Skip to content

Commit d4f46ae

Browse files
committed
= TestTls =
* TLS 클라이언트 테스트
1 parent ff60c9d commit d4f46ae

3 files changed

Lines changed: 400 additions & 0 deletions

File tree

SipStack.sln

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -163,6 +163,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "RtspServer", "RtspServer\Rt
163163
{37B903A3-633B-4F2C-9146-AA7D49C92B95} = {37B903A3-633B-4F2C-9146-AA7D49C92B95}
164164
EndProjectSection
165165
EndProject
166+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TestTls", "TestTls\TestTls.vcproj", "{18E457BB-7C40-452C-B963-574A53B17AE8}"
167+
ProjectSection(ProjectDependencies) = postProject
168+
{59766094-16E8-4602-9621-6C1E5ED9AF5F} = {59766094-16E8-4602-9621-6C1E5ED9AF5F}
169+
EndProjectSection
170+
EndProject
166171
Global
167172
GlobalSection(SolutionConfigurationPlatforms) = preSolution
168173
Debug|Win32 = Debug|Win32
@@ -359,6 +364,12 @@ Global
359364
{65A5C2D7-4618-4223-B198-A229FD9F07B1}.Release|Win32.ActiveCfg = Release|Win32
360365
{65A5C2D7-4618-4223-B198-A229FD9F07B1}.Release|Win32.Build.0 = Release|Win32
361366
{65A5C2D7-4618-4223-B198-A229FD9F07B1}.Release|x64.ActiveCfg = Release|Win32
367+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Debug|Win32.ActiveCfg = Debug|Win32
368+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Debug|Win32.Build.0 = Debug|Win32
369+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Debug|x64.ActiveCfg = Debug|Win32
370+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Release|Win32.ActiveCfg = Release|Win32
371+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Release|Win32.Build.0 = Release|Win32
372+
{18E457BB-7C40-452C-B963-574A53B17AE8}.Release|x64.ActiveCfg = Release|Win32
362373
EndGlobalSection
363374
GlobalSection(SolutionProperties) = preSolution
364375
HideSolutionNode = FALSE

TestTls/TestTls.cpp

Lines changed: 205 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,205 @@
1+
/* cli.cpp - Minimal ssleay client for Unix
2+
30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
3+
4+
/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
5+
Simplified to be even more minimal
6+
12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
7+
8+
#include <stdio.h>
9+
#include <memory.h>
10+
#include <errno.h>
11+
#include <sys/types.h>
12+
#include "SipUdp.h"
13+
14+
#include <openssl/crypto.h>
15+
#include <openssl/x509.h>
16+
#include <openssl/pem.h>
17+
#include <openssl/ssl.h>
18+
#include <openssl/err.h>
19+
20+
#define CRLF "\r\n"
21+
#define CRLFCRLF "\r\n\r\n"
22+
23+
/* Make these what you want for cert & key files */
24+
#define CERTF "C:\\Temp\\new\\client.crt"
25+
#define KEYF "C:\\Temp\\new\\client.key"
26+
27+
#define CHK_NULL(x) if ((x)==NULL) exit (1)
28+
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
29+
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
30+
31+
void print_x509(SSL *ssl)
32+
{
33+
char *ascii_cert;
34+
X509 *cert = SSL_get_peer_certificate(ssl);
35+
BIO *b;
36+
BUF_MEM *bptr;
37+
38+
b = BIO_new(BIO_s_mem());
39+
40+
if(X509_print(b, cert) > 0)
41+
{
42+
BIO_get_mem_ptr(b, &bptr);
43+
ascii_cert = (char *)malloc(1 + bptr->length);
44+
memcpy(ascii_cert, bptr->data, bptr->length);
45+
}
46+
else
47+
{
48+
ascii_cert = (char *)malloc(1024);
49+
sprintf(ascii_cert, "This certificate has never been seen before and can't be shown\n");
50+
}
51+
BIO_free(b);
52+
53+
/* X.509 ÀÎÁõ¼­ Ãâ·Â */
54+
printf("X.509:\n%s\n", ascii_cert);
55+
}
56+
57+
int main ()
58+
{
59+
int err = 0;
60+
int sd;
61+
struct sockaddr_in sa;
62+
63+
SSL_CTX* ctx;
64+
SSL* ssl;
65+
X509* server_cert;
66+
67+
char* str;
68+
char buf [4096];
69+
X509_NAME * name;
70+
char commonName [512];
71+
72+
SSL_METHOD *meth;
73+
74+
InitNetwork();
75+
76+
memset(buf, 0, 4096);
77+
78+
strcpy(buf, "REGISTER sips:192.168.1.142:5061 SIP/2.0");
79+
strcat(buf, CRLF);
80+
strcat(buf, "Max-Forwards: 70");
81+
strcat(buf, CRLF);
82+
strcat(buf, "Content-Length: 0");
83+
strcat(buf, CRLF);
84+
strcat(buf, "Via: SIP/2.0/TLS 192.168.1.142:5060;branch=z9hG4bKba05d177b;rport");
85+
strcat(buf, CRLF);
86+
strcat(buf, "Call-ID: e0cd67001414191dbc4ff911f1a7329c@192.168.1.142");
87+
strcat(buf, CRLF);
88+
strcat(buf, "From: <sips:07070001004@192.168.1.142:5061>;tag=e60c96951bac6ae");
89+
strcat(buf, CRLF);
90+
strcat(buf, "To: <sips:07070001004@192.168.1.142:5061>");
91+
strcat(buf, CRLF);
92+
strcat(buf, "CSeq: 9 REGISTER");
93+
strcat(buf, CRLF);
94+
strcat(buf, "Contact: <sips:07070001004@192.168.1.142:5061>;expires=60");
95+
strcat(buf, CRLF);
96+
strcat(buf, "Expires: 60");
97+
strcat(buf, CRLFCRLF);
98+
99+
SSL_library_init();
100+
meth = TLSv1_client_method();
101+
SSL_load_error_strings();
102+
SSLeay_add_ssl_algorithms();
103+
ctx = SSL_CTX_new (meth);
104+
CHK_NULL(ctx);
105+
CHK_SSL(err);
106+
107+
108+
///////////////////////////////////////////////////////////////////////////////////////
109+
// Create a socket and connect to server using normal socket calls.
110+
sd = socket (AF_INET, SOCK_STREAM, 0);
111+
CHK_ERR(sd, "socket");
112+
113+
memset (&sa, '\0', sizeof(sa));
114+
sa.sin_family = AF_INET;
115+
sa.sin_addr.s_addr = inet_addr ("211.232.179.68"); /* Server IP */
116+
sa.sin_port = htons (5065); /* Server Port number */
117+
118+
// Normal-connect
119+
err = connect(sd, (struct sockaddr*) &sa, sizeof(sa));
120+
CHK_ERR(err, "connect");
121+
122+
// SSL_set_cipher_list(ssl, "AES128-SHA,ARIA128-SHA");
123+
124+
if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
125+
ERR_print_errors_fp(stderr);
126+
exit(3);
127+
}
128+
129+
if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
130+
ERR_print_errors_fp(stderr);
131+
exit(4);
132+
}
133+
134+
#if 0
135+
if (SSL_CTX_load_verify_locations(ctx, "./ca.crt", NULL) <= 0) {
136+
SSL_CTX_free(ctx);
137+
return;
138+
}
139+
#endif
140+
141+
if (!SSL_CTX_check_private_key(ctx)) {
142+
fprintf(stderr,"Private key does not match the certificate public key\n");
143+
exit(5);
144+
}
145+
146+
// Now we have TCP conncetion. Start SSL negotiation.
147+
// create a new SSL structure for a connection
148+
ssl = SSL_new (ctx);
149+
CHK_NULL(ssl);
150+
151+
// connect the SSL object with a file descriptor
152+
SSL_set_fd (ssl, sd);
153+
154+
// initiate the TLS/SSL handshake with an TLS/SSL server
155+
err = SSL_connect (ssl);
156+
CHK_SSL(err);
157+
158+
/*
159+
* Following two steps are optional and not required for
160+
* data exchange to be successful.
161+
*/
162+
163+
printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
164+
165+
#if 0
166+
// Get server's certificate (note: beware of dynamic allocation) - opt
167+
server_cert = SSL_get_peer_certificate (ssl);
168+
if (server_cert != NULL)
169+
{
170+
print_x509(ssl);
171+
X509_free (server_cert);
172+
}
173+
else
174+
{
175+
printf ("Server does not have certificate.\n");
176+
}
177+
#endif
178+
179+
// DATA EXCHANGE - Send a message and receive a reply.
180+
//err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));
181+
//CHK_SSL(err);
182+
err = SSL_write (ssl, buf, strlen(buf));
183+
CHK_SSL(err);
184+
185+
printf ("Send chars:'%s'\n", buf);
186+
187+
memset(buf, 0, 4096);
188+
189+
err = SSL_read (ssl, buf, sizeof(buf) - 1);
190+
CHK_SSL(err);
191+
buf[err] = '\0';
192+
printf ("Got %d chars:'%s'\n", err, buf);
193+
194+
// send SSL/TLS close_notify
195+
SSL_shutdown (ssl);
196+
197+
/* Clean up. */
198+
199+
close (sd);
200+
SSL_free (ssl);
201+
SSL_CTX_free (ctx);
202+
203+
return 0;
204+
}
205+

0 commit comments

Comments
 (0)