Blame - programs/test/ssl_test.c - mirror/mbed-tls

blob: 3b2e2d7c152fa42d932aeba64d4fdb9f736c6416 [file] [log] [blame]

Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	1	/*
				2	* SSL/TLS stress testing program
				3	*
Manuel Pégourié-Gonnard	a658a40	2015-01-23 09:45:19 +0000	[diff] [blame]	4	* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
Paul Bakker	b96f154	2010-07-18 20:36:00 +0000	[diff] [blame]	5	*
Manuel Pégourié-Gonnard	085ab04	2015-01-23 11:06:27 +0000	[diff] [blame^]	6	* This file is part of mbed TLS (https://www.polarssl.org)
Paul Bakker	b96f154	2010-07-18 20:36:00 +0000	[diff] [blame]	7	*
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	8	* This program is free software; you can redistribute it and/or modify
				9	* it under the terms of the GNU General Public License as published by
				10	* the Free Software Foundation; either version 2 of the License, or
				11	* (at your option) any later version.
				12	*
				13	* This program is distributed in the hope that it will be useful,
				14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				16	* GNU General Public License for more details.
				17	*
				18	* You should have received a copy of the GNU General Public License along
				19	* with this program; if not, write to the Free Software Foundation, Inc.,
				20	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
				21	*/
				22
Manuel Pégourié-Gonnard	cef4ad2	2014-04-29 12:39:06 +0200	[diff] [blame]	23	#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnard	abd6e02	2013-09-20 13:30:43 +0200	[diff] [blame]	24	#include "polarssl/config.h"
Manuel Pégourié-Gonnard	cef4ad2	2014-04-29 12:39:06 +0200	[diff] [blame]	25	#else
				26	#include POLARSSL_CONFIG_FILE
				27	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	28
				29	#include <string.h>
				30	#include <stdlib.h>
				31	#include <stdio.h>
				32
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	33	#include "polarssl/net.h"
				34	#include "polarssl/ssl.h"
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	35	#include "polarssl/entropy.h"
				36	#include "polarssl/ctr_drbg.h"
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	37	#include "polarssl/certs.h"
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	38	#if defined(POLARSSL_TIMING_C)
				39	#include "polarssl/timing.h"
				40	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	41
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	42	#if !defined(POLARSSL_BIGNUM_C) \|\| !defined(POLARSSL_ENTROPY_C) \|\| \
				43	!defined(POLARSSL_SSL_TLS_C) \|\| !defined(POLARSSL_SSL_SRV_C) \|\| \
				44	!defined(POLARSSL_SSL_CLI_C) \|\| !defined(POLARSSL_NET_C) \|\| \
				45	!defined(POLARSSL_RSA_C) \|\| !defined(POLARSSL_CTR_DRBG_C) \|\| \
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	46	!defined(POLARSSL_X509_CRT_PARSE_C)
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	47	int main( int argc, char *argv[] )
				48	{
				49	((void) argc);
				50	((void) argv);
				51
				52	printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
				53	"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
				54	"POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or "
				55	"POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or "
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	56	"POLARSSL_X509_CRT_PARSE_C not defined.\n");
Paul Bakker	9a97c5d	2013-09-15 17:07:33 +0200	[diff] [blame]	57	return( 0 );
				58	}
				59	#else
				60
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	61	#define OPMODE_NONE 0
				62	#define OPMODE_CLIENT 1
				63	#define OPMODE_SERVER 2
				64
				65	#define IOMODE_BLOCK 0
				66	#define IOMODE_NONBLOCK 1
				67
				68	#define COMMAND_READ 1
				69	#define COMMAND_WRITE 2
				70	#define COMMAND_BOTH 3
				71
				72	#define DFL_OPMODE OPMODE_NONE
				73	#define DFL_IOMODE IOMODE_BLOCK
				74	#define DFL_SERVER_NAME "localhost"
				75	#define DFL_SERVER_PORT 4433
				76	#define DFL_COMMAND COMMAND_READ
				77	#define DFL_BUFFER_SIZE 1024
				78	#define DFL_MAX_BYTES 0
				79	#define DFL_DEBUG_LEVEL 0
				80	#define DFL_CONN_TIMEOUT 0
				81	#define DFL_MAX_CONNECTIONS 0
				82	#define DFL_SESSION_REUSE 1
				83	#define DFL_SESSION_LIFETIME 86400
				84	#define DFL_FORCE_CIPHER 0
				85
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	86	int server_fd = -1;
				87
				88	/*
				89	* global options
				90	*/
				91	struct options
				92	{
				93	int opmode; /* operation mode (client or server) */
				94	int iomode; /* I/O mode (blocking or non-blocking) */
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	95	const char server_name; / hostname of the server (client only) */
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	96	int server_port; /* port on which the ssl service runs */
				97	int command; /* what to do: read or write operation */
				98	int buffer_size; /* size of the send/receive buffer */
				99	int max_bytes; /* max. # of bytes before a reconnect */
				100	int debug_level; /* level of debugging */
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	101	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	102	int conn_timeout; /* max. delay before a reconnect */
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	103	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	104	int max_connections; /* max. number of reconnections */
				105	int session_reuse; /* flag to reuse the keying material */
				106	int session_lifetime; /* if reached, session data is expired */
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	107	int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	108	};
				109
				110	/*
				111	* Although this PRNG has good statistical properties (eg. passes
				112	* DIEHARD), it is not cryptographically secure.
				113	*/
Paul Bakker	3c5ef71	2013-06-25 16:37:45 +0200	[diff] [blame]	114	static unsigned long int lcppm5( unsigned long int *state )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	115	{
				116	unsigned long int u, v;
				117
				118	u = v = state[4] ^ 1;
				119	state[u & 3] ^= u;
				120	u ^= (v << 12) ^ (v >> 12);
				121	u ^= v * state[0]; v >>= 8;
				122	u ^= v * state[1]; v >>= 8;
				123	u ^= v * state[2]; v >>= 8;
				124	u ^= v * state[3];
				125	u &= 0xFFFFFFFF;
				126	state[4] = u;
				127
				128	return( u );
				129	}
				130
Paul Bakker	3c5ef71	2013-06-25 16:37:45 +0200	[diff] [blame]	131	static void my_debug( void ctx, int level, const char str )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	132	{
				133	if( level < ((struct options *) ctx)->debug_level )
				134	fprintf( stderr, "%s", str );
				135	}
				136
				137	/*
				138	* perform a single SSL connection
				139	*/
				140	static int ssl_test( struct options *opt )
				141	{
Alfred Klomp	5b78f21	2014-07-14 22:10:14 +0200	[diff] [blame]	142	int ret = 1, i;
Manuel Pégourié-Gonnard	68821da	2013-09-16 12:34:33 +0200	[diff] [blame]	143	int client_fd = -1;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	144	int bytes_to_read;
				145	int bytes_to_write;
Paul Bakker	026c03b	2009-03-28 17:53:03 +0000	[diff] [blame]	146	int offset_to_read = 0;
				147	int offset_to_write = 0;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	148
				149	long int nb_read;
				150	long int nb_written;
				151
				152	unsigned long read_state[5];
				153	unsigned long write_state[5];
				154
Paul Bakker	026c03b	2009-03-28 17:53:03 +0000	[diff] [blame]	155	unsigned char *read_buf = NULL;
				156	unsigned char *write_buf = NULL;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	157
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	158	const char *pers = "ssl_test";
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	159
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	160	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	161	struct hr_time t;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	162	#endif
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	163	entropy_context entropy;
				164	ctr_drbg_context ctr_drbg;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	165	ssl_context ssl;
Paul Bakker	c559c7a	2013-09-18 14:13:26 +0200	[diff] [blame]	166	x509_crt srvcert;
Manuel Pégourié-Gonnard	ac75523	2013-08-19 14:10:16 +0200	[diff] [blame]	167	pk_context pkey;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	168
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	169	memset( &ssl, 0, sizeof(ssl_context) );
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	170	entropy_init( &entropy );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	171	x509_crt_init( &srvcert );
				172	pk_init( &pkey );
				173
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	174	if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
Paul Bakker	ef3f8c7	2013-06-24 13:01:08 +0200	[diff] [blame]	175	(const unsigned char *) pers,
				176	strlen( pers ) ) ) != 0 )
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	177	{
				178	printf( " ! ctr_drbg_init returned %d\n", ret );
				179	goto exit;
				180	}
				181
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	182	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	183	get_timer( &t, 1 );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	184	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	185
				186	memset( read_state, 0, sizeof( read_state ) );
				187	memset( write_state, 0, sizeof( write_state ) );
				188
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	189
				190	if( opt->opmode == OPMODE_CLIENT )
				191	{
				192	if( ( ret = net_connect( &client_fd, opt->server_name,
				193	opt->server_port ) ) != 0 )
				194	{
				195	printf( " ! net_connect returned %d\n\n", ret );
				196	return( ret );
				197	}
				198
				199	if( ( ret = ssl_init( &ssl ) ) != 0 )
				200	{
				201	printf( " ! ssl_init returned %d\n\n", ret );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	202	goto exit;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	203	}
				204
				205	ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
				206	}
				207
				208	if( opt->opmode == OPMODE_SERVER )
				209	{
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	210	#if !defined(POLARSSL_CERTS_C)
				211	printf("POLARSSL_CERTS_C not defined.\n");
				212	goto exit;
				213	#else
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	214	ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
				215	strlen( test_srv_crt ) );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	216	if( ret != 0 )
				217	{
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	218	printf( " ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	219	goto exit;
				220	}
				221
Manuel Pégourié-Gonnard	641de71	2013-09-25 13:23:33 +0200	[diff] [blame]	222	ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
				223	strlen( test_ca_list ) );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	224	if( ret != 0 )
				225	{
Paul Bakker	ddf26b4	2013-09-18 13:46:23 +0200	[diff] [blame]	226	printf( " ! x509_crt_parse returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	227	goto exit;
				228	}
				229
Paul Bakker	1a7550a	2013-09-15 13:01:22 +0200	[diff] [blame]	230	ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
				231	strlen( test_srv_key ), NULL, 0 );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	232	if( ret != 0 )
				233	{
Paul Bakker	1a7550a	2013-09-15 13:01:22 +0200	[diff] [blame]	234	printf( " ! pk_parse_key returned %d\n\n", ret );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	235	goto exit;
				236	}
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	237	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	238
				239	if( server_fd < 0 )
				240	{
				241	if( ( ret = net_bind( &server_fd, NULL,
				242	opt->server_port ) ) != 0 )
				243	{
				244	printf( " ! net_bind returned %d\n\n", ret );
				245	return( ret );
				246	}
				247	}
				248
				249	if( ( ret = net_accept( server_fd, &client_fd, NULL ) ) != 0 )
				250	{
				251	printf( " ! net_accept returned %d\n\n", ret );
				252	return( ret );
				253	}
				254
				255	if( ( ret = ssl_init( &ssl ) ) != 0 )
				256	{
				257	printf( " ! ssl_init returned %d\n\n", ret );
				258	return( ret );
				259	}
				260
				261	ssl_set_endpoint( &ssl, SSL_IS_SERVER );
Paul Bakker	40ea7de	2009-05-03 10:18:48 +0000	[diff] [blame]	262	ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
Manuel Pégourié-Gonnard	c5fd391	2014-07-08 14:05:52 +0200	[diff] [blame]	263	if( ( ret = ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
				264	{
				265	printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
				266	goto exit;
				267	}
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	268	}
				269
				270	ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
				271
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	272	ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	273	ssl_set_dbg( &ssl, my_debug, opt );
				274	ssl_set_bio( &ssl, net_recv, &client_fd,
				275	net_send, &client_fd );
				276
Paul Bakker	68884e3	2013-01-07 18:20:04 +0100	[diff] [blame]	277	if( opt->force_ciphersuite[0] != DFL_FORCE_CIPHER )
				278	ssl_set_ciphersuites( &ssl, opt->force_ciphersuite );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	279
				280	if( opt->iomode == IOMODE_NONBLOCK )
Paul Bakker	cbe3d0d	2014-04-17 16:00:59 +0200	[diff] [blame]	281	{
				282	if( ( ret = net_set_nonblock( client_fd ) ) != 0 )
				283	{
				284	printf( " ! net_set_nonblock returned %d\n\n", ret );
				285	return( ret );
				286	}
				287	}
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	288
				289	read_buf = (unsigned char *) malloc( opt->buffer_size );
				290	write_buf = (unsigned char *) malloc( opt->buffer_size );
				291
				292	if( read_buf == NULL \|\| write_buf == NULL )
				293	{
				294	printf( " ! malloc(%d bytes) failed\n\n", opt->buffer_size );
				295	goto exit;
				296	}
				297
				298	nb_read = bytes_to_read = 0;
				299	nb_written = bytes_to_write = 0;
				300
				301	while( 1 )
				302	{
				303	if( opt->command & COMMAND_WRITE )
				304	{
				305	if( bytes_to_write == 0 )
				306	{
				307	while( bytes_to_write == 0 )
				308	bytes_to_write = rand() % opt->buffer_size;
				309
				310	for( i = 0; i < bytes_to_write; i++ )
				311	write_buf[i] = (unsigned char) lcppm5( write_state );
				312
				313	offset_to_write = 0;
				314	}
				315
				316	ret = ssl_write( &ssl, write_buf + offset_to_write,
				317	bytes_to_write );
				318
				319	if( ret >= 0 )
				320	{
				321	nb_written += ret;
				322	bytes_to_write -= ret;
				323	offset_to_write += ret;
				324	}
				325
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	326	if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY \|\|
				327	ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	328	{
				329	ret = 0;
				330	goto exit;
				331	}
				332
Paul Bakker	831a755	2011-05-18 13:32:51 +0000	[diff] [blame]	333	if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ &&
				334	ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	335	{
				336	printf( " ! ssl_write returned %d\n\n", ret );
				337	break;
				338	}
				339	}
				340
				341	if( opt->command & COMMAND_READ )
				342	{
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	343	while( bytes_to_read == 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	344	{
				345	bytes_to_read = rand() % opt->buffer_size;
				346	offset_to_read = 0;
				347	}
				348
				349	ret = ssl_read( &ssl, read_buf + offset_to_read,
				350	bytes_to_read );
				351
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	352	if( ret > 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	353	{
				354	for( i = 0; i < ret; i++ )
				355	{
				356	if( read_buf[offset_to_read + i] !=
				357	(unsigned char) lcppm5( read_state ) )
				358	{
				359	ret = 1;
				360	printf( " ! plaintext mismatch\n\n" );
				361	goto exit;
				362	}
				363	}
				364
				365	nb_read += ret;
				366	bytes_to_read -= ret;
				367	offset_to_read += ret;
				368	}
				369
Paul Bakker	396333e	2013-09-26 13:32:19 +0200	[diff] [blame]	370	if( ret == 0 \|\|
				371	ret == POLARSSL_ERR_SSL_CONN_EOF \|\|
				372	ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY \|\|
Paul Bakker	40e4694	2009-01-03 21:51:57 +0000	[diff] [blame]	373	ret == POLARSSL_ERR_NET_CONN_RESET )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	374	{
				375	ret = 0;
				376	goto exit;
				377	}
				378
Paul Bakker	831a755	2011-05-18 13:32:51 +0000	[diff] [blame]	379	if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ &&
				380	ret != POLARSSL_ERR_NET_WANT_WRITE )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	381	{
				382	printf( " ! ssl_read returned %d\n\n", ret );
				383	break;
				384	}
				385	}
				386
				387	ret = 0;
				388
				389	if( opt->max_bytes != 0 &&
				390	( opt->max_bytes <= nb_read \|\|
				391	opt->max_bytes <= nb_written ) )
				392	break;
				393
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	394	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	395	if( opt->conn_timeout != 0 &&
				396	opt->conn_timeout <= (int) get_timer( &t, 0 ) )
				397	break;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	398	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	399	}
				400
				401	exit:
				402
				403	fflush( stdout );
				404
				405	if( read_buf != NULL )
				406	free( read_buf );
				407
				408	if( write_buf != NULL )
				409	free( write_buf );
				410
				411	ssl_close_notify( &ssl );
Paul Bakker	36713e8	2013-09-17 13:25:29 +0200	[diff] [blame]	412	x509_crt_free( &srvcert );
Manuel Pégourié-Gonnard	ac75523	2013-08-19 14:10:16 +0200	[diff] [blame]	413	pk_free( &pkey );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	414	ssl_free( &ssl );
Paul Bakker	a317a98	2014-06-18 16:44:11 +0200	[diff] [blame]	415	ctr_drbg_free( &ctr_drbg );
Paul Bakker	1ffefac	2013-09-28 15:23:03 +0200	[diff] [blame]	416	entropy_free( &entropy );
Paul Bakker	0c22610	2014-04-17 16:02:36 +0200	[diff] [blame]	417
				418	if( client_fd != -1 )
				419	net_close( client_fd );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	420
				421	return( ret );
				422	}
				423
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	424	#if defined(POLARSSL_TIMING_C)
				425	#define USAGE_TIMING \
				426	" conn_timeout=%%d (ms) default: 0 (no timeout)\n"
				427	#else
				428	#define USAGE_TIMING ""
				429	#endif
				430
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	431	#define USAGE \
				432	"\n usage: ssl_test opmode=<> command=<>...\n" \
				433	"\n acceptable parameters:\n" \
				434	" opmode=client/server default: <none>\n" \
				435	" iomode=block/nonblock default: block\n" \
				436	" server_name=%%s default: localhost\n" \
				437	" server_port=%%d default: 4433\n" \
				438	" command=read/write/both default: read\n" \
				439	" buffer_size=%%d (bytes) default: 1024\n" \
				440	" max_bytes=%%d (bytes) default: 0 (no limit)\n" \
				441	" debug_level=%%d default: 0 (disabled)\n" \
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	442	USAGE_TIMING \
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	443	" max_connections=%%d default: 0 (no limit)\n" \
				444	" session_reuse=on/off default: on (enabled)\n" \
				445	" session_lifetime=%%d (s) default: 86400\n" \
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	446	" force_ciphersuite=<name> default: all enabled\n" \
				447	" acceptable ciphersuite names:\n"
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	448
				449	int main( int argc, char *argv[] )
				450	{
Paul Bakker	c97f9f6	2013-11-30 15:13:02 +0100	[diff] [blame]	451	int i;
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	452	const int *list;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	453	int ret = 1;
				454	int nb_conn;
				455	char p, q;
				456	struct options opt;
				457
				458	if( argc == 1 )
				459	{
				460	usage:
				461	printf( USAGE );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	462
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	463	list = ssl_list_ciphersuites();
				464	while( *list )
				465	{
				466	printf(" %s\n", ssl_get_ciphersuite_name( *list ) );
				467	list++;
				468	}
				469	printf("\n");
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	470	goto exit;
				471	}
				472
				473	opt.opmode = DFL_OPMODE;
				474	opt.iomode = DFL_IOMODE;
				475	opt.server_name = DFL_SERVER_NAME;
				476	opt.server_port = DFL_SERVER_PORT;
				477	opt.command = DFL_COMMAND;
				478	opt.buffer_size = DFL_BUFFER_SIZE;
				479	opt.max_bytes = DFL_MAX_BYTES;
				480	opt.debug_level = DFL_DEBUG_LEVEL;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	481	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	482	opt.conn_timeout = DFL_CONN_TIMEOUT;
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	483	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	484	opt.max_connections = DFL_MAX_CONNECTIONS;
				485	opt.session_reuse = DFL_SESSION_REUSE;
				486	opt.session_lifetime = DFL_SESSION_LIFETIME;
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	487	opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	488
				489	for( i = 1; i < argc; i++ )
				490	{
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	491	p = argv[i];
				492	if( ( q = strchr( p, '=' ) ) == NULL )
				493	continue;
				494	*q++ = '\0';
				495
				496	if( strcmp( p, "opmode" ) == 0 )
				497	{
				498	if( strcmp( q, "client" ) == 0 )
				499	opt.opmode = OPMODE_CLIENT;
				500	else
				501	if( strcmp( q, "server" ) == 0 )
				502	opt.opmode = OPMODE_SERVER;
				503	else goto usage;
				504	}
				505
				506	if( strcmp( p, "iomode" ) == 0 )
				507	{
				508	if( strcmp( q, "block" ) == 0 )
				509	opt.iomode = IOMODE_BLOCK;
				510	else
				511	if( strcmp( q, "nonblock" ) == 0 )
				512	opt.iomode = IOMODE_NONBLOCK;
				513	else goto usage;
				514	}
				515
				516	if( strcmp( p, "server_name" ) == 0 )
				517	opt.server_name = q;
				518
				519	if( strcmp( p, "server_port" ) == 0 )
				520	{
				521	opt.server_port = atoi( q );
				522	if( opt.server_port < 1 \|\| opt.server_port > 65535 )
				523	goto usage;
				524	}
				525
				526	if( strcmp( p, "command" ) == 0 )
				527	{
				528	if( strcmp( q, "read" ) == 0 )
				529	opt.command = COMMAND_READ;
				530	else
				531	if( strcmp( q, "write" ) == 0 )
				532	opt.command = COMMAND_WRITE;
				533	else
				534	if( strcmp( q, "both" ) == 0 )
				535	{
				536	opt.iomode = IOMODE_NONBLOCK;
				537	opt.command = COMMAND_BOTH;
				538	}
				539	else goto usage;
				540	}
				541
				542	if( strcmp( p, "buffer_size" ) == 0 )
				543	{
				544	opt.buffer_size = atoi( q );
				545	if( opt.buffer_size < 1 \|\| opt.buffer_size > 1048576 )
				546	goto usage;
				547	}
				548
				549	if( strcmp( p, "max_bytes" ) == 0 )
				550	opt.max_bytes = atoi( q );
				551
				552	if( strcmp( p, "debug_level" ) == 0 )
				553	opt.debug_level = atoi( q );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	554	#if defined(POLARSSL_TIMING_C)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	555	if( strcmp( p, "conn_timeout" ) == 0 )
				556	opt.conn_timeout = atoi( q );
Paul Bakker	44618dd	2013-07-04 10:34:10 +0200	[diff] [blame]	557	#endif
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	558	if( strcmp( p, "max_connections" ) == 0 )
				559	opt.max_connections = atoi( q );
				560
				561	if( strcmp( p, "session_reuse" ) == 0 )
				562	{
				563	if( strcmp( q, "on" ) == 0 )
				564	opt.session_reuse = 1;
				565	else
				566	if( strcmp( q, "off" ) == 0 )
				567	opt.session_reuse = 0;
				568	else
				569	goto usage;
				570	}
				571
				572	if( strcmp( p, "session_lifetime" ) == 0 )
				573	opt.session_lifetime = atoi( q );
				574
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	575	if( strcmp( p, "force_ciphersuite" ) == 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	576	{
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	577	opt.force_ciphersuite[0] = -1;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	578
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	579	opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q );
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	580
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	581	if( opt.force_ciphersuite[0] <= 0 )
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	582	goto usage;
				583
Paul Bakker	e3166ce	2011-01-27 17:40:50 +0000	[diff] [blame]	584	opt.force_ciphersuite[1] = 0;
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	585	}
				586	}
				587
				588	switch( opt.opmode )
				589	{
				590	case OPMODE_CLIENT:
				591	break;
				592
				593	case OPMODE_SERVER:
				594	break;
				595
				596	default:
				597	goto usage;
				598	}
				599
				600	nb_conn = 0;
				601
				602	do {
				603	nb_conn++;
				604	ret = ssl_test( &opt );
				605	if( opt.max_connections != 0 &&
				606	opt.max_connections <= nb_conn )
				607	break;
				608	}
				609	while( ret == 0 );
				610
				611	exit:
				612
Paul Bakker	cce9d77	2011-11-18 14:26:47 +0000	[diff] [blame]	613	#if defined(_WIN32)
Paul Bakker	5121ce5	2009-01-03 21:22:43 +0000	[diff] [blame]	614	printf( " Press Enter to exit this program.\n" );
				615	fflush( stdout ); getchar();
				616	#endif
				617
				618	return( ret );
				619	}
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	620	#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	621	POLARSSL_SSL_SRV_C && POLARSSL_SSL_CLI_C && POLARSSL_NET_C &&
Paul Bakker	508ad5a	2011-12-04 17:09:26 +0000	[diff] [blame]	622	POLARSSL_RSA_C && POLARSSL_CTR_DRBG_C */