bool_t
exosite_pal_sock_write( void *sock,
const char *data,
int dataLen)
{
int *sockfd = (int *)sock;
int sslCtxIndex;
if((sslCtxIndex = create_ssl_ctx_instance(*sockfd)) < 0)
{
printf("write, sslCtxIndex = %d\r\n", sslCtxIndex);
exosite_pal_sock_close(sock);
return FALSE;
}
if(CyaSSL_write(sslContextSet[sslCtxIndex].ssl, data, dataLen) != dataLen)
{
fprintf(stderr, "CyaSSL_write() failed\r\n");
CyaSSL_Cleanup();
return FALSE;
}
//return ((write(*sockfd, data, dataLen) > 0) ? TRUE : FALSE);
CyaSSL_Cleanup();
return TRUE;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("client") || CurrentDir("build"))
ChangeDirBack(2);
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);
#else
client_test(&args);
#endif
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoserver"))
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
#ifndef CYASSL_TIRTOS
ChangeToWolfRoot();
#endif
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
ChangeToWolfRoot();
echoserver_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
tcp_ready ready;
StartTCP();
args.argc = argc;
args.argv = argv;
args.signal = &ready;
InitTcpReady(&ready);
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
CyaSSL_Init();
ChangeToWolfRoot();
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#else
server_test(&args);
#endif
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#ifdef DEBUG_CYASSL
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoclient") || CurrentDir("build"))
ChangeDirBack(2);
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
/*
* ======== exitApp ========
* Cleans up the SSL context and exits the application
*/
void exitApp(CYASSL_CTX* ctx) {
if (ctx != NULL) {
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
}
BIOS_exit(-1);
}
static int test_CyaSSL_Cleanup(void)
{
int result;
printf(testingFmt, "CyaSSL_Cleanup()");
result = CyaSSL_Cleanup();
printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
return result;
}
int SuiteTest(void)
{
func_args args;
char argv0[2][80];
char* myArgv[2];
printf(" Begin Cipher Suite Tests\n");
/* setup */
myArgv[0] = argv0[0];
myArgv[1] = argv0[1];
args.argv = myArgv;
strcpy(argv0[0], "SuiteTest");
(void)test_harness;
cipherSuiteCtx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (cipherSuiteCtx == NULL) {
printf("can't get cipher suite ctx\n");
exit(EXIT_FAILURE);
}
/* default case */
args.argc = 1;
printf("starting default cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
/* any extra cases will need another argument */
args.argc = 2;
#ifdef CYASSL_DTLS
/* add dtls extra suites */
strcpy(argv0[1], "tests/test-dtls.conf");
printf("starting dtls extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
printf(" End Cipher Suite Tests\n");
CyaSSL_CTX_free(cipherSuiteCtx);
CyaSSL_Cleanup();
return args.return_code;
}
int main(int argc, char** argv)
{
int ret, sockfd, clientfd;
char buff[80];
const char reply[] = "I hear ya fa shizzle!\n";
CYASSL* ssl;
CYASSL_CTX* ctx = CyaSSL_CTX_new(CyaSSLv23_server_method());
if (ctx == NULL)
err_sys("bad ctx new");
if (CyaSSL_CTX_use_certificate_file(ctx, "../certs/server-cert.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
err_sys("Error loading server-cert.pem");
return EXIT_FAILURE;
}
if (CyaSSL_CTX_use_PrivateKey_file(ctx, "../certs/server-key.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
err_sys("Error loading server-key.pem");
return EXIT_FAILURE;
}
printf("Waiting for a connection...\n");
tcp_accept(&sockfd, &clientfd, NULL, yasslPort, 1, 0);
if ((ssl = CyaSSL_new(ctx)) == NULL)
err_sys("bad cyassl setup");
if (CyaSSL_set_fd(ssl, clientfd) != SSL_SUCCESS)
err_sys("bad set fd");
ret = CyaSSL_read(ssl, buff, sizeof(buff)-1);
if (ret > 0) {
buff[ret] = '\0';
printf("Recieved: %s\n", buff);
if ((ret = CyaSSL_write(ssl, reply, sizeof(reply)-1)) < 0)
err_sys("bad cyassl write");
} else
err_sys("bad cyassl read");
close(sockfd);
close(clientfd);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
/* "./config --enable-debug" and uncomment next line for debugging */
/* CyaSSL_Debugging_ON(); */
/* Initialize CyaSSL */
CyaSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = CyaSSL_CTX_new(CyaDTLSv1_2_server_method())) == NULL) {
printf("CyaSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (CyaSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (CyaSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (CyaSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
cont = AwaitDGram(ctx);
if (cont == 1) {
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
}
return 0;
}
int main(int argc, char** argv)
{
func_args args;
tcp_ready ready;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
args.signal = &ready;
InitTcpReady(&ready);
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
CyaSSL_Init();
ChangeToWolfRoot();
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#else
server_test(&args);
#endif
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
#ifndef CYASSL_TIRTOS
ChangeToWolfRoot();
#endif
echoclient_test(&args);
CyaSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
int main(int argc, char** argv)
{
func_args args;
StartTCP();
args.argc = argc;
args.argv = argv;
CyaSSL_Init();
#ifdef DEBUG_CYASSL
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("echoclient") || CurrentDir("build"))
ChangeDirBack(2);
echoclient_test(&args);
CyaSSL_Cleanup();
return args.return_code;
}
int main(int argc, char* argv[])
{
if (argc > 2) {
printf("./server\nor ./server <port>\n");
return 1;
}
CyaSSL_Init();
if (argc < 2) {
if (Server(YASSLPORT) != 0)
err_sys("error creating server");
}
else {
if (Server((word16)atoi(argv[1])) != 0)
err_sys("error creating server");
}
CyaSSL_Cleanup();
return 0;
}
/*
* applies TLS 1.2 security layer to data being sent.
*/
int Security(int sock)
{
CYASSL_CTX* ctx;
CYASSL* ssl; /* create CYASSL object */
int ret = 0;
CyaSSL_Init(); /* initialize CyaSSL */
/* create and initiLize CYASSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) {
printf("SSL_CTX_new error.\n");
return EXIT_FAILURE;
}
/* load CA certificates into CyaSSL_CTX. which will verify the server */
if (CyaSSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS) {
printf("Error loading %s. Please check the file.\n", cert);
return EXIT_FAILURE;
}
if ((ssl = CyaSSL_new(ctx)) == NULL) {
printf("CyaSSL_new error.\n");
return EXIT_FAILURE;
}
CyaSSL_set_fd(ssl, sock);
ret = CyaSSL_connect(ssl);
if (ret == SSL_SUCCESS) {
ret = ClientGreet(sock, ssl);
}
/* frees all data before client termination */
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return ret;
}
bool_t
exosite_pal_sock_read( void *sock,
char *data,
int *dataLen)
{
int *sockfd = (int *)sock;
int sslCtxIndex;
if((sslCtxIndex = create_ssl_ctx_instance(*sockfd)) < 0)
{
printf("read, sslCtxIndex = %d\r\n", sslCtxIndex);
exosite_pal_sock_close(sock);
return FALSE;
}
bzero(data, *dataLen);
*dataLen = CyaSSL_read(sslContextSet[sslCtxIndex].ssl, data, *dataLen);
CyaSSL_Cleanup();
return ((*dataLen) > 0 ? TRUE : FALSE);
}
static void Curl_cyassl_cleanup(void)
{
CyaSSL_Cleanup();
}
int main (int argc, char** argv)
{
int sockfd = 0;
struct sockaddr_in servAddr;
const char* host = argv[1];
CYASSL* ssl = 0;
CYASSL_CTX* ctx = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
char* srTest = "testing session resume";
char cert_array[] = "../certs/ca-cert.pem";
char* certs = cert_array;
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
return 1;
}
CyaSSL_Init();
/* CyaSSL_Debugging_ON(); */
if ( (ctx = CyaSSL_CTX_new(CyaDTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return 1;
}
if (CyaSSL_CTX_load_verify_locations(ctx, certs, 0) != SSL_SUCCESS) {
fprintf(stderr, "Error loading %s, please check the file.\n", certs);
return 1;
}
ssl = CyaSSL_new(ctx);
if (ssl == NULL) {
printf("unable to get ssl object");
return 1;
}
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if ( (inet_pton(AF_INET, host, &servAddr.sin_addr)) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
int err1 = CyaSSL_get_error(ssl, 0);
char buffer[80];
printf("err = %d, %s\n", err1, CyaSSL_ERR_error_string(err1, buffer));
printf("SSL_connect failed");
return 1;
}
DatagramClient(ssl);
CyaSSL_write(ssl, srTest, sizeof(srTest));
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
close(sockfd);
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if ( (inet_pton(AF_INET, host, &servAddr.sin_addr)) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(sslResume, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
if (CyaSSL_connect(sslResume) != SSL_SUCCESS) {
printf("SSL_connect failed");
return 1;
}
if(CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
DatagramClient(sslResume);
CyaSSL_write(sslResume, srTest, sizeof(srTest));
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
close(sockfd);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
/**
* \main
*/
int main( const int argc, const char** argv )
{
( void ) argc;
( void ) argv;
if( argc != 4 )
{
print_usage();
exit( 1 );
}
wanted_event_t wanted_event = WANT_READ;
short cs = 0;
CYASSL_CTX* cyaSSLContext = 0;
CYASSL* cyaSSLObject = 0;
struct timeval timeout;
memset( &timeout, 0, sizeof( struct timeval ) );
int max_fd = 0;
fd_set r_master_set, r_working_set, w_master_set, w_working_set;
FD_ZERO( &r_master_set );
FD_ZERO( &w_master_set );
FD_ZERO( &r_working_set );
FD_ZERO( &w_working_set );
// --------------------------- initialization ---------------------------------
Conn_t conn_desc;
memset( &conn_desc, 0, sizeof( conn_desc ) );
char resp[ 4096 ];
memset( resp, 0, sizeof( resp ) );
conn_desc.sock_fd = create_non_blocking_socket();
if( conn_desc.sock_fd < 0 ) DIE( "Socket creation failed!", 0 );
conn_desc.endpoint_addr.sin_family = AF_INET;
conn_desc.endpoint_addr.sin_addr.s_addr = inet_addr( argv[ 1 ] );
conn_desc.endpoint_addr.sin_port = htons( atoi( argv[ 2 ] ) );
cyaSSLContext = init_cyaSSL();
if( cyaSSLContext == 0 ) DIE( "CyaSSL initialization fault...", 0 );
// disable verify cause no proper certificate
CyaSSL_CTX_set_verify( cyaSSLContext, SSL_VERIFY_NONE, 0 );
cyaSSLObject = create_cyassl_object( cyaSSLContext, &conn_desc );
if( !cyaSSLObject ) DIE( "CyaSSLObject not created properly!", 0 );
set_cyassl_flags( cyaSSLObject );
max_fd = conn_desc.sock_fd;
FD_SET( conn_desc.sock_fd, &r_master_set );
FD_SET( conn_desc.sock_fd, &w_master_set );
// five minutes timeout
timeout.tv_sec = 3 * 60;
timeout.tv_usec = 0;
// --------------------------- main non blocking event processing loop ---------------------------------
size_t data_size = 0;
char* data = load_file_into_memory( argv[ 3 ], &data_size );
if( data == 0 ) DIE( "Could not load given file... \n", 0 );
// almost endless loop
for( ; ; )
{
debug_log( "main_handle..." );
int ret = main_handle( &cs, cyaSSLObject, &conn_desc, data, data_size );
debug_log( "main_handle done!" );
if( ret == -1 ) DIE( "error on main_handle...", cyaSSLObject );
if( ret == 0 ) break;
wanted_event = ret;
memcpy( &r_working_set, &r_master_set, sizeof( fd_set ) );
memcpy( &w_working_set, &w_master_set, sizeof( fd_set ) );
debug_fmt( "select... [%d]", ( int ) wanted_event );
int s_ret = select(
max_fd + 1
, wanted_event == WANT_READ ? &r_working_set : NULL
, wanted_event == WANT_WRITE ? &w_working_set : NULL
, NULL
, &timeout );
debug_fmt( "select done [%d]", s_ret );
if( s_ret < 0 ) DIE( "error on select...", cyaSSLObject );
if( s_ret == 0 ) DIE( "timeout on select...", cyaSSLObject );
}
free( data );
cyaSSLObject = closeSSL( cyaSSLObject, &conn_desc );
CyaSSL_CTX_free( cyaSSLContext ); cyaSSLContext = 0;
CyaSSL_Cleanup();
assert( cyaSSLObject == 0 && "Must be null!" );
assert( cyaSSLContext == 0 && "Must be null!" );
return 0;
}
int main()
{
/* Create a ctx pointer for our ssl */
CYASSL_CTX* ctx;
/*
* Creates a socket that uses an internet IP address,
* Sets the type to be Stream based (TCP),
* 0 means choose the default protocol.
*/
socklen_t sockfd = socket(AF_INET, SOCK_STREAM, 0);
int loopExit = 0; /* 0 = False, 1 = True */
int ret = 0; /* Return value */
/* Server and client socket address structures */
struct sockaddr_in serverAddr, clientAddr;
/* Initialize CyaSSL */
CyaSSL_Init();
/* If positive value, the socket is valid */
if (sockfd == -1) {
printf("ERROR: failed to create the socket\n");
return EXIT_FAILURE; /* Kill the server with exit status 1 */
}
/* create and initialize CYASSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_server_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return EXIT_FAILURE;
}
/* Load server certificate into CYASSL_CTX */
if (CyaSSL_CTX_use_certificate_file(ctx, "../certs/server-cert.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
fprintf(stderr, "Error loading certs/server-cert.pem, please check"
"the file.\n");
return EXIT_FAILURE;
}
/* Load server key into CYASSL_CTX */
if (CyaSSL_CTX_use_PrivateKey_file(ctx, "../certs/server-key.pem",
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
fprintf(stderr, "Error loading certs/server-key.pem, please check"
"the file.\n");
return EXIT_FAILURE;
}
/* Initialize the server address struct to zero */
memset((char *)&serverAddr, 0, sizeof(serverAddr));
/* Fill the server's address family */
serverAddr.sin_family = AF_INET;
serverAddr.sin_addr.s_addr = INADDR_ANY;
serverAddr.sin_port = htons(DEFAULT_PORT);
/* Attach the server socket to our port */
if (bind(sockfd, (struct sockaddr *)&serverAddr, sizeof(serverAddr))
< 0) {
printf("ERROR: failed to bind\n");
return EXIT_FAILURE;
}
printf("Waiting for a connection...\n");
/* Continuously accept connects while not currently in an active connection
or told to quit */
while (loopExit == 0) {
/* listen for a new connection, allow 5 pending connections */
ret = listen(sockfd, 5);
if (ret == 0) {
/* Accept client connections and read from them */
loopExit = AcceptAndRead(ctx, sockfd, clientAddr);
}
}
CyaSSL_CTX_free(ctx); /* Free CYASSL_CTX */
CyaSSL_Cleanup(); /* Free CyaSSL */
return EXIT_SUCCESS;
}
int main()
{
int listenfd, connfd;
int opt;
struct sockaddr_in cliAddr, servAddr;
char buff[MAXLINE];
socklen_t cliLen;
CYASSL_CTX* ctx;
CyaSSL_Init();
if ((ctx = CyaSSL_CTX_new(CyaSSLv23_server_method())) == NULL) {
printf("Fatal error : CyaSSL_CTX_new error\n");
return 1;
}
/* use psk suite for security */
CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
if (CyaSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS)
printf("Fatal error : server can't set cipher list\n");
/* find a socket */
listenfd = socket(AF_INET, SOCK_STREAM, 0);
if (listenfd < 0) {
printf("Fatal error : socket error\n");
return 1;
}
/* set up server address and port */
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
servAddr.sin_port = htons(SERV_PORT);
/* bind to a socket */
opt = 1;
if (setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (const void*)&opt,
sizeof(int)) != 0) {
printf("Fatal error : setsockopt errer");
return 1;
}
if (bind(listenfd, (struct sockaddr *) &servAddr, sizeof(servAddr)) < 0) {
printf("Fatal error : bind error\n");
return 1;
}
/* main loop for accepting and responding to clients */
for ( ; ; ) {
CYASSL* ssl;
/* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) {
printf("Fatal error : listen error\n");
return 1;
}
cliLen = sizeof(cliAddr);
connfd = accept(listenfd, (struct sockaddr *) &cliAddr, &cliLen);
if (connfd < 0) {
if (errno != EINTR) {
printf("Fatal error : accept error\n");
return 1;
}
}
else {
printf("Connection from %s, port %d\n",
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port));
/* create CYASSL object */
if ((ssl = CyaSSL_new(ctx)) == NULL) {
printf("Fatal error : CyaSSL_new error\n");
return 1;
}
CyaSSL_set_fd(ssl, connfd);
/* set CyaSSL and socket to non blocking and respond */
CyaSSL_set_using_nonblock(ssl, 1);
if (fcntl(connfd, F_SETFL, O_NONBLOCK) < 0) {
printf("Fatal error : fcntl set failed\n");
return 1;
}
if (respond(ssl) != 0)
printf("Fatal error : respond error\n");
return 1;
/* closes the connections after responding */
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
if (close(connfd) == -1) {
printf("Fatal error : close error\n");
return 1;
}
}
}
/* free up memory used by cyassl */
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
void client_test(void)
{
char msg[64];
char reply[1024];
int sockfd, input;
int ret = 0, msgSz = 0;
struct sockaddr_in servaddr;
CYASSL_CTX* ctx;
CYASSL* ssl;
long yasslIP = IPADDR(192,168,1,125);
long yasslPort = 11111;
/* for debug, compile CyaSSL with DEBUG_CYASSL defined */
CyaSSL_Debugging_ON();
CyaSSL_Init();
ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (ctx == 0)
err_sys("setting up ctx");
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
ret = CyaSSL_CTX_use_certificate_file(ctx, clientCert, SSL_FILETYPE_PEM);
if (ret != SSL_SUCCESS)
err_sys("can't load client cert file, check file");
ret = CyaSSL_CTX_use_PrivateKey_file(ctx, clientKey, SSL_FILETYPE_PEM);
if (ret != SSL_SUCCESS)
err_sys("can't load client key file, check file");
ret = CyaSSL_CTX_load_verify_locations(ctx, caCert, 0);
if (ret != SSL_SUCCESS)
err_sys("can't load CA cert file, check file");
/* create socket descriptor */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd == RTCS_SOCKET_ERROR) {
err_sys("socket creation failed");
} else {
printf("socket created successfully\n");
}
/*
* Unlike most TCP/IP stacks, RTCS requires that sin_port and
* sin_addr needs to be in Host Byte Order, not Network Byte Order.
* This means we shouldn't use htons() when setting these values.
*/
memset((char*)&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = yasslPort;
servaddr.sin_addr.s_addr = yasslIP;
ret = connect(sockfd, &servaddr, sizeof(servaddr));
if (ret != RTCS_OK) {
err_sys("connect() failed");
} else {
printf("Connected to %lx, port %d.\n", servaddr.sin_addr.s_addr,
servaddr.sin_port);
}
if ( (ssl = CyaSSL_new(ctx)) == NULL)
err_sys("CyaSSL_new failed");
CyaSSL_set_fd(ssl, sockfd);
ret = CyaSSL_connect(ssl);
if (ret != SSL_SUCCESS)
err_sys("CyaSSL_connect failed");
printf("CyaSSL_connect() ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("CyaSSL_write() failed");
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
while (1) {
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
} else {
break;
}
}
}
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
}
struct variable *sys_connect(struct context *context)
{
struct variable *arguments = (struct variable*)stack_pop(context->operand_stack);
const char *serveraddr = param_str(arguments, 1);
const int32_t serverport = param_int(arguments, 2);
struct variable *listener = ((struct variable*)array_get(arguments->list, 2));
int sockfd;
struct sockaddr_in servaddr;
CYASSL_CTX* ctx;
CYASSL* ssl;
node_init();
// Create and initialize CYASSL_CTX structure
if ( (ctx = CyaSSL_CTX_new(CyaTLSv1_client_method())) == NULL)
{
context->vm_exception = variable_new_str(context, byte_array_from_string("SSL_CTX_new error"));
CyaSSL_Cleanup();
return NULL;
}
// Load CA certificates into CYASSL_CTX
if (CyaSSL_CTX_load_verify_locations(ctx, "./conf/ca-cert.pem", 0) != SSL_SUCCESS)
{
context->vm_exception = variable_new_str(context, byte_array_from_string("Error loading ca-cert.pem, please check the file.\n"));
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return NULL;
}
// Create Socket file descriptor
sockfd = socket(AF_INET, SOCK_STREAM, 0);
bzero(&servaddr, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(serverport);
inet_pton(AF_INET, serveraddr, &servaddr.sin_addr);
// Blocking Connect to socket file descriptor
connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
// Create CYASSL object
if ((ssl = CyaSSL_new(ctx)) == NULL)
{
context->vm_exception = variable_new_str(context, byte_array_from_string("CyaSSL_new error"));
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return NULL;
}
CyaSSL_set_fd(ssl, sockfd);
fprintf(stderr, "Connected on %d -- %p\n", sockfd, ssl);
struct thread_argument *ta = (struct thread_argument *)malloc(sizeof(struct thread_argument));
ta->find = context->find;
ta->listener = listener;
ta->ssl = ssl;
ta->fd = sockfd;
ta->cya = ctx;
if (socket_listeners == NULL)
socket_listeners = map_new_ex(NULL, &int_compare, &int_hash, &int_copy, &int_del);
map_insert(socket_listeners, (void*)(VOID_INT)sockfd, (void*)(VOID_INT)ta);
return variable_new_int(context, sockfd);
}
int main (int argc, char** argv)
{
int sockfd = 0;
struct sockaddr_in servAddr;
const char* host = argv[1];
CYASSL* ssl = 0;
CYASSL_CTX* ctx = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
int resumeSession = 0;
char cert_array[] = "../cyassl/certs/ca-cert.pem";
char* certs = cert_array;
char* srTest = "testing session resume";
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
return 1;
}
CyaSSL_Init();
/* CyaSSL_Debugging_ON();*/
if ( (ctx = CyaSSL_CTX_new(CyaDTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "CyaSSL_CTX_new error.\n");
return(EXIT_FAILURE);
}
if (CyaSSL_CTX_load_verify_locations(ctx,certs, 0) != SSL_SUCCESS) {
fprintf(stderr, "Error loading %s, please check the file.\n", certs);
return(EXIT_FAILURE);
}
ssl = CyaSSL_new(ctx);
if (ssl == NULL) {
printf("unable to get ssl object");
return 1;
}
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if (inet_pton(AF_INET, host, &servAddr.sin_addr) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(ssl, sockfd);
CyaSSL_set_using_nonblock(ssl, 1);
fcntl(sockfd, F_SETFL, O_NONBLOCK);
NonBlockingDTLS_Connect(ssl);
DatagramClient(ssl);
while ( (CyaSSL_write(ssl, srTest, sizeof(srTest))) != sizeof(srTest)) {
printf("failed to write");
return 1;
}
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
close(sockfd);
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
servAddr.sin_port = htons(SERV_PORT);
if (inet_pton(AF_INET, host, &servAddr.sin_addr) < 1) {
printf("Error and/or invalid IP address");
return 1;
}
CyaSSL_dtls_set_peer(sslResume, &servAddr, sizeof(servAddr));
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
return 1;
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
CyaSSL_set_using_nonblock(sslResume, 1);
fcntl(sockfd, F_SETFL, O_NONBLOCK);
NonBlockingDTLS_Connect(sslResume);
if(CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
DatagramClient(sslResume);
while ((CyaSSL_write(sslResume, srTest, sizeof(srTest))) != sizeof(srTest))
{
printf("failed to write");
return 1;
}
sleep(1);
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
close(sockfd);
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
return 0;
}
int main(int argc, char** argv)
{
func_args server_args;
tcp_ready ready;
THREAD_TYPE serverThread;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
server_args.argc = argc;
server_args.argv = argv;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND)
CyaSSL_Debugging_ON();
#endif
if (CurrentDir("testsuite") || CurrentDir("_build"))
ChangeDirBack(1);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/
/* Derived Data Advanced -> Custom */
/* Relative to Workspace, Build/Products */
/* Debug or Release */
server_args.signal = &ready;
InitTcpReady(&ready);
/* CTaoCrypt test */
ctaocrypt_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* Simple CyaSSL client server test */
simple_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* Echo input yaSSL client server test */
start_thread(echoserver_test, &server_args, &serverThread);
wait_tcp_ready(&server_args);
{
func_args echo_args;
char* myArgv[NUMARGS];
char argc0[32];
char argc1[32];
char argc2[32];
myArgv[0] = argc0;
myArgv[1] = argc1;
myArgv[2] = argc2;
echo_args.argc = NUMARGS;
echo_args.argv = myArgv;
strcpy(echo_args.argv[0], "echoclient");
strcpy(echo_args.argv[1], "input");
strcpy(echo_args.argv[2], outputName);
remove(outputName);
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args.signal;
/* make sure OK */
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
#ifdef CYASSL_DTLS
wait_tcp_ready(&server_args);
#endif
/* send quit to echoserver */
echo_args.argc = 2;
strcpy(echo_args.argv[1], "quit");
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
join_thread(serverThread);
if (server_args.return_code != 0) return server_args.return_code;
}
/* validate output equals input */
{
byte input[SHA256_DIGEST_SIZE];
byte output[SHA256_DIGEST_SIZE];
file_test("input", input);
file_test(outputName, output);
if (memcmp(input, output, sizeof(input)) != 0)
return EXIT_FAILURE;
}
CyaSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
printf("\nAll tests passed!\n");
return EXIT_SUCCESS;
}
void capwap_crypt_free() {
CyaSSL_Cleanup();
}
int main(int argc, char **argv)
{
int ret, sockfd;
CYASSL* ssl;
CYASSL_CTX* ctx;
struct sockaddr_in servaddr;;
/* must include an ip address of this will flag */
if (argc != 2) {
printf("Usage: tcpClient <IPaddress>\n");
return 1;
}
CyaSSL_Init(); /* initialize cyaSSL */
/* create and initialize CYASSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n");
return 1;
}
/* create a stream socket using tcp,internet protocal IPv4,
* full-duplex stream */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
/* places n zero-valued bytes in the address servaddr */
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(SERV_PORT);
/* converts IPv4 addresses from text to binary form */
ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr);
if (ret != 1) {
printf("inet_pton error\n");
return 1;
}
/* set up pre shared keys */
CyaSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb);
/* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0) {
printf("Connection Error\n");
return 1;
}
/* creat cyassl object after each tcp connct */
if ( (ssl = CyaSSL_new(ctx)) == NULL) {
fprintf(stderr, "CyaSSL_new error.\n");
return 1;
}
/* associate the file descriptor with the session */
ret = CyaSSL_set_fd(ssl, sockfd);
if (ret != SSL_SUCCESS){
return 1;
}
/* takes inputting string and outputs it to the server */
ret = SendReceive(ssl);
if(ret != 0){
return 1;
}
/* cleanup */
CyaSSL_free(ssl);
/* when completely done using SSL/TLS, free the
* cyassl_ctx object */
CyaSSL_CTX_free(ctx);
CyaSSL_Cleanup();
/* exit client */
return ret;
}