len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-17 18:27:47 -04:00
Code Issues Projects Releases Packages Wiki Activity

Support multiple transports in the same compilation unit (#434)

Browse source 
By removing the definition of the NetworkContext struct in the header file, we allow the application to define it. This allows an application writer to use multiple transports in the same compilation unit. That way, multiple .c files do not have to be created for each transport.
This commit is contained in:
Oscar Michael Abrina 2020-12-01 17:24:18 -08:00 committed by GitHub
parent a9fd30af94
commit 73b0d1b259
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 406 additions and 106 deletions
Download patch file Download diff file Expand all files Collapse all files

5
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/sockets_wrapper.c
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**

5
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/sockets_wrapper.h
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**

82
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_mbedtls/using_mbedtls.c
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**
@ -46,6 +51,14 @@
/*-----------------------------------------------------------*/
/* Each compilation unit must define the NetworkContext struct. */
struct NetworkContext
{
TlsTransportParams_t * pParams;
};
/*-----------------------------------------------------------*/
/**
* @brief Represents string to be logged when mbedTLS returned error
* does not contain a high-level code.
@ -282,17 +295,17 @@ static int32_t setClientCertificate( SSLContext_t * pSslContext,
/*-----------------------------------------------------------*/
static int32_t setPrivateKey( SSLContext_t * pSslContext,
const uint8_t * pPrivateKeyPath,
const uint8_t * pPrivateKey,
size_t privateKeySize )
{
int32_t mbedtlsError = -1;
configASSERT( pSslContext != NULL );
configASSERT( pPrivateKeyPath != NULL );
configASSERT( pPrivateKey != NULL );
/* Setup the client private key. */
mbedtlsError = mbedtls_pk_parse_key( &( pSslContext->privKey ),
pPrivateKeyPath,
pPrivateKey,
privateKeySize,
NULL,
0 );
@ -424,18 +437,21 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
const char * pHostName,
const NetworkCredentials_t * pNetworkCredentials )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
TlsTransportStatus_t returnStatus = TLS_TRANSPORT_SUCCESS;
int32_t mbedtlsError = 0;
configASSERT( pNetworkContext != NULL );
configASSERT( pNetworkContext->pParams != NULL );
configASSERT( pHostName != NULL );
configASSERT( pNetworkCredentials != NULL );
configASSERT( pNetworkCredentials->pRootCa != NULL );
pTlsTransportParams = pNetworkContext->pParams;
/* Initialize the mbed TLS context structures. */
sslContextInit( &( pNetworkContext->sslContext ) );
sslContextInit( &( pTlsTransportParams->sslContext ) );
mbedtlsError = mbedtls_ssl_config_defaults( &( pNetworkContext->sslContext.config ),
mbedtlsError = mbedtls_ssl_config_defaults( &( pTlsTransportParams->sslContext.config ),
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT );
@ -452,7 +468,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
mbedtlsError = setCredentials( &( pNetworkContext->sslContext ),
mbedtlsError = setCredentials( &( pTlsTransportParams->sslContext ),
pNetworkCredentials );
if( mbedtlsError != 0 )
@ -462,7 +478,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
else
{
/* Optionally set SNI and ALPN protocols. */
setOptionalConfigurations( &( pNetworkContext->sslContext ),
setOptionalConfigurations( &( pTlsTransportParams->sslContext ),
pHostName,
pNetworkCredentials );
}
@ -475,15 +491,18 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
static TlsTransportStatus_t tlsHandshake( NetworkContext_t * pNetworkContext,
const NetworkCredentials_t * pNetworkCredentials )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
TlsTransportStatus_t returnStatus = TLS_TRANSPORT_SUCCESS;
int32_t mbedtlsError = 0;
configASSERT( pNetworkContext != NULL );
configASSERT( pNetworkContext->pParams != NULL );
configASSERT( pNetworkCredentials != NULL );
pTlsTransportParams = pNetworkContext->pParams;
/* Initialize the mbed TLS secured connection context. */
mbedtlsError = mbedtls_ssl_setup( &( pNetworkContext->sslContext.context ),
&( pNetworkContext->sslContext.config ) );
mbedtlsError = mbedtls_ssl_setup( &( pTlsTransportParams->sslContext.context ),
&( pTlsTransportParams->sslContext.config ) );
if( mbedtlsError != 0 )
{
@ -502,8 +521,8 @@ static TlsTransportStatus_t tlsHandshake( NetworkContext_t * pNetworkContext,
* #mbedtls_ssl_set_bio requires the second parameter as void *.
*/
/* coverity[misra_c_2012_rule_11_2_violation] */
mbedtls_ssl_set_bio( &( pNetworkContext->sslContext.context ),
( void * ) pNetworkContext->tcpSocket,
mbedtls_ssl_set_bio( &( pTlsTransportParams->sslContext.context ),
( void * ) pTlsTransportParams->tcpSocket,
mbedtls_platform_send,
mbedtls_platform_recv,
NULL );
@ -514,7 +533,7 @@ static TlsTransportStatus_t tlsHandshake( NetworkContext_t * pNetworkContext,
/* Perform the TLS handshake. */
do
{
mbedtlsError = mbedtls_ssl_handshake( &( pNetworkContext->sslContext.context ) );
mbedtlsError = mbedtls_ssl_handshake( &( pTlsTransportParams->sslContext.context ) );
} while( ( mbedtlsError == MBEDTLS_ERR_SSL_WANT_READ ) ||
( mbedtlsError == MBEDTLS_ERR_SSL_WANT_WRITE ) );
@ -602,10 +621,12 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
uint32_t receiveTimeoutMs,
uint32_t sendTimeoutMs )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
TlsTransportStatus_t returnStatus = TLS_TRANSPORT_SUCCESS;
BaseType_t socketStatus = 0;
if( ( pNetworkContext == NULL ) ||
( pNetworkContext->pParams == NULL ) ||
( pHostName == NULL ) ||
( pNetworkCredentials == NULL ) )
{
@ -629,7 +650,8 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
/* Establish a TCP connection with the server. */
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
socketStatus = Sockets_Connect( &( pNetworkContext->tcpSocket ),
pTlsTransportParams = pNetworkContext->pParams;
socketStatus = Sockets_Connect( &( pTlsTransportParams->tcpSocket ),
pHostName,
port,
receiveTimeoutMs,
@ -647,8 +669,8 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
/* Initialize mbedtls. */
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
returnStatus = initMbedtls( &( pNetworkContext->sslContext.entropyContext ),
&( pNetworkContext->sslContext.ctrDrgbContext ) );
returnStatus = initMbedtls( &( pTlsTransportParams->sslContext.entropyContext ),
&( pTlsTransportParams->sslContext.ctrDrgbContext ) );
}
/* Initialize TLS contexts and set credentials. */
@ -666,13 +688,13 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
/* Clean up on failure. */
if( returnStatus != TLS_TRANSPORT_SUCCESS )
{
if( pNetworkContext != NULL )
if( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) )
{
sslContextFree( &( pNetworkContext->sslContext ) );
sslContextFree( &( pTlsTransportParams->sslContext ) );
if( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET )
if( pTlsTransportParams->tcpSocket != FREERTOS_INVALID_SOCKET )
{
( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket );
( void ) FreeRTOS_closesocket( pTlsTransportParams->tcpSocket );
}
}
}
@ -689,12 +711,14 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
BaseType_t tlsStatus = 0;
if( pNetworkContext != NULL )
if( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) )
{
pTlsTransportParams = pNetworkContext->pParams;
/* Attempting to terminate TLS connection. */
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pTlsTransportParams->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
@ -723,10 +747,10 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
}
/* Call socket shutdown function to close connection. */
Sockets_Disconnect( pNetworkContext->tcpSocket );
Sockets_Disconnect( pTlsTransportParams->tcpSocket );
/* Free mbed TLS contexts. */
sslContextFree( &( pNetworkContext->sslContext ) );
sslContextFree( &( pTlsTransportParams->sslContext ) );
}
/* Clear the mutex functions for mbed TLS thread safety. */
@ -738,9 +762,13 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
void * pBuffer,
size_t bytesToRecv )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pNetworkContext->sslContext.context ),
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
@ -776,9 +804,13 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
const void * pBuffer,
size_t bytesToSend )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pNetworkContext->sslContext.context ),
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );

13
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_mbedtls/using_mbedtls.h
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**
@ -94,14 +99,14 @@ typedef struct SSLContext
} SSLContext_t;
/**
* @brief Definition of the network context for the transport interface
* implementation that uses mbedTLS and FreeRTOS+TLS sockets.
* @brief Parameters for the network context of the transport interface
* implementation that uses mbedTLS and FreeRTOS+TCP sockets.
*/
struct NetworkContext
typedef struct TlsTransportParams
{
Socket_t tcpSocket;
SSLContext_t sslContext;
};
} TlsTransportParams_t;
/**
* @brief Contains the credentials necessary for tls connection setup.

104
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_mbedtls_pkcs11/using_mbedtls_pkcs11.c
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**
@ -55,6 +60,14 @@
/*-----------------------------------------------------------*/
/* Each compilation unit must define the NetworkContext struct. */
struct NetworkContext
{
TlsTransportParams_t * pParams;
};
/*-----------------------------------------------------------*/
/**
* @brief Represents string to be logged when mbedTLS returned error
* does not contain a high-level code.
@ -221,19 +234,23 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
const char * pHostName,
const NetworkCredentials_t * pNetworkCredentials )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
TlsTransportStatus_t returnStatus = TLS_TRANSPORT_SUCCESS;
int32_t mbedtlsError = 0;
CK_RV xResult = CKR_OK;
configASSERT( pNetworkContext != NULL );
configASSERT( pNetworkContext->pParams != NULL );
configASSERT( pHostName != NULL );
configASSERT( pNetworkCredentials != NULL );
configASSERT( pNetworkCredentials->pRootCa != NULL );
/* Initialize the mbed TLS context structures. */
sslContextInit( &( pNetworkContext->sslContext ) );
pTlsTransportParams = pNetworkContext->pParams;
mbedtlsError = mbedtls_ssl_config_defaults( &( pNetworkContext->sslContext.config ),
/* Initialize the mbed TLS context structures. */
sslContextInit( &( pTlsTransportParams->sslContext ) );
mbedtlsError = mbedtls_ssl_config_defaults( &( pTlsTransportParams->sslContext.config ),
MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT );
@ -251,7 +268,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
/* Set up the certificate security profile, starting from the default value. */
pNetworkContext->sslContext.certProfile = mbedtls_x509_crt_profile_default;
pTlsTransportParams->sslContext.certProfile = mbedtls_x509_crt_profile_default;
/* test.mosquitto.org only provides a 1024-bit RSA certificate, which is
* not acceptable by the default mbed TLS certificate security profile.
@ -259,20 +276,20 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
* This block should be removed otherwise. */
if( strncmp( pHostName, "test.mosquitto.org", strlen( pHostName ) ) == 0 )
{
pNetworkContext->sslContext.certProfile.rsa_min_bitlen = 1024;
pTlsTransportParams->sslContext.certProfile.rsa_min_bitlen = 1024;
}
/* Set SSL authmode and the RNG context. */
mbedtls_ssl_conf_authmode( &( pNetworkContext->sslContext.config ),
mbedtls_ssl_conf_authmode( &( pTlsTransportParams->sslContext.config ),
MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_conf_rng( &( pNetworkContext->sslContext.config ),
mbedtls_ssl_conf_rng( &( pTlsTransportParams->sslContext.config ),
generateRandomBytes,
&pNetworkContext->sslContext );
mbedtls_ssl_conf_cert_profile( &( pNetworkContext->sslContext.config ),
&( pNetworkContext->sslContext.certProfile ) );
&pTlsTransportParams->sslContext );
mbedtls_ssl_conf_cert_profile( &( pTlsTransportParams->sslContext.config ),
&( pTlsTransportParams->sslContext.certProfile ) );
/* Parse the server root CA certificate into the SSL context. */
mbedtlsError = mbedtls_x509_crt_parse( &( pNetworkContext->sslContext.rootCa ),
mbedtlsError = mbedtls_x509_crt_parse( &( pTlsTransportParams->sslContext.rootCa ),
pNetworkCredentials->pRootCa,
pNetworkCredentials->rootCaSize );
@ -286,8 +303,8 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
}
else
{
mbedtls_ssl_conf_ca_chain( &( pNetworkContext->sslContext.config ),
&( pNetworkContext->sslContext.rootCa ),
mbedtls_ssl_conf_ca_chain( &( pTlsTransportParams->sslContext.config ),
&( pTlsTransportParams->sslContext.rootCa ),
NULL );
}
}
@ -295,7 +312,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
/* Setup the client private key. */
xResult = initializeClientKeys( &( pNetworkContext->sslContext ) );
xResult = initializeClientKeys( &( pTlsTransportParams->sslContext ) );
if( xResult != CKR_OK )
{
@ -306,10 +323,10 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
else
{
/* Setup the client certificate. */
xResult = readCertificateIntoContext( &( pNetworkContext->sslContext ),
xResult = readCertificateIntoContext( &( pTlsTransportParams->sslContext ),
pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS,
CKO_CERTIFICATE,
&( pNetworkContext->sslContext.clientCert ) );
&( pTlsTransportParams->sslContext.clientCert ) );
if( xResult != CKR_OK )
{
@ -319,9 +336,9 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
}
else
{
( void ) mbedtls_ssl_conf_own_cert( &( pNetworkContext->sslContext.config ),
&( pNetworkContext->sslContext.clientCert ),
&( pNetworkContext->sslContext.privKey ) );
( void ) mbedtls_ssl_conf_own_cert( &( pTlsTransportParams->sslContext.config ),
&( pTlsTransportParams->sslContext.clientCert ),
&( pTlsTransportParams->sslContext.privKey ) );
}
}
}
@ -330,7 +347,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
{
/* Include an application protocol list in the TLS ClientHello
* message. */
mbedtlsError = mbedtls_ssl_conf_alpn_protocols( &( pNetworkContext->sslContext.config ),
mbedtlsError = mbedtls_ssl_conf_alpn_protocols( &( pTlsTransportParams->sslContext.config ),
pNetworkCredentials->pAlpnProtos );
if( mbedtlsError != 0 )
@ -346,8 +363,8 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
/* Initialize the mbed TLS secured connection context. */
mbedtlsError = mbedtls_ssl_setup( &( pNetworkContext->sslContext.context ),
&( pNetworkContext->sslContext.config ) );
mbedtlsError = mbedtls_ssl_setup( &( pTlsTransportParams->sslContext.context ),
&( pTlsTransportParams->sslContext.config ) );
if( mbedtlsError != 0 )
{
@ -366,8 +383,8 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
* #mbedtls_ssl_set_bio requires the second parameter as void *.
*/
/* coverity[misra_c_2012_rule_11_2_violation] */
mbedtls_ssl_set_bio( &( pNetworkContext->sslContext.context ),
( void * ) pNetworkContext->tcpSocket,
mbedtls_ssl_set_bio( &( pTlsTransportParams->sslContext.context ),
( void * ) pTlsTransportParams->tcpSocket,
mbedtls_platform_send,
mbedtls_platform_recv,
NULL );
@ -379,7 +396,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
/* Enable SNI if requested. */
if( pNetworkCredentials->disableSni == pdFALSE )
{
mbedtlsError = mbedtls_ssl_set_hostname( &( pNetworkContext->sslContext.context ),
mbedtlsError = mbedtls_ssl_set_hostname( &( pTlsTransportParams->sslContext.context ),
pHostName );
if( mbedtlsError != 0 )
@ -402,7 +419,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
*
* Smaller values can be found in "mbedtls/include/ssl.h".
*/
mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pNetworkContext->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
mbedtlsError = mbedtls_ssl_conf_max_frag_len( &( pTlsTransportParams->sslContext.config ), MBEDTLS_SSL_MAX_FRAG_LEN_4096 );
if( mbedtlsError != 0 )
{
@ -419,7 +436,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
/* Perform the TLS handshake. */
do
{
mbedtlsError = mbedtls_ssl_handshake( &( pNetworkContext->sslContext.context ) );
mbedtlsError = mbedtls_ssl_handshake( &( pTlsTransportParams->sslContext.context ) );
} while( ( mbedtlsError == MBEDTLS_ERR_SSL_WANT_READ ) ||
( mbedtlsError == MBEDTLS_ERR_SSL_WANT_WRITE ) );
@ -435,7 +452,7 @@ static TlsTransportStatus_t tlsSetup( NetworkContext_t * pNetworkContext,
if( returnStatus != TLS_TRANSPORT_SUCCESS )
{
sslContextFree( &( pNetworkContext->sslContext ) );
sslContextFree( &( pTlsTransportParams->sslContext ) );
}
else
{
@ -774,10 +791,12 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
uint32_t receiveTimeoutMs,
uint32_t sendTimeoutMs )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
TlsTransportStatus_t returnStatus = TLS_TRANSPORT_SUCCESS;
BaseType_t socketStatus = 0;
if( ( pNetworkContext == NULL ) ||
( pNetworkContext->pParams == NULL ) ||
( pHostName == NULL ) ||
( pNetworkCredentials == NULL ) )
{
@ -801,7 +820,8 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
/* Establish a TCP connection with the server. */
if( returnStatus == TLS_TRANSPORT_SUCCESS )
{
socketStatus = Sockets_Connect( &( pNetworkContext->tcpSocket ),
pTlsTransportParams = pNetworkContext->pParams;
socketStatus = Sockets_Connect( &( pTlsTransportParams->tcpSocket ),
pHostName,
port,
receiveTimeoutMs,
@ -832,9 +852,9 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
if( returnStatus != TLS_TRANSPORT_SUCCESS )
{
if( ( pNetworkContext != NULL ) &&
( pNetworkContext->tcpSocket != FREERTOS_INVALID_SOCKET ) )
( pTlsTransportParams->tcpSocket != FREERTOS_INVALID_SOCKET ) )
{
( void ) FreeRTOS_closesocket( pNetworkContext->tcpSocket );
( void ) FreeRTOS_closesocket( pTlsTransportParams->tcpSocket );
}
}
else
@ -851,12 +871,14 @@ TlsTransportStatus_t TLS_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
BaseType_t tlsStatus = 0;
if( pNetworkContext != NULL )
if( pNetworkContext != NULL && pNetworkContext->pParams != NULL )
{
pTlsTransportParams = pNetworkContext->pParams;
/* Attempting to terminate TLS connection. */
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pNetworkContext->sslContext.context ) );
tlsStatus = ( BaseType_t ) mbedtls_ssl_close_notify( &( pTlsTransportParams->sslContext.context ) );
/* Ignore the WANT_READ and WANT_WRITE return values. */
if( ( tlsStatus != ( BaseType_t ) MBEDTLS_ERR_SSL_WANT_READ ) &&
@ -885,10 +907,10 @@ void TLS_FreeRTOS_Disconnect( NetworkContext_t * pNetworkContext )
}
/* Call socket shutdown function to close connection. */
Sockets_Disconnect( pNetworkContext->tcpSocket );
Sockets_Disconnect( pTlsTransportParams->tcpSocket );
/* Free mbed TLS contexts. */
sslContextFree( &( pNetworkContext->sslContext ) );
sslContextFree( &( pTlsTransportParams->sslContext ) );
}
/* Clear the mutex functions for mbed TLS thread safety. */
@ -901,9 +923,13 @@ int32_t TLS_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
void * pBuffer,
size_t bytesToRecv )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pNetworkContext->sslContext.context ),
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_read( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToRecv );
@ -940,9 +966,13 @@ int32_t TLS_FreeRTOS_send( NetworkContext_t * pNetworkContext,
const void * pBuffer,
size_t bytesToSend )
{
TlsTransportParams_t * pTlsTransportParams = NULL;
int32_t tlsStatus = 0;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pNetworkContext->sslContext.context ),
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pTlsTransportParams = pNetworkContext->pParams;
tlsStatus = ( int32_t ) mbedtls_ssl_write( &( pTlsTransportParams->sslContext.context ),
pBuffer,
bytesToSend );

9
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_mbedtls_pkcs11/using_mbedtls_pkcs11.h
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/**
@ -110,11 +115,11 @@ typedef struct SSLContext
* @brief Definition of the network context for the transport interface
* implementation that uses mbedTLS and FreeRTOS+TLS sockets.
*/
struct NetworkContext
typedef struct TlsTransportParams
{
Socket_t tcpSocket;
SSLContext_t sslContext;
};
} TlsTransportParams_t;
/**
* @brief Contains the credentials necessary for tls connection setup.

49
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_plaintext/using_plaintext.c
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
/* Standard includes. */
@ -35,16 +40,27 @@
/* Transport interface include. */
#include "using_plaintext.h"
/*-----------------------------------------------------------*/
/* Each compilation unit must define the NetworkContext struct. */
struct NetworkContext
{
PlaintextTransportParams_t * pParams;
};
/*-----------------------------------------------------------*/
PlaintextTransportStatus_t Plaintext_FreeRTOS_Connect( NetworkContext_t * pNetworkContext,
const char * pHostName,
uint16_t port,
uint32_t receiveTimeoutMs,
uint32_t sendTimeoutMs )
{
PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
PlaintextTransportStatus_t plaintextStatus = PLAINTEXT_TRANSPORT_SUCCESS;
BaseType_t socketStatus = 0;
if( ( pNetworkContext == NULL ) || ( pHostName == NULL ) )
if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) || ( pHostName == NULL ) )
{
LogError( ( "Invalid input parameter(s): Arguments cannot be NULL. pNetworkContext=%p, "
"pHostName=%p.",
@ -54,8 +70,9 @@ PlaintextTransportStatus_t Plaintext_FreeRTOS_Connect( NetworkContext_t * pNetwo
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams;
/* Establish a TCP connection with the server. */
socketStatus = Sockets_Connect( &( pNetworkContext->tcpSocket ),
socketStatus = Sockets_Connect( &( pPlaintextTransportParams->tcpSocket ),
pHostName,
port,
receiveTimeoutMs,
@ -76,22 +93,24 @@ PlaintextTransportStatus_t Plaintext_FreeRTOS_Connect( NetworkContext_t * pNetwo
PlaintextTransportStatus_t Plaintext_FreeRTOS_Disconnect( const NetworkContext_t * pNetworkContext )
{
PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
PlaintextTransportStatus_t plaintextStatus = PLAINTEXT_TRANSPORT_SUCCESS;
if( pNetworkContext == NULL )
if( ( pNetworkContext == NULL ) || ( pNetworkContext->pParams == NULL ) )
{
LogError( ( "pNetworkContext cannot be NULL." ) );
plaintextStatus = PLAINTEXT_TRANSPORT_INVALID_PARAMETER;
}
else if( pNetworkContext->tcpSocket == FREERTOS_INVALID_SOCKET )
else if( pNetworkContext->pParams->tcpSocket == FREERTOS_INVALID_SOCKET )
{
LogError( ( "pNetworkContext->tcpSocket cannot be an invalid socket." ) );
LogError( ( "pPlaintextTransportParams->tcpSocket cannot be an invalid socket." ) );
plaintextStatus = PLAINTEXT_TRANSPORT_INVALID_PARAMETER;
}
else
{
pPlaintextTransportParams = pNetworkContext->pParams;
/* Call socket disconnect function to close connection. */
Sockets_Disconnect( pNetworkContext->tcpSocket );
Sockets_Disconnect( pPlaintextTransportParams->tcpSocket );
}
return plaintextStatus;
@ -101,9 +120,16 @@ int32_t Plaintext_FreeRTOS_recv( NetworkContext_t * pNetworkContext,
void * pBuffer,
size_t bytesToRecv )
{
PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 0;
socketStatus = FreeRTOS_recv( pNetworkContext->tcpSocket, pBuffer, bytesToRecv, 0 );
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pPlaintextTransportParams = pNetworkContext->pParams;
socketStatus = FreeRTOS_recv( pPlaintextTransportParams->tcpSocket,
pBuffer,
bytesToRecv,
0 );
return socketStatus;
}
@ -112,9 +138,16 @@ int32_t Plaintext_FreeRTOS_send( NetworkContext_t * pNetworkContext,
const void * pBuffer,
size_t bytesToSend )
{
PlaintextTransportParams_t * pPlaintextTransportParams = NULL;
int32_t socketStatus = 0;
socketStatus = FreeRTOS_send( pNetworkContext->tcpSocket, pBuffer, bytesToSend, 0 );
configASSERT( ( pNetworkContext != NULL ) && ( pNetworkContext->pParams != NULL ) );
pPlaintextTransportParams = pNetworkContext->pParams;
socketStatus = FreeRTOS_send( pPlaintextTransportParams->tcpSocket,
pBuffer,
bytesToSend,
0 );
return socketStatus;
}

11
FreeRTOS-Plus/Source/Application-Protocols/network_transport/freertos_plus_tcp/using_plaintext/using_plaintext.h
View file

@ -1,4 +1,5 @@
/*
* FreeRTOS V202011.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
@ -17,6 +18,10 @@
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
#ifndef USING_PLAINTEXT_H
@ -67,12 +72,12 @@ extern void vLoggingPrintf( const char * pcFormatString,
#include "transport_interface.h"
/**
* @brief Network context definition for FreeRTOS sockets.
* @brief Parameters for the network context that uses FreeRTOS+TCP sockets.
*/
struct NetworkContext
typedef struct PlaintextTransportParams
{
Socket_t tcpSocket;
};
} PlaintextTransportParams_t;
/**
* @brief Plain text transport Connect / Disconnect return status.