]> git.saurik.com Git - apple/security.git/blob - dtlsEcho/dtlsEchoServer.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.220.15.tar.gz
[apple/security.git] / dtlsEcho / dtlsEchoServer.c
1 /*
2 * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #include <Security/Security.h>
26 #include <Security/SecBase.h>
27
28 #include "../sslViewer/sslAppUtils.h"
29
30 #include <stdlib.h>
31 #include <sys/types.h>
32 #include <sys/socket.h>
33 #include <netinet/in.h>
34 #include <arpa/inet.h>
35 #include <stdio.h>
36 #include <errno.h>
37 #include <unistd.h> /* close() */
38 #include <string.h> /* memset() */
39 #include <fcntl.h>
40 #include <time.h>
41
42 #ifdef NO_SERVER
43 #include <securityd/spi.h>
44 #endif
45
46 #define PORT 23232
47
48 static
49 unsigned char ServerRSA_Key_der[] = {
50 0x30, 0x82, 0x02, 0x5b, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xab,
51 0x05, 0xba, 0xdc, 0x2d, 0xb3, 0x03, 0xf1, 0x6c, 0x60, 0x7f, 0x5e, 0x80,
52 0x85, 0x54, 0x24, 0xc7, 0x87, 0x6e, 0xe5, 0xf1, 0xae, 0x76, 0x59, 0xe3,
53 0x4b, 0x9c, 0xff, 0xa2, 0x41, 0xfc, 0x40, 0xf8, 0xa8, 0x33, 0x12, 0xa9,
54 0x1b, 0x1a, 0xc5, 0xe8, 0xef, 0xb1, 0xe3, 0x75, 0x0b, 0xd2, 0x28, 0x49,
55 0x48, 0x64, 0x9c, 0x3d, 0x89, 0xb6, 0xf8, 0xa5, 0x93, 0xd0, 0x29, 0x8c,
56 0x9e, 0x7a, 0xf6, 0x00, 0x20, 0x08, 0x52, 0x08, 0xdc, 0x1d, 0x17, 0x8b,
57 0x44, 0x4e, 0x32, 0x13, 0xdc, 0xb1, 0x50, 0xa5, 0xf0, 0x94, 0x25, 0x50,
58 0xfa, 0x1e, 0xe3, 0xae, 0x66, 0x19, 0x13, 0x3e, 0x20, 0x86, 0x05, 0x9c,
59 0xda, 0xd9, 0xff, 0x8f, 0x72, 0x6e, 0xf5, 0xc1, 0xfd, 0x86, 0xae, 0x26,
60 0xcc, 0x4b, 0xc8, 0x9f, 0xa9, 0xd6, 0x3a, 0x1f, 0xb6, 0x8a, 0x8f, 0x04,
61 0x2d, 0xbb, 0xa4, 0x47, 0xb3, 0xfb, 0xf9, 0x02, 0x03, 0x01, 0x00, 0x01,
62 0x02, 0x81, 0x80, 0x38, 0x04, 0xf1, 0x77, 0x4b, 0xb4, 0xd6, 0xb6, 0xce,
63 0xf4, 0x30, 0xe4, 0x68, 0x9e, 0xc3, 0xb8, 0x24, 0x6f, 0x75, 0x60, 0xf6,
64 0xb0, 0x59, 0xee, 0x09, 0xa8, 0xeb, 0xed, 0x44, 0x5d, 0xee, 0xdd, 0xed,
65 0x55, 0x53, 0x1d, 0x6a, 0xad, 0x09, 0x31, 0x08, 0xa2, 0xf3, 0x16, 0xf9,
66 0x70, 0xfc, 0xce, 0xdb, 0x6a, 0x4e, 0x22, 0x6b, 0x79, 0xdf, 0xa8, 0x44,
67 0xbc, 0x4d, 0x34, 0x3e, 0xee, 0x6e, 0x81, 0xfa, 0xe5, 0xf4, 0x62, 0x95,
68 0x30, 0xce, 0x49, 0x11, 0x42, 0x2b, 0x2e, 0x6a, 0x87, 0x0c, 0x6a, 0x1f,
69 0xaf, 0x22, 0xec, 0x32, 0x6b, 0x3e, 0x1b, 0xc3, 0xcb, 0xb4, 0x46, 0xd6,
70 0x14, 0xd0, 0x52, 0x6b, 0x4c, 0x63, 0x74, 0xcb, 0xbe, 0xeb, 0xf8, 0xbf,
71 0x31, 0xd6, 0xe3, 0x42, 0x1f, 0x77, 0x68, 0xf2, 0xf2, 0xf0, 0xf4, 0x24,
72 0x10, 0x5f, 0x9c, 0x3c, 0x5c, 0xbb, 0x5b, 0x19, 0xed, 0x30, 0x01, 0x02,
73 0x41, 0x00, 0xd2, 0x72, 0x8b, 0xd9, 0x1a, 0x8d, 0xcb, 0xa2, 0x56, 0x6b,
74 0x3b, 0x78, 0xf3, 0x7a, 0xd4, 0x97, 0x90, 0xcd, 0xcd, 0x5a, 0x32, 0x06,
75 0x3d, 0xb0, 0xc2, 0xfb, 0x9f, 0x95, 0x51, 0x63, 0xcf, 0xcd, 0x5c, 0xcb,
76 0x4b, 0xa7, 0xe5, 0x5f, 0xd0, 0xd3, 0x5a, 0xc8, 0x92, 0xe1, 0xde, 0xe0,
77 0x83, 0x86, 0xfe, 0xdd, 0xe1, 0xb4, 0x00, 0x72, 0x25, 0xb4, 0x20, 0x19,
78 0xf6, 0x94, 0xf8, 0xfd, 0x4e, 0x01, 0x02, 0x41, 0x00, 0xd0, 0x0a, 0x89,
79 0x2a, 0x99, 0x49, 0x35, 0x60, 0x14, 0x8d, 0x2c, 0xe7, 0x72, 0xa0, 0x19,
80 0xd6, 0x86, 0x60, 0x0d, 0xa6, 0x44, 0x89, 0x30, 0x98, 0xea, 0xeb, 0xdf,
81 0xfb, 0xb5, 0x56, 0x23, 0x3c, 0xe4, 0xc9, 0x76, 0x4f, 0x90, 0x8e, 0x55,
82 0x7d, 0x51, 0xcb, 0x41, 0xf1, 0x73, 0xb0, 0xa9, 0x8b, 0x36, 0xf9, 0x1a,
83 0xfe, 0x6f, 0xa3, 0x2e, 0x13, 0x30, 0xc4, 0xe3, 0x2c, 0x51, 0x7d, 0x1d,
84 0xf9, 0x02, 0x40, 0x6e, 0x72, 0x55, 0x79, 0x04, 0x99, 0xa4, 0x64, 0xb7,
85 0x8c, 0x21, 0xb3, 0x51, 0xbd, 0x86, 0x33, 0x61, 0x78, 0xd1, 0x2c, 0x64,
86 0x12, 0xa8, 0x6f, 0xcb, 0x75, 0x39, 0x84, 0xa9, 0x29, 0x84, 0x16, 0xd8,
87 0x7b, 0x8d, 0x62, 0x39, 0x5c, 0x77, 0x01, 0x65, 0xa4, 0xdc, 0x89, 0x94,
88 0x6a, 0x2a, 0x3d, 0x40, 0x27, 0x7c, 0xdb, 0xf6, 0x5b, 0xf1, 0xf3, 0xbd,
89 0xe1, 0x42, 0x6b, 0x5e, 0xdd, 0xba, 0x01, 0x02, 0x40, 0x6b, 0x56, 0x14,
90 0x41, 0x23, 0x47, 0x2f, 0x3f, 0xbc, 0x3a, 0xbe, 0x81, 0x47, 0x95, 0xac,
91 0xdf, 0x0f, 0x03, 0x7d, 0xe7, 0x5c, 0x13, 0x00, 0x3c, 0xd5, 0x70, 0x0f,
92 0x67, 0x19, 0xbf, 0x30, 0x7d, 0x19, 0x79, 0x8c, 0x0e, 0x2f, 0x02, 0x10,
93 0xbf, 0x90, 0xb4, 0xf2, 0xf7, 0xf5, 0x7d, 0x9f, 0x6c, 0x11, 0x57, 0xe3,
94 0x02, 0x85, 0x6c, 0xc6, 0xb7, 0xe6, 0x00, 0x9f, 0x48, 0xdd, 0x5e, 0x55,
95 0x59, 0x02, 0x40, 0x51, 0xb5, 0xaf, 0x36, 0x4b, 0x91, 0x6c, 0x89, 0x19,
96 0x44, 0x96, 0x6c, 0x4a, 0x94, 0x58, 0x29, 0x5c, 0x38, 0xd4, 0x6b, 0x24,
97 0xdc, 0x3b, 0xb1, 0x66, 0xc1, 0x3c, 0xc8, 0x17, 0x97, 0xb7, 0x05, 0xd9,
98 0x18, 0xb6, 0x43, 0x16, 0xf8, 0xf9, 0x5e, 0xed, 0x7e, 0x6f, 0xc4, 0xa6,
99 0x6a, 0x3a, 0xc7, 0xc0, 0x21, 0x6b, 0x39, 0xac, 0xf3, 0xf6, 0x40, 0xd5,
100 0x25, 0xf7, 0x44, 0x1d, 0xd4, 0xb2, 0x37
101 };
102
103 static
104 unsigned char ServerRSA_Cert_CA_RSA_der[] = {
105 0x30, 0x82, 0x02, 0x69, 0x30, 0x82, 0x01, 0x51, 0xa0, 0x03, 0x02, 0x01,
106 0x02, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
107 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x25, 0x31, 0x23, 0x30,
108 0x21, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x1a, 0x53, 0x65, 0x63, 0x75,
109 0x72, 0x69, 0x74, 0x79, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x20,
110 0x43, 0x65, 0x72, 0x74, 0x20, 0x28, 0x52, 0x53, 0x41, 0x29, 0x30, 0x20,
111 0x17, 0x0d, 0x31, 0x35, 0x30, 0x33, 0x32, 0x33, 0x30, 0x37, 0x31, 0x30,
112 0x32, 0x36, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x35, 0x35, 0x30, 0x33, 0x31,
113 0x33, 0x30, 0x37, 0x31, 0x30, 0x32, 0x36, 0x5a, 0x30, 0x3e, 0x31, 0x28,
114 0x30, 0x26, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x1f, 0x53, 0x65, 0x63,
115 0x75, 0x72, 0x69, 0x74, 0x79, 0x54, 0x65, 0x73, 0x74, 0x73, 0x20, 0x53,
116 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x28,
117 0x52, 0x53, 0x41, 0x29, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
118 0x03, 0x13, 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74,
119 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
120 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81,
121 0x89, 0x02, 0x81, 0x81, 0x00, 0xab, 0x05, 0xba, 0xdc, 0x2d, 0xb3, 0x03,
122 0xf1, 0x6c, 0x60, 0x7f, 0x5e, 0x80, 0x85, 0x54, 0x24, 0xc7, 0x87, 0x6e,
123 0xe5, 0xf1, 0xae, 0x76, 0x59, 0xe3, 0x4b, 0x9c, 0xff, 0xa2, 0x41, 0xfc,
124 0x40, 0xf8, 0xa8, 0x33, 0x12, 0xa9, 0x1b, 0x1a, 0xc5, 0xe8, 0xef, 0xb1,
125 0xe3, 0x75, 0x0b, 0xd2, 0x28, 0x49, 0x48, 0x64, 0x9c, 0x3d, 0x89, 0xb6,
126 0xf8, 0xa5, 0x93, 0xd0, 0x29, 0x8c, 0x9e, 0x7a, 0xf6, 0x00, 0x20, 0x08,
127 0x52, 0x08, 0xdc, 0x1d, 0x17, 0x8b, 0x44, 0x4e, 0x32, 0x13, 0xdc, 0xb1,
128 0x50, 0xa5, 0xf0, 0x94, 0x25, 0x50, 0xfa, 0x1e, 0xe3, 0xae, 0x66, 0x19,
129 0x13, 0x3e, 0x20, 0x86, 0x05, 0x9c, 0xda, 0xd9, 0xff, 0x8f, 0x72, 0x6e,
130 0xf5, 0xc1, 0xfd, 0x86, 0xae, 0x26, 0xcc, 0x4b, 0xc8, 0x9f, 0xa9, 0xd6,
131 0x3a, 0x1f, 0xb6, 0x8a, 0x8f, 0x04, 0x2d, 0xbb, 0xa4, 0x47, 0xb3, 0xfb,
132 0xf9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x0d, 0x30, 0x0b, 0x30, 0x09,
133 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0d, 0x06,
134 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
135 0x03, 0x82, 0x01, 0x01, 0x00, 0xa7, 0x35, 0x63, 0xc8, 0x0a, 0xf7, 0xae,
136 0x0f, 0xe8, 0x10, 0x50, 0xb0, 0x79, 0x04, 0xa5, 0xf3, 0x48, 0x5d, 0x0a,
137 0x7a, 0x6b, 0xd0, 0xef, 0x17, 0x43, 0xe5, 0x21, 0xd4, 0xbb, 0xef, 0xac,
138 0x04, 0x21, 0x50, 0x7d, 0xd8, 0xe8, 0xf1, 0x3f, 0xd1, 0xb7, 0xa5, 0x93,
139 0xb4, 0xa8, 0xec, 0x23, 0xbe, 0xb6, 0xd9, 0xcc, 0xbe, 0x3c, 0x81, 0x34,
140 0x25, 0x24, 0x81, 0x1e, 0xd9, 0x8c, 0xd6, 0x20, 0x14, 0x36, 0x83, 0x29,
141 0x7f, 0x56, 0xcd, 0xc3, 0x90, 0xd0, 0x2d, 0x54, 0x8b, 0x05, 0xcb, 0xab,
142 0xb1, 0xf2, 0x44, 0xfc, 0xba, 0x73, 0xbf, 0x97, 0xc2, 0x2b, 0x5a, 0x6a,
143 0x49, 0x27, 0x29, 0x7c, 0xb7, 0xb1, 0x4a, 0x1f, 0x28, 0x41, 0x05, 0x63,
144 0x58, 0x8e, 0xd5, 0x7e, 0x46, 0x74, 0x11, 0x01, 0x72, 0x93, 0x1f, 0xea,
145 0xf7, 0x37, 0x4a, 0xfa, 0x84, 0x53, 0xb6, 0x3c, 0x0e, 0xde, 0xe5, 0x1c,
146 0x12, 0x86, 0x0a, 0xf6, 0x8b, 0xac, 0xc8, 0xb5, 0x9a, 0x9b, 0xd2, 0x28,
147 0x15, 0x18, 0x83, 0x0a, 0xfc, 0x47, 0x1a, 0xcf, 0xed, 0xa1, 0x95, 0x4e,
148 0xcc, 0x3c, 0x2a, 0x9a, 0xdf, 0x09, 0xec, 0x28, 0x20, 0xfd, 0xc5, 0x42,
149 0xf1, 0xd8, 0x2f, 0x21, 0x88, 0xec, 0xe2, 0x24, 0xb2, 0xe2, 0x45, 0x5a,
150 0xce, 0xb4, 0x78, 0xb3, 0x30, 0x38, 0x0e, 0x1c, 0x6a, 0xa3, 0x04, 0x0e,
151 0xac, 0xa4, 0x97, 0xe3, 0xc1, 0x46, 0x0a, 0x9d, 0x65, 0x9a, 0xe9, 0x02,
152 0x12, 0xf0, 0x88, 0x58, 0xc6, 0xde, 0xe5, 0x23, 0x42, 0x3c, 0x58, 0x52,
153 0x27, 0x1a, 0xe2, 0xf5, 0x4a, 0x21, 0x47, 0xb2, 0x13, 0x0c, 0xb2, 0xd0,
154 0xcc, 0xb3, 0xfd, 0x66, 0x2a, 0xa6, 0x38, 0x5b, 0xe6, 0x2e, 0x90, 0x9e,
155 0x62, 0x3f, 0x7e, 0x60, 0xee, 0xd4, 0x02, 0x58, 0x7d, 0x5c, 0xf8, 0x39,
156 0x27, 0xa9, 0xdb, 0x3e, 0x24, 0x3c, 0xc0, 0xde, 0xc8
157 };
158
159
160 static void dumppacket(const unsigned char *data, unsigned long len)
161 {
162 unsigned long i;
163 for(i=0;i<len;i++)
164 {
165 if((i&0xf)==0) printf("%04lx :",i);
166 printf(" %02x", data[i]);
167 if((i&0xf)==0xf) printf("\n");
168 }
169 printf("\n");
170 }
171
172
173 /* 2K should be enough for everybody */
174 #define MTU 2048
175 static unsigned char readBuffer[MTU];
176 static unsigned int readOff=0;
177 static size_t readLeft=0;
178
179 static
180 OSStatus SocketRead(
181 SSLConnectionRef connection,
182 void *data,
183 size_t *dataLength)
184 {
185 int fd = (int)connection;
186 ssize_t len;
187 uint8_t *d=readBuffer;
188
189 if(readLeft==0)
190 {
191 len = read(fd, readBuffer, MTU);
192
193 if(len>0) {
194 readOff=0;
195 readLeft=(size_t) len;
196 printf("SocketRead: %ld bytes... epoch: %02x seq=%02x%02x\n",
197 len, d[4], d[9], d[10]);
198 } else {
199 int theErr = errno;
200 switch(theErr) {
201 case EAGAIN:
202 // printf("SocketRead: EAGAIN\n");
203 *dataLength=0;
204 /* nonblocking, no data */
205 return errSSLWouldBlock;
206 default:
207 perror("SocketRead");
208 return errSecIO;
209 }
210 }
211 }
212
213 if(readLeft<*dataLength) {
214 *dataLength=readLeft;
215 }
216
217 memcpy(data, readBuffer+readOff, *dataLength);
218 readLeft-=*dataLength;
219 readOff+=*dataLength;
220
221
222 return errSecSuccess;
223
224 }
225
226
227 static
228 OSStatus SocketWrite(
229 SSLConnectionRef connection,
230 const void *data,
231 size_t *dataLength) /* IN/OUT */
232 {
233 int fd = (int)connection;
234 ssize_t len;
235 OSStatus err = errSecSuccess;
236 const uint8_t *d=data;
237
238 #if 0
239 if((rand()&3)==1) {
240 /* drop 1/8 packets */
241 printf("SocketWrite: Drop %ld bytes... epoch: %02x seq=%02x%02x\n",
242 *dataLength, d[4], d[9], d[10]);
243 return errSecSuccess;
244 }
245 #endif
246
247 len = send(fd, data, *dataLength, 0);
248
249 if(len>0) {
250 *dataLength=(size_t)len;
251
252 printf("SocketWrite: Sent %ld bytes... epoch: %02x seq=%02x%02x\n",
253 len, d[4], d[9], d[10]);
254
255 return err;
256 }
257
258 int theErr = errno;
259 switch(theErr) {
260 case EAGAIN:
261 /* nonblocking, no data */
262 err = errSSLWouldBlock;
263 break;
264 default:
265 perror("SocketWrite");
266 err = errSecIO;
267 break;
268 }
269
270 return err;
271
272 }
273
274
275 int main(int argc, char **argv)
276 {
277 struct sockaddr_in sa; /* server address for bind */
278 struct sockaddr_in ca; /* client address for connect */
279 int fd;
280 ssize_t l;
281
282 #ifdef NO_SERVER
283 # if DEBUG
284 securityd_init();
285 # endif
286 #endif
287
288 if ((fd=socket(AF_INET, SOCK_DGRAM, 0))==-1) {
289 perror("socket");
290 return errno;
291 }
292
293 time_t seed=time(NULL);
294 // time_t seed=1298952496;
295 srand((unsigned)seed);
296 printf("Random drop initialized with seed = %lu\n", seed);
297
298 memset((char *) &sa, 0, sizeof(sa));
299 sa.sin_family = AF_INET;
300 sa.sin_port = htons(PORT);
301 sa.sin_addr.s_addr = htonl(INADDR_ANY);
302
303 if(bind (fd, (struct sockaddr *)&sa, sizeof(sa))==-1)
304 {
305 perror("bind");
306 return errno;
307 }
308
309 printf("Waiting for first packet...\n");
310 /* PEEK only... */
311 socklen_t slen=sizeof(ca);
312 char b;
313 if((l=recvfrom(fd, &b, 1, MSG_PEEK, (struct sockaddr *)&ca, &slen))==-1)
314 {
315 perror("recvfrom");
316 return errno;
317 }
318
319 printf("Received packet from %s (%ld), connecting...\n", inet_ntoa(ca.sin_addr), l);
320
321 if(connect(fd, (struct sockaddr *)&ca, sizeof(ca))==-1)
322 {
323 perror("connect");
324 return errno;
325 }
326
327 /* Change to non blocking */
328 fcntl(fd, F_SETFL, O_NONBLOCK);
329
330
331 SSLConnectionRef c=(SSLConnectionRef)(intptr_t)fd;
332
333
334 OSStatus ortn;
335 SSLContextRef ctx = NULL;
336
337 SSLClientCertificateState certState;
338 SSLCipherSuite negCipher;
339
340 /*
341 * Set up a SecureTransport session.
342 */
343 ortn = SSLNewDatagramContext(true, &ctx);
344 if(ortn) {
345 printSslErrStr("SSLNewDatagramContext", ortn);
346 return ortn;
347 }
348
349 ortn = SSLSetIOFuncs(ctx, SocketRead, SocketWrite);
350 if(ortn) {
351 printSslErrStr("SSLSetIOFuncs", ortn);
352 return ortn;
353 }
354
355 ortn = SSLSetConnection(ctx, c);
356 if(ortn) {
357 printSslErrStr("SSLSetConnection", ortn);
358 return ortn;
359 }
360
361 ortn = SSLSetDatagramHelloCookie(ctx, &ca, 32);
362 if(ortn) {
363 printSslErrStr("SSLSetDatagramHelloCookie", ortn);
364 return ortn;
365 }
366
367 ortn = SSLSetMaxDatagramRecordSize(ctx, 400);
368 if(ortn) {
369 printSslErrStr("SSLSetMaxDatagramRecordSize", ortn);
370 return ortn;
371 }
372
373 /* Lets not verify the cert, which is a random test cert */
374 ortn = SSLSetEnableCertVerify(ctx, false);
375 if(ortn) {
376 printSslErrStr("SSLSetEnableCertVerify", ortn);
377 return ortn;
378 }
379
380 ortn = SSLSetCertificate(ctx, chain_from_der(false, ServerRSA_Key_der, sizeof(ServerRSA_Key_der),
381 ServerRSA_Cert_CA_RSA_der, sizeof(ServerRSA_Cert_CA_RSA_der)));
382 if(ortn) {
383 printSslErrStr("SSLSetCertificate", ortn);
384 return ortn;
385 }
386
387 ortn = SSLSetClientSideAuthenticate(ctx, kAlwaysAuthenticate);
388 if(ortn) {
389 printSslErrStr("SSLSetCertificate", ortn);
390 return ortn;
391 }
392
393 printf("Server Handshake...\n");
394 do {
395 ortn = SSLHandshake(ctx);
396 if(ortn == errSSLWouldBlock) {
397 /* keep UI responsive */
398 sslOutputDot();
399 }
400 } while (ortn == errSSLWouldBlock);
401
402 if(ortn) {
403 printSslErrStr("SSLHandshake", ortn);
404 return ortn;
405 }
406
407 SSLGetClientCertificateState(ctx, &certState);
408 SSLGetNegotiatedCipher(ctx, &negCipher);
409
410 printf("Server Handshake done. Cipher is %s\n", sslGetCipherSuiteString(negCipher));
411
412 unsigned char buffer[MTU];
413 size_t len, readLen;
414
415 while(1) {
416 while((ortn=SSLRead(ctx, buffer, MTU, &readLen))==errSSLWouldBlock);
417 if(ortn) {
418 printSslErrStr("SSLRead", ortn);
419 break;
420 }
421 buffer[readLen]=0;
422 printf("Received %lu bytes:\n", readLen);
423 dumppacket(buffer, readLen);
424
425 ortn=SSLWrite(ctx, buffer, readLen, &len);
426 if(ortn) {
427 printSslErrStr("SSLRead", ortn);
428 break;
429 }
430 printf("Echoing %lu bytes\n", len);
431 }
432
433 SSLDisposeContext(ctx);
434
435 return ortn;
436 }
mirror of Security