WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #163 from miyazakh/Renesas_IDE 

Add example ssh server code for renesas CS+
pull/165/head
Chris Conlon 2019-05-07 08:30:19 -07:00 committed by GitHub
parent 03f02d9347 d98acb8d35
commit 75e70d24d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 5704 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
ide/Renesas/cs+/README.md 100644
View File

@ -0,0 +1,68 @@
# wolfSSH/AlphaProject Boad Simple Ssh Example Server Setup Guide
This demo is tested with the following condition.
* Renesas : CS+ v8.01
* Board : Alpha Project AP-RX71M-0A w/ Sample program v2.0
* wolfSSL : 4.0.0
* wolfSSH : 1.3.1
## Setup process:
### 1. Download software
- Unzip AlphaProject firmware
- Unzip wolfssl under the same directory
- Unzip wolfssh under the same directory
### 2. Set up wolfSSL and wolfSSH
- Open wolfssh\ide\Renesas\cs+\wolfssl_lib\wolfssl_lib.mtpj with CS+ and build
- Open wolfssh\ide\Renesas\cs+\wolfssh_lib\wolfssh_lib.mtpj with CS+ and build
- Open demo_server.mtpj and build. This create demo program library.
### 3. Set up AlphaProject
- The demo uses ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\ap_rx71m_0a_ether_sample_cs.mtpj
- Open and edit ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\AP_RX71M_0A.c
insert wolfSSL_init() in UsbfInit().
```
CanInit();
SciInit();
EthernetAppInit();
UsbfInit();
wolfSSL_init(); <- insert this line
```
- Modify stack and heap size in ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\smc_gen\r_config\r_bsp_config.h
```
Line 154 #pragma stacksize su=0x2000
Line 175 #define BSP_CFG_HEAP_BYTES (0xa000)
```
- Modify IP address Sample\ap_rx71m_0a_usbfunc_sample_cs\src\tcp_sample\config_tcpudp.c as needed
```
#define MY_IP_ADDR0 192,168,1,200 /* Local IP address */
#define GATEWAY_ADDR0 192,168,1,254 /* Gateway address (invalid if all 0s) */
#define SUBNET_MASK0 255,255,255,0
```
- Add project properties of linking library in ap_rx71m_0a_usbfunc_sample_cs.mtpj
wolfssh\ide\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
wolfssh\ide\Renesas\cs+\Projects\wolfssh_lib\DefaultBuild\wolfssh_lib.lib
  wolfssh\ide\Renesas\cs+\Projects\demo_server\DefaultBuild\demo_sever.lib
- Set CC-RX(Build Tool)->Library Geberation->Library Configuration to"C99" and enable ctype.h.
- Build the project and start execut. You see message on the console prompting command.
```
Start server_test
```
- wolfSSH simple server will be open on port 50000 which can be connected to by using the example client bundled with wolfSSH
```
$ ./examples/client/client -h 192.168.1.200 -p 50000 -u jill
Sample public key check callback
public key = 0x55a0890864ea
public key size = 279
ctx = You've been sampled!
Password: <---- input "upthehill"
Server said: Hello, wolfSSH!
```
## Support
Email us at [support@wolfssl.com](mailto:support@wolfssl.com).

80
ide/Renesas/cs+/README_jp.md 100644
View File

@ -0,0 +1,80 @@
# wolfSSH シンプル SSH サーバ セットアップガイド
このデモは以下の環境でテストしています。
* Renesas : CS+ v8.01
* Board : Alpha Project AP-RX71M-0A w/ Sample program v2.0
* wolfSSL : 4.0.0
* wolfSSH : 1.3.1
## セットアップ手順:
### ソフトウェアの入手
- APボード付属のソフトウェア一式を適当なフォルダー下に解凍します。
- 同じフォルダー下にwolfssl一式を解凍します。
- 同じフォルダー下にwolfssh一式を解答します。
### wolfSSL及びwolfSSHのセットアップ
- CS+にてwolfssh\ide\Renesas\cs+\下のwolfssl_lib\wolfssl_lib.mtpjを開き
wolfSSLライブラリーのビルドをします。
- CS+にてwolfssh\ide\Renesas\cs+\下のwolfssh_lib\wolfssj_lib.mtpjを開き
wolfSShライブラリーのビルドをします。
- 同じフォルダの下のdemo_server.mtpjを開き、デモプログラムのビルドをします。
このプログラムもライブラリー形式でビルドされます。
### AlphaProject側のセットアップ
デモはap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_csフォルダ下の
ap_rx71m_0a_usbfunc_sample_cs.mtpjプロジェクトを利用します。
- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\srcフォルダ下のAP_RX71M_0A.cファイルを開き、
UsbfInit()の下にwolfSSL_init()を挿入します。
```
CanInit();
SciInit();
EthernetAppInit();
UsbfInit();
wolfSSL_init(); <-
```
- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\smc_gen\r_config\r_bsp_config.h
を開き、スタックサイズとヒープサイズを以下のように設定します。
 154行目 #pragma stacksize su=0x2000
 175行目 #define BSP_CFG_HEAP_BYTES (0xa000)
- IPアドレスのデフォルト値は以下のようになっています。
 必要があれば、Sample\ap_rx71m_0a_ether_sample_cs\src\tcp_sample\config_tcpudp.c
 内の139行目からの定義を変更します。
```
#define MY_IP_ADDR0 192,168,1,200 /* Local IP address */
#define GATEWAY_ADDR0 192,168,1,254 /* Gateway address (invalid if all 0s) */
#define SUBNET_MASK0 255,255,255,0 /* Subnet mask */
```
- CS+でap_rx71m_0a_usbfunc_sample_cs.mtpjプロジェクトを開き、wolfSSL、wolfSSH及びデモライブラリを
 登録します。CC-RX(ビルドツール)->リンク・オプションタブ->使用するライブラリに
 以下の二つのファイルを登録します。
- CC-RX(ビルドツール)->ライブラリージェネレーションタブ->ライブラリー構成を「C99」に、
ctype.hを有効にするを「はい」に設定します。
- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
 からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
```
Start server_test
```
- シンプル wolfSSH サーバは、50000番のポートを開いて待ちます。サーバへは、wolfSSHに付サンプルクライアントを
使って以下のように接続することができます。
```
$ ./examples/client/client -h 192.168.1.200 -p 50000 -u jill
Sample public key check callback
public key = 0x55a0890864ea
public key size = 279
ctx = You've been sampled!
Password: <---- input "upthehill"
Server said: Hello, wolfSSH!
```
## サポート
サポートが必要な場合は、[support@wolfssl.com](mailto:support@wolfssl.com)へご連絡ください。
以上

22
ide/Renesas/cs+/common/strings.h 100644
View File

@ -0,0 +1,22 @@
/* strings.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
int strncasecmp(const char *s1, const char * s2, unsigned int sz);

22
ide/Renesas/cs+/common/unistd.h 100644
View File

@ -0,0 +1,22 @@
/* unistd.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* DUMMY Header */

62
ide/Renesas/cs+/common/user_settings.h 100644
View File

@ -0,0 +1,62 @@
/* user_settings.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define WOLFCRYPT_ONLY
#define NO_ERROR_STRINGS
#define NO_MAIN_DRIVER
#define NO_WRITEV
#define NO_DEV_RANDOM
#define NO_WOLFSSL_DIR
#define NO_WOLFSSL_STUB
#define NO_DYNAMIC_ARRAY /* for compilers not allowed dynamic size array */
#define NO_RC4
#define NO_OLD_SHA256
#define NO_FILESYSTEM
#define WOLFSSL_NO_CURRDIR
#define WOLFSSL_LOG_PRINTF
#define WOLFSSL_SMALL_STACK
#define WOLFSSL_DH_CONST
#define WOLFSSL_USER_IO
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_AESGCM
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define HAVE_ECC
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
#define SIZEOF_LONG_LONG 8
#define USER_TIME
#define XTIME time
#define USE_WOLF_SUSECONDS_T
#define USE_WOLF_TIMEVAL_T
#define WOLFSSL_GENSEED_FORTEST /* Wardning: define your own seed gen */
#define SINGLE_THREADED /* or define RTOS option */
#include "wolfssh_csplus_usersettings.h"

28
ide/Renesas/cs+/common/wolfssh_csplus_usersettings.h 100644
View File

@ -0,0 +1,28 @@
/* wolfssh_csplus_usersettings..h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define RENESAS_CSPLUS
#define WIOCTL ws_Ioctl
//#define DEBUG_WOLFSSH
#define WOLFSSH_NO_TIMESTAMP
#define WOLFSSH_USER_IO
#define FIONREAD 1
#define WOLFSSH_THREAD

1156
ide/Renesas/cs+/demo_server/demo_server.mtpj 100644
View File

File diff suppressed because it is too large Load Diff

651
ide/Renesas/cs+/demo_server/wolfssh_demo.c 100644
View File

@ -0,0 +1,651 @@
/* wolfssh_demo.c
*
* Copyright (C) 2014-2019 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
* wolfSSH is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
*/
#include <stdio.h>
#include <string.h>
#include "r_t4_itcpip.h"
#define WOLFSSH_TEST_SERVER
#define WOLFSSH_TEST_THREADING
#ifdef WOLFSSL_USER_SETTINGS
#include <wolfssl/wolfcrypt/settings.h>
#else
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/coding.h>
#include <wolfssh/ssh.h>
#include <wolfssh/certs_test.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include "wolfssh_demo.h"
#ifdef NO_FILESYSTEM
#include <wolfssh/certs_test.h>
#endif
#define FREQ 10000 /* Hz */
#ifdef __cplusplus
//#include <ios> // Remove the comment when you use ios
//_SINT ios_base::Init::init_cnt; // Remove the comment when you use ios
#endif
static long tick;
static void timeTick(void *pdata)
{
tick++;
}
#ifndef NO_WOLFSSH_SERVER
static const char serverBanner[] = "wolfSSH Example Server\n";
typedef struct {
WOLFSSH* ssh;
ID fd;
} thread_ctx_t;
#ifndef EXAMPLE_HIGHWATER_MARK
#define EXAMPLE_HIGHWATER_MARK 0x3FFF8000 /* 1GB - 32kB */
#endif
#ifndef EXAMPLE_BUFFER_SZ
#define EXAMPLE_BUFFER_SZ 4096
#endif
#define SCRATCH_BUFFER_SZ 1200
static int my_IORecv(WOLFSSH* ssh, void* buff, word32 sz, void* ctx)
{
int ret;
ID cepid;
if(ctx != NULL)cepid = *(ID *)ctx;
else return WS_CBIO_ERR_GENERAL;
ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
return ret;
}
static int my_IOSend(WOLFSSH* ssh, void* buff, word32 sz, void* ctx)
{
int ret;
ID cepid;
if(ctx != NULL)cepid = *(ID *)ctx;
else return WS_CBIO_ERR_GENERAL;
ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
return ret;
}
static byte find_char(const byte* str, const byte* buf, word32 bufSz)
{
const byte* cur;
while (bufSz) {
cur = str;
while (*cur != '\0') {
if (*cur == *buf)
return *cur;
cur++;
}
buf++;
bufSz--;
}
return 0;
}
static int dump_stats(thread_ctx_t* ctx)
{
char stats[1024];
word32 statsSz;
word32 txCount, rxCount, seq, peerSeq;
wolfSSH_GetStats(ctx->ssh, &txCount, &rxCount, &seq, &peerSeq);
printf(stats,
"Statistics for Thread #%u:\r\n"
" txCount = %u\r\n rxCount = %u\r\n"
" seq = %u\r\n peerSeq = %u\r\n",
0, txCount, rxCount, seq, peerSeq);
statsSz = (word32)strlen(stats);
fprintf(stderr, "%s", stats);
return wolfSSH_stream_send(ctx->ssh, (byte*)stats, statsSz);
}
static int server_worker(void* vArgs)
{
int ret;
thread_ctx_t* threadCtx = (thread_ctx_t*)vArgs;
ret = wolfSSH_accept(threadCtx->ssh);
if (ret == WS_SUCCESS) {
byte* buf = NULL;
byte* tmpBuf;
int bufSz, backlogSz = 0, rxSz, txSz, stop = 0, txSum;
do {
bufSz = EXAMPLE_BUFFER_SZ + backlogSz;
tmpBuf = (byte*)realloc(buf, bufSz);
if (tmpBuf == NULL)
stop = 1;
else
buf = tmpBuf;
XMEMSET(buf, 0, bufSz);
if (!stop) {
do {
rxSz = wolfSSH_stream_read(threadCtx->ssh,
buf + backlogSz,
EXAMPLE_BUFFER_SZ);
if (rxSz <= 0)
rxSz = wolfSSH_get_error(threadCtx->ssh);
} while (rxSz == WS_WANT_READ || rxSz == WS_WANT_WRITE);
if (rxSz > 0) {
backlogSz += rxSz;
txSum = 0;
txSz = 0;
printf("Client said = %s \n", buf);
while (backlogSz != txSum && txSz >= 0 && !stop) {
txSz = wolfSSH_stream_send(threadCtx->ssh,
buf + txSum,
backlogSz - txSum);
if (txSz > 0) {
byte c;
const byte matches[] = { 0x03, 0x05, 0x06, 0x00 };
c = find_char(matches, buf + txSum, txSz);
switch (c) {
case 0x03:
stop = 1;
break;
case 0x06:
if (wolfSSH_TriggerKeyExchange(threadCtx->ssh)
!= WS_SUCCESS)
stop = 1;
break;
case 0x05:
if (dump_stats(threadCtx) <= 0)
stop = 1;
break;
}
txSum += txSz;
}
else if (txSz != WS_REKEYING)
stop = 1;
}
if (txSum < backlogSz)
memmove(buf, buf + txSum, backlogSz - txSum);
backlogSz -= txSum;
}
else
stop = 1;
}
} while (!stop);
free(buf);
}
wolfSSH_stream_exit(threadCtx->ssh, 0);
tcp_sht_cep(threadCtx->fd);
wolfSSH_free(threadCtx->ssh);
free(threadCtx);
return 0;
}
/* returns buffer size on success */
static int load_key(byte isEcc, byte* buf, word32 bufSz)
{
word32 sz = 0;
#ifndef NO_FILESYSTEM
const char* bufName;
bufName = isEcc ? "./keys/server-key-ecc.der" :
"./keys/server-key-rsa.der" ;
sz = load_file(bufName, buf, bufSz);
#else
/* using buffers instead */
if (isEcc) {
if (sizeof_ecc_key_der_256 > bufSz) {
return 0;
}
WMEMCPY(buf, ecc_key_der_256, sizeof_ecc_key_der_256);
sz = sizeof_ecc_key_der_256;
}
else {
if (sizeof_rsa_key_der_2048 > bufSz) {
return 0;
}
WMEMCPY(buf, rsa_key_der_2048, sizeof_rsa_key_der_2048);
sz = sizeof_rsa_key_der_2048;
}
#endif
return sz;
}
static INLINE void c32toa(word32 u32, byte* c)
{
c[0] = (u32 >> 24) & 0xff;
c[1] = (u32 >> 16) & 0xff;
c[2] = (u32 >> 8) & 0xff;
c[3] = u32 & 0xff;
}
/* Map user names to passwords */
/* Use arrays for username and p. The password or public key can
* be hashed and the hash stored here. Then I won't need the type. */
typedef struct PwMap {
byte type;
byte username[32];
word32 usernameSz;
byte p[SHA256_DIGEST_SIZE];
struct PwMap* next;
} PwMap;
typedef struct PwMapList {
PwMap* head;
} PwMapList;
static PwMap* PwMapNew(PwMapList* list, byte type, const byte* username,
word32 usernameSz, const byte* p, word32 pSz)
{
PwMap* map;
map = (PwMap*)malloc(sizeof(PwMap));
if (map != NULL) {
Sha256 sha;
byte flatSz[4];
map->type = type;
if (usernameSz >= sizeof(map->username))
usernameSz = sizeof(map->username) - 1;
memcpy(map->username, username, usernameSz + 1);
map->username[usernameSz] = 0;
map->usernameSz = usernameSz;
wc_InitSha256(&sha);
c32toa(pSz, flatSz);
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
wc_Sha256Update(&sha, p, pSz);
wc_Sha256Final(&sha, map->p);
map->next = list->head;
list->head = map;
}
return map;
}
static void PwMapListDelete(PwMapList* list)
{
if (list != NULL) {
PwMap* head = list->head;
while (head != NULL) {
PwMap* cur = head;
head = head->next;
memset(cur, 0, sizeof(PwMap));
free(cur);
}
}
}
static const char samplePasswordBuffer[] =
"jill:upthehill\n"
"jack:fetchapail\n";
static const char samplePublicKeyEccBuffer[] =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAA"
"BBBNkI5JTP6D0lF42tbxX19cE87hztUS6FSDoGvPfiU0CgeNSbI+aFdKIzTP5CQEJSvm25"
"qUzgDtH7oyaQROUnNvk= hansel\n"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAA"
"BBBKAtH8cqaDbtJFjtviLobHBmjCtG56DMkP6A4M2H9zX2/YCg1h9bYS7WHd9UQDwXO1Hh"
"IZzRYecXh7SG9P4GhRY= gretel\n";
static const char samplePublicKeyRsaBuffer[] =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGho"
"MNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3G"
"p2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTj"
"nEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPW"
"NmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pE"
"nIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel\n"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ"
"+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjO"
"P6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjz"
"uNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadru"
"biE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdI"
"RGwkU38D043AR1h0mUoGCPIKuqcFMf gretel\n";
static int LoadPasswordBuffer(byte* buf, word32 bufSz, PwMapList* list)
{
char* str = (char*)buf;
char* delimiter;
char* username;
char* password;
/* Each line of passwd.txt is in the format
* username:password\n
* This function modifies the passed-in buffer. */
if (list == NULL)
return -1;
if (buf == NULL || bufSz == 0)
return 0;
while (*str != 0) {
delimiter = strchr(str, ':');
username = str;
*delimiter = 0;
password = delimiter + 1;
str = strchr(password, '\n');
*str = 0;
str++;
if (PwMapNew(list, WOLFSSH_USERAUTH_PASSWORD,
(byte*)username, (word32)strlen(username),
(byte*)password, (word32)strlen(password)) == NULL ) {
return -1;
}
}
return 0;
}
static int LoadPublicKeyBuffer(byte* buf, word32 bufSz, PwMapList* list)
{
char* str = (char*)buf;
char* delimiter;
byte* publicKey64;
word32 publicKey64Sz;
byte* username;
word32 usernameSz;
byte publicKey[300];
word32 publicKeySz;
/* Each line of passwd.txt is in the format
* ssh-rsa AAAB3BASE64ENCODEDPUBLICKEYBLOB username\n
* This function modifies the passed-in buffer. */
if (list == NULL)
return -1;
if (buf == NULL || bufSz == 0)
return 0;
while (*str != 0) {
/* Skip the public key type. This example will always be ssh-rsa. */
delimiter = strchr(str, ' ');
str = delimiter + 1;
delimiter = strchr(str, ' ');
publicKey64 = (byte*)str;
*delimiter = 0;
publicKey64Sz = (word32)(delimiter - str);
str = delimiter + 1;
delimiter = strchr(str, '\n');
username = (byte*)str;
*delimiter = 0;
usernameSz = (word32)(delimiter - str);
str = delimiter + 1;
publicKeySz = sizeof(publicKey);
if (Base64_Decode(publicKey64, publicKey64Sz,
publicKey, &publicKeySz) != 0) {
return -1;
}
if (PwMapNew(list, WOLFSSH_USERAUTH_PUBLICKEY,
username, usernameSz,
publicKey, publicKeySz) == NULL ) {
return -1;
}
}
return 0;
}
static int wsUserAuth(byte authType,
WS_UserAuthData* authData,
void* ctx)
{
PwMapList* list;
PwMap* map;
byte authHash[SHA256_DIGEST_SIZE];
if (ctx == NULL) {
fprintf(stderr, "wsUserAuth: ctx not set");
return WOLFSSH_USERAUTH_FAILURE;
}
if (authType != WOLFSSH_USERAUTH_PASSWORD &&
authType != WOLFSSH_USERAUTH_PUBLICKEY) {
return WOLFSSH_USERAUTH_FAILURE;
}
/* Hash the password or public key with its length. */
{
Sha256 sha;
byte flatSz[4];
wc_InitSha256(&sha);
if (authType == WOLFSSH_USERAUTH_PASSWORD) {
c32toa(authData->sf.password.passwordSz, flatSz);
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
wc_Sha256Update(&sha,
authData->sf.password.password,
authData->sf.password.passwordSz);
}
else if (authType == WOLFSSH_USERAUTH_PUBLICKEY) {
c32toa(authData->sf.publicKey.publicKeySz, flatSz);
wc_Sha256Update(&sha, flatSz, sizeof(flatSz));
wc_Sha256Update(&sha,
authData->sf.publicKey.publicKey,
authData->sf.publicKey.publicKeySz);
}
wc_Sha256Final(&sha, authHash);
}
list = (PwMapList*)ctx;
map = list->head;
while (map != NULL) {
if (authData->usernameSz == map->usernameSz &&
memcmp(authData->username, map->username, map->usernameSz) == 0) {
if (authData->type == map->type) {
if (memcmp(map->p, authHash, SHA256_DIGEST_SIZE) == 0) {
return WOLFSSH_USERAUTH_SUCCESS;
}
else {
return (authType == WOLFSSH_USERAUTH_PASSWORD ?
WOLFSSH_USERAUTH_INVALID_PASSWORD :
WOLFSSH_USERAUTH_INVALID_PUBLICKEY);
}
}
else {
return WOLFSSH_USERAUTH_INVALID_AUTHTYPE;
}
}
map = map->next;
}
return WOLFSSH_USERAUTH_INVALID_USER;
}
int server_test(void)
{
WOLFSSH_CTX* ctx = NULL;
PwMapList pwMapList;
word32 defaultHighwater = EXAMPLE_HIGHWATER_MARK;
int useEcc = 0;
int multipleConnections = 0;
ID cepid = 1;
ID repid = 1;
ER ercd;
T_IPV4EP dst_addr = {0, 0};
printf("Start server_test\n");
if (wolfSSH_Init() != WS_SUCCESS) {
fprintf(stderr, "Couldn't initialize wolfSSH.\n");
return(EXIT_FAILURE);
}
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, NULL);
if (ctx == NULL) {
fprintf(stderr, "Couldn't allocate SSH CTX data.\n");
return(EXIT_FAILURE);
}
memset(&pwMapList, 0, sizeof(pwMapList));
wolfSSH_SetUserAuth(ctx, wsUserAuth);
wolfSSH_CTX_SetBanner(ctx, serverBanner);
{
const char* bufName;
byte buf[SCRATCH_BUFFER_SZ];
word32 bufSz;
bufSz = load_key(useEcc, buf, SCRATCH_BUFFER_SZ);
if (bufSz == 0) {
fprintf(stderr, "Couldn't load key.\n");
return(EXIT_FAILURE);
}
if (wolfSSH_CTX_UsePrivateKey_buffer(ctx, buf, bufSz,
WOLFSSH_FORMAT_ASN1) < 0) {
fprintf(stderr, "Couldn't use key buffer.\n");
return(EXIT_FAILURE);
}
bufSz = (word32)strlen(samplePasswordBuffer);
memcpy(buf, samplePasswordBuffer, bufSz);
buf[bufSz] = 0;
LoadPasswordBuffer(buf, bufSz, &pwMapList);
bufName = useEcc ? samplePublicKeyEccBuffer :
samplePublicKeyRsaBuffer;
bufSz = (word32)strlen(bufName);
memcpy(buf, bufName, bufSz);
buf[bufSz] = 0;
LoadPublicKeyBuffer(buf, bufSz, &pwMapList);
}
/* Register callbacks */
wolfSSH_SetIORecv(ctx, my_IORecv);
wolfSSH_SetIOSend(ctx, my_IOSend);
do {
WOLFSSH* ssh;
thread_ctx_t* threadCtx;
threadCtx = (thread_ctx_t*)malloc(sizeof(thread_ctx_t));
if (threadCtx == NULL) {
fprintf(stderr, "Couldn't allocate thread context data.\n");
return(EXIT_FAILURE);
}
ssh = wolfSSH_new(ctx);
if (ssh == NULL) {
fprintf(stderr, "Couldn't allocate SSH data.\n");
return(EXIT_FAILURE);
}
wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
/* Use the session object for its own highwater callback ctx */
if (defaultHighwater > 0) {
wolfSSH_SetHighwaterCtx(ssh, (void*)ssh);
wolfSSH_SetHighwater(ssh, defaultHighwater);
}
printf("Waiting connection from client\n");
if((ercd = tcp_acp_cep(cepid, repid, &dst_addr, TMO_FEVR)) != E_OK) {
printf("ERROR TCP Accept: %d\n", ercd);
return -1;
}
wolfSSH_SetIOReadCtx(ssh, (void *)&cepid);
wolfSSH_SetIOWriteCtx(ssh, (void *)&cepid);
threadCtx->ssh = ssh;
threadCtx->fd = cepid;
server_worker(threadCtx);
} while (multipleConnections);
PwMapListDelete(&pwMapList);
wolfSSH_CTX_free(ctx);
if (wolfSSH_Cleanup() != WS_SUCCESS) {
fprintf(stderr, "Couldn't clean up wolfSSH.\n");
return(EXIT_FAILURE);
}
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
printf("End server_test\n");
return 0;
}
#endif /* NO_WOLFSSH_SERVER */
void wolfSSH_init(void)
{
uint32_t channel;
R_CMT_CreatePeriodic(FREQ, &timeTick, &channel);
#if defined(DEBUG_WOLFSSH)
wolfSSH_Debugging_ON();
#endif
server_test();
}
#ifdef __cplusplus
void abort(void)
{
}
#endif

26
ide/Renesas/cs+/demo_server/wolfssh_demo.h 100644
View File

@ -0,0 +1,26 @@
/* wolfssh_demo.h
*
* Copyright (C) 2014-2019 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
* wolfSSH is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __WOLFSSH_DEMO_H_
#define __WOLFSSH_DEMO_H_
int server_test(void);
#endif

55
ide/Renesas/cs+/demo_server/wolfssh_dummy.c 100644
View File

@ -0,0 +1,55 @@
/* wolfssh_dummy.c
*
* Copyright (C) 2014-2019 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
* wolfSSH is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* wolfSSH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <stdio.h>
/* used for checking bytes on wire for window adjust packet read */
void ws_Ioctl(int fd, int flag, int *ret)
{
/* This needs to implement when using scp or sftp */
}
#define YEAR 2019
#define APR 4
static int tick = 0;
time_t time(time_t *t)
{
return ((YEAR-1970)*365+30*APR)*24*60*60 + tick++;
}
#include <ctype.h>
int strncasecmp(const char *s1, const char * s2, unsigned int sz)
{
for( ; sz>0; sz--, s1++, s2++){
if(toupper(*s1) < toupper(*s2)){
return -1;
}
if(toupper(*s1) > toupper(*s2)){
return 1;
}
}
return 0;
}

1250
ide/Renesas/cs+/wolfssh_lib/wolfssh_lib.mtpj 100644
View File

File diff suppressed because it is too large Load Diff

2172
ide/Renesas/cs+/wolfssl_lib/wolfssl_lib.mtpj 100644
View File

File diff suppressed because it is too large Load Diff

2
ide/include.am
View File

@ -4,3 +4,5 @@
include ide/winvs/include.am
include ide/CSBENCH/include.am
EXTRA_DIST += ide/Renesas

195
src/internal.c
View File

@ -677,6 +677,7 @@ int GenerateKey(byte hashId, byte keyId,
{
word32 blocks, remainder;
wc_HashAlg hash;
enum wc_HashType enmhashId = (enum wc_HashType)hashId;
byte kPad = 0;
byte pad = 0;
byte kSzFlat[LENGTH_SZ];
@ -692,7 +693,7 @@ int GenerateKey(byte hashId, byte keyId,
return WS_BAD_ARGUMENT;
}
digestSz = wc_HashGetDigestSize(hashId);
digestSz = wc_HashGetDigestSize(enmhashId);
if (digestSz == 0) {
WLOG(WS_LOG_DEBUG, "GK: bad hash ID");
return WS_BAD_ARGUMENT;
@ -704,25 +705,25 @@ int GenerateKey(byte hashId, byte keyId,
blocks = keySz / digestSz;
remainder = keySz % digestSz;
ret = wc_HashInit(&hash, hashId);
ret = wc_HashInit(&hash, enmhashId);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
if (ret == WS_SUCCESS && kPad)
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, k, kSz);
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, h, hSz);
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, &keyId, sizeof(keyId));
ret = wc_HashUpdate(&hash, enmhashId, &keyId, sizeof(keyId));
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, sessionId, sessionIdSz);
ret = wc_HashUpdate(&hash, enmhashId, sessionId, sessionIdSz);
if (ret == WS_SUCCESS) {
if (blocks == 0) {
if (remainder > 0) {
byte lastBlock[WC_MAX_DIGEST_SIZE];
ret = wc_HashFinal(&hash, hashId, lastBlock);
ret = wc_HashFinal(&hash, enmhashId, lastBlock);
if (ret == WS_SUCCESS)
WMEMCPY(key, lastBlock, remainder);
}
@ -731,23 +732,23 @@ int GenerateKey(byte hashId, byte keyId,
word32 runningKeySz, curBlock;
runningKeySz = digestSz;
ret = wc_HashFinal(&hash, hashId, key);
ret = wc_HashFinal(&hash, enmhashId, key);
for (curBlock = 1; curBlock < blocks; curBlock++) {
ret = wc_HashInit(&hash, hashId);
ret = wc_HashInit(&hash, enmhashId);
if (ret != WS_SUCCESS) break;
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
if (ret != WS_SUCCESS) break;
if (kPad)
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
if (ret != WS_SUCCESS) break;
ret = wc_HashUpdate(&hash, hashId, k, kSz);
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
if (ret != WS_SUCCESS) break;
ret = wc_HashUpdate(&hash, hashId, h, hSz);
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
if (ret != WS_SUCCESS) break;
ret = wc_HashUpdate(&hash, hashId, key, runningKeySz);
ret = wc_HashUpdate(&hash, enmhashId, key, runningKeySz);
if (ret != WS_SUCCESS) break;
ret = wc_HashFinal(&hash, hashId, key + runningKeySz);
ret = wc_HashFinal(&hash, enmhashId, key + runningKeySz);
if (ret != WS_SUCCESS) break;
runningKeySz += digestSz;
}
@ -755,19 +756,19 @@ int GenerateKey(byte hashId, byte keyId,
if (remainder > 0) {
byte lastBlock[WC_MAX_DIGEST_SIZE];
if (ret == WS_SUCCESS)
ret = wc_HashInit(&hash, hashId);
ret = wc_HashInit(&hash, enmhashId);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, kSzFlat, LENGTH_SZ);
ret = wc_HashUpdate(&hash, enmhashId, kSzFlat, LENGTH_SZ);
if (ret == WS_SUCCESS && kPad)
ret = wc_HashUpdate(&hash, hashId, &pad, 1);
ret = wc_HashUpdate(&hash, enmhashId, &pad, 1);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, k, kSz);
ret = wc_HashUpdate(&hash, enmhashId, k, kSz);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, h, hSz);
ret = wc_HashUpdate(&hash, enmhashId, h, hSz);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&hash, hashId, key, runningKeySz);
ret = wc_HashUpdate(&hash, enmhashId, key, runningKeySz);
if (ret == WS_SUCCESS)
ret = wc_HashFinal(&hash, hashId, lastBlock);
ret = wc_HashFinal(&hash, enmhashId, lastBlock);
if (ret == WS_SUCCESS)
WMEMCPY(key + runningKeySz, lastBlock, remainder);
}
@ -1872,7 +1873,7 @@ static INLINE byte KeySzForId(byte id)
}
static INLINE byte HashForId(byte id)
static INLINE enum wc_HashType HashForId(byte id)
{
switch (id) {
case ID_DH_GROUP1_SHA1:
@ -2182,6 +2183,7 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
}
if (ret == WS_SUCCESS) {
enum wc_HashType enmhashId = (enum wc_HashType)ssh->handshake->hashId;
byte scratchLen[LENGTH_SZ];
word32 strSz;
@ -2191,34 +2193,34 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
}
if (ret == WS_SUCCESS)
ret = wc_HashInit(&ssh->handshake->hash, ssh->handshake->hashId);
ret = wc_HashInit(&ssh->handshake->hash, enmhashId);
if (ret == WS_SUCCESS) {
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->peerProtoId, ssh->peerProtoIdSz);
}
if (ret == WS_SUCCESS) {
strSz = (word32)WSTRLEN(sshProtoIdStr) - SSH_PROTO_EOL_SZ;
c32toa(strSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
(const byte*)sshProtoIdStr, strSz);
if (ret == WS_SUCCESS) {
if (ssh->ctx->side == WOLFSSH_ENDPOINT_CLIENT) {
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->peerProtoId, ssh->peerProtoIdSz);
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->handshake->kexInit,
ssh->handshake->kexInitSz);
}
@ -2226,24 +2228,24 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
if (ret == WS_SUCCESS) {
c32toa(len + 1, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
if (ret == WS_SUCCESS) {
scratchLen[0] = MSGID_KEXINIT;
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, MSG_ID_SZ);
}
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
buf, len);
if (ret == WS_SUCCESS) {
if (ssh->ctx->side == WOLFSSH_ENDPOINT_SERVER)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->handshake->kexInit,
ssh->handshake->kexInitSz);
}
@ -2369,6 +2371,7 @@ static int DoKexDhInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
{
enum wc_HashType enmhashId;
byte* pubKey = NULL;
word32 pubKeySz;
byte* f = NULL;
@ -2433,11 +2436,13 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
}
}
enmhashId = (enum wc_HashType)ssh->handshake->hashId;
if (ret == WS_SUCCESS)
/* Hash in the raw public key blob from the server including its
* length which is at LENGTH_SZ offset ahead of pubKey. */
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
pubKey - LENGTH_SZ, pubKeySz + LENGTH_SZ);
if (ret == WS_SUCCESS)
@ -2451,21 +2456,21 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
if (ret == 0) {
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's requested preferred key size. */
if (ret == 0) {
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's requested maximum key size. */
if (ret == 0) {
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Add a pad byte if the mpint has the MSB set. */
@ -2478,7 +2483,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
c32toa(ssh->handshake->primeGroupSz + primeGroupPad,
scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the GEX prime group. */
@ -2486,14 +2491,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
if (primeGroupPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, 1);
}
}
/* Hash in the GEX prime group. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->handshake->primeGroup,
ssh->handshake->primeGroupSz);
/* Add a pad byte if the mpint has the MSB set. */
@ -2504,7 +2509,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
/* Hash in the length of the GEX generator. */
c32toa(ssh->handshake->generatorSz + generatorPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the GEX generator. */
@ -2512,14 +2517,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
if (generatorPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, 1);
}
}
/* Hash in the GEX generator. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
ssh->handshake->generator,
ssh->handshake->generatorSz);
}
@ -2527,12 +2532,12 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
if (ret == 0) {
c32toa(ssh->handshake->eSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's DH e-value (ECDH Q-value). */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
ssh->handshake->e, ssh->handshake->eSz);
/* Get and hash in the server's DH f-value (ECDH Q-value) */
@ -2550,7 +2555,7 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
if (ret == WS_SUCCESS)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
f, fSz + LENGTH_SZ);
if (ret == WS_SUCCESS) {
@ -2650,26 +2655,26 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
/* Hash in the shared secret K. */
if (ret == 0) {
c32toa(ssh->kSz + kPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
if (ret == 0) {
if (kPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, scratchLen, 1);
enmhashId, scratchLen, 1);
}
}
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
ssh->k, ssh->kSz);
/* Save the exchange hash value H, and session ID. */
if (ret == 0)
ret = wc_HashFinal(&ssh->handshake->hash,
ssh->handshake->hashId, ssh->h);
enmhashId, ssh->h);
if (ret == 0) {
ssh->hSz = wc_HashGetDigestSize(ssh->handshake->hashId);
ssh->hSz = wc_HashGetDigestSize(enmhashId);
if (ssh->sessionIdSz == 0) {
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
ssh->sessionIdSz = ssh->hSz;
@ -3218,6 +3223,7 @@ static int DoUserAuthRequestRsa(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
byte hashId, byte* digest, word32 digestSz)
{
RsaKey key;
enum wc_HashType enmhashId = (enum wc_HashType)hashId;
byte checkDigest[MAX_ENCODED_SIG_SZ];
int checkDigestSz;
byte* publicKeyType;
@ -3312,8 +3318,8 @@ static int DoUserAuthRequestRsa(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
volatile int sizeCompare;
encDigestSz = wc_EncodeSignature(encDigest, digest,
wc_HashGetDigestSize(hashId),
wc_HashGetOID(hashId));
wc_HashGetDigestSize(enmhashId),
wc_HashGetOID(enmhashId));
compare = ConstantCompare(encDigest, checkDigest,
encDigestSz);
@ -3550,7 +3556,7 @@ static int DoUserAuthRequestPublicKey(WOLFSSH* ssh, WS_UserAuthData* authData,
wc_HashAlg hash;
byte digest[WC_MAX_DIGEST_SIZE];
word32 digestSz;
byte hashId = WC_HASH_TYPE_SHA;
enum wc_HashType hashId = WC_HASH_TYPE_SHA;
byte pkTypeId;
pkTypeId = NameToId((char*)pk->publicKeyType,
@ -4655,7 +4661,7 @@ static INLINE int Encrypt(WOLFSSH* ssh, byte* cipher, const byte* input,
#ifdef WOLFSSL_AES_COUNTER
case ID_AES128_CTR:
if (sz % AES_BLOCK_SIZE || wc_AesCtrEncrypt(&ssh->encryptCipher.aes,
cipher, input, sz) < 0) {
cipher, input, sz) < 0) {
ret = WS_ENCRYPT_E;
}
@ -5554,6 +5560,7 @@ int SendKexDhReply(WOLFSSH* ssh)
word32 idx;
int ret = WS_SUCCESS;
byte msgId = MSGID_KEXDH_REPLY;
enum wc_HashType enmhashId;
WLOG(WS_LOG_DEBUG, "Entering SendKexDhReply()");
@ -5590,6 +5597,8 @@ int SendKexDhReply(WOLFSSH* ssh)
ret = WS_INVALID_ALGO_ID;
}
enmhashId = (enum wc_HashType)ssh->handshake->hashId;
/* At this point, the exchange hash, H, includes items V_C, V_S, I_C,
* and I_S. Next add K_S, the server's public host key. K_S will
* either be RSA or ECDSA public key blob. */
@ -5624,20 +5633,20 @@ int SendKexDhReply(WOLFSSH* ssh)
c32toa(sigKeyBlock.sz, scratchLen);
/* Hash in the length of the public key block. */
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the length of the key type string. */
if (ret == 0) {
c32toa(sigKeyBlock.nameSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the key type string. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
(byte*)sigKeyBlock.name,
sigKeyBlock.nameSz);
/* Hash in the length of the RSA public key E value. */
@ -5645,7 +5654,7 @@ int SendKexDhReply(WOLFSSH* ssh)
c32toa(sigKeyBlock.sk.rsa.eSz + sigKeyBlock.sk.rsa.ePad,
scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the RSA public key E value. */
@ -5653,13 +5662,13 @@ int SendKexDhReply(WOLFSSH* ssh)
if (sigKeyBlock.sk.rsa.ePad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, scratchLen, 1);
enmhashId, scratchLen, 1);
}
}
/* Hash in the RSA public key E value. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
sigKeyBlock.sk.rsa.e,
sigKeyBlock.sk.rsa.eSz);
/* Hash in the length of the RSA public key N value. */
@ -5667,7 +5676,7 @@ int SendKexDhReply(WOLFSSH* ssh)
c32toa(sigKeyBlock.sk.rsa.nSz + sigKeyBlock.sk.rsa.nPad,
scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the RSA public key N value. */
@ -5675,13 +5684,13 @@ int SendKexDhReply(WOLFSSH* ssh)
if (sigKeyBlock.sk.rsa.nPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, scratchLen, 1);
enmhashId, scratchLen, 1);
}
}
/* Hash in the RSA public key N value. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
sigKeyBlock.sk.rsa.n,
sigKeyBlock.sk.rsa.nSz);
}
@ -5713,46 +5722,46 @@ int SendKexDhReply(WOLFSSH* ssh)
sigKeyBlock.sk.ecc.qSz;
c32toa(sigKeyBlock.sz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the length of the key type string. */
if (ret == 0) {
c32toa(sigKeyBlock.nameSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the key type string. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
(byte*)sigKeyBlock.name,
sigKeyBlock.nameSz);
/* Hash in the length of the name of the prime. */
if (ret == 0) {
c32toa(sigKeyBlock.sk.ecc.primeNameSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the name of the prime. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
(const byte*)sigKeyBlock.sk.ecc.primeName,
sigKeyBlock.sk.ecc.primeNameSz);
/* Hash in the length of the public key. */
if (ret == 0) {
c32toa(sigKeyBlock.sk.ecc.qSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the public key. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
sigKeyBlock.sk.ecc.q,
sigKeyBlock.sk.ecc.qSz);
}
@ -5765,21 +5774,21 @@ int SendKexDhReply(WOLFSSH* ssh)
if (ret == 0) {
c32toa(ssh->handshake->dhGexMinSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's requested preferred key size. */
if (ret == 0) {
c32toa(ssh->handshake->dhGexPreferredSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's requested maximum key size. */
if (ret == 0) {
c32toa(ssh->handshake->dhGexMaxSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Add a pad byte if the mpint has the MSB set. */
@ -5789,7 +5798,7 @@ int SendKexDhReply(WOLFSSH* ssh)
/* Hash in the length of the GEX prime group. */
c32toa(primeGroupSz + primeGroupPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the GEX prime group. */
@ -5797,14 +5806,14 @@ int SendKexDhReply(WOLFSSH* ssh)
if (primeGroupPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, 1);
}
}
/* Hash in the GEX prime group. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
primeGroup, primeGroupSz);
/* Add a pad byte if the mpint has the MSB set. */
if (ret == 0) {
@ -5813,7 +5822,7 @@ int SendKexDhReply(WOLFSSH* ssh)
/* Hash in the length of the GEX generator. */
c32toa(generatorSz + generatorPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the pad byte for the GEX generator. */
@ -5821,26 +5830,26 @@ int SendKexDhReply(WOLFSSH* ssh)
if (generatorPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
scratchLen, 1);
}
}
/* Hash in the GEX generator. */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId,
enmhashId,
generator, generatorSz);
}
/* Hash in the size of the client's DH e-value (ECDH Q-value). */
if (ret == 0) {
c32toa(ssh->handshake->eSz, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
/* Hash in the client's DH e-value (ECDH Q-value). */
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
ssh->handshake->e, ssh->handshake->eSz);
/* Make the server's DH f-value and the shared secret K. */
@ -5902,44 +5911,44 @@ int SendKexDhReply(WOLFSSH* ssh)
if (ret == 0) {
CreateMpint(f, &fSz, &fPad);
c32toa(fSz + fPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
if (ret == 0) {
if (fPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, scratchLen, 1);
enmhashId, scratchLen, 1);
}
}
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, f, fSz);
enmhashId, f, fSz);
/* Hash in the shared secret K. */
if (ret == 0) {
CreateMpint(ssh->k, &ssh->kSz, &kPad);
c32toa(ssh->kSz + kPad, scratchLen);
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
scratchLen, LENGTH_SZ);
}
if (ret == 0) {
if (kPad) {
scratchLen[0] = 0;
ret = wc_HashUpdate(&ssh->handshake->hash,
ssh->handshake->hashId, scratchLen, 1);
enmhashId, scratchLen, 1);
}
}
if (ret == 0)
ret = wc_HashUpdate(&ssh->handshake->hash, ssh->handshake->hashId,
ret = wc_HashUpdate(&ssh->handshake->hash, enmhashId,
ssh->k, ssh->kSz);
/* Save the exchange hash value H, and session ID. */
if (ret == 0)
ret = wc_HashFinal(&ssh->handshake->hash,
ssh->handshake->hashId, ssh->h);
enmhashId, ssh->h);
if (ret == 0) {
ssh->hSz = wc_HashGetDigestSize(ssh->handshake->hashId);
ssh->hSz = wc_HashGetDigestSize(enmhashId);
if (ssh->sessionIdSz == 0) {
WMEMCPY(ssh->sessionId, ssh->h, ssh->hSz);
ssh->sessionIdSz = ssh->hSz;
@ -5954,7 +5963,7 @@ int SendKexDhReply(WOLFSSH* ssh)
if (ret == WS_SUCCESS) {
wc_HashAlg digestHash;
byte digest[WC_MAX_DIGEST_SIZE];
byte sigHashId;
enum wc_HashType sigHashId;
sigHashId = HashForId(ssh->handshake->pubKeyId);

2
src/ssh.c
View File

@ -1200,7 +1200,7 @@ WS_SessionType wolfSSH_GetSessionType(const WOLFSSH* ssh)
WLOG(WS_LOG_DEBUG, "Entering wolfSSH_GetSessionType()");
if (ssh && ssh->channelList)
return ssh->channelList->sessionType;
return (WS_SessionType)ssh->channelList->sessionType;
return WOLFSSH_SESSION_UNKNOWN;
}

6
wolfssh/port.h
View File

@ -223,6 +223,12 @@ extern "C" {
#define WSTRNCASECMP(s1, s2, n) strncmp((s1), (s2), (n))
#define WSNPRINTF(s,n,f,...) snprintf((s),(n),(f),##__VA_ARGS__)
#define WVSNPRINTF(s,n,f,...) vsnprintf((s),(n),(f),##__VA_ARGS__)
#elif defined(RENESAS_CSPLUS)
#include <stdio.h>
#define WSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
#define WSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#define WSNPRINTF(s,n,f,...) snprintf((s),(n),(f),__VA_ARGS__)
#define WVSNPRINTF(s,n,f,...) vsnprintf((s),(n),(f),__VA_ARGS__)
#else
#include <stdio.h>
#define WSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))