WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #378 from tim-weller-wolfssl/example-updates 

wolfSSL example updates based on testing with wolfSSL v5.5.4-stable
pull/382/head
JacobBarthelmeh 2023-04-05 15:25:08 -06:00 committed by GitHub
parent 9688f1b635 013a6da63d
commit ccfd90982b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
33 changed files with 209 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SE050/README.md
View File

@ -8,7 +8,7 @@ written for and tested on a Raspberry Pi with NXP SE050 EdgeLock development
kit.
For complete details on wolfSSL's support for NXP SE050, see
[README_SE050.md](https://www.github.com/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md).
[README_SE050.md](https://www.github.com/wolfssl/wolfssl/tree/master/wolfcrypt/src/port/nxp/README_SE050.md).
That document also describes how to download, build, and compile the SE05x
Middleware. It should be followed first before moving on to installing and
running these examples.

4
certgen/certgen_ca_example.c
View File

@ -30,6 +30,9 @@
#ifdef WOLFSSL_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
static int devId = WOLFSSL_CAAM_DEVID;
#else
static int devId = INVALID_DEVID;
#endif
#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_CERT_GEN) && \
@ -37,7 +40,6 @@
#define HEAP_HINT NULL
#define LARGE_TEMP_SZ 4096
static int devId = WOLFSSL_CAAM_DEVID;
static int do_cagen(int argc, char** argv)
{

1
certmanager/README.md
View File

@ -8,6 +8,7 @@ in a standalone manner, separate from an SSL/TLS connection.
## Compiling and Running the Example
```
$ ./configure --enable-opensslextra
$ make
$ ./certverify
```

2
crypto/3des/README.md
View File

@ -5,7 +5,7 @@ How to use 3des-file-encrypt.c
b. In the crypto/3des directory run the Makefile by typing 'make'.
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./3des-file-encrypt <-option> <KeySize> <input.file> <output.file>
./3des-file-encrypt <-option> <KeySize> -i <input.file> -o <output.file>
KeySize examples: 56, 112, or 168

2
crypto/aes/README.md
View File

@ -6,7 +6,7 @@ How to use aes-file-encrypt.c
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./aes-file-encrypt <-option> <KeySize> <input.file> <output.file>
./aes-file-encrypt <-option> <KeySize> -i <input.file> -o <output.file>
KeySize (in bits) allowed values: 128, 192, 256

2
crypto/camellia/README.md
View File

@ -6,7 +6,7 @@ How to use camellia-encrypt.c
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./camellia-encrypt <-option> <input.file> <KeySize> <output.file>
./camellia-encrypt <option> <KeySize> -i <input.file> -o <output.file>
KeySize examples: 128, 192, 256

22
custom-io-callbacks/README.md
View File

@ -13,12 +13,26 @@ Other transports might be:
These examples use the wolfSSL Custom IO Callbacks to read and write to the file
system and perform a successful handshake.
The configuration used for these examples:
Building the examples:
`./configure --enable-debug`
From the wolfssl directory:
```
./configure --enable-debug
sudo make install
```
Debug was enabled in case a user wishes to use the verbose flag to see what is
happening in real time:
**NOTE:** Debug was enabled in case a user wishes to use the verbose flag to see
what is happening in real time:
From the file-server directory:
```
make
```
From the file-client directory:
```
make
```
Usage examples:

2
dtls/client-dtls.c
View File

@ -56,7 +56,7 @@ int main (int argc, char** argv)
/* Program argument checking */
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
printf("usage: %s <IP address>\n", argv[0]);
return 1;
}

4
ecc/README.md
View File

@ -5,7 +5,7 @@
### Build and install wolfSSL
```
./configure --enable-ecc --enable-ecccustcurves CFLAGS="-DWOLFSSL_TEST_CERT -DWOLFSSL_DER_TO_PEM -DHAVE_ECC_KOBLITZ" && make && sudo make install
./configure --enable-ecc --enable-ecccustcurves CFLAGS="-DWOLFSSL_TEST_CERT -DWOLFSSL_DER_TO_PEM -DHAVE_ECC_KOBLITZ -DWOLFSSL_PUBLIC_MP" && make && sudo make install
```
### Build Example
@ -119,7 +119,7 @@ This example demonstrates using a Koblitz (SECP256K1) curve.
hash_firmware_verify: 0
```
### `ecc-key-decode`
### `ecc-key-export`
This example shows exporting an ECC private key and public key.

6
ocsp/ocsp_nonblock/README.md
View File

@ -36,7 +36,11 @@ Ret = 1: success
## OCSP non-blocking Async example
This uses your system certificate chain to demonstrate validating revocation status using an OCSP
public server with wolfSSL's Asynchronous crypto.
public server with wolfSSL's Asynchronous cryptography support. i
**NOTE:** Before building this example the asynchronous support must be obtained from
(https://github.com/wolfSSL/wolfAsyncCrypt) and installed into wolfSSL by following the
instructions in the *README* file contained in the wolfAsyncCrypt repository.
The example uses youtube.com as the public server.

50
ocsp/ocsp_nonblock/google.pem
View File

@ -1,27 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEhjCCA26gAwIBAgIQWwvxxxXoxEkSWJsftFiO7jANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMjA1MDQxNzQwMDVaFw0yMjA3Mjcx
NzQwMDRaMBkxFzAVBgNVBAMTDnd3dy5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYI
KoZIzj0DAQcDQgAEy3kqjk9F7+Ap8XWjvvDnAUfiJXV6bHblqegicb6Krq3zUw8T
KUQ8wxMtRoZXHv9DtZgC1ErW6qAPt0BWdzP7waOCAmYwggJiMA4GA1UdDwEB/wQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBSoMrJUWSIVHdDkqXgfi2VI5nQ2TjAfBgNVHSMEGDAWgBSKdH+vhc3ulc09nNDi
RhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3Nw
LnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3BraS5nb29nL3Jl
cG8vY2VydHMvZ3RzMWMzLmRlcjAZBgNVHREEEjAQgg53d3cuZ29vZ2xlLmNvbTAh
BgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAv
oC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RT3ZKME4xc1QyQS5jcmww
ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBByMqx3yJGShDGoToJQodeTjGLGwPr
60vHaPCQYpYG9gAAAYCQX05XAAAEAwBGMEQCIA/HX1T2lssgnL8weEBFzPsILM4q
/3iJ5FyXJgZZ9ZMQAiBi0HochB+UgZMpslJ72ei48hvzGErcXvUJUwXVx4x6ZwB2
ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABgJBfTiYAAAQDAEcw
RQIhAIcwKuzq6j1VwM1F3P/3L0Un5LKUt4o52+KREIULHJ6yAiAIVxHlI0vTToyP
N96UQkuM0FvPus2vGZLfIimVHrqrQzANBgkqhkiG9w0BAQsFAAOCAQEAw/wVl+C1
0mjwVu3NCu9sbnX47TuPz2lwT/6aUOMmRQg5Z3I9qWwRs5TdwYS/RXjGbATG8STu
Qmq5h4GRil5523D2OKmJ2ZBc033tk/aDJzf3bRQrFnzYNDIo2zW7rrdg0yUE2ytq
30pP0so32wVtqAKZOdtgYyQs1WXEgOVouGkecgdKv2pMyWa6TVjMNnMxCwqq4MRG
R5thr5l5tg20zvpGM7bE/VuYegTSqQyaF6arUpjpOX7xclfERZ1RUOh1EHHnH4gf
l7eOUXh950nbb3bjp2bUF1CjsnveJI1UfqcUrp3Tuoh7ScT1gEiJ82qGsVtyq3AU
FvKz0TJH0ipymA==
MIIEijCCA3KgAwIBAgIRAMMsR1VjA2bdChxuYQ+kZZcwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjMwMjAxMTk0MzU5WhcNMjMwNDI2
MTk0MzU4WjAZMRcwFQYDVQQDEw53d3cuZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABPYtARyiqyABnq+cSe6WFmr7zNlagYL5OyskmRWhsP3A6wbP
cNwK7D7d39DPep+J9t3zRbV6N4M0ENnK0dRStDOjggJpMIICZTAOBgNVHQ8BAf8E
BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUO0vK2Vu9yiiGhuDdx6cnv4ips20wHwYDVR0jBBgwFoAUinR/r4XN7pXNPZzQ
4kYU83E1HScwagYIKwYBBQUHAQEEXjBcMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz
cC5wa2kuZ29vZy9ndHMxYzMwMQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9y
ZXBvL2NlcnRzL2d0czFjMy5kZXIwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20w
IQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGg
L6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvZlZKeGJWLUt0bWsuY3Js
MIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcArfe++nz/EMiLnT2cHj4YarRnKV3P
sQwkyoWGNOvcgooAAAGGDrjY8QAABAMASDBGAiEAiGtpyVO3J7pErGIS++BFCCrR
m1ch8C/mcLUjFspJ2gUCIQCqJteA+V8oZs1zIRWFsODsim1Cq8OarB6CXiJlum4G
XQB3AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhg642JMAAAQD
AEgwRgIhAPvhrZVsgY5IpVRBNkYD+grWKlmPexdriLtIAMoJfQOiAiEA2Knc568e
NSHDC1svyE3jkQsLHKDtCNuZkVTB0yqj6IcwDQYJKoZIhvcNAQELBQADggEBAOhy
ZroJaTS5jZ6KI1Z8X0K20W+Zmxz2qEiV4PyYA0cB2Zmzn5rul9Yo/bfS922BKTx+
4m7pwugvJf9cOohZ0YNQ0JfBLYJ9QUQpsl7nag8lJz2BxWksaqLW3od3wlGZS2gh
rsnRqp/4UtjEk7ppSy8TaRALMMbG41k8nADB03Wnzbj0hcPcJr1k+6YT8JO/xDr0
2B/ZD4V1Mt8uUj0fP9QaZkTwujM2StPf+HHaqUM11Rdj/gEx5jcOY5+E1AY3edw2
uU1gkK1HhsJ3HbMDC7RwoHj/SN77dXP0EV8+z7xYheV1oLG4ladh2jM/wJjXDf2N
le6YwStMhTnhte3TcxA=
-----END CERTIFICATE-----

4
ocsp/ocsp_nonblock/ocsp_nonblock_async.c
View File

@ -361,7 +361,7 @@ int main(int argc, char** argv)
printf("WolfSSL AsyncCrypt Enabled\n");
#if defined(HAVE_INTEL_QA)
printf("WolfSSL AsyncCrypt with IntelQA Mode\n");
#elif defined(WOLFSSL_ASYNC_CRYPT_TEST)
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
printf("WolfSSL AsyncCrypt with Simulation Mode\n");
#else
#error Unknown HW Acceleration device
@ -477,7 +477,7 @@ exit:
printf("Please compile wolfSSL with ./configure --enable-asynccrypt --enable-sni"
" --enable-alpn --enable-ocspstapling --enable-ocspstapling2 --enable-opensslextra"
" --enable-curve25519 CFLAGS=-DWOLFSSL_NONBLOCK_OCSP")
" --enable-curve25519 CFLAGS=-DWOLFSSL_NONBLOCK_OCSP");
return -1;
#endif
}

4
picotcp/README.md
View File

@ -8,12 +8,12 @@ This TLS server runs in userspace, using picoTCP as compiled-in TCP/IP stack.
### Requirements
- PicoTCP v.1.7 or later
- wolfSSL
- wolfSSL (default configuration)
- Access to `/dev/net/tun` on the host system (typically root privileges)
### How to compile picotcp-server
- clone or download picoTCP
- clone or download [picoTCP](https://github.com/tass-belgium/picotcp.git)
- compile picoTCP with `make ARCH=shared TAP=1 WOLFSSL=1`
- modify `PICOTCP_PATH` at the top of Makefile, pointing to the picoTCP root directory
- run `make`

8
pk/rsa-kg/rsa-kg-sv.c
View File

@ -96,8 +96,8 @@ int main(int argc, char *argv[])
int ret;
RsaKey key;
WC_RNG rng;
unsigned char hash[SHA512_DIGEST_SIZE];
int hashSz = SHA512_DIGEST_SIZE;
unsigned char hash[WC_SHA512_DIGEST_SIZE];
int hashSz = WC_SHA512_DIGEST_SIZE;
int hashAlg = WC_HASH_TYPE_SHA512;
unsigned char sig[MAX_RSA_BITS/8];
int sig_len;
@ -227,9 +227,9 @@ int main(int argc, char *argv[])
return 1;
}
/* Check hash size is valid */
if (hashSz < 1 || hashSz > SHA512_DIGEST_SIZE) {
if (hashSz < 1 || hashSz > WC_SHA512_DIGEST_SIZE) {
fprintf(stderr, "Hash size out of range (1-%d): %d\n",
SHA512_DIGEST_SIZE, hashSz);
WC_SHA512_DIGEST_SIZE, hashSz);
usage();
return 1;
}

8
pkcs7/README.md
View File

@ -16,11 +16,11 @@ $ make
$ sudo make install
```
Note, some examples require "--with-libz" and "--enable-pwdbased". To build
wolfSSL with support for all examples, use:
Note, some examples require additional features, such as "--with-libz" and
"--enable-pwdbased". To build wolfSSL with support for all examples, use:
```
$ ./configure --enable-pkcs7 --enable-pwdbased --with-libz
$ ./configure --enable-pkcs7 --enable-pwdbased --enable-cryptocb --with-libz CFLAGS="-DWOLFSSL_DER_TO_PEM"
$ make
$ sudo make install
```
@ -574,6 +574,8 @@ Successfully extracted and verified bundle contents
### Converting P7B Certificate Bundle to PEM using PKCS7 SignedData API
Build wolfssl using: `./configure --enable-pkcs7 CFLAGS="-DWOLFSSL_DER_TO_PEM"`
Example file: `signedData-p7b.c`
This example parses a .p7b certificate bundle using wolfCrypt's PKCS#7

67
psk/README.md
View File

@ -1,11 +1,30 @@
TCP/PSK Tutorial
================
This folder contains examples related to PSK, including:
* Quick-Start section to simply build and run some of the examples
* Tutorial section detailing the process of adding PSK support to a
client/server system.
# Quick Start
To build and run the basic PSK example:
In the wolfSSL directory:
```
$ ./configure --enable-psk --enable-opensslextra CFLAGS="-DWOLFSSL_STATIC_PSK"
$ make && make install
```
In the psk directory:
```
$ make
$ ./server-psk
$ ./client-psk
```
# TCP/PSK Tutorial
## **Tutorial for adding wolfSSL Security to a Simple Client.**
1. Include the wolfSSL compatibility header:
``#include <wolfssl/ssl.h>``
* Change all calls from read() or recv() to wolfSSL_read(), in the simple client
2. Change all calls from read() or recv() to wolfSSL_read(), in the simple client
``read(sockfd, recvline, MAXLINE)`` becomes ``wolfSSL_read(ssl, recvline, MAXLINE)``
@ -418,16 +437,16 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
* enum used for tcp_select function
*/
enum {
    TEST_SELECT_FAIL,
    TEST_TIMEOUT,
   TEST_RECV_READY,
    TEST_ERROR_READY
TEST_SELECT_FAIL,
TEST_TIMEOUT,
TEST_RECV_READY,
TEST_ERROR_READY
};
static inline int tcp_select(int socketfd, int to_sec)
{
    fd_set recvfds, errfds;
    int nfds = socketfd + 1;
fd_set recvfds, errfds;
int nfds = socketfd + 1;
struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
int result;
@ -439,14 +458,14 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0)
     return TEST_TIMEOUT;
return TEST_TIMEOUT;
else if (result > 0) {
     if (FD_ISSET(socketfd, &recvfds))
         return TEST_RECV_READY;
     else if(FD_ISSET(socketfd, &errfds))
         return TEST_ERROR_READY;
if (FD_ISSET(socketfd, &recvfds))
return TEST_RECV_READY;
else if(FD_ISSET(socketfd, &errfds))
return TEST_ERROR_READY;
}
    return TEST_SELECT_FAIL;
return TEST_SELECT_FAIL;
}
```
@ -465,7 +484,7 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
int select_ret;
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
                         error == SSL_ERROR_WANT_WRITE)) {
error == SSL_ERROR_WANT_WRITE)) {
int currTimeout = 1;
if (error == SSL_ERROR_WANT_READ)
@ -521,15 +540,15 @@ Nonblocking on the server side allows for switching between multiple client conn
```
/* timed loop to continue checking for a client message */
do {
     if (n < 0) {
         err = wolfSSL_get_error(ssl, 0);
         if (err != SSL_ERROR_WANT_READ)
             err_sys("respond: read error");
         n = wolfSSL_read(ssl, buf, MAXLINE);
         time(&current_time);
     }
if (n < 0) {
err = wolfSSL_get_error(ssl, 0);
if (err != SSL_ERROR_WANT_READ)
err_sys("respond: read error");
n = wolfSSL_read(ssl, buf, MAXLINE);
time(&current_time);
}
} while (err == SSL_ERROR_WANT_READ && n < 0 &&
          difftime(current_time, start_time) < seconds);
difftime(current_time, start_time) < seconds);
```

1
psk/server-psk-nonblocking.c
View File

@ -356,6 +356,7 @@ int main()
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
}
}

2
psk/server-psk-threaded.c
View File

@ -91,6 +91,7 @@ void* wolfssl_thread(void* fd)
if ((ret = wolfSSL_accept(ssl)) != WOLFSSL_SUCCESS) {
printf("wolfSSL_accept failed with %d\n", ret);
wolfSSL_free(ssl);
ssl = NULL;
close(connfd);
pthread_exit(NULL);
}
@ -113,6 +114,7 @@ void* wolfssl_thread(void* fd)
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");
/* place signal for forced error exit here */

1
psk/server-psk-tls13-multi-id.c
View File

@ -208,6 +208,7 @@ int main()
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");

1
psk/server-psk.c
View File

@ -212,6 +212,7 @@ int main()
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");

33
signature/rsa_buffer/README.md
View File

@ -1,28 +1,35 @@
Configure and install wolfSSL with these options:
# RSA sign and verify example
## Configure, build and install wolfSSL
```
./configure
make
make install
sudo make install
```
(if any build issues due to previous installations please run 'ldconfig`)
**NOTE:** if any build issues due to previous installations please run `ldconfig`
To compile without Makefile:
## Build and run example
**NOTE:** The `sign_vfy.sh` script performs the steps below.
```
make sign
./sign "This is the message" > signature.h
make verify
./verify
```
**NOTE:** To Build and run example without Makefile:
```
gcc -o sign sign.c -lwolfssl
./sign <message> > signature.h
gcc -o verify verify.c -lwolfssl
To sign a message:
./sign <message>
To verify the signature with the message:
./verify
```
Please contact support@wolfssl.com with any questions or concerns!
Best wishes in all your testing!
- The wolfSSL Team

4
signature/rsa_vfy_only/Makefile
View File

@ -14,8 +14,8 @@ OPTIMIZE = -Os
# Options
#CFLAGS+=$(DEBUG_FLAGS)
CFLAGS+=$(OPTIMIZE)
LIBS+=$(STATIC_LIB)
#LIBS+=$(DYN_LIB)
#LIBS+=$(STATIC_LIB)
LIBS+=$(DYN_LIB)
# build targets
SRC=$(wildcard *.c)

28
signature/rsa_vfy_only/README.md
View File

@ -1,24 +1,32 @@
Configure and install wolfSSL with these options:
# RSA Verify-only example
## Configure, build and install wolfSSL
```
./configure --disable-asn --disable-filesystem \
--enable-cryptonly --enable-sp=smallrsa2048 --enable-sp-math \
--disable-dh --disable-ecc --disable-sha224 --enable-rsavfy \
CFLAGS="-DWOLFSSL_PUBLIC_MP"
make
make install
sudo make install
```
(if any build issues due to previous installations please run 'ldconfig`)
To compile without Makefile:
gcc -Os -o verify verify.c /usr/local/lib/libwolfssl.a
To verify the signature with the message:
**NOTE:** If any build issues due to previous installations please run 'ldconfig`
## Build and run example
```
make
./verify
```
**NOTE:** To compile without Makefile:
```
gcc -Os -o verify verify.c /usr/local/lib/libwolfssl.a
./verify
```
Please contact support@wolfssl.com with any questions for concerns!
Best wishes in all your testing!
- The wolfSSL Team

2
signature/sigtest/README.md
View File

@ -74,3 +74,5 @@ ECC Curve BRAINPOOLP384R1, KeySz 48, Sig: CurveMax 104, ActMax 104, CalcMax 104
```
Note: The extra 2-bytes of padding is to account for the case where R or S has the Most Significant Bit (MSB) set.
Please contact support@wolfssl.com with any questions or concerns!

33
tls/README.md
View File

@ -23,6 +23,39 @@ leaks, especially in error conditions.
For Visual Studio users with the VisualGDB extension, there are additional
example files in [VisualGDB-tls](./VisualGDB-tls/).
Quick Start
===========
This portion of the `README` will show you how to quickly build and run some of
the examples in this directory. For more detail on the examples and further
variations and features please see the *Tutorial* section.
Build wolfSSL:
```sh
./configure --enable-asynccrypt && make && sudo make install
```
In wolfssl-examples/tls:
```sh
make clean && make
```
To run simple TLS example, in separate terminals enter:
```sh
./server-tls
./client-tls 127.0.0.1
```
To run non-blocking / threaded TLS example, in separate terminals enter:
```sh
./server-tls-threaded
./client-tls-nonblocking 127.0.0.1
```
Tutorial
========

1
tls/server-tls-callback.c
View File

@ -303,6 +303,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}

1
tls/server-tls-ecdhe.c
View File

@ -203,6 +203,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}

1
tls/server-tls-nonblocking.c
View File

@ -282,6 +282,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
connd = SOCKET_INVALID;
}

1
tls/server-tls-pkcallback.c
View File

@ -530,6 +530,7 @@ int main(int argc, char** argv)
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
connd = SOCKET_INVALID;
}

2
tls/server-tls-threaded.c
View File

@ -113,6 +113,7 @@ void* ClientHandler(void* args)
printf("wolfSSL_read encountered an error with code %d and msg %s\n",
ret, wolfSSL_ERR_error_string(ret, buff));
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(pkg->connd); /* Close the connection to the server */
pkg->open = 1; /* Indicate that execution is over */
pthread_exit(NULL); /* End thread execution */
@ -145,6 +146,7 @@ void* ClientHandler(void* args)
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(pkg->connd); /* Close the connection to the server */
pkg->open = 1; /* Indicate that execution is over */
#if defined(HAVE_ECC) && defined(FP_ECC)

1
tls/server-tls-verifycallback.c
View File

@ -308,6 +308,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}

2
tls/server-tls-writedup.c
View File

@ -43,7 +43,7 @@
int main()
{
int ret;
int ret = 0;
#ifdef HAVE_WRITE_DUP
int sockfd = SOCKET_INVALID;
int connd = SOCKET_INVALID;

1
tls/server-tls.c
View File

@ -197,6 +197,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}