WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #378 from tim-weller-wolfssl/example-updates 

wolfSSL example updates based on testing with wolfSSL v5.5.4-stable
pull/382/head
JacobBarthelmeh 2023-04-05 15:25:08 -06:00 committed by GitHub
parent 9688f1b635 013a6da63d
commit ccfd90982b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
33 changed files with 209 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SE050/README.md
View File

@ -8,7 +8,7 @@ written for and tested on a Raspberry Pi with NXP SE050 EdgeLock development
kit.
For complete details on wolfSSL's support for NXP SE050, see
[README_SE050.md](https://www.github.com/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md).
[README_SE050.md](https://www.github.com/wolfssl/wolfssl/tree/master/wolfcrypt/src/port/nxp/README_SE050.md).
That document also describes how to download, build, and compile the SE05x
Middleware. It should be followed first before moving on to installing and
running these examples.

4
certgen/certgen_ca_example.c
View File

@ -30,6 +30,9 @@
#ifdef WOLFSSL_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
static int devId = WOLFSSL_CAAM_DEVID;
#else
static int devId = INVALID_DEVID;
#endif
#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_CERT_GEN) && \
@ -37,7 +40,6 @@
#define HEAP_HINT NULL
#define LARGE_TEMP_SZ 4096
static int devId = WOLFSSL_CAAM_DEVID;
static int do_cagen(int argc, char** argv)
{

1
certmanager/README.md
View File

@ -8,6 +8,7 @@ in a standalone manner, separate from an SSL/TLS connection.
## Compiling and Running the Example
```
$ ./configure --enable-opensslextra
$ make
$ ./certverify
```

2
crypto/3des/README.md
View File

@ -5,7 +5,7 @@ How to use 3des-file-encrypt.c
b. In the crypto/3des directory run the Makefile by typing 'make'.
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./3des-file-encrypt <-option> <KeySize> <input.file> <output.file>
./3des-file-encrypt <-option> <KeySize> -i <input.file> -o <output.file>
KeySize examples: 56, 112, or 168

2
crypto/aes/README.md
View File

@ -6,7 +6,7 @@ How to use aes-file-encrypt.c
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./aes-file-encrypt <-option> <KeySize> <input.file> <output.file>
./aes-file-encrypt <-option> <KeySize> -i <input.file> -o <output.file>
KeySize (in bits) allowed values: 128, 192, 256

2
crypto/camellia/README.md
View File

@ -6,7 +6,7 @@ How to use camellia-encrypt.c
2) Make a file to encode. Can be any file (ex. .txt .in .out .file etc.)
3) run the executable, for help run with -h flag. Basic command is as follows:
./camellia-encrypt <-option> <input.file> <KeySize> <output.file>
./camellia-encrypt <option> <KeySize> -i <input.file> -o <output.file>
KeySize examples: 128, 192, 256

22
custom-io-callbacks/README.md
View File

@ -13,12 +13,26 @@ Other transports might be:
These examples use the wolfSSL Custom IO Callbacks to read and write to the file
system and perform a successful handshake.
The configuration used for these examples:
Building the examples:
`./configure --enable-debug`
From the wolfssl directory:
```
./configure --enable-debug
sudo make install
```
Debug was enabled in case a user wishes to use the verbose flag to see what is
happening in real time:
**NOTE:** Debug was enabled in case a user wishes to use the verbose flag to see
what is happening in real time:
From the file-server directory:
```
make
```
From the file-client directory:
```
make
```
Usage examples:

2
dtls/client-dtls.c
View File

@ -56,7 +56,7 @@ int main (int argc, char** argv)
/* Program argument checking */
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
printf("usage: %s <IP address>\n", argv[0]);
return 1;
}

4
ecc/README.md
View File

@ -5,7 +5,7 @@
### Build and install wolfSSL
```
./configure --enable-ecc --enable-ecccustcurves CFLAGS="-DWOLFSSL_TEST_CERT -DWOLFSSL_DER_TO_PEM -DHAVE_ECC_KOBLITZ" && make && sudo make install
./configure --enable-ecc --enable-ecccustcurves CFLAGS="-DWOLFSSL_TEST_CERT -DWOLFSSL_DER_TO_PEM -DHAVE_ECC_KOBLITZ -DWOLFSSL_PUBLIC_MP" && make && sudo make install
```
### Build Example
@ -119,7 +119,7 @@ This example demonstrates using a Koblitz (SECP256K1) curve.
hash_firmware_verify: 0
```
### `ecc-key-decode`
### `ecc-key-export`
This example shows exporting an ECC private key and public key.

8
ocsp/ocsp_nonblock/README.md
View File

@ -35,8 +35,12 @@ Ret = 1: success
## OCSP non-blocking Async example
This uses your system certificate chain to demonstrate validating revocation status using an OCSP
public server with wolfSSL's Asynchronous crypto.
This uses your system certificate chain to demonstrate validating revocation status using an OCSP
public server with wolfSSL's Asynchronous cryptography support. i
**NOTE:** Before building this example the asynchronous support must be obtained from
(https://github.com/wolfSSL/wolfAsyncCrypt) and installed into wolfSSL by following the
instructions in the *README* file contained in the wolfAsyncCrypt repository.
The example uses youtube.com as the public server.

54
ocsp/ocsp_nonblock/google.pem
View File

@ -1,27 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEhjCCA26gAwIBAgIQWwvxxxXoxEkSWJsftFiO7jANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMjA1MDQxNzQwMDVaFw0yMjA3Mjcx
NzQwMDRaMBkxFzAVBgNVBAMTDnd3dy5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYI
KoZIzj0DAQcDQgAEy3kqjk9F7+Ap8XWjvvDnAUfiJXV6bHblqegicb6Krq3zUw8T
KUQ8wxMtRoZXHv9DtZgC1ErW6qAPt0BWdzP7waOCAmYwggJiMA4GA1UdDwEB/wQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBSoMrJUWSIVHdDkqXgfi2VI5nQ2TjAfBgNVHSMEGDAWgBSKdH+vhc3ulc09nNDi
RhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3Nw
LnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3BraS5nb29nL3Jl
cG8vY2VydHMvZ3RzMWMzLmRlcjAZBgNVHREEEjAQgg53d3cuZ29vZ2xlLmNvbTAh
BgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAv
oC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9RT3ZKME4xc1QyQS5jcmww
ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBByMqx3yJGShDGoToJQodeTjGLGwPr
60vHaPCQYpYG9gAAAYCQX05XAAAEAwBGMEQCIA/HX1T2lssgnL8weEBFzPsILM4q
/3iJ5FyXJgZZ9ZMQAiBi0HochB+UgZMpslJ72ei48hvzGErcXvUJUwXVx4x6ZwB2
ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABgJBfTiYAAAQDAEcw
RQIhAIcwKuzq6j1VwM1F3P/3L0Un5LKUt4o52+KREIULHJ6yAiAIVxHlI0vTToyP
N96UQkuM0FvPus2vGZLfIimVHrqrQzANBgkqhkiG9w0BAQsFAAOCAQEAw/wVl+C1
0mjwVu3NCu9sbnX47TuPz2lwT/6aUOMmRQg5Z3I9qWwRs5TdwYS/RXjGbATG8STu
Qmq5h4GRil5523D2OKmJ2ZBc033tk/aDJzf3bRQrFnzYNDIo2zW7rrdg0yUE2ytq
30pP0so32wVtqAKZOdtgYyQs1WXEgOVouGkecgdKv2pMyWa6TVjMNnMxCwqq4MRG
R5thr5l5tg20zvpGM7bE/VuYegTSqQyaF6arUpjpOX7xclfERZ1RUOh1EHHnH4gf
l7eOUXh950nbb3bjp2bUF1CjsnveJI1UfqcUrp3Tuoh7ScT1gEiJ82qGsVtyq3AU
FvKz0TJH0ipymA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEijCCA3KgAwIBAgIRAMMsR1VjA2bdChxuYQ+kZZcwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjMwMjAxMTk0MzU5WhcNMjMwNDI2
MTk0MzU4WjAZMRcwFQYDVQQDEw53d3cuZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABPYtARyiqyABnq+cSe6WFmr7zNlagYL5OyskmRWhsP3A6wbP
cNwK7D7d39DPep+J9t3zRbV6N4M0ENnK0dRStDOjggJpMIICZTAOBgNVHQ8BAf8E
BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUO0vK2Vu9yiiGhuDdx6cnv4ips20wHwYDVR0jBBgwFoAUinR/r4XN7pXNPZzQ
4kYU83E1HScwagYIKwYBBQUHAQEEXjBcMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz
cC5wa2kuZ29vZy9ndHMxYzMwMQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9y
ZXBvL2NlcnRzL2d0czFjMy5kZXIwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20w
IQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGg
L6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvZlZKeGJWLUt0bWsuY3Js
MIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcArfe++nz/EMiLnT2cHj4YarRnKV3P
sQwkyoWGNOvcgooAAAGGDrjY8QAABAMASDBGAiEAiGtpyVO3J7pErGIS++BFCCrR
m1ch8C/mcLUjFspJ2gUCIQCqJteA+V8oZs1zIRWFsODsim1Cq8OarB6CXiJlum4G
XQB3AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhg642JMAAAQD
AEgwRgIhAPvhrZVsgY5IpVRBNkYD+grWKlmPexdriLtIAMoJfQOiAiEA2Knc568e
NSHDC1svyE3jkQsLHKDtCNuZkVTB0yqj6IcwDQYJKoZIhvcNAQELBQADggEBAOhy
ZroJaTS5jZ6KI1Z8X0K20W+Zmxz2qEiV4PyYA0cB2Zmzn5rul9Yo/bfS922BKTx+
4m7pwugvJf9cOohZ0YNQ0JfBLYJ9QUQpsl7nag8lJz2BxWksaqLW3od3wlGZS2gh
rsnRqp/4UtjEk7ppSy8TaRALMMbG41k8nADB03Wnzbj0hcPcJr1k+6YT8JO/xDr0
2B/ZD4V1Mt8uUj0fP9QaZkTwujM2StPf+HHaqUM11Rdj/gEx5jcOY5+E1AY3edw2
uU1gkK1HhsJ3HbMDC7RwoHj/SN77dXP0EV8+z7xYheV1oLG4ladh2jM/wJjXDf2N
le6YwStMhTnhte3TcxA=
-----END CERTIFICATE-----

4
ocsp/ocsp_nonblock/ocsp_nonblock_async.c
View File

@ -361,7 +361,7 @@ int main(int argc, char** argv)
printf("WolfSSL AsyncCrypt Enabled\n");
#if defined(HAVE_INTEL_QA)
printf("WolfSSL AsyncCrypt with IntelQA Mode\n");
#elif defined(WOLFSSL_ASYNC_CRYPT_TEST)
#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
printf("WolfSSL AsyncCrypt with Simulation Mode\n");
#else
#error Unknown HW Acceleration device
@ -477,7 +477,7 @@ exit:
printf("Please compile wolfSSL with ./configure --enable-asynccrypt --enable-sni"
" --enable-alpn --enable-ocspstapling --enable-ocspstapling2 --enable-opensslextra"
" --enable-curve25519 CFLAGS=-DWOLFSSL_NONBLOCK_OCSP")
" --enable-curve25519 CFLAGS=-DWOLFSSL_NONBLOCK_OCSP");
return -1;
#endif
}

4
picotcp/README.md
View File

@ -8,12 +8,12 @@ This TLS server runs in userspace, using picoTCP as compiled-in TCP/IP stack.
### Requirements
- PicoTCP v.1.7 or later
- wolfSSL
- wolfSSL (default configuration)
- Access to `/dev/net/tun` on the host system (typically root privileges)
### How to compile picotcp-server
- clone or download picoTCP
- clone or download [picoTCP](https://github.com/tass-belgium/picotcp.git)
- compile picoTCP with `make ARCH=shared TAP=1 WOLFSSL=1`
- modify `PICOTCP_PATH` at the top of Makefile, pointing to the picoTCP root directory
- run `make`

8
pk/rsa-kg/rsa-kg-sv.c
View File

@ -96,8 +96,8 @@ int main(int argc, char *argv[])
int ret;
RsaKey key;
WC_RNG rng;
unsigned char hash[SHA512_DIGEST_SIZE];
int hashSz = SHA512_DIGEST_SIZE;
unsigned char hash[WC_SHA512_DIGEST_SIZE];
int hashSz = WC_SHA512_DIGEST_SIZE;
int hashAlg = WC_HASH_TYPE_SHA512;
unsigned char sig[MAX_RSA_BITS/8];
int sig_len;
@ -227,9 +227,9 @@ int main(int argc, char *argv[])
return 1;
}
/* Check hash size is valid */
if (hashSz < 1 || hashSz > SHA512_DIGEST_SIZE) {
if (hashSz < 1 || hashSz > WC_SHA512_DIGEST_SIZE) {
fprintf(stderr, "Hash size out of range (1-%d): %d\n",
SHA512_DIGEST_SIZE, hashSz);
WC_SHA512_DIGEST_SIZE, hashSz);
usage();
return 1;
}

8
pkcs7/README.md
View File

@ -16,11 +16,11 @@ $ make
$ sudo make install
```
Note, some examples require "--with-libz" and "--enable-pwdbased". To build
wolfSSL with support for all examples, use:
Note, some examples require additional features, such as "--with-libz" and
"--enable-pwdbased". To build wolfSSL with support for all examples, use:
```
$ ./configure --enable-pkcs7 --enable-pwdbased --with-libz
$ ./configure --enable-pkcs7 --enable-pwdbased --enable-cryptocb --with-libz CFLAGS="-DWOLFSSL_DER_TO_PEM"
$ make
$ sudo make install
```
@ -574,6 +574,8 @@ Successfully extracted and verified bundle contents
### Converting P7B Certificate Bundle to PEM using PKCS7 SignedData API
Build wolfssl using: `./configure --enable-pkcs7 CFLAGS="-DWOLFSSL_DER_TO_PEM"`
Example file: `signedData-p7b.c`
This example parses a .p7b certificate bundle using wolfCrypt's PKCS#7

67
psk/README.md
View File

@ -1,11 +1,30 @@
TCP/PSK Tutorial
================
This folder contains examples related to PSK, including:
* Quick-Start section to simply build and run some of the examples
* Tutorial section detailing the process of adding PSK support to a
client/server system.
# Quick Start
To build and run the basic PSK example:
In the wolfSSL directory:
```
$ ./configure --enable-psk --enable-opensslextra CFLAGS="-DWOLFSSL_STATIC_PSK"
$ make && make install
```
In the psk directory:
```
$ make
$ ./server-psk
$ ./client-psk
```
# TCP/PSK Tutorial
## **Tutorial for adding wolfSSL Security to a Simple Client.**
1. Include the wolfSSL compatibility header:
``#include <wolfssl/ssl.h>``
* Change all calls from read() or recv() to wolfSSL_read(), in the simple client
2. Change all calls from read() or recv() to wolfSSL_read(), in the simple client
``read(sockfd, recvline, MAXLINE)`` becomes ``wolfSSL_read(ssl, recvline, MAXLINE)``
@ -418,16 +437,16 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
* enum used for tcp_select function
*/
enum {
    TEST_SELECT_FAIL,
    TEST_TIMEOUT,
   TEST_RECV_READY,
    TEST_ERROR_READY
TEST_SELECT_FAIL,
TEST_TIMEOUT,
TEST_RECV_READY,
TEST_ERROR_READY
};
static inline int tcp_select(int socketfd, int to_sec)
{
    fd_set recvfds, errfds;
    int nfds = socketfd + 1;
fd_set recvfds, errfds;
int nfds = socketfd + 1;
struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
int result;
@ -439,14 +458,14 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0)
     return TEST_TIMEOUT;
return TEST_TIMEOUT;
else if (result > 0) {
     if (FD_ISSET(socketfd, &recvfds))
         return TEST_RECV_READY;
     else if(FD_ISSET(socketfd, &errfds))
         return TEST_ERROR_READY;
if (FD_ISSET(socketfd, &recvfds))
return TEST_RECV_READY;
else if(FD_ISSET(socketfd, &errfds))
return TEST_ERROR_READY;
}
    return TEST_SELECT_FAIL;
return TEST_SELECT_FAIL;
}
```
@ -465,7 +484,7 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
int select_ret;
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
                         error == SSL_ERROR_WANT_WRITE)) {
error == SSL_ERROR_WANT_WRITE)) {
int currTimeout = 1;
if (error == SSL_ERROR_WANT_READ)
@ -521,15 +540,15 @@ Nonblocking on the server side allows for switching between multiple client conn
```
/* timed loop to continue checking for a client message */
do {
     if (n < 0) {
         err = wolfSSL_get_error(ssl, 0);
         if (err != SSL_ERROR_WANT_READ)
             err_sys("respond: read error");
         n = wolfSSL_read(ssl, buf, MAXLINE);
         time(&current_time);
     }
if (n < 0) {
err = wolfSSL_get_error(ssl, 0);
if (err != SSL_ERROR_WANT_READ)
err_sys("respond: read error");
n = wolfSSL_read(ssl, buf, MAXLINE);
time(&current_time);
}
} while (err == SSL_ERROR_WANT_READ && n < 0 &&
          difftime(current_time, start_time) < seconds);
difftime(current_time, start_time) < seconds);
```

1
psk/server-psk-nonblocking.c
View File

@ -356,6 +356,7 @@ int main()
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
}
}

2
psk/server-psk-threaded.c
View File

@ -91,6 +91,7 @@ void* wolfssl_thread(void* fd)
if ((ret = wolfSSL_accept(ssl)) != WOLFSSL_SUCCESS) {
printf("wolfSSL_accept failed with %d\n", ret);
wolfSSL_free(ssl);
ssl = NULL;
close(connfd);
pthread_exit(NULL);
}
@ -113,6 +114,7 @@ void* wolfssl_thread(void* fd)
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");
/* place signal for forced error exit here */

1
psk/server-psk-tls13-multi-id.c
View File

@ -208,6 +208,7 @@ int main()
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");

1
psk/server-psk.c
View File

@ -212,6 +212,7 @@ int main()
/* closes the connections after responding */
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
if (close(connfd) == -1) {
printf("Fatal error : close error\n");

33
signature/rsa_buffer/README.md
View File

@ -1,28 +1,35 @@
Configure and install wolfSSL with these options:
# RSA sign and verify example
## Configure, build and install wolfSSL
```
./configure
make
make install
sudo make install
```
(if any build issues due to previous installations please run 'ldconfig`)
**NOTE:** if any build issues due to previous installations please run `ldconfig`
To compile without Makefile:
## Build and run example
**NOTE:** The `sign_vfy.sh` script performs the steps below.
```
make sign
./sign "This is the message" > signature.h
make verify
./verify
```
**NOTE:** To Build and run example without Makefile:
```
gcc -o sign sign.c -lwolfssl
./sign <message> > signature.h
gcc -o verify verify.c -lwolfssl
To sign a message:
./sign <message>
To verify the signature with the message:
./verify
```
Please contact support@wolfssl.com with any questions or concerns!
Best wishes in all your testing!
- The wolfSSL Team

4
signature/rsa_vfy_only/Makefile
View File

@ -14,8 +14,8 @@ OPTIMIZE = -Os
# Options
#CFLAGS+=$(DEBUG_FLAGS)
CFLAGS+=$(OPTIMIZE)
LIBS+=$(STATIC_LIB)
#LIBS+=$(DYN_LIB)
#LIBS+=$(STATIC_LIB)
LIBS+=$(DYN_LIB)
# build targets
SRC=$(wildcard *.c)

28
signature/rsa_vfy_only/README.md
View File

@ -1,24 +1,32 @@
Configure and install wolfSSL with these options:
# RSA Verify-only example
## Configure, build and install wolfSSL
```
./configure --disable-asn --disable-filesystem \
--enable-cryptonly --enable-sp=smallrsa2048 --enable-sp-math \
--disable-dh --disable-ecc --disable-sha224 --enable-rsavfy \
CFLAGS="-DWOLFSSL_PUBLIC_MP"
make
make install
sudo make install
```
(if any build issues due to previous installations please run 'ldconfig`)
To compile without Makefile:
gcc -Os -o verify verify.c /usr/local/lib/libwolfssl.a
To verify the signature with the message:
**NOTE:** If any build issues due to previous installations please run 'ldconfig`
## Build and run example
```
make
./verify
```
**NOTE:** To compile without Makefile:
```
gcc -Os -o verify verify.c /usr/local/lib/libwolfssl.a
./verify
```
Please contact support@wolfssl.com with any questions for concerns!
Best wishes in all your testing!
- The wolfSSL Team

2
signature/sigtest/README.md
View File

@ -74,3 +74,5 @@ ECC Curve BRAINPOOLP384R1, KeySz 48, Sig: CurveMax 104, ActMax 104, CalcMax 104
```
Note: The extra 2-bytes of padding is to account for the case where R or S has the Most Significant Bit (MSB) set.
Please contact support@wolfssl.com with any questions or concerns!

35
tls/README.md
View File

@ -23,6 +23,39 @@ leaks, especially in error conditions.
For Visual Studio users with the VisualGDB extension, there are additional
example files in [VisualGDB-tls](./VisualGDB-tls/).
Quick Start
===========
This portion of the `README` will show you how to quickly build and run some of
the examples in this directory. For more detail on the examples and further
variations and features please see the *Tutorial* section.
Build wolfSSL:
```sh
./configure --enable-asynccrypt && make && sudo make install
```
In wolfssl-examples/tls:
```sh
make clean && make
```
To run simple TLS example, in separate terminals enter:
```sh
./server-tls
./client-tls 127.0.0.1
```
To run non-blocking / threaded TLS example, in separate terminals enter:
```sh
./server-tls-threaded
./client-tls-nonblocking 127.0.0.1
```
Tutorial
========
@ -1305,4 +1338,4 @@ To generate your own cert text, see the [DER to C script](https://github.com/wol
## Support
Please contact wolfSSL at support@wolfssl.com with any questions, bug fixes,
or suggested feature additions.
or suggested feature additions.

1
tls/server-tls-callback.c
View File

@ -303,6 +303,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}

1
tls/server-tls-ecdhe.c
View File

@ -203,6 +203,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}

1
tls/server-tls-nonblocking.c
View File

@ -282,6 +282,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
connd = SOCKET_INVALID;
}

1
tls/server-tls-pkcallback.c
View File

@ -530,6 +530,7 @@ int main(int argc, char** argv)
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
connd = SOCKET_INVALID;
}

2
tls/server-tls-threaded.c
View File

@ -113,6 +113,7 @@ void* ClientHandler(void* args)
printf("wolfSSL_read encountered an error with code %d and msg %s\n",
ret, wolfSSL_ERR_error_string(ret, buff));
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(pkg->connd); /* Close the connection to the server */
pkg->open = 1; /* Indicate that execution is over */
pthread_exit(NULL); /* End thread execution */
@ -145,6 +146,7 @@ void* ClientHandler(void* args)
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(pkg->connd); /* Close the connection to the server */
pkg->open = 1; /* Indicate that execution is over */
#if defined(HAVE_ECC) && defined(FP_ECC)

3
tls/server-tls-verifycallback.c
View File

@ -308,6 +308,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}
@ -326,6 +327,6 @@ exit:
if (ctx)
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
return ret; /* Return reporting a success */
}

2
tls/server-tls-writedup.c
View File

@ -43,7 +43,7 @@
int main()
{
int ret;
int ret = 0;
#ifdef HAVE_WRITE_DUP
int sockfd = SOCKET_INVALID;
int connd = SOCKET_INVALID;

1
tls/server-tls.c
View File

@ -197,6 +197,7 @@ int main()
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
ssl = NULL;
close(connd); /* Close the connection to the client */
}