int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
StartTCP();
args.argc = argc;
args.argv = argv;
wolfSSL_Init();
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL) && !defined(STACK_TRAP)
wolfSSL_Debugging_ON();
#endif
ChangeToWolfRoot();
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);
#else
client_test(&args);
#endif
wolfSSL_Cleanup();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return args.return_code;
}
int main(int argc, char** argv)
{
int encryptedSz, decryptedSz;
byte encrypted[1024];
byte decrypted[1024];
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
encryptedSz = encryptedData_encrypt(encrypted, sizeof(encrypted));
if (encryptedSz < 0)
return -1;
#ifdef DEBUG_WOLFSSL
printf("EncryptedData DER (%d bytes):\n", encryptedSz);
WOLFSSL_BUFFER(encrypted, encryptedSz);
#endif
decryptedSz = encryptedData_decrypt(encrypted, encryptedSz,
decrypted, sizeof(decrypted));
if (decryptedSz < 0)
return -1;
#ifdef DEBUG_WOLFSSL
printf("DecryptedData DER (%d bytes):\n", decryptedSz);
WOLFSSL_BUFFER(decrypted, decryptedSz);
#endif
(void)argc;
(void)argv;
return 0;
}
int main()
{
int32_t ret;
printf("\nsize of long long %d.", sizeof(long long ));
printf("\nsize of long %d.", sizeof(long ));
#if defined(DEBUG_WOLFSSL)
wolfSSL_Debugging_ON();
#endif
wolfCrypt_Init();
#if !defined(NO_BIG_INT)
if (CheckCtcSettings() != 1)
printf("\nBuild vs runtime math mismatch\n");
#ifdef USE_FAST_MATH
if (CheckFastMathSettings() != 1)
printf("\nBuild vs runtime fastmath FP_MAX_BITS mismatch\n");
#endif /* USE_FAST_MATH */
#endif /* !NO_BIG_INT */
ret = rsa_test();
printf("\nret %d", ret);
return 0;
}
static void prvInitialiseWolfSSL( void )
{
int32_t iReturn;
#ifdef DEBUG_WOLFSSL
{
wolfSSL_Debugging_ON();
}
#endif
/* Initialise wolfSSL. This must be done before any other wolfSSL functions
are called. */
wolfSSL_Init();
/* Attempt to create a context that uses the TLS 1.2 server protocol. */
xWolfSSL_ServerContext = wolfSSL_CTX_new( wolfTLSv1_2_server_method() );
if( xWolfSSL_ServerContext != NULL )
{
/* Load the CA certificate. Real applications should ensure that
wolfSSL_CTX_load_verify_locations() returns SSL_SUCCESS before
proceeding. */
iReturn = wolfSSL_CTX_load_verify_locations( xWolfSSL_ServerContext, "ca-cert.pem", 0 );
configASSERT( iReturn == SSL_SUCCESS );
iReturn = wolfSSL_CTX_use_certificate_file( xWolfSSL_ServerContext, "server-cert.pem", SSL_FILETYPE_PEM );
configASSERT( iReturn == SSL_SUCCESS );
iReturn = wolfSSL_CTX_use_PrivateKey_file( xWolfSSL_ServerContext, "server-key.pem", SSL_FILETYPE_PEM );
configASSERT( iReturn == SSL_SUCCESS );
}
}
int main(int argc, char** argv)
{
int rc = 0;
PKCS7 pkcs7;
XFILE derFile;
byte* derBuf = NULL;
word32 derSz = 0;
(void)argc;
(void)argv;
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* load DER PKCS7 */
derFile = fopen("signed.p7s", "rb");
if (derFile) {
fseek(derFile, 0, SEEK_END);
derSz = (int)ftell(derFile);
rewind(derFile);
derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (derBuf == NULL) {
rc = MEMORY_E; goto exit;
}
rc = (int)fread(derBuf, 1, derSz, derFile);
fclose(derFile);
if (rc != derSz) {
printf("Failed to read der file!\n");
return -1;
}
}
printf("Der %d\n", derSz);
WOLFSSL_BUFFER(derBuf, derSz);
/* Test verify */
rc = wc_PKCS7_Init(&pkcs7, NULL, INVALID_DEVID);
if (rc != 0) goto exit;
rc = wc_PKCS7_InitWithCert(&pkcs7, NULL, 0);
if (rc != 0) goto exit;
rc = wc_PKCS7_VerifySignedData(&pkcs7, derBuf, derSz);
if (rc != 0) goto exit;
printf("PKCS7 Verify Success\n");
exit:
if (rc != 0)
printf("RC=%d\n", rc);
wc_PKCS7_Free(&pkcs7);
XFREE(derBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return rc;
}
int main()
{
uint8_t mac[6];
uint32_t timer = 0;
/* Obtain the ethernet MAC address */
eth_mac(mac);
const char *ipaddr="192.168.0.150";
uint16_t port_be = 0;
interrupt_register(irq_timer, GUEST_TIMER_INT);
/* Configure the virtual ethernet driver */
struct pico_device* eth_dev = PICO_ZALLOC(sizeof(struct pico_device));
if(!eth_dev) {
return 0;
}
eth_dev->send = eth_send;
eth_dev->poll = eth_poll;
eth_dev->link_state = eth_link_state;
if( 0 != pico_device_init((struct pico_device *)eth_dev, "virt-eth", mac)) {
printf ("\nDevice init failed.");
PICO_FREE(eth_dev);
return 0;
}
/* picoTCP initialization */
printf("\nInitializing pico stack\n");
pico_stack_init();
wolfSSL_Debugging_ON();
pico_string_to_ipv4(ipaddr, &my_eth_addr.addr);
pico_string_to_ipv4("255.255.255.0", &netmask.addr);
pico_ipv4_link_add(eth_dev, my_eth_addr, netmask);
port_be = short_be(LISTENING_PORT);
/* WolfSSL initialization only, to make sure libwolfssl.a is needed */
pico_https_setCertificate(cert_pem_2048, sizeof(cert_pem_2048));
pico_https_setPrivateKey(privkey_pem_2048, sizeof(privkey_pem_2048));
pico_https_server_start(0, serverWakeup);
while (1){
eth_watchdog(&timer, 500);
/* pooling picoTCP stack */
pico_stack_tick();
}
return 0;
}
int unit_test(int argc, char** argv)
{
int ret = 0;
(void)argc;
(void)argv;
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
if (argc > 1) {
word32 memFailCount = atoi(argv[1]);
printf("\n--- SET RNG MALLOC FAIL AT %d---\n", memFailCount);
wolfSSL_SetMemFailCount(memFailCount);
}
#endif
printf("starting unit tests...\n");
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif /* HAVE_WNR */
#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
ApiTest();
if ( (ret = HashTest()) != 0){
printf("hash test failed with %d\n", ret);
goto exit;
}
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
#ifndef SINGLE_THREADED
if ( (ret = SuiteTest(argc, argv)) != 0){
printf("suite test failed with %d\n", ret);
goto exit;
}
#endif
#endif
SrpTest();
exit:
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return ret;
}
static void dbg_comm(void *args)
{
if(wolfsslDebug == 1) {
wolfsslDebug = 0 ;
printf("Turning OFF Debug message\n") ;
wolfSSL_Debugging_OFF() ;
} else {
wolfasslDebug = 1 ;
printf("Turning ON Debug message\n") ;
wolfSSL_Debugging_ON() ;
}
}
int main(int argc, char** argv)
{
int ret;
int encryptedSz, decryptedSz;
word32 certSz, keySz;
byte cert[2048];
byte key[2048];
byte encrypted[2048];
byte decrypted[2048];
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
certSz = sizeof(cert);
keySz = sizeof(key);
ret = load_certs(cert, &certSz, key, &keySz);
if (ret != 0)
return -1;
/* no attributes */
encryptedSz = signedData_sign_noattrs(cert, certSz, key, keySz,
encrypted, sizeof(encrypted));
if (encryptedSz < 0)
return -1;
decryptedSz = signedData_verify(encrypted, encryptedSz,
cert, certSz, key, keySz,
decrypted, sizeof(decrypted));
if (decryptedSz < 0)
return -1;
/* default attributes + messageType attribute */
encryptedSz = signedData_sign_attrs(cert, certSz, key, keySz,
encrypted, sizeof(encrypted));
if (encryptedSz < 0)
return -1;
decryptedSz = signedData_verify(encrypted, encryptedSz,
cert, certSz, key, keySz,
decrypted, sizeof(decrypted));
if (decryptedSz < 0)
return -1;
(void)argc;
(void)argv;
return 0;
}
int main(int argc, char** argv)
{
int ret;
int encryptedSz, decryptedSz;
word32 certSz, keySz;
byte cert[2048];
byte key[2048];
byte encrypted[1024];
byte decrypted[1024];
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
certSz = sizeof(cert);
keySz = sizeof(key);
ret = load_certs(cert, &certSz, key, &keySz);
if (ret != 0)
return -1;
encryptedSz = authEnvelopedData_encrypt(cert, certSz, key, keySz,
encrypted, sizeof(encrypted));
if (encryptedSz < 0)
return -1;
#ifdef DEBUG_WOLFSSL
printf("AuthEnvelopedData DER (%d byte):\n", encryptedSz);
WOLFSSL_BUFFER(encrypted, encryptedSz);
#endif
decryptedSz = authEnvelopedData_decrypt(encrypted, encryptedSz,
cert, certSz, key, keySz,
decrypted, sizeof(decrypted));
if (decryptedSz < 0)
return -1;
#ifdef DEBUG_WOLFSSL
printf("Decrypted content (%d byte):\n", decryptedSz);
WOLFSSL_BUFFER(decrypted, decryptedSz);
#endif
(void)argc;
(void)argv;
return 0;
}
int unit_test(int argc, char** argv)
{
int ret;
(void)argc;
(void)argv;
printf("starting unit tests...\n");
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif /* HAVE_WNR */
#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
ApiTest();
if ( (ret = HashTest()) != 0){
printf("hash test failed with %d\n", ret);
return ret;
}
#ifndef SINGLE_THREADED
if ( (ret = SuiteTest()) != 0){
printf("suite test failed with %d\n", ret);
return ret;
}
#endif
SrpTest();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return 0;
}
int unit_test(int argc, char** argv)
{
int ret;
(void)argc;
(void)argv;
printf("starting unit tests...\n");
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#ifdef HAVE_CAVIUM
ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
ApiTest();
if ( (ret = HashTest()) != 0){
printf("hash test failed with %d\n", ret);
return ret;
}
#ifndef SINGLE_THREADED
if ( (ret = SuiteTest()) != 0){
printf("suite test failed with %d\n", ret);
return ret;
}
#endif
SrpTest();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return 0;
}
int main()
{
void *arg = NULL ;
SystemClock_Config() ;
#if !defined(NO_FILESYSTEM)
init_filesystem ();
#endif
netInitialize() ;
osDelay(300) ;
#if defined(DEBUG_WOLFSSL)
printf("Turning ON Debug message\n") ;
wolfSSL_Debugging_ON() ;
#endif
shell_main(arg) ;
}
int main() {
SystemInit();
#if !defined(NO_FILESYSTEM)
init_card () ; /* initializing SD card */
#endif
#if defined(DEBUG_WOLFSSL)
printf("Turning ON Debug message\n") ;
wolfSSL_Debugging_ON() ;
#endif
#ifdef HAVE_KEIL_RTX
os_sys_init (main_task) ;
#else
main_task() ;
#endif
return 0 ; /* There should be no return here */
}
int main()
{
static char *argv[] = { "server", "-p", WOLFSSL_LISTEN_PORT, "-d"} ;
static func_args args = { 4, argv } ;
SystemClock_Config ();
#if !defined(NO_FILESYSTEM)
init_filesystem ();
#endif
netInitialize() ;
osDelay(300) ;
#if defined(DEBUG_WOLFSSL)
printf("Turning ON Debug message\n") ;
wolfSSL_Debugging_ON() ;
#endif
printf("Simple Server: Started\n") ;
while(1) {
server_test(&args) ;
printf("Enter any key to iterate.\n") ;
getchar() ;
}
}
/* Main entry point for the program.
*
* argc The count of command line arguments.
* argv The command line arguments.
* returns 0 on success and 1 otherwise.
*/
int main(int argc, char* argv[])
{
int i;
int ch;
/* Parse the command line arguments. */
while ((ch = mygetopt(argc, argv, OPTIONS)) != -1) {
switch (ch) {
/* Help with command line options. */
case '?':
Usage();
exit(EXIT_SUCCESS);
/* Port number to listen on. */
case 'p':
port = (word16)atoi(myoptarg);
break;
/* Version of SSL/TLS to use. */
case 'v':
version = atoi(myoptarg);
if (version < 0 || version > 3) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* List of cipher suites to use. */
case 'l':
cipherList = myoptarg;
break;
/* File name of server certificate for authentication. */
case 'c':
ourCert = myoptarg;
break;
/* File name of server private key for authentication. */
case 'k':
ourKey = myoptarg;
break;
/* File name of client certificate/CA for peer verification. */
case 'A':
verifyCert = myoptarg;
break;
/* Number of connections to make. */
case 't':
numThreads = atoi(myoptarg);
if (numThreads < 0 || numThreads > 100) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Number of connections to make. */
case 'n':
maxConns = atoi(myoptarg);
if (maxConns < 0 || maxConns > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
maxBytes = 0;
break;
/* Number of conncurrent connections to use. */
case 'N':
numConns = atoi(myoptarg);
if (numConns < 0 || numConns > 100000) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Number of bytes to read each call. */
case 'R':
numBytesRead = atoi(myoptarg);
if (numBytesRead <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Number of bytes to write each call. */
case 'W':
numBytesWrite = atoi(myoptarg);
if (numBytesWrite <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Maximum number of read and write bytes (separate counts). */
case 'B':
maxBytes = atoi(myoptarg);
if (maxBytes <= 0) {
Usage();
exit(MY_EX_USAGE);
}
maxConns = 0;
break;
/* Unrecognized command line argument. */
default:
Usage();
exit(MY_EX_USAGE);
}
}
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* Initialize wolfSSL */
wolfSSL_Init();
RandomReply(reply, sizeof(reply));
/* Create SSL/TLS connection data object. */
sslConnCtx = SSLConn_New(numThreads, numConns, numBytesRead, numBytesWrite,
maxConns, maxBytes);
if (sslConnCtx == NULL)
exit(EXIT_FAILURE);
for (i = 0; i < numThreads; i++) {
if (pthread_create(&sslConnCtx->threadData[i].thread_id, NULL,
ThreadHandler, &sslConnCtx->threadData[i]) < 0) {
perror("ERRROR: could not create thread");
}
}
/* Start all the threads. */
for (i = 0; i < numThreads; i++)
pthread_join(sslConnCtx->threadData[i].thread_id, NULL) ;
sslConnCtx->totalTime = current_time(0) - sslConnCtx->totalTime;
SSLConn_PrintStats(sslConnCtx);
SSLConn_Free(sslConnCtx);
wolfSSL_Cleanup();
exit(EXIT_SUCCESS);
}
int main(int argc, char** argv)
{
int ret, devId;
int encryptedSz, decryptedSz;
word32 certSz, keySz;
myCryptoDevCtx myCtx;
byte cert[2048];
byte key[2048];
byte encrypted[2048];
byte decrypted[2048];
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
ret = wolfCrypt_Init();
if (ret != 0) {
printf("wolfCrypt initialization failed\n");
return -1;
}
/* example data for callback */
myCtx.exampleVar = 1;
/* setting devId to something other than INVALID_DEVID, enables
cryptodev callback to be used internally by wolfCrypt */
devId = 1;
ret = wc_CryptoDev_RegisterDevice(devId, myCryptoDevCb, &myCtx);
if (ret != 0) {
printf("Failed to register crypto dev device, ret = %d\n", ret);
return -1;
}
certSz = sizeof(cert);
keySz = sizeof(key);
ret = load_certs(cert, &certSz, key, &keySz);
if (ret != 0)
return -1;
/* no attributes */
encryptedSz = signedData_sign_noattrs(cert, certSz, key, keySz,
encrypted, sizeof(encrypted), devId);
if (encryptedSz < 0)
return -1;
decryptedSz = signedData_verify(encrypted, encryptedSz,
cert, certSz, key, keySz,
decrypted, sizeof(decrypted), devId);
if (decryptedSz < 0)
return -1;
/* default attributes + messageType attribute */
encryptedSz = signedData_sign_attrs(cert, certSz, key, keySz,
encrypted, sizeof(encrypted), devId);
if (encryptedSz < 0)
return -1;
decryptedSz = signedData_verify(encrypted, encryptedSz,
cert, certSz, key, keySz,
decrypted, sizeof(decrypted), devId);
if (decryptedSz < 0)
return -1;
(void)argc;
(void)argv;
return 0;
}
/* Main entry point. */
int main(int argc, char* argv[])
{
int ret = 0;
WOLFSSL_CTX* client_ctx = NULL;
WOLFSSL* client_ssl = NULL;
WOLFSSL_CTX* server_ctx = NULL;
WOLFSSL* server_ssl = NULL;
#if defined(DEBUG_WOLFSSL)
wolfSSL_Debugging_ON();
#endif
/* Initialize wolfSSL library. */
wolfSSL_Init();
#ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gTestMemoryServer,
sizeof(gTestMemoryServer),
WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
printf("unable to load static memory");
ret = -1;
}
if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gTestMemoryClient,
sizeof(gTestMemoryClient),
WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
printf("unable to load static memory");
ret = -1;
}
#endif
/* Create server and client SSL objects. */
if (ret == 0)
ret = wolfssl_server_new(&server_ctx, &server_ssl);
if (ret == 0)
ret = wolfssl_client_new(&client_ctx, &client_ssl);
/* Loop to perform SSL handshake. */
while (ret == 0) {
ret = wolfssl_client_connect(client_ssl);
if (ret == 0)
ret = wolfssl_server_accept(server_ssl);
if (ret == 0 && wolfSSL_is_init_finished(client_ssl) &&
wolfSSL_is_init_finished(server_ssl)) {
break;
}
}
if (ret == 0)
printf("Handshake complete\n");
/* Send and receive HTTP messages. */
if (ret == 0) {
printf("\nClient Sending:\n");
ret = wolfssl_send(client_ssl, msgHTTPGet);
}
if (ret == 0) {
printf("\nServer Received:\n");
ret = wolfssl_recv(server_ssl);
}
if (ret == 0) {
printf("\nServer Sending:\n");
ret = wolfssl_send(server_ssl, msgHTTPIndex);
}
if (ret == 0) {
printf("\nClient Received:\n");
ret = wolfssl_recv(client_ssl);
}
/* Display memory statistics. */
wolfssl_client_memstats(client_ssl);
wolfssl_server_memstats(server_ssl);
/* Dispose of SSL objects. */
wolfssl_free(client_ctx, client_ssl);
wolfssl_free(server_ctx, server_ssl);
/* Cleanup wolfSSL library. */
wolfSSL_Cleanup();
if (ret == 0)
printf("Done\n");
else {
char buffer[80];
printf("Error: %d, %s\n", ret, wolfSSL_ERR_error_string(ret, buffer));
}
return (ret == 0) ? 0 : 1;
}
/* Main entry point for the program.
*
* argc The count of command line arguments.
* argv The command line arguments.
* returns 0 on success and 1 otherwise.
*/
int main(int argc, char* argv[])
{
socklen_t socketfd = -1;
int ch;
WOLFSSL_CTX* ctx = NULL;
SSLConn_CTX* sslConnCtx;
word16 port = wolfSSLPort;
int resumeSession = 0;
char* cipherList = NULL;
char* ourCert = CLI_CERT;
char* ourKey = CLI_KEY;
char* verifyCert = CA_CERT;
int version = SERVER_DEFAULT_VERSION;
int numConns = SSL_NUM_CONN;
int numBytesRead = NUM_READ_BYTES;
int numBytesWrite = NUM_WRITE_BYTES;
int maxBytes = MAX_BYTES;
int maxConns = MAX_CONNECTIONS;
int i;
/* Parse the command line arguments. */
while ((ch = mygetopt(argc, argv, OPTIONS)) != -1) {
switch (ch) {
/* Help with command line options. */
case '?':
Usage();
exit(EXIT_SUCCESS);
/* Port number to connect to. */
case 'p':
port = (word16)atoi(myoptarg);
break;
/* Version of SSL/TLS to use. */
case 'v':
version = atoi(myoptarg);
if (version < 0 || version > 3) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* List of cipher suites to use. */
case 'l':
cipherList = myoptarg;
break;
/* File name of client certificate for client authentication. */
case 'c':
ourCert = myoptarg;
break;
/* File name of client private key for client authentication. */
case 'k':
ourKey = myoptarg;
break;
/* File name of server certificate/CA for peer verification. */
case 'A':
verifyCert = myoptarg;
break;
/* Resume sessions. */
case 'r':
resumeSession = 1;
break;
/* Number of connections to make. */
case 'n':
maxConns = atoi(myoptarg);
if (maxConns < 0 || maxConns > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
maxBytes = 0;
break;
/* Number of conncurrent connections to use. */
case 'N':
numConns = atoi(myoptarg);
if (numConns < 0 || numConns > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Number of bytes to read each call. */
case 'R':
numBytesRead = atoi(myoptarg);
if (numBytesRead <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Number of bytes to write each call. */
case 'W':
numBytesWrite = atoi(myoptarg);
if (numBytesWrite <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
/* Maximum number of read and write bytes (separate counts). */
case 'B':
maxBytes = atoi(myoptarg);
if (maxBytes <= 0) {
Usage();
exit(MY_EX_USAGE);
}
maxConns = 0;
break;
/* Unrecognized command line argument. */
default:
Usage();
exit(MY_EX_USAGE);
}
}
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* Initialize wolfSSL */
wolfSSL_Init();
/* Initialize wolfSSL and create a context object. */
if (WolfSSLCtx_Init(version, ourCert, ourKey, verifyCert, cipherList, &ctx)
== EXIT_FAILURE)
exit(EXIT_FAILURE);
/* Create SSL/TLS connection data object. */
sslConnCtx = SSLConn_New(numConns, numBytesRead, numBytesWrite,
maxConns, maxBytes, resumeSession);
if (sslConnCtx == NULL)
exit(EXIT_FAILURE);
/* Keep handling connections until all done. */
for (i = 0; !SSLConn_Done(sslConnCtx); i = (i + 1) % numConns) {
SSLConn* sslConn = &sslConnCtx->sslConn[i];
/* Perform close if in CLOSE state. */
if (sslConn->state == CLOSE) {
if (sslConnCtx->numConnections == 0) {
WOLFSSL_CIPHER* cipher;
cipher = wolfSSL_get_current_cipher(sslConn->ssl);
printf("SSL cipher suite is %s\n",
wolfSSL_CIPHER_get_name(cipher));
}
SSLConn_Close(sslConnCtx, sslConn);
}
/* Create TCP connection and connect if in INIT state. */
if ((sslConn->state == INIT) &&
((sslConnCtx->maxConnections <= 0) ||
(sslConnCtx->numCreated < sslConnCtx->maxConnections))) {
if (CreateSocketConnect(port, &socketfd) == EXIT_FAILURE) {
printf("ERROR: failed to connect to server\n");
exit(EXIT_FAILURE);
}
SSLConn_Connect(sslConnCtx, ctx, socketfd, sslConn);
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (sslConn->err == 4) {
int ret;
double start;
start = current_time(1);
ret = wolfSSL_AsyncPoll(sslConn->ssl, WOLF_POLL_FLAG_CHECK_HW);
sslConnCtx->asyncTime += current_time(0) - start;
if (ret < 0) {
printf("ERROR: failed in async polling\n");
break;
}
if (ret == 0)
continue;
}
sslConn->err = 0;
#endif
/* Handle other SSL states. */
if (sslConnCtx->totalTime == 0)
sslConnCtx->totalTime = current_time(1);
if (SSLConn_ReadWrite(sslConnCtx, sslConn) == EXIT_FAILURE) {
if (sslConnCtx->maxConnections > 0)
sslConn->state = CLOSE;
}
}
sslConnCtx->totalTime = current_time(0) - sslConnCtx->totalTime;
SSLConn_PrintStats(sslConnCtx);
SSLConn_Free(sslConnCtx);
WolfSSLCtx_Final(ctx);
wolfSSL_Cleanup();
exit(EXIT_SUCCESS);
}
int main(int argc, char** argv)
{
int ret = 0;
int fileLen;
byte* fileBuf = NULL;
int verifyFileLen;
byte* verifyFileBuf = NULL;
const char* verify_file = NULL;
enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_NONE;
enum wc_HashType hash_type = WC_HASH_TYPE_NONE;
sig_type = WC_SIGNATURE_TYPE_ECC;
hash_type = WC_HASH_TYPE_SHA256;
#if 0
wolfSSL_Debugging_ON();
#endif
/* Check arguments */
if (argc < 2) {
printf("Usage: eccsiglentest <filename>\n");
return 1;
}
/* Verify hash type is supported */
if (wc_HashGetDigestSize(hash_type) <= 0) {
printf("Hash type %d not supported!\n", hash_type);
return 1;
}
printf("Signature Length Test: Loops %d\n", ECC_LOOP_COUNT);
/* Load input file */
ret = load_file_to_buffer(argv[1], &fileBuf, &fileLen);
if (ret < 0) {
goto exit;
}
/* Load verify signature file (optional) */
if (verify_file) {
ret = load_file_to_buffer(verify_file, &verifyFileBuf, &verifyFileLen);
if (ret < 0) {
goto exit;
}
}
/* Perform sign and verify */
switch(sig_type)
{
#ifdef HAVE_ECC
case WC_SIGNATURE_TYPE_ECC:
{
int curveId;
int sigSz = verifyFileLen;
#if 1
for (curveId=ECC_SECP192R1; curveId<=ECC_BRAINPOOLP512R1; curveId++)
#else
curveId = ECC_SECP521R1;
#endif
{
int keySz = wc_ecc_get_curve_size_from_id(curveId);
if (keySz > 0) {
int maxSigSz = 0;
int maxCurveSigSz = 0;
int tries = ECC_LOOP_COUNT;
while (--tries > 0) {
ret = ecc_sign_verify_test(hash_type, sig_type, fileBuf, fileLen,
verifyFileBuf, &sigSz, &maxSigSz, &maxCurveSigSz, curveId, keySz);
}
/* print max */
printf("ECC Curve %s, KeySz %d, Sig: CurveMax %d, ActMax %d, CalcMax %d\n",
wc_ecc_get_name(curveId), keySz, maxCurveSigSz, maxSigSz,
wc_ecc_sig_size_calc(keySz));
}
}
}
break;
#endif
default:
ret = EXIT_FAILURE;
printf("Signature type %d, not supported!\n", sig_type);
}
exit:
/* Free */
if (fileBuf) {
free(fileBuf);
}
return ret;
}
int main (int argc, char** argv)
{
/* standard variables used in a dtls client */
int ret = 0, err;
int sockfd = -1;
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
const char* ca_cert = "../certs/ca-cert.pem";
char buff[MSGLEN];
int buffLen;
SharedDtls shared;
/* Program argument checking */
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
return 1;
}
/* Code for handling signals */
struct sigaction act, oact;
act.sa_handler = sig_handler;
sigemptyset(&act.sa_mask);
act.sa_flags = 0;
sigaction(SIGINT, &act, &oact);
wolfSSL_Debugging_ON();
/* Initialize wolfSSL before assigning ctx */
wolfSSL_Init();
if ( (ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "wolfSSL_CTX_new error.\n");
goto exit;
}
/* Register callbacks */
wolfSSL_CTX_SetIORecv(ctx, my_IORecv);
wolfSSL_CTX_SetIOSend(ctx, my_IOSend);
/* Load CA certificates into ctx variable */
if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, 0)
!= SSL_SUCCESS) {
fprintf(stderr, "Error loading %s, please check the file.\n", ca_cert);
goto exit;
}
/* Assign ssl variable */
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
printf("unable to get ssl object");
goto exit;
}
memset(&shared, 0, sizeof(shared));
shared.ssl = ssl;
/* servAddr setup */
shared.servSz = sizeof(shared.servAddr);
shared.servAddr.sin_family = AF_INET;
shared.servAddr.sin_port = htons(SERV_PORT);
if (inet_pton(AF_INET, argv[1], &shared.servAddr.sin_addr) < 1) {
printf("Error and/or invalid IP address");
goto exit;
}
if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("cannot create a socket.");
goto exit;
}
shared.sd = sockfd;
wolfSSL_SetIOWriteCtx(ssl, &shared);
wolfSSL_SetIOReadCtx(ssl, &shared);
if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
printf("err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
printf("SSL_connect failed\n");
goto exit;
}
/**************************************************************************/
/* Code for sending datagram to server */
if (fgets(buff, sizeof(buff), stdin) != NULL) {
/* Send buffer to the server */
buffLen = strlen(buff);
if (( wolfSSL_write(ssl, buff, buffLen)) != buffLen) {
err = wolfSSL_get_error(ssl, 0);
if (err != SSL_ERROR_WANT_WRITE) {
printf("err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
printf("SSL_write failed\n");
goto exit;
}
}
/* Receive message from server */
ret = wolfSSL_read(ssl, buff, sizeof(buff)-1);
if (ret < 0) {
err = wolfSSL_get_error(ssl, 0);
if (err != SSL_ERROR_WANT_READ) {
printf("err = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
printf("SSL_read failed\n");
goto exit;
}
}
buffLen = ret;
ret = 0;
/* Add a terminating character to the generic server message */
buff[buffLen] = '\0';
fputs(buff, stdout);
}
/* End code for sending datagram to server */
/**************************************************************************/
exit:
/* Housekeeping */
if (ssl) {
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
}
if (sockfd != -1) {
close(sockfd);
}
if (ctx) {
wolfSSL_CTX_free(ctx);
}
wolfSSL_Cleanup();
return ret;
}
NOEXPORT int main_unix(int argc, char* argv[]) {
int configure_status;
#if !defined(__vms) && !defined(USE_OS2)
int fd;
fd=open("/dev/null", O_RDWR); /* open /dev/null before chroot */
if(fd==INVALID_SOCKET)
fatal("Could not open /dev/null");
#endif
#ifdef WOLFSSL_DEBUG_ON
wolfSSL_Debugging_ON();
wolfSSL_SetLoggingCb((wolfSSL_Logging_cb)&wolfSSL_s_log);
#endif
main_init();
configure_status=main_configure(argc>1 ? argv[1] : NULL,
argc>2 ? argv[2] : NULL);
switch(configure_status) {
case 1: /* error -> exit with 1 to indicate error */
close(fd);
return 1;
case 2: /* information printed -> exit with 0 to indicate success */
close(fd);
return 0;
}
if(service_options.next) { /* there are service sections -> daemon mode */
#if !defined(__vms) && !defined(USE_OS2)
if(daemonize(fd)) {
close(fd);
return 1;
}
close(fd);
/* create_pid() must be called after drop_privileges()
* or it won't be possible to remove the file on exit */
/* create_pid() must be called after daemonize()
* since the final pid is not known beforehand */
if(create_pid())
return 1;
#endif
#ifndef USE_OS2
signal(SIGCHLD, signal_handler); /* handle dead children */
signal(SIGHUP, signal_handler); /* configuration reload */
signal(SIGUSR1, signal_handler); /* log reopen */
signal(SIGPIPE, SIG_IGN); /* ignore broken pipe */
if(signal(SIGTERM, SIG_IGN)!=SIG_IGN)
signal(SIGTERM, signal_handler); /* fatal */
if(signal(SIGQUIT, SIG_IGN)!=SIG_IGN)
signal(SIGQUIT, signal_handler); /* fatal */
if(signal(SIGINT, SIG_IGN)!=SIG_IGN)
signal(SIGINT, signal_handler); /* fatal */
#endif
daemon_loop();
} else { /* inetd mode */
#if !defined(__vms) && !defined(USE_OS2)
close(fd);
#endif /* standard Unix */
#ifndef USE_OS2
signal(SIGCHLD, SIG_IGN); /* ignore dead children */
signal(SIGPIPE, SIG_IGN); /* ignore broken pipe */
#endif
set_nonblock(0, 1); /* stdin */
set_nonblock(1, 1); /* stdout */
client_main(alloc_client_session(&service_options, 0, 1));
}
return 0;
}
int main()
{
int sockfd;
int connd;
struct sockaddr_in servAddr;
struct sockaddr_in clientAddr;
socklen_t size = sizeof(clientAddr);
char command[256];
char buffer[256];
int shutDown = 0;
int ret, err, firstRead, gotFirstG, echoSz;
unsigned char serverDer[2048];
int serverDerSz = sizeof(serverDer);
/* PEM certificate buffers */
unsigned char server[2048];
unsigned char serveK[2048];
unsigned char cert[4096]; /* certificate chain to send */
int serverSz = sizeof(server);
int serveKSz = sizeof(serveK);
int certSz = sizeof(cert);
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
wolfSSL_Debugging_ON();
/* Initialize wolfSSL */
wolfSSL_Init();
/* create new certificate with IP address as common name */
if (createSignedCert(
(unsigned char*)server_cert_der_2048, sizeof_server_cert_der_2048,
(unsigned char*)server_key_der_2048, sizeof_server_key_der_2048,
serverDer, &serverDerSz,
server, &serverSz,
serveK, &serveKSz,
"127.0.0.1", 0) != 0) {
fprintf(stderr, "Failure creating new certificate\n");
return -1;
}
XMEMCPY(cert, server, serverSz);
/* convert CA to PEM format */
ret = wc_DerToPem((unsigned char*)server_cert_der_2048,
sizeof_server_cert_der_2048, cert + serverSz, certSz - serverSz,
CERT_TYPE);
if (ret <= 0) {
fprintf(stderr, "error converting CA to PEM format.\n");
return -1;
}
certSz = ret + serverSz;
{
/* for debugging print out created certificate to files */
FILE* f = fopen("created_chain.pem", "wb");
if (f != NULL ) {
fwrite(cert, 1, certSz, f);
fclose(f);
}
f = fopen("created_cert.der", "wb");
if (f != NULL ) {
fwrite(server, 1, serverSz, f);
fclose(f);
}
f = fopen("created_key.der", "wb");
if (f != NULL ) {
fwrite(serveK, 1, serveKSz, f);
fclose(f);
}
}
/* Create a socket that uses an internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol. */
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
fprintf(stderr, "ERROR: failed to create the socket\n");
return -1;
}
/* Create and initialize WOLFSSL_CTX */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
return -1;
}
/* For this example load certificate chain into WOLFSSL_CTX */
if (wolfSSL_CTX_use_certificate_chain_buffer(ctx, cert, certSz)
!= SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load certificate chain.\n");
return -1;
}
/* Load server key into WOLFSSL_CTX */
if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, serveK, serveKSz,
SSL_FILETYPE_ASN1)
!= SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load server key.\n");
return -1;
}
/* Initialize the server address struct with zeros */
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */
/* Bind the server socket to our port */
if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
fprintf(stderr, "ERROR: failed to bind\n");
return -1;
}
/* Listen for a new connection, allow 5 pending connections */
if (listen(sockfd, 5) == -1) {
fprintf(stderr, "ERROR: failed to listen\n");
return -1;
}
/* Continue to accept clients until shutdown is issued */
while (!shutDown) {
printf("Waiting for a connection...\n");
/* Accept client connections */
if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
== -1) {
fprintf(stderr, "ERROR: failed to accept the connection\n\n");
return -1;
}
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
return -1;
}
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, connd);
printf("Client connected successfully\n");
/* Very basic HTTP GET command -- intended to be used as an example.
* read and write from wolfssl-root/examples/echoserver/echoserver.c */
while (1) {
err = 0; /* reset error */
ret = wolfSSL_read(ssl, command, sizeof(command)-1);
if (ret <= 0) {
err = wolfSSL_get_error(ssl, 0);
if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_ZERO_RETURN){
printf("SSL_read echo error %d, %s!\n", err,
wolfSSL_ERR_error_string(err, buffer));
}
break;
}
echoSz = ret;
if (firstRead == 1) {
firstRead = 0; /* browser may send 1 byte 'G' to start */
if (echoSz == 1 && command[0] == 'G') {
gotFirstG = 1;
continue;
}
}
else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) {
strncpy(command, "GET", 4);
/* fall through to normal GET */
}
if ( strncmp(command, "quit", 4) == 0) {
printf("client sent quit command: shutting down!\n");
shutDown = 1;
break;
}
if ( strncmp(command, "break", 5) == 0) {
printf("client sent break command: closing session!\n");
break;
}
if ( strncmp(command, "GET", 3) == 0) {
char type[] = "HTTP/1.0 200 ok\r\nContent-type:"
" text/html\r\n\r\n";
char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n";
char body[] = "greetings from wolfSSL\n";
char footer[] = "</body></html>\r\n\r\n";
strncpy(command, type, sizeof(type));
echoSz = sizeof(type) - 1;
strncpy(&command[echoSz], header, sizeof(header));
echoSz += (int)sizeof(header) - 1;
strncpy(&command[echoSz], body, sizeof(body));
echoSz += (int)sizeof(body) - 1;
strncpy(&command[echoSz], footer, sizeof(footer));
echoSz += (int)sizeof(footer);
err = 0; /* reset error */
ret = wolfSSL_write(ssl, command, echoSz);
if (ret <= 0) {
err = wolfSSL_get_error(ssl, 0);
}
if (ret != echoSz) {
printf("SSL_write get error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
printf("SSL_write get failed\n");
}
break;
}
command[echoSz] = 0;
ret = wolfSSL_write(ssl, command, echoSz);
if (ret <= 0) {
printf("Error %d\n", wolfSSL_get_error(ssl, 0));
break;
}
if (ret != echoSz) {
printf("SSL_write echo error = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
printf("SSL_write echo failed\n");
}
}
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
close(connd); /* Close the connection to the client */
}
printf("Shutdown complete\n");
/* Cleanup and return */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the socket listening for clients */
return 0; /* Return reporting a success */
}
int testsuite_test(int argc, char** argv)
{
func_args server_args;
tcp_ready ready;
THREAD_TYPE serverThread;
#ifndef USE_WINDOWS_API
char tempName[] = "/tmp/output-XXXXXX";
int len = 18;
int num = 6;
#else
char tempName[] = "fnXXXXXX";
int len = 8;
int num = 6;
#endif
#ifdef HAVE_CAVIUM
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) {
err_sys("Whitewood netRandom global config failed");
return -1237;
}
#endif /* HAVE_WNR */
StartTCP();
server_args.argc = argc;
server_args.argv = argv;
wolfSSL_Init();
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#if !defined(WOLFSSL_TIRTOS)
ChangeToWolfRoot();
#endif
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
server_args.signal = &ready;
InitTcpReady(&ready);
#ifndef NO_CRYPT_TEST
/* wc_ test */
wolfcrypt_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
#endif
/* Simple wolfSSL client server test */
simple_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* Echo input wolfSSL client server test */
start_thread(echoserver_test, &server_args, &serverThread);
wait_tcp_ready(&server_args);
{
func_args echo_args;
char* myArgv[NUMARGS];
char argc0[32];
char argc1[32];
char argc2[32];
myArgv[0] = argc0;
myArgv[1] = argc1;
myArgv[2] = argc2;
echo_args.argc = 3;
echo_args.argv = myArgv;
/* Create unique file name */
outputName = mymktemp(tempName, len, num);
if (outputName == NULL) {
printf("Could not create unique file name");
return EXIT_FAILURE;
}
strcpy(echo_args.argv[0], "echoclient");
strcpy(echo_args.argv[1], "input");
strcpy(echo_args.argv[2], outputName);
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args.signal;
/* make sure OK */
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
#ifdef WOLFSSL_DTLS
wait_tcp_ready(&server_args);
#endif
/* send quit to echoserver */
echo_args.argc = 2;
strcpy(echo_args.argv[1], "quit");
echoclient_test(&echo_args);
if (echo_args.return_code != 0) return echo_args.return_code;
join_thread(serverThread);
if (server_args.return_code != 0) return server_args.return_code;
}
/* show ciphers */
{
char ciphers[1024];
XMEMSET(ciphers, 0, sizeof(ciphers));
wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
printf("ciphers = %s\n", ciphers);
}
/* validate output equals input */
{
byte input[SHA256_DIGEST_SIZE];
byte output[SHA256_DIGEST_SIZE];
file_test("input", input);
file_test(outputName, output);
remove(outputName);
if (memcmp(input, output, sizeof(input)) != 0)
return EXIT_FAILURE;
}
wolfSSL_Cleanup();
FreeTcpReady(&ready);
#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
printf("\nAll tests passed!\n");
return EXIT_SUCCESS;
}
int main(int argc, char** argv)
{
int ret;
WC_RNG rng;
ecEncCtx* srvCtx = NULL;
void* devCtx = NULL;
const byte* mySalt;
byte peerSalt[EXCHANGE_SALT_SZ];
byte buffer[BTLE_MSG_MAX_SIZE];
word32 bufferSz;
byte plain[BTLE_MSG_MAX_SIZE];
word32 plainSz;
ecc_key myKey, peerKey;
int type;
wolfSSL_Init();
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
/* make my session key */
ret = wc_ecc_init(&myKey);
ret |= wc_ecc_init(&peerKey);
if (ret != 0) {
printf("wc_ecc_init failed!\n");
goto cleanup;
}
/* open BTLE */
ret = btle_open(&devCtx, BTLE_ROLE_SERVER);
if (ret != 0) {
printf("btle_open failed %d! errno %d\n", ret, errno);
goto cleanup;
}
ret = wc_InitRng(&rng);
if (ret != 0) {
printf("wc_InitRng failed! %d\n", ret);
goto cleanup;
}
ret = wc_ecc_make_key(&rng, 32, &myKey);
if (ret != 0) {
printf("wc_ecc_make_key failed %d\n", ret);
goto cleanup;
}
srvCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
if (srvCtx == NULL) {
printf("wc_ecc_ctx_new failed!\n");
ret = -1; goto cleanup;
}
/* exchange public keys */
/* Get peer key */
ret = btle_recv(buffer, sizeof(buffer), &type, devCtx);
if (ret < 0) {
printf("btle_recv key failed %d! errno %d\n", ret, errno);
goto cleanup;
}
if (type != BTLE_PKT_TYPE_KEY) {
printf("btle_recv expected key!\n");
ret = -1; goto cleanup;
}
bufferSz = ret;
ret = wc_ecc_import_x963(buffer, bufferSz, &peerKey);
if (ret != 0) {
printf("wc_ecc_import_x963 failed %d!\n", ret);
goto cleanup;
}
/* send my public key */
/* export my public key */
bufferSz = sizeof(buffer);
ret = wc_ecc_export_x963(&myKey, buffer, &bufferSz);
if (ret != 0) {
printf("wc_ecc_export_x963 failed %d\n", ret);
goto cleanup;
}
/* TODO: Server should hash and sign this public key with a trust ceritifcate (already exchanged) */
/* ECC signature is about 65 bytes */
ret = btle_send(buffer, bufferSz, BTLE_PKT_TYPE_KEY, devCtx);
if (ret != bufferSz) {
printf("btle_send key failed %d!\n", ret);
goto cleanup;
}
while (1) {
mySalt = wc_ecc_ctx_get_own_salt(srvCtx);
if (mySalt == NULL) {
printf("wc_ecc_ctx_get_own_salt failed!\n");
ret = -1; goto cleanup;
}
/* Get peer salt */
ret = btle_recv(peerSalt, EXCHANGE_SALT_SZ, &type, devCtx);
if (ret <= 0) {
printf("btle_recv salt failed %d! errno %d\n", ret, errno);
goto cleanup;
}
if (type != BTLE_PKT_TYPE_SALT) {
printf("btle_recv expected salt!\n");
ret = -1; goto cleanup;
}
/* Send my salt */
/* You must send mySalt before set_peer_salt, because buffer changes */
ret = btle_send(mySalt, EXCHANGE_SALT_SZ, BTLE_PKT_TYPE_SALT, devCtx);
if (ret != EXCHANGE_SALT_SZ) {
printf("btle_send salt failed %d!\n", ret);
goto cleanup;
}
ret = wc_ecc_ctx_set_peer_salt(srvCtx, peerSalt);
if (ret != 0) {
printf("wc_ecc_ctx_set_peer_salt failed %d\n", ret);
goto cleanup;
}
/* Get message */
bufferSz = sizeof(buffer);
ret = btle_recv(buffer, bufferSz, &type, devCtx);
if (ret <= 0) {
printf("btle_recv msg failed %d! errno %d\n", ret, errno);
goto cleanup;
}
if (type != BTLE_PKT_TYPE_MSG) {
printf("btle_recv expected msg!\n");
ret = -1; goto cleanup;
}
/* Decrypt message */
bufferSz = ret;
plainSz = sizeof(plain);
ret = wc_ecc_decrypt(&myKey, &peerKey, buffer, bufferSz, plain, &plainSz, srvCtx);
if (ret != 0) {
printf("wc_ecc_decrypt failed %d!\n", ret);
goto cleanup;
}
printf("Recv %d: %s\n", plainSz, plain);
/* Encrypt message */
bufferSz = sizeof(buffer);
ret = wc_ecc_encrypt(&myKey, &peerKey, plain, plainSz, buffer, &bufferSz, srvCtx);
if (ret != 0) {
printf("wc_ecc_encrypt failed %d!\n", ret);
goto cleanup;
}
/* Send message */
ret = btle_send(buffer, bufferSz, BTLE_PKT_TYPE_MSG, devCtx);
if (ret != bufferSz) {
printf("btle_send failed %d!\n", ret);
goto cleanup;
}
/* check for exit flag */
if (strstr((char*)plain, "EXIT"))
break;
/* reset context (reset my salt) */
ret = wc_ecc_ctx_reset(srvCtx, &rng);
if (ret != 0) {
printf("wc_ecc_ctx_reset failed %d\n", ret);
goto cleanup;
}
}
cleanup:
if (devCtx != NULL)
btle_close(devCtx);
wolfSSL_Cleanup();
return ret;
}
