nasslclient: SSLv3/TLSv1 Client Example Application

This application demonstrates the SSLv3/TLSv1 Client API. SSL client uses
CA signed certificates to communicate with server. 

Application can run on all platforms. 

You must make the following changes to the BSP:

1) In netos/src/bsp/platforms/xxx/bsp_fs.h, set
BSP_INCLUDE_FILESYSTEM_FOR_CLIBRARY to TRUE. This change creates a RAM and 
Flash file system volume by default and allows using the C library file I/O 
API functions to access the file system services.

2) Rebuild the BSP
3) Update the server IP address defined in root.c to match your SSL server 
   and rebuild the application 

Application requires following  CA (Certificate Authority) issued certificates
1. cacert.pem  - CA certificate required for server certificate varification
2. svrcert.pem - CA signed server certificate with public key. This certificate
                 is required to run the server. Client can add this in its 
                 trusted peer list.
3. svrkey.pem  - Server's RSA encrypted private key, required for server app
4. clntcert.pem - Required if server requests the client certificate.  
5. clntkey.pem - RSA encrypted client's private key
6. svrrevcert.pem - Revoked server certificate
7. svrrevkey.pem  - Revoked server's private key (used in server side)                 
8. nassl.crl      - CA's certification revokation list

Keys that are required by client:
  If CRL is used 
    1. CA certificate
    2. Client certificate and private key
    3. CRL 

  If CRL is not used
    1. CA certificate
    2. Client certificate and private key
    3. Server certificate to update trusted peer list
    4. Revoked server certificate to update revoked peer list

Keys that are required by server:
    1. CA certificate to verify client's certificate
    2. Server certificate and private key

  You can find the above keys under ./keys/ and they are valid until Nov 2011.

Pass phrase used are:
1. svrkey.pem     : "Digi sslsvr key"
2. clntkey.pem    : "Digi sslclnt key"
3. svrrevkey.pem  : "Digi sslsvr rev key"
4. clntrevkey.pem : "Digi sslclnt rev key"

What this application does?

1. Starts FTP server to allow user to download certificates and CRL
2. Prompts user if the required certificate is not available in flash file
   system volume. 
3. Waits for user to download the requested file via FTP 
     (user:user and password:password)
4. Starts SSL client which connects to the specified server at port 1000
5. Sends out "SSL client connected successfully, type quit to close the 
   client\n" message on this secure link
6. Prints the received data from the server on the serial console

Application results can be obtained using an SSLv3/TLSv1 server,
such as the OpenSSL project's (www.openssl.org) s_server application,
or you can use the NASSLSVR example.  The server listens for SSL connections
on port 1000.

If you are using oOpenSSL server then here is the sample command you can use

openssl s_server -accept 1000 -CAfile cacert.pem -cert svrcert.pem -key svrkey.pem -msg

Following files are provided in this example.

appconf.h         sets application configuration settings
init.h            contains defines for certificates name and pass phrase
makefile          makefile for the GNU toolset.
readme            this file
root.c            contains applicationStart() function, that starts FTP server
                  and SSL client
naftpapp.c        used to start FTP server
src\fs_intf\ftpsvrfs.c   for file system related APIs

In addition, the following files in the BSP directory are built
as part of this application.

reset.s         contains the reset code
appconf_api.c   contains code used to read settings in appconf.h

The application build file links in the following libraries.

libbsp.a           		contains the BSP code
libtcpip.a         		contains the Net+Works TCP/IP stack
libpppintf.a		    contains the PPP Interface Library
libtx.a            		contains the ThreadX kernel
libfilesys.a       		contains the file system libraries
libposix.a         		contains the POSIX layer libraries
libflash.a         		contains the Flash driver API library
libftpsvr.a        		contains the FTP server library
libtelnsvr.a       		contains the Telnet server library
libaddp.a		   		contains the ADDP Library
libssh.a		   		contains the SSH Library
libmanapi.a        		contains the NET+Works Management API library.
libfat32.a             	contains the FAT32 library
libsntp.a				contains the SNTP API Library
libssl.a	        	contains SSL/TLS protocol code 
libcrypto.a 			contains the Crypto Library
libdnsclnt.a        	contains the DNS Client library
libnarmapi.a

The application uses the following files located in the
netos\src\bsp\platforms\<platform> directory.

bootldr.dat     bootloader configuration file used to generate the
                file image.bin.  It controls the information placed
                in the bootloader header of the image.

image.ldr       GNU linker script used to build an image that can
                be debugged and used with the bootloader.
                
customize.ldr   Customizable GNU linker script

