commit 3b8926c9d162c308ac8d694594df479fe4be9ce5
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Dec 01 11:18:00 2014 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Feb 16 17:22:46 2015 +0000
tree 8af85c5ffd953648b468d443b1e3adc350176abb
parent 4d5cc11ed6a3dbb101aa0941af62a0e694d798f7

Adapt mini-client for config-suite-b.h

programs/ssl/mini_client.c

diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index 8223154..a06d345 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -1,5 +1,6 @@
 /*
  *  Minimal SSL client, used for memory measurements.
+ *  (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h)
  *
  *  Copyright (C) 2014, ARM Limited, All Rights Reserved
  *
@@ -72,43 +73,120 @@
 #define PORT_LE 0x5111
 #define ADDR_BE 0x7f000001  /* 127.0.0.1 */
 #define ADDR_LE 0x0100007f
+#define HOSTNAME "localhost" /* for cert verification if enabled */
 
 #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n"
 
+const char *pers = "mini_client";
+
+#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
 const unsigned char psk[] = {
     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
 };
 const char psk_id[] = "Client_identity";
+#endif
 
-const char *pers = "mini_client";
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */
+const unsigned char ca_cert[] = {
+    0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01,
+    0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8,
+    0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
+    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+    0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39,
+    0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32,
+    0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a,
+    0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+    0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a,
+    0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c,
+    0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c,
+    0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45,
+    0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22,
+    0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f,
+    0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e,
+    0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95,
+    0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95,
+    0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a,
+    0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2,
+    0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47,
+    0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66,
+    0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d,
+    0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20,
+    0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24,
+    0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23,
+    0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01,
+    0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb,
+    0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09,
+    0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30,
+    0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61,
+    0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04,
+    0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20,
+    0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09,
+    0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06,
+    0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
+    0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,
+    0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56,
+    0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8,
+    0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a,
+    0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67,
+    0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67,
+    0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6,
+    0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f,
+    0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c,
+    0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20,
+};
+#endif /* POLARSSL_X509_CRT_PARSE_C */
+
+enum exit_codes
+{
+    exit_ok = 0,
+    ctr_drbg_init_failed,
+    ssl_init_failed,
+    socket_failed,
+    connect_failed,
+    x509_crt_parse_failed,
+    ssl_handshake_failed,
+    ssl_write_failed,
+};
 
 int main( void )
 {
-    int ret = 0;
+    int ret = exit_ok;
     int server_fd = -1;
     struct sockaddr_in addr;
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+    x509_crt ca;
+#endif
 
     entropy_context entropy;
     ctr_drbg_context ctr_drbg;
     ssl_context ssl;
 
     /*
-     * 1. Initialize and setup stuff
+     * 0. Initialize and setup stuff
      */
     memset( &ssl, 0, sizeof( ssl_context ) );
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+    x509_crt_init( &ca );
+#endif
 
     entropy_init( &entropy );
     if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                        (const unsigned char *) pers, strlen( pers ) ) != 0 )
     {
-        ret = 1;
+        ret = ssl_init_failed;
         goto exit;
     }
 
     if( ssl_init( &ssl ) != 0 )
     {
-        ret = 2;
+        ret = ssl_init_failed;
         goto exit;
     }
 
@@ -116,8 +194,21 @@
 
     ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
 
+#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
     ssl_set_psk( &ssl, psk, sizeof( psk ),
                 (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
+#endif
+
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+    if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 )
+    {
+        ret = x509_crt_parse_failed;
+        goto exit;
+    }
+
+    ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
+    ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
+#endif
 
     /*
      * 1. Start the connection
@@ -132,14 +223,14 @@
 
     if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
     {
-        ret = 3;
+        ret = socket_failed;
         goto exit;
     }
 
     if( connect( server_fd,
                 (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
     {
-        ret = 4;
+        ret = connect_failed;
         goto exit;
     }
 
@@ -147,7 +238,7 @@
 
     if( ssl_handshake( &ssl ) != 0 )
     {
-        ret = 5;
+        ret = ssl_handshake_failed;
         goto exit;
     }
 
@@ -157,7 +248,7 @@
     if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST,
                          sizeof( GET_REQUEST ) - 1 ) <= 0 )
     {
-        ret = 6;
+        ret = ssl_write_failed;
         goto exit;
     }
 
@@ -170,6 +261,9 @@
     ssl_free( &ssl );
     ctr_drbg_free( &ctr_drbg );
     entropy_free( &entropy );
+#if defined(POLARSSL_X509_CRT_PARSE_C)
+    x509_crt_free( &ca );
+#endif
 
     return( ret );
 }