2 * Testing tool for TLSv1 client/server routines
3 * Copyright (c) 2019, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
12 #include "crypto/tls.h"
15 static void usage(void) {
17 "usage: test-tls <server/client> <read/write> <file>");
22 static void write_msg(FILE *f
, struct wpabuf
*msg
)
26 wpa_printf(MSG_DEBUG
, "TEST: Write message to file (msg_len=%u)",
27 (unsigned int) wpabuf_len(msg
));
28 WPA_PUT_BE16(len
, wpabuf_len(msg
));
30 fwrite(wpabuf_head(msg
), wpabuf_len(msg
), 1, f
);
34 static struct wpabuf
* read_msg(FILE *f
)
40 if (fread(len
, 2, 1, f
) != 1) {
41 wpa_printf(MSG_ERROR
, "TEST-ERROR: Could not read msg len");
44 msg_len
= WPA_GET_BE16(len
);
46 msg
= wpabuf_alloc(msg_len
);
50 fread(wpabuf_put(msg
, msg_len
), msg_len
, 1, f
) != 1) {
51 wpa_printf(MSG_ERROR
, "TEST-ERROR: Truncated msg (msg_len=%u)",
56 wpa_hexdump_buf(MSG_DEBUG
, "TEST: Read message from file", msg
);
62 int main(int argc
, char *argv
[])
64 struct tls_config conf
;
65 void *tls_server
, *tls_client
;
66 struct tls_connection_params params
;
67 struct tls_connection
*conn_server
= NULL
, *conn_client
= NULL
;
69 struct wpabuf
*in
= NULL
, *out
= NULL
, *appl
;
70 enum { SERVER
, CLIENT
} test_peer
;
71 enum { READ
, WRITE
} test_oper
;
76 wpa_debug_show_keys
= 1;
81 if (os_strcmp(argv
[1], "server") == 0)
83 else if (os_strcmp(argv
[1], "client") == 0)
88 if (os_strcmp(argv
[2], "read") == 0)
90 else if (os_strcmp(argv
[2], "write") == 0)
97 f
= fopen(file
, test_oper
== READ
? "r" : "w");
101 os_memset(&conf
, 0, sizeof(conf
));
102 tls_server
= tls_init(&conf
);
103 tls_client
= tls_init(&conf
);
104 if (!tls_server
|| !tls_client
)
107 os_memset(¶ms
, 0, sizeof(params
));
108 params
.ca_cert
= "hwsim/auth_serv/ca.pem";
109 params
.client_cert
= "hwsim/auth_serv/server.pem";
110 params
.private_key
= "hwsim/auth_serv/server.key";
111 params
.dh_file
= "hwsim/auth_serv/dh.conf";
113 if (tls_global_set_params(tls_server
, ¶ms
)) {
114 wpa_printf(MSG_ERROR
, "Failed to set TLS parameters");
118 conn_server
= tls_connection_init(tls_server
);
119 conn_client
= tls_connection_init(tls_client
);
120 if (!conn_server
|| !conn_client
)
126 if (test_peer
== CLIENT
&& test_oper
== READ
)
129 out
= tls_connection_handshake(tls_client
, conn_client
,
135 if (test_peer
== CLIENT
&& test_oper
== WRITE
&&
138 if (!(test_peer
== CLIENT
&& test_oper
== READ
) &&
139 tls_connection_get_failed(tls_client
, conn_client
)) {
140 wpa_printf(MSG_ERROR
, "TLS handshake failed");
143 if (((test_peer
== CLIENT
&& test_oper
== READ
) ||
144 tls_connection_established(tls_client
, conn_client
)) &&
145 ((test_peer
== SERVER
&& test_oper
== READ
) ||
146 tls_connection_established(tls_server
, conn_server
)))
150 if (test_peer
== SERVER
&& test_oper
== READ
)
153 in
= tls_connection_server_handshake(tls_server
,
160 if (test_peer
== SERVER
&& test_oper
== WRITE
)
162 if (!(test_peer
== SERVER
&& test_oper
== READ
) &&
163 tls_connection_get_failed(tls_server
, conn_server
)) {
164 wpa_printf(MSG_ERROR
, "TLS handshake failed");
167 if (((test_peer
== CLIENT
&& test_oper
== READ
) ||
168 tls_connection_established(tls_client
, conn_client
)) &&
169 ((test_peer
== SERVER
&& test_oper
== READ
) ||
170 tls_connection_established(tls_server
, conn_server
)))
175 in
= wpabuf_alloc(100);
178 wpabuf_put_str(in
, "PING");
180 if (test_peer
== CLIENT
&& test_oper
== READ
)
183 out
= tls_connection_encrypt(tls_client
, conn_client
, in
);
188 if (test_peer
== CLIENT
&& test_oper
== WRITE
)
191 if (!(test_peer
== SERVER
&& test_oper
== READ
)) {
192 in
= tls_connection_decrypt(tls_server
, conn_server
, out
);
197 wpa_hexdump_buf(MSG_DEBUG
, "Server decrypted ApplData", in
);
201 in
= wpabuf_alloc(100);
204 wpabuf_put_str(in
, "PONG");
206 if (test_peer
== SERVER
&& test_oper
== READ
)
209 out
= tls_connection_encrypt(tls_server
, conn_server
, in
);
214 if (test_peer
== SERVER
&& test_oper
== WRITE
)
217 if (!(test_peer
== CLIENT
&& test_oper
== READ
)) {
218 in
= tls_connection_decrypt(tls_client
, conn_client
, out
);
223 wpa_hexdump_buf(MSG_DEBUG
, "Client decrypted ApplData", in
);
230 tls_connection_deinit(tls_server
, conn_server
);
231 tls_deinit(tls_server
);
235 tls_connection_deinit(tls_server
, conn_client
);
236 tls_deinit(tls_client
);