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) { if(ret == 0)break ; - printf("Read error. Error: %i\n", ret); + /* the server failed to send data, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret)); return EXIT_FAILURE; } rcvBuff[ret] = '\0' ; @@ -99,14 +116,59 @@ return ret; } + +/* + * applies TLS 1.2 security layer to data being sent. + */ +int Security(TCPSocketConnection *socket) +{ + WOLFSSL_CTX* ctx; + WOLFSSL* ssl; /* create WOLFSSL object */ + int ret = 0; + + /* create and initiLize WOLFSSL_CTX structure */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { + printf("SSL_CTX_new error.\n"); + return EXIT_FAILURE; + } + + wolfSSL_SetIORecv(ctx, SocketReceive) ; + wolfSSL_SetIOSend(ctx, SocketSend) ; + + if ((ssl = wolfSSL_new(ctx)) == NULL) { + printf("wolfSSL_new error.\n"); + return EXIT_FAILURE; + } + + wolfSSL_SetIOReadCtx(ssl, (void *)socket) ; + wolfSSL_SetIOWriteCtx(ssl, (void *)socket) ; + + ret = wolfSSL_connect(ssl); + if (ret == SSL_SUCCESS) { + printf("TLS Connected\n") ; + ret = ClientGreet(socket, ssl); + } else { + ret = wolfSSL_get_error(ssl, 0); + printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret)); + } + /* frees all data before client termination */ + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); + + return ret; +} + /* * command line argumentCount and argumentValues */ -void main(const void *av) +void net_main(const void *av) { char server_addr[40] ; char server_port[10] ; + wolfSSL_Init(); /* initialize wolfSSL */ + /* wolfSSL_Debugging_ON(); */ EthernetInterface eth; TCPSocketConnection socket; @@ -123,6 +185,13 @@ } printf("TCP Connected\n") ; - ClientGreet(&socket); + Security(&socket); return ; } + +int main(void) +{ +#define STACK_SIZE 24000 + Thread t(net_main, NULL, osPriorityNormal, STACK_SIZE); + while(1)wait(1.0) ; +} \ No newline at end of file