2011-07-26 13:27:22 -07:00
|
|
|
/* server.c
|
|
|
|
|
*
|
2017-06-22 22:19:59 -06:00
|
|
|
* Copyright (C) 2006-2017 wolfSSL Inc.
|
2011-07-26 13:27:22 -07:00
|
|
|
*
|
2016-03-17 16:02:13 -06:00
|
|
|
* This file is part of wolfSSL.
|
2011-07-26 13:27:22 -07:00
|
|
|
*
|
2015-01-06 12:14:15 -07:00
|
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
2011-07-26 13:27:22 -07:00
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
2015-01-06 12:14:15 -07:00
|
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
2011-07-26 13:27:22 -07:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2016-03-17 16:02:13 -06:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
2011-07-26 13:27:22 -07:00
|
|
|
*/
|
|
|
|
|
|
2016-03-17 16:02:13 -06:00
|
|
|
|
2011-08-24 16:37:16 -07:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include <config.h>
|
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
#include <wolfssl/ssl.h> /* name change portability layer */
|
2011-08-04 16:42:55 -06:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#include <wolfssl/wolfcrypt/settings.h>
|
2014-09-09 10:14:32 -07:00
|
|
|
#ifdef HAVE_ECC
|
2018-03-06 16:45:44 -08:00
|
|
|
#include <wolfssl/wolfcrypt/ecc.h> /* wc_ecc_fp_free */
|
2014-09-09 10:14:32 -07:00
|
|
|
#endif
|
2013-04-10 12:17:23 -07:00
|
|
|
|
2015-11-27 11:31:12 +09:00
|
|
|
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
|
2014-04-11 16:20:12 +09:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
2018-01-01 11:57:31 +09:00
|
|
|
#include "cmsis_os.h"
|
|
|
|
|
#include "rl_fs.h"
|
|
|
|
|
#include "rl_net.h"
|
|
|
|
|
#include "wolfssl_MDK_ARM.h"
|
2013-05-16 09:47:27 -07:00
|
|
|
#endif
|
2018-01-01 11:57:31 +09:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#include <wolfssl/openssl/ssl.h>
|
|
|
|
|
#include <wolfssl/test.h>
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
#include <wolfssl/error-ssl.h>
|
2017-07-31 11:24:42 -07:00
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2012-09-19 23:38:41 -07:00
|
|
|
#include "examples/server/server.h"
|
|
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
#ifndef NO_WOLFSSL_SERVER
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
static int devId = INVALID_DEVID;
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-12-24 15:42:52 -08:00
|
|
|
/* Note on using port 0: if the server uses port 0 to bind an ephemeral port
|
|
|
|
|
* number and is using the ready file for scripted testing, the code in
|
|
|
|
|
* test.h will write the actual port number into the ready file for use
|
|
|
|
|
* by the client. */
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2016-12-22 12:53:29 +10:00
|
|
|
static const char webServerMsg[] =
|
|
|
|
|
"HTTP/1.1 200 OK\n"
|
|
|
|
|
"Content-Type: text/html\n"
|
|
|
|
|
"Connection: close\n"
|
|
|
|
|
"\n"
|
|
|
|
|
"<html>\n"
|
|
|
|
|
"<head>\n"
|
|
|
|
|
"<title>Welcome to wolfSSL!</title>\n"
|
|
|
|
|
"</head>\n"
|
|
|
|
|
"<body>\n"
|
|
|
|
|
"<p>wolfSSL has successfully performed handshake!</p>\n"
|
|
|
|
|
"</body>\n"
|
|
|
|
|
"</html>\n";
|
2015-04-28 12:21:54 -07:00
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
int runWithErrors = 0; /* Used with -x flag to run err_sys vs. print errors */
|
2017-06-26 23:05:32 -07:00
|
|
|
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_CALLBACKS
|
2017-06-26 23:05:32 -07:00
|
|
|
Timeval srvTo;
|
|
|
|
|
static int srvHandShakeCB(HandShakeInfo* info)
|
|
|
|
|
{
|
|
|
|
|
(void)info;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int srvTimeoutCB(TimeoutInfo* info)
|
|
|
|
|
{
|
|
|
|
|
(void)info;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifndef NO_HANDSHAKE_DONE_CB
|
|
|
|
|
static int myHsDoneCb(WOLFSSL* ssl, void* user_ctx)
|
|
|
|
|
{
|
|
|
|
|
(void)user_ctx;
|
|
|
|
|
(void)ssl;
|
|
|
|
|
|
|
|
|
|
/* printf("Notified HandShake done\n"); */
|
|
|
|
|
|
|
|
|
|
/* return negative number to end TLS connection now */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
static void err_sys_ex(int out, const char* msg)
|
|
|
|
|
{
|
|
|
|
|
if (out == 1) { /* if server is running w/ -x flag, print error w/o exit */
|
|
|
|
|
printf("wolfSSL error: %s\n", msg);
|
|
|
|
|
printf("Continuing server execution...\n\n");
|
|
|
|
|
} else {
|
|
|
|
|
err_sys(msg);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-04 10:05:22 -08:00
|
|
|
static int NonBlockingSSL_Accept(SSL* ssl)
|
2012-10-17 13:13:58 -07:00
|
|
|
{
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2012-10-17 13:13:58 -07:00
|
|
|
int ret = SSL_accept(ssl);
|
|
|
|
|
#else
|
2018-02-01 11:02:35 -08:00
|
|
|
int ret = SSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
|
2012-10-17 13:13:58 -07:00
|
|
|
#endif
|
|
|
|
|
int error = SSL_get_error(ssl, 0);
|
2018-02-01 11:02:35 -08:00
|
|
|
SOCKET_T sockfd = (SOCKET_T)SSL_get_fd(ssl);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
int select_ret = 0;
|
2012-10-17 13:13:58 -07:00
|
|
|
|
2018-03-16 12:02:36 -07:00
|
|
|
while (ret != WOLFSSL_SUCCESS &&
|
|
|
|
|
(error == WOLFSSL_ERROR_WANT_READ || error == WOLFSSL_ERROR_WANT_WRITE
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|| error == WC_PENDING_E
|
|
|
|
|
#endif
|
|
|
|
|
)) {
|
2013-05-08 12:49:55 -07:00
|
|
|
int currTimeout = 1;
|
|
|
|
|
|
2017-10-11 09:09:52 -07:00
|
|
|
if (error == WOLFSSL_ERROR_WANT_READ) {
|
2015-10-16 07:46:51 +02:00
|
|
|
/* printf("... server would read block\n"); */
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
2017-10-11 09:09:52 -07:00
|
|
|
else if (error == WOLFSSL_ERROR_WANT_WRITE) {
|
2015-10-16 07:46:51 +02:00
|
|
|
/* printf("... server would write block\n"); */
|
|
|
|
|
}
|
2018-03-16 12:02:36 -07:00
|
|
|
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
2018-03-16 12:02:36 -07:00
|
|
|
if (error == WC_PENDING_E) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
2018-03-16 12:02:36 -07:00
|
|
|
else
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
#endif
|
2018-03-16 12:02:36 -07:00
|
|
|
{
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
#endif
|
|
|
|
|
select_ret = tcp_select(sockfd, currTimeout);
|
|
|
|
|
}
|
2012-10-17 13:13:58 -07:00
|
|
|
|
2018-03-16 12:02:36 -07:00
|
|
|
if ((select_ret == TEST_RECV_READY) || (select_ret == TEST_ERROR_READY)
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|| error == WC_PENDING_E
|
|
|
|
|
#endif
|
|
|
|
|
) {
|
2018-06-06 13:14:06 -07:00
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2012-10-17 13:13:58 -07:00
|
|
|
ret = SSL_accept(ssl);
|
|
|
|
|
#else
|
2018-02-01 11:02:35 -08:00
|
|
|
ret = SSL_accept_ex(ssl,
|
2012-10-17 13:13:58 -07:00
|
|
|
srvHandShakeCB, srvTimeoutCB, srvTo);
|
|
|
|
|
#endif
|
|
|
|
|
error = SSL_get_error(ssl, 0);
|
|
|
|
|
}
|
2018-02-01 11:02:35 -08:00
|
|
|
else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
|
2017-10-11 09:09:52 -07:00
|
|
|
error = WOLFSSL_ERROR_WANT_READ;
|
2012-10-17 13:13:58 -07:00
|
|
|
}
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
|
|
|
|
|
wolfSSL_dtls_got_timeout(ssl) >= 0) {
|
2017-10-11 09:09:52 -07:00
|
|
|
error = WOLFSSL_ERROR_WANT_READ;
|
2013-05-08 12:49:55 -07:00
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
#endif
|
2012-10-17 13:13:58 -07:00
|
|
|
else {
|
2017-10-11 09:09:52 -07:00
|
|
|
error = WOLFSSL_FATAL_ERROR;
|
2011-02-05 11:14:47 -08:00
|
|
|
}
|
|
|
|
|
}
|
2016-03-04 10:05:22 -08:00
|
|
|
|
|
|
|
|
return ret;
|
2012-10-17 13:13:58 -07:00
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
/* Echo number of bytes specified by -e arg */
|
2018-04-09 13:53:05 +10:00
|
|
|
int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
|
|
|
|
|
int throughput)
|
2015-10-16 07:46:51 +02:00
|
|
|
{
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
int ret = 0, err;
|
|
|
|
|
double start = 0, rx_time = 0, tx_time = 0;
|
|
|
|
|
int xfer_bytes = 0, select_ret, len, rx_pos;
|
|
|
|
|
char* buffer;
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
buffer = (char*)malloc(block);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (!buffer) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Server buffer malloc failed");
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
while ((echoData && throughput == 0) ||
|
|
|
|
|
(!echoData && xfer_bytes < throughput))
|
|
|
|
|
{
|
|
|
|
|
select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
|
|
|
|
|
if (select_ret == TEST_RECV_READY) {
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
len = min(block, throughput - xfer_bytes);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
rx_pos = 0;
|
|
|
|
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
start = current_time(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Read data */
|
|
|
|
|
while (rx_pos < len) {
|
|
|
|
|
ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos);
|
2017-04-11 14:13:08 -07:00
|
|
|
if (ret < 0) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
else
|
|
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
if (err != WOLFSSL_ERROR_WANT_READ &&
|
2018-03-16 12:02:36 -07:00
|
|
|
err != WOLFSSL_ERROR_ZERO_RETURN) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
printf("SSL_read echo error %d\n", err);
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "SSL_read failed");
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
|
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
else {
|
|
|
|
|
rx_pos += ret;
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
|
|
|
|
if (throughput) {
|
|
|
|
|
rx_time += current_time(0) - start;
|
|
|
|
|
start = current_time(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Write data */
|
|
|
|
|
do {
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
ret = SSL_write(ssl, buffer, len);
|
|
|
|
|
if (ret <= 0) {
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
} while (err == WC_PENDING_E);
|
|
|
|
|
if (ret != len) {
|
|
|
|
|
printf("SSL_write echo error %d\n", err);
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "SSL_write failed");
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
2015-10-16 07:46:51 +02:00
|
|
|
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (throughput) {
|
|
|
|
|
tx_time += current_time(0) - start;
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
|
|
|
|
|
xfer_bytes += len;
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
|
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
|
|
|
|
|
free(buffer);
|
|
|
|
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
printf("wolfSSL Server Benchmark %d bytes\n"
|
|
|
|
|
"\tRX %8.3f ms (%8.3f MBps)\n"
|
|
|
|
|
"\tTX %8.3f ms (%8.3f MBps)\n",
|
|
|
|
|
throughput,
|
|
|
|
|
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
|
|
|
|
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
|
|
|
|
);
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return EXIT_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-08 10:32:51 +10:00
|
|
|
static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
|
|
|
|
|
{
|
|
|
|
|
int ret, err;
|
2018-02-01 11:02:35 -08:00
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
/* Read data */
|
|
|
|
|
do {
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
ret = SSL_read(ssl, input, inputLen);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
|
|
|
|
else
|
2017-07-31 11:24:42 -07:00
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_DTLS
|
2017-07-31 11:24:42 -07:00
|
|
|
if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
|
|
|
|
|
printf("Dropped client's message due to a bad MAC\n");
|
|
|
|
|
}
|
|
|
|
|
else
|
2017-06-08 10:32:51 +10:00
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
if (err != WOLFSSL_ERROR_WANT_READ) {
|
2017-06-08 10:32:51 +10:00
|
|
|
printf("SSL_read input error %d, %s\n", err,
|
|
|
|
|
ERR_error_string(err, buffer));
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "SSL_read failed");
|
2017-06-08 10:32:51 +10:00
|
|
|
}
|
|
|
|
|
}
|
2018-06-08 17:34:03 +10:00
|
|
|
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_READ);
|
2017-06-08 10:32:51 +10:00
|
|
|
if (ret > 0) {
|
|
|
|
|
input[ret] = 0; /* null terminate message */
|
|
|
|
|
printf("Client message: %s\n", input);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
|
|
|
|
|
{
|
|
|
|
|
int ret, err;
|
2018-02-01 11:02:35 -08:00
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
do {
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
ret = SSL_write(ssl, output, outputLen);
|
|
|
|
|
if (ret <= 0) {
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
2017-10-11 09:09:52 -07:00
|
|
|
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_WRITE);
|
2017-06-08 10:32:51 +10:00
|
|
|
if (ret != outputLen) {
|
|
|
|
|
printf("SSL_write msg error %d, %s\n", err,
|
|
|
|
|
ERR_error_string(err, buffer));
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "SSL_write failed");
|
2017-06-08 10:32:51 +10:00
|
|
|
}
|
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
static void Usage(void)
|
|
|
|
|
{
|
2018-02-01 11:02:35 -08:00
|
|
|
printf("server " LIBWOLFSSL_VERSION_STRING
|
2015-01-20 12:36:20 -07:00
|
|
|
" NOTE: All files relative to wolfSSL home dir\n");
|
2012-07-30 11:58:57 -07:00
|
|
|
printf("-? Help, print this usage\n");
|
2018-02-01 11:02:35 -08:00
|
|
|
printf("-p <num> Port to listen on, not 0, default %d\n", wolfSSLPort);
|
2017-07-03 18:29:15 +10:00
|
|
|
#ifndef WOLFSSL_TLS13
|
2012-07-30 11:58:57 -07:00
|
|
|
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
|
|
|
|
|
SERVER_DEFAULT_VERSION);
|
2017-07-03 18:29:15 +10:00
|
|
|
#else
|
|
|
|
|
printf("-v <num> SSL version [0-4], SSLv3(0) - TLS1.3(4)), default %d\n",
|
|
|
|
|
SERVER_DEFAULT_VERSION);
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("-l <str> Cipher suite list (: delimited)\n");
|
2017-04-06 15:54:59 -07:00
|
|
|
printf("-c <file> Certificate file, default %s\n", svrCertFile);
|
|
|
|
|
printf("-k <file> Key file, default %s\n", svrKeyFile);
|
|
|
|
|
printf("-A <file> Certificate Authority file, default %s\n", cliCertFile);
|
2015-12-22 14:35:34 -08:00
|
|
|
printf("-R <file> Create Ready file for external monitor default none\n");
|
2015-05-21 10:11:21 -07:00
|
|
|
#ifndef NO_DH
|
2017-04-06 15:54:59 -07:00
|
|
|
printf("-D <file> Diffie-Hellman Params file, default %s\n", dhParamFile);
|
2015-05-21 10:11:21 -07:00
|
|
|
printf("-Z <num> Minimum DH key bits, default %d\n",
|
|
|
|
|
DEFAULT_MIN_DHKEY_BITS);
|
2015-10-14 20:53:30 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_ALPN
|
2015-11-02 15:51:01 -03:00
|
|
|
printf("-L <str> Application-Layer Protocol Negotiation ({C,F}:<list>)\n");
|
2015-05-21 10:11:21 -07:00
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
printf("-d Disable client cert check\n");
|
|
|
|
|
printf("-b Bind to any interface instead of localhost only\n");
|
|
|
|
|
printf("-s Use pre Shared keys\n");
|
2013-03-07 22:52:51 -08:00
|
|
|
printf("-u Use UDP DTLS,"
|
2015-10-16 07:46:51 +02:00
|
|
|
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
|
2016-08-25 22:20:35 -07:00
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
printf("-G Use SCTP DTLS,"
|
|
|
|
|
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
|
|
|
|
|
#endif
|
2013-04-19 13:10:19 -07:00
|
|
|
printf("-f Fewer packets/group messages\n");
|
2015-04-28 12:21:54 -07:00
|
|
|
printf("-r Allow one client Resumption\n");
|
2012-10-17 14:06:50 -07:00
|
|
|
printf("-N Use Non-blocking sockets\n");
|
2013-05-21 14:37:50 -07:00
|
|
|
printf("-S <str> Use Host Name Indication\n");
|
2015-02-16 14:23:33 -08:00
|
|
|
printf("-w Wait for bidirectional shutdown\n");
|
2013-06-20 11:07:54 -07:00
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
printf("-o Perform OCSP lookup on peer certificate\n");
|
|
|
|
|
printf("-O <url> Perform OCSP lookup using <url> as responder\n");
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2013-08-26 16:27:29 -07:00
|
|
|
printf("-P Public Key Callbacks\n");
|
|
|
|
|
#endif
|
2014-12-01 11:44:32 -08:00
|
|
|
#ifdef HAVE_ANON
|
|
|
|
|
printf("-a Anonymous server\n");
|
|
|
|
|
#endif
|
2015-07-31 21:51:04 -06:00
|
|
|
#ifndef NO_PSK
|
|
|
|
|
printf("-I Do not send PSK identity hint\n");
|
|
|
|
|
#endif
|
2017-06-22 22:19:59 -06:00
|
|
|
printf("-x Print server errors but do not close connection\n");
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("-i Loop indefinitely (allow repeated connections)\n");
|
|
|
|
|
printf("-e Echo data mode (return raw bytes received)\n");
|
2015-12-22 11:51:26 -07:00
|
|
|
#ifdef HAVE_NTRU
|
|
|
|
|
printf("-n Use NTRU key (needed for NTRU suites)\n");
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("-B <num> Benchmark throughput using <num> bytes and print stats\n");
|
2018-04-27 14:43:04 +10:00
|
|
|
#ifdef HAVE_CRL
|
|
|
|
|
printf("-V Disable CRL\n");
|
|
|
|
|
#endif
|
2016-03-01 16:35:32 -07:00
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
printf("-E <file> Path to load trusted peer cert\n");
|
|
|
|
|
#endif
|
2016-05-05 15:31:25 -06:00
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
printf("-q <file> Whitewood config file, default %s\n", wnrConfig);
|
|
|
|
|
#endif
|
2016-12-22 12:53:29 +10:00
|
|
|
printf("-g Return basic HTML web page\n");
|
|
|
|
|
printf("-C <num> The number of connections to accept, default: 1\n");
|
2018-05-03 10:02:59 -07:00
|
|
|
printf("-H <arg> Internal tests [defCipherList, exitWithRet]\n");
|
2016-11-24 01:31:07 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
printf("-U Update keys and IVs before sending\n");
|
2018-04-09 13:53:05 +10:00
|
|
|
printf("-K Key Exchange for PSK not using (EC)DHE\n");
|
|
|
|
|
#ifndef NO_DH
|
|
|
|
|
printf("-y Pre-generate Key Share using FFDHE_2048 only\n");
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_ECC
|
|
|
|
|
printf("-Y Pre-generate Key Share using P-256 only \n");
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
|
|
|
|
printf("-t Pre-generate Key share using Curve25519 only\n");
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SESSION_TICKET
|
|
|
|
|
printf("-T Do not generate session ticket\n");
|
|
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
|
|
|
|
printf("-Q Request certificate from client post-handshake\n");
|
|
|
|
|
#endif
|
2017-06-27 08:52:53 +10:00
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
|
|
|
|
printf("-J Server sends Cookie Extension containing state\n");
|
|
|
|
|
#endif
|
2018-04-09 13:53:05 +10:00
|
|
|
#endif /* WOLFSSL_TLS13 */
|
2017-06-19 11:37:10 +10:00
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
printf("-0 Early data read from client (0-RTT handshake)\n");
|
|
|
|
|
#endif
|
2016-12-15 11:43:15 -08:00
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
printf("-3 <grpid> Multicast, grpid < 256\n");
|
|
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
}
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
2011-02-05 11:14:47 -08:00
|
|
|
{
|
2015-10-16 07:46:51 +02:00
|
|
|
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
|
|
|
|
|
SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2016-06-09 11:36:31 -06:00
|
|
|
wolfSSL_method_func method = NULL;
|
2011-02-05 11:14:47 -08:00
|
|
|
SSL_CTX* ctx = 0;
|
|
|
|
|
SSL* ssl = 0;
|
|
|
|
|
|
2016-06-13 14:39:41 -07:00
|
|
|
#ifndef WOLFSSL_ALT_TEST_STRINGS
|
2015-10-16 07:46:51 +02:00
|
|
|
const char msg[] = "I hear you fa shizzle!";
|
2016-06-13 14:39:41 -07:00
|
|
|
#else
|
|
|
|
|
const char msg[] = "I hear you fa shizzle!\n";
|
|
|
|
|
#endif
|
2016-12-22 12:53:29 +10:00
|
|
|
int useWebServerMsg = 0;
|
2013-03-29 14:06:36 -07:00
|
|
|
char input[80];
|
2012-07-30 11:58:57 -07:00
|
|
|
int ch;
|
|
|
|
|
int version = SERVER_DEFAULT_VERSION;
|
2018-04-27 14:43:04 +10:00
|
|
|
#ifndef WOLFSSL_NO_CLIENT_AUTH
|
2012-07-30 11:58:57 -07:00
|
|
|
int doCliCertCheck = 1;
|
2018-04-27 14:43:04 +10:00
|
|
|
#else
|
|
|
|
|
int doCliCertCheck = 0;
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_CRL
|
|
|
|
|
int disableCRL = 0;
|
|
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
int useAnyAddr = 0;
|
2015-08-12 16:45:40 +09:00
|
|
|
word16 port = wolfSSLPort;
|
2012-07-30 11:58:57 -07:00
|
|
|
int usePsk = 0;
|
2016-02-08 14:52:56 -07:00
|
|
|
int usePskPlus = 0;
|
2014-12-01 11:44:32 -08:00
|
|
|
int useAnon = 0;
|
2012-08-02 11:54:49 -07:00
|
|
|
int doDTLS = 0;
|
2016-08-25 22:20:35 -07:00
|
|
|
int dtlsUDP = 0;
|
|
|
|
|
int dtlsSCTP = 0;
|
2016-12-15 11:43:15 -08:00
|
|
|
int doMcast = 0;
|
2015-03-27 14:28:05 -07:00
|
|
|
int needDH = 0;
|
2015-07-11 12:52:22 -06:00
|
|
|
int useNtruKey = 0;
|
2013-04-19 13:10:19 -07:00
|
|
|
int nonBlocking = 0;
|
|
|
|
|
int fewerPackets = 0;
|
2018-03-21 11:27:08 -07:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2013-08-26 16:27:29 -07:00
|
|
|
int pkCallbacks = 0;
|
2018-03-21 11:27:08 -07:00
|
|
|
PkCbInfo pkCbInfo;
|
|
|
|
|
#endif
|
2015-04-28 12:21:54 -07:00
|
|
|
int wc_shutdown = 0;
|
2015-10-16 07:46:51 +02:00
|
|
|
int resume = 0;
|
|
|
|
|
int resumeCount = 0;
|
2016-12-22 12:53:29 +10:00
|
|
|
int loops = 1;
|
2018-04-09 13:53:05 +10:00
|
|
|
int cnt = 0;
|
2015-10-16 07:46:51 +02:00
|
|
|
int echoData = 0;
|
2018-04-09 13:53:05 +10:00
|
|
|
int block = TEST_BUFFER_SIZE;
|
2015-10-16 07:46:51 +02:00
|
|
|
int throughput = 0;
|
2016-04-14 13:35:49 -06:00
|
|
|
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
|
2016-04-22 12:56:51 -06:00
|
|
|
short minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
|
2016-04-20 15:44:45 -06:00
|
|
|
short minEccKeyBits = DEFAULT_MIN_ECCKEY_BITS;
|
2015-10-16 07:46:51 +02:00
|
|
|
int doListen = 1;
|
2015-11-23 14:15:12 -08:00
|
|
|
int crlFlags = 0;
|
2015-02-16 14:23:33 -08:00
|
|
|
int ret;
|
2016-03-04 10:05:22 -08:00
|
|
|
int err = 0;
|
2015-12-22 14:35:34 -08:00
|
|
|
char* serverReadyFile = NULL;
|
2015-10-09 15:18:41 +02:00
|
|
|
char* alpnList = NULL;
|
2015-10-13 09:38:40 +02:00
|
|
|
unsigned char alpn_opt = 0;
|
2012-07-30 11:58:57 -07:00
|
|
|
char* cipherList = NULL;
|
2017-04-04 14:31:47 -07:00
|
|
|
int useDefCipherList = 0;
|
2017-04-06 15:54:59 -07:00
|
|
|
const char* verifyCert = cliCertFile;
|
|
|
|
|
const char* ourCert = svrCertFile;
|
|
|
|
|
const char* ourKey = svrKeyFile;
|
|
|
|
|
const char* ourDhParam = dhParamFile;
|
2015-12-22 14:35:34 -08:00
|
|
|
tcp_ready* readySignal = NULL;
|
2012-07-30 11:58:57 -07:00
|
|
|
int argc = ((func_args*)args)->argc;
|
|
|
|
|
char** argv = ((func_args*)args)->argv;
|
|
|
|
|
|
2016-03-01 16:35:32 -07:00
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
const char* trustCert = NULL;
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-07-31 21:51:04 -06:00
|
|
|
#ifndef NO_PSK
|
2015-08-03 09:32:51 -07:00
|
|
|
int sendPskIdentityHint = 1;
|
2015-07-31 21:51:04 -06:00
|
|
|
#endif
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
#ifdef HAVE_SNI
|
|
|
|
|
char* sniHostName = NULL;
|
|
|
|
|
#endif
|
|
|
|
|
|
2013-06-20 11:07:54 -07:00
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
int useOcsp = 0;
|
|
|
|
|
char* ocspUrl = NULL;
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
const char* wnrConfigFile = wnrConfig;
|
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2016-11-24 01:31:07 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
int noPskDheKe = 0;
|
|
|
|
|
#endif
|
|
|
|
|
int updateKeysIVs = 0;
|
2017-06-08 10:32:51 +10:00
|
|
|
int postHandAuth = 0;
|
2017-06-19 11:37:10 +10:00
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
int earlyData = 0;
|
|
|
|
|
#endif
|
2017-06-27 08:37:55 +10:00
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-06-23 16:26:54 +10:00
|
|
|
int hrrCookie = 0;
|
|
|
|
|
#endif
|
2016-12-15 11:43:15 -08:00
|
|
|
byte mcastID = 0;
|
2016-05-05 15:31:25 -06:00
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
2016-06-07 15:39:16 -06:00
|
|
|
#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) \
|
|
|
|
|
|| defined(SESSION_CERTS)
|
|
|
|
|
/* big enough to handle most cases including session certs */
|
|
|
|
|
byte memory[204000];
|
2016-06-04 19:03:48 -06:00
|
|
|
#else
|
|
|
|
|
byte memory[80000];
|
|
|
|
|
#endif
|
2017-10-23 10:50:19 -07:00
|
|
|
byte memoryIO[34500]; /* max for IO buffer (TLS packet can be 16k) */
|
2016-06-04 19:03:48 -06:00
|
|
|
WOLFSSL_MEM_CONN_STATS ssl_stats;
|
2017-10-23 10:50:19 -07:00
|
|
|
#ifdef DEBUG_WOLFSSL
|
|
|
|
|
WOLFSSL_MEM_STATS mem_stats;
|
|
|
|
|
#endif
|
2016-06-04 19:03:48 -06:00
|
|
|
#endif
|
2018-04-09 13:53:05 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
int onlyKeyShare = 0;
|
|
|
|
|
int noTicket = 0;
|
|
|
|
|
#endif
|
|
|
|
|
int useX25519 = 0;
|
2018-05-03 10:02:59 -07:00
|
|
|
int exitWithRet = 0;
|
2016-06-04 19:03:48 -06:00
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
((func_args*)args)->return_code = -1; /* error state */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2013-03-07 18:20:29 -08:00
|
|
|
#ifdef NO_RSA
|
2017-04-06 15:54:59 -07:00
|
|
|
verifyCert = (char*)cliEccCertFile;
|
|
|
|
|
ourCert = (char*)eccCertFile;
|
|
|
|
|
ourKey = (char*)eccKeyFile;
|
2013-03-07 18:20:29 -08:00
|
|
|
#endif
|
2018-03-21 11:27:08 -07:00
|
|
|
|
2015-03-27 14:28:05 -07:00
|
|
|
(void)needDH;
|
2015-03-27 19:20:31 -07:00
|
|
|
(void)ourKey;
|
|
|
|
|
(void)ourCert;
|
2015-05-21 10:11:21 -07:00
|
|
|
(void)ourDhParam;
|
2015-03-27 19:20:31 -07:00
|
|
|
(void)verifyCert;
|
2015-07-11 12:52:22 -06:00
|
|
|
(void)useNtruKey;
|
2015-03-27 19:20:31 -07:00
|
|
|
(void)doCliCertCheck;
|
2015-05-21 10:11:21 -07:00
|
|
|
(void)minDhKeyBits;
|
2016-04-14 13:35:49 -06:00
|
|
|
(void)minRsaKeyBits;
|
2016-04-19 15:50:25 -06:00
|
|
|
(void)minEccKeyBits;
|
2015-10-09 15:18:41 +02:00
|
|
|
(void)alpnList;
|
2015-10-13 09:38:40 +02:00
|
|
|
(void)alpn_opt;
|
2015-11-23 14:15:12 -08:00
|
|
|
(void)crlFlags;
|
2015-12-22 14:35:34 -08:00
|
|
|
(void)readySignal;
|
2016-11-24 01:31:07 +10:00
|
|
|
(void)updateKeysIVs;
|
2018-05-17 09:08:03 +10:00
|
|
|
(void)postHandAuth;
|
2016-12-15 11:43:15 -08:00
|
|
|
(void)mcastID;
|
2018-04-09 13:53:05 +10:00
|
|
|
(void)useX25519;
|
2013-03-07 18:20:29 -08:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_TIRTOS
|
2014-09-08 19:40:03 -07:00
|
|
|
fdOpenSession(Task_self());
|
2014-05-08 15:52:20 -07:00
|
|
|
#endif
|
|
|
|
|
|
2015-11-12 13:33:47 -07:00
|
|
|
#ifdef WOLFSSL_VXWORKS
|
|
|
|
|
useAnyAddr = 1;
|
|
|
|
|
#else
|
2018-04-09 13:53:05 +10:00
|
|
|
/* Not Used: h, m, z, F, M, T, V, W, X */
|
2017-04-05 11:21:11 -07:00
|
|
|
while ((ch = mygetopt(argc, argv, "?"
|
2018-04-09 13:53:05 +10:00
|
|
|
"abc:defgijk:l:nop:q:rstuv:wxy"
|
2018-04-27 14:43:04 +10:00
|
|
|
"A:B:C:D:E:GH:IJKL:NO:PQR:S:TUVYZ:"
|
2016-12-15 11:43:15 -08:00
|
|
|
"03:")) != -1) {
|
2012-07-30 11:58:57 -07:00
|
|
|
switch (ch) {
|
|
|
|
|
case '?' :
|
|
|
|
|
Usage();
|
|
|
|
|
exit(EXIT_SUCCESS);
|
|
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
case 'x' :
|
|
|
|
|
runWithErrors = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 'd' :
|
|
|
|
|
doCliCertCheck = 0;
|
|
|
|
|
break;
|
|
|
|
|
|
2018-04-27 14:43:04 +10:00
|
|
|
case 'V' :
|
|
|
|
|
#ifdef HAVE_CRL
|
|
|
|
|
disableCRL = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 'b' :
|
|
|
|
|
useAnyAddr = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 's' :
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
case 'j' :
|
|
|
|
|
usePskPlus = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2015-07-11 12:52:22 -06:00
|
|
|
case 'n' :
|
|
|
|
|
useNtruKey = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2012-08-02 11:54:49 -07:00
|
|
|
case 'u' :
|
|
|
|
|
doDTLS = 1;
|
2016-08-25 22:20:35 -07:00
|
|
|
dtlsUDP = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'G' :
|
|
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
doDTLS = 1;
|
|
|
|
|
dtlsSCTP = 1;
|
|
|
|
|
#endif
|
2012-08-02 11:54:49 -07:00
|
|
|
break;
|
|
|
|
|
|
2013-04-19 13:10:19 -07:00
|
|
|
case 'f' :
|
|
|
|
|
fewerPackets = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
case 'R' :
|
2015-12-22 14:35:34 -08:00
|
|
|
serverReadyFile = myoptarg;
|
2014-11-26 12:13:47 -08:00
|
|
|
break;
|
|
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
case 'r' :
|
|
|
|
|
#ifndef NO_SESSION_CACHE
|
|
|
|
|
resume = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2013-08-26 16:27:29 -07:00
|
|
|
case 'P' :
|
2015-10-16 07:46:51 +02:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2013-08-26 16:27:29 -07:00
|
|
|
pkCallbacks = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 'p' :
|
2014-03-03 16:46:48 -08:00
|
|
|
port = (word16)atoi(myoptarg);
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
|
|
|
|
|
2015-01-30 08:41:34 -07:00
|
|
|
case 'w' :
|
2015-02-18 08:00:25 -07:00
|
|
|
wc_shutdown = 1;
|
2015-01-30 08:41:34 -07:00
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 'v' :
|
2018-02-22 11:05:58 +10:00
|
|
|
if (myoptarg[0] == 'd') {
|
|
|
|
|
version = SERVER_DOWNGRADE_VERSION;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2012-08-01 17:33:49 -07:00
|
|
|
version = atoi(myoptarg);
|
2016-11-24 01:31:07 +10:00
|
|
|
if (version < 0 || version > 4) {
|
2012-07-30 11:58:57 -07:00
|
|
|
Usage();
|
2012-08-01 17:33:49 -07:00
|
|
|
exit(MY_EX_USAGE);
|
2012-07-30 11:58:57 -07:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'l' :
|
2012-08-01 17:33:49 -07:00
|
|
|
cipherList = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
|
|
|
|
|
2017-04-05 11:21:11 -07:00
|
|
|
case 'H' :
|
2017-10-19 16:17:51 -07:00
|
|
|
if (XSTRNCMP(myoptarg, "defCipherList", 13) == 0) {
|
|
|
|
|
printf("Using default cipher list for testing\n");
|
|
|
|
|
useDefCipherList = 1;
|
|
|
|
|
}
|
2018-05-03 10:02:59 -07:00
|
|
|
else if (XSTRNCMP(myoptarg, "exitWithRet", 7) == 0) {
|
2018-05-03 09:40:51 -07:00
|
|
|
printf("Skip exit() for testing\n");
|
2018-05-03 10:02:59 -07:00
|
|
|
exitWithRet = 1;
|
2017-10-19 16:17:51 -07:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
Usage();
|
|
|
|
|
exit(MY_EX_USAGE);
|
|
|
|
|
}
|
2017-04-04 14:31:47 -07:00
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 'A' :
|
2012-08-01 17:33:49 -07:00
|
|
|
verifyCert = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'c' :
|
2012-08-01 17:33:49 -07:00
|
|
|
ourCert = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'k' :
|
2012-08-01 17:33:49 -07:00
|
|
|
ourKey = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
|
|
|
|
|
2015-05-21 10:11:21 -07:00
|
|
|
case 'D' :
|
|
|
|
|
#ifndef NO_DH
|
|
|
|
|
ourDhParam = myoptarg;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'Z' :
|
|
|
|
|
#ifndef NO_DH
|
|
|
|
|
minDhKeyBits = atoi(myoptarg);
|
|
|
|
|
if (minDhKeyBits <= 0 || minDhKeyBits > 16000) {
|
|
|
|
|
Usage();
|
|
|
|
|
exit(MY_EX_USAGE);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2012-10-17 13:13:58 -07:00
|
|
|
case 'N':
|
|
|
|
|
nonBlocking = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
case 'S' :
|
|
|
|
|
#ifdef HAVE_SNI
|
|
|
|
|
sniHostName = myoptarg;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2013-06-20 11:07:54 -07:00
|
|
|
case 'o' :
|
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
useOcsp = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'O' :
|
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
useOcsp = 1;
|
|
|
|
|
ocspUrl = myoptarg;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2014-12-01 11:44:32 -08:00
|
|
|
case 'a' :
|
|
|
|
|
#ifdef HAVE_ANON
|
|
|
|
|
useAnon = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
2015-07-31 21:51:04 -06:00
|
|
|
case 'I':
|
|
|
|
|
#ifndef NO_PSK
|
2015-08-03 09:32:51 -07:00
|
|
|
sendPskIdentityHint = 0;
|
2015-07-31 21:51:04 -06:00
|
|
|
#endif
|
|
|
|
|
break;
|
2014-12-01 11:44:32 -08:00
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
case 'L' :
|
|
|
|
|
#ifdef HAVE_ALPN
|
|
|
|
|
alpnList = myoptarg;
|
2015-10-13 09:38:40 +02:00
|
|
|
|
|
|
|
|
if (alpnList[0] == 'C' && alpnList[1] == ':')
|
|
|
|
|
alpn_opt = WOLFSSL_ALPN_CONTINUE_ON_MISMATCH;
|
|
|
|
|
else if (alpnList[0] == 'F' && alpnList[1] == ':')
|
|
|
|
|
alpn_opt = WOLFSSL_ALPN_FAILED_ON_MISMATCH;
|
|
|
|
|
else {
|
|
|
|
|
Usage();
|
|
|
|
|
exit(MY_EX_USAGE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
alpnList += 2;
|
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
#endif
|
|
|
|
|
break;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
|
|
|
case 'i' :
|
2016-12-22 12:53:29 +10:00
|
|
|
loops = -1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'C' :
|
|
|
|
|
loops = atoi(myoptarg);
|
|
|
|
|
if (loops <= 0) {
|
|
|
|
|
Usage();
|
|
|
|
|
exit(MY_EX_USAGE);
|
|
|
|
|
}
|
2015-10-16 07:46:51 +02:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'e' :
|
|
|
|
|
echoData = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'B':
|
|
|
|
|
throughput = atoi(myoptarg);
|
2018-04-09 13:53:05 +10:00
|
|
|
for (; *myoptarg != '\0'; myoptarg++) {
|
|
|
|
|
if (*myoptarg == ',') {
|
|
|
|
|
block = atoi(myoptarg + 1);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (throughput <= 0 || block <= 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
Usage();
|
|
|
|
|
exit(MY_EX_USAGE);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
2016-03-01 16:35:32 -07:00
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
case 'E' :
|
|
|
|
|
trustCert = myoptarg;
|
|
|
|
|
break;
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
case 'q' :
|
|
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
wnrConfigFile = myoptarg;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2016-12-22 12:53:29 +10:00
|
|
|
case 'g' :
|
|
|
|
|
useWebServerMsg = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
case 'y' :
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && !defined(NO_DH)
|
|
|
|
|
onlyKeyShare = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'Y' :
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECC)
|
|
|
|
|
onlyKeyShare = 2;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 't' :
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
|
|
|
|
useX25519 = 1;
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECC)
|
|
|
|
|
onlyKeyShare = 2;
|
|
|
|
|
#endif
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
case 'K' :
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
noPskDheKe = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
case 'T' :
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
|
|
|
|
noTicket = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
case 'U' :
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
updateKeysIVs = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2017-06-08 10:32:51 +10:00
|
|
|
case 'Q' :
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
postHandAuth = 1;
|
|
|
|
|
doCliCertCheck = 0;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2017-06-23 16:26:54 +10:00
|
|
|
case 'J' :
|
2017-06-27 08:37:55 +10:00
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-06-23 16:26:54 +10:00
|
|
|
hrrCookie = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2017-06-19 11:37:10 +10:00
|
|
|
case '0' :
|
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
earlyData = 1;
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
case '3' :
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
doMcast = 1;
|
|
|
|
|
mcastID = (byte)(atoi(myoptarg) & 0xFF);
|
|
|
|
|
#endif
|
|
|
|
|
break;
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
default:
|
|
|
|
|
Usage();
|
2012-08-01 17:33:49 -07:00
|
|
|
exit(MY_EX_USAGE);
|
2012-07-30 11:58:57 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-01 17:33:49 -07:00
|
|
|
myoptind = 0; /* reset for test cases */
|
2015-10-29 13:39:02 -06:00
|
|
|
#endif /* !WOLFSSL_VXWORKS */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
/* Can only use DTLS over UDP or SCTP, can't do both. */
|
|
|
|
|
if (dtlsUDP && dtlsSCTP) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Cannot use DTLS with both UDP and SCTP.");
|
2016-08-25 22:20:35 -07:00
|
|
|
}
|
|
|
|
|
|
2013-03-07 22:52:51 -08:00
|
|
|
/* sort out DTLS versus TLS versions */
|
|
|
|
|
if (version == CLIENT_INVALID_VERSION) {
|
|
|
|
|
if (doDTLS)
|
|
|
|
|
version = CLIENT_DTLS_DEFAULT_VERSION;
|
|
|
|
|
else
|
|
|
|
|
version = CLIENT_DEFAULT_VERSION;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (doDTLS) {
|
|
|
|
|
if (version == 3)
|
|
|
|
|
version = -2;
|
|
|
|
|
else
|
|
|
|
|
version = -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
if (wc_InitNetRandom(wnrConfigFile, NULL, 5000) != 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load whitewood net random config file");
|
2016-05-05 15:31:25 -06:00
|
|
|
#endif
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
switch (version) {
|
2012-11-26 18:40:43 -08:00
|
|
|
#ifndef NO_OLD_TLS
|
2015-08-12 16:39:13 -07:00
|
|
|
#ifdef WOLFSSL_ALLOW_SSLV3
|
2012-07-30 11:58:57 -07:00
|
|
|
case 0:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfSSLv3_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
2015-08-12 16:39:13 -07:00
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2013-05-16 09:47:27 -07:00
|
|
|
#ifndef NO_TLS
|
2017-11-14 13:55:48 -08:00
|
|
|
#ifdef WOLFSSL_ALLOW_TLSV10
|
2012-07-30 11:58:57 -07:00
|
|
|
case 1:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfTLSv1_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
#endif
|
2013-05-16 09:47:27 -07:00
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
case 2:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfTLSv1_1_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
#endif /* !NO_TLS */
|
|
|
|
|
#endif /* !NO_OLD_TLS */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2013-05-16 09:47:27 -07:00
|
|
|
#ifndef NO_TLS
|
2018-05-17 09:08:03 +10:00
|
|
|
#ifndef WOLFSSL_NO_TLS12
|
2012-07-30 11:58:57 -07:00
|
|
|
case 3:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfTLSv1_2_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
break;
|
2018-05-17 09:08:03 +10:00
|
|
|
#endif
|
2015-07-07 09:55:58 -06:00
|
|
|
|
2017-11-14 13:55:48 -08:00
|
|
|
#ifdef WOLFSSL_TLS13
|
2016-11-24 01:31:07 +10:00
|
|
|
case 4:
|
|
|
|
|
method = wolfTLSv1_3_server_method_ex;
|
|
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
#endif
|
2018-02-22 11:05:58 +10:00
|
|
|
|
|
|
|
|
case SERVER_DOWNGRADE_VERSION:
|
|
|
|
|
method = wolfSSLv23_server_method_ex;
|
|
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
#endif /* NO_TLS */
|
2016-11-24 01:31:07 +10:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_DTLS
|
2015-04-08 13:29:25 -07:00
|
|
|
#ifndef NO_OLD_TLS
|
2012-08-02 11:54:49 -07:00
|
|
|
case -1:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfDTLSv1_server_method_ex;
|
2012-08-02 11:54:49 -07:00
|
|
|
break;
|
2015-04-08 13:29:25 -07:00
|
|
|
#endif
|
2013-03-07 22:52:51 -08:00
|
|
|
|
2018-05-17 09:08:03 +10:00
|
|
|
#ifndef WOLFSSL_NO_TLS12
|
2013-03-07 22:52:51 -08:00
|
|
|
case -2:
|
2016-06-09 23:41:51 -06:00
|
|
|
method = wolfDTLSv1_2_server_method_ex;
|
2013-03-07 22:52:51 -08:00
|
|
|
break;
|
2018-05-17 09:08:03 +10:00
|
|
|
#endif
|
2012-08-02 11:54:49 -07:00
|
|
|
#endif
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
default:
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Bad SSL version");
|
2012-07-30 11:58:57 -07:00
|
|
|
}
|
|
|
|
|
|
2012-07-30 18:15:08 -07:00
|
|
|
if (method == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to get method");
|
2012-07-30 18:15:08 -07:00
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
2016-07-21 12:11:15 -06:00
|
|
|
#ifdef DEBUG_WOLFSSL
|
|
|
|
|
/* print off helper buffer sizes for use with static memory
|
|
|
|
|
* printing to stderr incase of debug mode turned on */
|
|
|
|
|
fprintf(stderr, "static memory management size = %d\n",
|
|
|
|
|
wolfSSL_MemoryPaddingSz());
|
|
|
|
|
fprintf(stderr, "calculated optimum general buffer size = %d\n",
|
|
|
|
|
wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
|
|
|
|
|
fprintf(stderr, "calculated optimum IO buffer size = %d\n",
|
|
|
|
|
wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
|
|
|
|
|
WOLFMEM_IO_POOL_FIXED));
|
|
|
|
|
#endif /* DEBUG_WOLFSSL */
|
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
if (wolfSSL_CTX_load_static_memory(&ctx, method, memory, sizeof(memory),0,1)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to load static memory and create ctx");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
|
|
|
/* load in a buffer for IO */
|
|
|
|
|
if (wolfSSL_CTX_load_static_memory(&ctx, NULL, memoryIO, sizeof(memoryIO),
|
|
|
|
|
WOLFMEM_IO_POOL_FIXED | WOLFMEM_TRACK_STATS, 1)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to load static memory and create ctx");
|
2016-06-04 19:03:48 -06:00
|
|
|
#else
|
2016-06-09 23:41:51 -06:00
|
|
|
ctx = SSL_CTX_new(method(NULL));
|
2016-08-29 10:38:06 -07:00
|
|
|
#endif /* WOLFSSL_STATIC_MEMORY */
|
2012-07-30 18:15:08 -07:00
|
|
|
if (ctx == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to get ctx");
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2015-05-15 12:51:44 -07:00
|
|
|
#if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \
|
|
|
|
|
defined(HAVE_POLY1305)
|
|
|
|
|
if (TicketInit() != 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to setup Session Ticket Key context");
|
2015-05-15 12:51:44 -07:00
|
|
|
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
|
|
|
|
|
#endif
|
|
|
|
|
|
2017-04-04 14:31:47 -07:00
|
|
|
if (cipherList && !useDefCipherList) {
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_set_cipher_list(ctx, cipherList) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 1");
|
2017-04-04 14:31:47 -07:00
|
|
|
}
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_LEANPSK
|
2016-04-11 11:13:26 -06:00
|
|
|
if (!usePsk) {
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
}
|
2012-10-30 12:51:14 -07:00
|
|
|
#endif
|
|
|
|
|
|
2013-03-11 13:19:43 -07:00
|
|
|
#if defined(NO_RSA) && !defined(HAVE_ECC)
|
2016-04-11 11:13:26 -06:00
|
|
|
if (!usePsk) {
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
}
|
2013-03-11 13:19:43 -07:00
|
|
|
#endif
|
|
|
|
|
|
2013-04-19 13:10:19 -07:00
|
|
|
if (fewerPackets)
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_CTX_set_group_messages(ctx);
|
2013-04-19 13:10:19 -07:00
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
if (dtlsSCTP)
|
|
|
|
|
wolfSSL_CTX_dtls_set_sctp(ctx);
|
|
|
|
|
#endif
|
|
|
|
|
|
2018-03-30 15:48:15 -07:00
|
|
|
#ifdef WOLFSSL_ENCRYPTED_KEYS
|
2013-12-23 11:19:21 -08:00
|
|
|
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-11-23 11:25:01 -08:00
|
|
|
#if !defined(NO_CERTS)
|
2016-02-08 14:52:56 -07:00
|
|
|
if ((!usePsk || usePskPlus) && !useAnon) {
|
2016-11-23 11:25:01 -08:00
|
|
|
#if !defined(NO_FILESYSTEM)
|
2015-12-28 19:38:04 -03:00
|
|
|
if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load server cert file, check file and run from"
|
2015-01-20 12:36:20 -07:00
|
|
|
" wolfSSL home dir");
|
2016-11-23 11:25:01 -08:00
|
|
|
#else
|
|
|
|
|
/* loads cert chain file using buffer API */
|
|
|
|
|
load_buffer(ctx, ourCert, WOLFSSL_CERT_CHAIN);
|
|
|
|
|
#endif
|
2012-10-29 15:39:42 -07:00
|
|
|
}
|
|
|
|
|
#endif
|
2012-08-07 17:18:56 -07:00
|
|
|
|
2015-05-21 10:11:21 -07:00
|
|
|
#ifndef NO_DH
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum DH key size");
|
2016-04-14 13:35:49 -06:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
#ifndef NO_RSA
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits) != WOLFSSL_SUCCESS){
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum RSA key size");
|
2016-04-14 13:35:49 -06:00
|
|
|
}
|
2015-05-21 10:11:21 -07:00
|
|
|
#endif
|
2016-04-19 15:50:25 -06:00
|
|
|
#ifdef HAVE_ECC
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wolfSSL_CTX_SetMinEccKey_Sz(ctx, minEccKeyBits) != WOLFSSL_SUCCESS){
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum ECC key size");
|
2016-04-19 15:50:25 -06:00
|
|
|
}
|
|
|
|
|
#endif
|
2015-05-21 10:11:21 -07:00
|
|
|
|
2015-07-11 12:52:22 -06:00
|
|
|
#ifdef HAVE_NTRU
|
|
|
|
|
if (useNtruKey) {
|
2018-02-01 11:02:35 -08:00
|
|
|
if (SSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load ntru key file, "
|
2015-07-11 12:52:22 -06:00
|
|
|
"Please run from wolfSSL home dir");
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2016-11-23 11:25:01 -08:00
|
|
|
#if !defined(NO_CERTS)
|
2018-03-21 11:27:08 -07:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
|
|
|
|
pkCbInfo.ourKey = ourKey;
|
|
|
|
|
#ifdef TEST_PK_PRIVKEY
|
|
|
|
|
if (!pkCallbacks)
|
|
|
|
|
#endif
|
|
|
|
|
#endif
|
2016-02-08 14:52:56 -07:00
|
|
|
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon) {
|
2016-11-23 11:25:01 -08:00
|
|
|
#if !defined(NO_FILESYSTEM)
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load server private key file, check file and run "
|
2015-01-20 12:36:20 -07:00
|
|
|
"from wolfSSL home dir");
|
2016-11-23 11:25:01 -08:00
|
|
|
#else
|
|
|
|
|
/* loads private key file using buffer API */
|
|
|
|
|
load_buffer(ctx, ourKey, WOLFSSL_KEY);
|
|
|
|
|
#endif
|
2012-08-07 17:18:56 -07:00
|
|
|
}
|
2012-10-29 15:39:42 -07:00
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
if (usePsk || usePskPlus) {
|
2012-10-30 12:51:14 -07:00
|
|
|
#ifndef NO_PSK
|
2012-07-30 11:58:57 -07:00
|
|
|
SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
|
2015-07-31 21:51:04 -06:00
|
|
|
|
2015-08-03 09:32:51 -07:00
|
|
|
if (sendPskIdentityHint == 1)
|
2015-07-31 21:51:04 -06:00
|
|
|
SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
|
|
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
if (cipherList == NULL && !usePskPlus) {
|
2012-10-30 12:51:14 -07:00
|
|
|
const char *defaultCipherList;
|
2017-06-07 08:29:08 +10:00
|
|
|
#if defined(HAVE_AESGCM) && !defined(NO_DH)
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256:"
|
|
|
|
|
"TLS13-AES128-GCM-SHA256";
|
|
|
|
|
#else
|
2015-03-27 14:28:05 -07:00
|
|
|
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
|
2017-06-07 08:29:08 +10:00
|
|
|
#endif
|
2015-03-27 14:28:05 -07:00
|
|
|
needDH = 1;
|
2017-06-07 08:29:08 +10:00
|
|
|
#elif defined(HAVE_NULL_CIPHER)
|
2013-03-07 17:44:40 -08:00
|
|
|
defaultCipherList = "PSK-NULL-SHA256";
|
2017-06-07 08:29:08 +10:00
|
|
|
#else
|
2013-03-11 13:19:43 -07:00
|
|
|
defaultCipherList = "PSK-AES128-CBC-SHA256";
|
2017-06-07 08:29:08 +10:00
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 2");
|
2012-10-30 12:51:14 -07:00
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
#endif
|
2012-10-30 12:51:14 -07:00
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2014-12-01 11:44:32 -08:00
|
|
|
if (useAnon) {
|
|
|
|
|
#ifdef HAVE_ANON
|
2018-03-06 16:45:44 -08:00
|
|
|
wolfSSL_CTX_allow_anon_cipher(ctx);
|
2017-04-05 14:35:33 -07:00
|
|
|
if (cipherList == NULL || (cipherList && useDefCipherList)) {
|
2018-04-20 10:35:37 -07:00
|
|
|
const char* defaultCipherList;
|
|
|
|
|
defaultCipherList = "ADH-AES256-GCM-SHA384:"
|
|
|
|
|
"ADH-AES128-SHA";
|
|
|
|
|
if (SSL_CTX_set_cipher_list(ctx, defaultCipherList)
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 4");
|
2014-12-01 11:44:32 -08:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-11 16:07:46 -07:00
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
2016-02-08 14:52:56 -07:00
|
|
|
/* if not using PSK, verify peer with certs
|
|
|
|
|
if using PSK Plus then verify peer certs except PSK suites */
|
|
|
|
|
if (doCliCertCheck && (usePsk == 0 || usePskPlus) && useAnon == 0) {
|
2017-10-11 09:09:52 -07:00
|
|
|
SSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER |
|
2017-10-19 16:17:51 -07:00
|
|
|
(usePskPlus ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
|
|
|
|
|
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT), 0);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
2016-02-24 15:51:29 -07:00
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
2016-03-01 16:35:32 -07:00
|
|
|
if (trustCert) {
|
|
|
|
|
if ((ret = wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
|
2017-10-11 09:09:52 -07:00
|
|
|
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load trusted peer cert file");
|
2016-03-01 16:35:32 -07:00
|
|
|
}
|
2016-02-24 15:51:29 -07:00
|
|
|
}
|
|
|
|
|
#endif /* WOLFSSL_TRUST_PEER_CERT */
|
2016-02-08 14:52:56 -07:00
|
|
|
}
|
2012-10-29 15:39:42 -07:00
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#if defined(WOLFSSL_SNIFFER)
|
2012-06-29 10:59:48 -07:00
|
|
|
/* don't use EDH, can't sniff tmp keys */
|
2012-08-31 13:28:07 -07:00
|
|
|
if (cipherList == NULL) {
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_set_cipher_list(ctx, "AES128-SHA") != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 3");
|
2012-08-31 13:28:07 -07:00
|
|
|
}
|
2012-06-29 10:59:48 -07:00
|
|
|
#endif
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
#ifdef HAVE_SNI
|
2013-06-03 10:04:49 -03:00
|
|
|
if (sniHostName)
|
2018-03-06 16:45:44 -08:00
|
|
|
if (wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, sniHostName,
|
2017-11-14 15:05:32 -07:00
|
|
|
(word16) XSTRLEN(sniHostName)) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "UseSNI failed");
|
2013-05-21 14:37:50 -07:00
|
|
|
#endif
|
|
|
|
|
|
2016-04-01 15:45:53 -07:00
|
|
|
#ifdef USE_WINDOWS_API
|
|
|
|
|
if (port == 0) {
|
|
|
|
|
/* Generate random port for testing */
|
|
|
|
|
port = GetRandomPort();
|
|
|
|
|
}
|
|
|
|
|
#endif /* USE_WINDOWS_API */
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
ret = wolfAsync_DevOpen(&devId);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (ret < 0) {
|
|
|
|
|
printf("Async device open failed\nRunning without async\n");
|
2016-08-15 13:59:41 -06:00
|
|
|
}
|
|
|
|
|
wolfSSL_CTX_UseAsync(ctx, devId);
|
|
|
|
|
#endif /* WOLFSSL_ASYNC_CRYPT */
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
2018-04-13 11:53:42 +10:00
|
|
|
if (noPskDheKe)
|
|
|
|
|
wolfSSL_CTX_no_dhe_psk(ctx);
|
|
|
|
|
if (noTicket)
|
|
|
|
|
wolfSSL_CTX_no_ticket_TLSv13(ctx);
|
2016-11-24 01:31:07 +10:00
|
|
|
#endif
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
while (1) {
|
|
|
|
|
/* allow resume option */
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (resumeCount > 1) {
|
2016-08-25 22:20:35 -07:00
|
|
|
if (dtlsUDP == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
SOCKADDR_IN_T client;
|
|
|
|
|
socklen_t client_len = sizeof(client);
|
|
|
|
|
clientfd = accept(sockfd, (struct sockaddr*)&client,
|
|
|
|
|
(ACCEPT_THIRD_T)&client_len);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
}
|
|
|
|
|
else {
|
2016-08-25 22:20:35 -07:00
|
|
|
tcp_listen(&sockfd, &port, useAnyAddr, dtlsUDP, dtlsSCTP);
|
2015-10-16 07:46:51 +02:00
|
|
|
clientfd = sockfd;
|
|
|
|
|
}
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "tcp accept failed");
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
2015-04-28 12:21:54 -07:00
|
|
|
}
|
2016-06-04 19:03:48 -06:00
|
|
|
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
|
|
|
|
fprintf(stderr, "Before creating SSL\n");
|
|
|
|
|
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "ctx not using static memory");
|
2016-06-04 19:03:48 -06:00
|
|
|
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error printing out memory stats");
|
2016-06-04 19:03:48 -06:00
|
|
|
#endif
|
2015-04-28 12:21:54 -07:00
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
if (doMcast) {
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
wolfSSL_CTX_mcast_set_member_id(ctx, mcastID);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wolfSSL_CTX_set_cipher_list(ctx, "WDM-NULL-SHA256") != WOLFSSL_SUCCESS)
|
2016-12-15 11:43:15 -08:00
|
|
|
err_sys("Couldn't set multicast cipher list.");
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-21 11:27:08 -07:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
|
|
|
|
if (pkCallbacks)
|
|
|
|
|
SetupPkCallbacks(ctx);
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
ssl = SSL_new(ctx);
|
|
|
|
|
if (ssl == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to get SSL");
|
2016-11-11 13:39:36 -07:00
|
|
|
#ifdef OPENSSL_EXTRA
|
|
|
|
|
wolfSSL_KeepArrays(ssl);
|
|
|
|
|
#endif
|
2012-07-30 18:15:08 -07:00
|
|
|
|
2017-06-27 08:37:55 +10:00
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-10-11 09:09:52 -07:00
|
|
|
if (hrrCookie && wolfSSL_send_hrr_cookie(ssl, NULL, 0) != WOLFSSL_SUCCESS) {
|
2017-06-23 16:26:54 +10:00
|
|
|
err_sys("unable to set use of cookie with HRR msg");
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
|
|
|
|
fprintf(stderr, "After creating SSL\n");
|
|
|
|
|
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "ctx not using static memory");
|
2016-06-04 19:03:48 -06:00
|
|
|
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error printing out memory stats");
|
2016-06-04 19:03:48 -06:00
|
|
|
#endif
|
|
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
if (doMcast) {
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
byte pms[512];
|
|
|
|
|
byte cr[32];
|
|
|
|
|
byte sr[32];
|
|
|
|
|
const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */
|
|
|
|
|
|
|
|
|
|
XMEMSET(pms, 0x23, sizeof(pms));
|
|
|
|
|
XMEMSET(cr, 0xA5, sizeof(cr));
|
|
|
|
|
XMEMSET(sr, 0x5A, sizeof(sr));
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_set_secret(ssl, 1, pms, sizeof(pms), cr, sr, suite)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2016-12-15 11:43:15 -08:00
|
|
|
err_sys("unable to set mcast secret");
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-09 11:04:47 -07:00
|
|
|
#ifndef NO_HANDSHAKE_DONE_CB
|
2015-10-16 07:46:51 +02:00
|
|
|
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
2015-05-09 11:04:47 -07:00
|
|
|
#endif
|
2012-05-22 17:25:15 -07:00
|
|
|
#ifdef HAVE_CRL
|
2018-04-27 14:43:04 +10:00
|
|
|
if (!disableCRL) {
|
2015-11-23 14:15:12 -08:00
|
|
|
#ifdef HAVE_CRL_MONITOR
|
2018-02-01 11:02:35 -08:00
|
|
|
crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
|
2015-11-23 14:15:12 -08:00
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
if (wolfSSL_EnableCRL(ssl, 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to enable CRL");
|
2018-02-01 11:02:35 -08:00
|
|
|
if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, crlFlags)
|
2017-10-11 09:09:52 -07:00
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to load CRL");
|
2018-02-01 11:02:35 -08:00
|
|
|
if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "unable to set CRL callback url");
|
2018-04-27 14:43:04 +10:00
|
|
|
}
|
2012-05-22 17:25:15 -07:00
|
|
|
#endif
|
2013-06-20 11:07:54 -07:00
|
|
|
#ifdef HAVE_OCSP
|
2015-10-16 07:46:51 +02:00
|
|
|
if (useOcsp) {
|
|
|
|
|
if (ocspUrl != NULL) {
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
|
|
|
|
|
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE
|
|
|
|
|
| WOLFSSL_OCSP_URL_OVERRIDE);
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
|
|
|
|
else
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE);
|
2013-12-18 12:34:40 -08:00
|
|
|
}
|
2013-06-20 11:07:54 -07:00
|
|
|
#endif
|
2015-12-28 19:38:04 -03:00
|
|
|
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
|
|
|
|
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wolfSSL_CTX_EnableOCSPStapling(ctx) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't enable OCSP Stapling Certificate Manager");
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate1-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate2-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate3-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
2015-12-28 19:38:04 -03:00
|
|
|
#endif
|
2018-03-21 11:27:08 -07:00
|
|
|
|
2013-08-26 16:27:29 -07:00
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2015-10-16 07:46:51 +02:00
|
|
|
if (pkCallbacks)
|
2018-03-21 11:27:08 -07:00
|
|
|
SetupPkCallbackContexts(ssl, &pkCbInfo);
|
2013-08-26 16:27:29 -07:00
|
|
|
#endif
|
2013-06-20 11:07:54 -07:00
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
if (version >= 4) {
|
|
|
|
|
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_DO);
|
|
|
|
|
if (onlyKeyShare == 2) {
|
|
|
|
|
if (useX25519 == 1) {
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
2018-04-13 11:53:42 +10:00
|
|
|
int groups[1] = { WOLFSSL_ECC_X25519 };
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519)
|
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys("unable to use curve x25519");
|
|
|
|
|
}
|
2018-04-13 11:53:42 +10:00
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys("unable to set groups: x25519");
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
#ifdef HAVE_ECC
|
|
|
|
|
#if defined(HAVE_ECC256) || defined(HAVE_ALL_CURVES)
|
2018-04-13 11:53:42 +10:00
|
|
|
int groups[1] = { WOLFSSL_ECC_SECP256R1 };
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1)
|
2018-04-09 13:53:05 +10:00
|
|
|
!= WOLFSSL_SUCCESS) {
|
2018-04-13 11:53:42 +10:00
|
|
|
err_sys("unable to use curve secp256r1");
|
|
|
|
|
}
|
|
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys("unable to set groups: secp256r1");
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
#endif
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (onlyKeyShare == 1) {
|
|
|
|
|
#ifdef HAVE_FFDHE_2048
|
2018-04-13 11:53:42 +10:00
|
|
|
int groups[1] = { WOLFSSL_FFDHE_2048 };
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048)
|
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys("unable to use DH 2048-bit parameters");
|
|
|
|
|
}
|
2018-04-13 11:53:42 +10:00
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys("unable to set groups: DH 2048-bit");
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_DO);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
/* do accept */
|
2015-12-22 14:35:34 -08:00
|
|
|
readySignal = ((func_args*)args)->signal;
|
|
|
|
|
if (readySignal) {
|
|
|
|
|
readySignal->srfName = serverReadyFile;
|
|
|
|
|
}
|
2015-04-28 12:21:54 -07:00
|
|
|
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
|
2016-08-25 22:20:35 -07:00
|
|
|
dtlsUDP, dtlsSCTP, serverReadyFile ? 1 : 0, doListen);
|
2015-10-16 07:46:51 +02:00
|
|
|
doListen = 0; /* Don't listen next time */
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2017-10-11 09:09:52 -07:00
|
|
|
if (SSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error in setting fd");
|
2016-03-25 13:59:04 -06:00
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
|
|
|
|
|
#ifdef HAVE_ALPN
|
2015-10-16 07:46:51 +02:00
|
|
|
if (alpnList != NULL) {
|
|
|
|
|
printf("ALPN accepted protocols list : %s\n", alpnList);
|
|
|
|
|
wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
|
|
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
#endif
|
|
|
|
|
|
2015-09-15 17:23:52 -07:00
|
|
|
#ifdef WOLFSSL_DTLS
|
2016-08-25 22:20:35 -07:00
|
|
|
if (doDTLS && dtlsUDP) {
|
2015-10-16 07:46:51 +02:00
|
|
|
SOCKADDR_IN_T cliaddr;
|
|
|
|
|
byte b[1500];
|
|
|
|
|
int n;
|
|
|
|
|
socklen_t len = sizeof(cliaddr);
|
|
|
|
|
|
|
|
|
|
/* For DTLS, peek at the next datagram so we can get the client's
|
|
|
|
|
* address and set it into the ssl object later to generate the
|
|
|
|
|
* cookie. */
|
|
|
|
|
n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
|
|
|
|
|
(struct sockaddr*)&cliaddr, &len);
|
|
|
|
|
if (n <= 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "recvfrom failed");
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
|
|
|
wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
|
|
|
|
|
}
|
2015-09-15 17:23:52 -07:00
|
|
|
#endif
|
2016-02-08 14:52:56 -07:00
|
|
|
if ((usePsk == 0 || usePskPlus) || useAnon == 1 || cipherList != NULL
|
|
|
|
|
|| needDH == 1) {
|
2015-10-16 07:46:51 +02:00
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_SetTmpDH_file(ssl, ourDhParam, WOLFSSL_FILETYPE_PEM);
|
2015-10-16 07:46:51 +02:00
|
|
|
#elif !defined(NO_DH)
|
|
|
|
|
SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
|
|
|
|
|
#endif
|
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2015-10-16 07:46:51 +02:00
|
|
|
if (nonBlocking) {
|
2018-06-06 12:43:15 -07:00
|
|
|
#ifdef WOLFSSL_DTLS
|
2018-05-23 16:07:45 -07:00
|
|
|
if (doDTLS) {
|
|
|
|
|
wolfSSL_dtls_set_using_nonblock(ssl, 1);
|
|
|
|
|
}
|
2018-06-06 12:43:15 -07:00
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
tcp_set_nonblocking(&clientfd);
|
2016-03-04 10:05:22 -08:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (nonBlocking) {
|
|
|
|
|
ret = NonBlockingSSL_Accept(ssl);
|
|
|
|
|
}
|
|
|
|
|
else {
|
2017-06-19 11:37:10 +10:00
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
if (earlyData) {
|
|
|
|
|
do {
|
|
|
|
|
int len;
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
|
|
|
|
|
&len);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
2017-06-19 11:37:10 +10:00
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
if (ret > 0) {
|
|
|
|
|
input[ret] = 0; /* null terminate message */
|
|
|
|
|
printf("Early Data Client message: %s\n", input);
|
|
|
|
|
}
|
|
|
|
|
} while (err == WC_PENDING_E || ret > 0);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
do {
|
|
|
|
|
err = 0; /* reset error */
|
2016-03-04 10:05:22 -08:00
|
|
|
ret = SSL_accept(ssl);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
} while (err == WC_PENDING_E);
|
|
|
|
|
}
|
2016-03-04 10:05:22 -08:00
|
|
|
#else
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
ret = NonBlockingSSL_Accept(ssl);
|
2016-03-04 10:05:22 -08:00
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
2016-04-06 11:16:40 -06:00
|
|
|
err = SSL_get_error(ssl, 0);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
printf("SSL_accept error %d, %s\n", err,
|
|
|
|
|
ERR_error_string(err, buffer));
|
2018-05-03 10:02:59 -07:00
|
|
|
/* cleanup */
|
2018-05-03 09:40:51 -07:00
|
|
|
SSL_free(ssl);
|
|
|
|
|
SSL_CTX_free(ctx);
|
|
|
|
|
CloseSocket(clientfd);
|
|
|
|
|
CloseSocket(sockfd);
|
2018-05-03 10:02:59 -07:00
|
|
|
|
|
|
|
|
if (!exitWithRet)
|
|
|
|
|
err_sys_ex(runWithErrors, "SSL_accept failed");
|
|
|
|
|
|
2018-05-03 09:40:51 -07:00
|
|
|
((func_args*)args)->return_code = err;
|
2018-05-03 13:39:37 -07:00
|
|
|
goto exit;
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
2016-03-04 10:05:22 -08:00
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
showPeer(ssl);
|
2016-11-10 19:34:27 -07:00
|
|
|
if (SSL_state(ssl) != 0) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "SSL in error state");
|
2016-11-10 19:34:27 -07:00
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2016-11-11 13:39:36 -07:00
|
|
|
#ifdef OPENSSL_EXTRA
|
|
|
|
|
{
|
|
|
|
|
byte* rnd;
|
|
|
|
|
byte* pt;
|
|
|
|
|
size_t size;
|
|
|
|
|
|
|
|
|
|
/* get size of buffer then print */
|
|
|
|
|
size = wolfSSL_get_server_random(NULL, NULL, 0);
|
|
|
|
|
if (size == 0) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error getting server random buffer size");
|
2016-11-11 13:39:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
|
|
|
|
if (rnd == NULL) {
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error creating server random buffer");
|
2016-11-11 13:39:36 -07:00
|
|
|
}
|
|
|
|
|
|
2016-11-18 14:58:51 -07:00
|
|
|
size = wolfSSL_get_server_random(ssl, rnd, size);
|
2016-11-11 13:39:36 -07:00
|
|
|
if (size == 0) {
|
|
|
|
|
XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "error getting server random buffer");
|
2016-11-11 13:39:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
printf("Server Random : ");
|
2017-06-22 22:19:59 -06:00
|
|
|
pt = rnd;
|
|
|
|
|
if (pt != NULL) {
|
|
|
|
|
for (pt = rnd; pt < rnd + size; pt++) printf("%02X", *pt);
|
|
|
|
|
printf("\n");
|
|
|
|
|
} else {
|
|
|
|
|
err_sys_ex(runWithErrors, "error: attempted to dereference null "
|
|
|
|
|
"pointer");
|
|
|
|
|
}
|
2016-11-11 13:39:36 -07:00
|
|
|
XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
#ifdef HAVE_ALPN
|
2015-10-16 07:46:51 +02:00
|
|
|
if (alpnList != NULL) {
|
|
|
|
|
char *protocol_name = NULL, *list = NULL;
|
|
|
|
|
word16 protocol_nameSz = 0, listSz = 0;
|
|
|
|
|
|
|
|
|
|
err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (err == WOLFSSL_SUCCESS)
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("Sent ALPN protocol : %s (%d)\n",
|
|
|
|
|
protocol_name, protocol_nameSz);
|
2017-10-18 10:38:27 -07:00
|
|
|
else if (err == WOLFSSL_ALPN_NOT_FOUND)
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("No ALPN response sent (no match)\n");
|
|
|
|
|
else
|
|
|
|
|
printf("Getting ALPN protocol name failed\n");
|
2015-10-15 14:59:35 +02:00
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (err == WOLFSSL_SUCCESS)
|
2015-10-16 07:46:51 +02:00
|
|
|
printf("List of protocol names sent by Client: %s (%d)\n",
|
|
|
|
|
list, listSz);
|
|
|
|
|
else
|
|
|
|
|
printf("Get list of client's protocol name failed\n");
|
2015-10-15 14:59:35 +02:00
|
|
|
|
2015-10-16 14:05:37 -07:00
|
|
|
free(list);
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
if (postHandAuth) {
|
2018-06-08 17:34:03 +10:00
|
|
|
SSL_set_verify(ssl, WOLFSSL_VERIFY_PEER |
|
2018-04-27 14:43:04 +10:00
|
|
|
((usePskPlus) ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
|
|
|
|
|
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT), 0);
|
2017-06-08 10:32:51 +10:00
|
|
|
if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0)
|
2018-04-27 14:43:04 +10:00
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from "
|
|
|
|
|
"wolfSSL home dir");
|
2017-06-08 10:32:51 +10:00
|
|
|
}
|
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
if (trustCert) {
|
2018-06-08 17:34:03 +10:00
|
|
|
if ((ret = wolfSSL_trust_peer_cert(ssl, trustCert,
|
2018-04-27 14:43:04 +10:00
|
|
|
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load trusted peer cert "
|
|
|
|
|
"file");
|
2017-06-08 10:32:51 +10:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif /* WOLFSSL_TRUST_PEER_CERT */
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
#endif
|
|
|
|
|
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
if (echoData == 0 && throughput == 0) {
|
2018-04-09 13:53:05 +10:00
|
|
|
ServerRead(ssl, input, sizeof(input)-1);
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (err != WOLFSSL_ERROR_ZERO_RETURN && echoData == 0 &&
|
|
|
|
|
throughput == 0) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
const char* write_msg;
|
|
|
|
|
int write_msg_sz;
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
if (updateKeysIVs)
|
|
|
|
|
wolfSSL_update_keys(ssl);
|
|
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
if (postHandAuth)
|
|
|
|
|
wolfSSL_request_certificate(ssl);
|
|
|
|
|
#endif
|
2016-11-24 01:31:07 +10:00
|
|
|
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
/* Write data */
|
2016-12-22 12:53:29 +10:00
|
|
|
if (!useWebServerMsg) {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
write_msg = msg;
|
|
|
|
|
write_msg_sz = sizeof(msg);
|
2016-12-22 12:53:29 +10:00
|
|
|
}
|
|
|
|
|
else {
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
write_msg = webServerMsg;
|
|
|
|
|
write_msg_sz = sizeof(webServerMsg);
|
|
|
|
|
}
|
2017-06-08 10:32:51 +10:00
|
|
|
ServerWrite(ssl, write_msg, write_msg_sz);
|
Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-07 15:46:32 -07:00
|
|
|
|
2018-05-17 09:08:03 +10:00
|
|
|
#ifdef WOLFSSL_TLS13
|
2018-06-08 17:34:03 +10:00
|
|
|
if (updateKeysIVs || postHandAuth)
|
|
|
|
|
ServerRead(ssl, input, sizeof(input)-1);
|
2017-06-08 10:32:51 +10:00
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2018-04-09 13:53:05 +10:00
|
|
|
ServerEchoData(ssl, clientfd, echoData, block, throughput);
|
2015-10-16 07:46:51 +02:00
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
|
2013-05-16 09:47:27 -07:00
|
|
|
os_dly_wait(500) ;
|
2018-02-01 11:02:35 -08:00
|
|
|
#elif defined (WOLFSSL_TIRTOS)
|
2014-05-08 15:52:20 -07:00
|
|
|
Task_yield();
|
2015-10-16 07:46:51 +02:00
|
|
|
#endif
|
|
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
if (dtlsUDP == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
ret = SSL_shutdown(ssl);
|
2017-10-11 09:09:52 -07:00
|
|
|
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
|
2015-10-16 07:46:51 +02:00
|
|
|
SSL_shutdown(ssl); /* bidirectional shutdown */
|
|
|
|
|
}
|
2016-06-04 19:03:48 -06:00
|
|
|
/* display collected statistics */
|
|
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
|
|
|
|
if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "static memory was not used with ssl");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
|
|
|
fprintf(stderr, "\nprint off SSL memory stats\n");
|
2016-06-10 14:13:27 -06:00
|
|
|
fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
|
2016-06-04 19:03:48 -06:00
|
|
|
fprintf(stderr, "peak connection memory = %d\n", ssl_stats.peakMem);
|
|
|
|
|
fprintf(stderr, "current memory in use = %d\n", ssl_stats.curMem);
|
|
|
|
|
fprintf(stderr, "peak connection allocs = %d\n", ssl_stats.peakAlloc);
|
|
|
|
|
fprintf(stderr, "current connection allocs = %d\n",ssl_stats.curAlloc);
|
|
|
|
|
fprintf(stderr, "total connection allocs = %d\n",ssl_stats.totalAlloc);
|
|
|
|
|
fprintf(stderr, "total connection frees = %d\n\n", ssl_stats.totalFr);
|
|
|
|
|
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
SSL_free(ssl);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
CloseSocket(clientfd);
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
if (resume == 1 && resumeCount == 0) {
|
|
|
|
|
resumeCount++; /* only do one resume for testing */
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
resumeCount = 0;
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
cnt++;
|
2016-12-22 12:53:29 +10:00
|
|
|
if (loops > 0 && --loops == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
break; /* out of while loop, done with normal and resume option */
|
|
|
|
|
}
|
|
|
|
|
} /* while(1) */
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
WOLFSSL_TIME(cnt);
|
2018-04-13 12:13:31 +10:00
|
|
|
(void)cnt;
|
2018-04-09 13:53:05 +10:00
|
|
|
|
2017-10-17 13:52:05 -07:00
|
|
|
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
|
|
|
|
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
|
|
|
|
wolfSSL_CTX_DisableOCSPStapling(ctx);
|
|
|
|
|
#endif
|
2016-06-04 19:03:48 -06:00
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
CloseSocket(sockfd);
|
2015-10-16 07:46:51 +02:00
|
|
|
SSL_CTX_free(ctx);
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
((func_args*)args)->return_code = 0;
|
2013-03-15 13:17:05 -07:00
|
|
|
|
2018-05-03 13:39:37 -07:00
|
|
|
exit:
|
2014-09-09 10:14:32 -07:00
|
|
|
|
|
|
|
|
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
|
|
|
|
|
&& defined(HAVE_THREAD_LS)
|
2018-03-06 16:45:44 -08:00
|
|
|
wc_ecc_fp_free(); /* free per thread cache */
|
2014-09-09 10:14:32 -07:00
|
|
|
#endif
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifdef WOLFSSL_TIRTOS
|
2014-09-08 19:40:03 -07:00
|
|
|
fdCloseSession(Task_self());
|
2014-05-08 15:52:20 -07:00
|
|
|
#endif
|
|
|
|
|
|
2015-05-15 15:30:29 -07:00
|
|
|
#if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \
|
|
|
|
|
defined(HAVE_POLY1305)
|
|
|
|
|
TicketCleanup();
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
wolfAsync_DevClose(&devId);
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-04-11 13:39:44 -06:00
|
|
|
/* There are use cases when these assignments are not read. To avoid
|
|
|
|
|
* potential confusion those warnings have been handled here.
|
|
|
|
|
*/
|
|
|
|
|
(void) ourKey;
|
|
|
|
|
(void) verifyCert;
|
|
|
|
|
(void) doCliCertCheck;
|
|
|
|
|
(void) useNtruKey;
|
|
|
|
|
(void) ourDhParam;
|
|
|
|
|
(void) ourCert;
|
2018-02-01 11:02:35 -08:00
|
|
|
#ifndef WOLFSSL_TIRTOS
|
2011-02-05 11:14:47 -08:00
|
|
|
return 0;
|
2014-05-08 15:52:20 -07:00
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
}
|
|
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
#endif /* !NO_WOLFSSL_SERVER */
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
|
|
|
/* so overall tests can pull in test function */
|
|
|
|
|
#ifndef NO_MAIN_DRIVER
|
|
|
|
|
|
|
|
|
|
int main(int argc, char** argv)
|
|
|
|
|
{
|
|
|
|
|
func_args args;
|
2015-12-22 14:35:34 -08:00
|
|
|
tcp_ready ready;
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2013-02-01 12:21:38 -08:00
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
StartTCP();
|
|
|
|
|
|
|
|
|
|
args.argc = argc;
|
|
|
|
|
args.argv = argv;
|
2015-12-22 14:35:34 -08:00
|
|
|
args.signal = &ready;
|
2018-06-13 11:42:16 +10:00
|
|
|
args.return_code = 0;
|
2015-12-22 14:35:34 -08:00
|
|
|
InitTcpReady(&ready);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2018-06-06 13:14:06 -07:00
|
|
|
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_Debugging_ON();
|
2011-02-05 11:14:47 -08:00
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_Init();
|
2015-10-28 23:54:08 -07:00
|
|
|
ChangeToWolfRoot();
|
2015-10-16 07:46:51 +02:00
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
#ifndef NO_WOLFSSL_SERVER
|
2013-03-28 11:28:38 -07:00
|
|
|
#ifdef HAVE_STACK_SIZE
|
|
|
|
|
StackSizeCheck(&args, server_test);
|
2015-10-16 07:46:51 +02:00
|
|
|
#else
|
2011-02-05 11:14:47 -08:00
|
|
|
server_test(&args);
|
2013-03-28 11:28:38 -07:00
|
|
|
#endif
|
2017-06-26 23:05:32 -07:00
|
|
|
#else
|
|
|
|
|
printf("Server not compiled in!\n");
|
|
|
|
|
#endif
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
wolfSSL_Cleanup();
|
2015-12-22 14:35:34 -08:00
|
|
|
FreeTcpReady(&ready);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
if (wc_FreeNetRandom() < 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
err_sys_ex(runWithErrors, "Failed to free netRandom context");
|
2016-05-05 15:31:25 -06:00
|
|
|
#endif /* HAVE_WNR */
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
return args.return_code;
|
|
|
|
|
}
|
|
|
|
|
|
2012-08-01 17:33:49 -07:00
|
|
|
int myoptind = 0;
|
|
|
|
|
char* myoptarg = NULL;
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
#endif /* NO_MAIN_DRIVER */
|