1a8e1175bSopenharmony_ci/* 2a8e1175bSopenharmony_ci * Simple DTLS server demonstration program 3a8e1175bSopenharmony_ci * 4a8e1175bSopenharmony_ci * Copyright The Mbed TLS Contributors 5a8e1175bSopenharmony_ci * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 6a8e1175bSopenharmony_ci */ 7a8e1175bSopenharmony_ci 8a8e1175bSopenharmony_ci#include "mbedtls/build_info.h" 9a8e1175bSopenharmony_ci 10a8e1175bSopenharmony_ci#include "mbedtls/platform.h" 11a8e1175bSopenharmony_ci 12a8e1175bSopenharmony_ci/* Uncomment out the following line to default to IPv4 and disable IPv6 */ 13a8e1175bSopenharmony_ci//#define FORCE_IPV4 14a8e1175bSopenharmony_ci 15a8e1175bSopenharmony_ci#ifdef FORCE_IPV4 16a8e1175bSopenharmony_ci#define BIND_IP "0.0.0.0" /* Forces IPv4 */ 17a8e1175bSopenharmony_ci#else 18a8e1175bSopenharmony_ci#define BIND_IP "::" 19a8e1175bSopenharmony_ci#endif 20a8e1175bSopenharmony_ci 21a8e1175bSopenharmony_ci#if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ 22a8e1175bSopenharmony_ci !defined(MBEDTLS_SSL_COOKIE_C) || !defined(MBEDTLS_NET_C) || \ 23a8e1175bSopenharmony_ci !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ 24a8e1175bSopenharmony_ci !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ 25a8e1175bSopenharmony_ci !defined(MBEDTLS_PEM_PARSE_C) || !defined(MBEDTLS_TIMING_C) 26a8e1175bSopenharmony_ci 27a8e1175bSopenharmony_ciint main(void) 28a8e1175bSopenharmony_ci{ 29a8e1175bSopenharmony_ci printf("MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " 30a8e1175bSopenharmony_ci "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " 31a8e1175bSopenharmony_ci "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " 32a8e1175bSopenharmony_ci "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " 33a8e1175bSopenharmony_ci "MBEDTLS_PEM_PARSE_C and/or MBEDTLS_TIMING_C not defined.\n"); 34a8e1175bSopenharmony_ci mbedtls_exit(0); 35a8e1175bSopenharmony_ci} 36a8e1175bSopenharmony_ci#else 37a8e1175bSopenharmony_ci 38a8e1175bSopenharmony_ci#if defined(_WIN32) 39a8e1175bSopenharmony_ci#include <windows.h> 40a8e1175bSopenharmony_ci#endif 41a8e1175bSopenharmony_ci 42a8e1175bSopenharmony_ci#include <string.h> 43a8e1175bSopenharmony_ci#include <stdlib.h> 44a8e1175bSopenharmony_ci#include <stdio.h> 45a8e1175bSopenharmony_ci 46a8e1175bSopenharmony_ci#include "mbedtls/entropy.h" 47a8e1175bSopenharmony_ci#include "mbedtls/ctr_drbg.h" 48a8e1175bSopenharmony_ci#include "mbedtls/x509.h" 49a8e1175bSopenharmony_ci#include "mbedtls/ssl.h" 50a8e1175bSopenharmony_ci#include "mbedtls/ssl_cookie.h" 51a8e1175bSopenharmony_ci#include "mbedtls/net_sockets.h" 52a8e1175bSopenharmony_ci#include "mbedtls/error.h" 53a8e1175bSopenharmony_ci#include "mbedtls/debug.h" 54a8e1175bSopenharmony_ci#include "mbedtls/timing.h" 55a8e1175bSopenharmony_ci 56a8e1175bSopenharmony_ci#include "test/certs.h" 57a8e1175bSopenharmony_ci 58a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 59a8e1175bSopenharmony_ci#include "mbedtls/ssl_cache.h" 60a8e1175bSopenharmony_ci#endif 61a8e1175bSopenharmony_ci 62a8e1175bSopenharmony_ci#define READ_TIMEOUT_MS 10000 /* 10 seconds */ 63a8e1175bSopenharmony_ci#define DEBUG_LEVEL 0 64a8e1175bSopenharmony_ci 65a8e1175bSopenharmony_ci 66a8e1175bSopenharmony_cistatic void my_debug(void *ctx, int level, 67a8e1175bSopenharmony_ci const char *file, int line, 68a8e1175bSopenharmony_ci const char *str) 69a8e1175bSopenharmony_ci{ 70a8e1175bSopenharmony_ci ((void) level); 71a8e1175bSopenharmony_ci 72a8e1175bSopenharmony_ci mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); 73a8e1175bSopenharmony_ci fflush((FILE *) ctx); 74a8e1175bSopenharmony_ci} 75a8e1175bSopenharmony_ci 76a8e1175bSopenharmony_ciint main(void) 77a8e1175bSopenharmony_ci{ 78a8e1175bSopenharmony_ci int ret, len; 79a8e1175bSopenharmony_ci mbedtls_net_context listen_fd, client_fd; 80a8e1175bSopenharmony_ci unsigned char buf[1024]; 81a8e1175bSopenharmony_ci const char *pers = "dtls_server"; 82a8e1175bSopenharmony_ci unsigned char client_ip[16] = { 0 }; 83a8e1175bSopenharmony_ci size_t cliip_len; 84a8e1175bSopenharmony_ci mbedtls_ssl_cookie_ctx cookie_ctx; 85a8e1175bSopenharmony_ci 86a8e1175bSopenharmony_ci mbedtls_entropy_context entropy; 87a8e1175bSopenharmony_ci mbedtls_ctr_drbg_context ctr_drbg; 88a8e1175bSopenharmony_ci mbedtls_ssl_context ssl; 89a8e1175bSopenharmony_ci mbedtls_ssl_config conf; 90a8e1175bSopenharmony_ci mbedtls_x509_crt srvcert; 91a8e1175bSopenharmony_ci mbedtls_pk_context pkey; 92a8e1175bSopenharmony_ci mbedtls_timing_delay_context timer; 93a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 94a8e1175bSopenharmony_ci mbedtls_ssl_cache_context cache; 95a8e1175bSopenharmony_ci#endif 96a8e1175bSopenharmony_ci 97a8e1175bSopenharmony_ci mbedtls_net_init(&listen_fd); 98a8e1175bSopenharmony_ci mbedtls_net_init(&client_fd); 99a8e1175bSopenharmony_ci mbedtls_ssl_init(&ssl); 100a8e1175bSopenharmony_ci mbedtls_ssl_config_init(&conf); 101a8e1175bSopenharmony_ci mbedtls_ssl_cookie_init(&cookie_ctx); 102a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 103a8e1175bSopenharmony_ci mbedtls_ssl_cache_init(&cache); 104a8e1175bSopenharmony_ci#endif 105a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&srvcert); 106a8e1175bSopenharmony_ci mbedtls_pk_init(&pkey); 107a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 108a8e1175bSopenharmony_ci mbedtls_ctr_drbg_init(&ctr_drbg); 109a8e1175bSopenharmony_ci 110a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO) 111a8e1175bSopenharmony_ci psa_status_t status = psa_crypto_init(); 112a8e1175bSopenharmony_ci if (status != PSA_SUCCESS) { 113a8e1175bSopenharmony_ci mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", 114a8e1175bSopenharmony_ci (int) status); 115a8e1175bSopenharmony_ci ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; 116a8e1175bSopenharmony_ci goto exit; 117a8e1175bSopenharmony_ci } 118a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */ 119a8e1175bSopenharmony_ci 120a8e1175bSopenharmony_ci#if defined(MBEDTLS_DEBUG_C) 121a8e1175bSopenharmony_ci mbedtls_debug_set_threshold(DEBUG_LEVEL); 122a8e1175bSopenharmony_ci#endif 123a8e1175bSopenharmony_ci 124a8e1175bSopenharmony_ci /* 125a8e1175bSopenharmony_ci * 1. Seed the RNG 126a8e1175bSopenharmony_ci */ 127a8e1175bSopenharmony_ci printf(" . Seeding the random number generator..."); 128a8e1175bSopenharmony_ci fflush(stdout); 129a8e1175bSopenharmony_ci 130a8e1175bSopenharmony_ci if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, 131a8e1175bSopenharmony_ci (const unsigned char *) pers, 132a8e1175bSopenharmony_ci strlen(pers))) != 0) { 133a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); 134a8e1175bSopenharmony_ci goto exit; 135a8e1175bSopenharmony_ci } 136a8e1175bSopenharmony_ci 137a8e1175bSopenharmony_ci printf(" ok\n"); 138a8e1175bSopenharmony_ci 139a8e1175bSopenharmony_ci /* 140a8e1175bSopenharmony_ci * 2. Load the certificates and private RSA key 141a8e1175bSopenharmony_ci */ 142a8e1175bSopenharmony_ci printf("\n . Loading the server cert. and key..."); 143a8e1175bSopenharmony_ci fflush(stdout); 144a8e1175bSopenharmony_ci 145a8e1175bSopenharmony_ci /* 146a8e1175bSopenharmony_ci * This demonstration program uses embedded test certificates. 147a8e1175bSopenharmony_ci * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the 148a8e1175bSopenharmony_ci * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). 149a8e1175bSopenharmony_ci */ 150a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, 151a8e1175bSopenharmony_ci mbedtls_test_srv_crt_len); 152a8e1175bSopenharmony_ci if (ret != 0) { 153a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); 154a8e1175bSopenharmony_ci goto exit; 155a8e1175bSopenharmony_ci } 156a8e1175bSopenharmony_ci 157a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, 158a8e1175bSopenharmony_ci mbedtls_test_cas_pem_len); 159a8e1175bSopenharmony_ci if (ret != 0) { 160a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); 161a8e1175bSopenharmony_ci goto exit; 162a8e1175bSopenharmony_ci } 163a8e1175bSopenharmony_ci 164a8e1175bSopenharmony_ci ret = mbedtls_pk_parse_key(&pkey, 165a8e1175bSopenharmony_ci (const unsigned char *) mbedtls_test_srv_key, 166a8e1175bSopenharmony_ci mbedtls_test_srv_key_len, 167a8e1175bSopenharmony_ci NULL, 168a8e1175bSopenharmony_ci 0, 169a8e1175bSopenharmony_ci mbedtls_ctr_drbg_random, 170a8e1175bSopenharmony_ci &ctr_drbg); 171a8e1175bSopenharmony_ci if (ret != 0) { 172a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); 173a8e1175bSopenharmony_ci goto exit; 174a8e1175bSopenharmony_ci } 175a8e1175bSopenharmony_ci 176a8e1175bSopenharmony_ci printf(" ok\n"); 177a8e1175bSopenharmony_ci 178a8e1175bSopenharmony_ci /* 179a8e1175bSopenharmony_ci * 3. Setup the "listening" UDP socket 180a8e1175bSopenharmony_ci */ 181a8e1175bSopenharmony_ci printf(" . Bind on udp/*/4433 ..."); 182a8e1175bSopenharmony_ci fflush(stdout); 183a8e1175bSopenharmony_ci 184a8e1175bSopenharmony_ci if ((ret = mbedtls_net_bind(&listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP)) != 0) { 185a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); 186a8e1175bSopenharmony_ci goto exit; 187a8e1175bSopenharmony_ci } 188a8e1175bSopenharmony_ci 189a8e1175bSopenharmony_ci printf(" ok\n"); 190a8e1175bSopenharmony_ci 191a8e1175bSopenharmony_ci /* 192a8e1175bSopenharmony_ci * 4. Setup stuff 193a8e1175bSopenharmony_ci */ 194a8e1175bSopenharmony_ci printf(" . Setting up the DTLS data..."); 195a8e1175bSopenharmony_ci fflush(stdout); 196a8e1175bSopenharmony_ci 197a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_config_defaults(&conf, 198a8e1175bSopenharmony_ci MBEDTLS_SSL_IS_SERVER, 199a8e1175bSopenharmony_ci MBEDTLS_SSL_TRANSPORT_DATAGRAM, 200a8e1175bSopenharmony_ci MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { 201a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); 202a8e1175bSopenharmony_ci goto exit; 203a8e1175bSopenharmony_ci } 204a8e1175bSopenharmony_ci 205a8e1175bSopenharmony_ci mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); 206a8e1175bSopenharmony_ci mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); 207a8e1175bSopenharmony_ci mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS); 208a8e1175bSopenharmony_ci 209a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 210a8e1175bSopenharmony_ci mbedtls_ssl_conf_session_cache(&conf, &cache, 211a8e1175bSopenharmony_ci mbedtls_ssl_cache_get, 212a8e1175bSopenharmony_ci mbedtls_ssl_cache_set); 213a8e1175bSopenharmony_ci#endif 214a8e1175bSopenharmony_ci 215a8e1175bSopenharmony_ci mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); 216a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { 217a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); 218a8e1175bSopenharmony_ci goto exit; 219a8e1175bSopenharmony_ci } 220a8e1175bSopenharmony_ci 221a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, 222a8e1175bSopenharmony_ci mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { 223a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret); 224a8e1175bSopenharmony_ci goto exit; 225a8e1175bSopenharmony_ci } 226a8e1175bSopenharmony_ci 227a8e1175bSopenharmony_ci mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, 228a8e1175bSopenharmony_ci &cookie_ctx); 229a8e1175bSopenharmony_ci 230a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { 231a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); 232a8e1175bSopenharmony_ci goto exit; 233a8e1175bSopenharmony_ci } 234a8e1175bSopenharmony_ci 235a8e1175bSopenharmony_ci mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, 236a8e1175bSopenharmony_ci mbedtls_timing_get_delay); 237a8e1175bSopenharmony_ci 238a8e1175bSopenharmony_ci printf(" ok\n"); 239a8e1175bSopenharmony_ci 240a8e1175bSopenharmony_cireset: 241a8e1175bSopenharmony_ci#ifdef MBEDTLS_ERROR_C 242a8e1175bSopenharmony_ci if (ret != 0) { 243a8e1175bSopenharmony_ci char error_buf[100]; 244a8e1175bSopenharmony_ci mbedtls_strerror(ret, error_buf, 100); 245a8e1175bSopenharmony_ci printf("Last error was: %d - %s\n\n", ret, error_buf); 246a8e1175bSopenharmony_ci } 247a8e1175bSopenharmony_ci#endif 248a8e1175bSopenharmony_ci 249a8e1175bSopenharmony_ci mbedtls_net_free(&client_fd); 250a8e1175bSopenharmony_ci 251a8e1175bSopenharmony_ci mbedtls_ssl_session_reset(&ssl); 252a8e1175bSopenharmony_ci 253a8e1175bSopenharmony_ci /* 254a8e1175bSopenharmony_ci * 5. Wait until a client connects 255a8e1175bSopenharmony_ci */ 256a8e1175bSopenharmony_ci printf(" . Waiting for a remote connection ..."); 257a8e1175bSopenharmony_ci fflush(stdout); 258a8e1175bSopenharmony_ci 259a8e1175bSopenharmony_ci if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, 260a8e1175bSopenharmony_ci client_ip, sizeof(client_ip), &cliip_len)) != 0) { 261a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); 262a8e1175bSopenharmony_ci goto exit; 263a8e1175bSopenharmony_ci } 264a8e1175bSopenharmony_ci 265a8e1175bSopenharmony_ci /* For HelloVerifyRequest cookies */ 266a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, 267a8e1175bSopenharmony_ci client_ip, cliip_len)) != 0) { 268a8e1175bSopenharmony_ci printf(" failed\n ! " 269a8e1175bSopenharmony_ci "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret); 270a8e1175bSopenharmony_ci goto exit; 271a8e1175bSopenharmony_ci } 272a8e1175bSopenharmony_ci 273a8e1175bSopenharmony_ci mbedtls_ssl_set_bio(&ssl, &client_fd, 274a8e1175bSopenharmony_ci mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout); 275a8e1175bSopenharmony_ci 276a8e1175bSopenharmony_ci printf(" ok\n"); 277a8e1175bSopenharmony_ci 278a8e1175bSopenharmony_ci /* 279a8e1175bSopenharmony_ci * 6. Handshake 280a8e1175bSopenharmony_ci */ 281a8e1175bSopenharmony_ci printf(" . Performing the DTLS handshake..."); 282a8e1175bSopenharmony_ci fflush(stdout); 283a8e1175bSopenharmony_ci 284a8e1175bSopenharmony_ci do { 285a8e1175bSopenharmony_ci ret = mbedtls_ssl_handshake(&ssl); 286a8e1175bSopenharmony_ci } while (ret == MBEDTLS_ERR_SSL_WANT_READ || 287a8e1175bSopenharmony_ci ret == MBEDTLS_ERR_SSL_WANT_WRITE); 288a8e1175bSopenharmony_ci 289a8e1175bSopenharmony_ci if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { 290a8e1175bSopenharmony_ci printf(" hello verification requested\n"); 291a8e1175bSopenharmony_ci ret = 0; 292a8e1175bSopenharmony_ci goto reset; 293a8e1175bSopenharmony_ci } else if (ret != 0) { 294a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret); 295a8e1175bSopenharmony_ci goto reset; 296a8e1175bSopenharmony_ci } 297a8e1175bSopenharmony_ci 298a8e1175bSopenharmony_ci printf(" ok\n"); 299a8e1175bSopenharmony_ci 300a8e1175bSopenharmony_ci /* 301a8e1175bSopenharmony_ci * 7. Read the echo Request 302a8e1175bSopenharmony_ci */ 303a8e1175bSopenharmony_ci printf(" < Read from client:"); 304a8e1175bSopenharmony_ci fflush(stdout); 305a8e1175bSopenharmony_ci 306a8e1175bSopenharmony_ci len = sizeof(buf) - 1; 307a8e1175bSopenharmony_ci memset(buf, 0, sizeof(buf)); 308a8e1175bSopenharmony_ci 309a8e1175bSopenharmony_ci do { 310a8e1175bSopenharmony_ci ret = mbedtls_ssl_read(&ssl, buf, len); 311a8e1175bSopenharmony_ci } while (ret == MBEDTLS_ERR_SSL_WANT_READ || 312a8e1175bSopenharmony_ci ret == MBEDTLS_ERR_SSL_WANT_WRITE); 313a8e1175bSopenharmony_ci 314a8e1175bSopenharmony_ci if (ret <= 0) { 315a8e1175bSopenharmony_ci switch (ret) { 316a8e1175bSopenharmony_ci case MBEDTLS_ERR_SSL_TIMEOUT: 317a8e1175bSopenharmony_ci printf(" timeout\n\n"); 318a8e1175bSopenharmony_ci goto reset; 319a8e1175bSopenharmony_ci 320a8e1175bSopenharmony_ci case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: 321a8e1175bSopenharmony_ci printf(" connection was closed gracefully\n"); 322a8e1175bSopenharmony_ci goto close_notify; 323a8e1175bSopenharmony_ci 324a8e1175bSopenharmony_ci default: 325a8e1175bSopenharmony_ci printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret); 326a8e1175bSopenharmony_ci goto reset; 327a8e1175bSopenharmony_ci } 328a8e1175bSopenharmony_ci } 329a8e1175bSopenharmony_ci 330a8e1175bSopenharmony_ci len = ret; 331a8e1175bSopenharmony_ci printf(" %d bytes read\n\n%s\n\n", len, buf); 332a8e1175bSopenharmony_ci 333a8e1175bSopenharmony_ci /* 334a8e1175bSopenharmony_ci * 8. Write the 200 Response 335a8e1175bSopenharmony_ci */ 336a8e1175bSopenharmony_ci printf(" > Write to client:"); 337a8e1175bSopenharmony_ci fflush(stdout); 338a8e1175bSopenharmony_ci 339a8e1175bSopenharmony_ci do { 340a8e1175bSopenharmony_ci ret = mbedtls_ssl_write(&ssl, buf, len); 341a8e1175bSopenharmony_ci } while (ret == MBEDTLS_ERR_SSL_WANT_READ || 342a8e1175bSopenharmony_ci ret == MBEDTLS_ERR_SSL_WANT_WRITE); 343a8e1175bSopenharmony_ci 344a8e1175bSopenharmony_ci if (ret < 0) { 345a8e1175bSopenharmony_ci printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); 346a8e1175bSopenharmony_ci goto exit; 347a8e1175bSopenharmony_ci } 348a8e1175bSopenharmony_ci 349a8e1175bSopenharmony_ci len = ret; 350a8e1175bSopenharmony_ci printf(" %d bytes written\n\n%s\n\n", len, buf); 351a8e1175bSopenharmony_ci 352a8e1175bSopenharmony_ci /* 353a8e1175bSopenharmony_ci * 9. Done, cleanly close the connection 354a8e1175bSopenharmony_ci */ 355a8e1175bSopenharmony_ciclose_notify: 356a8e1175bSopenharmony_ci printf(" . Closing the connection..."); 357a8e1175bSopenharmony_ci 358a8e1175bSopenharmony_ci /* No error checking, the connection might be closed already */ 359a8e1175bSopenharmony_ci do { 360a8e1175bSopenharmony_ci ret = mbedtls_ssl_close_notify(&ssl); 361a8e1175bSopenharmony_ci } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); 362a8e1175bSopenharmony_ci ret = 0; 363a8e1175bSopenharmony_ci 364a8e1175bSopenharmony_ci printf(" done\n"); 365a8e1175bSopenharmony_ci 366a8e1175bSopenharmony_ci goto reset; 367a8e1175bSopenharmony_ci 368a8e1175bSopenharmony_ci /* 369a8e1175bSopenharmony_ci * Final clean-ups and exit 370a8e1175bSopenharmony_ci */ 371a8e1175bSopenharmony_ciexit: 372a8e1175bSopenharmony_ci 373a8e1175bSopenharmony_ci#ifdef MBEDTLS_ERROR_C 374a8e1175bSopenharmony_ci if (ret != 0) { 375a8e1175bSopenharmony_ci char error_buf[100]; 376a8e1175bSopenharmony_ci mbedtls_strerror(ret, error_buf, 100); 377a8e1175bSopenharmony_ci printf("Last error was: %d - %s\n\n", ret, error_buf); 378a8e1175bSopenharmony_ci } 379a8e1175bSopenharmony_ci#endif 380a8e1175bSopenharmony_ci 381a8e1175bSopenharmony_ci mbedtls_net_free(&client_fd); 382a8e1175bSopenharmony_ci mbedtls_net_free(&listen_fd); 383a8e1175bSopenharmony_ci 384a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&srvcert); 385a8e1175bSopenharmony_ci mbedtls_pk_free(&pkey); 386a8e1175bSopenharmony_ci mbedtls_ssl_free(&ssl); 387a8e1175bSopenharmony_ci mbedtls_ssl_config_free(&conf); 388a8e1175bSopenharmony_ci mbedtls_ssl_cookie_free(&cookie_ctx); 389a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 390a8e1175bSopenharmony_ci mbedtls_ssl_cache_free(&cache); 391a8e1175bSopenharmony_ci#endif 392a8e1175bSopenharmony_ci mbedtls_ctr_drbg_free(&ctr_drbg); 393a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 394a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO) 395a8e1175bSopenharmony_ci mbedtls_psa_crypto_free(); 396a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */ 397a8e1175bSopenharmony_ci 398a8e1175bSopenharmony_ci /* Shell can not handle large exit numbers -> 1 for errors */ 399a8e1175bSopenharmony_ci if (ret < 0) { 400a8e1175bSopenharmony_ci ret = 1; 401a8e1175bSopenharmony_ci } 402a8e1175bSopenharmony_ci 403a8e1175bSopenharmony_ci mbedtls_exit(ret); 404a8e1175bSopenharmony_ci} 405a8e1175bSopenharmony_ci#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && 406a8e1175bSopenharmony_ci MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && 407a8e1175bSopenharmony_ci MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C 408a8e1175bSopenharmony_ci && MBEDTLS_PEM_PARSE_C && MBEDTLS_TIMING_C */ 409