WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

First pass at a BTLE example for ECC encrypt scheme.

pull/67/head
David Garske 2017-07-17 20:20:32 -07:00
parent b21f358dac
commit c423636d77
9 changed files with 382 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -93,3 +93,5 @@ certgen/newCert*
certgen/run_certgen_example
btle/ecc-client
btle/ecc-server

7
README.md
View File

@ -111,6 +111,13 @@ cd ./tls
make
```
#### BTLE
This directory contains examples for securing a Bluetooth Low Energy Link (BTLE).
BTLE packets are small and throughput is low, so these examples demonstrate a way
to exchange data securley without BTLE pariing.
## Notes
When necessary, examples will use the example certificates and keys located

BIN
btle/BTLESecureMessageExchange.pdf 100644
View File

Binary file not shown.

39
btle/Makefile 100644
View File

@ -0,0 +1,39 @@
# BTLE Examples Makefile
CC = gcc
LIB_PATH = /usr/local
CFLAGS = -Wall -I$(LIB_PATH)/include
LIBS = -L$(LIB_PATH)/lib
# option variables
DYN_LIB = -lwolfssl
STATIC_LIB = $(LIB_PATH)/lib/libwolfssl.a
DEBUG_FLAGS = -g -DDEBUG
OPTIMIZE = -Os
# Options
CFLAGS+=$(DEBUG_FLAGS)
#CFLAGS+=$(OPTIMIZE)
#LIBS+=$(DYN_LIB) -lm
.PHONY: clean all
all: ecc-client ecc-server
debug: CFLAGS+=$(DEBUG_FLAGS)
debug: all
# build template
%.o: %.c
gcc -c $< -o $@ $(CFLAGS)
ecc-server: ecc-server.o btle-sim.o $(STATIC_LIB)
$(CC) $^ -o $@ $(LIBS)
ecc-client: ecc-client.o btle-sim.o $(STATIC_LIB)
$(CC) $^ -o $@ $(LIBS)
clean:
rm *.o

27
btle/README.md 100644
View File

@ -0,0 +1,27 @@
# BTLE Examples
Bluetooth Low Energy (BTLE or BLE) is a leightweight / low power wireless protocol. Its supported by Apple iPhone 4s and later and most Android phones. It operates in the 2.4GHz spectrum and has 3 advertising channels and 37 data channels.
These examples demonstrate leightweight methods for exchanging data securley over anytype of publically visible link.
The first phase is key establishment, which is done through some type of shared secret mechanism such as ECDH and a HKDF. ECC was choosen for these examples because its leightweight and widely used.
The second phase is encrypted data communication and data integrity.
## ECC Encrypt/Decrypt Example
See `BTLESecureMessageExchange.pdf` for details.
### Building
The wolfSSL library must be built and installed using './configure --enable-ecc --enable-eccencrypt && make && sudo make install' or by defining `#define HAVE_ECC` and `#defineHAVE_ECC_ENCRYPT`.
### Usage
Use two consoles and STDIN to exchange data between the client and server.
```
./ecc-server
./ecc-client
```

74
btle/btle-sim.c 100644
View File

@ -0,0 +1,74 @@
/* btle-sim.c
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
typedef struct {
int fd;
} BtleDev_t;
static BtleDev_t gBtleDev;
static const char* myfifo = "/tmp/myfifo";
int btle_open(void** dev)
{
int fd;
mkfifo(myfifo, 0666);
fd = open(myfifo, O_WRONLY);
if (fd < 0) {
unlink(myfifo);
return -1;
}
gBtleDev.fd = fd;
if (dev)
*dev = &gBtleDev;
return 0;
}
int btle_send(const unsigned char* buf, int len, void* context)
{
BtleDev_t* dev = (BtleDev_t*)context;
write(dev->fd, buf, len);
return len;
}
int btle_recv(unsigned char* buf, int len, void* context)
{
BtleDev_t* dev = (BtleDev_t*)context;
return read(dev->fd, buf, len);
}
void btle_close(void* context)
{
BtleDev_t* dev = (BtleDev_t*)context;
close(dev->fd);
unlink(myfifo);
}

28
btle/btle-sim.h 100644
View File

@ -0,0 +1,28 @@
/* btle-sim.h
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#define MAX_BTLE_MSG_SIZE 128
int btle_open(void** dev);
int btle_send(const unsigned char* buf, int len, void* context);
int btle_recv(unsigned char* buf, int len, void* context);
void btle_close(void* context);

106
btle/ecc-client.c 100644
View File

@ -0,0 +1,106 @@
/* ecc-server.c
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include "btle-sim.h"
int main(int argc, char** argv)
{
int ret;
WC_RNG rng;
ecEncCtx* cliCtx = NULL;
const byte* mySalt;
void* devCtx = NULL;
byte peerSalt[EXCHANGE_SALT_SZ];
byte buffer[MAX_BTLE_MSG_SIZE];
size_t bufLen;
wolfSSL_Init();
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* open BTLE */
ret = btle_open(&devCtx);
if (ret != 0) {
goto cleanup;
}
ret = wc_InitRng(&rng);
if (ret != 0) {
printf("wc_InitRng failed! %d\n", ret);
goto cleanup;
}
cliCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
if (cliCtx == NULL) {
printf("wc_ecc_ctx_new failed!\n");
ret = -1; goto cleanup;
}
/* Collect Message to send and get echo */
while (1) {
/* get my salt */
mySalt = wc_ecc_ctx_get_own_salt(cliCtx);
if (mySalt == NULL) {
printf("wc_ecc_ctx_get_own_salt failed!\n");
ret = -1; goto cleanup;
}
/* Send my salt */
ret = btle_send(mySalt, EXCHANGE_SALT_SZ, devCtx);
/* Get peer salt */
ret = btle_recv(peerSalt, EXCHANGE_SALT_SZ, devCtx);
wc_ecc_ctx_set_peer_salt(cliCtx, peerSalt);
/* get message to send */
fgets((char*)buffer, sizeof(buffer), stdin);
bufLen = strlen((char*)buffer);
/* send message */
btle_send(buffer, bufLen, devCtx);
/* get response (echo) */
btle_recv(buffer, bufLen, devCtx);
if (strstr((char*)buffer, "EXIT"))
break;
/* reset context (reset my salt) */
ret = wc_ecc_ctx_reset(cliCtx, &rng);
}
cleanup:
if (devCtx != NULL)
btle_close(devCtx);
wolfSSL_Cleanup();
return ret;
}

99
btle/ecc-server.c 100644
View File

@ -0,0 +1,99 @@
/* ecc-server.c
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include "btle-sim.h"
int main(int argc, char** argv)
{
int ret;
WC_RNG rng;
ecEncCtx* srvCtx = NULL;
const byte* mySalt;
void* devCtx = NULL;
byte peerSalt[EXCHANGE_SALT_SZ];
byte buffer[MAX_BTLE_MSG_SIZE];
size_t bufLen;
wolfSSL_Init();
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* open BTLE */
ret = btle_open(&devCtx);
if (ret != 0) {
goto cleanup;
}
ret = wc_InitRng(&rng);
if (ret != 0) {
printf("wc_InitRng failed! %d\n", ret);
goto cleanup;
}
srvCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
if (srvCtx == NULL) {
printf("wc_ecc_ctx_new failed!\n");
ret = -1; goto cleanup;
}
while (1) {
mySalt = wc_ecc_ctx_get_own_salt(srvCtx);
if (mySalt == NULL) {
printf("wc_ecc_ctx_get_own_salt failed!\n");
ret = -1; goto cleanup;
}
/* Get peer salt */
ret = btle_recv(peerSalt, EXCHANGE_SALT_SZ, devCtx);
/* Send my salt */
ret = btle_send(mySalt, EXCHANGE_SALT_SZ, devCtx);
/* get message until null termination found */
btle_recv(buffer, sizeof(buffer), devCtx);
bufLen = strlen((char*)buffer);
btle_send(buffer, bufLen, devCtx);
if (strstr((char*)buffer, "EXIT"))
break;
/* reset context (reset my salt) */
ret = wc_ecc_ctx_reset(srvCtx, &rng);
}
cleanup:
if (devCtx != NULL)
btle_close(devCtx);
wolfSSL_Cleanup();
return ret;
}