WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix for `srp_test_digest` return code checking. Added GCC-ARM TLS server example.

pull/4270/head
David Garske 2021-08-17 11:12:40 -07:00
parent 95178e3bdc
commit d6f5f815e1
6 changed files with 231 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
IDE/GCC-ARM/Makefile
View File

@ -1,6 +1,6 @@
BUILD_DIR = ./Build
all: WolfSSLStaticLib WolfCryptTest WolfCryptBench WolfSSLClient
all: WolfSSLStaticLib WolfCryptTest WolfCryptBench WolfSSLClient WolfSSLServer
WolfCryptTest:
$(MAKE) -f Makefile.test
@ -8,6 +8,8 @@ WolfCryptBench:
$(MAKE) -f Makefile.bench
WolfSSLClient:
$(MAKE) -f Makefile.client
WolfSSLServer:
$(MAKE) -f Makefile.server
WolfSSLStaticLib:
$(MAKE) -f Makefile.static

7
IDE/GCC-ARM/Makefile.server 100644
View File

@ -0,0 +1,7 @@
# Project name
BIN = WolfSSLServer
SRC_C = ./Source/tls_server.c
all: build_hex
include Makefile.common

2
IDE/GCC-ARM/Source/armtarget.c
View File

@ -71,7 +71,7 @@ void reset_handler(void)
/* Init heap */
__heap_start__[0] = 0;
__heap_start__[1] = ((uint32_t)__heap_end__ - (uint32_t)__heap_start__);
__heap_start__[1] = ((uintptr_t)__heap_end__ - (uintptr_t)__heap_start__);
#endif /* USE_WOLF_ARM_STARTUP */
/* Start main */

22
IDE/GCC-ARM/Source/tls_client.c
View File

@ -23,7 +23,7 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef WOLFCRYPT_ONLY
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_WOLFSSL_CLIENT)
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/logging.h>
@ -100,11 +100,11 @@ static int tls_client(void)
/*---------------------*/
/* for no peer auth: */
/*---------------------*/
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
/*---------------------*/
/* end peer auth option*/
/*---------------------*/
if ((ret = wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-ECDSA-AES128-SHA256")) != SSL_SUCCESS) {
if ((ret = wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-ECDSA-AES128-SHA256")) != WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx);
printf("CTXset_cipher_list failed, error: %d\n", ret);
goto fail;
@ -123,14 +123,14 @@ static int tls_client(void)
}
/* non blocking accept and connect */
ret = SSL_FAILURE;
ret = WOLFSSL_FAILURE;
while (ret != SSL_SUCCESS) {
while (ret != WOLFSSL_SUCCESS) {
/* client connect */
ret = wolfSSL_connect(ssl);
error = wolfSSL_get_error(ssl, 0);
if (ret != SSL_SUCCESS) {
if (error != SSL_ERROR_WANT_READ && error != SSL_ERROR_WANT_WRITE) {
if (ret != WOLFSSL_SUCCESS) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Fail */
printf("wolfSSL connect failed with return code %d\n", error);
goto fail;
@ -146,7 +146,7 @@ static int tls_client(void)
ret = wolfSSL_write(ssl, msg, msgSz);
error = wolfSSL_get_error(ssl, 0);
if (ret != msgSz) {
if (error != SSL_ERROR_WANT_READ && error != SSL_ERROR_WANT_WRITE) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Write failed */
goto fail;
}
@ -159,7 +159,7 @@ static int tls_client(void)
ret = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
error = wolfSSL_get_error(ssl, 0);
if (ret < 0) {
if (error != SSL_ERROR_WANT_READ && error != SSL_ERROR_WANT_WRITE) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Can put print here, the server enters a loop waiting to read
* a confirmation message at this point */
// printf("client read failed\n");
@ -186,14 +186,14 @@ fail:
return -1;
}
#endif
#endif /* !WOLFCRYPT_ONLY && !NO_WOLFSSL_CLIENT */
int main(void)
{
int ret;
#ifndef WOLFCRYPT_ONLY
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_WOLFSSL_CLIENT)
wolfSSL_Init();
ret = tls_client();

206
IDE/GCC-ARM/Source/tls_server.c 100644
View File

@ -0,0 +1,206 @@
/* tls_server.c
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_WOLFSSL_SERVER)
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <stdio.h>
#define MAXSZ 1024
/*------------------------------------------------------------------------*/
/* TLS SERVER */
/*------------------------------------------------------------------------*/
static int CbIORecv(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int ret = WOLFSSL_CBIO_ERR_GENERAL;
(void)ssl;
(void)ctx;
/* TODO: Exchange data over your own transport */
#warning TODO: Implement your own recv data transport
#if 0
ret = usart_read_buffer_wait(&cdc_uart_module, buf, sz);
if (ret == STATUS_ERR_TIMEOUT)
return WOLFSSL_CBIO_ERR_WANT_READ;
return (ret == STATUS_OK) ? sz : WOLFSSL_CBIO_ERR_GENERAL;
#else
return ret;
#endif
}
static int CbIOSend(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int ret = WOLFSSL_CBIO_ERR_GENERAL;
(void)ssl;
(void)ctx;
/* TODO: Exchange data over your own transport */
#warning TODO: Implement your own send data transport
#if 0
ret = usart_write_buffer_wait(&cdc_uart_module, buf, sz);
if (ret == STATUS_ERR_TIMEOUT)
return WOLFSSL_CBIO_ERR_WANT_WRITE;
return (ret == STATUS_OK) ? sz : WOLFSSL_CBIO_ERR_GENERAL;
#else
return ret;
#endif
}
static int tls_server(void)
{
char reply[MAXSZ];
int ret, error;
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) {
printf("CTXnew failed.\n");
goto fail;
}
/*------------------------------------------------------------------------*/
/* ECDHE-ECDSA */
/*------------------------------------------------------------------------*/
/*--------------------*/
/* for peer auth use: */
/*--------------------*/
// wolfSSL_CTX_load_verify_buffer(ctx, rsa_key_der_1024,
// sizeof_rsa_key_der_1024, SSL_FILETYPE_ASN1);
// wolfSSL_CTX_load_verify_buffer(ctx, server_cert_der_1024,
// sizeof_server_cert_der_1024, SSL_FILETYPE_ASN1);
/*---------------------*/
/* for no peer auth: */
/*---------------------*/
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
/*---------------------*/
/* end peer auth option*/
/*---------------------*/
if ((ret = wolfSSL_CTX_set_cipher_list(ctx, "ECDHE-ECDSA-AES128-SHA256")) != WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx);
printf("CTXset_cipher_list failed, error: %d\n", ret);
goto fail;
}
/*------------------------------------------------------------------------*/
/* END CIPHER SUITE OPTIONS */
/*------------------------------------------------------------------------*/
wolfSSL_CTX_SetIORecv(ctx, CbIORecv);
wolfSSL_CTX_SetIOSend(ctx, CbIOSend);
if ((ssl = wolfSSL_new(ctx)) == NULL) {
error = wolfSSL_get_error(ssl, 0);
printf("wolfSSL_new failed %d\n", error);
wolfSSL_CTX_free(ctx);
return -1;
}
/* non blocking accept and connect */
ret = WOLFSSL_FAILURE;
while (ret != WOLFSSL_SUCCESS) {
/* server accept */
ret = wolfSSL_accept(ssl);
error = wolfSSL_get_error(ssl, 0);
if (ret != WOLFSSL_SUCCESS) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Fail */
printf("wolfSSL accept failed with return code %d\n", error);
goto fail;
}
}
/* Success */
}
/* read and write */
while (1) {
/* server read */
ret = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
error = wolfSSL_get_error(ssl, 0);
if (ret < 0) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Can put print here, the server enters a loop waiting to read
* a confirmation message at this point */
// printf("server read failed\n");
goto fail;
}
continue;
}
else {
/* Can put print here, the server enters a loop waiting to read
* a confirmation message at this point */
reply[ret] = '\0';
// printf("Server Received Reply: %s\n", reply);
break;
}
}
while (1) {
/* server write / echo */
ret = wolfSSL_write(ssl, reply, XSTRLEN(reply));
error = wolfSSL_get_error(ssl, 0);
if (ret != XSTRLEN(reply)) {
if (error != WOLFSSL_ERROR_WANT_READ && error != WOLFSSL_ERROR_WANT_WRITE) {
/* Write failed */
goto fail;
}
}
/* Write succeeded */
break;
}
return 0;
fail:
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
return -1;
}
#endif /* !WOLFCRYPT_ONLY && !NO_WOLFSSL_SERVER */
int main(void)
{
int ret;
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_WOLFSSL_SERVER)
wolfSSL_Init();
ret = tls_server();
wolfSSL_Cleanup();
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}

6
wolfcrypt/test/test.c
View File

@ -17331,17 +17331,17 @@ WOLFSSL_TEST_SUBROUTINE int srp_test(void)
return ret;
#endif
#ifndef NO_SHA256
srp_test_digest(SRP_TYPE_SHA256);
ret = srp_test_digest(SRP_TYPE_SHA256);
if (ret != 0)
return ret;
#endif
#ifdef WOLFSSL_SHA384
srp_test_digest(SRP_TYPE_SHA384);
ret = srp_test_digest(SRP_TYPE_SHA384);
if (ret != 0)
return ret;
#endif
#ifdef WOLFSSL_SHA512
srp_test_digest(SRP_TYPE_SHA512);
ret = srp_test_digest(SRP_TYPE_SHA512);
if (ret != 0)
return ret;
#endif