diff --git a/IDE/ECLIPSE/MICRIUM/client_wolfssl.c b/IDE/ECLIPSE/MICRIUM/client_wolfssl.c new file mode 100644 index 000000000..a4b7ea5bb --- /dev/null +++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.c @@ -0,0 +1,253 @@ +#include +#include +#include +#include +#include +#include + +#include +#include "client_wolfssl.h" + +/* 172.217.3.174 is the IP address of https://www.google.com */ +#define TCP_SERVER_IP_ADDR "172.217.3.174" +#define TCP_SERVER_DOMAIN_NAME "www.google.com" +#define TCP_SERVER_PORT 443 + +#define TX_BUF_SIZE 64 +#define RX_BUF_SIZE 1024 + +#define TX_MSG "GET /index.html HTTP/1.0\r\n\r\n" +#define TX_MSG_SIZE sizeof(TX_MSG) + +const CPU_CHAR google_certs_ca[]="\n\ +## Google Internet Authority G3 \n\ +-----BEGIN CERTIFICATE-----\n\ +MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\ +HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\ +U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\ +MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\ +U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\ +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\ +XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\ +71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\ +RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\ +ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\ +kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\ +AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\ +AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\ +Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\ +MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\ +b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\ +cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\ +aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\ +HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\ +ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\ +wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\ +FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\ +7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\ +c7o835DLAFshEWfC7TIe3g==\n\ +-----END CERTIFICATE-----\n\ +## Google Trust Services- GlobalSign Root CA-R2\n\ +-----BEGIN CERTIFICATE-----\n\ +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\ +A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\ +Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\ +MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\ +A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\ +hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\ +v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\ +eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\ +tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\ +C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\ +zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\ +mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\ +V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\ +bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\ +3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\ +J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\ +291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\ +ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\ +AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\ +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\ +-----END CERTIFICATE-----\n\ +"; + +int wolfssl_client_test(void) { + NET_ERR err; + NET_SOCK_ID sock; + NET_IPv4_ADDR server_ip_addr; + NET_SOCK_ADDR_IPv4 server_addr; + CPU_CHAR rx_buf[RX_BUF_SIZE]; + CPU_CHAR tx_buf[TX_BUF_SIZE]; + OS_ERR os_err; + int ret = 0, error = 0; + + WOLFSSL* ssl; + WOLFSSL_CTX* ctx; + + /* wolfSSL INIT and CTX SETUP */ + + wolfSSL_Init(); + wolfSSL_Debugging_ON(); + + /* SET UP NETWORK SOCKET */ + + APP_TRACE_INFO(("Opening a network socket...\r\n")); + + sock = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4, + NET_SOCK_TYPE_STREAM, + NET_SOCK_PROTOCOL_TCP, + &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err)); + return -1; + } + +#ifdef NET_SECURE_MODULE_EN + APP_TRACE_INFO(("Setting the socket as secure...\r\n")); + + (void)NetSock_CfgSecure(sock, + DEF_YES, + &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_CfgSecure, err = %d\r\n", (int) err)); + NetSock_Close(sock, &err); + return -1; + } + + APP_TRACE_INFO(("Configure the common name of the server...\r\n")); + (void)NetSock_CfgSecureClientCommonName(sock, + TCP_SERVER_DOMAIN_NAME, + &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_CfgSecureClientCommonName, err = %d\r\n", (int) err)); + NetSock_Close(sock, &err); + return -1; + } + +#endif /* NET_SECURE_MODULE_EN */ + + APP_TRACE_INFO(("Calling NetASCII_Str_to_IPv4...\r\n")); + server_ip_addr = NetASCII_Str_to_IPv4(TCP_SERVER_IP_ADDR, &err); + if (err != NET_ASCII_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetASCII_Str_to_IPv4, err = %d\r\n", (int) err)); + NetSock_Close(sock, &err); + return -1; + } + + APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n")); + + Mem_Clr((void *) &server_addr, (CPU_SIZE_T) sizeof(server_addr)); + + APP_TRACE_INFO(("Setting server IP address: %s, port: %d\r\n", + TCP_SERVER_IP_ADDR, TCP_SERVER_PORT)); + + server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4; + server_addr.Addr = NET_UTIL_HOST_TO_NET_32(server_ip_addr); + server_addr.Port = NET_UTIL_HOST_TO_NET_16(TCP_SERVER_PORT); + + /* CONNECT SOCKET */ + + APP_TRACE_INFO(("Calling NetSock_Conn on socket\r\n")); + NetSock_Conn((NET_SOCK_ID) sock, + (NET_SOCK_ADDR *) &server_addr, + (NET_SOCK_ADDR_LEN) sizeof(server_addr), + (NET_ERR*) &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Conn, err = %d\r\n", (int) err)); + NetSock_Close(sock, &err); + return -1; + } + + ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + if (ctx == 0) { + APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n")); + NetSock_Close(sock, &err); + return -1; + } + + APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n")); + + wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); + + ret = wolfSSL_CTX_load_verify_buffer(ctx, + google_certs_ca, + sizeof(google_certs_ca), + SSL_FILETYPE_PEM); + + if (ret != SSL_SUCCESS) { + APP_TRACE_INFO(("ERROR: wolfSSL_CTX_load_verify_buffer() failed\r\n")); + NetSock_Close(sock, &err); + wolfSSL_CTX_free(ctx); + return -1; + } + + if ((ssl = wolfSSL_new(ctx)) == NULL) { + APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n")); + NetSock_Close(sock, &err); + wolfSSL_CTX_free(ctx); + return -1; + } + + APP_TRACE_INFO(("wolfSSL_new done\r\n")); + ret = wolfSSL_set_fd(ssl, sock); + if (ret != SSL_SUCCESS) { + APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n")); + NetSock_Close(sock, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + APP_TRACE_INFO(("wolfSSL_set_fd done\r\n")); + do { + error = 0; /* reset error */ + ret = wolfSSL_connect(ssl); + if (ret != SSL_SUCCESS) { + error = wolfSSL_get_error(ssl, 0); + APP_TRACE_INFO( + ("ERROR: wolfSSL_connect() failed, err = %d\r\n", error)); + if (error != SSL_ERROR_WANT_READ) { + NetSock_Close(sock, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err); + } + } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ)); + + APP_TRACE_INFO(("wolfSSL_connect() ok... sending GET\r\n")); + Str_Copy_N(tx_buf, TX_MSG, TX_MSG_SIZE); + if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) { + error = wolfSSL_get_error(ssl, 0); + APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error)); + NetSock_Close(sock, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + do { + error = 0; /* reset error */ + ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1); + if (ret < 0) { + error = wolfSSL_get_error(ssl, 0); + if (error != SSL_ERROR_WANT_READ) { + APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error)); + NetSock_Close(sock, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err); + } else if (ret > 0) { + rx_buf[ret] = 0; + APP_TRACE_INFO(("%s\r\n", rx_buf)); + } + } while (error == SSL_ERROR_WANT_READ); + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); + NetSock_Close(sock, &err); + return 0; +} diff --git a/IDE/ECLIPSE/MICRIUM/client_wolfssl.h b/IDE/ECLIPSE/MICRIUM/client_wolfssl.h new file mode 100644 index 000000000..d7231ef19 --- /dev/null +++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.h @@ -0,0 +1,35 @@ +/* client_wolfssl.h + * + * Copyright (C) 2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef __CLIENT_WOLFSSL_H__ +#define __CLIENT_WOLFSSL_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +int wolfssl_client_test(void); + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* CLIENT_WOLFSSL_H */ diff --git a/IDE/ECLIPSE/MICRIUM/server_wolfssl.c b/IDE/ECLIPSE/MICRIUM/server_wolfssl.c new file mode 100644 index 000000000..ad490cf15 --- /dev/null +++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.c @@ -0,0 +1,306 @@ +#include +#include +#include +#include +/* APP_TRACE_INFO*/ +#include + +#include "wolfssl/ssl.h" +#include "server_wolfssl.h" + +#define TLS_SERVER_PORT 11111 +#define TX_BUF_SIZE 64 +#define RX_BUF_SIZE 1024 +#define TCP_SERVER_CONN_Q_SIZE 1 + +static const unsigned char server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10, + 0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, + 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, + 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, + 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, + 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, + 0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37, + 0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32, + 0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, + 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, + 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, + 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, + 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, + 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C, + 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, + 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3, + 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, + 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, + 0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF, + 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, + 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF, + 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, + 0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81, + 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, + 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, + 0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, + 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, + 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, + 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6, + 0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D, + 0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87, + 0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE, + 0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9, + 0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7, + 0xBD, 0x62, 0xC9, 0x20 }; + +static const unsigned char ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01, + 0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38, + 0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04, + 0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44, + 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, + 0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, + 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, + 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, + 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, + 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 }; + + +int wolfssl_server_test(void) +{ + NET_ERR err; + NET_SOCK_ID sock_listen; + NET_SOCK_ID sock_req; + NET_SOCK_ADDR_IPv4 server_addr; + NET_SOCK_ADDR_LEN server_addr_len; + NET_SOCK_ADDR_IPv4 client_sock_addr_ip; + NET_SOCK_ADDR_LEN client_sock_addr_ip_size; + CPU_CHAR rx_buf[RX_BUF_SIZE]; + CPU_CHAR tx_buf[TX_BUF_SIZE]; + CPU_BOOLEAN attempt_conn; + OS_ERR os_err; + WOLFSSL * ssl; + WOLFSSL_CTX * ctx; + int tx_buf_sz = 0, ret = 0, error = 0; + + /* SET UP NETWORK SOCKET */ + + APP_TRACE_INFO(("Opening network socket...\r\n")); + sock_listen = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4, + NET_SOCK_TYPE_STREAM, + NET_SOCK_PROTOCOL_TCP, + &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err)); + return -1; + } + + APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n")); + server_addr_len = sizeof(server_addr); + Mem_Clr((void *) &server_addr, (CPU_SIZE_T) server_addr_len); + + APP_TRACE_INFO(("Setting up server_addr struct\r\n")); + server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4; + server_addr.Addr = NET_UTIL_HOST_TO_NET_32(NET_SOCK_ADDR_IP_V4_WILDCARD); + server_addr.Port = NET_UTIL_HOST_TO_NET_16(TLS_SERVER_PORT); + + NetSock_Bind((NET_SOCK_ID) sock_listen, + (NET_SOCK_ADDR*) &server_addr, + (NET_SOCK_ADDR_LEN) NET_SOCK_ADDR_SIZE, + (NET_ERR*) &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Bind, err = %d\r\n", (int) err)); + NetSock_Close(sock_listen, &err); + return -1; + } + + /* set up wolfSSL lib and CTX */ + /* wolfSSL_Debugging_ON(); */ + + wolfSSL_Init(); + ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); + if (ctx == 0) { + APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n")); + NetSock_Close(sock_listen, &err); + return -1; + } + APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n")); + + ret = wolfSSL_CTX_use_certificate_buffer(ctx, + server_ecc_der_256, + sizeof(server_ecc_der_256), + SSL_FILETYPE_ASN1); + if (ret != SSL_SUCCESS) { + APP_TRACE_INFO( + ("ERROR: wolfSSL_CTX_use_certificate_buffer() failed\r\n")); + NetSock_Close(sock_listen, &err); + wolfSSL_CTX_free(ctx); + return -1; + } + ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, + ecc_key_der_256, + sizeof(ecc_key_der_256), + SSL_FILETYPE_ASN1); + if (ret != SSL_SUCCESS) { + APP_TRACE_INFO( + ("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\r\n")); + NetSock_Close(sock_listen, &err); + wolfSSL_CTX_free(ctx); + return -1; + } + /* accept client socket connections */ + + APP_TRACE_INFO(("Listening for client connection\r\n")); + + NetSock_Listen(sock_listen, TCP_SERVER_CONN_Q_SIZE, &err); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Listen, err = %d\r\n", (int) err)); + NetSock_Close(sock_listen, &err); + return -1; + } + do { + client_sock_addr_ip_size = sizeof(client_sock_addr_ip); + sock_req = NetSock_Accept((NET_SOCK_ID) sock_listen, + (NET_SOCK_ADDR*) &client_sock_addr_ip, + (NET_SOCK_ADDR_LEN*) &client_sock_addr_ip_size, + (NET_ERR*) &err); + switch (err) { + case NET_SOCK_ERR_NONE: + attempt_conn = DEF_NO; + break; + case NET_ERR_INIT_INCOMPLETE: + case NET_SOCK_ERR_NULL_PTR: + case NET_SOCK_ERR_NONE_AVAIL: + case NET_SOCK_ERR_CONN_ACCEPT_Q_NONE_AVAIL: + attempt_conn = DEF_YES; + break; + case NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT: + APP_TRACE_INFO( + ("NetSockAccept err = NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT\r\n")); + attempt_conn = DEF_YES; + break; + default: + attempt_conn = DEF_NO; + break; + } + } while (attempt_conn == DEF_YES); + if (err != NET_SOCK_ERR_NONE) { + APP_TRACE_INFO(("ERROR: NetSock_Accept, err = %d\r\n", (int) err)); + NetSock_Close(sock_listen, &err); + return -1; + } + + APP_TRACE_INFO(("Got client connection! Starting TLS negotiation\r\n")); + /* set up wolfSSL session */ + if ((ssl = wolfSSL_new(ctx)) == NULL) { + APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n")); + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + wolfSSL_CTX_free(ctx); + return -1; + } + + APP_TRACE_INFO(("wolfSSL_new done\r\n")); + ret = wolfSSL_set_fd(ssl, sock_req); + if (ret != SSL_SUCCESS) { + APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n")); + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + + APP_TRACE_INFO(("wolfSSL_set_fd done\r\n")); + do { + error = 0; /* reset error */ + if (ret != SSL_SUCCESS) { + error = wolfSSL_get_error(ssl, 0); + APP_TRACE_INFO( + ("ERROR: wolfSSL_accept() failed, err = %d\r\n", error)); + if (error != SSL_ERROR_WANT_READ) { + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + OSTimeDlyHMSM(0u, 0u, 0u, 500u, OS_OPT_TIME_HMSM_STRICT, &os_err); + } + } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ)); + + APP_TRACE_INFO(("wolfSSL_accept() ok...\r\n")); + + /* read client data */ + + error = 0; + Mem_Set(rx_buf, 0, RX_BUF_SIZE); + ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1); + if (ret < 0) { + error = wolfSSL_get_error(ssl, 0); + if (error != SSL_ERROR_WANT_READ) { + APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error)); + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + } + + APP_TRACE_INFO(("AFTER wolfSSL_read() call, ret = %d\r\n", ret)); + if (ret > 0) { + rx_buf[ret] = 0; + APP_TRACE_INFO(("Client sent: %s\r\n", rx_buf)); + } + /* write response to client */ + Mem_Set(tx_buf, 0, TX_BUF_SIZE); + tx_buf_sz = 22; + Str_Copy_N(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz); + if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) { + error = wolfSSL_get_error(ssl, 0); + APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error)); + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + return -1; + } + ret = wolfSSL_shutdown(ssl); + if (ret == SSL_SHUTDOWN_NOT_DONE) + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + wolfSSL_Cleanup(); + NetSock_Close(sock_req, &err); + NetSock_Close(sock_listen, &err); + return 0; +} diff --git a/IDE/ECLIPSE/MICRIUM/server_wolfssl.h b/IDE/ECLIPSE/MICRIUM/server_wolfssl.h new file mode 100644 index 000000000..538ae2f75 --- /dev/null +++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.h @@ -0,0 +1,35 @@ +/* server_wolfssl.h + * + * Copyright (C) 2018 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef __SERVER_WOLFSSL_H__ +#define __SERVER_WOLFSSL_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +int wolfssl_server_test(void); + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* SERVER_WOLFSSL_H */ diff --git a/IDE/ECLIPSE/MICRIUM/user_settings.h b/IDE/ECLIPSE/MICRIUM/user_settings.h new file mode 100644 index 000000000..45063c96d --- /dev/null +++ b/IDE/ECLIPSE/MICRIUM/user_settings.h @@ -0,0 +1,45 @@ +#ifndef MICRIUM_USER_SETTINGS_H_ +#define MICRIUM_USER_SETTINGS_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#define MICRIUM + +#define WOLFSSL_MICRIUM_3_0 + +/*for test.h to include platform dependent socket related header files.*/ +#define USE_WINDOWS_API + +#define SIZEOF_LONG_LONG 8 + +#define NO_FILESYSTEM + +#define NO_MAIN_DRIVER + +#define NO_TESTSUITE_MAIN_DRIVER + +// wolfSSL_dtls_get_current_timeout is called from MicriumReceiveFrom +#define WOLFSSL_DTLS + +/* include certificate test buffers via header files */ +#define USE_CERT_BUFFERS_2048 + +/*use kB instead of mB for embedded benchmarking*/ +#define BENCH_EMBEDDED + +#define NO_ECC_VECTOR_TEST + +#define NO_WRITE_TEMP_FILES + +// no pow, no math.h +#define WOLFSSL_DH_CONST + +#define XSNPRINTF snprintf + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index c03c797ce..aa201af06 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -210,7 +210,9 @@ void WOLFSSL_TIME(int count) /* Declare sprintf for ocall */ int sprintf(char* buf, const char *fmt, ...); #elif defined(MICRIUM) - #include + #if (BSP_SER_COMM_EN == DEF_ENABLED) + #include + #endif #elif defined(WOLFSSL_USER_LOG) /* user includes their own headers */ #else @@ -234,7 +236,11 @@ static void wolfssl_log(const int logLevel, const char *const logMessage) #elif defined(THREADX) && !defined(THREADX_NO_DC_PRINTF) dc_log_printf("%s\n", logMessage); #elif defined(MICRIUM) - BSP_Ser_Printf("%s\r\n", logMessage); + #if (BSP_SER_COMM_EN == DEF_ENABLED) + BSP_Ser_Printf("%s\r\n", logMessage); + #else + printf("%s\r\n", logMessage); + #endif #elif defined(WOLFSSL_MDK_ARM) fflush(stdout) ; printf("%s\n", logMessage); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index d01a5e20b..3a9ec6805 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -202,10 +202,12 @@ #ifdef MICRIUM +#if (BSP_SER_COMM_EN == DEF_ENABLED) #include void BSP_Ser_Printf (CPU_CHAR* format, ...); #undef printf #define printf BSP_Ser_Printf +#endif #elif defined(WOLFSSL_PB) #include int wolfssl_pb_print(const char*, ...); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 06d010761..f3144d4e0 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1022,7 +1022,7 @@ extern void uITRON4_free(void *p) ; #define HAVE_ECC224 #undef NO_ECC256 #define HAVE_ECC384 - #endif + #endif #endif #endif #endif @@ -1161,8 +1161,9 @@ extern void uITRON4_free(void *p) ; #define CUSTOM_RAND_TYPE RAND_NBR #define CUSTOM_RAND_GENERATE Math_Rand #endif - - #define WOLFSSL_TYPES + #ifndef WOLFSSL_MICRIUM_3_0 + #define WOLFSSL_TYPES + #endif typedef CPU_INT08U byte; typedef CPU_INT16U word16; typedef CPU_INT32U word32; @@ -1374,7 +1375,7 @@ extern void uITRON4_free(void *p) ; #if !defined(HAVE_FIPS) && !defined(NO_RSA) #define WC_RSA_BLINDING #endif - + #define NO_FILESYSTEM #define ECC_TIMING_RESISTANT #define TFM_TIMING_RESISTANT