mini_client.c (9946B)
1 /* 2 * Minimal SSL client, used for memory measurements. 3 * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) 4 * 5 * Copyright The Mbed TLS Contributors 6 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7 */ 8 9 #include "mbedtls/build_info.h" 10 11 #include "mbedtls/platform.h" 12 13 /* 14 * We're creating and connecting the socket "manually" rather than using the 15 * NET module, in order to avoid the overhead of getaddrinfo() which tends to 16 * dominate memory usage in small configurations. For the sake of simplicity, 17 * only a Unix version is implemented. 18 * 19 * Warning: we are breaking some of the abstractions from the NET layer here. 20 * This is not a good example for general use. This programs has the specific 21 * goal of minimizing use of the libc functions on full-blown OSes. 22 */ 23 #if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__) 24 #define UNIX 25 #endif 26 27 #if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ 28 !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ 29 !defined(UNIX) 30 31 int main(void) 32 { 33 mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " 34 "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " 35 "not defined.\n"); 36 mbedtls_exit(0); 37 } 38 #else 39 40 #include <string.h> 41 42 #include "mbedtls/net_sockets.h" 43 #include "mbedtls/ssl.h" 44 #include "mbedtls/entropy.h" 45 #include "mbedtls/ctr_drbg.h" 46 47 #include <sys/socket.h> 48 #include <netinet/in.h> 49 #include <arpa/inet.h> 50 51 /* 52 * Hardcoded values for server host and port 53 */ 54 #define PORT_BE 0x1151 /* 4433 */ 55 #define PORT_LE 0x5111 56 #define ADDR_BE 0x7f000001 /* 127.0.0.1 */ 57 #define ADDR_LE 0x0100007f 58 #define HOSTNAME "localhost" /* for cert verification if enabled */ 59 60 #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" 61 62 const char *pers = "mini_client"; 63 64 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) 65 const unsigned char psk[] = { 66 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 67 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 68 }; 69 const char psk_id[] = "Client_identity"; 70 #endif 71 72 #if defined(MBEDTLS_X509_CRT_PARSE_C) 73 /* This is framework/data_files/test-ca2.crt, a CA using EC secp384r1 */ 74 const unsigned char ca_cert[] = { 75 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, 76 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 77 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 78 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 79 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 80 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 81 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 82 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 83 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39, 84 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32, 85 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 86 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 87 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 88 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 89 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 90 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 91 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 92 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 93 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 94 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 95 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 96 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 97 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 98 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 99 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 100 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 101 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d, 102 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20, 103 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 104 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, 105 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, 106 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 107 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 108 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 109 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 110 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 111 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 112 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, 113 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06, 114 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 115 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 116 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56, 117 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8, 118 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a, 119 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67, 120 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67, 121 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6, 122 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f, 123 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, 124 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, 125 }; 126 #endif /* MBEDTLS_X509_CRT_PARSE_C */ 127 128 enum exit_codes { 129 exit_ok = 0, 130 ctr_drbg_seed_failed, 131 ssl_config_defaults_failed, 132 ssl_setup_failed, 133 hostname_failed, 134 socket_failed, 135 connect_failed, 136 x509_crt_parse_failed, 137 ssl_handshake_failed, 138 ssl_write_failed, 139 }; 140 141 142 int main(void) 143 { 144 int ret = exit_ok; 145 mbedtls_net_context server_fd; 146 struct sockaddr_in addr; 147 #if defined(MBEDTLS_X509_CRT_PARSE_C) 148 mbedtls_x509_crt ca; 149 #endif 150 151 mbedtls_entropy_context entropy; 152 mbedtls_ctr_drbg_context ctr_drbg; 153 mbedtls_ssl_context ssl; 154 mbedtls_ssl_config conf; 155 mbedtls_ctr_drbg_init(&ctr_drbg); 156 157 /* 158 * 0. Initialize and setup stuff 159 */ 160 mbedtls_net_init(&server_fd); 161 mbedtls_ssl_init(&ssl); 162 mbedtls_ssl_config_init(&conf); 163 #if defined(MBEDTLS_X509_CRT_PARSE_C) 164 mbedtls_x509_crt_init(&ca); 165 #endif 166 mbedtls_entropy_init(&entropy); 167 168 #if defined(MBEDTLS_USE_PSA_CRYPTO) 169 psa_status_t status = psa_crypto_init(); 170 if (status != PSA_SUCCESS) { 171 ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; 172 goto exit; 173 } 174 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 175 176 if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, 177 (const unsigned char *) pers, strlen(pers)) != 0) { 178 ret = ctr_drbg_seed_failed; 179 goto exit; 180 } 181 182 if (mbedtls_ssl_config_defaults(&conf, 183 MBEDTLS_SSL_IS_CLIENT, 184 MBEDTLS_SSL_TRANSPORT_STREAM, 185 MBEDTLS_SSL_PRESET_DEFAULT) != 0) { 186 ret = ssl_config_defaults_failed; 187 goto exit; 188 } 189 190 mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); 191 192 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) 193 mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), 194 (const unsigned char *) psk_id, sizeof(psk_id) - 1); 195 #endif 196 197 #if defined(MBEDTLS_X509_CRT_PARSE_C) 198 if (mbedtls_x509_crt_parse_der(&ca, ca_cert, sizeof(ca_cert)) != 0) { 199 ret = x509_crt_parse_failed; 200 goto exit; 201 } 202 203 mbedtls_ssl_conf_ca_chain(&conf, &ca, NULL); 204 mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); 205 #endif 206 207 if (mbedtls_ssl_setup(&ssl, &conf) != 0) { 208 ret = ssl_setup_failed; 209 goto exit; 210 } 211 212 #if defined(MBEDTLS_X509_CRT_PARSE_C) 213 if (mbedtls_ssl_set_hostname(&ssl, HOSTNAME) != 0) { 214 ret = hostname_failed; 215 goto exit; 216 } 217 #endif 218 219 /* 220 * 1. Start the connection 221 */ 222 memset(&addr, 0, sizeof(addr)); 223 addr.sin_family = AF_INET; 224 225 ret = 1; /* for endianness detection */ 226 addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE; 227 addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; 228 ret = 0; 229 230 if ((server_fd.fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { 231 ret = socket_failed; 232 goto exit; 233 } 234 235 if (connect(server_fd.fd, 236 (const struct sockaddr *) &addr, sizeof(addr)) < 0) { 237 ret = connect_failed; 238 goto exit; 239 } 240 241 mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); 242 243 if (mbedtls_ssl_handshake(&ssl) != 0) { 244 ret = ssl_handshake_failed; 245 goto exit; 246 } 247 248 /* 249 * 2. Write the GET request and close the connection 250 */ 251 if (mbedtls_ssl_write(&ssl, (const unsigned char *) GET_REQUEST, 252 sizeof(GET_REQUEST) - 1) <= 0) { 253 ret = ssl_write_failed; 254 goto exit; 255 } 256 257 mbedtls_ssl_close_notify(&ssl); 258 259 exit: 260 mbedtls_net_free(&server_fd); 261 mbedtls_ssl_free(&ssl); 262 mbedtls_ssl_config_free(&conf); 263 mbedtls_ctr_drbg_free(&ctr_drbg); 264 mbedtls_entropy_free(&entropy); 265 #if defined(MBEDTLS_X509_CRT_PARSE_C) 266 mbedtls_x509_crt_free(&ca); 267 #endif 268 #if defined(MBEDTLS_USE_PSA_CRYPTO) 269 mbedtls_psa_crypto_free(); 270 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 271 272 mbedtls_exit(ret); 273 } 274 #endif