Halaman utama Jelajahi Bantuan
Masuk
BlitzNG
/
net.mod
cermin dari https://github.com/bmx-ng/net.mod.git
2
0
Fork 0
Berkas Masalah 0 Wiki
Cabang: master
Ranting Tag
net.mod
/
mbedtls.mod
/
mbedtls
/
programs
/
ssl
/
ssl_client2.c

ssl_client2.c 110 KB
Permalink Riwayat Mentahan

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128 
  1. /*
    2. 

  2.  *  SSL client with certificate authentication
    3. 

  3.  *
    4. 

  4.  *  Copyright The Mbed TLS Contributors
    5. 

  5.  *  SPDX-License-Identifier: Apache-2.0
    6. 

  6.  *
    7. 

  7.  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
    8. 

  8.  *  not use this file except in compliance with the License.
    9. 

  9.  *  You may obtain a copy of the License at
    10. 

  10.  *
    11. 

  11.  *  http://www.apache.org/licenses/LICENSE-2.0
    12. 

  12.  *
    13. 

  13.  *  Unless required by applicable law or agreed to in writing, software
    14. 

  14.  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    15. 

  15.  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    16. 

  16.  *  See the License for the specific language governing permissions and
    17. 

  17.  *  limitations under the License.
    18. 

  18.  */
    19. 

  19. 

  20. #define MBEDTLS_ALLOW_PRIVATE_ACCESS
    21. 

  21. 

  22. #include "ssl_test_lib.h"
    23. 

  23. 

  24. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    25. 

  25. #include "test/psa_crypto_helpers.h"
    26. 

  26. #endif
    27. 

  27. 

  28. #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
    29. 

  29. int main( void )
    30. 

  30. {
    31. 

  31.     mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE );
    32. 

  32.     mbedtls_exit( 0 );
    33. 

  33. }
    34. 

  34. #elif !defined(MBEDTLS_SSL_CLI_C)
    35. 

  35. int main( void )
    36. 

  36. {
    37. 

  37.     mbedtls_printf( "MBEDTLS_SSL_CLI_C not defined.\n" );
    38. 

  38.     mbedtls_exit( 0 );
    39. 

  39. }
    40. 

  40. #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
    41. 

  41. 

  42. /* Size of memory to be allocated for the heap, when using the library's memory
    43. 

  43.  * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */
    44. 

  44. #define MEMORY_HEAP_SIZE      120000
    45. 

  45. 

  46. #define MAX_REQUEST_SIZE      20000
    47. 

  47. #define MAX_REQUEST_SIZE_STR "20000"
    48. 

  48. 

  49. #define DFL_SERVER_NAME         "localhost"
    50. 

  50. #define DFL_SERVER_ADDR         NULL
    51. 

  51. #define DFL_SERVER_PORT         "4433"
    52. 

  52. #define DFL_REQUEST_PAGE        "/"
    53. 

  53. #define DFL_REQUEST_SIZE        -1
    54. 

  54. #define DFL_DEBUG_LEVEL         0
    55. 

  55. #define DFL_CONTEXT_CRT_CB      0
    56. 

  56. #define DFL_NBIO                0
    57. 

  57. #define DFL_EVENT               0
    58. 

  58. #define DFL_READ_TIMEOUT        0
    59. 

  59. #define DFL_MAX_RESEND          0
    60. 

  60. #define DFL_CA_FILE             ""
    61. 

  61. #define DFL_CA_PATH             ""
    62. 

  62. #define DFL_CRT_FILE            ""
    63. 

  63. #define DFL_KEY_FILE            ""
    64. 

  64. #define DFL_KEY_OPAQUE          0
    65. 

  65. #define DFL_KEY_PWD             ""
    66. 

  66. #define DFL_PSK                 ""
    67. 

  67. #define DFL_PSK_OPAQUE          0
    68. 

  68. #define DFL_PSK_IDENTITY        "Client_identity"
    69. 

  69. #define DFL_ECJPAKE_PW          NULL
    70. 

  70. #define DFL_EC_MAX_OPS          -1
    71. 

  71. #define DFL_FORCE_CIPHER        0
    72. 

  72. #define DFL_TLS13_KEX_MODES     MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL
    73. 

  73. #define DFL_RENEGOTIATION       MBEDTLS_SSL_RENEGOTIATION_DISABLED
    74. 

  74. #define DFL_ALLOW_LEGACY        -2
    75. 

  75. #define DFL_RENEGOTIATE         0
    76. 

  76. #define DFL_EXCHANGES           1
    77. 

  77. #define DFL_MIN_VERSION         -1
    78. 

  78. #define DFL_MAX_VERSION         -1
    79. 

  79. #define DFL_SHA1                -1
    80. 

  80. #define DFL_AUTH_MODE           -1
    81. 

  81. #define DFL_MFL_CODE            MBEDTLS_SSL_MAX_FRAG_LEN_NONE
    82. 

  82. #define DFL_TRUNC_HMAC          -1
    83. 

  83. #define DFL_RECSPLIT            -1
    84. 

  84. #define DFL_DHMLEN              -1
    85. 

  85. #define DFL_RECONNECT           0
    86. 

  86. #define DFL_RECO_DELAY          0
    87. 

  87. #define DFL_RECO_MODE           1
    88. 

  88. #define DFL_CID_ENABLED         0
    89. 

  89. #define DFL_CID_VALUE           ""
    90. 

  90. #define DFL_CID_ENABLED_RENEGO  -1
    91. 

  91. #define DFL_CID_VALUE_RENEGO    NULL
    92. 

  92. #define DFL_RECONNECT_HARD      0
    93. 

  93. #define DFL_TICKETS             MBEDTLS_SSL_SESSION_TICKETS_ENABLED
    94. 

  94. #define DFL_ALPN_STRING         NULL
    95. 

  95. #define DFL_CURVES              NULL
    96. 

  96. #define DFL_SIG_ALGS            NULL
    97. 

  97. #define DFL_TRANSPORT           MBEDTLS_SSL_TRANSPORT_STREAM
    98. 

  98. #define DFL_HS_TO_MIN           0
    99. 

  99. #define DFL_HS_TO_MAX           0
    100. 

  100. #define DFL_DTLS_MTU            -1
    101. 

  101. #define DFL_DGRAM_PACKING        1
    102. 

  102. #define DFL_FALLBACK            -1
    103. 

  103. #define DFL_EXTENDED_MS         -1
    104. 

  104. #define DFL_ETM                 -1
    105. 

  105. #define DFL_SERIALIZE           0
    106. 

  106. #define DFL_CONTEXT_FILE        ""
    107. 

  107. #define DFL_EXTENDED_MS_ENFORCE -1
    108. 

  108. #define DFL_CA_CALLBACK         0
    109. 

  109. #define DFL_EAP_TLS             0
    110. 

  110. #define DFL_REPRODUCIBLE        0
    111. 

  111. #define DFL_NSS_KEYLOG          0
    112. 

  112. #define DFL_NSS_KEYLOG_FILE     NULL
    113. 

  113. #define DFL_SKIP_CLOSE_NOTIFY   0
    114. 

  114. #define DFL_QUERY_CONFIG_MODE   0
    115. 

  115. #define DFL_USE_SRTP            0
    116. 

  116. #define DFL_SRTP_FORCE_PROFILE  0
    117. 

  117. #define DFL_SRTP_MKI            ""
    118. 

  118. 

  119. #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
    120. 

  120. #define GET_REQUEST_END "\r\n\r\n"
    121. 

  121. 

  122. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    123. 

  123. #define USAGE_CONTEXT_CRT_CB \
    124. 

  124.     "    context_crt_cb=%%d   This determines whether the CRT verification callback is bound\n" \
    125. 

  125.     "                        to the SSL configuration of the SSL context.\n" \
    126. 

  126.     "                        Possible values:\n"\
    127. 

  127.     "                        - 0 (default): Use CRT callback bound to configuration\n" \
    128. 

  128.     "                        - 1: Use CRT callback bound to SSL context\n"
    129. 

  129. #else
    130. 

  130. #define USAGE_CONTEXT_CRT_CB ""
    131. 

  131. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    132. 

  132. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    133. 

  133. #if defined(MBEDTLS_FS_IO)
    134. 

  134. #define USAGE_IO \
    135. 

  135.     "    ca_file=%%s          The single file containing the top-level CA(s) you fully trust\n" \
    136. 

  136.     "                        default: \"\" (pre-loaded)\n" \
    137. 

  137.     "                        use \"none\" to skip loading any top-level CAs.\n" \
    138. 

  138.     "    ca_path=%%s          The path containing the top-level CA(s) you fully trust\n" \
    139. 

  139.     "                        default: \"\" (pre-loaded) (overrides ca_file)\n" \
    140. 

  140.     "                        use \"none\" to skip loading any top-level CAs.\n" \
    141. 

  141.     "    crt_file=%%s         Your own cert and chain (in bottom to top order, top may be omitted)\n" \
    142. 

  142.     "                        default: \"\" (pre-loaded)\n" \
    143. 

  143.     "    key_file=%%s         default: \"\" (pre-loaded)\n"\
    144. 

  144.     "    key_pwd=%%s          Password for key specified by key_file argument\n"\
    145. 

  145.     "                        default: none\n"
    146. 

  146. #else
    147. 

  147. #define USAGE_IO \
    148. 

  148.     "    No file operations available (MBEDTLS_FS_IO not defined)\n"
    149. 

  149. #endif /* MBEDTLS_FS_IO */
    150. 

  150. #else /* MBEDTLS_X509_CRT_PARSE_C */
    151. 

  151. #define USAGE_IO ""
    152. 

  152. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    153. 

  153. #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
    154. 

  154. #define USAGE_KEY_OPAQUE \
    155. 

  155.     "    key_opaque=%%d       Handle your private key as if it were opaque\n" \
    156. 

  156.     "                        default: 0 (disabled)\n"
    157. 

  157. #else
    158. 

  158. #define USAGE_KEY_OPAQUE ""
    159. 

  159. #endif
    160. 

  160. 

  161. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    162. 

  162. #define USAGE_CID \
    163. 

  163.     "    cid=%%d             Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
    164. 

  164.     "                       default: 0 (disabled)\n"     \
    165. 

  165.     "    cid_renego=%%d      Disable (0) or enable (1) the use of the DTLS Connection ID extension during renegotiation.\n" \
    166. 

  166.     "                       default: same as 'cid' parameter\n"     \
    167. 

  167.     "    cid_val=%%s          The CID to use for incoming messages (in hex, without 0x).\n"  \
    168. 

  168.     "                        default: \"\"\n" \
    169. 

  169.     "    cid_val_renego=%%s   The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n"  \
    170. 

  170.     "                        default: same as 'cid_val' parameter\n"
    171. 

  171. #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    172. 

  172. #define USAGE_CID ""
    173. 

  173. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    174. 

  174. 

  175. #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
    176. 

  176. #define USAGE_PSK_RAW                                               \
    177. 

  177.     "    psk=%%s              default: \"\" (disabled)\n"     \
    178. 

  178.     "                          The PSK values are in hex, without 0x.\n" \
    179. 

  179.     "    psk_identity=%%s     default: \"Client_identity\"\n"
    180. 

  180. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    181. 

  181. #define USAGE_PSK_SLOT                          \
    182. 

  182.     "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
    183. 

  183.     "                          Enable this to store the PSK configured through command line\n" \
    184. 

  184.     "                          parameter `psk` in a PSA-based key slot.\n" \
    185. 

  185.     "                          Note: Currently only supported in conjunction with\n"                  \
    186. 

  186.     "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
    187. 

  187.     "                          to force a particular PSK-only ciphersuite.\n"                         \
    188. 

  188.     "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
    189. 

  189.     "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
    190. 

  190.     "                          with prepopulated key slots instead of importing raw key material.\n"
    191. 

  191. #else
    192. 

  192. #define USAGE_PSK_SLOT ""
    193. 

  193. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    194. 

  194. #define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
    195. 

  195. #else
    196. 

  196. #define USAGE_PSK ""
    197. 

  197. #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
    198. 

  198. 

  199. #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
    200. 

  200. #define USAGE_CA_CALLBACK                       \
    201. 

  201.     "   ca_callback=%%d       default: 0 (disabled)\n"      \
    202. 

  202.     "                         Enable this to use the trusted certificate callback function\n"
    203. 

  203. #else
    204. 

  204. #define USAGE_CA_CALLBACK ""
    205. 

  205. #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
    206. 

  206. 

  207. #if defined(MBEDTLS_SSL_SESSION_TICKETS)
    208. 

  208. #define USAGE_TICKETS                                       \
    209. 

  209.     "    tickets=%%d          default: 1 (enabled)\n"
    210. 

  210. #else
    211. 

  211. #define USAGE_TICKETS ""
    212. 

  212. #endif /* MBEDTLS_SSL_SESSION_TICKETS */
    213. 

  213. 

  214. #define USAGE_EAP_TLS                                       \
    215. 

  215.     "    eap_tls=%%d          default: 0 (disabled)\n"
    216. 

  216. #define USAGE_NSS_KEYLOG                                    \
    217. 

  217.     "    nss_keylog=%%d          default: 0 (disabled)\n"               \
    218. 

  218.     "                             This cannot be used with eap_tls=1\n"
    219. 

  219. #define USAGE_NSS_KEYLOG_FILE                               \
    220. 

  220.     "    nss_keylog_file=%%s\n"
    221. 

  221. #if defined(MBEDTLS_SSL_DTLS_SRTP)
    222. 

  222. #define USAGE_SRTP \
    223. 

  223.     "    use_srtp=%%d         default: 0 (disabled)\n" \
    224. 

  224.     "                          This cannot be used with eap_tls=1 or "\
    225. 

  225.     "                          nss_keylog=1\n"             \
    226. 

  226.     "    srtp_force_profile=%%d  default: 0 (all enabled)\n"   \
    227. 

  227.     "                        available profiles:\n"       \
    228. 

  228.     "                        1 - SRTP_AES128_CM_HMAC_SHA1_80\n"  \
    229. 

  229.     "                        2 - SRTP_AES128_CM_HMAC_SHA1_32\n"  \
    230. 

  230.     "                        3 - SRTP_NULL_HMAC_SHA1_80\n"       \
    231. 

  231.     "                        4 - SRTP_NULL_HMAC_SHA1_32\n"       \
    232. 

  232.     "    mki=%%s              default: \"\" (in hex, without 0x)\n"
    233. 

  233. #else /* MBEDTLS_SSL_DTLS_SRTP */
    234. 

  234. #define USAGE_SRTP ""
    235. 

  235. #endif
    236. 

  236. 

  237. #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
    238. 

  238. #define USAGE_MAX_FRAG_LEN                                      \
    239. 

  239.     "    max_frag_len=%%d     default: 16384 (tls default)\n"   \
    240. 

  240.     "                        options: 512, 1024, 2048, 4096\n"
    241. 

  241. #else
    242. 

  242. #define USAGE_MAX_FRAG_LEN ""
    243. 

  243. #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
    244. 

  244. 

  245. #if defined(MBEDTLS_DHM_C)
    246. 

  246. #define USAGE_DHMLEN \
    247. 

  247.     "    dhmlen=%%d           default: (library default: 1024 bits)\n"
    248. 

  248. #else
    249. 

  249. #define USAGE_DHMLEN
    250. 

  250. #endif
    251. 

  251. 

  252. #if defined(MBEDTLS_SSL_ALPN)
    253. 

  253. #define USAGE_ALPN \
    254. 

  254.     "    alpn=%%s             default: \"\" (disabled)\n"   \
    255. 

  255.     "                        example: spdy/1,http/1.1\n"
    256. 

  256. #else
    257. 

  257. #define USAGE_ALPN ""
    258. 

  258. #endif /* MBEDTLS_SSL_ALPN */
    259. 

  259. 

  260. #if defined(MBEDTLS_ECP_C)
    261. 

  261. #define USAGE_CURVES \
    262. 

  262.     "    curves=a,b,c,d      default: \"default\" (library default)\n"  \
    263. 

  263.     "                        example: \"secp521r1,brainpoolP512r1\"\n"  \
    264. 

  264.     "                        - use \"none\" for empty list\n"           \
    265. 

  265.     "                        - see mbedtls_ecp_curve_list()\n"          \
    266. 

  266.     "                          for acceptable curve names\n"
    267. 

  267. #else
    268. 

  268. #define USAGE_CURVES ""
    269. 

  269. #endif
    270. 

  270. 

  271. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
    272. 

  272.     defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    273. 

  273. #define USAGE_SIG_ALGS \
    274. 

  274.     "    sig_algs=a,b,c,d      default: \"default\" (library default)\n"  \
    275. 

  275.     "                          example: \"ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384\"\n"
    276. 

  276. #else
    277. 

  277. #define USAGE_SIG_ALGS ""
    278. 

  278. #endif
    279. 

  279. 

  280. #if defined(MBEDTLS_SSL_PROTO_DTLS)
    281. 

  281. #define USAGE_DTLS \
    282. 

  282.     "    dtls=%%d             default: 0 (TLS)\n"                           \
    283. 

  283.     "    hs_timeout=%%d-%%d    default: (library default: 1000-60000)\n"    \
    284. 

  284.     "                        range of DTLS handshake timeouts in millisecs\n" \
    285. 

  285.     "    mtu=%%d              default: (library default: unlimited)\n"  \
    286. 

  286.     "    dgram_packing=%%d    default: 1 (allowed)\n"                   \
    287. 

  287.     "                        allow or forbid packing of multiple\n" \
    288. 

  288.     "                        records within a single datgram.\n"
    289. 

  289. #else
    290. 

  290. #define USAGE_DTLS ""
    291. 

  291. #endif
    292. 

  292. 

  293. #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
    294. 

  294. #define USAGE_EMS \
    295. 

  295.     "    extended_ms=0/1     default: (library default: on)\n"
    296. 

  296. #else
    297. 

  297. #define USAGE_EMS ""
    298. 

  298. #endif
    299. 

  299. 

  300. #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
    301. 

  301. #define USAGE_ETM \
    302. 

  302.     "    etm=0/1             default: (library default: on)\n"
    303. 

  303. #else
    304. 

  304. #define USAGE_ETM ""
    305. 

  305. #endif
    306. 

  306. 

  307. #define USAGE_REPRODUCIBLE \
    308. 

  308.     "    reproducible=0/1     default: 0 (disabled)\n"
    309. 

  309. 

  310. #if defined(MBEDTLS_SSL_RENEGOTIATION)
    311. 

  311. #define USAGE_RENEGO \
    312. 

  312.     "    renegotiation=%%d    default: 0 (disabled)\n"      \
    313. 

  313.     "    renegotiate=%%d      default: 0 (disabled)\n"
    314. 

  314. #else
    315. 

  315. #define USAGE_RENEGO ""
    316. 

  316. #endif
    317. 

  317. 

  318. #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
    319. 

  319. #define USAGE_ECJPAKE \
    320. 

  320.     "    ecjpake_pw=%%s       default: none (disabled)\n"
    321. 

  321. #else
    322. 

  322. #define USAGE_ECJPAKE ""
    323. 

  323. #endif
    324. 

  324. 

  325. #if defined(MBEDTLS_ECP_RESTARTABLE)
    326. 

  326. #define USAGE_ECRESTART \
    327. 

  327.     "    ec_max_ops=%%s       default: library default (restart disabled)\n"
    328. 

  328. #else
    329. 

  329. #define USAGE_ECRESTART ""
    330. 

  330. #endif
    331. 

  331. 

  332. #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
    333. 

  333. #define USAGE_SERIALIZATION \
    334. 

  334.     "    serialize=%%d        default: 0 (do not serialize/deserialize)\n"     \
    335. 

  335.     "                        options: 1 (serialize)\n"                         \
    336. 

  336.     "                                 2 (serialize with re-initialization)\n"  \
    337. 

  337.     "    context_file=%%s     The file path to write a serialized connection\n"\
    338. 

  338.     "                        in the form of base64 code (serialize option\n"   \
    339. 

  339.     "                        must be set)\n"                                   \
    340. 

  340.     "                         default: \"\" (do nothing)\n"                    \
    341. 

  341.     "                         option: a file path\n"
    342. 

  342. #else
    343. 

  343. #define USAGE_SERIALIZATION ""
    344. 

  344. #endif
    345. 

  345. 

  346. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    347. 

  347. #define USAGE_TLS13_KEY_EXCHANGE_MODES \
    348. 

  348.     "    tls13_kex_modes=%%s   default: all\n"     \
    349. 

  349.     "                          options: psk, psk_ephemeral, ephemeral, ephemeral_all, psk_all, all\n"
    350. 

  350. #else
    351. 

  351. #define USAGE_TLS13_KEY_EXCHANGE_MODES ""
    352. 

  352. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    353. 

  353. 

  354. /* USAGE is arbitrarily split to stay under the portable string literal
    355. 

  355.  * length limit: 4095 bytes in C99. */
    356. 

  356. #define USAGE1 \
    357. 

  357.     "\n usage: ssl_client2 param=<>...\n"                   \
    358. 

  358.     "\n acceptable parameters:\n"                           \
    359. 

  359.     "    server_name=%%s      default: localhost\n"         \
    360. 

  360.     "    server_addr=%%s      default: given by name\n"     \
    361. 

  361.     "    server_port=%%d      default: 4433\n"              \
    362. 

  362.     "    request_page=%%s     default: \".\"\n"             \
    363. 

  363.     "    request_size=%%d     default: about 34 (basic request)\n"           \
    364. 

  364.     "                        (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n"  \
    365. 

  365.     "                        If 0, in the first exchange only an empty\n"    \
    366. 

  366.     "                        application data message is sent followed by\n" \
    367. 

  367.     "                        a second non-empty message before attempting\n" \
    368. 

  368.     "                        to read a response from the server\n"           \
    369. 

  369.     "    debug_level=%%d      default: 0 (disabled)\n"             \
    370. 

  370.     "    nbio=%%d             default: 0 (blocking I/O)\n"         \
    371. 

  371.     "                        options: 1 (non-blocking), 2 (added delays)\n"   \
    372. 

  372.     "    event=%%d            default: 0 (loop)\n"                            \
    373. 

  373.     "                        options: 1 (level-triggered, implies nbio=1),\n" \
    374. 

  374.     "    read_timeout=%%d     default: 0 ms (no timeout)\n"        \
    375. 

  375.     "    max_resend=%%d       default: 0 (no resend on timeout)\n" \
    376. 

  376.     "    skip_close_notify=%%d default: 0 (send close_notify)\n" \
    377. 

  377.     "\n"                                                    \
    378. 

  378.     USAGE_DTLS                                              \
    379. 

  379.     USAGE_CID                                               \
    380. 

  380.     USAGE_SRTP                                              \
    381. 

  381.     "\n"
    382. 

  382. #define USAGE2 \
    383. 

  383.     "    auth_mode=%%s        default: (library default: none)\n" \
    384. 

  384.     "                        options: none, optional, required\n" \
    385. 

  385.     USAGE_IO                                                \
    386. 

  386.     USAGE_KEY_OPAQUE                                        \
    387. 

  387.     USAGE_CA_CALLBACK                                       \
    388. 

  388.     "\n"                                                    \
    389. 

  389.     USAGE_PSK                                               \
    390. 

  390.     USAGE_ECJPAKE                                           \
    391. 

  391.     USAGE_ECRESTART                                         \
    392. 

  392.     "\n"
    393. 

  393. #define USAGE3 \
    394. 

  394.     "    allow_legacy=%%d     default: (library default: no)\n"   \
    395. 

  395.     USAGE_RENEGO                                            \
    396. 

  396.     "    exchanges=%%d        default: 1\n"                 \
    397. 

  397.     "    reconnect=%%d        number of reconnections using session resumption\n" \
    398. 

  398.     "                        default: 0 (disabled)\n"      \
    399. 

  399.     "    reco_delay=%%d       default: 0 seconds\n"         \
    400. 

  400.     "    reco_mode=%%d        0: copy session, 1: serialize session\n" \
    401. 

  401.     "                        default: 1\n"      \
    402. 

  402.     "    reconnect_hard=%%d   default: 0 (disabled)\n"      \
    403. 

  403.     USAGE_TICKETS                                           \
    404. 

  404.     USAGE_EAP_TLS                                           \
    405. 

  405.     USAGE_MAX_FRAG_LEN                                      \
    406. 

  406.     USAGE_CONTEXT_CRT_CB                                    \
    407. 

  407.     USAGE_ALPN                                              \
    408. 

  408.     USAGE_EMS                                               \
    409. 

  409.     USAGE_ETM                                               \
    410. 

  410.     USAGE_REPRODUCIBLE                                      \
    411. 

  411.     USAGE_CURVES                                            \
    412. 

  412.     USAGE_SIG_ALGS                                         \
    413. 

  413.     USAGE_DHMLEN                                            \
    414. 

  414.     "\n"
    415. 

  415. 

  416. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    417. 

  417. #define TLS1_3_VERSION_OPTIONS  ", tls1_3"
    418. 

  418. #else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    419. 

  419. #define TLS1_3_VERSION_OPTIONS  ""
    420. 

  420. #endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    421. 

  421. 

  422. #define USAGE4 \
    423. 

  423.     "    allow_sha1=%%d       default: 0\n"                                   \
    424. 

  424.     "    min_version=%%s      default: (library default: tls1_2)\n"           \
    425. 

  425.     "    max_version=%%s      default: (library default: tls1_2)\n"           \
    426. 

  426.     "    force_version=%%s    default: \"\" (none)\n"                         \
    427. 

  427.     "                        options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
    428. 

  428.     "\n\n"                                                                    \
    429. 

  429.     "    force_ciphersuite=<name>    default: all enabled\n"                  \
    430. 

  430.     USAGE_TLS13_KEY_EXCHANGE_MODES                                            \
    431. 

  431.     "    query_config=<name>         return 0 if the specified\n"             \
    432. 

  432.     "                                configuration macro is defined and 1\n"  \
    433. 

  433.     "                                otherwise. The expansion of the macro\n" \
    434. 

  434.     "                                is printed if it is defined\n"           \
    435. 

  435.     USAGE_SERIALIZATION                                                       \
    436. 

  436.     " acceptable ciphersuite names:\n"
    437. 

  437. 

  438. #define ALPN_LIST_SIZE    10
    439. 

  439. #define CURVE_LIST_SIZE   20
    440. 

  440. #define SIG_ALG_LIST_SIZE  5
    441. 

  441. 

  442. /*
    443. 

  443.  * global options
    444. 

  444.  */
    445. 

  445. struct options
    446. 

  446. {
    447. 

  447.     const char *server_name;    /* hostname of the server (client only)     */
    448. 

  448.     const char *server_addr;    /* address of the server (client only)      */
    449. 

  449.     const char *server_port;    /* port on which the ssl service runs       */
    450. 

  450.     int debug_level;            /* level of debugging                       */
    451. 

  451.     int nbio;                   /* should I/O be blocking?                  */
    452. 

  452.     int event;                  /* loop or event-driven IO? level or edge triggered? */
    453. 

  453.     uint32_t read_timeout;      /* timeout on mbedtls_ssl_read() in milliseconds     */
    454. 

  454.     int max_resend;             /* DTLS times to resend on read timeout     */
    455. 

  455.     const char *request_page;   /* page on server to request                */
    456. 

  456.     int request_size;           /* pad request with header to requested size */
    457. 

  457.     const char *ca_file;        /* the file with the CA certificate(s)      */
    458. 

  458.     const char *ca_path;        /* the path with the CA certificate(s) reside */
    459. 

  459.     const char *crt_file;       /* the file with the client certificate     */
    460. 

  460.     const char *key_file;       /* the file with the client key             */
    461. 

  461.     int key_opaque;             /* handle private key as if it were opaque  */
    462. 

  462. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    463. 

  463.     int psk_opaque;
    464. 

  464. #endif
    465. 

  465. #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
    466. 

  466.     int ca_callback;            /* Use callback for trusted certificate list */
    467. 

  467. #endif
    468. 

  468.     const char *key_pwd;        /* the password for the client key          */
    469. 

  469.     const char *psk;            /* the pre-shared key                       */
    470. 

  470.     const char *psk_identity;   /* the pre-shared key identity              */
    471. 

  471.     const char *ecjpake_pw;     /* the EC J-PAKE password                   */
    472. 

  472.     int ec_max_ops;             /* EC consecutive operations limit          */
    473. 

  473.     int force_ciphersuite[2];   /* protocol/ciphersuite to use, or all      */
    474. 

  474. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    475. 

  475.     int tls13_kex_modes;        /* supported TLS 1.3 key exchange modes     */
    476. 

  476. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    477. 

  477.     int renegotiation;          /* enable / disable renegotiation           */
    478. 

  478.     int allow_legacy;           /* allow legacy renegotiation               */
    479. 

  479.     int renegotiate;            /* attempt renegotiation?                   */
    480. 

  480.     int renego_delay;           /* delay before enforcing renegotiation     */
    481. 

  481.     int exchanges;              /* number of data exchanges                 */
    482. 

  482.     int min_version;            /* minimum protocol version accepted        */
    483. 

  483.     int max_version;            /* maximum protocol version accepted        */
    484. 

  484.     int allow_sha1;             /* flag for SHA-1 support                   */
    485. 

  485.     int auth_mode;              /* verify mode for connection               */
    486. 

  486.     unsigned char mfl_code;     /* code for maximum fragment length         */
    487. 

  487.     int trunc_hmac;             /* negotiate truncated hmac or not          */
    488. 

  488.     int recsplit;               /* enable record splitting?                 */
    489. 

  489.     int dhmlen;                 /* minimum DHM params len in bits           */
    490. 

  490.     int reconnect;              /* attempt to resume session                */
    491. 

  491.     int reco_delay;             /* delay in seconds before resuming session */
    492. 

  492.     int reco_mode;              /* how to keep the session around           */
    493. 

  493.     int reconnect_hard;         /* unexpectedly reconnect from the same port */
    494. 

  494.     int tickets;                /* enable / disable session tickets         */
    495. 

  495.     const char *curves;         /* list of supported elliptic curves        */
    496. 

  496.     const char *sig_algs;       /* supported TLS 1.3 signature algorithms   */
    497. 

  497.     const char *alpn_string;    /* ALPN supported protocols                 */
    498. 

  498.     int transport;              /* TLS or DTLS?                             */
    499. 

  499.     uint32_t hs_to_min;         /* Initial value of DTLS handshake timer    */
    500. 

  500.     uint32_t hs_to_max;         /* Max value of DTLS handshake timer        */
    501. 

  501.     int dtls_mtu;               /* UDP Maximum tranport unit for DTLS       */
    502. 

  502.     int fallback;               /* is this a fallback connection?           */
    503. 

  503.     int dgram_packing;          /* allow/forbid datagram packing            */
    504. 

  504.     int extended_ms;            /* negotiate extended master secret?        */
    505. 

  505.     int etm;                    /* negotiate encrypt then mac?              */
    506. 

  506.     int context_crt_cb;         /* use context-specific CRT verify callback */
    507. 

  507.     int eap_tls;                /* derive EAP-TLS keying material?          */
    508. 

  508.     int nss_keylog;             /* export NSS key log material              */
    509. 

  509.     const char *nss_keylog_file; /* NSS key log file                        */
    510. 

  510.     int cid_enabled;            /* whether to use the CID extension or not  */
    511. 

  511.     int cid_enabled_renego;     /* whether to use the CID extension or not
    512. 

  512.                                  * during renegotiation                     */
    513. 

  513.     const char *cid_val;        /* the CID to use for incoming messages     */
    514. 

  514.     int serialize;              /* serialize/deserialize connection         */
    515. 

  515.     const char *context_file;   /* the file to write a serialized connection
    516. 

  516.                                  * in the form of base64 code (serialize
    517. 

  517.                                  * option must be set)                      */
    518. 

  518.     const char *cid_val_renego; /* the CID to use for incoming messages
    519. 

  519.                                  * after renegotiation                      */
    520. 

  520.     int reproducible;           /* make communication reproducible          */
    521. 

  521.     int skip_close_notify;      /* skip sending the close_notify alert      */
    522. 

  522.     int query_config_mode;      /* whether to read config                   */
    523. 

  523.     int use_srtp;               /* Support SRTP                             */
    524. 

  524.     int force_srtp_profile;     /* SRTP protection profile to use or all    */
    525. 

  525.     const char *mki;            /* The dtls mki value to use                */
    526. 

  526. } opt;
    527. 

  527. 

  528. #include "ssl_test_common_source.c"
    529. 

  529. 

  530. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    531. 

  531. static unsigned char peer_crt_info[1024];
    532. 

  532. 

  533. /*
    534. 

  534.  * Enabled if debug_level > 1 in code below
    535. 

  535.  */
    536. 

  536. static int my_verify( void *data, mbedtls_x509_crt *crt,
    537. 

  537.                       int depth, uint32_t *flags )
    538. 

  538. {
    539. 

  539.     char buf[1024];
    540. 

  540.     ((void) data);
    541. 

  541. 

  542.     mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth );
    543. 

  543. 

  544. #if !defined(MBEDTLS_X509_REMOVE_INFO)
    545. 

  545.     mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
    546. 

  546.     if( depth == 0 )
    547. 

  547.         memcpy( peer_crt_info, buf, sizeof( buf ) );
    548. 

  548. 

  549.     if( opt.debug_level == 0 )
    550. 

  550.         return( 0 );
    551. 

  551. 

  552.     mbedtls_printf( "%s", buf );
    553. 

  553. #else
    554. 

  554.     ((void) crt);
    555. 

  555.     ((void) depth);
    556. 

  556. #endif
    557. 

  557. 

  558.     if ( ( *flags ) == 0 )
    559. 

  559.         mbedtls_printf( "  This certificate has no flags\n" );
    560. 

  560.     else
    561. 

  561.     {
    562. 

  562.         x509_crt_verify_info( buf, sizeof( buf ), "  ! ", *flags );
    563. 

  563.         mbedtls_printf( "%s\n", buf );
    564. 

  564.     }
    565. 

  565. 

  566.     return( 0 );
    567. 

  567. }
    568. 

  568. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    569. 

  569. 

  570. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    571. 

  571. int report_cid_usage( mbedtls_ssl_context *ssl,
    572. 

  572.                       const char *additional_description )
    573. 

  573. {
    574. 

  574.     int ret;
    575. 

  575.     unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
    576. 

  576.     size_t peer_cid_len;
    577. 

  577.     int cid_negotiated;
    578. 

  578. 

  579.     if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
    580. 

  580.         return( 0 );
    581. 

  581. 

  582.     /* Check if the use of a CID has been negotiated,
    583. 

  583.      * but don't ask for the CID value and length.
    584. 

  584.      *
    585. 

  585.      * Note: Here and below, we're demonstrating the various ways
    586. 

  586.      *       in which mbedtls_ssl_get_peer_cid() can be called,
    587. 

  587.      *       depending on whether or not the length/value of the
    588. 

  588.      *       peer's CID is needed.
    589. 

  589.      *
    590. 

  590.      *       An actual application, however, should use
    591. 

  591.      *       just one call to mbedtls_ssl_get_peer_cid(). */
    592. 

  592.     ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
    593. 

  593.                                     NULL, NULL );
    594. 

  594.     if( ret != 0 )
    595. 

  595.     {
    596. 

  596.         mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
    597. 

  597.                         (unsigned int) -ret );
    598. 

  598.         return( ret );
    599. 

  599.     }
    600. 

  600. 

  601.     if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED )
    602. 

  602.     {
    603. 

  603.         if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED )
    604. 

  604.         {
    605. 

  605.             mbedtls_printf( "(%s) Use of Connection ID was rejected by the server.\n",
    606. 

  606.                             additional_description );
    607. 

  607.         }
    608. 

  608.     }
    609. 

  609.     else
    610. 

  610.     {
    611. 

  611.         size_t idx=0;
    612. 

  612.         mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n",
    613. 

  613.                         additional_description );
    614. 

  614. 

  615.         /* Ask for just the length of the peer's CID. */
    616. 

  616.         ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
    617. 

  617.                                         NULL, &peer_cid_len );
    618. 

  618.         if( ret != 0 )
    619. 

  619.         {
    620. 

  620.             mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
    621. 

  621.                             (unsigned int) -ret );
    622. 

  622.             return( ret );
    623. 

  623.         }
    624. 

  624. 

  625.         /* Ask for just length + value of the peer's CID. */
    626. 

  626.         ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
    627. 

  627.                                         peer_cid, &peer_cid_len );
    628. 

  628.         if( ret != 0 )
    629. 

  629.         {
    630. 

  630.             mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
    631. 

  631.                             (unsigned int) -ret );
    632. 

  632.             return( ret );
    633. 

  633.         }
    634. 

  634.         mbedtls_printf( "(%s) Peer CID (length %u Bytes): ",
    635. 

  635.                         additional_description,
    636. 

  636.                         (unsigned) peer_cid_len );
    637. 

  637.         while( idx < peer_cid_len )
    638. 

  638.         {
    639. 

  639.             mbedtls_printf( "%02x ", peer_cid[ idx ] );
    640. 

  640.             idx++;
    641. 

  641.         }
    642. 

  642.         mbedtls_printf( "\n" );
    643. 

  643.     }
    644. 

  644. 

  645.     return( 0 );
    646. 

  646. }
    647. 

  647. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    648. 

  648. 

  649. int main( int argc, char *argv[] )
    650. 

  650. {
    651. 

  651.     int ret = 0, len, tail_len, i, written, frags, retry_left;
    652. 

  652.     int query_config_ret = 0;
    653. 

  653.     mbedtls_net_context server_fd;
    654. 

  654.     io_ctx_t io_ctx;
    655. 

  655. 

  656. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
    657. 

  657.     defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    658. 

  658.     uint16_t sig_alg_list[SIG_ALG_LIST_SIZE];
    659. 

  659. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
    660. 

  660.           MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
    661. 

  661. 

  662.     unsigned char buf[MAX_REQUEST_SIZE + 1];
    663. 

  663. 

  664. #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
    665. 

  665.     unsigned char psk[MBEDTLS_PSK_MAX_LEN];
    666. 

  666.     size_t psk_len = 0;
    667. 

  667. #endif
    668. 

  668. 

  669. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    670. 

  670.     unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
    671. 

  671.     unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
    672. 

  672.     size_t cid_len = 0;
    673. 

  673.     size_t cid_renego_len = 0;
    674. 

  674. #endif
    675. 

  675. 

  676. #if defined(MBEDTLS_SSL_ALPN)
    677. 

  677.     const char *alpn_list[ALPN_LIST_SIZE];
    678. 

  678. #endif
    679. 

  679. 

  680. #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
    681. 

  681.     unsigned char alloc_buf[MEMORY_HEAP_SIZE];
    682. 

  682. #endif
    683. 

  683. 

  684. #if defined(MBEDTLS_ECP_C)
    685. 

  685.     uint16_t group_list[CURVE_LIST_SIZE];
    686. 

  686.     const mbedtls_ecp_curve_info *curve_cur;
    687. 

  687. #endif
    688. 

  688. #if defined(MBEDTLS_SSL_DTLS_SRTP)
    689. 

  689.     unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
    690. 

  690.     size_t mki_len=0;
    691. 

  691. #endif
    692. 

  692. 

  693.     const char *pers = "ssl_client2";
    694. 

  694. 

  695. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    696. 

  696.     psa_key_id_t slot = 0;
    697. 

  697.     psa_algorithm_t alg = 0;
    698. 

  698.     psa_key_attributes_t key_attributes;
    699. 

  699.     psa_status_t status;
    700. 

  700. #endif
    701. 

  701. 

  702. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    703. 

  703.     mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
    704. 

  704. #endif
    705. 

  705.     rng_context_t rng;
    706. 

  706.     mbedtls_ssl_context ssl;
    707. 

  707.     mbedtls_ssl_config conf;
    708. 

  708.     mbedtls_ssl_session saved_session;
    709. 

  709.     unsigned char *session_data = NULL;
    710. 

  710.     size_t session_data_len = 0;
    711. 

  711. #if defined(MBEDTLS_TIMING_C)
    712. 

  712.     mbedtls_timing_delay_context timer;
    713. 

  713. #endif
    714. 

  714. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    715. 

  715.     uint32_t flags;
    716. 

  716.     mbedtls_x509_crt cacert;
    717. 

  717.     mbedtls_x509_crt clicert;
    718. 

  718.     mbedtls_pk_context pkey;
    719. 

  719. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    720. 

  720.     psa_key_id_t key_slot = 0; /* invalid key slot */
    721. 

  721. #endif
    722. 

  722. #endif  /* MBEDTLS_X509_CRT_PARSE_C */
    723. 

  723.     char *p, *q;
    724. 

  724.     const int *list;
    725. 

  725. #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
    726. 

  726.     unsigned char *context_buf = NULL;
    727. 

  727.     size_t context_buf_len;
    728. 

  728. #endif
    729. 

  729.     unsigned char eap_tls_keymaterial[16];
    730. 

  730.     unsigned char eap_tls_iv[8];
    731. 

  731.     const char* eap_tls_label = "client EAP encryption";
    732. 

  732.     eap_tls_keys eap_tls_keying;
    733. 

  733. #if defined( MBEDTLS_SSL_DTLS_SRTP )
    734. 

  734.     /*! master keys and master salt for SRTP generated during handshake */
    735. 

  735.     unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
    736. 

  736.     const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
    737. 

  737.     dtls_srtp_keys dtls_srtp_keying;
    738. 

  738.     const mbedtls_ssl_srtp_profile default_profiles[] = {
    739. 

  739.         MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
    740. 

  740.         MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
    741. 

  741.         MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
    742. 

  742.         MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
    743. 

  743.         MBEDTLS_TLS_SRTP_UNSET
    744. 

  744.     };
    745. 

  745. #endif /* MBEDTLS_SSL_DTLS_SRTP */
    746. 

  746. 

  747. #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
    748. 

  748.     mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
    749. 

  749. #endif
    750. 

  750. 

  751. #if defined(MBEDTLS_TEST_HOOKS)
    752. 

  752.     test_hooks_init( );
    753. 

  753. #endif /* MBEDTLS_TEST_HOOKS */
    754. 

  754. 

  755.     /*
    756. 

  756.      * Make sure memory references are valid.
    757. 

  757.      */
    758. 

  758.     mbedtls_net_init( &server_fd );
    759. 

  759.     mbedtls_ssl_init( &ssl );
    760. 

  760.     mbedtls_ssl_config_init( &conf );
    761. 

  761.     memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
    762. 

  762.     rng_init( &rng );
    763. 

  763. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    764. 

  764.     mbedtls_x509_crt_init( &cacert );
    765. 

  765.     mbedtls_x509_crt_init( &clicert );
    766. 

  766.     mbedtls_pk_init( &pkey );
    767. 

  767. #endif
    768. 

  768. #if defined(MBEDTLS_SSL_ALPN)
    769. 

  769.     memset( (void * ) alpn_list, 0, sizeof( alpn_list ) );
    770. 

  770. #endif
    771. 

  771. 

  772. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    773. 

  773.     status = psa_crypto_init();
    774. 

  774.     if( status != PSA_SUCCESS )
    775. 

  775.     {
    776. 

  776.         mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
    777. 

  777.                          (int) status );
    778. 

  778.         ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
    779. 

  779.         goto exit;
    780. 

  780.     }
    781. 

  781. #endif  /* MBEDTLS_USE_PSA_CRYPTO */
    782. 

  782. #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
    783. 

  783.     mbedtls_test_enable_insecure_external_rng( );
    784. 

  784. #endif  /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
    785. 

  785. 

  786.     if( argc == 0 )
    787. 

  787.     {
    788. 

  788.     usage:
    789. 

  789.         if( ret == 0 )
    790. 

  790.             ret = 1;
    791. 

  791. 

  792.         mbedtls_printf( USAGE1 );
    793. 

  793.         mbedtls_printf( USAGE2 );
    794. 

  794.         mbedtls_printf( USAGE3 );
    795. 

  795.         mbedtls_printf( USAGE4 );
    796. 

  796. 

  797.         list = mbedtls_ssl_list_ciphersuites();
    798. 

  798.         while( *list )
    799. 

  799.         {
    800. 

  800.             mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) );
    801. 

  801.             list++;
    802. 

  802.             if( !*list )
    803. 

  803.                 break;
    804. 

  804.             mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) );
    805. 

  805.             list++;
    806. 

  806.         }
    807. 

  807.         mbedtls_printf("\n");
    808. 

  808.         goto exit;
    809. 

  809.     }
    810. 

  810. 

  811.     opt.server_name         = DFL_SERVER_NAME;
    812. 

  812.     opt.server_addr         = DFL_SERVER_ADDR;
    813. 

  813.     opt.server_port         = DFL_SERVER_PORT;
    814. 

  814.     opt.debug_level         = DFL_DEBUG_LEVEL;
    815. 

  815.     opt.cid_enabled         = DFL_CID_ENABLED;
    816. 

  816.     opt.cid_val             = DFL_CID_VALUE;
    817. 

  817.     opt.cid_enabled_renego  = DFL_CID_ENABLED_RENEGO;
    818. 

  818.     opt.cid_val_renego      = DFL_CID_VALUE_RENEGO;
    819. 

  819.     opt.nbio                = DFL_NBIO;
    820. 

  820.     opt.event               = DFL_EVENT;
    821. 

  821.     opt.context_crt_cb      = DFL_CONTEXT_CRT_CB;
    822. 

  822.     opt.read_timeout        = DFL_READ_TIMEOUT;
    823. 

  823.     opt.max_resend          = DFL_MAX_RESEND;
    824. 

  824.     opt.request_page        = DFL_REQUEST_PAGE;
    825. 

  825.     opt.request_size        = DFL_REQUEST_SIZE;
    826. 

  826.     opt.ca_file             = DFL_CA_FILE;
    827. 

  827.     opt.ca_path             = DFL_CA_PATH;
    828. 

  828.     opt.crt_file            = DFL_CRT_FILE;
    829. 

  829.     opt.key_file            = DFL_KEY_FILE;
    830. 

  830.     opt.key_opaque          = DFL_KEY_OPAQUE;
    831. 

  831.     opt.key_pwd             = DFL_KEY_PWD;
    832. 

  832.     opt.psk                 = DFL_PSK;
    833. 

  833. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    834. 

  834.     opt.psk_opaque          = DFL_PSK_OPAQUE;
    835. 

  835. #endif
    836. 

  836. #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
    837. 

  837.     opt.ca_callback         = DFL_CA_CALLBACK;
    838. 

  838. #endif
    839. 

  839.     opt.psk_identity        = DFL_PSK_IDENTITY;
    840. 

  840.     opt.ecjpake_pw          = DFL_ECJPAKE_PW;
    841. 

  841.     opt.ec_max_ops          = DFL_EC_MAX_OPS;
    842. 

  842.     opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
    843. 

  843. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    844. 

  844.     opt.tls13_kex_modes     = DFL_TLS13_KEX_MODES;
    845. 

  845. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    846. 

  846.     opt.renegotiation       = DFL_RENEGOTIATION;
    847. 

  847.     opt.allow_legacy        = DFL_ALLOW_LEGACY;
    848. 

  848.     opt.renegotiate         = DFL_RENEGOTIATE;
    849. 

  849.     opt.exchanges           = DFL_EXCHANGES;
    850. 

  850.     opt.min_version         = DFL_MIN_VERSION;
    851. 

  851.     opt.max_version         = DFL_MAX_VERSION;
    852. 

  852.     opt.allow_sha1          = DFL_SHA1;
    853. 

  853.     opt.auth_mode           = DFL_AUTH_MODE;
    854. 

  854.     opt.mfl_code            = DFL_MFL_CODE;
    855. 

  855.     opt.trunc_hmac          = DFL_TRUNC_HMAC;
    856. 

  856.     opt.recsplit            = DFL_RECSPLIT;
    857. 

  857.     opt.dhmlen              = DFL_DHMLEN;
    858. 

  858.     opt.reconnect           = DFL_RECONNECT;
    859. 

  859.     opt.reco_delay          = DFL_RECO_DELAY;
    860. 

  860.     opt.reco_mode           = DFL_RECO_MODE;
    861. 

  861.     opt.reconnect_hard      = DFL_RECONNECT_HARD;
    862. 

  862.     opt.tickets             = DFL_TICKETS;
    863. 

  863.     opt.alpn_string         = DFL_ALPN_STRING;
    864. 

  864.     opt.curves              = DFL_CURVES;
    865. 

  865.     opt.sig_algs            = DFL_SIG_ALGS;
    866. 

  866.     opt.transport           = DFL_TRANSPORT;
    867. 

  867.     opt.hs_to_min           = DFL_HS_TO_MIN;
    868. 

  868.     opt.hs_to_max           = DFL_HS_TO_MAX;
    869. 

  869.     opt.dtls_mtu            = DFL_DTLS_MTU;
    870. 

  870.     opt.fallback            = DFL_FALLBACK;
    871. 

  871.     opt.extended_ms         = DFL_EXTENDED_MS;
    872. 

  872.     opt.etm                 = DFL_ETM;
    873. 

  873.     opt.dgram_packing       = DFL_DGRAM_PACKING;
    874. 

  874.     opt.serialize           = DFL_SERIALIZE;
    875. 

  875.     opt.context_file        = DFL_CONTEXT_FILE;
    876. 

  876.     opt.eap_tls             = DFL_EAP_TLS;
    877. 

  877.     opt.reproducible        = DFL_REPRODUCIBLE;
    878. 

  878.     opt.nss_keylog          = DFL_NSS_KEYLOG;
    879. 

  879.     opt.nss_keylog_file     = DFL_NSS_KEYLOG_FILE;
    880. 

  880.     opt.skip_close_notify   = DFL_SKIP_CLOSE_NOTIFY;
    881. 

  881.     opt.query_config_mode   = DFL_QUERY_CONFIG_MODE;
    882. 

  882.     opt.use_srtp            = DFL_USE_SRTP;
    883. 

  883.     opt.force_srtp_profile  = DFL_SRTP_FORCE_PROFILE;
    884. 

  884.     opt.mki                 = DFL_SRTP_MKI;
    885. 

  885. 

  886.     for( i = 1; i < argc; i++ )
    887. 

  887.     {
    888. 

  888.         p = argv[i];
    889. 

  889.         if( ( q = strchr( p, '=' ) ) == NULL )
    890. 

  890.             goto usage;
    891. 

  891.         *q++ = '\0';
    892. 

  892. 

  893.         if( strcmp( p, "server_name" ) == 0 )
    894. 

  894.             opt.server_name = q;
    895. 

  895.         else if( strcmp( p, "server_addr" ) == 0 )
    896. 

  896.             opt.server_addr = q;
    897. 

  897.         else if( strcmp( p, "server_port" ) == 0 )
    898. 

  898.             opt.server_port = q;
    899. 

  899.         else if( strcmp( p, "dtls" ) == 0 )
    900. 

  900.         {
    901. 

  901.             int t = atoi( q );
    902. 

  902.             if( t == 0 )
    903. 

  903.                 opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM;
    904. 

  904.             else if( t == 1 )
    905. 

  905.                 opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
    906. 

  906.             else
    907. 

  907.                 goto usage;
    908. 

  908.         }
    909. 

  909.         else if( strcmp( p, "debug_level" ) == 0 )
    910. 

  910.         {
    911. 

  911.             opt.debug_level = atoi( q );
    912. 

  912.             if( opt.debug_level < 0 || opt.debug_level > 65535 )
    913. 

  913.                 goto usage;
    914. 

  914.         }
    915. 

  915.         else if( strcmp( p, "context_crt_cb" ) == 0 )
    916. 

  916.         {
    917. 

  917.             opt.context_crt_cb = atoi( q );
    918. 

  918.             if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 )
    919. 

  919.                 goto usage;
    920. 

  920.         }
    921. 

  921.         else if( strcmp( p, "nbio" ) == 0 )
    922. 

  922.         {
    923. 

  923.             opt.nbio = atoi( q );
    924. 

  924.             if( opt.nbio < 0 || opt.nbio > 2 )
    925. 

  925.                 goto usage;
    926. 

  926.         }
    927. 

  927.         else if( strcmp( p, "event" ) == 0 )
    928. 

  928.         {
    929. 

  929.             opt.event = atoi( q );
    930. 

  930.             if( opt.event < 0 || opt.event > 2 )
    931. 

  931.                 goto usage;
    932. 

  932.         }
    933. 

  933.         else if( strcmp( p, "read_timeout" ) == 0 )
    934. 

  934.             opt.read_timeout = atoi( q );
    935. 

  935.         else if( strcmp( p, "max_resend" ) == 0 )
    936. 

  936.         {
    937. 

  937.             opt.max_resend = atoi( q );
    938. 

  938.             if( opt.max_resend < 0 )
    939. 

  939.                 goto usage;
    940. 

  940.         }
    941. 

  941.         else if( strcmp( p, "request_page" ) == 0 )
    942. 

  942.             opt.request_page = q;
    943. 

  943.         else if( strcmp( p, "request_size" ) == 0 )
    944. 

  944.         {
    945. 

  945.             opt.request_size = atoi( q );
    946. 

  946.             if( opt.request_size < 0 ||
    947. 

  947.                 opt.request_size > MAX_REQUEST_SIZE )
    948. 

  948.                 goto usage;
    949. 

  949.         }
    950. 

  950.         else if( strcmp( p, "ca_file" ) == 0 )
    951. 

  951.             opt.ca_file = q;
    952. 

  952.         else if( strcmp( p, "ca_path" ) == 0 )
    953. 

  953.             opt.ca_path = q;
    954. 

  954.         else if( strcmp( p, "crt_file" ) == 0 )
    955. 

  955.             opt.crt_file = q;
    956. 

  956.         else if( strcmp( p, "key_file" ) == 0 )
    957. 

  957.             opt.key_file = q;
    958. 

  958.         else if( strcmp( p, "key_pwd" ) == 0 )
    959. 

  959.             opt.key_pwd = q;
    960. 

  960. #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
    961. 

  961.         else if( strcmp( p, "key_opaque" ) == 0 )
    962. 

  962.             opt.key_opaque = atoi( q );
    963. 

  963. #endif
    964. 

  964. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    965. 

  965.         else if( strcmp( p, "cid" ) == 0 )
    966. 

  966.         {
    967. 

  967.             opt.cid_enabled = atoi( q );
    968. 

  968.             if( opt.cid_enabled != 0 && opt.cid_enabled != 1 )
    969. 

  969.                 goto usage;
    970. 

  970.         }
    971. 

  971.         else if( strcmp( p, "cid_renego" ) == 0 )
    972. 

  972.         {
    973. 

  973.             opt.cid_enabled_renego = atoi( q );
    974. 

  974.             if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 )
    975. 

  975.                 goto usage;
    976. 

  976.         }
    977. 

  977.         else if( strcmp( p, "cid_val" ) == 0 )
    978. 

  978.         {
    979. 

  979.             opt.cid_val = q;
    980. 

  980.         }
    981. 

  981.         else if( strcmp( p, "cid_val_renego" ) == 0 )
    982. 

  982.         {
    983. 

  983.             opt.cid_val_renego = q;
    984. 

  984.         }
    985. 

  985. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    986. 

  986.         else if( strcmp( p, "psk" ) == 0 )
    987. 

  987.             opt.psk = q;
    988. 

  988. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    989. 

  989.         else if( strcmp( p, "psk_opaque" ) == 0 )
    990. 

  990.             opt.psk_opaque = atoi( q );
    991. 

  991. #endif
    992. 

  992. #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
    993. 

  993.         else if( strcmp( p, "ca_callback" ) == 0)
    994. 

  994.             opt.ca_callback = atoi( q );
    995. 

  995. #endif
    996. 

  996.         else if( strcmp( p, "psk_identity" ) == 0 )
    997. 

  997.             opt.psk_identity = q;
    998. 

  998.         else if( strcmp( p, "ecjpake_pw" ) == 0 )
    999. 

  999.             opt.ecjpake_pw = q;
    1000. 

  1000.         else if( strcmp( p, "ec_max_ops" ) == 0 )
    1001. 

  1001.             opt.ec_max_ops = atoi( q );
    1002. 

  1002.         else if( strcmp( p, "force_ciphersuite" ) == 0 )
    1003. 

  1003.         {
    1004. 

  1004.             opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q );
    1005. 

  1005. 

  1006.             if( opt.force_ciphersuite[0] == 0 )
    1007. 

  1007.             {
    1008. 

  1008.                 ret = 2;
    1009. 

  1009.                 goto usage;
    1010. 

  1010.             }
    1011. 

  1011.             opt.force_ciphersuite[1] = 0;
    1012. 

  1012.         }
    1013. 

  1013.         else if( strcmp( p, "renegotiation" ) == 0 )
    1014. 

  1014.         {
    1015. 

  1015.             opt.renegotiation = (atoi( q )) ?
    1016. 

  1016.                 MBEDTLS_SSL_RENEGOTIATION_ENABLED :
    1017. 

  1017.                 MBEDTLS_SSL_RENEGOTIATION_DISABLED;
    1018. 

  1018.         }
    1019. 

  1019.         else if( strcmp( p, "allow_legacy" ) == 0 )
    1020. 

  1020.         {
    1021. 

  1021.             switch( atoi( q ) )
    1022. 

  1022.             {
    1023. 

  1023.                 case -1:
    1024. 

  1024.                     opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE;
    1025. 

  1025.                     break;
    1026. 

  1026.                 case 0:
    1027. 

  1027.                     opt.allow_legacy = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION;
    1028. 

  1028.                     break;
    1029. 

  1029.                 case 1:
    1030. 

  1030.                     opt.allow_legacy = MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION;
    1031. 

  1031.                     break;
    1032. 

  1032.                 default: goto usage;
    1033. 

  1033.             }
    1034. 

  1034.         }
    1035. 

  1035.         else if( strcmp( p, "renegotiate" ) == 0 )
    1036. 

  1036.         {
    1037. 

  1037.             opt.renegotiate = atoi( q );
    1038. 

  1038.             if( opt.renegotiate < 0 || opt.renegotiate > 1 )
    1039. 

  1039.                 goto usage;
    1040. 

  1040.         }
    1041. 

  1041.         else if( strcmp( p, "exchanges" ) == 0 )
    1042. 

  1042.         {
    1043. 

  1043.             opt.exchanges = atoi( q );
    1044. 

  1044.             if( opt.exchanges < 1 )
    1045. 

  1045.                 goto usage;
    1046. 

  1046.         }
    1047. 

  1047.         else if( strcmp( p, "reconnect" ) == 0 )
    1048. 

  1048.         {
    1049. 

  1049.             opt.reconnect = atoi( q );
    1050. 

  1050.             if( opt.reconnect < 0 || opt.reconnect > 2 )
    1051. 

  1051.                 goto usage;
    1052. 

  1052.         }
    1053. 

  1053.         else if( strcmp( p, "reco_delay" ) == 0 )
    1054. 

  1054.         {
    1055. 

  1055.             opt.reco_delay = atoi( q );
    1056. 

  1056.             if( opt.reco_delay < 0 )
    1057. 

  1057.                 goto usage;
    1058. 

  1058.         }
    1059. 

  1059.         else if( strcmp( p, "reco_mode" ) == 0 )
    1060. 

  1060.         {
    1061. 

  1061.             opt.reco_mode = atoi( q );
    1062. 

  1062.             if( opt.reco_mode < 0 )
    1063. 

  1063.                 goto usage;
    1064. 

  1064.         }
    1065. 

  1065.         else if( strcmp( p, "reconnect_hard" ) == 0 )
    1066. 

  1066.         {
    1067. 

  1067.             opt.reconnect_hard = atoi( q );
    1068. 

  1068.             if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 )
    1069. 

  1069.                 goto usage;
    1070. 

  1070.         }
    1071. 

  1071.         else if( strcmp( p, "tickets" ) == 0 )
    1072. 

  1072.         {
    1073. 

  1073.             opt.tickets = atoi( q );
    1074. 

  1074.             if( opt.tickets < 0 || opt.tickets > 2 )
    1075. 

  1075.                 goto usage;
    1076. 

  1076.         }
    1077. 

  1077.         else if( strcmp( p, "alpn" ) == 0 )
    1078. 

  1078.         {
    1079. 

  1079.             opt.alpn_string = q;
    1080. 

  1080.         }
    1081. 

  1081.         else if( strcmp( p, "extended_ms" ) == 0 )
    1082. 

  1082.         {
    1083. 

  1083.             switch( atoi( q ) )
    1084. 

  1084.             {
    1085. 

  1085.                 case 0:
    1086. 

  1086.                     opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED;
    1087. 

  1087.                     break;
    1088. 

  1088.                 case 1:
    1089. 

  1089.                     opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
    1090. 

  1090.                     break;
    1091. 

  1091.                 default: goto usage;
    1092. 

  1092.             }
    1093. 

  1093.         }
    1094. 

  1094.         else if( strcmp( p, "curves" ) == 0 )
    1095. 

  1095.             opt.curves = q;
    1096. 

  1096. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
    1097. 

  1097.     defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    1098. 

  1098.         else if( strcmp( p, "sig_algs" ) == 0 )
    1099. 

  1099.             opt.sig_algs = q;
    1100. 

  1100. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
    1101. 

  1101.           MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
    1102. 

  1102.         else if( strcmp( p, "etm" ) == 0 )
    1103. 

  1103.         {
    1104. 

  1104.             switch( atoi( q ) )
    1105. 

  1105.             {
    1106. 

  1106.                 case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break;
    1107. 

  1107.                 case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break;
    1108. 

  1108.                 default: goto usage;
    1109. 

  1109.             }
    1110. 

  1110.         }
    1111. 

  1111. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1112. 

  1112.         else if( strcmp( p, "tls13_kex_modes" ) == 0 )
    1113. 

  1113.         {
    1114. 

  1114.             if( strcmp( q, "psk" ) == 0 )
    1115. 

  1115.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK;
    1116. 

  1116.             else if( strcmp(q, "psk_ephemeral" ) == 0 )
    1117. 

  1117.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
    1118. 

  1118.             else if( strcmp(q, "ephemeral" ) == 0 )
    1119. 

  1119.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL;
    1120. 

  1120.             else if( strcmp(q, "ephemeral_all" ) == 0 )
    1121. 

  1121.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL;
    1122. 

  1122.             else if( strcmp( q, "psk_all" ) == 0 )
    1123. 

  1123.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL;
    1124. 

  1124.             else if( strcmp( q, "all" ) == 0 )
    1125. 

  1125.                 opt.tls13_kex_modes = MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_ALL;
    1126. 

  1126.             else goto usage;
    1127. 

  1127.         }
    1128. 

  1128. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1129. 

  1129.         else if( strcmp( p, "min_version" ) == 0 )
    1130. 

  1130.         {
    1131. 

  1131.             if( strcmp( q, "tls1_2" ) == 0 ||
    1132. 

  1132.                      strcmp( q, "dtls1_2" ) == 0 )
    1133. 

  1133.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1134. 

  1134. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1135. 

  1135.             else if( strcmp( q, "tls1_3" ) == 0 )
    1136. 

  1136.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
    1137. 

  1137. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1138. 

  1138.             else
    1139. 

  1139.                 goto usage;
    1140. 

  1140.         }
    1141. 

  1141.         else if( strcmp( p, "max_version" ) == 0 )
    1142. 

  1142.         {
    1143. 

  1143.             if( strcmp( q, "tls1_2" ) == 0 ||
    1144. 

  1144.                      strcmp( q, "dtls1_2" ) == 0 )
    1145. 

  1145.                 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1146. 

  1146. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1147. 

  1147.             else if( strcmp( q, "tls1_3" ) == 0 )
    1148. 

  1148.                 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
    1149. 

  1149. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1150. 

  1150.             else
    1151. 

  1151.                 goto usage;
    1152. 

  1152.         }
    1153. 

  1153.         else if( strcmp( p, "allow_sha1" ) == 0 )
    1154. 

  1154.         {
    1155. 

  1155.             switch( atoi( q ) )
    1156. 

  1156.             {
    1157. 

  1157.                 case 0:     opt.allow_sha1 = 0;   break;
    1158. 

  1158.                 case 1:     opt.allow_sha1 = 1;    break;
    1159. 

  1159.                 default:    goto usage;
    1160. 

  1160.             }
    1161. 

  1161.         }
    1162. 

  1162.         else if( strcmp( p, "force_version" ) == 0 )
    1163. 

  1163.         {
    1164. 

  1164.             if( strcmp( q, "tls1_2" ) == 0 )
    1165. 

  1165.             {
    1166. 

  1166.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1167. 

  1167.                 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1168. 

  1168.             }
    1169. 

  1169.             else if( strcmp( q, "dtls1_2" ) == 0 )
    1170. 

  1170.             {
    1171. 

  1171.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1172. 

  1172.                 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1173. 

  1173.                 opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
    1174. 

  1174.             }
    1175. 

  1175. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1176. 

  1176.             else if( strcmp( q, "tls1_3" ) == 0 )
    1177. 

  1177.             {
    1178. 

  1178.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
    1179. 

  1179.                 opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
    1180. 

  1180.             }
    1181. 

  1181. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1182. 

  1182.             else
    1183. 

  1183.                 goto usage;
    1184. 

  1184.         }
    1185. 

  1185.         else if( strcmp( p, "auth_mode" ) == 0 )
    1186. 

  1186.         {
    1187. 

  1187.             if( strcmp( q, "none" ) == 0 )
    1188. 

  1188.                 opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE;
    1189. 

  1189.             else if( strcmp( q, "optional" ) == 0 )
    1190. 

  1190.                 opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
    1191. 

  1191.             else if( strcmp( q, "required" ) == 0 )
    1192. 

  1192.                 opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
    1193. 

  1193.             else
    1194. 

  1194.                 goto usage;
    1195. 

  1195.         }
    1196. 

  1196.         else if( strcmp( p, "max_frag_len" ) == 0 )
    1197. 

  1197.         {
    1198. 

  1198.             if( strcmp( q, "512" ) == 0 )
    1199. 

  1199.                 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512;
    1200. 

  1200.             else if( strcmp( q, "1024" ) == 0 )
    1201. 

  1201.                 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024;
    1202. 

  1202.             else if( strcmp( q, "2048" ) == 0 )
    1203. 

  1203.                 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048;
    1204. 

  1204.             else if( strcmp( q, "4096" ) == 0 )
    1205. 

  1205.                 opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096;
    1206. 

  1206.             else
    1207. 

  1207.                 goto usage;
    1208. 

  1208.         }
    1209. 

  1209.         else if( strcmp( p, "trunc_hmac" ) == 0 )
    1210. 

  1210.         {
    1211. 

  1211.             switch( atoi( q ) )
    1212. 

  1212.             {
    1213. 

  1213.                 case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break;
    1214. 

  1214.                 case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break;
    1215. 

  1215.                 default: goto usage;
    1216. 

  1216.             }
    1217. 

  1217.         }
    1218. 

  1218.         else if( strcmp( p, "hs_timeout" ) == 0 )
    1219. 

  1219.         {
    1220. 

  1220.             if( ( p = strchr( q, '-' ) ) == NULL )
    1221. 

  1221.                 goto usage;
    1222. 

  1222.             *p++ = '\0';
    1223. 

  1223.             opt.hs_to_min = atoi( q );
    1224. 

  1224.             opt.hs_to_max = atoi( p );
    1225. 

  1225.             if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min )
    1226. 

  1226.                 goto usage;
    1227. 

  1227.         }
    1228. 

  1228.         else if( strcmp( p, "mtu" ) == 0 )
    1229. 

  1229.         {
    1230. 

  1230.             opt.dtls_mtu = atoi( q );
    1231. 

  1231.             if( opt.dtls_mtu < 0 )
    1232. 

  1232.                 goto usage;
    1233. 

  1233.         }
    1234. 

  1234.         else if( strcmp( p, "dgram_packing" ) == 0 )
    1235. 

  1235.         {
    1236. 

  1236.             opt.dgram_packing = atoi( q );
    1237. 

  1237.             if( opt.dgram_packing != 0 &&
    1238. 

  1238.                 opt.dgram_packing != 1 )
    1239. 

  1239.             {
    1240. 

  1240.                 goto usage;
    1241. 

  1241.             }
    1242. 

  1242.         }
    1243. 

  1243.         else if( strcmp( p, "recsplit" ) == 0 )
    1244. 

  1244.         {
    1245. 

  1245.             opt.recsplit = atoi( q );
    1246. 

  1246.             if( opt.recsplit < 0 || opt.recsplit > 1 )
    1247. 

  1247.                 goto usage;
    1248. 

  1248.         }
    1249. 

  1249.         else if( strcmp( p, "dhmlen" ) == 0 )
    1250. 

  1250.         {
    1251. 

  1251.             opt.dhmlen = atoi( q );
    1252. 

  1252.             if( opt.dhmlen < 0 )
    1253. 

  1253.                 goto usage;
    1254. 

  1254.         }
    1255. 

  1255.         else if( strcmp( p, "query_config" ) == 0 )
    1256. 

  1256.         {
    1257. 

  1257.             opt.query_config_mode = 1;
    1258. 

  1258.             query_config_ret = query_config( q );
    1259. 

  1259.             goto exit;
    1260. 

  1260.         }
    1261. 

  1261.         else if( strcmp( p, "serialize") == 0 )
    1262. 

  1262.         {
    1263. 

  1263.             opt.serialize = atoi( q );
    1264. 

  1264.             if( opt.serialize < 0 || opt.serialize > 2)
    1265. 

  1265.                 goto usage;
    1266. 

  1266.         }
    1267. 

  1267.         else if( strcmp( p, "context_file") == 0 )
    1268. 

  1268.         {
    1269. 

  1269.             opt.context_file = q;
    1270. 

  1270.         }
    1271. 

  1271.         else if( strcmp( p, "eap_tls" ) == 0 )
    1272. 

  1272.         {
    1273. 

  1273.             opt.eap_tls = atoi( q );
    1274. 

  1274.             if( opt.eap_tls < 0 || opt.eap_tls > 1 )
    1275. 

  1275.                 goto usage;
    1276. 

  1276.         }
    1277. 

  1277.         else if( strcmp( p, "reproducible" ) == 0 )
    1278. 

  1278.         {
    1279. 

  1279.             opt.reproducible = 1;
    1280. 

  1280.         }
    1281. 

  1281.         else if( strcmp( p, "nss_keylog" ) == 0 )
    1282. 

  1282.         {
    1283. 

  1283.             opt.nss_keylog = atoi( q );
    1284. 

  1284.             if( opt.nss_keylog < 0 || opt.nss_keylog > 1 )
    1285. 

  1285.                 goto usage;
    1286. 

  1286.         }
    1287. 

  1287.         else if( strcmp( p, "nss_keylog_file" ) == 0 )
    1288. 

  1288.         {
    1289. 

  1289.             opt.nss_keylog_file = q;
    1290. 

  1290.         }
    1291. 

  1291.         else if( strcmp( p, "skip_close_notify" ) == 0 )
    1292. 

  1292.         {
    1293. 

  1293.             opt.skip_close_notify = atoi( q );
    1294. 

  1294.             if( opt.skip_close_notify < 0 || opt.skip_close_notify > 1 )
    1295. 

  1295.                 goto usage;
    1296. 

  1296.         }
    1297. 

  1297.         else if( strcmp( p, "use_srtp" ) == 0 )
    1298. 

  1298.         {
    1299. 

  1299.             opt.use_srtp = atoi ( q );
    1300. 

  1300.         }
    1301. 

  1301.         else if( strcmp( p, "srtp_force_profile" ) == 0 )
    1302. 

  1302.         {
    1303. 

  1303.             opt.force_srtp_profile = atoi( q );
    1304. 

  1304.         }
    1305. 

  1305.         else if( strcmp( p, "mki" ) == 0 )
    1306. 

  1306.         {
    1307. 

  1307.             opt.mki = q;
    1308. 

  1308.         }
    1309. 

  1309.         else
    1310. 

  1310.             goto usage;
    1311. 

  1311.     }
    1312. 

  1312. 

  1313.     if( opt.nss_keylog != 0 && opt.eap_tls != 0 )
    1314. 

  1314.     {
    1315. 

  1315.         mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" );
    1316. 

  1316.         goto usage;
    1317. 

  1317.     }
    1318. 

  1318. 

  1319.     /* Event-driven IO is incompatible with the above custom
    1320. 

  1320.      * receive and send functions, as the polling builds on
    1321. 

  1321.      * refers to the underlying net_context. */
    1322. 

  1322.     if( opt.event == 1 && opt.nbio != 1 )
    1323. 

  1323.     {
    1324. 

  1324.         mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" );
    1325. 

  1325.         opt.nbio = 1;
    1326. 

  1326.     }
    1327. 

  1327. 

  1328. #if defined(MBEDTLS_DEBUG_C)
    1329. 

  1329.     mbedtls_debug_set_threshold( opt.debug_level );
    1330. 

  1330. #endif
    1331. 

  1331. 

  1332. #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
    1333. 

  1333.     /*
    1334. 

  1334.      * Unhexify the pre-shared key if any is given
    1335. 

  1335.      */
    1336. 

  1336.     if( strlen( opt.psk ) )
    1337. 

  1337.     {
    1338. 

  1338.         if( mbedtls_test_unhexify( psk, sizeof( psk ),
    1339. 

  1339.                                    opt.psk, &psk_len ) != 0 )
    1340. 

  1340.         {
    1341. 

  1341.             mbedtls_printf( "pre-shared key not valid\n" );
    1342. 

  1342.             goto exit;
    1343. 

  1343.         }
    1344. 

  1344.     }
    1345. 

  1345. #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
    1346. 

  1346. 

  1347. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    1348. 

  1348.     if( opt.psk_opaque != 0 )
    1349. 

  1349.     {
    1350. 

  1350.         if( opt.psk == NULL )
    1351. 

  1351.         {
    1352. 

  1352.             mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
    1353. 

  1353.             ret = 2;
    1354. 

  1354.             goto usage;
    1355. 

  1355.         }
    1356. 

  1356. 

  1357.         if( opt.force_ciphersuite[0] <= 0 )
    1358. 

  1358.         {
    1359. 

  1359.             mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
    1360. 

  1360.             ret = 2;
    1361. 

  1361.             goto usage;
    1362. 

  1362.         }
    1363. 

  1363.     }
    1364. 

  1364. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    1365. 

  1365. 

  1366.     if( opt.force_ciphersuite[0] > 0 )
    1367. 

  1367.     {
    1368. 

  1368.         const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
    1369. 

  1369.         ciphersuite_info =
    1370. 

  1370.             mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
    1371. 

  1371. 

  1372.         if( opt.max_version != -1 &&
    1373. 

  1373.             ciphersuite_info->min_minor_ver > opt.max_version )
    1374. 

  1374.         {
    1375. 

  1375.             mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
    1376. 

  1376.             ret = 2;
    1377. 

  1377.             goto usage;
    1378. 

  1378.         }
    1379. 

  1379.         if( opt.min_version != -1 &&
    1380. 

  1380.             ciphersuite_info->max_minor_ver < opt.min_version )
    1381. 

  1381.         {
    1382. 

  1382.             mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
    1383. 

  1383.             ret = 2;
    1384. 

  1384.             goto usage;
    1385. 

  1385.         }
    1386. 

  1386. 

  1387.         /* If the server selects a version that's not supported by
    1388. 

  1388.          * this suite, then there will be no common ciphersuite... */
    1389. 

  1389.         if( opt.max_version == -1 ||
    1390. 

  1390.             opt.max_version > ciphersuite_info->max_minor_ver )
    1391. 

  1391.         {
    1392. 

  1392.             opt.max_version = ciphersuite_info->max_minor_ver;
    1393. 

  1393.         }
    1394. 

  1394.         if( opt.min_version < ciphersuite_info->min_minor_ver )
    1395. 

  1395.         {
    1396. 

  1396.             opt.min_version = ciphersuite_info->min_minor_ver;
    1397. 

  1397.             /* DTLS starts with TLS 1.2 */
    1398. 

  1398.             if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
    1399. 

  1399.                 opt.min_version < MBEDTLS_SSL_MINOR_VERSION_3 )
    1400. 

  1400.                 opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
    1401. 

  1401.         }
    1402. 

  1402. 

  1403. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    1404. 

  1404.         if( opt.psk_opaque != 0 )
    1405. 

  1405.         {
    1406. 

  1406.             /* Ensure that the chosen ciphersuite is PSK-only; we must know
    1407. 

  1407.              * the ciphersuite in advance to set the correct policy for the
    1408. 

  1408.              * PSK key slot. This limitation might go away in the future. */
    1409. 

  1409.             if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
    1410. 

  1410.                 opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
    1411. 

  1411.             {
    1412. 

  1412.                 mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
    1413. 

  1413.                 ret = 2;
    1414. 

  1414.                 goto usage;
    1415. 

  1415.             }
    1416. 

  1416. 

  1417.             /* Determine KDF algorithm the opaque PSK will be used in. */
    1418. 

  1418. #if defined(MBEDTLS_SHA384_C)
    1419. 

  1419.             if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
    1420. 

  1420.                 alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
    1421. 

  1421.             else
    1422. 

  1422. #endif /* MBEDTLS_SHA384_C */
    1423. 

  1423.                 alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
    1424. 

  1424.         }
    1425. 

  1425. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    1426. 

  1426.     }
    1427. 

  1427. 

  1428. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    1429. 

  1429.     if( mbedtls_test_unhexify( cid, sizeof( cid ),
    1430. 

  1430.                                opt.cid_val, &cid_len ) != 0 )
    1431. 

  1431.     {
    1432. 

  1432.         mbedtls_printf( "CID not valid\n" );
    1433. 

  1433.         goto exit;
    1434. 

  1434.     }
    1435. 

  1435. 

  1436.     /* Keep CID settings for renegotiation unless
    1437. 

  1437.      * specified otherwise. */
    1438. 

  1438.     if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO )
    1439. 

  1439.         opt.cid_enabled_renego = opt.cid_enabled;
    1440. 

  1440.     if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
    1441. 

  1441.         opt.cid_val_renego = opt.cid_val;
    1442. 

  1442. 

  1443.     if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
    1444. 

  1444.                                opt.cid_val_renego, &cid_renego_len ) != 0 )
    1445. 

  1445.     {
    1446. 

  1446.         mbedtls_printf( "CID not valid\n" );
    1447. 

  1447.         goto exit;
    1448. 

  1448.     }
    1449. 

  1449. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    1450. 

  1450. 

  1451. #if defined(MBEDTLS_ECP_C)
    1452. 

  1452.     if( opt.curves != NULL )
    1453. 

  1453.     {
    1454. 

  1454.         p = (char *) opt.curves;
    1455. 

  1455.         i = 0;
    1456. 

  1456. 

  1457.         if( strcmp( p, "none" ) == 0 )
    1458. 

  1458.         {
    1459. 

  1459.             group_list[0] = 0;
    1460. 

  1460.         }
    1461. 

  1461.         else if( strcmp( p, "default" ) != 0 )
    1462. 

  1462.         {
    1463. 

  1463.             /* Leave room for a final NULL in curve list */
    1464. 

  1464.             while( i < CURVE_LIST_SIZE - 1 && *p != '\0' )
    1465. 

  1465.             {
    1466. 

  1466.                 q = p;
    1467. 

  1467. 

  1468.                 /* Terminate the current string */
    1469. 

  1469.                 while( *p != ',' && *p != '\0' )
    1470. 

  1470.                     p++;
    1471. 

  1471.                 if( *p == ',' )
    1472. 

  1472.                     *p++ = '\0';
    1473. 

  1473. 

  1474.                 if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL )
    1475. 

  1475.                 {
    1476. 

  1476.                     group_list[i++] = curve_cur->tls_id;
    1477. 

  1477.                 }
    1478. 

  1478.                 else
    1479. 

  1479.                 {
    1480. 

  1480.                     mbedtls_printf( "unknown curve %s\n", q );
    1481. 

  1481.                     mbedtls_printf( "supported curves: " );
    1482. 

  1482.                     for( curve_cur = mbedtls_ecp_curve_list();
    1483. 

  1483.                          curve_cur->grp_id != MBEDTLS_ECP_DP_NONE;
    1484. 

  1484.                          curve_cur++ )
    1485. 

  1485.                     {
    1486. 

  1486.                         mbedtls_printf( "%s ", curve_cur->name );
    1487. 

  1487.                     }
    1488. 

  1488.                     mbedtls_printf( "\n" );
    1489. 

  1489.                     goto exit;
    1490. 

  1490.                 }
    1491. 

  1491.             }
    1492. 

  1492. 

  1493.             mbedtls_printf("Number of curves: %d\n", i );
    1494. 

  1494. 

  1495.             if( i == CURVE_LIST_SIZE - 1 && *p != '\0' )
    1496. 

  1496.             {
    1497. 

  1497.                 mbedtls_printf( "curves list too long, maximum %d",
    1498. 

  1498.                                 CURVE_LIST_SIZE - 1 );
    1499. 

  1499.                 goto exit;
    1500. 

  1500.             }
    1501. 

  1501. 

  1502.             group_list[i] = 0;
    1503. 

  1503.         }
    1504. 

  1504.     }
    1505. 

  1505. #endif /* MBEDTLS_ECP_C */
    1506. 

  1506. 

  1507. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) && \
    1508. 

  1508.     defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    1509. 

  1509.     if( opt.sig_algs != NULL )
    1510. 

  1510.     {
    1511. 

  1511.         p = (char *) opt.sig_algs;
    1512. 

  1512.         i = 0;
    1513. 

  1513. 

  1514.         /* Leave room for a final MBEDTLS_TLS13_SIG_NONE in signature algorithm list (sig_alg_list). */
    1515. 

  1515.         while( i < SIG_ALG_LIST_SIZE - 1 && *p != '\0' )
    1516. 

  1516.         {
    1517. 

  1517.             q = p;
    1518. 

  1518. 

  1519.             /* Terminate the current string */
    1520. 

  1520.             while( *p != ',' && *p != '\0' )
    1521. 

  1521.                 p++;
    1522. 

  1522.             if( *p == ',' )
    1523. 

  1523.                 *p++ = '\0';
    1524. 

  1524. 

  1525.             if( strcmp( q, "ecdsa_secp256r1_sha256" ) == 0 )
    1526. 

  1526.             {
    1527. 

  1527.                 sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP256R1_SHA256;
    1528. 

  1528.             }
    1529. 

  1529.             else if( strcmp( q, "ecdsa_secp384r1_sha384" ) == 0 )
    1530. 

  1530.             {
    1531. 

  1531.                 sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP384R1_SHA384;
    1532. 

  1532.             }
    1533. 

  1533.             else if( strcmp( q, "ecdsa_secp521r1_sha512" ) == 0 )
    1534. 

  1534.             {
    1535. 

  1535.                 sig_alg_list[i++] = MBEDTLS_TLS13_SIG_ECDSA_SECP521R1_SHA512;
    1536. 

  1536.             }
    1537. 

  1537.             else if( strcmp( q, "rsa_pss_rsae_sha256" ) == 0 )
    1538. 

  1538.             {
    1539. 

  1539.                 sig_alg_list[i++] = MBEDTLS_TLS13_SIG_RSA_PSS_RSAE_SHA256;
    1540. 

  1540.             }
    1541. 

  1541.             else if( strcmp( q, "rsa_pkcs1_sha256" ) == 0 )
    1542. 

  1542.             {
    1543. 

  1543.                 sig_alg_list[i++] = MBEDTLS_TLS13_SIG_RSA_PKCS1_SHA256;
    1544. 

  1544.             }
    1545. 

  1545.             else
    1546. 

  1546.             {
    1547. 

  1547.                 mbedtls_printf( "unknown signature algorithm %s\n", q );
    1548. 

  1548.                 mbedtls_printf( "supported signature algorithms: " );
    1549. 

  1549.                 mbedtls_printf( "ecdsa_secp256r1_sha256 " );
    1550. 

  1550.                 mbedtls_printf( "ecdsa_secp384r1_sha384 " );
    1551. 

  1551.                 mbedtls_printf( "ecdsa_secp521r1_sha512 " );
    1552. 

  1552.                 mbedtls_printf( "rsa_pss_rsae_sha256 " );
    1553. 

  1553.                 mbedtls_printf( "rsa_pkcs1_sha256 " );
    1554. 

  1554.                 mbedtls_printf( "\n" );
    1555. 

  1555.                 goto exit;
    1556. 

  1556.             }
    1557. 

  1557.         }
    1558. 

  1558. 

  1559.         if( i == ( SIG_ALG_LIST_SIZE - 1 ) && *p != '\0' )
    1560. 

  1560.         {
    1561. 

  1561.             mbedtls_printf( "signature algorithm list too long, maximum %d",
    1562. 

  1562.                             SIG_ALG_LIST_SIZE - 1 );
    1563. 

  1563.             goto exit;
    1564. 

  1564.         }
    1565. 

  1565. 

  1566.         sig_alg_list[i] = MBEDTLS_TLS13_SIG_NONE;
    1567. 

  1567.     }
    1568. 

  1568. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL &&
    1569. 

  1569.           MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
    1570. 

  1570. 

  1571. #if defined(MBEDTLS_SSL_ALPN)
    1572. 

  1572.     if( opt.alpn_string != NULL )
    1573. 

  1573.     {
    1574. 

  1574.         p = (char *) opt.alpn_string;
    1575. 

  1575.         i = 0;
    1576. 

  1576. 

  1577.         /* Leave room for a final NULL in alpn_list */
    1578. 

  1578.         while( i < ALPN_LIST_SIZE - 1 && *p != '\0' )
    1579. 

  1579.         {
    1580. 

  1580.             alpn_list[i++] = p;
    1581. 

  1581. 

  1582.             /* Terminate the current string and move on to next one */
    1583. 

  1583.             while( *p != ',' && *p != '\0' )
    1584. 

  1584.                 p++;
    1585. 

  1585.             if( *p == ',' )
    1586. 

  1586.                 *p++ = '\0';
    1587. 

  1587.         }
    1588. 

  1588.     }
    1589. 

  1589. #endif /* MBEDTLS_SSL_ALPN */
    1590. 

  1590. 

  1591.     /*
    1592. 

  1592.      * 0. Initialize the RNG and the session data
    1593. 

  1593.      */
    1594. 

  1594.     mbedtls_printf( "\n  . Seeding the random number generator..." );
    1595. 

  1595.     fflush( stdout );
    1596. 

  1596. 

  1597.     ret = rng_seed( &rng, opt.reproducible, pers );
    1598. 

  1598.     if( ret != 0 )
    1599. 

  1599.         goto exit;
    1600. 

  1600.     mbedtls_printf( " ok\n" );
    1601. 

  1601. 

  1602. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    1603. 

  1603.     /*
    1604. 

  1604.      * 1.1. Load the trusted CA
    1605. 

  1605.      */
    1606. 

  1606.     mbedtls_printf( "  . Loading the CA root certificate ..." );
    1607. 

  1607.     fflush( stdout );
    1608. 

  1608. 

  1609.     if( strcmp( opt.ca_path, "none" ) == 0 ||
    1610. 

  1610.         strcmp( opt.ca_file, "none" ) == 0 )
    1611. 

  1611.     {
    1612. 

  1612.         ret = 0;
    1613. 

  1613.     }
    1614. 

  1614.     else
    1615. 

  1615. #if defined(MBEDTLS_FS_IO)
    1616. 

  1616.     if( strlen( opt.ca_path ) )
    1617. 

  1617.         ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
    1618. 

  1618.     else if( strlen( opt.ca_file ) )
    1619. 

  1619.         ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
    1620. 

  1620.     else
    1621. 

  1621. #endif
    1622. 

  1622.     {
    1623. 

  1623. #if defined(MBEDTLS_PEM_PARSE_C)
    1624. 

  1624.         for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
    1625. 

  1625.         {
    1626. 

  1626.             ret = mbedtls_x509_crt_parse( &cacert,
    1627. 

  1627.                                   (const unsigned char *) mbedtls_test_cas[i],
    1628. 

  1628.                                   mbedtls_test_cas_len[i] );
    1629. 

  1629.             if( ret != 0 )
    1630. 

  1630.                 break;
    1631. 

  1631.         }
    1632. 

  1632.         if( ret == 0 )
    1633. 

  1633. #endif /* MBEDTLS_PEM_PARSE_C */
    1634. 

  1634.         for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
    1635. 

  1635.         {
    1636. 

  1636.             ret = mbedtls_x509_crt_parse_der( &cacert,
    1637. 

  1637.                          (const unsigned char *) mbedtls_test_cas_der[i],
    1638. 

  1638.                          mbedtls_test_cas_der_len[i] );
    1639. 

  1639.             if( ret != 0 )
    1640. 

  1640.                 break;
    1641. 

  1641.         }
    1642. 

  1642.     }
    1643. 

  1643.     if( ret < 0 )
    1644. 

  1644.     {
    1645. 

  1645.         mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
    1646. 

  1646.                         (unsigned int) -ret );
    1647. 

  1647.         goto exit;
    1648. 

  1648.     }
    1649. 

  1649. 

  1650.     mbedtls_printf( " ok (%d skipped)\n", ret );
    1651. 

  1651. 

  1652.     /*
    1653. 

  1653.      * 1.2. Load own certificate and private key
    1654. 

  1654.      *
    1655. 

  1655.      * (can be skipped if client authentication is not required)
    1656. 

  1656.      */
    1657. 

  1657.     mbedtls_printf( "  . Loading the client cert. and key..." );
    1658. 

  1658.     fflush( stdout );
    1659. 

  1659. 

  1660.     if( strcmp( opt.crt_file, "none" ) == 0 )
    1661. 

  1661.         ret = 0;
    1662. 

  1662.     else
    1663. 

  1663. #if defined(MBEDTLS_FS_IO)
    1664. 

  1664.     if( strlen( opt.crt_file ) )
    1665. 

  1665.         ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
    1666. 

  1666.     else
    1667. 

  1667. #endif
    1668. 

  1668.         ret = mbedtls_x509_crt_parse( &clicert,
    1669. 

  1669.                 (const unsigned char *) mbedtls_test_cli_crt,
    1670. 

  1670.                 mbedtls_test_cli_crt_len );
    1671. 

  1671.     if( ret != 0 )
    1672. 

  1672.     {
    1673. 

  1673.         mbedtls_printf( " failed\n  !  mbedtls_x509_crt_parse returned -0x%x\n\n",
    1674. 

  1674.                         (unsigned int) -ret );
    1675. 

  1675.         goto exit;
    1676. 

  1676.     }
    1677. 

  1677. 

  1678.     if( strcmp( opt.key_file, "none" ) == 0 )
    1679. 

  1679.         ret = 0;
    1680. 

  1680.     else
    1681. 

  1681. #if defined(MBEDTLS_FS_IO)
    1682. 

  1682.     if( strlen( opt.key_file ) )
    1683. 

  1683.         ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd, rng_get, &rng );
    1684. 

  1684.     else
    1685. 

  1685. #endif
    1686. 

  1686.         ret = mbedtls_pk_parse_key( &pkey,
    1687. 

  1687.                 (const unsigned char *) mbedtls_test_cli_key,
    1688. 

  1688.                 mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng );
    1689. 

  1689.     if( ret != 0 )
    1690. 

  1690.     {
    1691. 

  1691.         mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
    1692. 

  1692.                         (unsigned int) -ret );
    1693. 

  1693.         goto exit;
    1694. 

  1694.     }
    1695. 

  1695. 

  1696. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    1697. 

  1697.     if( opt.key_opaque != 0 )
    1698. 

  1698.     {
    1699. 

  1699.         if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
    1700. 

  1700.                                                PSA_ALG_ANY_HASH ) ) != 0 )
    1701. 

  1701.         {
    1702. 

  1702.             mbedtls_printf( " failed\n  !  "
    1703. 

  1703.                             "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int)  -ret );
    1704. 

  1704.             goto exit;
    1705. 

  1705.         }
    1706. 

  1706.     }
    1707. 

  1707. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    1708. 

  1708. 

  1709.     mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
    1710. 

  1710. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    1711. 

  1711. 

  1712.     /*
    1713. 

  1713.      * 2. Setup stuff
    1714. 

  1714.      */
    1715. 

  1715.     mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    1716. 

  1716.     fflush( stdout );
    1717. 

  1717. 

  1718.     if( ( ret = mbedtls_ssl_config_defaults( &conf,
    1719. 

  1719.                     MBEDTLS_SSL_IS_CLIENT,
    1720. 

  1720.                     opt.transport,
    1721. 

  1721.                     MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
    1722. 

  1722.     {
    1723. 

  1723.         mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
    1724. 

  1724.                         (unsigned int) -ret );
    1725. 

  1725.         goto exit;
    1726. 

  1726.     }
    1727. 

  1727. 

  1728. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    1729. 

  1729.     /* The default algorithms profile disables SHA-1, but our tests still
    1730. 

  1730.        rely on it heavily. */
    1731. 

  1731.     if( opt.allow_sha1 > 0 )
    1732. 

  1732.     {
    1733. 

  1733.         crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 );
    1734. 

  1734.         mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test );
    1735. 

  1735.         mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test );
    1736. 

  1736.     }
    1737. 

  1737. 

  1738.     if( opt.context_crt_cb == 0 )
    1739. 

  1739.         mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
    1740. 

  1740. 

  1741.     memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
    1742. 

  1742. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    1743. 

  1743. 

  1744. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    1745. 

  1745.     if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
    1746. 

  1746.     {
    1747. 

  1747.         if( opt.cid_enabled == 1        &&
    1748. 

  1748.             opt.cid_enabled_renego == 1 &&
    1749. 

  1749.             cid_len != cid_renego_len )
    1750. 

  1750.         {
    1751. 

  1751.             mbedtls_printf( "CID length must not change during renegotiation\n" );
    1752. 

  1752.             goto usage;
    1753. 

  1753.         }
    1754. 

  1754. 

  1755.         if( opt.cid_enabled == 1 )
    1756. 

  1756.             ret = mbedtls_ssl_conf_cid( &conf, cid_len,
    1757. 

  1757.                                         MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
    1758. 

  1758.         else
    1759. 

  1759.             ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len,
    1760. 

  1760.                                         MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
    1761. 

  1761. 

  1762.         if( ret != 0 )
    1763. 

  1763.         {
    1764. 

  1764.             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n",
    1765. 

  1765.                             (unsigned int) -ret );
    1766. 

  1766.             goto exit;
    1767. 

  1767.         }
    1768. 

  1768.     }
    1769. 

  1769. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    1770. 

  1770. 

  1771.     if( opt.auth_mode != DFL_AUTH_MODE )
    1772. 

  1772.         mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
    1773. 

  1773. 

  1774. #if defined(MBEDTLS_SSL_PROTO_DTLS)
    1775. 

  1775.     if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
    1776. 

  1776.         mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min,
    1777. 

  1777.                                             opt.hs_to_max );
    1778. 

  1778. 

  1779.     if( opt.dgram_packing != DFL_DGRAM_PACKING )
    1780. 

  1780.         mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing );
    1781. 

  1781. #endif /* MBEDTLS_SSL_PROTO_DTLS */
    1782. 

  1782. 

  1783. #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
    1784. 

  1784.     if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
    1785. 

  1785.     {
    1786. 

  1786.         mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n",
    1787. 

  1787.                         ret );
    1788. 

  1788.         goto exit;
    1789. 

  1789.     }
    1790. 

  1790. #endif
    1791. 

  1791. 

  1792. #if defined(MBEDTLS_SSL_DTLS_SRTP)
    1793. 

  1793.     const mbedtls_ssl_srtp_profile forced_profile[] =
    1794. 

  1794.                                 { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
    1795. 

  1795.     if( opt.use_srtp == 1 )
    1796. 

  1796.     {
    1797. 

  1797.         if( opt.force_srtp_profile != 0 )
    1798. 

  1798.         {
    1799. 

  1799.             ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile );
    1800. 

  1800.         }
    1801. 

  1801.         else
    1802. 

  1802.         {
    1803. 

  1803.             ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles );
    1804. 

  1804.         }
    1805. 

  1805. 

  1806.         if( ret != 0 )
    1807. 

  1807.         {
    1808. 

  1808.             mbedtls_printf( " failed\n  ! "
    1809. 

  1809.                             "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n",
    1810. 

  1810.                             ret );
    1811. 

  1811.             goto exit;
    1812. 

  1812.         }
    1813. 

  1813. 

  1814.     }
    1815. 

  1815.     else if( opt.force_srtp_profile != 0 )
    1816. 

  1816.     {
    1817. 

  1817.         mbedtls_printf( " failed\n  ! must enable use_srtp to force srtp profile\n\n" );
    1818. 

  1818.         goto exit;
    1819. 

  1819.     }
    1820. 

  1820. #endif /* MBEDTLS_SSL_DTLS_SRTP */
    1821. 

  1821. 

  1822. #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
    1823. 

  1823.     if( opt.extended_ms != DFL_EXTENDED_MS )
    1824. 

  1824.         mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
    1825. 

  1825. #endif
    1826. 

  1826. 

  1827. #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
    1828. 

  1828.     if( opt.etm != DFL_ETM )
    1829. 

  1829.         mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
    1830. 

  1830. #endif
    1831. 

  1831. 

  1832. #if defined(MBEDTLS_DHM_C)
    1833. 

  1833.     if( opt.dhmlen != DFL_DHMLEN )
    1834. 

  1834.         mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen );
    1835. 

  1835. #endif
    1836. 

  1836. 

  1837. #if defined(MBEDTLS_SSL_ALPN)
    1838. 

  1838.     if( opt.alpn_string != NULL )
    1839. 

  1839.         if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
    1840. 

  1840.         {
    1841. 

  1841.             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n",
    1842. 

  1842.                             ret );
    1843. 

  1843.             goto exit;
    1844. 

  1844.         }
    1845. 

  1845. #endif
    1846. 

  1846. 

  1847.     if (opt.reproducible)
    1848. 

  1848.     {
    1849. 

  1849. #if defined(MBEDTLS_HAVE_TIME)
    1850. 

  1850. #if defined(MBEDTLS_PLATFORM_TIME_ALT)
    1851. 

  1851.         mbedtls_platform_set_time( dummy_constant_time );
    1852. 

  1852. #else
    1853. 

  1853.         fprintf( stderr, "Warning: reproducible option used without constant time\n" );
    1854. 

  1854. #endif
    1855. 

  1855. #endif  /* MBEDTLS_HAVE_TIME */
    1856. 

  1856.     }
    1857. 

  1857.     mbedtls_ssl_conf_rng( &conf, rng_get, &rng );
    1858. 

  1858.     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
    1859. 

  1859. 

  1860.     mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
    1861. 

  1861. 

  1862. #if defined(MBEDTLS_SSL_SESSION_TICKETS)
    1863. 

  1863.     mbedtls_ssl_conf_session_tickets( &conf, opt.tickets );
    1864. 

  1864. #endif
    1865. 

  1865. 

  1866.     if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
    1867. 

  1867.         mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
    1868. 

  1868. 

  1869. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1870. 

  1870.     mbedtls_ssl_conf_tls13_key_exchange_modes( &conf, opt.tls13_kex_modes );
    1871. 

  1871. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1872. 

  1872. 

  1873.     if( opt.allow_legacy != DFL_ALLOW_LEGACY )
    1874. 

  1874.         mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
    1875. 

  1875. #if defined(MBEDTLS_SSL_RENEGOTIATION)
    1876. 

  1876.     mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
    1877. 

  1877. #endif
    1878. 

  1878. 

  1879. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    1880. 

  1880.     if( strcmp( opt.ca_path, "none" ) != 0 &&
    1881. 

  1881.         strcmp( opt.ca_file, "none" ) != 0 )
    1882. 

  1882.     {
    1883. 

  1883. #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
    1884. 

  1884.         if( opt.ca_callback != 0 )
    1885. 

  1885.             mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert );
    1886. 

  1886.         else
    1887. 

  1887. #endif
    1888. 

  1888.             mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    1889. 

  1889.     }
    1890. 

  1890.     if( strcmp( opt.crt_file, "none" ) != 0 &&
    1891. 

  1891.         strcmp( opt.key_file, "none" ) != 0 )
    1892. 

  1892.     {
    1893. 

  1893.         if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
    1894. 

  1894.         {
    1895. 

  1895.             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n",
    1896. 

  1896.                             ret );
    1897. 

  1897.             goto exit;
    1898. 

  1898.         }
    1899. 

  1899.     }
    1900. 

  1900. #endif  /* MBEDTLS_X509_CRT_PARSE_C */
    1901. 

  1901. 

  1902. #if defined(MBEDTLS_ECP_C)
    1903. 

  1903.     if( opt.curves != NULL &&
    1904. 

  1904.         strcmp( opt.curves, "default" ) != 0 )
    1905. 

  1905.     {
    1906. 

  1906.         mbedtls_ssl_conf_groups( &conf, group_list );
    1907. 

  1907.     }
    1908. 

  1908. #endif
    1909. 

  1909. 

  1910. #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
    1911. 

  1911.     if( opt.sig_algs != NULL )
    1912. 

  1912.         mbedtls_ssl_conf_sig_algs( &conf, sig_alg_list );
    1913. 

  1913. #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
    1914. 

  1914. 

  1915. #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
    1916. 

  1916. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    1917. 

  1917.     if( opt.psk_opaque != 0 )
    1918. 

  1918.     {
    1919. 

  1919.         key_attributes = psa_key_attributes_init();
    1920. 

  1920.         psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE );
    1921. 

  1921.         psa_set_key_algorithm( &key_attributes, alg );
    1922. 

  1922.         psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE );
    1923. 

  1923. 

  1924.         status = psa_import_key( &key_attributes, psk, psk_len, &slot );
    1925. 

  1925.         if( status != PSA_SUCCESS )
    1926. 

  1926.         {
    1927. 

  1927.             ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
    1928. 

  1928.             goto exit;
    1929. 

  1929.         }
    1930. 

  1930. 

  1931.         if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot,
    1932. 

  1932.                                   (const unsigned char *) opt.psk_identity,
    1933. 

  1933.                                   strlen( opt.psk_identity ) ) ) != 0 )
    1934. 

  1934.         {
    1935. 

  1935.             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
    1936. 

  1936.                             ret );
    1937. 

  1937.             goto exit;
    1938. 

  1938.         }
    1939. 

  1939.     }
    1940. 

  1940.     else
    1941. 

  1941. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    1942. 

  1942.     if( psk_len > 0 )
    1943. 

  1943.     {
    1944. 

  1944.         ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
    1945. 

  1945.                              (const unsigned char *) opt.psk_identity,
    1946. 

  1946.                              strlen( opt.psk_identity ) );
    1947. 

  1947.         if( ret != 0 )
    1948. 

  1948.         {
    1949. 

  1949.             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
    1950. 

  1950.             goto exit;
    1951. 

  1951.         }
    1952. 

  1952.     }
    1953. 

  1953. #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
    1954. 

  1954. 

  1955.     if( opt.min_version != DFL_MIN_VERSION )
    1956. 

  1956.         mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
    1957. 

  1957.                                       opt.min_version );
    1958. 

  1958. 

  1959.     if( opt.max_version != DFL_MAX_VERSION )
    1960. 

  1960.         mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
    1961. 

  1961.                                       opt.max_version );
    1962. 

  1962. 

  1963.     if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
    1964. 

  1964.     {
    1965. 

  1965.         mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned -0x%x\n\n",
    1966. 

  1966.                         (unsigned int) -ret );
    1967. 

  1967.         goto exit;
    1968. 

  1968.     }
    1969. 

  1969. 

  1970.     if( opt.eap_tls != 0 )
    1971. 

  1971.     {
    1972. 

  1972.         mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation,
    1973. 

  1973.                                         &eap_tls_keying );
    1974. 

  1974.     }
    1975. 

  1975.     else if( opt.nss_keylog != 0 )
    1976. 

  1976.     {
    1977. 

  1977.         mbedtls_ssl_set_export_keys_cb( &ssl,
    1978. 

  1978.                                         nss_keylog_export,
    1979. 

  1979.                                         NULL );
    1980. 

  1980.     }
    1981. 

  1981. #if defined( MBEDTLS_SSL_DTLS_SRTP )
    1982. 

  1982.     else if( opt.use_srtp != 0 )
    1983. 

  1983.     {
    1984. 

  1984.         mbedtls_ssl_set_export_keys_cb( &ssl, dtls_srtp_key_derivation,
    1985. 

  1985.                                         &dtls_srtp_keying );
    1986. 

  1986.     }
    1987. 

  1987. #endif /* MBEDTLS_SSL_DTLS_SRTP */
    1988. 

  1988. 

  1989. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    1990. 

  1990.     if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
    1991. 

  1991.     {
    1992. 

  1992.         mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n",
    1993. 

  1993.                         ret );
    1994. 

  1994.         goto exit;
    1995. 

  1995.     }
    1996. 

  1996. #endif
    1997. 

  1997. 

  1998. #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
    1999. 

  1999.     if( opt.ecjpake_pw != DFL_ECJPAKE_PW )
    2000. 

  2000.     {
    2001. 

  2001.         if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl,
    2002. 

  2002.                         (const unsigned char *) opt.ecjpake_pw,
    2003. 

  2003.                                         strlen( opt.ecjpake_pw ) ) ) != 0 )
    2004. 

  2004.         {
    2005. 

  2005.             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n",
    2006. 

  2006.                             ret );
    2007. 

  2007.             goto exit;
    2008. 

  2008.         }
    2009. 

  2009.     }
    2010. 

  2010. #endif
    2011. 

  2011. 

  2012. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    2013. 

  2013.     if( opt.context_crt_cb == 1 )
    2014. 

  2014.         mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
    2015. 

  2015. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    2016. 

  2016. 

  2017.     io_ctx.ssl = &ssl;
    2018. 

  2018.     io_ctx.net = &server_fd;
    2019. 

  2019.     mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb,
    2020. 

  2020.                          opt.nbio == 0 ? recv_timeout_cb : NULL );
    2021. 

  2021. 

  2022. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    2023. 

  2023.     if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
    2024. 

  2024.     {
    2025. 

  2025.         if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
    2026. 

  2026.                                          cid, cid_len ) ) != 0 )
    2027. 

  2027.         {
    2028. 

  2028.             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
    2029. 

  2029.                             ret );
    2030. 

  2030.             goto exit;
    2031. 

  2031.         }
    2032. 

  2032.     }
    2033. 

  2033. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    2034. 

  2034. 

  2035. #if defined(MBEDTLS_SSL_PROTO_DTLS)
    2036. 

  2036.     if( opt.dtls_mtu != DFL_DTLS_MTU )
    2037. 

  2037.         mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu );
    2038. 

  2038. #endif
    2039. 

  2039. 

  2040. #if defined(MBEDTLS_TIMING_C)
    2041. 

  2041.     mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
    2042. 

  2042.                                             mbedtls_timing_get_delay );
    2043. 

  2043. #endif
    2044. 

  2044. 

  2045. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2046. 

  2046.     if( opt.ec_max_ops != DFL_EC_MAX_OPS )
    2047. 

  2047.         mbedtls_ecp_set_max_ops( opt.ec_max_ops );
    2048. 

  2048. #endif
    2049. 

  2049. 

  2050. #if defined(MBEDTLS_SSL_DTLS_SRTP)
    2051. 

  2051.     if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 )
    2052. 

  2052.     {
    2053. 

  2053.         if( mbedtls_test_unhexify( mki, sizeof( mki ),
    2054. 

  2054.                                    opt.mki,&mki_len ) != 0 )
    2055. 

  2055.         {
    2056. 

  2056.             mbedtls_printf( "mki value not valid hex\n" );
    2057. 

  2057.             goto exit;
    2058. 

  2058.         }
    2059. 

  2059. 

  2060.         mbedtls_ssl_conf_srtp_mki_value_supported( &conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED );
    2061. 

  2061.         if( ( ret = mbedtls_ssl_dtls_srtp_set_mki_value( &ssl, mki,
    2062. 

  2062.                                                          (uint16_t) strlen( opt.mki ) / 2 ) ) != 0 )
    2063. 

  2063.         {
    2064. 

  2064.             mbedtls_printf( " failed\n  ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret );
    2065. 

  2065.             goto exit;
    2066. 

  2066.         }
    2067. 

  2067.     }
    2068. 

  2068. #endif
    2069. 

  2069. 

  2070.     mbedtls_printf( " ok\n" );
    2071. 

  2071. 

  2072.     /*
    2073. 

  2073.      * 3. Start the connection
    2074. 

  2074.      */
    2075. 

  2075.     if( opt.server_addr == NULL)
    2076. 

  2076.         opt.server_addr = opt.server_name;
    2077. 

  2077. 

  2078.     mbedtls_printf( "  . Connecting to %s/%s/%s...",
    2079. 

  2079.             opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
    2080. 

  2080.             opt.server_addr, opt.server_port );
    2081. 

  2081.     fflush( stdout );
    2082. 

  2082. 

  2083.     if( ( ret = mbedtls_net_connect( &server_fd,
    2084. 

  2084.                        opt.server_addr, opt.server_port,
    2085. 

  2085.                        opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
    2086. 

  2086.                        MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
    2087. 

  2087.     {
    2088. 

  2088.         mbedtls_printf( " failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
    2089. 

  2089.                         (unsigned int) -ret );
    2090. 

  2090.         goto exit;
    2091. 

  2091.     }
    2092. 

  2092. 

  2093.     if( opt.nbio > 0 )
    2094. 

  2094.         ret = mbedtls_net_set_nonblock( &server_fd );
    2095. 

  2095.     else
    2096. 

  2096.         ret = mbedtls_net_set_block( &server_fd );
    2097. 

  2097.     if( ret != 0 )
    2098. 

  2098.     {
    2099. 

  2099.         mbedtls_printf( " failed\n  ! net_set_(non)block() returned -0x%x\n\n",
    2100. 

  2100.                         (unsigned int) -ret );
    2101. 

  2101.         goto exit;
    2102. 

  2102.     }
    2103. 

  2103. 

  2104.     mbedtls_printf( " ok\n" );
    2105. 

  2105. 

  2106.     /*
    2107. 

  2107.      * 4. Handshake
    2108. 

  2108.      */
    2109. 

  2109.     mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
    2110. 

  2110.     fflush( stdout );
    2111. 

  2111. 

  2112.     while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
    2113. 

  2113.     {
    2114. 

  2114.         if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2115. 

  2115.             ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
    2116. 

  2116.             ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2117. 

  2117.         {
    2118. 

  2118.             mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n",
    2119. 

  2119.                             (unsigned int) -ret );
    2120. 

  2120.             if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
    2121. 

  2121.                 mbedtls_printf(
    2122. 

  2122.                     "    Unable to verify the server's certificate. "
    2123. 

  2123.                         "Either it is invalid,\n"
    2124. 

  2124.                     "    or you didn't set ca_file or ca_path "
    2125. 

  2125.                         "to an appropriate value.\n"
    2126. 

  2126.                     "    Alternatively, you may want to use "
    2127. 

  2127.                         "auth_mode=optional for testing purposes.\n" );
    2128. 

  2128.             mbedtls_printf( "\n" );
    2129. 

  2129.             goto exit;
    2130. 

  2130.         }
    2131. 

  2131. 

  2132. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2133. 

  2133.         if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2134. 

  2134.             continue;
    2135. 

  2135. #endif
    2136. 

  2136. 

  2137.         /* For event-driven IO, wait for socket to become available */
    2138. 

  2138.         if( opt.event == 1 /* level triggered IO */ )
    2139. 

  2139.         {
    2140. 

  2140. #if defined(MBEDTLS_TIMING_C)
    2141. 

  2141.             ret = idle( &server_fd, &timer, ret );
    2142. 

  2142. #else
    2143. 

  2143.             ret = idle( &server_fd, ret );
    2144. 

  2144. #endif
    2145. 

  2145.             if( ret != 0 )
    2146. 

  2146.                 goto exit;
    2147. 

  2147.         }
    2148. 

  2148.     }
    2149. 

  2149. 

  2150.     mbedtls_printf( " ok\n    [ Protocol is %s ]\n    [ Ciphersuite is %s ]\n",
    2151. 

  2151.                     mbedtls_ssl_get_version( &ssl ),
    2152. 

  2152.                     mbedtls_ssl_get_ciphersuite( &ssl ) );
    2153. 

  2153. 

  2154.     if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 )
    2155. 

  2155.         mbedtls_printf( "    [ Record expansion is %d ]\n", ret );
    2156. 

  2156.     else
    2157. 

  2157.         mbedtls_printf( "    [ Record expansion is unknown ]\n" );
    2158. 

  2158. 

  2159. #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
    2160. 

  2160.     mbedtls_printf( "    [ Maximum incoming record payload length is %u ]\n",
    2161. 

  2161.                     (unsigned int) mbedtls_ssl_get_max_in_record_payload( &ssl ) );
    2162. 

  2162.     mbedtls_printf( "    [ Maximum outgoing record payload length is %u ]\n",
    2163. 

  2163.                     (unsigned int) mbedtls_ssl_get_max_out_record_payload( &ssl ) );
    2164. 

  2164. #endif
    2165. 

  2165. 

  2166. #if defined(MBEDTLS_SSL_ALPN)
    2167. 

  2167.     if( opt.alpn_string != NULL )
    2168. 

  2168.     {
    2169. 

  2169.         const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl );
    2170. 

  2170.         mbedtls_printf( "    [ Application Layer Protocol is %s ]\n",
    2171. 

  2171.                 alp ? alp : "(none)" );
    2172. 

  2172.     }
    2173. 

  2173. #endif
    2174. 

  2174. 

  2175.     if( opt.eap_tls != 0  )
    2176. 

  2176.     {
    2177. 

  2177.         size_t j = 0;
    2178. 

  2178. 

  2179.         if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type,
    2180. 

  2180.                                          eap_tls_keying.master_secret,
    2181. 

  2181.                                          sizeof( eap_tls_keying.master_secret ),
    2182. 

  2182.                                          eap_tls_label,
    2183. 

  2183.                                          eap_tls_keying.randbytes,
    2184. 

  2184.                                          sizeof( eap_tls_keying.randbytes ),
    2185. 

  2185.                                          eap_tls_keymaterial,
    2186. 

  2186.                                          sizeof( eap_tls_keymaterial ) ) )
    2187. 

  2187.                                          != 0 )
    2188. 

  2188.         {
    2189. 

  2189.             mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
    2190. 

  2190.                             (unsigned int) -ret );
    2191. 

  2191.             goto exit;
    2192. 

  2192.         }
    2193. 

  2193. 

  2194.         mbedtls_printf( "    EAP-TLS key material is:" );
    2195. 

  2195.         for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ )
    2196. 

  2196.         {
    2197. 

  2197.             if( j % 8 == 0 )
    2198. 

  2198.                 mbedtls_printf("\n    ");
    2199. 

  2199.             mbedtls_printf("%02x ", eap_tls_keymaterial[j] );
    2200. 

  2200.         }
    2201. 

  2201.         mbedtls_printf("\n");
    2202. 

  2202. 

  2203.         if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0,
    2204. 

  2204.                                          eap_tls_label,
    2205. 

  2205.                                          eap_tls_keying.randbytes,
    2206. 

  2206.                                          sizeof( eap_tls_keying.randbytes ),
    2207. 

  2207.                                          eap_tls_iv,
    2208. 

  2208.                                          sizeof( eap_tls_iv ) ) ) != 0 )
    2209. 

  2209.          {
    2210. 

  2210.              mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
    2211. 

  2211.                              (unsigned int) -ret );
    2212. 

  2212.              goto exit;
    2213. 

  2213.          }
    2214. 

  2214. 

  2215.         mbedtls_printf( "    EAP-TLS IV is:" );
    2216. 

  2216.         for( j = 0; j < sizeof( eap_tls_iv ); j++ )
    2217. 

  2217.         {
    2218. 

  2218.             if( j % 8 == 0 )
    2219. 

  2219.                 mbedtls_printf("\n    ");
    2220. 

  2220.             mbedtls_printf("%02x ", eap_tls_iv[j] );
    2221. 

  2221.         }
    2222. 

  2222.         mbedtls_printf("\n");
    2223. 

  2223.     }
    2224. 

  2224. 

  2225. #if defined( MBEDTLS_SSL_DTLS_SRTP )
    2226. 

  2226.     else if( opt.use_srtp != 0  )
    2227. 

  2227.     {
    2228. 

  2228.         size_t j = 0;
    2229. 

  2229.         mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
    2230. 

  2230.         mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result );
    2231. 

  2231. 

  2232.         if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
    2233. 

  2233.                                 == MBEDTLS_TLS_SRTP_UNSET )
    2234. 

  2234.         {
    2235. 

  2235.             mbedtls_printf( "    Unable to negotiate "
    2236. 

  2236.                             "the use of DTLS-SRTP\n" );
    2237. 

  2237.         }
    2238. 

  2238.         else
    2239. 

  2239.         {
    2240. 

  2240.             if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type,
    2241. 

  2241.                                              dtls_srtp_keying.master_secret,
    2242. 

  2242.                                              sizeof( dtls_srtp_keying.master_secret ),
    2243. 

  2243.                                              dtls_srtp_label,
    2244. 

  2244.                                              dtls_srtp_keying.randbytes,
    2245. 

  2245.                                              sizeof( dtls_srtp_keying.randbytes ),
    2246. 

  2246.                                              dtls_srtp_key_material,
    2247. 

  2247.                                              sizeof( dtls_srtp_key_material ) ) )
    2248. 

  2248.                                              != 0 )
    2249. 

  2249.             {
    2250. 

  2250.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
    2251. 

  2251.                                 (unsigned int) -ret );
    2252. 

  2252.                 goto exit;
    2253. 

  2253.             }
    2254. 

  2254. 

  2255.             mbedtls_printf( "    DTLS-SRTP key material is:" );
    2256. 

  2256.             for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
    2257. 

  2257.             {
    2258. 

  2258.                 if( j % 8 == 0 )
    2259. 

  2259.                     mbedtls_printf( "\n    " );
    2260. 

  2260.                 mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
    2261. 

  2261.             }
    2262. 

  2262.             mbedtls_printf( "\n" );
    2263. 

  2263. 

  2264.             /* produce a less readable output used to perform automatic checks
    2265. 

  2265.              * - compare client and server output
    2266. 

  2266.              * - interop test with openssl which client produces this kind of output
    2267. 

  2267.              */
    2268. 

  2268.             mbedtls_printf( "    Keying material: " );
    2269. 

  2269.             for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
    2270. 

  2270.             {
    2271. 

  2271.                 mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
    2272. 

  2272.             }
    2273. 

  2273.             mbedtls_printf( "\n" );
    2274. 

  2274. 

  2275.             if ( dtls_srtp_negotiation_result.mki_len > 0 )
    2276. 

  2276.             {
    2277. 

  2277.                 mbedtls_printf( "    DTLS-SRTP mki value: " );
    2278. 

  2278.                 for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ )
    2279. 

  2279.                 {
    2280. 

  2280.                     mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] );
    2281. 

  2281.                 }
    2282. 

  2282.             }
    2283. 

  2283.             else
    2284. 

  2284.             {
    2285. 

  2285.                 mbedtls_printf( "    DTLS-SRTP no mki value negotiated" );
    2286. 

  2286.             }
    2287. 

  2287.             mbedtls_printf( "\n" );
    2288. 

  2288.         }
    2289. 

  2289.     }
    2290. 

  2290. #endif /* MBEDTLS_SSL_DTLS_SRTP */
    2291. 

  2291.     if( opt.reconnect != 0 )
    2292. 

  2292.     {
    2293. 

  2293.         mbedtls_printf("  . Saving session for reuse..." );
    2294. 

  2294.         fflush( stdout );
    2295. 

  2295. 

  2296.         if( opt.reco_mode == 1 )
    2297. 

  2297.         {
    2298. 

  2298.             mbedtls_ssl_session exported_session;
    2299. 

  2299. 

  2300.             /* free any previously saved data */
    2301. 

  2301.             if( session_data != NULL )
    2302. 

  2302.             {
    2303. 

  2303.                 mbedtls_platform_zeroize( session_data, session_data_len );
    2304. 

  2304.                 mbedtls_free( session_data );
    2305. 

  2305.                 session_data = NULL;
    2306. 

  2306.             }
    2307. 

  2307. 

  2308.             mbedtls_ssl_session_init( &exported_session );
    2309. 

  2309.             ret = mbedtls_ssl_get_session( &ssl, &exported_session );
    2310. 

  2310.             if( ret != 0 )
    2311. 

  2311.             {
    2312. 

  2312.                 mbedtls_printf(
    2313. 

  2313.                     "failed\n  ! mbedtls_ssl_get_session() returned -%#02x\n",
    2314. 

  2314.                     (unsigned) -ret );
    2315. 

  2315.                 goto exit;
    2316. 

  2316.             }
    2317. 

  2317. 

  2318.             /* get size of the buffer needed */
    2319. 

  2319.             mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len );
    2320. 

  2320.             session_data = mbedtls_calloc( 1, session_data_len );
    2321. 

  2321.             if( session_data == NULL )
    2322. 

  2322.             {
    2323. 

  2323.                 mbedtls_printf( " failed\n  ! alloc %u bytes for session data\n",
    2324. 

  2324.                                 (unsigned) session_data_len );
    2325. 

  2325.                 mbedtls_ssl_session_free( &exported_session );
    2326. 

  2326.                 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
    2327. 

  2327.                 goto exit;
    2328. 

  2328.             }
    2329. 

  2329. 

  2330.             /* actually save session data */
    2331. 

  2331.             if( ( ret = mbedtls_ssl_session_save( &exported_session,
    2332. 

  2332.                                                   session_data, session_data_len,
    2333. 

  2333.                                                   &session_data_len ) ) != 0 )
    2334. 

  2334.             {
    2335. 

  2335.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
    2336. 

  2336.                                 (unsigned int) -ret );
    2337. 

  2337.                 mbedtls_ssl_session_free( &exported_session );
    2338. 

  2338.                 goto exit;
    2339. 

  2339.             }
    2340. 

  2340. 

  2341.             mbedtls_ssl_session_free( &exported_session );
    2342. 

  2342.         }
    2343. 

  2343.         else
    2344. 

  2344.         {
    2345. 

  2345.             if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
    2346. 

  2346.             {
    2347. 

  2347.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_get_session returned -0x%x\n\n",
    2348. 

  2348.                                 (unsigned int) -ret );
    2349. 

  2349.                 goto exit;
    2350. 

  2350.             }
    2351. 

  2351.         }
    2352. 

  2352. 

  2353.         mbedtls_printf( " ok\n" );
    2354. 

  2354. 

  2355.         if( opt.reco_mode == 1 )
    2356. 

  2356.         {
    2357. 

  2357.             mbedtls_printf( "    [ Saved %u bytes of session data]\n",
    2358. 

  2358.                             (unsigned) session_data_len );
    2359. 

  2359.         }
    2360. 

  2360.     }
    2361. 

  2361. 

  2362. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    2363. 

  2363.     /*
    2364. 

  2364.      * 5. Verify the server certificate
    2365. 

  2365.      */
    2366. 

  2366.     mbedtls_printf( "  . Verifying peer X.509 certificate..." );
    2367. 

  2367. 

  2368.     if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    2369. 

  2369.     {
    2370. 

  2370.         char vrfy_buf[512];
    2371. 

  2371.         mbedtls_printf( " failed\n" );
    2372. 

  2372. 

  2373.         x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ),
    2374. 

  2374.                                       "  ! ", flags );
    2375. 

  2375. 

  2376.         mbedtls_printf( "%s\n", vrfy_buf );
    2377. 

  2377.     }
    2378. 

  2378.     else
    2379. 

  2379.         mbedtls_printf( " ok\n" );
    2380. 

  2380. 

  2381. #if !defined(MBEDTLS_X509_REMOVE_INFO)
    2382. 

  2382.     mbedtls_printf( "  . Peer certificate information    ...\n" );
    2383. 

  2383.     mbedtls_printf( "%s\n", peer_crt_info );
    2384. 

  2384. #endif /* !MBEDTLS_X509_REMOVE_INFO */
    2385. 

  2385. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    2386. 

  2386. 

  2387. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    2388. 

  2388.     ret = report_cid_usage( &ssl, "initial handshake" );
    2389. 

  2389.     if( ret != 0 )
    2390. 

  2390.         goto exit;
    2391. 

  2391. 

  2392.     if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
    2393. 

  2393.     {
    2394. 

  2394.         if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego,
    2395. 

  2395.                                          cid_renego,
    2396. 

  2396.                                          cid_renego_len ) ) != 0 )
    2397. 

  2397.         {
    2398. 

  2398.             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_cid returned %d\n\n",
    2399. 

  2399.                             ret );
    2400. 

  2400.             goto exit;
    2401. 

  2401.         }
    2402. 

  2402.     }
    2403. 

  2403. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    2404. 

  2404. 

  2405. #if defined(MBEDTLS_SSL_RENEGOTIATION)
    2406. 

  2406.     if( opt.renegotiate )
    2407. 

  2407.     {
    2408. 

  2408.         /*
    2409. 

  2409.          * Perform renegotiation (this must be done when the server is waiting
    2410. 

  2410.          * for input from our side).
    2411. 

  2411.          */
    2412. 

  2412.         mbedtls_printf( "  . Performing renegotiation..." );
    2413. 

  2413.         fflush( stdout );
    2414. 

  2414.         while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 )
    2415. 

  2415.         {
    2416. 

  2416.             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2417. 

  2417.                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
    2418. 

  2418.                 ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2419. 

  2419.             {
    2420. 

  2420.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n",
    2421. 

  2421.                                 ret );
    2422. 

  2422.                 goto exit;
    2423. 

  2423.             }
    2424. 

  2424. 

  2425. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2426. 

  2426.             if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2427. 

  2427.                 continue;
    2428. 

  2428. #endif
    2429. 

  2429. 

  2430.             /* For event-driven IO, wait for socket to become available */
    2431. 

  2431.             if( opt.event == 1 /* level triggered IO */ )
    2432. 

  2432.             {
    2433. 

  2433. #if defined(MBEDTLS_TIMING_C)
    2434. 

  2434.                 idle( &server_fd, &timer, ret );
    2435. 

  2435. #else
    2436. 

  2436.                 idle( &server_fd, ret );
    2437. 

  2437. #endif
    2438. 

  2438.             }
    2439. 

  2439. 

  2440.         }
    2441. 

  2441.         mbedtls_printf( " ok\n" );
    2442. 

  2442.     }
    2443. 

  2443. #endif /* MBEDTLS_SSL_RENEGOTIATION */
    2444. 

  2444. 

  2445. #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    2446. 

  2446.     ret = report_cid_usage( &ssl, "after renegotiation" );
    2447. 

  2447.     if( ret != 0 )
    2448. 

  2448.         goto exit;
    2449. 

  2449. #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    2450. 

  2450. 

  2451.     /*
    2452. 

  2452.      * 6. Write the GET request
    2453. 

  2453.      */
    2454. 

  2454.     retry_left = opt.max_resend;
    2455. 

  2455. send_request:
    2456. 

  2456.     mbedtls_printf( "  > Write to server:" );
    2457. 

  2457.     fflush( stdout );
    2458. 

  2458. 

  2459.     len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST,
    2460. 

  2460.                             opt.request_page );
    2461. 

  2461.     tail_len = (int) strlen( GET_REQUEST_END );
    2462. 

  2462. 

  2463.     /* Add padding to GET request to reach opt.request_size in length */
    2464. 

  2464.     if( opt.request_size != DFL_REQUEST_SIZE &&
    2465. 

  2465.         len + tail_len < opt.request_size )
    2466. 

  2466.     {
    2467. 

  2467.         memset( buf + len, 'A', opt.request_size - len - tail_len );
    2468. 

  2468.         len += opt.request_size - len - tail_len;
    2469. 

  2469.     }
    2470. 

  2470. 

  2471.     strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 );
    2472. 

  2472.     len += tail_len;
    2473. 

  2473. 

  2474.     /* Truncate if request size is smaller than the "natural" size */
    2475. 

  2475.     if( opt.request_size != DFL_REQUEST_SIZE &&
    2476. 

  2476.         len > opt.request_size )
    2477. 

  2477.     {
    2478. 

  2478.         len = opt.request_size;
    2479. 

  2479. 

  2480.         /* Still end with \r\n unless that's really not possible */
    2481. 

  2481.         if( len >= 2 ) buf[len - 2] = '\r';
    2482. 

  2482.         if( len >= 1 ) buf[len - 1] = '\n';
    2483. 

  2483.     }
    2484. 

  2484. 

  2485.     if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
    2486. 

  2486.     {
    2487. 

  2487.         written = 0;
    2488. 

  2488.         frags = 0;
    2489. 

  2489. 

  2490.         do
    2491. 

  2491.         {
    2492. 

  2492.             while( ( ret = mbedtls_ssl_write( &ssl, buf + written,
    2493. 

  2493.                                               len - written ) ) < 0 )
    2494. 

  2494.             {
    2495. 

  2495.                 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2496. 

  2496.                     ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
    2497. 

  2497.                     ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2498. 

  2498.                 {
    2499. 

  2499.                     mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned -0x%x\n\n",
    2500. 

  2500.                                     (unsigned int) -ret );
    2501. 

  2501.                     goto exit;
    2502. 

  2502.                 }
    2503. 

  2503. 

  2504.                 /* For event-driven IO, wait for socket to become available */
    2505. 

  2505.                 if( opt.event == 1 /* level triggered IO */ )
    2506. 

  2506.                 {
    2507. 

  2507. #if defined(MBEDTLS_TIMING_C)
    2508. 

  2508.                     idle( &server_fd, &timer, ret );
    2509. 

  2509. #else
    2510. 

  2510.                     idle( &server_fd, ret );
    2511. 

  2511. #endif
    2512. 

  2512.                 }
    2513. 

  2513.             }
    2514. 

  2514. 

  2515.             frags++;
    2516. 

  2516.             written += ret;
    2517. 

  2517.         }
    2518. 

  2518.         while( written < len );
    2519. 

  2519.     }
    2520. 

  2520.     else /* Not stream, so datagram */
    2521. 

  2521.     {
    2522. 

  2522.         while( 1 )
    2523. 

  2523.         {
    2524. 

  2524.             ret = mbedtls_ssl_write( &ssl, buf, len );
    2525. 

  2525. 

  2526. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2527. 

  2527.             if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2528. 

  2528.                 continue;
    2529. 

  2529. #endif
    2530. 

  2530. 

  2531.             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2532. 

  2532.                 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
    2533. 

  2533.                 break;
    2534. 

  2534. 

  2535.             /* For event-driven IO, wait for socket to become available */
    2536. 

  2536.             if( opt.event == 1 /* level triggered IO */ )
    2537. 

  2537.             {
    2538. 

  2538. #if defined(MBEDTLS_TIMING_C)
    2539. 

  2539.                 idle( &server_fd, &timer, ret );
    2540. 

  2540. #else
    2541. 

  2541.                 idle( &server_fd, ret );
    2542. 

  2542. #endif
    2543. 

  2543.             }
    2544. 

  2544.         }
    2545. 

  2545. 

  2546.         if( ret < 0 )
    2547. 

  2547.         {
    2548. 

  2548.             mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned %d\n\n",
    2549. 

  2549.                             ret );
    2550. 

  2550.             goto exit;
    2551. 

  2551.         }
    2552. 

  2552. 

  2553.         frags = 1;
    2554. 

  2554.         written = ret;
    2555. 

  2555. 

  2556.         if( written < len )
    2557. 

  2557.         {
    2558. 

  2558.             mbedtls_printf( " warning\n  ! request didn't fit into single datagram and "
    2559. 

  2559.                             "was truncated to size %u", (unsigned) written );
    2560. 

  2560.         }
    2561. 

  2561.     }
    2562. 

  2562. 

  2563.     buf[written] = '\0';
    2564. 

  2564.     mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n",
    2565. 

  2565.                     written, frags, (char *) buf );
    2566. 

  2566. 

  2567.     /* Send a non-empty request if request_size == 0 */
    2568. 

  2568.     if ( len == 0 )
    2569. 

  2569.     {
    2570. 

  2570.         opt.request_size = DFL_REQUEST_SIZE;
    2571. 

  2571.         goto send_request;
    2572. 

  2572.     }
    2573. 

  2573. 

  2574.     /*
    2575. 

  2575.      * 7. Read the HTTP response
    2576. 

  2576.      */
    2577. 

  2577.     mbedtls_printf( "  < Read from server:" );
    2578. 

  2578.     fflush( stdout );
    2579. 

  2579. 

  2580.     /*
    2581. 

  2581.      * TLS and DTLS need different reading styles (stream vs datagram)
    2582. 

  2582.      */
    2583. 

  2583.     if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
    2584. 

  2584.     {
    2585. 

  2585.         do
    2586. 

  2586.         {
    2587. 

  2587.             len = sizeof( buf ) - 1;
    2588. 

  2588.             memset( buf, 0, sizeof( buf ) );
    2589. 

  2589.             ret = mbedtls_ssl_read( &ssl, buf, len );
    2590. 

  2590. 

  2591. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2592. 

  2592.             if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2593. 

  2593.                 continue;
    2594. 

  2594. #endif
    2595. 

  2595. 

  2596.             if( ret == MBEDTLS_ERR_SSL_WANT_READ ||
    2597. 

  2597.                 ret == MBEDTLS_ERR_SSL_WANT_WRITE )
    2598. 

  2598.             {
    2599. 

  2599.                 /* For event-driven IO, wait for socket to become available */
    2600. 

  2600.                 if( opt.event == 1 /* level triggered IO */ )
    2601. 

  2601.                 {
    2602. 

  2602. #if defined(MBEDTLS_TIMING_C)
    2603. 

  2603.                     idle( &server_fd, &timer, ret );
    2604. 

  2604. #else
    2605. 

  2605.                     idle( &server_fd, ret );
    2606. 

  2606. #endif
    2607. 

  2607.                 }
    2608. 

  2608.                 continue;
    2609. 

  2609.             }
    2610. 

  2610. 

  2611.             if( ret <= 0 )
    2612. 

  2612.             {
    2613. 

  2613.                 switch( ret )
    2614. 

  2614.                 {
    2615. 

  2615.                     case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
    2616. 

  2616.                         mbedtls_printf( " connection was closed gracefully\n" );
    2617. 

  2617.                         ret = 0;
    2618. 

  2618.                         goto close_notify;
    2619. 

  2619. 

  2620.                     case 0:
    2621. 

  2621.                     case MBEDTLS_ERR_NET_CONN_RESET:
    2622. 

  2622.                         mbedtls_printf( " connection was reset by peer\n" );
    2623. 

  2623.                         ret = 0;
    2624. 

  2624.                         goto reconnect;
    2625. 

  2625. 

  2626.                     default:
    2627. 

  2627.                         mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n",
    2628. 

  2628.                                         (unsigned int) -ret );
    2629. 

  2629.                         goto exit;
    2630. 

  2630.                 }
    2631. 

  2631.             }
    2632. 

  2632. 

  2633.             len = ret;
    2634. 

  2634.             buf[len] = '\0';
    2635. 

  2635.             mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
    2636. 

  2636. 

  2637.             /* End of message should be detected according to the syntax of the
    2638. 

  2638.              * application protocol (eg HTTP), just use a dummy test here. */
    2639. 

  2639.             if( ret > 0 && buf[len-1] == '\n' )
    2640. 

  2640.             {
    2641. 

  2641.                 ret = 0;
    2642. 

  2642.                 break;
    2643. 

  2643.             }
    2644. 

  2644.         }
    2645. 

  2645.         while( 1 );
    2646. 

  2646.     }
    2647. 

  2647.     else /* Not stream, so datagram */
    2648. 

  2648.     {
    2649. 

  2649.         len = sizeof( buf ) - 1;
    2650. 

  2650.         memset( buf, 0, sizeof( buf ) );
    2651. 

  2651. 

  2652.         while( 1 )
    2653. 

  2653.         {
    2654. 

  2654.             ret = mbedtls_ssl_read( &ssl, buf, len );
    2655. 

  2655. 

  2656. #if defined(MBEDTLS_ECP_RESTARTABLE)
    2657. 

  2657.             if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2658. 

  2658.                 continue;
    2659. 

  2659. #endif
    2660. 

  2660. 

  2661.             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2662. 

  2662.                 ret != MBEDTLS_ERR_SSL_WANT_WRITE )
    2663. 

  2663.                 break;
    2664. 

  2664. 

  2665.             /* For event-driven IO, wait for socket to become available */
    2666. 

  2666.             if( opt.event == 1 /* level triggered IO */ )
    2667. 

  2667.             {
    2668. 

  2668. #if defined(MBEDTLS_TIMING_C)
    2669. 

  2669.                 idle( &server_fd, &timer, ret );
    2670. 

  2670. #else
    2671. 

  2671.                 idle( &server_fd, ret );
    2672. 

  2672. #endif
    2673. 

  2673.             }
    2674. 

  2674.         }
    2675. 

  2675. 

  2676.         if( ret <= 0 )
    2677. 

  2677.         {
    2678. 

  2678.             switch( ret )
    2679. 

  2679.             {
    2680. 

  2680.                 case MBEDTLS_ERR_SSL_TIMEOUT:
    2681. 

  2681.                     mbedtls_printf( " timeout\n" );
    2682. 

  2682.                     if( retry_left-- > 0 )
    2683. 

  2683.                         goto send_request;
    2684. 

  2684.                     goto exit;
    2685. 

  2685. 

  2686.                 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
    2687. 

  2687.                     mbedtls_printf( " connection was closed gracefully\n" );
    2688. 

  2688.                     ret = 0;
    2689. 

  2689.                     goto close_notify;
    2690. 

  2690. 

  2691.                 default:
    2692. 

  2692.                     mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret );
    2693. 

  2693.                     goto exit;
    2694. 

  2694.             }
    2695. 

  2695.         }
    2696. 

  2696. 

  2697.         len = ret;
    2698. 

  2698.         buf[len] = '\0';
    2699. 

  2699.         mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf );
    2700. 

  2700.         ret = 0;
    2701. 

  2701.     }
    2702. 

  2702. 

  2703.     /*
    2704. 

  2704.      * 7b. Simulate hard reset and reconnect from same port?
    2705. 

  2705.      */
    2706. 

  2706.     if( opt.reconnect_hard != 0 )
    2707. 

  2707.     {
    2708. 

  2708.         opt.reconnect_hard = 0;
    2709. 

  2709. 

  2710.         mbedtls_printf( "  . Restarting connection from same port..." );
    2711. 

  2711.         fflush( stdout );
    2712. 

  2712. 

  2713. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    2714. 

  2714.         memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
    2715. 

  2715. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    2716. 

  2716. 

  2717.         if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
    2718. 

  2718.         {
    2719. 

  2719.             mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
    2720. 

  2720.                             (unsigned int) -ret );
    2721. 

  2721.             goto exit;
    2722. 

  2722.         }
    2723. 

  2723. 

  2724.         while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
    2725. 

  2725.         {
    2726. 

  2726.             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    2727. 

  2727.                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
    2728. 

  2728.                 ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    2729. 

  2729.             {
    2730. 

  2730.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
    2731. 

  2731.                                 (unsigned int) -ret );
    2732. 

  2732.                 goto exit;
    2733. 

  2733.             }
    2734. 

  2734. 

  2735.             /* For event-driven IO, wait for socket to become available */
    2736. 

  2736.             if( opt.event == 1 /* level triggered IO */ )
    2737. 

  2737.             {
    2738. 

  2738. #if defined(MBEDTLS_TIMING_C)
    2739. 

  2739.                 idle( &server_fd, &timer, ret );
    2740. 

  2740. #else
    2741. 

  2741.                 idle( &server_fd, ret );
    2742. 

  2742. #endif
    2743. 

  2743.             }
    2744. 

  2744.         }
    2745. 

  2745. 

  2746.         mbedtls_printf( " ok\n" );
    2747. 

  2747. 

  2748.         goto send_request;
    2749. 

  2749.     }
    2750. 

  2750. 

  2751.     /*
    2752. 

  2752.      * 7c. Simulate serialize/deserialize and go back to data exchange
    2753. 

  2753.      */
    2754. 

  2754. #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
    2755. 

  2755.     if( opt.serialize != 0 )
    2756. 

  2756.     {
    2757. 

  2757.         size_t buf_len;
    2758. 

  2758. 

  2759.         mbedtls_printf( "  . Serializing live connection..." );
    2760. 

  2760. 

  2761.         ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len );
    2762. 

  2762.         if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL )
    2763. 

  2763.         {
    2764. 

  2764.             mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
    2765. 

  2765.                             "-0x%x\n\n", (unsigned int) -ret );
    2766. 

  2766. 

  2767.             goto exit;
    2768. 

  2768.         }
    2769. 

  2769. 

  2770.         if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL )
    2771. 

  2771.         {
    2772. 

  2772.             mbedtls_printf( " failed\n  ! Couldn't allocate buffer for "
    2773. 

  2773.                             "serialized context" );
    2774. 

  2774. 

  2775.             goto exit;
    2776. 

  2776.         }
    2777. 

  2777.         context_buf_len = buf_len;
    2778. 

  2778. 

  2779.         if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
    2780. 

  2780.                                               buf_len, &buf_len ) ) != 0 )
    2781. 

  2781.         {
    2782. 

  2782.             mbedtls_printf( " failed\n  ! mbedtls_ssl_context_save returned "
    2783. 

  2783.                             "-0x%x\n\n", (unsigned int) -ret );
    2784. 

  2784. 

  2785.             goto exit;
    2786. 

  2786.         }
    2787. 

  2787. 

  2788.         mbedtls_printf( " ok\n" );
    2789. 

  2789. 

  2790.         /* Save serialized context to the 'opt.context_file' as a base64 code */
    2791. 

  2791.         if( 0 < strlen( opt.context_file ) )
    2792. 

  2792.         {
    2793. 

  2793.             FILE *b64_file;
    2794. 

  2794.             uint8_t *b64_buf;
    2795. 

  2795.             size_t b64_len;
    2796. 

  2796. 

  2797.             mbedtls_printf( "  . Save serialized context to a file... " );
    2798. 

  2798. 

  2799.             mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len );
    2800. 

  2800. 

  2801.             if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL )
    2802. 

  2802.             {
    2803. 

  2803.                 mbedtls_printf( "failed\n  ! Couldn't allocate buffer for "
    2804. 

  2804.                                 "the base64 code\n" );
    2805. 

  2805.                 goto exit;
    2806. 

  2806.             }
    2807. 

  2807. 

  2808.             if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len,
    2809. 

  2809.                                                context_buf, buf_len ) ) != 0 )
    2810. 

  2810.             {
    2811. 

  2811.                 mbedtls_printf( "failed\n  ! mbedtls_base64_encode returned "
    2812. 

  2812.                             "-0x%x\n", (unsigned int) -ret );
    2813. 

  2813.                 mbedtls_free( b64_buf );
    2814. 

  2814.                 goto exit;
    2815. 

  2815.             }
    2816. 

  2816. 

  2817.             if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL )
    2818. 

  2818.             {
    2819. 

  2819.                 mbedtls_printf( "failed\n  ! Cannot open '%s' for writing.\n",
    2820. 

  2820.                                 opt.context_file );
    2821. 

  2821.                 mbedtls_free( b64_buf );
    2822. 

  2822.                 goto exit;
    2823. 

  2823.             }
    2824. 

  2824. 

  2825.             if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) )
    2826. 

  2826.             {
    2827. 

  2827.                 mbedtls_printf( "failed\n  ! fwrite(%ld bytes) failed\n",
    2828. 

  2828.                                 (long) b64_len );
    2829. 

  2829.                 mbedtls_free( b64_buf );
    2830. 

  2830.                 fclose( b64_file );
    2831. 

  2831.                 goto exit;
    2832. 

  2832.             }
    2833. 

  2833. 

  2834.             mbedtls_free( b64_buf );
    2835. 

  2835.             fclose( b64_file );
    2836. 

  2836. 

  2837.             mbedtls_printf( "ok\n" );
    2838. 

  2838.         }
    2839. 

  2839. 

  2840.         if( opt.serialize == 1 )
    2841. 

  2841.         {
    2842. 

  2842.             /* nothing to do here, done by context_save() already */
    2843. 

  2843.             mbedtls_printf( "  . Context has been reset... ok\n" );
    2844. 

  2844.         }
    2845. 

  2845. 

  2846.         if( opt.serialize == 2 )
    2847. 

  2847.         {
    2848. 

  2848.             mbedtls_printf( "  . Freeing and reinitializing context..." );
    2849. 

  2849. 

  2850.             mbedtls_ssl_free( &ssl );
    2851. 

  2851. 

  2852.             mbedtls_ssl_init( &ssl );
    2853. 

  2853. 

  2854.             if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
    2855. 

  2855.             {
    2856. 

  2856.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned "
    2857. 

  2857.                                 "-0x%x\n\n", (unsigned int) -ret );
    2858. 

  2858.                 goto exit;
    2859. 

  2859.             }
    2860. 

  2860. 

  2861.             if( opt.nbio == 2 )
    2862. 

  2862.                 mbedtls_ssl_set_bio( &ssl, &server_fd, delayed_send,
    2863. 

  2863.                                      delayed_recv, NULL );
    2864. 

  2864.             else
    2865. 

  2865.                 mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send,
    2866. 

  2866.                             mbedtls_net_recv,
    2867. 

  2867.                             opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
    2868. 

  2868. 

  2869. #if defined(MBEDTLS_TIMING_C)
    2870. 

  2870.                 mbedtls_ssl_set_timer_cb( &ssl, &timer,
    2871. 

  2871.                                           mbedtls_timing_set_delay,
    2872. 

  2872.                                           mbedtls_timing_get_delay );
    2873. 

  2873. #endif /* MBEDTLS_TIMING_C */
    2874. 

  2874. 

  2875.             mbedtls_printf( " ok\n" );
    2876. 

  2876.         }
    2877. 

  2877. 

  2878.         mbedtls_printf( "  . Deserializing connection..." );
    2879. 

  2879. 

  2880.         if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf,
    2881. 

  2881.                                               buf_len ) ) != 0 )
    2882. 

  2882.         {
    2883. 

  2883.             mbedtls_printf( "failed\n  ! mbedtls_ssl_context_load returned "
    2884. 

  2884.                             "-0x%x\n\n", (unsigned int) -ret );
    2885. 

  2885. 

  2886.             goto exit;
    2887. 

  2887.         }
    2888. 

  2888. 

  2889.         mbedtls_free( context_buf );
    2890. 

  2890.         context_buf = NULL;
    2891. 

  2891.         context_buf_len = 0;
    2892. 

  2892. 

  2893.         mbedtls_printf( " ok\n" );
    2894. 

  2894.     }
    2895. 

  2895. #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
    2896. 

  2896. 

  2897.     /*
    2898. 

  2898.      * 7d. Continue doing data exchanges?
    2899. 

  2899.      */
    2900. 

  2900.     if( --opt.exchanges > 0 )
    2901. 

  2901.         goto send_request;
    2902. 

  2902. 

  2903.     /*
    2904. 

  2904.      * 8. Done, cleanly close the connection
    2905. 

  2905.      */
    2906. 

  2906. close_notify:
    2907. 

  2907.     mbedtls_printf( "  . Closing the connection..." );
    2908. 

  2908.     fflush( stdout );
    2909. 

  2909. 

  2910.     /*
    2911. 

  2911.      * Most of the time sending a close_notify before closing is the right
    2912. 

  2912.      * thing to do. However, when the server already knows how many messages
    2913. 

  2913.      * are expected and closes the connection by itself, this alert becomes
    2914. 

  2914.      * redundant. Sometimes with DTLS this redundancy becomes a problem by
    2915. 

  2915.      * leading to a race condition where the server might close the connection
    2916. 

  2916.      * before seeing the alert, and since UDP is connection-less when the
    2917. 

  2917.      * alert arrives it will be seen as a new connection, which will fail as
    2918. 

  2918.      * the alert is clearly not a valid ClientHello. This may cause spurious
    2919. 

  2919.      * failures in tests that use DTLS and resumption with ssl_server2 in
    2920. 

  2920.      * ssl-opt.sh, avoided by enabling skip_close_notify client-side.
    2921. 

  2921.      */
    2922. 

  2922.     if( opt.skip_close_notify == 0 )
    2923. 

  2923.     {
    2924. 

  2924.         /* No error checking, the connection might be closed already */
    2925. 

  2925.         do ret = mbedtls_ssl_close_notify( &ssl );
    2926. 

  2926.         while( ret == MBEDTLS_ERR_SSL_WANT_WRITE );
    2927. 

  2927.         ret = 0;
    2928. 

  2928.     }
    2929. 

  2929. 

  2930.     mbedtls_printf( " done\n" );
    2931. 

  2931. 

  2932.     /*
    2933. 

  2933.      * 9. Reconnect?
    2934. 

  2934.      */
    2935. 

  2935. reconnect:
    2936. 

  2936.     if( opt.reconnect != 0 )
    2937. 

  2937.     {
    2938. 

  2938.         --opt.reconnect;
    2939. 

  2939. 

  2940.         mbedtls_net_free( &server_fd );
    2941. 

  2941. 

  2942. #if defined(MBEDTLS_TIMING_C)
    2943. 

  2943.         if( opt.reco_delay > 0 )
    2944. 

  2944.             mbedtls_net_usleep( 1000000 * opt.reco_delay );
    2945. 

  2945. #endif
    2946. 

  2946. 

  2947.         mbedtls_printf( "  . Reconnecting with saved session..." );
    2948. 

  2948. 

  2949. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    2950. 

  2950.         memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
    2951. 

  2951. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    2952. 

  2952. 

  2953.         if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
    2954. 

  2954.         {
    2955. 

  2955.             mbedtls_printf( " failed\n  ! mbedtls_ssl_session_reset returned -0x%x\n\n",
    2956. 

  2956.                             (unsigned int) -ret );
    2957. 

  2957.             goto exit;
    2958. 

  2958.         }
    2959. 

  2959. 

  2960.         if( opt.reco_mode == 1 )
    2961. 

  2961.         {
    2962. 

  2962.             if( ( ret = mbedtls_ssl_session_load( &saved_session,
    2963. 

  2963.                                                   session_data,
    2964. 

  2964.                                                   session_data_len ) ) != 0 )
    2965. 

  2965.             {
    2966. 

  2966.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_session_load returned -0x%x\n\n",
    2967. 

  2967.                                 (unsigned int) -ret );
    2968. 

  2968.                 goto exit;
    2969. 

  2969.             }
    2970. 

  2970.         }
    2971. 

  2971. 

  2972.         if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
    2973. 

  2973.         {
    2974. 

  2974.             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session returned -0x%x\n\n",
    2975. 

  2975.                             (unsigned int) -ret );
    2976. 

  2976.             goto exit;
    2977. 

  2977.         }
    2978. 

  2978. 

  2979.         if( ( ret = mbedtls_net_connect( &server_fd,
    2980. 

  2980.                         opt.server_addr, opt.server_port,
    2981. 

  2981.                         opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
    2982. 

  2982.                         MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
    2983. 

  2983.         {
    2984. 

  2984.             mbedtls_printf( " failed\n  ! mbedtls_net_connect returned -0x%x\n\n",
    2985. 

  2985.                             (unsigned int) -ret );
    2986. 

  2986.             goto exit;
    2987. 

  2987.         }
    2988. 

  2988. 

  2989.         if( opt.nbio > 0 )
    2990. 

  2990.             ret = mbedtls_net_set_nonblock( &server_fd );
    2991. 

  2991.         else
    2992. 

  2992.             ret = mbedtls_net_set_block( &server_fd );
    2993. 

  2993.         if( ret != 0 )
    2994. 

  2994.         {
    2995. 

  2995.             mbedtls_printf( " failed\n  ! net_set_(non)block() returned -0x%x\n\n",
    2996. 

  2996.                             (unsigned int) -ret );
    2997. 

  2997.             goto exit;
    2998. 

  2998.         }
    2999. 

  2999. 

  3000.         while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
    3001. 

  3001.         {
    3002. 

  3002.             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
    3003. 

  3003.                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
    3004. 

  3004.                 ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
    3005. 

  3005.             {
    3006. 

  3006.                 mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
    3007. 

  3007.                                 (unsigned int) -ret );
    3008. 

  3008.                 goto exit;
    3009. 

  3009.             }
    3010. 

  3010.         }
    3011. 

  3011. 

  3012.         mbedtls_printf( " ok\n" );
    3013. 

  3013. 

  3014.         goto send_request;
    3015. 

  3015.     }
    3016. 

  3016. 

  3017.     /*
    3018. 

  3018.      * Cleanup and exit
    3019. 

  3019.      */
    3020. 

  3020. exit:
    3021. 

  3021. #ifdef MBEDTLS_ERROR_C
    3022. 

  3022.     if( ret != 0 )
    3023. 

  3023.     {
    3024. 

  3024.         char error_buf[100];
    3025. 

  3025.         mbedtls_strerror( ret, error_buf, 100 );
    3026. 

  3026.         mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf );
    3027. 

  3027.     }
    3028. 

  3028. #endif
    3029. 

  3029. 

  3030.     mbedtls_net_free( &server_fd );
    3031. 

  3031. 

  3032.     mbedtls_ssl_free( &ssl );
    3033. 

  3033.     mbedtls_ssl_config_free( &conf );
    3034. 

  3034.     mbedtls_ssl_session_free( &saved_session );
    3035. 

  3035. 

  3036.     if( session_data != NULL )
    3037. 

  3037.         mbedtls_platform_zeroize( session_data, session_data_len );
    3038. 

  3038.     mbedtls_free( session_data );
    3039. 

  3039. #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
    3040. 

  3040.     if( context_buf != NULL )
    3041. 

  3041.         mbedtls_platform_zeroize( context_buf, context_buf_len );
    3042. 

  3042.     mbedtls_free( context_buf );
    3043. 

  3043. #endif
    3044. 

  3044. 

  3045. #if defined(MBEDTLS_X509_CRT_PARSE_C)
    3046. 

  3046.     mbedtls_x509_crt_free( &clicert );
    3047. 

  3047.     mbedtls_x509_crt_free( &cacert );
    3048. 

  3048.     mbedtls_pk_free( &pkey );
    3049. 

  3049. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    3050. 

  3050.     psa_destroy_key( key_slot );
    3051. 

  3051. #endif
    3052. 

  3052. #endif /* MBEDTLS_X509_CRT_PARSE_C */
    3053. 

  3053. 

  3054. #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
    3055. 

  3055.     defined(MBEDTLS_USE_PSA_CRYPTO)
    3056. 

  3056.     if( opt.psk_opaque != 0 )
    3057. 

  3057.     {
    3058. 

  3058.         /* This is ok even if the slot hasn't been
    3059. 

  3059.          * initialized (we might have jumed here
    3060. 

  3060.          * immediately because of bad cmd line params,
    3061. 

  3061.          * for example). */
    3062. 

  3062.         status = psa_destroy_key( slot );
    3063. 

  3063.         if( ( status != PSA_SUCCESS ) &&
    3064. 

  3064.             ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
    3065. 

  3065.         {
    3066. 

  3066.             mbedtls_printf( "Failed to destroy key slot %u - error was %d",
    3067. 

  3067.                             (unsigned) slot, (int) status );
    3068. 

  3068.             if( ret == 0 )
    3069. 

  3069.                 ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
    3070. 

  3070.         }
    3071. 

  3071.     }
    3072. 

  3072. #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
    3073. 

  3073.           MBEDTLS_USE_PSA_CRYPTO */
    3074. 

  3074. 

  3075. #if defined(MBEDTLS_USE_PSA_CRYPTO)
    3076. 

  3076.     const char* message = mbedtls_test_helper_is_psa_leaking();
    3077. 

  3077.     if( message )
    3078. 

  3078.     {
    3079. 

  3079.         if( ret == 0 )
    3080. 

  3080.             ret = 1;
    3081. 

  3081.         mbedtls_printf( "PSA memory leak detected: %s\n",  message);
    3082. 

  3082.     }
    3083. 

  3083. #endif /* MBEDTLS_USE_PSA_CRYPTO */
    3084. 

  3084. 

  3085.     /* For builds with MBEDTLS_TEST_USE_PSA_CRYPTO_RNG psa crypto
    3086. 

  3086.      * resources are freed by rng_free(). */
    3087. 

  3087. #if defined(MBEDTLS_USE_PSA_CRYPTO) && \
    3088. 

  3088.     !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)
    3089. 

  3089.     mbedtls_psa_crypto_free( );
    3090. 

  3090. #endif
    3091. 

  3091. 

  3092.     rng_free( &rng );
    3093. 

  3093. 

  3094. #if defined(MBEDTLS_TEST_HOOKS)
    3095. 

  3095.     if( test_hooks_failure_detected( ) )
    3096. 

  3096.     {
    3097. 

  3097.         if( ret == 0 )
    3098. 

  3098.             ret = 1;
    3099. 

  3099.         mbedtls_printf( "Test hooks detected errors.\n" );
    3100. 

  3100.     }
    3101. 

  3101.     test_hooks_free( );
    3102. 

  3102. #endif /* MBEDTLS_TEST_HOOKS */
    3103. 

  3103. 

  3104. #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
    3105. 

  3105. #if defined(MBEDTLS_MEMORY_DEBUG)
    3106. 

  3106.     mbedtls_memory_buffer_alloc_status();
    3107. 

  3107. #endif
    3108. 

  3108.     mbedtls_memory_buffer_alloc_free();
    3109. 

  3109. #endif  /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
    3110. 

  3110. 

  3111. #if defined(_WIN32)
    3112. 

  3112.     if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
    3113. 

  3113.     {
    3114. 

  3114.         mbedtls_printf( "  + Press Enter to exit this program.\n" );
    3115. 

  3115.         fflush( stdout ); getchar();
    3116. 

  3116.     }
    3117. 

  3117. #endif
    3118. 

  3118. 

  3119.     // Shell can not handle large exit numbers -> 1 for errors
    3120. 

  3120.     if( ret < 0 )
    3121. 

  3121.         ret = 1;
    3122. 

  3122. 

  3123.     if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE )
    3124. 

  3124.         mbedtls_exit( ret );
    3125. 

  3125.     else
    3126. 

  3126.         mbedtls_exit( query_config_ret );
    3127. 

  3127. }
    3128. 

  3128. #endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */
    3129.