Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #define DEBUG_LEVEL 0
- #include "mbed.h"
- #include "NetworkStack.h"
- #include "EthernetInterface.h"
- #include "TCPSocket.h"
- #include <string>
- #include "mbedtls/platform.h"
- #include "mbedtls/ssl.h"
- #include "mbedtls/entropy.h"
- #include "mbedtls/ctr_drbg.h"
- #include "mbedtls/net.h"
- #include "mbedtls/error.h"
- #include <stdlib.h>
- #if DEBUG_LEVEL > 0
- #include "mbedtls/debug.h"
- #endif
- #if defined(MBEDTLS_SSL_CACHE_C)
- #include "mbedtls/ssl_cache.h"
- #endif
- #if !defined(MBEDTLS_CONFIG_FILE)
- #include "mbedtls/config.h"
- #else
- #include MBEDTLS_CONFIG_FILE
- #endif
- #define mbedtls_time time
- #define mbedtls_time_t time_t
- #define mbedtls_fprintf fprintf
- #define mbedtls_printf printf
- #define HTTP_RESPONSE \
- "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
- "<h2>mbed TLS Test Server</h2>\r\n" \
- "<p>Successful connection using: %s</p>\r\n"
- const char privkey[] = "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIIEpAIBAAKCAQEA7Q4MUp7FjGrLFygqLc1n0l6sVtELzx++rhwzIAkmn4GaZqEE\n"
- "DxxnP8O9cY8bdT4JZu/yjo5STOtn2P+qBbKL4L9mYxdiMBb+9LyNFA237u7o/Iwk\n"
- "eWWqywtocU8XPpX81klDdyZWVDKB2cq+fntUNWyozrDlB06Gd1+HKtFs1KdxnTBb\n"
- "VSaoZTTXqt1xTaMhg7+99ZA/qCI0v06wN2/O+eec6z90uSPartPwcwi0zK3Bxgdd\n"
- "5wz8xRd4jLEce4WJTPJ2Nx080Qae+cL8IslMlwLmA+Fgp/GlQhfGp4Q75alpVgkf\n"
- "GMEl4fSe49q8aGIOUAD7+pSor75P9T82Up75cwIDAQABAoIBACOjsgyV3ENxJtlz\n"
- "a2v5brt9ClH/GdRpBGTuzmzpk0n11T3KxW50Kb23cvrotgsZaZZ1SrVOBmeUGMfS\n"
- "IEC9CDSg8gbB1DxAqNIoqtkx+s5MUvDtLOqnc1cVfv1SE7+QEzQwTZlTRTVhZo5U\n"
- "4fDoH8/sZzCz/arsjmDSFuNEGyWZQO24rN4XCO/IlBqlQscv2S+HoVN6cZP2v6N7\n"
- "b0HEke5nR1h6GAzVZzL2yxemO6UFTSD8pXNBKdqMDuIehs8L23yY9BmNr4zsFLQi\n"
- "A8CRyXwqZvyYeTPXbBD+DsStbMS3m9SwNY/dLYAPpm756sNc6QYHTcI999p2RBFy\n"
- "apBUkNkCgYEA/KCglAPUfKNAGd33yb4hgfZ916zmk5NdogsxXTT503hU82gJulR3\n"
- "aQyV3FkamumHtiEhPGg8vLLp+JPGVbzMOIgFgGjRJe7kJu4TYy6bv+1Bum5Z5ikp\n"
- "XgtwAFn7dGbjNTtl0g09UYoUixq8lFQomPAjD/NXd2da6qeSYFRqqHUCgYEA8Dgz\n"
- "Uc62W0iHcDZmdkLejQr2ekzTbHd9oHEoPlKeoEIem30XuzNZHnS/ki4cDjb+ZKaX\n"
- "90BWQyT3B9PHPCR6UkpU2ARy+0z7YDb0Asn+x9NAKn4ve6FZGpd8n/XdwS2LfwCT\n"
- "tI4bX2RyV7zy+zoWr0OJvvzGgSqBhV9h2g2BHUcCgYBmC9hxkc5+fk9BY6lZI+VT\n"
- "IyeYPG5zhF6ZO144YVLdOklOfWMYklAd7giHFrMpilXYmy9awFxwePEMCV1fesEf\n"
- "wMpAIZcCdKpSk27fbI9bitI3JaZI062zIHmgmrh5P6pd8V1i6Rgw3M8JlcZBQHGZ\n"
- "vb7cDZbyU5ylFwWIxfDDlQKBgQCIb/M+CMFsUWKTqmJB0zMiOtLJne8LkUaqJPst\n"
- "grGT5loKCF+9NKnucXMJbOUEcdnFgxWXGlSkaE9ig7eKglFzgcJ0uvovn4a7HBs1\n"
- "plLuXh74w5jmiDrarqXbGMNt4Bd19/bsuzXy1VNYX/pGFLUjsKGA94Mrg9/yx70F\n"
- "I1xtKwKBgQCQnz7SRBN+fQGncfr6dhOAcJ5OUpTgG8YuROC0LbAhLV+LmTKwl+Sm\n"
- "3wtsu36daeGAX8RxnVEDgLJDmVrTDM20lYHXF4owR6qZKflXqOO2zYE8D6ayZFS/\n"
- "+K4GMeBVhdSTppf5mSL/nJEs5wf7wiJ+gwCedFMKE2S6Kcds6bI4ig==\n"
- "-----END RSA PRIVATE KEY-----";
- const char srvcert_c[]= "-----BEGIN CERTIFICATE-----\n"
- "MIIDXTCCAkWgAwIBAgIJAKE2W3R7z2tTMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n"
- "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n"
- "aWRnaXRzIFB0eSBMdGQwHhcNMTYxMTIyMTQ1ODE1WhcNMTcxMTIyMTQ1ODE1WjBF\n"
- "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n"
- "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
- "CgKCAQEA7Q4MUp7FjGrLFygqLc1n0l6sVtELzx++rhwzIAkmn4GaZqEEDxxnP8O9\n"
- "cY8bdT4JZu/yjo5STOtn2P+qBbKL4L9mYxdiMBb+9LyNFA237u7o/IwkeWWqywto\n"
- "cU8XPpX81klDdyZWVDKB2cq+fntUNWyozrDlB06Gd1+HKtFs1KdxnTBbVSaoZTTX\n"
- "qt1xTaMhg7+99ZA/qCI0v06wN2/O+eec6z90uSPartPwcwi0zK3Bxgdd5wz8xRd4\n"
- "jLEce4WJTPJ2Nx080Qae+cL8IslMlwLmA+Fgp/GlQhfGp4Q75alpVgkfGMEl4fSe\n"
- "49q8aGIOUAD7+pSor75P9T82Up75cwIDAQABo1AwTjAdBgNVHQ4EFgQUeDkoSc4O\n"
- "QWw0uLDt1KV3nYNR6bswHwYDVR0jBBgwFoAUeDkoSc4OQWw0uLDt1KV3nYNR6bsw\n"
- "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsXd0kzR2sd+OgYfEmS6z\n"
- "WyWMJ0hZpKLBWBkIERTAQBvT5EzmYwkiIRiSgsNZAke5LeqNrO1xy9LXu2vkczVV\n"
- "z77oSBddoL644vDm9jYZs5Hbn4XlcZHI6ga7MEMPo4Mpb9KW/+AMKE3f1zFYWdw1\n"
- "QMqUpVOIseDj1vN5FTo8xg3ujcOgOdb8LJjg8Jvnarqw05PKNk+gA/NeVOFKiqRJ\n"
- "ZpyS6ELaEzKpJRWJ2Yvq0zRtXoPttbH1p+uLeQtN8OgOBukXY0YIublZTWMB/Fsj\n"
- "UNR9Bl4fwNGPZUrzyfhXwkQFhjsvaM7n94LRPnGmJTMKXMZNzBqb5b71AMsbQWpl\n"
- "NA==\n"
- "-----END CERTIFICATE-----";
- static void my_debug( void *ctx, int level,
- const char *file, int line,
- const char *str )
- {
- ((void) level);
- mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
- fflush( (FILE *) ctx );
- }
- int server_func(void)
- {
- int ret, len;
- mbedtls_net_context listen_fd, client_fd;
- unsigned char buf[1024];
- const char *pers = "ssl_server";
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_x509_crt srvcert;
- mbedtls_pk_context pkey;
- #if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_cache_context cache;
- #endif
- mbedtls_net_init( &listen_fd );
- mbedtls_net_init( &client_fd );
- mbedtls_ssl_init( &ssl );
- mbedtls_ssl_config_init( &conf );
- #if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_cache_init( &cache );
- #endif
- mbedtls_x509_crt_init( &srvcert );
- mbedtls_pk_init( &pkey );
- mbedtls_entropy_init( &entropy );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- /*#if defined(MBEDTLS_DEBUG_C)
- mbedtls_debug_set_threshold( DEBUG_LEVEL );
- #endif*/
- mbedtls_printf( "\n\r . Loading the server cert. and key...\n\r" );
- ret=mbedtls_x509_crt_parse(&srvcert,(const unsigned char*)srvcert_c,sizeof(srvcert));
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
- return ret;
- }
- ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) privkey,sizeof(privkey), NULL, 0 );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
- return ret;
- }
- mbedtls_printf("loaded \n\r");
- ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP );
- if( ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
- return ret;
- }
- mbedtls_printf("net bind succesfull\n\r");
- ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,(const unsigned char *) pers,strlen( pers ) );
- if (ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
- return ret;
- }
- mbedtls_printf("seeding rng succesfull\n\r");
- ret = mbedtls_ssl_config_defaults( &conf,MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM,MBEDTLS_SSL_PRESET_DEFAULT );
- if(ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
- return ret;
- }
- mbedtls_printf("mbedtls config initialized\n\r");
- mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
- #if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_conf_session_cache( &conf, &cache, mbedtls_ssl_cache_get, mbedtls_ssl_cache_set );
- #endif
- // mbedtls_ssl_conf_ca_chain( &conf, srvcert, NULL );//?? trusted ca ?? ca das vom node kommt?? noch abchecken !!! ???
- ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey );
- if(ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
- return ret;
- }
- mbedtls_printf("own cert ok \n\r");
- ret = mbedtls_ssl_setup( &ssl, &conf );
- if(ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
- return ret;
- }
- mbedtls_printf("ssl setup done \n\r");
- reset:
- mbedtls_net_free( &client_fd );
- mbedtls_ssl_session_reset( &ssl );
- mbedtls_printf( "\n\r **** Waiting for a remote connection ****\n\r" );
- ret = mbedtls_net_accept( &listen_fd, &client_fd,NULL, 0, NULL );
- if(ret!=0)
- {
- mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
- return ret;
- }
- mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
- mbedtls_printf( " ok\n\r" );
- mbedtls_printf( "\n\rPerforming the SSL/TLS handshake\n\r" );
- while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
- {
- if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
- return ret;
- }
- }
- mbedtls_printf( " ok\n" );
- do
- {
- len = sizeof( buf ) - 1;
- memset( buf, 0, sizeof( buf ) );
- ret = mbedtls_ssl_read( &ssl, buf, len );
- if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
- continue;
- if( ret <= 0 )
- {
- switch( ret )
- {
- case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
- mbedtls_printf( " connection was closed gracefully\n" );
- break;
- case MBEDTLS_ERR_NET_CONN_RESET:
- mbedtls_printf( " connection was reset by peer\n" );
- break;
- default:
- mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
- break;
- }
- break;
- }
- len = ret;
- mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
- if( ret > 0 )
- break;
- }
- while(true);
- mbedtls_printf( "\n\rWrite to client:\n\r" );
- len = sprintf( (char *) buf, HTTP_RESPONSE,
- mbedtls_ssl_get_ciphersuite( &ssl ) );
- while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
- {
- if( ret == MBEDTLS_ERR_NET_CONN_RESET )
- {
- mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
- return ret;
- }
- if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
- return ret;
- }
- }
- len = ret;
- mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
- mbedtls_printf( " . Closing the connection..." );
- while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
- {
- if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret );
- goto reset;
- }
- }
- mbedtls_printf( " ok\n" );
- mbedtls_net_free( &client_fd );
- mbedtls_net_free( &listen_fd );
- mbedtls_x509_crt_free( &srvcert );
- mbedtls_pk_free( &pkey );
- mbedtls_ssl_free( &ssl );
- mbedtls_ssl_config_free( &conf );
- #if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_cache_free( &cache );
- #endif
- mbedtls_ctr_drbg_free( &ctr_drbg );
- mbedtls_entropy_free( &entropy ); 0;
- return 0;
- }
- int main (void)
- {
- printf("\r\nTEST\r\n");
- int ret= server_func();
- printf("\n\r%d = ret\n\r");
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement