WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

update stream example for user CTX

pull/425/head
JacobBarthelmeh 2024-03-04 06:46:53 -07:00
parent 7f7170609e
commit 72dd37e11c
4 changed files with 84 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
pkcs7/envelopedData-ktri-stream.c
View File

@ -30,25 +30,44 @@
#define encodedFileKTRI "envelopedDataKTRI-stream.der" #define encodedFileKTRI "envelopedDataKTRI-stream.der"
FILE *fileOut, *fileIn; typedef struct ExampleIO {
FILE *fileOut;
FILE *fileIn;
} ExampleIO;
static ExampleIO testIO;
#define TEST_SIZE 256 #define TEST_SIZE 256
static byte* contentRead = NULL; static byte* contentRead = NULL;
static int GetContentCB(PKCS7* pkcs7, byte** content) static int GetContentCB(PKCS7* pkcs7, byte** content, void* ctx)
{ {
int ret; int ret;
ExampleIO* io = (ExampleIO*)ctx;
ret = fread(contentRead, 1, TEST_SIZE, fileIn); if (io == NULL) {
printf("Issue getting user ctx in content CB\n");
return -1;
}
ret = fread(contentRead, 1, TEST_SIZE, io->fileIn);
*content = contentRead; *content = contentRead;
return ret; return ret;
} }
static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz) static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz,
void* ctx)
{ {
ExampleIO* io = (ExampleIO*)ctx;
if (io == NULL) {
printf("Issue getting user ctx in stream output CB\n");
return -1;
}
if (outputSz > 0) { if (outputSz > 0) {
if (fwrite(output, 1, outputSz, fileOut) != outputSz) { if (fwrite(output, 1, outputSz, io->fileOut) != outputSz) {
return -1; return -1;
} }
} }
@ -97,7 +116,8 @@ static int envelopedData_encrypt(byte* cert, word32 certSz, byte* key,
pkcs7->encryptOID = AES256CBCb; pkcs7->encryptOID = AES256CBCb;
if (useStreamMode) { if (useStreamMode) {
wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB); wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB,
(void*)&testIO);
} }
/* add recipient using RSA certificate (KTRI type) */ /* add recipient using RSA certificate (KTRI type) */
@ -187,7 +207,7 @@ int main(int argc, char** argv)
#endif #endif
if (argc != 2) { if (argc != 2) {
printf("USAGE: ./%s <content file name>\n", argv[0]); printf("USAGE: %s <content file name>\n", argv[0]);
return -1; return -1;
} }
@ -196,16 +216,16 @@ int main(int argc, char** argv)
return -1; return -1;
} }
fileIn = fopen(argv[1], "rb"); testIO.fileIn = fopen(argv[1], "rb");
if (fileIn == NULL) { if (testIO.fileIn == NULL) {
printf("Issue opening file %s\n", argv[1]); printf("Issue opening file %s\n", argv[1]);
return -1; return -1;
} }
fileOut = fopen(encodedFileKTRI, "wb"); testIO.fileOut = fopen(encodedFileKTRI, "wb");
if (fileOut == NULL) { if (testIO.fileOut == NULL) {
printf("Issue opening file %s\n", encodedFileKTRI); printf("Issue opening file %s\n", encodedFileKTRI);
fclose(fileIn); fclose(testIO.fileIn);
return -1; return -1;
} }
@ -216,14 +236,14 @@ int main(int argc, char** argv)
} }
if (ret == 0) { if (ret == 0) {
fseek(fileIn, 0, SEEK_END); fseek(testIO.fileIn, 0, SEEK_END);
contentSz = ftell(fileIn); contentSz = ftell(testIO.fileIn);
fseek(fileIn, 0, SEEK_SET); fseek(testIO.fileIn, 0, SEEK_SET);
printf("contentSz = %d\n", contentSz); printf("contentSz = %d\n", contentSz);
certSz = sizeof(cert); certSz = sizeof(cert);
keySz = sizeof(key); keySz = sizeof(key);
ret = load_certs(cert, &certSz, key, &keySz); ret = load_certs(cert, &certSz, key, &keySz);
} }
if (ret == 0) { if (ret == 0) {
@ -234,8 +254,8 @@ int main(int argc, char** argv)
printf("Issue %d with encrypt\n", ret); printf("Issue %d with encrypt\n", ret);
} }
} }
fclose(fileIn); fclose(testIO.fileIn);
fclose(fileOut); fclose(testIO.fileOut);
#if 1 #if 1
@ -256,6 +276,7 @@ int main(int argc, char** argv)
printf("error reading file %s\n", encodedFileKTRI); printf("error reading file %s\n", encodedFileKTRI);
ret = -1; ret = -1;
} }
printf("Read %d bytes for encrypted file found\n", encryptedSz);
} }
if (ret == 0) { if (ret == 0) {

2
pkcs7/envelopedData-ktri.c
View File

@ -95,7 +95,7 @@ static int envelopedData_encrypt(byte* cert, word32 certSz, byte* key,
pkcs7->encryptOID = AES256CBCb; pkcs7->encryptOID = AES256CBCb;
if (useStreamMode) { if (useStreamMode) {
wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL); wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL);
} }
/* add recipient using RSA certificate (KTRI type) */ /* add recipient using RSA certificate (KTRI type) */

68
pkcs7/signedData-stream.c
View File

@ -31,23 +31,42 @@
#define encodedFile "signedData_stream.der" #define encodedFile "signedData_stream.der"
FILE *fileOut, *fileIn; typedef struct ExampleIO {
FILE *fileOut;
FILE *fileIn;
} ExampleIO;
static ExampleIO testIO;
#define TEST_SIZE 256 #define TEST_SIZE 256
static byte* contentRead = NULL; static byte* contentRead = NULL;
static int GetContentCB(PKCS7* pkcs7, byte** content) static int GetContentCB(PKCS7* pkcs7, byte** content, void* ctx)
{ {
int ret; int ret;
ExampleIO* io = (ExampleIO*)ctx;
ret = fread(contentRead, 1, TEST_SIZE, fileIn); if (io == NULL) {
printf("Issue getting user ctx in content CB\n");
return -1;
}
ret = fread(contentRead, 1, TEST_SIZE, io->fileIn);
*content = contentRead; *content = contentRead;
return ret; return ret;
} }
static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz) static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz,
void* ctx)
{ {
ExampleIO* io = (ExampleIO*)ctx;
if (io == NULL) {
printf("Issue getting user ctx in stream output CB\n");
return -1;
}
if (outputSz > 0) { if (outputSz > 0) {
#if 0 #if 0
word32 z; word32 z;
@ -56,7 +75,7 @@ static int StreamOutputCB(PKCS7* pkcs7, const byte* output, word32 outputSz)
printf("\n"); printf("\n");
#endif #endif
if (fwrite(output, 1, outputSz, fileOut) != outputSz) { if (fwrite(output, 1, outputSz, io->fileOut) != outputSz) {
return -1; return -1;
} }
} }
@ -141,7 +160,8 @@ static int signedData(byte* cert, word32 certSz, byte* key, word32 keySz,
pkcs7->signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); pkcs7->signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
/* use streaming mode with IO callbacks */ /* use streaming mode with IO callbacks */
wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB); wc_PKCS7_SetStreamMode(pkcs7, 1, GetContentCB, StreamOutputCB,
(void*)&testIO);
/* encode signedData, returns size */ /* encode signedData, returns size */
ret = wc_PKCS7_EncodeSignedData_ex(pkcs7, contentHash, WC_SHA256_DIGEST_SIZE, NULL, &outputSz, NULL, NULL); ret = wc_PKCS7_EncodeSignedData_ex(pkcs7, contentHash, WC_SHA256_DIGEST_SIZE, NULL, &outputSz, NULL, NULL);
@ -154,11 +174,6 @@ static int signedData(byte* cert, word32 certSz, byte* key, word32 keySz,
} else { } else {
printf("Successfully encoded SignedData bundle (%s)\n", printf("Successfully encoded SignedData bundle (%s)\n",
encodedFile); encodedFile);
#ifdef DEBUG_WOLFSSL
printf("Encoded DER (%d bytes):\n", ret);
//WOLFSSL_BUFFER(out, ret);
#endif
} }
wc_PKCS7_Free(pkcs7); wc_PKCS7_Free(pkcs7);
@ -192,11 +207,6 @@ static int signedData_verify(byte* in, word32 inSz, byte* cert,
} }
} else { } else {
printf("Successfully verified SignedData bundle.\n"); printf("Successfully verified SignedData bundle.\n");
#ifdef DEBUG_WOLFSSL
printf("Decoded content (%d bytes):\n", pkcs7->contentSz);
WOLFSSL_BUFFER(pkcs7->content, pkcs7->contentSz);
#endif
} }
wc_PKCS7_Free(pkcs7); wc_PKCS7_Free(pkcs7);
@ -218,6 +228,12 @@ int main(int argc, char** argv)
byte *encrypted = NULL; byte *encrypted = NULL;
byte *decrypted = NULL; byte *decrypted = NULL;
if (argc != 2) {
printf("Expecting content file as input\n");
printf("%s <content file name>\n", argv[0]);
return -1;
}
#ifdef DEBUG_WOLFSSL #ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON(); wolfSSL_Debugging_ON();
#endif #endif
@ -228,8 +244,8 @@ int main(int argc, char** argv)
} }
if (ret == 0) { if (ret == 0) {
fileIn = fopen(argv[1], "rb"); testIO.fileIn = fopen(argv[1], "rb");
if (fileIn == NULL) { if (testIO.fileIn == NULL) {
printf("Issue opening file %s\n", argv[1]); printf("Issue opening file %s\n", argv[1]);
XFREE(contentRead, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(contentRead, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return -1; return -1;
@ -237,10 +253,10 @@ int main(int argc, char** argv)
} }
if (ret == 0) { if (ret == 0) {
fileOut = fopen(encodedFile, "wb"); testIO.fileOut = fopen(encodedFile, "wb");
if (fileOut == NULL) { if (testIO.fileOut == NULL) {
printf("Issue opening file %s\n", encodedFile); printf("Issue opening file %s\n", encodedFile);
fclose(fileIn); fclose(testIO.fileIn);
XFREE(contentRead, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(contentRead, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return -1; return -1;
} }
@ -258,7 +274,7 @@ int main(int argc, char** argv)
if (ret == 0) { if (ret == 0) {
do { do {
readSz = fread(contentRead, 1, TEST_SIZE, fileIn); readSz = fread(contentRead, 1, TEST_SIZE, testIO.fileIn);
if (readSz > 0) { if (readSz > 0) {
ret = wc_Sha256Update(&sha256, contentRead, readSz); ret = wc_Sha256Update(&sha256, contentRead, readSz);
if (ret != 0) { if (ret != 0) {
@ -278,8 +294,8 @@ int main(int argc, char** argv)
wc_Sha256Free(&sha256); wc_Sha256Free(&sha256);
} }
contentSz = ftell(fileIn); contentSz = ftell(testIO.fileIn);
fseek(fileIn, 0, SEEK_SET); fseek(testIO.fileIn, 0, SEEK_SET);
printf("contentSz = %d\n", contentSz); printf("contentSz = %d\n", contentSz);
if (ret == 0) { if (ret == 0) {
@ -294,8 +310,8 @@ int main(int argc, char** argv)
contentHash); contentHash);
} }
fclose(fileIn); fclose(testIO.fileIn);
fclose(fileOut); fclose(testIO.fileOut);
if (encryptedSz < 0) { if (encryptedSz < 0) {
ret = encryptedSz; ret = encryptedSz;
printf("Error %d with signing data\n", ret); printf("Error %d with signing data\n", ret);

2
pkcs7/signedData.c
View File

@ -120,7 +120,7 @@ static int signedData_sign_noattrs(byte* cert, word32 certSz, byte* key,
pkcs7->signedAttribsSz = 0; pkcs7->signedAttribsSz = 0;
if (streamMode) { if (streamMode) {
wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL); wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL, NULL);
} }
if (noCerts) { if (noCerts) {