WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #50 from connerWolfSSL/master 

PSK examples clean up
pull/55/head
Chris Conlon 2017-05-30 13:27:21 -06:00 committed by GitHub
parent e99ae9cf4e cc31940bff
commit 30ef0569fe
10 changed files with 251 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/3des/README
View File

@ -1,11 +1,10 @@
How to use 3des-file-encrypt.c
1) a. Compile wolfSSL with ./configure --enable-pwdbased --enable-3des, run
1) a. Compile wolfSSL with ./configure --enable-pwdbased --enable-des3, run
'make', and then install by typing 'sudo make install'.
b. In the crypto/3des directory run the Makefile by typing 'make'.
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the excecutable, for help run with -h flag. Basic command is as follows:
./3des-file-encrypt <-option> <KeySize> <input.file> <output.file>
KeySize examples: 56, 112, or 168

98
psk/README.md
View File

@ -9,11 +9,12 @@ TCP/PSK Tutorial
``read(sockfd, recvline, MAXLINE)`` becomes ``wolfSSL_read(ssl, recvline, MAXLINE)``
3. Change all calls from write() or send() to CySSL_write(), in the simple client
3. Change all calls from write() or send() to wolfSSL_write(), in the simple client
``write(socked, send line,strlen(send line))`` becomes ``wolfSSL_write(ssl, send line, strlen(sendline))``
``write(socked, sendline, strlen(sendline))`` becomes ``wolfSSL_write(ssl, sendline, strlen(sendline))``
4. In the main method initialize wolfSSL and WOLFSSL_CTX.
4. In the main method initialize wolfSSL and WOLFSSL_CTX. You must initialize wolfSSL before making any other wolfSSL calls.
wolfSSL_CTX_new() takes an argument that defines what SSL/TLS protocol to use. In this case ``wolfTLSv1_2_client_method()`` is used to specify TLS 1.2.
wolfSSL_Init();
@ -35,10 +36,11 @@ TCP/PSK Tutorial
return 1;
}
6. Cleanup. After each wolfSSL object is done being used you can free it up by calling ``wolfSSL_free(ssl);``
6. Cleanup. After each wolfSSL object is done being used you can free it up by calling ``wolfSSL_free(ssl);``.
7. When completely done using SSL/TLS, free the WOLFSSL_CTX object by
``wolfSSL_CTX_free(CTX);``
``wolfSSL_CTX_free(ctx);``
``wolfSSL_Cleanup();``
@ -82,7 +84,7 @@ TCP/PSK Tutorial
2. After the function ``wolfSSL_set_fd(ssl,sockfd)``, tell wolfSSL that you want non-blocking to be used. This is done by adding : `` wolfSSL_set_using_nonblock(ssl,1);``
3. Now we much invoke the fcnt callable serve to use non-blocking.
3. Now we must invoke the fcntl callable serve to use non-blocking.
int flags = fcntl(sockfd, F_GETFL, 0);
if (flags < 0) {
@ -190,7 +192,7 @@ Session resumption allows a client/server pair to re-use previously generated cr
WOLFSSL_SESSION* session = wolfSSL_get_session(ssl);
WOLFSSL* sslResume = wolfSSL_new(ctx);
2. Now we must close wolfSSL SSL and close connections. Alos free the socket and ctx.
2. Now we must close wolfSSL SSL and close connections i.e. free the socket and ctx.
/* shut down wolfSSL */
wolfSSL_shutdown(ssl);
@ -198,10 +200,9 @@ Session resumption allows a client/server pair to re-use previously generated cr
/* close connection */
close(sockfd);
/* cleanup */
/* cleanup without wolfSSL_Cleanup() for now */
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
3. Now we are ready to reconnect and start a new socket but we are going to reuse the session id to make things go a little faster.
@ -209,7 +210,7 @@ Session resumption allows a client/server pair to re-use previously generated cr
sock = socket(AF_INET, SOCK_STREAM, 0);
/* connect to the socket */
ret = connect(sock, (struct sockaddr *) &servaddr, sizeof(servaddr));
ret = connect(sock, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0){
return 1;
@ -245,7 +246,7 @@ Session resumption allows a client/server pair to re-use previously generated cr
/* shut down socket */
close(sock);
/* clean up */
/* clean up now with wolfSSL_Cleanup() */
wolfSSL_free(sslResume);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
@ -261,13 +262,14 @@ Session resumption allows a client/server pair to re-use previously generated cr
>(wolfSSL_read on first use also calls wolfSSL_accept if not explicitly called earlier in code.)
3. Change all calls from write() or send() to CySSL_write(), in the simple server
3. Change all calls from write() or send() to wolfSSL_write(), in the simple server
``write(sockfd, sendline, strlen(sendline))`` becomes ``wolfSSL_write(ssl, sendline, strlen(sendline))``
4. Run the wolfSSL method to initalize wolfSSL
``wolfSSL_Init()``
5. Create a ctx pointer that contains using the following process.
5. Create a ctx pointer that contains a server method using the following process. The server method wolfSSLv23_server_method()
allows clients with TLS 1+ to connect.
```
WOLFSSL_CTX* ctx;
@ -280,7 +282,7 @@ Session resumption allows a client/server pair to re-use previously generated cr
```
WOLFSSL* ssl;
wolfSSL_set_fd(ssl, “integer returned from accept”);
wolfSSL_set_fd(ssl, “integer (file descriptor) returned from accept”);
wolfSSL_free(ssl);
@ -310,9 +312,9 @@ The following steps are on how to use PSK in a wolfSSL server
>PSK-AES128-CBC-SHA256 creates the cipher list of having pre shared keys with advanced encryption security using 128 bit key
>with cipher block chaining using secure hash algorithm.
3. Add the my_psk_server_cb function as follows. This is a function needed that is passed in as an argument to the wolfSSL callback.
3. Add the my_psk_server_cb function as follows. This is a necessary function that is passed in as an argument to the wolfSSL callback.
```
```
static inline unsigned int my_psk_client_cb(WOLFSSL* ssl, char* identity, unsigned
char* key, unsigned int key_max_len) {
(void)ssl;
@ -330,12 +332,12 @@ The following steps are on how to use PSK in a wolfSSL server
return 4;
}
```
```
Example Makefile for Simple wolfSSL PSK Client:
```
```
CC=gcc
OBJ = client-psk.o
CFLAG=-Wall
@ -350,19 +352,19 @@ Example Makefile for Simple wolfSSL PSK Client:
clean:
rm -f *.o client-psk
```
```
The -lwolfssl will link the wolfSSL Libraries to your program
The makefile for the server is going to be similar to that of the client. If the user wants separate makefiles just make a use the same set up of the client makefile and replace every instance of client-psk with server-psk. To combine make files just add a server-psk with similar ending to each time client-psk is referenced and change the target. There will also need to be a target for when compiling all targets.
The makefile for the server is going to be similar to that of the client. If the user wants separate makefiles just make and use the same set up of the client makefile and replace every instance of client-psk with server-psk. To combine make files just add a server-psk with similar ending to each time client-psk is referenced and change the target. There will also need to be a target for when compiling all targets.
```
```
all: server-psk client-psk
server-psk: server-psk.c
$(CC) -Wall -o server-psk server-psk.c -lwolfssl
```
```
## Nonblocking psk
###### What is nonblocking?
@ -411,7 +413,7 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
5. Before adding the NonblockingSSL_Connect function into our code we much add a tcp_select function that will be used by the NonblockingSSL_Connect. This is done by adding:
5. Before adding the NonblockingSSL_Connect function into our code we must add a tcp_select function that will be used by the NonblockingSSL_Connect. This is done by adding:
```
/*
@ -426,29 +428,28 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
static inline int tcp_select(int socketfd, int to_sec)
{
    fd_set recvfds, errfds;
    int nfds = socketfd + 1;
   struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
   int result;
   FD_ZERO(&recvfds);
   FD_SET(socketfd, &recvfds);
   FD_ZERO(&errfds);
   FD_SET(socketfd, &errfds);
   result = select(nfds, &recvfds, NULL, &errfds, &timeout);
   if (result == 0)
       return TEST_TIMEOUT;
   else if (result > 0) {
       if (FD_ISSET(socketfd, &recvfds))
           return TEST_RECV_READY;
       else if(FD_ISSET(socketfd, &errfds))
           return TEST_ERROR_READY;
   }
   return TEST_SELECT_FAIL;
}
    fd_set recvfds, errfds;
    int nfds = socketfd + 1;
struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
int result;
FD_ZERO(&recvfds);
FD_SET(socketfd, &recvfds);
FD_ZERO(&errfds);
FD_SET(socketfd, &errfds);
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0)
     return TEST_TIMEOUT;
else if (result > 0) {
     if (FD_ISSET(socketfd, &recvfds))
         return TEST_RECV_READY;
     else if(FD_ISSET(socketfd, &errfds))
         return TEST_ERROR_READY;
}
    return TEST_SELECT_FAIL;
}
```
@ -494,7 +495,7 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
}
}
```
##Tutorial for adding nonblocking to a Server.
## Tutorial for adding nonblocking to a Server.
Nonblocking on the server side allows for switching between multiple client connections when reading and writing without closing them.
@ -511,6 +512,7 @@ Nonblocking on the server side allows for switching between multiple client conn
>Both F_SETFL and O_NONBLOCK are constants from the fcntl.h file.
4. Include a function to select tcp. What this function does is it checks file descriptors for readiness of reading, writing, for pending exceptions, and for timeout. The timeout variable needs to point to struct timeval type. If the timeval members are 0 then the function does not block. The function and its input parameters are listed below.
``select(int nfds, fd_set* read, fd_set* write, fd_set* exception, struct timeval* time)``
>For the example server we do not consider write when selecting the tcp so it is set to NULL. For ease the example code uses enumerated values for which state the function select returns. This then makes the next loop discussed easier.
@ -591,4 +593,4 @@ The main thread accepts clients and for each client accepted a new thread is spa
}
```
5. Void* arg is the argument that gets passed into wolfssal_thread when pthread_create is called. In this example that argument is used to pass the socket value that the client for the current thread is on.
5. Void* arg is the argument that gets passed into wolfssl_thread when pthread_create is called. In this example that argument is used to pass the socket value that the client for the current thread is on.

63
psk/client-psk-nonblocking.c
View File

@ -36,7 +36,7 @@
#define SERV_PORT 11111 /* default port*/
/*
* enum used for tcp_select function
* enum used for tcp_select function
*/
enum {
TEST_SELECT_FAIL,
@ -60,25 +60,28 @@ static inline int tcp_select(int socketfd, int to_sec)
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0)
if (result == 0) {
return TEST_TIMEOUT;
}
else if (result > 0) {
if (FD_ISSET(socketfd, &recvfds))
if (FD_ISSET(socketfd, &recvfds)) {
return TEST_RECV_READY;
else if(FD_ISSET(socketfd, &errfds))
}
else if(FD_ISSET(socketfd, &errfds)) {
return TEST_ERROR_READY;
}
}
return TEST_SELECT_FAIL;
}
/*
* sets up and uses nonblocking protocols using wolfssl
* sets up and uses nonblocking protocols using wolfssl
*/
static int NonBlockingSSL_Connect(WOLFSSL* ssl)
{
int ret, error, sockfd, select_ret, currTimeout;
ret = wolfSSL_connect(ssl);
error = wolfSSL_get_error(ssl, 0);
sockfd = (int)wolfSSL_get_fd(ssl);
@ -87,10 +90,12 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
error == SSL_ERROR_WANT_WRITE)) {
currTimeout = 1;
if (error == SSL_ERROR_WANT_READ)
if (error == SSL_ERROR_WANT_READ) {
printf("... client would read block\n");
else
}
else {
printf("... client would write block\n");
}
select_ret = tcp_select(sockfd, currTimeout);
@ -118,7 +123,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
*psk client set up.
*/
static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key,
char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len)
{
(void)ssl;
@ -139,20 +144,20 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
}
/*
* this function will send the inputted string to the server and then
* this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial
*/
*/
int SendReceive(WOLFSSL* ssl)
{
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */
if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n");
return 1;
}
/* flags if the Server stopped before the client could end */
if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n");
@ -161,7 +166,7 @@ int SendReceive(WOLFSSL* ssl)
/* show message from the server */
printf("Server Message: %s\n", recvline);
return 0;
}
@ -177,20 +182,20 @@ int main(int argc, char **argv)
printf("Usage: tcpClient <IPaddress>\n");
return 1;
}
wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize WOLFSSL_CTX structure */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n");
return 1;
}
}
/* create a stream socket using tcp,internet protocal IPv4,
* full-duplex stream */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
/* places n zero-valued bytes in the address servaddr */
memset(&servaddr, 0, sizeof(servaddr));
@ -199,23 +204,23 @@ int main(int argc, char **argv)
/* converts IPv4 addresses from text to binary form */
ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr);
if (ret != 1) {
printf("inet_pton error\n");
return 1;
}
/* set up pre shared keys */
wolfSSL_CTX_set_psk_client_callback(ctx,My_Psk_Client_Cb);
/* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0) {
printf("Connection Error\n");
return 1;
}
/* create wolfSSL object after each tcp connect */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "wolfSSL_new error.\n");
@ -228,7 +233,7 @@ int main(int argc, char **argv)
/* tell wolfSSL that nonblocking is going to be used */
wolfSSL_set_using_nonblock(ssl, 1);
/* invokes the fcntl callable service to get the file status
/* invokes the fcntl callable service to get the file status
* flags for a file. checks if it returns an error, if it does
* stop program */
int flags = fcntl(sockfd, F_GETFL, 0);
@ -238,8 +243,8 @@ int main(int argc, char **argv)
}
/* invokes the fcntl callable service to set file status flags.
* Do not block an open, a read, or a write on the file
* (do not wait for terminal input. If an error occurs,
* Do not block an open, a read, or a write on the file
* (do not wait for terminal input. If an error occurs,
* stop program*/
flags = fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
if (flags < 0) {
@ -262,11 +267,11 @@ int main(int argc, char **argv)
/* cleanup */
wolfSSL_free(ssl);
/* when completely done using SSL/TLS, free the
/* when completely done using SSL/TLS, free the
* wolfssl_ctx object */
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
return ret;
}

48
psk/client-psk-resume.c
View File

@ -40,7 +40,7 @@
*psk client set up.
*/
static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key,
char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len)
{
(void)ssl;
@ -61,20 +61,20 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
}
/*
* this function will send the inputted string to the server and then
* this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial
*/
*/
int SendReceive(WOLFSSL* ssl)
{
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */
if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n");
return 1;
}
/* flags if the Server stopped before the client could end */
if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n");
@ -83,12 +83,12 @@ int SendReceive(WOLFSSL* ssl)
/* show message from the server */
printf("Server Message: %s\n", recvline);
return 0;
return 0;
}
int main(int argc, char **argv){
int sockfd, sock, ret;
WOLFSSL* ssl;
WOLFSSL* sslResume = 0;
@ -101,19 +101,19 @@ int main(int argc, char **argv){
printf("Usage: tcpClient <IPaddress>\n");
return 1;
}
wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize WOLFSSL_CTX structure */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n");
return 1;
}
/* create a stream socket using tcp,internet protocal IPv4,
* full-duplex stream */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
/* places n zero-valued bytes in the address servaddr */
memset(&servaddr, 0, sizeof(servaddr));
@ -122,11 +122,11 @@ int main(int argc, char **argv){
/* converts IPv4 addresses from text to binary form */
ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr);
if (ret != 1){
return 1;
}
/* set up pre shared keys */
wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb);
@ -135,7 +135,7 @@ int main(int argc, char **argv){
if (ret != 0 ){
return 1;
}
/* create wolfSSL object after each tcp connect */
if ( (ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "wolfSSL_new error.\n");
@ -158,21 +158,20 @@ int main(int argc, char **argv){
/* close connection */
close(sockfd);
/* cleanup */
/* cleanup without wolfSSL_Cleanup() for now */
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
/*
* resume session, start new connection and socket
* resume session, start new connection and socket
*/
/* start a new socket connection */
sock = socket(AF_INET, SOCK_STREAM, 0);
/* connect to the socket */
ret = connect(sock, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0){
return 1;
}
@ -194,8 +193,9 @@ int main(int argc, char **argv){
}
/* check to see if the session id is being reused */
if (wolfSSL_session_reused(sslResume))
if (wolfSSL_session_reused(sslResume)) {
printf("reused session id\n");
}
else
printf("didn't reuse session id!!!\n");
@ -205,10 +205,10 @@ int main(int argc, char **argv){
/* shut down socket */
close(sock);
/* clean up */
wolfSSL_free(sslResume);
/* clean up now with wolfSSL_Cleanup() */
wolfSSL_free(sslResume);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
return ret;
}

42
psk/client-psk.c
View File

@ -38,7 +38,7 @@
*psk client set up.
*/
static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key,
char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len)
{
(void)ssl;
@ -59,20 +59,20 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
}
/*
* this function will send the inputted string to the server and then
* this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial
*/
*/
int SendReceive(WOLFSSL* ssl)
{
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */
if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n");
return 1;
}
/* flags if the Server stopped before the client could end */
if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n");
@ -81,7 +81,7 @@ int SendReceive(WOLFSSL* ssl)
/* show message from the server */
printf("Server Message: %s\n", recvline);
return 0;
}
@ -97,19 +97,19 @@ int main(int argc, char **argv)
printf("Usage: tcpClient <IPaddress>\n");
return 1;
}
wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize WOLFSSL_CTX structure */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n");
return 1;
}
/* create a stream socket using tcp,internet protocal IPv4,
* full-duplex stream */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
/* places n zero-valued bytes in the address servaddr */
memset(&servaddr, 0, sizeof(servaddr));
@ -120,44 +120,44 @@ int main(int argc, char **argv)
ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr);
if (ret != 1) {
printf("inet_pton error\n");
printf("inet_pton error\n");
return 1;
}
/* set up pre shared keys */
wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb);
/* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0) {
printf("Connection Error\n");
return 1;
}
/* creat wolfssl object after each tcp connct */
if ( (ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "wolfSSL_new error.\n");
return 1;
}
/* associate the file descriptor with the session */
ret = wolfSSL_set_fd(ssl, sockfd);
if (ret != SSL_SUCCESS){
if (ret != SSL_SUCCESS) {
return 1;
}
/* takes inputting string and outputs it to the server */
ret = SendReceive(ssl);
if(ret != 0){
if (ret != 0) {
return 1;
}
/* cleanup */
wolfSSL_free(ssl);
/* when completely done using SSL/TLS, free the
/* when completely done using SSL/TLS, free the
* wolfssl_ctx object */
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();

26
psk/client-tcp.c
View File

@ -34,34 +34,34 @@
#define SERV_PORT 11111
/*
* this function will send the inputted string to the server and then
* this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial
*/
*/
int SendReceive(int sockfd)
{
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */
if (write(sockfd, sendline, strlen(sendline)) != sizeof(sendline)) {
if (write(sockfd, sendline, strlen(sendline)) != strlen(sendline)) {
printf("Write Error to Server\n");
return 1;
}
/* flags if the server stopped before the client could end */
/* flags if the server stopped before the client could end */
if (read(sockfd, recvline, MAXLINE) == 0) {
printf("Client: Server Terminated Prematurely!\n");
return 1;
}
printf("Server Message: %s\n", recvline);
return 0;
}
int main(int argc, char **argv)
{
int sockfd, ret;
int sockfd, ret;
struct sockaddr_in servaddr;
/* must include an ip address or this will flag */
@ -72,17 +72,17 @@ int main(int argc, char **argv)
/* create a stream socket using tcp,internet protocal IPv4,
* full-duplex stream */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
/* places n zero-valued bytes in the address servaddr */
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(SERV_PORT);
servaddr.sin_port = htons(SERV_PORT);
/* converts IPv4 addresses from text to binary form */
ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr);
if (ret != 1) {
printf("Not a Valid network address");
return 1;
@ -90,11 +90,11 @@ int main(int argc, char **argv)
/* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
if (ret != 0) {
return 1;
}
/* takes inputting string and outputs it to the server */
ret = SendReceive(sockfd);
if (ret != 0){
@ -103,6 +103,6 @@ int main(int argc, char **argv)
}
/* close socket and connection */
close(sockfd);
return ret;
}

76
psk/server-psk-nonblocking.c
View File

@ -1,6 +1,6 @@
/* server-psk-nonblocking.c
* A server ecample using a TCP connection with PSK security and non blocking.
*
* A server ecample using a TCP connection with PSK security and non blocking.
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
@ -58,7 +58,7 @@ int tcp_select(int sockfd, int to_sec)
int nfds = sockfd + 1;
struct timeval timeout = {to_sec, 0};
int result;
/* reset socket values */
FD_ZERO(&recvfds);
FD_SET(sockfd, &recvfds);
@ -68,13 +68,16 @@ int tcp_select(int sockfd, int to_sec)
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
/* logic for which enumerated value is returned */
if (result == 0)
if (result == 0) {
return TEST_TIMEOUT;
}
else if (result > 0) {
if (FD_ISSET(sockfd, &recvfds))
if (FD_ISSET(sockfd, &recvfds)) {
return TEST_RECV_READY;
else if (FD_ISSET(sockfd, &errfds))
}
else if (FD_ISSET(sockfd, &errfds)) {
return TEST_ERROR_READY;
}
}
return TEST_SELECT_FAIL;
@ -84,7 +87,7 @@ int tcp_select(int sockfd, int to_sec)
/*
* Pulled in from examples/server/server.c
* Function to handle nonblocking. Loops until tcp_select notifies that it's
* ready for action.
* ready for action.
*/
int NonBlockingSSL(WOLFSSL* ssl)
{
@ -99,15 +102,17 @@ int NonBlockingSSL(WOLFSSL* ssl)
int currTimeout = 1;
/* print out for user notification */
if (error == SSL_ERROR_WANT_READ)
if (error == SSL_ERROR_WANT_READ) {
printf("... server would read block\n");
else
}
else {
printf("... server would write block\n");
}
select_ret = tcp_select(sockfd, currTimeout);
/* if tcp_select signals ready try to accept otherwise continue loop*/
if ((select_ret == TEST_RECV_READY) ||
if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) {
ret = wolfSSL_accept(ssl);
error = wolfSSL_get_error(ssl, 0);
@ -129,10 +134,10 @@ int NonBlockingSSL(WOLFSSL* ssl)
}
/*
/*
* Handles response to client.
*/
int respond(WOLFSSL* ssl)
int Respond(WOLFSSL* ssl)
{
int n; /* length of string read */
char buf[MAXLINE]; /* string read from client */
@ -140,17 +145,21 @@ int respond(WOLFSSL* ssl)
memset(buf, 0, MAXLINE);
do {
if (NonBlockingSSL(ssl) != SSL_SUCCESS)
if (NonBlockingSSL(ssl) != SSL_SUCCESS) {
return 1;
}
n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) {
printf("%s\n", buf);
}
}
}
while(n < 0);
if (NonBlockingSSL(ssl) != SSL_SUCCESS)
if (NonBlockingSSL(ssl) != SSL_SUCCESS) {
return 1;
}
if (wolfSSL_write(ssl, response, strlen(response)) != strlen(response)) {
printf("Fatal error : respond: write error\n");
return 1;
@ -168,8 +177,9 @@ static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
(void)ssl;
(void)key_max_len;
if (strncmp(identity, "Client_identity", 15) != 0)
if (strncmp(identity, "Client_identity", 15) != 0) {
return 0;
}
key[0] = 26;
key[1] = 43;
@ -190,20 +200,21 @@ int main()
WOLFSSL_CTX* ctx;
wolfSSL_Init();
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
printf("Fatal error : wolfSSL_CTX_new error\n");
return 1;
}
/* use psk suite for security */
/* use psk suite for security */
wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS)
!= SSL_SUCCESS) {
printf("Fatal error : server can't set cipher list\n");
}
/* find a socket */
/* find a socket */
listenfd = socket(AF_INET, SOCK_STREAM, 0);
if (listenfd < 0) {
printf("Fatal error : socket error\n");
@ -221,40 +232,40 @@ int main()
if (setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (const void*)&opt,
sizeof(int)) != 0) {
printf("Fatal error : setsockopt errer");
return 1;
return 1;
}
if (bind(listenfd, (struct sockaddr *) &servAddr, sizeof(servAddr)) < 0) {
printf("Fatal error : bind error\n");
return 1;
}
/* main loop for accepting and responding to clients */
for ( ; ; ) {
WOLFSSL* ssl;
/* listen to the socket */
/* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) {
printf("Fatal error : listen error\n");
return 1;
}
cliLen = sizeof(cliAddr);
connfd = accept(listenfd, (struct sockaddr *) &cliAddr, &cliLen);
if (connfd < 0) {
if (errno != EINTR) {
printf("Fatal error : accept error\n");
return 1;
return 1;
}
}
else {
printf("Connection from %s, port %d\n",
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port));
/* create WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("Fatal error : wolfSSL_new error\n");
return 1;
return 1;
}
wolfSSL_set_fd(ssl, connfd);
@ -264,9 +275,10 @@ int main()
printf("Fatal error : fcntl set failed\n");
return 1;
}
if (respond(ssl) != 0)
if (Respond(ssl) != 0) {
printf("Fatal error : respond error\n");
return 1;
}
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
@ -280,7 +292,7 @@ int main()
/* free up memory used by wolfssl */
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
return 0;
}

50
psk/server-psk-threaded.c
View File

@ -1,6 +1,6 @@
/* server-psk-threaded.c
* A server ecample using a multi-threaded TCP connection with PSK security.
*
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
@ -50,8 +50,9 @@ static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
(void)ssl;
(void)key_max_len;
if (strncmp(identity, "Client_identity", 15) != 0)
if (strncmp(identity, "Client_identity", 15) != 0) {
return 0;
}
key[0] = 26;
key[1] = 43;
@ -68,10 +69,10 @@ void* wolfssl_thread(void* fd)
{
WOLFSSL* ssl;
int connfd = *((int*)fd);
int n;
char buf[MAXLINE];
int n;
char buf[MAXLINE];
char response[] = "I hear ya for shizzle";
memset(buf, 0, MAXLINE);
/* create WOLFSSL object */
@ -79,14 +80,15 @@ void* wolfssl_thread(void* fd)
printf("Fatal error : wolfSSL_new error");
/* place signal for forced error exit here */
}
wolfSSL_set_fd(ssl, connfd);
/* respond to client */
n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) {
printf("%s\n", buf);
if (wolfSSL_write(ssl, response, strlen(response)) != strlen(response)) {
if (wolfSSL_write(ssl, response, strlen(response))
!= strlen(response)) {
printf("Fatal error :respond: write error\n");
/* place signal for forced error exit here */
}
@ -95,12 +97,12 @@ void* wolfssl_thread(void* fd)
printf("Fatal error : respond: read error\n");
/* place signal for forced error exit here */
}
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
if (close(connfd) == -1) {
printf("Fatal error : close error\n");
printf("Fatal error : close error\n");
/* place signal for forced error exit here */
}
@ -118,18 +120,20 @@ int main()
void* wolfssl_thread(void*);
wolfSSL_Init();
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL)
printf("Fatal error : wolfSSL_CTX_new error\n");
/* use psk suite for security */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
printf("Fatal error : wolfSSL_CTX_new error\n");
}
/* use psk suite for security */
wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS)
!= SSL_SUCCESS) {
printf("Fatal error : server can't set cipher list");
}
/* find a socket */
/* find a socket */
listenfd = socket(AF_INET, SOCK_STREAM, 0);
if (listenfd < 0) {
printf("Fatal error : socket error");
@ -145,17 +149,17 @@ int main()
opt = 1;
if (setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (const void *)&opt,
sizeof(int))) {
return 1;
return 1;
}
if (bind(listenfd, (struct sockaddr *) &servAddr, sizeof(servAddr)) < 0) {
printf("Fatal error : bind error");
return 1;
return 1;
}
/* main loop for accepting and responding to clients */
for ( ; ; ) {
/* listen to the socket */
/* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) {
printf("Fatal error : listen error");
return 1;
@ -171,13 +175,13 @@ int main()
printf("Connection from %s, port %d\n",
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port));
if (pthread_create(&thread, NULL, &wolfssl_thread, (void*) &connfd)
!= 0) {
return 1;
return 1;
}
if (pthread_detach(thread) != 0) {
return 1;
return 1;
}
}
}

42
psk/server-psk.c
View File

@ -1,6 +1,6 @@
/* server-psk.c
* A server ecample using a TCP connection with PSK security.
*
* A server ecample using a TCP connection with PSK security.
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
@ -36,10 +36,10 @@
#define LISTENQ 1024
#define SERV_PORT 11111
/*
/*
* Handles response to client.
*/
int respond(WOLFSSL* ssl)
int Respond(WOLFSSL* ssl)
{
int n; /* length of string read */
char buf[MAXLINE]; /* string read from client */
@ -54,7 +54,7 @@ int respond(WOLFSSL* ssl)
}
}
if (n < 0) {
printf("Fatal error :espond: read error\n");
printf("Fatal error :respond: read error\n");
return 1;
}
@ -64,14 +64,15 @@ int respond(WOLFSSL* ssl)
/*
* Identify which psk key to use.
*/
static unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, unsigned char* key,
unsigned int key_max_len)
static unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
unsigned char* key, unsigned int key_max_len)
{
(void)ssl;
(void)key_max_len;
if (strncmp(identity, "Client_identity", 15) != 0)
if (strncmp(identity, "Client_identity", 15) != 0) {
return 0;
}
key[0] = 26;
key[1] = 43;
@ -91,14 +92,14 @@ int main()
WOLFSSL_CTX* ctx;
wolfSSL_Init();
/* create ctx and configure certificates */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
printf("Fatal error : wolfSSL_CTX_new error\n");
return 1;
}
/* use psk suite for security */
/* use psk suite for security */
wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
@ -114,7 +115,7 @@ int main()
servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
servAddr.sin_port = htons(SERV_PORT);
/* find a socket */
/* find a socket */
listenfd = socket(AF_INET, SOCK_STREAM, 0);
if (listenfd < 0) {
printf("Fatal error : socket error\n");
@ -132,17 +133,17 @@ int main()
printf("Fatal error : bind error\n");
return 1;
}
/* listen to the socket */
/* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) {
printf("Fatal error : listen error\n");
return 1;
}
/* main loop for accepting and responding to clients */
for ( ; ; ) {
WOLFSSL* ssl;
cliLen = sizeof(cliAddr);
connfd = accept(listenfd, (struct sockaddr *) &cliAddr, &cliLen);
if (connfd < 0) {
@ -153,20 +154,21 @@ int main()
printf("Connection from %s, port %d\n",
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port));
/* create WOLFSSL object and respond */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("Fatal error : wolfSSL_new error\n");
return 1;
}
wolfSSL_set_fd(ssl, connfd);
if (respond(ssl) != 0)
if (Respond(ssl) != 0) {
return 1;
}
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
if (close(connfd) == -1) {
printf("Fatal error : close error\n");
return 1;

28
psk/server-tcp.c
View File

@ -1,6 +1,6 @@
/* server-tcp.c
* A server ecample using a TCP connection.
*
* A server ecample using a TCP connection.
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
@ -34,15 +34,15 @@
#define LISTENQ 1024
#define SERV_PORT 11111
/*
* Fatal error detected, print out and exit.
/*
* Fatal error detected, print out and exit.
*/
void err_sys(const char *err, ...)
{
printf("Fatal error : %s\n", err);
}
/*
/*
* Handles response to client.
*/
void respond(int sockfd)
@ -71,11 +71,12 @@ int main()
char buff[MAXLINE];
socklen_t cliLen;
/* find a socket , 0 for using TCP option */
/* find a socket , 0 for using TCP option */
listenfd = socket(AF_INET, SOCK_STREAM, 0);
if (listenfd < 0)
if (listenfd < 0) {
err_sys("socket error");
}
/* set up server address and port */
memset(&servAddr, 0, sizeof(servAddr));
servAddr.sin_family = AF_INET;
@ -86,15 +87,16 @@ int main()
opt = 1;
setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (const void*)&opt,
sizeof(int));
if (bind(listenfd, (struct sockaddr *) &servAddr, sizeof(servAddr)) < 0)
if (bind(listenfd, (struct sockaddr *) &servAddr, sizeof(servAddr)) < 0) {
err_sys("bind error");
/* listen to the socket */
}
/* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) {
err_sys("listen error");
return 1;
}
/* main loop for accepting and responding to clients */
for ( ; ; ) {
cliLen = sizeof(cliAddr);
@ -107,7 +109,7 @@ int main()
printf("Connection from %s, port %d\n",
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port));
respond(connfd);
/* closes the connections after responding */
if (close(connfd) == -1) {