1 //******************************************************************
3 // Copyright 2016 Samsung Electronics All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #include "gtest/gtest.h"
24 #define CAcloseSslConnection CAcloseSslConnectionTest
25 #define CAdecryptSsl CAdecryptSslTest
26 #define CAdeinitSslAdapter CAdeinitSslAdapterTest
27 #define CAencryptSsl CAencryptSslTest
28 #define CAinitSslAdapter CAinitSslAdapterTest
29 #define CAinitiateSslHandshake CAinitiateSslHandshakeTest
30 #define CAsetCredentialTypesCallback CAsetCredentialTypesCallbackTest
31 #define CAsetSslAdapterCallbacks CAsetSslAdapterCallbacksTest
32 #define CAsetSslHandshakeCallback CAsetSslHandshakeCallbackTest
33 #define CAsetTlsCipherSuite CAsetTlsCipherSuiteTest
34 #define CAsslGenerateOwnerPsk CAsslGenerateOwnerPskTest
36 #include "../src/adapter_util/ca_adapter_net_ssl.c"
47 #ifdef HAVE_SYS_TYPES_H
48 #include <sys/types.h>
50 #ifdef HAVE_SYS_SOCKET_H
51 #include <sys/socket.h>
53 #ifdef HAVE_NETINET_IN_H
54 #include <netinet/in.h>
61 #include "../../../../c_common/windows/include/pthread_create.h"
65 /** @todo stop-gap for naming issue. Windows.h does not like us to use ERROR */
69 #endif //HAVE_WINDOWS_H
70 #include "platform_features.h"
73 #define MBED_TLS_DEBUG_LEVEL (4) // Verbose
75 #define SEED "PREDICTED_SEED"
76 #define dummyHandler 0xF123
78 #define SERVER_PORT 4433
79 #define SERVER_NAME "localhost"
80 #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
82 /* **************************
88 * *************************/
90 unsigned char serverCert[] = {
91 0x30, 0x82, 0x02, 0x39, 0x30, 0x82, 0x01, 0xdf, 0x02, 0x01, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
92 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
93 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
94 0x09, 0x53, 0x6f, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
95 0x55, 0x04, 0x07, 0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30,
96 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03,
97 0x55, 0x04, 0x0b, 0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61,
98 0x72, 0x74, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31,
99 0x14, 0x30, 0x12, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05,
100 0x6f, 0x62, 0x40, 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x35, 0x31,
101 0x33, 0x31, 0x31, 0x31, 0x37, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x32, 0x31, 0x33,
102 0x31, 0x31, 0x31, 0x37, 0x5a, 0x30, 0x81, 0xd4, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
103 0x06, 0x13, 0x02, 0x55, 0x41, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x03,
104 0x41, 0x73, 0x64, 0x31, 0x0f, 0x30, 0x0d, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x06, 0x47, 0x6f,
105 0x74, 0x68, 0x61, 0x6d, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x5a,
106 0x5a, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x08, 0x42, 0x65, 0x61, 0x6d,
107 0x54, 0x65, 0x61, 0x6d, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
108 0x01, 0x09, 0x01, 0x16, 0x0d, 0x72, 0x61, 0x69, 0x6c, 0x40, 0x6d, 0x61, 0x69, 0x6c, 0x2e, 0x63,
109 0x6f, 0x6d, 0x31, 0x32, 0x30, 0x30, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x29, 0x75, 0x75, 0x69,
110 0x64, 0x3a, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d,
111 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x2d, 0x33, 0x32, 0x33, 0x32, 0x33, 0x32,
112 0x33, 0x32, 0x33, 0x32, 0x33, 0x32, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x0c,
113 0x2b, 0x75, 0x73, 0x65, 0x72, 0x69, 0x64, 0x3a, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37,
114 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d, 0x36, 0x37, 0x36, 0x37, 0x2d,
115 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x36, 0x37, 0x30, 0x59, 0x30, 0x13,
116 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
117 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10, 0xe5, 0x09,
118 0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a, 0xb6, 0x61,
119 0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0, 0xe5, 0xac,
120 0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76, 0x3f, 0xe0,
121 0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
122 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x47, 0xcc, 0x41, 0x8a, 0x27, 0xc7,
123 0xd0, 0xaa, 0xb4, 0xab, 0x85, 0xbf, 0x09, 0x4d, 0x06, 0xd7, 0x7e, 0x0d, 0x39, 0xf9, 0x36, 0xa1,
124 0x3d, 0x96, 0x23, 0xe2, 0x24, 0x64, 0x98, 0x63, 0x21, 0xba, 0x02, 0x21, 0x00, 0xe5, 0x8f, 0x7f,
125 0xf1, 0xa6, 0x82, 0x03, 0x6a, 0x18, 0x7a, 0x54, 0xe7, 0x0e, 0x25, 0x77, 0xd8, 0x46, 0xfa, 0x96,
126 0x8a, 0x7e, 0x14, 0xc4, 0xcb, 0x21, 0x32, 0x3e, 0x89, 0xd9, 0xba, 0x8c, 0x3f
128 int serverCertLen = sizeof(serverCert);
130 unsigned char serverPrivateKey[] = {
131 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x02, 0x51, 0xb5, 0x97, 0xb9, 0xe9, 0xd8, 0x8d, 0x66,
132 0x2b, 0x8a, 0xb3, 0x9c, 0x6a, 0xd2, 0xca, 0x18, 0x21, 0xb9, 0x87, 0x3d, 0xf5, 0x8e, 0xa2, 0x8d,
133 0x38, 0xf6, 0xb7, 0xd2, 0x76, 0x74, 0x99, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
134 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xf7, 0x13, 0x5c, 0x73, 0x72, 0xce, 0x10,
135 0xe5, 0x09, 0x97, 0x9a, 0xf8, 0xf2, 0x70, 0xa6, 0x3d, 0x89, 0xf5, 0xc5, 0xe4, 0x44, 0xe2, 0x4a,
136 0xb6, 0x61, 0xa8, 0x12, 0x8d, 0xb4, 0xdc, 0x2b, 0x47, 0x84, 0x60, 0x0c, 0x25, 0x66, 0xe9, 0xe0,
137 0xe5, 0xac, 0x22, 0xbf, 0x15, 0xdc, 0x71, 0xb1, 0x88, 0x4f, 0x16, 0xbf, 0xc2, 0x77, 0x37, 0x76,
138 0x3f, 0xe0, 0x67, 0xc6, 0x1d, 0x23, 0xfe, 0x7c, 0x8b
141 int serverPrivateKeyLen = sizeof(serverPrivateKey);
143 unsigned char caCert[] = {
144 0x30, 0x82, 0x02, 0x3e, 0x30, 0x82, 0x01, 0xe5, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
145 0x87, 0xa7, 0x68, 0x01, 0x7c, 0xe9, 0xf8, 0xf0, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
146 0x3d, 0x04, 0x03, 0x02, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
147 0x02, 0x55, 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f,
148 0x6d, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07,
149 0x0c, 0x08, 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
150 0x55, 0x04, 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b,
151 0x0c, 0x0d, 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31,
152 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12,
153 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40,
154 0x62, 0x62, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x37, 0x32, 0x35, 0x31, 0x31, 0x31, 0x36,
155 0x31, 0x31, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, 0x35, 0x31, 0x35, 0x31, 0x31, 0x31, 0x36, 0x31,
156 0x31, 0x5a, 0x30, 0x7c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
157 0x53, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x53, 0x6f, 0x6d, 0x65,
158 0x73, 0x74, 0x61, 0x74, 0x65, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x08,
159 0x53, 0x6f, 0x6d, 0x65, 0x63, 0x69, 0x74, 0x79, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
160 0x0a, 0x0c, 0x02, 0x42, 0x42, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0d,
161 0x53, 0x65, 0x71, 0x75, 0x72, 0x69, 0x74, 0x79, 0x20, 0x50, 0x61, 0x72, 0x74, 0x31, 0x0b, 0x30,
162 0x09, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x02, 0x6f, 0x62, 0x31, 0x14, 0x30, 0x12, 0x06, 0x09,
163 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x05, 0x6f, 0x62, 0x40, 0x62, 0x62,
164 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
165 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x2e, 0xcf, 0xc3, 0xfa, 0x2e,
166 0x04, 0x11, 0x62, 0x34, 0x63, 0x6f, 0xdf, 0xb6, 0x67, 0xfb, 0x5a, 0x50, 0x8c, 0x15, 0x73, 0xc9,
167 0xc1, 0x57, 0x3a, 0x9e, 0xf8, 0xf4, 0xa8, 0x0c, 0x1a, 0xe9, 0x91, 0x51, 0x9d, 0x03, 0x26, 0x48,
168 0xaa, 0x46, 0x84, 0x12, 0x06, 0x2d, 0xfc, 0x66, 0xbe, 0x41, 0xed, 0xfd, 0xcd, 0x32, 0xa3, 0x9b,
169 0x34, 0xf2, 0xaa, 0x95, 0x1f, 0x8e, 0x5d, 0x49, 0x77, 0x80, 0xc2, 0xa3, 0x50, 0x30, 0x4e, 0x30,
170 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff, 0x8c,
171 0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30, 0x1f,
172 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x1e, 0x81, 0xc3, 0x62, 0xff,
173 0x8c, 0x5a, 0x98, 0x90, 0xac, 0x2c, 0xc3, 0x65, 0xb9, 0x3f, 0x8f, 0x04, 0x55, 0xfa, 0x7c, 0x30,
174 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0a, 0x06,
175 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20,
176 0x1c, 0xa1, 0x55, 0xa8, 0x04, 0xbc, 0x5b, 0x00, 0xa8, 0xac, 0x2f, 0xe6, 0xb7, 0x3c, 0x7c, 0xf3,
177 0x7e, 0x93, 0xce, 0xe0, 0xdf, 0x6e, 0x36, 0xe4, 0x36, 0x20, 0xcb, 0x36, 0x9c, 0x13, 0x3b, 0xc4,
178 0x02, 0x20, 0x7f, 0x18, 0x13, 0x7d, 0x1b, 0x8c, 0xe3, 0x5b, 0xd9, 0xac, 0x74, 0x8c, 0xc0, 0xe9,
179 0xbf, 0x1b, 0x48, 0x6f, 0xb6, 0x6a, 0x45, 0x03, 0xa6, 0x5d, 0x4d, 0x65, 0xf7, 0x96, 0xa0, 0x08,
182 int caCertLen = sizeof(caCert);
184 unsigned char control_server_message[] = {
185 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x20, 0x32, 0x30, 0x30, 0x20, 0x4f, 0x4b, 0x0d,
186 0x0a, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x20, 0x74,
187 0x65, 0x78, 0x74, 0x2f, 0x68, 0x74, 0x6d, 0x6c, 0x0d, 0x0a, 0x0d, 0x0a, 0x3c, 0x68, 0x32, 0x3e,
188 0x6d, 0x62, 0x65, 0x64, 0x20, 0x54, 0x4c, 0x53, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x65,
189 0x72, 0x76, 0x65, 0x72, 0x3c, 0x2f, 0x68, 0x32, 0x3e, 0x0d, 0x0a, 0x54, 0x45, 0x53, 0x54, 0x20,
190 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x0d, 0x0a, 0x3c, 0x70, 0x3e, 0x53, 0x75, 0x63, 0x63,
191 0x65, 0x73, 0x73, 0x66, 0x75, 0x6c, 0x20, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f,
192 0x6e, 0x20, 0x75, 0x73, 0x69, 0x6e, 0x67, 0x3a, 0x20, 0x54, 0x4c, 0x53, 0x2d, 0x45, 0x43, 0x44,
193 0x48, 0x45, 0x2d, 0x45, 0x43, 0x44, 0x53, 0x41, 0x2d, 0x57, 0x49, 0x54, 0x48, 0x2d, 0x41, 0x45,
194 0x53, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x43, 0x43, 0x4d, 0x2d, 0x38, 0x3c, 0x2f, 0x70, 0x3e, 0x0d,
197 int control_server_message_len = sizeof(control_server_message);
199 unsigned char control_client_message[] = {
200 0x47, 0x45, 0x54, 0x20, 0x2f, 0x20, 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, 0x2e, 0x30, 0x0d, 0x0a,
203 int control_client_message_len = sizeof(control_client_message);
205 static void error(const char *msg)
211 static int sockfd, newsockfd;
213 static void socketConnect()
216 struct sockaddr_in serv_addr;
217 struct hostent *server;
219 portno = SERVER_PORT;
220 sockfd = socket(AF_INET, SOCK_STREAM, 0);
222 error("ERROR opening socket");
223 server = gethostbyname(SERVER_NAME);
224 if (server == NULL) {
225 fprintf(stderr,"ERROR, no such host\n");
228 //memset((char *) &serv_addr, sizeof(serv_addr));
229 memset((void*)&serv_addr, 0, sizeof(serv_addr));
230 serv_addr.sin_family = AF_INET;
231 memcpy((char *)server->h_addr,
232 (char *)&serv_addr.sin_addr.s_addr,
234 serv_addr.sin_port = htons(portno);
235 if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
236 error("ERROR connecting");
239 static ssize_t CATCPPacketSendCB(CAEndpoint_t *, const void *buf, size_t buflen)
242 n = write(sockfd, buf, buflen);
244 error("ERROR writing to socket");
248 char msg[256] = {0}; size_t msglen = 0;
249 static void CATCPPacketReceivedCB(const CASecureEndpoint_t *, const void *data, size_t dataLength)
251 memcpy(msg, data, dataLength);
255 static void PacketReceive(unsigned char *data, int * datalen)
258 char buffer[2048] = {'\0'};
259 n = read(sockfd, buffer, 5);
260 if ((buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
261 && buffer[1] == 0x03 && buffer[2] == 0x03)
263 int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
264 n = read(sockfd, buffer + 5, tlslen);
268 error("ERROR reading from socket");
271 memcpy(data, buffer, *datalen);
274 static void socketClose()
279 static void infoCallback_that_loads_x509(PkiInfo_t * inf)
281 inf->crt.data = (uint8_t*)serverCert;
282 inf->crt.len = sizeof(serverCert);
283 inf->key.data = (uint8_t*)serverPrivateKey;
284 inf->key.len = sizeof(serverPrivateKey);
285 inf->ca.data = (uint8_t*)caCert;
286 inf->ca.len = sizeof(caCert);
287 inf->crl.data = NULL;
291 static void socketOpen_server()
294 struct sockaddr_in serv_addr, cli_addr;
297 portno = SERVER_PORT;
298 sockfd = socket(AF_INET, SOCK_STREAM, 0);
300 error("\nERROR opening socket");
301 //bzero((char *) &serv_addr, sizeof(serv_addr));
302 memset((void*)&serv_addr, 0, sizeof(serv_addr));
303 serv_addr.sin_family = AF_INET;
304 serv_addr.sin_addr.s_addr = INADDR_ANY;
305 serv_addr.sin_port = htons(portno);
306 if (bind(sockfd, (struct sockaddr *) &serv_addr,
307 sizeof(serv_addr)) < 0)
308 error("\nERROR on binding");
310 clilen = sizeof(cli_addr);
311 newsockfd = accept(sockfd,
312 (struct sockaddr *) &cli_addr,
315 error("\nERROR on accept");
318 static ssize_t CATCPPacketSendCB_server(CAEndpoint_t *, const void *buf, size_t buflen)
321 n = write(newsockfd,buf,buflen);
323 error("ERROR writing to socket");
327 static void CATCPPacketReceivedCB_server(const CASecureEndpoint_t *, const void *data, size_t dataLength)
329 memcpy(msg, data, dataLength);
332 static void PacketReceive_server(unsigned char *data, int * datalen)
335 char buffer[2048] = {'\0'};
336 n = read(newsockfd, buffer, 5);
338 if (buffer[0] == 0x16 || buffer[0] == 0x14 || buffer[0] == 0x17 || buffer[0] == 0x15)
340 int tlslen = (unsigned char)buffer[3] * 0x100 + (unsigned char)buffer[4];
341 n = read(newsockfd, buffer + 5, tlslen);
345 error("\nERROR reading from socket");
348 memcpy(data, buffer, *datalen);
351 static void socketClose_server()
357 static void clutch(bool * list)
362 const unsigned char IDENTITY[] = ("6767676767676767");
363 const unsigned char RS_CLIENT_PSK[] = ("AAAAAAAAAAAAAAAA");
364 static int32_t GetDtlsPskCredentials( CADtlsPskCredType_t,
365 const unsigned char *, size_t,
366 unsigned char *result, size_t)
374 memcpy(result, IDENTITY, sizeof(IDENTITY));
375 ret = sizeof(IDENTITY);
380 /* **************************
383 * MbedTLS client routine
386 * *************************/
388 #if !defined(MBEDTLS_CONFIG_FILE)
389 #include "mbedtls/config.h"
391 #include MBEDTLS_CONFIG_FILE
394 #if defined(MBEDTLS_PLATFORM_C)
395 #include "mbedtls/platform.h"
399 #define mbedtls_fprintf fprintf
400 #define mbedtls_printf printf
403 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
404 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
405 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
406 !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \
407 !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C)
408 static int client( void )
410 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
411 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
412 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
413 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
419 #include "mbedtls/net.h"
420 #include "mbedtls/debug.h"
421 #include "mbedtls/ssl.h"
422 #include "mbedtls/entropy.h"
423 #include "mbedtls/ctr_drbg.h"
424 #include "mbedtls/error.h"
425 #include "mbedtls/certs.h"
429 #define DEBUG_LEVEL (0)
431 static void my_debug_client( void *ctx, int level,
432 const char *file, int line,
437 mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str );
438 fflush( (FILE *) ctx );
441 static void * client(void *)
444 mbedtls_net_context server_fd;
446 unsigned char buf[1024];
447 const char *pers = "ssl_client1";
449 mbedtls_entropy_context entropy;
450 mbedtls_ctr_drbg_context ctr_drbg;
451 mbedtls_ssl_context ssl;
452 mbedtls_ssl_config conf;
453 mbedtls_x509_crt cacert;
454 mbedtls_x509_crt owncert;
455 mbedtls_pk_context pkey;
458 * 0. Initialize the RNG and the session data
460 mbedtls_net_init( &server_fd );
461 mbedtls_ssl_init( &ssl );
462 mbedtls_ssl_config_init( &conf );
463 mbedtls_x509_crt_init( &cacert );
464 mbedtls_ctr_drbg_init( &ctr_drbg );
465 mbedtls_pk_init( &pkey );
467 mbedtls_printf( "\n . Seeding the random number generator..." );
470 mbedtls_entropy_init( &entropy );
471 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
472 (const unsigned char *) pers,
473 strlen( pers ) ) ) != 0 )
475 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
479 mbedtls_printf( " ok\n" );
482 * 0. Initialize certificates
484 mbedtls_printf( " . Loading the CA root certificate ..." );
486 ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) caCert, caCertLen );
489 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse caCert returned -0x%x\n\n", -ret );
492 ret = mbedtls_x509_crt_parse( &owncert, (const unsigned char *) serverCert, serverCertLen );
495 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse serverCert returned -0x%x\n\n", -ret );
498 ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
499 serverPrivateKeyLen, NULL, 0 );
502 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret );
506 mbedtls_printf( " ok (%d skipped)\n", ret );
509 * 1. Start the connection
511 mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, "SERVER_PORT" );
514 if( ( ret = mbedtls_net_connect( &server_fd, "127.0.0.1",
515 "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
517 mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
521 mbedtls_printf( " ok\n" );
526 mbedtls_printf( " . Setting up the SSL/TLS structure..." );
529 if( ( ret = mbedtls_ssl_config_defaults( &conf,
530 MBEDTLS_SSL_IS_CLIENT,
531 MBEDTLS_SSL_TRANSPORT_STREAM,
532 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
534 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
538 mbedtls_printf( " ok\n" );
540 /* OPTIONAL is not optimal for security,
541 * but makes interop easier in this simplified example */
542 mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
543 mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
544 mbedtls_ssl_conf_own_cert( &conf, &owncert, &pkey );
545 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
546 mbedtls_ssl_conf_dbg( &conf, my_debug_client, stdout );
548 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
550 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
554 if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
556 mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
560 mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
565 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
568 while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
570 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
572 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret );
577 mbedtls_printf( " ok\n" );
580 * 5. Verify the server certificate
582 mbedtls_printf( " . Verifying peer X.509 certificate..." );
584 /* In real life, we probably want to bail out when ret != 0 */
585 if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
589 mbedtls_printf( " failed\n" );
591 mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
593 mbedtls_printf( "%s\n", vrfy_buf );
596 mbedtls_printf( " ok\n" );
599 * 3. Write the GET request
601 mbedtls_printf( " > Write to server:" );
604 len = sprintf( (char *) buf, GET_REQUEST );
606 while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
608 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
610 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
616 mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf );
619 * 7. Read the HTTP response
621 mbedtls_printf( " < Read from server:" );
626 len = sizeof( buf ) - 1;
627 memset( buf, 0, sizeof( buf ) );
628 ret = mbedtls_ssl_read( &ssl, buf, len );
630 if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
633 if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY )
638 mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret );
644 mbedtls_printf( "\n\nEOF\n\n" );
649 mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
653 mbedtls_ssl_close_notify( &ssl );
657 #ifdef MBEDTLS_ERROR_C
661 mbedtls_strerror( ret, error_buf, 100 );
662 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
666 mbedtls_net_free( &server_fd );
668 mbedtls_x509_crt_free( &cacert );
669 mbedtls_ssl_free( &ssl );
670 mbedtls_ssl_config_free( &conf );
671 mbedtls_ctr_drbg_free( &ctr_drbg );
672 mbedtls_entropy_free( &entropy );
676 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
677 MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
678 MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C && MBEDTLS_CTR_DRBG_C &&
679 MBEDTLS_X509_CRT_PARSE_C */
681 /* **************************
684 * MbedTLS server routine
687 * *************************/
689 #if !defined(MBEDTLS_CONFIG_FILE)
690 #include "mbedtls/config.h"
692 #include MBEDTLS_CONFIG_FILE
695 #if defined(MBEDTLS_PLATFORM_C)
696 #include "mbedtls/platform.h"
700 #define mbedtls_fprintf fprintf
701 #define mbedtls_printf printf
704 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \
705 !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \
706 !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \
707 !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
708 !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
709 !defined(MBEDTLS_PEM_PARSE_C)
710 /* int */void * server( void )
712 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C "
713 "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or "
714 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
715 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
716 "and/or MBEDTLS_PEM_PARSE_C not defined.\n");
724 #include "mbedtls/entropy.h"
725 #include "mbedtls/ctr_drbg.h"
726 #include "mbedtls/certs.h"
727 #include "mbedtls/x509.h"
728 #include "mbedtls/ssl.h"
729 #include "mbedtls/net.h"
730 #include "mbedtls/error.h"
731 #include "mbedtls/debug.h"
733 #if defined(MBEDTLS_SSL_CACHE_C)
734 #include "mbedtls/ssl_cache.h"
737 #define HTTP_RESPONSE \
738 "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
739 "<h2>mbed TLS Test Server</h2>\r\n" \
741 "<p>Successful connection using: %s</p>\r\n"
743 #define DEBUG_LEVEL (0)
745 static int mbedtls_entropy_func_clutch(void *, unsigned char *output, size_t len)
747 for (uint32_t i = 0; i < len; i++) output[i] = 0x11;
751 static void my_debug( void *ctx, int level,
752 const char *file, int line,
757 mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
758 fflush( (FILE *) ctx );
761 static void * server(void *)
764 mbedtls_net_context listen_fd, client_fd;
765 unsigned char buf[1024];
766 const char *pers = "ssl_server";
768 mbedtls_entropy_context entropy;
769 mbedtls_ctr_drbg_context ctr_drbg;
770 mbedtls_ssl_context ssl;
771 mbedtls_ssl_config conf;
772 mbedtls_x509_crt srvcert;
773 mbedtls_pk_context pkey;
774 #if defined(MBEDTLS_SSL_CACHE_C)
775 mbedtls_ssl_cache_context cache;
778 mbedtls_net_init( &listen_fd );
779 mbedtls_net_init( &client_fd );
780 mbedtls_ssl_init( &ssl );
781 mbedtls_ssl_config_init( &conf );
782 #if defined(MBEDTLS_SSL_CACHE_C)
783 mbedtls_ssl_cache_init( &cache );
785 mbedtls_x509_crt_init( &srvcert );
786 mbedtls_pk_init( &pkey );
787 mbedtls_entropy_init( &entropy );
788 mbedtls_ctr_drbg_init( &ctr_drbg );
790 #if defined(MBEDTLS_DEBUG_C)
791 mbedtls_debug_set_threshold( DEBUG_LEVEL );
795 * 1. Load the certificates and private RSA key
797 mbedtls_printf( "\n . Loading the server cert. and key..." );
801 * This demonstration program uses embedded test certificates.
802 * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
803 * server and CA certificates, as well as mbedtls_pk_parse_keyfile().
805 ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) serverCert, serverCertLen );
808 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
812 ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) caCert, caCertLen );
815 mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret );
819 ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) serverPrivateKey,
820 serverPrivateKeyLen, NULL, 0 );
823 mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
827 mbedtls_printf( " ok\n" );
830 * 2. Setup the listening TCP socket
832 mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
835 if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 )
837 mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
841 mbedtls_printf( " ok\n" );
846 mbedtls_printf( " . Seeding the random number generator..." );
849 if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func_clutch, &entropy,
850 (const unsigned char *) pers,
851 strlen( pers ) ) ) != 0 )
853 mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
856 mbedtls_printf( " ok\n" );
861 mbedtls_printf( " . Setting up the SSL data...." );
864 if( ( ret = mbedtls_ssl_config_defaults( &conf,
865 MBEDTLS_SSL_IS_SERVER,
866 MBEDTLS_SSL_TRANSPORT_STREAM,
867 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
869 mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
873 mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
874 mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
876 #if defined(MBEDTLS_SSL_CACHE_C)
877 mbedtls_ssl_conf_session_cache( &conf, &cache,
878 mbedtls_ssl_cache_get,
879 mbedtls_ssl_cache_set );
882 mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
883 if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
885 mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
889 if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
891 mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
895 mbedtls_printf( " ok\n" );
898 #ifdef MBEDTLS_ERROR_C
902 mbedtls_strerror( ret, error_buf, 100 );
903 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
907 mbedtls_net_free( &client_fd );
909 mbedtls_ssl_session_reset( &ssl );
912 * 3. Wait until a client connects
914 mbedtls_printf( " . Waiting for a remote connection ..." );
917 if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
918 NULL, 0, NULL ) ) != 0 )
920 mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
924 mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
926 mbedtls_printf( " ok\n" );
931 mbedtls_printf( " . Performing the SSL/TLS handshake..." );
934 while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
936 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
938 mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
943 mbedtls_printf( " ok\n" );
946 * 6. Read the HTTP Request
948 mbedtls_printf( " < Read from client:" );
953 len = sizeof( buf ) - 1;
954 memset( buf, 0, sizeof( buf ) );
955 ret = mbedtls_ssl_read( &ssl, buf, len );
957 if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
964 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
965 mbedtls_printf( " connection was closed gracefully\n" );
968 case MBEDTLS_ERR_NET_CONN_RESET:
969 mbedtls_printf( " connection was reset by peer\n" );
973 mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", -ret );
981 mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
989 * 7. Write the 200 Response
991 mbedtls_printf( " > Write to client:" );
995 len = sprintf( (char *) buf, HTTP_RESPONSE,
996 mbedtls_ssl_get_ciphersuite( &ssl ) );
998 while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 )
1000 if( ret == MBEDTLS_ERR_NET_CONN_RESET )
1002 mbedtls_printf( " failed\n ! peer closed the connection\n\n" );
1006 if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
1008 mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
1014 mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf );
1016 mbedtls_printf( " . Closing the connection..." );
1018 while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
1020 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
1021 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
1023 mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret );
1028 mbedtls_printf( " ok\n" );
1035 #ifdef MBEDTLS_ERROR_C
1038 char error_buf[100];
1039 mbedtls_strerror( ret, error_buf, 100 );
1040 mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf );
1044 mbedtls_net_free( &client_fd );
1045 mbedtls_net_free( &listen_fd );
1047 mbedtls_x509_crt_free( &srvcert );
1048 mbedtls_pk_free( &pkey );
1049 mbedtls_ssl_free( &ssl );
1050 mbedtls_ssl_config_free( &conf );
1051 #if defined(MBEDTLS_SSL_CACHE_C)
1052 mbedtls_ssl_cache_free( &cache );
1054 mbedtls_ctr_drbg_free( &ctr_drbg );
1055 mbedtls_entropy_free( &entropy );
1058 mbedtls_printf( " Press Enter to exit this program.\n" );
1064 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C &&
1065 MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C &&
1066 MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C
1067 && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */
1069 /* **************************
1072 * CAinitSslAdapter test
1075 * *************************/
1077 static int testCAinitSslAdapter()
1081 CAEndpoint_t serverAddr;
1082 serverAddr.adapter = CA_ADAPTER_IP;
1083 serverAddr.flags = CA_SECURE;
1084 serverAddr.port = 4433;
1085 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1086 memcpy(serverAddr.addr, addr, sizeof(addr));
1087 serverAddr.ifindex = 0;
1089 ret = CAinitSslAdapter();
1091 &g_caSslContext == NULL ||
1092 &g_caSslContext->crt == NULL ||
1093 &g_caSslContext->pkey == NULL ||
1094 &g_caSslContext->clientTlsConf == NULL ||
1095 &g_caSslContext->serverTlsConf == NULL ||
1096 &g_caSslContext->rnd == NULL ||
1097 &g_caSslContext->entropy == NULL)
1102 // CAdeinitSslAdapter
1103 ca_mutex_lock(g_sslContextMutex);
1105 mbedtls_x509_crt_free(&g_caSslContext->crt);
1106 mbedtls_pk_free(&g_caSslContext->pkey);
1107 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1108 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1109 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1110 mbedtls_entropy_free(&g_caSslContext->entropy);
1111 OICFree(g_caSslContext);
1112 g_caSslContext = NULL;
1113 ca_mutex_unlock(g_sslContextMutex);
1114 ca_mutex_free(g_sslContextMutex);
1115 g_sslContextMutex = NULL;
1120 // CAinitTlsAdapter()
1121 TEST(TLSAdaper, Test_1)
1124 ret = testCAinitSslAdapter();
1128 /* **************************
1131 * CAsetSslAdapterCallbacks test
1134 * *************************/
1136 static int testCAsetSslAdapterCallbacks()
1139 CAEndpoint_t serverAddr;
1140 serverAddr.adapter = CA_ADAPTER_IP;
1141 serverAddr.flags = CA_SECURE;
1142 serverAddr.port = 4433;
1143 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1144 memcpy(serverAddr.addr, addr, sizeof(addr));
1145 serverAddr.ifindex = 0;
1148 g_sslContextMutex = ca_mutex_new();
1149 ca_mutex_lock(g_sslContextMutex);
1150 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1151 g_caSslContext->peerList = u_arraylist_create();
1152 mbedtls_entropy_init(&g_caSslContext->entropy);
1153 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1154 unsigned char * seed = (unsigned char*) SEED;
1155 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1156 &g_caSslContext->entropy, seed, sizeof(SEED));
1157 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1158 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1159 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1160 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1161 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1162 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1163 &g_caSslContext->rnd);
1164 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1165 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1166 MBEDTLS_SSL_MINOR_VERSION_1);
1167 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1168 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1169 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1170 mbedtls_x509_crt_init(&g_caSslContext->ca);
1171 mbedtls_x509_crt_init(&g_caSslContext->crt);
1172 mbedtls_pk_init(&g_caSslContext->pkey);
1173 mbedtls_x509_crl_init(&g_caSslContext->crl);
1174 ca_mutex_unlock(g_sslContextMutex);
1176 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, (CATransportAdapter_t)0);
1177 if (g_caSslContext->adapterCallbacks[0].recvCallback == NULL &&
1178 g_caSslContext->adapterCallbacks[0].sendCallback == NULL &&
1179 g_caSslContext->adapterCallbacks[1].recvCallback == NULL &&
1180 g_caSslContext->adapterCallbacks[1].sendCallback == NULL)
1188 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_IP);
1189 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1190 if (g_caSslContext->adapterCallbacks[0].recvCallback == CATCPPacketReceivedCB &&
1191 g_caSslContext->adapterCallbacks[0].sendCallback == CATCPPacketSendCB &&
1192 g_caSslContext->adapterCallbacks[1].recvCallback == CATCPPacketReceivedCB &&
1193 g_caSslContext->adapterCallbacks[1].sendCallback == CATCPPacketSendCB)
1202 // CAdeinitSslAdapter
1203 ca_mutex_lock(g_sslContextMutex);
1205 mbedtls_x509_crt_free(&g_caSslContext->crt);
1206 mbedtls_pk_free(&g_caSslContext->pkey);
1207 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1208 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1209 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1210 mbedtls_entropy_free(&g_caSslContext->entropy);
1211 OICFree(g_caSslContext);
1212 g_caSslContext = NULL;
1213 ca_mutex_unlock(g_sslContextMutex);
1214 ca_mutex_free(g_sslContextMutex);
1215 g_sslContextMutex = NULL;
1220 // CAsetSslAdapterCallbacks()
1221 TEST(TLSAdaper, Test_2)
1224 ret = testCAsetSslAdapterCallbacks();
1228 /* **************************
1231 * CAinitiateSslHandshake test
1234 * *************************/
1236 unsigned char predictedClientHello[] = {
1237 0x16, 0x03, 0x01, 0x00, 0x63, 0x01, 0x00, 0x00, 0x5f, 0x03, 0x03, 0x57, 0xf2, 0x5f, 0x21, 0x04,
1238 0xb1, 0x3b, 0xda, 0x55, 0xa4, 0x8e, 0xcc, 0x3f, 0xe9, 0x45, 0x5c, 0xaf, 0xcb, 0x19, 0x2e, 0x1f,
1239 0x4b, 0xd5, 0x84, 0x5c, 0x4b, 0xd7, 0x7d, 0x38, 0xa2, 0xfa, 0x3d, 0x00, 0x00, 0x06, 0xc0, 0xae,
1240 0xc0, 0xae, 0x00, 0xff, 0x01, 0x00, 0x00, 0x30, 0x00, 0x0d, 0x00, 0x16, 0x00, 0x14, 0x06, 0x03,
1241 0x06, 0x01, 0x05, 0x03, 0x05, 0x01, 0x04, 0x03, 0x04, 0x01, 0x03, 0x03, 0x03, 0x01, 0x02, 0x03,
1242 0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00, 0x02, 0x00, 0x17, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00,
1243 0x00, 0x16, 0x00, 0x00, 0x00, 0x17, 0x00, 0x00
1245 static unsigned char controlBuf[sizeof(predictedClientHello)];
1246 static char controlBufLen = 0;
1247 static ssize_t CATCPPacketSendCB_forInitHsTest(CAEndpoint_t *, const void * buf, size_t buflen)
1250 n = write(sockfd, buf, buflen);
1252 error("ERROR writing to socket");
1254 memset(controlBuf, 0, sizeof(predictedClientHello));
1255 memcpy(controlBuf, buf, buflen);
1256 controlBufLen = buflen;
1260 static void * test0CAinitiateSslHandshake(void * arg)
1262 CAEndpoint_t serverAddr;
1263 serverAddr.adapter = CA_ADAPTER_TCP;
1264 serverAddr.flags = CA_SECURE;
1265 serverAddr.port = 4433;
1266 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1267 memcpy(serverAddr.addr, addr, sizeof(addr));
1268 serverAddr.ifindex = 0;
1271 g_sslContextMutex = ca_mutex_new();
1272 ca_mutex_lock(g_sslContextMutex);
1273 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1274 g_caSslContext->peerList = u_arraylist_create();
1275 mbedtls_entropy_init(&g_caSslContext->entropy);
1276 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1277 unsigned char * seed = (unsigned char*) SEED;
1278 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1279 &g_caSslContext->entropy, seed, sizeof(SEED));
1280 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1281 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1282 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1283 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1284 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1285 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1286 &g_caSslContext->rnd);
1287 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1288 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1289 MBEDTLS_SSL_MINOR_VERSION_1);
1290 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1291 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1292 mbedtls_x509_crt_init(&g_caSslContext->ca);
1293 mbedtls_x509_crt_init(&g_caSslContext->crt);
1294 mbedtls_pk_init(&g_caSslContext->pkey);
1295 mbedtls_x509_crl_init(&g_caSslContext->crl);
1296 ca_mutex_unlock(g_sslContextMutex);
1298 // CAsetSslAdapterCallbacks
1299 g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
1300 g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB_forInitHsTest;
1302 // CAsetPkixInfoCallback
1303 g_getPkixInfoCallback = infoCallback_that_loads_x509;
1305 // CAsetCredentialTypesCallback
1306 g_getCredentialTypesCallback = clutch;
1308 // CAsetTlsCipherSuite
1309 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1310 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1311 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1312 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1313 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1315 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1319 unsigned int unixTime = (unsigned)time(NULL);
1320 CAinitiateSslHandshake(&serverAddr);
1321 predictedClientHello[11] = unixTime >> 24;
1322 predictedClientHello[12] = (unixTime << 8) >> 24;
1323 predictedClientHello[13] = (unixTime << 16) >> 24;
1324 predictedClientHello[14] = (unixTime << 24) >> 24;
1326 // CAcloseTlsConnection
1327 ca_mutex_lock(g_sslContextMutex);
1328 SslEndPoint_t * tep = GetSslPeer(&serverAddr);
1329 mbedtls_ssl_close_notify(&tep->ssl);
1330 RemovePeerFromList(&tep->sep.endpoint);
1331 ca_mutex_unlock(g_sslContextMutex);
1333 // CAdeinitTlsAdapter
1334 ca_mutex_lock(g_sslContextMutex);
1336 mbedtls_x509_crt_free(&g_caSslContext->crt);
1337 mbedtls_pk_free(&g_caSslContext->pkey);
1338 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1339 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1340 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1341 mbedtls_entropy_free(&g_caSslContext->entropy);
1342 OICFree(g_caSslContext);
1343 g_caSslContext = NULL;
1344 ca_mutex_unlock(g_sslContextMutex);
1345 ca_mutex_free(g_sslContextMutex);
1346 g_sslContextMutex = NULL;
1350 if (controlBufLen == sizeof(predictedClientHello) &&
1351 memcmp(predictedClientHello, controlBuf, sizeof(predictedClientHello)) == 0)
1358 *((int*)arg) = 0xFF;
1359 return (void *) 0xFF;
1363 static int test1CAinitiateSslHandshake()
1366 ret = CAinitiateSslHandshake(NULL);
1367 if (CA_STATUS_INVALID_PARAM == ret)
1378 // CAinitiateSslHandshake()
1379 TEST(TLSAdaper, Test_3_0)
1381 pthread_t thread1, thread2;
1385 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1388 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
1394 ret = pthread_create( &thread2, NULL, test0CAinitiateSslHandshake, &arg);
1397 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
1406 TEST(TLSAdaper, Test_3_1)
1409 ret = test1CAinitiateSslHandshake();
1413 /* **************************
1419 * *************************/
1421 static void * testCAencryptSsl(void * arg)
1424 CAEndpoint_t serverAddr;
1425 serverAddr.adapter = CA_ADAPTER_TCP;
1426 serverAddr.flags = CA_SECURE;
1427 serverAddr.port = 4433;
1428 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1429 memcpy(serverAddr.addr, addr, sizeof(addr));
1430 serverAddr.ifindex = 0;
1433 g_sslContextMutex = ca_mutex_new();
1434 ca_mutex_lock(g_sslContextMutex);
1435 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1436 g_caSslContext->peerList = u_arraylist_create();
1437 mbedtls_entropy_init(&g_caSslContext->entropy);
1438 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1439 unsigned char * seed = (unsigned char*) SEED;
1440 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1441 &g_caSslContext->entropy, seed, sizeof(SEED));
1442 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1443 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1444 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1445 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1446 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1447 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1448 &g_caSslContext->rnd);
1449 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1450 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1451 MBEDTLS_SSL_MINOR_VERSION_1);
1452 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1453 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1454 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1455 mbedtls_x509_crt_init(&g_caSslContext->ca);
1456 mbedtls_x509_crt_init(&g_caSslContext->crt);
1457 mbedtls_pk_init(&g_caSslContext->pkey);
1458 mbedtls_x509_crl_init(&g_caSslContext->crl);
1459 ca_mutex_unlock(g_sslContextMutex);
1461 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1463 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1465 // CAsetCredentialTypesCallback
1466 g_getCredentialTypesCallback = clutch;
1468 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1469 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1473 // CAinitiateSslHandshake
1474 ca_mutex_lock(g_sslContextMutex);
1475 InitiateTlsHandshake(&serverAddr);
1476 ca_mutex_unlock(g_sslContextMutex);
1478 unsigned char buffer[2048] = {'\0'};
1480 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1481 sep->endpoint = serverAddr;
1483 for (int i = 0; i < 6; i++)
1485 PacketReceive(buffer, &buflen);
1486 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1489 ret = sprintf( (char*)buffer, GET_REQUEST );
1491 CAencryptSsl(&serverAddr, buffer, ret);
1493 PacketReceive(buffer, &buflen);
1494 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1496 CAcloseSslConnection(&serverAddr);
1498 // CAdeinitSslAdapter
1499 ca_mutex_lock(g_sslContextMutex);
1501 mbedtls_x509_crt_free(&g_caSslContext->crt);
1502 mbedtls_pk_free(&g_caSslContext->pkey);
1503 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1504 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1505 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1506 mbedtls_entropy_free(&g_caSslContext->entropy);
1507 OICFree(g_caSslContext);
1508 g_caSslContext = NULL;
1509 ca_mutex_unlock(g_sslContextMutex);
1510 ca_mutex_free(g_sslContextMutex);
1511 g_sslContextMutex = NULL;
1515 if (control_server_message_len == msglen && memcmp(msg, control_server_message, control_server_message_len) == 0)
1522 *((int*)arg) = 0xFF;
1523 return (void *) 0xFF;
1528 TEST(TLSAdaper, Test_4)
1530 pthread_t thread1, thread2;
1534 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1537 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1543 ret = pthread_create( &thread2, NULL, testCAencryptSsl, &arg);
1546 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1555 /* **************************
1561 * *************************/
1563 static void * testCAdecryptSsl(void * arg)
1566 unsigned char buffer[2048] = {'\0'};
1569 CAEndpoint_t serverAddr;
1570 serverAddr.adapter = CA_ADAPTER_TCP;
1571 serverAddr.flags = CA_SECURE;
1572 serverAddr.port = 4433;
1573 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1574 memcpy(serverAddr.addr, addr, sizeof(addr));
1575 serverAddr.ifindex = 0;
1578 g_sslContextMutex = ca_mutex_new();
1579 ca_mutex_lock(g_sslContextMutex);
1580 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1581 g_caSslContext->peerList = u_arraylist_create();
1582 mbedtls_entropy_init(&g_caSslContext->entropy);
1583 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1584 unsigned char * seed = (unsigned char*) SEED;
1585 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
1586 &g_caSslContext->entropy, seed, sizeof(SEED));
1587 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1588 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1589 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1590 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1591 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1592 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1593 &g_caSslContext->rnd);
1594 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1595 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1596 MBEDTLS_SSL_MINOR_VERSION_1);
1597 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1598 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1599 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
1600 mbedtls_x509_crt_init(&g_caSslContext->ca);
1601 mbedtls_x509_crt_init(&g_caSslContext->crt);
1602 mbedtls_pk_init(&g_caSslContext->pkey);
1603 mbedtls_x509_crl_init(&g_caSslContext->crl);
1604 ca_mutex_unlock(g_sslContextMutex);
1606 // CAsetTlsAdapterCallbacks
1607 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
1609 // CAsetPkixInfoCallback
1610 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1612 // CAsetCredentialTypesCallback
1613 g_getCredentialTypesCallback = clutch;
1615 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1617 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1621 // CAinitiateSslHandshake
1622 ca_mutex_lock(g_sslContextMutex);
1623 InitiateTlsHandshake(&serverAddr);
1624 ca_mutex_unlock(g_sslContextMutex);
1626 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1627 sep->endpoint = serverAddr;
1629 for (int i = 0; i < 6; i++)
1631 PacketReceive(buffer, &buflen);
1632 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1635 ret = sprintf((char*)buffer, GET_REQUEST);
1637 CAencryptSsl(&serverAddr, buffer, ret);
1639 PacketReceive(buffer, &buflen);
1640 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1642 CAcloseSslConnection(&serverAddr);
1644 // CAdeinitSslAdapter
1645 ca_mutex_lock(g_sslContextMutex);
1647 mbedtls_x509_crt_free(&g_caSslContext->crt);
1648 mbedtls_pk_free(&g_caSslContext->pkey);
1649 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1650 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1651 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1652 mbedtls_entropy_free(&g_caSslContext->entropy);
1653 OICFree(g_caSslContext);
1654 g_caSslContext = NULL;
1655 ca_mutex_unlock(g_sslContextMutex);
1656 ca_mutex_free(g_sslContextMutex);
1657 g_sslContextMutex = NULL;
1661 if (control_server_message_len == msglen && memcmp(msg, control_server_message,
1662 control_server_message_len) == 0)
1669 *((int*)arg) = 0xFF;
1670 return (void *) 0xFF;
1675 TEST(TLSAdaper, Test_5)
1677 pthread_t thread1, thread2;
1681 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
1684 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1690 ret = pthread_create( &thread2, NULL, testCAdecryptSsl, &arg);
1693 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1702 /* **************************
1705 * CAdeinitSslAdapter test
1708 * *************************/
1710 static int testCAdeinitSslAdapter()
1713 CAEndpoint_t serverAddr;
1714 serverAddr.adapter = CA_ADAPTER_IP;
1715 serverAddr.flags = CA_SECURE;
1716 serverAddr.port = 4433;
1717 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1718 memcpy(serverAddr.addr, addr, sizeof(addr));
1719 serverAddr.ifindex = 0;
1722 g_sslContextMutex = ca_mutex_new();
1723 ca_mutex_lock(g_sslContextMutex);
1724 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1725 g_caSslContext->peerList = u_arraylist_create();
1726 mbedtls_entropy_init(&g_caSslContext->entropy);
1727 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1728 unsigned char * seed = (unsigned char*) SEED;
1729 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1730 &g_caSslContext->entropy, seed, sizeof(SEED));
1731 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1732 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
1733 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
1734 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
1735 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
1736 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
1737 &g_caSslContext->rnd);
1738 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
1739 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
1740 MBEDTLS_SSL_MINOR_VERSION_1);
1741 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1742 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
1743 mbedtls_x509_crt_init(&g_caSslContext->ca);
1744 mbedtls_x509_crt_init(&g_caSslContext->crt);
1745 mbedtls_pk_init(&g_caSslContext->pkey);
1746 mbedtls_x509_crl_init(&g_caSslContext->crl);
1747 ca_mutex_unlock(g_sslContextMutex);
1749 // CAsetTlsAdapterCallbacks
1750 g_caSslContext->adapterCallbacks[1].recvCallback = CATCPPacketReceivedCB;
1751 g_caSslContext->adapterCallbacks[1].sendCallback = CATCPPacketSendCB;
1753 // CAsetPkixInfoCallback
1754 g_getPkixInfoCallback = infoCallback_that_loads_x509;
1756 // CAsetTlsCipherSuite
1757 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1758 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1759 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1760 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1761 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1763 CAdeinitSslAdapter();
1765 if (g_caSslContext != NULL ||
1766 g_sslContextMutex != NULL)
1777 // CAdeinitSslAdapter()
1778 TEST(TLSAdaper, Test_6)
1781 ret = testCAdeinitSslAdapter();
1785 /* **************************
1791 * *************************/
1793 static void * testServer(void * arg)
1795 CAEndpoint_t serverAddr;
1796 serverAddr.adapter = CA_ADAPTER_TCP;
1797 serverAddr.flags = CA_SECURE;
1798 serverAddr.port = 4432;
1799 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1800 memcpy(serverAddr.addr, addr, sizeof(addr));
1801 serverAddr.ifindex = 0;
1802 unsigned char buffer[2048] = {'\0'};
1807 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB_server, CATCPPacketSendCB_server, CA_ADAPTER_TCP);
1808 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
1810 // CAsetCredentialTypesCallback
1811 g_getCredentialTypesCallback = clutch;
1813 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1815 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
1817 socketOpen_server();
1819 CASecureEndpoint_t * sep = (CASecureEndpoint_t *) malloc (sizeof(CASecureEndpoint_t));
1820 sep->endpoint = serverAddr;
1822 for (int i = 0; i < 7; i++)
1824 PacketReceive_server(buffer, &buflen);
1825 CAdecryptSsl(sep, (uint8_t *)buffer, buflen);
1828 CAcloseSslConnection(&serverAddr);
1830 // CAdeinitSslAdapter
1831 ca_mutex_lock(g_sslContextMutex);
1833 mbedtls_x509_crt_free(&g_caSslContext->crt);
1834 mbedtls_pk_free(&g_caSslContext->pkey);
1835 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1836 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1837 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1838 mbedtls_entropy_free(&g_caSslContext->entropy);
1839 OICFree(g_caSslContext);
1840 g_caSslContext = NULL;
1841 ca_mutex_unlock(g_sslContextMutex);
1842 ca_mutex_free(g_sslContextMutex);
1843 g_sslContextMutex = NULL;
1845 socketClose_server();
1847 if (control_client_message_len == msglen && memcmp(msg, control_client_message,
1848 control_client_message_len) == 0)
1855 *((int*)arg) = 0xFF;
1856 return (void *) 0xFF;
1860 TEST(TLSAdaper, Test_7)
1862 pthread_t thread1, thread2;
1866 ret = pthread_create( &thread1, NULL, testServer, &arg);
1869 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1875 ret = pthread_create( &thread2, NULL, client, (void*) NULL);
1878 fprintf(stderr,"Error - pthread_create() return code: %d\n", ret);
1884 EXPECT_EQ(NULL, arg);
1887 /* **************************
1889 * CAsetPskCredentialsCallback test
1890 * CAsetPkixInfoCallback test
1891 * CAsetCredentialTypesCallback test
1893 * *************************/
1895 static int testCAsetPskCredentialsCallback()
1897 static CAgetPskCredentialsHandler credCallback = (CAgetPskCredentialsHandler)dummyHandler;
1898 CAsetPskCredentialsCallback(credCallback);
1899 if (g_getCredentialsCallback == (CAgetPskCredentialsHandler)dummyHandler)
1909 static int testCAsetPkixInfoCallback()
1911 static CAgetPkixInfoHandler infoCallback = (CAgetPkixInfoHandler)dummyHandler;
1912 CAsetPkixInfoCallback(infoCallback);
1913 if (g_getPkixInfoCallback == (CAgetPkixInfoHandler)dummyHandler)
1923 static int testCAsetCredentialTypesCallback()
1925 static CAgetCredentialTypesHandler credTypesCallback = (CAgetCredentialTypesHandler)dummyHandler;
1926 CAsetCredentialTypesCallback(credTypesCallback);
1927 if (g_getCredentialTypesCallback == (CAgetCredentialTypesHandler)dummyHandler)
1937 // CAsetPskCredentialsCallback()
1938 TEST(TLSAdaper, Test_9_0)
1941 ret = testCAsetPskCredentialsCallback();
1944 // CAsetPkixInfoCallback()
1945 TEST(TLSAdaper, Test_9_1)
1948 ret = testCAsetPkixInfoCallback();
1951 // CAsetCredentialTypesCallback()
1952 TEST(TLSAdaper, Test_9_2)
1955 ret = testCAsetCredentialTypesCallback();
1959 /* **************************
1962 * CAsetTlsCipherSuite test
1965 * *************************/
1967 static int testCAsetTlsCipherSuite()
1969 int ret = 0, status = 0;
1970 CAEndpoint_t serverAddr;
1971 serverAddr.adapter = CA_ADAPTER_TCP;
1972 serverAddr.flags = CA_SECURE;
1973 serverAddr.port = 4433;
1974 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
1975 memcpy(serverAddr.addr, addr, sizeof(addr));
1976 serverAddr.ifindex = 0;
1980 // CAsetCredentialTypesCallback
1981 g_getCredentialTypesCallback = clutch;
1983 status = CAsetTlsCipherSuite(MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA);
1984 if (ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA != g_caSslContext->cipher || status != CA_STATUS_OK)
1989 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
1990 if (ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 != g_caSslContext->cipher || status != CA_STATUS_OK)
1995 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256);
1996 if (ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256 != g_caSslContext->cipher || status != CA_STATUS_OK)
2001 status = CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
2002 if (ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != g_caSslContext->cipher || status != CA_STATUS_OK)
2007 status = CAsetTlsCipherSuite(dummyHandler);
2008 if (CA_STATUS_FAILED != status)
2013 // CAdeinitSslAdapter
2014 ca_mutex_lock(g_sslContextMutex);
2016 mbedtls_x509_crt_free(&g_caSslContext->crt);
2017 mbedtls_pk_free(&g_caSslContext->pkey);
2018 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
2019 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
2020 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
2021 mbedtls_entropy_free(&g_caSslContext->entropy);
2022 OICFree(g_caSslContext);
2023 g_caSslContext = NULL;
2024 ca_mutex_unlock(g_sslContextMutex);
2025 ca_mutex_free(g_sslContextMutex);
2026 g_sslContextMutex = NULL;
2031 // CAinitTlsAdapter()
2032 TEST(TLSAdaper, Test_10)
2035 ret = testCAsetTlsCipherSuite();
2039 static void * testCAsslGenerateOwnerPsk(void * arg)
2042 CAEndpoint_t serverAddr;
2043 serverAddr.adapter = CA_ADAPTER_TCP;
2044 serverAddr.flags = CA_SECURE;
2045 serverAddr.port = 4433;
2046 char addr[] = {0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x00}; // 127.0.0.1
2047 memcpy(serverAddr.addr, addr, sizeof(addr));
2048 serverAddr.ifindex = 0;
2050 uint8_t label[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A};
2051 uint8_t rsrcServerDeviceId[] = {0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A};
2052 uint8_t provServerDeviceId[] = {0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A};
2053 uint8_t ownerPsk[0x100] = {0x00};
2054 uint8_t predictedPSK[] = {
2055 0xba, 0x72, 0x16, 0xbc, 0x7f, 0x8c, 0xfe, 0xfc, 0xd0, 0xac, 0x1a, 0x37, 0xad, 0x60, 0xe8, 0x9e,
2056 0xb3, 0x31, 0xa2, 0x30, 0xaf, 0x68, 0xc9, 0xa6, 0x89, 0x8a, 0x04, 0x21, 0x6c, 0xbd, 0x04, 0x08,
2057 0x68, 0x11, 0x54, 0x9e, 0x2a, 0x10, 0x91, 0x94, 0x3c, 0x44, 0x52, 0xc7, 0xfa, 0x78, 0x44, 0x87,
2058 0xea, 0x30, 0x08, 0x5f, 0xc1, 0x64, 0xaa, 0x0d, 0xfd, 0x84, 0x16, 0x83, 0x20, 0xc9, 0x08, 0x65,
2059 0xd2, 0x4a, 0x55, 0x9e, 0x8f, 0x88, 0x3c, 0x57, 0x10, 0xbd, 0x5a, 0x30, 0x01, 0xb4, 0x59, 0x63,
2060 0x64, 0x19, 0x8d, 0xfa, 0x5c, 0x86, 0x92, 0xf7, 0x60, 0x99, 0xdb, 0xae, 0x0e, 0xad, 0x80, 0xf1,
2061 0x82, 0xaf, 0x1b, 0x14, 0x0c, 0x99, 0x13, 0x53, 0x54, 0x33, 0x6a, 0x17, 0x24, 0x5c, 0x9d, 0xdb,
2062 0x5a, 0xfb, 0x73, 0x2f, 0x41, 0xe8, 0xeb, 0x2e, 0x68, 0xfe, 0xee, 0x0b, 0xdc, 0x54, 0x50, 0xf1,
2063 0x1e, 0x16, 0x19, 0x2c, 0x4e, 0xb6, 0x97, 0x9f, 0x9c, 0x32, 0x9c, 0x0e, 0xe0, 0xe1, 0x32, 0x64,
2064 0x16, 0x34, 0x53, 0x8e, 0xc5, 0xe3, 0xe5, 0xbc, 0x2c, 0x10, 0xae, 0x81, 0x2c, 0x1a, 0xb2, 0xb7,
2065 0xa3, 0xbe, 0x0f, 0xab, 0xfd, 0xf7, 0x87, 0x53, 0xcd, 0x3e, 0x31, 0xfb, 0x2d, 0x69, 0x6a, 0xd5,
2066 0xc3, 0x27, 0x04, 0x2b, 0x37, 0x02, 0x91, 0x05, 0x0c, 0x4e, 0x2a, 0xfc, 0x6c, 0x42, 0xe8, 0x37,
2067 0x23, 0x2f, 0x60, 0x6e, 0x0c, 0xed, 0x7c, 0xe0, 0x5f, 0x47, 0xb3, 0x51, 0x86, 0x5b, 0x26, 0x08,
2068 0x2a, 0x05, 0x89, 0xb0, 0xdd, 0x6f, 0xc6, 0x76, 0xc5, 0x2a, 0x60, 0x07, 0x0e, 0xb1, 0x71, 0x67,
2069 0x21, 0x11, 0xf8, 0xb5, 0x52, 0xa3, 0xf3, 0xf0, 0xd4, 0x5f, 0xdf, 0x44, 0x66, 0x23, 0xd8, 0x4e,
2070 0xbd, 0x64, 0x39, 0x43, 0x03, 0x37, 0xaa, 0xd7, 0xea, 0xb3, 0x6d, 0x2f, 0x84, 0x9c, 0x02, 0x49
2074 g_sslContextMutex = ca_mutex_new();
2075 ca_mutex_lock(g_sslContextMutex);
2076 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
2077 g_caSslContext->peerList = u_arraylist_create();
2078 mbedtls_entropy_init(&g_caSslContext->entropy);
2079 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
2080 unsigned char * seed = (unsigned char*) SEED;
2081 mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func_clutch,
2082 &g_caSslContext->entropy, seed, sizeof(SEED));
2083 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
2084 mbedtls_ssl_config_init(&g_caSslContext->clientTlsConf);
2085 mbedtls_ssl_config_defaults(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_IS_CLIENT,
2086 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
2087 mbedtls_ssl_conf_psk_cb(&g_caSslContext->clientTlsConf, GetPskCredentialsCallback, NULL);
2088 mbedtls_ssl_conf_rng( &g_caSslContext->clientTlsConf, mbedtls_ctr_drbg_random,
2089 &g_caSslContext->rnd);
2090 mbedtls_ssl_conf_curves(&g_caSslContext->clientTlsConf, curve[ADAPTER_CURVE_SECP256R1]);
2091 mbedtls_ssl_conf_min_version(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_MAJOR_VERSION_3,
2092 MBEDTLS_SSL_MINOR_VERSION_1);
2093 mbedtls_ssl_conf_renegotiation(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
2094 mbedtls_ssl_conf_authmode(&g_caSslContext->clientTlsConf, MBEDTLS_SSL_VERIFY_REQUIRED);
2095 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
2096 mbedtls_x509_crt_init(&g_caSslContext->ca);
2097 mbedtls_x509_crt_init(&g_caSslContext->crt);
2098 mbedtls_pk_init(&g_caSslContext->pkey);
2099 mbedtls_x509_crl_init(&g_caSslContext->crl);
2100 ca_mutex_unlock(g_sslContextMutex);
2102 // CAsetTlsAdapterCallbacks
2103 CAsetSslAdapterCallbacks(CATCPPacketReceivedCB, CATCPPacketSendCB, CA_ADAPTER_TCP);
2105 // CAsetPkixInfoCallback
2106 CAsetPkixInfoCallback(infoCallback_that_loads_x509);
2108 // CAsetCredentialTypesCallback
2109 g_getCredentialTypesCallback = clutch;
2111 CAsetTlsCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8);
2113 CAsetPskCredentialsCallback(GetDtlsPskCredentials);
2117 // CAinitiateSslHandshake
2118 ca_mutex_lock(g_sslContextMutex);
2119 InitiateTlsHandshake(&serverAddr);
2120 ca_mutex_unlock(g_sslContextMutex);
2122 ret = CAsslGenerateOwnerPsk(&serverAddr,
2123 label, sizeof(label),
2124 rsrcServerDeviceId, sizeof(rsrcServerDeviceId),
2125 provServerDeviceId, sizeof(provServerDeviceId),
2128 // CAcloseTlsConnection
2129 ca_mutex_lock(g_sslContextMutex);
2130 SslEndPoint_t * tep = GetSslPeer(&serverAddr);
2131 mbedtls_ssl_close_notify(&tep->ssl);
2132 RemovePeerFromList(&tep->sep.endpoint);
2133 ca_mutex_unlock(g_sslContextMutex);
2135 // CAdeinitTlsAdapter
2136 ca_mutex_lock(g_sslContextMutex);
2138 mbedtls_x509_crt_free(&g_caSslContext->crt);
2139 mbedtls_pk_free(&g_caSslContext->pkey);
2140 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
2141 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
2142 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
2143 mbedtls_entropy_free(&g_caSslContext->entropy);
2144 OICFree(g_caSslContext);
2145 g_caSslContext = NULL;
2146 ca_mutex_unlock(g_sslContextMutex);
2147 ca_mutex_free(g_sslContextMutex);
2148 g_sslContextMutex = NULL;
2152 if (ret == 0 && memcmp(predictedPSK, ownerPsk, sizeof(predictedPSK)) == 0)
2159 *((int*)arg) = 0xFF;
2160 return (void *) 0xFF;
2164 TEST(TLSAdaper, Test_11)
2166 pthread_t thread1, thread2;
2170 ret = pthread_create( &thread1, NULL, server, (void*) NULL);
2173 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);
2179 ret = pthread_create( &thread2, NULL, testCAsslGenerateOwnerPsk, &arg);
2182 fprintf(stderr, "Error - pthread_create() return code: %d\n", ret);