API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 26th, 2016
1,202
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 10.91 KB | None | 0 0
raw download clone embed print report
  1.  
  2. #define DEBUG_LEVEL 0
  3.  
  4. #include "mbed.h"
  5. #include "NetworkStack.h"
  6. #include "EthernetInterface.h"
  7. #include "TCPSocket.h"
  8. #include <string>
  9. #include "mbedtls/platform.h"
  10. #include "mbedtls/ssl.h"
  11. #include "mbedtls/entropy.h"
  12. #include "mbedtls/ctr_drbg.h"
  13. #include "mbedtls/net.h"
  14. #include "mbedtls/error.h"
  15. #include <stdlib.h>
  16. #if DEBUG_LEVEL > 0
  17. #include "mbedtls/debug.h"
  18. #endif
  19. #if defined(MBEDTLS_SSL_CACHE_C)
  20. #include "mbedtls/ssl_cache.h"
  21. #endif
  22. #if !defined(MBEDTLS_CONFIG_FILE)
  23. #include "mbedtls/config.h"
  24. #else
  25. #include MBEDTLS_CONFIG_FILE
  26. #endif
  27. #define mbedtls_time       time
  28. #define mbedtls_time_t     time_t
  29. #define mbedtls_fprintf    fprintf
  30. #define mbedtls_printf printf
  31.  
  32. #define HTTP_RESPONSE \
  33.     "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
  34.     "<h2>mbed TLS Test Server</h2>\r\n" \
  35.     "<p>Successful connection using: %s</p>\r\n"
  36.  
  37. const char privkey[] = "-----BEGIN RSA PRIVATE KEY-----\n"
  38. "MIIEpAIBAAKCAQEA7Q4MUp7FjGrLFygqLc1n0l6sVtELzx++rhwzIAkmn4GaZqEE\n"
  39. "DxxnP8O9cY8bdT4JZu/yjo5STOtn2P+qBbKL4L9mYxdiMBb+9LyNFA237u7o/Iwk\n"
  40. "eWWqywtocU8XPpX81klDdyZWVDKB2cq+fntUNWyozrDlB06Gd1+HKtFs1KdxnTBb\n"
  41. "VSaoZTTXqt1xTaMhg7+99ZA/qCI0v06wN2/O+eec6z90uSPartPwcwi0zK3Bxgdd\n"
  42. "5wz8xRd4jLEce4WJTPJ2Nx080Qae+cL8IslMlwLmA+Fgp/GlQhfGp4Q75alpVgkf\n"
  43. "GMEl4fSe49q8aGIOUAD7+pSor75P9T82Up75cwIDAQABAoIBACOjsgyV3ENxJtlz\n"
  44. "a2v5brt9ClH/GdRpBGTuzmzpk0n11T3KxW50Kb23cvrotgsZaZZ1SrVOBmeUGMfS\n"
  45. "IEC9CDSg8gbB1DxAqNIoqtkx+s5MUvDtLOqnc1cVfv1SE7+QEzQwTZlTRTVhZo5U\n"
  46. "4fDoH8/sZzCz/arsjmDSFuNEGyWZQO24rN4XCO/IlBqlQscv2S+HoVN6cZP2v6N7\n"
  47. "b0HEke5nR1h6GAzVZzL2yxemO6UFTSD8pXNBKdqMDuIehs8L23yY9BmNr4zsFLQi\n"
  48. "A8CRyXwqZvyYeTPXbBD+DsStbMS3m9SwNY/dLYAPpm756sNc6QYHTcI999p2RBFy\n"
  49. "apBUkNkCgYEA/KCglAPUfKNAGd33yb4hgfZ916zmk5NdogsxXTT503hU82gJulR3\n"
  50. "aQyV3FkamumHtiEhPGg8vLLp+JPGVbzMOIgFgGjRJe7kJu4TYy6bv+1Bum5Z5ikp\n"
  51. "XgtwAFn7dGbjNTtl0g09UYoUixq8lFQomPAjD/NXd2da6qeSYFRqqHUCgYEA8Dgz\n"
  52. "Uc62W0iHcDZmdkLejQr2ekzTbHd9oHEoPlKeoEIem30XuzNZHnS/ki4cDjb+ZKaX\n"
  53. "90BWQyT3B9PHPCR6UkpU2ARy+0z7YDb0Asn+x9NAKn4ve6FZGpd8n/XdwS2LfwCT\n"
  54. "tI4bX2RyV7zy+zoWr0OJvvzGgSqBhV9h2g2BHUcCgYBmC9hxkc5+fk9BY6lZI+VT\n"
  55. "IyeYPG5zhF6ZO144YVLdOklOfWMYklAd7giHFrMpilXYmy9awFxwePEMCV1fesEf\n"
  56. "wMpAIZcCdKpSk27fbI9bitI3JaZI062zIHmgmrh5P6pd8V1i6Rgw3M8JlcZBQHGZ\n"
  57. "vb7cDZbyU5ylFwWIxfDDlQKBgQCIb/M+CMFsUWKTqmJB0zMiOtLJne8LkUaqJPst\n"
  58. "grGT5loKCF+9NKnucXMJbOUEcdnFgxWXGlSkaE9ig7eKglFzgcJ0uvovn4a7HBs1\n"
  59. "plLuXh74w5jmiDrarqXbGMNt4Bd19/bsuzXy1VNYX/pGFLUjsKGA94Mrg9/yx70F\n"
  60. "I1xtKwKBgQCQnz7SRBN+fQGncfr6dhOAcJ5OUpTgG8YuROC0LbAhLV+LmTKwl+Sm\n"
  61. "3wtsu36daeGAX8RxnVEDgLJDmVrTDM20lYHXF4owR6qZKflXqOO2zYE8D6ayZFS/\n"
  62. "+K4GMeBVhdSTppf5mSL/nJEs5wf7wiJ+gwCedFMKE2S6Kcds6bI4ig==\n"
  63. "-----END RSA PRIVATE KEY-----";
  64.  
  65. const char srvcert_c[]= "-----BEGIN CERTIFICATE-----\n"
  66. "MIIDXTCCAkWgAwIBAgIJAKE2W3R7z2tTMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n"
  67. "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n"
  68. "aWRnaXRzIFB0eSBMdGQwHhcNMTYxMTIyMTQ1ODE1WhcNMTcxMTIyMTQ1ODE1WjBF\n"
  69. "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n"
  70. "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
  71. "CgKCAQEA7Q4MUp7FjGrLFygqLc1n0l6sVtELzx++rhwzIAkmn4GaZqEEDxxnP8O9\n"
  72. "cY8bdT4JZu/yjo5STOtn2P+qBbKL4L9mYxdiMBb+9LyNFA237u7o/IwkeWWqywto\n"
  73. "cU8XPpX81klDdyZWVDKB2cq+fntUNWyozrDlB06Gd1+HKtFs1KdxnTBbVSaoZTTX\n"
  74. "qt1xTaMhg7+99ZA/qCI0v06wN2/O+eec6z90uSPartPwcwi0zK3Bxgdd5wz8xRd4\n"
  75. "jLEce4WJTPJ2Nx080Qae+cL8IslMlwLmA+Fgp/GlQhfGp4Q75alpVgkfGMEl4fSe\n"
  76. "49q8aGIOUAD7+pSor75P9T82Up75cwIDAQABo1AwTjAdBgNVHQ4EFgQUeDkoSc4O\n"
  77. "QWw0uLDt1KV3nYNR6bswHwYDVR0jBBgwFoAUeDkoSc4OQWw0uLDt1KV3nYNR6bsw\n"
  78. "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsXd0kzR2sd+OgYfEmS6z\n"
  79. "WyWMJ0hZpKLBWBkIERTAQBvT5EzmYwkiIRiSgsNZAke5LeqNrO1xy9LXu2vkczVV\n"
  80. "z77oSBddoL644vDm9jYZs5Hbn4XlcZHI6ga7MEMPo4Mpb9KW/+AMKE3f1zFYWdw1\n"
  81. "QMqUpVOIseDj1vN5FTo8xg3ujcOgOdb8LJjg8Jvnarqw05PKNk+gA/NeVOFKiqRJ\n"
  82. "ZpyS6ELaEzKpJRWJ2Yvq0zRtXoPttbH1p+uLeQtN8OgOBukXY0YIublZTWMB/Fsj\n"
  83. "UNR9Bl4fwNGPZUrzyfhXwkQFhjsvaM7n94LRPnGmJTMKXMZNzBqb5b71AMsbQWpl\n"
  84. "NA==\n"
  85. "-----END CERTIFICATE-----";
  86.  
  87.  
  88. static void my_debug( void *ctx, int level,
  89.                       const char *file, int line,
  90.                       const char *str )
  91. {
  92.     ((void) level);
  93.  
  94.     mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
  95.     fflush(  (FILE *) ctx  );
  96. }
  97.  
  98. int server_func(void)
  99. {
  100.     int ret, len;
  101.     mbedtls_net_context listen_fd, client_fd;
  102.     unsigned char buf[1024];
  103.     const char *pers = "ssl_server";
  104.          
  105.     mbedtls_entropy_context entropy;
  106.     mbedtls_ctr_drbg_context ctr_drbg;
  107.     mbedtls_ssl_context ssl;
  108.     mbedtls_ssl_config conf;
  109.     mbedtls_x509_crt srvcert;
  110.     mbedtls_pk_context pkey;
  111. #if defined(MBEDTLS_SSL_CACHE_C)
  112.     mbedtls_ssl_cache_context cache;
  113. #endif
  114.     mbedtls_net_init( &listen_fd );
  115.     mbedtls_net_init( &client_fd );
  116.     mbedtls_ssl_init( &ssl );
  117.     mbedtls_ssl_config_init( &conf );
  118. #if defined(MBEDTLS_SSL_CACHE_C)
  119.     mbedtls_ssl_cache_init( &cache );
  120. #endif
  121.     mbedtls_x509_crt_init( &srvcert );
  122.     mbedtls_pk_init( &pkey );
  123.     mbedtls_entropy_init( &entropy );
  124.     mbedtls_ctr_drbg_init( &ctr_drbg );
  125. /*#if defined(MBEDTLS_DEBUG_C)
  126.     mbedtls_debug_set_threshold( DEBUG_LEVEL );
  127. #endif*/
  128.  
  129.         mbedtls_printf( "\n\r  . Loading the server cert. and key...\n\r" );  
  130.         ret=mbedtls_x509_crt_parse(&srvcert,(const unsigned char*)srvcert_c,sizeof(srvcert));
  131.         if( ret != 0 )
  132.     {
  133.         mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
  134.         return ret;
  135.     }
  136.  
  137.         ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) privkey,sizeof(privkey), NULL, 0 );
  138.     if( ret != 0 )
  139.     {
  140.         mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
  141.         return ret;
  142.     }
  143.         mbedtls_printf("loaded  \n\r");
  144.         ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP );
  145.         if( ret!=0)
  146.     {
  147.         mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
  148.         return ret;
  149.     }
  150.         mbedtls_printf("net bind succesfull\n\r"); 
  151.         ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,(const unsigned char *) pers,strlen( pers ) );
  152.         if (ret!=0)
  153.     {
  154.         mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
  155.         return ret;
  156.     }
  157.         mbedtls_printf("seeding rng succesfull\n\r");  
  158.        
  159.         ret = mbedtls_ssl_config_defaults( &conf,MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM,MBEDTLS_SSL_PRESET_DEFAULT );
  160.     if(ret!=0)
  161.         {
  162.         mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
  163.         return ret;
  164.     }
  165.         mbedtls_printf("mbedtls config initialized\n\r");      
  166.        
  167.     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
  168.     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
  169.  
  170. #if defined(MBEDTLS_SSL_CACHE_C)
  171.     mbedtls_ssl_conf_session_cache( &conf, &cache, mbedtls_ssl_cache_get, mbedtls_ssl_cache_set );
  172. #endif     
  173. //      mbedtls_ssl_conf_ca_chain( &conf, srvcert, NULL );//?? trusted ca ?? ca das vom node kommt?? noch abchecken !!! ???
  174.    
  175.         ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey );
  176.     if(ret!=0)
  177.         {
  178.         mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
  179.         return ret;
  180.     }
  181.         mbedtls_printf("own cert ok \n\r");
  182.         ret = mbedtls_ssl_setup( &ssl, &conf );
  183.         if(ret!=0)
  184.     {
  185.         mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
  186.         return ret;
  187.     }
  188.         mbedtls_printf("ssl setup done \n\r");
  189. reset:
  190.     mbedtls_net_free( &client_fd );
  191.  
  192.     mbedtls_ssl_session_reset( &ssl );
  193.  
  194.         mbedtls_printf( "\n\r **** Waiting for a remote connection ****\n\r" );
  195.        
  196.      
  197.         ret = mbedtls_net_accept( &listen_fd, &client_fd,NULL, 0, NULL );
  198.     if(ret!=0)
  199.         {
  200.         mbedtls_printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
  201.         return ret;
  202.     }
  203.     mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
  204.  
  205.     mbedtls_printf( " ok\n\r" );
  206.  
  207.         mbedtls_printf( "\n\rPerforming the SSL/TLS handshake\n\r" );
  208.  
  209.     while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
  210.     {
  211.         if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
  212.         {
  213.             mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret );
  214.             return ret;
  215.         }
  216.     }
  217.  
  218.     mbedtls_printf( " ok\n" );
  219.  
  220.     do
  221.     {
  222.         len = sizeof( buf ) - 1;
  223.         memset( buf, 0, sizeof( buf ) );
  224.         ret = mbedtls_ssl_read( &ssl, buf, len );
  225.  
  226.         if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
  227.             continue;
  228.  
  229.         if( ret <= 0 )
  230.         {
  231.             switch( ret )
  232.             {
  233.                 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
  234.                     mbedtls_printf( " connection was closed gracefully\n" );
  235.                     break;
  236.  
  237.                 case MBEDTLS_ERR_NET_CONN_RESET:
  238.                     mbedtls_printf( " connection was reset by peer\n" );
  239.                     break;
  240.  
  241.                 default:
  242.                     mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
  243.                     break;
  244.             }
  245.  
  246.             break;
  247.         }
  248.         len = ret;
  249.         mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
  250.  
  251.         if( ret > 0 )
  252.             break;
  253.     }
  254.     while(true);
  255.  
  256.     mbedtls_printf( "\n\rWrite to client:\n\r" );
  257.  
  258.     len = sprintf( (char *) buf, HTTP_RESPONSE,
  259.                    mbedtls_ssl_get_ciphersuite( &ssl ) );
  260.  
  261.     while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
  262.     {
  263.         if( ret == MBEDTLS_ERR_NET_CONN_RESET )
  264.         {
  265.             mbedtls_printf( " failed\n  ! peer closed the connection\n\n" );
  266.             return ret;
  267.         }
  268.  
  269.         if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
  270.         {
  271.             mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
  272.             return ret;
  273.         }
  274.     }
  275.  
  276.     len = ret;
  277.     mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
  278.  
  279.     mbedtls_printf( "  . Closing the connection..." );
  280.  
  281.     while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
  282.     {
  283.         if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
  284.             ret != MBEDTLS_ERR_SSL_WANT_WRITE )
  285.         {
  286.             mbedtls_printf( " failed\n  ! mbedtls_ssl_close_notify returned %d\n\n", ret );
  287.             goto reset;
  288.         }
  289.     }
  290.  
  291.     mbedtls_printf( " ok\n" );
  292.  
  293.        
  294.  
  295.         mbedtls_net_free( &client_fd );
  296.     mbedtls_net_free( &listen_fd );
  297.  
  298.     mbedtls_x509_crt_free( &srvcert );
  299.     mbedtls_pk_free( &pkey );
  300.     mbedtls_ssl_free( &ssl );
  301.     mbedtls_ssl_config_free( &conf );
  302. #if defined(MBEDTLS_SSL_CACHE_C)
  303.     mbedtls_ssl_cache_free( &cache );
  304. #endif
  305.     mbedtls_ctr_drbg_free( &ctr_drbg );
  306.     mbedtls_entropy_free( &entropy ); 0;
  307.  
  308.         return 0;
  309.  
  310.  
  311. }
  312.  
  313. int main (void)
  314. {
  315.     printf("\r\nTEST\r\n");
  316. int ret=    server_func();
  317. printf("\n\r%d = ret\n\r");
  318.     return 0;
  319. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!