blob: bdeef9b655b0d8e49bd4222989c75ab6f1011a27 [file] [log] [blame]
Paul Bakker1496d382011-05-23 12:07:29 +00001/*
2 * SSL client for SMTP servers
3 *
Bence Szépkúti1e148272020-08-07 13:07:28 +02004 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +00005 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakker1496d382011-05-23 12:07:29 +00006 */
7
Nicholas Wilson61fa4362018-06-25 12:10:00 +01008/* Enable definition of gethostname() even when compiling with -std=c99. Must
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +02009 * be set before mbedtls_config.h, which pulls in glibc's features.h indirectly.
Nicholas Wilson2682edf2017-12-05 12:08:15 +000010 * Harmless on other platforms. */
Mateusz Starzyk5dd4f6e2021-05-19 19:35:35 +020011
Nicholas Wilson2682edf2017-12-05 12:08:15 +000012#define _POSIX_C_SOURCE 200112L
nia7eb0e622020-06-11 12:30:12 +010013#define _XOPEN_SOURCE 600
Nicholas Wilson2682edf2017-12-05 12:08:15 +000014
Bence Szépkútic662b362021-05-27 11:25:03 +020015#include "mbedtls/build_info.h"
Paul Bakker1496d382011-05-23 12:07:29 +000016
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000017#include "mbedtls/platform.h"
Rich Evansf90016a2015-01-19 14:26:37 +000018
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020019#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
20 !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
21 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
22 !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
23 !defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +010024int main(void)
Manuel Pégourié-Gonnard4b3e5ef2015-03-27 11:24:27 +010025{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020026 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
Gilles Peskine449bd832023-01-11 14:50:10 +010027 "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
28 "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
29 "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C "
30 "not defined.\n");
31 mbedtls_exit(0);
Manuel Pégourié-Gonnard4b3e5ef2015-03-27 11:24:27 +010032}
33#else
34
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000035#include "mbedtls/base64.h"
36#include "mbedtls/error.h"
Andres AG788aa4a2016-09-14 14:32:09 +010037#include "mbedtls/net_sockets.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000038#include "mbedtls/ssl.h"
39#include "mbedtls/entropy.h"
40#include "mbedtls/ctr_drbg.h"
Mateusz Starzyk1aec6462021-02-08 15:34:42 +010041#include "test/certs.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000042#include "mbedtls/x509.h"
Rich Evans18b78c72015-02-11 14:06:19 +000043
Rich Evans18b78c72015-02-11 14:06:19 +000044#include <stdlib.h>
45#include <string.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +010046
47#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32)
Paul Bakker1496d382011-05-23 12:07:29 +000048#include <unistd.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +010049#else
50#include <io.h>
Paul Bakkerfdda7852013-11-30 15:15:31 +010051#endif
Paul Bakker1496d382011-05-23 12:07:29 +000052
Paul Bakker5a835222011-10-12 09:19:31 +000053#if defined(_WIN32) || defined(_WIN32_WCE)
Paul Bakker5a835222011-10-12 09:19:31 +000054#include <winsock2.h>
55#include <windows.h>
56
Paul Bakkerf0fc2a22013-12-30 15:42:43 +010057#if defined(_MSC_VER)
Paul Bakker5a835222011-10-12 09:19:31 +000058#if defined(_WIN32_WCE)
59#pragma comment( lib, "ws2.lib" )
60#else
61#pragma comment( lib, "ws2_32.lib" )
62#endif
Paul Bakkerf0fc2a22013-12-30 15:42:43 +010063#endif /* _MSC_VER */
Paul Bakker5a835222011-10-12 09:19:31 +000064#endif
65
Paul Bakker1496d382011-05-23 12:07:29 +000066#define DFL_SERVER_NAME "localhost"
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +020067#define DFL_SERVER_PORT "465"
Paul Bakker1496d382011-05-23 12:07:29 +000068#define DFL_USER_NAME "user"
69#define DFL_USER_PWD "password"
70#define DFL_MAIL_FROM ""
71#define DFL_MAIL_TO ""
72#define DFL_DEBUG_LEVEL 0
Paul Bakker5690efc2011-05-26 13:16:06 +000073#define DFL_CA_FILE ""
Paul Bakker1496d382011-05-23 12:07:29 +000074#define DFL_CRT_FILE ""
75#define DFL_KEY_FILE ""
76#define DFL_FORCE_CIPHER 0
77#define DFL_MODE 0
78#define DFL_AUTHENTICATION 0
79
80#define MODE_SSL_TLS 0
81#define MODE_STARTTLS 0
82
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020083#if defined(MBEDTLS_BASE64_C)
Rich Evans85b05ec2015-02-12 11:37:29 +000084#define USAGE_AUTH \
irwirf5ce5d52019-01-19 19:05:56 +030085 " authentication=%%d default: 0 (disabled)\n" \
86 " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \
Gilles Peskine449bd832023-01-11 14:50:10 +010087 " user_pwd=%%s default: \"" \
88 DFL_USER_PWD "\"\n"
Rich Evans85b05ec2015-02-12 11:37:29 +000089#else
90#define USAGE_AUTH \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020091 " authentication options disabled. (Require MBEDTLS_BASE64_C)\n"
92#endif /* MBEDTLS_BASE64_C */
Rich Evans85b05ec2015-02-12 11:37:29 +000093
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020094#if defined(MBEDTLS_FS_IO)
Rich Evans85b05ec2015-02-12 11:37:29 +000095#define USAGE_IO \
96 " ca_file=%%s default: \"\" (pre-loaded)\n" \
97 " crt_file=%%s default: \"\" (pre-loaded)\n" \
98 " key_file=%%s default: \"\" (pre-loaded)\n"
99#else
100#define USAGE_IO \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200101 " No file operations available (MBEDTLS_FS_IO not defined)\n"
102#endif /* MBEDTLS_FS_IO */
Rich Evans85b05ec2015-02-12 11:37:29 +0000103
104#define USAGE \
irwirf5ce5d52019-01-19 19:05:56 +0300105 "\n usage: ssl_mail_client param=<>...\n" \
106 "\n acceptable parameters:\n" \
107 " server_name=%%s default: " DFL_SERVER_NAME "\n" \
Gilles Peskine449bd832023-01-11 14:50:10 +0100108 " server_port=%%d default: " \
109 DFL_SERVER_PORT "\n" \
110 " debug_level=%%d default: 0 (disabled)\n" \
111 " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \
irwirf5ce5d52019-01-19 19:05:56 +0300112 USAGE_AUTH \
113 " mail_from=%%s default: \"\"\n" \
114 " mail_to=%%s default: \"\"\n" \
115 USAGE_IO \
116 " force_ciphersuite=<name> default: all enabled\n" \
Rich Evans85b05ec2015-02-12 11:37:29 +0000117 " acceptable ciphersuite names:\n"
118
Simon Butcher63cb97e2018-12-06 17:43:31 +0000119
Paul Bakker1496d382011-05-23 12:07:29 +0000120/*
121 * global options
122 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100123struct options {
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200124 const char *server_name; /* hostname of the server (client only) */
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +0200125 const char *server_port; /* port on which the ssl service runs */
Paul Bakker1496d382011-05-23 12:07:29 +0000126 int debug_level; /* level of debugging */
127 int authentication; /* if authentication is required */
128 int mode; /* SSL/TLS (0) or STARTTLS (1) */
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200129 const char *user_name; /* username to use for authentication */
130 const char *user_pwd; /* password to use for authentication */
131 const char *mail_from; /* E-Mail address to use as sender */
132 const char *mail_to; /* E-Mail address to use as recipient */
133 const char *ca_file; /* the file with the CA certificate(s) */
134 const char *crt_file; /* the file with the client certificate */
135 const char *key_file; /* the file with the client key */
Paul Bakker1496d382011-05-23 12:07:29 +0000136 int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
137} opt;
138
Gilles Peskine449bd832023-01-11 14:50:10 +0100139static void my_debug(void *ctx, int level,
140 const char *file, int line,
141 const char *str)
Paul Bakker1496d382011-05-23 12:07:29 +0000142{
Manuel Pégourié-Gonnard61ee3512015-06-23 17:35:03 +0200143 ((void) level);
144
Gilles Peskine449bd832023-01-11 14:50:10 +0100145 mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
146 fflush((FILE *) ctx);
Paul Bakker1496d382011-05-23 12:07:29 +0000147}
148
Gilles Peskine449bd832023-01-11 14:50:10 +0100149static int do_handshake(mbedtls_ssl_context *ssl)
Paul Bakker1496d382011-05-23 12:07:29 +0000150{
151 int ret;
Manuel Pégourié-Gonnarde6ef16f2015-05-11 19:54:43 +0200152 uint32_t flags;
Paul Bakker1496d382011-05-23 12:07:29 +0000153 unsigned char buf[1024];
Paul Bakker5690efc2011-05-26 13:16:06 +0000154 memset(buf, 0, 1024);
Paul Bakker1496d382011-05-23 12:07:29 +0000155
156 /*
157 * 4. Handshake
158 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100159 mbedtls_printf(" . Performing the SSL/TLS handshake...");
160 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000161
Gilles Peskine449bd832023-01-11 14:50:10 +0100162 while ((ret = mbedtls_ssl_handshake(ssl)) != 0) {
163 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200164#if defined(MBEDTLS_ERROR_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100165 mbedtls_strerror(ret, (char *) buf, 1024);
Paul Bakker5690efc2011-05-26 13:16:06 +0000166#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100167 mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf);
Paul Bakker1496d382011-05-23 12:07:29 +0000168 return -1;
169 }
170 }
171
Gilles Peskine449bd832023-01-11 14:50:10 +0100172 mbedtls_printf(" ok\n [ Ciphersuite is %s ]\n",
173 mbedtls_ssl_get_ciphersuite(ssl));
174
175 /*
176 * 5. Verify the server certificate
177 */
178 mbedtls_printf(" . Verifying peer X.509 certificate...");
179
180 /* In real life, we probably want to bail out when ret != 0 */
181 if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) {
182#if !defined(MBEDTLS_X509_REMOVE_INFO)
183 char vrfy_buf[512];
184#endif
185
186 mbedtls_printf(" failed\n");
187
188#if !defined(MBEDTLS_X509_REMOVE_INFO)
189 mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags);
190
191 mbedtls_printf("%s\n", vrfy_buf);
192#endif
193 } else {
194 mbedtls_printf(" ok\n");
195 }
196
197#if !defined(MBEDTLS_X509_REMOVE_INFO)
198 mbedtls_printf(" . Peer certificate information ...\n");
199 mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ",
200 mbedtls_ssl_get_peer_cert(ssl));
201 mbedtls_printf("%s\n", buf);
202#endif
203
204 return 0;
Paul Bakker1496d382011-05-23 12:07:29 +0000205}
206
Gilles Peskine449bd832023-01-11 14:50:10 +0100207static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
208{
209 int ret;
210
211 mbedtls_printf("\n%s", buf);
212 while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
213 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
214 mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
215 return -1;
216 }
217 }
218
219 return 0;
220}
221
222static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len)
Paul Bakker1496d382011-05-23 12:07:29 +0000223{
224 int ret;
225 unsigned char data[128];
226 char code[4];
227 size_t i, idx = 0;
228
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200229 mbedtls_printf("\n%s", buf);
Gilles Peskine449bd832023-01-11 14:50:10 +0100230 while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) {
231 if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
232 mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000233 return -1;
234 }
235 }
236
Gilles Peskine449bd832023-01-11 14:50:10 +0100237 do {
238 len = sizeof(data) - 1;
239 memset(data, 0, sizeof(data));
240 ret = mbedtls_ssl_read(ssl, data, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000241
Gilles Peskine449bd832023-01-11 14:50:10 +0100242 if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
Paul Bakker1496d382011-05-23 12:07:29 +0000243 continue;
Gilles Peskine449bd832023-01-11 14:50:10 +0100244 }
Paul Bakker1496d382011-05-23 12:07:29 +0000245
Gilles Peskine449bd832023-01-11 14:50:10 +0100246 if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
Paul Bakker1496d382011-05-23 12:07:29 +0000247 return -1;
Gilles Peskine449bd832023-01-11 14:50:10 +0100248 }
Paul Bakker1496d382011-05-23 12:07:29 +0000249
Gilles Peskine449bd832023-01-11 14:50:10 +0100250 if (ret <= 0) {
251 mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000252 return -1;
253 }
254
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200255 mbedtls_printf("\n%s", data);
Paul Bakker1496d382011-05-23 12:07:29 +0000256 len = ret;
Gilles Peskine449bd832023-01-11 14:50:10 +0100257 for (i = 0; i < len; i++) {
258 if (data[i] != '\n') {
259 if (idx < 4) {
260 code[idx++] = data[i];
261 }
Paul Bakker1496d382011-05-23 12:07:29 +0000262 continue;
263 }
264
Gilles Peskine449bd832023-01-11 14:50:10 +0100265 if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
Paul Bakker1496d382011-05-23 12:07:29 +0000266 code[3] = '\0';
Gilles Peskine449bd832023-01-11 14:50:10 +0100267 return atoi(code);
Paul Bakker1496d382011-05-23 12:07:29 +0000268 }
Paul Bakker3c5ef712013-06-25 16:37:45 +0200269
Paul Bakker1496d382011-05-23 12:07:29 +0000270 idx = 0;
271 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100272 } while (1);
Paul Bakker1496d382011-05-23 12:07:29 +0000273}
274
Gilles Peskine449bd832023-01-11 14:50:10 +0100275static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len)
Paul Bakker1496d382011-05-23 12:07:29 +0000276{
277 int ret;
278 unsigned char data[128];
279 char code[4];
280 size_t i, idx = 0;
281
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200282 mbedtls_printf("\n%s", buf);
Gilles Peskine449bd832023-01-11 14:50:10 +0100283 if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) {
284 mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret);
285 return -1;
Paul Bakker1496d382011-05-23 12:07:29 +0000286 }
287
Gilles Peskine449bd832023-01-11 14:50:10 +0100288 do {
289 len = sizeof(data) - 1;
290 memset(data, 0, sizeof(data));
291 ret = mbedtls_net_recv(sock_fd, data, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000292
Gilles Peskine449bd832023-01-11 14:50:10 +0100293 if (ret <= 0) {
294 mbedtls_printf("failed\n ! mbedtls_net_recv returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000295 return -1;
296 }
297
Paul Bakkerdf71dd12014-04-17 16:03:48 +0200298 data[len] = '\0';
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200299 mbedtls_printf("\n%s", data);
Paul Bakker1496d382011-05-23 12:07:29 +0000300 len = ret;
Gilles Peskine449bd832023-01-11 14:50:10 +0100301 for (i = 0; i < len; i++) {
302 if (data[i] != '\n') {
303 if (idx < 4) {
304 code[idx++] = data[i];
305 }
Paul Bakker1496d382011-05-23 12:07:29 +0000306 continue;
307 }
308
Gilles Peskine449bd832023-01-11 14:50:10 +0100309 if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') {
Paul Bakker1496d382011-05-23 12:07:29 +0000310 code[3] = '\0';
Gilles Peskine449bd832023-01-11 14:50:10 +0100311 return atoi(code);
Paul Bakker1496d382011-05-23 12:07:29 +0000312 }
Manuel Pégourié-Gonnard6c5abfa2015-02-13 14:12:07 +0000313
Paul Bakker1496d382011-05-23 12:07:29 +0000314 idx = 0;
315 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100316 } while (1);
Paul Bakker1496d382011-05-23 12:07:29 +0000317}
318
Gilles Peskine449bd832023-01-11 14:50:10 +0100319int main(int argc, char *argv[])
Paul Bakker1496d382011-05-23 12:07:29 +0000320{
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100321 int ret = 1, len;
322 int exit_code = MBEDTLS_EXIT_FAILURE;
Manuel Pégourié-Gonnard5db64322015-06-30 15:40:39 +0200323 mbedtls_net_context server_fd;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200324#if defined(MBEDTLS_BASE64_C)
Paul Bakker1496d382011-05-23 12:07:29 +0000325 unsigned char base[1024];
Mohammad Azim Khan9ebdcff2018-08-06 11:48:06 +0100326 /* buf is used as the destination buffer for printing base with the format:
327 * "%s\r\n". Hence, the size of buf should be at least the size of base
328 * plus 2 bytes for the \r and \n characters.
329 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100330 unsigned char buf[sizeof(base) + 2];
Mohammad Azim Khan9ebdcff2018-08-06 11:48:06 +0100331#else
332 unsigned char buf[1024];
Paul Bakker5690efc2011-05-26 13:16:06 +0000333#endif
Paul Bakker1496d382011-05-23 12:07:29 +0000334 char hostname[32];
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200335 const char *pers = "ssl_mail_client";
Paul Bakker508ad5a2011-12-04 17:09:26 +0000336
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200337 mbedtls_entropy_context entropy;
338 mbedtls_ctr_drbg_context ctr_drbg;
339 mbedtls_ssl_context ssl;
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200340 mbedtls_ssl_config conf;
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200341 mbedtls_x509_crt cacert;
342 mbedtls_x509_crt clicert;
343 mbedtls_pk_context pkey;
Paul Bakker1496d382011-05-23 12:07:29 +0000344 int i;
Paul Bakker819370c2012-09-28 07:04:41 +0000345 size_t n;
Paul Bakker1496d382011-05-23 12:07:29 +0000346 char *p, *q;
347 const int *list;
348
349 /*
Manuel Pégourié-Gonnard3bd2aae2013-09-20 13:10:13 +0200350 * Make sure memory references are valid in case we exit early.
Paul Bakker1496d382011-05-23 12:07:29 +0000351 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100352 mbedtls_net_init(&server_fd);
353 mbedtls_ssl_init(&ssl);
354 mbedtls_ssl_config_init(&conf);
355 memset(&buf, 0, sizeof(buf));
356 mbedtls_x509_crt_init(&cacert);
357 mbedtls_x509_crt_init(&clicert);
358 mbedtls_pk_init(&pkey);
359 mbedtls_ctr_drbg_init(&ctr_drbg);
Przemek Stekiela0a1c1e2023-04-17 11:10:05 +0200360 mbedtls_entropy_init(&entropy);
361
Przemek Stekiela0a1c1e2023-04-17 11:10:05 +0200362 psa_status_t status = psa_crypto_init();
363 if (status != PSA_SUCCESS) {
364 mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
365 (int) status);
366 goto exit;
367 }
Paul Bakker1496d382011-05-23 12:07:29 +0000368
Aditya Deshpande644a5c02023-01-30 15:58:50 +0000369 if (argc < 2) {
Gilles Peskine449bd832023-01-11 14:50:10 +0100370usage:
371 mbedtls_printf(USAGE);
Paul Bakker1496d382011-05-23 12:07:29 +0000372
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200373 list = mbedtls_ssl_list_ciphersuites();
Gilles Peskine449bd832023-01-11 14:50:10 +0100374 while (*list) {
375 mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list));
Paul Bakker1496d382011-05-23 12:07:29 +0000376 list++;
377 }
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200378 mbedtls_printf("\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000379 goto exit;
380 }
381
382 opt.server_name = DFL_SERVER_NAME;
383 opt.server_port = DFL_SERVER_PORT;
384 opt.debug_level = DFL_DEBUG_LEVEL;
385 opt.authentication = DFL_AUTHENTICATION;
386 opt.mode = DFL_MODE;
387 opt.user_name = DFL_USER_NAME;
388 opt.user_pwd = DFL_USER_PWD;
389 opt.mail_from = DFL_MAIL_FROM;
390 opt.mail_to = DFL_MAIL_TO;
Paul Bakker5690efc2011-05-26 13:16:06 +0000391 opt.ca_file = DFL_CA_FILE;
Paul Bakker1496d382011-05-23 12:07:29 +0000392 opt.crt_file = DFL_CRT_FILE;
393 opt.key_file = DFL_KEY_FILE;
Gilles Peskine449bd832023-01-11 14:50:10 +0100394 opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
Paul Bakker1496d382011-05-23 12:07:29 +0000395
Gilles Peskine449bd832023-01-11 14:50:10 +0100396 for (i = 1; i < argc; i++) {
Paul Bakker1496d382011-05-23 12:07:29 +0000397 p = argv[i];
Gilles Peskine449bd832023-01-11 14:50:10 +0100398 if ((q = strchr(p, '=')) == NULL) {
Paul Bakker1496d382011-05-23 12:07:29 +0000399 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100400 }
Paul Bakker1496d382011-05-23 12:07:29 +0000401 *q++ = '\0';
402
Gilles Peskine449bd832023-01-11 14:50:10 +0100403 if (strcmp(p, "server_name") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000404 opt.server_name = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100405 } else if (strcmp(p, "server_port") == 0) {
Manuel Pégourié-Gonnardc0d74942015-06-23 12:30:57 +0200406 opt.server_port = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100407 } else if (strcmp(p, "debug_level") == 0) {
408 opt.debug_level = atoi(q);
409 if (opt.debug_level < 0 || opt.debug_level > 65535) {
Paul Bakker1496d382011-05-23 12:07:29 +0000410 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100411 }
412 } else if (strcmp(p, "authentication") == 0) {
413 opt.authentication = atoi(q);
414 if (opt.authentication < 0 || opt.authentication > 1) {
Paul Bakker1496d382011-05-23 12:07:29 +0000415 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100416 }
417 } else if (strcmp(p, "mode") == 0) {
418 opt.mode = atoi(q);
419 if (opt.mode < 0 || opt.mode > 1) {
Paul Bakker1496d382011-05-23 12:07:29 +0000420 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100421 }
422 } else if (strcmp(p, "user_name") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000423 opt.user_name = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100424 } else if (strcmp(p, "user_pwd") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000425 opt.user_pwd = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100426 } else if (strcmp(p, "mail_from") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000427 opt.mail_from = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100428 } else if (strcmp(p, "mail_to") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000429 opt.mail_to = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100430 } else if (strcmp(p, "ca_file") == 0) {
Paul Bakker5690efc2011-05-26 13:16:06 +0000431 opt.ca_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100432 } else if (strcmp(p, "crt_file") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000433 opt.crt_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100434 } else if (strcmp(p, "key_file") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000435 opt.key_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100436 } else if (strcmp(p, "force_ciphersuite") == 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000437 opt.force_ciphersuite[0] = -1;
438
Gilles Peskine449bd832023-01-11 14:50:10 +0100439 opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q);
Paul Bakker1496d382011-05-23 12:07:29 +0000440
Gilles Peskine449bd832023-01-11 14:50:10 +0100441 if (opt.force_ciphersuite[0] <= 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000442 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100443 }
Paul Bakker1496d382011-05-23 12:07:29 +0000444
445 opt.force_ciphersuite[1] = 0;
Gilles Peskine449bd832023-01-11 14:50:10 +0100446 } else {
Paul Bakker1496d382011-05-23 12:07:29 +0000447 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100448 }
Paul Bakker1496d382011-05-23 12:07:29 +0000449 }
450
451 /*
452 * 0. Initialize the RNG and the session data
453 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100454 mbedtls_printf("\n . Seeding the random number generator...");
455 fflush(stdout);
Paul Bakker508ad5a2011-12-04 17:09:26 +0000456
Gilles Peskine449bd832023-01-11 14:50:10 +0100457 if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
458 (const unsigned char *) pers,
459 strlen(pers))) != 0) {
460 mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
Paul Bakker508ad5a2011-12-04 17:09:26 +0000461 goto exit;
462 }
463
Gilles Peskine449bd832023-01-11 14:50:10 +0100464 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000465
466 /*
467 * 1.1. Load the trusted CA
468 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100469 mbedtls_printf(" . Loading the CA root certificate ...");
470 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000471
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200472#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100473 if (strlen(opt.ca_file)) {
474 ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file);
475 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000476#endif
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100477#if defined(MBEDTLS_PEM_PARSE_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100478 ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
479 mbedtls_test_cas_pem_len);
Paul Bakker5690efc2011-05-26 13:16:06 +0000480#else
481 {
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100482 mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100483 goto exit;
Paul Bakker5690efc2011-05-26 13:16:06 +0000484 }
485#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100486 if (ret < 0) {
487 mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000488 goto exit;
489 }
490
Gilles Peskine449bd832023-01-11 14:50:10 +0100491 mbedtls_printf(" ok (%d skipped)\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000492
493 /*
494 * 1.2. Load own certificate and private key
495 *
496 * (can be skipped if client authentication is not required)
497 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100498 mbedtls_printf(" . Loading the client cert. and key...");
499 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200501#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100502 if (strlen(opt.crt_file)) {
503 ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file);
504 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000505#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100506 ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt,
507 mbedtls_test_cli_crt_len);
508 if (ret != 0) {
509 mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000510 goto exit;
511 }
512
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200513#if defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100514 if (strlen(opt.key_file)) {
515 ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "",
516 mbedtls_ctr_drbg_random, &ctr_drbg);
517 } else
Paul Bakker5690efc2011-05-26 13:16:06 +0000518#endif
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100519#if defined(MBEDTLS_PEM_PARSE_C)
Manuel Pégourié-Gonnard84dea012021-06-15 11:29:26 +0200520 {
Gilles Peskine449bd832023-01-11 14:50:10 +0100521 ret = mbedtls_pk_parse_key(&pkey,
522 (const unsigned char *) mbedtls_test_cli_key,
523 mbedtls_test_cli_key_len,
524 NULL,
525 0,
526 mbedtls_ctr_drbg_random,
527 &ctr_drbg);
Manuel Pégourié-Gonnard84dea012021-06-15 11:29:26 +0200528 }
Paul Bakker5690efc2011-05-26 13:16:06 +0000529#else
530 {
Mateusz Starzyk1aec6462021-02-08 15:34:42 +0100531 mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100532 goto exit;
Paul Bakker5690efc2011-05-26 13:16:06 +0000533 }
534#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100535 if (ret != 0) {
536 mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000537 goto exit;
538 }
539
Gilles Peskine449bd832023-01-11 14:50:10 +0100540 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000541
542 /*
543 * 2. Start the connection
544 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100545 mbedtls_printf(" . Connecting to tcp/%s/%s...", opt.server_name,
546 opt.server_port);
547 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000548
Gilles Peskine449bd832023-01-11 14:50:10 +0100549 if ((ret = mbedtls_net_connect(&server_fd, opt.server_name,
550 opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) {
551 mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000552 goto exit;
553 }
554
Gilles Peskine449bd832023-01-11 14:50:10 +0100555 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000556
557 /*
558 * 3. Setup stuff
559 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100560 mbedtls_printf(" . Setting up the SSL/TLS structure...");
561 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000562
Gilles Peskine449bd832023-01-11 14:50:10 +0100563 if ((ret = mbedtls_ssl_config_defaults(&conf,
564 MBEDTLS_SSL_IS_CLIENT,
565 MBEDTLS_SSL_TRANSPORT_STREAM,
566 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
567 mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
Manuel Pégourié-Gonnarddef0bbe2015-05-04 14:56:36 +0200568 goto exit;
569 }
570
Manuel Pégourié-Gonnardfcf2fc22014-03-11 11:10:27 +0100571 /* OPTIONAL is not optimal for security,
572 * but makes interop easier in this simplified example */
Gilles Peskine449bd832023-01-11 14:50:10 +0100573 mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
Paul Bakker1496d382011-05-23 12:07:29 +0000574
Gilles Peskine449bd832023-01-11 14:50:10 +0100575 mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
576 mbedtls_ssl_conf_dbg(&conf, my_debug, stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000577
Gilles Peskine449bd832023-01-11 14:50:10 +0100578 if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
579 mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
580 }
Paul Bakker1496d382011-05-23 12:07:29 +0000581
Gilles Peskine449bd832023-01-11 14:50:10 +0100582 mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
583 if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) {
584 mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret);
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200585 goto exit;
586 }
Paul Bakker1496d382011-05-23 12:07:29 +0000587
Gilles Peskine449bd832023-01-11 14:50:10 +0100588 if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
589 mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret);
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200590 goto exit;
591 }
592
Gilles Peskine449bd832023-01-11 14:50:10 +0100593 if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
594 mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
Manuel Pégourié-Gonnardc5fd3912014-07-08 14:05:52 +0200595 goto exit;
596 }
Paul Bakker1496d382011-05-23 12:07:29 +0000597
Gilles Peskine449bd832023-01-11 14:50:10 +0100598 mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200599
Gilles Peskine449bd832023-01-11 14:50:10 +0100600 mbedtls_printf(" ok\n");
Manuel Pégourié-Gonnard06939ce2015-05-11 11:25:46 +0200601
Gilles Peskine449bd832023-01-11 14:50:10 +0100602 if (opt.mode == MODE_SSL_TLS) {
603 if (do_handshake(&ssl) != 0) {
Paul Bakker1496d382011-05-23 12:07:29 +0000604 goto exit;
605 }
606
Gilles Peskine449bd832023-01-11 14:50:10 +0100607 mbedtls_printf(" > Get header from server:");
608 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000609
Gilles Peskine449bd832023-01-11 14:50:10 +0100610 ret = write_ssl_and_get_response(&ssl, buf, 0);
611 if (ret < 200 || ret > 299) {
612 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000613 goto exit;
614 }
615
Gilles Peskine449bd832023-01-11 14:50:10 +0100616 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000617
Gilles Peskine449bd832023-01-11 14:50:10 +0100618 mbedtls_printf(" > Write EHLO to server:");
619 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000620
Gilles Peskine449bd832023-01-11 14:50:10 +0100621 gethostname(hostname, 32);
622 len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
623 ret = write_ssl_and_get_response(&ssl, buf, len);
624 if (ret < 200 || ret > 299) {
625 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
626 goto exit;
627 }
628 } else {
629 mbedtls_printf(" > Get header from server:");
630 fflush(stdout);
631
632 ret = write_and_get_response(&server_fd, buf, 0);
633 if (ret < 200 || ret > 299) {
634 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000635 goto exit;
636 }
637
Gilles Peskine449bd832023-01-11 14:50:10 +0100638 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000639
Gilles Peskine449bd832023-01-11 14:50:10 +0100640 mbedtls_printf(" > Write EHLO to server:");
641 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000642
Gilles Peskine449bd832023-01-11 14:50:10 +0100643 gethostname(hostname, 32);
644 len = sprintf((char *) buf, "EHLO %s\r\n", hostname);
645 ret = write_and_get_response(&server_fd, buf, len);
646 if (ret < 200 || ret > 299) {
647 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000648 goto exit;
649 }
650
Gilles Peskine449bd832023-01-11 14:50:10 +0100651 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000652
Gilles Peskine449bd832023-01-11 14:50:10 +0100653 mbedtls_printf(" > Write STARTTLS to server:");
654 fflush(stdout);
655
656 gethostname(hostname, 32);
657 len = sprintf((char *) buf, "STARTTLS\r\n");
658 ret = write_and_get_response(&server_fd, buf, len);
659 if (ret < 200 || ret > 299) {
660 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000661 goto exit;
Gilles Peskine449bd832023-01-11 14:50:10 +0100662 }
663
664 mbedtls_printf(" ok\n");
665
666 if (do_handshake(&ssl) != 0) {
667 goto exit;
668 }
Paul Bakker1496d382011-05-23 12:07:29 +0000669 }
670
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200671#if defined(MBEDTLS_BASE64_C)
Gilles Peskine449bd832023-01-11 14:50:10 +0100672 if (opt.authentication) {
673 mbedtls_printf(" > Write AUTH LOGIN to server:");
674 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000675
Gilles Peskine449bd832023-01-11 14:50:10 +0100676 len = sprintf((char *) buf, "AUTH LOGIN\r\n");
677 ret = write_ssl_and_get_response(&ssl, buf, len);
678 if (ret < 200 || ret > 399) {
679 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000680 goto exit;
681 }
682
Gilles Peskine449bd832023-01-11 14:50:10 +0100683 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000684
Gilles Peskine449bd832023-01-11 14:50:10 +0100685 mbedtls_printf(" > Write username to server: %s", opt.user_name);
686 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000687
Gilles Peskine449bd832023-01-11 14:50:10 +0100688 ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name,
689 strlen(opt.user_name));
Alfred Klomp7c034242014-07-14 22:11:13 +0200690
Gilles Peskine449bd832023-01-11 14:50:10 +0100691 if (ret != 0) {
692 mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
Alfred Klomp7c034242014-07-14 22:11:13 +0200693 goto exit;
694 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100695 len = sprintf((char *) buf, "%s\r\n", base);
696 ret = write_ssl_and_get_response(&ssl, buf, len);
697 if (ret < 300 || ret > 399) {
698 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000699 goto exit;
700 }
701
Gilles Peskine449bd832023-01-11 14:50:10 +0100702 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000703
Gilles Peskine449bd832023-01-11 14:50:10 +0100704 mbedtls_printf(" > Write password to server: %s", opt.user_pwd);
705 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000706
Gilles Peskine449bd832023-01-11 14:50:10 +0100707 ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd,
708 strlen(opt.user_pwd));
Alfred Klomp7c034242014-07-14 22:11:13 +0200709
Gilles Peskine449bd832023-01-11 14:50:10 +0100710 if (ret != 0) {
711 mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret);
Alfred Klomp7c034242014-07-14 22:11:13 +0200712 goto exit;
713 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100714 len = sprintf((char *) buf, "%s\r\n", base);
715 ret = write_ssl_and_get_response(&ssl, buf, len);
716 if (ret < 200 || ret > 399) {
717 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000718 goto exit;
719 }
720
Gilles Peskine449bd832023-01-11 14:50:10 +0100721 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000722 }
Paul Bakker5690efc2011-05-26 13:16:06 +0000723#endif
Paul Bakker1496d382011-05-23 12:07:29 +0000724
Gilles Peskine449bd832023-01-11 14:50:10 +0100725 mbedtls_printf(" > Write MAIL FROM to server:");
726 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000727
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400728 len = mbedtls_snprintf((char *) buf, sizeof(buf), "MAIL FROM:<%s>\r\n", opt.mail_from);
Mingjie Shend97b96f2024-03-18 14:30:06 -0400729 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400730 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
731 goto exit;
732 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100733 ret = write_ssl_and_get_response(&ssl, buf, len);
734 if (ret < 200 || ret > 299) {
735 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000736 goto exit;
737 }
738
Gilles Peskine449bd832023-01-11 14:50:10 +0100739 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000740
Gilles Peskine449bd832023-01-11 14:50:10 +0100741 mbedtls_printf(" > Write RCPT TO to server:");
742 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000743
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400744 len = mbedtls_snprintf((char *) buf, sizeof(buf), "RCPT TO:<%s>\r\n", opt.mail_to);
Mingjie Shend97b96f2024-03-18 14:30:06 -0400745 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400746 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
747 goto exit;
748 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100749 ret = write_ssl_and_get_response(&ssl, buf, len);
750 if (ret < 200 || ret > 299) {
751 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000752 goto exit;
753 }
754
Gilles Peskine449bd832023-01-11 14:50:10 +0100755 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000756
Gilles Peskine449bd832023-01-11 14:50:10 +0100757 mbedtls_printf(" > Write DATA to server:");
758 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000759
Gilles Peskine449bd832023-01-11 14:50:10 +0100760 len = sprintf((char *) buf, "DATA\r\n");
761 ret = write_ssl_and_get_response(&ssl, buf, len);
762 if (ret < 300 || ret > 399) {
763 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000764 goto exit;
765 }
766
Gilles Peskine449bd832023-01-11 14:50:10 +0100767 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000768
Gilles Peskine449bd832023-01-11 14:50:10 +0100769 mbedtls_printf(" > Write content to server:");
770 fflush(stdout);
Paul Bakker1496d382011-05-23 12:07:29 +0000771
Mingjie Shen0fc20cd2024-03-12 16:00:28 -0400772 len = mbedtls_snprintf((char *) buf, sizeof(buf),
Mingjie Shend97b96f2024-03-18 14:30:06 -0400773 "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n"
774 "This is a simple test mail from the "
775 "Mbed TLS mail client example.\r\n"
776 "\r\n"
777 "Enjoy!", opt.mail_from);
778 if (len < 0 || (size_t) len >= sizeof(buf)) {
Mingjie Shen8e35d962024-03-12 16:23:41 -0400779 mbedtls_printf(" failed\n ! mbedtls_snprintf encountered error or truncated output\n\n");
780 goto exit;
781 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100782 ret = write_ssl_data(&ssl, buf, len);
Paul Bakker1496d382011-05-23 12:07:29 +0000783
Gilles Peskine449bd832023-01-11 14:50:10 +0100784 len = sprintf((char *) buf, "\r\n.\r\n");
785 ret = write_ssl_and_get_response(&ssl, buf, len);
786 if (ret < 200 || ret > 299) {
787 mbedtls_printf(" failed\n ! server responded with %d\n\n", ret);
Paul Bakker1496d382011-05-23 12:07:29 +0000788 goto exit;
789 }
790
Gilles Peskine449bd832023-01-11 14:50:10 +0100791 mbedtls_printf(" ok\n");
Paul Bakker1496d382011-05-23 12:07:29 +0000792
Gilles Peskine449bd832023-01-11 14:50:10 +0100793 mbedtls_ssl_close_notify(&ssl);
Paul Bakker1496d382011-05-23 12:07:29 +0000794
Andres Amaya Garcia67a42ac2018-04-29 21:04:29 +0100795 exit_code = MBEDTLS_EXIT_SUCCESS;
796
Paul Bakker1496d382011-05-23 12:07:29 +0000797exit:
798
Gilles Peskine449bd832023-01-11 14:50:10 +0100799 mbedtls_net_free(&server_fd);
800 mbedtls_x509_crt_free(&clicert);
801 mbedtls_x509_crt_free(&cacert);
802 mbedtls_pk_free(&pkey);
803 mbedtls_ssl_free(&ssl);
804 mbedtls_ssl_config_free(&conf);
805 mbedtls_ctr_drbg_free(&ctr_drbg);
806 mbedtls_entropy_free(&entropy);
Przemek Stekiela8c560a2023-04-19 10:15:26 +0200807 mbedtls_psa_crypto_free();
Paul Bakker1496d382011-05-23 12:07:29 +0000808
Gilles Peskine449bd832023-01-11 14:50:10 +0100809 mbedtls_exit(exit_code);
Paul Bakker1496d382011-05-23 12:07:29 +0000810}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200811#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
812 MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C **
813 MBEDTLS_CTR_DRBG_C */