Minor improvements. Tested with RSA and ECC for both DTLS v1.2 and v1.3. Tested with/without calling accept/connect. Tested with calling `wolfSSL_is_init_finished`.
David Garske
parent
8ec1a5e14a
commit
8775b5c06d
|
|
@ -56,6 +56,7 @@ android/wolfssljni-ndk-sample/proguard-project.txt
|
|||
/dtls/client-dtls
|
||||
/dtls/client-dtls13
|
||||
/dtls/client-udp
|
||||
/dtls/memory-bio-dtls
|
||||
/dtls/server-dtls-callback
|
||||
/dtls/server-dtls-ipv6
|
||||
/dtls/server-dtls-nonblocking
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
/* memory-bio-dtls.c
|
||||
*
|
||||
* Copyright (C) 2006-2020 wolfSSL Inc.
|
||||
* Copyright (C) 2006-2025 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL. (formerly known as CyaSSL)
|
||||
*
|
||||
|
|
@ -22,11 +22,18 @@
|
|||
|
||||
/* in memory TLS connection with I/O callbacks, no sockets
|
||||
*
|
||||
gcc -Wall memory-tls.c -l wolfssl -lpthread
|
||||
./configure --enable-opensslall --enable-dtls --enable-dtls13 --enable-debug
|
||||
make
|
||||
sudo make install
|
||||
|
||||
gcc -o memory-bio-dtls -Wall memory-bio-dtls.c -lwolfssl -lpthread
|
||||
*/
|
||||
|
||||
|
||||
#ifndef WOLFSSL_USER_SETTINGS
|
||||
#include <wolfssl/options.h>
|
||||
#endif
|
||||
|
||||
#include <wolfssl/ssl.h>
|
||||
|
||||
#include <stdio.h>
|
||||
|
|
@ -43,10 +50,16 @@ static void err_sys(const char* msg)
|
|||
exit(1);
|
||||
}
|
||||
|
||||
#ifndef NO_RSA
|
||||
#define CERT_FILE "../certs/server-cert.pem"
|
||||
#define KEY_FILE "../certs/server-key.pem"
|
||||
#define CA_FILE "../certs/ca-cert.pem"
|
||||
#else
|
||||
#define CERT_FILE "../certs/server-ecc.pem"
|
||||
#define KEY_FILE "../certs/ecc-key.pem"
|
||||
#define CA_FILE "../certs/ca-ecc-cert.pem"
|
||||
#endif
|
||||
|
||||
#define key "../certs/server-key.pem"
|
||||
#define cert "../certs/server-cert.pem"
|
||||
#define cacert "../certs/ca-cert.pem"
|
||||
|
||||
typedef struct IO_HANDLES {
|
||||
WOLFSSL_BIO* rbio;
|
||||
|
|
@ -73,7 +86,7 @@ static void* client_thread(void* args)
|
|||
err_sys("bad client ctx new");
|
||||
}
|
||||
|
||||
ret = wolfSSL_CTX_load_verify_locations(cli_ctx, cacert, NULL);
|
||||
ret = wolfSSL_CTX_load_verify_locations(cli_ctx, CA_FILE, NULL);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
err_sys("bad ca load");
|
||||
}
|
||||
|
|
@ -84,6 +97,8 @@ static void* client_thread(void* args)
|
|||
}
|
||||
|
||||
wolfSSL_set_bio(cli_ssl, io->wbio, io->rbio);
|
||||
|
||||
#if 1
|
||||
err = 0;
|
||||
do {
|
||||
sem_wait(&io->bioSem);
|
||||
|
|
@ -94,6 +109,7 @@ static void* client_thread(void* args)
|
|||
((err == WOLFSSL_ERROR_WANT_READ) || (err == WOLFSSL_ERROR_WANT_WRITE)));
|
||||
if (ret != WOLFSSL_SUCCESS) err_sys("bad client tls connect");
|
||||
printf("wolfSSL client success!\n");
|
||||
#endif
|
||||
|
||||
do {
|
||||
sem_wait(&io->bioSem);
|
||||
|
|
@ -120,8 +136,15 @@ int main()
|
|||
int ret, err;
|
||||
WOLFSSL_CTX* srv_ctx = NULL;
|
||||
WOLFSSL* srv_ssl = NULL;
|
||||
WOLFSSL_CIPHER* cipher;
|
||||
const char *name;
|
||||
pthread_t tid;
|
||||
|
||||
#if 0
|
||||
wolfSSL_Debugging_ON();
|
||||
#endif
|
||||
wolfSSL_Init();
|
||||
|
||||
io.rbio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
|
||||
io.wbio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
|
||||
sem_init(&io.bioSem, 0, 1);
|
||||
|
|
@ -136,12 +159,12 @@ int main()
|
|||
);
|
||||
if (srv_ctx == NULL) err_sys("bad server ctx new");
|
||||
|
||||
ret = wolfSSL_CTX_use_PrivateKey_file(srv_ctx, key, WOLFSSL_FILETYPE_PEM);
|
||||
ret = wolfSSL_CTX_use_PrivateKey_file(srv_ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
err_sys("bad server key file load");
|
||||
}
|
||||
|
||||
ret = wolfSSL_CTX_use_certificate_file(srv_ctx, cert, WOLFSSL_FILETYPE_PEM);
|
||||
ret = wolfSSL_CTX_use_certificate_file(srv_ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
err_sys("bad server cert file load");
|
||||
}
|
||||
|
|
@ -157,6 +180,7 @@ int main()
|
|||
/* start client thread */
|
||||
pthread_create(&tid, 0, client_thread, (void*)&io);
|
||||
|
||||
#if 1
|
||||
/* accept tls connection without tcp sockets */
|
||||
err = 0;
|
||||
do {
|
||||
|
|
@ -169,6 +193,13 @@ int main()
|
|||
if (ret != WOLFSSL_SUCCESS) err_sys("bad server tls accept");
|
||||
printf("wolfSSL accept success!\n");
|
||||
|
||||
printf("Version: %s\n", wolfSSL_get_version(srv_ssl));
|
||||
cipher = wolfSSL_get_current_cipher(srv_ssl);
|
||||
printf("Cipher Suite: %s\n", wolfSSL_CIPHER_get_name(cipher));
|
||||
if ((name = wolfSSL_get_curve_name(srv_ssl)) != NULL)
|
||||
printf("Curve: %s\n", name);
|
||||
#endif
|
||||
|
||||
/* read msg post handshake from client */
|
||||
memset(buf, 0, sizeof(buf));
|
||||
do {
|
||||
|
|
@ -189,6 +220,7 @@ int main()
|
|||
wolfSSL_free(srv_ssl); /* This also does free on rbio and wbio */
|
||||
wolfSSL_CTX_free(srv_ctx);
|
||||
|
||||
wolfSSL_Cleanup();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue