1a8e1175bSopenharmony_ci/* 2a8e1175bSopenharmony_ci * SSL server demonstration program 3a8e1175bSopenharmony_ci * 4a8e1175bSopenharmony_ci * Copyright The Mbed TLS Contributors 5a8e1175bSopenharmony_ci * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 6a8e1175bSopenharmony_ci */ 7a8e1175bSopenharmony_ci 8a8e1175bSopenharmony_ci#include "mbedtls/build_info.h" 9a8e1175bSopenharmony_ci 10a8e1175bSopenharmony_ci#include "mbedtls/platform.h" 11a8e1175bSopenharmony_ci 12a8e1175bSopenharmony_ci#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ 13a8e1175bSopenharmony_ci !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ 14a8e1175bSopenharmony_ci !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_NET_C) || \ 15a8e1175bSopenharmony_ci !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ 16a8e1175bSopenharmony_ci !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) 17a8e1175bSopenharmony_ciint main(void) 18a8e1175bSopenharmony_ci{ 19a8e1175bSopenharmony_ci mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C " 20a8e1175bSopenharmony_ci "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " 21a8e1175bSopenharmony_ci "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " 22a8e1175bSopenharmony_ci "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " 23a8e1175bSopenharmony_ci "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); 24a8e1175bSopenharmony_ci mbedtls_exit(0); 25a8e1175bSopenharmony_ci} 26a8e1175bSopenharmony_ci#else 27a8e1175bSopenharmony_ci 28a8e1175bSopenharmony_ci#include <stdlib.h> 29a8e1175bSopenharmony_ci#include <string.h> 30a8e1175bSopenharmony_ci 31a8e1175bSopenharmony_ci#if defined(_WIN32) 32a8e1175bSopenharmony_ci#include <windows.h> 33a8e1175bSopenharmony_ci#endif 34a8e1175bSopenharmony_ci 35a8e1175bSopenharmony_ci#include "mbedtls/entropy.h" 36a8e1175bSopenharmony_ci#include "mbedtls/ctr_drbg.h" 37a8e1175bSopenharmony_ci#include "mbedtls/x509.h" 38a8e1175bSopenharmony_ci#include "mbedtls/ssl.h" 39a8e1175bSopenharmony_ci#include "mbedtls/net_sockets.h" 40a8e1175bSopenharmony_ci#include "mbedtls/error.h" 41a8e1175bSopenharmony_ci#include "mbedtls/debug.h" 42a8e1175bSopenharmony_ci#include "test/certs.h" 43a8e1175bSopenharmony_ci 44a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 45a8e1175bSopenharmony_ci#include "mbedtls/ssl_cache.h" 46a8e1175bSopenharmony_ci#endif 47a8e1175bSopenharmony_ci 48a8e1175bSopenharmony_ci#define HTTP_RESPONSE \ 49a8e1175bSopenharmony_ci "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ 50a8e1175bSopenharmony_ci "<h2>Mbed TLS Test Server</h2>\r\n" \ 51a8e1175bSopenharmony_ci "<p>Successful connection using: %s</p>\r\n" 52a8e1175bSopenharmony_ci 53a8e1175bSopenharmony_ci#define DEBUG_LEVEL 0 54a8e1175bSopenharmony_ci 55a8e1175bSopenharmony_ci 56a8e1175bSopenharmony_cistatic void my_debug(void *ctx, int level, 57a8e1175bSopenharmony_ci const char *file, int line, 58a8e1175bSopenharmony_ci const char *str) 59a8e1175bSopenharmony_ci{ 60a8e1175bSopenharmony_ci ((void) level); 61a8e1175bSopenharmony_ci 62a8e1175bSopenharmony_ci mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); 63a8e1175bSopenharmony_ci fflush((FILE *) ctx); 64a8e1175bSopenharmony_ci} 65a8e1175bSopenharmony_ci 66a8e1175bSopenharmony_ciint main(void) 67a8e1175bSopenharmony_ci{ 68a8e1175bSopenharmony_ci int ret, len; 69a8e1175bSopenharmony_ci mbedtls_net_context listen_fd, client_fd; 70a8e1175bSopenharmony_ci unsigned char buf[1024]; 71a8e1175bSopenharmony_ci const char *pers = "ssl_server"; 72a8e1175bSopenharmony_ci 73a8e1175bSopenharmony_ci mbedtls_entropy_context entropy; 74a8e1175bSopenharmony_ci mbedtls_ctr_drbg_context ctr_drbg; 75a8e1175bSopenharmony_ci mbedtls_ssl_context ssl; 76a8e1175bSopenharmony_ci mbedtls_ssl_config conf; 77a8e1175bSopenharmony_ci mbedtls_x509_crt srvcert; 78a8e1175bSopenharmony_ci mbedtls_pk_context pkey; 79a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 80a8e1175bSopenharmony_ci mbedtls_ssl_cache_context cache; 81a8e1175bSopenharmony_ci#endif 82a8e1175bSopenharmony_ci 83a8e1175bSopenharmony_ci mbedtls_net_init(&listen_fd); 84a8e1175bSopenharmony_ci mbedtls_net_init(&client_fd); 85a8e1175bSopenharmony_ci mbedtls_ssl_init(&ssl); 86a8e1175bSopenharmony_ci mbedtls_ssl_config_init(&conf); 87a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 88a8e1175bSopenharmony_ci mbedtls_ssl_cache_init(&cache); 89a8e1175bSopenharmony_ci#endif 90a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&srvcert); 91a8e1175bSopenharmony_ci mbedtls_pk_init(&pkey); 92a8e1175bSopenharmony_ci mbedtls_entropy_init(&entropy); 93a8e1175bSopenharmony_ci mbedtls_ctr_drbg_init(&ctr_drbg); 94a8e1175bSopenharmony_ci 95a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO) 96a8e1175bSopenharmony_ci psa_status_t status = psa_crypto_init(); 97a8e1175bSopenharmony_ci if (status != PSA_SUCCESS) { 98a8e1175bSopenharmony_ci mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", 99a8e1175bSopenharmony_ci (int) status); 100a8e1175bSopenharmony_ci ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; 101a8e1175bSopenharmony_ci goto exit; 102a8e1175bSopenharmony_ci } 103a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */ 104a8e1175bSopenharmony_ci 105a8e1175bSopenharmony_ci#if defined(MBEDTLS_DEBUG_C) 106a8e1175bSopenharmony_ci mbedtls_debug_set_threshold(DEBUG_LEVEL); 107a8e1175bSopenharmony_ci#endif 108a8e1175bSopenharmony_ci 109a8e1175bSopenharmony_ci /* 110a8e1175bSopenharmony_ci * 1. Seed the RNG 111a8e1175bSopenharmony_ci */ 112a8e1175bSopenharmony_ci mbedtls_printf(" . Seeding the random number generator..."); 113a8e1175bSopenharmony_ci fflush(stdout); 114a8e1175bSopenharmony_ci 115a8e1175bSopenharmony_ci if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, 116a8e1175bSopenharmony_ci (const unsigned char *) pers, 117a8e1175bSopenharmony_ci strlen(pers))) != 0) { 118a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); 119a8e1175bSopenharmony_ci goto exit; 120a8e1175bSopenharmony_ci } 121a8e1175bSopenharmony_ci 122a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 123a8e1175bSopenharmony_ci 124a8e1175bSopenharmony_ci /* 125a8e1175bSopenharmony_ci * 2. Load the certificates and private RSA key 126a8e1175bSopenharmony_ci */ 127a8e1175bSopenharmony_ci mbedtls_printf("\n . Loading the server cert. and key..."); 128a8e1175bSopenharmony_ci fflush(stdout); 129a8e1175bSopenharmony_ci 130a8e1175bSopenharmony_ci /* 131a8e1175bSopenharmony_ci * This demonstration program uses embedded test certificates. 132a8e1175bSopenharmony_ci * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the 133a8e1175bSopenharmony_ci * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). 134a8e1175bSopenharmony_ci */ 135a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, 136a8e1175bSopenharmony_ci mbedtls_test_srv_crt_len); 137a8e1175bSopenharmony_ci if (ret != 0) { 138a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); 139a8e1175bSopenharmony_ci goto exit; 140a8e1175bSopenharmony_ci } 141a8e1175bSopenharmony_ci 142a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, 143a8e1175bSopenharmony_ci mbedtls_test_cas_pem_len); 144a8e1175bSopenharmony_ci if (ret != 0) { 145a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); 146a8e1175bSopenharmony_ci goto exit; 147a8e1175bSopenharmony_ci } 148a8e1175bSopenharmony_ci 149a8e1175bSopenharmony_ci ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, 150a8e1175bSopenharmony_ci mbedtls_test_srv_key_len, NULL, 0, 151a8e1175bSopenharmony_ci mbedtls_ctr_drbg_random, &ctr_drbg); 152a8e1175bSopenharmony_ci if (ret != 0) { 153a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); 154a8e1175bSopenharmony_ci goto exit; 155a8e1175bSopenharmony_ci } 156a8e1175bSopenharmony_ci 157a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 158a8e1175bSopenharmony_ci 159a8e1175bSopenharmony_ci /* 160a8e1175bSopenharmony_ci * 3. Setup the listening TCP socket 161a8e1175bSopenharmony_ci */ 162a8e1175bSopenharmony_ci mbedtls_printf(" . Bind on https://localhost:4433/ ..."); 163a8e1175bSopenharmony_ci fflush(stdout); 164a8e1175bSopenharmony_ci 165a8e1175bSopenharmony_ci if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { 166a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); 167a8e1175bSopenharmony_ci goto exit; 168a8e1175bSopenharmony_ci } 169a8e1175bSopenharmony_ci 170a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 171a8e1175bSopenharmony_ci 172a8e1175bSopenharmony_ci /* 173a8e1175bSopenharmony_ci * 4. Setup stuff 174a8e1175bSopenharmony_ci */ 175a8e1175bSopenharmony_ci mbedtls_printf(" . Setting up the SSL data...."); 176a8e1175bSopenharmony_ci fflush(stdout); 177a8e1175bSopenharmony_ci 178a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_config_defaults(&conf, 179a8e1175bSopenharmony_ci MBEDTLS_SSL_IS_SERVER, 180a8e1175bSopenharmony_ci MBEDTLS_SSL_TRANSPORT_STREAM, 181a8e1175bSopenharmony_ci MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { 182a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); 183a8e1175bSopenharmony_ci goto exit; 184a8e1175bSopenharmony_ci } 185a8e1175bSopenharmony_ci 186a8e1175bSopenharmony_ci mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); 187a8e1175bSopenharmony_ci mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); 188a8e1175bSopenharmony_ci 189a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 190a8e1175bSopenharmony_ci mbedtls_ssl_conf_session_cache(&conf, &cache, 191a8e1175bSopenharmony_ci mbedtls_ssl_cache_get, 192a8e1175bSopenharmony_ci mbedtls_ssl_cache_set); 193a8e1175bSopenharmony_ci#endif 194a8e1175bSopenharmony_ci 195a8e1175bSopenharmony_ci mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); 196a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { 197a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); 198a8e1175bSopenharmony_ci goto exit; 199a8e1175bSopenharmony_ci } 200a8e1175bSopenharmony_ci 201a8e1175bSopenharmony_ci if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { 202a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); 203a8e1175bSopenharmony_ci goto exit; 204a8e1175bSopenharmony_ci } 205a8e1175bSopenharmony_ci 206a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 207a8e1175bSopenharmony_ci 208a8e1175bSopenharmony_cireset: 209a8e1175bSopenharmony_ci#ifdef MBEDTLS_ERROR_C 210a8e1175bSopenharmony_ci if (ret != 0) { 211a8e1175bSopenharmony_ci char error_buf[100]; 212a8e1175bSopenharmony_ci mbedtls_strerror(ret, error_buf, 100); 213a8e1175bSopenharmony_ci mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); 214a8e1175bSopenharmony_ci } 215a8e1175bSopenharmony_ci#endif 216a8e1175bSopenharmony_ci 217a8e1175bSopenharmony_ci mbedtls_net_free(&client_fd); 218a8e1175bSopenharmony_ci 219a8e1175bSopenharmony_ci mbedtls_ssl_session_reset(&ssl); 220a8e1175bSopenharmony_ci 221a8e1175bSopenharmony_ci /* 222a8e1175bSopenharmony_ci * 3. Wait until a client connects 223a8e1175bSopenharmony_ci */ 224a8e1175bSopenharmony_ci mbedtls_printf(" . Waiting for a remote connection ..."); 225a8e1175bSopenharmony_ci fflush(stdout); 226a8e1175bSopenharmony_ci 227a8e1175bSopenharmony_ci if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, 228a8e1175bSopenharmony_ci NULL, 0, NULL)) != 0) { 229a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); 230a8e1175bSopenharmony_ci goto exit; 231a8e1175bSopenharmony_ci } 232a8e1175bSopenharmony_ci 233a8e1175bSopenharmony_ci mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); 234a8e1175bSopenharmony_ci 235a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 236a8e1175bSopenharmony_ci 237a8e1175bSopenharmony_ci /* 238a8e1175bSopenharmony_ci * 5. Handshake 239a8e1175bSopenharmony_ci */ 240a8e1175bSopenharmony_ci mbedtls_printf(" . Performing the SSL/TLS handshake..."); 241a8e1175bSopenharmony_ci fflush(stdout); 242a8e1175bSopenharmony_ci 243a8e1175bSopenharmony_ci while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { 244a8e1175bSopenharmony_ci if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { 245a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret); 246a8e1175bSopenharmony_ci goto reset; 247a8e1175bSopenharmony_ci } 248a8e1175bSopenharmony_ci } 249a8e1175bSopenharmony_ci 250a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 251a8e1175bSopenharmony_ci 252a8e1175bSopenharmony_ci /* 253a8e1175bSopenharmony_ci * 6. Read the HTTP Request 254a8e1175bSopenharmony_ci */ 255a8e1175bSopenharmony_ci mbedtls_printf(" < Read from client:"); 256a8e1175bSopenharmony_ci fflush(stdout); 257a8e1175bSopenharmony_ci 258a8e1175bSopenharmony_ci do { 259a8e1175bSopenharmony_ci len = sizeof(buf) - 1; 260a8e1175bSopenharmony_ci memset(buf, 0, sizeof(buf)); 261a8e1175bSopenharmony_ci ret = mbedtls_ssl_read(&ssl, buf, len); 262a8e1175bSopenharmony_ci 263a8e1175bSopenharmony_ci if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { 264a8e1175bSopenharmony_ci continue; 265a8e1175bSopenharmony_ci } 266a8e1175bSopenharmony_ci 267a8e1175bSopenharmony_ci if (ret <= 0) { 268a8e1175bSopenharmony_ci switch (ret) { 269a8e1175bSopenharmony_ci case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: 270a8e1175bSopenharmony_ci mbedtls_printf(" connection was closed gracefully\n"); 271a8e1175bSopenharmony_ci break; 272a8e1175bSopenharmony_ci 273a8e1175bSopenharmony_ci case MBEDTLS_ERR_NET_CONN_RESET: 274a8e1175bSopenharmony_ci mbedtls_printf(" connection was reset by peer\n"); 275a8e1175bSopenharmony_ci break; 276a8e1175bSopenharmony_ci 277a8e1175bSopenharmony_ci default: 278a8e1175bSopenharmony_ci mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); 279a8e1175bSopenharmony_ci break; 280a8e1175bSopenharmony_ci } 281a8e1175bSopenharmony_ci 282a8e1175bSopenharmony_ci break; 283a8e1175bSopenharmony_ci } 284a8e1175bSopenharmony_ci 285a8e1175bSopenharmony_ci len = ret; 286a8e1175bSopenharmony_ci mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); 287a8e1175bSopenharmony_ci 288a8e1175bSopenharmony_ci if (ret > 0) { 289a8e1175bSopenharmony_ci break; 290a8e1175bSopenharmony_ci } 291a8e1175bSopenharmony_ci } while (1); 292a8e1175bSopenharmony_ci 293a8e1175bSopenharmony_ci /* 294a8e1175bSopenharmony_ci * 7. Write the 200 Response 295a8e1175bSopenharmony_ci */ 296a8e1175bSopenharmony_ci mbedtls_printf(" > Write to client:"); 297a8e1175bSopenharmony_ci fflush(stdout); 298a8e1175bSopenharmony_ci 299a8e1175bSopenharmony_ci len = sprintf((char *) buf, HTTP_RESPONSE, 300a8e1175bSopenharmony_ci mbedtls_ssl_get_ciphersuite(&ssl)); 301a8e1175bSopenharmony_ci 302a8e1175bSopenharmony_ci while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { 303a8e1175bSopenharmony_ci if (ret == MBEDTLS_ERR_NET_CONN_RESET) { 304a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! peer closed the connection\n\n"); 305a8e1175bSopenharmony_ci goto reset; 306a8e1175bSopenharmony_ci } 307a8e1175bSopenharmony_ci 308a8e1175bSopenharmony_ci if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { 309a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); 310a8e1175bSopenharmony_ci goto exit; 311a8e1175bSopenharmony_ci } 312a8e1175bSopenharmony_ci } 313a8e1175bSopenharmony_ci 314a8e1175bSopenharmony_ci len = ret; 315a8e1175bSopenharmony_ci mbedtls_printf(" %d bytes written\n\n%s\n", len, (char *) buf); 316a8e1175bSopenharmony_ci 317a8e1175bSopenharmony_ci mbedtls_printf(" . Closing the connection..."); 318a8e1175bSopenharmony_ci 319a8e1175bSopenharmony_ci while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) { 320a8e1175bSopenharmony_ci if (ret != MBEDTLS_ERR_SSL_WANT_READ && 321a8e1175bSopenharmony_ci ret != MBEDTLS_ERR_SSL_WANT_WRITE) { 322a8e1175bSopenharmony_ci mbedtls_printf(" failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret); 323a8e1175bSopenharmony_ci goto reset; 324a8e1175bSopenharmony_ci } 325a8e1175bSopenharmony_ci } 326a8e1175bSopenharmony_ci 327a8e1175bSopenharmony_ci mbedtls_printf(" ok\n"); 328a8e1175bSopenharmony_ci 329a8e1175bSopenharmony_ci ret = 0; 330a8e1175bSopenharmony_ci goto reset; 331a8e1175bSopenharmony_ci 332a8e1175bSopenharmony_ciexit: 333a8e1175bSopenharmony_ci 334a8e1175bSopenharmony_ci#ifdef MBEDTLS_ERROR_C 335a8e1175bSopenharmony_ci if (ret != 0) { 336a8e1175bSopenharmony_ci char error_buf[100]; 337a8e1175bSopenharmony_ci mbedtls_strerror(ret, error_buf, 100); 338a8e1175bSopenharmony_ci mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); 339a8e1175bSopenharmony_ci } 340a8e1175bSopenharmony_ci#endif 341a8e1175bSopenharmony_ci 342a8e1175bSopenharmony_ci mbedtls_net_free(&client_fd); 343a8e1175bSopenharmony_ci mbedtls_net_free(&listen_fd); 344a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&srvcert); 345a8e1175bSopenharmony_ci mbedtls_pk_free(&pkey); 346a8e1175bSopenharmony_ci mbedtls_ssl_free(&ssl); 347a8e1175bSopenharmony_ci mbedtls_ssl_config_free(&conf); 348a8e1175bSopenharmony_ci#if defined(MBEDTLS_SSL_CACHE_C) 349a8e1175bSopenharmony_ci mbedtls_ssl_cache_free(&cache); 350a8e1175bSopenharmony_ci#endif 351a8e1175bSopenharmony_ci mbedtls_ctr_drbg_free(&ctr_drbg); 352a8e1175bSopenharmony_ci mbedtls_entropy_free(&entropy); 353a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO) 354a8e1175bSopenharmony_ci mbedtls_psa_crypto_free(); 355a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */ 356a8e1175bSopenharmony_ci 357a8e1175bSopenharmony_ci mbedtls_exit(ret); 358a8e1175bSopenharmony_ci} 359a8e1175bSopenharmony_ci#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && 360a8e1175bSopenharmony_ci MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && 361a8e1175bSopenharmony_ci MBEDTLS_RSA_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C 362a8e1175bSopenharmony_ci && MBEDTLS_FS_IO && MBEDTLS_PEM_PARSE_C */ 363