mirror of https://github.com/wolfSSL/wolfssh.git
Merge pull request #163 from miyazakh/Renesas_IDE
Add example ssh server code for renesas CS+pull/165/head
commit
75e70d24d0
|
@ -0,0 +1,68 @@
|
||||||
|
# wolfSSH/AlphaProject Boad Simple Ssh Example Server Setup Guide
|
||||||
|
This demo is tested with the following condition.
|
||||||
|
|
||||||
|
* Renesas : CS+ v8.01
|
||||||
|
* Board : Alpha Project AP-RX71M-0A w/ Sample program v2.0
|
||||||
|
* wolfSSL : 4.0.0
|
||||||
|
* wolfSSH : 1.3.1
|
||||||
|
|
||||||
|
## Setup process:
|
||||||
|
### 1. Download software
|
||||||
|
|
||||||
|
- Unzip AlphaProject firmware
|
||||||
|
- Unzip wolfssl under the same directory
|
||||||
|
- Unzip wolfssh under the same directory
|
||||||
|
|
||||||
|
### 2. Set up wolfSSL and wolfSSH
|
||||||
|
- Open wolfssh\ide\Renesas\cs+\wolfssl_lib\wolfssl_lib.mtpj with CS+ and build
|
||||||
|
- Open wolfssh\ide\Renesas\cs+\wolfssh_lib\wolfssh_lib.mtpj with CS+ and build
|
||||||
|
- Open demo_server.mtpj and build. This create demo program library.
|
||||||
|
|
||||||
|
### 3. Set up AlphaProject
|
||||||
|
- The demo uses ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\ap_rx71m_0a_ether_sample_cs.mtpj
|
||||||
|
- Open and edit ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\AP_RX71M_0A.c
|
||||||
|
insert wolfSSL_init() in UsbfInit().
|
||||||
|
```
|
||||||
|
CanInit();
|
||||||
|
SciInit();
|
||||||
|
EthernetAppInit();
|
||||||
|
UsbfInit();
|
||||||
|
wolfSSL_init(); <- insert this line
|
||||||
|
```
|
||||||
|
|
||||||
|
- Modify stack and heap size in ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\smc_gen\r_config\r_bsp_config.h
|
||||||
|
```
|
||||||
|
Line 154 #pragma stacksize su=0x2000
|
||||||
|
Line 175 #define BSP_CFG_HEAP_BYTES (0xa000)
|
||||||
|
```
|
||||||
|
- Modify IP address Sample\ap_rx71m_0a_usbfunc_sample_cs\src\tcp_sample\config_tcpudp.c as needed
|
||||||
|
|
||||||
|
```
|
||||||
|
#define MY_IP_ADDR0 192,168,1,200 /* Local IP address */
|
||||||
|
#define GATEWAY_ADDR0 192,168,1,254 /* Gateway address (invalid if all 0s) */
|
||||||
|
#define SUBNET_MASK0 255,255,255,0
|
||||||
|
```
|
||||||
|
- Add project properties of linking library in ap_rx71m_0a_usbfunc_sample_cs.mtpj
|
||||||
|
wolfssh\ide\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
|
||||||
|
wolfssh\ide\Renesas\cs+\Projects\wolfssh_lib\DefaultBuild\wolfssh_lib.lib
|
||||||
|
wolfssh\ide\Renesas\cs+\Projects\demo_server\DefaultBuild\demo_sever.lib
|
||||||
|
|
||||||
|
- Set CC-RX(Build Tool)->Library Geberation->Library Configuration to"C99" and enable ctype.h.
|
||||||
|
|
||||||
|
- Build the project and start execut. You see message on the console prompting command.
|
||||||
|
```
|
||||||
|
Start server_test
|
||||||
|
```
|
||||||
|
- wolfSSH simple server will be open on port 50000 which can be connected to by using the example client bundled with wolfSSH
|
||||||
|
```
|
||||||
|
$ ./examples/client/client -h 192.168.1.200 -p 50000 -u jill
|
||||||
|
Sample public key check callback
|
||||||
|
public key = 0x55a0890864ea
|
||||||
|
public key size = 279
|
||||||
|
ctx = You've been sampled!
|
||||||
|
Password: <---- input "upthehill"
|
||||||
|
Server said: Hello, wolfSSH!
|
||||||
|
```
|
||||||
|
## Support
|
||||||
|
|
||||||
|
Email us at [support@wolfssl.com](mailto:support@wolfssl.com).
|
|
@ -0,0 +1,80 @@
|
||||||
|
# wolfSSH シンプル SSH サーバ セットアップガイド
|
||||||
|
|
||||||
|
このデモは以下の環境でテストしています。
|
||||||
|
|
||||||
|
* Renesas : CS+ v8.01
|
||||||
|
* Board : Alpha Project AP-RX71M-0A w/ Sample program v2.0
|
||||||
|
* wolfSSL : 4.0.0
|
||||||
|
* wolfSSH : 1.3.1
|
||||||
|
|
||||||
|
## セットアップ手順:
|
||||||
|
### 1 ソフトウェアの入手
|
||||||
|
|
||||||
|
- APボード付属のソフトウェア一式を適当なフォルダー下に解凍します。
|
||||||
|
- 同じフォルダー下にwolfssl一式を解凍します。
|
||||||
|
- 同じフォルダー下にwolfssh一式を解答します。
|
||||||
|
### 2 wolfSSL及びwolfSSHのセットアップ
|
||||||
|
|
||||||
|
- CS+にてwolfssh\ide\Renesas\cs+\下のwolfssl_lib\wolfssl_lib.mtpjを開き
|
||||||
|
wolfSSLライブラリーのビルドをします。
|
||||||
|
- CS+にてwolfssh\ide\Renesas\cs+\下のwolfssh_lib\wolfssj_lib.mtpjを開き
|
||||||
|
wolfSShライブラリーのビルドをします。
|
||||||
|
- 同じフォルダの下のdemo_server.mtpjを開き、デモプログラムのビルドをします。
|
||||||
|
このプログラムもライブラリー形式でビルドされます。
|
||||||
|
|
||||||
|
### 3 AlphaProject側のセットアップ
|
||||||
|
デモはap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_csフォルダ下の
|
||||||
|
ap_rx71m_0a_usbfunc_sample_cs.mtpjプロジェクトを利用します。
|
||||||
|
|
||||||
|
- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\srcフォルダ下のAP_RX71M_0A.cファイルを開き、
|
||||||
|
UsbfInit()の下にwolfSSL_init()を挿入します。
|
||||||
|
|
||||||
|
```
|
||||||
|
CanInit();
|
||||||
|
SciInit();
|
||||||
|
EthernetAppInit();
|
||||||
|
UsbfInit();
|
||||||
|
wolfSSL_init(); <- この行を挿入
|
||||||
|
```
|
||||||
|
- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\smc_gen\r_config\r_bsp_config.h
|
||||||
|
を開き、スタックサイズとヒープサイズを以下のように設定します。
|
||||||
|
154行目 #pragma stacksize su=0x2000
|
||||||
|
175行目 #define BSP_CFG_HEAP_BYTES (0xa000)
|
||||||
|
|
||||||
|
- IPアドレスのデフォルト値は以下のようになっています。
|
||||||
|
必要があれば、Sample\ap_rx71m_0a_ether_sample_cs\src\tcp_sample\config_tcpudp.c
|
||||||
|
内の139行目からの定義を変更します。
|
||||||
|
|
||||||
|
```
|
||||||
|
#define MY_IP_ADDR0 192,168,1,200 /* Local IP address */
|
||||||
|
#define GATEWAY_ADDR0 192,168,1,254 /* Gateway address (invalid if all 0s) */
|
||||||
|
#define SUBNET_MASK0 255,255,255,0 /* Subnet mask */
|
||||||
|
```
|
||||||
|
- CS+でap_rx71m_0a_usbfunc_sample_cs.mtpjプロジェクトを開き、wolfSSL、wolfSSH及びデモライブラリを
|
||||||
|
登録します。CC-RX(ビルドツール)->リンク・オプションタブ->使用するライブラリに
|
||||||
|
以下の二つのファイルを登録します。
|
||||||
|
|
||||||
|
- CC-RX(ビルドツール)->ライブラリージェネレーションタブ->ライブラリー構成を「C99」に、
|
||||||
|
ctype.hを有効にするを「はい」に設定します。
|
||||||
|
|
||||||
|
- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
|
||||||
|
からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
|
||||||
|
```
|
||||||
|
Start server_test
|
||||||
|
```
|
||||||
|
- シンプル wolfSSH サーバは、50000番のポートを開いて待ちます。サーバへは、wolfSSHに付サンプルクライアントを
|
||||||
|
使って以下のように接続することができます。
|
||||||
|
```
|
||||||
|
$ ./examples/client/client -h 192.168.1.200 -p 50000 -u jill
|
||||||
|
Sample public key check callback
|
||||||
|
public key = 0x55a0890864ea
|
||||||
|
public key size = 279
|
||||||
|
ctx = You've been sampled!
|
||||||
|
Password: <---- input "upthehill"
|
||||||
|
Server said: Hello, wolfSSH!
|
||||||
|
```
|
||||||
|
|
||||||
|
## サポート
|
||||||
|
サポートが必要な場合は、[support@wolfssl.com](mailto:support@wolfssl.com)へご連絡ください。
|
||||||
|
|
||||||
|
以上
|
|
@ -0,0 +1,22 @@
|
||||||
|
/* strings.h
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSL.
|
||||||
|
*
|
||||||
|
* wolfSSL is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSL is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
int strncasecmp(const char *s1, const char * s2, unsigned int sz);
|
|
@ -0,0 +1,22 @@
|
||||||
|
/* unistd.h
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSL.
|
||||||
|
*
|
||||||
|
* wolfSSL is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSL is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* DUMMY Header */
|
|
@ -0,0 +1,62 @@
|
||||||
|
/* user_settings.h
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSL.
|
||||||
|
*
|
||||||
|
* wolfSSL is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSL is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||||
|
*/
|
||||||
|
#define WOLFCRYPT_ONLY
|
||||||
|
#define NO_ERROR_STRINGS
|
||||||
|
|
||||||
|
#define NO_MAIN_DRIVER
|
||||||
|
#define NO_WRITEV
|
||||||
|
#define NO_DEV_RANDOM
|
||||||
|
#define NO_WOLFSSL_DIR
|
||||||
|
#define NO_WOLFSSL_STUB
|
||||||
|
#define NO_DYNAMIC_ARRAY /* for compilers not allowed dynamic size array */
|
||||||
|
#define NO_RC4
|
||||||
|
#define NO_OLD_SHA256
|
||||||
|
#define NO_FILESYSTEM
|
||||||
|
|
||||||
|
#define WOLFSSL_NO_CURRDIR
|
||||||
|
#define WOLFSSL_LOG_PRINTF
|
||||||
|
#define WOLFSSL_SMALL_STACK
|
||||||
|
#define WOLFSSL_DH_CONST
|
||||||
|
#define WOLFSSL_USER_IO
|
||||||
|
|
||||||
|
#define TFM_TIMING_RESISTANT
|
||||||
|
#define ECC_TIMING_RESISTANT
|
||||||
|
#define WC_RSA_BLINDING
|
||||||
|
|
||||||
|
#define HAVE_TLS_EXTENSIONS
|
||||||
|
#define HAVE_SUPPORTED_CURVES
|
||||||
|
#define HAVE_AESGCM
|
||||||
|
#define WOLFSSL_SHA512
|
||||||
|
#define WOLFSSL_SHA384
|
||||||
|
#define HAVE_ECC
|
||||||
|
|
||||||
|
#define BENCH_EMBEDDED
|
||||||
|
#define USE_CERT_BUFFERS_2048
|
||||||
|
#define SIZEOF_LONG_LONG 8
|
||||||
|
#define USER_TIME
|
||||||
|
#define XTIME time
|
||||||
|
#define USE_WOLF_SUSECONDS_T
|
||||||
|
#define USE_WOLF_TIMEVAL_T
|
||||||
|
#define WOLFSSL_GENSEED_FORTEST /* Wardning: define your own seed gen */
|
||||||
|
|
||||||
|
#define SINGLE_THREADED /* or define RTOS option */
|
||||||
|
|
||||||
|
#include "wolfssh_csplus_usersettings.h"
|
|
@ -0,0 +1,28 @@
|
||||||
|
/* wolfssh_csplus_usersettings..h
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSL.
|
||||||
|
*
|
||||||
|
* wolfSSL is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSL is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
#define RENESAS_CSPLUS
|
||||||
|
#define WIOCTL ws_Ioctl
|
||||||
|
//#define DEBUG_WOLFSSH
|
||||||
|
#define WOLFSSH_NO_TIMESTAMP
|
||||||
|
#define WOLFSSH_USER_IO
|
||||||
|
#define FIONREAD 1
|
||||||
|
#define WOLFSSH_THREAD
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,651 @@
|
||||||
|
/* wolfssh_demo.c
|
||||||
|
*
|
||||||
|
* Copyright (C) 2014-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSH.
|
||||||
|
*
|
||||||
|
* wolfSSH is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSH is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include "r_t4_itcpip.h"
|
||||||
|
|
||||||
|
#define WOLFSSH_TEST_SERVER
|
||||||
|
#define WOLFSSH_TEST_THREADING
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_USER_SETTINGS
|
||||||
|
#include <wolfssl/wolfcrypt/settings.h>
|
||||||
|
#else
|
||||||
|
#include <wolfssl/options.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <wolfssl/wolfcrypt/sha256.h>
|
||||||
|
#include <wolfssl/wolfcrypt/coding.h>
|
||||||
|
#include <wolfssh/ssh.h>
|
||||||
|
#include <wolfssh/certs_test.h>
|
||||||
|
#include <wolfssl/wolfcrypt/ecc.h>
|
||||||
|
#include "wolfssh_demo.h"
|
||||||
|
|
||||||
|
#ifdef NO_FILESYSTEM
|
||||||
|
#include <wolfssh/certs_test.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define FREQ 10000 /* Hz */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
//#include <ios> // Remove the comment when you use ios
|
||||||
|
//_SINT ios_base::Init::init_cnt; // Remove the comment when you use ios
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
static long tick;
|
||||||
|
static void timeTick(void *pdata)
|
||||||
|
{
|
||||||
|
tick++;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef NO_WOLFSSH_SERVER
|
||||||
|
|
||||||
|
static const char serverBanner[] = "wolfSSH Example Server\n";
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
WOLFSSH* ssh;
|
||||||
|
ID fd;
|
||||||
|
} thread_ctx_t;
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef EXAMPLE_HIGHWATER_MARK
|
||||||
|
#define EXAMPLE_HIGHWATER_MARK 0x3FFF8000 /* 1GB - 32kB */
|
||||||
|
#endif
|
||||||
|
#ifndef EXAMPLE_BUFFER_SZ
|
||||||
|
#define EXAMPLE_BUFFER_SZ 4096
|
||||||
|
#endif
|
||||||
|
#define SCRATCH_BUFFER_SZ 1200
|
||||||
|
|
||||||
|
static int my_IORecv(WOLFSSH* ssh, void* buff, word32 sz, void* ctx)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
ID cepid;
|
||||||
|
if(ctx != NULL)cepid = *(ID *)ctx;
|
||||||
|
else return WS_CBIO_ERR_GENERAL;
|
||||||
|
|
||||||
|
ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int my_IOSend(WOLFSSH* ssh, void* buff, word32 sz, void* ctx)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
ID cepid;
|
||||||
|
|
||||||
|
if(ctx != NULL)cepid = *(ID *)ctx;
|
||||||
|
else return WS_CBIO_ERR_GENERAL;
|
||||||
|
|
||||||
|
ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
static byte find_char(const byte* str, const byte* buf, word32 bufSz)
|
||||||
|
{
|
||||||
|
const byte* cur;
|
||||||
|
|
||||||
|
while (bufSz) {
|
||||||
|
cur = str;
|
||||||
|
while (*cur != '\0') {
|
||||||
|
if (*cur == *buf)
|
||||||
|
return *cur;
|
||||||
|
cur++;
|
||||||
|
}
|
||||||
|
buf++;
|
||||||
|
bufSz--;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int dump_stats(thread_ctx_t* ctx)
|
||||||
|
{
|
||||||
|
char stats[1024];
|
||||||
|
word32 statsSz;
|
||||||
|
word32 txCount, rxCount, seq, peerSeq;
|
||||||
|
|
||||||
|
wolfSSH_GetStats(ctx->ssh, &txCount, &rxCount, &seq, &peerSeq);
|
||||||
|
|
||||||
|
printf(stats,
|
||||||
|
"Statistics for Thread #%u:\r\n"
|
||||||
|
" txCount = %u\r\n rxCount = %u\r\n"
|
||||||
|
" seq = %u\r\n peerSeq = %u\r\n",
|
||||||
|
0, txCount, rxCount, seq, peerSeq);
|
||||||
|
statsSz = (word32)strlen(stats);
|
||||||
|
|
||||||
|
fprintf(stderr, "%s", stats);
|
||||||
|
return wolfSSH_stream_send(ctx->ssh, (byte*)stats, statsSz);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
static int server_worker(void* vArgs)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
thread_ctx_t* threadCtx = (thread_ctx_t*)vArgs;
|
||||||
|
|
||||||
|
ret = wolfSSH_accept(threadCtx->ssh);
|
||||||
|
|
||||||
|
if (ret == WS_SUCCESS) {
|
||||||
|
byte* buf = NULL;
|
||||||
|
byte* tmpBuf;
|
||||||
|
int bufSz, backlogSz = 0, rxSz, txSz, stop = 0, txSum;
|
||||||
|
|
||||||
|
do {
|
||||||
|
bufSz = EXAMPLE_BUFFER_SZ + backlogSz;
|
||||||
|
|
||||||
|
tmpBuf = (byte*)realloc(buf, bufSz);
|
||||||
|
|
||||||
|
if (tmpBuf == NULL)
|
||||||
|
stop = 1;
|
||||||
|
else
|
||||||
|
buf = tmpBuf;
|
||||||
|
|
||||||
|
XMEMSET(buf, 0, bufSz);
|
||||||
|
|
||||||
|
if (!stop) {
|
||||||
|
do {
|
||||||
|
rxSz = wolfSSH_stream_read(threadCtx->ssh,
|
||||||
|
buf + backlogSz,
|
||||||
|
EXAMPLE_BUFFER_SZ);
|
||||||
|
if (rxSz <= 0)
|
||||||
|
rxSz = wolfSSH_get_error(threadCtx->ssh);
|
||||||
|
} while (rxSz == WS_WANT_READ || rxSz == WS_WANT_WRITE);
|
||||||
|
|
||||||
|
if (rxSz > 0) {
|
||||||
|
backlogSz += rxSz;
|
||||||
|
txSum = 0;
|
||||||
|
txSz = 0;
|
||||||
|
printf("Client said = %s \n", buf);
|
||||||
|
while (backlogSz != txSum && txSz >= 0 && !stop) {
|
||||||
|
txSz = wolfSSH_stream_send(threadCtx->ssh,
|
||||||
|
buf + txSum,
|
||||||
|
backlogSz - txSum);
|
||||||
|
|
||||||
|
if (txSz > 0) {
|
||||||
|
byte c;
|
||||||
|
const byte matches[] = { 0x03, 0x05, 0x06, 0x00 };
|
||||||
|
|
||||||
|
c = find_char(matches, buf + txSum, txSz);
|
||||||
|
switch (c) {
|
||||||
|
case 0x03:
|
||||||
|
stop = 1;
|
||||||
|
break;
|
||||||
|
case 0x06:
|
||||||
|
if (wolfSSH_TriggerKeyExchange(threadCtx->ssh)
|
||||||
|
!= WS_SUCCESS)
|
||||||
|
stop = 1;
|
||||||
|
break;
|
||||||
|
case 0x05:
|
||||||
|
if (dump_stats(threadCtx) <= 0)
|
||||||
|
stop = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
txSum += txSz;
|
||||||
|
}
|
||||||
|
else if (txSz != WS_REKEYING)
|
||||||
|
stop = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (txSum < backlogSz)
|
||||||
|
memmove(buf, buf + txSum, backlogSz - txSum);
|
||||||
|
backlogSz -= txSum;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
stop = 1;
|
||||||
|
}
|
||||||
|
} while (!stop);
|
||||||
|
|
||||||
|
free(buf);
|
||||||
|
}
|
||||||
|
|
||||||
|
wolfSSH_stream_exit(threadCtx->ssh, 0);
|
||||||
|
tcp_sht_cep(threadCtx->fd);
|
||||||
|
wolfSSH_free(threadCtx->ssh);
|
||||||
|
free(threadCtx);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* returns buffer size on success */
|
||||||
|
static int load_key(byte isEcc, byte* buf, word32 bufSz)
|
||||||
|
{
|
||||||
|
word32 sz = 0;
|
||||||
|
|
||||||
|
#ifndef NO_FILESYSTEM
|
||||||
|
const char* bufName;
|
||||||
|
bufName = isEcc ? "./keys/server-key-ecc.der" :
|
||||||
|
"./keys/server-key-rsa.der" ;
|
||||||
|
sz = load_file(bufName, buf, bufSz);
|
||||||
|
#else
|
||||||
|
/* using buffers instead */
|
||||||
|
if (isEcc) {
|
||||||
|
if (sizeof_ecc_key_der_256 > bufSz) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
|
||||||
|
sz = sizeof_ecc_key_der_256;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if (sizeof_rsa_key_der_2048 > bufSz) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
WMEMCPY(buf, rsa_key_der_2048, sizeof_rsa_key_der_2048);
|
||||||
|
sz = sizeof_rsa_key_der_2048;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return sz;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static INLINE void c32toa(word32 u32, byte* c)
|
||||||
|
{
|
||||||
|
c[0] = (u32 >> 24) & 0xff;
|
||||||
|
c[1] = (u32 >> 16) & 0xff;
|
||||||
|
c[2] = (u32 >> 8) & 0xff;
|
||||||
|
c[3] = u32 & 0xff;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Map user names to passwords */
|
||||||
|
/* Use arrays for username and p. The password or public key can
|
||||||
|
* be hashed and the hash stored here. Then I won't need the type. */
|
||||||
|
typedef struct PwMap {
|
||||||
|
byte type;
|
||||||
|
byte username[32];
|
||||||
|
word32 usernameSz;
|
||||||
|
byte p[SHA256_DIGEST_SIZE];
|
||||||
|
struct PwMap* next;
|
||||||
|
} PwMap;
|
||||||
|
|
||||||
|
|
||||||
|
typedef struct PwMapList {
|
||||||
|
PwMap* head;
|
||||||
|
} PwMapList;
|
||||||
|
|
||||||
|
|
||||||
|
static PwMap* PwMapNew(PwMapList* list, byte type, const byte* username,
|
||||||
|
word32 usernameSz, const byte* p, word32 pSz)
|
||||||
|
{
|
||||||
|
PwMap* map;
|
||||||
|
|
||||||
|
map = (PwMap*)malloc(sizeof(PwMap));
|
||||||
|
if (map != NULL) {
|
||||||
|
Sha256 sha;
|
||||||
|
byte flatSz[4];
|
||||||
|
|
||||||
|
map->type = type;
|
||||||
|
if (usernameSz >= sizeof(map->username))
|
||||||
|
usernameSz = sizeof(map->username) - 1;
|
||||||
|
memcpy(map->username, username, usernameSz + 1);
|
||||||
|
map->username[usernameSz] = 0;
|
||||||
|
map->usernameSz = usernameSz;
|
||||||
|
|
||||||
|
wc_InitSha256(&sha);
|
||||||
|
c32toa(pSz, flatSz);
|
||||||
|
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
|
||||||
|
wc_Sha256Update(&sha, p, pSz);
|
||||||
|
wc_Sha256Final(&sha, map->p);
|
||||||
|
|
||||||
|
map->next = list->head;
|
||||||
|
list->head = map;
|
||||||
|
}
|
||||||
|
|
||||||
|
return map;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void PwMapListDelete(PwMapList* list)
|
||||||
|
{
|
||||||
|
if (list != NULL) {
|
||||||
|
PwMap* head = list->head;
|
||||||
|
|
||||||
|
while (head != NULL) {
|
||||||
|
PwMap* cur = head;
|
||||||
|
head = head->next;
|
||||||
|
memset(cur, 0, sizeof(PwMap));
|
||||||
|
free(cur);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static const char samplePasswordBuffer[] =
|
||||||
|
"jill:upthehill\n"
|
||||||
|
"jack:fetchapail\n";
|
||||||
|
|
||||||
|
|
||||||
|
static const char samplePublicKeyEccBuffer[] =
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAA"
|
||||||
|
"BBBNkI5JTP6D0lF42tbxX19cE87hztUS6FSDoGvPfiU0CgeNSbI+aFdKIzTP5CQEJSvm25"
|
||||||
|
"qUzgDtH7oyaQROUnNvk= hansel\n"
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAA"
|
||||||
|
"BBBKAtH8cqaDbtJFjtviLobHBmjCtG56DMkP6A4M2H9zX2/YCg1h9bYS7WHd9UQDwXO1Hh"
|
||||||
|
"IZzRYecXh7SG9P4GhRY= gretel\n";
|
||||||
|
|
||||||
|
|
||||||
|
static const char samplePublicKeyRsaBuffer[] =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGho"
|
||||||
|
"MNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3G"
|
||||||
|
"p2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTj"
|
||||||
|
"nEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPW"
|
||||||
|
"NmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pE"
|
||||||
|
"nIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel\n"
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ"
|
||||||
|
"+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjO"
|
||||||
|
"P6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjz"
|
||||||
|
"uNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadru"
|
||||||
|
"biE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdI"
|
||||||
|
"RGwkU38D043AR1h0mUoGCPIKuqcFMf gretel\n";
|
||||||
|
|
||||||
|
|
||||||
|
static int LoadPasswordBuffer(byte* buf, word32 bufSz, PwMapList* list)
|
||||||
|
{
|
||||||
|
char* str = (char*)buf;
|
||||||
|
char* delimiter;
|
||||||
|
char* username;
|
||||||
|
char* password;
|
||||||
|
|
||||||
|
/* Each line of passwd.txt is in the format
|
||||||
|
* username:password\n
|
||||||
|
* This function modifies the passed-in buffer. */
|
||||||
|
|
||||||
|
if (list == NULL)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
if (buf == NULL || bufSz == 0)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
while (*str != 0) {
|
||||||
|
delimiter = strchr(str, ':');
|
||||||
|
username = str;
|
||||||
|
*delimiter = 0;
|
||||||
|
password = delimiter + 1;
|
||||||
|
str = strchr(password, '\n');
|
||||||
|
*str = 0;
|
||||||
|
str++;
|
||||||
|
if (PwMapNew(list, WOLFSSH_USERAUTH_PASSWORD,
|
||||||
|
(byte*)username, (word32)strlen(username),
|
||||||
|
(byte*)password, (word32)strlen(password)) == NULL ) {
|
||||||
|
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int LoadPublicKeyBuffer(byte* buf, word32 bufSz, PwMapList* list)
|
||||||
|
{
|
||||||
|
char* str = (char*)buf;
|
||||||
|
char* delimiter;
|
||||||
|
byte* publicKey64;
|
||||||
|
word32 publicKey64Sz;
|
||||||
|
byte* username;
|
||||||
|
word32 usernameSz;
|
||||||
|
byte publicKey[300];
|
||||||
|
word32 publicKeySz;
|
||||||
|
|
||||||
|
/* Each line of passwd.txt is in the format
|
||||||
|
* ssh-rsa AAAB3BASE64ENCODEDPUBLICKEYBLOB username\n
|
||||||
|
* This function modifies the passed-in buffer. */
|
||||||
|
if (list == NULL)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
if (buf == NULL || bufSz == 0)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
while (*str != 0) {
|
||||||
|
/* Skip the public key type. This example will always be ssh-rsa. */
|
||||||
|
delimiter = strchr(str, ' ');
|
||||||
|
str = delimiter + 1;
|
||||||
|
delimiter = strchr(str, ' ');
|
||||||
|
publicKey64 = (byte*)str;
|
||||||
|
*delimiter = 0;
|
||||||
|
publicKey64Sz = (word32)(delimiter - str);
|
||||||
|
str = delimiter + 1;
|
||||||
|
delimiter = strchr(str, '\n');
|
||||||
|
username = (byte*)str;
|
||||||
|
*delimiter = 0;
|
||||||
|
usernameSz = (word32)(delimiter - str);
|
||||||
|
str = delimiter + 1;
|
||||||
|
publicKeySz = sizeof(publicKey);
|
||||||
|
|
||||||
|
if (Base64_Decode(publicKey64, publicKey64Sz,
|
||||||
|
publicKey, &publicKeySz) != 0) {
|
||||||
|
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (PwMapNew(list, WOLFSSH_USERAUTH_PUBLICKEY,
|
||||||
|
username, usernameSz,
|
||||||
|
publicKey, publicKeySz) == NULL ) {
|
||||||
|
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int wsUserAuth(byte authType,
|
||||||
|
WS_UserAuthData* authData,
|
||||||
|
void* ctx)
|
||||||
|
{
|
||||||
|
PwMapList* list;
|
||||||
|
PwMap* map;
|
||||||
|
byte authHash[SHA256_DIGEST_SIZE];
|
||||||
|
|
||||||
|
if (ctx == NULL) {
|
||||||
|
fprintf(stderr, "wsUserAuth: ctx not set");
|
||||||
|
return WOLFSSH_USERAUTH_FAILURE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (authType != WOLFSSH_USERAUTH_PASSWORD &&
|
||||||
|
authType != WOLFSSH_USERAUTH_PUBLICKEY) {
|
||||||
|
|
||||||
|
return WOLFSSH_USERAUTH_FAILURE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Hash the password or public key with its length. */
|
||||||
|
{
|
||||||
|
Sha256 sha;
|
||||||
|
byte flatSz[4];
|
||||||
|
wc_InitSha256(&sha);
|
||||||
|
if (authType == WOLFSSH_USERAUTH_PASSWORD) {
|
||||||
|
c32toa(authData->sf.password.passwordSz, flatSz);
|
||||||
|
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
|
||||||
|
wc_Sha256Update(&sha,
|
||||||
|
authData->sf.password.password,
|
||||||
|
authData->sf.password.passwordSz);
|
||||||
|
}
|
||||||
|
else if (authType == WOLFSSH_USERAUTH_PUBLICKEY) {
|
||||||
|
c32toa(authData->sf.publicKey.publicKeySz, flatSz);
|
||||||
|
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
|
||||||
|
wc_Sha256Update(&sha,
|
||||||
|
authData->sf.publicKey.publicKey,
|
||||||
|
authData->sf.publicKey.publicKeySz);
|
||||||
|
}
|
||||||
|
wc_Sha256Final(&sha, authHash);
|
||||||
|
}
|
||||||
|
|
||||||
|
list = (PwMapList*)ctx;
|
||||||
|
map = list->head;
|
||||||
|
|
||||||
|
while (map != NULL) {
|
||||||
|
if (authData->usernameSz == map->usernameSz &&
|
||||||
|
memcmp(authData->username, map->username, map->usernameSz) == 0) {
|
||||||
|
|
||||||
|
if (authData->type == map->type) {
|
||||||
|
if (memcmp(map->p, authHash, SHA256_DIGEST_SIZE) == 0) {
|
||||||
|
return WOLFSSH_USERAUTH_SUCCESS;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return (authType == WOLFSSH_USERAUTH_PASSWORD ?
|
||||||
|
WOLFSSH_USERAUTH_INVALID_PASSWORD :
|
||||||
|
WOLFSSH_USERAUTH_INVALID_PUBLICKEY);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return WOLFSSH_USERAUTH_INVALID_AUTHTYPE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
map = map->next;
|
||||||
|
}
|
||||||
|
|
||||||
|
return WOLFSSH_USERAUTH_INVALID_USER;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int server_test(void)
|
||||||
|
{
|
||||||
|
WOLFSSH_CTX* ctx = NULL;
|
||||||
|
PwMapList pwMapList;
|
||||||
|
word32 defaultHighwater = EXAMPLE_HIGHWATER_MARK;
|
||||||
|
int useEcc = 0;
|
||||||
|
int multipleConnections = 0;
|
||||||
|
ID cepid = 1;
|
||||||
|
ID repid = 1;
|
||||||
|
ER ercd;
|
||||||
|
T_IPV4EP dst_addr = {0, 0};
|
||||||
|
|
||||||
|
printf("Start server_test\n");
|
||||||
|
if (wolfSSH_Init() != WS_SUCCESS) {
|
||||||
|
fprintf(stderr, "Couldn't initialize wolfSSH.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, NULL);
|
||||||
|
if (ctx == NULL) {
|
||||||
|
fprintf(stderr, "Couldn't allocate SSH CTX data.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
memset(&pwMapList, 0, sizeof(pwMapList));
|
||||||
|
wolfSSH_SetUserAuth(ctx, wsUserAuth);
|
||||||
|
wolfSSH_CTX_SetBanner(ctx, serverBanner);
|
||||||
|
|
||||||
|
{
|
||||||
|
const char* bufName;
|
||||||
|
byte buf[SCRATCH_BUFFER_SZ];
|
||||||
|
word32 bufSz;
|
||||||
|
|
||||||
|
bufSz = load_key(useEcc, buf, SCRATCH_BUFFER_SZ);
|
||||||
|
if (bufSz == 0) {
|
||||||
|
fprintf(stderr, "Couldn't load key.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
if (wolfSSH_CTX_UsePrivateKey_buffer(ctx, buf, bufSz,
|
||||||
|
WOLFSSH_FORMAT_ASN1) < 0) {
|
||||||
|
fprintf(stderr, "Couldn't use key buffer.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
bufSz = (word32)strlen(samplePasswordBuffer);
|
||||||
|
memcpy(buf, samplePasswordBuffer, bufSz);
|
||||||
|
buf[bufSz] = 0;
|
||||||
|
LoadPasswordBuffer(buf, bufSz, &pwMapList);
|
||||||
|
|
||||||
|
bufName = useEcc ? samplePublicKeyEccBuffer :
|
||||||
|
samplePublicKeyRsaBuffer;
|
||||||
|
bufSz = (word32)strlen(bufName);
|
||||||
|
memcpy(buf, bufName, bufSz);
|
||||||
|
buf[bufSz] = 0;
|
||||||
|
LoadPublicKeyBuffer(buf, bufSz, &pwMapList);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Register callbacks */
|
||||||
|
wolfSSH_SetIORecv(ctx, my_IORecv);
|
||||||
|
wolfSSH_SetIOSend(ctx, my_IOSend);
|
||||||
|
|
||||||
|
do {
|
||||||
|
|
||||||
|
WOLFSSH* ssh;
|
||||||
|
thread_ctx_t* threadCtx;
|
||||||
|
|
||||||
|
threadCtx = (thread_ctx_t*)malloc(sizeof(thread_ctx_t));
|
||||||
|
if (threadCtx == NULL) {
|
||||||
|
fprintf(stderr, "Couldn't allocate thread context data.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
ssh = wolfSSH_new(ctx);
|
||||||
|
if (ssh == NULL) {
|
||||||
|
fprintf(stderr, "Couldn't allocate SSH data.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
|
||||||
|
/* Use the session object for its own highwater callback ctx */
|
||||||
|
if (defaultHighwater > 0) {
|
||||||
|
wolfSSH_SetHighwaterCtx(ssh, (void*)ssh);
|
||||||
|
wolfSSH_SetHighwater(ssh, defaultHighwater);
|
||||||
|
}
|
||||||
|
printf("Waiting connection from client\n");
|
||||||
|
if((ercd = tcp_acp_cep(cepid, repid, &dst_addr, TMO_FEVR)) != E_OK) {
|
||||||
|
printf("ERROR TCP Accept: %d\n", ercd);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
wolfSSH_SetIOReadCtx(ssh, (void *)&cepid);
|
||||||
|
wolfSSH_SetIOWriteCtx(ssh, (void *)&cepid);
|
||||||
|
|
||||||
|
threadCtx->ssh = ssh;
|
||||||
|
threadCtx->fd = cepid;
|
||||||
|
server_worker(threadCtx);
|
||||||
|
|
||||||
|
} while (multipleConnections);
|
||||||
|
|
||||||
|
PwMapListDelete(&pwMapList);
|
||||||
|
wolfSSH_CTX_free(ctx);
|
||||||
|
if (wolfSSH_Cleanup() != WS_SUCCESS) {
|
||||||
|
fprintf(stderr, "Couldn't clean up wolfSSH.\n");
|
||||||
|
return(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
|
||||||
|
wc_ecc_fp_free(); /* free per thread cache */
|
||||||
|
#endif
|
||||||
|
printf("End server_test\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* NO_WOLFSSH_SERVER */
|
||||||
|
|
||||||
|
void wolfSSH_init(void)
|
||||||
|
{
|
||||||
|
uint32_t channel;
|
||||||
|
R_CMT_CreatePeriodic(FREQ, &timeTick, &channel);
|
||||||
|
#if defined(DEBUG_WOLFSSH)
|
||||||
|
wolfSSH_Debugging_ON();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
server_test();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
void abort(void)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
#endif
|
|
@ -0,0 +1,26 @@
|
||||||
|
/* wolfssh_demo.h
|
||||||
|
*
|
||||||
|
* Copyright (C) 2014-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSH.
|
||||||
|
*
|
||||||
|
* wolfSSH is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSH is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __WOLFSSH_DEMO_H_
|
||||||
|
#define __WOLFSSH_DEMO_H_
|
||||||
|
|
||||||
|
int server_test(void);
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,55 @@
|
||||||
|
/* wolfssh_dummy.c
|
||||||
|
*
|
||||||
|
* Copyright (C) 2014-2019 wolfSSL Inc.
|
||||||
|
*
|
||||||
|
* This file is part of wolfSSH.
|
||||||
|
*
|
||||||
|
* wolfSSH is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* wolfSSH is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
#ifdef HAVE_CONFIG_H
|
||||||
|
#include <config.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
|
||||||
|
/* used for checking bytes on wire for window adjust packet read */
|
||||||
|
void ws_Ioctl(int fd, int flag, int *ret)
|
||||||
|
{
|
||||||
|
/* This needs to implement when using scp or sftp */
|
||||||
|
}
|
||||||
|
|
||||||
|
#define YEAR 2019
|
||||||
|
#define APR 4
|
||||||
|
|
||||||
|
static int tick = 0;
|
||||||
|
|
||||||
|
time_t time(time_t *t)
|
||||||
|
{
|
||||||
|
return ((YEAR-1970)*365+30*APR)*24*60*60 + tick++;
|
||||||
|
}
|
||||||
|
|
||||||
|
#include <ctype.h>
|
||||||
|
int strncasecmp(const char *s1, const char * s2, unsigned int sz)
|
||||||
|
{
|
||||||
|
for( ; sz>0; sz--, s1++, s2++){
|
||||||
|
if(toupper(*s1) < toupper(*s2)){
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if(toupper(*s1) > toupper(*s2)){
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -4,3 +4,5 @@
|
||||||
|
|
||||||
include ide/winvs/include.am
|
include ide/winvs/include.am
|
||||||
include ide/CSBENCH/include.am
|
include ide/CSBENCH/include.am
|
||||||
|
|
||||||
|
EXTRA_DIST += ide/Renesas
|
||||||
|
|
195
src/internal.c
195
src/internal.c
|
@ -677,6 +677,7 @@ int GenerateKey(byte hashId, byte keyId,
|
||||||
{
|
{
|
||||||
word32 blocks, remainder;
|
word32 blocks, remainder;
|
||||||
wc_HashAlg hash;
|
wc_HashAlg hash;
|
||||||
|
enum wc_HashType enmhashId = (enum wc_HashType)hashId;
|
||||||
byte kPad = 0;
|
byte kPad = 0;
|
||||||
byte pad = 0;
|
byte pad = 0;
|
||||||
byte kSzFlat[LENGTH_SZ];
|
byte kSzFlat[LENGTH_SZ];
|
||||||
|
@ -692,7 +693,7 @@ int GenerateKey(byte hashId, byte keyId,
|
||||||
return WS_BAD_ARGUMENT;
|
return WS_BAD_ARGUMENT;
|
||||||
}
|
}
|
||||||
|
|
||||||
digestSz = wc_HashGetDigestSize(hashId);
|
digestSz = wc_HashGetDigestSize(enmhashId);
|
||||||
if (digestSz == 0) {
|
if (digestSz == 0) {
|
||||||
WLOG(WS_LOG_DEBUG, "GK: bad hash ID");
|
WLOG(WS_LOG_DEBUG, "GK: bad hash ID");
|
||||||
return WS_BAD_ARGUMENT;
|
return WS_BAD_ARGUMENT;
|
||||||
|
@ -704,25 +705,25 @@ int GenerateKey(byte hashId, byte keyId,
|
||||||
blocks = keySz / digestSz;
|
blocks = keySz / digestSz;
|
||||||
remainder = keySz % digestSz;
|
remainder = keySz % digestSz;
|
||||||
|
|
||||||
ret = wc_HashInit(&hash, hashId);
|
ret = wc_HashInit(&hash, enmhashId);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
|
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
|
||||||
if (ret == WS_SUCCESS && kPad)
|
if (ret == WS_SUCCESS && kPad)
|
||||||
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
|
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, k, kSz);
|
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, h, hSz);
|
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, &keyId, sizeof(keyId));
|
ret = wc_HashUpdate(&hash, enmhashId, &keyId, sizeof(keyId));
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, sessionId, sessionIdSz);
|
ret = wc_HashUpdate(&hash, enmhashId, sessionId, sessionIdSz);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
if (blocks == 0) {
|
if (blocks == 0) {
|
||||||
if (remainder > 0) {
|
if (remainder > 0) {
|
||||||
byte lastBlock[WC_MAX_DIGEST_SIZE];
|
byte lastBlock[WC_MAX_DIGEST_SIZE];
|
||||||
ret = wc_HashFinal(&hash, hashId, lastBlock);
|
ret = wc_HashFinal(&hash, enmhashId, lastBlock);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
WMEMCPY(key, lastBlock, remainder);
|
WMEMCPY(key, lastBlock, remainder);
|
||||||
}
|
}
|
||||||
|
@ -731,23 +732,23 @@ int GenerateKey(byte hashId, byte keyId,
|
||||||
word32 runningKeySz, curBlock;
|
word32 runningKeySz, curBlock;
|
||||||
|
|
||||||
runningKeySz = digestSz;
|
runningKeySz = digestSz;
|
||||||
ret = wc_HashFinal(&hash, hashId, key);
|
ret = wc_HashFinal(&hash, enmhashId, key);
|
||||||
|
|
||||||
for (curBlock = 1; curBlock < blocks; curBlock++) {
|
for (curBlock = 1; curBlock < blocks; curBlock++) {
|
||||||
ret = wc_HashInit(&hash, hashId);
|
ret = wc_HashInit(&hash, enmhashId);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
|
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
if (kPad)
|
if (kPad)
|
||||||
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
|
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
ret = wc_HashUpdate(&hash, hashId, k, kSz);
|
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
ret = wc_HashUpdate(&hash, hashId, h, hSz);
|
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
ret = wc_HashUpdate(&hash, hashId, key, runningKeySz);
|
ret = wc_HashUpdate(&hash, enmhashId, key, runningKeySz);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
ret = wc_HashFinal(&hash, hashId, key + runningKeySz);
|
ret = wc_HashFinal(&hash, enmhashId, key + runningKeySz);
|
||||||
if (ret != WS_SUCCESS) break;
|
if (ret != WS_SUCCESS) break;
|
||||||
runningKeySz += digestSz;
|
runningKeySz += digestSz;
|
||||||
}
|
}
|
||||||
|
@ -755,19 +756,19 @@ int GenerateKey(byte hashId, byte keyId,
|
||||||
if (remainder > 0) {
|
if (remainder > 0) {
|
||||||
byte lastBlock[WC_MAX_DIGEST_SIZE];
|
byte lastBlock[WC_MAX_DIGEST_SIZE];
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashInit(&hash, hashId);
|
ret = wc_HashInit(&hash, enmhashId);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
|
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
|
||||||
if (ret == WS_SUCCESS && kPad)
|
if (ret == WS_SUCCESS && kPad)
|
||||||
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
|
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, k, kSz);
|
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, h, hSz);
|
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&hash, hashId, key, runningKeySz);
|
ret = wc_HashUpdate(&hash, enmhashId, key, runningKeySz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashFinal(&hash, hashId, lastBlock);
|
ret = wc_HashFinal(&hash, enmhashId, lastBlock);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
WMEMCPY(key + runningKeySz, lastBlock, remainder);
|
WMEMCPY(key + runningKeySz, lastBlock, remainder);
|
||||||
}
|
}
|
||||||
|
@ -1872,7 +1873,7 @@ static INLINE byte KeySzForId(byte id)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static INLINE byte HashForId(byte id)
|
static INLINE enum wc_HashType HashForId(byte id)
|
||||||
{
|
{
|
||||||
switch (id) {
|
switch (id) {
|
||||||
case ID_DH_GROUP1_SHA1:
|
case ID_DH_GROUP1_SHA1:
|
||||||
|
@ -2182,6 +2183,7 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
|
enum wc_HashType enmhashId = (enum wc_HashType)ssh->handshake->hashId;
|
||||||
byte scratchLen[LENGTH_SZ];
|
byte scratchLen[LENGTH_SZ];
|
||||||
word32 strSz;
|
word32 strSz;
|
||||||
|
|
||||||
|
@ -2191,34 +2193,34 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashInit(&ssh->handshake->hash, ssh->handshake->hashId);
|
ret = wc_HashInit(&ssh->handshake->hash, enmhashId);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
|
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->peerProtoId, ssh->peerProtoIdSz);
|
ssh->peerProtoId, ssh->peerProtoIdSz);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
strSz = (word32)WSTRLEN(sshProtoIdStr) - SSH_PROTO_EOL_SZ;
|
strSz = (word32)WSTRLEN(sshProtoIdStr) - SSH_PROTO_EOL_SZ;
|
||||||
c32toa(strSz, scratchLen);
|
c32toa(strSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
(const byte*)sshProtoIdStr, strSz);
|
(const byte*)sshProtoIdStr, strSz);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
if (ssh->ctx->side == WOLFSSH_ENDPOINT_CLIENT) {
|
if (ssh->ctx->side == WOLFSSH_ENDPOINT_CLIENT) {
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->peerProtoId, ssh->peerProtoIdSz);
|
ssh->peerProtoId, ssh->peerProtoIdSz);
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->handshake->kexInit,
|
ssh->handshake->kexInit,
|
||||||
ssh->handshake->kexInitSz);
|
ssh->handshake->kexInitSz);
|
||||||
}
|
}
|
||||||
|
@ -2226,24 +2228,24 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
c32toa(len + 1, scratchLen);
|
c32toa(len + 1, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
scratchLen[0] = MSGID_KEXINIT;
|
scratchLen[0] = MSGID_KEXINIT;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, MSG_ID_SZ);
|
scratchLen, MSG_ID_SZ);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
buf, len);
|
buf, len);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
|
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->handshake->kexInit,
|
ssh->handshake->kexInit,
|
||||||
ssh->handshake->kexInitSz);
|
ssh->handshake->kexInitSz);
|
||||||
}
|
}
|
||||||
|
@ -2369,6 +2371,7 @@ static int DoKexDhInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
|
|
||||||
static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
{
|
{
|
||||||
|
enum wc_HashType enmhashId;
|
||||||
byte* pubKey = NULL;
|
byte* pubKey = NULL;
|
||||||
word32 pubKeySz;
|
word32 pubKeySz;
|
||||||
byte* f = NULL;
|
byte* f = NULL;
|
||||||
|
@ -2432,12 +2435,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
ret = WS_SUCCESS;
|
ret = WS_SUCCESS;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
enmhashId = (enum wc_HashType)ssh->handshake->hashId;
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
/* Hash in the raw public key blob from the server including its
|
/* Hash in the raw public key blob from the server including its
|
||||||
* length which is at LENGTH_SZ offset ahead of pubKey. */
|
* length which is at LENGTH_SZ offset ahead of pubKey. */
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
pubKey - LENGTH_SZ, pubKeySz + LENGTH_SZ);
|
pubKey - LENGTH_SZ, pubKeySz + LENGTH_SZ);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
|
@ -2451,21 +2456,21 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
|
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's requested preferred key size. */
|
/* Hash in the client's requested preferred key size. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
|
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's requested maximum key size. */
|
/* Hash in the client's requested maximum key size. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
|
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Add a pad byte if the mpint has the MSB set. */
|
/* Add a pad byte if the mpint has the MSB set. */
|
||||||
|
@ -2478,7 +2483,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
c32toa(ssh->handshake->primeGroupSz + primeGroupPad,
|
c32toa(ssh->handshake->primeGroupSz + primeGroupPad,
|
||||||
scratchLen);
|
scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the GEX prime group. */
|
/* Hash in the pad byte for the GEX prime group. */
|
||||||
|
@ -2486,14 +2491,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
if (primeGroupPad) {
|
if (primeGroupPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, 1);
|
scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the GEX prime group. */
|
/* Hash in the GEX prime group. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->handshake->primeGroup,
|
ssh->handshake->primeGroup,
|
||||||
ssh->handshake->primeGroupSz);
|
ssh->handshake->primeGroupSz);
|
||||||
/* Add a pad byte if the mpint has the MSB set. */
|
/* Add a pad byte if the mpint has the MSB set. */
|
||||||
|
@ -2504,7 +2509,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
/* Hash in the length of the GEX generator. */
|
/* Hash in the length of the GEX generator. */
|
||||||
c32toa(ssh->handshake->generatorSz + generatorPad, scratchLen);
|
c32toa(ssh->handshake->generatorSz + generatorPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the GEX generator. */
|
/* Hash in the pad byte for the GEX generator. */
|
||||||
|
@ -2512,14 +2517,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
if (generatorPad) {
|
if (generatorPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, 1);
|
scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the GEX generator. */
|
/* Hash in the GEX generator. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
ssh->handshake->generator,
|
ssh->handshake->generator,
|
||||||
ssh->handshake->generatorSz);
|
ssh->handshake->generatorSz);
|
||||||
}
|
}
|
||||||
|
@ -2527,12 +2532,12 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
|
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->eSz, scratchLen);
|
c32toa(ssh->handshake->eSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's DH e-value (ECDH Q-value). */
|
/* Hash in the client's DH e-value (ECDH Q-value). */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
ssh->handshake->e, ssh->handshake->eSz);
|
ssh->handshake->e, ssh->handshake->eSz);
|
||||||
|
|
||||||
/* Get and hash in the server's DH f-value (ECDH Q-value) */
|
/* Get and hash in the server's DH f-value (ECDH Q-value) */
|
||||||
|
@ -2550,7 +2555,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
|
|
||||||
if (ret == WS_SUCCESS)
|
if (ret == WS_SUCCESS)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
f, fSz + LENGTH_SZ);
|
f, fSz + LENGTH_SZ);
|
||||||
|
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
|
@ -2650,26 +2655,26 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
|
||||||
/* Hash in the shared secret K. */
|
/* Hash in the shared secret K. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->kSz + kPad, scratchLen);
|
c32toa(ssh->kSz + kPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
if (kPad) {
|
if (kPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, scratchLen, 1);
|
enmhashId, scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
ssh->k, ssh->kSz);
|
ssh->k, ssh->kSz);
|
||||||
|
|
||||||
/* Save the exchange hash value H, and session ID. */
|
/* Save the exchange hash value H, and session ID. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashFinal(&ssh->handshake->hash,
|
ret = wc_HashFinal(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, ssh->h);
|
enmhashId, ssh->h);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ssh->hSz = wc_HashGetDigestSize(ssh->handshake->hashId);
|
ssh->hSz = wc_HashGetDigestSize(enmhashId);
|
||||||
if (ssh->sessionIdSz == 0) {
|
if (ssh->sessionIdSz == 0) {
|
||||||
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
|
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
|
||||||
ssh->sessionIdSz = ssh->hSz;
|
ssh->sessionIdSz = ssh->hSz;
|
||||||
|
@ -3218,6 +3223,7 @@ static int DoUserAuthRequestRsa(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
|
||||||
byte hashId, byte* digest, word32 digestSz)
|
byte hashId, byte* digest, word32 digestSz)
|
||||||
{
|
{
|
||||||
RsaKey key;
|
RsaKey key;
|
||||||
|
enum wc_HashType enmhashId = (enum wc_HashType)hashId;
|
||||||
byte checkDigest[MAX_ENCODED_SIG_SZ];
|
byte checkDigest[MAX_ENCODED_SIG_SZ];
|
||||||
int checkDigestSz;
|
int checkDigestSz;
|
||||||
byte* publicKeyType;
|
byte* publicKeyType;
|
||||||
|
@ -3312,8 +3318,8 @@ static int DoUserAuthRequestRsa(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
|
||||||
volatile int sizeCompare;
|
volatile int sizeCompare;
|
||||||
|
|
||||||
encDigestSz = wc_EncodeSignature(encDigest, digest,
|
encDigestSz = wc_EncodeSignature(encDigest, digest,
|
||||||
wc_HashGetDigestSize(hashId),
|
wc_HashGetDigestSize(enmhashId),
|
||||||
wc_HashGetOID(hashId));
|
wc_HashGetOID(enmhashId));
|
||||||
|
|
||||||
compare = ConstantCompare(encDigest, checkDigest,
|
compare = ConstantCompare(encDigest, checkDigest,
|
||||||
encDigestSz);
|
encDigestSz);
|
||||||
|
@ -3550,7 +3556,7 @@ static int DoUserAuthRequestPublicKey(WOLFSSH* ssh, WS_UserAuthData* authData,
|
||||||
wc_HashAlg hash;
|
wc_HashAlg hash;
|
||||||
byte digest[WC_MAX_DIGEST_SIZE];
|
byte digest[WC_MAX_DIGEST_SIZE];
|
||||||
word32 digestSz;
|
word32 digestSz;
|
||||||
byte hashId = WC_HASH_TYPE_SHA;
|
enum wc_HashType hashId = WC_HASH_TYPE_SHA;
|
||||||
byte pkTypeId;
|
byte pkTypeId;
|
||||||
|
|
||||||
pkTypeId = NameToId((char*)pk->publicKeyType,
|
pkTypeId = NameToId((char*)pk->publicKeyType,
|
||||||
|
@ -4655,7 +4661,7 @@ static INLINE int Encrypt(WOLFSSH* ssh, byte* cipher, const byte* input,
|
||||||
#ifdef WOLFSSL_AES_COUNTER
|
#ifdef WOLFSSL_AES_COUNTER
|
||||||
case ID_AES128_CTR:
|
case ID_AES128_CTR:
|
||||||
if (sz % AES_BLOCK_SIZE || wc_AesCtrEncrypt(&ssh->encryptCipher.aes,
|
if (sz % AES_BLOCK_SIZE || wc_AesCtrEncrypt(&ssh->encryptCipher.aes,
|
||||||
cipher, input, sz) < 0) {
|
cipher, input, sz) < 0) {
|
||||||
|
|
||||||
ret = WS_ENCRYPT_E;
|
ret = WS_ENCRYPT_E;
|
||||||
}
|
}
|
||||||
|
@ -5554,6 +5560,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
word32 idx;
|
word32 idx;
|
||||||
int ret = WS_SUCCESS;
|
int ret = WS_SUCCESS;
|
||||||
byte msgId = MSGID_KEXDH_REPLY;
|
byte msgId = MSGID_KEXDH_REPLY;
|
||||||
|
enum wc_HashType enmhashId;
|
||||||
|
|
||||||
WLOG(WS_LOG_DEBUG, "Entering SendKexDhReply()");
|
WLOG(WS_LOG_DEBUG, "Entering SendKexDhReply()");
|
||||||
|
|
||||||
|
@ -5590,6 +5597,8 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
ret = WS_INVALID_ALGO_ID;
|
ret = WS_INVALID_ALGO_ID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
enmhashId = (enum wc_HashType)ssh->handshake->hashId;
|
||||||
|
|
||||||
/* At this point, the exchange hash, H, includes items V_C, V_S, I_C,
|
/* At this point, the exchange hash, H, includes items V_C, V_S, I_C,
|
||||||
* and I_S. Next add K_S, the server's public host key. K_S will
|
* and I_S. Next add K_S, the server's public host key. K_S will
|
||||||
* either be RSA or ECDSA public key blob. */
|
* either be RSA or ECDSA public key blob. */
|
||||||
|
@ -5624,20 +5633,20 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
c32toa(sigKeyBlock.sz, scratchLen);
|
c32toa(sigKeyBlock.sz, scratchLen);
|
||||||
/* Hash in the length of the public key block. */
|
/* Hash in the length of the public key block. */
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the length of the key type string. */
|
/* Hash in the length of the key type string. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(sigKeyBlock.nameSz, scratchLen);
|
c32toa(sigKeyBlock.nameSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the key type string. */
|
/* Hash in the key type string. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
(byte*)sigKeyBlock.name,
|
(byte*)sigKeyBlock.name,
|
||||||
sigKeyBlock.nameSz);
|
sigKeyBlock.nameSz);
|
||||||
/* Hash in the length of the RSA public key E value. */
|
/* Hash in the length of the RSA public key E value. */
|
||||||
|
@ -5645,7 +5654,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
c32toa(sigKeyBlock.sk.rsa.eSz + sigKeyBlock.sk.rsa.ePad,
|
c32toa(sigKeyBlock.sk.rsa.eSz + sigKeyBlock.sk.rsa.ePad,
|
||||||
scratchLen);
|
scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the RSA public key E value. */
|
/* Hash in the pad byte for the RSA public key E value. */
|
||||||
|
@ -5653,13 +5662,13 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (sigKeyBlock.sk.rsa.ePad) {
|
if (sigKeyBlock.sk.rsa.ePad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, scratchLen, 1);
|
enmhashId, scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the RSA public key E value. */
|
/* Hash in the RSA public key E value. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
sigKeyBlock.sk.rsa.e,
|
sigKeyBlock.sk.rsa.e,
|
||||||
sigKeyBlock.sk.rsa.eSz);
|
sigKeyBlock.sk.rsa.eSz);
|
||||||
/* Hash in the length of the RSA public key N value. */
|
/* Hash in the length of the RSA public key N value. */
|
||||||
|
@ -5667,7 +5676,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
c32toa(sigKeyBlock.sk.rsa.nSz + sigKeyBlock.sk.rsa.nPad,
|
c32toa(sigKeyBlock.sk.rsa.nSz + sigKeyBlock.sk.rsa.nPad,
|
||||||
scratchLen);
|
scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the RSA public key N value. */
|
/* Hash in the pad byte for the RSA public key N value. */
|
||||||
|
@ -5675,13 +5684,13 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (sigKeyBlock.sk.rsa.nPad) {
|
if (sigKeyBlock.sk.rsa.nPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, scratchLen, 1);
|
enmhashId, scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the RSA public key N value. */
|
/* Hash in the RSA public key N value. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
sigKeyBlock.sk.rsa.n,
|
sigKeyBlock.sk.rsa.n,
|
||||||
sigKeyBlock.sk.rsa.nSz);
|
sigKeyBlock.sk.rsa.nSz);
|
||||||
}
|
}
|
||||||
|
@ -5713,46 +5722,46 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
sigKeyBlock.sk.ecc.qSz;
|
sigKeyBlock.sk.ecc.qSz;
|
||||||
c32toa(sigKeyBlock.sz, scratchLen);
|
c32toa(sigKeyBlock.sz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the length of the key type string. */
|
/* Hash in the length of the key type string. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(sigKeyBlock.nameSz, scratchLen);
|
c32toa(sigKeyBlock.nameSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the key type string. */
|
/* Hash in the key type string. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
(byte*)sigKeyBlock.name,
|
(byte*)sigKeyBlock.name,
|
||||||
sigKeyBlock.nameSz);
|
sigKeyBlock.nameSz);
|
||||||
/* Hash in the length of the name of the prime. */
|
/* Hash in the length of the name of the prime. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(sigKeyBlock.sk.ecc.primeNameSz, scratchLen);
|
c32toa(sigKeyBlock.sk.ecc.primeNameSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the name of the prime. */
|
/* Hash in the name of the prime. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
(const byte*)sigKeyBlock.sk.ecc.primeName,
|
(const byte*)sigKeyBlock.sk.ecc.primeName,
|
||||||
sigKeyBlock.sk.ecc.primeNameSz);
|
sigKeyBlock.sk.ecc.primeNameSz);
|
||||||
/* Hash in the length of the public key. */
|
/* Hash in the length of the public key. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(sigKeyBlock.sk.ecc.qSz, scratchLen);
|
c32toa(sigKeyBlock.sk.ecc.qSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the public key. */
|
/* Hash in the public key. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
sigKeyBlock.sk.ecc.q,
|
sigKeyBlock.sk.ecc.q,
|
||||||
sigKeyBlock.sk.ecc.qSz);
|
sigKeyBlock.sk.ecc.qSz);
|
||||||
}
|
}
|
||||||
|
@ -5765,21 +5774,21 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
|
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's requested preferred key size. */
|
/* Hash in the client's requested preferred key size. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
|
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's requested maximum key size. */
|
/* Hash in the client's requested maximum key size. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
|
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Add a pad byte if the mpint has the MSB set. */
|
/* Add a pad byte if the mpint has the MSB set. */
|
||||||
|
@ -5789,7 +5798,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
/* Hash in the length of the GEX prime group. */
|
/* Hash in the length of the GEX prime group. */
|
||||||
c32toa(primeGroupSz + primeGroupPad, scratchLen);
|
c32toa(primeGroupSz + primeGroupPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the GEX prime group. */
|
/* Hash in the pad byte for the GEX prime group. */
|
||||||
|
@ -5797,14 +5806,14 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (primeGroupPad) {
|
if (primeGroupPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, 1);
|
scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the GEX prime group. */
|
/* Hash in the GEX prime group. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
primeGroup, primeGroupSz);
|
primeGroup, primeGroupSz);
|
||||||
/* Add a pad byte if the mpint has the MSB set. */
|
/* Add a pad byte if the mpint has the MSB set. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
|
@ -5813,7 +5822,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
/* Hash in the length of the GEX generator. */
|
/* Hash in the length of the GEX generator. */
|
||||||
c32toa(generatorSz + generatorPad, scratchLen);
|
c32toa(generatorSz + generatorPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the pad byte for the GEX generator. */
|
/* Hash in the pad byte for the GEX generator. */
|
||||||
|
@ -5821,26 +5830,26 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (generatorPad) {
|
if (generatorPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
scratchLen, 1);
|
scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Hash in the GEX generator. */
|
/* Hash in the GEX generator. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId,
|
enmhashId,
|
||||||
generator, generatorSz);
|
generator, generatorSz);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
|
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
c32toa(ssh->handshake->eSz, scratchLen);
|
c32toa(ssh->handshake->eSz, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
/* Hash in the client's DH e-value (ECDH Q-value). */
|
/* Hash in the client's DH e-value (ECDH Q-value). */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
ssh->handshake->e, ssh->handshake->eSz);
|
ssh->handshake->e, ssh->handshake->eSz);
|
||||||
|
|
||||||
/* Make the server's DH f-value and the shared secret K. */
|
/* Make the server's DH f-value and the shared secret K. */
|
||||||
|
@ -5902,44 +5911,44 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
CreateMpint(f, &fSz, &fPad);
|
CreateMpint(f, &fSz, &fPad);
|
||||||
c32toa(fSz + fPad, scratchLen);
|
c32toa(fSz + fPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
if (fPad) {
|
if (fPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, scratchLen, 1);
|
enmhashId, scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, f, fSz);
|
enmhashId, f, fSz);
|
||||||
|
|
||||||
/* Hash in the shared secret K. */
|
/* Hash in the shared secret K. */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
CreateMpint(ssh->k, &ssh->kSz, &kPad);
|
CreateMpint(ssh->k, &ssh->kSz, &kPad);
|
||||||
c32toa(ssh->kSz + kPad, scratchLen);
|
c32toa(ssh->kSz + kPad, scratchLen);
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
scratchLen, LENGTH_SZ);
|
scratchLen, LENGTH_SZ);
|
||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
if (kPad) {
|
if (kPad) {
|
||||||
scratchLen[0] = 0;
|
scratchLen[0] = 0;
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash,
|
ret = wc_HashUpdate(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, scratchLen, 1);
|
enmhashId, scratchLen, 1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
|
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
|
||||||
ssh->k, ssh->kSz);
|
ssh->k, ssh->kSz);
|
||||||
|
|
||||||
/* Save the exchange hash value H, and session ID. */
|
/* Save the exchange hash value H, and session ID. */
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
ret = wc_HashFinal(&ssh->handshake->hash,
|
ret = wc_HashFinal(&ssh->handshake->hash,
|
||||||
ssh->handshake->hashId, ssh->h);
|
enmhashId, ssh->h);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ssh->hSz = wc_HashGetDigestSize(ssh->handshake->hashId);
|
ssh->hSz = wc_HashGetDigestSize(enmhashId);
|
||||||
if (ssh->sessionIdSz == 0) {
|
if (ssh->sessionIdSz == 0) {
|
||||||
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
|
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
|
||||||
ssh->sessionIdSz = ssh->hSz;
|
ssh->sessionIdSz = ssh->hSz;
|
||||||
|
@ -5954,7 +5963,7 @@ int SendKexDhReply(WOLFSSH* ssh)
|
||||||
if (ret == WS_SUCCESS) {
|
if (ret == WS_SUCCESS) {
|
||||||
wc_HashAlg digestHash;
|
wc_HashAlg digestHash;
|
||||||
byte digest[WC_MAX_DIGEST_SIZE];
|
byte digest[WC_MAX_DIGEST_SIZE];
|
||||||
byte sigHashId;
|
enum wc_HashType sigHashId;
|
||||||
|
|
||||||
sigHashId = HashForId(ssh->handshake->pubKeyId);
|
sigHashId = HashForId(ssh->handshake->pubKeyId);
|
||||||
|
|
||||||
|
|
|
@ -1200,7 +1200,7 @@ WS_SessionType wolfSSH_GetSessionType(const WOLFSSH* ssh)
|
||||||
WLOG(WS_LOG_DEBUG, "Entering wolfSSH_GetSessionType()");
|
WLOG(WS_LOG_DEBUG, "Entering wolfSSH_GetSessionType()");
|
||||||
|
|
||||||
if (ssh && ssh->channelList)
|
if (ssh && ssh->channelList)
|
||||||
return ssh->channelList->sessionType;
|
return (WS_SessionType)ssh->channelList->sessionType;
|
||||||
|
|
||||||
return WOLFSSH_SESSION_UNKNOWN;
|
return WOLFSSH_SESSION_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
|
@ -223,7 +223,13 @@ extern "C" {
|
||||||
#define WSTRNCASECMP(s1, s2, n) strncmp((s1), (s2), (n))
|
#define WSTRNCASECMP(s1, s2, n) strncmp((s1), (s2), (n))
|
||||||
#define WSNPRINTF(s,n,f,...) snprintf((s),(n),(f),##__VA_ARGS__)
|
#define WSNPRINTF(s,n,f,...) snprintf((s),(n),(f),##__VA_ARGS__)
|
||||||
#define WVSNPRINTF(s,n,f,...) vsnprintf((s),(n),(f),##__VA_ARGS__)
|
#define WVSNPRINTF(s,n,f,...) vsnprintf((s),(n),(f),##__VA_ARGS__)
|
||||||
#else
|
#elif defined(RENESAS_CSPLUS)
|
||||||
|
#include <stdio.h>
|
||||||
|
#define WSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||||
|
#define WSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
|
||||||
|
#define WSNPRINTF(s,n,f,...) snprintf((s),(n),(f),__VA_ARGS__)
|
||||||
|
#define WVSNPRINTF(s,n,f,...) vsnprintf((s),(n),(f),__VA_ARGS__)
|
||||||
|
#else
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#define WSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
#define WSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||||
#define WSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
|
#define WSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
|
||||||
|
|
Loading…
Reference in New Issue