WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add multi thread use case for RA6M4 

fix devId conflict while using multi threads

update README

Fix TSIP examples bcause of updating user context
pull/5229/head
Hideki Miyazaki 2022-04-08 15:53:24 +09:00
parent df673b987e
commit fe8169c830
No known key found for this signature in database
GPG Key ID: 7EB19ED9B9D5AC28
12 changed files with 1517 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

164
IDE/Renesas/e2studio/RA6M4/README.md
View File

@ -76,7 +76,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
|Common General Use Mutexes|Enabled|
|Common General Enable Backward Compatibility|Enabled|
|Common Memory Allocation Support Dynamic Allocation|Enabled|
|Common Memory Allocation Total Heap Size|increase depending on your environment<br> e.g. 0x20000|
|Common Memory Allocation Total Heap Size|increase depending on your environment<br> e.g. 0x20000, <br> e.g. 0x30000 when using multi thread example|
+ Add `Heap 4` stack to sce_tst_thread from `New Stack` -> `RTOS` -> `FreeRTOS Heap 4`
+ Add `FreeRTOS + TCP` stack to sce_tst_thread from `New Stack` -> `Networking` -> `FreeRTOS+TCP` and set properties
@ -158,6 +158,7 @@ static const byte ucIPAddress[4] = { 192, 168, 11, 241 };
$ autogen.sh
$ ./configure --enable-extended-master=no CFLAGS="-DWOLFSSL_STATIC_RSA -DHAVE_AES_CBC"
```
Run peer wolfSSL server
RSA sign and verify use, launch server with the following option
@ -165,41 +166,154 @@ RSA sign and verify use, launch server with the following option
$./examples/server/server -b -d -i
```
You will see the following message on J-LinK RTT Viewer
```
cipher : AES128-SHA256
Received: I hear you fa shizzle!
cipher : AES256-SHA256
Received: I hear you fa shizzle!
cipher : ECDHE-RSA-AES128-SHA256
Received: I hear you fa shizzle!
cipher : ECDHE-RSA-AES128-GCM-SHA256
Received: I hear you fa shizzle!
```
ECDSA sign and verify use, launch server with the following option
```
$./examples/server/server -b -d -c -i ./certs/server-ecc.pem -k ./certs/ecc-key.pem
```
You will see the following message on J-LinK RTT Viewer
```
cipher : ECDHE-ECDSA-AES128-SHA256
Received: I hear you fa shizzle!
cipher : ECDHE-ECDSA-AES128-GCM-SHA256
Received: I hear you fa shizzle!
```
5.) Run the example Client
You will see the following message on J-LinK RTT Viewer when using RSA sign and verify.
```
Start Client Example,
Connecting to 192.168.11.xx
[wolfSSL_TLS_client_do(00)][00] Start to connect to the server.
[wolfSSL_TLS_client_do(00)][00] Cipher : NULL
[wolfSSL_TLS_client_do(00)][00] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(01)][01] Start to connect to the server.
[wolfSSL_TLS_client_do(01)][01] Cipher : ECDHE-RSA-AES128-GCM-SHA256
[wolfSSL_TLS_client_do(01)][01] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(02)][02] Start to connect to the server.
[wolfSSL_TLS_client_do(02)][02] Cipher : ECDHE-RSA-AES256-SHA
[wolfSSL_TLS_client_do(02)][02] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(03)][03] Start to connect to the server.
[wolfSSL_TLS_client_do(03)][03] Cipher : ECDHE-RSA-AES128-SHA256
[wolfSSL_TLS_client_do(03)][03] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(04)][04] Start to connect to the server.
[wolfSSL_TLS_client_do(04)][04] Cipher : AES128-SHA256
[wolfSSL_TLS_client_do(04)][04] Received: I hear you fa shizzle!
End of Client Example
```
You will see the following message on J-LinK RTT Viewer when using ECDSA sign and verify.
```
Start Client Example,
Connecting to 192.168.11.xx
[wolfSSL_TLS_client_do(00)][00] Start to connect to the server.
[wolfSSL_TLS_client_do(00)][00] Cipher : NULL
[wolfSSL_TLS_client_do(00)][00] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(01)][01] Start to connect to the server.
[wolfSSL_TLS_client_do(01)][01] Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
[wolfSSL_TLS_client_do(01)][01] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(02)][02] Start to connect to the server.
[wolfSSL_TLS_client_do(02)][02] Cipher : ECDHE-ECDSA-AES256-SHA
[wolfSSL_TLS_client_do(02)][02] Received: I hear you fa shizzle!
[wolfSSL_TLS_client_do(03)][03] Start to connect to the server.
[wolfSSL_TLS_client_do(03)][03] Cipher : ECDHE-ECDSA-AES128-SHA256
[wolfSSL_TLS_client_do(03)][03] Received: I hear you fa shizzle!
End of Client Exampl
```
**Note**\
To run "RSA verify" client, enable "#define USE_CERT_BUFFERS_2048" in wolfssl_demo.h\
To run "ECDSA verify" client, enable "#define USE_CERT_BUFFERS_256" in wolfssl_demo.h
### Run Multi Client Session example
1.) Enable TLS_CLIENT and TLS_MULTITHREAD_TEST definition in wolfssl_demo.h of test_RA6M4 projet
2.) Follow [Run Client](#run-client) instruction
3.) Prepare peer wolfssl server
RSA sign and verify use, launch server with the following option
```
$./examples/server/server -b -d -i -p 11111
Open another terminal and launch another server example
$./examples/server/server -b -d -i -p 11112
```
ECDSA sign and verify use, launch server with the following option
```
$./examples/server/server -b -d -c -i ./certs/server-ecc.pem -k ./certs/ecc-key.pem -p 11111
Open another terminal and launch another server example
$./examples/server/server -b -d -c -i ./certs/server-ecc.pem -k ./certs/ecc-key.pem -p 11112
```
4.) Run Multi Client Session Example
You will see similar following message on J-LinK RTT Viewer when using ECDSA sign and verify.
```
Start Client Example,
Connecting to 192.168.11.xx
clt_thd_taskA connecting to 11111 port
clt_thd_taskB connecting to 11112 port
[clt_thd_taskA][00] Ready to connect.
[clt_thd_taskA][00] Start to connect to the server.
[clt_thd_taskA][00] Cipher : ECDHE-RSA-AES128-GCM-SHA256
[clt_thd_taskB][00] Ready to connect.
[clt_thd_taskB][00] Start to connect to the server.
[clt_thd_taskB][00] Cipher : ECDHE-RSA-AES128-SHA256
[clt_thd_taskB][00] Received: I hear you fa shizzle!
[clt_thd_taskA][00] Received: I hear you fa shizzle!
clt_thd_taskA connecting to 11111 port
clt_thd_taskB connecting to 11112 port
[clt_thd_taskA][00] Ready to connect.
[clt_thd_taskA][00] Start to connect to the server.
[clt_thd_taskA][00] Cipher : AES128-SHA256
[clt_thd_taskB][00] Ready to connect.
[clt_thd_taskB][00] Start to connect to the server.
[clt_thd_taskB][00] Cipher : AES256-SHA256
[clt_thd_taskA][00] Received: I hear you fa shizzle!
[clt_thd_taskB][00] Received: I hear you fa shizzle!
End of Client Example
```
You will see similar following message on J-LinK RTT Viewer when using ECDSA sign and verify.
```
Start Client Example,
Connecting to 192.168.11.xx
clt_thd_taskA connecting to 11111 port
clt_thd_taskB connecting to 11112 port
[clt_thd_taskA][00] Ready to connect.
[clt_thd_taskA][00] Start to connect to the server.
[clt_thd_taskA][00] Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
[clt_thd_taskB][00] Ready to connect.
[clt_thd_taskB][00] Start to connect to the server.
[clt_thd_taskB][00] Cipher : ECDHE-ECDSA-AES128-SHA256
[clt_thd_taskB][00] Received: I hear you fa shizzle!
[clt_thd_taskA][00] Received: I hear you fa shizzle!
End of Client Example
```
**Note**\
Multi Client session use case is only able to run threads that all use either SCE cipher suite or SW cipher suite.
The example program runs two threads that use SCE cipher suite.
## Run Crypt test and Benchmark
1.) Enable CRYPT_TEST and/or BENCHMARK definition in wolfssl_demo.h

19
IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
View File

@ -41,20 +41,26 @@
/* Enable wolfcrypt test */
/* can be enabled with benchmark test */
/* #define CRYPT_TEST */
/*#define CRYPT_TEST*/
/* Enable benchmark */
/* can be enabled with cyrpt test */
/* #define BENCHMARK */
/*#define BENCHMARK*/
/* Enable TLS client */
/* cannot enable with CRYPT_TEST or BENCHMARK */
#define TLS_CLIENT
/* use multi-thread example */
/*#define TLS_MULTITHREAD_TEST*/
#if defined(TLS_MULTITHREAD_TEST)
#define THREAD_STACK_SIZE (5 * 1024)
#endif
/* Use RSA certificates */
#define USE_CERT_BUFFERS_2048
/* Use ECC certificates */
/*#define USE_CERT_BUFFERS_256 */
/*#define USE_CERT_BUFFERS_256*/
#if defined(USE_CERT_BUFFERS_2048) && defined(USE_CERT_BUFFERS_256)
#error please set either macro USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_256
@ -68,6 +74,9 @@ typedef struct tagTestInfo
const char* cipher;
WOLFSSL_CTX* ctx;
wolfSSL_Logging_cb log_f;
#if defined(TLS_MULTITHREAD_TEST)
SemaphoreHandle_t xBinarySemaphore;
#endif
} TestInfo;
void sce_test();
@ -77,6 +86,10 @@ void wolfSSL_TLS_client_do(void *pvParam);
void wolfSSL_TLS_cleanup();
extern WOLFSSL_CTX *client_ctx;
#ifdef TLS_MULTITHREAD_TEST
extern xSemaphoreHandle exit_semaph;
#endif
static void util_Cleanup(xSocket_t xSock, WOLFSSL_CTX *ctx, WOLFSSL *ssl) {
printf("Cleaning up socket and wolfSSL objects.\n");
if (xSock != NULL)

3
IDE/Renesas/e2studio/RA6M4/include.am
View File

@ -10,9 +10,10 @@ EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/.project
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/test_RA6M4Debug.launch
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/src/common/.gitignore
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/user_settings.h
EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/user_settings.h

247
IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
View File

@ -27,9 +27,13 @@
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
#if defined(TLS_MULTITHREAD_TEST)
User_SCEPKCbInfo guser_PKCbInfo_taskA;
User_SCEPKCbInfo guser_PKCbInfo_taskB;
#else
User_SCEPKCbInfo guser_PKCbInfo;
#endif
#endif
#include <wolfssl_demo.h>
#include "key_data.h"
@ -41,6 +45,15 @@ void abort(void);
}
#endif
#if defined(SCE_CRYPT_UNIT_TEST)
int sce_crypt_test();
int sce_crypt_sha256_multitest();
int sce_crypt_AesCbc_multitest();
int sce_crypt_AesGcm_multitest();
int sce_crypt_Sha_AesCbcGcm_multitest();
void tskSha256_Test1(void *pvParam);
#endif
void R_BSP_WarmStart(bsp_warm_start_event_t event);
/* the function is called just before main() to set up pins */
@ -55,7 +68,7 @@ void R_BSP_WarmStart (bsp_warm_start_event_t event)
}
}
#if defined(TLS_CLIENT) || defined(TLS_SERVER) || defined(EXTRA_SCE_TSIP_TEST)
#if defined(TLS_CLIENT)
extern const st_user_key_block_data_t g_key_block_data;
@ -66,7 +79,7 @@ static int SetScetlsKey()
{
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#if defined(TLS_CLIENT) || defined(EXTRA_SCE_TSIP_TEST)
#if defined(TLS_CLIENT)
#if defined(USE_CERT_BUFFERS_256)
wc_sce_inform_cert_sign((const byte *)ca_ecc_cert_der_sign);
@ -79,9 +92,6 @@ static int SetScetlsKey()
(byte*)&g_key_block_data.iv,
(byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key,
encrypted_user_key_type);
#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
guser_PKCbInfo.user_key_id = 0; /* not use user key id */
#endif
#elif defined(TLS_SERVER)
@ -109,12 +119,57 @@ typedef struct func_args {
void wolfcrypt_test(func_args args);
int benchmark_test(void *args);
/* Entry function of SCE test */
#ifdef TLS_MULTITHREAD_TEST
static void my_Logging_cb(const int logLevel, const char *const logMessage)
{
(void)logLevel;
printf("custom-log: %s\n", logMessage);
}
#endif
void sce_test(void)
{
#if defined(CRYPT_TEST) || defined(BENCHMARK)
#if defined(CRYPT_TEST)
#if defined(SCE_CRYPT_UNIT_TEST) && defined(WOLFSSL_RENESAS_SCEPROTECT)
int ret = 0;
BaseType_t xRet;
if ((ret = wolfCrypt_Init()) != 0) {
printf("wolfCrypt_Init failed %d\n", ret);
}
printf("Start wolf sce crypt Test\n");
printf(" \n");
printf(" simple crypt test by using SCE\n");
sce_crypt_test();
printf(" \n");
printf(" multi sha thread test\n");
sce_crypt_sha256_multitest();
printf(" \n");
printf(" multi aes cbc thread test\n");
sce_crypt_AesCbc_multitest();
printf(" \n");
printf(" multi aes gcm thread test\n");
sce_crypt_AesGcm_multitest();
printf(" \n");
printf(" multi sha aescbc aesgcm thread test\n");
sce_crypt_Sha_AesCbcGcm_multitest();
printf(" \n");
printf("End wolf sce crypt Test\n");
if ((ret = wolfCrypt_Cleanup()) != 0) {
printf("wolfCrypt_Cleanup failed %d\n", ret);
}
#elif defined(CRYPT_TEST)
int ret;
func_args args = { 0 };
@ -129,63 +184,87 @@ void sce_test(void)
if ((ret = wolfCrypt_Cleanup()) != 0) {
printf("wolfCrypt_Cleanup failed %d\n", ret);
}
#endif
#if defined(BENCHMARK)
#elif defined(BENCHMARK)
#include "hal_data.h"
#include "r_sce.h"
printf("Prepare Installed key\n");
#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
/* aes 256 */
memcpy(guser_PKCbInfo.sce_wrapped_key_aes256.value,
(uint32_t *)DIRECT_KEY_ADDRESS_256, HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
guser_PKCbInfo.sce_wrapped_key_aes256.type = SCE_KEY_INDEX_TYPE_AES256;
guser_PKCbInfo.aes256_installedkey_set = 1;
/* aes 128 */
memcpy(guser_PKCbInfo.sce_wrapped_key_aes128.value,
(uint32_t *)DIRECT_KEY_ADDRESS_128, HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4);
#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
/* aes 256 */
memcpy(guser_PKCbInfo.sce_wrapped_key_aes256.value,
(uint32_t *)DIRECT_KEY_ADDRESS_256,
HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
guser_PKCbInfo.sce_wrapped_key_aes256.type = SCE_KEY_INDEX_TYPE_AES256;
guser_PKCbInfo.aes256_installedkey_set = 1;
/* aes 128 */
memcpy(guser_PKCbInfo.sce_wrapped_key_aes128.value,
(uint32_t *)DIRECT_KEY_ADDRESS_128,
HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4);
guser_PKCbInfo.sce_wrapped_key_aes128.type = SCE_KEY_INDEX_TYPE_AES128;
guser_PKCbInfo.aes128_installedkey_set = 1;
#endif
guser_PKCbInfo.aes128_installedkey_set = 1;
#endif
printf("Start wolfCrypt Benchmark\n");
benchmark_test(NULL);
printf("End wolfCrypt Benchmark\n");
#endif
#elif defined(TLS_CLIENT)
#include "hal_data.h"
#include "r_sce.h"
#if defined(USE_CERT_BUFFERS_256)
const char* cipherlist[] = {
NULL, /* not specify cipher suite */
#if defined(WOLFSSL_TLS13)
NULL, NULL, NULL,
#else
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-AES256-SHA", /* SW only */
"ECDHE-ECDSA-AES128-SHA256",
#endif
};
const int cipherlist_sz = 4;
TestInfo info[cipherlist_sz];
#else
const char* cipherlist[] = {
NULL, /* not specify cipher suite */
#if defined(WOLFSSL_TLS13)
NULL, NULL, NULL, NULL, NULL,
#else
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES256-SHA", /* SW only */
"ECDHE-RSA-AES128-SHA256",
"AES128-SHA256",
"AES256-SHA256",
#endif
};
const int cipherlist_sz = 6;
TestInfo info[cipherlist_sz];
#endif
#if defined(USE_CERT_BUFFERS_256)
#if !defined(TLS_MULTITHREAD_TEST)
const char* cipherlist[] = {
NULL,
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-AES256-SHA", /* sw only */
"ECDHE-ECDSA-AES128-SHA256"
};
const int cipherlist_sz = 3;
TestInfo info[cipherlist_sz];
#else
const char* cipherlist[] = {
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-AES128-SHA256"
};
const int cipherlist_sz = 2;
TestInfo info[cipherlist_sz];
#endif
#else
#if !defined(TLS_MULTITHREAD_TEST)
const char* cipherlist[] = {
NULL,
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES256-SHA", /* sw only */
"ECDHE-RSA-AES128-SHA256",
"AES128-SHA256",
"AES256-SHA256",
};
const int cipherlist_sz = 6;
TestInfo info[cipherlist_sz];
#else
const char* cipherlist[] = {
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES128-SHA256",
"AES128-SHA256",
"AES256-SHA256",
};
const int cipherlist_sz = 4;
TestInfo info[cipherlist_sz];
#endif
#endif
#ifdef TLS_MULTITHREAD_TEST
BaseType_t xReturned;
BaseType_t xHigherPriorityTaskWoken;
xHigherPriorityTaskWoken = pdFALSE;
int j = 0;
#endif
int i = 0;
printf("\n Start Client Example, ");
@ -195,23 +274,73 @@ void sce_test(void)
TCPInit();
#ifdef TLS_MULTITHREAD_TEST
wolfSSL_TLS_client_init();
exit_semaph = xSemaphoreCreateCounting(cipherlist_sz, 0);
do {
for(j = i; j < (i+2); j++) {
info[j].port = DEFAULT_PORT + (j%2);
info[j].cipher = cipherlist[j];
info[j].ctx = client_ctx;
info[j].xBinarySemaphore = xSemaphoreCreateBinary();
info[j].log_f = my_Logging_cb;
memset(info[j].name, 0, sizeof(info[j].name));
sprintf(info[j].name, "clt_thd_%s", ((j%2) == 0) ?
"taskA" : "taskB");
printf(" %s connecting to %d port\n", info[j].name, info[j].port);
xReturned = xTaskCreate(wolfSSL_TLS_client_do, info[j].name,
THREAD_STACK_SIZE, &info[j], 2, NULL);
if (xReturned != pdPASS) {
printf("Failed to create task\n");
}
}
for(j = i; j < (i+2); j++) {
xSemaphoreGiveFromISR(info[j].xBinarySemaphore,
&xHigherPriorityTaskWoken);
}
/* check if all tasks are completed */
for(j = i; j < (i+2); j++) {
if(!xSemaphoreTake(exit_semaph, portMAX_DELAY)) {
printf("exit semaphore not released by test task");
}
}
i+=2;
} while (i < cipherlist_sz);
vSemaphoreDelete(exit_semaph);
#else
wolfSSL_TLS_client_init();
do {
info[i].port = DEFAULT_PORT;
info[i].cipher = cipherlist[i];
info[i].ctx = client_ctx;
info[i].id = i;
info[i].port = DEFAULT_PORT;
info[i].cipher = cipherlist[i];
info[i].ctx = client_ctx;
info[i].id = i;
memset(info[i].name, 0, sizeof(info[i].name));
sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
memset(info[i].name, 0, sizeof(info[i].name));
sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
wolfSSL_TLS_client_do(&info[i]);
wolfSSL_TLS_client_do(&info[i]);
i++;
} while (i < cipherlist_sz);
#endif /* SCE_MULTITHREAD_TEST */
printf("\n End of Client Example");
wolfSSL_TLS_cleanup();

113
IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
View File

@ -39,7 +39,13 @@ static const byte ucDNSServerAddress[4] = { 192, 168, 11, 1 };
#define FR_SOCKET_SUCCESS 0
extern struct User_PKCbInfo guser_PKCbInfo;
#ifdef TLS_MULTITHREAD_TEST
xSemaphoreHandle exit_semaph;
extern User_SCEPKCbInfo guser_PKCbInfo_taskA;
extern User_SCEPKCbInfo guser_PKCbInfo_taskB;
#else
extern User_SCEPKCbInfo guser_PKCbInfo;
#endif
int SEGGER_RTT_vprintf(unsigned BufferIndex, const char * sFormat, va_list * pParamList);
@ -76,7 +82,6 @@ void TCPInit( )
void wolfSSL_TLS_client_init()
{
#ifndef NO_FILESYSTEM
#ifdef USE_ECC_CERT
char *cert = "./certs/ca-ecc-cert.pem";
@ -96,7 +101,8 @@ void wolfSSL_TLS_client_init()
wolfSSL_Init();
/* Create and initialize WOLFSSL_CTX */
if ((client_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
if ((client_ctx = wolfSSL_CTX_new(
wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
printf("ERROR: failed to create WOLFSSL_CTX\n");
return;
}
@ -111,7 +117,8 @@ void wolfSSL_TLS_client_init()
return NULL;
}
#else
if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT, SSL_FILETYPE_ASN1) != SSL_SUCCESS){
if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
SSL_FILETYPE_ASN1) != SSL_SUCCESS){
printf("ERROR: can't load certificate data\n");
return;
}
@ -123,7 +130,9 @@ void wolfSSL_TLS_client_do(void *pvParam)
int ret;
int i = 0;
#if defined(TLS_MULTITHREAD_TEST)
BaseType_t xStatus;
#endif
TestInfo* p = (TestInfo*)pvParam;
/* FreeRTOS+TCP Objects */
socklen_t xSize = sizeof(struct freertos_sockaddr);
@ -157,11 +166,21 @@ void wolfSSL_TLS_client_do(void *pvParam)
ret = FreeRTOS_connect(xClientSocket,
&xRemoteAddress,
sizeof(xRemoteAddress));
if (ret != FR_SOCKET_SUCCESS) {
msg(pcName, i, " Error [%d]: FreeRTOS_connect.\n", ret);
goto out;
msg(pcName, i, " Error [%d]: FreeRTOS_connect.\n", ret);
goto out;
}
#if defined(TLS_MULTITHREAD_TEST)
msg(pcName, i, " Ready to connect.\n");
xStatus = xSemaphoreTake(p->xBinarySemaphore, portMAX_DELAY);
if (xStatus != pdTRUE) {
msg(pcName, i, " Error : Failed to xSemaphoreTake\n");
goto out;
}
#endif
msg(pcName, i, " Start to connect to the server.\n");
if((ssl = wolfSSL_new(ctx)) == NULL) {
@ -169,44 +188,64 @@ void wolfSSL_TLS_client_do(void *pvParam)
goto out;
}
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
/* set callback ctx */
/* Set callback CTX */
#if !defined(TLS_MULTITHREAD_TEST)
memset(&guser_PKCbInfo, 0, sizeof(User_SCEPKCbInfo));
guser_PKCbInfo.devId = 0;
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo);
#else
if (p->port - DEFAULT_PORT == 0) {
memset(&guser_PKCbInfo_taskA, 0, sizeof(User_SCEPKCbInfo));
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskA);
}
else {
memset(&guser_PKCbInfo_taskB, 0, sizeof(User_SCEPKCbInfo));
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskB);
}
#endif
#endif
/* Attach wolfSSL to the socket */
ret = wolfSSL_set_fd(ssl, (int) xClientSocket);
if (ret != WOLFSSL_SUCCESS) {
msg(pcName, i, " Error [%d]: wolfSSL_set_fd.\n",ret);
msg(pcName, i, " Error [%d]: wolfSSL_set_fd.\n",ret);
}
if(p->cipher)
msg(pcName, i, " Cipher : %s\n", p->cipher);
msg(pcName, i, " Cipher : %s\n",
(p->cipher == NULL) ? "NULL" : p->cipher);
/* use specific cipher */
if (p->cipher != NULL && wolfSSL_set_cipher_list(ssl, p->cipher) != WOLFSSL_SUCCESS) {
if (p->cipher != NULL && wolfSSL_set_cipher_list(ssl, p->cipher)
!= WOLFSSL_SUCCESS) {
msg(pcName, i, " client can't set cipher list 1");
goto out;
}
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
if (p->log_f != NULL)
wolfSSL_SetLoggingCb(p->log_f);
wolfSSL_Debugging_ON();
#endif
if(wolfSSL_connect(ssl) != SSL_SUCCESS) {
msg(pcName, i, " ERROR SSL connect: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
msg(pcName, i, " ERROR SSL connect: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
}
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_OFF();
wolfSSL_Debugging_OFF();
#endif
if (wolfSSL_write(ssl, sendBuff, (int)strlen(sendBuff)) != (int)strlen(sendBuff)) {
msg(pcName, i, " ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
if (wolfSSL_write(ssl, sendBuff, (int)strlen(sendBuff))
!= (int)strlen(sendBuff)) {
msg(pcName, i, " ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
}
if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) {
msg(pcName, i, " ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
msg(pcName, i, " ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
goto out;
}
rcvBuff[ret] = '\0' ;
@ -214,18 +253,24 @@ void wolfSSL_TLS_client_do(void *pvParam)
out:
if (ssl) {
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
/* need to reset callback */
wc_sce_set_callbacks(client_ctx);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
ssl = NULL;
/* need to reset callback */
wc_sce_set_callbacks(client_ctx);
}
/* clean up socket */
if (xClientSocket) {
FreeRTOS_shutdown(xClientSocket, FREERTOS_SHUT_RDWR);
FreeRTOS_closesocket(xClientSocket);
xClientSocket = NULL;
}
if (xClientSocket) {
FreeRTOS_shutdown(xClientSocket, FREERTOS_SHUT_RDWR);
FreeRTOS_closesocket(xClientSocket);
xClientSocket = NULL;
}
#ifdef TLS_MULTITHREAD_TEST
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
#endif
}
void wolfSSL_TLS_cleanup()
@ -233,5 +278,7 @@ void wolfSSL_TLS_cleanup()
if (client_ctx) {
wolfSSL_CTX_free(client_ctx);
}
wolfSSL_Cleanup();
}

1052
IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c 100644
View File

File diff suppressed because it is too large Load Diff

3
IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/test_main.c
View File

@ -96,9 +96,6 @@ int SetTsiptlsKey()
(byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key,
encrypted_user_key_type);
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
guser_PKCbInfo.user_key_id = 0;
#endif
#elif defined(TLS_SERVER)

1
IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
View File

@ -371,7 +371,6 @@ static void Tls_client_demo(void)
(byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key,
encrypted_user_key_type);
guser_PKCbInfo.user_key_id = 0;
#endif /* WOLFSSL_RENESAS_TSIP_TLS && (WOLFSSL_RENESAS_TSIP_VER >=109) */

2
IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
View File

@ -377,8 +377,6 @@ static void Tls_client_demo(void)
(byte*)&g_key_block_data.encrypted_user_rsa2048_ne_key,
encrypted_user_key_type);
guser_PKCbInfo.user_key_id = 0;
#endif /* WOLFSSL_RENESAS_TSIP_TLS && (WOLFSSL_RENESAS_TSIP_VER >=109) */
do {

47
wolfcrypt/src/port/Renesas/renesas_common.c
View File

@ -37,8 +37,8 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
uint32_t g_CAscm_Idx = (uint32_t)-1; /* index of CM table */
static int devId = 7890; /* dev Id for Crypt Callback */
uint32_t g_CAscm_Idx = (uint32_t)-1; /* index of CM table */
static int gdevId = 7890; /* initial dev Id for Crypt Callback */
#ifdef WOLF_CRYPTO_CB
@ -312,6 +312,8 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
* ssl : a pointer to WOLFSSL object
* ctx : callback context
* return valid device Id on success, otherwise INVALID_DEVIID
* device Id starts from 7890, and increases + 1 its number
* when the method is successfully called.
*/
int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
{
@ -324,14 +326,28 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
#endif
if (wc_CryptoCb_RegisterDevice(devId, Renesas_cmn_CryptoDevCb, cbInfo) < 0) {
if (cbInfo == NULL || ssl == NULL) {
return INVALID_DEVID;
}
cbInfo->devId = gdevId++;
if (wc_CryptoCb_RegisterDevice(cbInfo->devId,
Renesas_cmn_CryptoDevCb, cbInfo) < 0) {
/* undo devId number */
gdevId--;
return INVALID_DEVID;
}
if (ssl)
wolfSSL_SetDevId(ssl, devId);
wolfSSL_SetDevId(ssl, cbInfo->devId);
return devId;
/* sanity check for overflow */
if (gdevId < 0) {
gdevId = 7890;
}
return cbInfo->devId;
}
/* Renesas Security Library Common Method
@ -594,16 +610,19 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
{
int ret = -1;
(void)ctx;
WOLFSSL_ENTER("Renesas_cmn_generateSessionKey");
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, devId);
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
#endif
(void)ctx;
WOLFSSL_ENTER("Renesas_cmn_generateSessionKey");
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, cbInfo->devId);
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
if (Renesas_cmn_usable(ssl, 0)) {
ret = wc_sce_generateSessionKey(ssl, ctx, devId);
ret = wc_sce_generateSessionKey(ssl, ctx, cbInfo->devId);
} else
ret = PROTOCOLCB_UNAVAILABLE;
#endif
@ -901,8 +920,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest,
if (Renesas_cmn_usable(ssl, 1)) {
if (ssl->specs.hash_size == WC_SHA256_DIGEST_SIZE) {
wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
ret = wc_sce_Sha256GenerateHmac(ssl, myInner, WOLFSSL_TLS_HMAC_INNER_SZ,
in, sz, digest);
ret = wc_sce_Sha256GenerateHmac(ssl, myInner,
WOLFSSL_TLS_HMAC_INNER_SZ, in, sz, digest);
}
else
ret = TSIP_MAC_DIGSZ_E;

3
wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h
View File

@ -35,7 +35,8 @@ extern "C" {
#define MAX_SCE_CBINDEX 5
typedef struct tagUser_SCEPKCbInfo {
uint32_t user_key_id;
/* unique number for each session */
int devId;
/* out from R_SCE_TLS_ServerKeyExchangeVerify */
uint32_t encrypted_ephemeral_ecdh_public_key[SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ];

10
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
View File

@ -120,22 +120,22 @@ typedef wolfssl_TSIP_Hash wc_Sha;
* structure for ECDH key exchange
*/
typedef struct TsipUserCtx {
/* unique number for each session */
int devId;
uint32_t user_key_id;
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
/* out from R_SCE_TLS_ServerKeyExchangeVerify */
uint32_t encrypted_ephemeral_ecdh_public_key[ENCRYPTED_ECDHE_PUBKEY_SZ];
/* ephemeral ECDH pubkey index
* got from R_TSIP_GenerateTlsP256EccKeyIndex.
* Input to R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key.
* Input to R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key.
*/
tsip_tls_p256_ecc_key_index_t ecc_p256_wrapped_key;
/* ephemeral ECDH pub-key Qx(256bit)||Qy(256bit)
* got from R_TSIP_GenerateTlsP256EccKeyIndex.
* Should be sent to peer(server) in Client Key Exchange msg.
* Should be sent to peer(server) in Client Key Exchange msg.
*/
uint8_t ecc_ecdh_public_key[ECCP256_PUBKEY_SZ];
#endif /* WOLFSSL_RENESAS_TSIP_VER >=109 */