[platform/upstream/iotivity.git] / resource / csdk / connectivity / test / ssladapter_test.cpp

//******************************************************************
//
// Copyright 2016 Samsung Electronics All Rights Reserved.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#include "gtest/gtest.h"
#include "time.h"

#define CAcloseSslConnection CAcloseSslConnectionTest
#define CAdecryptSsl CAdecryptSslTest
#define CAdeinitSslAdapter CAdeinitSslAdapterTest
#define CAencryptSsl CAencryptSslTest
#define CAinitSslAdapter CAinitSslAdapterTest
#define CAinitiateSslHandshake CAinitiateSslHandshakeTest
#define CAsetCredentialTypesCallback CAsetCredentialTypesCallbackTest
#define CAsetSslAdapterCallbacks CAsetSslAdapterCallbacksTest
#define CAsetSslHandshakeCallback CAsetSslHandshakeCallbackTest
#define CAsetTlsCipherSuite CAsetTlsCipherSuiteTest
#define CAsslGenerateOwnerPsk CAsslGenerateOwnerPskTest

#include "../src/adapter_util/ca_adapter_net_ssl.c"

#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif

#if defined(_WIN32)
#include "../../../../c_common/windows/include/pthread_create.h"
#endif
#ifdef HAVE_WINDOWS_H
#include <windows.h>
/** @todo stop-gap for naming issue. Windows.h does not like us to use ERROR */
#ifdef ERROR
#undef ERROR
#endif //ERROR
#endif //HAVE_WINDOWS_H
#include "platform_features.h"
#include "logger.h"

#define MBED_TLS_DEBUG_LEVEL (4) // Verbose

#define SEED "PREDICTED_SEED"
#define dummyHandler 0xF123

#define SERVER_PORT 4433
#define SERVER_NAME "localhost"
#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"

/* **************************
 *
 *
 * Common routines
 *
 *
 * *************************/

unsigned char serverCert[] = {
    0x30, 0x82, 0x02, 0x39, 0x30, 0x82, 0x01, 0xdf, 0x02, 0x01, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
    0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
    0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
    0x09, 0x53, 0x6f, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
    0x55, 0x04, 0x07, 0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30,
    0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03,
    0x55, 0x04, 0x0b, 0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61,
    0x72, 0x74, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31,
    0x14, 0x30, 0x12, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05,
    0x6f, 0x62, 0x40, 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x35, 0x31,
    0x33, 0x31, 0x31, 0x31, 0x37, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x32, 0x31, 0x33,
    0x31, 0x31, 0x31, 0x37, 0x5a, 0x30, 0x81, 0xd4, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
    0x06, 0x13, 0x02, 0x55, 0x41, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03,
    0x41, 0x73, 0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x06, 0x47, 0x6f,
    0x74, 0x68, 0x61, 0x6d, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x5a,
    0x5a, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x08, 0x42, 0x65, 0x61, 0x6d,
    0x54, 0x65, 0x61, 0x6d, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
    0x01, 0x09, 0x01, 0x16, 0x0d, 0x72, 0x61, 0x69, 0x6c, 0x40, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
    0x6f, 0x6d, 0x31, 0x32, 0x30, 0x30, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x29, 0x75, 0x75, 0x69,
    0x64, 0x3a, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d,
    0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32,
    0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x0c,
    0x2b, 0x75, 0x73, 0x65, 0x72, 0x69, 0x64, 0x3a, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37,
    0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d,
    0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x30, 0x59, 0x30, 0x13,
    0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
    0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10, 0xe5, 0x09,
    0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a, 0xb6, 0x61,
    0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0, 0xe5, 0xac,
    0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76, 0x3f, 0xe0,
    0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
    0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x47, 0xcc, 0x41, 0x8a, 0x27, 0xc7,
    0xd0, 0xaa, 0xb4, 0xab, 0x85, 0xbf, 0x09, 0x4d, 0x06, 0xd7, 0x7e, 0x0d, 0x39, 0xf9, 0x36, 0xa1,
    0x3d, 0x96, 0x23, 0xe2, 0x24, 0x64, 0x98, 0x63, 0x21, 0xba, 0x02, 0x21, 0x00, 0xe5, 0x8f, 0x7f,
    0xf1, 0xa6, 0x82, 0x03, 0x6a, 0x18, 0x7a, 0x54, 0xe7, 0x0e, 0x25, 0x77, 0xd8, 0x46, 0xfa, 0x96,
    0x8a, 0x7e, 0x14, 0xc4, 0xcb, 0x21, 0x32, 0x3e, 0x89, 0xd9, 0xba, 0x8c, 0x3f
};
int serverCertLen = sizeof(serverCert);

unsigned char serverPrivateKey[] = {
    0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x02, 0x51, 0xb5, 0x97, 0xb9, 0xe9, 0xd8, 0x8d, 0x66,
    0x2b, 0x8a, 0xb3, 0x9c, 0x6a, 0xd2, 0xca, 0x18, 0x21, 0xb9, 0x87, 0x3d, 0xf5, 0x8e, 0xa2, 0x8d,
    0x38, 0xf6, 0xb7, 0xd2, 0x76, 0x74, 0x99, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
    0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10,
    0xe5, 0x09, 0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a,
    0xb6, 0x61, 0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0,
    0xe5, 0xac, 0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76,
    0x3f, 0xe0, 0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b
};

int serverPrivateKeyLen = sizeof(serverPrivateKey);

unsigned char caCert[] = {
    0x30, 0x82, 0x02, 0x3e, 0x30, 0x82, 0x01, 0xe5, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
    0x87, 0xa7, 0x68, 0x01, 0x7c, 0xe9, 0xf8, 0xf0, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
    0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
    0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f,
    0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07,
    0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
    0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b,
    0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31,
    0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12,
    0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40,
    0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x37, 0x32, 0x35, 0x31, 0x31, 0x31, 0x36,
    0x31, 0x31, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x35, 0x31, 0x31, 0x31, 0x36, 0x31,
    0x31, 0x5a, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
    0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f, 0x6d, 0x65,
    0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x08,
    0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
    0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0d,
    0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31, 0x0b, 0x30,
    0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12, 0x06, 0x09,
    0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40, 0x62, 0x62,
    0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
    0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x2e, 0xcf, 0xc3, 0xfa, 0x2e,
    0x04, 0x11, 0x62, 0x34, 0x63, 0x6f, 0xdf, 0xb6, 0x67, 0xfb, 0x5a, 0x50, 0x8c, 0x15, 0x73, 0xc9,
    0xc1, 0x57, 0x3a, 0x9e, 0xf8, 0xf4, 0xa8, 0x0c, 0x1a, 0xe9, 0x91, 0x51, 0x9d, 0x03, 0x26, 0x48,
    0xaa, 0x46, 0x84, 0x12, 0x06, 0x2d, 0xfc, 0x66, 0xbe, 0x41, 0xed, 0xfd, 0xcd, 0x32, 0xa3, 0x9b,
    0x34, 0xf2, 0xaa, 0x95, 0x1f, 0x8e, 0x5d, 0x49, 0x77, 0x80, 0xc2, 0xa3, 0x50, 0x30, 0x4e, 0x30,
    0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff, 0x8c,
    0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30, 0x1f,
    0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff,
    0x8c, 0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30,
    0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0a, 0x06,
    0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20,
    0x1c, 0xa1, 0x55, 0xa8, 0x04, 0xbc, 0x5b, 0x00, 0xa8, 0xac, 0x2f, 0xe6, 0xb7, 0x3c, 0x7c, 0xf3,
    0x7e, 0x93, 0xce, 0xe0, 0xdf, 0x6e, 0x36, 0xe4, 0x36, 0x20, 0xcb, 0x36, 0x9c, 0x13, 0x3b, 0xc4,
    0x02, 0x20, 0x7f, 0x18, 0x13, 0x7d, 0x1b, 0x8c, 0xe3, 0x5b, 0xd9, 0xac, 0x74, 0x8c, 0xc0, 0xe9,
    0xbf, 0x1b, 0x48, 0x6f, 0xb6, 0x6a, 0x45, 0x03, 0xa6, 0x5d, 0x4d, 0x65, 0xf7, 0x96, 0xa0, 0x08,
    0x83, 0x7c
};
int caCertLen = sizeof(caCert);

unsigned char control_server_message[] = {
    0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x20, 0x32, 0x30, 0x30, 0x20, 0x4f, 0x4b, 0x0d,
    0x0a, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x20, 0x74,
    0x65, 0x78, 0x74, 0x2f, 0x68, 0x74, 0x6d, 0x6c, 0x0d, 0x0a, 0x0d, 0x0a, 0x3c, 0x68, 0x32, 0x3e,
    0x6d, 0x62, 0x65, 0x64, 0x20, 0x54, 0x4c, 0x53, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x65,
    0x72, 0x76, 0x65, 0x72, 0x3c, 0x2f, 0x68, 0x32, 0x3e, 0x0d, 0x0a, 0x54, 0x45, 0x53, 0x54, 0x20,
    0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x0d, 0x0a, 0x3c, 0x70, 0x3e, 0x53, 0x75, 0x63, 0x63,
    0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x20, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
    0x6e, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x3a, 0x20, 0x54, 0x4c, 0x53, 0x2d, 0x45, 0x43, 0x44,
    0x48, 0x45, 0x2d, 0x45, 0x43, 0x44, 0x53, 0x41, 0x2d, 0x57, 0x49, 0x54, 0x48, 0x2d, 0x41, 0x45,
    0x53, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x43, 0x43, 0x4d, 0x2d, 0x38, 0x3c, 0x2f, 0x70, 0x3e, 0x0d,
    0x0a
};
int control_server_message_len = sizeof(control_server_message);

unsigned char control_client_message[] = {
    0x47, 0x45, 0x54, 0x20, 0x2f, 0x20, 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x0d, 0x0a,
    0x0d, 0x0a
};
int control_client_message_len = sizeof(control_client_message);

unsigned char caTrustedCrl[] = {
    0x30, 0x82, 0x03, 0x11, 0x30, 0x82, 0x01, 0xf9, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a,
    0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x49, 0x31, 0x0b, 0x30, 0x09,
    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
    0x04, 0x0a, 0x13, 0x0a, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x31, 0x25,
    0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1c, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x20,
    0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69,
    0x74, 0x79, 0x20, 0x47, 0x32, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x32, 0x35, 0x30, 0x31, 0x30,
    0x30, 0x30, 0x33, 0x5a, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x39, 0x30, 0x34, 0x30, 0x31, 0x30, 0x30,
    0x30, 0x33, 0x5a, 0x30, 0x82, 0x01, 0x48, 0x30, 0x27, 0x02, 0x08, 0x40, 0x3a, 0x89, 0xa6, 0xdf,
    0x4c, 0xfc, 0xab, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x31, 0x32, 0x30, 0x31, 0x30, 0x30, 0x37, 0x34,
    0x37, 0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a, 0x01, 0x03,
    0x30, 0x27, 0x02, 0x08, 0x37, 0x7a, 0xe3, 0xb0, 0x9d, 0x40, 0xe5, 0x42, 0x17, 0x0d, 0x31, 0x35,
    0x31, 0x30, 0x30, 0x32, 0x31, 0x30, 0x32, 0x33, 0x32, 0x32, 0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06,
    0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a, 0x01, 0x01, 0x30, 0x27, 0x02, 0x08, 0x59, 0x14, 0xab,
    0x0a, 0x4c, 0xf7, 0xa1, 0xff, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x36, 0x32, 0x31, 0x34,
    0x34, 0x31, 0x32, 0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a,
    0x01, 0x01, 0x30, 0x27, 0x02, 0x08, 0x6e, 0x8f, 0xb3, 0x78, 0x8f, 0x54, 0x15, 0xbb, 0x17, 0x0d,
    0x31, 0x36, 0x30, 0x38, 0x31, 0x36, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x5a, 0x30, 0x0c, 0x30,
    0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a, 0x01, 0x01, 0x30, 0x27, 0x02, 0x08, 0x23,
    0x8a, 0x26, 0xd7, 0x52, 0xe4, 0xc2, 0x59, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x34, 0x31, 0x35, 0x31,
    0x35, 0x30, 0x30, 0x32, 0x31, 0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04,
    0x03, 0x0a, 0x01, 0x03, 0x30, 0x27, 0x02, 0x08, 0x75, 0xdd, 0xb5, 0xf7, 0x03, 0x75, 0x0e, 0x96,
    0x17, 0x0d, 0x31, 0x36, 0x30, 0x36, 0x30, 0x38, 0x30, 0x39, 0x35, 0x32, 0x34, 0x37, 0x5a, 0x30,
    0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a, 0x01, 0x05, 0x30, 0x27, 0x02,
    0x08, 0x79, 0x61, 0xde, 0x97, 0x96, 0x20, 0x31, 0x87, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x36, 0x31,
    0x35, 0x31, 0x33, 0x33, 0x34, 0x31, 0x36, 0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d,
    0x15, 0x04, 0x03, 0x0a, 0x01, 0x05, 0x30, 0x27, 0x02, 0x08, 0x01, 0x48, 0x71, 0x3e, 0xaf, 0xd9,
    0x26, 0x62, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x34, 0x31, 0x35, 0x31, 0x35, 0x30, 0x34, 0x34, 0x34,
    0x5a, 0x30, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x15, 0x04, 0x03, 0x0a, 0x01, 0x03, 0xa0,
    0x30, 0x30, 0x2e, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
    0x4a, 0xdd, 0x06, 0x16, 0x1b, 0xbc, 0xf6, 0x68, 0xb5, 0x76, 0xf5, 0x81, 0xb6, 0xbb, 0x62, 0x1a,
    0xba, 0x5a, 0x81, 0x2f, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x14, 0x04, 0x04, 0x02, 0x02, 0x04,
    0xd1, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
    0x03, 0x82, 0x01, 0x01, 0x00, 0x49, 0x3d, 0xd3, 0xc0, 0x71, 0x14, 0xf8, 0x55, 0xec, 0x53, 0xeb,
    0xd9, 0xcd, 0x92, 0xe9, 0x87, 0xd9, 0x85, 0x6f, 0x67, 0x33, 0x8f, 0x72, 0x5f, 0x98, 0x46, 0x6d,
    0x84, 0xb5, 0x4f, 0xc0, 0x85, 0x11, 0x48, 0xb0, 0x11, 0x46, 0x27, 0xb7, 0x4c, 0x7a, 0x4c, 0xf2,
    0x6e, 0x24, 0x99, 0xa7, 0xe1, 0xb1, 0x48, 0x86, 0x84, 0x5d, 0xab, 0x27, 0x3a, 0xc4, 0xc3, 0xe5,
    0x41, 0xa9, 0x4c, 0x30, 0x96, 0x74, 0x8b, 0xca, 0x79, 0x69, 0x8d, 0x9d, 0x9b, 0xea, 0xe3, 0x0e,
    0x1a, 0x8c, 0xa2, 0x85, 0x1c, 0x87, 0x5d, 0x3b, 0x59, 0x93, 0x54, 0x3b, 0xba, 0x9b, 0x73, 0x91,
    0x20, 0x72, 0xa6, 0x82, 0x72, 0x0a, 0xb2, 0xe1, 0xc8, 0xfe, 0xcd, 0x18, 0x38, 0x51, 0x36, 0xcf,
    0x92, 0x0d, 0x35, 0x3d, 0x53, 0xfb, 0xed, 0x0d, 0x53, 0x1d, 0xa3, 0xa1, 0xe8, 0x49, 0x3c, 0x00,
    0x62, 0xf9, 0xa7, 0x5b, 0x8b, 0x2f, 0x19, 0x84, 0x9d, 0x58, 0x96, 0x69, 0x3b, 0xd5, 0x1c, 0x14,
    0x15, 0xb3, 0x2f, 0xb0, 0x4e, 0xb6, 0x81, 0xe9, 0x89, 0x15, 0xbf, 0xac, 0xca, 0xc6, 0xf7, 0x53,
    0xfd, 0x3e, 0xde, 0x83, 0xb8, 0x3f, 0x66, 0xb2, 0x59, 0xaa, 0x20, 0x6b, 0x3c, 0xb0, 0x22, 0x05,
    0x90, 0x30, 0xdc, 0x59, 0x81, 0x60, 0xbf, 0xd4, 0x77, 0xf4, 0xd7, 0xb6, 0xb4, 0xe5, 0x4c, 0xcf,
    0xb9, 0x27, 0x9d, 0xe0, 0xd1, 0x5c, 0xea, 0x31, 0xc1, 0x54, 0x42, 0x4a, 0xab, 0xff, 0x33, 0xc6,
    0x9a, 0xfb, 0xac, 0x47, 0x92, 0xe3, 0xfe, 0x35, 0xaa, 0xbc, 0xa6, 0x2f, 0x6c, 0xd3, 0xf0, 0xe7,
    0xc4, 0x02, 0x1e, 0x67, 0x94, 0x47, 0x27, 0x8e, 0xbb, 0x91, 0xb7, 0xab, 0x95, 0x04, 0xdd, 0x89,
    0x41, 0x4e, 0x87, 0xfd, 0xf5, 0x8a, 0x1b, 0x24, 0xf4, 0x3c, 0x41, 0xa2, 0xb0, 0xda, 0x27, 0xbb,
    0x8b, 0x5b, 0xd2, 0xf9, 0x6a
};

static void error(const char *msg)
{
    perror(msg);
    exit(0);
}

static int sockfd, newsockfd;

static void socketConnect()
{
    int portno;
    struct sockaddr_in serv_addr;
    struct hostent *server;

    portno = SERVER_PORT;
    sockfd = socket(AF_INET, SOCK_STREAM, 0);
    if (sockfd < 0)
        error("ERROR opening socket");
    server = gethostbyname(SERVER_NAME);
    if (server == NULL) {
        fprintf(stderr,"ERROR, no such host\n");
        exit(0);
    }
    //memset((char *) &serv_addr, sizeof(serv_addr));
    memset((void*)&serv_addr, 0, sizeof(serv_addr));
    serv_addr.sin_family = AF_INET;
    memcpy((char *)server->h_addr,
         (char *)&serv_addr.sin_addr.s_addr,
         server->h_length);
    serv_addr.sin_port = htons(portno);
    if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
        error("ERROR connecting");
}

static void CATCPPacketSendCB(CAEndpoint_t *, const void *buf, uint32_t buflen)
{
    int n;
    n = write(sockfd, buf, buflen);
    if (n < 0)
         error("ERROR writing to socket");
}

char msg[256] = {0}; int msglen = 0;
static void CATCPPacketReceivedCB(const CASecureEndpoint_t *, const void *data, uint32_t dataLength)
{
    memcpy(msg, data, dataLength);
    msglen = dataLength;
}

static void PacketReceive(unsigned char *data, int * datalen)
{
    int n;
    char buffer[2048] = {'\0'};
    n = read(sockfd, buffer, 5);
    if ((buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
        && buffer[1] == 0x03 && buffer[2] == 0x03)
    {
        int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
        n = read(sockfd, buffer + 5, tlslen);
    }

    if (n < 0)
         error("ERROR reading from socket");

    *datalen = n + 5;
    memcpy(data, buffer, *datalen);
}

static void socketClose()
{
    close(sockfd);
}

static void infoCallback_that_loads_x509(PkiInfo_t * inf)
{
    inf->crt.data = (uint8_t*)serverCert;
    inf->crt.len = sizeof(serverCert);
    inf->key.data = (uint8_t*)serverPrivateKey;
    inf->key.len = sizeof(serverPrivateKey);
    inf->ca.data = (uint8_t*)caCert;
    inf->ca.len = sizeof(caCert);
    inf->crl.data = (uint8_t*)caTrustedCrl;
    inf->crl.len = sizeof(caTrustedCrl);
}

static void socketOpen_server()
{
    int portno;
    struct sockaddr_in serv_addr, cli_addr;
    socklen_t clilen;

    portno = SERVER_PORT;
    sockfd = socket(AF_INET, SOCK_STREAM, 0);
    if (sockfd < 0)
        error("\nERROR opening socket");
    //bzero((char *) &serv_addr, sizeof(serv_addr));
    memset((void*)&serv_addr, 0, sizeof(serv_addr));
    serv_addr.sin_family = AF_INET;
    serv_addr.sin_addr.s_addr = INADDR_ANY;
    serv_addr.sin_port = htons(portno);
    if (bind(sockfd, (struct sockaddr *) &serv_addr,
              sizeof(serv_addr)) < 0)
              error("\nERROR on binding");
    listen(sockfd,5);
    clilen = sizeof(cli_addr);
    newsockfd = accept(sockfd,
                 (struct sockaddr *) &cli_addr,
                 &clilen);
    if (newsockfd < 0)
          error("\nERROR on accept");
}

static void CATCPPacketSendCB_server(CAEndpoint_t *, const void *buf, uint32_t buflen)
{
    int n;
    n = write(newsockfd,buf,buflen);
    if (n < 0)
         error("ERROR writing to socket");
}

static void CATCPPacketReceivedCB_server(const CASecureEndpoint_t *, const void *data, uint32_t dataLength)
{
    memcpy(msg, data, dataLength);
    msglen = dataLength;
}
static void PacketReceive_server(unsigned char *data, int * datalen)
{
    int n;
    char buffer[2048] = {'\0'};
    n = read(newsockfd, buffer, 5);

    if (buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
    {
        int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
        n = read(newsockfd, buffer + 5, tlslen);
    }

    if (n < 0)
         error("\nERROR reading from socket");

    *datalen = n + 5;
    memcpy(data, buffer, *datalen);
}

static void socketClose_server()
{
    close(newsockfd);
    close(sockfd);
}

static void clutch(bool * list)
{
    list[1] = true;
}

const unsigned char IDENTITY[] = ("6767676767676767");
const unsigned char RS_CLIENT_PSK[] = ("AAAAAAAAAAAAAAAA");
static int32_t GetDtlsPskCredentials( CADtlsPskCredType_t,
              const unsigned char *, size_t,
              unsigned char *result, size_t)
{
    int32_t ret = -1;

    if (NULL == result)
    {
        return ret;
    }
    memcpy(result, IDENTITY, sizeof(IDENTITY));
    ret = sizeof(IDENTITY);

    return ret;
}

/* **************************
 *
 *
 * MbedTLS client routine
 *
 *
 * *************************/

#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif

#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf    fprintf
#define mbedtls_printf     printf
#endif

#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
    !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
    !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) ||         \
    !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
    !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
static int client( void )
{
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
           "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
           "not defined.\n");
    return( 0 );
}
#else

#include "mbedtls/net.h"
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/error.h"
#include "mbedtls/certs.h"

#include <string.h>

#define DEBUG_LEVEL (0)

static void my_debug_client( void *ctx, int level,
                      const char *file, int line,
                      const char *str )
{
    ((void) level);

    mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
    fflush(  (FILE *) ctx  );
}

static void * client(void *)
{
    int ret, len;
    mbedtls_net_context server_fd;
    uint32_t flags;
    unsigned char buf[1024];
    const char *pers = "ssl_client1";

    mbedtls_entropy_context entropy;
    mbedtls_ctr_drbg_context ctr_drbg;
    mbedtls_ssl_context ssl;
    mbedtls_ssl_config conf;
    mbedtls_x509_crt cacert;
    mbedtls_x509_crt owncert;
    mbedtls_pk_context pkey;

    /*
     * 0. Initialize the RNG and the session data
     */
    mbedtls_net_init( &server_fd );
    mbedtls_ssl_init( &ssl );
    mbedtls_ssl_config_init( &conf );
    mbedtls_x509_crt_init( &cacert );
    mbedtls_ctr_drbg_init( &ctr_drbg );
    mbedtls_pk_init( &pkey );

    mbedtls_printf( "\n  . Seeding the random number generator..." );
    fflush( stdout );

    mbedtls_entropy_init( &entropy );
    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

    /*
     * 0. Initialize certificates
     */
    mbedtls_printf( "  . Loading the CA root certificate ..." );
    fflush( stdout );
    ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) caCert, caCertLen );
    if( ret < 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse caCert returned -0x%x\n\n", -ret );
        goto exit;
    }
    ret = mbedtls_x509_crt_parse( &owncert, (const unsigned char *) serverCert, serverCertLen );
    if( ret < 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse serverCert returned -0x%x\n\n", -ret );
        goto exit;
    }
    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
                                                                serverPrivateKeyLen, NULL, 0 );
    if( ret < 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n", -ret );
        goto exit;
    }

    mbedtls_printf( " ok (%d skipped)\n", ret );

    /*
     * 1. Start the connection
     */
    mbedtls_printf( "  . Connecting to tcp/%s/%s...", SERVER_NAME, "SERVER_PORT" );
    fflush( stdout );

    if( ( ret = mbedtls_net_connect( &server_fd, "127.0.0.1",
                                         "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

    /*
     * 2. Setup stuff
     */
    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    fflush( stdout );

    if( ( ret = mbedtls_ssl_config_defaults( &conf,
                    MBEDTLS_SSL_IS_CLIENT,
                    MBEDTLS_SSL_TRANSPORT_STREAM,
                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

    /* OPTIONAL is not optimal for security,
     * but makes interop easier in this simplified example */
    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    mbedtls_ssl_conf_own_cert( &conf, &owncert, &pkey );
    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
    mbedtls_ssl_conf_dbg( &conf, my_debug_client, stdout );

    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
        goto exit;
    }

    if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );

    /*
     * 4. Handshake
     */
    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
    fflush( stdout );

    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
    {
        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
            goto exit;
        }
    }

    mbedtls_printf( " ok\n" );

    /*
     * 5. Verify the server certificate
     */
    mbedtls_printf( "  . Verifying peer X.509 certificate..." );

    /* In real life, we probably want to bail out when ret != 0 */
    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    {
        char vrfy_buf[512];

        mbedtls_printf( " failed\n" );

        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );

        mbedtls_printf( "%s\n", vrfy_buf );
    }
    else
        mbedtls_printf( " ok\n" );

    /*
     * 3. Write the GET request
     */
    mbedtls_printf( "  > Write to server:" );
    fflush( stdout );

    len = sprintf( (char *) buf, GET_REQUEST );

    while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
    {
        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
            goto exit;
        }
    }

    len = ret;
    mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf );

    /*
     * 7. Read the HTTP response
     */
    mbedtls_printf( "  < Read from server:" );
    fflush( stdout );

    do
    {
        len = sizeof( buf ) - 1;
        memset( buf, 0, sizeof( buf ) );
        ret = mbedtls_ssl_read( &ssl, buf, len );

        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
            continue;

        if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
            break;

        if( ret < 0 )
        {
            mbedtls_printf( "failed\n  ! mbedtls_ssl_read returned %d\n\n", ret );
            break;
        }

        if( ret == 0 )
        {
            mbedtls_printf( "\n\nEOF\n\n" );
            break;
        }

        len = ret;
        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
    }
    while( 1 );

    mbedtls_ssl_close_notify( &ssl );

exit:

#ifdef MBEDTLS_ERROR_C
    if( ret != 0 )
    {
        char error_buf[100];
        mbedtls_strerror( ret, error_buf, 100 );
        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
    }
#endif

    mbedtls_net_free( &server_fd );

    mbedtls_x509_crt_free( &cacert );
    mbedtls_ssl_free( &ssl );
    mbedtls_ssl_config_free( &conf );
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_entropy_free( &entropy );

    return NULL;
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
          MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
          MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
          MBEDTLS_X509_CRT_PARSE_C */

/* **************************
 *
 *
 * MbedTLS server routine
 *
 *
 * *************************/

#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif

#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf    fprintf
#define mbedtls_printf     printf
#endif

#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) ||    \
    !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
    !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) ||     \
    !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) ||    \
    !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
    !defined(MBEDTLS_PEM_PARSE_C)
/* int */void * server( void )
{
    mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
           "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
           "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
           "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
           "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
    return(/* 0 */);
}
#else

#include <stdlib.h>
#include <string.h>

#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/certs.h"
#include "mbedtls/x509.h"
#include "mbedtls/ssl.h"
#include "mbedtls/net.h"
#include "mbedtls/error.h"
#include "mbedtls/debug.h"

#if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h"
#endif

#define HTTP_RESPONSE \
    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
    "<h2>mbed TLS Test Server</h2>\r\n" \
    "TEST MESSAGE\r\n" \
    "<p>Successful connection using: %s</p>\r\n"

#define DEBUG_LEVEL (0)

static int mbedtls_entropy_func_clutch(void *, unsigned char *output, size_t len)
{
    for (uint32_t i = 0; i < len; i++) output[i] = 0x11;
    return 0;
}

static void my_debug( void *ctx, int level,
                      const char *file, int line,
                      const char *str )
{
    ((void) level);

    mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
    fflush(  (FILE *) ctx  );
}

static void * server(void *)
{
    int ret, len;
    mbedtls_net_context listen_fd, client_fd;
    unsigned char buf[1024];
    const char *pers = "ssl_server";

    mbedtls_entropy_context entropy;
    mbedtls_ctr_drbg_context ctr_drbg;
    mbedtls_ssl_context ssl;
    mbedtls_ssl_config conf;
    mbedtls_x509_crt srvcert;
    mbedtls_pk_context pkey;
#if defined(MBEDTLS_SSL_CACHE_C)
    mbedtls_ssl_cache_context cache;
#endif

    mbedtls_net_init( &listen_fd );
    mbedtls_net_init( &client_fd );
    mbedtls_ssl_init( &ssl );
    mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
    mbedtls_ssl_cache_init( &cache );
#endif
    mbedtls_x509_crt_init( &srvcert );
    mbedtls_pk_init( &pkey );
    mbedtls_entropy_init( &entropy );
    mbedtls_ctr_drbg_init( &ctr_drbg );

#if defined(MBEDTLS_DEBUG_C)
    mbedtls_debug_set_threshold( DEBUG_LEVEL );
#endif

    /*
     * 1. Load the certificates and private RSA key
     */
    mbedtls_printf( "\n  . Loading the server cert. and key..." );
    fflush( stdout );

    /*
     * This demonstration program uses embedded test certificates.
     * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
     * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
     */
    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) serverCert, serverCertLen );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
        goto exit;
    }

    ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) caCert, caCertLen );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned %d\n\n", ret );
        goto exit;
    }

    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
                                                                serverPrivateKeyLen, NULL, 0 );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

    /*
     * 2. Setup the listening TCP socket
     */
    mbedtls_printf( "  . Bind on https://localhost:4433/ ..." );
    fflush( stdout );

    if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

    /*
     * 3. Seed the RNG
     */
    mbedtls_printf( "  . Seeding the random number generator..." );
    fflush( stdout );

    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func_clutch, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
    }

    mbedtls_printf( " ok\n" );

    /*
     * 4. Setup stuff
     */
    mbedtls_printf( "  . Setting up the SSL data...." );
    fflush( stdout );

    if( ( ret = mbedtls_ssl_config_defaults( &conf,
                    MBEDTLS_SSL_IS_SERVER,
                    MBEDTLS_SSL_TRANSPORT_STREAM,
                    MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );

#if defined(MBEDTLS_SSL_CACHE_C)
    mbedtls_ssl_conf_session_cache( &conf, &cache,
                                   mbedtls_ssl_cache_get,
                                   mbedtls_ssl_cache_set );
#endif

    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
        goto exit;
    }

    if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_printf( " ok\n" );

reset:
#ifdef MBEDTLS_ERROR_C
    if( ret != 0 )
    {
        char error_buf[100];
        mbedtls_strerror( ret, error_buf, 100 );
        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
    }
#endif

    mbedtls_net_free( &client_fd );

    mbedtls_ssl_session_reset( &ssl );

    /*
     * 3. Wait until a client connects
     */
    mbedtls_printf( "  . Waiting for a remote connection ..." );
    fflush( stdout );

    if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
                                    NULL, 0, NULL ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_net_accept returned %d\n\n", ret );
        goto exit;
    }

    mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );

    mbedtls_printf( " ok\n" );

    /*
     * 5. Handshake
     */
    mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
    fflush( stdout );

    while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
    {
        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret );
            goto exit;
        }
    }

    mbedtls_printf( " ok\n" );

    /*
     * 6. Read the HTTP Request
     */
    mbedtls_printf( "  < Read from client:" );
    fflush( stdout );

    do
    {
        len = sizeof( buf ) - 1;
        memset( buf, 0, sizeof( buf ) );
        ret = mbedtls_ssl_read( &ssl, buf, len );

        if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
            continue;

        if( ret <= 0 )
        {
            switch( ret )
            {
                case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
                    mbedtls_printf( " connection was closed gracefully\n" );
                    break;

                case MBEDTLS_ERR_NET_CONN_RESET:
                    mbedtls_printf( " connection was reset by peer\n" );
                    break;

                default:
                    mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
                    break;
            }

            break;
        }

        len = ret;
        mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );

        if( ret > 0 )
            break;
    }
    while( 1 );

    /*
     * 7. Write the 200 Response
     */
    mbedtls_printf( "  > Write to client:" );

    fflush( stdout );

    len = sprintf( (char *) buf, HTTP_RESPONSE,
                   mbedtls_ssl_get_ciphersuite( &ssl ) );

    while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
    {
        if( ret == MBEDTLS_ERR_NET_CONN_RESET )
        {
            mbedtls_printf( " failed\n  ! peer closed the connection\n\n" );
            goto reset;
        }

        if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n", ret );
            goto exit;
        }
    }

    len = ret;
    mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );

    mbedtls_printf( "  . Closing the connection..." );

    while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
    {
        if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
            ret != MBEDTLS_ERR_SSL_WANT_WRITE )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_close_notify returned %d\n\n", ret );
            goto exit;
        }
    }

    mbedtls_printf( " ok\n" );

    ret = 0;
    goto exit;

exit:

#ifdef MBEDTLS_ERROR_C
    if( ret != 0 )
    {
        char error_buf[100];
        mbedtls_strerror( ret, error_buf, 100 );
        mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
    }
#endif

    mbedtls_net_free( &client_fd );
    mbedtls_net_free( &listen_fd );

    mbedtls_x509_crt_free( &srvcert );
    mbedtls_pk_free( &pkey );
    mbedtls_ssl_free( &ssl );
    mbedtls_ssl_config_free( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
    mbedtls_ssl_cache_free( &cache );
#endif
    mbedtls_ctr_drbg_free( &ctr_drbg );
    mbedtls_entropy_free( &entropy );

#if defined(_WIN32)
    mbedtls_printf( "  Press Enter to exit this program.\n" );
    fflush( stdout );
#endif

    return NULL;
}
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
          MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
          MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
          && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */

/* **************************
 *
 *
 * CAinitSslAdapter test
 *
 *
 * *************************/

static int testCAinitSslAdapter()
{
    int ret = 0;

    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_IP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    ret = CAinitSslAdapter();
    if (ret != 0 ||
        &g_caSslContext == NULL ||
        &g_caSslContext->crt == NULL ||
        &g_caSslContext->pkey == NULL ||
        &g_caSslContext->clientTlsConf == NULL ||
        &g_caSslContext->serverTlsConf == NULL ||
        &g_caSslContext->rnd == NULL ||
        &g_caSslContext->entropy == NULL)
    {
        ret = 1;
    }

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    return ret;
}

// CAinitTlsAdapter()
TEST(TLSAdaper, Test_1)
{
    int ret = 0xFF;
    ret = testCAinitSslAdapter();
    EXPECT_EQ(0, ret);
}

/* **************************
 *
 *
 * CAsetSslAdapterCallbacks test
 *
 *
 * *************************/

static int testCAsetSslAdapterCallbacks()
{
    int ret = 0xFF;
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_IP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    // CAinitSslAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, (CATransportAdapter_t)0);
    if (g_caSslContext->adapterCallbacks[0].recvCallback == NULL &&
        g_caSslContext->adapterCallbacks[0].sendCallback == NULL &&
        g_caSslContext->adapterCallbacks[1].recvCallback == NULL &&
        g_caSslContext->adapterCallbacks[1].sendCallback == NULL)
    {
        ret = 0;
    }
    else
    {
        ret = 1;
    }
    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_IP);
    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
    if (g_caSslContext->adapterCallbacks[0].recvCallback == CATCPPacketReceivedCB &&
        g_caSslContext->adapterCallbacks[0].sendCallback == CATCPPacketSendCB &&
        g_caSslContext->adapterCallbacks[1].recvCallback == CATCPPacketReceivedCB &&
        g_caSslContext->adapterCallbacks[1].sendCallback == CATCPPacketSendCB)
    {
        ret += 0;
    }
    else
    {
        ret += 1;
    }

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    return ret;
}

// CAsetSslAdapterCallbacks()
TEST(TLSAdaper, Test_2)
{
    int ret = 0xFF;
    ret = testCAsetSslAdapterCallbacks();
    EXPECT_EQ(0, ret);
}

/* **************************
 *
 *
 * CAinitiateSslHandshake test
 *
 *
 * *************************/

unsigned char predictedClientHello[] = {
    0x16, 0x03, 0x01, 0x00, 0x63, 0x01, 0x00, 0x00, 0x5f, 0x03, 0x03, 0x57, 0xf2, 0x5f, 0x21, 0x04,
    0xb1, 0x3b, 0xda, 0x55, 0xa4, 0x8e, 0xcc, 0x3f, 0xe9, 0x45, 0x5c, 0xaf, 0xcb, 0x19, 0x2e, 0x1f,
    0x4b, 0xd5, 0x84, 0x5c, 0x4b, 0xd7, 0x7d, 0x38, 0xa2, 0xfa, 0x3d, 0x00, 0x00, 0x06, 0xc0, 0xae,
    0xc0, 0xae, 0x00, 0xff, 0x01, 0x00, 0x00, 0x30, 0x00, 0x0d, 0x00, 0x16, 0x00, 0x14, 0x06, 0x03,
    0x06, 0x01, 0x05, 0x03, 0x05, 0x01, 0x04, 0x03, 0x04, 0x01, 0x03, 0x03, 0x03, 0x01, 0x02, 0x03,
    0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00, 0x02, 0x00, 0x17, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
    0x00, 0x16, 0x00, 0x00, 0x00, 0x17, 0x00, 0x00
};
static unsigned char controlBuf[sizeof(predictedClientHello)];
static char controlBufLen = 0;
static void CATCPPacketSendCB_forInitHsTest(CAEndpoint_t *, const void * buf, uint32_t buflen)
{
    int n;
    n = write(sockfd, buf, buflen);
    if (n < 0)
         error("ERROR writing to socket");

    memset(controlBuf, 0, sizeof(predictedClientHello));
    memcpy(controlBuf, buf, buflen);
    controlBufLen = buflen;
}

static void * test0CAinitiateSslHandshake(void * arg)
{
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    // CAinitSslAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    // CAsetSslAdapterCallbacks
    g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
    g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB_forInitHsTest;

    // CAsetPkixInfoCallback
    g_getPkixInfoCallback = infoCallback_that_loads_x509;

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    // CAsetTlsCipherSuite
    mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
                                         tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
    mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
                                         tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
    g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;

    CAsetPskCredentialsCallback(GetDtlsPskCredentials);

    socketConnect();

    unsigned int unixTime = (unsigned)time(NULL);
    CAinitiateSslHandshake(&serverAddr);
    predictedClientHello[11] = unixTime >> 24;
    predictedClientHello[12] = (unixTime << 8) >> 24;
    predictedClientHello[13] = (unixTime << 16) >> 24;
    predictedClientHello[14] = (unixTime << 24) >> 24;

    // CAcloseTlsConnection
    ca_mutex_lock(g_sslContextMutex);
    SslEndPoint_t * tep = GetSslPeer(&serverAddr);
    mbedtls_ssl_close_notify(&tep->ssl);
    RemovePeerFromList(&tep->sep.endpoint);
    ca_mutex_unlock(g_sslContextMutex);

    // CAdeinitTlsAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    socketClose();

    if (controlBufLen == sizeof(predictedClientHello) &&
        memcmp(predictedClientHello, controlBuf, sizeof(predictedClientHello)) == 0)
    {
        *((int*)arg) = 0;
        return NULL;
    }
    else
    {
        *((int*)arg) = 0xFF;
        return (void *) 0xFF;
    }
}

static int test1CAinitiateSslHandshake()
{
    int ret = 0xff;
    ret = CAinitiateSslHandshake(NULL);
    if (CA_STATUS_INVALID_PARAM == ret)
    {
        ret = 0;
    }
    else
    {
        ret = 1;
    }
    return ret;
}

// CAinitiateSslHandshake()
TEST(TLSAdaper, Test_3_0)
{
    pthread_t thread1, thread2;
    int ret = 0;
    int arg = 1;

    ret = pthread_create( &thread1, NULL, server, (void*) NULL);
    if(ret)
    {
        fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    ret = pthread_create( &thread2, NULL, test0CAinitiateSslHandshake, &arg);
    if(ret)
    {
        fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    EXPECT_EQ(0, arg);
}

TEST(TLSAdaper, Test_3_1)
{
    int ret = 0xFF;
    ret = test1CAinitiateSslHandshake();
    EXPECT_EQ(0, ret);
}

/* **************************
 *
 *
 * CAencryptSsl test
 *
 *
 * *************************/

static void * testCAencryptSsl(void * arg)
{
    int ret = 0;
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    // CAinitTlsAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);

    CAsetPkixInfoCallback(infoCallback_that_loads_x509);

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
    CAsetPskCredentialsCallback(GetDtlsPskCredentials);

    socketConnect();

    // CAinitiateSslHandshake
    ca_mutex_lock(g_sslContextMutex);
    InitiateTlsHandshake(&serverAddr);
    ca_mutex_unlock(g_sslContextMutex);

    unsigned char buffer[2048] = {'\0'};
    int buflen = 0;
    CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
    sep->endpoint = serverAddr;

    for (int i = 0; i < 6; i++)
    {
        PacketReceive(buffer, &buflen);
        CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
    }

    ret = sprintf( (char*)buffer, GET_REQUEST );

    CAencryptSsl(&serverAddr, buffer, ret);

    PacketReceive(buffer, &buflen);
    CAdecryptSsl(sep, (uint8_t *)buffer, buflen);

    CAcloseSslConnection(&serverAddr);

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    socketClose();

    if (control_server_message_len == msglen && memcmp(msg, control_server_message, control_server_message_len) == 0)
    {
        *((int*)arg) = 0;
        return NULL;
    }
    else
    {
        *((int*)arg) = 0xFF;
        return (void *) 0xFF;
    }
}

// CAencryptSsl()
TEST(TLSAdaper, Test_4)
{
    pthread_t thread1, thread2;
    int ret = 0;
    int arg = 1;

    ret = pthread_create( &thread1, NULL, server, (void*) NULL);
    if(ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    ret = pthread_create( &thread2, NULL, testCAencryptSsl, &arg);
    if(ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    EXPECT_EQ(0, arg);
}

/* **************************
 *
 *
 * CAdecryptSsl test
 *
 *
 * *************************/

static void * testCAdecryptSsl(void * arg)
{
    int ret = 0;
    unsigned char buffer[2048] = {'\0'};
    int buflen = 0;

    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    // CAinitTlsAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    // CAsetTlsAdapterCallbacks
    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);

    // CAsetPkixInfoCallback
    CAsetPkixInfoCallback(infoCallback_that_loads_x509);

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);

    CAsetPskCredentialsCallback(GetDtlsPskCredentials);

    socketConnect();

    // CAinitiateSslHandshake
    ca_mutex_lock(g_sslContextMutex);
    InitiateTlsHandshake(&serverAddr);
    ca_mutex_unlock(g_sslContextMutex);

    CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
    sep->endpoint = serverAddr;

    for (int i = 0; i < 6; i++)
    {
        PacketReceive(buffer, &buflen);
        CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
    }

    ret = sprintf((char*)buffer, GET_REQUEST);

    CAencryptSsl(&serverAddr, buffer, ret);

    PacketReceive(buffer, &buflen);
    CAdecryptSsl(sep, (uint8_t *)buffer, buflen);

    CAcloseSslConnection(&serverAddr);

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    socketClose();

    if (control_server_message_len == msglen && memcmp(msg, control_server_message,
                                                                 control_server_message_len) == 0)
    {
        *((int*)arg) = 0;
        return NULL;
    }
    else
    {
        *((int*)arg) = 0xFF;
        return (void *) 0xFF;
    }
}

// CAdecryptTls()
TEST(TLSAdaper, Test_5)
{
    pthread_t thread1, thread2;
    int ret = 0;
    int arg = 1;

    ret = pthread_create( &thread1, NULL, server, (void*) NULL);
    if(ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    ret = pthread_create( &thread2, NULL, testCAdecryptSsl, &arg);
    if(ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    EXPECT_EQ(0, arg);
}

/* **************************
 *
 *
 * CAdeinitSslAdapter test
 *
 *
 * *************************/

static int testCAdeinitSslAdapter()
{
    int ret = 0;
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_IP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    // CAinitTlsAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    // CAsetTlsAdapterCallbacks
    g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
    g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB;

    // CAsetPkixInfoCallback
    g_getPkixInfoCallback = infoCallback_that_loads_x509;

    // CAsetTlsCipherSuite
    mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
                                         tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
    mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
                                         tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
    g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;

    CAdeinitSslAdapter();

    if (g_caSslContext != NULL ||
        g_sslContextMutex != NULL)
    {
        ret = 1;
    }
    else
    {
        ret = 0;
    }
    return ret;
}

// CAdeinitSslAdapter()
TEST(TLSAdaper, Test_6)
{
    int ret = 0xFF;
    ret = testCAdeinitSslAdapter();
    EXPECT_EQ(0, ret);
}

/* **************************
 *
 *
 * Server side test
 *
 *
 * *************************/

static void * testServer(void * arg)
{
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4432;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;
    unsigned char buffer[2048] = {'\0'};
    int buflen = 0;

    CAinitSslAdapter();

    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB_server, CATCPPacketSendCB_server, CA_ADAPTER_TCP);
    CAsetPkixInfoCallback(infoCallback_that_loads_x509);

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);

    CAsetPskCredentialsCallback(GetDtlsPskCredentials);

    socketOpen_server();

    CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
    sep->endpoint = serverAddr;

    for (int i = 0; i < 7; i++)
    {
        PacketReceive_server(buffer, &buflen);
        CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
    }

    CAcloseSslConnection(&serverAddr);

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    socketClose_server();

    if (control_client_message_len == msglen && memcmp(msg, control_client_message,
                                                            control_client_message_len) == 0)
    {
        *((int*)arg) = 0;
        return NULL;
    }
    else
    {
        *((int*)arg) = 0xFF;
        return (void *) 0xFF;
    }
}

TEST(TLSAdaper, Test_7)
{
    pthread_t thread1, thread2;
    int ret = 0;
    int arg = 1;

    ret = pthread_create( &thread1, NULL, testServer, &arg);
    if (ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    ret = pthread_create( &thread2, NULL, client, (void*) NULL);
    if (ret)
    {
        fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    EXPECT_EQ(NULL, arg);
}

/* **************************
 *
 * CAsetPskCredentialsCallback test
 * CAsetPkixInfoCallback test
 * CAsetCredentialTypesCallback test
 *
 * *************************/

static int testCAsetPskCredentialsCallback()
{
    static CAgetPskCredentialsHandler credCallback = (CAgetPskCredentialsHandler)dummyHandler;
    CAsetPskCredentialsCallback(credCallback);
    if (g_getCredentialsCallback == (CAgetPskCredentialsHandler)dummyHandler)
    {
        return 0;
    }
    else
    {
        return 1;
    }
}

static int testCAsetPkixInfoCallback()
{
    static CAgetPkixInfoHandler infoCallback = (CAgetPkixInfoHandler)dummyHandler;
    CAsetPkixInfoCallback(infoCallback);
    if (g_getPkixInfoCallback == (CAgetPkixInfoHandler)dummyHandler)
    {
        return 0;
    }
    else
    {
        return 1;
    }
}

static int testCAsetCredentialTypesCallback()
{
    static CAgetCredentialTypesHandler credTypesCallback = (CAgetCredentialTypesHandler)dummyHandler;
    CAsetCredentialTypesCallback(credTypesCallback);
    if (g_getCredentialTypesCallback == (CAgetCredentialTypesHandler)dummyHandler)
    {
        return 0;
    }
    else
    {
        return 1;
    }
}

// CAsetPskCredentialsCallback()
TEST(TLSAdaper, Test_9_0)
{
    int ret = 0xFF;
    ret = testCAsetPskCredentialsCallback();
    EXPECT_EQ(0, ret);
}
// CAsetPkixInfoCallback()
TEST(TLSAdaper, Test_9_1)
{
    int ret = 0xFF;
    ret = testCAsetPkixInfoCallback();
    EXPECT_EQ(0, ret);
}
// CAsetCredentialTypesCallback()
TEST(TLSAdaper, Test_9_2)
{
    int ret = 0xFF;
    ret = testCAsetCredentialTypesCallback();
    EXPECT_EQ(0, ret);
}

/* **************************
 *
 *
 * CAsetTlsCipherSuite test
 *
 *
 * *************************/

static int testCAsetTlsCipherSuite()
{
    int ret = 0, status = 0;
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    CAinitSslAdapter();

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    status = CAsetTlsCipherSuite(MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA);
    if (ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA != g_caSslContext->cipher || status != CA_STATUS_OK)
    {
        ret += 1;
    }

    status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
    if (ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 != g_caSslContext->cipher || status != CA_STATUS_OK)
    {
        ret += 1;
    }

    status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256);
    if (ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256 != g_caSslContext->cipher || status != CA_STATUS_OK)
    {
        ret += 1;
    }

    status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
    if (ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != g_caSslContext->cipher || status != CA_STATUS_OK)
    {
        ret += 1;
    }

    status = CAsetTlsCipherSuite(dummyHandler);
    if (CA_STATUS_FAILED != status)
    {
        ret += 1;
    }

    // CAdeinitSslAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    return ret;
}

// CAinitTlsAdapter()
TEST(TLSAdaper, Test_10)
{
    int ret = 0xff;
    ret = testCAsetTlsCipherSuite();
    EXPECT_EQ(0, ret);
}

static void * testCAsslGenerateOwnerPsk(void * arg)
{
    int ret = 0;
    CAEndpoint_t serverAddr;
    serverAddr.adapter = CA_ADAPTER_TCP;
    serverAddr.flags = CA_SECURE;
    serverAddr.port = 4433;
    char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
    memcpy(serverAddr.addr, addr, sizeof(addr));
    serverAddr.ifindex = 0;

    uint8_t label[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A};
    uint8_t rsrcServerDeviceId[] = {0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A};
    uint8_t provServerDeviceId[] = {0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A};
    uint8_t ownerPsk[0x100] = {0x00};
    uint8_t predictedPSK[] = {
        0xba, 0x72, 0x16, 0xbc, 0x7f, 0x8c, 0xfe, 0xfc, 0xd0, 0xac, 0x1a, 0x37, 0xad, 0x60, 0xe8, 0x9e,
        0xb3, 0x31, 0xa2, 0x30, 0xaf, 0x68, 0xc9, 0xa6, 0x89, 0x8a, 0x04, 0x21, 0x6c, 0xbd, 0x04, 0x08,
        0x68, 0x11, 0x54, 0x9e, 0x2a, 0x10, 0x91, 0x94, 0x3c, 0x44, 0x52, 0xc7, 0xfa, 0x78, 0x44, 0x87,
        0xea, 0x30, 0x08, 0x5f, 0xc1, 0x64, 0xaa, 0x0d, 0xfd, 0x84, 0x16, 0x83, 0x20, 0xc9, 0x08, 0x65,
        0xd2, 0x4a, 0x55, 0x9e, 0x8f, 0x88, 0x3c, 0x57, 0x10, 0xbd, 0x5a, 0x30, 0x01, 0xb4, 0x59, 0x63,
        0x64, 0x19, 0x8d, 0xfa, 0x5c, 0x86, 0x92, 0xf7, 0x60, 0x99, 0xdb, 0xae, 0x0e, 0xad, 0x80, 0xf1,
        0x82, 0xaf, 0x1b, 0x14, 0x0c, 0x99, 0x13, 0x53, 0x54, 0x33, 0x6a, 0x17, 0x24, 0x5c, 0x9d, 0xdb,
        0x5a, 0xfb, 0x73, 0x2f, 0x41, 0xe8, 0xeb, 0x2e, 0x68, 0xfe, 0xee, 0x0b, 0xdc, 0x54, 0x50, 0xf1,
        0x1e, 0x16, 0x19, 0x2c, 0x4e, 0xb6, 0x97, 0x9f, 0x9c, 0x32, 0x9c, 0x0e, 0xe0, 0xe1, 0x32, 0x64,
        0x16, 0x34, 0x53, 0x8e, 0xc5, 0xe3, 0xe5, 0xbc, 0x2c, 0x10, 0xae, 0x81, 0x2c, 0x1a, 0xb2, 0xb7,
        0xa3, 0xbe, 0x0f, 0xab, 0xfd, 0xf7, 0x87, 0x53, 0xcd, 0x3e, 0x31, 0xfb, 0x2d, 0x69, 0x6a, 0xd5,
        0xc3, 0x27, 0x04, 0x2b, 0x37, 0x02, 0x91, 0x05, 0x0c, 0x4e, 0x2a, 0xfc, 0x6c, 0x42, 0xe8, 0x37,
        0x23, 0x2f, 0x60, 0x6e, 0x0c, 0xed, 0x7c, 0xe0, 0x5f, 0x47, 0xb3, 0x51, 0x86, 0x5b, 0x26, 0x08,
        0x2a, 0x05, 0x89, 0xb0, 0xdd, 0x6f, 0xc6, 0x76, 0xc5, 0x2a, 0x60, 0x07, 0x0e, 0xb1, 0x71, 0x67,
        0x21, 0x11, 0xf8, 0xb5, 0x52, 0xa3, 0xf3, 0xf0, 0xd4, 0x5f, 0xdf, 0x44, 0x66, 0x23, 0xd8, 0x4e,
        0xbd, 0x64, 0x39, 0x43, 0x03, 0x37, 0xaa, 0xd7, 0xea, 0xb3, 0x6d, 0x2f, 0x84, 0x9c, 0x02, 0x49
    };

    // CAinitTlsAdapter
    g_sslContextMutex = ca_mutex_new();
    ca_mutex_lock(g_sslContextMutex);
    g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
    g_caSslContext->peerList = u_arraylist_create();
    mbedtls_entropy_init(&g_caSslContext->entropy);
    mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
    unsigned char * seed = (unsigned char*) SEED;
    mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
                                  &g_caSslContext->entropy, seed, sizeof(SEED));
    mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
    mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
                                    MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
    mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
    mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
                          &g_caSslContext->rnd);
    mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
    mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
                                 MBEDTLS_SSL_MINOR_VERSION_1);
    mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
    mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
    mbedtls_x509_crt_init(&g_caSslContext->ca);
    mbedtls_x509_crt_init(&g_caSslContext->crt);
    mbedtls_pk_init(&g_caSslContext->pkey);
    mbedtls_x509_crl_init(&g_caSslContext->crl);
    ca_mutex_unlock(g_sslContextMutex);

    // CAsetTlsAdapterCallbacks
    CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);

    // CAsetPkixInfoCallback
    CAsetPkixInfoCallback(infoCallback_that_loads_x509);

    // CAsetCredentialTypesCallback
    g_getCredentialTypesCallback = clutch;

    CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);

    CAsetPskCredentialsCallback(GetDtlsPskCredentials);

    socketConnect();

    // CAinitiateSslHandshake
    ca_mutex_lock(g_sslContextMutex);
    InitiateTlsHandshake(&serverAddr);
    ca_mutex_unlock(g_sslContextMutex);

    ret = CAsslGenerateOwnerPsk(&serverAddr,
          label, sizeof(label),
          rsrcServerDeviceId, sizeof(rsrcServerDeviceId),
          provServerDeviceId, sizeof(provServerDeviceId),
          ownerPsk, 0x100);

    // CAcloseTlsConnection
    ca_mutex_lock(g_sslContextMutex);
    SslEndPoint_t * tep = GetSslPeer(&serverAddr);
    mbedtls_ssl_close_notify(&tep->ssl);
    RemovePeerFromList(&tep->sep.endpoint);
    ca_mutex_unlock(g_sslContextMutex);

    // CAdeinitTlsAdapter
    ca_mutex_lock(g_sslContextMutex);
    DeletePeerList();
    mbedtls_x509_crt_free(&g_caSslContext->crt);
    mbedtls_pk_free(&g_caSslContext->pkey);
    mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
    mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
    mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
    mbedtls_entropy_free(&g_caSslContext->entropy);
    OICFree(g_caSslContext);
    g_caSslContext = NULL;
    ca_mutex_unlock(g_sslContextMutex);
    ca_mutex_free(g_sslContextMutex);
    g_sslContextMutex = NULL;

    socketClose();

    if (ret == 0 && memcmp(predictedPSK, ownerPsk, sizeof(predictedPSK)) == 0)
    {
        *((int*)arg) = 0;
        return NULL;
    }
    else
    {
        *((int*)arg) = 0xFF;
        return (void *) 0xFF;
    }
}

TEST(TLSAdaper, Test_11)
{
    pthread_t thread1, thread2;
    int ret = 0;
    int arg = 1;

    ret = pthread_create( &thread1, NULL, server, (void*) NULL);
    if(ret)
    {
        fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    ret = pthread_create( &thread2, NULL, testCAsslGenerateOwnerPsk, &arg);
    if(ret)
    {
        fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
        exit(EXIT_FAILURE);
    }

    sleep(5);

    EXPECT_EQ(0, arg);
}