Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Minimal SSL client, used for memory measurements. |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 3 | * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 4 | * |
Bence Szépkúti | 1e14827 | 2020-08-07 13:07:28 +0200 | [diff] [blame] | 5 | * Copyright The Mbed TLS Contributors |
Dave Rodgman | e3c0585 | 2023-11-03 12:21:36 +0000 | [diff] [blame] | 6 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 7 | */ |
| 8 | |
Bence Szépkúti | c662b36 | 2021-05-27 11:25:03 +0200 | [diff] [blame] | 9 | #include "mbedtls/build_info.h" |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 10 | |
Manuel Pégourié-Gonnard | 3ef6a6d | 2018-12-10 14:31:45 +0100 | [diff] [blame] | 11 | #include "mbedtls/platform.h" |
Manuel Pégourié-Gonnard | 3ef6a6d | 2018-12-10 14:31:45 +0100 | [diff] [blame] | 12 | |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 13 | /* |
| 14 | * We're creating and connecting the socket "manually" rather than using the |
| 15 | * NET module, in order to avoid the overhead of getaddrinfo() which tends to |
| 16 | * dominate memory usage in small configurations. For the sake of simplicity, |
| 17 | * only a Unix version is implemented. |
Manuel Pégourié-Gonnard | 5db6432 | 2015-06-30 15:40:39 +0200 | [diff] [blame] | 18 | * |
Shaun Case | 8b0ecbc | 2021-12-20 21:14:10 -0800 | [diff] [blame] | 19 | * Warning: we are breaking some of the abstractions from the NET layer here. |
Manuel Pégourié-Gonnard | 5db6432 | 2015-06-30 15:40:39 +0200 | [diff] [blame] | 20 | * This is not a good example for general use. This programs has the specific |
| 21 | * goal of minimizing use of the libc functions on full-blown OSes. |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 22 | */ |
Manuel Pégourié-Gonnard | 90ab4a4 | 2016-02-22 10:47:43 +0100 | [diff] [blame] | 23 | #if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__) |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 24 | #define UNIX |
| 25 | #endif |
| 26 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 27 | #if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ |
| 28 | !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 29 | !defined(UNIX) |
SimonB | d5800b7 | 2016-04-26 07:43:27 +0100 | [diff] [blame] | 30 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 31 | int main(void) |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 32 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 33 | mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " |
| 34 | "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " |
| 35 | "not defined.\n"); |
| 36 | mbedtls_exit(0); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 37 | } |
| 38 | #else |
| 39 | |
| 40 | #include <string.h> |
| 41 | |
Andres AG | 788aa4a | 2016-09-14 14:32:09 +0100 | [diff] [blame] | 42 | #include "mbedtls/net_sockets.h" |
Manuel Pégourié-Gonnard | 7f80997 | 2015-03-09 17:05:11 +0000 | [diff] [blame] | 43 | #include "mbedtls/ssl.h" |
| 44 | #include "mbedtls/entropy.h" |
| 45 | #include "mbedtls/ctr_drbg.h" |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 46 | |
| 47 | #include <sys/socket.h> |
| 48 | #include <netinet/in.h> |
| 49 | #include <arpa/inet.h> |
| 50 | |
| 51 | /* |
| 52 | * Hardcoded values for server host and port |
| 53 | */ |
| 54 | #define PORT_BE 0x1151 /* 4433 */ |
| 55 | #define PORT_LE 0x5111 |
| 56 | #define ADDR_BE 0x7f000001 /* 127.0.0.1 */ |
| 57 | #define ADDR_LE 0x0100007f |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 58 | #define HOSTNAME "localhost" /* for cert verification if enabled */ |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 59 | |
| 60 | #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" |
| 61 | |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 62 | const char *pers = "mini_client"; |
| 63 | |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 64 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 65 | const unsigned char psk[] = { |
| 66 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, |
| 67 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f |
| 68 | }; |
| 69 | const char psk_id[] = "Client_identity"; |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 70 | #endif |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 71 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 72 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 73 | /* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */ |
| 74 | const unsigned char ca_cert[] = { |
| 75 | 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, |
| 76 | 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, |
| 77 | 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, |
| 78 | 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, |
| 79 | 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, |
| 80 | 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, |
| 81 | 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, |
| 82 | 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, |
| 83 | 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39, |
| 84 | 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32, |
| 85 | 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, |
| 86 | 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, |
| 87 | 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, |
| 88 | 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, |
| 89 | 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, |
| 90 | 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, |
| 91 | 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, |
| 92 | 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, |
| 93 | 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, |
| 94 | 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, |
| 95 | 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, |
| 96 | 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, |
| 97 | 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, |
| 98 | 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, |
| 99 | 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, |
| 100 | 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, |
| 101 | 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d, |
| 102 | 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20, |
| 103 | 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, |
| 104 | 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, |
| 105 | 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, |
| 106 | 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, |
| 107 | 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, |
| 108 | 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, |
| 109 | 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, |
| 110 | 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, |
| 111 | 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, |
| 112 | 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, |
| 113 | 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06, |
| 114 | 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, |
| 115 | 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, |
| 116 | 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56, |
| 117 | 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8, |
| 118 | 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a, |
| 119 | 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67, |
| 120 | 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67, |
| 121 | 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6, |
| 122 | 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f, |
| 123 | 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, |
| 124 | 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, |
| 125 | }; |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 126 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 127 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 128 | enum exit_codes { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 129 | exit_ok = 0, |
Manuel Pégourié-Gonnard | ec160c0 | 2015-04-28 22:52:30 +0200 | [diff] [blame] | 130 | ctr_drbg_seed_failed, |
Manuel Pégourié-Gonnard | fd862b1 | 2015-05-11 12:40:45 +0200 | [diff] [blame] | 131 | ssl_config_defaults_failed, |
Manuel Pégourié-Gonnard | 41d479e | 2015-04-29 00:48:22 +0200 | [diff] [blame] | 132 | ssl_setup_failed, |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 133 | hostname_failed, |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 134 | socket_failed, |
| 135 | connect_failed, |
| 136 | x509_crt_parse_failed, |
| 137 | ssl_handshake_failed, |
| 138 | ssl_write_failed, |
| 139 | }; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 140 | |
Simon Butcher | 63cb97e | 2018-12-06 17:43:31 +0000 | [diff] [blame] | 141 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 142 | int main(void) |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 143 | { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 144 | int ret = exit_ok; |
Manuel Pégourié-Gonnard | 5db6432 | 2015-06-30 15:40:39 +0200 | [diff] [blame] | 145 | mbedtls_net_context server_fd; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 146 | struct sockaddr_in addr; |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 147 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 148 | mbedtls_x509_crt ca; |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 149 | #endif |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 150 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 151 | mbedtls_entropy_context entropy; |
| 152 | mbedtls_ctr_drbg_context ctr_drbg; |
| 153 | mbedtls_ssl_context ssl; |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 154 | mbedtls_ssl_config conf; |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 155 | mbedtls_ctr_drbg_init(&ctr_drbg); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 156 | |
Przemek Stekiel | a0a1c1e | 2023-04-17 11:10:05 +0200 | [diff] [blame] | 157 | /* |
| 158 | * 0. Initialize and setup stuff |
| 159 | */ |
| 160 | mbedtls_net_init(&server_fd); |
| 161 | mbedtls_ssl_init(&ssl); |
| 162 | mbedtls_ssl_config_init(&conf); |
| 163 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| 164 | mbedtls_x509_crt_init(&ca); |
| 165 | #endif |
| 166 | mbedtls_entropy_init(&entropy); |
| 167 | |
Przemek Stekiel | 89c636e | 2023-04-14 09:26:39 +0200 | [diff] [blame] | 168 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 169 | psa_status_t status = psa_crypto_init(); |
| 170 | if (status != PSA_SUCCESS) { |
Przemek Stekiel | 89c636e | 2023-04-14 09:26:39 +0200 | [diff] [blame] | 171 | ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; |
| 172 | goto exit; |
| 173 | } |
| 174 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 175 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 176 | if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, |
| 177 | (const unsigned char *) pers, strlen(pers)) != 0) { |
Manuel Pégourié-Gonnard | 41d479e | 2015-04-29 00:48:22 +0200 | [diff] [blame] | 178 | ret = ctr_drbg_seed_failed; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 179 | goto exit; |
| 180 | } |
| 181 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 182 | if (mbedtls_ssl_config_defaults(&conf, |
| 183 | MBEDTLS_SSL_IS_CLIENT, |
| 184 | MBEDTLS_SSL_TRANSPORT_STREAM, |
| 185 | MBEDTLS_SSL_PRESET_DEFAULT) != 0) { |
Manuel Pégourié-Gonnard | def0bbe | 2015-05-04 14:56:36 +0200 | [diff] [blame] | 186 | ret = ssl_config_defaults_failed; |
| 187 | goto exit; |
| 188 | } |
| 189 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 190 | mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 191 | |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 192 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 193 | mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), |
| 194 | (const unsigned char *) psk_id, sizeof(psk_id) - 1); |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 195 | #endif |
| 196 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 197 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 198 | if (mbedtls_x509_crt_parse_der(&ca, ca_cert, sizeof(ca_cert)) != 0) { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 199 | ret = x509_crt_parse_failed; |
| 200 | goto exit; |
| 201 | } |
| 202 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 203 | mbedtls_ssl_conf_ca_chain(&conf, &ca, NULL); |
| 204 | mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); |
Manuel Pégourié-Gonnard | 06939ce | 2015-05-11 11:25:46 +0200 | [diff] [blame] | 205 | #endif |
| 206 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 207 | if (mbedtls_ssl_setup(&ssl, &conf) != 0) { |
Manuel Pégourié-Gonnard | 06939ce | 2015-05-11 11:25:46 +0200 | [diff] [blame] | 208 | ret = ssl_setup_failed; |
| 209 | goto exit; |
| 210 | } |
| 211 | |
Manuel Pégourié-Gonnard | 55fab2d | 2015-05-11 16:15:19 +0200 | [diff] [blame] | 212 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 213 | if (mbedtls_ssl_set_hostname(&ssl, HOSTNAME) != 0) { |
Manuel Pégourié-Gonnard | bc2b771 | 2015-05-06 11:14:19 +0100 | [diff] [blame] | 214 | ret = hostname_failed; |
| 215 | goto exit; |
| 216 | } |
Manuel Pégourié-Gonnard | 55fab2d | 2015-05-11 16:15:19 +0200 | [diff] [blame] | 217 | #endif |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 218 | |
| 219 | /* |
| 220 | * 1. Start the connection |
| 221 | */ |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 222 | memset(&addr, 0, sizeof(addr)); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 223 | addr.sin_family = AF_INET; |
| 224 | |
| 225 | ret = 1; /* for endianness detection */ |
| 226 | addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE; |
| 227 | addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; |
| 228 | ret = 0; |
| 229 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 230 | if ((server_fd.fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 231 | ret = socket_failed; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 232 | goto exit; |
| 233 | } |
| 234 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 235 | if (connect(server_fd.fd, |
| 236 | (const struct sockaddr *) &addr, sizeof(addr)) < 0) { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 237 | ret = connect_failed; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 238 | goto exit; |
| 239 | } |
| 240 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 241 | mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 242 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 243 | if (mbedtls_ssl_handshake(&ssl) != 0) { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 244 | ret = ssl_handshake_failed; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 245 | goto exit; |
| 246 | } |
| 247 | |
| 248 | /* |
| 249 | * 2. Write the GET request and close the connection |
| 250 | */ |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 251 | if (mbedtls_ssl_write(&ssl, (const unsigned char *) GET_REQUEST, |
| 252 | sizeof(GET_REQUEST) - 1) <= 0) { |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 253 | ret = ssl_write_failed; |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 254 | goto exit; |
| 255 | } |
| 256 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 257 | mbedtls_ssl_close_notify(&ssl); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 258 | |
| 259 | exit: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 260 | mbedtls_net_free(&server_fd); |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 261 | mbedtls_ssl_free(&ssl); |
| 262 | mbedtls_ssl_config_free(&conf); |
| 263 | mbedtls_ctr_drbg_free(&ctr_drbg); |
| 264 | mbedtls_entropy_free(&entropy); |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 265 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 266 | mbedtls_x509_crt_free(&ca); |
Manuel Pégourié-Gonnard | 3b8926c | 2014-12-01 11:18:00 +0100 | [diff] [blame] | 267 | #endif |
Przemek Stekiel | 758aef6 | 2023-04-19 13:47:43 +0200 | [diff] [blame] | 268 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
Przemek Stekiel | a8c560a | 2023-04-19 10:15:26 +0200 | [diff] [blame] | 269 | mbedtls_psa_crypto_free(); |
Przemek Stekiel | 758aef6 | 2023-04-19 13:47:43 +0200 | [diff] [blame] | 270 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 271 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 272 | mbedtls_exit(ret); |
Manuel Pégourié-Gonnard | a6fc5b2 | 2014-11-24 14:05:25 +0100 | [diff] [blame] | 273 | } |
| 274 | #endif |