WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #7438 from julek-wolfssl/zephr-no-malloc 

zephyr no malloc
pull/7515/head
Daniel Pouzzner 2024-05-09 02:57:20 -04:00 committed by GitHub
parent 10b31cc481 14ce8ce198
commit f7e1e370a0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
30 changed files with 520 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/zephyr.yml vendored
View File

@ -23,9 +23,11 @@ jobs:
zephyr-sdk: 0.16.1
- zephyr-ref: v3.5.0
zephyr-sdk: 0.16.3
- zephyr-ref: v2.7.4
zephyr-sdk: 0.16.3
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 15
timeout-minutes: 25
steps:
- name: Install dependencies
run: |
@ -78,25 +80,38 @@ jobs:
cd zephyr-sdk-${{ matrix.config.zephyr-sdk }}
./setup.sh -h -c -t x86_64-zephyr-elf
- name: Fix options for 2.7.4
if: ${{ matrix.config.zephyr-ref == 'v2.7.4' }}
working-directory: zephyr/modules/crypto/wolfssl
run: |
sed -i -e 's/CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE/CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE/g' $(find -name prj.conf)
- name: Run wolfssl test
id: wolfssl-test
working-directory: zephyr
run: |
./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
./zephyr/scripts/twister -T modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
rm -rf zephyr/twister-out
./zephyr/scripts/twister -T modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test_no_malloc -vvv
rm -rf zephyr/twister-out
- name: Run wolfssl TLS sock test
# Results in a page fault that I can't trace
if: ${{ matrix.config.zephyr-ref != 'v2.7.4' }}
id: wolfssl-tls-sock
working-directory: zephyr
run: |
./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
./zephyr/scripts/twister -T modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
rm -rf zephyr/twister-out
./zephyr/scripts/twister -T modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock_no_malloc -vvv
rm -rf zephyr/twister-out
- name: Run wolfssl TLS thread test
if: ${{ matrix.config.zephyr-ref != 'v2.7.4' }}
id: wolfssl-tls-thread
working-directory: zephyr
run: |
./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
./zephyr/scripts/twister -T modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
rm -rf zephyr/twister-out
- name: Zip failure logs

2
src/internal.c
View File

@ -37860,7 +37860,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
if (sess == NULL) {
ret = TlsSessionCacheGetAndRdLock(id, &sess, &freeCtx->row,
ssl->options.side);
(byte)ssl->options.side);
if (ret != 0)
sess = NULL;
}

2
src/ssl_p7p12.c
View File

@ -1684,7 +1684,7 @@ WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12)
}
if (mem != NULL) {
localPkcs12 = wc_PKCS12_new();
localPkcs12 = wc_PKCS12_new_ex(bio->heap);
if (localPkcs12 == NULL) {
WOLFSSL_MSG("Memory error");
}

5
src/x509.c
View File

@ -11678,8 +11678,9 @@ err:
"-----BEGIN X509 CRL-----")) {
/* We have a crl */
WOLFSSL_MSG("Parsing crl");
if((PemToDer((const unsigned char*) header, footerEnd - header,
CRL_TYPE, &der, NULL, NULL, NULL)) < 0) {
if((PemToDer((const unsigned char*) header,
(long)(footerEnd - header), CRL_TYPE, &der, NULL, NULL,
NULL)) < 0) {
WOLFSSL_MSG("PemToDer error");
goto err;
}

5
wolfcrypt/src/memory.c
View File

@ -992,7 +992,7 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type)
}
#ifdef WOLFSSL_DEBUG_STATIC_MEMORY
else {
fprintf(stderr, "Size: %ld, Empty: %d\n", size,
fprintf(stderr, "Size: %lu, Empty: %d\n", (unsigned long) size,
mem->sizeList[i]);
}
#endif
@ -1029,7 +1029,8 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type)
else {
WOLFSSL_MSG("ERROR ran out of static memory");
#ifdef WOLFSSL_DEBUG_MEMORY
fprintf(stderr, "Looking for %lu bytes at %s:%d\n", size, func, line);
fprintf(stderr, "Looking for %lu bytes at %s:%d\n", (unsigned long) size, func,
line);
#endif
}

21
wolfcrypt/src/pkcs12.c
View File

@ -130,15 +130,22 @@ typedef struct WC_PKCS12_ATTRIBUTE {
WC_PKCS12* wc_PKCS12_new(void)
{
return wc_PKCS12_new_ex(NULL);
}
WC_PKCS12* wc_PKCS12_new_ex(void* heap)
{
WC_PKCS12* pkcs12 = (WC_PKCS12*)XMALLOC(sizeof(WC_PKCS12),
NULL, DYNAMIC_TYPE_PKCS);
heap, DYNAMIC_TYPE_PKCS);
if (pkcs12 == NULL) {
WOLFSSL_MSG("Memory issue when creating WC_PKCS12 struct");
return NULL;
}
XMEMSET(pkcs12, 0, sizeof(WC_PKCS12));
pkcs12->heap = heap;
return pkcs12;
}
@ -202,7 +209,7 @@ void wc_PKCS12_free(WC_PKCS12* pkcs12)
}
#endif
XFREE(pkcs12, NULL, DYNAMIC_TYPE_PKCS);
XFREE(pkcs12, heap, DYNAMIC_TYPE_PKCS);
}
@ -2604,20 +2611,12 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name,
return NULL;
}
if ((pkcs12 = wc_PKCS12_new()) == NULL) {
if ((pkcs12 = wc_PKCS12_new_ex(heap)) == NULL) {
wc_FreeRng(&rng);
WOLFSSL_LEAVE("wc_PKCS12_create", MEMORY_E);
return NULL;
}
if ((ret = wc_PKCS12_SetHeap(pkcs12, heap)) != 0) {
wc_PKCS12_free(pkcs12);
wc_FreeRng(&rng);
WOLFSSL_LEAVE("wc_PKCS12_create", ret);
(void)ret;
return NULL;
}
if (iter <= 0) {
iter = WC_PKCS12_ITT_DEFAULT;
}

24
wolfcrypt/src/random.c
View File

@ -3731,25 +3731,33 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#elif defined(WOLFSSL_ZEPHYR)
#include <version.h>
#include <version.h>
#if KERNEL_VERSION_NUMBER >= 0x30500
#include <zephyr/random/random.h>
#else
#include <zephyr/random/rand32.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/random/rand32.h>
#else
#include <random/rand32.h>
#endif
#endif
#ifndef _POSIX_C_SOURCE
#include <zephyr/posix/time.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/posix/time.h>
#else
#include <posix/time.h>
#endif
#else
#include <time.h>
#endif
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
sys_rand_get(output, sz);
return 0;
}
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
sys_rand_get(output, sz);
return 0;
}
#elif defined(WOLFSSL_TELIT_M2MB)

15
wolfcrypt/src/wc_port.c
View File

@ -3668,11 +3668,13 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
#elif defined(WOLFSSL_ZEPHYR)
void* wolfsslThreadHeapHint = NULL;
int wolfSSL_NewThread(THREAD_TYPE* thread,
THREAD_CB cb, void* arg)
{
#ifndef WOLFSSL_ZEPHYR_STACK_SZ
#define WOLFSSL_ZEPHYR_STACK_SZ (24*1024)
#define WOLFSSL_ZEPHYR_STACK_SZ (48*1024)
#endif
if (thread == NULL || cb == NULL)
@ -3686,10 +3688,12 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
* 0);
*/
thread->threadStack = (void*)XMALLOC(
Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ), 0,
DYNAMIC_TYPE_TMP_BUFFER);
if (thread->threadStack == NULL)
Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ),
wolfsslThreadHeapHint, DYNAMIC_TYPE_TMP_BUFFER);
if (thread->threadStack == NULL) {
WOLFSSL_MSG("error: XMALLOC failed");
return MEMORY_E;
}
/* k_thread_create does not return any error codes */
/* Casting to k_thread_entry_t should be fine since we just ignore the
@ -3716,7 +3720,8 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
* if (err != 0)
* ret = MEMORY_E;
*/
XFREE(thread.threadStack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(thread.threadStack, wolfsslThreadHeapHint,
DYNAMIC_TYPE_TMP_BUFFER);
thread.threadStack = NULL;
/* No thread resources to free. Everything is stored in thread.tid */

99
wolfcrypt/test/test.c
View File

@ -354,6 +354,9 @@ const byte const_byte_array[] = "A+Gd\0\0\0";
#ifdef HAVE_PKCS7
#include <wolfssl/wolfcrypt/pkcs7.h>
#endif
#ifdef HAVE_PKCS12
#include <wolfssl/wolfcrypt/pkcs12.h>
#endif
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
@ -584,6 +587,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void);
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void);
#endif /* WC_NO_RNG */
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void);
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void);
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void); /* test mini api */
@ -595,7 +599,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void);
#endif
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void);
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_pbkdf_test(void);
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void);
#endif
@ -1672,6 +1676,16 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
PRIVATE_KEY_LOCK();
#endif
#if defined(USE_CERT_BUFFERS_2048) && \
defined(HAVE_PKCS12) && \
!defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
!defined(NO_CERTS) && !defined(NO_DES3)
if ( (ret = pkcs12_test()) != 0)
TEST_FAIL("PKCS12 test failed!\n", ret);
else
TEST_PASS("PKCS12 test passed!\n");
#endif
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
if ( (ret = openssl_test()) != 0)
TEST_FAIL("OPENSSL test failed!\n", ret);
@ -24699,7 +24713,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void)
#endif
#ifdef HAVE_PKCS12
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_pbkdf_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
0x00, 0x00 };
@ -24726,7 +24740,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
int kLen = 24;
int iterations = 1;
wc_test_ret_t ret;
WOLFSSL_ENTER("pkcs12_test");
WOLFSSL_ENTER("pkcs12_pbkdf_test");
ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
iterations, kLen, WC_SHA256, id);
@ -24831,7 +24845,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
return ret;
#endif
#ifdef HAVE_PKCS12
ret = pkcs12_test();
ret = pkcs12_pbkdf_test();
if (ret != 0)
return ret;
#endif
@ -24845,6 +24859,79 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
#endif /* NO_PWDBASED */
#if defined(USE_CERT_BUFFERS_2048) && \
defined(HAVE_PKCS12) && \
!defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
!defined(NO_CERTS) && !defined(NO_DES3)
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
{
wc_test_ret_t ret = 0;
WC_PKCS12* pkcs12 = NULL;
/* Gen vars */
byte* pkcs12der = NULL;
int pkcs12derSz = 0;
WC_DerCertList derCaList = {
(byte*)ca_cert_der_2048, sizeof_ca_cert_der_2048, NULL
};
char* pass = (char*)"wolfSSL test";
/* Parsing vars */
WC_DerCertList* derCaListOut = NULL;
byte* keyDer = NULL;
byte* certDer = NULL;
word32 keySz;
word32 certSz;
WOLFSSL_ENTER("pkcs12_test");
pkcs12 = wc_PKCS12_create(pass, XSTRLEN(pass),
(char*)"friendlyName" /* not used currently */,
(byte*)server_key_der_2048, sizeof_server_key_der_2048,
(byte*)server_cert_der_2048, sizeof_server_cert_der_2048,
&derCaList, PBE_SHA1_DES3, PBE_SHA1_DES3, 100, 100,
0 /* not used currently */, HEAP_HINT);
if (pkcs12 == NULL)
return MEMORY_E;
ret = wc_i2d_PKCS12(pkcs12, NULL, &pkcs12derSz);
if (ret != LENGTH_ONLY_E)
return ret == 0 ? -1 : ret;
pkcs12der = (byte*)XMALLOC(pkcs12derSz, HEAP_HINT, DYNAMIC_TYPE_PKCS);
if (pkcs12der == NULL)
return MEMORY_E;
{
/* Use tmp pointer to avoid advancing pkcs12der */
byte* tmp = pkcs12der;
ret = wc_i2d_PKCS12(pkcs12, &tmp, &pkcs12derSz);
if (ret <= 0)
return ret == 0 ? -1 : ret;
}
wc_PKCS12_free(pkcs12);
pkcs12 = wc_PKCS12_new_ex(HEAP_HINT);
if (pkcs12 == NULL)
return MEMORY_E;
/* convert the DER file into an internal structure */
ret = wc_d2i_PKCS12(pkcs12der, pkcs12derSz, pkcs12);
if (ret != 0)
return ret;
/* parse the internal structure into its parts */
ret = wc_PKCS12_parse(pkcs12, "wolfSSL test", &keyDer, &keySz,
&certDer, &certSz, &derCaListOut);
if (ret != 0 || keyDer == NULL || certDer == NULL || derCaListOut == NULL)
return ret == 0 ? -1 : ret;
wc_FreeCertList(derCaListOut, HEAP_HINT);
XFREE(keyDer, HEAP_HINT, DYNAMIC_TYPE_PKCS);
XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_PKCS);
wc_PKCS12_free(pkcs12);
return ret;
}
#endif
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) || \
@ -50249,7 +50336,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
return BAD_FUNC_ARG;
#ifdef DEBUG_WOLFSSL
printf("CryptoDevCb: Algo Type %d\n", info->algo_type);
WOLFSSL_MSG_EX("CryptoDevCb: Algo Type %d\n", info->algo_type);
#endif
if (info->algo_type == WC_ALGO_TYPE_RNG) {
@ -50291,7 +50378,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
}
else if (info->algo_type == WC_ALGO_TYPE_PK) {
#ifdef DEBUG_WOLFSSL
printf("CryptoDevCb: Pk Type %d\n", info->pk.type);
WOLFSSL_MSG_EX("CryptoDevCb: Pk Type %d\n", info->pk.type);
#endif
#ifndef NO_RSA

7
wolfssl/internal.h
View File

@ -206,7 +206,12 @@
#endif
#elif defined(WOLFSSL_ZEPHYR)
#ifndef SINGLE_THREADED
#include <zephyr/kernel.h>
#include <version.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/kernel.h>
#else
#include <kernel.h>
#endif
#endif
#elif defined(WOLFSSL_TELIT_M2MB)
/* do nothing */

2
wolfssl/ssl.h
View File

@ -37,6 +37,7 @@
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/memory.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/pkcs12.h>
/* For the types */
#include <wolfssl/openssl/compat_types.h>
@ -2974,7 +2975,6 @@ WOLFSSL_API int wolfSSL_connect_cert(WOLFSSL* ssl);
/* PKCS12 compatibility */
typedef struct WC_PKCS12 WC_PKCS12;
WOLFSSL_API WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
WC_PKCS12** pkcs12);
WOLFSSL_API int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12);

19
wolfssl/test.h
View File

@ -143,9 +143,26 @@
#include <pthread.h>
#define SOCKET_T int
#elif defined(WOLFSSL_ZEPHYR)
#include <version.h>
#include <string.h>
#include <sys/types.h>
#include <zephyr/net/socket.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/net/socket.h>
#ifdef CONFIG_POSIX_API
#include <zephyr/posix/poll.h>
#include <zephyr/posix/netdb.h>
#include <zephyr/posix/sys/socket.h>
#include <zephyr/posix/sys/select.h>
#endif
#else
#include <net/socket.h>
#ifdef CONFIG_POSIX_API
#include <posix/poll.h>
#include <posix/netdb.h>
#include <posix/sys/socket.h>
#include <posix/sys/select.h>
#endif
#endif
#define SOCKET_T int
#define SOL_SOCKET 1
#define WOLFSSL_USE_GETADDRINFO

7
wolfssl/wolfcrypt/pkcs12.h
View File

@ -29,9 +29,7 @@
extern "C" {
#endif
#ifndef WOLFSSL_TYPES_DEFINED /* do not redeclare from ssl.h */
typedef struct WC_PKCS12 WC_PKCS12;
#endif
typedef struct WC_PKCS12 WC_PKCS12;
typedef struct WC_DerCertList { /* dereferenced in ssl.c */
byte* buffer;
@ -47,6 +45,7 @@ enum {
};
WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void);
WOLFSSL_API WC_PKCS12* wc_PKCS12_new_ex(void* heap);
WOLFSSL_API void wc_PKCS12_free(WC_PKCS12* pkcs12);
WOLFSSL_API int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12);
#ifndef NO_FILESYSTEM
@ -67,7 +66,7 @@ WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz,
WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap);
WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12);
WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap);
WOLFSSL_API void wc_FreeCertList(WC_DerCertList* list, void* heap);
#ifdef __cplusplus
} /* extern "C" */

7
wolfssl/wolfcrypt/settings.h
View File

@ -2082,9 +2082,16 @@ extern void uITRON4_free(void *p) ;
#endif /*(WOLFSSL_APACHE_MYNEWT)*/
#ifdef WOLFSSL_ZEPHYR
#include <version.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/kernel.h>
#include <zephyr/sys/printk.h>
#include <zephyr/sys/util.h>
#else
#include <kernel.h>
#include <sys/printk.h>
#include <sys/util.h>
#endif
#include <stdlib.h>
#define WOLFSSL_DH_CONST

1
wolfssl/wolfcrypt/types.h
View File

@ -1422,6 +1422,7 @@ typedef struct w64wrapper {
k_thread_stack_t* threadStack;
} THREAD_TYPE;
#define WOLFSSL_THREAD
extern void* wolfsslThreadHeapHint;
#elif defined(NETOS)
typedef UINT THREAD_RETURN;
typedef struct {

14
wolfssl/wolfcrypt/wc_port.h
View File

@ -145,13 +145,20 @@
#elif defined(WOLFSSL_APACHE_MYNEWT)
/* do nothing */
#elif defined(WOLFSSL_ZEPHYR)
#include <version.h>
#ifndef SINGLE_THREADED
#ifndef CONFIG_PTHREAD_IPC
#error "Need CONFIG_PTHREAD_IPC for threading"
#endif
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/kernel.h>
#include <zephyr/posix/posix_types.h>
#include <zephyr/posix/pthread.h>
#else
#include <kernel.h>
#include <posix/posix_types.h>
#include <posix/pthread.h>
#endif
#endif
#elif defined(WOLFSSL_TELIT_M2MB)
@ -999,8 +1006,13 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define USE_WOLF_TIME_T
#elif defined(WOLFSSL_ZEPHYR)
#include <version.h>
#ifndef _POSIX_C_SOURCE
#include <zephyr/posix/time.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/posix/time.h>
#else
#include <posix/time.h>
#endif
#else
#include <time.h>
#endif

13
wolfssl/wolfio.h
View File

@ -129,7 +129,18 @@
#include <lwip-socket.h>
#include <errno.h>
#elif defined(WOLFSSL_ZEPHYR)
#include <zephyr/net/socket.h>
#include <version.h>
#if KERNEL_VERSION_NUMBER >= 0x30100
#include <zephyr/net/socket.h>
#ifdef CONFIG_POSIX_API
#include <zephyr/posix/sys/socket.h>
#endif
#else
#include <net/socket.h>
#ifdef CONFIG_POSIX_API
#include <posix/sys/socket.h>
#endif
#endif
#elif defined(MICROCHIP_PIC32)
#include <sys/errno.h>
#elif defined(HAVE_NETX)

1
zephyr/CMakeLists.txt
View File

@ -165,6 +165,7 @@ if(CONFIG_WOLFSSL)
target_compile_definitions(wolfSSL INTERFACE WOLFSSL_USER_SETTINGS)
if(CONFIG_WOLFSSL_DEBUG)
target_compile_definitions(wolfSSL INTERFACE DEBUG_WOLFSSL)
zephyr_library_compile_options(-g3 -O0)
endif()
else()
assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.")

5
zephyr/Kconfig.tls-generic
View File

@ -264,9 +264,4 @@ config WOLFSSL_HAVE_ASM
of asymmetric cryptography, however this might have an impact on the
code size.
config WOLFSSL_USER_SETTTINGS
string "User settings file for wolfSSL"
help
User settings file that contains wolfSSL defines.
endmenu

1
zephyr/samples/wolfssl_benchmark/prj.conf
View File

@ -23,6 +23,7 @@ CONFIG_CONSOLE=y
CONFIG_LOG=y
CONFIG_LOG_BACKEND_UART=y
CONFIG_LOG_BUFFER_SIZE=15360
CONFIG_LOG_MODE_IMMEDIATE=y
#CONFIG_WOLFSSL_DEBUG=y
# Entropy

30
zephyr/samples/wolfssl_test/prj-no-malloc.conf 100644
View File

@ -0,0 +1,30 @@
# Configure stack and heap sizes
CONFIG_MAIN_STACK_SIZE=655360
#CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y
# TLS configuration
CONFIG_WOLFSSL_SETTINGS_FILE="user_settings-no-malloc.h"
CONFIG_WOLFSSL=y
CONFIG_WOLFSSL_BUILTIN=y
# Logging
CONFIG_PRINTK=y
CONFIG_CBPRINTF_LIBC_SUBSTS=y
CONFIG_CBPRINTF_FP_SUPPORT=y
CONFIG_CONSOLE=y
CONFIG_LOG=y
CONFIG_LOG_BACKEND_UART=y
CONFIG_LOG_BUFFER_SIZE=15360
CONFIG_LOG_MODE_IMMEDIATE=y
#CONFIG_WOLFSSL_DEBUG=y
# Entropy
CONFIG_TEST_RANDOM_GENERATOR=y
CONFIG_ENTROPY_GENERATOR=y
CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y

2
zephyr/samples/wolfssl_test/prj.conf
View File

@ -1,4 +1,3 @@
# Configure stack and heap sizes
CONFIG_MAIN_STACK_SIZE=32768
CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=16384
@ -21,6 +20,7 @@ CONFIG_CONSOLE=y
CONFIG_LOG=y
CONFIG_LOG_BACKEND_UART=y
CONFIG_LOG_BUFFER_SIZE=15360
CONFIG_LOG_MODE_IMMEDIATE=y
#CONFIG_WOLFSSL_DEBUG=y
# Entropy

6
zephyr/samples/wolfssl_test/sample.yaml
View File

@ -13,3 +13,9 @@ tests:
platform_allow: qemu_x86
integration_platforms:
- qemu_x86
sample.crypto.wolfssl_test_no_malloc:
timeout: 120
platform_allow: qemu_x86
extra_args: CONF_FILE="prj-no-malloc.conf"
integration_platforms:
- qemu_x86

57
zephyr/samples/wolfssl_tls_sock/prj-no-malloc.conf 100644
View File

@ -0,0 +1,57 @@
# Kernel options
CONFIG_MAIN_STACK_SIZE=655360
CONFIG_ENTROPY_GENERATOR=y
CONFIG_INIT_STACKS=y
# General config
CONFIG_NEWLIB_LIBC=y
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y
# Networking config
CONFIG_NETWORKING=y
CONFIG_NET_IPV4=y
CONFIG_NET_IPV6=n
CONFIG_NET_TCP=y
CONFIG_NET_SOCKETS=y
CONFIG_NET_SOCKETS_POSIX_NAMES=y
CONFIG_NET_TEST=y
CONFIG_NET_LOOPBACK=y
# Network driver config
CONFIG_TEST_RANDOM_GENERATOR=y
# Network address config
CONFIG_NET_CONFIG_SETTINGS=y
CONFIG_NET_CONFIG_NEED_IPV4=y
CONFIG_NET_CONFIG_MY_IPV4_ADDR="192.0.2.1"
CONFIG_NET_CONFIG_PEER_IPV4_ADDR="192.0.2.2"
CONFIG_NET_CONFIG_MY_IPV4_GW="192.0.2.2"
CONFIG_NET_PKT_TX_COUNT=10
# Network debug config
#CONFIG_NET_LOG=y
#CONFIG_NET_PKT_LOG_LEVEL_DBG=y
# Logging
CONFIG_PRINTK=y
#CONFIG_WOLFSSL_DEBUG=y
CONFIG_LOG=y
CONFIG_LOG_MODE_IMMEDIATE=y
# TLS configuration
CONFIG_WOLFSSL_SETTINGS_FILE="user_settings-no-malloc.h"
CONFIG_WOLFSSL=y
CONFIG_WOLFSSL_BUILTIN=y
CONFIG_WOLFSSL_TLS_VERSION_1_2=y
CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
CONFIG_WOLFSSL_MAC_ALL_ENABLED=y
CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y

6
zephyr/samples/wolfssl_tls_sock/prj.conf
View File

@ -43,14 +43,14 @@ CONFIG_NET_PKT_TX_COUNT=10
# Logging
CONFIG_PRINTK=y
#CONFIG_WOLFSSL_DEBUG=y
#CONFIG_LOG=y
#CONFIG_LOG_MODE_IMMEDIATE=y
CONFIG_LOG=y
CONFIG_LOG_MODE_IMMEDIATE=y
# TLS configuration
CONFIG_WOLFSSL=y
CONFIG_WOLFSSL_BUILTIN=y
CONFIG_WOLFSSL_TLS_VERSION_1_2=y
CONFIG_WOLFSSL_TLS_VERSION_1_3=y
CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
CONFIG_WOLFSSL_MAC_ALL_ENABLED=y

7
zephyr/samples/wolfssl_tls_sock/sample.yaml
View File

@ -8,9 +8,16 @@ common:
regex:
- "Server Return: 0"
- "Client Return: 0"
- "Done"
tests:
sample.crypto.wolfssl_tls_sock:
timeout: 60
platform_allow: qemu_x86
integration_platforms:
- qemu_x86
sample.crypto.wolfssl_tls_sock_no_malloc:
timeout: 60
platform_allow: qemu_x86
extra_args: CONF_FILE="prj-no-malloc.conf"
integration_platforms:
- qemu_x86

36
zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
View File

@ -32,7 +32,7 @@
#endif
#define BUFFER_SIZE 2048
#define STATIC_MEM_SIZE (192*1024)
#define STATIC_MEM_SIZE (256*1024)
#define MAX_SEND_SIZE 256
#ifdef WOLFSSL_STATIC_MEMORY
@ -94,7 +94,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
WOLFSSL* client_ssl = NULL;
/* Create and initialize WOLFSSL_CTX */
if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(),
if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_3_client_method_ex(HEAP_HINT_CLIENT),
HEAP_HINT_CLIENT)) == NULL) {
printf("ERROR: failed to create WOLFSSL_CTX\n");
ret = -1;
@ -165,7 +165,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
WOLFSSL* server_ssl = NULL;
/* Create and initialize WOLFSSL_CTX */
if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(),
if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_3_server_method_ex(HEAP_HINT_SERVER),
HEAP_HINT_SERVER)) == NULL) {
printf("ERROR: failed to create WOLFSSL_CTX\n");
ret = -1;
@ -445,20 +445,8 @@ void client_thread()
WOLFSSL* client_ssl = NULL;
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
#ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
sizeof(gMemoryClient),
WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
printf("unable to load static memory");
ret = -1;
}
if (ret == 0)
#endif
{
/* Client connection */
ret = wolfssl_client_new(&client_ctx, &client_ssl);
}
/* Client connection */
ret = wolfssl_client_new(&client_ctx, &client_ssl);
if (ret == 0)
ret = wolfssl_client_connect_tcp(client_ssl, &sockfd);
@ -507,6 +495,17 @@ int main()
wolfSSL_Debugging_ON();
#endif
#ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
sizeof(gMemoryClient),
WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
printf("unable to load static memory");
return -1;
}
wolfsslThreadHeapHint = HEAP_HINT_CLIENT;
#endif
/* Start server */
if (wolfSSL_NewThread(&serverThread, server_thread, NULL) != 0) {
printf("Failed to start server thread\n");
@ -515,6 +514,9 @@ int main()
k_sleep(Z_TIMEOUT_TICKS(100));
client_thread();
/* Join is not working in qemu when the thread is still active. Wait for it
* to shut down to join it. */
k_sleep(Z_TIMEOUT_TICKS(100));
if (wolfSSL_JoinThread(serverThread) != 0) {
printf("Failed to join server thread\n");

4
zephyr/samples/wolfssl_tls_thread/prj.conf
View File

@ -3,7 +3,7 @@ CONFIG_MAIN_STACK_SIZE=16384
CONFIG_ENTROPY_GENERATOR=y
CONFIG_TEST_RANDOM_GENERATOR=y
CONFIG_INIT_STACKS=y
CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=131072
# Pthreads
CONFIG_PTHREAD_IPC=y
@ -23,7 +23,7 @@ CONFIG_DNS_RESOLVER=y
CONFIG_PRINTK=y
CONFIG_LOG=y
CONFIG_LOG_MODE_IMMEDIATE=y
#CONFIG_WOLFSSL_DEBUG=y
CONFIG_WOLFSSL_DEBUG=y
# Enable logging using RTT and UART
#CONFIG_CBPRINTF_LIBC_SUBSTS=y

170
zephyr/user_settings-no-malloc.h 100644
View File

@ -0,0 +1,170 @@
/* user_settings-tls-generic.h
* generated from configure options
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef WOLFSSL_OPTIONS_H
#define WOLFSSL_OPTIONS_H
#ifdef __cplusplus
extern "C" {
#endif
#if 0
#undef SINGLE_THREADED
#define SINGLE_THREADED
#endif
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
#undef HAVE_AESGCM
#define HAVE_AESGCM
#undef WOLFSSL_SHA512
#define WOLFSSL_SHA512
#undef WOLFSSL_SHA384
#define WOLFSSL_SHA384
#undef NO_DSA
#define NO_DSA
#undef HAVE_ECC
#define HAVE_ECC
#undef TFM_ECC256
#define TFM_ECC256
#undef WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE64_ENCODE
#undef NO_RC4
#define NO_RC4
#undef WOLFSSL_SHA224
#define WOLFSSL_SHA224
#undef WOLFSSL_SHA3
#define WOLFSSL_SHA3
#undef HAVE_POLY1305
#define HAVE_POLY1305
#undef HAVE_ONE_TIME_AUTH
#define HAVE_ONE_TIME_AUTH
#undef HAVE_CHACHA
#define HAVE_CHACHA
#undef HAVE_HASHDRBG
#define HAVE_HASHDRBG
#undef NO_FILESYSTEM
#define NO_FILESYSTEM
#undef HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS
#undef HAVE_SUPPORTED_CURVES
#define HAVE_SUPPORTED_CURVES
#undef HAVE_EXTENDED_MASTER
#define HAVE_EXTENDED_MASTER
#undef NO_PSK
#define NO_PSK
#undef NO_MD4
#define NO_MD4
#undef USE_FAST_MATH
#define USE_FAST_MATH
#undef WOLFSSL_NO_ASM
#define WOLFSSL_NO_ASM
#undef WOLFSSL_X86_BUILD
#define WOLFSSL_X86_BUILD
#undef WC_NO_ASYNC_THREADING
#define WC_NO_ASYNC_THREADING
#undef WOLFSSL_STATIC_MEMORY
#define WOLFSSL_STATIC_MEMORY
#undef WOLFSSL_TLS13
#define WOLFSSL_TLS13
#undef HAVE_HKDF
#define HAVE_HKDF
#undef WC_RSA_PSS
#define WC_RSA_PSS
#undef HAVE_FFDHE_2048
#define HAVE_FFDHE_2048
#undef WOLFSSL_NO_MALLOC
#define WOLFSSL_NO_MALLOC
//#define WOLFSSL_DEBUG_STATIC_MEMORY
//#define WOLFSSL_DEBUG_MEMORY_PRINT
//#define WOLFSSL_DEBUG_MEMORY
//#define WOLFSSL_TRACK_MEMORY
#define LARGEST_MEM_BUCKET 65536
#undef WOLFSSL_DYN_CERT
#define WOLFSSL_DYN_CERT
#undef WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_GEN
#undef WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_REQ
#undef HAVE_PKCS12
#define HAVE_PKCS12
#undef WOLFSSL_TLS13
#define WOLFSSL_TLS13
#if 0
#undef WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_RSA
#undef WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_DH
#undef WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_HAVE_SP_ECC
#endif
#ifdef __cplusplus
}
#endif
#endif /* WOLFSSL_OPTIONS_H */

9
zephyr/user_settings.h
View File

@ -24,7 +24,10 @@
#ifdef CONFIG_WOLFSSL
/* If a custom user_settings file is provided use it instead */
/* If a custom user_settings file is provided use it instead.
* CONFIG_WOLFSSL_SETTINGS_FILE is always defined. If it is not explicitly set
* in prj.conf then it is auto-defined to "". This obviously causes issues here.
* That is why we define WOLFSSL_SETTINGS_FILE in CMakeLists.txt. */
#ifdef WOLFSSL_SETTINGS_FILE
#include WOLFSSL_SETTINGS_FILE
#else
@ -219,7 +222,7 @@ extern "C" {
#undef NO_SHA /* on by default */
//#define USE_SLOW_SHA /* 1k smaller, but 25% slower */
#else
#define NO_SHA
// #define NO_SHA /* Necessary for pkcs12 tests */
#endif
/* SHA2-256 */
@ -297,7 +300,7 @@ extern "C" {
#define NO_RC4
#define NO_MD4
#define NO_MD5
#define NO_DES3
//#define NO_DES3 /* Necessary for pkcs12 tests */
#define WOLFSSL_NO_SHAKE128
#define WOLFSSL_NO_SHAKE256