8 std::shared_ptr<int> ssl_lib_ref(
9 new int( SSL_library_init() ),
14 CRYPTO_cleanup_all_ex_data();
17 int gencb( int a, int b, BN_GENCB* g ) {
21 std::cout << ( a == 0 ? "." : "+" ) << std::flush;
25 static int verify_callback( int preverify_ok, X509_STORE_CTX* ctx ) {
27 //auto cert = X509_STORE_CTX_get_current_cert(ctx);
28 //BIO *o = BIO_new_fp(stdout,BIO_NOCLOSE);
29 //X509_print_ex(o, cert, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
32 std::cout << "Verification failed: " << preverify_ok << " because " << X509_STORE_CTX_get_error( ctx ) << std::endl;
38 static std::shared_ptr<DH> dh_param;
40 std::shared_ptr<SSL_CTX> generateSSLContext( bool server ) {
41 std::shared_ptr<SSL_CTX> ctx = std::shared_ptr<SSL_CTX>( SSL_CTX_new( TLSv1_2_method() ), []( SSL_CTX * p ) {
45 if( !SSL_CTX_set_cipher_list( ctx.get(), "HIGH:+CAMELLIA256:!eNull:!aNULL:!ADH:!MD5:-RSA+AES+SHA1:!RC4:!DES:!3DES:!SEED:!EXP:!AES128:!CAMELLIA128" ) ) {
46 throw "Cannot set cipher list. Your source is broken.";
49 SSL_CTX_set_verify( ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback );
50 SSL_CTX_use_certificate_file( ctx.get(), server ? "keys/signer_server.crt" : "keys/signer_client.crt", SSL_FILETYPE_PEM );
51 SSL_CTX_use_PrivateKey_file( ctx.get(), server ? "keys/signer_server.key" : "keys/signer_client.key", SSL_FILETYPE_PEM );
52 SSL_CTX_load_verify_locations( ctx.get(), "keys/ca.crt", 0 );
55 STACK_OF( X509_NAME ) *names = SSL_load_client_CA_file( "keys/env.crt" );
58 SSL_CTX_set_client_CA_list( ctx.get(), names );
64 FILE* paramfile = fopen( "dh_param.pem", "r" );
67 dh_param = std::shared_ptr<DH>( PEM_read_DHparams( paramfile, NULL, NULL, NULL ), DH_free );
70 dh_param = std::shared_ptr<DH>( DH_new(), DH_free );
71 std::cout << "Generating DH params" << std::endl;
77 if( !DH_generate_parameters_ex( dh_param.get(), 2048, 5, &cb ) ) {
78 throw "DH generation failed";
81 std::cout << std::endl;
82 paramfile = fopen( "dh_param.pem", "w" );
85 PEM_write_DHparams( paramfile, dh_param.get() );
91 if( !SSL_CTX_set_tmp_dh( ctx.get(), dh_param.get() ) ) {
92 throw "Cannot set tmp dh.";
99 void setupSerial( FILE* f ) {
102 if( tcgetattr( fileno( f ), &attr ) ) {
103 throw "failed to get attrs";
106 attr.c_iflag &= ~( IGNBRK | BRKINT | PARMRK | ISTRIP
107 | INLCR | IGNCR | ICRNL | IXON );
108 attr.c_oflag &= ~OPOST;
109 attr.c_lflag &= ~( ECHO | ECHONL | ICANON | ISIG | IEXTEN );
110 attr.c_cflag &= ~( CSIZE | PARENB );
113 cfsetispeed( &attr, B115200 );
114 cfsetospeed( &attr, B115200 );
116 if( tcsetattr( fileno( f ), TCSANOW, &attr ) ) {
117 throw "failed to get attrs";
121 std::shared_ptr<BIO> openSerial( const char* name ) {
122 FILE* f = fopen( name, "r+" );
125 std::cout << "Opening serial device failed" << std::endl;
126 return std::shared_ptr<BIO>();
131 std::shared_ptr<BIO> b( BIO_new_fd( fileno( f ), 0 ), BIO_free );