1 //******************************************************************
3 // Copyright 2016 Samsung Electronics All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #include "gtest/gtest.h"
24 #define CAcloseSslConnection CAcloseSslConnectionTest
25 #define CAdecryptSsl CAdecryptSslTest
26 #define CAdeinitSslAdapter CAdeinitSslAdapterTest
27 #define CAencryptSsl CAencryptSslTest
28 #define CAinitSslAdapter CAinitSslAdapterTest
29 #define CAinitiateSslHandshake CAinitiateSslHandshakeTest
30 #define CAsetCredentialTypesCallback CAsetCredentialTypesCallbackTest
31 #define CAsetSslAdapterCallbacks CAsetSslAdapterCallbacksTest
32 #define CAsetSslHandshakeCallback CAsetSslHandshakeCallbackTest
33 #define CAsetTlsCipherSuite CAsetTlsCipherSuiteTest
34 #define CAsslGenerateOwnerPsk CAsslGenerateOwnerPskTest
36 #include "../src/adapter_util/ca_adapter_net_ssl.c"
47 #ifdef HAVE_SYS_TYPES_H
48 #include <sys/types.h>
50 #ifdef HAVE_SYS_SOCKET_H
51 #include <sys/socket.h>
53 #ifdef HAVE_NETINET_IN_H
54 #include <netinet/in.h>
61 #include "../../../../c_common/windows/include/pthread_create.h"
65 /** @todo stop-gap for naming issue. Windows.h does not like us to use ERROR */
69 #endif //HAVE_WINDOWS_H
70 #include "platform_features.h"
73 #define MBED_TLS_DEBUG_LEVEL (4) // Verbose
75 #define SEED "PREDICTED_SEED"
76 #define dummyHandler 0xF123
78 #define SERVER_PORT 4433
79 #define SERVER_NAME "localhost"
80 #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
82 /* **************************
88 * *************************/
90 unsigned char serverCert[] = {
91 0x30, 0x82, 0x02, 0x39, 0x30, 0x82, 0x01, 0xdf, 0x02, 0x01, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
92 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
93 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
94 0x09, 0x53, 0x6f, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
95 0x55, 0x04, 0x07, 0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30,
96 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03,
97 0x55, 0x04, 0x0b, 0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61,
98 0x72, 0x74, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31,
99 0x14, 0x30, 0x12, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05,
100 0x6f, 0x62, 0x40, 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x35, 0x31,
101 0x33, 0x31, 0x31, 0x31, 0x37, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x32, 0x31, 0x33,
102 0x31, 0x31, 0x31, 0x37, 0x5a, 0x30, 0x81, 0xd4, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
103 0x06, 0x13, 0x02, 0x55, 0x41, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03,
104 0x41, 0x73, 0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x06, 0x47, 0x6f,
105 0x74, 0x68, 0x61, 0x6d, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x5a,
106 0x5a, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x08, 0x42, 0x65, 0x61, 0x6d,
107 0x54, 0x65, 0x61, 0x6d, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
108 0x01, 0x09, 0x01, 0x16, 0x0d, 0x72, 0x61, 0x69, 0x6c, 0x40, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
109 0x6f, 0x6d, 0x31, 0x32, 0x30, 0x30, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x29, 0x75, 0x75, 0x69,
110 0x64, 0x3a, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d,
111 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32,
112 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x0c,
113 0x2b, 0x75, 0x73, 0x65, 0x72, 0x69, 0x64, 0x3a, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37,
114 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d,
115 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x30, 0x59, 0x30, 0x13,
116 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
117 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10, 0xe5, 0x09,
118 0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a, 0xb6, 0x61,
119 0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0, 0xe5, 0xac,
120 0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76, 0x3f, 0xe0,
121 0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
122 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x47, 0xcc, 0x41, 0x8a, 0x27, 0xc7,
123 0xd0, 0xaa, 0xb4, 0xab, 0x85, 0xbf, 0x09, 0x4d, 0x06, 0xd7, 0x7e, 0x0d, 0x39, 0xf9, 0x36, 0xa1,
124 0x3d, 0x96, 0x23, 0xe2, 0x24, 0x64, 0x98, 0x63, 0x21, 0xba, 0x02, 0x21, 0x00, 0xe5, 0x8f, 0x7f,
125 0xf1, 0xa6, 0x82, 0x03, 0x6a, 0x18, 0x7a, 0x54, 0xe7, 0x0e, 0x25, 0x77, 0xd8, 0x46, 0xfa, 0x96,
126 0x8a, 0x7e, 0x14, 0xc4, 0xcb, 0x21, 0x32, 0x3e, 0x89, 0xd9, 0xba, 0x8c, 0x3f
128 int serverCertLen = sizeof(serverCert);
130 unsigned char serverPrivateKey[] = {
131 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x02, 0x51, 0xb5, 0x97, 0xb9, 0xe9, 0xd8, 0x8d, 0x66,
132 0x2b, 0x8a, 0xb3, 0x9c, 0x6a, 0xd2, 0xca, 0x18, 0x21, 0xb9, 0x87, 0x3d, 0xf5, 0x8e, 0xa2, 0x8d,
133 0x38, 0xf6, 0xb7, 0xd2, 0x76, 0x74, 0x99, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
134 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10,
135 0xe5, 0x09, 0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a,
136 0xb6, 0x61, 0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0,
137 0xe5, 0xac, 0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76,
138 0x3f, 0xe0, 0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b
141 int serverPrivateKeyLen = sizeof(serverPrivateKey);
143 unsigned char caCert[] = {
144 0x30, 0x82, 0x02, 0x3e, 0x30, 0x82, 0x01, 0xe5, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
145 0x87, 0xa7, 0x68, 0x01, 0x7c, 0xe9, 0xf8, 0xf0, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
146 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
147 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f,
148 0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07,
149 0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
150 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b,
151 0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31,
152 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12,
153 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40,
154 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x37, 0x32, 0x35, 0x31, 0x31, 0x31, 0x36,
155 0x31, 0x31, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x35, 0x31, 0x31, 0x31, 0x36, 0x31,
156 0x31, 0x5a, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
157 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f, 0x6d, 0x65,
158 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x08,
159 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
160 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0d,
161 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31, 0x0b, 0x30,
162 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12, 0x06, 0x09,
163 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40, 0x62, 0x62,
164 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
165 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x2e, 0xcf, 0xc3, 0xfa, 0x2e,
166 0x04, 0x11, 0x62, 0x34, 0x63, 0x6f, 0xdf, 0xb6, 0x67, 0xfb, 0x5a, 0x50, 0x8c, 0x15, 0x73, 0xc9,
167 0xc1, 0x57, 0x3a, 0x9e, 0xf8, 0xf4, 0xa8, 0x0c, 0x1a, 0xe9, 0x91, 0x51, 0x9d, 0x03, 0x26, 0x48,
168 0xaa, 0x46, 0x84, 0x12, 0x06, 0x2d, 0xfc, 0x66, 0xbe, 0x41, 0xed, 0xfd, 0xcd, 0x32, 0xa3, 0x9b,
169 0x34, 0xf2, 0xaa, 0x95, 0x1f, 0x8e, 0x5d, 0x49, 0x77, 0x80, 0xc2, 0xa3, 0x50, 0x30, 0x4e, 0x30,
170 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff, 0x8c,
171 0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30, 0x1f,
172 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff,
173 0x8c, 0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30,
174 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0a, 0x06,
175 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20,
176 0x1c, 0xa1, 0x55, 0xa8, 0x04, 0xbc, 0x5b, 0x00, 0xa8, 0xac, 0x2f, 0xe6, 0xb7, 0x3c, 0x7c, 0xf3,
177 0x7e, 0x93, 0xce, 0xe0, 0xdf, 0x6e, 0x36, 0xe4, 0x36, 0x20, 0xcb, 0x36, 0x9c, 0x13, 0x3b, 0xc4,
178 0x02, 0x20, 0x7f, 0x18, 0x13, 0x7d, 0x1b, 0x8c, 0xe3, 0x5b, 0xd9, 0xac, 0x74, 0x8c, 0xc0, 0xe9,
179 0xbf, 0x1b, 0x48, 0x6f, 0xb6, 0x6a, 0x45, 0x03, 0xa6, 0x5d, 0x4d, 0x65, 0xf7, 0x96, 0xa0, 0x08,
182 int caCertLen = sizeof(caCert);
184 unsigned char control_server_message[] = {
185 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x20, 0x32, 0x30, 0x30, 0x20, 0x4f, 0x4b, 0x0d,
186 0x0a, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x20, 0x74,
187 0x65, 0x78, 0x74, 0x2f, 0x68, 0x74, 0x6d, 0x6c, 0x0d, 0x0a, 0x0d, 0x0a, 0x3c, 0x68, 0x32, 0x3e,
188 0x6d, 0x62, 0x65, 0x64, 0x20, 0x54, 0x4c, 0x53, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x65,
189 0x72, 0x76, 0x65, 0x72, 0x3c, 0x2f, 0x68, 0x32, 0x3e, 0x0d, 0x0a, 0x54, 0x45, 0x53, 0x54, 0x20,
190 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x0d, 0x0a, 0x3c, 0x70, 0x3e, 0x53, 0x75, 0x63, 0x63,
191 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x20, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
192 0x6e, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x3a, 0x20, 0x54, 0x4c, 0x53, 0x2d, 0x45, 0x43, 0x44,
193 0x48, 0x45, 0x2d, 0x45, 0x43, 0x44, 0x53, 0x41, 0x2d, 0x57, 0x49, 0x54, 0x48, 0x2d, 0x41, 0x45,
194 0x53, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x43, 0x43, 0x4d, 0x2d, 0x38, 0x3c, 0x2f, 0x70, 0x3e, 0x0d,
197 int control_server_message_len = sizeof(control_server_message);
199 unsigned char control_client_message[] = {
200 0x47, 0x45, 0x54, 0x20, 0x2f, 0x20, 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x0d, 0x0a,
203 int control_client_message_len = sizeof(control_client_message);
205 static void error(const char *msg)
211 static int sockfd, newsockfd;
213 static void socketConnect()
216 struct sockaddr_in serv_addr;
217 struct hostent *server;
219 portno = SERVER_PORT;
220 sockfd = socket(AF_INET, SOCK_STREAM, 0);
222 error("ERROR opening socket");
223 server = gethostbyname(SERVER_NAME);
224 if (server == NULL) {
225 fprintf(stderr,"ERROR, no such host\n");
228 //memset((char *) &serv_addr, sizeof(serv_addr));
229 memset((void*)&serv_addr, 0, sizeof(serv_addr));
230 serv_addr.sin_family = AF_INET;
231 memcpy((char *)server->h_addr,
232 (char *)&serv_addr.sin_addr.s_addr,
234 serv_addr.sin_port = htons(portno);
235 if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
236 error("ERROR connecting");
239 static void CATCPPacketSendCB(CAEndpoint_t *, const void *buf, uint32_t buflen)
242 n = write(sockfd, buf, buflen);
244 error("ERROR writing to socket");
247 char msg[256] = {0}; int msglen = 0;
248 static void CATCPPacketReceivedCB(const CASecureEndpoint_t *, const void *data, uint32_t dataLength)
250 memcpy(msg, data, dataLength);
254 static void PacketReceive(unsigned char *data, int * datalen)
257 char buffer[2048] = {'\0'};
258 n = read(sockfd, buffer, 5);
259 if ((buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
260 && buffer[1] == 0x03 && buffer[2] == 0x03)
262 int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
263 n = read(sockfd, buffer + 5, tlslen);
267 error("ERROR reading from socket");
270 memcpy(data, buffer, *datalen);
273 static void socketClose()
278 static void infoCallback_that_loads_x509(PkiInfo_t * inf)
280 inf->crt.data = (uint8_t*)serverCert;
281 inf->crt.len = sizeof(serverCert);
282 inf->key.data = (uint8_t*)serverPrivateKey;
283 inf->key.len = sizeof(serverPrivateKey);
284 inf->ca.data = (uint8_t*)caCert;
285 inf->ca.len = sizeof(caCert);
286 inf->crl.data = NULL;
290 static void socketOpen_server()
293 struct sockaddr_in serv_addr, cli_addr;
296 portno = SERVER_PORT;
297 sockfd = socket(AF_INET, SOCK_STREAM, 0);
299 error("\nERROR opening socket");
300 //bzero((char *) &serv_addr, sizeof(serv_addr));
301 memset((void*)&serv_addr, 0, sizeof(serv_addr));
302 serv_addr.sin_family = AF_INET;
303 serv_addr.sin_addr.s_addr = INADDR_ANY;
304 serv_addr.sin_port = htons(portno);
305 if (bind(sockfd, (struct sockaddr *) &serv_addr,
306 sizeof(serv_addr)) < 0)
307 error("\nERROR on binding");
309 clilen = sizeof(cli_addr);
310 newsockfd = accept(sockfd,
311 (struct sockaddr *) &cli_addr,
314 error("\nERROR on accept");
317 static void CATCPPacketSendCB_server(CAEndpoint_t *, const void *buf, uint32_t buflen)
320 n = write(newsockfd,buf,buflen);
322 error("ERROR writing to socket");
325 static void CATCPPacketReceivedCB_server(const CASecureEndpoint_t *, const void *data, uint32_t dataLength)
327 memcpy(msg, data, dataLength);
330 static void PacketReceive_server(unsigned char *data, int * datalen)
333 char buffer[2048] = {'\0'};
334 n = read(newsockfd, buffer, 5);
336 if (buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
338 int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
339 n = read(newsockfd, buffer + 5, tlslen);
343 error("\nERROR reading from socket");
346 memcpy(data, buffer, *datalen);
349 static void socketClose_server()
355 static void clutch(bool * list)
360 const unsigned char IDENTITY[] = ("6767676767676767");
361 const unsigned char RS_CLIENT_PSK[] = ("AAAAAAAAAAAAAAAA");
362 static int32_t GetDtlsPskCredentials( CADtlsPskCredType_t,
363 const unsigned char *, size_t,
364 unsigned char *result, size_t)
372 memcpy(result, IDENTITY, sizeof(IDENTITY));
373 ret = sizeof(IDENTITY);
378 /* **************************
381 * MbedTLS client routine
384 * *************************/
386 #if !defined(MBEDTLS_CONFIG_FILE)
387 #include "mbedtls/config.h"
389 #include MBEDTLS_CONFIG_FILE
392 #if defined(MBEDTLS_PLATFORM_C)
393 #include "mbedtls/platform.h"
397 #define mbedtls_fprintf fprintf
398 #define mbedtls_printf printf
401 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
402 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
403 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
404 !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
405 !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
406 static int client( void )
408 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
409 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
410 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
411 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
417 #include "mbedtls/net.h"
418 #include "mbedtls/debug.h"
419 #include "mbedtls/ssl.h"
420 #include "mbedtls/entropy.h"
421 #include "mbedtls/ctr_drbg.h"
422 #include "mbedtls/error.h"
423 #include "mbedtls/certs.h"
427 #define DEBUG_LEVEL (0)
429 static void my_debug_client( void *ctx, int level,
430 const char *file, int line,
435 mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
436 fflush( (FILE *) ctx );
439 static void * client(void *)
442 mbedtls_net_context server_fd;
444 unsigned char buf[1024];
445 const char *pers = "ssl_client1";
447 mbedtls_entropy_context entropy;
448 mbedtls_ctr_drbg_context ctr_drbg;
449 mbedtls_ssl_context ssl;
450 mbedtls_ssl_config conf;
451 mbedtls_x509_crt cacert;
452 mbedtls_x509_crt owncert;
453 mbedtls_pk_context pkey;
456 * 0. Initialize the RNG and the session data
458 mbedtls_net_init( &server_fd );
459 mbedtls_ssl_init( &ssl );
460 mbedtls_ssl_config_init( &conf );
461 mbedtls_x509_crt_init( &cacert );
462 mbedtls_ctr_drbg_init( &ctr_drbg );
463 mbedtls_pk_init( &pkey );
465 mbedtls_printf( "\n . Seeding the random number generator..." );
468 mbedtls_entropy_init( &entropy );
469 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
470 (const unsigned char *) pers,
471 strlen( pers ) ) ) != 0 )
473 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
477 mbedtls_printf( " ok\n" );
480 * 0. Initialize certificates
482 mbedtls_printf( " . Loading the CA root certificate ..." );
484 ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) caCert, caCertLen );
487 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse caCert returned -0x%x\n\n", -ret );
490 ret = mbedtls_x509_crt_parse( &owncert, (const unsigned char *) serverCert, serverCertLen );
493 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse serverCert returned -0x%x\n\n", -ret );
496 ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
497 serverPrivateKeyLen, NULL, 0 );
500 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret );
504 mbedtls_printf( " ok (%d skipped)\n", ret );
507 * 1. Start the connection
509 mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, "SERVER_PORT" );
512 if( ( ret = mbedtls_net_connect( &server_fd, "127.0.0.1",
513 "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
515 mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
519 mbedtls_printf( " ok\n" );
524 mbedtls_printf( " . Setting up the SSL/TLS structure..." );
527 if( ( ret = mbedtls_ssl_config_defaults( &conf,
528 MBEDTLS_SSL_IS_CLIENT,
529 MBEDTLS_SSL_TRANSPORT_STREAM,
530 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
532 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
536 mbedtls_printf( " ok\n" );
538 /* OPTIONAL is not optimal for security,
539 * but makes interop easier in this simplified example */
540 mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
541 mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
542 mbedtls_ssl_conf_own_cert( &conf, &owncert, &pkey );
543 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
544 mbedtls_ssl_conf_dbg( &conf, my_debug_client, stdout );
546 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
548 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
552 if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
554 mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
558 mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
563 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
566 while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
568 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
570 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
575 mbedtls_printf( " ok\n" );
578 * 5. Verify the server certificate
580 mbedtls_printf( " . Verifying peer X.509 certificate..." );
582 /* In real life, we probably want to bail out when ret != 0 */
583 if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
587 mbedtls_printf( " failed\n" );
589 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
591 mbedtls_printf( "%s\n", vrfy_buf );
594 mbedtls_printf( " ok\n" );
597 * 3. Write the GET request
599 mbedtls_printf( " > Write to server:" );
602 len = sprintf( (char *) buf, GET_REQUEST );
604 while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
606 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
608 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
614 mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf );
617 * 7. Read the HTTP response
619 mbedtls_printf( " < Read from server:" );
624 len = sizeof( buf ) - 1;
625 memset( buf, 0, sizeof( buf ) );
626 ret = mbedtls_ssl_read( &ssl, buf, len );
628 if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
631 if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
636 mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret );
642 mbedtls_printf( "\n\nEOF\n\n" );
647 mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
651 mbedtls_ssl_close_notify( &ssl );
655 #ifdef MBEDTLS_ERROR_C
659 mbedtls_strerror( ret, error_buf, 100 );
660 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
664 mbedtls_net_free( &server_fd );
666 mbedtls_x509_crt_free( &cacert );
667 mbedtls_ssl_free( &ssl );
668 mbedtls_ssl_config_free( &conf );
669 mbedtls_ctr_drbg_free( &ctr_drbg );
670 mbedtls_entropy_free( &entropy );
674 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
675 MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
676 MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
677 MBEDTLS_X509_CRT_PARSE_C */
679 /* **************************
682 * MbedTLS server routine
685 * *************************/
687 #if !defined(MBEDTLS_CONFIG_FILE)
688 #include "mbedtls/config.h"
690 #include MBEDTLS_CONFIG_FILE
693 #if defined(MBEDTLS_PLATFORM_C)
694 #include "mbedtls/platform.h"
698 #define mbedtls_fprintf fprintf
699 #define mbedtls_printf printf
702 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
703 !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
704 !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
705 !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
706 !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
707 !defined(MBEDTLS_PEM_PARSE_C)
708 /* int */void * server( void )
710 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
711 "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
712 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
713 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
714 "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
722 #include "mbedtls/entropy.h"
723 #include "mbedtls/ctr_drbg.h"
724 #include "mbedtls/certs.h"
725 #include "mbedtls/x509.h"
726 #include "mbedtls/ssl.h"
727 #include "mbedtls/net.h"
728 #include "mbedtls/error.h"
729 #include "mbedtls/debug.h"
731 #if defined(MBEDTLS_SSL_CACHE_C)
732 #include "mbedtls/ssl_cache.h"
735 #define HTTP_RESPONSE \
736 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
737 "<h2>mbed TLS Test Server</h2>\r\n" \
739 "<p>Successful connection using: %s</p>\r\n"
741 #define DEBUG_LEVEL (0)
743 static int mbedtls_entropy_func_clutch(void *, unsigned char *output, size_t len)
745 for (uint32_t i = 0; i < len; i++) output[i] = 0x11;
749 static void my_debug( void *ctx, int level,
750 const char *file, int line,
755 mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
756 fflush( (FILE *) ctx );
759 static void * server(void *)
762 mbedtls_net_context listen_fd, client_fd;
763 unsigned char buf[1024];
764 const char *pers = "ssl_server";
766 mbedtls_entropy_context entropy;
767 mbedtls_ctr_drbg_context ctr_drbg;
768 mbedtls_ssl_context ssl;
769 mbedtls_ssl_config conf;
770 mbedtls_x509_crt srvcert;
771 mbedtls_pk_context pkey;
772 #if defined(MBEDTLS_SSL_CACHE_C)
773 mbedtls_ssl_cache_context cache;
776 mbedtls_net_init( &listen_fd );
777 mbedtls_net_init( &client_fd );
778 mbedtls_ssl_init( &ssl );
779 mbedtls_ssl_config_init( &conf );
780 #if defined(MBEDTLS_SSL_CACHE_C)
781 mbedtls_ssl_cache_init( &cache );
783 mbedtls_x509_crt_init( &srvcert );
784 mbedtls_pk_init( &pkey );
785 mbedtls_entropy_init( &entropy );
786 mbedtls_ctr_drbg_init( &ctr_drbg );
788 #if defined(MBEDTLS_DEBUG_C)
789 mbedtls_debug_set_threshold( DEBUG_LEVEL );
793 * 1. Load the certificates and private RSA key
795 mbedtls_printf( "\n . Loading the server cert. and key..." );
799 * This demonstration program uses embedded test certificates.
800 * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
801 * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
803 ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) serverCert, serverCertLen );
806 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
810 ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) caCert, caCertLen );
813 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
817 ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
818 serverPrivateKeyLen, NULL, 0 );
821 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
825 mbedtls_printf( " ok\n" );
828 * 2. Setup the listening TCP socket
830 mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
833 if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
835 mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
839 mbedtls_printf( " ok\n" );
844 mbedtls_printf( " . Seeding the random number generator..." );
847 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func_clutch, &entropy,
848 (const unsigned char *) pers,
849 strlen( pers ) ) ) != 0 )
851 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
854 mbedtls_printf( " ok\n" );
859 mbedtls_printf( " . Setting up the SSL data...." );
862 if( ( ret = mbedtls_ssl_config_defaults( &conf,
863 MBEDTLS_SSL_IS_SERVER,
864 MBEDTLS_SSL_TRANSPORT_STREAM,
865 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
867 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
871 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
872 mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
874 #if defined(MBEDTLS_SSL_CACHE_C)
875 mbedtls_ssl_conf_session_cache( &conf, &cache,
876 mbedtls_ssl_cache_get,
877 mbedtls_ssl_cache_set );
880 mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
881 if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
883 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
887 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
889 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
893 mbedtls_printf( " ok\n" );
896 #ifdef MBEDTLS_ERROR_C
900 mbedtls_strerror( ret, error_buf, 100 );
901 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
905 mbedtls_net_free( &client_fd );
907 mbedtls_ssl_session_reset( &ssl );
910 * 3. Wait until a client connects
912 mbedtls_printf( " . Waiting for a remote connection ..." );
915 if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
916 NULL, 0, NULL ) ) != 0 )
918 mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
922 mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
924 mbedtls_printf( " ok\n" );
929 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
932 while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
934 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
936 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
941 mbedtls_printf( " ok\n" );
944 * 6. Read the HTTP Request
946 mbedtls_printf( " < Read from client:" );
951 len = sizeof( buf ) - 1;
952 memset( buf, 0, sizeof( buf ) );
953 ret = mbedtls_ssl_read( &ssl, buf, len );
955 if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
962 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
963 mbedtls_printf( " connection was closed gracefully\n" );
966 case MBEDTLS_ERR_NET_CONN_RESET:
967 mbedtls_printf( " connection was reset by peer\n" );
971 mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
979 mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
987 * 7. Write the 200 Response
989 mbedtls_printf( " > Write to client:" );
993 len = sprintf( (char *) buf, HTTP_RESPONSE,
994 mbedtls_ssl_get_ciphersuite( &ssl ) );
996 while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
998 if( ret == MBEDTLS_ERR_NET_CONN_RESET )
1000 mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
1004 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
1006 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
1012 mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
1014 mbedtls_printf( " . Closing the connection..." );
1016 while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
1018 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
1019 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
1021 mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret );
1026 mbedtls_printf( " ok\n" );
1033 #ifdef MBEDTLS_ERROR_C
1036 char error_buf[100];
1037 mbedtls_strerror( ret, error_buf, 100 );
1038 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
1042 mbedtls_net_free( &client_fd );
1043 mbedtls_net_free( &listen_fd );
1045 mbedtls_x509_crt_free( &srvcert );
1046 mbedtls_pk_free( &pkey );
1047 mbedtls_ssl_free( &ssl );
1048 mbedtls_ssl_config_free( &conf );
1049 #if defined(MBEDTLS_SSL_CACHE_C)
1050 mbedtls_ssl_cache_free( &cache );
1052 mbedtls_ctr_drbg_free( &ctr_drbg );
1053 mbedtls_entropy_free( &entropy );
1056 mbedtls_printf( " Press Enter to exit this program.\n" );
1062 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
1063 MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
1064 MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
1065 && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
1067 /* **************************
1070 * CAinitSslAdapter test
1073 * *************************/
1075 static int testCAinitSslAdapter()
1079 CAEndpoint_t serverAddr;
1080 serverAddr.adapter = CA_ADAPTER_IP;
1081 serverAddr.flags = CA_SECURE;
1082 serverAddr.port = 4433;
1083 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1084 memcpy(serverAddr.addr, addr, sizeof(addr));
1085 serverAddr.ifindex = 0;
1087 ret = CAinitSslAdapter();
1089 &g_caSslContext == NULL ||
1090 &g_caSslContext->crt == NULL ||
1091 &g_caSslContext->pkey == NULL ||
1092 &g_caSslContext->clientTlsConf == NULL ||
1093 &g_caSslContext->serverTlsConf == NULL ||
1094 &g_caSslContext->rnd == NULL ||
1095 &g_caSslContext->entropy == NULL)
1100 // CAdeinitSslAdapter
1101 ca_mutex_lock(g_sslContextMutex);
1103 mbedtls_x509_crt_free(&g_caSslContext->crt);
1104 mbedtls_pk_free(&g_caSslContext->pkey);
1105 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1106 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1107 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1108 mbedtls_entropy_free(&g_caSslContext->entropy);
1109 OICFree(g_caSslContext);
1110 g_caSslContext = NULL;
1111 ca_mutex_unlock(g_sslContextMutex);
1112 ca_mutex_free(g_sslContextMutex);
1113 g_sslContextMutex = NULL;
1118 // CAinitTlsAdapter()
1119 TEST(TLSAdaper, Test_1)
1122 ret = testCAinitSslAdapter();
1126 /* **************************
1129 * CAsetSslAdapterCallbacks test
1132 * *************************/
1134 static int testCAsetSslAdapterCallbacks()
1137 CAEndpoint_t serverAddr;
1138 serverAddr.adapter = CA_ADAPTER_IP;
1139 serverAddr.flags = CA_SECURE;
1140 serverAddr.port = 4433;
1141 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1142 memcpy(serverAddr.addr, addr, sizeof(addr));
1143 serverAddr.ifindex = 0;
1146 g_sslContextMutex = ca_mutex_new();
1147 ca_mutex_lock(g_sslContextMutex);
1148 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1149 g_caSslContext->peerList = u_arraylist_create();
1150 mbedtls_entropy_init(&g_caSslContext->entropy);
1151 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1152 unsigned char * seed = (unsigned char*) SEED;
1153 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1154 &g_caSslContext->entropy, seed, sizeof(SEED));
1155 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1156 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1157 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1158 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1159 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1160 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1161 &g_caSslContext->rnd);
1162 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1163 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1164 MBEDTLS_SSL_MINOR_VERSION_1);
1165 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1166 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1167 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1168 mbedtls_x509_crt_init(&g_caSslContext->ca);
1169 mbedtls_x509_crt_init(&g_caSslContext->crt);
1170 mbedtls_pk_init(&g_caSslContext->pkey);
1171 mbedtls_x509_crl_init(&g_caSslContext->crl);
1172 ca_mutex_unlock(g_sslContextMutex);
1174 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, (CATransportAdapter_t)0);
1175 if (g_caSslContext->adapterCallbacks[0].recvCallback == NULL &&
1176 g_caSslContext->adapterCallbacks[0].sendCallback == NULL &&
1177 g_caSslContext->adapterCallbacks[1].recvCallback == NULL &&
1178 g_caSslContext->adapterCallbacks[1].sendCallback == NULL)
1186 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_IP);
1187 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1188 if (g_caSslContext->adapterCallbacks[0].recvCallback == CATCPPacketReceivedCB &&
1189 g_caSslContext->adapterCallbacks[0].sendCallback == CATCPPacketSendCB &&
1190 g_caSslContext->adapterCallbacks[1].recvCallback == CATCPPacketReceivedCB &&
1191 g_caSslContext->adapterCallbacks[1].sendCallback == CATCPPacketSendCB)
1200 // CAdeinitSslAdapter
1201 ca_mutex_lock(g_sslContextMutex);
1203 mbedtls_x509_crt_free(&g_caSslContext->crt);
1204 mbedtls_pk_free(&g_caSslContext->pkey);
1205 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1206 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1207 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1208 mbedtls_entropy_free(&g_caSslContext->entropy);
1209 OICFree(g_caSslContext);
1210 g_caSslContext = NULL;
1211 ca_mutex_unlock(g_sslContextMutex);
1212 ca_mutex_free(g_sslContextMutex);
1213 g_sslContextMutex = NULL;
1218 // CAsetSslAdapterCallbacks()
1219 TEST(TLSAdaper, Test_2)
1222 ret = testCAsetSslAdapterCallbacks();
1226 /* **************************
1229 * CAinitiateSslHandshake test
1232 * *************************/
1234 unsigned char predictedClientHello[] = {
1235 0x16, 0x03, 0x01, 0x00, 0x63, 0x01, 0x00, 0x00, 0x5f, 0x03, 0x03, 0x57, 0xf2, 0x5f, 0x21, 0x04,
1236 0xb1, 0x3b, 0xda, 0x55, 0xa4, 0x8e, 0xcc, 0x3f, 0xe9, 0x45, 0x5c, 0xaf, 0xcb, 0x19, 0x2e, 0x1f,
1237 0x4b, 0xd5, 0x84, 0x5c, 0x4b, 0xd7, 0x7d, 0x38, 0xa2, 0xfa, 0x3d, 0x00, 0x00, 0x06, 0xc0, 0xae,
1238 0xc0, 0xae, 0x00, 0xff, 0x01, 0x00, 0x00, 0x30, 0x00, 0x0d, 0x00, 0x16, 0x00, 0x14, 0x06, 0x03,
1239 0x06, 0x01, 0x05, 0x03, 0x05, 0x01, 0x04, 0x03, 0x04, 0x01, 0x03, 0x03, 0x03, 0x01, 0x02, 0x03,
1240 0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00, 0x02, 0x00, 0x17, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
1241 0x00, 0x16, 0x00, 0x00, 0x00, 0x17, 0x00, 0x00
1243 static unsigned char controlBuf[sizeof(predictedClientHello)];
1244 static char controlBufLen = 0;
1245 static void CATCPPacketSendCB_forInitHsTest(CAEndpoint_t *, const void * buf, uint32_t buflen)
1248 n = write(sockfd, buf, buflen);
1250 error("ERROR writing to socket");
1252 memset(controlBuf, 0, sizeof(predictedClientHello));
1253 memcpy(controlBuf, buf, buflen);
1254 controlBufLen = buflen;
1257 static void * test0CAinitiateSslHandshake(void * arg)
1259 CAEndpoint_t serverAddr;
1260 serverAddr.adapter = CA_ADAPTER_TCP;
1261 serverAddr.flags = CA_SECURE;
1262 serverAddr.port = 4433;
1263 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1264 memcpy(serverAddr.addr, addr, sizeof(addr));
1265 serverAddr.ifindex = 0;
1268 g_sslContextMutex = ca_mutex_new();
1269 ca_mutex_lock(g_sslContextMutex);
1270 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1271 g_caSslContext->peerList = u_arraylist_create();
1272 mbedtls_entropy_init(&g_caSslContext->entropy);
1273 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1274 unsigned char * seed = (unsigned char*) SEED;
1275 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1276 &g_caSslContext->entropy, seed, sizeof(SEED));
1277 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1278 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1279 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1280 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1281 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1282 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1283 &g_caSslContext->rnd);
1284 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1285 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1286 MBEDTLS_SSL_MINOR_VERSION_1);
1287 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1288 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1289 mbedtls_x509_crt_init(&g_caSslContext->ca);
1290 mbedtls_x509_crt_init(&g_caSslContext->crt);
1291 mbedtls_pk_init(&g_caSslContext->pkey);
1292 mbedtls_x509_crl_init(&g_caSslContext->crl);
1293 ca_mutex_unlock(g_sslContextMutex);
1295 // CAsetSslAdapterCallbacks
1296 g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
1297 g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB_forInitHsTest;
1299 // CAsetPkixInfoCallback
1300 g_getPkixInfoCallback = infoCallback_that_loads_x509;
1302 // CAsetCredentialTypesCallback
1303 g_getCredentialTypesCallback = clutch;
1305 // CAsetTlsCipherSuite
1306 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1307 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1308 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1309 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1310 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1312 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1316 unsigned int unixTime = (unsigned)time(NULL);
1317 CAinitiateSslHandshake(&serverAddr);
1318 predictedClientHello[11] = unixTime >> 24;
1319 predictedClientHello[12] = (unixTime << 8) >> 24;
1320 predictedClientHello[13] = (unixTime << 16) >> 24;
1321 predictedClientHello[14] = (unixTime << 24) >> 24;
1323 // CAcloseTlsConnection
1324 ca_mutex_lock(g_sslContextMutex);
1325 SslEndPoint_t * tep = GetSslPeer(&serverAddr);
1326 mbedtls_ssl_close_notify(&tep->ssl);
1327 RemovePeerFromList(&tep->sep.endpoint);
1328 ca_mutex_unlock(g_sslContextMutex);
1330 // CAdeinitTlsAdapter
1331 ca_mutex_lock(g_sslContextMutex);
1333 mbedtls_x509_crt_free(&g_caSslContext->crt);
1334 mbedtls_pk_free(&g_caSslContext->pkey);
1335 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1336 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1337 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1338 mbedtls_entropy_free(&g_caSslContext->entropy);
1339 OICFree(g_caSslContext);
1340 g_caSslContext = NULL;
1341 ca_mutex_unlock(g_sslContextMutex);
1342 ca_mutex_free(g_sslContextMutex);
1343 g_sslContextMutex = NULL;
1347 if (controlBufLen == sizeof(predictedClientHello) &&
1348 memcmp(predictedClientHello, controlBuf, sizeof(predictedClientHello)) == 0)
1355 *((int*)arg) = 0xFF;
1356 return (void *) 0xFF;
1360 static int test1CAinitiateSslHandshake()
1363 ret = CAinitiateSslHandshake(NULL);
1364 if (CA_STATUS_INVALID_PARAM == ret)
1375 // CAinitiateSslHandshake()
1376 TEST(TLSAdaper, Test_3_0)
1378 pthread_t thread1, thread2;
1382 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1385 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
1391 ret = pthread_create( &thread2, NULL, test0CAinitiateSslHandshake, &arg);
1394 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
1403 TEST(TLSAdaper, Test_3_1)
1406 ret = test1CAinitiateSslHandshake();
1410 /* **************************
1416 * *************************/
1418 static void * testCAencryptSsl(void * arg)
1421 CAEndpoint_t serverAddr;
1422 serverAddr.adapter = CA_ADAPTER_TCP;
1423 serverAddr.flags = CA_SECURE;
1424 serverAddr.port = 4433;
1425 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1426 memcpy(serverAddr.addr, addr, sizeof(addr));
1427 serverAddr.ifindex = 0;
1430 g_sslContextMutex = ca_mutex_new();
1431 ca_mutex_lock(g_sslContextMutex);
1432 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1433 g_caSslContext->peerList = u_arraylist_create();
1434 mbedtls_entropy_init(&g_caSslContext->entropy);
1435 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1436 unsigned char * seed = (unsigned char*) SEED;
1437 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1438 &g_caSslContext->entropy, seed, sizeof(SEED));
1439 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1440 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1441 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1442 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1443 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1444 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1445 &g_caSslContext->rnd);
1446 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1447 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1448 MBEDTLS_SSL_MINOR_VERSION_1);
1449 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1450 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1451 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1452 mbedtls_x509_crt_init(&g_caSslContext->ca);
1453 mbedtls_x509_crt_init(&g_caSslContext->crt);
1454 mbedtls_pk_init(&g_caSslContext->pkey);
1455 mbedtls_x509_crl_init(&g_caSslContext->crl);
1456 ca_mutex_unlock(g_sslContextMutex);
1458 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1460 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1462 // CAsetCredentialTypesCallback
1463 g_getCredentialTypesCallback = clutch;
1465 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1466 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1470 // CAinitiateSslHandshake
1471 ca_mutex_lock(g_sslContextMutex);
1472 InitiateTlsHandshake(&serverAddr);
1473 ca_mutex_unlock(g_sslContextMutex);
1475 unsigned char buffer[2048] = {'\0'};
1477 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1478 sep->endpoint = serverAddr;
1480 for (int i = 0; i < 6; i++)
1482 PacketReceive(buffer, &buflen);
1483 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1486 ret = sprintf( (char*)buffer, GET_REQUEST );
1488 CAencryptSsl(&serverAddr, buffer, ret);
1490 PacketReceive(buffer, &buflen);
1491 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1493 CAcloseSslConnection(&serverAddr);
1495 // CAdeinitSslAdapter
1496 ca_mutex_lock(g_sslContextMutex);
1498 mbedtls_x509_crt_free(&g_caSslContext->crt);
1499 mbedtls_pk_free(&g_caSslContext->pkey);
1500 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1501 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1502 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1503 mbedtls_entropy_free(&g_caSslContext->entropy);
1504 OICFree(g_caSslContext);
1505 g_caSslContext = NULL;
1506 ca_mutex_unlock(g_sslContextMutex);
1507 ca_mutex_free(g_sslContextMutex);
1508 g_sslContextMutex = NULL;
1512 if (control_server_message_len == msglen && memcmp(msg, control_server_message, control_server_message_len) == 0)
1519 *((int*)arg) = 0xFF;
1520 return (void *) 0xFF;
1525 TEST(TLSAdaper, Test_4)
1527 pthread_t thread1, thread2;
1531 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1534 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1540 ret = pthread_create( &thread2, NULL, testCAencryptSsl, &arg);
1543 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1552 /* **************************
1558 * *************************/
1560 static void * testCAdecryptSsl(void * arg)
1563 unsigned char buffer[2048] = {'\0'};
1566 CAEndpoint_t serverAddr;
1567 serverAddr.adapter = CA_ADAPTER_TCP;
1568 serverAddr.flags = CA_SECURE;
1569 serverAddr.port = 4433;
1570 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1571 memcpy(serverAddr.addr, addr, sizeof(addr));
1572 serverAddr.ifindex = 0;
1575 g_sslContextMutex = ca_mutex_new();
1576 ca_mutex_lock(g_sslContextMutex);
1577 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1578 g_caSslContext->peerList = u_arraylist_create();
1579 mbedtls_entropy_init(&g_caSslContext->entropy);
1580 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1581 unsigned char * seed = (unsigned char*) SEED;
1582 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1583 &g_caSslContext->entropy, seed, sizeof(SEED));
1584 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1585 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1586 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1587 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1588 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1589 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1590 &g_caSslContext->rnd);
1591 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1592 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1593 MBEDTLS_SSL_MINOR_VERSION_1);
1594 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1595 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1596 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1597 mbedtls_x509_crt_init(&g_caSslContext->ca);
1598 mbedtls_x509_crt_init(&g_caSslContext->crt);
1599 mbedtls_pk_init(&g_caSslContext->pkey);
1600 mbedtls_x509_crl_init(&g_caSslContext->crl);
1601 ca_mutex_unlock(g_sslContextMutex);
1603 // CAsetTlsAdapterCallbacks
1604 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1606 // CAsetPkixInfoCallback
1607 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1609 // CAsetCredentialTypesCallback
1610 g_getCredentialTypesCallback = clutch;
1612 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1614 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1618 // CAinitiateSslHandshake
1619 ca_mutex_lock(g_sslContextMutex);
1620 InitiateTlsHandshake(&serverAddr);
1621 ca_mutex_unlock(g_sslContextMutex);
1623 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1624 sep->endpoint = serverAddr;
1626 for (int i = 0; i < 6; i++)
1628 PacketReceive(buffer, &buflen);
1629 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1632 ret = sprintf((char*)buffer, GET_REQUEST);
1634 CAencryptSsl(&serverAddr, buffer, ret);
1636 PacketReceive(buffer, &buflen);
1637 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1639 CAcloseSslConnection(&serverAddr);
1641 // CAdeinitSslAdapter
1642 ca_mutex_lock(g_sslContextMutex);
1644 mbedtls_x509_crt_free(&g_caSslContext->crt);
1645 mbedtls_pk_free(&g_caSslContext->pkey);
1646 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1647 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1648 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1649 mbedtls_entropy_free(&g_caSslContext->entropy);
1650 OICFree(g_caSslContext);
1651 g_caSslContext = NULL;
1652 ca_mutex_unlock(g_sslContextMutex);
1653 ca_mutex_free(g_sslContextMutex);
1654 g_sslContextMutex = NULL;
1658 if (control_server_message_len == msglen && memcmp(msg, control_server_message,
1659 control_server_message_len) == 0)
1666 *((int*)arg) = 0xFF;
1667 return (void *) 0xFF;
1672 TEST(TLSAdaper, Test_5)
1674 pthread_t thread1, thread2;
1678 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1681 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1687 ret = pthread_create( &thread2, NULL, testCAdecryptSsl, &arg);
1690 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1699 /* **************************
1702 * CAdeinitSslAdapter test
1705 * *************************/
1707 static int testCAdeinitSslAdapter()
1710 CAEndpoint_t serverAddr;
1711 serverAddr.adapter = CA_ADAPTER_IP;
1712 serverAddr.flags = CA_SECURE;
1713 serverAddr.port = 4433;
1714 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1715 memcpy(serverAddr.addr, addr, sizeof(addr));
1716 serverAddr.ifindex = 0;
1719 g_sslContextMutex = ca_mutex_new();
1720 ca_mutex_lock(g_sslContextMutex);
1721 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1722 g_caSslContext->peerList = u_arraylist_create();
1723 mbedtls_entropy_init(&g_caSslContext->entropy);
1724 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1725 unsigned char * seed = (unsigned char*) SEED;
1726 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1727 &g_caSslContext->entropy, seed, sizeof(SEED));
1728 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1729 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1730 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1731 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1732 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1733 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1734 &g_caSslContext->rnd);
1735 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1736 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1737 MBEDTLS_SSL_MINOR_VERSION_1);
1738 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1739 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1740 mbedtls_x509_crt_init(&g_caSslContext->ca);
1741 mbedtls_x509_crt_init(&g_caSslContext->crt);
1742 mbedtls_pk_init(&g_caSslContext->pkey);
1743 mbedtls_x509_crl_init(&g_caSslContext->crl);
1744 ca_mutex_unlock(g_sslContextMutex);
1746 // CAsetTlsAdapterCallbacks
1747 g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
1748 g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB;
1750 // CAsetPkixInfoCallback
1751 g_getPkixInfoCallback = infoCallback_that_loads_x509;
1753 // CAsetTlsCipherSuite
1754 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1755 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1756 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1757 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1758 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1760 CAdeinitSslAdapter();
1762 if (g_caSslContext != NULL ||
1763 g_sslContextMutex != NULL)
1774 // CAdeinitSslAdapter()
1775 TEST(TLSAdaper, Test_6)
1778 ret = testCAdeinitSslAdapter();
1782 /* **************************
1788 * *************************/
1790 static void * testServer(void * arg)
1792 CAEndpoint_t serverAddr;
1793 serverAddr.adapter = CA_ADAPTER_TCP;
1794 serverAddr.flags = CA_SECURE;
1795 serverAddr.port = 4432;
1796 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1797 memcpy(serverAddr.addr, addr, sizeof(addr));
1798 serverAddr.ifindex = 0;
1799 unsigned char buffer[2048] = {'\0'};
1804 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB_server, CATCPPacketSendCB_server, CA_ADAPTER_TCP);
1805 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1807 // CAsetCredentialTypesCallback
1808 g_getCredentialTypesCallback = clutch;
1810 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1812 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1814 socketOpen_server();
1816 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1817 sep->endpoint = serverAddr;
1819 for (int i = 0; i < 7; i++)
1821 PacketReceive_server(buffer, &buflen);
1822 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1825 CAcloseSslConnection(&serverAddr);
1827 // CAdeinitSslAdapter
1828 ca_mutex_lock(g_sslContextMutex);
1830 mbedtls_x509_crt_free(&g_caSslContext->crt);
1831 mbedtls_pk_free(&g_caSslContext->pkey);
1832 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1833 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1834 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1835 mbedtls_entropy_free(&g_caSslContext->entropy);
1836 OICFree(g_caSslContext);
1837 g_caSslContext = NULL;
1838 ca_mutex_unlock(g_sslContextMutex);
1839 ca_mutex_free(g_sslContextMutex);
1840 g_sslContextMutex = NULL;
1842 socketClose_server();
1844 if (control_client_message_len == msglen && memcmp(msg, control_client_message,
1845 control_client_message_len) == 0)
1852 *((int*)arg) = 0xFF;
1853 return (void *) 0xFF;
1857 TEST(TLSAdaper, Test_7)
1859 pthread_t thread1, thread2;
1863 ret = pthread_create( &thread1, NULL, testServer, &arg);
1866 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1872 ret = pthread_create( &thread2, NULL, client, (void*) NULL);
1875 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1881 EXPECT_EQ(NULL, arg);
1884 /* **************************
1886 * CAsetPskCredentialsCallback test
1887 * CAsetPkixInfoCallback test
1888 * CAsetCredentialTypesCallback test
1890 * *************************/
1892 static int testCAsetPskCredentialsCallback()
1894 static CAgetPskCredentialsHandler credCallback = (CAgetPskCredentialsHandler)dummyHandler;
1895 CAsetPskCredentialsCallback(credCallback);
1896 if (g_getCredentialsCallback == (CAgetPskCredentialsHandler)dummyHandler)
1906 static int testCAsetPkixInfoCallback()
1908 static CAgetPkixInfoHandler infoCallback = (CAgetPkixInfoHandler)dummyHandler;
1909 CAsetPkixInfoCallback(infoCallback);
1910 if (g_getPkixInfoCallback == (CAgetPkixInfoHandler)dummyHandler)
1920 static int testCAsetCredentialTypesCallback()
1922 static CAgetCredentialTypesHandler credTypesCallback = (CAgetCredentialTypesHandler)dummyHandler;
1923 CAsetCredentialTypesCallback(credTypesCallback);
1924 if (g_getCredentialTypesCallback == (CAgetCredentialTypesHandler)dummyHandler)
1934 // CAsetPskCredentialsCallback()
1935 TEST(TLSAdaper, Test_9_0)
1938 ret = testCAsetPskCredentialsCallback();
1941 // CAsetPkixInfoCallback()
1942 TEST(TLSAdaper, Test_9_1)
1945 ret = testCAsetPkixInfoCallback();
1948 // CAsetCredentialTypesCallback()
1949 TEST(TLSAdaper, Test_9_2)
1952 ret = testCAsetCredentialTypesCallback();
1956 /* **************************
1959 * CAsetTlsCipherSuite test
1962 * *************************/
1964 static int testCAsetTlsCipherSuite()
1966 int ret = 0, status = 0;
1967 CAEndpoint_t serverAddr;
1968 serverAddr.adapter = CA_ADAPTER_TCP;
1969 serverAddr.flags = CA_SECURE;
1970 serverAddr.port = 4433;
1971 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1972 memcpy(serverAddr.addr, addr, sizeof(addr));
1973 serverAddr.ifindex = 0;
1977 // CAsetCredentialTypesCallback
1978 g_getCredentialTypesCallback = clutch;
1980 status = CAsetTlsCipherSuite(MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA);
1981 if (ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA != g_caSslContext->cipher || status != CA_STATUS_OK)
1986 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1987 if (ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 != g_caSslContext->cipher || status != CA_STATUS_OK)
1992 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256);
1993 if (ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256 != g_caSslContext->cipher || status != CA_STATUS_OK)
1998 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1999 if (ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != g_caSslContext->cipher || status != CA_STATUS_OK)
2004 status = CAsetTlsCipherSuite(dummyHandler);
2005 if (CA_STATUS_FAILED != status)
2010 // CAdeinitSslAdapter
2011 ca_mutex_lock(g_sslContextMutex);
2013 mbedtls_x509_crt_free(&g_caSslContext->crt);
2014 mbedtls_pk_free(&g_caSslContext->pkey);
2015 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
2016 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
2017 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
2018 mbedtls_entropy_free(&g_caSslContext->entropy);
2019 OICFree(g_caSslContext);
2020 g_caSslContext = NULL;
2021 ca_mutex_unlock(g_sslContextMutex);
2022 ca_mutex_free(g_sslContextMutex);
2023 g_sslContextMutex = NULL;
2028 // CAinitTlsAdapter()
2029 TEST(TLSAdaper, Test_10)
2032 ret = testCAsetTlsCipherSuite();
2036 static void * testCAsslGenerateOwnerPsk(void * arg)
2039 CAEndpoint_t serverAddr;
2040 serverAddr.adapter = CA_ADAPTER_TCP;
2041 serverAddr.flags = CA_SECURE;
2042 serverAddr.port = 4433;
2043 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
2044 memcpy(serverAddr.addr, addr, sizeof(addr));
2045 serverAddr.ifindex = 0;
2047 uint8_t label[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A};
2048 uint8_t rsrcServerDeviceId[] = {0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A};
2049 uint8_t provServerDeviceId[] = {0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A};
2050 uint8_t ownerPsk[0x100] = {0x00};
2051 uint8_t predictedPSK[] = {
2052 0xba, 0x72, 0x16, 0xbc, 0x7f, 0x8c, 0xfe, 0xfc, 0xd0, 0xac, 0x1a, 0x37, 0xad, 0x60, 0xe8, 0x9e,
2053 0xb3, 0x31, 0xa2, 0x30, 0xaf, 0x68, 0xc9, 0xa6, 0x89, 0x8a, 0x04, 0x21, 0x6c, 0xbd, 0x04, 0x08,
2054 0x68, 0x11, 0x54, 0x9e, 0x2a, 0x10, 0x91, 0x94, 0x3c, 0x44, 0x52, 0xc7, 0xfa, 0x78, 0x44, 0x87,
2055 0xea, 0x30, 0x08, 0x5f, 0xc1, 0x64, 0xaa, 0x0d, 0xfd, 0x84, 0x16, 0x83, 0x20, 0xc9, 0x08, 0x65,
2056 0xd2, 0x4a, 0x55, 0x9e, 0x8f, 0x88, 0x3c, 0x57, 0x10, 0xbd, 0x5a, 0x30, 0x01, 0xb4, 0x59, 0x63,
2057 0x64, 0x19, 0x8d, 0xfa, 0x5c, 0x86, 0x92, 0xf7, 0x60, 0x99, 0xdb, 0xae, 0x0e, 0xad, 0x80, 0xf1,
2058 0x82, 0xaf, 0x1b, 0x14, 0x0c, 0x99, 0x13, 0x53, 0x54, 0x33, 0x6a, 0x17, 0x24, 0x5c, 0x9d, 0xdb,
2059 0x5a, 0xfb, 0x73, 0x2f, 0x41, 0xe8, 0xeb, 0x2e, 0x68, 0xfe, 0xee, 0x0b, 0xdc, 0x54, 0x50, 0xf1,
2060 0x1e, 0x16, 0x19, 0x2c, 0x4e, 0xb6, 0x97, 0x9f, 0x9c, 0x32, 0x9c, 0x0e, 0xe0, 0xe1, 0x32, 0x64,
2061 0x16, 0x34, 0x53, 0x8e, 0xc5, 0xe3, 0xe5, 0xbc, 0x2c, 0x10, 0xae, 0x81, 0x2c, 0x1a, 0xb2, 0xb7,
2062 0xa3, 0xbe, 0x0f, 0xab, 0xfd, 0xf7, 0x87, 0x53, 0xcd, 0x3e, 0x31, 0xfb, 0x2d, 0x69, 0x6a, 0xd5,
2063 0xc3, 0x27, 0x04, 0x2b, 0x37, 0x02, 0x91, 0x05, 0x0c, 0x4e, 0x2a, 0xfc, 0x6c, 0x42, 0xe8, 0x37,
2064 0x23, 0x2f, 0x60, 0x6e, 0x0c, 0xed, 0x7c, 0xe0, 0x5f, 0x47, 0xb3, 0x51, 0x86, 0x5b, 0x26, 0x08,
2065 0x2a, 0x05, 0x89, 0xb0, 0xdd, 0x6f, 0xc6, 0x76, 0xc5, 0x2a, 0x60, 0x07, 0x0e, 0xb1, 0x71, 0x67,
2066 0x21, 0x11, 0xf8, 0xb5, 0x52, 0xa3, 0xf3, 0xf0, 0xd4, 0x5f, 0xdf, 0x44, 0x66, 0x23, 0xd8, 0x4e,
2067 0xbd, 0x64, 0x39, 0x43, 0x03, 0x37, 0xaa, 0xd7, 0xea, 0xb3, 0x6d, 0x2f, 0x84, 0x9c, 0x02, 0x49
2071 g_sslContextMutex = ca_mutex_new();
2072 ca_mutex_lock(g_sslContextMutex);
2073 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
2074 g_caSslContext->peerList = u_arraylist_create();
2075 mbedtls_entropy_init(&g_caSslContext->entropy);
2076 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
2077 unsigned char * seed = (unsigned char*) SEED;
2078 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
2079 &g_caSslContext->entropy, seed, sizeof(SEED));
2080 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
2081 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
2082 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
2083 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
2084 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
2085 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
2086 &g_caSslContext->rnd);
2087 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
2088 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
2089 MBEDTLS_SSL_MINOR_VERSION_1);
2090 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
2091 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
2092 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
2093 mbedtls_x509_crt_init(&g_caSslContext->ca);
2094 mbedtls_x509_crt_init(&g_caSslContext->crt);
2095 mbedtls_pk_init(&g_caSslContext->pkey);
2096 mbedtls_x509_crl_init(&g_caSslContext->crl);
2097 ca_mutex_unlock(g_sslContextMutex);
2099 // CAsetTlsAdapterCallbacks
2100 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
2102 // CAsetPkixInfoCallback
2103 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
2105 // CAsetCredentialTypesCallback
2106 g_getCredentialTypesCallback = clutch;
2108 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
2110 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
2114 // CAinitiateSslHandshake
2115 ca_mutex_lock(g_sslContextMutex);
2116 InitiateTlsHandshake(&serverAddr);
2117 ca_mutex_unlock(g_sslContextMutex);
2119 ret = CAsslGenerateOwnerPsk(&serverAddr,
2120 label, sizeof(label),
2121 rsrcServerDeviceId, sizeof(rsrcServerDeviceId),
2122 provServerDeviceId, sizeof(provServerDeviceId),
2125 // CAcloseTlsConnection
2126 ca_mutex_lock(g_sslContextMutex);
2127 SslEndPoint_t * tep = GetSslPeer(&serverAddr);
2128 mbedtls_ssl_close_notify(&tep->ssl);
2129 RemovePeerFromList(&tep->sep.endpoint);
2130 ca_mutex_unlock(g_sslContextMutex);
2132 // CAdeinitTlsAdapter
2133 ca_mutex_lock(g_sslContextMutex);
2135 mbedtls_x509_crt_free(&g_caSslContext->crt);
2136 mbedtls_pk_free(&g_caSslContext->pkey);
2137 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
2138 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
2139 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
2140 mbedtls_entropy_free(&g_caSslContext->entropy);
2141 OICFree(g_caSslContext);
2142 g_caSslContext = NULL;
2143 ca_mutex_unlock(g_sslContextMutex);
2144 ca_mutex_free(g_sslContextMutex);
2145 g_sslContextMutex = NULL;
2149 if (ret == 0 && memcmp(predictedPSK, ownerPsk, sizeof(predictedPSK)) == 0)
2156 *((int*)arg) = 0xFF;
2157 return (void *) 0xFF;
2161 TEST(TLSAdaper, Test_11)
2163 pthread_t thread1, thread2;
2167 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
2170 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
2176 ret = pthread_create( &thread2, NULL, testCAsslGenerateOwnerPsk, &arg);
2179 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);