1
0

client_wolfssl.c 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277
  1. /* client_wolfssl.c
  2. *
  3. * Copyright (C) 2006-2024 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. #include <Source/net_sock.h>
  22. #include <Source/net_app.h>
  23. #include <Source/net_ascii.h>
  24. #include <Source/net_util.h>
  25. #include <lib_str.h>
  26. #include <app_cfg.h>
  27. #include <wolfssl/ssl.h>
  28. #include "client_wolfssl.h"
  29. /* 172.217.3.174 is the IP address of https://www.google.com */
  30. #define TCP_SERVER_IP_ADDR "172.217.3.174"
  31. #define TCP_SERVER_DOMAIN_NAME "www.google.com"
  32. #define TCP_SERVER_PORT 443
  33. #define TX_BUF_SIZE 64
  34. #define RX_BUF_SIZE 1024
  35. #define TX_MSG "GET /index.html HTTP/1.0\r\n\r\n"
  36. #define TX_MSG_SIZE sizeof(TX_MSG)
  37. static const CPU_INT08U google_certs_ca[]="\n\
  38. ## Google Internet Authority G3 \n\
  39. -----BEGIN CERTIFICATE-----\n\
  40. MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
  41. HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
  42. U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
  43. MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
  44. U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
  45. ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
  46. XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
  47. 71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
  48. RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
  49. ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
  50. kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
  51. AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
  52. AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
  53. Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
  54. MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
  55. b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
  56. cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
  57. aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
  58. HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
  59. ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
  60. wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
  61. FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
  62. 7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
  63. c7o835DLAFshEWfC7TIe3g==\n\
  64. -----END CERTIFICATE-----\n\
  65. ## Google Trust Services- GlobalSign Root CA-R2\n\
  66. -----BEGIN CERTIFICATE-----\n\
  67. MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
  68. A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
  69. Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
  70. MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
  71. A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
  72. hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
  73. v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
  74. eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
  75. tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
  76. C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
  77. zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
  78. mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
  79. V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
  80. bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
  81. 3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
  82. J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
  83. 291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
  84. ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
  85. AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
  86. TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
  87. -----END CERTIFICATE-----\n\
  88. ";
  89. int wolfssl_client_test(void) {
  90. NET_ERR err;
  91. NET_SOCK_ID sock;
  92. NET_IPv4_ADDR server_ip_addr;
  93. NET_SOCK_ADDR_IPv4 server_addr;
  94. CPU_CHAR rx_buf[RX_BUF_SIZE];
  95. CPU_CHAR tx_buf[TX_BUF_SIZE];
  96. OS_ERR os_err;
  97. int ret = 0, error = 0;
  98. WOLFSSL* ssl;
  99. WOLFSSL_CTX* ctx;
  100. #ifdef DEBUG_WOLFSSL
  101. wolfSSL_Debugging_ON();
  102. #endif
  103. /* wolfSSL INIT and CTX SETUP */
  104. wolfSSL_Init();
  105. /* SET UP NETWORK SOCKET */
  106. APP_TRACE_INFO(("Opening a network socket...\r\n"));
  107. sock = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
  108. NET_SOCK_TYPE_STREAM,
  109. NET_SOCK_PROTOCOL_TCP,
  110. &err);
  111. if (err != NET_SOCK_ERR_NONE) {
  112. APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
  113. return -1;
  114. }
  115. #ifdef NET_SECURE_MODULE_EN
  116. APP_TRACE_INFO(("Setting the socket as secure...\r\n"));
  117. (void)NetSock_CfgSecure(sock,
  118. DEF_YES,
  119. &err);
  120. if (err != NET_SOCK_ERR_NONE) {
  121. APP_TRACE_INFO(("ERROR: NetSock_CfgSecure, err = %d\r\n", (int) err));
  122. NetSock_Close(sock, &err);
  123. return -1;
  124. }
  125. APP_TRACE_INFO(("Configure the common name of the server...\r\n"));
  126. (void)NetSock_CfgSecureClientCommonName(sock,
  127. TCP_SERVER_DOMAIN_NAME,
  128. &err);
  129. if (err != NET_SOCK_ERR_NONE) {
  130. APP_TRACE_INFO(("ERROR: NetSock_CfgSecureClientCommonName, \
  131. err = %d\r\n", (int) err));
  132. NetSock_Close(sock, &err);
  133. return -1;
  134. }
  135. #endif /* NET_SECURE_MODULE_EN */
  136. APP_TRACE_INFO(("Calling NetASCII_Str_to_IPv4...\r\n"));
  137. server_ip_addr = NetASCII_Str_to_IPv4(TCP_SERVER_IP_ADDR, &err);
  138. if (err != NET_ASCII_ERR_NONE) {
  139. APP_TRACE_INFO(("ERROR: NetASCII_Str_to_IPv4, err = %d\r\n", (int) err));
  140. NetSock_Close(sock, &err);
  141. return -1;
  142. }
  143. APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
  144. Mem_Clr((void *) &server_addr, (CPU_SIZE_T) sizeof(server_addr));
  145. APP_TRACE_INFO(("Setting server IP address: %s, port: %d\r\n",
  146. TCP_SERVER_IP_ADDR, TCP_SERVER_PORT));
  147. server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
  148. server_addr.Addr = NET_UTIL_HOST_TO_NET_32(server_ip_addr);
  149. server_addr.Port = NET_UTIL_HOST_TO_NET_16(TCP_SERVER_PORT);
  150. /* CONNECT SOCKET */
  151. APP_TRACE_INFO(("Calling NetSock_Conn on socket\r\n"));
  152. NetSock_Conn((NET_SOCK_ID) sock,
  153. (NET_SOCK_ADDR *) &server_addr,
  154. (NET_SOCK_ADDR_LEN) sizeof(server_addr),
  155. (NET_ERR*) &err);
  156. if (err != NET_SOCK_ERR_NONE) {
  157. APP_TRACE_INFO(("ERROR: NetSock_Conn, err = %d\r\n", (int) err));
  158. NetSock_Close(sock, &err);
  159. return -1;
  160. }
  161. ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
  162. if (ctx == 0) {
  163. APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
  164. NetSock_Close(sock, &err);
  165. return -1;
  166. }
  167. APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
  168. wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
  169. ret = wolfSSL_CTX_load_verify_buffer(ctx,
  170. google_certs_ca,
  171. sizeof(google_certs_ca),
  172. SSL_FILETYPE_PEM);
  173. if (ret != SSL_SUCCESS) {
  174. APP_TRACE_INFO(("ERROR: wolfSSL_CTX_load_verify_buffer() failed\r\n"));
  175. NetSock_Close(sock, &err);
  176. wolfSSL_CTX_free(ctx);
  177. return -1;
  178. }
  179. if ((ssl = wolfSSL_new(ctx)) == NULL) {
  180. APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
  181. NetSock_Close(sock, &err);
  182. wolfSSL_CTX_free(ctx);
  183. return -1;
  184. }
  185. APP_TRACE_INFO(("wolfSSL_new done\r\n"));
  186. ret = wolfSSL_set_fd(ssl, sock);
  187. if (ret != SSL_SUCCESS) {
  188. APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
  189. NetSock_Close(sock, &err);
  190. wolfSSL_free(ssl);
  191. wolfSSL_CTX_free(ctx);
  192. return -1;
  193. }
  194. APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
  195. do {
  196. error = 0; /* reset error */
  197. ret = wolfSSL_connect(ssl);
  198. if (ret != SSL_SUCCESS) {
  199. error = wolfSSL_get_error(ssl, 0);
  200. APP_TRACE_INFO(
  201. ("ERROR: wolfSSL_connect() failed, err = %d\r\n", error));
  202. if (error != SSL_ERROR_WANT_READ) {
  203. NetSock_Close(sock, &err);
  204. wolfSSL_free(ssl);
  205. wolfSSL_CTX_free(ctx);
  206. return -1;
  207. }
  208. OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
  209. }
  210. } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
  211. APP_TRACE_INFO(("wolfSSL_connect() ok... sending GET\r\n"));
  212. Str_Copy_N(tx_buf, TX_MSG, TX_MSG_SIZE);
  213. if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
  214. error = wolfSSL_get_error(ssl, 0);
  215. APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
  216. NetSock_Close(sock, &err);
  217. wolfSSL_free(ssl);
  218. wolfSSL_CTX_free(ctx);
  219. return -1;
  220. }
  221. do {
  222. error = 0; /* reset error */
  223. ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
  224. if (ret < 0) {
  225. error = wolfSSL_get_error(ssl, 0);
  226. if (error != SSL_ERROR_WANT_READ) {
  227. APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
  228. NetSock_Close(sock, &err);
  229. wolfSSL_free(ssl);
  230. wolfSSL_CTX_free(ctx);
  231. return -1;
  232. }
  233. OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
  234. } else if (ret > 0) {
  235. rx_buf[ret] = 0;
  236. APP_TRACE_INFO(("%s\r\n", rx_buf));
  237. }
  238. } while (error == SSL_ERROR_WANT_READ);
  239. wolfSSL_shutdown(ssl);
  240. wolfSSL_free(ssl);
  241. wolfSSL_CTX_free(ctx);
  242. wolfSSL_Cleanup();
  243. NetSock_Close(sock, &err);
  244. return 0;
  245. }