WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Initial Deos RTOS port 

- Added support for Deos with no file system
- Implemented a custom malloc since reusing and freeing memory is disallowed in avionics and mission critical applications.
- Added TLS client and server example with a TCP setup mailbox transport
- Timer starts at an offset of CURRENT_UNIX_TIMESTAMP specified by the user
- Uses rand_r() as a pseudo random number generator and uses the current time in seconds as a seed
- Uses strnicmp for XSTRNCASECMP instead of strncasecmp
- a readme doc included
pull/1997/head
Tesfa Mael 2018-11-30 13:08:30 -08:00 committed by Tesfa Mael
parent 91573735b1
commit 739b57c753
18 changed files with 1268 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
IDE/ECLIPSE/DEOS/README.md 100644
View File

@ -0,0 +1,158 @@
# Deos Port
## Overview
You can enable the wolfSSL support for Deos RTOS available [here](https://www.ddci.com/products_deos_do_178c_arinc_653/) using the `#define DEOS`.
Deos is a Time & Space Partitioned, Multi-core Enabled, DO-178C DAL A Certifiable RTOS.
## Usage
You can start with your OpenArbor IDE-based example project for Deos with the network stack (LwIP) to integrate wolfSSL source code.
wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/DEOS/user_settings.h` file.
The `tls_wolfssl.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h. You can define any of these macro options to run a test.
```
1. #define WOLFSSL_WOLFCRYPT_TEST
2. #define WOLFSSL_BENCHMARK_TEST
3. #define WOLFSSL_CLIENT_TEST
4. #define WOLFSSL_SERVER_TEST
```
Steps for building and running wolfSSL with the Deos kernel examples included in the DDS release are as follows:
#### Setting up a Deos project with wolfSSL
1. Download the wolfSSL source code or a zip file from GitHub. You can remove all of the files except for these folders and its contents. The top folder for this example is wolfsslPort.
```
wolfsslPort
|-- IDE
| -- ECLIPSE
| -- DEOS
|-- src
|-- wolfcrypt
| -- benchmark
| -- src
| -- test
|-- wolfssl
|-- openssl
|-- wolfcrypt
|-- port
```
2. Remove these two platform specific assembly source files:
- wolfsslPort/wolfcrypt/src/aes_asm.asm
- wolfsslPort/wolfcrypt/src/aes_asm.S
3. Launch the OpenArbor IDE as an administrator
4. Create a DDC-I Deos example project. In the main menu, go to File >DDC-I Deos example project > socket > udp-vs-tcp
5. Import the `wolfSSLPort` source code into your project.
- Right-click the ` udp-vs-tcp` project and choose File -> Import.
- Expand the General folder and select File System, then click Next. You should now see the Import File system dialog.
- Browse to the location containing the wolfSSL code and choose OK. Select the `wolfsslPort` folder and check the `Create top-level folder` button, then select Finish. You should see the folder hierarchy the same as wolfSSL folder structures.
6. Review the configuration in $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h
7. Review the custom malloc/realloc/free configuration $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/deos_malloc.c . Memory allocated with malloc() is never freed.
#### Configuring the Deos Project
1. Customize your config/udp-vs-tcp.pd.xml with the following changes:
```
<processTemplate
mutexQuota = "5"
>
<logicalMemoryPools>
pagesNeeded = "1000"
></pool>
</logicalMemoryPools>
<mutexTemplates>
<mutexTemplate
name = "protectWolfSSLTemp"
lockTimeInUsec = "40"
priority = "fastest"
></mutexTemplate>
</mutexTemplates>
</processTemplate>
```
Depending on your configuration, wolfSSL uses upto four mutexes.
2. Right click on the `udp-vs-tcp` project, select properties and add the following macros in the DDC-I Options > C Compile > Preprocessor
- DEOS_ALLOW_OBSOLETE_DEFINITIONS
- WOLFSSL_USER_SETTINGS
3. Add the following directory paths in the DDC-I Options > C Compile > Directories
- $(PROJECT_DIR)/wolfsslPort
- $(PROJECT_DIR)/wolfsslPort/wolfssl
- $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS
- $(PROJECT_DIR.printx)/code
4. Change the optimization level in the DDC-I Options > C Compile > Code Generation > Optimization level:g
- g
5. Add the following library dependencies in the DDC-I Options > Deos > Dependencies
- math
- dart
- ansi
- printx
- You must add printx into your workspace, File >DDC-I Deos example project > training > printx
6. Edit $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h to customize your configuration. For example, you can comment out the following tests.
- #define WOLFSSL_WOLFCRYPT_TEST
- #define WOLFSSL_BENCHMARK_TEST
- #define WOLFSSL_CLIENT_TEST
- #define WOLFSSL_SERVER_TEST
7. Edit your application source file where main() thread is defined and add the following:
- #include "printx.h"
- #include "tls_wolfssl.h"
- and a call to `wolfsslRunTests()`
#### Building and Running
1. Build your project, then load and run your image on a target platform. Review the test results on the console output.
### `WOLFSSL_WOLFCRYPT_TEST` wolfcrypt_test()
wolfcrypt_test() prints a message on the target console similar to the following output:
```
error test passed!
base64 test passed!
asn test passed!
...
```
This example doesn't show the whole output.
The complete ouputs are not displayed here.
### `WOLFSSL_BENCHMARK_TEST` benchmark_test()
benchmark_test() prints a message on the target console similar to the following output.
```
------------------------------------------------------------------------------
wolfSSL version 3.15.5
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG 225 KB tooks 1.026 seconds, 219.313 KB/s
AES-128-CBC-enc 250 KB toks 1.105 seconds 226.210 KB/s
AES-128-CBC-dec 225 KB tooks 1.005 seconds, 223.922 KB/s
...
```
This example doesn't show the whole output.
### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros in the `tls_wolfssl.c` file to configure the host address and port. You will also need to define the server certificate. The example client uses the GET request to get a web resource from the server at https://google.com.
### `WOLFSSL_SERVER_TEST` wolfssl_server_test()
You can modify the `TLS_SERVER_PORT` in the `tls_wolfssl.c` file to configure the port number to listen on a local-host.
Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
```
$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRESS
The client outputs messages similar to the following:
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
SSL curve name is SECP256R1
I hear ya fa shizzle!
```
## References
The test results were collected from the qemu-x86 reference platform target with the following software and tool chains:
- OpenArbor, eclipse based IDE, toolVersion = "3.31.0"
- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
For more information or questions, please email [support@wolfssl.com](mailto:support@wolfssl.com)

93
IDE/ECLIPSE/DEOS/deos_malloc.c 100644
View File

@ -0,0 +1,93 @@
/* deos_malloc.c
*
* Copyright (C) 2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/ssl.h>
#define HEAP_SIZE_MAX (1*1024*1024)
static size_t allocatedMemory = 0;
size_t getMemAllocatedSize_does(size_t* size){
if (size)
*size = allocatedMemory;
return allocatedMemory;
}
void free_deos(void *ptr) {
//printf("fake free_deos()\n");
return;
}
void *realloc_deos(void *ptr, size_t size) {
void *newptr;
if (size == 0)
return ptr;
newptr = malloc_deos(size);
free_deos(ptr);
return newptr;
}
void *malloc_deos(size_t size) {
PDEOS_SYSTEM_INFO systemInfoPtr;
static VirtualAddressTYP heapAddr = NULL;
static VirtualAddressTYP freeAddr = NULL;
VirtualAddressTYP retAddr = NULL;
DWORD allocationSize = 0;
static int initialized = 0;
if (size <= 0)
return NULL;
if (!initialized) {
systemInfoPtr = (PDEOS_SYSTEM_INFO)getSystemInfoDEOS();
freeAddr = (VirtualAddressTYP)getNextLibraryStartAddress();
allocationSize = (((HEAP_SIZE_MAX - 1) / systemInfoPtr->dwPageSize) + 1) *
systemInfoPtr->dwPageSize;
if (virtualAllocDEOS(freeAddr, allocationSize) != allocSuccess){
printf("ERROR: virtualAllocDEOS failed\n");
return NULL;
}
setNextLibraryStartAddress(freeAddr + allocationSize);
heapAddr = freeAddr;
initialized = 1;
}
size = ((size + (sizeof(size_t) - 1)) & ~(sizeof(size_t) - 1));
if (size > (HEAP_SIZE_MAX - (freeAddr - heapAddr))){
printf("ERROR: malloc_deos cannot allocate from heap memory anymore\n");
return NULL;
}
retAddr = freeAddr;
memset(retAddr, 0, size);
freeAddr += size;
allocatedMemory += size;
return retAddr;
}

10
IDE/ECLIPSE/DEOS/include.am 100644
View File

@ -0,0 +1,10 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
EXTRA_DIST += \
IDE/ECLIPSE/DEOS/README.md \
IDE/ECLIPSE/DEOS/user_settings.h \
IDE/ECLIPSE/DEOS/tls_wolfssl.h \
IDE/ECLIPSE/DEOS/tls_wolfssl.c \
IDE/ECLIPSE/DEOS/deos_malloc.c

603
IDE/ECLIPSE/DEOS/tls_wolfssl.c 100644
View File

@ -0,0 +1,603 @@
/* tls_wolfssl.c
*
* Copyright (C) 2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/ssl.h>
#include <wolfcrypt/test/test.h>
#include <wolfcrypt/benchmark/benchmark.h>
#include <wolfssl/wolfcrypt/logging.h> /* to use WOLFSSL_MSG */
#include <tls_wolfssl.h>
int setupTransport(clientConnectionHandleType* connectionHandle,
char* connectionId) {
int ret, error;
void * sendBuffer;
DWORD bufferSizeInBytes;
if ((ret = socketTransportInitialize("mailbox-transport.config",
"transportConfigurationId",
(DWORD)waitIndefinitely,&error)) != transportSuccess)
printf("Initialize 0x%x, error=%d\n", ret, error);
else if ((ret = socketTransportClientInitialize((DWORD)waitIndefinitely,
&error)) != transportSuccess)
printf("ClientInitialize 0x%x, error=%d\n", ret, error);
else if ((ret = socketTransportCreateConnection(connectionId,
(DWORD)waitIndefinitely,
COMPATIBILITY_ID_2,
connectionHandle,
&sendBuffer,
&bufferSizeInBytes,
&error)) != transportSuccess)
printf("CreateConnection 0x%x, error=%d\n", ret, error);
else if ((ret = socketTransportSetConnectionForThread(currentThreadHandle(),
*connectionHandle,
(DWORD)waitIndefinitely,
&error)) != transportSuccess)
printf("SetConnectionForThread 0x%x, error=%d\n", ret, error);
return ret;
}
#if defined(WOLFSSL_CLIENT_TEST)
/* 172.217.3.174 is the IP address of https://www.google.com */
#define TCP_SERVER_IP_ADDR "172.217.3.174"
#define TCP_SERVER_DOMAIN_NAME "www.google.com"
#define TCP_SERVER_PORT 443
#define TX_BUF_SIZE 64
#define RX_BUF_SIZE 1024
#define TX_MSG "GET /index.html HTTP/1.0\n\n"
#define TX_MSG_SIZE sizeof(TX_MSG)
static const unsigned char google_certs_ca[]="\n\
## Google Internet Authority G3 \n\
-----BEGIN CERTIFICATE-----\n\
MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
c7o835DLAFshEWfC7TIe3g==\n\
-----END CERTIFICATE-----\n\
## Google Trust Services- GlobalSign Root CA-R2\n\
-----BEGIN CERTIFICATE-----\n\
MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
-----END CERTIFICATE-----\n\
";
void wolfssl_client_test(uintData_t statusPtr) {
int sock;
char rx_buf[RX_BUF_SIZE];
char tx_buf[TX_BUF_SIZE];
int ret = 0, error = 0;
sockaddr_in server_addr;
clientConnectionHandleType TCPclientHandle;
WOLFSSL* ssl;
WOLFSSL_CTX* ctx;
/* set up the mailbox transport */
if (setupTransport(&TCPclientHandle, (char*)"connectionId1") != transportSuccess){
printf("TCP transport set up failed \n");
return;
}
printf("Creating a network socket...\n");
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock == SOCKET_ERROR) {
printf("ERROR: Failed to create socket, err = %d\n", errno);
return;
}
printf("Clearing memory for server_addr struct\n");
XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
printf("Connecting to server IP address: %s, port: %d\n",
TCP_SERVER_IP_ADDR, TCP_SERVER_PORT);
server_addr.sin_family = AF_INET;
server_addr.sin_addr = inet_addr(TCP_SERVER_IP_ADDR);
server_addr.sin_port = htons(TCP_SERVER_PORT);
printf("Calling connect on socket\n");
if (connect(sock, (sockaddr *) &server_addr, sizeof(server_addr) < 0 )) {
printf("ERROR: connect, err = %d\n", errno);
closesocket(sock);
return;
}
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* wolfSSL INIT and CTX SETUP */
wolfSSL_Init();
#ifdef WOLFSSL_TLS13
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#endif
/* SET UP NETWORK SOCKET */
if (ctx == 0) {
printf("ERROR: wolfSSL_CTX_new failed\n");
closesocket(sock);
return;
}
WOLFSSL_MSG("wolfSSL_CTX_new done\n");
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
ret = wolfSSL_CTX_load_verify_buffer(ctx,
google_certs_ca,
sizeof(google_certs_ca),
SSL_FILETYPE_PEM);
if (ret != SSL_SUCCESS) {
printf("ERROR: wolfSSL_CTX_load_verify_buffer() failed\n");
closesocket(sock);
wolfSSL_CTX_free(ctx);
return;
}
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
printf("ERROR: wolfSSL_new() failed\n");
closesocket(sock);
wolfSSL_CTX_free(ctx);
return;
}
WOLFSSL_MSG("wolfSSL_new done\n");
ret = wolfSSL_set_fd(ssl, sock);
if (ret != SSL_SUCCESS) {
printf("ERROR: wolfSSL_set_fd() failed\n");
closesocket(sock);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
WOLFSSL_MSG("wolfSSL_set_fd done\n");
do {
error = 0; /* reset error */
ret = wolfSSL_connect(ssl);
if (ret != SSL_SUCCESS) {
error = wolfSSL_get_error(ssl, 0);
printf("ERROR: wolfSSL_connect() failed, err = %d\n", error);
if (error != SSL_ERROR_WANT_READ) {
closesocket(sock);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
/* goToSleep() for 1 sec*/
}
} while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
printf("wolfSSL_connect() ok... sending GET\n");
strncpy(tx_buf, TX_MSG, TX_MSG_SIZE);
if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
error = wolfSSL_get_error(ssl, 0);
printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
closesocket(sock);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
do {
error = 0; /* reset error */
ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
if (ret < 0) {
error = wolfSSL_get_error(ssl, 0);
if (error != SSL_ERROR_WANT_READ) {
printf("wolfSSL_read failed, error = %d\n", error);
closesocket(sock);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
/* goToSleep() for 1 second*/
} else if (ret > 0) {
rx_buf[ret] = 0;
printf("%s\n", rx_buf);
}
} while (error == SSL_ERROR_WANT_READ);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
closesocket(sock);
return;
}
#endif /* WOLFSSL_CLIENT_TEST */
#if defined(WOLFSSL_SERVER_TEST)
#define TLS_SERVER_PORT 11111
#define TX_BUF_SIZE 64
#define RX_BUF_SIZE 1024
#define TCP_SERVER_CONN_Q_SIZE 1
/* derived from wolfSSL/certs/server-ecc.der */
static const unsigned char server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
0xBD, 0x62, 0xC9, 0x20 };
/* derived from wolfSSL/certs/ecc-key.der */
static const unsigned char ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
void wolfssl_server_test(uintData_t statusPtr)
{
int sock_listen;
int bindStatus;
int sock_req;
sockaddr_in socketAddr;
sockaddr_in server_addr;
int socketAddrLen=sizeof(sockaddr);
char rx_buf[RX_BUF_SIZE];
char tx_buf[TX_BUF_SIZE];
unsigned char attempt_conn;
clientConnectionHandleType TCPserverHandle;
void * sendBuffer;
DWORD bufferSizeInBytes;
WOLFSSL * ssl;
WOLFSSL_CTX * ctx;
int tx_buf_sz = 0, ret = 0, error = 0;
/* set up the mailbox transport */
/* connectionId2 is defined in the mailbox-transport.config*/
if (setupTransport(&TCPserverHandle, (char*)"connectionId2") != transportSuccess){
printf("TCP transport set up failed \n");
return;
}
/* SET UP NETWORK SOCKET */
printf("Opening network socket...\n");
sock_listen = socket(AF_INET, SOCK_STREAM, 0);
if (sock_listen == SOCKET_ERROR) {
printf("ERROR: socket, err = %d\n", errno);
return;
}
printf("Clearing memory for server_addr struct\n");
XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
printf("Setting up server_addr struct\n");
server_addr.sin_family = AF_INET;
server_addr.sin_addr = INADDR_ANY;
server_addr.sin_port = htons(TLS_SERVER_PORT);
bindStatus = bind(sock_listen, (sockaddr *) &server_addr, sizeof(server_addr));
if (bindStatus == SOCKET_ERROR) {
printf("ERROR: bind, err = %d\n", errno);
closesocket(sock_listen);
return;
}
/* wolfSSL INIT and CTX SETUP */
wolfSSL_Init();
#if defined(WOLFSSL_TLS13)
ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method());
printf("Using TLSv1_3\n");
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
printf("Using TLSv1_2\n");
#endif
if (ctx == 0) {
printf("ERROR: wolfSSL_CTX_new failed\n");
closesocket(sock_listen);
return;
}
WOLFSSL_MSG("wolfSSL_CTX_new done\n");
ret = wolfSSL_CTX_use_certificate_buffer(ctx,
server_ecc_der_256,
sizeof(server_ecc_der_256),
SSL_FILETYPE_ASN1);
if (ret != SSL_SUCCESS) {
printf("ERROR: wolfSSL_CTX_use_certificate_buffer() failed, \
err = %d\n", ret);
closesocket(sock_listen);
wolfSSL_CTX_free(ctx);
return;
}
ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
ecc_key_der_256,
sizeof(ecc_key_der_256),
SSL_FILETYPE_ASN1);
if (ret != SSL_SUCCESS) {
printf("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\n");
closesocket(sock_listen);
wolfSSL_CTX_free(ctx);
return;
}
/* accept client socket connections */
printf("Listening for client connection\n");
printf("E.g, you can use ./examples/client/client.exe -h 192.168.219.100\n");
printf(" \n");
listen(sock_listen, TCP_SERVER_CONN_Q_SIZE);
sock_req = accept(sock_listen,
(sockaddr *) &socketAddr,
&socketAddrLen);
if (sock_req == -1) {
printf("ERROR: accept, err = %d\n", errno);
closesocket(sock_listen);
return;
}
printf("Got client connection! Starting TLS negotiation\n");
/* set up wolfSSL session */
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
printf("ERROR: wolfSSL_new() failed\n");
closesocket(sock_req);
closesocket(sock_listen);
wolfSSL_CTX_free(ctx);
return;
}
WOLFSSL_MSG("wolfSSL_new done\n");
ret = wolfSSL_set_fd(ssl, sock_req);
if (ret != SSL_SUCCESS) {
printf("ERROR: wolfSSL_set_fd() failed\n");
closesocket(sock_req);
closesocket(sock_listen);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
WOLFSSL_MSG("wolfSSL_set_fd done\n");
do {
error = 0; /* reset error */
if (ret != SSL_SUCCESS) {
error = wolfSSL_get_error(ssl, 0);
printf("ERROR: wolfSSL_accept() failed, err = %d\n", error);
if (error != SSL_ERROR_WANT_READ) {
closesocket(sock_req);
closesocket(sock_listen);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
/* goToSleep() for 500 milli sec*/
}
} while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
printf("wolfSSL_accept() ok...\n");
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* read client data */
error = 0;
XMEMSET(rx_buf, 0u, RX_BUF_SIZE);
ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
if (ret < 0) {
error = wolfSSL_get_error(ssl, 0);
if (error != SSL_ERROR_WANT_READ) {
printf("wolfSSL_read failed, error = %d\n", error);
closesocket(sock_req);
closesocket(sock_listen);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
}
printf("AFTER wolfSSL_read() call, ret = %d\n", ret);
if (ret > 0) {
rx_buf[ret] = 0;
printf("Client sent: %s\n", rx_buf);
}
/* write response to client */
XMEMSET(tx_buf, 0u, TX_BUF_SIZE);
tx_buf_sz = 22;
strncpy(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
error = wolfSSL_get_error(ssl, 0);
printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
closesocket(sock_req);
closesocket(sock_listen);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return;
}
ret = wolfSSL_shutdown(ssl);
if (ret == SSL_SHUTDOWN_NOT_DONE)
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
closesocket(sock_req);
closesocket(sock_listen);
return;
}
#endif /* WOLFSSL_SERVER_TEST */
int wolfsslRunTests (void)
{
thread_handle_t TCPhandle;
threadStatus ts;
int ret;
#if defined(WOLFSSL_WOLFCRYPT_TEST)
wolfcrypt_test(NULL);
#endif
#if defined(WOLFSSL_BENCHMARK_TEST)
benchmark_test(NULL);
#endif
#if defined(WOLFSSL_CLIENT_TEST)
ts = createThread("TCPclient", "TCPThreadTemplate", wolfssl_client_test,
0, &TCPhandle );
if (ts != threadSuccess) {
printf("Unable to create TCP client thread, %i ", (DWORD)ts);
}
#endif
#if defined(WOLFSSL_SERVER_TEST)
ts = createThread("TCPserver", "TCPThreadTemplate", wolfssl_server_test,
0, &TCPhandle );
if (ts != threadSuccess) {
printf("Unable to create TCP server thread, %i ", (DWORD)ts);
}
#endif
return 0;
}

37
IDE/ECLIPSE/DEOS/tls_wolfssl.h 100644
View File

@ -0,0 +1,37 @@
/* tls_wolfssl.h
*
* Copyright (C) 2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __TLS_WOLFSSL_H__
#define __TLS_WOLFSSL_H__
#ifdef __cplusplus
extern "C" {
#endif
int wolfsslRunTests(void);
void wolfssl_client_test(uintData_t);
void wolfssl_server_test(uintData_t);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* TLS_WOLFSSL_H */

111
IDE/ECLIPSE/DEOS/user_settings.h 100644
View File

@ -0,0 +1,111 @@
/* user_setting.h
*
* Copyright (C) 2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef DEOS_USER_SETTINGS_H_
#define DEOS_USER_SETTINGS_H_
#ifdef __cplusplus
extern "C" {
#endif
#define WOLFSSL_DEOS
/* You can select none or all of the following tests */
#define WOLFSSL_WOLFCRYPT_TEST
#define WOLFSSL_BENCHMARK_TEST
#define WOLFSSL_CLIENT_TEST
#define WOLFSSL_SERVER_TEST
/* adjust CURRENT_UNIX_TIMESTAMP to seconds since Jan 01 1970. (UTC)
You can get the current time from https://www.unixtimestamp.com/
*/
#define CURRENT_UNIX_TIMESTAMP 1544162764
#define NO_FILESYSTEM
#define SIZEOF_LONG_LONG 8
/* prevents from including multiple definition of main() */
#define NO_MAIN_DRIVER
#define NO_TESTSUITE_MAIN_DRIVER
/* includes certificate test buffers via header files */
#define USE_CERT_BUFFERS_2048
/*use kB instead of mB for embedded benchmarking*/
#define BENCH_EMBEDDED
#define NO_WRITE_TEMP_FILES
#define HAVE_AESGCM
#define WOLFSSL_SHA512
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
#define ED25519_SMALL
/* TLS 1.3 */
#if 0
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_FFDHE_2048
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#endif
#if 0
/* You can use your own custom random generator function with
no input parameters and a `CUSTOM_RAND_TYPE` return type*/
#ifndef CUSTOM_RAND_GENERATE
#define CUSTOM_RAND_TYPE int
#define CUSTOM_RAND_GENERATE yourRandGenFunc
#endif
#endif
#if 1
#undef XMALLOC_OVERRIDE
#define XMALLOC_OVERRIDE
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *malloc_deos(size_t size);
extern void free_deos(void *ptr);
extern void *realloc_deos(void *ptr, size_t size);
#define XMALLOC(n, h, t) malloc_deos(n)
#define XFREE(p, h, t) free_deos(p)
#define XREALLOC(p, n, h, t) realloc_deos(p, n)
#endif
#define printf printx
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif

18
src/internal.c
View File

@ -6251,6 +6251,15 @@ ProtocolVersion MakeDTLSv1_2(void)
return (word32)rtp_get_system_sec();
}
#elif defined(WOLFSSL_DEOS)
word32 LowResTimer(void)
{
const uint32_t systemTickTimeInHz = 1000000 / systemTickInMicroseconds();
uint32_t *systemTickPtr = systemTickPointer();
return (word32) *systemTickPtr/systemTickTimeInHz;
}
#elif defined(MICRIUM)
@ -10617,8 +10626,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif
/* make sure can read the message */
if (*inOutIdx + size > totalSz)
if (*inOutIdx + size > totalSz) {
WOLFSSL_MSG("Incomplete Data");
return INCOMPLETE_DATA;
}
expectedIdx = *inOutIdx + size +
(ssl->keys.encryptionOn ? ssl->keys.padSz : 0);
@ -10705,7 +10716,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif
) {
ret = HashInput(ssl, input + *inOutIdx, size);
if (ret != 0) return ret;
if (ret != 0) {
WOLFSSL_MSG("Incomplete handshake hashes");
return ret;
}
}
#ifdef OPENSSL_EXTRA

10
src/tls13.c
View File

@ -1200,6 +1200,14 @@ end:
{
return (word32)rtp_get_system_sec() * 1000;
}
#elif defined(WOLFSSL_DEOS)
word32 TimeNowInMilliseconds(void)
{
const uint32_t systemTickTimeInHz = 1000000 / systemTickInMicroseconds();
uint32_t *systemTickPtr = systemTickPointer();
return (word32) (*systemTickPtr/systemTickTimeInHz) * 1000;
}
#elif defined(MICRIUM)
/* The time in milliseconds.
* Used for tickets to represent difference between when first seen and when
@ -3407,7 +3415,7 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if ((ssl->options.server_psk_tls13_cb != NULL &&
(ssl->arrays->psk_keySz = ssl->options.server_psk_tls13_cb(ssl,
ssl->arrays->client_identity, ssl->arrays->psk_key,
MAX_PSK_KEY_LEN, &cipherName)) != 0 &&
MAX_PSK_KEY_LEN, &cipherName)) != 0 &&
GetCipherSuiteFromName(cipherName, &cipherSuite0,
&cipherSuite) == 0) ||
(ssl->options.server_psk_cb != NULL &&

15
wolfcrypt/benchmark/benchmark.c
View File

@ -60,6 +60,10 @@
#undef printf
#define printf PRINTF
#elif defined(WOLFSSL_DEOS)
#include <deos.h>
#undef printf
#define printf printx
#elif defined(MICRIUM)
#include <bsp_ser.h>
void BSP_Ser_Printf (CPU_CHAR* format, ...);
@ -5232,6 +5236,17 @@ exit_ed_verify:
#elif defined(WOLFSSL_SGX)
double current_time(int reset);
#elif defined(WOLFSSL_DEOS)
double current_time(int reset)
{
const uint32_t systemTickTimeInHz = 1000000 / systemTickInMicroseconds();
uint32_t *systemTickPtr = systemTickPointer();
(void)reset;
return (double) *systemTickPtr/systemTickTimeInHz;
}
#elif defined(MICRIUM)
double current_time(int reset)
{

3
wolfcrypt/src/logging.c
View File

@ -211,6 +211,7 @@ void WOLFSSL_TIME(int count)
#elif defined(WOLFSSL_SGX)
/* Declare sprintf for ocall */
int sprintf(char* buf, const char *fmt, ...);
#elif defined(WOLFSSL_DEOS)
#elif defined(MICRIUM)
#if (BSP_SER_COMM_EN == DEF_ENABLED)
#include <bsp_ser.h>
@ -240,6 +241,8 @@ static void wolfssl_log(const int logLevel, const char *const logMessage)
#elif defined(THREADX) && !defined(THREADX_NO_DC_PRINTF)
dc_log_printf("%s\n", logMessage);
#elif defined(WOLFSSL_DEOS)
printf("%s\r\n", logMessage);
#elif defined(MICRIUM)
BSP_Ser_Printf("%s\r\n", logMessage);
#elif defined(WOLFSSL_MDK_ARM)

21
wolfcrypt/src/random.c
View File

@ -144,6 +144,7 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
#elif defined(WOLFSSL_IAR_ARM)
#elif defined(WOLFSSL_ROWLEY_ARM)
#elif defined(WOLFSSL_EMBOS)
#elif defined(WOLFSSL_DEOS)
#elif defined(MICRIUM)
#elif defined(WOLFSSL_NUCLEUS)
#elif defined(WOLFSSL_PB)
@ -1871,6 +1872,26 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
#elif defined(WOLFSSL_DEOS) && !defined(CUSTOM_RAND_GENERATE)
#include "stdlib.h"
#warning "potential for not enough entropy, currently being used for testing Deos"
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
int seed = XTIME(0);
(void)os;
for (i = 0; i < sz; i++ ) {
output[i] = rand_r(&seed) % 256;
if ((i % 8) == 7) {
seed = XTIME(0);
rand_r(&seed);
}
}
return 0;
}
#elif defined(WOLFSSL_VXWORKS)
#include <randomNumGen.h>

86
wolfcrypt/src/wc_port.c
View File

@ -834,6 +834,72 @@ int wolfSSL_CryptHwMutexUnLock(void) {
return BAD_MUTEX_E;
}
#elif defined(WOLFSSL_DEOS)
int wc_InitMutex(wolfSSL_Mutex* m)
{
mutexStatus mutStat;
/*
The empty string "" denotes an anonymous mutex, so objects do not cause name collisions.
`protectWolfSSLTemp` in an XML configuration element template describing a mutex.
*/
if (m) {
mutStat = createMutex("", "protectWolfSSLTemp", m);
if (mutStat == mutexSuccess)
return 0;
else{
WOLFSSL_MSG("wc_InitMutex failed");
return mutStat;
}
}
return BAD_MUTEX_E;
}
int wc_FreeMutex(wolfSSL_Mutex* m)
{
mutexStatus mutStat;
if (m) {
mutStat = deleteMutex(*m);
if (mutStat == mutexSuccess)
return 0;
else{
WOLFSSL_MSG("wc_FreeMutex failed");
return mutStat;
}
}
return BAD_MUTEX_E;
}
int wc_LockMutex(wolfSSL_Mutex* m)
{
mutexStatus mutStat;
if (m) {
mutStat = lockMutex(*m);
if (mutStat == mutexSuccess)
return 0;
else{
WOLFSSL_MSG("wc_LockMutex failed");
return mutStat;
}
}
return BAD_MUTEX_E;
}
int wc_UnLockMutex(wolfSSL_Mutex* m)
{
mutexStatus mutStat;
if (m) {
mutStat = unlockMutex(*m);
if (mutStat== mutexSuccess)
return 0;
else{
WOLFSSL_MSG("wc_UnLockMutex failed");
return mutStat;
}
}
return BAD_MUTEX_E;
}
#elif defined(MICRIUM)
int wc_InitMutex(wolfSSL_Mutex* m)
@ -1554,6 +1620,26 @@ time_t pic32_time(time_t* timer)
#endif /* MICROCHIP_TCPIP || MICROCHIP_TCPIP_V5 */
#if defined(WOLFSSL_DEOS)
time_t deos_time(time_t* timer)
{
const uint32_t systemTickTimeInHz = 1000000 / systemTickInMicroseconds();
uint32_t *systemTickPtr = systemTickPointer();
if (timer != NULL)
*timer = *systemTickPtr/systemTickTimeInHz;
#if defined(CURRENT_UNIX_TIMESTAMP)
/* CURRENT_UNIX_TIMESTAMP is seconds since Jan 01 1970. (UTC) */
return (time_t) *systemTickPtr/systemTickTimeInHz + CURRENT_UNIX_TIMESTAMP;
#else
return (time_t) *systemTickPtr/systemTickTimeInHz;
#endif
}
#endif /* WOLFSSL_DEOS */
#if defined(MICRIUM)
time_t micrium_time(time_t* timer)

18
wolfcrypt/test/test.c
View File

@ -22669,17 +22669,29 @@ static int free_cnt = 0;
static void *my_Malloc_cb(size_t size)
{
malloc_cnt++;
return malloc(size);
#ifndef WOLFSSL_NO_MALLOC
return malloc(size);
#else
WOLFSSL_MSG("No malloc available");
#endif
}
static void my_Free_cb(void *ptr)
{
free_cnt++;
free(ptr);
#ifndef WOLFSSL_NO_MALLOC
free(ptr);
#else
WOLFSSL_MSG("No free available");
#endif
}
static void *my_Realloc_cb(void *ptr, size_t size)
{
realloc_cnt++;
return realloc(ptr, size);
#ifndef WOLFSSL_NO_MALLOC
return realloc(ptr, size);
#else
WOLFSSL_MSG("No realloc available");
#endif
}
int memcb_test(void)

13
wolfssl/internal.h
View File

@ -130,6 +130,9 @@
#ifndef SINGLE_THREADED
#include "tx_api.h"
#endif
#elif defined(WOLFSSL_DEOS)
/* do nothing, just don't pick Unix */
#elif defined(MICRIUM)
/* do nothing, just don't pick Unix */
#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
@ -2087,7 +2090,7 @@ WOLFSSL_LOCAL int TLSX_SupportExtensions(WOLFSSL* ssl);
WOLFSSL_LOCAL int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isRequest);
#if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_LOCAL int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType,
WOLFSSL_LOCAL int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType,
word16* pLength);
WOLFSSL_LOCAL int TLSX_WriteRequest(WOLFSSL* ssl, byte* output,
byte msgType, word16* pOffset);
@ -2095,9 +2098,9 @@ WOLFSSL_LOCAL int TLSX_WriteRequest(WOLFSSL* ssl, byte* output,
#if defined(WOLFSSL_TLS13) || !defined(NO_WOLFSSL_SERVER)
/* TLS 1.3 Certificate messages have extensions. */
WOLFSSL_LOCAL int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType,
WOLFSSL_LOCAL int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType,
word16* pLength);
WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType,
WOLFSSL_LOCAL int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType,
word16* pOffset);
#endif
@ -2464,7 +2467,7 @@ enum KeyUpdateRequest {
enum SetCBIO {
WOLFSSL_CBIO_NONE = 0,
WOLFSSL_CBIO_RECV = 0x1,
WOLFSSL_CBIO_SEND = 0x2,
WOLFSSL_CBIO_SEND = 0x2,
};
#endif
@ -4076,7 +4079,7 @@ WOLFSSL_LOCAL int wolfSSL_GetMaxRecordSize(WOLFSSL* ssl, int maxFragment);
#ifdef WC_RSA_PSS
WOLFSSL_LOCAL int CheckRsaPssPadding(const byte* plain, word32 plainSz,
byte* out, word32 sigSz, enum wc_HashType hashType);
WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo,
WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo,
enum wc_HashType* hashType, int* mgf);
#endif
WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig,

56
wolfssl/wolfcrypt/settings.h
View File

@ -40,6 +40,9 @@
/* Uncomment next line if using Micrium uC/OS-III */
/* #define MICRIUM */
/* Uncomment next line if using Deos RTOS*/
/* #define WOLFSSL_DEOS*/
/* Uncomment next line if using Mbed */
/* #define MBED */
@ -854,12 +857,6 @@ extern void uITRON4_free(void *p) ;
#endif /* FREESCALE_KSDK_MQX */
#if defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
/* Allows use of DH with fixed points if uncommented and NO_DH is removed */
/* WOLFSSL_DH_CONST */
#define NO_FILESYSTEM
#define WOLFSSL_CRYPT_HW_MUTEX 1
@ -1155,6 +1152,53 @@ extern void uITRON4_free(void *p) ;
#endif
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
#ifdef WOLFSSL_DEOS
#include <deos.h>
#include <timeout.h>
#include <socketapi.h>
#include <lwip-socket.h>
#include <mem.h>
#include <string.h>
#include <stdlib.h> /* for rand_r: pseudo-random number generator */
#include <stdio.h> /* for snprintf */
/* use external memory XMALLOC, XFREE and XREALLOC functions */
#define XMALLOC_USER
/* disable fall-back case, malloc, realloc and free are unavailable */
#define WOLFSSL_NO_MALLOC
#define NO_FILESYSTEM
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define HAVE_HASHDRBG
#define HAVE_ECC
#define ALT_ECC_SIZE
#define TFM_ECC192
#define TFM_ECC224
#define TFM_ECC256
#define TFM_ECC384
#define TFM_ECC521
#define NO_RC4
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_EXTENDED_MASTER
#define NO_WOLFSSL_DIR
#define NO_WRITEV
#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
#define BIG_ENDIAN_ORDER
#else
#undef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#endif /* WOLFSSL_DEOS*/
#ifdef MICRIUM
#include <stdlib.h>

6
wolfssl/wolfcrypt/types.h
View File

@ -355,7 +355,11 @@
!defined(WOLFSSL_SGX)
#include <strings.h>
#endif
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#if defined(WOLFSSL_DEOS)
#define XSTRNCASECMP(s1,s2,n) strnicmp((s1),(s2),(n))
#else
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
#endif
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when

15
wolfssl/wolfcrypt/wc_port.h
View File

@ -64,6 +64,8 @@
#endif
#include <tx_api.h>
#endif
#elif defined(WOLFSSL_DEOS)
#include "mutexapi.h"
#elif defined(MICRIUM)
/* do nothing, just don't pick Unix */
#elif defined(FREERTOS) || defined(FREERTOS_TCP) || defined(WOLFSSL_SAFERTOS)
@ -145,6 +147,8 @@
typedef pthread_mutex_t wolfSSL_Mutex;
#elif defined(THREADX)
typedef TX_MUTEX wolfSSL_Mutex;
#elif defined(WOLFSSL_DEOS)
typedef mutex_handle_t wolfSSL_Mutex;
#elif defined(MICRIUM)
typedef OS_MUTEX wolfSSL_Mutex;
#elif defined(EBSNET)
@ -273,6 +277,11 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XSEEK_END IO_SEEK_END
#define XBADFILE NULL
#define XFGETS fgets
#elif defined(WOLFSSL_DEOS)
#define NO_FILESYSTEM
#warning "TODO - DDC-I Certifiable Fast File System for Deos is not integrated"
//#define XFILE bfd *
#elif defined(MICRIUM)
#include <fs_api.h>
#define XFILE FS_FILE*
@ -415,6 +424,12 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XTIME(tl) (0)
#define XGMTIME(c, t) rtpsys_gmtime((c))
#elif defined(WOLFSSL_DEOS)
#define XTIME(t1) deos_time((t1))
#define WOLFSSL_GMTIME
#define USE_WOLF_TM
#define USE_WOLF_TIME_T
#elif defined(MICRIUM)
#include <clk.h>
#include <time.h>

17
wolfssl/wolfio.h
View File

@ -20,7 +20,7 @@
*/
/*!
\file wolfssl/wolfio.h
\file wolfssl/wolfio.h
*/
#ifndef WOLFSSL_IO_H
@ -112,6 +112,10 @@
#include <errno.h>
#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP)
#include <mn_socket/mn_socket.h>
#elif defined(WOLFSSL_DEOS)
#include <socketapi.h>
#include <lwip-socket.h>
#include <errno.h>
#elif !defined(WOLFSSL_NO_SOCK)
#include <sys/types.h>
#include <errno.h>
@ -214,6 +218,14 @@
#define SOCKET_EPIPE NU_NOT_CONNECTED
#define SOCKET_ECONNREFUSED NU_CONNECTION_REFUSED
#define SOCKET_ECONNABORTED NU_NOT_CONNECTED
#elif defined(WOLFSSL_DEOS)
#define SOCKET_EWOULDBLOCK EAGAIN
#define SOCKET_EAGAIN EAGAIN
#define SOCKET_ECONNRESET EINTR
#define SOCKET_EINTR EINTR
#define SOCKET_EPIPE EPIPE
#define SOCKET_ECONNREFUSED SOCKET_ERROR
#define SOCKET_ECONNABORTED SOCKET_ERROR
#else
#define SOCKET_EWOULDBLOCK EWOULDBLOCK
#define SOCKET_EAGAIN EAGAIN
@ -224,9 +236,6 @@
#define SOCKET_ECONNABORTED ECONNABORTED
#endif /* USE_WINDOWS_API */
#ifdef DEVKITPRO
/* from network.h */
int net_send(int, const void*, int, unsigned int);