wolf SSL
Example TLS client with wolfSSL
Dependencies: EthernetInterface-FRDM-k64F mbed-rtos mbed wolfSSL-TLS13-Beta Example-client-tls
Dependents: Example-client-tls
Diff: client-tls.cpp
- Revision:
- 2:76d10d65ce5b
- Parent:
- 1:c9a3dbb712d0
- Child:
- 3:97197dea8a38
--- a/client-tls.cpp Tue Jul 21 22:37:00 2015 +0000
+++ b/client-tls.cpp Tue Jul 21 22:47:09 2015 +0000
@@ -24,9 +24,22 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <wolfssl/ssl.h> /* wolfSSL security library */
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <user_settings.h>
#define MAXDATASIZE (1024*4)
+static int SocketReceive(WOLFSSL* ssl, char *buf, int sz, void *sock)
+{
+ return ((TCPSocketConnection *)sock)->receive(buf, sz) ;
+}
+
+static int SocketSend(WOLFSSL* ssl, char *buf, int sz, void *sock)
+{
+ return ((TCPSocketConnection *)sock)->send(buf, sz);
+}
+
static int getline(char *prompt, char *buff, int size)
{
int sz ;
@@ -71,7 +84,7 @@
/*
* clients initial contact with server. Socket to connect to: sock
*/
- int ClientGreet(TCPSocketConnection *socket)
+ int ClientGreet(TCPSocketConnection *socket, WOLFSSL *ssl)
{
/* data to send to the server, data recieved from the server */
char sendBuff[MAXDATASIZE], rcvBuff[MAXDATASIZE] = {0};
@@ -79,15 +92,19 @@
ret = getline("Message for server: ", sendBuff, MAXDATASIZE);
printf("Send[%d]:\n%s\n", ret, sendBuff) ;
- if ((ret = socket->send(sendBuff, strlen(sendBuff))) < 0) {
- printf("Send error: %i", ret);
+ if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) < 0) {
+ /* the message is not able to send, or error trying */
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("Write error[%d]\n", ret, wc_GetErrorString(ret));
return EXIT_FAILURE;
}
printf("Recieved:\n");
while(1) {
- if ((ret = socket->receive(rcvBuff, sizeof(rcvBuff)-1)) < 0) {
+ if ((ret = wolfSSL_read(ssl, rcvBuff, sizeof(rcvBuff)-1)) < 0) {
if(ret == 0)break ;
- printf("Read error. Error: %i\n", ret);
+ /* the server failed to send data, or error trying */
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("Read error[%d], %s\n", ret, wc_GetErrorString(ret));
return EXIT_FAILURE;
}
rcvBuff[ret] = '\0' ;
@@ -99,14 +116,59 @@
return ret;
}
+
+/*
+ * applies TLS 1.2 security layer to data being sent.
+ */
+int Security(TCPSocketConnection *socket)
+{
+ WOLFSSL_CTX* ctx;
+ WOLFSSL* ssl; /* create WOLFSSL object */
+ int ret = 0;
+
+ /* create and initiLize WOLFSSL_CTX structure */
+ if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
+ printf("SSL_CTX_new error.\n");
+ return EXIT_FAILURE;
+ }
+
+ wolfSSL_SetIORecv(ctx, SocketReceive) ;
+ wolfSSL_SetIOSend(ctx, SocketSend) ;
+
+ if ((ssl = wolfSSL_new(ctx)) == NULL) {
+ printf("wolfSSL_new error.\n");
+ return EXIT_FAILURE;
+ }
+
+ wolfSSL_SetIOReadCtx(ssl, (void *)socket) ;
+ wolfSSL_SetIOWriteCtx(ssl, (void *)socket) ;
+
+ ret = wolfSSL_connect(ssl);
+ if (ret == SSL_SUCCESS) {
+ printf("TLS Connected\n") ;
+ ret = ClientGreet(socket, ssl);
+ } else {
+ ret = wolfSSL_get_error(ssl, 0);
+ printf("TLS Connect error[%d], %s\n", ret, wc_GetErrorString(ret));
+ }
+ /* frees all data before client termination */
+ wolfSSL_free(ssl);
+ wolfSSL_CTX_free(ctx);
+ wolfSSL_Cleanup();
+
+ return ret;
+}
+
/*
* command line argumentCount and argumentValues
*/
-void main(const void *av)
+void net_main(const void *av)
{
char server_addr[40] ;
char server_port[10] ;
+ wolfSSL_Init(); /* initialize wolfSSL */
+ /* wolfSSL_Debugging_ON(); */
EthernetInterface eth;
TCPSocketConnection socket;
@@ -123,6 +185,13 @@
}
printf("TCP Connected\n") ;
- ClientGreet(&socket);
+ Security(&socket);
return ;
}
+
+int main(void)
+{
+#define STACK_SIZE 24000
+ Thread t(net_main, NULL, osPriorityNormal, STACK_SIZE);
+ while(1)wait(1.0) ;
+}
\ No newline at end of file