Last active
May 23, 2023 15:05
-
-
Save kakopappa/f47075920ee980773585eb2189f0468f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
int ret, len; | |
mbedtls_net_context listen_fd, client_fd; | |
unsigned char buf[1024]; | |
const char *pers = "ssl_server"; | |
int port = 443 | |
mbedtls_entropy_context entropy; | |
mbedtls_ctr_drbg_context ctr_drbg; | |
mbedtls_ssl_context ssl; | |
mbedtls_ssl_config conf; | |
mbedtls_x509_crt srvcert; | |
mbedtls_pk_context pkey; | |
mbedtls_net_init(&listen_fd); | |
mbedtls_net_init(&client_fd); | |
mbedtls_ssl_init(&ssl); | |
mbedtls_ssl_config_init(&conf); | |
mbedtls_x509_crt_init(&srvcert); | |
mbedtls_pk_init(&pkey); | |
mbedtls_entropy_init(&entropy); | |
mbedtls_ctr_drbg_init(&ctr_drbg); | |
#if defined(MBEDTLS_DEBUG_C) | |
mbedtls_debug_set_threshold(DEBUG_LEVEL); | |
#endif | |
ESP_LOGE(TAG, " . Seeding the random number generator..."); | |
if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, | |
(const unsigned char *) pers, | |
strlen(pers))) != 0) { | |
ESP_LOGE(TAG, " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); | |
return -1; | |
} | |
ESP_LOGE(TAG, " ok\n"); | |
const char* cert = | |
"-----BEGIN CERTIFICATE-----\n" | |
"-----END CERTIFICATE-----\n"; | |
const char * key = | |
"-----BEGIN RSA PRIVATE KEY-----\n" | |
"-----END RSA PRIVATE KEY-----\n"; | |
ESP_LOGE(TAG, "\n . Loading the server cert. and key..."); | |
ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char*)cert, strlen(cert) + 1); | |
if (ret != 0) { | |
char errorBuf[100]; | |
mbedtls_strerror(ret, errorBuf, sizeof(errorBuf)); | |
ESP_LOGE(TAG, "Certificate parsing srvcert error: "); | |
return -1; | |
} | |
ESP_LOGE(TAG, " ok\n"); | |
ret = mbedtls_pk_parse_key(&pkey, (const unsigned char*)key, strlen(key) + 1, NULL, 0); | |
if (ret != 0) { | |
char errorBuf[100]; | |
mbedtls_strerror(ret, errorBuf, sizeof(errorBuf)); | |
ESP_LOGE(TAG, "Private key parsing error: "); | |
//ESP_LOGE(TAG, "%s" errorBuf); | |
return -1; | |
} | |
ESP_LOGE(TAG, " ok\n"); | |
if ((ret = mbedtls_net_bind(&listen_fd, NULL, "443", MBEDTLS_NET_PROTO_TCP)) != 0) { | |
ESP_LOGE(TAG, " failed\n ! mbedtls_net_bind returned %d\n\n", ret); | |
return -1; | |
} | |
ESP_LOGE(TAG, " ok\n"); | |
ESP_LOGE(TAG, " . Setting up the SSL data...."); | |
mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); | |
if ((ret = mbedtls_ssl_config_defaults(&conf, | |
MBEDTLS_SSL_IS_SERVER, | |
MBEDTLS_SSL_TRANSPORT_STREAM, | |
MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { | |
mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); | |
return -1; | |
} | |
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); | |
mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); | |
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); | |
if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { | |
ESP_LOGE(TAG," failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); | |
return -1; | |
} | |
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { | |
ESP_LOGE(TAG," failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); | |
return -1; | |
} | |
ESP_LOGE(TAG," ok\n"); | |
ESP_LOGI(TAG, "Created listening socket on port %d", port); | |
ESP_LOGE(TAG," . Waiting for a remote connection ..."); | |
if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, | |
NULL, 0, NULL)) != 0) { | |
ESP_LOGE(TAG," failed\n ! mbedtls_net_accept returned %d\n\n", ret); | |
return -1; | |
} | |
ESP_LOGE(TAG," . Accepting connection ..."); | |
mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); | |
ESP_LOGE(TAG, " ok\n"); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment