int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
#ifndef CYASSL_TIRTOS
ChangeToWolfRoot();
#endif
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
tcp_ready ready;
StartTCP();
args.argc = argc;
args.argv = argv;
args.signal = &ready;
InitTcpReady(&ready);
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
CyaSSL_Init();
ChangeToWolfRoot();
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#else
server_test(&args);
#endif
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("client") || CurrentDir("build"))
ChangeDirBack(2);
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);
#else
client_test(&args);
#endif
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoserver"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#ifdef DEBUG_CYASSL
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoclient") || CurrentDir("build"))
ChangeDirBack(2);
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
ChangeToWolfRoot();
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
void node_init()
{
static bool done = false;
if (!done)
CyaSSL_Init(); // Initialize CyaSSL
done = true;
}
static void prvInitialiseCyaSSL( void )
{
int32_t iReturn;
#ifdef DEBUG_CYASSL
{
CyaSSL_Debugging_ON();
}
#endif
/* Initialise CyaSSL. This must be done before any other CyaSSL functions
are called. */
CyaSSL_Init();
/* Attempt to create a context that uses the TLS V1 server protocol. */
xCyaSSL_ServerContext = CyaSSL_CTX_new( CyaTLSv1_server_method() );
if( xCyaSSL_ServerContext != NULL )
{
/* Load the CA certificate. Real applications should ensure that
CyaSSL_CTX_load_verify_locations() returns SSL_SUCCESS before
proceeding. */
iReturn = CyaSSL_CTX_load_verify_locations( xCyaSSL_ServerContext, "ca-cert.pem", 0 );
configASSERT( iReturn == SSL_SUCCESS );
iReturn = CyaSSL_CTX_use_certificate_file( xCyaSSL_ServerContext, "server-cert.pem", SSL_FILETYPE_PEM );
configASSERT( iReturn == SSL_SUCCESS );
iReturn = CyaSSL_CTX_use_PrivateKey_file( xCyaSSL_ServerContext, "server-key.pem", SSL_FILETYPE_PEM );
configASSERT( iReturn == SSL_SUCCESS );
}
}
int Curl_cyassl_init(void)
{
if(CyaSSL_Init() == 0)
return 1;
return -1;
}
static int perform_get_test(int sockfd) {
char buffer[CYASSL_MAX_ERROR_SZ];
char reply[HTTP_BUF_SIZE];
int err, ret, input;
if (CyaSSL_Init() < 0)
err_sys("Unable to init ssl library");
CYASSL_METHOD *method;
method = CyaTLSv1_client_method();
if (method == NULL) {
err_sys("Unable to get method");
}
CYASSL_CTX *ctx = 0;
ctx = CyaSSL_CTX_new(method);
if (ctx == NULL) {
err_sys("Unable to get ctx");
}
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
CYASSL* ssl = 0;
ssl = CyaSSL_new(ctx);
if (ssl == NULL) {
err_sys("Unable to get ssl obj");
}
if (CyaSSL_set_fd(ssl, sockfd) != SSL_SUCCESS) {
err_sys("Can't set fd");
}
ret = CyaSSL_connect(ssl);
if (ret != SSL_SUCCESS) {
err = CyaSSL_get_error(ssl, 0);
}
if (ret != SSL_SUCCESS) {
LOG_E("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
err_sys("cyaSSL_connect failed");
}
if (CyaSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
err_sys("SSL_write failed");
};
input = CyaSSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
if (!memcmp(reply, msg_200_ok, sizeof(msg_200_ok) - 1)) {
return 0;
} else {
return -1;
}
}
return -1;
}
static int test_CyaSSL_Init(void)
{
int result;
printf(testingFmt, "CyaSSL_Init()");
result = CyaSSL_Init();
printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
return result;
}
int test_CyaSSL_Init(void)
{
int result;
printf(testingFmt, "CyaSSL_Init()");
result = CyaSSL_Init();
printf(resultFmt, result ? failed : passed);
return result;
}
int capwap_crypt_init() {
int result;
/* Init library */
result = CyaSSL_Init();
if (result != SSL_SUCCESS) {
return -1;
}
return 0;
}
int tls_lib_init()
{
static bool inited;
if (!inited) {
ctaocrypt_lib_init();
CyaSSL_Init();
/* InitCyaSSL(); */
#ifdef CONFIG_TLS_DEBUG
CyaSSL_Debugging_ON();
#endif
inited = 1;
}
return WM_SUCCESS;
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
/* "./config --enable-debug" and uncomment next line for debugging */
/* CyaSSL_Debugging_ON(); */
/* Initialize CyaSSL */
CyaSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = CyaSSL_CTX_new(CyaDTLSv1_2_server_method())) == NULL) {
printf("CyaSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (CyaSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (CyaSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (CyaSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
cont = AwaitDGram(ctx);
if (cont == 1) {
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
}
return 0;
}
int main(int argc, char** argv)
{
func_args args;
tcp_ready ready;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
args.signal = &ready;
InitTcpReady(&ready);
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
CyaSSL_Init();
ChangeToWolfRoot();
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#else
server_test(&args);
#endif
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
#ifndef CYASSL_TIRTOS
ChangeToWolfRoot();
#endif
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#ifdef DEBUG_CYASSL
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoclient") || CurrentDir("build"))
ChangeDirBack(2);
echoclient_test(&args);
CyaSSL_Cleanup();
return args.return_code;
}
int main(int argc, char* argv[])
{
if (argc > 2) {
printf("./server\nor ./server <port>\n");
return 1;
}
CyaSSL_Init();
if (argc < 2) {
if (Server(YASSLPORT) != 0)
err_sys("error creating server");
}
else {
if (Server((word16)atoi(argv[1])) != 0)
err_sys("error creating server");
}
CyaSSL_Cleanup();
return 0;
}
/*
* applies TLS 1.2 security layer to data being sent.
*/
int Security(int sock)
{
CYASSL_CTX* ctx;
CYASSL* ssl; /* create CYASSL object */
int ret = 0;
CyaSSL_Init(); /* initialize CyaSSL */
/* create and initiLize CYASSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) {
printf("SSL_CTX_new error.\n");
return EXIT_FAILURE;
}
/* load CA certificates into CyaSSL_CTX. which will verify the server */
if (CyaSSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS) {
printf("Error loading %s. Please check the file.\n", cert);
return EXIT_FAILURE;
}
if ((ssl = CyaSSL_new(ctx)) == NULL) {
printf("CyaSSL_new error.\n");
return EXIT_FAILURE;
}
CyaSSL_set_fd(ssl, sock);
ret = CyaSSL_connect(ssl);
if (ret == SSL_SUCCESS) {
ret = ClientGreet(sock, ssl);
}
/* frees all data before client termination */
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return ret;
}
int Server(word16 port)
{
char msg[MAXSZ];
const char reply[] = "I hear ya fa shizzle!\n";
int n, listenfd, connfd;
CYASSL_CTX* ctx;
CYASSL* ssl;
CyaSSL_Init();
/* create ctx and configure certificates */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_server_method())) == NULL)
err_sys("Fatal error : CyaSSL_CTX_new error");
if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server cert file,"
"Please run from CyaSSL home dir");
if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from CyaSSL home dir");
/*sets the IO callback methods*/
CyaSSL_SetIORecv(ctx, CbIORecv);
CyaSSL_SetIOSend(ctx, CbIOSend);
tcp_accept(&listenfd, &connfd, NULL, port, 1, 0);
if (connfd < 0) {
err_sys("Fatal error : accept error");
}
else {
/* create CYASSL object and respond */
if ((ssl = CyaSSL_new(ctx)) == NULL)
err_sys("Fatal error : CyaSSL_new error");
CyaSSL_set_fd(ssl, connfd);
memset(msg, 0, MAXSZ);
n = CyaSSL_read(ssl, msg, MAXSZ - 1);
if (n > 0) {
msg[n] = '\0';
printf("Client sent : %s\n", msg);
if (CyaSSL_write(ssl, reply, strlen(reply)) > strlen(reply))
err_sys("Fatal error : respond: write error");
}
if (n < 0)
err_sys("Fatal error :respond: read error");
/* closes the connections after responding */
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
if (close(listenfd) == -1 && close(connfd) == -1)
err_sys("Fatal error : close error");
}
/* free up memory used by CyaSSL */
CyaSSL_CTX_free(ctx);
return 0;
}
int main (int argc, char** argv)
{
int sockfd = 0;
struct sockaddr_in servAddr;
const char* host = argv[1];
CYASSL* ssl = 0;
CYASSL_CTX* ctx = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
char* srTest = "testing session resume";
char cert_array[] = "../certs/ca-cert.pem";
char* certs = cert_array;
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
return 1;
}
CyaSSL_Init();
/* CyaSSL_Debugging_ON(); */
if ( (ctx = CyaSSL_CTX_new(CyaDTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return 1;
}
if (CyaSSL_CTX_load_verify_locations(ctx, certs, 0) != SSL_SUCCESS) {
fprintf(stderr, "Error loading %s, please check the file.\n", certs);
return 1;
}
ssl = CyaSSL_new(ctx);
if (ssl == NULL) {
printf("unable to get ssl object");
return 1;
}
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if ( (inet_pton(AF_INET, host, &servAddr.sin_addr)) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
int err1 = CyaSSL_get_error(ssl, 0);
char buffer[80];
printf("err = %d, %s\n", err1, CyaSSL_ERR_error_string(err1, buffer));
printf("SSL_connect failed");
return 1;
}
DatagramClient(ssl);
CyaSSL_write(ssl, srTest, sizeof(srTest));
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
close(sockfd);
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if ( (inet_pton(AF_INET, host, &servAddr.sin_addr)) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(sslResume, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
if (CyaSSL_connect(sslResume) != SSL_SUCCESS) {
printf("SSL_connect failed");
return 1;
}
if(CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
DatagramClient(sslResume);
CyaSSL_write(sslResume, srTest, sizeof(srTest));
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
close(sockfd);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
static CYASSL_CTX *
get_cyassl_ctx(const char *hostname)
{
int err;
CYASSL_CTX *ret;
s_config *config = config_get_config();
LOCK_CYASSL_CTX();
if (NULL == cyassl_ctx) {
CyaSSL_Init();
/* Create the CYASSL_CTX */
/* Allow TLSv1.0 up to TLSv1.2 */
if ((cyassl_ctx = CyaSSL_CTX_new(CyaTLSv1_client_method())) == NULL) {
debug(LOG_ERR, "Could not create CYASSL context.");
UNLOCK_CYASSL_CTX();
return NULL;
}
if (config->ssl_cipher_list) {
debug(LOG_INFO, "Setting SSL cipher list to [%s]", config->ssl_cipher_list);
err = CyaSSL_CTX_set_cipher_list(cyassl_ctx, config->ssl_cipher_list);
if (SSL_SUCCESS != err) {
debug(LOG_ERR, "Could not load SSL cipher list (error %d)", err);
UNLOCK_CYASSL_CTX();
return NULL;
}
}
#ifdef HAVE_SNI
if (config->ssl_use_sni) {
debug(LOG_INFO, "Setting SSL using SNI for hostname %s",
hostname);
err = CyaSSL_CTX_UseSNI(cyassl_ctx, CYASSL_SNI_HOST_NAME, hostname,
strlen(hostname));
if (SSL_SUCCESS != err) {
debug(LOG_ERR, "Could not setup SSL using SNI for hostname %s",
hostname);
UNLOCK_CYASSL_CTX();
return NULL;
}
}
#endif
if (config->ssl_verify) {
/* Use trusted certs */
/* Note: CyaSSL requires that the certificates are named by their hash values */
debug(LOG_INFO, "Loading SSL certificates from %s", config->ssl_certs);
err = CyaSSL_CTX_load_verify_locations(cyassl_ctx, NULL, config->ssl_certs);
if (err != SSL_SUCCESS) {
debug(LOG_ERR, "Could not load SSL certificates (error %d)", err);
if (err == ASN_UNKNOWN_OID_E) {
debug(LOG_ERR, "Error is ASN_UNKNOWN_OID_E - try compiling cyassl/wolfssl with --enable-ecc");
} else {
debug(LOG_ERR, "Make sure that SSLCertPath points to the correct path in the config file");
debug(LOG_ERR, "Or disable certificate loading with 'SSLPeerVerification No'.");
}
UNLOCK_CYASSL_CTX();
return NULL;
}
} else {
CyaSSL_CTX_set_verify(cyassl_ctx, SSL_VERIFY_NONE, 0);
debug(LOG_INFO, "Disabling SSL certificate verification!");
}
}
ret = cyassl_ctx;
UNLOCK_CYASSL_CTX();
return ret;
}
/**
* \brief Initializes the cyassl library and creates the context
* \return 1 if successfull <0 other way
*/
inline static CYASSL_CTX* init_cyaSSL( void )
{
CyaSSL_Init();
return CyaSSL_CTX_new( CyaSSLv23_client_method() );
}
int main (int argc, char** argv)
{
int sockfd = 0;
struct sockaddr_in servAddr;
const char* host = argv[1];
CYASSL* ssl = 0;
CYASSL_CTX* ctx = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
int resumeSession = 0;
char cert_array[] = "../cyassl/certs/ca-cert.pem";
char* certs = cert_array;
char* srTest = "testing session resume";
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
return 1;
}
CyaSSL_Init();
/* CyaSSL_Debugging_ON();*/
if ( (ctx = CyaSSL_CTX_new(CyaDTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return(EXIT_FAILURE);
}
if (CyaSSL_CTX_load_verify_locations(ctx,certs, 0) != SSL_SUCCESS) {
fprintf(stderr, "Error loading %s, please check the file.\n", certs);
return(EXIT_FAILURE);
}
ssl = CyaSSL_new(ctx);
if (ssl == NULL) {
printf("unable to get ssl object");
return 1;
}
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if (inet_pton(AF_INET, host, &servAddr.sin_addr) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(ssl, sockfd);
CyaSSL_set_using_nonblock(ssl, 1);
fcntl(sockfd, F_SETFL, O_NONBLOCK);
NonBlockingDTLS_Connect(ssl);
DatagramClient(ssl);
while ( (CyaSSL_write(ssl, srTest, sizeof(srTest))) != sizeof(srTest)) {
printf("failed to write");
return 1;
}
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
close(sockfd);
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if (inet_pton(AF_INET, host, &servAddr.sin_addr) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(sslResume, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
CyaSSL_set_using_nonblock(sslResume, 1);
fcntl(sockfd, F_SETFL, O_NONBLOCK);
NonBlockingDTLS_Connect(sslResume);
if(CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
DatagramClient(sslResume);
while ((CyaSSL_write(sslResume, srTest, sizeof(srTest))) != sizeof(srTest))
{
printf("failed to write");
return 1;
}
sleep(1);
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
close(sockfd);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
void client_test(void)
{
char msg[64];
char reply[1024];
int sockfd, input;
int ret = 0, msgSz = 0;
struct sockaddr_in servaddr;
CYASSL_CTX* ctx;
CYASSL* ssl;
long yasslIP = IPADDR(192,168,1,125);
long yasslPort = 11111;
/* for debug, compile CyaSSL with DEBUG_CYASSL defined */
CyaSSL_Debugging_ON();
CyaSSL_Init();
ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (ctx == 0)
err_sys("setting up ctx");
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
ret = CyaSSL_CTX_use_certificate_file(ctx, clientCert, SSL_FILETYPE_PEM);
if (ret != SSL_SUCCESS)
err_sys("can't load client cert file, check file");
ret = CyaSSL_CTX_use_PrivateKey_file(ctx, clientKey, SSL_FILETYPE_PEM);
if (ret != SSL_SUCCESS)
err_sys("can't load client key file, check file");
ret = CyaSSL_CTX_load_verify_locations(ctx, caCert, 0);
if (ret != SSL_SUCCESS)
err_sys("can't load CA cert file, check file");
/* create socket descriptor */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd == RTCS_SOCKET_ERROR) {
err_sys("socket creation failed");
} else {
printf("socket created successfully\n");
}
/*
* Unlike most TCP/IP stacks, RTCS requires that sin_port and
* sin_addr needs to be in Host Byte Order, not Network Byte Order.
* This means we shouldn't use htons() when setting these values.
*/
memset((char*)&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = yasslPort;
servaddr.sin_addr.s_addr = yasslIP;
ret = connect(sockfd, &servaddr, sizeof(servaddr));
if (ret != RTCS_OK) {
err_sys("connect() failed");
} else {
printf("Connected to %lx, port %d.\n", servaddr.sin_addr.s_addr,
servaddr.sin_port);
}
if ( (ssl = CyaSSL_new(ctx)) == NULL)
err_sys("CyaSSL_new failed");
CyaSSL_set_fd(ssl, sockfd);
ret = CyaSSL_connect(ssl);
if (ret != SSL_SUCCESS)
err_sys("CyaSSL_connect failed");
printf("CyaSSL_connect() ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("CyaSSL_write() failed");
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
while (1) {
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
} else {
break;
}
}
}
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
}
/*
* ======== tcpHandler ========
* Creates new Task to handle new TCP connections.
*/
Void tcpHandler(UArg arg0, UArg arg1) {
int sockfd;
int ret;
struct sockaddr_in servAddr;
Error_Block eb;
bool flag = true;
bool internal_flag = true;
int nbytes;
char *buffer;
char msg[] = "Hello from TM4C1294XL Connected Launchpad";
CYASSL* ssl = (CYASSL *) arg0;
fdOpenSession(TaskSelf());
CyaSSL_Init();
CYASSL_CTX* ctx = NULL;
ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (ctx == 0) {
System_printf("tcpHandler: CyaSSL_CTX_new error.\n");
exitApp(ctx);
}
if (CyaSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
sizeof(ca_cert_der_2048) / sizeof(char), SSL_FILETYPE_ASN1)
!= SSL_SUCCESS) {
System_printf("tcpHandler: Error loading ca_cert_der_2048"
" please check the cyassl/certs_test.h file.\n");
exitApp(ctx);
}
if (CyaSSL_CTX_use_certificate_buffer(ctx, client_cert_der_2048,
sizeof(client_cert_der_2048) / sizeof(char), SSL_FILETYPE_ASN1)
!= SSL_SUCCESS) {
System_printf("tcpHandler: Error loading client_cert_der_2048,"
" please check the cyassl/certs_test.h file.\n");
exitApp(ctx);
}
if (CyaSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
sizeof(client_key_der_2048) / sizeof(char), SSL_FILETYPE_ASN1)
!= SSL_SUCCESS) {
System_printf("tcpHandler: Error loading client_key_der_2048,"
" please check the cyassl/certs_test.h file.\n");
exitApp(ctx);
}
/* Init the Error_Block */
Error_init(&eb);
do {
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
System_printf("tcpHandler: socket failed\n");
Task_sleep(2000);
continue;
}
memset((char *) &servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(TCPPORT);
inet_aton(IP_ADDR, &servAddr.sin_addr);
ret = connect(sockfd, (struct sockaddr *) &servAddr, sizeof(servAddr));
if (ret < 0) {
fdClose((SOCKET) sockfd);
Task_sleep(2000);
continue;
}
} while (ret != 0);
if ((ssl = CyaSSL_new(ctx)) == NULL) {
System_printf("tcpHandler: CyaSSL_new error.\n");
exitApp(ctx);
}
CyaSSL_set_fd(ssl, sockfd);
ret = CyaSSL_connect(ssl);
/* Delete "TOP_LINE" and "END_LINE" for debugging. */
/* TOP_LINE
System_printf("looked for: %d.\n", SSL_SUCCESS);
System_printf("return was: %d.\n", ret);
int err;
char err_buffer[80];
err = CyaSSL_get_error(ssl, 0);
System_printf("CyaSSL error: %d\n", err);
System_printf("CyaSSL error string: %s\n", CyaSSL_ERR_error_string(err, err_buffer));
END_LINE */
if (ret == SSL_SUCCESS) {
sockfd = CyaSSL_get_fd(ssl);
/* Get a buffer to receive incoming packets. Use the default heap. */
buffer = Memory_alloc(NULL, TCPPACKETSIZE, 0, &eb);
if (buffer == NULL) {
System_printf("tcpWorker: failed to alloc memory\n");
exitApp(ctx);
}
/* Say hello to the server */
while (flag) {
if (CyaSSL_write(ssl, msg, strlen(msg)) != strlen(msg)) {
ret = CyaSSL_get_error(ssl, 0);
System_printf("Write error: %i.\n", ret);
}
while (internal_flag) {
nbytes = CyaSSL_read(ssl, (char *) buffer, TCPPACKETSIZE);
if (nbytes > 0) {
internal_flag = false;
}
}
/* success */
System_printf("Heard: \"%s\".\n", buffer);
CyaSSL_free(ssl);
fdClose((SOCKET) sockfd);
flag = false;
}
/* Free the buffer back to the heap */
Memory_free(NULL, buffer, TCPPACKETSIZE);
/*
* Since deleteTerminatedTasks is set in the cfg file,
* the Task will be deleted when the idle task runs.
*/
exitApp(ctx);
} else {
CyaSSL_free(ssl);
fdClose((SOCKET) sockfd);
System_printf("CyaSSL_connect failed.\n");
fdCloseSession(TaskSelf());
exitApp(ctx);
}
}
int main()
{
/* Create a ctx pointer for our ssl */
CYASSL_CTX* ctx;
/*
* Creates a socket that uses an internet IP address,
* Sets the type to be Stream based (TCP),
* 0 means choose the default protocol.
*/
socklen_t sockfd = socket(AF_INET, SOCK_STREAM, 0);
int loopExit = 0; /* 0 = False, 1 = True */
int ret = 0; /* Return value */
/* Server and client socket address structures */
struct sockaddr_in serverAddr, clientAddr;
/* Initialize CyaSSL */
CyaSSL_Init();
/* If positive value, the socket is valid */
if (sockfd == -1) {
printf("ERROR: failed to create the socket\n");
return EXIT_FAILURE; /* Kill the server with exit status 1 */
}
/* create and initialize CYASSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_server_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return EXIT_FAILURE;
}
/* Load server certificate into CYASSL_CTX */
if (CyaSSL_CTX_use_certificate_file(ctx, "../certs/server-cert.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
fprintf(stderr, "Error loading certs/server-cert.pem, please check"
"the file.\n");
return EXIT_FAILURE;
}
/* Load server key into CYASSL_CTX */
if (CyaSSL_CTX_use_PrivateKey_file(ctx, "../certs/server-key.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
fprintf(stderr, "Error loading certs/server-key.pem, please check"
"the file.\n");
return EXIT_FAILURE;
}
/* Initialize the server address struct to zero */
memset((char *)&serverAddr, 0, sizeof(serverAddr));
/* Fill the server's address family */
serverAddr.sin_family = AF_INET;
serverAddr.sin_addr.s_addr = INADDR_ANY;
serverAddr.sin_port = htons(DEFAULT_PORT);
/* Attach the server socket to our port */
if (bind(sockfd, (struct sockaddr *)&serverAddr, sizeof(serverAddr))
< 0) {
printf("ERROR: failed to bind\n");
return EXIT_FAILURE;
}
printf("Waiting for a connection...\n");
/* Continuously accept connects while not currently in an active connection
or told to quit */
while (loopExit == 0) {
/* listen for a new connection, allow 5 pending connections */
ret = listen(sockfd, 5);
if (ret == 0) {
/* Accept client connections and read from them */
loopExit = AcceptAndRead(ctx, sockfd, clientAddr);
}
}
CyaSSL_CTX_free(ctx); /* Free CYASSL_CTX */
CyaSSL_Cleanup(); /* Free CyaSSL */
return EXIT_SUCCESS;
}
int main(int argc, char** argv)
{
func_args server_args;
tcp_ready ready;
THREAD_TYPE serverThread;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
server_args.argc = argc;
server_args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("testsuite") || CurrentDir("_build"))
ChangeDirBack(1);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/
/* Derived Data Advanced -> Custom */
/* Relative to Workspace, Build/Products */
/* Debug or Release */
server_args.signal = &ready;
InitTcpReady(&ready);
/* CTaoCrypt test */
ctaocrypt_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* Simple CyaSSL client server test */
simple_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* Echo input yaSSL client server test */
start_thread(echoserver_test, &server_args, &serverThread);
wait_tcp_ready(&server_args);
{
func_args echo_args;
char* myArgv[NUMARGS];
char argc0[32];
char argc1[32];
char argc2[32];
myArgv[0] = argc0;
myArgv[1] = argc1;
myArgv[2] = argc2;
echo_args.argc = NUMARGS;
echo_args.argv = myArgv;
strcpy(echo_args.argv[0], "echoclient");
strcpy(echo_args.argv[1], "input");
strcpy(echo_args.argv[2], outputName);
remove(outputName);
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args.signal;
/* make sure OK */
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
#ifdef CYASSL_DTLS
wait_tcp_ready(&server_args);
#endif
/* send quit to echoserver */
echo_args.argc = 2;
strcpy(echo_args.argv[1], "quit");
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
join_thread(serverThread);
if (server_args.return_code != 0) return server_args.return_code;
}
/* validate output equals input */
{
byte input[SHA256_DIGEST_SIZE];
byte output[SHA256_DIGEST_SIZE];
file_test("input", input);
file_test(outputName, output);
if (memcmp(input, output, sizeof(input)) != 0)
return EXIT_FAILURE;
}
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
printf("\nAll tests passed!\n");
return EXIT_SUCCESS;
}
static int Curl_cyassl_init(void)
{
return (CyaSSL_Init() == SSL_SUCCESS);
}
