WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TLS client

pull/396/head
Takashi Kojo 2023-08-23 17:42:10 +09:00
parent 1daf7f1ae2
commit 3724feec1f
9 changed files with 426 additions and 686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
RPi-Pico/CMakeLists.txt
View File

@ -13,20 +13,13 @@ endif()
project(wolf_pico_examples C CXX ASM)
set(CMAKE_C_STANDARD 11)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O3")
#set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O3")
# Initialize the SDK
pico_sdk_init()
message("Example cmake project including wolfSSL with user_settings.h")
# add global define to include user_settings.h
add_compile_definitions(WOLFSSL_USER_SETTINGS)
add_compile_definitions(WOLFSSL_USER_SETTINGS_ASM)
set(BUILD_SHARED_LIBS OFF)
set(WOLFSSL_EXAMPLES OFF)
set(WOLFSSL_CRYPT_TESTS OFF)
set(WOLFSSL_USER_SETTINGS ON)
include_directories(config)
include_directories(include)
include_directories(${PICO_SDK_PATH}/src/rp2_common/pico_lwip/include)
@ -34,82 +27,79 @@ include_directories(${PICO_SDK_PATH}/lib/lwip/contrib/ports/freertos/include)
include_directories(${PICO_SDK_PATH}/lib/lwip/src/include)
include_directories(${PICO_SDK_PATH}/src/rp2_common/pico_async_context/include)
add_subdirectory(wolfssl)
target_link_libraries(wolfssl PRIVATE
set(WOLFSSL_ROOT $ENV{WOLFSSL_ROOT})
include_directories(${WOLFSSL_ROOT})
file(GLOB_RECURSE WOLFSSL_SRC
"${WOLFSSL_ROOT}/src/*.c"
"${WOLFSSL_ROOT}/wolfcrypt/src/*.c"
)
list(REMOVE_ITEM WOLFSSL_SRC EXCLUDE REGEX
"${WOLFSSL_ROOT}/src/bio.c"
"${WOLFSSL_ROOT}/src/conf.c"
"${WOLFSSL_ROOT}/src/pk.c"
"${WOLFSSL_ROOT}/src/ssl_asn1.c"
"${WOLFSSL_ROOT}/src/ssl_bn.c"
"${WOLFSSL_ROOT}/src/ssl_misc.c"
"${WOLFSSL_ROOT}/src/x509.c"
"${WOLFSSL_ROOT}/src/x509_str.c"
"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
)
add_library(wolfssl STATIC
${WOLFSSL_SRC}
)
target_include_directories(wolfssl PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}/config
)
target_compile_definitions(wolfssl PRIVATE
WOLFSSL_USER_SETTINGS
WOLFSSL_SP_ARM_THUMB_ASM
)
add_executable(testwolfcrypt
src/test_main.c
src/blink.c
${WOLFSSL_ROOT}/wolfcrypt/test/test.c
)
pico_enable_stdio_usb(testwolfcrypt 1)
pico_enable_stdio_uart(testwolfcrypt 0)
target_compile_definitions(testwolfcrypt PRIVATE
WOLFSSL_USER_SETTINGS
)
target_link_libraries(testwolfcrypt
wolfssl
pico_stdlib
pico_cyw43_arch_none
pico_rand
)
pico_add_extra_outputs(testwolfcrypt)
add_executable(benchmark
src/bench_main.c
src/blink.c
wolfssl/wolfcrypt/benchmark/benchmark.c
${WOLFSSL_ROOT}/wolfcrypt/benchmark/benchmark.c
)
pico_enable_stdio_usb(benchmark 1)
pico_enable_stdio_uart(benchmark 0)
target_compile_definitions(benchmark PRIVATE
WOLFSSL_USER_SETTINGS
)
target_link_libraries(benchmark
wolfssl
pico_stdlib
pico_cyw43_arch_none
pico_rand
#FreeRTOS-Kernel-Heap4 # FreeRTOS kernel and dynamic heap
)
pico_add_extra_outputs(benchmark)
if(0)
add_executable(TCPclient
src/blink.c
# src/TCPclient.c
src/TCPclient_main.c
)
# enable usb output, disable uart output
pico_enable_stdio_usb(TCPclient 1)
pico_enable_stdio_uart(TCPclient 0)
target_compile_definitions(TCPclient PRIVATE
# CYW43_NETUTILS
# PICO_CYW43_ARCH_FREERTOS
TEST_TCP_SERVER_IP=\"${TEST_TCP_SERVER_IP}\"
WIFI_SSID=\"${WIFI_SSID}\"
WIFI_PASSWORD=\"${WIFI_PASSWORD}\"
PICO_CYW43_ARCH_POLL
NO_SYS=1
# SYS_LIGHTWEIGHT_PROT=1
)
target_link_libraries(TCPclient
pico_stdlib
pico_rand
# pico_cyw43_arch_lwip_sys_freertos
# pico_cyw43_arch_lwip_poll
# pico_cyw43_arch_none
pico_lwip
# pico_lwip_core4
# pico_lwip_core6
pico_cyw43_arch
pico_lwip_nosys
pico_async_context_poll
# pico_lwip_iperf
# pico_lwip_freertos
# pico_async_context_freertos
# pico_lwip_port
# pico_cyw43_driver
# pico_lwip_api
pico_lwip_netif
# FreeRTOS-Kernel
# FreeRTOS-Kernel-Heap4 # FreeRTOS kernel and dynamic heap
)
pico_add_extra_outputs(TCPclient)
endif()
add_executable(Wifi
src/blink.c
@ -151,6 +141,7 @@ pico_enable_stdio_usb(tcp_Client 1)
pico_enable_stdio_uart(tcp_Client 0)
target_compile_definitions(tcp_Client PRIVATE
WOLFSSL_USER_SETTINGS
WIFI_SSID=\"${WIFI_SSID}\"
WIFI_PASSWORD=\"${WIFI_PASSWORD}\"
TEST_TCP_SERVER_IP=\"${TEST_TCP_SERVER_IP}\"
@ -167,4 +158,37 @@ target_link_libraries(tcp_Client
pico_async_context_poll
)
pico_add_extra_outputs(tcp_Client)
pico_add_extra_outputs(tcp_Client)
add_executable(tls_Client
src/blink.c
src/wifi.c
src/tcp.c
src/tlsClient_main.c
)
# enable usb output, disable uart output
pico_enable_stdio_usb(tls_Client 1)
pico_enable_stdio_uart(tls_Client 0)
target_compile_definitions(tls_Client PRIVATE
WOLFSSL_USER_SETTINGS
WIFI_SSID=\"${WIFI_SSID}\"
WIFI_PASSWORD=\"${WIFI_PASSWORD}\"
TEST_TCP_SERVER_IP=\"${TEST_TCP_SERVER_IP}\"
PICO_CYW43_ARCH_POLL
NO_SYS=1
)
target_link_libraries(tls_Client
pico_stdlib
pico_rand
pico_lwip
pico_cyw43_arch
pico_lwip_nosys
pico_async_context_poll
wolfssl
)
pico_add_extra_outputs(tls_Client)

10
RPi-Pico/config/user_settings.h
View File

@ -32,8 +32,12 @@ extern "C"
{
#endif
#include <stdio.h>
#define TARGET_EMBEDDED
extern time_t myTime(time_t *);
#define XTIME(t) myTime(t)
/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
@ -106,7 +110,9 @@ extern "C"
/* Maximum math bits (Max RSA key bits * 2) */
#define FP_MAX_BITS 4096
#endif
#endif
#if 1
/* half as much memory but twice as slow */
// #define RSA_LOW_MEM
@ -121,7 +127,7 @@ extern "C"
/* DH */
#undef NO_DH
#if 0
#if 1
/* Use table for DH instead of -lm (math) lib dependency */
#if 1
#define WOLFSSL_DH_CONST
@ -140,7 +146,7 @@ extern "C"
#define HAVE_ECC
/* Manually define enabled curves */
#define ECC_USER_CURVES
//#define ECC_USER_CURVES
#ifdef ECC_USER_CURVES
/* Manual Curve Selection */

6
RPi-Pico/include/wolf/tcp.h
View File

@ -29,7 +29,7 @@
#include "wolf/common.h"
#define DEBUG_printf printf
#define BUF_SIZE 2048
#define BUF_SIZE (4096*2)
typedef struct {
struct tcp_pcb *tcp_pcb;
@ -45,5 +45,5 @@ typedef struct {
WOLF_SOCKET_T *wolf_TCPsocket(void);
static err_t wolf_TCPfree(WOLF_SOCKET_T *);
bool wolf_TCPconnect(WOLF_SOCKET_T *, const char*, uint32_t);
size_t wolf_TCPwrite(WOLF_SOCKET_T *, const unsigned char *, uint32_t);
size_t wolf_TCPread(WOLF_SOCKET_T *, unsigned char *, uint32_t);
int wolf_TCPread (WOLF_SOCKET_T *, unsigned char *, long unsigned int);
int wolf_TCPwrite(WOLF_SOCKET_T *, const unsigned char *, long unsigned int);

12
RPi-Pico/src/bench_main.c
View File

@ -20,6 +20,9 @@
*/
#include <stdint.h>
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/ssl.h"
#include <wolfcrypt/benchmark/benchmark.h>
#include <stdio.h>
@ -27,6 +30,8 @@
#include "pico/cyw43_arch.h"
#include "wolf/blink.h"
int main(int argc, char **argv)
{
int i;
@ -37,3 +42,10 @@ int main(int argc, char **argv)
printf("End: %d\n", ret);
return ret;
}
#include <time.h>
time_t myTime(time_t *t)
{
*t = (((2023 - 1970) * 12 + 8) * 30 * 24 * 60 * 60);
return *t;
}

123
RPi-Pico/src/tcp.c
View File

@ -23,13 +23,12 @@
#include "pico/cyw43_arch.h"
#include "pico/stdlib.h"
#include "lwip/pbuf.h"
#include "lwip/tcp.h"
//#include "lwip/ip_addr.h"
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/ssl.h"
#include "wolf/tcp.h"
#define DEBUG_printf printf
#define BUF_SIZE 2048
#include "lwip/pbuf.h"
#include "lwip/tcp.h"
#define TEST_ITERATIONS 10
#define POLL_TIME_S 5
@ -37,6 +36,18 @@
#define TEST_TASK_PRIORITY (tskIDLE_PRIORITY + 2UL)
#define BLINK_TASK_PRIORITY (tskIDLE_PRIORITY + 1UL)
static void dump_bytes(const uint8_t *p, uint32_t len)
{
for (; len; len--, p++) {
if (((unsigned long)p & 0x07) == 0) {
DEBUG_printf("\n");
}
DEBUG_printf("%02x ", *p);
}
DEBUG_printf("\n");
}
err_t wolf_TCPclose(WOLF_SOCKET_T *sock)
{
err_t err = ERR_OK;
@ -48,8 +59,7 @@ err_t wolf_TCPclose(WOLF_SOCKET_T *sock)
tcp_recv(sock->tcp_pcb, NULL);
tcp_err(sock->tcp_pcb, NULL);
err = tcp_close(sock->tcp_pcb);
if (err != ERR_OK)
{
if (err != ERR_OK) {
DEBUG_printf("close failed %d, calling abort\n", err);
tcp_abort(sock->tcp_pcb);
err = ERR_ABRT;
@ -60,8 +70,6 @@ err_t wolf_TCPclose(WOLF_SOCKET_T *sock)
return err;
}
// Called with results of operation
// Called with results of operation
static err_t tcp_result(WOLF_SOCKET_T *sock, int status)
{
if (status == 0) {
@ -100,29 +108,24 @@ static err_t lwip_cb_client_sent(void *arg, struct tcp_pcb *tpcb, u16_t len)
static err_t lwip_cb_client_connected(void *arg, struct tcp_pcb *tpcb, err_t err)
{
char msg[] = "Hello Server";
WOLF_SOCKET_T *sock = (WOLF_SOCKET_T *)arg;
if (err != ERR_OK)
{
printf("connect failed %d\n", err);
DEBUG_printf("connect failed %d\n", err);
return tcp_result(arg, err);
}
sock->connected = true;
DEBUG_printf("Connected.\n");
return ERR_OK;
}
static err_t lwip_cb_client_poll(void *arg, struct tcp_pcb *tpcb)
{
DEBUG_printf("tcp_client_poll\n");
return tcp_result(arg, -1); // no response is an error?
}
static void lwip_cb_client_err(void *arg, err_t err)
{
if (err != ERR_ABRT)
{
if (err != ERR_ABRT) {
DEBUG_printf("tcp_client_err %d\n", err);
tcp_result(arg, err);
}
@ -131,36 +134,20 @@ static void lwip_cb_client_err(void *arg, err_t err)
static err_t lwip_cb_client_recv(void *arg, struct tcp_pcb *tpcb, struct pbuf *p, err_t err)
{
WOLF_SOCKET_T *sock = (WOLF_SOCKET_T *)arg;
if (!p)
{
if (!p) {
return tcp_result(arg, -1);
}
// this method is callback from lwIP, so cyw43_arch_lwip_begin is not required, however you
// can use this method to cause an assertion in debug mode, if this method is called when
// cyw43_arch_lwip_begin IS needed
cyw43_arch_lwip_check();
if (p->tot_len > 0)
{
DEBUG_printf("recv %d err %d\n", p->tot_len, err);
// Receive the buffer
const uint16_t buffer_left = BUF_SIZE - sock->buffer_len;
sock->buffer_len += pbuf_copy_partial(p, sock->buffer + sock->buffer_len,
p->tot_len > buffer_left ? buffer_left : p->tot_len, 0);
tcp_recved(tpcb, p->tot_len);
DEBUG_printf("sock->buffer_len = %d\n", sock->buffer_len);
}
pbuf_free(p);
// If we have received the whole buffer, send it back to the server
if (sock->buffer_len == BUF_SIZE)
{
DEBUG_printf("Writing %d bytes to server\n", sock->buffer_len);
err_t err = tcp_write(tpcb, sock->buffer, sock->buffer_len, TCP_WRITE_FLAG_COPY);
if (err != ERR_OK)
{
DEBUG_printf("Failed to write data %d\n", err);
return tcp_result(arg, -1);
}
}
return ERR_OK;
}
@ -170,8 +157,7 @@ bool wolf_TCPconnect(WOLF_SOCKET_T *sock, const char *ip, uint32_t port)
DEBUG_printf("wolf_TCPconnect: Connecting to %s port %u\n", ip4addr_ntoa(&sock->remote_addr), port);
sock->tcp_pcb = tcp_new_ip_type(IP_GET_TYPE(&sock->remote_addr));
if (!sock->tcp_pcb)
{
if (!sock->tcp_pcb) {
DEBUG_printf("failed to create pcb\n");
return false;
}
@ -184,18 +170,20 @@ bool wolf_TCPconnect(WOLF_SOCKET_T *sock, const char *ip, uint32_t port)
sock->buffer_len = 0;
// cyw43_arch_lwip_begin/end should be used around calls into lwIP to ensure correct locking.
// You can omit them if you are in a callback from lwIP. Note that when using pico_cyw_arch_poll
// these calls are a no-op and can be omitted, but it is a good practice to use them in
// case you switch the cyw43_arch type later.
cyw43_arch_lwip_begin();
err_t err = tcp_connect(sock->tcp_pcb, &sock->remote_addr, port, lwip_cb_client_connected);
cyw43_arch_lwip_end();
if (err == ERR_OK)
DEBUG_printf("wolf_TCPconnect: Connected");
else
DEBUG_printf("wolf_TCPconnect: Connecting");
else {
DEBUG_printf("wolf_TCPconnect: Failed");
return err == ERR_OK;
return WOLF_FAIL;
}
while (sock->connected != true) {
cyw43_arch_poll();
cyw43_arch_wait_for_work_until(make_timeout_time_ms(1000));
}
return WOLF_SUCCESS;
}
// get a new TCP client
@ -210,32 +198,53 @@ WOLF_SOCKET_T *wolf_TCPsocket()
return sock;
}
size_t wolf_TCPwrite(WOLF_SOCKET_T *sock, const unsigned char *buff, uint32_t len)
int wolf_TCPwrite(WOLF_SOCKET_T *sock, const unsigned char *buff, long unsigned int len)
{
return tcp_write(sock->tcp_pcb, buff, len, TCP_WRITE_FLAG_COPY);
int ret;
int i;
DEBUG_printf("wolf_TCPread(%lx, %lx, %d)\n", sock, buff, len);
sock->sent_len = 0;
ret = tcp_write(sock->tcp_pcb, buff, len, TCP_WRITE_FLAG_COPY);
if (ret == ERR_OK) {
tcp_output(sock->tcp_pcb);
}
while(sock->sent_len < len) {
putchar('>');
cyw43_arch_poll();
cyw43_arch_wait_for_work_until(make_timeout_time_ms(1000));
}
putchar('\n');
return (int)len;
}
size_t wolf_TCPread(WOLF_SOCKET_T *sock, unsigned char *buff, uint32_t len)
int wolf_TCPread(WOLF_SOCKET_T *sock, unsigned char *buff, long unsigned int len)
{
int recv_len;
int remained;
int i;
#define POLLING 200
DEBUG_printf("wolf_TCPread(%lx, %lx, %d)\n", sock, buff, len);
while(1) {
for(i=0; i<POLLING; i++) {
if(sock->buffer_len > 0) {
recv_len = len < sock->buffer_len ? len : sock->buffer_len;
memcpy(sock->buffer, buff,recv_len);
if(recv_len == len) {
memcpy(buff, sock->buffer, recv_len);
if(recv_len >= len) {
remained = sock->buffer_len - recv_len;
sock->buffer_len = remained;
memcpy(sock->buffer, sock->buffer+recv_len, remained);
for(i=0; i<remained; i++)
sock->buffer[i] = sock->buffer[i+recv_len];
} else
sock->buffer_len = 0;
return recv_len;
} else {
printf("cyw43_arch_poll()\n");
cyw43_arch_poll();
cyw43_arch_wait_for_work_until(make_timeout_time_ms(1000));
}
DEBUG_printf("\n");
return recv_len;
}
DEBUG_printf(">");
cyw43_arch_poll();
cyw43_arch_wait_for_work_until(make_timeout_time_ms(1000));
}
}

16
RPi-Pico/src/tcpClient_main.c
View File

@ -31,17 +31,6 @@
#define TCP_PORT 1111
static void dump_bytes(const uint8_t *p, uint32_t len)
{
for (; len; len--, p++) {
if (((unsigned long)p & 0x07) == 0) {
printf("\n");
}
printf("%02x ", *p);
}
printf("\n");
}
void tcpClient_test(void)
{
int i;
@ -57,7 +46,7 @@ void tcpClient_test(void)
printf("ERROR:wolf_TCPsocke()\n");
return;
}
if (!wolf_TCPconnect(sock, TEST_TCP_SERVER_IP, TCP_PORT)) {
if (wolf_TCPconnect(sock, TEST_TCP_SERVER_IP, TCP_PORT) != WOLF_SUCCESS) {
printf("ERROR:wolf_TCPconnect()\n");
goto exit;
}
@ -75,8 +64,7 @@ void tcpClient_test(void)
DEBUG_printf("Failed to read data. err=%d\n", err);
goto exit;
}
DEBUG_printf("Read data %d bytes\n", err);
dump_bytes(buffer, err);
DEBUG_printf("Read data %d bytes: %s\n", err, buffer);
exit:
free(sock);

53
RPi-Pico/src/test_main.c 100644
View File

@ -0,0 +1,53 @@
/* bench_main.c
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <stdint.h>
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/ssl.h"
#include <wolfcrypt/test/test.h>
#include <stdio.h>
#include "pico/stdlib.h"
#include "pico/cyw43_arch.h"
#include "wolf/blink.h"
int main(int argc, char **argv)
{
int i;
int ret;
blink(10, WOLF_BLINK_INIT);
wolfSSL_Init();
wolfSSL_Debugging_ON();
ret = wolfcrypt_test(NULL);
printf("End: %d\n", ret);
return ret;
}
#include <time.h>
time_t myTime(time_t *t)
{
*t = (((2023 - 1970) * 12 + 8) * 30 * 24 * 60 * 60);
return *t;
}

190
RPi-Pico/src/tlsClient_main.c 100644
View File

@ -0,0 +1,190 @@
/* tcpClient_main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <stdio.h>
#include "pico/stdlib.h"
#include "pico/cyw43_arch.h"
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/ssl.h"
#include "wolf/common.h"
#include "wolf/tcp.h"
#include "wolf/wifi.h"
#include "wolf/blink.h"
#include "lwip/tcp.h"
#include "wolfssl/wolfcrypt/settings.h"
#include "wolfssl/ssl.h"
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
#include <wolfssl/certs_test.h>
#define TCP_PORT 1111
int wolf_cb_TCPwrite(WOLFSSL *ssl, const unsigned char *buff, long unsigned int len, void *ctx)
{
(void)ssl;
unsigned long ret;
WOLF_SOCKET_T *sock = (WOLF_SOCKET_T *)ctx;
printf("wolf_cb_TCPwrite(%lx, %d, %lx)\n", (unsigned long)buff, len, (unsigned long)ctx);
ret = wolf_TCPwrite(sock, buff, len);
printf("ret = %d\n", ret);
return ret;
}
int wolf_cb_TCPread(WOLFSSL *ssl, unsigned char *buff, long unsigned int len, void *ctx)
{
(void)ssl;
WOLF_SOCKET_T *sock = (WOLF_SOCKET_T *)ctx;
int ret;
printf("wolf_cb_TCPread(%lx, %d, %lx)\n", (unsigned long)buff, len, (unsigned long)ctx);
ret = wolf_TCPread(sock, buff, len);
printf("ret = %d\n", ret);
return ret;
}
void tlsClient_test(void)
{
int i;
int ret;
#define BUFF_SIZE 2048
static char buffer[BUFF_SIZE];
char msg[] = "Hello Server";
WOLF_SOCKET_T *sock = NULL;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
printf("tlsClient_test\n");
/* Initialize wolfSSL */
wolfSSL_Init();
wolfSSL_Debugging_ON();
if ((ctx = wolfSSL_CTX_new((wolfTLSv1_2_client_method()))) == NULL) {
printf("ERROR:wolfSSL_CTX_new()\n");
return;
}
printf("wolfSSL_CTX_new: %lx\n", (unsigned long)ctx);
/* Load client certificates into WOLFSSL_CTX */
if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, SSL_FILETYPE_ASN1)) != WOLFSSL_SUCCESS) {
printf("ERROR: failed to load CA cert. %d\n", ret);
goto exit;
}
printf("wolfSSL_SetIO: ");
wolfSSL_SetIORecv(ctx, (CallbackIORecv)wolf_cb_TCPread);
wolfSSL_SetIOSend(ctx, (CallbackIOSend)wolf_cb_TCPwrite);
printf("Done ");
if ((sock = wolf_TCPsocket()) == NULL) {
printf("ERROR:wolf_TCPsocke()\n");
return;
}
printf("wolf_TCPsocket: %lx\n", (unsigned long)sock);
if ((ret = wolf_TCPconnect(sock, TEST_TCP_SERVER_IP, TCP_PORT) != WOLF_SUCCESS)) {
printf("ERROR:wolf_TCPconnect\n");
goto exit;
}
printf("wolf_TCPconnect: %d\n", ret);
if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
ret = -1;
goto exit;
}
printf("wolfSSL_SetIOctx: ");
wolfSSL_SetIOReadCtx(ssl, sock);
wolfSSL_SetIOWriteCtx(ssl, sock);
printf("Done\n");
if ((ret = wolfSSL_connect(ssl)) != WOLFSSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to connect to wolfSSL(%d)\n",
wolfSSL_get_error(ssl, ret));
goto exit;
}
DEBUG_printf("Writing to server: %s\n", msg);
ret = wolfSSL_write(ssl, msg, strlen(msg));
if (ret < 0) {
DEBUG_printf("Failed to write data. err=%d\n", ret);
goto exit;
}
DEBUG_printf("Writen data %d bytes\n", ret);
ret = wolfSSL_read(ssl, buffer, BUFF_SIZE);
if (ret < 0) {
DEBUG_printf("Failed to read data. err=%d\n", ret);
goto exit;
}
DEBUG_printf("Read data %d bytes\nMessage: %s", ret, buffer);
exit:
if (ssl)
wolfSSL_free(ssl); /* Free the wolfSSL object */
if (sock)
free(sock); /* Close the connection to the server */
if (ctx)
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
}
void main(void)
{
blink(20, 1);
printf("Started main_task\n");
cyw43_arch_enable_sta_mode();
printf("Connecting to Wi-Fi...\n");
printf("WIFI_SSID=%s, WIFI_PASSWORD=%s\n", WIFI_SSID, WIFI_PASSWORD);
if (wolf_wifiConnect(WIFI_SSID, WIFI_PASSWORD, CYW43_AUTH_WPA2_AES_PSK, 30000)) {
printf("failed to connect.\n");
return;
} else {
printf("Connected.\n");
}
cyw43_arch_lwip_begin();
printf("\nReady, starting TLS client\n");
tlsClient_test();
cyw43_arch_lwip_end();
cyw43_arch_deinit();
printf("End of iperf client\n");
}
void lwip_example_app_platform_assert(const char *msg, int line, const char *file)
{
printf("Assertion \"%s\" failed at line %d in %s\n", msg, line, file);
fflush(NULL);
}
#include <time.h>
time_t myTime(time_t *t)
{
*t = (((2023 - 1970) * 365 + (8 * 30)) * 24 * 60 * 60);
return *t;
}

542
RPi-Pico/user_settings.h
View File

@ -1,542 +0,0 @@
/* user_settings.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Example wolfSSL user settings with #if 0/1 gates to enable/disable algorithms and features.
* This file is included with wolfssl/wolfcrypt/settings.h when WOLFSSL_USER_SETTINGS is defined.
* Based on IDE/GCC-ARM/Headers/user_settings.h
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H
#ifdef __cplusplus
extern "C"
{
#endif
#define TARGET_EMBEDDED
/* ------------------------------------------------------------------------- */
/* Platform */
/* ------------------------------------------------------------------------- */
#define WOLFSSL_GENERAL_ALIGNMENT 4
#define SIZEOF_LONG_LONG 8
#if 0
#define NO_64BIT /* disable use of 64-bit variables */
#endif
#ifdef TARGET_EMBEDDED
/* disable mutex locking */
#define SINGLE_THREADED
/* reduce stack use. For variables over 100 bytes allocate from heap */
#define WOLFSSL_SMALL_STACK
/* Disable the built-in socket support and use the IO callbacks.
* Set IO callbacks with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
*/
#define WOLFSSL_USER_IO
#endif
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
/* Wolf Single Precision Math */
#if 1
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
// #define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
// #define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
// #define WOLFSSL_SP_CACHE_RESISTANT
// #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
// #define WOLFSSL_SP_NO_MALLOC
// #define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
#ifdef TARGET_EMBEDDED
/* use smaller version of code */
//#define WOLFSSL_SP_SMALL
#else
/* SP Assembly Speedups - specific to chip type */
#define WOLFSSL_SP_ASM
#endif
// #define WOLFSSL_SP_X86_64
// #define WOLFSSL_SP_X86
// #define WOLFSSL_SP_ARM32_ASM
// #define WOLFSSL_SP_ARM64_ASM
// #define WOLFSSL_SP_ARM_THUMB_ASM
// #define WOLFSSL_SP_ARM_CORTEX_M_ASM
#elif 1
/* Fast Math (tfm.c) (stack based and timing resistant) */
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#else
/* Normal (integer.c) (heap based, not timing resistant) - not recommended*/
#define USE_INTEGER_HEAP_MATH
#endif
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
/* RSA */
#undef NO_RSA
#if 0
#ifdef USE_FAST_MATH
/* Maximum math bits (Max RSA key bits * 2) */
#define FP_MAX_BITS 4096
#endif
/* half as much memory but twice as slow */
// #define RSA_LOW_MEM
/* Enables blinding mode, to prevent timing attacks */
#define WC_RSA_BLINDING
/* RSA PSS Support */
#define WC_RSA_PSS
#else
#define NO_RSA
#endif
/* DH */
#undef NO_DH
#if 0
/* Use table for DH instead of -lm (math) lib dependency */
#if 1
#define WOLFSSL_DH_CONST
#define HAVE_FFDHE_2048
// #define HAVE_FFDHE_4096
// #define HAVE_FFDHE_6144
// #define HAVE_FFDHE_8192
#endif
#else
#define NO_DH
#endif
/* ECC */
#undef HAVE_ECC
#if 1
#define HAVE_ECC
/* Manually define enabled curves */
#define ECC_USER_CURVES
#ifdef ECC_USER_CURVES
/* Manual Curve Selection */
// #define HAVE_ECC192
// #define HAVE_ECC224
#undef NO_ECC256
// #define HAVE_ECC384
// #define HAVE_ECC521
#endif
/* Fixed point cache (speeds repeated operations against same private key) */
// #define FP_ECC
#ifdef FP_ECC
/* Bits / Entries */
#define FP_ENTRIES 2
#define FP_LUT 4
#endif
/* Optional ECC calculation method */
/* Note: doubles heap usage, but slightly faster */
#define ECC_SHAMIR
/* Reduces heap usage, but slower */
#define ECC_TIMING_RESISTANT
/* Compressed ECC Key Support */
// #define HAVE_COMP_KEY
/* Use alternate ECC size for ECC math */
#ifdef USE_FAST_MATH
/* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
#if defined(NO_RSA) && defined(NO_DH)
/* Custom fastmath size if not using RSA/DH */
#define FP_MAX_BITS (256 * 2)
#else
/* use heap allocation for ECC points */
#define ALT_ECC_SIZE
/* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
// #define FP_MAX_BITS_ECC (256 * 2)
#endif
/* Speedups specific to curve */
#ifndef NO_ECC256
#define TFM_ECC256
#endif
#endif
#endif
/* AES */
#undef NO_AES
#if 1
#define HAVE_AES_CBC
/* GCM Method: GCM_TABLE_4BIT, GCM_SMALL, GCM_WORD32 or GCM_TABLE */
#define HAVE_AESGCM
#if 0 //TARGET_EMBEDDED
#define GCM_SMALL
#else
#define GCM_TABLE_4BIT
#endif
// #define WOLFSSL_AES_DIRECT
// #define HAVE_AES_ECB
// #define WOLFSSL_AES_COUNTER
// #define HAVE_AESCCM
#else
#define NO_AES
#endif
/* DES3 */
#undef NO_DES3
#if 0
#else
#define NO_DES3
#endif
/* ChaCha20 / Poly1305 */
#undef HAVE_CHACHA
#undef HAVE_POLY1305
#if 1
#define HAVE_CHACHA
#define HAVE_POLY1305
/* Needed for Poly1305 */
#define HAVE_ONE_TIME_AUTH
#endif
/* Ed25519 / Curve25519 */
#undef HAVE_CURVE25519
#undef HAVE_ED25519
#if 1
#define HAVE_CURVE25519
#define HAVE_ED25519 /* ED25519 Requires SHA512 */
/* Optionally use small math (less flash usage, but much slower) */
#if 0
#define CURVED25519_SMALL
#endif
#endif
/* Ed448 / Curve448 */
#undef HAVE_CURVE448
#undef HAVE_ED448
#if 1
#define HAVE_CURVE448
#define HAVE_ED448 /* ED448 Requires SHA512 */
/* Optionally use small math (less flash usage, but much slower) */
#if 0
#define CURVED448_SMALL
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Hashing */
/* ------------------------------------------------------------------------- */
/* Sha */
#undef NO_SHA
#if 1
/* 1k smaller, but 25% slower */
// #define USE_SLOW_SHA
#else
#define NO_SHA
#endif
/* Sha256 */
#undef NO_SHA256
#if 1
/* not unrolled - ~2k smaller and ~25% slower */
// #define USE_SLOW_SHA256
/* Sha224 */
#if 0
#define WOLFSSL_SHA224
#endif
#else
#define NO_SHA256
#endif
/* Sha512 */
#undef WOLFSSL_SHA512
#if 1
#define WOLFSSL_SHA512
/* Sha384 */
#undef WOLFSSL_SHA384
#if 1
#define WOLFSSL_SHA384
#endif
/* over twice as small, but 50% slower */
//#define USE_SLOW_SHA512
#endif
/* Sha3 */
#undef WOLFSSL_SHA3
#if 1
#define WOLFSSL_SHA3
#endif
/* MD5 */
#undef NO_MD5
#if 0
#else
#define NO_MD5
#endif
/* HKDF */
#undef HAVE_HKDF
#if 1
#define HAVE_HKDF
#endif
/* CMAC */
#undef WOLFSSL_CMAC
#if 0
#define WOLFSSL_CMAC
#endif
/* ------------------------------------------------------------------------- */
/* Benchmark / Test */
/* ------------------------------------------------------------------------- */
#ifdef TARGET_EMBEDDED
/* Use reduced benchmark / test sizes */
#define BENCH_EMBEDDED
#endif
/* Use test buffers from array (not filesystem) */
#ifndef NO_FILESYSTEM
#define USE_CERT_BUFFERS_256
#define USE_CERT_BUFFERS_2048
#endif
/* ------------------------------------------------------------------------- */
/* Debugging */
/* ------------------------------------------------------------------------- */
#undef DEBUG_WOLFSSL
#undef NO_ERROR_STRINGS
#if 0
#define DEBUG_WOLFSSL
#else
#if 0
#define NO_ERROR_STRINGS
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Memory */
/* ------------------------------------------------------------------------- */
/* Override Memory API's */
#if 0
#define XMALLOC_OVERRIDE
/* prototypes for user heap override functions */
/* Note: Realloc only required for normal math */
#include <stddef.h> /* for size_t */
extern void *myMalloc(size_t n, void* heap, int type);
extern void myFree(void *p, void* heap, int type);
extern void *myRealloc(void *p, size_t n, void* heap, int type);
#define XMALLOC(n, h, t) myMalloc(n, h, t)
#define XFREE(p, h, t) myFree(p, h, t)
#define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
#endif
#if 0
/* Static memory requires fast math */
#define WOLFSSL_STATIC_MEMORY
/* Disable fallback malloc/free */
#define WOLFSSL_NO_MALLOC
#if 1
#define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
#endif
#endif
/* Memory callbacks */
#if 0
#undef USE_WOLFSSL_MEMORY
#define USE_WOLFSSL_MEMORY
/* Use this to measure / print heap usage */
#if 0
#define WOLFSSL_TRACK_MEMORY
#define WOLFSSL_DEBUG_MEMORY
#endif
#else
#ifndef WOLFSSL_STATIC_MEMORY
#define NO_WOLFSSL_MEMORY
/* Otherwise we will use stdlib malloc, free and realloc */
#endif
#endif
/* ------------------------------------------------------------------------- */
/* Port */
/* ------------------------------------------------------------------------- */
/* Override Current Time */
#if 0
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
#define WOLFSSL_GMTIME
#define USER_TICKS
extern unsigned long my_time(unsigned long* timer);
#define XTIME my_time
#endif
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
/* Choose RNG method */
#if 1
/* Custom Seed Source */
/* Size of returned HW RNG value */
//#define CUSTOM_RAND_TYPE unsigned int
unsigned long get_rand_32(void);
#undef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_GENERATE get_rand_32
#endif
#if 1
/* Use built-in P-RNG (SHA256 based) with HW RNG */
/* P-RNG + HW RNG (P-RNG is ~8K) */
#undef HAVE_HASHDRBG
#define HAVE_HASHDRBG
#else
#undef WC_NO_HASHDRBG
#define WC_NO_HASHDRBG
#endif
#if 0
/* Bypass P-RNG and use only HW RNG */
extern int my_rng_gen_block(unsigned char *output, unsigned int sz);
#undef CUSTOM_RAND_GENERATE_BLOCK
#define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
#endif
/* ------------------------------------------------------------------------- */
/* Custom Standard Lib */
/* ------------------------------------------------------------------------- */
/* Allows override of all standard library functions */
#undef STRING_USER
#if 0
#define STRING_USER
#include <string.h>
#define USE_WOLF_STRSEP
#define XSTRSEP(s1, d) wc_strsep((s1), (d))
#define USE_WOLF_STRTOK
#define XSTRTOK(s1, d, ptr) wc_strtok((s1), (d), (ptr))
#define XSTRNSTR(s1, s2, n) mystrnstr((s1), (s2), (n))
#define XMEMCPY(d, s, l) memcpy((d), (s), (l))
#define XMEMSET(b, c, l) memset((b), (c), (l))
#define XMEMCMP(s1, s2, n) memcmp((s1), (s2), (n))
#define XMEMMOVE(d, s, l) memmove((d), (s), (l))
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1, s2, n) strncpy((s1), (s2), (n))
#define XSTRSTR(s1, s2) strstr((s1), (s2))
#define XSTRNCMP(s1, s2, n) strncmp((s1), (s2), (n))
#define XSTRNCAT(s1, s2, n) strncat((s1), (s2), (n))
#define XSTRNCASECMP(s1, s2, n) strncasecmp((s1), (s2), (n))
#define XSNPRINTF snprintf
#endif
/* ------------------------------------------------------------------------- */
/* Enable Features */
/* ------------------------------------------------------------------------- */
#define WOLFSSL_TLS13
#define WOLFSSL_OLD_PRIME_CHECK /* Use faster DH prime checking */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_BASE64_ENCODE
// #define WOLFSSL_KEY_GEN /* For RSA Key gen only */
// #define KEEP_PEER_CERT
// #define HAVE_COMP_KEY
/* TLS Session Cache */
#if 0
#define SMALL_SESSION_CACHE
#else
#define NO_SESSION_CACHE
#endif
/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
// #define NO_WOLFSSL_SERVER
// #define NO_WOLFSSL_CLIENT
// #define NO_CRYPT_TEST
// #define NO_CRYPT_BENCHMARK
// #define WOLFCRYPT_ONLY
/* do not warm when file is included to be built and not required to be */
#//define WOLFSSL_IGNORE_FILE_WARN
/* In-lining of misc.c functions */
/* If defined, must include wolfcrypt/src/misc.c in build */
/* Slower, but about 1k smaller */
// #define NO_INLINE
#ifdef TARGET_EMBEDDED
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define NO_DEV_RANDOM
#endif
#define NO_OLD_TLS
#define NO_PSK
#define NO_DSA
#define NO_RC4
#define NO_MD4
#define NO_PWDBASED
// #define NO_CODING
// #define NO_ASN_TIME
// #define NO_CERTS
// #define NO_SIG_WRAPPER
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_USER_SETTINGS_H */