From e98a0465ae8c333485a2c99cb4a5e39e1ded2cd1 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 13 Mar 2017 09:48:55 -0700 Subject: [PATCH] tenAsys INtime RTOS port. Porting complete for mutex semaphores, threading, file, socket and RNG. Added projects for libwolfssl and wolfExamples. The wolfExamples project includes examples for wolfCrypt Test/Benchmark and wolfSSL TLS client/server. Provided reference user_settings.h with comments and enable/disable gates. Added README.md with overview and instructions. Fixed issue building master with NO_WOLFSSL_DIR defined. Added check if old TLS is enabled that SHA and MD5 are enabled. Cleanup of the wolfCrypt test use of USE_CERT_BUFFERS with file system enabled. --- .gitignore | 1 + IDE/INTIME-RTOS/README.md | 53 ++ IDE/INTIME-RTOS/include.am | 13 + IDE/INTIME-RTOS/libwolfssl.c | 20 + IDE/INTIME-RTOS/libwolfssl.vcxproj | 225 +++++ IDE/INTIME-RTOS/user_settings.h | 506 +++++++++++ IDE/INTIME-RTOS/wolfExamples.c | 619 +++++++++++++ IDE/INTIME-RTOS/wolfExamples.h | 47 + IDE/INTIME-RTOS/wolfExamples.sln | 43 + IDE/INTIME-RTOS/wolfExamples.vcxproj | 100 +++ IDE/include.am | 1 + cyassl/ctaocrypt/settings.h | 2 +- gencertbuf.pl | 1 + src/io.c | 9 + src/ssl.c | 4 + src/tls.c | 6 +- wolfcrypt/benchmark/benchmark.c | 2 +- wolfcrypt/src/fe_low_mem.c | 18 +- wolfcrypt/src/fe_operations.c | 4 +- wolfcrypt/src/ge_operations.c | 132 +-- wolfcrypt/src/poly1305.c | 4 +- wolfcrypt/src/random.c | 18 + wolfcrypt/src/wc_port.c | 1206 ++++++++++++++------------ wolfcrypt/test/test.c | 518 ++++++----- wolfssl/certs_test.h | 126 +++ wolfssl/internal.h | 2 + wolfssl/wolfcrypt/fe_operations.h | 4 +- wolfssl/wolfcrypt/settings.h | 18 +- wolfssl/wolfcrypt/types.h | 13 +- wolfssl/wolfcrypt/wc_port.h | 22 +- 30 files changed, 2844 insertions(+), 893 deletions(-) create mode 100755 IDE/INTIME-RTOS/README.md create mode 100644 IDE/INTIME-RTOS/include.am create mode 100755 IDE/INTIME-RTOS/libwolfssl.c create mode 100755 IDE/INTIME-RTOS/libwolfssl.vcxproj create mode 100755 IDE/INTIME-RTOS/user_settings.h create mode 100755 IDE/INTIME-RTOS/wolfExamples.c create mode 100755 IDE/INTIME-RTOS/wolfExamples.h create mode 100755 IDE/INTIME-RTOS/wolfExamples.sln create mode 100755 IDE/INTIME-RTOS/wolfExamples.vcxproj mode change 100644 => 100755 wolfcrypt/src/fe_operations.c mode change 100644 => 100755 wolfcrypt/src/wc_port.c mode change 100644 => 100755 wolfssl/internal.h diff --git a/.gitignore b/.gitignore index cd9de3c0f..f1fd0c9c9 100644 --- a/.gitignore +++ b/.gitignore @@ -190,3 +190,4 @@ wrapper/CSharp/x64/ # Visual Studio Code Workspace Files *.vscode +IDE/INTIME-RTOS/Debug_* diff --git a/IDE/INTIME-RTOS/README.md b/IDE/INTIME-RTOS/README.md new file mode 100755 index 000000000..21e137adf --- /dev/null +++ b/IDE/INTIME-RTOS/README.md @@ -0,0 +1,53 @@ +# tenAsys INtime RTOS Port + +## Overview + +This port is for the tenAsys INtime RTOS available [here](http://www.tenasys.com/tenasys-products/intime-rtos-family/overview-rtos). + +To enable use the define `INTIME_RTOS`. + +## Usage + +The wolfExamples.sln is a Visual Studio 2015 project. You must have the INtime SDK installed and an INtime RTOS agent running. + +The default configuration is set inside the `IDE/INTIME-RTOS/user_settings.h` file. + +The example application provides a simple menu interface to select difference application functions to test. + +``` +wolfExamples started +wolfExamples finished initialization + + MENU + + t. WolfCrypt Test + b. WolfCrypt Benchmark + c. WolfSSL Client Example + s. WolfSSL Server Example + l. WolfSSL Localhost Client/Server Example +Please select one of the above options: +``` + +### `t`wolfCrypt Test + +Performs testing of all crypto algorithms. + +### `b` wolfCrypt Benchmark + +Performs benchmark of crypto algorithms. + +### `c` wolfSSL Client + +To configure the host address and port modify the `TLS_HOST_REMOTE` and `TLS_PORT` macros at top of `wolfExamples.c`. This example uses TLS 1.2 to connect to a remote host. + +### `s` wolfSSL Server + +To configure the port to listen on modify `TLS_PORT` at top of `wolfExamples.c`. + +### `l` wolfSSL Localhost Server/Client + +Starts a TLS server thread listening on localhost. Starts the TLS client and performs connect, exchanges some data and disconnects. + +## References + +For more information please contact info@wolfssl.com. diff --git a/IDE/INTIME-RTOS/include.am b/IDE/INTIME-RTOS/include.am new file mode 100644 index 000000000..5828c76ec --- /dev/null +++ b/IDE/INTIME-RTOS/include.am @@ -0,0 +1,13 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +EXTRA_DIST += \ + IDE/INTIME-RTOS/README.md \ + IDE/INTIME-RTOS/user_settings.h \ + IDE/INTIME-RTOS/libwolfssl.c \ + IDE/INTIME-RTOS/libwolfssl.vcxproj \ + IDE/INTIME-RTOS/wolfExamples.c \ + IDE/INTIME-RTOS/wolfExamples.h \ + IDE/INTIME-RTOS/wolfExamples.vcxproj \ + IDE/INTIME-RTOS/wolfExamples.sln diff --git a/IDE/INTIME-RTOS/libwolfssl.c b/IDE/INTIME-RTOS/libwolfssl.c new file mode 100755 index 000000000..94d39bb24 --- /dev/null +++ b/IDE/INTIME-RTOS/libwolfssl.c @@ -0,0 +1,20 @@ +// libwolfssl.c +// Defines the entry point for the DLL application + +#include + +BOOLEAN __stdcall RslMain( RTHANDLE hModule, + DWORD ul_reason_for_call, + LPVOID lpReserved + ) +{ + switch (ul_reason_for_call) { + case RSL_PROCESS_ATTACH: + case RSL_THREAD_ATTACH: + case RSL_THREAD_DETACH: + case RSL_PROCESS_DETACH: + break; + } + + return TRUE; +} diff --git a/IDE/INTIME-RTOS/libwolfssl.vcxproj b/IDE/INTIME-RTOS/libwolfssl.vcxproj new file mode 100755 index 000000000..155da63aa --- /dev/null +++ b/IDE/INTIME-RTOS/libwolfssl.vcxproj @@ -0,0 +1,225 @@ + + + + + Debug + INtime + + + Release + INtime + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {1731767D-573F-45C9-A466-191DA0D180CF} + 8.1 + + + + StaticLibrary + NotSet + v140 + + + StaticLibrary + false + NotSet + v140 + + + + + + + + + + + + $(Configuration)_$(ProjectName)\ + + + $(Configuration)_$(ProjectName)\ + + + + + + 21076.20052 + /SAFESEH:NO %(AdditionalOptions) + rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib + $(SolutionDir)$(Configuration)\\libwolfssl.rsl + + + Async + _USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions) + $(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories) + $(IntDir) + $(IntDir) + $(IntDir) + $(IntDir)vc$(PlatformToolsetVersion).pdb + + + + + + + 21076.20052 + /SAFESEH:NO %(AdditionalOptions) + rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib + $(SolutionDir)$(Configuration)\\libwolfssl.rsl + + + Async + _USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions) + $(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories) + $(IntDir) + $(IntDir) + $(IntDir) + $(IntDir)vc$(PlatformToolsetVersion).pdb + + + + + + diff --git a/IDE/INTIME-RTOS/user_settings.h b/IDE/INTIME-RTOS/user_settings.h new file mode 100755 index 000000000..14e78cc89 --- /dev/null +++ b/IDE/INTIME-RTOS/user_settings.h @@ -0,0 +1,506 @@ +/* Example custom user settings for wolfSSL and INtime RTOS port */ + +#ifndef WOLFSSL_USER_SETTINGS_H +#define WOLFSSL_USER_SETTINGS_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* ------------------------------------------------------------------------- */ +/* Port - Platform */ +/* ------------------------------------------------------------------------- */ +#undef INTIME_RTOS +#define INTIME_RTOS + +#undef INTIME_RTOS_MUTEX_MAX +#define INTIME_RTOS_MUTEX_MAX 10 + +#undef WOLF_EXAMPLES_STACK +#define WOLF_EXAMPLES_STACK 131072 + +#undef WOLFSSL_GENERAL_ALIGNMENT +#define WOLFSSL_GENERAL_ALIGNMENT 4 + +/* platform already has min()/max() */ +#undef WOLFSSL_HAVE_MIN +#define WOLFSSL_HAVE_MIN +#undef WOLFSSL_HAVE_MAX +#define WOLFSSL_HAVE_MAX + +/* disable directory support */ +#undef NO_WOLFSSL_DIR +#define NO_WOLFSSL_DIR + +#undef NO_WRITEV +#define NO_WRITEV + +#undef NO_MAIN_DRIVER +#define NO_MAIN_DRIVER + +/* if using in single threaded mode */ +#undef SINGLE_THREADED +//#define SINGLE_THREADED + +/* reduces stack usage, by using malloc/free for stack variables over 100 bytes */ +#undef WOLFSSL_SMALL_STACK +//#define WOLFSSL_SMALL_STACK + + +/* ------------------------------------------------------------------------- */ +/* Math Configuration */ +/* ------------------------------------------------------------------------- */ +/* fast math uses stack and inline assembly to speed up math */ +#undef USE_FAST_MATH +#define USE_FAST_MATH + +#ifdef USE_FAST_MATH + /* timing resistance for side-channel attack protection */ + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + + +/* ------------------------------------------------------------------------- */ +/* Crypto */ +/* ------------------------------------------------------------------------- */ +/* ECC */ +#if 1 + #undef HAVE_ECC + #define HAVE_ECC + + /* Support for custom curves */ + #define WOLFSSL_CUSTOM_CURVES + + /* Curve types */ + //#define NO_ECC_SECP + #define HAVE_ECC_SECPR2 + #define HAVE_ECC_SECPR3 + #define HAVE_ECC_BRAINPOOL + #define HAVE_ECC_KOBLITZ + + /* Curve sizes */ + #undef HAVE_ALL_CURVES + //#define HAVE_ALL_CURVES + #ifndef HAVE_ALL_CURVES + #undef ECC_USER_CURVES + #define ECC_USER_CURVES + #define HAVE_ECC192 + #define HAVE_ECC224 + //#define NO_ECC256 + #define HAVE_ECC384 + #define HAVE_ECC521 + #endif + + /* Fixed point cache (speeds repeated operations against same private key) */ + #undef FP_ECC + #define FP_ECC + #ifdef FP_ECC + /* Bits / Entries */ + #undef FP_ENTRIES + #define FP_ENTRIES 2 + #undef FP_LUT + #define FP_LUT 4 + #endif + + /* Optional ECC calculation method */ + /* Note: doubles heap usage, but slightly faster */ + #undef ECC_SHAMIR + #define ECC_SHAMIR + + /* Reduces heap usage, but slower */ + /* timing resistance for side-channel attack protection */ + #undef ECC_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + + #ifdef USE_FAST_MATH + /* use reduced size math buffers for ecc points */ + #undef ALT_ECC_SIZE + #define ALT_ECC_SIZE + + /* Enable TFM optimizations for ECC */ + #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) + #define TFM_ECC192 + #endif + #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES) + #define TFM_ECC224 + #endif + #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) + #define TFM_ECC256 + #endif + #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES) + #define TFM_ECC384 + #endif + #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES) + #define TFM_ECC521 + #endif + #endif +#endif + +/* RSA */ +#undef NO_RSA +#if 1 + #ifdef USE_FAST_MATH + /* Maximum math bits (Max RSA key bits * 2) */ + #undef FP_MAX_BITS + #define FP_MAX_BITS 4096 + #endif + + /* half as much memory but twice as slow */ + #undef RSA_LOW_MEM + //#define RSA_LOW_MEM + + /* RSA blinding countermeasures */ + #undef WC_RSA_BLINDING + #define WC_RSA_BLINDING +#else + #define NO_RSA +#endif + +/* AES */ +#undef NO_AES +#if 1 + #undef HAVE_AESGCM + #define HAVE_AESGCM + + #ifdef HAVE_AESGCM + /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */ + //#define GCM_SMALL + #define GCM_TABLE + #endif + + #undef WOLFSSL_AES_COUNTER + #define WOLFSSL_AES_COUNTER + + #undef HAVE_AESCCM + #define HAVE_AESCCM + + #undef WOLFSSL_AES_DIRECT + #define WOLFSSL_AES_DIRECT + + #undef HAVE_AES_KEYWRAP + #define HAVE_AES_KEYWRAP +#else + #define NO_AES +#endif + +/* ChaCha20 / Poly1305 */ +#undef HAVE_CHACHA +#undef HAVE_POLY1305 +#if 1 + #define HAVE_CHACHA + #define HAVE_POLY1305 + + /* Needed for Poly1305 */ + #undef HAVE_ONE_TIME_AUTH + #define HAVE_ONE_TIME_AUTH +#endif + +/* Ed25519 / Curve25519 */ +#undef HAVE_CURVE25519 +#undef HAVE_ED25519 +#if 1 + #define HAVE_CURVE25519 + #define HAVE_ED25519 + + /* Optionally use small math (less flash usage, but much slower) */ + #if 0 + #define CURVED25519_SMALL + #endif +#endif + + +/* ------------------------------------------------------------------------- */ +/* Hashing */ +/* ------------------------------------------------------------------------- */ +/* Sha */ +#undef NO_SHA +#if 1 + /* 1k smaller, but 25% slower */ + //#define USE_SLOW_SHA +#else + #define NO_SHA +#endif + +/* Sha256 */ +#undef NO_SHA256 +#if 1 +#else + #define NO_SHA256 +#endif + +/* Sha512 */ +#undef WOLFSSL_SHA512 +#if 1 + #define WOLFSSL_SHA512 + + /* Sha384 */ + #undef WOLFSSL_SHA384 + #if 1 + #define WOLFSSL_SHA384 + #endif + + /* over twice as small, but 50% slower */ + //#define USE_SLOW_SHA2 +#endif + +/* MD5 */ +#undef NO_MD5 +#if 1 +#else + #define NO_MD5 +#endif + + +/* ------------------------------------------------------------------------- */ +/* Enable Features */ +/* ------------------------------------------------------------------------- */ +#undef KEEP_PEER_CERT +#define KEEP_PEER_CERT + +#undef HAVE_COMP_KEY +#define HAVE_COMP_KEY + +#undef HAVE_ECC_ENCRYPT +#define HAVE_ECC_ENCRYPT + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef WOLFSSL_DTLS +#define WOLFSSL_DTLS + +#undef OPENSSL_EXTRA +#define OPENSSL_EXTRA + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef HAVE_HKDF +#define HAVE_HKDF + +#undef WOLFSSL_CMAC +#define WOLFSSL_CMAC + +#undef WOLFSSL_KEY_GEN +#define WOLFSSL_KEY_GEN + +#undef WOLFSSL_CERT_GEN +#define WOLFSSL_CERT_GEN + +#undef WOLFSSL_CERT_REQ +#define WOLFSSL_CERT_REQ + +#undef WOLFSSL_CERT_EXT +#define WOLFSSL_CERT_EXT + +#undef HAVE_PK_CALLBACKS +#define HAVE_PK_CALLBACKS + +#undef HAVE_ALPN +#define HAVE_ALPN + +#undef HAVE_SNI +#define HAVE_SNI + +#undef HAVE_MAX_FRAGMENT +#define HAVE_MAX_FRAGMENT + +#undef HAVE_TRUNCATED_HMAC +#define HAVE_TRUNCATED_HMAC + +#undef SESSION_CERTS +#define SESSION_CERTS + +#undef HAVE_SESSION_TICKET +#define HAVE_SESSION_TICKET + +#undef WOLFCRYPT_HAVE_SRP +#define WOLFCRYPT_HAVE_SRP + +#undef WOLFSSL_HAVE_CERT_SERVICE +#define WOLFSSL_HAVE_CERT_SERVICE + +#undef HAVE_PKCS7 +#define HAVE_PKCS7 + +#undef HAVE_X963_KDF +#define HAVE_X963_KDF + +#undef WOLFSSL_HAVE_WOLFSCEP +#define WOLFSSL_HAVE_WOLFSCEP + +#undef WOLFSSL_ALWAYS_KEEP_SNI +#define WOLFSSL_ALWAYS_KEEP_SNI + +#undef WOLFSSL_ALWAYS_VERIFY_CB +#define WOLFSSL_ALWAYS_VERIFY_CB + +#undef WOLFSSL_SEP +#define WOLFSSL_SEP + +#undef ATOMIC_USER +#define ATOMIC_USER + +#undef HAVE_OCSP +#define HAVE_OCSP + +#undef HAVE_CERTIFICATE_STATUS_REQUEST +#define HAVE_CERTIFICATE_STATUS_REQUEST + +#undef HAVE_CERTIFICATE_STATUS_REQUEST_V2 +#define HAVE_CERTIFICATE_STATUS_REQUEST_V2 + +#undef HAVE_CRL +#define HAVE_CRL + +#undef PERSIST_CERT_CACHE +//#define PERSIST_CERT_CACHE + +#undef PERSIST_SESSION_CACHE +//#define PERSIST_SESSION_CACHE + +#undef WOLFSSL_DER_LOAD +//#define WOLFSSL_DER_LOAD + +#undef WOLFSSL_DES_ECB +//#define WOLFSSL_DES_ECB + +#undef HAVE_CAMELLIA +//#define HAVE_CAMELLIA + +#undef HAVE_NULL_CIPHER +//#define HAVE_NULL_CIPHER + +#undef WOLFSSL_RIPEMD +//#define WOLFSSL_RIPEMD + + +/* TLS Session Cache */ +#if 1 + #define SMALL_SESSION_CACHE + //#define MEDIUM_SESSION_CACHE + //#define BIG_SESSION_CACHE + //#define HUGE_SESSION_CACHE +#else + #define NO_SESSION_CACHE +#endif + + +/* ------------------------------------------------------------------------- */ +/* Disable Features */ +/* ------------------------------------------------------------------------- */ +#undef NO_WOLFSSL_SERVER +//#define NO_WOLFSSL_SERVER + +#undef NO_WOLFSSL_CLIENT +//#define NO_WOLFSSL_CLIENT + +/* disables TLS 1.0/1.1 support */ +#undef NO_OLD_TLS +//#define NO_OLD_TLS + +/* disable access to filesystem */ +#undef NO_FILESYSTEM +//#define NO_FILESYSTEM + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef NO_MD4 +#define NO_MD4 + +/* Pre-shared keys */ +#undef NO_PSK +//#define NO_PSK + +#undef NO_DSA +//#define NO_DSA + +#undef NO_DH +//#define NO_DH + +#undef NO_DES3 +//#define NO_DES3 + +#undef NO_PWDBASED +//#define NO_PWDBASED + +/* encoding/decoding support */ +#undef NO_CODING +//#define NO_CODING + +/* memory wrappers and memory callbacks */ +#undef NO_WOLFSSL_MEMORY +//#define NO_WOLFSSL_MEMORY + +/* In-lining of misc.c functions */ +/* If defined, must include wolfcrypt/src/misc.c in build */ +/* Slower, but about 1k smaller */ +#undef NO_INLINE +//#define NO_INLINE + + + +/* ------------------------------------------------------------------------- */ +/* Benchmark / Test */ +/* ------------------------------------------------------------------------- */ +#undef NO_CRYPT_TEST +//#define NO_CRYPT_TEST + +#undef NO_CRYPT_BENCHMARK +//#define NO_CRYPT_BENCHMARK + +/* Use reduced benchmark / test sizes */ +#undef BENCH_EMBEDDED +#define BENCH_EMBEDDED + +#undef USE_CERT_BUFFERS_2048 +#define USE_CERT_BUFFERS_2048 + +#undef USE_CERT_BUFFERS_256 +#define USE_CERT_BUFFERS_256 + + + +/* ------------------------------------------------------------------------- */ +/* Debugging */ +/* ------------------------------------------------------------------------- */ +#undef WOLFSSL_DEBUG +#define WOLFSSL_DEBUG +#ifdef WOLFSSL_DEBUG + /* Use this to measure / print heap usage */ + #if 0 + #undef USE_WOLFSSL_MEMORY + #define USE_WOLFSSL_MEMORY + + #undef WOLFSSL_TRACK_MEMORY + #define WOLFSSL_TRACK_MEMORY + #endif + + /* Math debugging (adds support for mp_dump) */ + #undef WOLFSSL_DEBUG_MATH + //#define WOLFSSL_DEBUG_MATH +#else + #undef NO_ERROR_STRINGS + //#define NO_ERROR_STRINGS +#endif + + +#ifdef __cplusplus +} +#endif + +#endif /* WOLFSSL_USER_SETTINGS_H */ diff --git a/IDE/INTIME-RTOS/wolfExamples.c b/IDE/INTIME-RTOS/wolfExamples.c new file mode 100755 index 000000000..fdea5eb68 --- /dev/null +++ b/IDE/INTIME-RTOS/wolfExamples.c @@ -0,0 +1,619 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "wolfExamples.h" +#include +#include +#include +#include +#include + + +/***************************************************************************** + * Globals + ****************************************************************************/ +RTHANDLE hRootProcess; +DWORD dwKtickInUsecs; +INIT_STRUCT gInit; +static int gServerExit = 0; +static int gServerReady = 0; + +static const char menu1[] = "\r\n" + "\tt. WolfCrypt Test\r\n" + "\tb. WolfCrypt Benchmark\r\n" + "\tc. WolfSSL Client Example\r\n" + "\ts. WolfSSL Server Example\r\n" + "\tl. WolfSSL Localhost Client/Server Example\r\n"; + + +/***************************************************************************** + * Configuration + ****************************************************************************/ + +#define TLS_MAXDATASIZE 4096 /* maximum acceptable amount of data */ +#define TLS_PORT 11111 /* define default port number */ +#define TLS_HOST_LOCAL "127.0.0.1" +#define TLS_HOST_REMOTE "192.168.0.112" +#define SOCK_MAX_PENDING 5 +#define THREAD_BASE_PRIO 150 + + +/***************************************************************************** + * TLS Client + ****************************************************************************/ +int wolfExample_TLSClient(const char* ip, int port) +{ + int ret = 0; + WOLFSSL_CTX* ctx = NULL; + WOLFSSL* ssl = NULL; /* create WOLFSSL object */ + int sockFd = -1; /* socket file descriptor */ + struct sockaddr_in servAddr; /* struct for server address */ + char sendBuff[TLS_MAXDATASIZE], rcvBuff[TLS_MAXDATASIZE]; + + /* wait for server to be ready */ + while (gServerReady != 1) { + RtSleep(0); + } + + sockFd = socket(AF_INET, SOCK_STREAM, 0); + if (sockFd < 0) { + printf("Failed to create socket. Error: %d\n", errno); + return errno; + } + + memset(&servAddr, 0, sizeof(servAddr)); /* clears memory block for use */ + servAddr.sin_family = AF_INET; /* sets addressfamily to internet*/ + servAddr.sin_port = htons(port); /* sets port to defined port */ + + /* looks for the server at the entered address (ip in the command line) */ + if (inet_pton(AF_INET, ip, &servAddr.sin_addr) < 1) { + /* checks validity of address */ + ret = errno; + printf("Invalid Address. Error: %d\n", ret); + goto exit; + } + + if (connect(sockFd, (struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) { + /* if socket fails to connect to the server*/ + ret = errno; + printf("Connect error. Error: %d\n", ret); + goto exit; + } + + /* create and initialize WOLFSSL_CTX structure */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { + printf("SSL_CTX_new error.\n"); + goto exit; + } + + /* load CA certificates into wolfSSL_CTX. which will verify the server */ + ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048, + sizeof_ca_cert_der_2048, SSL_FILETYPE_ASN1); + if (ret != SSL_SUCCESS) { + printf("Error %d loading CA cert\n", ret); + goto exit; + } + if ((ssl = wolfSSL_new(ctx)) == NULL) { + printf("wolfSSL_new error.\n"); + goto exit; + } + wolfSSL_set_fd(ssl, sockFd); + + ret = wolfSSL_connect(ssl); + if (ret == SSL_SUCCESS) { + printf("Message for server:\t"); + fgets(sendBuff, TLS_MAXDATASIZE, stdin); + + if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) { + /* the message is not able to send, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Write error: Error: %d\n", ret); + goto exit; + } + + memset(rcvBuff, 0, TLS_MAXDATASIZE); + if (wolfSSL_read(ssl, rcvBuff, TLS_MAXDATASIZE) < 0) { + /* the server failed to send data, or error trying */ + ret = wolfSSL_get_error(ssl, 0); + printf("Read error. Error: %d\n", ret); + goto exit; + } + printf("Recieved: \t%s\n", rcvBuff); + } + +exit: + /* frees all data before client termination */ + if (sockFd != -1) + close(sockFd); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + gServerExit = 1; + + return ret; +} + +/***************************************************************************** + * TLS Server + ****************************************************************************/ +int wolfExample_TLSServer(int port) +{ + int ret = 0; + WOLFSSL_CTX* ctx = NULL; + WOLFSSL* ssl = NULL; + int sockFd = -1, clientFd = -1; + struct sockaddr_in serverAddr = {0}, clientAddr = {0}; + const char reply[] = "I hear ya fa shizzle!\n"; + int addrSize = sizeof(clientAddr); + char buff[256]; + + sockFd = socket(AF_INET, SOCK_STREAM, 0); + if (sockFd < 0) { + printf("Failed to create socket. Error: %d\n", errno); + return errno; + } + + /* create and initialize WOLFSSL_CTX structure */ + if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) { + fprintf(stderr, "wolfSSL_CTX_new error.\n"); + goto exit; + } + + /* Load server certificate into WOLFSSL_CTX */ + ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048, + sizeof_server_cert_der_2048, SSL_FILETYPE_ASN1); + if (ret != SSL_SUCCESS) { + fprintf(stderr, "Error %d loading server-cert!\n", ret); + goto exit; + } + + /* Load server key into WOLFSSL_CTX */ + ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048, + sizeof_server_key_der_2048, SSL_FILETYPE_ASN1); + if (ret != SSL_SUCCESS) { + fprintf(stderr, "Error %d loading server-key!\n", ret); + goto exit; + } + + /* Initialize the server address struct to zero */ + memset((char *)&serverAddr, 0, sizeof(serverAddr)); + + /* Fill the server's address family */ + serverAddr.sin_family = AF_INET; + serverAddr.sin_addr.s_addr = INADDR_ANY; + serverAddr.sin_port = htons(port); + + /* Attach the server socket to our port */ + if (bind(sockFd, (struct sockaddr *)&serverAddr, sizeof(serverAddr)) < 0) { + printf("ERROR: failed to bind\n"); + goto exit; + } + + printf("Waiting for a connection...\n"); + gServerReady = 1; + + /* Continuously accept connects while not in an active connection */ + while (gServerExit == 0) { + /* listen for a new connection */ + ret = listen(sockFd, SOCK_MAX_PENDING); + if (ret == 0) { + /* Wait until a client connects */ + clientFd = accept(sockFd, (struct sockaddr*)&clientAddr, &addrSize); + + /* If fails to connect, loop back up and wait for a new connection */ + if (clientFd == -1) { + printf("failed to accept the connection..\n"); + } + /* If it connects, read in and reply to the client */ + else { + printf("Client connected successfully\n"); + + ssl = wolfSSL_new(ctx); + if (ssl == NULL) { + fprintf(stderr, "wolfSSL_new error.\n"); + break; + } + + /* direct our ssl to our clients connection */ + wolfSSL_set_fd(ssl, clientFd); + + printf("Using Non-Blocking I/O: %d\n", + wolfSSL_get_using_nonblock(ssl)); + + for ( ; ; ) { + /* Clear the buffer memory for anything possibly left over */ + memset(&buff, 0, sizeof(buff)); + + /* Read the client data into our buff array */ + ret = wolfSSL_read(ssl, buff, sizeof(buff) - 1); + if (ret > 0) { + /* Print any data the client sends to the console */ + printf("Client: %s\n", buff); + + /* Reply back to the client */ + ret = wolfSSL_write(ssl, reply, sizeof(reply) - 1); + if (ret < 0) { + printf("wolfSSL_write error = %d\n", + wolfSSL_get_error(ssl, ret)); + gServerExit = 1; + break; + } + } + /* if the client disconnects break the loop */ + else { + if (ret < 0) + printf("wolfSSL_read error = %d\n", + wolfSSL_get_error(ssl, ret)); + else if (ret == 0) + printf("The client has closed the connection.\n"); + gServerExit = 1; + break; + } + } + wolfSSL_free(ssl); /* Free the WOLFSSL object */ + ssl = NULL; + } + close(clientFd); /* close the connected socket */ + clientFd = -1; + } + } /* while */ + +exit: + if (clientFd != -1) + close(clientFd); + if (sockFd != -1) + close(sockFd); + wolfSSL_free(ssl); /* Free the WOLFSSL object */ + wolfSSL_CTX_free(ctx); /* Free WOLFSSL_CTX */ + + return ret; +} + +/***************************************************************************** + * TLS Local Test + ****************************************************************************/ +static void wolfSSLLocalServerThread(void* param) +{ + int port = (int)((int*)param); + wolfExample_TLSServer(port); +} + +int wolfExample_TLSLocal(int port) +{ + int ret; + RTHANDLE srvHandle; + + /* start server thread */ + srvHandle = CreateRtThread(THREAD_BASE_PRIO + 10, + (LPPROC)wolfSSLLocalServerThread, WOLF_EXAMPLES_STACK, (void*)port); + if (srvHandle == BAD_RTHANDLE) { + Fail("Cannot create server thread"); + return -1; + } + + /* run client */ + ret = wolfExample_TLSClient(TLS_HOST_LOCAL, port); + + return ret; +} + + +/***************************************************************************** + * Thread + memset(&args, 0, sizeof(args)); + ****************************************************************************/ +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +static void wolfExampleThread(void* param) +{ + func_args args; + +#ifdef DEBUG_WOLFSSL + wolfSSL_Debugging_ON(); +#endif + + /* initialize wolfSSL */ + wolfSSL_Init(); + + while (1) { + char rc; + + gServerExit = 0; + gServerReady = 0; + + printf("\r\n\t\t\t\tMENU\r\n"); + printf(menu1); + printf("Please select one of the above options: "); + + rc = getchar(); + switch (rc) { + case 't': + printf("\nCrypt Test\n"); + wolfcrypt_test(&args); + printf("Crypt Test: Return code %d\n", args.return_code); + break; + + case 'b': + printf("\nBenchmark Test\n"); + benchmark_test(&args); + printf("Benchmark Test: Return code %d\n", args.return_code); + break; + + case 'c': + wolfExample_TLSClient(TLS_HOST_REMOTE, TLS_PORT); + break; + + case 's': + wolfExample_TLSServer(TLS_PORT); + break; + + case 'l': + wolfExample_TLSLocal(TLS_PORT); + break; + + // All other cases go here + default: + if (rc != '\r' && rc != '\n') + printf("\r\nSelection %c out of range\r\n", rc); + break; + } + } + + wolfSSL_Cleanup(); +} + + +/***************************************************************************** +* FUNCTION: Catalog +* +* PARAMETERS: 1. handle of the process whose object directory must be used +* 2. the object whose handle must be cataloged +* 3. the name to be used (upto 14 characters) +* +* RETURNS: TRUE on success +* +* DESCRIPTION: If the given name already exists, +* and the existing name refers to a non-existing object, +* then the existing name is removed before cataloging. +\*****************************************************************************/ +BOOLEAN Catalog( + RTHANDLE hProcess, + RTHANDLE hObject, + LPSTR lpszName) +{ + RTHANDLE hOld; + + if (CatalogRtHandle(hProcess, hObject, lpszName)) + return TRUE; + + // something wrong: check for the case mentioned above + if (((hOld = LookupRtHandle(hProcess, lpszName, NO_WAIT)) != BAD_RTHANDLE) && + (GetRtHandleType(hOld) == INVALID_TYPE)) + { + // this is the case mentioned above: remove the old entry and try again + if (UncatalogRtHandle(hProcess, lpszName)) + return (CatalogRtHandle(hProcess, hObject, lpszName)); + } + return FALSE; +} + +/***************************************************************************** +* FUNCTION: Cleanup (local function) +* +* DESCRIPTION: +* Tell threads to delete themselves and wait a while; +* if any thread still exists, kill it. +* Remove all other objects as far as they have been created. +\*****************************************************************************/ +void Cleanup(void) +{ + // indicate that we are cleaning up + gInit.state = CLEANUP_BUSY; + gInit.bShutdown = TRUE; + +#ifdef _DEBUG + fprintf(stderr, "wolfExamples started cleaning up\n"); +#endif + + // remove our name from the root process + if (gInit.bCataloged) { + if (!UncatalogRtHandle(hRootProcess, "wolfExample")) + Fail("Cannot remove my own name"); + } + +#ifdef _DEBUG + fprintf(stderr, "wolfExamples finished cleaning up\n"); +#endif + + // lie down + exit(0); +} + +/***************************************************************************** +* FUNCTION: Fail +* +* PARAMETERS: same parameters as expected by printf +* +* DESCRIPTION: +* If in debug mode, prints the message, appending a new line and the error number. +* Then the current process is killed graciously: +* If the current thread is the main thread, this is done directly. +* if the current thread is another one, a terminate request is sent and +* the function returns to the calling thread. +\*****************************************************************************/ +void Fail(LPSTR lpszMessage, ...) +{ + EXCEPTION eh; + RTHANDLE hDelMbx; + DWORD dwTerminate; + +#ifdef _DEBUG + va_list ap; + + va_start(ap, lpszMessage); + vfprintf(stderr, lpszMessage, ap); + va_end(ap); + fprintf(stderr, "\nError nr=%x %s\n", GetLastRtError(), GetRtErrorText(GetLastRtError())); +#endif + + // make sure that exceptions are returned for inline handling + GetRtExceptionHandlerInfo(THREAD_HANDLER, &eh); + eh.ExceptionMode = 0; + SetRtExceptionHandler(&eh); + + // if we had not started initializing yet, just get out + if (BEFORE_INIT == gInit.state) + exit(0); + + if (gInit.hMain == GetRtThreadHandles(THIS_THREAD)) + { + // this is the main thread: + // if we are busy initializing, then do Cleanup + if (INIT_BUSY == gInit.state) + Cleanup(); // does not return + + // this is the main thread, but we are not initializing: just return + return; + } + + // this is not the main thread: + // ask main thread to do cleanup + // (allow some time to setup the deletion mailbox, ignore errors) + hDelMbx = LookupRtHandle(NULL_RTHANDLE, "R?EXIT_MBOX", 5000); + dwTerminate = TERMINATE; + SendRtData(hDelMbx, &dwTerminate, 4); +} + +/***************************************************************************** +* +* FUNCTION: UsecsToKticks +* +* PARAMETERS: 1. number of usecs +* +* RETURNS: number of low level ticks +* +* DESCRIPTION: returns the parameter if it is WAIT_FOREVER +* otherwise rounds up to number of low level ticks +\*****************************************************************************/ +DWORD UsecsToKticks(DWORD dwUsecs) +{ + if (dwUsecs == WAIT_FOREVER) + return WAIT_FOREVER; + + return (dwUsecs + dwKtickInUsecs - 1) / dwKtickInUsecs; +} + + +/***************************************************************************** +* FUNCTION: main +* +* DESCRIPTION: +* This is the main program module. +* It creates global objects and all threads. +* The main thread then waits for notifications and acts accordingly +\*****************************************************************************/ +int main(int argc, char* argv[]) +{ + SYSINFO sysinfo; + EVENTINFO eiEventInfo; + RTHANDLE taskHandle; + +#ifdef _DEBUG + fprintf(stderr, "wolfExamples started\n"); +#endif + + // obtain handle of root process (cannot fail) + hRootProcess = GetRtThreadHandles(ROOT_PROCESS); + + // initialize the structure for cleaning up + memset(&gInit, 0, sizeof(gInit)); + gInit.state = BEFORE_INIT; + + // get low level tick length in usecs + if (!CopyRtSystemInfo(&sysinfo)) + Fail("Cannot copy system info"); + dwKtickInUsecs = 10000 / sysinfo.KernelTickRatio; + if (dwKtickInUsecs == 0) + Fail("Invalid low level tick length"); + + // adjust process max priority (ignore error) + // TODO adjust the 2nd parameter to a value closer to zero if you want to allow more priorities + SetRtProcessMaxPriority(NULL_RTHANDLE, THREAD_BASE_PRIO); + + // obtain main thread's handle + gInit.hMain = GetRtThreadHandles(THIS_THREAD); + gInit.state = INIT_BUSY; + + // attempt to catalog the thread but ignore error + Catalog(NULL_RTHANDLE, gInit.hMain, "TMain"); + + // catalog the handle of this process in the root process + if (!Catalog(hRootProcess, GetRtThreadHandles(THIS_PROCESS), "wolfExample")) { + Fail("Cannot catalog process name"); + } + gInit.bCataloged = TRUE; + + // create thread + taskHandle = CreateRtThread(THREAD_BASE_PRIO + 20, + (LPPROC)wolfExampleThread, WOLF_EXAMPLES_STACK, 0); + if (taskHandle == BAD_RTHANDLE) { + Fail("Cannot create thread"); + } + + // indicate that initialization has finished + gInit.state = INIT_DONE; +#ifdef _DEBUG + fprintf(stderr, "wolfExamples finished initialization\n"); +#endif + + // wait for notifications + while (RtNotifyEvent(RT_SYSTEM_NOTIFICATIONS | RT_EXIT_NOTIFICATIONS, + WAIT_FOREVER, &eiEventInfo)) + { + switch(eiEventInfo.dwNotifyType) + { + case TERMINATE: + // TODO: this process should terminate + // cleanup the environment + Cleanup(); // does not return + + case NT_HOST_UP: + // TODO: react to a Windows host that has come back + break; + + case NT_BLUESCREEN: + // TODO: react to a Windows blue screen + break; + + case KERNEL_STOPPING: + // TODO: react to the INtime kernel stopping + break; + + case NT_HOST_HIBERNATE: + // TODO: react to the Windows host going in hibernation + break; + + case NT_HOST_STANDBY: + // TODO: react to the Windows host going in standby mode + break; + + case NT_HOST_SHUTDOWN_PENDING: + // TODO: react to a Windows host that is about to shutdown + break; + } + } + Fail("Notify failed"); + return 0; +} diff --git a/IDE/INTIME-RTOS/wolfExamples.h b/IDE/INTIME-RTOS/wolfExamples.h new file mode 100755 index 000000000..89ce77cda --- /dev/null +++ b/IDE/INTIME-RTOS/wolfExamples.h @@ -0,0 +1,47 @@ +#ifndef _WOLFEXAMPLES_H_ +#define _WOLFEXAMPLES_H_ + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +// support functions for all threads +BOOLEAN Catalog(RTHANDLE hProcess, RTHANDLE hObject, LPSTR lpszName); +void Cleanup(void); +void Fail(LPSTR lpszMessage, ...); +DWORD UsecsToKticks(DWORD dwUsecs); + + +/* Example API's */ +int wolfExample_TLSServer(int port); +int wolfExample_TLSClient(const char* ip, int port); +int wolfExample_TLSLocal(int port); + + +// global type definitions +typedef enum { + BEFORE_INIT, + INIT_BUSY, + INIT_DONE, + CLEANUP_BUSY +} INIT_STATE; + +typedef struct { + RTHANDLE hMain; // RTHANDLE of main thread + INIT_STATE state; // main thread state + BOOLEAN bCataloged; // TRUE if we cataloged process name in root + BOOLEAN bShutdown; // TRUE if all threads have to terminate +} INIT_STRUCT; + +// global variables +extern RTHANDLE hRootProcess; // RTHANDLE of root process +extern DWORD dwKtickInUsecs; // length of one low level tick in usecs +extern INIT_STRUCT gInit; // structure describing all global objects + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* _WOLFEXAMPLES_H_ */ diff --git a/IDE/INTIME-RTOS/wolfExamples.sln b/IDE/INTIME-RTOS/wolfExamples.sln new file mode 100755 index 000000000..81666bf8e --- /dev/null +++ b/IDE/INTIME-RTOS/wolfExamples.sln @@ -0,0 +1,43 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 14 +VisualStudioVersion = 14.0.23107.0 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wolfExamples", "wolfExamples.vcxproj", "{557A7EFD-2627-478A-A855-50F518DD13EE}" + ProjectSection(ProjectDependencies) = postProject + {1731767D-573F-45C9-A466-191DA0D180CF} = {1731767D-573F-45C9-A466-191DA0D180CF} + EndProjectSection +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libwolfssl", "libwolfssl.vcxproj", "{1731767D-573F-45C9-A466-191DA0D180CF}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|INtime = Debug|INtime + Release|INtime = Release|INtime + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {557A7EFD-2627-478A-A855-50F518DD13EE}.Debug|INtime.ActiveCfg = Debug|INtime + {557A7EFD-2627-478A-A855-50F518DD13EE}.Debug|INtime.Build.0 = Debug|INtime + {557A7EFD-2627-478A-A855-50F518DD13EE}.Release|INtime.ActiveCfg = Release|INtime + {557A7EFD-2627-478A-A855-50F518DD13EE}.Release|INtime.Build.0 = Release|INtime + {1731767D-573F-45C9-A466-191DA0D180CF}.Debug|INtime.ActiveCfg = Debug|INtime + {1731767D-573F-45C9-A466-191DA0D180CF}.Debug|INtime.Build.0 = Debug|INtime + {1731767D-573F-45C9-A466-191DA0D180CF}.Release|INtime.ActiveCfg = Release|INtime + {1731767D-573F-45C9-A466-191DA0D180CF}.Release|INtime.Build.0 = Release|INtime + {AA35919C-9D2D-4753-8FD1-E5D1644ABE65}.Debug|INtime.ActiveCfg = Debug|INtime + {AA35919C-9D2D-4753-8FD1-E5D1644ABE65}.Debug|INtime.Build.0 = Debug|INtime + {AA35919C-9D2D-4753-8FD1-E5D1644ABE65}.Release|INtime.ActiveCfg = Release|INtime + {AA35919C-9D2D-4753-8FD1-E5D1644ABE65}.Release|INtime.Build.0 = Release|INtime + {A7A65D11-2A66-4936-9476-16646CF896CA}.Debug|INtime.ActiveCfg = Debug|INtime + {A7A65D11-2A66-4936-9476-16646CF896CA}.Debug|INtime.Build.0 = Debug|INtime + {A7A65D11-2A66-4936-9476-16646CF896CA}.Release|INtime.ActiveCfg = Release|INtime + {A7A65D11-2A66-4936-9476-16646CF896CA}.Release|INtime.Build.0 = Release|INtime + {2359342B-C023-4443-8170-3471928C9334}.Debug|INtime.ActiveCfg = Debug|INtime + {2359342B-C023-4443-8170-3471928C9334}.Debug|INtime.Build.0 = Debug|INtime + {2359342B-C023-4443-8170-3471928C9334}.Release|INtime.ActiveCfg = Release|INtime + {2359342B-C023-4443-8170-3471928C9334}.Release|INtime.Build.0 = Release|INtime + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/IDE/INTIME-RTOS/wolfExamples.vcxproj b/IDE/INTIME-RTOS/wolfExamples.vcxproj new file mode 100755 index 000000000..81f82318e --- /dev/null +++ b/IDE/INTIME-RTOS/wolfExamples.vcxproj @@ -0,0 +1,100 @@ + + + + + Debug + INtime + + + Release + INtime + + + + + + + + + + + + + + + + {557A7EFD-2627-478A-A855-50F518DD13EE} + wolfExamples + 8.1 + + + + Application + NotSet + v140 + + + Application + false + NotSet + v140 + + + + + + + + + + + + $(Configuration)_$(ProjectName)\ + + + $(Configuration)_$(ProjectName)\ + + + + + + 21076.20053 + /SAFESEH:NO %(AdditionalOptions) + rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib;libwolfssl.lib + $(SolutionDir)$(Configuration)\\wolfExamples.rta + $(ProjectDir)$(Configuration);%(AdditionalLibraryDirectories) + + + Async + WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions) + $(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories) + $(IntDir) + $(IntDir) + $(IntDir)vc$(PlatformToolsetVersion).pdb + $(IntDir) + + + + + + + 21076.20053 + /SAFESEH:NO %(AdditionalOptions) + rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib;libwolfssl.lib + $(SolutionDir)$(Configuration)\\wolfExamples.rta + $(ProjectDir)$(Configuration);%(AdditionalLibraryDirectories) + + + Async + WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions) + $(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories) + $(IntDir) + $(IntDir) + $(IntDir)vc$(PlatformToolsetVersion).pdb + $(IntDir) + + + + + + diff --git a/IDE/include.am b/IDE/include.am index 96fa894d7..4a547bb16 100644 --- a/IDE/include.am +++ b/IDE/include.am @@ -8,5 +8,6 @@ include IDE/WIN-SGX/include.am include IDE/WORKBENCH/include.am include IDE/ROWLEY-CROSSWORKS-ARM/include.am include IDE/ARDUINO/include.am +include IDE/INTIME-RTOS/include.am EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index c12a962ff..4de8b13ca 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -246,7 +246,7 @@ /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ - && !defined(EBSNET) && !defined(CYASSL_EROAD) + && !defined(EBSNET) && !defined(CYASSL_EROAD) && !defined(INTIME_RTOS) #define USE_WINDOWS_API #endif diff --git a/gencertbuf.pl b/gencertbuf.pl index 09c6114c2..e7dc9f7d6 100755 --- a/gencertbuf.pl +++ b/gencertbuf.pl @@ -55,6 +55,7 @@ my @fileList_2048 = ( [ "./certs/dh2048.der", "dh_key_der_2048" ], [ "./certs/dsa2048.der", "dsa_key_der_2048" ], [ "./certs/rsa2048.der", "rsa_key_der_2048" ], + [ "./certs/ca-key.der", "ca_key_der_2048" ], [ "./certs/ca-cert.der", "ca_cert_der_2048" ], [ "./certs/server-key.der", "server_key_der_2048" ], [ "./certs/server-cert.der", "server_cert_der_2048" ] diff --git a/src/io.c b/src/io.c index 88aba2730..e90acb866 100644 --- a/src/io.c +++ b/src/io.c @@ -82,6 +82,15 @@ #include #elif defined(WOLFSSL_ATMEL) #include "socket/include/socket.h" + #elif defined(INTIME_RTOS) + #undef MIN + #undef MAX + #include + #include + #include + #include + #include + #include #else #include #include diff --git a/src/ssl.c b/src/ssl.c index e7f9cf4e6..1f94fc526 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5089,6 +5089,7 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file, ret = ProcessFile(ctx, file, SSL_FILETYPE_PEM, CA_TYPE, NULL, 0, NULL); if (ret == SSL_SUCCESS && path) { +#ifndef NO_WOLFSSL_DIR char* name = NULL; #ifdef WOLFSSL_SMALL_STACK ReadDirCtx* readCtx = NULL; @@ -5114,6 +5115,9 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file, #ifdef WOLFSSL_SMALL_STACK XFREE(readCtx, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif +#else + ret = NOT_COMPILED_IN; +#endif } return ret; diff --git a/src/tls.c b/src/tls.c index 501248c60..8c8437ae8 100755 --- a/src/tls.c +++ b/src/tls.c @@ -1390,7 +1390,7 @@ static word16 TLSX_SNI_GetSize(SNI* list) switch (sni->type) { case WOLFSSL_SNI_HOST_NAME: - length += XSTRLEN((char*)sni->data.host_name); + length += (word16)XSTRLEN((char*)sni->data.host_name); break; } } @@ -1412,7 +1412,7 @@ static word16 TLSX_SNI_Write(SNI* list, byte* output) switch (sni->type) { case WOLFSSL_SNI_HOST_NAME: - length = XSTRLEN((char*)sni->data.host_name); + length = (word16)XSTRLEN((char*)sni->data.host_name); c16toa(length, output + offset); /* sni length */ offset += OPAQUE16_LEN; @@ -1675,7 +1675,7 @@ word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, void** data) switch (sni->type) { case WOLFSSL_SNI_HOST_NAME: *data = sni->data.host_name; - return XSTRLEN((char*)*data); + return (word16)XSTRLEN((char*)*data); } } diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index c2696bc46..2bbdfdc44 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -2545,7 +2545,7 @@ void bench_ed25519KeySign(void) #endif /* HAVE_ED25519 */ -#ifdef _WIN32 +#if defined(_WIN32) && !defined(INTIME_RTOS) #define WIN32_LEAN_AND_MEAN #include diff --git a/wolfcrypt/src/fe_low_mem.c b/wolfcrypt/src/fe_low_mem.c index 9caffa81f..aa6a44996 100644 --- a/wolfcrypt/src/fe_low_mem.c +++ b/wolfcrypt/src/fe_low_mem.c @@ -183,7 +183,7 @@ static void raw_add(byte *x, const byte *p) for (i = 0; i < F25519_SIZE; i++) { c += ((word16)x[i]) + ((word16)p[i]); - x[i] = c; + x[i] = (byte)c; c >>= 8; } } @@ -197,11 +197,11 @@ static void raw_try_sub(byte *x, const byte *p) for (i = 0; i < F25519_SIZE; i++) { c = ((word16)x[i]) - ((word16)p[i]) - c; - minusp[i] = c; + minusp[i] = (byte)c; c = (c >> 8) & 1; } - fprime_select(x, minusp, x, c); + fprime_select(x, minusp, x, (byte)c); } @@ -271,7 +271,7 @@ void fprime_mul(byte *r, const byte *a, const byte *b, for (j = 0; j < F25519_SIZE; j++) { c |= ((word16)r[j]) << 1; - r[j] = c; + r[j] = (byte)c; c >>= 8; } raw_try_sub(r, modulus); @@ -310,7 +310,7 @@ void fe_normalize(byte *x) for (i = 0; i < F25519_SIZE; i++) { c += x[i]; - x[i] = c; + x[i] = (byte)c; c >>= 8; } @@ -322,12 +322,12 @@ void fe_normalize(byte *x) for (i = 0; i + 1 < F25519_SIZE; i++) { c += x[i]; - minusp[i] = c; + minusp[i] = (byte)c; c >>= 8; } c += ((word16)x[i]) - 128; - minusp[31] = c; + minusp[31] = (byte)c; /* Load x-p if no underflow */ fe_select(x, minusp, x, (c >> 15) & 1); @@ -355,7 +355,7 @@ void fe_add(fe r, const fe a, const fe b) for (i = 0; i < F25519_SIZE; i++) { c >>= 8; c += ((word16)a[i]) + ((word16)b[i]); - r[i] = c; + r[i] = (byte)c; } /* Reduce with 2^255 = 19 mod p */ @@ -364,7 +364,7 @@ void fe_add(fe r, const fe a, const fe b) for (i = 0; i < F25519_SIZE; i++) { c += r[i]; - r[i] = c; + r[i] = (byte)c; c >>= 8; } } diff --git a/wolfcrypt/src/fe_operations.c b/wolfcrypt/src/fe_operations.c old mode 100644 new mode 100755 index 9dfeab093..a47ff3cfb --- a/wolfcrypt/src/fe_operations.c +++ b/wolfcrypt/src/fe_operations.c @@ -942,7 +942,7 @@ replace (f,g) with (f,g) if b == 0. Preconditions: b in {0,1}. */ -void fe_cswap(fe f,fe g,unsigned int b) +void fe_cswap(fe f, fe g, int b) { int32_t f0 = f[0]; int32_t f1 = f[1]; @@ -1353,7 +1353,7 @@ replace (f,g) with (f,g) if b == 0. Preconditions: b in {0,1}. */ -void fe_cmov(fe f,const fe g,unsigned int b) +void fe_cmov(fe f, const fe g, int b) { int32_t f0 = f[0]; int32_t f1 = f[1]; diff --git a/wolfcrypt/src/ge_operations.c b/wolfcrypt/src/ge_operations.c index 99eaeb2dc..109b77c82 100644 --- a/wolfcrypt/src/ge_operations.c +++ b/wolfcrypt/src/ge_operations.c @@ -274,38 +274,38 @@ void sc_reduce(byte* s) carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21; carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21; - s[0] = s0 >> 0; - s[1] = s0 >> 8; - s[2] = (s0 >> 16) | (s1 << 5); - s[3] = s1 >> 3; - s[4] = s1 >> 11; - s[5] = (s1 >> 19) | (s2 << 2); - s[6] = s2 >> 6; - s[7] = (s2 >> 14) | (s3 << 7); - s[8] = s3 >> 1; - s[9] = s3 >> 9; - s[10] = (s3 >> 17) | (s4 << 4); - s[11] = s4 >> 4; - s[12] = s4 >> 12; - s[13] = (s4 >> 20) | (s5 << 1); - s[14] = s5 >> 7; - s[15] = (s5 >> 15) | (s6 << 6); - s[16] = s6 >> 2; - s[17] = s6 >> 10; - s[18] = (s6 >> 18) | (s7 << 3); - s[19] = s7 >> 5; - s[20] = s7 >> 13; - s[21] = s8 >> 0; - s[22] = s8 >> 8; - s[23] = (s8 >> 16) | (s9 << 5); - s[24] = s9 >> 3; - s[25] = s9 >> 11; - s[26] = (s9 >> 19) | (s10 << 2); - s[27] = s10 >> 6; - s[28] = (s10 >> 14) | (s11 << 7); - s[29] = s11 >> 1; - s[30] = s11 >> 9; - s[31] = s11 >> 17; + s[0] = (byte)(s0 >> 0); + s[1] = (byte)(s0 >> 8); + s[2] = (byte)((s0 >> 16) | (s1 << 5)); + s[3] = (byte)(s1 >> 3); + s[4] = (byte)(s1 >> 11); + s[5] = (byte)((s1 >> 19) | (s2 << 2)); + s[6] = (byte)(s2 >> 6); + s[7] = (byte)((s2 >> 14) | (s3 << 7)); + s[8] = (byte)(s3 >> 1); + s[9] = (byte)(s3 >> 9); + s[10] = (byte)((s3 >> 17) | (s4 << 4)); + s[11] = (byte)(s4 >> 4); + s[12] = (byte)(s4 >> 12); + s[13] = (byte)((s4 >> 20) | (s5 << 1)); + s[14] = (byte)(s5 >> 7); + s[15] = (byte)((s5 >> 15) | (s6 << 6)); + s[16] = (byte)(s6 >> 2); + s[17] = (byte)(s6 >> 10); + s[18] = (byte)((s6 >> 18) | (s7 << 3)); + s[19] = (byte)(s7 >> 5); + s[20] = (byte)(s7 >> 13); + s[21] = (byte)(s8 >> 0); + s[22] = (byte)(s8 >> 8); + s[23] = (byte)((s8 >> 16) | (s9 << 5)); + s[24] = (byte)(s9 >> 3); + s[25] = (byte)(s9 >> 11); + s[26] = (byte)((s9 >> 19) | (s10 << 2)); + s[27] = (byte)(s10 >> 6); + s[28] = (byte)((s10 >> 14) | (s11 << 7)); + s[29] = (byte)(s11 >> 1); + s[30] = (byte)(s11 >> 9); + s[31] = (byte)(s11 >> 17); /* hush warnings after setting values to 0 */ (void)s12; @@ -640,38 +640,38 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c) carry9 = s9 >> 21; s10 += carry9; s9 -= carry9 << 21; carry10 = s10 >> 21; s11 += carry10; s10 -= carry10 << 21; - s[0] = s0 >> 0; - s[1] = s0 >> 8; - s[2] = (s0 >> 16) | (s1 << 5); - s[3] = s1 >> 3; - s[4] = s1 >> 11; - s[5] = (s1 >> 19) | (s2 << 2); - s[6] = s2 >> 6; - s[7] = (s2 >> 14) | (s3 << 7); - s[8] = s3 >> 1; - s[9] = s3 >> 9; - s[10] = (s3 >> 17) | (s4 << 4); - s[11] = s4 >> 4; - s[12] = s4 >> 12; - s[13] = (s4 >> 20) | (s5 << 1); - s[14] = s5 >> 7; - s[15] = (s5 >> 15) | (s6 << 6); - s[16] = s6 >> 2; - s[17] = s6 >> 10; - s[18] = (s6 >> 18) | (s7 << 3); - s[19] = s7 >> 5; - s[20] = s7 >> 13; - s[21] = s8 >> 0; - s[22] = s8 >> 8; - s[23] = (s8 >> 16) | (s9 << 5); - s[24] = s9 >> 3; - s[25] = s9 >> 11; - s[26] = (s9 >> 19) | (s10 << 2); - s[27] = s10 >> 6; - s[28] = (s10 >> 14) | (s11 << 7); - s[29] = s11 >> 1; - s[30] = s11 >> 9; - s[31] = s11 >> 17; + s[0] = (byte)(s0 >> 0); + s[1] = (byte)(s0 >> 8); + s[2] = (byte)((s0 >> 16) | (s1 << 5)); + s[3] = (byte)(s1 >> 3); + s[4] = (byte)(s1 >> 11); + s[5] = (byte)((s1 >> 19) | (s2 << 2)); + s[6] = (byte)(s2 >> 6); + s[7] = (byte)((s2 >> 14) | (s3 << 7)); + s[8] = (byte)(s3 >> 1); + s[9] = (byte)(s3 >> 9); + s[10] = (byte)((s3 >> 17) | (s4 << 4)); + s[11] = (byte)(s4 >> 4); + s[12] = (byte)(s4 >> 12); + s[13] = (byte)((s4 >> 20) | (s5 << 1)); + s[14] = (byte)(s5 >> 7); + s[15] = (byte)((s5 >> 15) | (s6 << 6)); + s[16] = (byte)(s6 >> 2); + s[17] = (byte)(s6 >> 10); + s[18] = (byte)((s6 >> 18) | (s7 << 3)); + s[19] = (byte)(s7 >> 5); + s[20] = (byte)(s7 >> 13); + s[21] = (byte)(s8 >> 0); + s[22] = (byte)(s8 >> 8); + s[23] = (byte)((s8 >> 16) | (s9 << 5)); + s[24] = (byte)(s9 >> 3); + s[25] = (byte)(s9 >> 11); + s[26] = (byte)((s9 >> 19) | (s10 << 2)); + s[27] = (byte)(s10 >> 6); + s[28] = (byte)((s10 >> 14) | (s11 << 7)); + s[29] = (byte)(s11 >> 1); + s[30] = (byte)(s11 >> 9); + s[31] = (byte)(s11 >> 17); /* hush warnings after setting values to 0 */ (void)s12; @@ -754,7 +754,7 @@ static unsigned char negative(signed char b) unsigned long long x = b; /* 18446744073709551361..18446744073709551615: yes; 0..255: no */ x >>= 63; /* 1: yes; 0: no */ - return x; + return (unsigned char)x; } @@ -2272,7 +2272,7 @@ where a = a[0]+256*a[1]+...+256^31 a[31]. and b = b[0]+256*b[1]+...+256^31 b[31]. B is the Ed25519 base point (x,4/5) with x positive. */ -int ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a, +int ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a, const ge_p3 *A, const unsigned char *b) { signed char aslide[256]; diff --git a/wolfcrypt/src/poly1305.c b/wolfcrypt/src/poly1305.c index 637106b63..1a932dc4f 100644 --- a/wolfcrypt/src/poly1305.c +++ b/wolfcrypt/src/poly1305.c @@ -600,7 +600,7 @@ int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz, if ((ret = wc_Poly1305Update(ctx, additional, addSz)) != 0) { return ret; } - paddingLen = -addSz & (WC_POLY1305_PAD_SZ - 1); + paddingLen = -((int)addSz) & (WC_POLY1305_PAD_SZ - 1); if (paddingLen) { if ((ret = wc_Poly1305Update(ctx, padding, paddingLen)) != 0) { return ret; @@ -611,7 +611,7 @@ int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz, if ((ret = wc_Poly1305Update(ctx, input, sz)) != 0) { return ret; } - paddingLen = -sz & (WC_POLY1305_PAD_SZ - 1); + paddingLen = -((int)sz) & (WC_POLY1305_PAD_SZ - 1); if (paddingLen) { if ((ret = wc_Poly1305Update(ctx, padding, paddingLen)) != 0) { return ret; diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 5ea961538..02bbe14e5 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1674,6 +1674,24 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) return ret; } +#elif defined(INTIME_RTOS) + int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int ret = 0; + + (void)os; + + if (output == NULL) { + return BUFFER_E; + } + + /* Note: Investigate better solution */ + /* no return to check */ + arc4random_buf(output, sz); + + return ret; + } + #elif defined(NO_DEV_RANDOM) #error "you need to write an os specific wc_GenerateSeed() here" diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c old mode 100644 new mode 100755 index aa1dac6f8..2ca371924 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -264,13 +264,15 @@ wolfSSL_Mutex* wc_InitAndAllocMutex() { wolfSSL_Mutex* m = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), NULL, DYNAMIC_TYPE_MUTEX); - if(m && wc_InitMutex(m) == 0) + if (m && wc_InitMutex(m) == 0) return m; + XFREE(m, NULL, DYNAMIC_TYPE_MUTEX); m = NULL; return m; } + #if WOLFSSL_CRYPT_HW_MUTEX /* Mutex for protection of cryptography hardware */ static wolfSSL_Mutex wcCryptHwMutex; @@ -310,654 +312,738 @@ int wolfSSL_CryptHwMutexUnLock(void) { #endif /* WOLFSSL_CRYPT_HW_MUTEX */ +/* ---------------------------------------------------------------------------*/ +/* Mutex Ports */ +/* ---------------------------------------------------------------------------*/ #ifdef SINGLE_THREADED -int wc_InitMutex(wolfSSL_Mutex* m) -{ - (void)m; - return 0; -} + int wc_InitMutex(wolfSSL_Mutex* m) + { + (void)m; + return 0; + } -int wc_FreeMutex(wolfSSL_Mutex *m) -{ - (void)m; - return 0; -} + int wc_FreeMutex(wolfSSL_Mutex *m) + { + (void)m; + return 0; + } -int wc_LockMutex(wolfSSL_Mutex *m) -{ - (void)m; - return 0; -} + int wc_LockMutex(wolfSSL_Mutex *m) + { + (void)m; + return 0; + } -int wc_UnLockMutex(wolfSSL_Mutex *m) -{ - (void)m; - return 0; -} + int wc_UnLockMutex(wolfSSL_Mutex *m) + { + (void)m; + return 0; + } -#else /* MULTI_THREAD */ +#elif defined(FREERTOS) || defined(FREERTOS_TCP) || \ + defined(FREESCALE_FREE_RTOS) - #if defined(FREERTOS) || defined(FREERTOS_TCP) || \ - defined(FREESCALE_FREE_RTOS) + int wc_InitMutex(wolfSSL_Mutex* m) + { + int iReturn; - int wc_InitMutex(wolfSSL_Mutex* m) - { - int iReturn; + *m = ( wolfSSL_Mutex ) xSemaphoreCreateMutex(); + if( *m != NULL ) + iReturn = 0; + else + iReturn = BAD_MUTEX_E; - *m = ( wolfSSL_Mutex ) xSemaphoreCreateMutex(); - if( *m != NULL ) - iReturn = 0; - else - iReturn = BAD_MUTEX_E; + return iReturn; + } - return iReturn; - } + int wc_FreeMutex(wolfSSL_Mutex* m) + { + vSemaphoreDelete( *m ); + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + /* Assume an infinite block, or should there be zero block? */ + xSemaphoreTake( *m, portMAX_DELAY ); + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + xSemaphoreGive( *m ); + return 0; + } + +#elif defined(WOLFSSL_SAFERTOS) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); + if (m->mutex == NULL) + return BAD_MUTEX_E; + + return 0; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + (void)m; + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + /* Assume an infinite block */ + xSemaphoreTake(m->mutex, portMAX_DELAY); + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + xSemaphoreGive(m->mutex); + return 0; + } + +#elif defined(USE_WINDOWS_API) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + InitializeCriticalSection(m); + return 0; + } - int wc_FreeMutex(wolfSSL_Mutex* m) - { - vSemaphoreDelete( *m ); + int wc_FreeMutex(wolfSSL_Mutex* m) + { + DeleteCriticalSection(m); + return 0; + } + + + int wc_LockMutex(wolfSSL_Mutex* m) + { + EnterCriticalSection(m); + return 0; + } + + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + LeaveCriticalSection(m); + return 0; + } + +#elif defined(WOLFSSL_PTHREADS) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + if (pthread_mutex_init(m, 0) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - int wc_LockMutex(wolfSSL_Mutex* m) - { - /* Assume an infinite block, or should there be zero block? */ - xSemaphoreTake( *m, portMAX_DELAY ); + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + if (pthread_mutex_destroy(m) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - xSemaphoreGive( *m ); + + int wc_LockMutex(wolfSSL_Mutex* m) + { + if (pthread_mutex_lock(m) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - #elif defined(WOLFSSL_SAFERTOS) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); - if (m->mutex == NULL) - return BAD_MUTEX_E; + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + if (pthread_mutex_unlock(m) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - int wc_FreeMutex(wolfSSL_Mutex* m) - { - (void)m; +#elif defined(THREADX) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + if (tx_mutex_create(m, "wolfSSL Mutex", TX_NO_INHERIT) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - int wc_LockMutex(wolfSSL_Mutex* m) - { - /* Assume an infinite block */ - xSemaphoreTake(m->mutex, portMAX_DELAY); + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + if (tx_mutex_delete(m) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - xSemaphoreGive(m->mutex); + + int wc_LockMutex(wolfSSL_Mutex* m) + { + if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0) return 0; - } + else + return BAD_MUTEX_E; + } - - #elif defined(USE_WINDOWS_API) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - InitializeCriticalSection(m); + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + if (tx_mutex_put(m) == 0) return 0; - } + else + return BAD_MUTEX_E; + } +#elif defined(MICRIUM) - int wc_FreeMutex(wolfSSL_Mutex* m) - { - DeleteCriticalSection(m); - return 0; - } - - - int wc_LockMutex(wolfSSL_Mutex* m) - { - EnterCriticalSection(m); - return 0; - } - - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - LeaveCriticalSection(m); - return 0; - } - - #elif defined(WOLFSSL_PTHREADS) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - if (pthread_mutex_init(m, 0) == 0) + int wc_InitMutex(wolfSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_MutexCreate(m) == 0) return 0; else return BAD_MUTEX_E; - } + #else + return 0; + #endif + } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - if (pthread_mutex_destroy(m) == 0) + int wc_FreeMutex(wolfSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_wc_FreeMutex(m) == 0) return 0; else return BAD_MUTEX_E; - } + #else + return 0; + #endif + } - - int wc_LockMutex(wolfSSL_Mutex* m) - { - if (pthread_mutex_lock(m) == 0) + int wc_LockMutex(wolfSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_wc_LockMutex(m) == 0) return 0; else return BAD_MUTEX_E; - } + #else + return 0; + #endif + } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - if (pthread_mutex_unlock(m) == 0) + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_wc_UnLockMutex(m) == 0) return 0; else return BAD_MUTEX_E; + #else + return 0; + #endif + + } + +#elif defined(EBSNET) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + if (rtp_sig_mutex_alloc(m, "wolfSSL Mutex") == -1) + return BAD_MUTEX_E; + else + return 0; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + rtp_sig_mutex_free(*m); + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + rtp_sig_mutex_release(*m); + return 0; + } + +#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + if (_mutex_init(m, NULL) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + if (_mutex_destroy(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + if (_mutex_lock(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + if (_mutex_unlock(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + +#elif defined(WOLFSSL_TIRTOS) + #include + + int wc_InitMutex(wolfSSL_Mutex* m) + { + Semaphore_Params params; + Error_Block eb; + + Error_init(&eb); + Semaphore_Params_init(¶ms); + params.mode = Semaphore_Mode_BINARY; + + *m = Semaphore_create(1, ¶ms, &eb); + if (Error_check(&eb)) { + Error_raise(&eb, Error_E_generic, "Failed to Create the semaphore.", + NULL); + return BAD_MUTEX_E; } + else + return 0; + } - #elif defined(THREADX) + int wc_FreeMutex(wolfSSL_Mutex* m) + { + Semaphore_delete(m); - int wc_InitMutex(wolfSSL_Mutex* m) - { - if (tx_mutex_create(m, "wolfSSL Mutex", TX_NO_INHERIT) == 0) - return 0; - else - return BAD_MUTEX_E; + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + Semaphore_pend(*m, BIOS_WAIT_FOREVER); + + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + Semaphore_post(*m); + + return 0; + } + +#elif defined(WOLFSSL_uITRON4) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + int iReturn; + m->sem.sematr = TA_TFIFO; + m->sem.isemcnt = 1; + m->sem.maxsem = 1; + m->sem.name = NULL; + + m->id = acre_sem(&m->sem); + if( m->id != E_OK ) + iReturn = 0; + else + iReturn = BAD_MUTEX_E; + + return iReturn; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + del_sem( m->id ); + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + wai_sem(m->id); + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + sig_sem(m->id); + return 0; + } + + /**** uITRON malloc/free ***/ + static ID ID_wolfssl_MPOOL = 0; + static T_CMPL wolfssl_MPOOL = {TA_TFIFO, 0, NULL, "wolfSSL_MPOOL"}; + + int uITRON4_minit(size_t poolsz) { + ER ercd; + wolfssl_MPOOL.mplsz = poolsz; + ercd = acre_mpl(&wolfssl_MPOOL); + if (ercd > 0) { + ID_wolfssl_MPOOL = ercd; + return 0; + } else { + return -1; } + } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - if (tx_mutex_delete(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int wc_LockMutex(wolfSSL_Mutex* m) - { - if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - if (tx_mutex_put(m) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - #elif defined(MICRIUM) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_MutexCreate(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_wc_FreeMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int wc_LockMutex(wolfSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_wc_LockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - } - - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_wc_UnLockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_E; - #else - return 0; - #endif - - } - - #elif defined(EBSNET) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - if (rtp_sig_mutex_alloc(m, "wolfSSL Mutex") == -1) - return BAD_MUTEX_E; - else - return 0; - } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - rtp_sig_mutex_free(*m); + void *uITRON4_malloc(size_t sz) { + ER ercd; + void *p; + ercd = get_mpl(ID_wolfssl_MPOOL, sz, (VP)&p); + if (ercd == E_OK) { + return p; + } else { return 0; } + } - int wc_LockMutex(wolfSSL_Mutex* m) - { - if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0) - return 0; - else - return BAD_MUTEX_E; - } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - rtp_sig_mutex_release(*m); - return 0; - } - - #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX) - - int wc_InitMutex(wolfSSL_Mutex* m) - { - if (_mutex_init(m, NULL) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - if (_mutex_destroy(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int wc_LockMutex(wolfSSL_Mutex* m) - { - if (_mutex_lock(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - if (_mutex_unlock(m) == MQX_EOK) - return 0; - else - return BAD_MUTEX_E; - } - - #elif defined (WOLFSSL_TIRTOS) - #include - int wc_InitMutex(wolfSSL_Mutex* m) - { - Semaphore_Params params; - Error_Block eb; - Error_init(&eb); - Semaphore_Params_init(¶ms); - params.mode = Semaphore_Mode_BINARY; - - *m = Semaphore_create(1, ¶ms, &eb); - if( Error_check( &eb ) ) - { - Error_raise( &eb, Error_E_generic, "Failed to Create the semaphore.",NULL); - return BAD_MUTEX_E; - } else return 0; - } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - Semaphore_delete(m); - - return 0; - } - - int wc_LockMutex(wolfSSL_Mutex* m) - { - Semaphore_pend(*m, BIOS_WAIT_FOREVER); - - return 0; - } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - Semaphore_post(*m); - - return 0; - } - - #elif defined(WOLFSSL_uITRON4) - #include "stddef.h" - #include "kernel.h" - int wc_InitMutex(wolfSSL_Mutex* m) - { - int iReturn; - m->sem.sematr = TA_TFIFO ; - m->sem.isemcnt = 1 ; - m->sem.maxsem = 1 ; - m->sem.name = NULL ; - - m->id = acre_sem(&m->sem); - if( m->id != E_OK ) - iReturn = 0; - else - iReturn = BAD_MUTEX_E; - - return iReturn; - } - - int wc_FreeMutex(wolfSSL_Mutex* m) - { - del_sem( m->id ); - return 0; - } - - int wc_LockMutex(wolfSSL_Mutex* m) - { - wai_sem(m->id); - return 0; - } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - sig_sem(m->id); - return 0; - } - - /**** uITRON malloc/free ***/ - static ID ID_wolfssl_MPOOL = 0 ; - static T_CMPL wolfssl_MPOOL = {TA_TFIFO, 0, NULL, "wolfSSL_MPOOL"}; - - int uITRON4_minit(size_t poolsz) { - ER ercd; - wolfssl_MPOOL.mplsz = poolsz ; - ercd = acre_mpl(&wolfssl_MPOOL); - if (ercd > 0) { - ID_wolfssl_MPOOL = ercd; - return 0; - } else { - return -1; - } - } - - void *uITRON4_malloc(size_t sz) { - ER ercd; - void *p ; - ercd = get_mpl(ID_wolfssl_MPOOL, sz, (VP)&p); - if (ercd == E_OK) { - return p; - } else { - return 0 ; - } - } - - void *uITRON4_realloc(void *p, size_t sz) { - ER ercd; - void *newp ; - if(p) { - ercd = get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp); + void *uITRON4_realloc(void *p, size_t sz) { + ER ercd; + void *newp; + if(p) { + ercd = get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp); + if (ercd == E_OK) { + XMEMCPY(newp, p, sz); + ercd = rel_mpl(ID_wolfssl_MPOOL, (VP)p); if (ercd == E_OK) { - XMEMCPY(newp, p, sz) ; - ercd = rel_mpl(ID_wolfssl_MPOOL, (VP)p); - if (ercd == E_OK) { - return newp; - } + return newp; } } - return 0 ; - } + } + return 0; + } - void uITRON4_free(void *p) { - ER ercd; - ercd = rel_mpl(ID_wolfssl_MPOOL, (VP)p); - if (ercd == E_OK) { - return ; - } else { - return ; - } + void uITRON4_free(void *p) { + ER ercd; + ercd = rel_mpl(ID_wolfssl_MPOOL, (VP)p); + if (ercd == E_OK) { + return; + } else { + return; } + } #elif defined(WOLFSSL_uTKERNEL2) - #include "tk/tkernel.h" - int wc_InitMutex(wolfSSL_Mutex* m) - { - int iReturn; - m->sem.sematr = TA_TFIFO ; - m->sem.isemcnt = 1 ; - m->sem.maxsem = 1 ; - m->id = tk_cre_sem(&m->sem); - if( m->id != NULL ) - iReturn = 0; - else - iReturn = BAD_MUTEX_E; + int wc_InitMutex(wolfSSL_Mutex* m) + { + int iReturn; + m->sem.sematr = TA_TFIFO; + m->sem.isemcnt = 1; + m->sem.maxsem = 1; - return iReturn; + m->id = tk_cre_sem(&m->sem); + if( m->id != NULL ) + iReturn = 0; + else + iReturn = BAD_MUTEX_E; + + return iReturn; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + tk_del_sem( m->id ); + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + tk_wai_sem(m->id, 1, TMO_FEVR); + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + tk_sig_sem(m->id, 1); + return 0; + } + + /**** uT-Kernel malloc/free ***/ + static ID ID_wolfssl_MPOOL = 0; + static T_CMPL wolfssl_MPOOL = + {(void *)NULL, + TA_TFIFO , 0, "wolfSSL_MPOOL"}; + + int uTKernel_init_mpool(unsigned int sz) { + ER ercd; + wolfssl_MPOOL.mplsz = sz; + ercd = tk_cre_mpl(&wolfssl_MPOOL); + if (ercd > 0) { + ID_wolfssl_MPOOL = ercd; + return 0; + } else { + return -1; } + } - int wc_FreeMutex(wolfSSL_Mutex* m) - { - tk_del_sem( m->id ); + void *uTKernel_malloc(unsigned int sz) { + ER ercd; + void *p; + ercd = tk_get_mpl(ID_wolfssl_MPOOL, sz, (VP)&p, TMO_FEVR); + if (ercd == E_OK) { + return p; + } else { return 0; } + } - int wc_LockMutex(wolfSSL_Mutex* m) - { - tk_wai_sem(m->id, 1, TMO_FEVR); - return 0; - } - - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - tk_sig_sem(m->id, 1); - return 0; - } - - /**** uT-Kernel malloc/free ***/ - static ID ID_wolfssl_MPOOL = 0 ; - static T_CMPL wolfssl_MPOOL = - {(void *)NULL, - TA_TFIFO , 0, "wolfSSL_MPOOL"}; - - int uTKernel_init_mpool(unsigned int sz) { - ER ercd; - wolfssl_MPOOL.mplsz = sz ; - ercd = tk_cre_mpl(&wolfssl_MPOOL); - if (ercd > 0) { - ID_wolfssl_MPOOL = ercd; - return 0; - } else { - return -1; - } - } - - void *uTKernel_malloc(unsigned int sz) { - ER ercd; - void *p ; - ercd = tk_get_mpl(ID_wolfssl_MPOOL, sz, (VP)&p, TMO_FEVR); - if (ercd == E_OK) { - return p; - } else { - return 0 ; - } - } - - void *uTKernel_realloc(void *p, unsigned int sz) { - ER ercd; - void *newp ; - if(p) { - ercd = tk_get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp, TMO_FEVR); + void *uTKernel_realloc(void *p, unsigned int sz) { + ER ercd; + void *newp; + if(p) { + ercd = tk_get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp, TMO_FEVR); + if (ercd == E_OK) { + XMEMCPY(newp, p, sz); + ercd = tk_rel_mpl(ID_wolfssl_MPOOL, (VP)p); if (ercd == E_OK) { - XMEMCPY(newp, p, sz) ; - ercd = tk_rel_mpl(ID_wolfssl_MPOOL, (VP)p); - if (ercd == E_OK) { - return newp; - } + return newp; } } - return 0 ; - } + } + return 0; + } - void uTKernel_free(void *p) { - ER ercd; - ercd = tk_rel_mpl(ID_wolfssl_MPOOL, (VP)p); - if (ercd == E_OK) { - return ; - } else { - return ; - } - } - #elif defined (WOLFSSL_FROSTED) - int wc_InitMutex(wolfSSL_Mutex* m) - { - *m = mutex_init(); - if (*m) - return 0; - else - return -1; + void uTKernel_free(void *p) { + ER ercd; + ercd = tk_rel_mpl(ID_wolfssl_MPOOL, (VP)p); + if (ercd == E_OK) { + return; + } else { + return; } + } - int wc_FreeMutex(wolfSSL_Mutex* m) - { - mutex_destroy(*m); - return(0) ; - } +#elif defined (WOLFSSL_FROSTED) - int wc_LockMutex(wolfSSL_Mutex* m) - { - mutex_lock(*m); + int wc_InitMutex(wolfSSL_Mutex* m) + { + *m = mutex_init(); + if (*m) return 0; - } + else + return -1; + } - int wc_UnLockMutex(wolfSSL_Mutex* m) - { - mutex_unlock(*m); + int wc_FreeMutex(wolfSSL_Mutex* m) + { + mutex_destroy(*m); + return(0); + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + mutex_lock(*m); + return 0; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + mutex_unlock(*m); + return 0; + } + +#elif defined(WOLFSSL_CMSIS_RTOS) + + #define CMSIS_NMUTEX 10 + osMutexDef(wolfSSL_mt0); osMutexDef(wolfSSL_mt1); osMutexDef(wolfSSL_mt2); + osMutexDef(wolfSSL_mt3); osMutexDef(wolfSSL_mt4); osMutexDef(wolfSSL_mt5); + osMutexDef(wolfSSL_mt6); osMutexDef(wolfSSL_mt7); osMutexDef(wolfSSL_mt8); + osMutexDef(wolfSSL_mt9); + + static const osMutexDef_t *CMSIS_mutex[] = { osMutex(wolfSSL_mt0), + osMutex(wolfSSL_mt1), osMutex(wolfSSL_mt2), osMutex(wolfSSL_mt3), + osMutex(wolfSSL_mt4), osMutex(wolfSSL_mt5), osMutex(wolfSSL_mt6), + osMutex(wolfSSL_mt7), osMutex(wolfSSL_mt8), osMutex(wolfSSL_mt9) }; + + static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0}; + + int wc_InitMutex(wolfSSL_Mutex* m) + { + int i; + for (i=0; i /* initialize and Mutex for TI Crypt Engine */ #include /* md5, sha1, sha224, sha256 */ #endif diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index ffbd6b552..28d2bc1bf 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -5258,91 +5258,93 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) #endif /* HAVE_NTRU */ -#ifndef NO_RSA - -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* clientKey = "a:\\certs\\client-key.der"; - static const char* clientCert = "a:\\certs\\client-cert.der"; - #ifdef HAVE_PKCS7 - static const char* eccClientKey = "a:\\certs\\ecc-client-key.der"; - static const char* eccClientCert = "a:\\certs\\client-ecc-cert.der"; - #endif - #ifdef WOLFSSL_CERT_EXT - static const char* clientKeyPub = "a:\\certs\\client-keyPub.der"; - #endif - #ifdef WOLFSSL_CERT_GEN - static const char* caKeyFile = "a:\\certs\\ca-key.der"; - #ifdef WOLFSSL_CERT_EXT - static const char* caKeyPubFile = "a:\\certs\\ca-keyPub.der"; - #endif - static const char* caCertFile = "a:\\certs\\ca-cert.pem"; - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; - #ifdef WOLFSSL_CERT_EXT - static const char* eccCaKeyPubFile = "a:\\certs\\ecc-keyPub.der"; - #endif - static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; - #endif - #endif - #elif defined(WOLFSSL_MKD_SHELL) - static char* clientKey = "certs/client-key.der"; - static char* clientCert = "certs/client-cert.der"; - void set_clientKey(char *key) { clientKey = key ; } - void set_clientCert(char *cert) { clientCert = cert ; } - #ifdef HAVE_PKCS7 - static const char* eccClientKey = "certs/ecc-client-key.der"; - static const char* eccClientCert = "certs/client-ecc-cert.der"; - void set_eccClientKey(char* key) { eccClientKey = key ; } - void set_eccClientCert(char* cert) { eccClientCert = cert ; } - #endif - #ifdef WOLFSSL_CERT_EXT - static const char* clientKeyPub = "certs/client-keyPub.der"; - void set_clientKeyPub(char *key) { clientKeyPub = key ; } - #endif - #ifdef WOLFSSL_CERT_GEN - static char* caKeyFile = "certs/ca-key.der"; - #ifdef WOLFSSL_CERT_EXT - static const char* caKeyPubFile = "certs/ca-keyPub.der"; - void set_caKeyPubFile (char * key) { caKeyPubFile = key ; } - #endif - static char* caCertFile = "certs/ca-cert.pem"; - void set_caKeyFile (char * key) { caKeyFile = key ; } - void set_caCertFile(char * cert) { caCertFile = cert ; } - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "certs/ecc-key.der"; - #ifdef WOLFSSL_CERT_EXT - static const char* eccCaKeyPubFile = "certs/ecc-keyPub.der"; - void set_eccCaKeyPubFile(char * key) { eccCaKeyPubFile = key ; } - #endif - static const char* eccCaCertFile = "certs/server-ecc.pem"; - void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } - void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } - #endif - #endif - #else - static const char* clientKey = "./certs/client-key.der"; - static const char* clientCert = "./certs/client-cert.der"; - #ifdef HAVE_PKCS7 - static const char* eccClientKey = "./certs/ecc-client-key.der"; - static const char* eccClientCert = "./certs/client-ecc-cert.der"; - #endif - #ifdef WOLFSSL_CERT_EXT - static const char* clientKeyPub = "./certs/client-keyPub.der"; - #endif - #ifdef WOLFSSL_CERT_GEN - static const char* caKeyFile = "./certs/ca-key.der"; - static const char* caCertFile = "./certs/ca-cert.pem"; - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "./certs/ecc-key.der"; - #ifdef WOLFSSL_CERT_EXT - static const char* eccCaKeyPubFile = "./certs/ecc-keyPub.der"; - #endif - static const char* eccCaCertFile = "./certs/server-ecc.pem"; - #endif - #endif - #endif +/* Cert Paths */ +#ifdef FREESCALE_MQX + #define CERT_PREFIX "a:\\" + #define CERT_PATH_SEP "\\" +#elif defined(WOLFSSL_MKD_SHELL) + #define CERT_PREFIX "" + #define CERT_PATH_SEP "/" +#else + #define CERT_PREFIX "./" + #define CERT_PATH_SEP "/" #endif +#define CERT_ROOT CERT_PREFIX "certs" CERT_PATH_SEP + +/* Generated Test Certs */ +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + !defined(NO_ASN) + #ifndef NO_RSA + static const char* clientKey = CERT_ROOT "client-key.der"; + static const char* clientCert = CERT_ROOT "client-cert.der"; + #ifdef HAVE_PKCS7 + static const char* eccClientKey = CERT_ROOT "ecc-client-key.der"; + static const char* eccClientCert = CERT_ROOT "client-ecc-cert.der"; + #endif + #ifdef WOLFSSL_CERT_EXT + static const char* clientKeyPub = CERT_ROOT "client-keyPub.der"; + #endif + #ifdef WOLFSSL_CERT_GEN + static const char* caKeyFile = CERT_ROOT "ca-key.der"; + static const char* caCertFile = CERT_ROOT "ca-cert.pem"; + #endif + #endif /* !NO_RSA */ + #ifndef NO_DH + static const char* dhKey = CERT_ROOT "dh2048.der"; + #endif + #ifndef NO_DSA + static const char* dsaKey = CERT_ROOT "dsa2048.der"; + #endif +#endif /* !USE_CERT_BUFFER_* */ +#if !defined(USE_CERT_BUFFERS_256) && !defined(NO_ASN) + #ifdef HAVE_ECC + #ifdef WOLFSSL_CERT_GEN + static const char* eccCaCertFile = CERT_ROOT "server-ecc.pem"; + #endif + #ifdef WOLFSSL_CERT_EXT + static const char* eccCaKeyPubFile = CERT_ROOT "ecc-keyPub.der"; + #endif + #endif /* HAVE_ECC */ +#endif /* !USE_CERT_BUFFER_* */ + +/* Temporary Cert Files */ +#ifdef HAVE_ECC + #ifdef WOLFSSL_CERT_GEN + static const char* certEccPemFile = CERT_PREFIX "certecc.pem"; + #endif + #ifdef WOLFSSL_KEY_GEN + static const char* eccCaKeyPemFile = CERT_PREFIX "ecc-key.pem"; + static const char* eccPubKeyDerFile = CERT_PREFIX "ecc-public-key.der"; + #endif + #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) + static const char* eccCaKeyFile = CERT_PREFIX "ecc-key.der"; + #endif + #if defined(WOLFSSL_CERT_GEN) || \ + (defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)) + static const char* certEccDerFile = CERT_PREFIX "certecc.der"; + #endif +#endif /* HAVE_ECC */ + +#ifndef NO_RSA + #if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT) + static const char* otherCertDerFile = CERT_PREFIX "othercert.der"; + static const char* certDerFile = CERT_PREFIX "cert.der"; + #endif + #ifdef WOLFSSL_CERT_GEN + static const char* otherCertPemFile = CERT_PREFIX "othercert.pem"; + static const char* certPemFile = CERT_PREFIX "cert.pem"; + #endif + #ifdef WOLFSSL_KEY_GEN + static const char* keyDerFile = CERT_PREFIX "key.der"; + static const char* keyPemFile = CERT_PREFIX "key.pem"; + #endif + #ifdef WOLFSSL_CERT_REQ + static const char* certReqDerFile = CERT_PREFIX "certreq.der"; + static const char* certReqPemFile = CERT_PREFIX "certreq.pem"; + #endif +#endif /* !NO_RSA */ + +#ifndef NO_RSA #if !defined(NO_ASN_TIME) && defined(WOLFSSL_TEST_CERT) int cert_test(void) @@ -5435,12 +5437,8 @@ int certext_test(void) if (tmp == NULL) return -200; - /* load othercert.pem (Cert signed by an authority) */ -#ifdef FREESCALE_MQX - file = fopen("a:\\certs\\othercert.der", "rb"); -#else - file = fopen("./othercert.der", "rb"); -#endif + /* load othercert.der (Cert signed by an authority) */ + file = fopen(otherCertDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -200; @@ -5486,12 +5484,8 @@ int certext_test(void) FreeDecodedCert(&cert); #ifdef HAVE_ECC - /* load certecc.pem (Cert signed by an authority) */ -#ifdef FREESCALE_MQX - file = fopen("a:\\certs\\certecc.der", "rb"); -#else - file = fopen("./certecc.der", "rb"); -#endif + /* load certecc.der (Cert signed by an authority) */ + file = fopen(certEccDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -210; @@ -5540,12 +5534,8 @@ int certext_test(void) FreeDecodedCert(&cert); #endif /* HAVE_ECC */ - /* load cert.pem (self signed certificate) */ -#ifdef FREESCALE_MQX - file = fopen("a:\\certs\\cert.der", "rb"); -#else - file = fopen("./cert.der", "rb"); -#endif + /* load cert.der (self signed certificate) */ + file = fopen(certDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -220; @@ -6081,7 +6071,6 @@ int rsa_test(void) bytes = sizeof_client_key_der_2048; #else file = fopen(clientKey, "rb"); - if (!file) { err_sys("can't open ./certs/client-key.der, " "Please run from wolfSSL home dir", -40); @@ -6601,8 +6590,10 @@ int rsa_test(void) int pemSz = 0; RsaKey derIn; RsaKey genKey; + #ifndef NO_FILESYSTEM FILE* keyFile; FILE* pemFile; + #endif ret = wc_InitRsaKey(&genKey, HEAP_HINT); if (ret != 0) { @@ -6642,11 +6633,8 @@ int rsa_test(void) return -302; } -#ifdef FREESCALE_MQX - keyFile = fopen("a:\\certs\\key.der", "wb"); -#else - keyFile = fopen("./key.der", "wb"); -#endif + #ifndef NO_FILESYSTEM + keyFile = fopen(keyDerFile, "wb"); if (!keyFile) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6665,6 +6653,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -313; } + #endif pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE); if (pemSz < 0) { @@ -6676,11 +6665,8 @@ int rsa_test(void) return -304; } -#ifdef FREESCALE_MQX - pemFile = fopen("a:\\certs\\key.pem", "wb"); -#else - pemFile = fopen("./key.pem", "wb"); -#endif + #ifndef NO_FILESYSTEM + pemFile = fopen(keyPemFile, "wb"); if (!pemFile) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6699,6 +6685,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -314; } + #endif ret = wc_InitRsaKey(&derIn, HEAP_HINT); if (ret != 0) { @@ -6769,7 +6756,7 @@ int rsa_test(void) myCert.isCA = 1; myCert.sigType = CTC_SHA256wRSA; -#ifdef WOLFSSL_CERT_EXT + #ifdef WOLFSSL_CERT_EXT /* add Policies */ strncpy(myCert.certPolicies[0], "2.16.840.1.101.3.4.1.42", CTC_MAX_CERTPOL_SZ); @@ -6803,7 +6790,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -400; } -#endif /* WOLFSSL_CERT_EXT */ + #endif /* WOLFSSL_CERT_EXT */ certSz = wc_MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); if (certSz < 0) { @@ -6814,7 +6801,7 @@ int rsa_test(void) return -401; } -#ifdef WOLFSSL_TEST_CERT + #ifdef WOLFSSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, HEAP_HINT); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) { @@ -6825,13 +6812,10 @@ int rsa_test(void) return -402; } FreeDecodedCert(&decode); -#endif + #endif -#ifdef FREESCALE_MQX - derFile = fopen("a:\\certs\\cert.der", "wb"); -#else - derFile = fopen("./cert.der", "wb"); -#endif + #ifndef NO_FILESYSTEM + derFile = fopen(certDerFile, "wb"); if (!derFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6848,6 +6832,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -414; } + #endif pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); if (pemSz < 0) { @@ -6858,11 +6843,8 @@ int rsa_test(void) return -404; } -#ifdef FREESCALE_MQX - pemFile = fopen("a:\\certs\\cert.pem", "wb"); -#else - pemFile = fopen("./cert.pem", "wb"); -#endif + #ifndef NO_FILESYSTEM + pemFile = fopen(certPemFile, "wb"); if (!pemFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6879,6 +6861,8 @@ int rsa_test(void) wc_FreeRng(&rng); return -406; } + #endif + XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); } @@ -6894,10 +6878,12 @@ int rsa_test(void) int pemSz; size_t bytes3; word32 idx3 = 0; - FILE* file3 ; -#ifdef WOLFSSL_TEST_CERT + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + FILE* file3; + #endif + #ifdef WOLFSSL_TEST_CERT DecodedCert decode; -#endif + #endif derCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6914,8 +6900,14 @@ int rsa_test(void) return -312; } + #ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, ca_key_der_1024, sizeof_ca_key_der_1024); + bytes3 = sizeof_ca_key_der_1024; + #elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, ca_key_der_2048, sizeof_ca_key_der_2048); + bytes3 = sizeof_ca_key_der_2048; + #else file3 = fopen(caKeyFile, "rb"); - if (!file3) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6926,6 +6918,7 @@ int rsa_test(void) bytes3 = fread(tmp, 1, FOURK_BUF, file3); fclose(file3); + #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&caKey, HEAP_HINT); if (ret != 0) { @@ -6947,9 +6940,9 @@ int rsa_test(void) wc_InitCert(&myCert); -#ifdef NO_SHA + #ifdef NO_SHA myCert.sigType = CTC_SHA256wRSA; -#endif + #endif strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); @@ -6959,7 +6952,7 @@ int rsa_test(void) strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); -#ifdef WOLFSSL_CERT_EXT + #ifdef WOLFSSL_CERT_EXT /* add Policies */ strncpy(myCert.certPolicies[0], "2.16.840.1.101.3.4.1.42", CTC_MAX_CERTPOL_SZ); @@ -6975,7 +6968,16 @@ int rsa_test(void) } /* add AKID from the CA certificate */ - if (wc_SetAuthKeyId(&myCert, caCertFile) != 0) { + #if defined(USE_CERT_BUFFERS_2048) + ret = wc_SetAuthKeyIdFromCert(&myCert, ca_cert_der_2048, + sizeof_ca_cert_der_2048); + #elif defined(USE_CERT_BUFFERS_1024) + ret = wc_SetAuthKeyIdFromCert(&myCert, ca_cert_der_1024, + sizeof_ca_cert_der_1024); + #else + ret = wc_SetAuthKeyId(&myCert, caCertFile); + #endif + if (ret != 0) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6991,9 +6993,17 @@ int rsa_test(void) wc_FreeRng(&rng); return -400; } -#endif /* WOLFSSL_CERT_EXT */ + #endif /* WOLFSSL_CERT_EXT */ + #if defined(USE_CERT_BUFFERS_2048) + ret = wc_SetIssuerBuffer(&myCert, ca_cert_der_2048, + sizeof_ca_cert_der_2048); + #elif defined(USE_CERT_BUFFERS_1024) + ret = wc_SetIssuerBuffer(&myCert, ca_cert_der_1024, + sizeof_ca_cert_der_1024); + #else ret = wc_SetIssuer(&myCert, caCertFile); + #endif if (ret < 0) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7024,7 +7034,7 @@ int rsa_test(void) return -408; } -#ifdef WOLFSSL_TEST_CERT + #ifdef WOLFSSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, HEAP_HINT); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) { @@ -7036,13 +7046,10 @@ int rsa_test(void) return -409; } FreeDecodedCert(&decode); -#endif + #endif -#ifdef FREESCALE_MQX - derFile = fopen("a:\\certs\\othercert.der", "wb"); -#else - derFile = fopen("./othercert.der", "wb"); -#endif +#ifndef NO_FILESYSTEM + derFile = fopen(otherCertDerFile, "wb"); if (!derFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7072,11 +7079,7 @@ int rsa_test(void) return -411; } -#ifdef FREESCALE_MQX - pemFile = fopen("a:\\certs\\othercert.pem", "wb"); -#else - pemFile = fopen("./othercert.pem", "wb"); -#endif + pemFile = fopen(otherCertPemFile, "wb"); if (!pemFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7096,6 +7099,8 @@ int rsa_test(void) return -415; } fclose(pemFile); +#endif /* !NO_FILESYSTEM */ + XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRsaKey(&caKey); @@ -7113,13 +7118,15 @@ int rsa_test(void) int pemSz; size_t bytes3; word32 idx3 = 0; + #ifndef USE_CERT_BUFFERS_256 FILE* file3; -#ifdef WOLFSSL_CERT_EXT + #endif + #ifdef WOLFSSL_CERT_EXT ecc_key caKeyPub; -#endif -#ifdef WOLFSSL_TEST_CERT + #endif + #ifdef WOLFSSL_TEST_CERT DecodedCert decode; -#endif + #endif derCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7136,6 +7143,10 @@ int rsa_test(void) return -5312; } + #ifdef USE_CERT_BUFFERS_256 + XMEMCPY(tmp, ecc_key_der_256, sizeof_ecc_key_der_256); + bytes3 = sizeof_ecc_key_der_256; + #else file3 = fopen(eccCaKeyFile, "rb"); if (!file3) { @@ -7148,6 +7159,7 @@ int rsa_test(void) bytes3 = fread(tmp, 1, FOURK_BUF, file3); fclose(file3); + #endif /* USE_CERT_BUFFERS_256 */ wc_ecc_init(&caKey); ret = wc_EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); @@ -7178,7 +7190,10 @@ int rsa_test(void) CTC_MAX_CERTPOL_SZ); myCert.certPoliciesNb = 2; - + #ifdef USE_CERT_BUFFERS_256 + XMEMCPY(tmp, ecc_key_pub_der_256, sizeof_ecc_key_pub_der_256); + bytes3 = sizeof_ecc_key_pub_der_256; + #else file3 = fopen(eccCaKeyPubFile, "rb"); if (!file3) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7190,6 +7205,7 @@ int rsa_test(void) bytes3 = fread(tmp, 1, FOURK_BUF, file3); fclose(file3); + #endif wc_ecc_init(&caKeyPub); if (ret != 0) { @@ -7242,7 +7258,12 @@ int rsa_test(void) } #endif /* WOLFSSL_CERT_EXT */ + #if defined(USE_CERT_BUFFERS_256) + ret = wc_SetIssuerBuffer(&myCert, serv_ecc_der_256, + sizeof_serv_ecc_der_256); + #else ret = wc_SetIssuer(&myCert, eccCaCertFile); + #endif if (ret < 0) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7287,11 +7308,7 @@ int rsa_test(void) FreeDecodedCert(&decode); #endif -#ifdef FREESCALE_MQX - derFile = fopen("a:\\certs\\certecc.der", "wb"); -#else - derFile = fopen("./certecc.der", "wb"); -#endif + derFile = fopen(certEccDerFile, "wb"); if (!derFile) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7321,11 +7338,7 @@ int rsa_test(void) return -5411; } -#ifdef FREESCALE_MQX - pemFile = fopen("a:\\certs\\certecc.pem", "wb"); -#else - pemFile = fopen("./certecc.pem", "wb"); -#endif + pemFile = fopen(certEccPemFile, "wb"); if (!pemFile) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7358,14 +7371,16 @@ int rsa_test(void) byte* pem; FILE* derFile; FILE* pemFile; + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) FILE* caFile; + #endif FILE* ntruPrivFile; int certSz; int pemSz; word32 idx3 = 0; -#ifdef WOLFSSL_TEST_CERT + #ifdef WOLFSSL_TEST_CERT DecodedCert decode; -#endif + #endif derCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (derCert == NULL) { @@ -7431,8 +7446,14 @@ int rsa_test(void) return -451; } + #ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, ca_key_der_1024, sizeof_ca_key_der_1024); + bytes = sizeof_ca_key_der_1024; + #elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, ca_key_der_2048, sizeof_ca_key_der_2048); + bytes = sizeof_ca_key_der_2048; + #else caFile = fopen(caKeyFile, "rb"); - if (!caFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7443,6 +7464,7 @@ int rsa_test(void) bytes = fread(tmp, 1, FOURK_BUF, caFile); fclose(caFile); + #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&caKey, HEAP_HINT); if (ret != 0) { @@ -7472,8 +7494,7 @@ int rsa_test(void) strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); myCert.daysValid = 1000; -#ifdef WOLFSSL_CERT_EXT - + #ifdef WOLFSSL_CERT_EXT /* add SKID from the Public Key */ if (wc_SetSubjectKeyIdFromNtruPublicKey(&myCert, public_key, public_key_len) != 0) { @@ -7485,7 +7506,16 @@ int rsa_test(void) } /* add AKID from the CA certificate */ - if (wc_SetAuthKeyId(&myCert, caCertFile) != 0) { + #if defined(USE_CERT_BUFFERS_2048) + ret = wc_SetAuthKeyIdFromCert(&myCert, ca_cert_der_2048, + sizeof_ca_cert_der_2048); + #elif defined(USE_CERT_BUFFERS_1024) + ret = wc_SetAuthKeyIdFromCert(&myCert, ca_cert_der_1024, + sizeof_ca_cert_der_1024); + #else + ret = wc_SetAuthKeyId(&myCert, caCertFile); + #endif + if (ret != 0) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7502,9 +7532,17 @@ int rsa_test(void) wc_FreeRng(&rng); return -494; } -#endif /* WOLFSSL_CERT_EXT */ + #endif /* WOLFSSL_CERT_EXT */ + #if defined(USE_CERT_BUFFERS_2048) + ret = wc_SetIssuerBuffer(&myCert, ca_cert_der_2048, + sizeof_ca_cert_der_2048); + #elif defined(USE_CERT_BUFFERS_1024) + ret = wc_SetIssuerBuffer(&myCert, ca_cert_der_1024, + sizeof_ca_cert_der_1024); + #else ret = wc_SetIssuer(&myCert, caCertFile); + #endif if (ret < 0) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7537,7 +7575,7 @@ int rsa_test(void) } -#ifdef WOLFSSL_TEST_CERT + #ifdef WOLFSSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, HEAP_HINT); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) { @@ -7548,7 +7586,9 @@ int rsa_test(void) return -458; } FreeDecodedCert(&decode); -#endif + #endif + + #ifndef NO_FILESYSTEM derFile = fopen("./ntru-cert.der", "wb"); if (!derFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7566,6 +7606,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -473; } + #endif pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); if (pemSz < 0) { @@ -7576,6 +7617,7 @@ int rsa_test(void) return -460; } + #ifndef NO_FILESYSTEM pemFile = fopen("./ntru-cert.pem", "wb"); if (!pemFile) { XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7611,6 +7653,8 @@ int rsa_test(void) wc_FreeRng(&rng); return -475; } + #endif + XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(derCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); } @@ -7652,7 +7696,7 @@ int rsa_test(void) strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); req.sigType = CTC_SHA256wRSA; -#ifdef WOLFSSL_CERT_EXT + #ifdef WOLFSSL_CERT_EXT /* add SKID from the Public Key */ if (wc_SetSubjectKeyIdFromPublicKey(&req, &keypub, NULL) != 0) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7671,7 +7715,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -494; } -#endif /* WOLFSSL_CERT_EXT */ + #endif /* WOLFSSL_CERT_EXT */ derSz = wc_MakeCertReq(&req, der, FOURK_BUF, &key, NULL); if (derSz < 0) { @@ -7701,11 +7745,8 @@ int rsa_test(void) return -467; } -#ifdef FREESCALE_MQX - reqFile = fopen("a:\\certs\\certreq.der", "wb"); -#else - reqFile = fopen("./certreq.der", "wb"); -#endif + #ifndef NO_FILESYSTEM + reqFile = fopen(certReqDerFile, "wb"); if (!reqFile) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7724,11 +7765,7 @@ int rsa_test(void) return -471; } -#ifdef FREESCALE_MQX - reqFile = fopen("a:\\certs\\certreq.pem", "wb"); -#else - reqFile = fopen("./certreq.pem", "wb"); -#endif + reqFile = fopen(certReqPemFile, "wb"); if (!reqFile) { XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7745,6 +7782,7 @@ int rsa_test(void) wc_FreeRng(&rng); return -470; } + #endif XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -7770,16 +7808,6 @@ int rsa_test(void) #ifndef NO_DH -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* dhKey = "a:\\certs\\dh2048.der"; - #elif defined(NO_ASN) - /* don't use file, no DER parsing */ - #else - static const char* dhKey = "./certs/dh2048.der"; - #endif -#endif - static int dh_generate_test(WC_RNG *rng) { int ret; @@ -7848,7 +7876,6 @@ int dh_test(void) /* don't use file, no DER parsing */ #else FILE* file = fopen(dhKey, "rb"); - if (!file) return -50; @@ -7919,14 +7946,6 @@ int dh_test(void) #ifndef NO_DSA -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* dsaKey = "a:\\certs\\dsa2048.der"; - #else - static const char* dsaKey = "./certs/dsa2048.der"; - #endif -#endif - int dsa_test(void) { int ret, answer; @@ -7939,7 +7958,6 @@ int dsa_test(void) byte hash[SHA_DIGEST_SIZE]; byte signature[40]; - #ifdef USE_CERT_BUFFERS_1024 XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); bytes = sizeof_dsa_key_der_1024; @@ -7948,7 +7966,6 @@ int dsa_test(void) bytes = sizeof_dsa_key_der_2048; #else FILE* file = fopen(dsaKey, "rb"); - if (!file) return -60; @@ -7988,8 +8005,10 @@ int dsa_test(void) int pemSz = 0; DsaKey derIn; DsaKey genKey; +#ifndef NO_FILESYSTEM FILE* keyFile; FILE* pemFile; +#endif ret = wc_InitDsaKey(&genKey); if (ret != 0) return -361; @@ -8025,11 +8044,8 @@ int dsa_test(void) return -366; } -#ifdef FREESCALE_MQX - keyFile = fopen("a:\\certs\\key.der", "wb"); -#else - keyFile = fopen("./key.der", "wb"); -#endif +#ifndef NO_FILESYSTEM + keyFile = fopen(keyDerFile, "wb"); if (!keyFile) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -8044,6 +8060,7 @@ int dsa_test(void) wc_FreeDsaKey(&genKey); return -368; } +#endif pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, DSA_PRIVATEKEY_TYPE); if (pemSz < 0) { @@ -8053,11 +8070,8 @@ int dsa_test(void) return -369; } -#ifdef FREESCALE_MQX - pemFile = fopen("a:\\certs\\key.pem", "wb"); -#else - pemFile = fopen("./key.pem", "wb"); -#endif +#ifndef NO_FILESYSTEM + pemFile = fopen(keyPemFile, "wb"); if (!pemFile) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -8072,6 +8086,7 @@ int dsa_test(void) wc_FreeDsaKey(&genKey); return -371; } +#endif ret = wc_InitDsaKey(&derIn); if (ret != 0) { @@ -9677,8 +9692,10 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) int derSz, pemSz; byte der[FOURK_BUF]; byte pem[FOURK_BUF]; +#ifndef NO_FILESYSTEM FILE* keyFile; FILE* pemFile; +#endif ecc_key userA; @@ -9697,7 +9714,8 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) ERROR_OUT(derSz, done); } - keyFile = fopen("./ecc-key.der", "wb"); +#ifndef NO_FILESYSTEM + keyFile = fopen(eccCaKeyFile, "wb"); if (!keyFile) { ERROR_OUT(-1025, done); } @@ -9706,13 +9724,15 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) if (ret != derSz) { ERROR_OUT(-1026, done); } +#endif pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, ECC_PRIVATEKEY_TYPE); if (pemSz < 0) { ERROR_OUT(pemSz, done); } - pemFile = fopen("./ecc-key.pem", "wb"); +#ifndef NO_FILESYSTEM + pemFile = fopen(eccCaKeyPemFile, "wb"); if (!pemFile) { ERROR_OUT(-1028, done); } @@ -9721,6 +9741,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) if (ret != pemSz) { ERROR_OUT(-1029, done); } +#endif /* test export of public key */ derSz = wc_EccPublicKeyToDer(&userA, der, FOURK_BUF, 1); @@ -9730,11 +9751,9 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) if (derSz == 0) { ERROR_OUT(-5416, done); } -#ifdef FREESCALE_MQX - keyFile = fopen("a:\\certs\\ecc-public-key.der", "wb"); -#else - keyFile = fopen("./ecc-public-key.der", "wb"); -#endif + +#ifndef NO_FILESYSTEM + keyFile = fopen(eccPubKeyDerFile, "wb"); if (!keyFile) { ERROR_OUT(-5417, done); } @@ -9743,6 +9762,8 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) if (ret != derSz) { ERROR_OUT(-5418, done); } +#endif + ret = 0; done: @@ -10760,9 +10781,6 @@ int ecc_test_buffers() { size_t bytes; ecc_key cliKey; ecc_key servKey; -#ifdef WOLFSSL_CERT_EXT - ecc_key keypub; -#endif WC_RNG rng; word32 idx = 0; int ret; @@ -11938,8 +11956,10 @@ int pkcs7enveloped_test(void) size_t rsaPrivKeySz = 0; size_t eccPrivKeySz = 0; +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) FILE* certFile; FILE* keyFile; +#endif #ifndef NO_RSA /* read client RSA cert and key in DER format */ @@ -11953,6 +11973,13 @@ int pkcs7enveloped_test(void) return -202; } +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(rsaCert, client_cert_der_1024, sizeof_client_cert_der_1024); + rsaCertSz = sizeof_client_cert_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(rsaCert, client_cert_der_2048, sizeof_client_cert_der_2048); + rsaCertSz = sizeof_client_cert_der_2048; +#else certFile = fopen(clientCert, "rb"); if (!certFile) { XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -11964,7 +11991,15 @@ int pkcs7enveloped_test(void) rsaCertSz = fread(rsaCert, 1, FOURK_BUF, certFile); fclose(certFile); +#endif +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(rsaPrivKey, client_key_der_1024, sizeof_client_key_der_1024); + rsaPrivKeySz = sizeof_client_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(rsaPrivKey, client_key_der_2048, sizeof_client_key_der_2048); + rsaPrivKeySz = sizeof_client_key_der_2048; +#else keyFile = fopen(clientKey, "rb"); if (!keyFile) { XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -11976,6 +12011,8 @@ int pkcs7enveloped_test(void) rsaPrivKeySz = fread(rsaPrivKey, 1, FOURK_BUF, keyFile); fclose(keyFile); +#endif /* USE_CERT_BUFFERS */ + #endif /* NO_RSA */ #ifdef HAVE_ECC @@ -11995,6 +12032,10 @@ int pkcs7enveloped_test(void) return -206; } +#ifdef USE_CERT_BUFFERS_256 + XMEMCPY(eccCert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256); + eccCertSz = sizeof_cliecc_cert_der_256; +#else certFile = fopen(eccClientCert, "rb"); if (!certFile) { XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -12005,10 +12046,14 @@ int pkcs7enveloped_test(void) "Please run from wolfSSL home dir", -42); return -207; } - eccCertSz = fread(eccCert, 1, FOURK_BUF, certFile); fclose(certFile); +#endif /* USE_CERT_BUFFERS_256 */ +#ifdef USE_CERT_BUFFERS_256 + XMEMCPY(eccPrivKey, ecc_clikey_der_256, sizeof_ecc_clikey_der_256); + eccPrivKeySz = sizeof_ecc_clikey_der_256; +#else keyFile = fopen(eccClientKey, "rb"); if (!keyFile) { XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -12019,9 +12064,9 @@ int pkcs7enveloped_test(void) "Please run from wolfSSL home dir", -43); return -208; } - eccPrivKeySz = fread(eccPrivKey, 1, FOURK_BUF, keyFile); fclose(keyFile); +#endif /* USE_CERT_BUFFERS_256 */ #endif /* HAVE_ECC */ ret = pkcs7enveloped_run_vectors(rsaCert, (word32)rsaCertSz, @@ -12248,8 +12293,9 @@ int pkcs7encrypted_test(void) int pkcs7signed_test(void) { int ret = 0; - +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) FILE* file; +#endif byte* certDer; byte* keyDer; byte* out; @@ -12300,6 +12346,13 @@ int pkcs7signed_test(void) } /* read in DER cert of recipient, into cert of size certSz */ +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(certDer, client_cert_der_1024, sizeof_client_cert_der_1024); + certDerSz = sizeof_client_cert_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(certDer, client_cert_der_2048, sizeof_client_cert_der_2048); + certDerSz = sizeof_client_cert_der_2048; +#else file = fopen(clientCert, "rb"); if (!file) { XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -12311,7 +12364,15 @@ int pkcs7signed_test(void) } certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); fclose(file); +#endif /* USE_CERT_BUFFER_ */ +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(keyDer, client_key_der_1024, sizeof_client_key_der_1024); + keyDerSz = sizeof_client_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(keyDer, client_key_der_2048, sizeof_client_key_der_2048); + keyDerSz = sizeof_client_key_der_2048; +#else file = fopen(clientKey, "rb"); if (!file) { XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -12323,6 +12384,7 @@ int pkcs7signed_test(void) } keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); fclose(file); +#endif /* USE_CERT_BUFFER_ */ ret = wc_InitRng(&rng); if (ret != 0) { diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index 2d52511d7..64d10e50d 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -1219,6 +1219,132 @@ static const unsigned char rsa_key_der_2048[] = }; static const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048); +/* ./certs/ca-key.der, 2048-bit */ +static const unsigned char ca_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, 0x14, 0xB2, 0x1E, 0x84, + 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, 0xF2, 0x4D, 0x75, 0x10, + 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, 0x7D, 0x03, 0x98, 0xD3, + 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, + 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, 0x21, 0x4D, 0x80, 0xCB, + 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, 0x45, 0x7D, 0xC9, 0x72, + 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, 0x69, 0x52, 0x10, 0x03, + 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, 0x8B, 0x62, 0x56, 0x1B, + 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, 0x95, 0xAD, 0x0A, 0x9B, + 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, 0x76, 0x50, 0x30, 0x5B, + 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, 0xA7, 0xA2, 0x7A, 0x8D, + 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, 0xF2, 0x7C, 0x95, 0xB0, + 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, 0xCD, 0x77, 0x25, 0xEF, + 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, 0x3D, 0xCA, 0x63, 0x5B, + 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, 0x2F, 0x19, 0xD1, 0x3C, + 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, + 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, 0x73, 0x1B, 0x42, 0x2D, + 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, 0xAB, 0x7A, 0x36, 0x3F, + 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, 0xCE, 0x6A, 0x14, 0x38, + 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, 0xCB, 0x68, 0x7F, 0x71, + 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, 0x56, 0x2F, 0xA3, 0x26, + 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, 0xD7, 0x38, 0x99, 0x08, + 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, 0x13, 0x49, 0x08, 0x16, + 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, 0x31, 0x67, 0x23, 0x4E, + 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, 0x04, 0xD9, 0x0B, 0xEC, + 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, 0x36, 0x79, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x3D, 0x6E, 0x4E, + 0x60, 0x1A, 0x84, 0x7F, 0x9D, 0x85, 0x7C, 0xE1, 0x4B, 0x07, + 0x7C, 0xE0, 0xD6, 0x99, 0x2A, 0xDE, 0x9D, 0xF9, 0x36, 0x34, + 0x0E, 0x77, 0x0E, 0x3E, 0x08, 0xEA, 0x4F, 0xE5, 0x06, 0x26, + 0xD4, 0xF6, 0x38, 0xF7, 0xDF, 0x0D, 0x0F, 0x1C, 0x2E, 0x06, + 0xA2, 0xF4, 0x2A, 0x68, 0x9C, 0x63, 0x72, 0xE3, 0x35, 0xE6, + 0x04, 0x91, 0x91, 0xB5, 0xC1, 0xB1, 0xA4, 0x54, 0xAC, 0xD7, + 0xC6, 0xFB, 0x41, 0xA0, 0xD6, 0x75, 0x6F, 0xBD, 0x0B, 0x4E, + 0xBF, 0xB1, 0x52, 0xE8, 0x5F, 0x49, 0x26, 0x98, 0x56, 0x47, + 0xC7, 0xDE, 0xE9, 0xEA, 0x3C, 0x60, 0x01, 0xBF, 0x28, 0xDC, + 0x31, 0xBF, 0x49, 0x5F, 0x93, 0x49, 0x87, 0x7A, 0x81, 0x5B, + 0x96, 0x4B, 0x4D, 0xCA, 0x5C, 0x38, 0x4F, 0xB7, 0xE1, 0xB2, + 0xD3, 0xC7, 0x21, 0xDA, 0x3C, 0x12, 0x87, 0x07, 0xE4, 0x1B, + 0xDC, 0x43, 0xEC, 0xE8, 0xEC, 0x54, 0x61, 0xE7, 0xF6, 0xED, + 0xA6, 0x0B, 0x2E, 0xF5, 0xDF, 0x82, 0x7F, 0xC6, 0x1F, 0x61, + 0x19, 0x9C, 0xA4, 0x83, 0x39, 0xDF, 0x21, 0x85, 0x89, 0x6F, + 0x77, 0xAF, 0x86, 0x15, 0x32, 0x08, 0xA2, 0x5A, 0x0B, 0x26, + 0x61, 0xFB, 0x70, 0x0C, 0xCA, 0x9C, 0x38, 0x7D, 0xBC, 0x22, + 0xEE, 0xEB, 0xA3, 0xA8, 0x16, 0x00, 0xF9, 0x8A, 0x80, 0x1E, + 0x00, 0x84, 0xA8, 0x4A, 0x41, 0xF8, 0x84, 0x03, 0x67, 0x2F, + 0x23, 0x5B, 0x2F, 0x9B, 0x6B, 0x26, 0xC3, 0x07, 0x34, 0x94, + 0xA3, 0x03, 0x3B, 0x72, 0xD5, 0x9F, 0x72, 0xE0, 0xAD, 0xCC, + 0x34, 0xAB, 0xBD, 0xC7, 0xD5, 0xF5, 0x26, 0x30, 0x85, 0x0F, + 0x30, 0x23, 0x39, 0x52, 0xFF, 0x3C, 0xCB, 0x99, 0x21, 0x4D, + 0x88, 0xA5, 0xAB, 0xEE, 0x62, 0xB9, 0xC7, 0xE0, 0xBB, 0x47, + 0x87, 0xC1, 0x69, 0xCF, 0x73, 0xF3, 0x30, 0xBE, 0xCE, 0x39, + 0x04, 0x9C, 0xE5, 0x02, 0x81, 0x81, 0x00, 0xE1, 0x76, 0x45, + 0x80, 0x59, 0xB6, 0xD3, 0x49, 0xDF, 0x0A, 0xEF, 0x12, 0xD6, + 0x0F, 0xF0, 0xB7, 0xCB, 0x2A, 0x37, 0xBF, 0xA7, 0xF8, 0xB5, + 0x4D, 0xF5, 0x31, 0x35, 0xAD, 0xE4, 0xA3, 0x94, 0xA1, 0xDB, + 0xF1, 0x96, 0xAD, 0xB5, 0x05, 0x64, 0x85, 0x83, 0xFC, 0x1B, + 0x5B, 0x29, 0xAA, 0xBE, 0xF8, 0x26, 0x3F, 0x76, 0x7E, 0xAD, + 0x1C, 0xF0, 0xCB, 0xD7, 0x26, 0xB4, 0x1B, 0x05, 0x8E, 0x56, + 0x86, 0x7E, 0x08, 0x62, 0x21, 0xC1, 0x86, 0xD6, 0x47, 0x79, + 0x3E, 0xB7, 0x5D, 0xA4, 0xC6, 0x3A, 0xD7, 0xB1, 0x74, 0x20, + 0xF6, 0x50, 0x97, 0x41, 0x04, 0x53, 0xED, 0x3F, 0x26, 0xD6, + 0x6F, 0x91, 0xFA, 0x68, 0x26, 0xEC, 0x2A, 0xDC, 0x9A, 0xF1, + 0xE7, 0xDC, 0xFB, 0x73, 0xF0, 0x79, 0x43, 0x1B, 0x21, 0xA3, + 0x59, 0x04, 0x63, 0x52, 0x07, 0xC9, 0xD7, 0xE6, 0xD1, 0x1B, + 0x5D, 0x5E, 0x96, 0xFA, 0x53, 0x02, 0x81, 0x81, 0x00, 0xD8, + 0xED, 0x4E, 0x64, 0x61, 0x6B, 0x91, 0x0C, 0x61, 0x01, 0xB5, + 0x0F, 0xBB, 0x44, 0x67, 0x53, 0x1E, 0xDC, 0x07, 0xC4, 0x24, + 0x7E, 0x9E, 0x6C, 0x84, 0x23, 0x91, 0x0C, 0xE4, 0x12, 0x04, + 0x16, 0x4D, 0x78, 0x98, 0xCC, 0x96, 0x3D, 0x20, 0x4E, 0x0F, + 0x45, 0x9A, 0xB6, 0xF8, 0xB3, 0x93, 0x0D, 0xB2, 0xA2, 0x1B, + 0x29, 0xF2, 0x26, 0x79, 0xC8, 0xC5, 0xD2, 0x78, 0x7E, 0x5E, + 0x73, 0xF2, 0xD7, 0x70, 0x61, 0xBB, 0x40, 0xCE, 0x61, 0x05, + 0xFE, 0x69, 0x1E, 0x82, 0x29, 0xE6, 0x14, 0xB8, 0xA1, 0xE7, + 0x96, 0xD0, 0x23, 0x3F, 0x05, 0x93, 0x00, 0xF2, 0xE1, 0x4D, + 0x7E, 0xED, 0xB7, 0x96, 0x6C, 0xF7, 0xF0, 0xE4, 0xD1, 0xCF, + 0x01, 0x98, 0x4F, 0xDC, 0x74, 0x54, 0xAA, 0x6D, 0x5E, 0x5A, + 0x41, 0x31, 0xFE, 0xFF, 0x9A, 0xB6, 0xA0, 0x05, 0xDD, 0xA9, + 0x10, 0x54, 0xF8, 0x6B, 0xD0, 0xAA, 0x83, 0x02, 0x81, 0x80, + 0x21, 0xD3, 0x04, 0x8A, 0x44, 0xEB, 0x50, 0xB7, 0x7C, 0x66, + 0xBF, 0x87, 0x2B, 0xE6, 0x28, 0x4E, 0xEA, 0x83, 0xE2, 0xE9, + 0x35, 0xE1, 0xF2, 0x11, 0x47, 0xFF, 0xA1, 0xF5, 0xFC, 0x9F, + 0x2D, 0xE5, 0x3A, 0x81, 0xFC, 0x01, 0x03, 0x6F, 0x53, 0xAD, + 0x54, 0x27, 0xB6, 0x52, 0xEE, 0xE5, 0x56, 0xD1, 0x13, 0xAB, + 0xE1, 0xB3, 0x0F, 0x75, 0x90, 0x0A, 0x84, 0xB4, 0xA1, 0xC0, + 0x8C, 0x0C, 0xD6, 0x9E, 0x46, 0xBA, 0x2B, 0x3E, 0xB5, 0x31, + 0xED, 0x63, 0xBB, 0xA4, 0xD5, 0x0D, 0x8F, 0x72, 0xCD, 0xD1, + 0x1E, 0x26, 0x35, 0xEB, 0xBE, 0x1B, 0x72, 0xFD, 0x9B, 0x39, + 0xB4, 0x87, 0xB7, 0x13, 0xF5, 0xEA, 0x83, 0x45, 0x93, 0x98, + 0xBA, 0x8F, 0xE4, 0x4A, 0xCC, 0xB4, 0x4C, 0xA8, 0x7F, 0x08, + 0xBA, 0x41, 0x49, 0xA8, 0x49, 0x28, 0x3D, 0x5E, 0x3D, 0xC1, + 0xCE, 0x37, 0x00, 0xCB, 0xF9, 0x2C, 0xDD, 0x51, 0x02, 0x81, + 0x81, 0x00, 0xA1, 0x57, 0x9F, 0x3E, 0xB9, 0xD6, 0xAF, 0x83, + 0x6D, 0x83, 0x3F, 0x8F, 0xFB, 0xD0, 0xDC, 0xA8, 0xCE, 0x03, + 0x09, 0x23, 0xB1, 0xA1, 0x1B, 0x63, 0xCA, 0xC4, 0x49, 0x56, + 0x35, 0x2B, 0xD1, 0x2E, 0x65, 0x60, 0x95, 0x05, 0x55, 0x99, + 0x11, 0x35, 0xFD, 0xD5, 0xDF, 0x44, 0xC7, 0xA5, 0x88, 0x72, + 0x5F, 0xB2, 0x82, 0x51, 0xA8, 0x71, 0x45, 0x93, 0x36, 0xCF, + 0x5C, 0x1F, 0x61, 0x51, 0x0C, 0x05, 0x80, 0xE8, 0xAF, 0xC5, + 0x7B, 0xBA, 0x5E, 0x22, 0xE3, 0x3C, 0x75, 0xC3, 0x84, 0x05, + 0x55, 0x6D, 0xD6, 0x3A, 0x2D, 0x84, 0x89, 0x93, 0x33, 0xCB, + 0x38, 0xDA, 0xAA, 0x31, 0x05, 0xCD, 0xCE, 0x6C, 0x2D, 0xDD, + 0x55, 0xD3, 0x57, 0x0B, 0xF0, 0xA5, 0x35, 0x6A, 0xB0, 0xAE, + 0x31, 0xBA, 0x43, 0x96, 0xCA, 0x00, 0xC7, 0x4B, 0xE3, 0x19, + 0x12, 0x43, 0xD3, 0x42, 0xFA, 0x6F, 0xEA, 0x80, 0xC0, 0xD1, + 0x02, 0x81, 0x81, 0x00, 0xB9, 0xDB, 0x89, 0x20, 0x34, 0x27, + 0x70, 0x62, 0x34, 0xEA, 0x5F, 0x25, 0x62, 0x12, 0xF3, 0x9D, + 0x81, 0xBF, 0x48, 0xEE, 0x9A, 0x0E, 0xC1, 0x8D, 0x10, 0xFF, + 0x65, 0x9A, 0x9D, 0x2D, 0x1A, 0x8A, 0x94, 0x5A, 0xC8, 0xC0, + 0xA5, 0xA5, 0x84, 0x61, 0x9E, 0xD4, 0x24, 0xB9, 0xEF, 0xA9, + 0x9D, 0xC9, 0x77, 0x0B, 0xC7, 0x70, 0x66, 0x3D, 0xBA, 0xC8, + 0x54, 0xDF, 0xD2, 0x33, 0xE1, 0xF5, 0x7F, 0xF9, 0x27, 0x61, + 0xBE, 0x57, 0x45, 0xDD, 0xB7, 0x45, 0x17, 0x24, 0xF5, 0x23, + 0xE4, 0x38, 0x0E, 0x91, 0x27, 0xEE, 0xE3, 0x20, 0xD8, 0x14, + 0xC8, 0x94, 0x47, 0x77, 0x40, 0x77, 0x45, 0x18, 0x9E, 0x0D, + 0xCE, 0x79, 0x3F, 0x57, 0x31, 0x56, 0x09, 0x49, 0x67, 0xBE, + 0x94, 0x58, 0x4F, 0xF6, 0xC4, 0xAB, 0xE2, 0x89, 0xE3, 0xE3, + 0x8A, 0xC0, 0x05, 0x55, 0x2C, 0x24, 0xC0, 0x4A, 0x97, 0x04, + 0x27, 0x9A +}; +static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048); + /* ./certs/ca-cert.der, 2048-bit */ static const unsigned char ca_cert_der_2048[] = { diff --git a/wolfssl/internal.h b/wolfssl/internal.h old mode 100644 new mode 100755 index 2db8bd95f..19cb6710f --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -140,6 +140,8 @@ #elif defined(MBED) #elif defined(WOLFSSL_TIRTOS) /* do nothing */ +#elif defined(INTIME_RTOS) + #include #else #ifndef SINGLE_THREADED #define WOLFSSL_PTHREADS diff --git a/wolfssl/wolfcrypt/fe_operations.h b/wolfssl/wolfcrypt/fe_operations.h index ae15dab1f..0696b6789 100644 --- a/wolfssl/wolfcrypt/fe_operations.h +++ b/wolfssl/wolfcrypt/fe_operations.h @@ -71,9 +71,9 @@ WOLFSSL_LOCAL void fe_tobytes(unsigned char *, const fe); WOLFSSL_LOCAL void fe_sq(fe, const fe); WOLFSSL_LOCAL void fe_sq2(fe,const fe); WOLFSSL_LOCAL void fe_frombytes(fe,const unsigned char *); -WOLFSSL_LOCAL void fe_cswap(fe,fe,unsigned int); +WOLFSSL_LOCAL void fe_cswap(fe, fe, int); WOLFSSL_LOCAL void fe_mul121666(fe,fe); -WOLFSSL_LOCAL void fe_cmov(fe,const fe,unsigned int); +WOLFSSL_LOCAL void fe_cmov(fe,const fe, int); WOLFSSL_LOCAL void fe_pow22523(fe,const fe); /* 64 type needed for SHA512 */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 897247fcb..b1387b3de 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -440,7 +440,7 @@ /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_EROAD) && \ - !defined(WOLFSSL_UTASKER) + !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS) #define USE_WINDOWS_API #endif @@ -730,12 +730,12 @@ static char *fgets(char *buff, int sz, FILE *fp) /* WOLFSSL_DH_CONST */ #define NO_FILESYSTEM #define WOLFSSL_CRYPT_HW_MUTEX 1 - + #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) #define XMALLOC(s, h, type) pvPortMalloc((s)) #define XFREE(p, h, type) vPortFree((p)) #endif - + //#define USER_TICKS /* Allows use of DH with fixed points if uncommented and NO_DH is removed */ /* WOLFSSL_DH_CONST */ @@ -854,7 +854,7 @@ static char *fgets(char *buff, int sz, FILE *fp) #if defined(FSL_FEATURE_LTC_HAS_GCM) && FSL_FEATURE_LTC_HAS_GCM #define FREESCALE_LTC_AES_GCM #endif - + #if defined(FSL_FEATURE_LTC_HAS_SHA) && FSL_FEATURE_LTC_HAS_SHA #define FREESCALE_LTC_SHA #endif @@ -869,12 +869,12 @@ static char *fgets(char *buff, int sz, FILE *fp) #define LTC_MAX_INT_BYTES (256) #endif - /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. + /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. * In such a case both software and hardware algorithm * for TFM is linked in. The decision for which algorithm is used is determined at runtime * from size of inputs. If inputs and result can fit into LTC (see LTC_MAX_INT_BYTES) * then we call hardware algorithm, otherwise we call software algorithm. - * + * * Chinese reminder theorem is used to break RSA 4096 exponentiations (both public and private key) * into several computations with 2048-bit modulus and exponents. */ @@ -886,7 +886,7 @@ static char *fgets(char *buff, int sz, FILE *fp) #define ECC_TIMING_RESISTANT /* the LTC PKHA hardware limit is 512 bits (64 bytes) for ECC. - the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters + the LTC_MAX_ECC_BITS defines the size of local variables that hold ECC parameters and point coordinates */ #ifndef LTC_MAX_ECC_BITS #define LTC_MAX_ECC_BITS (384) @@ -1493,6 +1493,10 @@ static char *fgets(char *buff, int sz, FILE *fp) #endif #endif +#if !defined(NO_OLD_TLS) && (defined(NO_SHA) || defined(NO_MD5)) + #error old TLS requires MD5 and SHA +#endif + /* Place any other flags or defines here */ diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index a8a16bfde..bf458fe39 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -133,7 +133,8 @@ /* set up rotate style */ - #if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && !defined(WOLFSSL_SGX) + #if (defined(_MSC_VER) || defined(__BCPLUSPLUS__)) && \ + !defined(WOLFSSL_SGX) && !defined(INTIME_RTOS) #define INTEL_INTRINSICS #define FAST_ROTATE #elif defined(__MWERKS__) && TARGET_CPU_PPC @@ -148,7 +149,10 @@ /* set up thread local storage if available */ #ifdef HAVE_THREAD_LS - #if defined(_MSC_VER) + #if defined(INTIME_RTOS) + /* Thread local storage not supported */ + #define THREAD_LS_T + #elif defined(_MSC_VER) #define THREAD_LS_T __declspec(thread) /* Thread local storage only in FreeRTOS v8.2.1 and higher */ #elif defined(FREERTOS) @@ -163,7 +167,8 @@ /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ - !defined(FREERTOS_TCP) && !defined(EBSNET) && !defined(WOLFSSL_UTASKER) + !defined(FREERTOS_TCP) && !defined(EBSNET) && \ + !defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS) #define USE_WINDOWS_API #endif @@ -252,7 +257,7 @@ #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) /* use only Thread Safe version of strtok */ - #ifndef USE_WINDOWS_API + #if !defined(USE_WINDOWS_API) && !defined(INTIME_RTOS) #define XSTRTOK strtok_r #else #define XSTRTOK strtok_s diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index d12c16e5d..574700b69 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -38,14 +38,14 @@ #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif - #ifndef WOLFSSL_SGX - #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) - /* On WinCE winsock2.h must be included before windows.h */ - #include - #endif - #include + #ifndef WOLFSSL_SGX + #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) + /* On WinCE winsock2.h must be included before windows.h */ + #include + #endif + #include + #endif /* WOLFSSL_SGX */ #endif - #endif /* WOLFSSL_SGX */ #elif defined(THREADX) #ifndef SINGLE_THREADED #include "tx_api.h" @@ -61,12 +61,13 @@ #elif defined(FREESCALE_FREE_RTOS) #include "fsl_os_abstraction.h" #elif defined(WOLFSSL_uITRON4) + #include "stddef.h" #include "kernel.h" #elif defined(WOLFSSL_uTKERNEL2) #include "tk/tkernel.h" #elif defined(WOLFSSL_MDK_ARM) #if defined(WOLFSSL_MDK5) - #include "cmsis_os.h" + #include "cmsis_os.h" #else #include #endif @@ -77,6 +78,9 @@ #include #elif defined(WOLFSSL_FROSTED) #include +#elif defined(INTIME_RTOS) + #include + #include #else #ifndef SINGLE_THREADED #define WOLFSSL_PTHREADS @@ -146,6 +150,8 @@ typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex; #elif defined(WOLFSSL_FROSTED) typedef mutex_t * wolfSSL_Mutex; + #elif defined(INTIME_RTOS) + typedef RTHANDLE wolfSSL_Mutex; #else #error Need a mutex type in multithreaded mode #endif /* USE_WINDOWS_API */