123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394 |
- /* wolf_client.c
- *
- * Copyright (C) 2006-2024 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #include <stdio.h>
- #include <string.h>
- #include "r_t4_itcpip.h"
- #include "wolfssl/wolfcrypt/settings.h"
- #include "wolfssl/ssl.h"
- #include "wolfssl/certs_test.h"
- #include "key_data.h"
- #include "wolfssl_demo.h"
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
- #endif
- #define SIMPLE_TLSSEVER_IP "192.168.1.12"
- #define SIMPLE_TLSSERVER_PORT "11111"
- ER t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
- static WOLFSSL_CTX *client_ctx;
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- uint32_t g_encrypted_root_public_key[140];
- static TsipUserCtx userContext;
- #endif
- #if defined(TLS_CLIENT)
- #if defined(WOLFSSL_RENESAS_TSIP_TLS) && defined(WOLFSSL_STATIC_MEMORY)
- extern WOLFSSL_HEAP_HINT* heapHint;
- #define BUFFSIZE_IO (16 * 1024)
- unsigned char heapBufIO[BUFFSIZE_IO];
- #endif /* WOLFSSL_RENESAS_TSIP_TLS && WOLFSSL_STATIC_MEMORY */
- #endif /* TLS_CLIENT */
- static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
- {
- int ret;
- ID cepid;
- if(ctx != NULL)
- cepid = *(ID *)ctx;
- else
- return WOLFSSL_CBIO_ERR_GENERAL;
- ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
- if(ret > 0)
- return ret;
- else
- return WOLFSSL_CBIO_ERR_GENERAL;
- }
- static int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
- {
- int ret;
- ID cepid;
- if(ctx != NULL)
- cepid = *(ID *)ctx;
- else
- return WOLFSSL_CBIO_ERR_GENERAL;
- ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
- if(ret == sz)
- return ret;
- else
- return WOLFSSL_CBIO_ERR_GENERAL;
- }
- static int getIPaddr(char *arg)
- {
- int a1, a2, a3, a4;
- if(sscanf(arg, "%d.%d.%d.%d", &a1, &a2, &a3, &a4) == 4)
- return (a1 << 24) | (a2 << 16) | (a3 << 8) | a4;
- else return 0;
- }
- static int getPort(char *arg)
- {
- int port;
- if(sscanf(arg, "%d", &port) == 1)
- return port;
- else return 0;
- }
- void wolfSSL_TLS_client_init(const char* cipherlist)
- {
- #ifndef NO_FILESYSTEM
- #ifdef USE_ECC_CERT
- char *cert = "./certs/ca-ecc-cert.pem";
- #else
- char *cert = "./certs/ca-cert.pem";
- #endif
- #else
- #if defined(USE_ECC_CERT) && defined(USE_CERT_BUFFERS_256)
- const unsigned char *cert = ca_ecc_cert_der_256;
- #define SIZEOF_CERT sizeof_ca_ecc_cert_der_256
- #else
- const unsigned char *cert = ca_cert_der_2048;
- #define SIZEOF_CERT sizeof_ca_cert_der_2048
- #endif
- #endif
- wolfSSL_Init();
- #ifdef DEBUG_WOLFSSL
- wolfSSL_Debugging_ON();
- #endif
- /*---------------------------------------------*/
- /* Allocate WOLFSSL_CTX */
- /*---------------------------------------------*/
- #if defined(WOLFSSL_STATIC_MEMORY)
- if ((client_ctx = wolfSSL_CTX_new_ex(wolfSSLv23_client_method_ex(heapHint),
- heapHint)) == NULL) {
- printf("ERROR: failed to create WOLFSSL_CTX\n");
- return;
- }
- if ((wolfSSL_CTX_load_static_memory(&client_ctx, NULL, heapBufIO,
- sizeof(heapBufIO), WOLFMEM_IO_POOL, 10)) != WOLFSSL_SUCCESS) {
- printf("ERROR: failed to set static memory for IO\n");
- return;
- }
- #else
- /* Create and initialize WOLFSSL_CTX */
- if ((client_ctx =
- wolfSSL_CTX_new(wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
- printf("ERROR: failed to create WOLFSSL_CTX\n");
- return;
- }
- #endif /* WOLFSSL_STATIC_MEMORY */
- /*---------------------------------------------*/
- /* Set up TSIP callbacks */
- /*---------------------------------------------*/
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- tsip_set_callbacks(client_ctx);
- #endif
- /*---------------------------------------------*/
- /* Root CA certificate */
- /*---------------------------------------------*/
- if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
- SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS){
- printf("ERROR: can't load certificate data\n");
- return;
- }
- /*---------------------------------------------*/
- /* Set up IO callbacks */
- /*---------------------------------------------*/
- wolfSSL_SetIORecv(client_ctx, my_IORecv);
- wolfSSL_SetIOSend(client_ctx, my_IOSend);
- /*---------------------------------------------*/
- /* Set up cipher suites */
- /*---------------------------------------------*/
- /* use specific cipher */
- if (cipherlist != NULL &&
- wolfSSL_CTX_set_cipher_list(client_ctx, cipherlist) != WOLFSSL_SUCCESS) {
- wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
- printf("client can't set cipher list");
- return;
- }
- #if defined(WOLFSSL_TLS13)
- if (wolfSSL_CTX_UseSupportedCurve(client_ctx, WOLFSSL_ECC_SECP256R1)
- != WOLFSSL_SUCCESS) {
- wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
- printf("client can't set use supported curves\n");
- return;
- }
- #endif
- }
- void wolfSSL_TLS_client( )
- {
- ID cepid = 1;
- ER ercd;
- int ret;
- WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)client_ctx;
- WOLFSSL *ssl = NULL;
- #define BUFF_SIZE 256
- static const char sendBuff[]= "Hello Server\n" ;
- char rcvBuff[BUFF_SIZE] = {0};
- static T_IPV4EP my_addr = { 0, 0 };
- T_IPV4EP dst_addr;
- if((dst_addr.ipaddr = getIPaddr(SIMPLE_TLSSEVER_IP)) == 0){
- printf("ERROR: IP address\n");
- goto out;
- }
- if((dst_addr.portno = getPort(SIMPLE_TLSSERVER_PORT)) == 0){
- printf("ERROR: Port number\n");
- goto out;
- }
- if((ercd = tcp_con_cep(cepid, &my_addr, &dst_addr, TMO_FEVR)) != E_OK) {
- printf("ERROR TCP Connect: %d\n", ercd);
- goto out;
- }
- /*---------------------------------------------*/
- /* Allocate WOLFSSL object */
- /*---------------------------------------------*/
- if((ssl = wolfSSL_new(ctx)) == NULL) {
- printf("ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0));
- goto out;
- }
- /*---------------------------------------------*/
- /* Set up callback context for TSIP */
- /*---------------------------------------------*/
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- tsip_set_callback_ctx(ssl, &userContext);
- #endif
- /*---------------------------------------------*/
- /* Client Certificate */
- /*---------------------------------------------*/
- #ifdef USE_ECC_CERT
- /* ECDSA client certificate */
- if (wolfSSL_use_certificate_buffer(ssl, cliecc_cert_der_256,
- sizeof_cliecc_cert_der_256, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
- printf("ERROR wolfSSL_use_certificate_buffer: %d\n",
- wolfSSL_get_error(ssl, 0));
- goto out;
- }
- #else
- /* RSA client certificate */
- if (wolfSSL_use_certificate_buffer(ssl, client_cert_der_2048,
- sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
- printf("ERROR wolfSSL_use_certificate_buffer: %d\n",
- wolfSSL_get_error(ssl, 0));
- goto out;
- }
- #endif /* USE_ECC_CERT */
- /*---------------------------------------------*/
- /* Client Keys */
- /*---------------------------------------------*/
- #ifdef USE_ECC_CERT
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- /* TSIP specific ECC private key */
- if (tsip_use_PrivateKey_buffer_TLS(ssl,
- (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
- sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
- TSIP_ECCP256) != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
- goto out;
- }
- #else
- /* DER format ECC private key */
- if (wolfSSL_use_PrivateKey_buffer(ssl,
- ecc_clikey_der_256,
- sizeof_ecc_clikey_der_256,
- WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
- printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
- wolfSSL_get_error(ssl, 0));
- goto out;
- }
- #endif
- #else
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- /* Note: TSIP asks client key pair for client authentication. */
- /* TSIP specific RSA private key */
- if (tsip_use_PrivateKey_buffer_TLS(ssl,
- (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
- sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
- TSIP_RSA2048) != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
- goto out;
- }
- /* TSIP specific RSA public key */
- if (tsip_use_PublicKey_buffer_TLS(ssl,
- (const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
- sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
- TSIP_RSA2048) != 0) {
- printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
- goto out;
- }
- #else
- if (wolfSSL_use_PrivateKey_buffer(ssl, client_key_der_2048,
- sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
- printf("ERROR wolfSSL_use_PrivateKey_buffer: %d\n",
- wolfSSL_get_error(ssl, 0));
- goto out;
- }
- #endif /* WOLFSSL_RENESAS_TSIP_TLS */
- #endif /* USE_ECC_CERT */
- /*---------------------------------------------*/
- /* Set up IO callback context */
- /*---------------------------------------------*/
- wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
- wolfSSL_SetIOWriteCtx(ssl, (void *)&cepid);
- /*---------------------------------------------*/
- /* TLS handshake */
- /*---------------------------------------------*/
- if(wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) {
- printf("ERROR SSL connect: %d\n", wolfSSL_get_error(ssl, 0));
- goto out;
- }
- if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) {
- printf("ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
- goto out;
- }
- if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) {
- printf("ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
- goto out;
- }
- rcvBuff[ret] = '\0' ;
- printf("Received: %s\n\n", rcvBuff);
- out:
- /* frees all data before client termination */
- if(ssl) {
- wolfSSL_shutdown(ssl);
- wolfSSL_free(ssl);
- }
- if(ctx) {
- wolfSSL_CTX_free(ctx);
- }
- wolfSSL_Cleanup();
- tcp_sht_cep(cepid);
- tcp_cls_cep(cepid, TMO_FEVR);
- return;
- }
|