From fed26fcc7cbb0245e625c52d3a3f62c952954c17 Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Tue, 8 Feb 2022 11:17:54 +0900 Subject: [PATCH] Add command args for cert file --- pq/client-pq-tls13.c | 16 +++++++++++----- pq/falcon_certverify.c | 11 ++++++++++- pq/server-pq-tls13.c | 20 ++++++++++++++++---- 3 files changed, 37 insertions(+), 10 deletions(-) diff --git a/pq/client-pq-tls13.c b/pq/client-pq-tls13.c index ff872c81..9d485641 100644 --- a/pq/client-pq-tls13.c +++ b/pq/client-pq-tls13.c @@ -123,10 +123,15 @@ int main(int argc, char** argv) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; + char *cert_file = CERT_FILE; + /* Check for proper calling convention */ - if (argc != 2) { - printf("usage: %s \n", argv[0]); + if (argc != 2 && argc != 3) { + printf("usage: %s []\n", argv[0]); + printf("Default Root cert: %s\n", cert_file); return 0; + } else if (argc == 3) { + cert_file = argv[2]; } /* Create a socket that uses an internet IPv4 address, @@ -134,7 +139,8 @@ int main(int argc, char** argv) * 0 means choose the default protocol. */ if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { fprintf(stderr, "ERROR: failed to create the socket\n"); - ret = -1; goto exit; + ret = -1; + goto exit; } /* Initialize the server address struct with zeros */ @@ -173,10 +179,10 @@ int main(int argc, char** argv) } /* Load client certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CERT_FILE, NULL)) + if ((ret = wolfSSL_CTX_load_verify_locations(ctx, cert_file, NULL)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", - CERT_FILE); + cert_file); goto exit; } diff --git a/pq/falcon_certverify.c b/pq/falcon_certverify.c index 43998b86..fca309b6 100644 --- a/pq/falcon_certverify.c +++ b/pq/falcon_certverify.c @@ -25,7 +25,7 @@ #include #include -int main(void) +int main(int argc, char **argv) { int ret; WOLFSSL_CERT_MANAGER* cm = NULL; @@ -33,6 +33,15 @@ int main(void) const char* caCert = "./falcon_level5_root_cert.pem"; const char* verifyCert = "./falcon_level5_entity_cert.pem"; + if(argc == 3) { + caCert = argv[1]; + verifyCert = argv[2]; + } else if (argc != 1) { + printf("usage: %s [ ]\n", argv[0]); + printf("Default CA Cert: %s, verify Cert: %s\n", caCert, verifyCert); + return 0; + } + wolfSSL_Init(); #ifdef DEBUG_WOLFSSL wolfSSL_Debugging_ON(); diff --git a/pq/server-pq-tls13.c b/pq/server-pq-tls13.c index 622beda7..568ef978 100644 --- a/pq/server-pq-tls13.c +++ b/pq/server-pq-tls13.c @@ -155,10 +155,22 @@ int main(int argc, char** argv) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; + char *cert_file = CERT_FILE; + char *key_file = KEY_FILE; + #ifdef HAVE_SIGNAL signal(SIGINT, sig_handler); #endif + if(argc == 3) { + cert_file = argv[1]; + key_file = argv[2]; + } else if (argc != 1) { + printf("usage: %s [ ]\n", argv[0]); + printf("Default cert file: %s, key file: %s\n", cert_file, key_file); + return 0; + } + /* Initialize wolfSSL */ wolfSSL_Init(); @@ -178,18 +190,18 @@ int main(int argc, char** argv) } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, cert_file, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", - CERT_FILE); + cert_file); goto exit; } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, key_file, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", - KEY_FILE); + key_file); goto exit; }