Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "sdkconfig.h"
- #include <mbedtls/net.h>
- #include <mbedtls/ssl.h>
- #include <mbedtls/entropy.h>
- #include <mbedtls/ctr_drbg.h>
- #include <mbedtls/debug.h>
- #include <mbedtls/platform.h>
- // https://tls.mbed.org/api/ssl__server_8c_source.html
- //
- #include <mbedtls/error.h>
- #include <esp_log.h>
- #include <string.h>
- #include <stdio.h>
- #include "certificate_pem.h"
- #include "private_pem.h"
- #define SERVER_PORT "443"
- static const char* LOG_TAG = "sslServer";
- static char errortext[256];
- static void my_debug(void *ctx, int level, const char *file, int line, const char *str) {
- ((void) level);
- ((void) ctx);
- printf("%s:%04d: %s", file, line, str);
- }
- void sslServer() {
- ESP_LOGD(LOG_TAG, ">> sslServer");
- mbedtls_net_context server_fd;
- mbedtls_net_context listen_fd;
- mbedtls_entropy_context entropy;
- mbedtls_ctr_drbg_context ctr_drbg;
- mbedtls_ssl_context ssl;
- mbedtls_ssl_config conf;
- mbedtls_x509_crt srvcert;
- mbedtls_pk_context pkey;
- int ret;
- int len;
- char *pers = "ssl_server";
- unsigned char buf[1024];
- mbedtls_net_init(&server_fd);
- mbedtls_net_init(&listen_fd);
- mbedtls_ssl_init(&ssl);
- mbedtls_ssl_config_init(&conf);
- mbedtls_x509_crt_init(&srvcert);
- mbedtls_pk_init(&pkey);
- mbedtls_entropy_init(&entropy);
- mbedtls_ctr_drbg_init(&ctr_drbg);
- mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
- mbedtls_debug_set_threshold(4); // Log at error only
- ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)certificate_pem, certificate_pem_len);
- if( ret != 0 ) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
- return;
- }
- ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) private_pem, private_pem_len, NULL, 0);
- if( ret != 0 ) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
- return;
- }
- ret = mbedtls_net_bind(&server_fd, NULL, "9080", MBEDTLS_NET_PROTO_TCP);
- if( ret != 0 ) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
- return;
- }
- ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers));
- if (ret != 0) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
- return;
- }
- ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
- if (ret != 0) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
- return;
- }
- mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
- mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
- ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey );
- if(ret != 0) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
- return;
- }
- ret = mbedtls_ssl_setup(&ssl, &conf);
- if (ret != 0) {
- mbedtls_strerror(ret, errortext, sizeof(errortext));
- ESP_LOGE(LOG_TAG, "error from mbedtls_ssl_setup: %d -%x - %s\n", ret, ret, errortext);
- return;
- }
- //while(1) {
- mbedtls_net_free(&listen_fd);
- mbedtls_ssl_session_reset(&ssl);
- //mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE);
- ESP_LOGD(LOG_TAG, ">> waiting for accept");
- ret = mbedtls_net_accept( &server_fd, &listen_fd, NULL, 0, NULL );
- if(ret != 0) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
- return;
- }
- mbedtls_ssl_set_bio(&ssl, &listen_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
- while((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
- if(ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
- ESP_LOGE(LOG_TAG, " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
- return;
- }
- }
- len = sizeof(buf);
- ret = mbedtls_ssl_read(&ssl, buf, len);
- if (ret < 0) {
- ESP_LOGE(LOG_TAG, "error from read: %d\n", len);
- return;
- }
- printf("Result: [size: %d]\n%.*s\n", ret, ret, buf);
- //}
- mbedtls_net_free(&server_fd);
- mbedtls_ssl_free(&ssl);
- mbedtls_ssl_config_free(&conf);
- mbedtls_ctr_drbg_free(&ctr_drbg);
- mbedtls_entropy_free(&entropy);
- ESP_LOGV(LOG_TAG, "All done");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement