diff --git a/IDE/include.am b/IDE/include.am index ef3770f48..b95ac279e 100644 --- a/IDE/include.am +++ b/IDE/include.am @@ -22,4 +22,4 @@ include IDE/mynewt/include.am include IDE/Renesas/cs+/Projects/include.am include IDE/Renesas/e2studio/Projects/include.am -EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif +EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif IDE/zephyr diff --git a/IDE/zephyr/README.md b/IDE/zephyr/README.md new file mode 100644 index 000000000..a8b47b0e2 --- /dev/null +++ b/IDE/zephyr/README.md @@ -0,0 +1,41 @@ +Zephyr Project Port +=================== + +## Overview + +This port is for Zephyr Project available [here](https://www.zephyrproject.org/). + +It provides the following zephyr code. + +- zephyr/ext/lib/crypto/wolfssl + - wolfssl library +- zephyr/samples/crypto/wolfssl_test + - wolfcrypt unit test application +- zephyr/samples/crypto/wolfssl_tls_sock + - socket based sample of TLS +- zephyr/samples/crypto/wolfssl_tls_thread + - socket based sample of TLS using threads + +## How to setup + +### delopy wolfssl source to mynewt project +Specify the path of the mynewt project and execute `wolfssl/IDE/mynewt/setup.sh`. + +```bash +./IDE/zephyr/setup.sh /path/to/zephyrproject +``` + +This script will deploy wolfssl's library code and samples as described in the Overview to the zephyr project. + +## build & test + +build and execute wolfssl_test + +``` +cd [zephyrproject]/zephyr/samples/crypto/wolfssl_test +mkdir build && cd build +cmake -GNinja -DBOARD=qemu_x86 .. +ninja +ninja run +``` + diff --git a/IDE/zephyr/lib/CMakeLists.txt b/IDE/zephyr/lib/CMakeLists.txt new file mode 100644 index 000000000..5e4c66dac --- /dev/null +++ b/IDE/zephyr/lib/CMakeLists.txt @@ -0,0 +1,122 @@ +zephyr_interface_library_named(wolfSSL) + +if(CONFIG_WOLFSSL_BUILTIN) + target_compile_definitions(wolfSSL INTERFACE + WOLFSSL_OPTIONS_FILE="${CONFIG_WOLFSSL_OPTIONS_FILE}" + ) + + target_include_directories(wolfSSL INTERFACE + include + settings + ) + + zephyr_library() + zephyr_library_sources(zephyr_init.c) + + zephyr_library_sources(library/src/crl.c) + zephyr_library_sources(library/src/internal.c) + zephyr_library_sources(library/src/keys.c) + zephyr_library_sources(library/src/ocsp.c) + zephyr_library_sources(library/src/sniffer.c) + zephyr_library_sources(library/src/ssl.c) + zephyr_library_sources(library/src/tls13.c) + zephyr_library_sources(library/src/tls.c) + zephyr_library_sources(library/src/wolfio.c) + + zephyr_library_sources(library/wolfcrypt/src/aes.c) + zephyr_library_sources(library/wolfcrypt/src/arc4.c) + zephyr_library_sources(library/wolfcrypt/src/asm.c) + zephyr_library_sources(library/wolfcrypt/src/asn.c) + zephyr_library_sources(library/wolfcrypt/src/async.c) + zephyr_library_sources(library/wolfcrypt/src/blake2b.c) + zephyr_library_sources(library/wolfcrypt/src/camellia.c) + zephyr_library_sources(library/wolfcrypt/src/chacha20_poly1305.c) + zephyr_library_sources(library/wolfcrypt/src/chacha.c) + zephyr_library_sources(library/wolfcrypt/src/cmac.c) + zephyr_library_sources(library/wolfcrypt/src/coding.c) + zephyr_library_sources(library/wolfcrypt/src/compress.c) + zephyr_library_sources(library/wolfcrypt/src/cpuid.c) + zephyr_library_sources(library/wolfcrypt/src/cryptocb.c) + zephyr_library_sources(library/wolfcrypt/src/curve25519.c) + zephyr_library_sources(library/wolfcrypt/src/des3.c) + zephyr_library_sources(library/wolfcrypt/src/dh.c) + zephyr_library_sources(library/wolfcrypt/src/dsa.c) + zephyr_library_sources(library/wolfcrypt/src/ecc.c) + zephyr_library_sources(library/wolfcrypt/src/ecc_fp.c) + zephyr_library_sources(library/wolfcrypt/src/ed25519.c) + zephyr_library_sources(library/wolfcrypt/src/error.c) + zephyr_library_sources(library/wolfcrypt/src/fe_low_mem.c) + zephyr_library_sources(library/wolfcrypt/src/fe_operations.c) + #zephyr_library_sources(library/wolfcrypt/src/fips.c) + #zephyr_library_sources(library/wolfcrypt/src/fips_test.c) + zephyr_library_sources(library/wolfcrypt/src/ge_low_mem.c) + zephyr_library_sources(library/wolfcrypt/src/ge_operations.c) + zephyr_library_sources(library/wolfcrypt/src/hash.c) + zephyr_library_sources(library/wolfcrypt/src/hc128.c) + zephyr_library_sources(library/wolfcrypt/src/hmac.c) + zephyr_library_sources(library/wolfcrypt/src/idea.c) + zephyr_library_sources(library/wolfcrypt/src/integer.c) + zephyr_library_sources(library/wolfcrypt/src/logging.c) + zephyr_library_sources(library/wolfcrypt/src/md2.c) + zephyr_library_sources(library/wolfcrypt/src/md4.c) + zephyr_library_sources(library/wolfcrypt/src/md5.c) + zephyr_library_sources(library/wolfcrypt/src/memory.c) + #zephyr_library_sources(library/wolfcrypt/src/misc.c) + zephyr_library_sources(library/wolfcrypt/src/pkcs12.c) + zephyr_library_sources(library/wolfcrypt/src/pkcs7.c) + zephyr_library_sources(library/wolfcrypt/src/poly1305.c) + zephyr_library_sources(library/wolfcrypt/src/pwdbased.c) + zephyr_library_sources(library/wolfcrypt/src/rabbit.c) + zephyr_library_sources(library/wolfcrypt/src/random.c) + zephyr_library_sources(library/wolfcrypt/src/ripemd.c) + zephyr_library_sources(library/wolfcrypt/src/rsa.c) + #zephyr_library_sources(library/wolfcrypt/src/selftest.c) + zephyr_library_sources(library/wolfcrypt/src/sha256.c) + zephyr_library_sources(library/wolfcrypt/src/sha3.c) + zephyr_library_sources(library/wolfcrypt/src/sha512.c) + zephyr_library_sources(library/wolfcrypt/src/sha.c) + zephyr_library_sources(library/wolfcrypt/src/signature.c) + zephyr_library_sources(library/wolfcrypt/src/sp_arm32.c) + zephyr_library_sources(library/wolfcrypt/src/sp_arm64.c) + zephyr_library_sources(library/wolfcrypt/src/sp_armthumb.c) + zephyr_library_sources(library/wolfcrypt/src/sp_c32.c) + zephyr_library_sources(library/wolfcrypt/src/sp_c64.c) + zephyr_library_sources(library/wolfcrypt/src/sp_cortexm.c) + zephyr_library_sources(library/wolfcrypt/src/sp_int.c) + zephyr_library_sources(library/wolfcrypt/src/sp_x86_64.c) + zephyr_library_sources(library/wolfcrypt/src/srp.c) + zephyr_library_sources(library/wolfcrypt/src/tfm.c) + zephyr_library_sources(library/wolfcrypt/src/wc_encrypt.c) + zephyr_library_sources(library/wolfcrypt/src/wc_pkcs11.c) + zephyr_library_sources(library/wolfcrypt/src/wc_port.c) + #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_first.c) + #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_last.c) + zephyr_library_sources(library/wolfcrypt/src/wolfevent.c) + zephyr_library_sources(library/wolfcrypt/src/wolfmath.c) + + zephyr_library_link_libraries(wolfSSL) + + add_definitions(-DWOLFSSL_USER_SETTINGS) + add_definitions(-DWOLFSSL_ZEPHYR) + include_directories("library") +else() + assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.") + + # NB: CONFIG_WOLFSSL_LIBRARY is not regression tested and is + # therefore susceptible to bit rot + + target_include_directories(wolfSSL INTERFACE + ${CONFIG_WOLFSSL_INSTALL_PATH} + ) + + zephyr_link_libraries( + mbedtls_external + -L${CONFIG_WOLFSSL_INSTALL_PATH} + gcc + ) + # Lib wolfssl depends on libgcc so to allow + # wolfssl to link with gcc we need to ensure it is placed + # after wolfssl_external on the linkers command line. +endif() + +target_link_libraries(wolfSSL INTERFACE zephyr_interface) diff --git a/IDE/zephyr/lib/Kconfig b/IDE/zephyr/lib/Kconfig new file mode 100644 index 000000000..67f53570c --- /dev/null +++ b/IDE/zephyr/lib/Kconfig @@ -0,0 +1,85 @@ +# Kconfig - Cryptography primitive options for wolfSSL + +# +# Copyright (c) 2016 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +menuconfig WOLFSSL + bool "wolfSSL Support" + help + This option enables the wolfSSL cryptography library. + +if WOLFSSL + +choice + prompt "Select implementation" + default WOLFSSL_BUILTIN + +config WOLFSSL_BUILTIN + bool "Enable wolfSSL integrated sources" + help + Link with local wolfSSL sources instead of external library. + +config WOLFSSL_LIBRARY + bool "Enable wolfSSL external library" + help + This option enables wolfSSL library. + +endchoice + +config WOLFSSL_SETTINGS_FILE + string "wolfSSL settings file" + depends on WOLFSSL_BUILTIN + default "user_settings-tls-generic.h" + help + Use a specific wolfSSL settings file. The default config file + file can be tweaked with Kconfig. The default settings is + suitable to communicate with majority of HTTPS servers on the Internet, + but has relatively many features enabled. To optimize resources for + special TLS usage, use available Kconfig settings, or select an + alternative config. + +if WOLFSSL_BUILTIN && WOLFSSL_SETTINGS_FILE = "user_settings-tls-generic.h" +source "ext/lib/crypto/wolfssl/Kconfig.tls-generic" +endif + +config WOLFSSL_DEBUG + bool "wolfSSL debug activation" + depends on WOLFSSL_BUILTIN + help + Enable debugging activation for wolfSSL configuration. If you use + wolfSSL/Zephyr integration (e.g. net_app), this will activate debug + logging (of the level configured by WOLFSSL_DEBUG_LEVEL). + +config WOLFSSL_INSTALL_PATH + string "wolfSSL install path" + depends on WOLFSSL_LIBRARY + help + This option holds the path where the wolfSSL libraries and headers are + installed. Make sure this option is properly set when WOLFSSL_LIBRARY + is enabled otherwise the build will fail. + +config APP_LINK_WITH_WOLFSSL + bool "Link 'app' with WOLFSSL" + default y + depends on WOLFSSL + help + Add WOLFSSL header files to the 'app' include path. It may be + disabled if the include paths for WOLFSSL are causing aliasing + issues for 'app'. + +endif + diff --git a/IDE/zephyr/lib/Kconfig.tls-generic b/IDE/zephyr/lib/Kconfig.tls-generic new file mode 100644 index 000000000..f18451188 --- /dev/null +++ b/IDE/zephyr/lib/Kconfig.tls-generic @@ -0,0 +1,272 @@ +# Kconfig.tls - TLS/DTLS related options + +# +# Copyright (c) 2018 Intel Corporation +# Copyright (c) 2018 Nordic Semiconductor ASA +# +# SPDX-License-Identifier: Apache-2.0 +# + +menu "TLS configuration" + +menu "Supported TLS version" + +config WOLFSSL_TLS_VERSION_1_0 + bool "Enable support for TLS 1.0" + select WOLFSSL_ALLOW_TLSV10_ENABLED + +config WOLFSSL_TLS_VERSION_1_1 + bool "Enable support for TLS 1.1" + select WOLFSSL_NO_OLD_TLS_DISABLED + +config WOLFSSL_TLS_VERSION_1_2 + bool "Enable support for TLS 1.2" + default y + +config WOLFSSL_TLS_VERSION_1_3 + bool "Enable support for TLS 1.3" + select WOLFSSL_TLS13_ENABLED + +endmenu + +menu "Ciphersuite configuration" + +comment "Supported key exchange modes" + +config WOLFSSL_KEY_EXCHANGE_ALL_ENABLED + bool "Enable all available ciphersuite modes" + select WOLFSSL_KEY_EXCHANGE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED + select WOLFSSL_KEY_EXCHANGE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED + select WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + +config WOLFSSL_KEY_EXCHANGE_PSK_ENABLED + bool "Enable the PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED + bool "Enable the DHE-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + bool "Enable the ECDHE-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED + bool "Enable the RSA-PSK based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_RSA_ENABLED + bool "Enable the RSA-only based ciphersuite modes" + default y + +config WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED + bool "Enable the DHE-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED + bool "Enable the ECDHE-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + bool "Enable the ECDHE-ECDSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + bool "Enable the ECDH-ECDSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED + bool "Enable the ECDH-RSA based ciphersuite modes" + +config WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + bool "Enable the ECJPAKE based ciphersuite modes" + +if WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || \ + WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED + +comment "Supported elliptic curves" + +config WOLFSSL_ECP_ALL_ENABLED + bool "Enable all available elliptic curves" + select WOLFSSL_ECP_DP_SECP192R1_ENABLED + select WOLFSSL_ECP_DP_SECP192R1_ENABLED + select WOLFSSL_ECP_DP_SECP224R1_ENABLED + select WOLFSSL_ECP_DP_SECP256R1_ENABLED + select WOLFSSL_ECP_DP_SECP384R1_ENABLED + select WOLFSSL_ECP_DP_SECP521R1_ENABLED + select WOLFSSL_ECP_DP_SECP192K1_ENABLED + select WOLFSSL_ECP_DP_SECP224K1_ENABLED + select WOLFSSL_ECP_DP_SECP256K1_ENABLED + select WOLFSSL_ECP_DP_BP256R1_ENABLED + select WOLFSSL_ECP_DP_BP384R1_ENABLED + select WOLFSSL_ECP_DP_BP512R1_ENABLED + select WOLFSSL_ECP_DP_CURVE25519_ENABLED + select WOLFSSL_ECP_DP_CURVE448_ENABLED + select WOLFSSL_ECP_NIST_OPTIM + +config WOLFSSL_ECP_DP_SECP192R1_ENABLED + bool "Enable SECP192R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP224R1_ENABLED + bool "Enable SECP224R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP256R1_ENABLED + bool "Enable SECP256R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP384R1_ENABLED + bool "Enable SECP384R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP521R1_ENABLED + bool "Enable SECP521R1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP192K1_ENABLED + bool "Enable SECP192K1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP224K1_ENABLED + bool "Enable SECP224K1 elliptic curve" + +config WOLFSSL_ECP_DP_SECP256K1_ENABLED + bool "Enable SECP256K1 elliptic curve" + +config WOLFSSL_ECP_DP_BP256R1_ENABLED + bool "Enable BP256R1 elliptic curve" + +config WOLFSSL_ECP_DP_BP384R1_ENABLED + bool "Enable BP384R1 elliptic curve" + +config WOLFSSL_ECP_DP_BP512R1_ENABLED + bool "Enable BP512R1 elliptic curve" + +config WOLFSSL_ECP_DP_CURVE25519_ENABLED + bool "Enable CURVE25519 elliptic curve" + +config WOLFSSL_ECP_DP_CURVE448_ENABLED + bool "Enable CURVE448 elliptic curve" + +config WOLFSSL_ECP_NIST_OPTIM + bool "Enable NSIT curves optimization" + +endif + +comment "Supported cipher modes" + +config WOLFSSL_CIPHER_ALL_ENABLED + bool "Enable all available ciphers" + select WOLFSSL_CIPHER_AES_ENABLED + select WOLFSSL_CIPHER_CAMELLIA_ENABLED + select WOLFSSL_CIPHER_DES_ENABLED + select WOLFSSL_CIPHER_ARC4_ENABLED + select WOLFSSL_CIPHER_CHACHA20_ENABLED + select WOLFSSL_CIPHER_BLOWFISH_ENABLED + select WOLFSSL_CIPHER_CCM_ENABLED + select WOLFSSL_CIPHER_MODE_XTS_ENABLED + select WOLFSSL_CIPHER_MODE_GCM_ENABLED + select WOLFSSL_CIPHER_CBC_ENABLED + select WOLFSSL_CHACHAPOLY_AEAD_ENABLED + +config WOLFSSL_CIPHER_AES_ENABLED + bool "Enable the AES block cipher" + default y + +config WOLFSSL_AES_ROM_TABLES + depends on WOLFSSL_CIPHER_AES_ENABLED + bool "Use precomputed AES tables stored in ROM." + default y + +config WOLFSSL_CIPHER_CAMELLIA_ENABLED + bool "Enable the Camellia block cipher" + +config WOLFSSL_CIPHER_DES_ENABLED + bool "Enable the DES block cipher" + default y + +config WOLFSSL_CIPHER_ARC4_ENABLED + bool "Enable the ARC4 stream cipher" + +config WOLFSSL_CIPHER_CHACHA20_ENABLED + bool "Enable the ChaCha20 stream cipher" + +config WOLFSSL_CIPHER_BLOWFISH_ENABLED + bool "Enable the Blowfish block cipher" + +config WOLFSSL_CIPHER_CCM_ENABLED + bool "Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_MODE_XTS_ENABLED + bool "Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_MODE_GCM_ENABLED + bool "Enable the Galois/Counter Mode (GCM) for AES" + depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED + +config WOLFSSL_CIPHER_CBC_ENABLED + bool "Enable Cipher Block Chaining mode (CBC) for symmetric ciphers" + default y + +config WOLFSSL_CHACHAPOLY_AEAD_ENABLED + bool "Enable the ChaCha20-Poly1305 AEAD algorithm" + depends on WOLFSSL_CIPHER_CHACHA20_ENABLED || WOLFSSL_MAC_POLY1305_ENABLED + +comment "Supported message authentication methods" + +config WOLFSSL_MAC_ALL_ENABLED + bool "Enable all available MAC methods" + select WOLFSSL_MAC_MD4_ENABLED + select WOLFSSL_MAC_MD5_ENABLED + select WOLFSSL_MAC_SHA1_ENABLED + select WOLFSSL_MAC_SHA256_ENABLED + select WOLFSSL_MAC_SHA512_ENABLED + select WOLFSSL_MAC_POLY1305_ENABLED + +config WOLFSSL_MAC_MD4_ENABLED + bool "Enable the MD4 hash algorithm" + +config WOLFSSL_MAC_MD5_ENABLED + bool "Enable the MD5 hash algorithm" + default y + +config WOLFSSL_MAC_SHA1_ENABLED + bool "Enable the SHA1 hash algorithm" + default y + +config WOLFSSL_MAC_SHA256_ENABLED + bool "Enable the SHA-224 and SHA-256 hash algorithms" + default y + +config WOLFSSL_MAC_SHA512_ENABLED + bool "Enable the SHA-384 and SHA-512 hash algorithms" + +config WOLFSSL_MAC_POLY1305_ENABLED + bool "Enable the Poly1305 MAC algorithm" + +endmenu + +comment "Random number generators" + +config WOLFSSL_HMAC_DRBG_ENABLED + bool "Enable the HMAC_DRBG random generator" + default y + +comment "Other configurations" + +config WOLFSSL_HAVE_ASM + bool "Enable use of assembly code" + default y + help + Enable use of assembly code in wolfSSL. This improves the performances + of asymetric cryptography, however this might have an impact on the + code size. + +config WOLFSSL_USER_SETTTINGS + string "User settings file for wolfSSL" + help + User settings file that contains wolfSSL defines. + +endmenu diff --git a/IDE/zephyr/lib/README b/IDE/zephyr/lib/README new file mode 100644 index 000000000..906a6c9ba --- /dev/null +++ b/IDE/zephyr/lib/README @@ -0,0 +1,12 @@ + +wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use +under the GPLv2 or a standard commercial license. For our users who cannot use +wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available. +Please contact wolfSSL Inc. directly at: + +Email: licensing@wolfssl.com +Phone: +1 425 245-8247 + +More information can be found on the wolfSSL website at www.wolfssl.com. + + diff --git a/IDE/zephyr/lib/install_lib.sh b/IDE/zephyr/lib/install_lib.sh new file mode 100755 index 000000000..fea8c8181 --- /dev/null +++ b/IDE/zephyr/lib/install_lib.sh @@ -0,0 +1,64 @@ +#!/bin/sh + +WOLFSSL_SRC_DIR=../../.. + +if [ ! -d $WOLFSSL_SRC_DIR ]; then + echo "Directory does not exist: $WOLFSSL_SRC_DIR" + exit 1 +fi +if [ ! -f $WOLFSSL_SRC_DIR/wolfssl/ssl.h ]; then + echo "Missing header file: $WOLFSSL_SRC_DIR/wolfssl/ssl.h" + exit 1 +fi + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/ext/lib/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl + +echo "wolfSSL directory in Zephyr:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Build files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Copy Source Code ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/library +mkdir $ZEPHYR_WOLFSSL_DIR/library +mkdir $ZEPHYR_WOLFSSL_DIR/library/src +mkdir -p $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src + +cp -rf ${WOLFSSL_SRC_DIR}/src/*.c $ZEPHYR_WOLFSSL_DIR/library/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.c $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.i $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.S $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/ + +echo "Copy Header Files ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/include +mkdir $ZEPHYR_WOLFSSL_DIR/include + +cp $ZEPHYR_WOLFSSL_DIR/user_settings.h $ZEPHYR_WOLFSSL_DIR/include/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfssl $ZEPHYR_WOLFSSL_DIR/include/ +rm -f $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h +touch $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h +rm -rf $ZEPHYR_WOLFSSL_DIR/include/wolfssl/wolfcrypt/port + + +echo "Done" + diff --git a/IDE/zephyr/lib/settings/user_settings-tls-generic.h b/IDE/zephyr/lib/settings/user_settings-tls-generic.h new file mode 100644 index 000000000..722f44eeb --- /dev/null +++ b/IDE/zephyr/lib/settings/user_settings-tls-generic.h @@ -0,0 +1,147 @@ +/* wolfssl options.h + * generated from configure options + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + */ + +#ifndef WOLFSSL_OPTIONS_H +#define WOLFSSL_OPTIONS_H + + +#ifdef __cplusplus +extern "C" { +#endif + +#undef WOLFSSL_ZEPHYR +#define WOLFSSL_ZEPHYR + +#if 0 +#undef SINGLE_THREADED +#define SINGLE_THREADED +#endif + +#undef TFM_TIMING_RESISTANT +#define TFM_TIMING_RESISTANT + +#undef ECC_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT + +#undef WC_RSA_BLINDING +#define WC_RSA_BLINDING + +#undef HAVE_AESGCM +#define HAVE_AESGCM + +#undef WOLFSSL_SHA512 +#define WOLFSSL_SHA512 + +#undef WOLFSSL_SHA384 +#define WOLFSSL_SHA384 + +#undef NO_DSA +#define NO_DSA + +#undef HAVE_ECC +#define HAVE_ECC + +#undef TFM_ECC256 +#define TFM_ECC256 + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef WOLFSSL_SHA224 +#define WOLFSSL_SHA224 + +#undef WOLFSSL_SHA3 +#define WOLFSSL_SHA3 + +#undef HAVE_POLY1305 +#define HAVE_POLY1305 + +#undef HAVE_ONE_TIME_AUTH +#define HAVE_ONE_TIME_AUTH + +#undef HAVE_CHACHA +#define HAVE_CHACHA + +#undef HAVE_HASHDRBG +#define HAVE_HASHDRBG + +#undef NO_FILESYSTEM +#define NO_FILESYSTEM + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +#define NO_PWDBASED + +#undef USE_FAST_MATH +#define USE_FAST_MATH + +#undef WOLFSSL_NO_ASM +#define WOLFSSL_NO_ASM + +#undef WOLFSSL_X86_BUILD +#define WOLFSSL_X86_BUILD + +#undef WC_NO_ASYNC_THREADING +#define WC_NO_ASYNC_THREADING + +#undef NO_DES3 +#define NO_DES3 + +#if 1 +#undef NO_ASN_TIME +#define NO_ASN_TIME +#endif + +#undef WOLFSSL_STATIC_MEMORY +#define WOLFSSL_STATIC_MEMORY + +#if 0 +#undef WOLFSSL_HAVE_SP_RSA +#define WOLFSSL_HAVE_SP_RSA +#undef WOLFSSL_HAVE_SP_DH +#define WOLFSSL_HAVE_SP_DH +#undef WOLFSSL_HAVE_SP_ECC +#define WOLFSSL_HAVE_SP_ECC +#endif + +#if 0 +#undef DEBUG_WOLFSSL +#define DEBUG_WOLFSSL +#endif + +#ifdef __cplusplus +} +#endif + + +#endif /* WOLFSSL_OPTIONS_H */ + diff --git a/IDE/zephyr/lib/user_settings.h b/IDE/zephyr/lib/user_settings.h new file mode 100644 index 000000000..9fb1bd416 --- /dev/null +++ b/IDE/zephyr/lib/user_settings.h @@ -0,0 +1,147 @@ + +#ifndef USER_SETTINGS_H +#define USER_SETTINGS_H + +#ifdef CONFIG_WOLFSSL +#ifdef CONFIG_WOLFSSL_SETTINGS_FILE + +#include CONFIG_WOLFSSL_SETTINGS_FILE + +#else + +#ifdef __cplusplus +extern "C" { +#endif + +#undef WOLFSSL_ZEPHYR +#define WOLFSSL_ZEPHYR + +#if 0 +#undef SINGLE_THREADED +#define SINGLE_THREADED +#endif + +#undef TFM_TIMING_RESISTANT +#define TFM_TIMING_RESISTANT + +#undef ECC_TIMING_RESISTANT +#define ECC_TIMING_RESISTANT + +#undef WC_RSA_BLINDING +#define WC_RSA_BLINDING + +#undef HAVE_AESGCM +#define HAVE_AESGCM + +#undef WOLFSSL_SHA512 +#define WOLFSSL_SHA512 + +#undef WOLFSSL_SHA384 +#define WOLFSSL_SHA384 + +#undef NO_DSA +#define NO_DSA + +#undef HAVE_ECC +#define HAVE_ECC + +#undef TFM_ECC256 +#define TFM_ECC256 + +#undef WOLFSSL_BASE64_ENCODE +#define WOLFSSL_BASE64_ENCODE + +#undef NO_RC4 +#define NO_RC4 + +#undef NO_HC128 +#define NO_HC128 + +#undef NO_RABBIT +#define NO_RABBIT + +#undef WOLFSSL_SHA224 +#define WOLFSSL_SHA224 + +#undef WOLFSSL_SHA3 +#define WOLFSSL_SHA3 + +#undef HAVE_POLY1305 +#define HAVE_POLY1305 + +#undef HAVE_ONE_TIME_AUTH +#define HAVE_ONE_TIME_AUTH + +#undef HAVE_CHACHA +#define HAVE_CHACHA + +#undef HAVE_HASHDRBG +#define HAVE_HASHDRBG + +#undef NO_FILESYSTEM +#define NO_FILESYSTEM + +#undef HAVE_TLS_EXTENSIONS +#define HAVE_TLS_EXTENSIONS + +#undef HAVE_SUPPORTED_CURVES +#define HAVE_SUPPORTED_CURVES + +#undef HAVE_EXTENDED_MASTER +#define HAVE_EXTENDED_MASTER + +#undef NO_PSK +#define NO_PSK + +#undef NO_MD4 +#define NO_MD4 + +#undef NO_PWDBASED +#define NO_PWDBASED + +#undef USE_FAST_MATH +#define USE_FAST_MATH + +#undef WOLFSSL_NO_ASM +#define WOLFSSL_NO_ASM + +#undef WOLFSSL_X86_BUILD +#define WOLFSSL_X86_BUILD + +#undef WC_NO_ASYNC_THREADING +#define WC_NO_ASYNC_THREADING + +#undef NO_DES3 +#define NO_DES3 + +#if 1 +#undef NO_ASN_TIME +#define NO_ASN_TIME +#endif + +#undef WOLFSSL_STATIC_MEMORY +#define WOLFSSL_STATIC_MEMORY + +#if 0 +#undef WOLFSSL_HAVE_SP_RSA +#define WOLFSSL_HAVE_SP_RSA +#undef WOLFSSL_HAVE_SP_DH +#define WOLFSSL_HAVE_SP_DH +#undef WOLFSSL_HAVE_SP_ECC +#define WOLFSSL_HAVE_SP_ECC +#endif + +#if 0 +#undef DEBUG_WOLFSSL +#define DEBUG_WOLFSSL +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* CONFIG_WOLFSSL_SETTINGS_FILE */ +#endif /* CONFIG_WOLFSSL */ + +#endif /* USER_SETTINGS_H */ + diff --git a/IDE/zephyr/lib/zephyr_init.c b/IDE/zephyr/lib/zephyr_init.c new file mode 100644 index 000000000..a298f3179 --- /dev/null +++ b/IDE/zephyr/lib/zephyr_init.c @@ -0,0 +1,19 @@ +/** @file + * @brief wolfSSL initialization + * + * Initialize the wolfSSL library. + */ + +#include + +#include "user_settings.h" +#include "wolfssl/ssl.h" + +static int _wolfssl_init(struct device *device) +{ + ARG_UNUSED(device); + + return 0; +} + +SYS_INIT(_wolfssl_init, POST_KERNEL, 0); diff --git a/IDE/zephyr/setup.sh b/IDE/zephyr/setup.sh new file mode 100755 index 000000000..2600ca722 --- /dev/null +++ b/IDE/zephyr/setup.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +# Check for zephyr directory on command line +if [ $# -ne 1 ]; then + echo "Usage: $0 'zephyr project root directory path'" 1>&2 + exit 1 +fi +ZEPHYR_DIR=$1 + +# Check zephyr directory exists +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi + +cd `dirname $0` + +(cd lib; ./install_lib.sh $ZEPHYR_DIR) +(cd wolfssl_test; ./install_test.sh $ZEPHYR_DIR) +(cd wolfssl_tls_sock; ./install_sample.sh $ZEPHYR_DIR) +(cd wolfssl_tls_thread; ./install_sample.sh $ZEPHYR_DIR) + diff --git a/IDE/zephyr/wolfssl_test/CMakeLists.txt b/IDE/zephyr/wolfssl_test/CMakeLists.txt new file mode 100644 index 000000000..edf423efc --- /dev/null +++ b/IDE/zephyr/wolfssl_test/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_test) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_test/README b/IDE/zephyr/wolfssl_test/README new file mode 100644 index 000000000..906a6c9ba --- /dev/null +++ b/IDE/zephyr/wolfssl_test/README @@ -0,0 +1,12 @@ + +wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use +under the GPLv2 or a standard commercial license. For our users who cannot use +wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available. +Please contact wolfSSL Inc. directly at: + +Email: licensing@wolfssl.com +Phone: +1 425 245-8247 + +More information can be found on the wolfSSL website at www.wolfssl.com. + + diff --git a/IDE/zephyr/wolfssl_test/install_test.sh b/IDE/zephyr/wolfssl_test/install_test.sh new file mode 100755 index 000000000..1d3a6c41a --- /dev/null +++ b/IDE/zephyr/wolfssl_test/install_test.sh @@ -0,0 +1,49 @@ +#!/bin/sh + +WOLFSSL_SRC_DIR=../../.. + +if [ ! -d $WOLFSSL_SRC_DIR ]; then + echo "Directory does not exist: $WOLFSSL_SRC_DIR" + exit 1 +fi +if [ ! -f $WOLFSSL_SRC_DIR/wolfcrypt/test/test.c ]; then + echo "Missing source file: $WOLFSSL_SRC_DIR/wolfcrypt/test/test.h" + exit 1 +fi + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_test + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Build files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Copy Source Code ..." +rm -rf $ZEPHYR_WOLFSSL_DIR/src +mkdir $ZEPHYR_WOLFSSL_DIR/src + +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.c $ZEPHYR_WOLFSSL_DIR/src/ +cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.h $ZEPHYR_WOLFSSL_DIR/src/ + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_test/prj.conf b/IDE/zephyr/wolfssl_test/prj.conf new file mode 100644 index 000000000..4becb6196 --- /dev/null +++ b/IDE/zephyr/wolfssl_test/prj.conf @@ -0,0 +1,25 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=32768 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +#CONFIG_FLOAT=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +# Networking +CONFIG_NETWORKING=y +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=y +CONFIG_NET_SOCKETS=y +CONFIG_DNS_RESOLVER=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + diff --git a/IDE/zephyr/wolfssl_test/sample.yaml b/IDE/zephyr/wolfssl_test/sample.yaml new file mode 100644 index 000000000..23110dcdb --- /dev/null +++ b/IDE/zephyr/wolfssl_test/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL test application + name: wolfSSL Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt b/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt new file mode 100644 index 000000000..512a0006f --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_tls_threaded) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_tls_sock/README b/IDE/zephyr/wolfssl_tls_sock/README new file mode 100644 index 000000000..906a6c9ba --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/README @@ -0,0 +1,12 @@ + +wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use +under the GPLv2 or a standard commercial license. For our users who cannot use +wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available. +Please contact wolfSSL Inc. directly at: + +Email: licensing@wolfssl.com +Phone: +1 425 245-8247 + +More information can be found on the wolfSSL website at www.wolfssl.com. + + diff --git a/IDE/zephyr/wolfssl_tls_sock/install_sample.sh b/IDE/zephyr/wolfssl_tls_sock/install_sample.sh new file mode 100755 index 000000000..9806af20c --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/install_sample.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_tls_sock + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Sample files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_tls_sock/prj.conf b/IDE/zephyr/wolfssl_tls_sock/prj.conf new file mode 100644 index 000000000..2312ea0f6 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/prj.conf @@ -0,0 +1,53 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=12288 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +# General config +CONFIG_NEWLIB_LIBC=y + +# Networking config +CONFIG_NETWORKING=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=n +CONFIG_NET_TCP=y +CONFIG_NET_SOCKETS=y +CONFIG_NET_SOCKETS_POSIX_NAMES=y + +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_DNS_RESOLVER=y +CONFIG_DNS_SERVER_IP_ADDRESSES=y +CONFIG_DNS_SERVER1="192.0.2.2" + +# Network driver config +CONFIG_TEST_RANDOM_GENERATOR=y + +# Network address config +CONFIG_NET_CONFIG_SETTINGS=y +CONFIG_NET_CONFIG_NEED_IPV4=y +CONFIG_NET_CONFIG_MY_IPV4_ADDR="192.0.2.1" +CONFIG_NET_CONFIG_PEER_IPV4_ADDR="192.0.2.2" +CONFIG_NET_CONFIG_MY_IPV4_GW="192.0.2.2" + +CONFIG_NET_PKT_TX_COUNT=10 + +# Network debug config +#CONFIG_NET_LOG=y +#CONFIG_NET_PKT_LOG_LEVEL_DBG=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + +CONFIG_WOLFSSL_TLS_VERSION_1_2=y +CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y +CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y +CONFIG_WOLFSSL_MAC_ALL_ENABLED=y +CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y diff --git a/IDE/zephyr/wolfssl_tls_sock/sample.yaml b/IDE/zephyr/wolfssl_tls_sock/sample.yaml new file mode 100644 index 000000000..86f7f9a79 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL TLS test application + name: wolfSSL TLS Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c new file mode 100755 index 000000000..2ac6fc6cd --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c @@ -0,0 +1,512 @@ +/* tls_sock.c + * + * Copyright (C) 2006-2019 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#define USE_CERT_BUFFERS_2048 +#include +#include + +#ifdef WOLFSSL_ZEPHYR +#define printf printk +#endif + +#define BUFFER_SIZE 2048 +#define STATIC_MEM_SIZE (96*1024) +#define THREAD_STACK_SIZE (12*1024) +#define MAX_SEND_SIZE 256 + +/* The stack to use in the server's thread. */ +K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE); + +#ifdef WOLFSSL_STATIC_MEMORY + static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER; + static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT; + + static byte gMemoryServer[STATIC_MEM_SIZE]; + static byte gMemoryClient[STATIC_MEM_SIZE]; +#else + #define HEAP_HINT_SERVER NULL + #define HEAP_HINT_CLIENT NULL +#endif /* WOLFSSL_STATIC_MEMORY */ + +/* Application data to send. */ +static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n"; +static const char msgHTTPIndex[] = + "HTTP/1.1 200 OK\n" + "Content-Type: text/html\n" + "Connection: close\n" + "\n" + "\n" + "\n" + "Welcome to wolfSSL!\n" + "\n" + "\n" + "

wolfSSL has successfully performed handshake!

\n" + "\n" + "\n"; + + +/* Create a new wolfSSL client with a server CA certificate. */ +static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(), + HEAP_HINT_CLIENT)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048, + sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != + WOLFSSL_SUCCESS) { + printf("ERROR: failed to load CA certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(client_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = client_ctx; + *ssl = client_ssl; + } + else { + if (client_ssl != NULL) + wolfSSL_free(client_ssl); + if (client_ctx != NULL) + wolfSSL_CTX_free(client_ctx); + } + + return ret; +} + +/* Client connecting to server using TLS */ +static int wolfssl_client_connect(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) { + printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1)); + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + + +/* Create a new wolfSSL server with a certificate for authentication. */ +static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(), + HEAP_HINT_SERVER)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_certificate_buffer(server_ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, + server_key_der_2048, sizeof_server_key_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server key\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(server_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = server_ctx; + *ssl = server_ssl; + } + else { + if (server_ssl != NULL) + wolfSSL_free(server_ssl); + if (server_ctx != NULL) + wolfSSL_CTX_free(server_ctx); + } + + return ret; +} + +/* Server accepting a client using TLS */ +static int wolfssl_server_accept(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) { + printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1)); + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + +/* Send application data. */ +static int wolfssl_send(WOLFSSL* ssl, const char* msg) +{ + int ret = 0; + int len; + + printf("Sending:\n%s\n", msg); + len = wolfSSL_write(ssl, msg, XSTRLEN(msg)); + if (len < 0) + ret = len; + else if (len != XSTRLEN(msg)) + ret = -1; + + return ret; +} + +/* Receive application data. */ +static int wolfssl_recv(WOLFSSL* ssl) +{ + int ret; + byte reply[256]; + + ret = wolfSSL_read(ssl, reply, sizeof(reply)-1); + if (ret > 0) { + reply[ret] = '\0'; + printf("Received:\n%s\n", reply); + ret = 1; + } + else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl)) + ret = 0; + + return ret; +} + + +/* Free the WOLFSSL object and context. */ +static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + if (ssl != NULL) + wolfSSL_free(ssl); + if (ctx != NULL) + wolfSSL_CTX_free(ctx); +} + + +/* Display the static memory usage. */ +static void wolfssl_memstats(WOLFSSL* ssl) +{ +#ifdef WOLFSSL_STATIC_MEMORY + WOLFSSL_MEM_CONN_STATS ssl_stats; + + XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats)); + + if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1) + printf("static memory was not used with ssl"); + else { + printf("*** This is memory state before wolfSSL_free is called\n"); + printf("peak connection memory = %d\n", ssl_stats.peakMem); + printf("current memory in use = %d\n", ssl_stats.curMem); + printf("peak connection allocs = %d\n", ssl_stats.peakAlloc); + printf("current connection allocs = %d\n",ssl_stats.curAlloc); + printf("total connection allocs = %d\n",ssl_stats.totalAlloc); + printf("total connection frees = %d\n\n", ssl_stats.totalFr); + } +#else + (void)ssl; +#endif +} + + +/* Start the server thread. */ +void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread) +{ + k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack), + func, args, NULL, NULL, 5, 0, K_NO_WAIT); +} + +void join_thread(THREAD_TYPE thread) +{ + /* Threads are handled in the kernel. */ +} + + +int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd) +{ + int ret = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID; + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + word16 port = 443; + struct sockaddr_in bind_addr; + + if (ret == 0) { + sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + bind_addr.sin_family = AF_INET; + bind_addr.sin_addr.s_addr = htonl(INADDR_ANY); + bind_addr.sin_port = htons(port); + if (bind(sockfd, (struct sockaddr *)&bind_addr, sizeof(bind_addr)) != 0) + ret = -1; + } + if (ret == 0) { + *fd = sockfd; + printf("Server Listen\n"); + listen(sockfd, 5); + if (WOLFSSL_SOCKET_IS_INVALID(sockfd)) + ret = -1; + } + if (ret == 0) { + printf("Server Accept\n"); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); + if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) + ret = -1; + } + if (ret == 0) { + *acceptfd = clientfd; + tcp_set_nonblocking(&clientfd); + } + + if (ret == 0) { + printf("Server has client\n"); + if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) + ret = -1; + } + + return ret; +} + +/* Thread to do the server operations. */ +void server_thread(void* arg1, void* arg2, void* arg3) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID; + + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer, + sizeof(gMemoryServer), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + if (ret == 0) + ret = wolfssl_server_new(&server_ctx, &server_ssl); + + if (ret == 0) + ret = wolfssl_server_accept_tcp(server_ssl, &sockfd, &clientfd); + + while (ret == 0) { + k_sleep(100); + ret = wolfssl_server_accept(server_ssl); + if (ret == 0 && wolfSSL_is_init_finished(server_ssl)) + break; + } + + /* Receive HTTP request */ + while (ret == 0) { + ret = wolfssl_recv(server_ssl); + } + if (ret == 1) + ret = 0; + /* Send HTTP repsonse */ + if (ret == 0) + ret = wolfssl_send(server_ssl, msgHTTPIndex); + + printf("Server Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Server Memory Stats\n"); +#endif + wolfssl_memstats(server_ssl); + wolfssl_free(server_ctx, server_ssl); + if (clientfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(clientfd); + if (sockfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(sockfd); +} + +int wolfssl_client_connect_tcp(WOLFSSL* ssl, SOCKET_T* fd) +{ + int ret = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + static struct addrinfo hints; + struct addrinfo* res; + + XMEMSET(&hints, 0, sizeof(hints)); + hints.ai_family = AF_INET; + hints.ai_socktype = SOCK_STREAM; + if (getaddrinfo("192.0.2.1", "443", &hints, &res) != 0) + ret = -1; + + if (ret == 0) { + printf("Client socket\n"); + sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (WOLFSSL_SOCKET_IS_INVALID(sockfd)) + ret = -1; + } + if (ret == 0) { + *fd = sockfd; + tcp_set_nonblocking(&sockfd); + } + if (ret == 0) { + printf("Client Connect\n"); + if (connect(sockfd, res->ai_addr, res->ai_addrlen) != 0) + ret = -1; + } + + if (ret == 0) { + printf("Client Connected\n"); + if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) + ret = -1; + } + + return ret; +} + +/* Thread to do the client operations. */ +void client_thread() +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient, + sizeof(gMemoryClient), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + /* Client connection */ + if (ret == 0) + ret = wolfssl_client_new(&client_ctx, &client_ssl); + + if (ret == 0) + ret = wolfssl_client_connect_tcp(client_ssl, &sockfd); + + while (ret == 0) { + k_sleep(10); + ret = wolfssl_client_connect(client_ssl); + if (ret == 0 && wolfSSL_is_init_finished(client_ssl)) + break; + } + + if (ret == 0) + printf("Handshake complete\n"); + + /* Send HTTP request */ + if (ret == 0) + ret = wolfssl_send(client_ssl, msgHTTPGet); + /* Receive HTTP response */ + while (ret == 0) { + k_sleep(10); + ret = wolfssl_recv(client_ssl); + } + if (ret == 1) + ret = 0; + + printf("Client Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Client Memory Stats\n"); +#endif + wolfssl_memstats(client_ssl); + wolfssl_free(client_ctx, client_ssl); + if (sockfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(sockfd); +} + +int main() +{ + int ret = 0; + THREAD_TYPE serverThread; + + wolfSSL_Init(); + + /* Start server */ + start_thread(server_thread, NULL, &serverThread); + + k_sleep(100); + client_thread(); + + join_thread(serverThread); + + wolfSSL_Cleanup(); + + printf("Done\n"); + + return (ret == 0) ? 0 : 1; +} + diff --git a/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt b/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt new file mode 100644 index 000000000..512a0006f --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_tls_threaded) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_tls_thread/README b/IDE/zephyr/wolfssl_tls_thread/README new file mode 100644 index 000000000..906a6c9ba --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/README @@ -0,0 +1,12 @@ + +wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use +under the GPLv2 or a standard commercial license. For our users who cannot use +wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available. +Please contact wolfSSL Inc. directly at: + +Email: licensing@wolfssl.com +Phone: +1 425 245-8247 + +More information can be found on the wolfSSL website at www.wolfssl.com. + + diff --git a/IDE/zephyr/wolfssl_tls_thread/install_sample.sh b/IDE/zephyr/wolfssl_tls_thread/install_sample.sh new file mode 100755 index 000000000..4bd0ea084 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/install_sample.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_tls_thread + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Sample files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_tls_thread/prj.conf b/IDE/zephyr/wolfssl_tls_thread/prj.conf new file mode 100644 index 000000000..402cd7fa7 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/prj.conf @@ -0,0 +1,29 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=12288 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +# Networking +CONFIG_NETWORKING=y +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=y +CONFIG_NET_SOCKETS=y +CONFIG_DNS_RESOLVER=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + +CONFIG_WOLFSSL_TLS_VERSION_1_2=y +CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y +CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y +CONFIG_WOLFSSL_MAC_ALL_ENABLED=y +CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y diff --git a/IDE/zephyr/wolfssl_tls_thread/sample.yaml b/IDE/zephyr/wolfssl_tls_thread/sample.yaml new file mode 100644 index 000000000..86f7f9a79 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL TLS test application + name: wolfSSL TLS Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c new file mode 100755 index 000000000..41db03d83 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c @@ -0,0 +1,504 @@ +/* tls_threaded.c + * + * Copyright (C) 2006-2019 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#define USE_CERT_BUFFERS_2048 +#include +#include + +#ifdef WOLFSSL_ZEPHYR +#define printf printk +#endif + +#define BUFFER_SIZE 2048 +#define STATIC_MEM_SIZE (96*1024) +#define THREAD_STACK_SIZE (12*1024) + +/* The stack to use in the server's thread. */ +K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE); + +#ifdef WOLFSSL_STATIC_MEMORY + static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER; + static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT; + + static byte gMemoryServer[STATIC_MEM_SIZE]; + static byte gMemoryClient[STATIC_MEM_SIZE]; +#else + #define HEAP_HINT_SERVER NULL + #define HEAP_HINT_CLIENT NULL +#endif /* WOLFSSL_STATIC_MEMORY */ + +/* Buffer to hold data for client to read. */ +unsigned char client_buffer[BUFFER_SIZE]; +int client_buffer_sz = 0; +wolfSSL_Mutex client_mutex; + +/* Buffer to hold data for server to read. */ +unsigned char server_buffer[BUFFER_SIZE]; +int server_buffer_sz = 0; +wolfSSL_Mutex server_mutex; + +/* Application data to send. */ +static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n"; +static const char msgHTTPIndex[] = + "HTTP/1.1 200 OK\n" + "Content-Type: text/html\n" + "Connection: close\n" + "\n" + "\n" + "\n" + "Welcome to wolfSSL!\n" + "\n" + "\n" + "

wolfSSL has successfully performed handshake!

\n" + "\n" + "\n"; + +/* wolfSSL client wants to read data from the server. */ +static int recv_client(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&client_mutex); + if (client_buffer_sz > 0) { + /* Take as many bytes is available or requested from buffer. */ + if (sz > client_buffer_sz) + sz = client_buffer_sz; + XMEMCPY(buff, client_buffer, sz); + if (sz < client_buffer_sz) { + XMEMMOVE(client_buffer, client_buffer + sz, client_buffer_sz - sz); + } + client_buffer_sz -= sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_READ; + wc_UnLockMutex(&client_mutex); + + return sz; +} + +/* wolfSSL client wants to write data to the server. */ +static int send_client(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&server_mutex); + if (server_buffer_sz < BUFFER_SIZE) + { + /* Put in as many bytes requested or will fit in buffer. */ + if (sz > BUFFER_SIZE - server_buffer_sz) + sz = BUFFER_SIZE - server_buffer_sz; + XMEMCPY(server_buffer + server_buffer_sz, buff, sz); + server_buffer_sz += sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_WRITE; + wc_UnLockMutex(&server_mutex); + + return sz; +} + +/* wolfSSL server wants to read data from the client. */ +static int recv_server(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&server_mutex); + if (server_buffer_sz > 0) { + /* Take as many bytes is available or requested from buffer. */ + if (sz > server_buffer_sz) + sz = server_buffer_sz; + XMEMCPY(buff, server_buffer, sz); + if (sz < server_buffer_sz) { + XMEMMOVE(server_buffer, server_buffer + sz, server_buffer_sz - sz); + } + server_buffer_sz -= sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_READ; + wc_UnLockMutex(&server_mutex); + + return sz; +} + +/* wolfSSL server wants to write data to the client. */ +static int send_server(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&client_mutex); + if (client_buffer_sz < BUFFER_SIZE) + { + /* Put in as many bytes requested or will fit in buffer. */ + if (sz > BUFFER_SIZE - client_buffer_sz) + sz = BUFFER_SIZE - client_buffer_sz; + XMEMCPY(client_buffer + client_buffer_sz, buff, sz); + client_buffer_sz += sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_WRITE; + wc_UnLockMutex(&client_mutex); + + return sz; +} + +/* Create a new wolfSSL client with a server CA certificate. */ +static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(), + HEAP_HINT_CLIENT)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048, + sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != + WOLFSSL_SUCCESS) { + printf("ERROR: failed to load CA certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Register callbacks */ + wolfSSL_SetIORecv(client_ctx, recv_client); + wolfSSL_SetIOSend(client_ctx, send_client); + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(client_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = client_ctx; + *ssl = client_ssl; + } + else { + if (client_ssl != NULL) + wolfSSL_free(client_ssl); + if (client_ctx != NULL) + wolfSSL_CTX_free(client_ctx); + } + + return ret; +} + +/* Client connecting to server using TLS */ +static int wolfssl_client_connect(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) { + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + + +/* Create a new wolfSSL server with a certificate for authentication. */ +static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(), + HEAP_HINT_SERVER)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_certificate_buffer(server_ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, + server_key_der_2048, sizeof_server_key_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server key\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Register callbacks */ + wolfSSL_SetIORecv(server_ctx, recv_server); + wolfSSL_SetIOSend(server_ctx, send_server); + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(server_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = server_ctx; + *ssl = server_ssl; + } + else { + if (server_ssl != NULL) + wolfSSL_free(server_ssl); + if (server_ctx != NULL) + wolfSSL_CTX_free(server_ctx); + } + + return ret; +} + +/* Server accepting a client using TLS */ +static int wolfssl_server_accept(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) { + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + +/* Send application data. */ +static int wolfssl_send(WOLFSSL* ssl, const char* msg) +{ + int ret = 0; + int len; + + printf("Sending:\n%s\n", msg); + len = wolfSSL_write(ssl, msg, XSTRLEN(msg)); + if (len < 0) + ret = len; + else if (len != XSTRLEN(msg)) + ret = -1; + + return ret; +} + +/* Receive application data. */ +static int wolfssl_recv(WOLFSSL* ssl) +{ + int ret; + byte reply[256]; + + ret = wolfSSL_read(ssl, reply, sizeof(reply)-1); + if (ret > 0) { + reply[ret] = '\0'; + printf("Received:\n%s\n", reply); + ret = 1; + } + else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl)) + ret = 0; + + return ret; +} + + +/* Free the WOLFSSL object and context. */ +static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + if (ssl != NULL) + wolfSSL_free(ssl); + if (ctx != NULL) + wolfSSL_CTX_free(ctx); +} + + +/* Display the static memory usage. */ +static void wolfssl_memstats(WOLFSSL* ssl) +{ +#ifdef WOLFSSL_STATIC_MEMORY + WOLFSSL_MEM_CONN_STATS ssl_stats; + + XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats)); + + if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1) + printf("static memory was not used with ssl"); + else { + printf("*** This is memory state before wolfSSL_free is called\n"); + printf("peak connection memory = %d\n", ssl_stats.peakMem); + printf("current memory in use = %d\n", ssl_stats.curMem); + printf("peak connection allocs = %d\n", ssl_stats.peakAlloc); + printf("current connection allocs = %d\n",ssl_stats.curAlloc); + printf("total connection allocs = %d\n",ssl_stats.totalAlloc); + printf("total connection frees = %d\n\n", ssl_stats.totalFr); + } +#else + (void)ssl; +#endif +} + + +/* Start the server thread. */ +void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread) +{ + k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack), + func, args, NULL, NULL, 5, 0, K_NO_WAIT); +} + +void join_thread(THREAD_TYPE thread) +{ + /* Threads are handled in the kernel. */ +} + + +/* Thread to do the server operations. */ +void server_thread(void* arg1, void* arg2, void* arg3) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer, + sizeof(gMemoryServer), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + if (ret == 0) + ret = wolfssl_server_new(&server_ctx, &server_ssl); + + while (ret == 0) { + ret = wolfssl_server_accept(server_ssl); + if (ret == 0 && wolfSSL_is_init_finished(server_ssl)) + break; + } + + /* Receive HTTP request */ + while (ret == 0) { + ret = wolfssl_recv(server_ssl); + } + if (ret == 1) + ret = 0; + /* Send HTTP repsonse */ + if (ret == 0) + ret = wolfssl_send(server_ssl, msgHTTPIndex); + + printf("Server Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Server Memory Stats\n"); +#endif + wolfssl_memstats(server_ssl); + wolfssl_free(server_ctx, server_ssl); +} + +int main() +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + THREAD_TYPE serverThread; + + wolfSSL_Init(); + + wc_InitMutex(&client_mutex); + wc_InitMutex(&server_mutex); + + /* Start server */ + start_thread(server_thread, NULL, &serverThread); + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient, + sizeof(gMemoryClient), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + /* Client connection */ + if (ret == 0) + ret = wolfssl_client_new(&client_ctx, &client_ssl); + + while (ret == 0) { + ret = wolfssl_client_connect(client_ssl); + if (ret == 0 && wolfSSL_is_init_finished(client_ssl)) + break; + k_sleep(10); + } + + if (ret == 0) + printf("Handshake complete\n"); + + /* Send HTTP request */ + if (ret == 0) + ret = wolfssl_send(client_ssl, msgHTTPGet); + /* Receive HTTP response */ + while (ret == 0) { + k_sleep(10); + ret = wolfssl_recv(client_ssl); + } + if (ret == 1) + ret = 0; + + printf("Client Return: %d\n", ret); + + join_thread(serverThread); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Client Memory Stats\n"); +#endif + wolfssl_memstats(client_ssl); + wolfssl_free(client_ctx, client_ssl); + + wolfSSL_Cleanup(); + + printf("Done\n"); + + return (ret == 0) ? 0 : 1; +} + diff --git a/src/internal.c b/src/internal.c index 16b35131b..63b67805b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6436,6 +6436,13 @@ ProtocolVersion MakeDTLSv1_2(void) return now; } +#elif defined(WOLFSSL_ZEPHYR) + + word32 LowResTimer(void) + { + return k_uptime_get() / 1000; + } + #else /* Posix style time */ #ifndef USER_TIME diff --git a/src/wolfio.c b/src/wolfio.c index 122d65d18..75c30312d 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -238,6 +238,11 @@ int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) int sd = *(int*)ctx; int sent; +#ifdef WOLFSSL_MAX_SEND_SZ + if (sz > WOLFSSL_MAX_SEND_SZ) + sz = WOLFSSL_MAX_SEND_SZ; +#endif + sent = wolfIO_Send(sd, buf, sz, ssl->wflags); if (sent < 0) { int err = wolfSSL_LastError(); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index a6cb58e72..9fb97c9b2 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -69,6 +69,29 @@ void BSP_Ser_Printf (CPU_CHAR* format, ...); #undef printf #define printf BSP_Ser_Printf +#elif defined(WOLFSSL_ZEPHYR) + #include + + #define BENCH_EMBEDDED + + #define printf printfk + + static int printfk(const char *fmt, ...) + { + int ret; + char line[150]; + va_list ap; + + va_start(ap, fmt); + + ret = vsnprintf(line, sizeof(line), fmt, ap); + line[sizeof(line)-1] = '\0'; + printk("%s", line); + + va_end(ap); + + return ret; + } #else #include #endif @@ -228,6 +251,7 @@ typedef struct bench_alg { int val; } bench_alg; +#ifndef MAIN_NO_ARGS /* All recognized cipher algorithm choosing command line options. */ static const bench_alg bench_cipher_opt[] = { { "-cipher", -1 }, @@ -410,6 +434,7 @@ static const bench_alg bench_other_opt[] = { #endif { NULL, 0} }; +#endif /* MAIN_NO_ARGS */ #endif /* !WOLFSSL_BENCHMARK_ALL && !NO_MAIN_DRIVER */ @@ -424,7 +449,9 @@ static const bench_alg bench_other_opt[] = { #endif static int lng_index = 0; + #ifndef NO_MAIN_DRIVER +#ifndef MAIN_NO_ARGS static const char* bench_Usage_msg1[][10] = { /* 0 English */ { "-? Help, print this usage\n 0: English, 1: Japanese\n", @@ -453,6 +480,7 @@ static const char* bench_Usage_msg1[][10] = { }, #endif }; +#endif /* MAIN_NO_ARGS */ #endif static const char* bench_result_words1[][4] = { @@ -1707,6 +1735,8 @@ int benchmark_test(void *args) benchmarks_do(NULL); #endif + printf("Benchmark complete\n"); + ret = benchmark_free(); EXIT_TEST(ret); @@ -5252,6 +5282,21 @@ exit_ed_verify: (void)reset; return (double) CPU_TS_Get32()/CPU_TS_TmrFreqGet(&err); } +#elif defined(WOLFSSL_ZEPHYR) + + #include + + double current_time(int reset) + { + (void)reset; + + #if defined(CONFIG_ARCH_POSIX) + k_cpu_idle(); + #endif + + return (double)k_uptime_get() / 1000; + } + #else #include @@ -5297,6 +5342,8 @@ void benchmark_configure(int block_size) #ifndef NO_MAIN_DRIVER +#ifndef MAIN_NO_ARGS + #ifndef WOLFSSL_BENCHMARK_ALL /* Display the algorithm string and keep to 80 characters per line. * @@ -5378,13 +5425,18 @@ static int string_matches(const char* arg, const char* str) int len = (int)XSTRLEN(str) + 1; return XSTRNCMP(arg, str, len) == 0; } +#endif /* MAIN_NO_ARGS */ + #ifdef WOLFSSL_ESPIDF int wolf_benchmark_task( ) +#elif defined(MAIN_NO_ARGS) +int main() #else int main(int argc, char** argv) #endif { int ret = 0; +#ifndef MAIN_NO_ARGS int optMatched; #ifdef WOLFSSL_ESPIDF int argc = construct_argv(); @@ -5393,7 +5445,9 @@ int main(int argc, char** argv) #ifndef WOLFSSL_BENCHMARK_ALL int i; #endif +#endif +#ifndef MAIN_NO_ARGS while (argc > 1) { if (string_matches(argv[1], "-?")) { if(--argc>1){ @@ -5499,6 +5553,7 @@ int main(int argc, char** argv) argc--; argv++; } +#endif /* MAIN_NO_ARGS */ #ifdef HAVE_STACK_SIZE ret = StackSizeCheck(NULL, benchmark_test); diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index 481313365..8f83bd5a3 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -259,6 +259,8 @@ static void wolfssl_log(const int logLevel, const char *const logMessage) LOG_DEBUG(&mynewt_log, LOG_MODULE_DEFAULT, "%s\n", logMessage); #elif defined(WOLFSSL_ESPIDF) ESP_LOGI("wolfssl", "%s", logMessage); +#elif defined(WOLFSSL_ZEPHYR) + printk("%s\n", logMessage); #else fprintf(stderr, "%s\n", logMessage); #endif diff --git a/wolfcrypt/src/memory.c b/wolfcrypt/src/memory.c index 0b4f7d96c..72c88a195 100644 --- a/wolfcrypt/src/memory.c +++ b/wolfcrypt/src/memory.c @@ -53,6 +53,19 @@ Possible memory options: * WOLFSSL_HEAP_TEST: Used for internal testing of heap hint */ +#ifdef WOLFSSL_ZEPHYR +#undef realloc +void *z_realloc(void *ptr, size_t size) +{ + if (ptr == NULL) + ptr = malloc(size); + else + ptr = realloc(ptr, size); + + return ptr; +} +#define realloc z_realloc +#endif #ifdef USE_WOLFSSL_MEMORY diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index a5fe6c838..239f5ce60 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -148,6 +148,7 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b) #elif defined(MICRIUM) #elif defined(WOLFSSL_NUCLEUS) #elif defined(WOLFSSL_PB) +#elif defined(WOLFSSL_ZEPHYR) #else /* include headers that may be needed to get good seed */ #include @@ -2157,6 +2158,32 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) #define USE_TEST_GENSEED +#elif defined(WOLFSSL_ZEPHYR) + + #include + #ifndef _POSIX_C_SOURCE + #include + #else + #include + #endif + + int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int ret = 0; + word32 rand; + while (sz > 0) { + word32 len = sizeof(rand); + if (sz < len) + len = sz; + rand = sys_rand32_get(); + XMEMCPY(output, &rand, sz); + output += len; + sz -= len; + } + + return ret; + } + #elif defined(NO_DEV_RANDOM) #error "you need to write an os specific wc_GenerateSeed() here" diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 8ad7390f6..6192271ad 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -298,6 +298,37 @@ int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name) return 0; } } while (FindNextFileA(ctx->hFind, &ctx->FindFileData)); +#elif defined(WOLFSSL_ZEPHYR) + if (fs_opendir(&ctx->dir, path) != 0) { + WOLFSSL_MSG("opendir path verify locations failed"); + return BAD_PATH_ERROR; + } + ctx->dirp = &ctx->dir; + + while ((fs_readdir(&ctx->dir, &ctx->entry)) != 0) { + dnameLen = (int)XSTRLEN(ctx->entry.name); + + if (pathLen + dnameLen + 2 >= MAX_FILENAME_SZ) { + ret = BAD_PATH_ERROR; + break; + } + XSTRNCPY(ctx->name, path, pathLen + 1); + ctx->name[pathLen] = '/'; + + /* Use dnameLen + 1 for GCC 8 warnings of truncating d_name. Because + * of earlier check it is known that dnameLen is less than + * MAX_FILENAME_SZ - (pathLen + 2) so dnameLen +1 will fit */ + XSTRNCPY(ctx->name + pathLen + 1, ctx->entry.name, dnameLen + 1); + if (fs_stat(ctx->name, &ctx->s) != 0) { + WOLFSSL_MSG("stat on name failed"); + ret = BAD_PATH_ERROR; + break; + } else if (ctx->s.type == FS_DIR_ENTRY_FILE) { + if (name) + *name = ctx->name; + return 0; + } + } #else ctx->dir = opendir(path); if (ctx->dir == NULL) { @@ -370,6 +401,31 @@ int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name) return 0; } } +#elif defined(WOLFSSL_ZEPHYR) + while ((fs_readdir(&ctx->dir, &ctx->entry)) != 0) { + dnameLen = (int)XSTRLEN(ctx->entry.name); + + if (pathLen + dnameLen + 2 >= MAX_FILENAME_SZ) { + ret = BAD_PATH_ERROR; + break; + } + XSTRNCPY(ctx->name, path, pathLen + 1); + ctx->name[pathLen] = '/'; + /* Use dnameLen + 1 for GCC 8 warnings of truncating d_name. Because + * of earlier check it is known that dnameLen is less than + * MAX_FILENAME_SZ - (pathLen + 2) so that dnameLen +1 will fit */ + XSTRNCPY(ctx->name + pathLen + 1, ctx->entry.name, dnameLen + 1); + + if (fs_stat(ctx->name, &ctx->s) != 0) { + WOLFSSL_MSG("stat on name failed"); + ret = BAD_PATH_ERROR; + break; + } else if (ctx->s.type == FS_DIR_ENTRY_FILE) { + if (name) + *name = ctx->name; + return 0; + } + } #else while ((ctx->entry = readdir(ctx->dir)) != NULL) { dnameLen = (int)XSTRLEN(ctx->entry->d_name); @@ -413,6 +469,11 @@ void wc_ReadDirClose(ReadDirCtx* ctx) FindClose(ctx->hFind); ctx->hFind = INVALID_HANDLE_VALUE; } +#elif defined(WOLFSSL_ZEPHYR) + if (ctx->dirp) { + fs_closedir(ctx->dirp); + ctx->dirp = NULL; + } #else if (ctx->dir) { closedir(ctx->dir); @@ -423,6 +484,37 @@ void wc_ReadDirClose(ReadDirCtx* ctx) #endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ +#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_ZEPHYR) +XFILE z_fs_open(const char* filename, const char* perm) +{ + XFILE file; + + file = XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE); + if (file != NULL) { + if (fs_open(file, filename) != 0) { + XFREE(file); + file = NULL; + } + } + + return file; +} + +int z_fs_close(XFILE file) +{ + int ret; + + if (file == NULL) + return -1; + ret = (fs_close(file) == 0) ? 0 : -1; + + XFREE(file, NULL, DYNAMIC_TYPE_FILE); + + return ret; +} + +#endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */ + wolfSSL_Mutex* wc_InitAndAllocMutex(void) { @@ -1468,6 +1560,37 @@ int wolfSSL_CryptHwMutexUnLock(void) { return BAD_MUTEX_E; } +#elif defined(WOLFSSL_ZEPHYR) + + int wc_InitMutex(wolfSSL_Mutex* m) + { + k_mutex_init(m); + + return 0; + } + + int wc_FreeMutex(wolfSSL_Mutex* m) + { + return 0; + } + + int wc_LockMutex(wolfSSL_Mutex* m) + { + int ret = 0; + + if (k_mutex_lock(m, K_FOREVER) != 0) + ret = BAD_MUTEX_E; + + return ret; + } + + int wc_UnLockMutex(wolfSSL_Mutex* m) + { + k_mutex_unlock(m); + + return 0; + } + #else #warning No mutex handling defined @@ -1639,7 +1762,6 @@ time_t deos_time(time_t* timer) } #endif /* WOLFSSL_DEOS */ - #if defined(MICRIUM) time_t micrium_time(time_t* timer) @@ -1717,6 +1839,22 @@ time_t XTIME(time_t * timer) } #endif /* WOLFSSL_XILINX */ + +#if defined(WOLFSSL_ZEPHYR) + +time_t z_time(time_t * timer) +{ + struct timespec ts; + + if (clock_gettime(CLOCK_REALTIME, &ts) == 0) + if (timer != NULL) + *timer = ts.tv_sec; + + return ts.tv_sec; +} + +#endif /* WOLFSSL_ZEPHYR */ + #endif /* !NO_ASN_TIME */ #ifndef WOLFSSL_LEANPSK diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 21b032f86..122c08112 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -187,6 +187,10 @@ #elif defined(WOLFSSL_ESPIDF) #include #include +#elif defined(WOLFSSL_ZEPHYR) + #include + + #define printf printk #else #include #endif @@ -430,7 +434,7 @@ static void myFipsCb(int ok, int err, const char* hash) #elif defined(WOLFSSL_CERT_EXT) static byte gTestMemory[140000]; #elif defined(USE_FAST_MATH) && !defined(ALT_ECC_SIZE) - static byte gTestMemory[150000]; + static byte gTestMemory[160000]; #else static byte gTestMemory[80000]; #endif @@ -468,7 +472,7 @@ int wolfcrypt_test(void* args) if (wc_LoadStaticMemory(&HEAP_HINT, gTestMemory, sizeof(gTestMemory), WOLFMEM_GENERAL, 1) != 0) { printf("unable to load static memory"); - exit(EXIT_FAILURE); + return(EXIT_FAILURE); } #endif @@ -1070,6 +1074,8 @@ initDefaultName(); if (args) ((func_args*)args)->return_code = ret; + printf("Test complete\n"); + EXIT_TEST(ret); } @@ -1164,14 +1170,14 @@ static int _SaveDerAndPem(const byte* der, int derSz, { #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) int ret; - FILE* derFile; + XFILE derFile; - derFile = fopen(fileDer, "wb"); + derFile = XFOPEN(fileDer, "wb"); if (!derFile) { return errBase + 0; } - ret = (int)fwrite(der, 1, derSz, derFile); - fclose(derFile); + ret = (int)XFWRITE(der, 1, derSz, derFile); + XFCLOSE(derFile); if (ret != derSz) { return errBase + 1; } @@ -1179,7 +1185,7 @@ static int _SaveDerAndPem(const byte* der, int derSz, if (pem && filePem) { #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) - FILE* pemFile; + XFILE pemFile; #endif #ifdef WOLFSSL_DER_TO_PEM pemSz = wc_DerToPem(der, derSz, pem, pemSz, pemType); @@ -1188,12 +1194,12 @@ static int _SaveDerAndPem(const byte* der, int derSz, } #endif #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) - pemFile = fopen(filePem, "wb"); + pemFile = XFOPEN(filePem, "wb"); if (!pemFile) { return errBase + 3; } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - fclose(pemFile); + ret = (int)XFWRITE(pem, 1, pemSz, pemFile); + XFCLOSE(pemFile); if (ret != pemSz) { return errBase + 4; } @@ -8830,7 +8836,7 @@ int cert_test(void) DecodedCert cert; byte* tmp; size_t bytes; - FILE *file; + XFILE file; int ret; tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -8839,15 +8845,15 @@ int cert_test(void) /* Certificate with Name Constraints extension. */ #ifdef FREESCALE_MQX - file = fopen(".\\certs\\test\\cert-ext-nc.der", "rb"); + file = XFOPEN(".\\certs\\test\\cert-ext-nc.der", "rb"); #else - file = fopen("./certs/test/cert-ext-nc.der", "rb"); + file = XFOPEN("./certs/test/cert-ext-nc.der", "rb"); #endif if (!file) { ERROR_OUT(-6601, done); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); InitDecodedCert(&cert, tmp, (word32)bytes, 0); ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, NULL); if (ret != 0) { @@ -8857,15 +8863,15 @@ int cert_test(void) /* Certificate with Inhibit Any Policy extension. */ #ifdef FREESCALE_MQX - file = fopen(".\\certs\\test\\cert-ext-ia.der", "rb"); + file = XFOPEN(".\\certs\\test\\cert-ext-ia.der", "rb"); #else - file = fopen("./certs/test/cert-ext-ia.der", "rb"); + file = XFOPEN("./certs/test/cert-ext-ia.der", "rb"); #endif if (!file) { ERROR_OUT(-6603, done); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); InitDecodedCert(&cert, tmp, (word32)bytes, 0); ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, NULL); if (ret != 0) { @@ -8886,7 +8892,7 @@ int certext_test(void) DecodedCert cert; byte* tmp; size_t bytes; - FILE *file; + XFILE file; int ret; /* created from rsa_test : othercert.der */ @@ -8919,14 +8925,14 @@ int certext_test(void) return -6700; /* load othercert.der (Cert signed by an authority) */ - file = fopen(otherCertDerFile, "rb"); + file = XFOPEN(otherCertDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -6701; } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); InitDecodedCert(&cert, tmp, (word32)bytes, 0); @@ -8966,14 +8972,14 @@ int certext_test(void) #ifdef HAVE_ECC /* load certecc.der (Cert signed by our ECC CA test in ecc_test_cert_gen) */ - file = fopen(certEccDerFile, "rb"); + file = XFOPEN(certEccDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -6710; } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); InitDecodedCert(&cert, tmp, (word32)bytes, 0); @@ -9014,14 +9020,14 @@ int certext_test(void) #endif /* HAVE_ECC */ /* load cert.der (self signed certificate) */ - file = fopen(certDerFile, "rb"); + file = XFOPEN(certDerFile, "rb"); if (!file) { XFREE(tmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); return -6719; } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); InitDecodedCert(&cert, tmp, (word32)bytes, 0); @@ -10074,7 +10080,7 @@ int rsa_no_pad_test(void) word32 plainSz = RSA_TEST_BYTES; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) \ && !defined(NO_FILESYSTEM) - FILE *file; + XFILE file; #endif DECLARE_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT); DECLARE_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT); @@ -10108,15 +10114,15 @@ int rsa_no_pad_test(void) #elif defined(USE_CERT_BUFFERS_2048) XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048); #elif !defined(NO_FILESYSTEM) - file = fopen(clientKey, "rb"); + file = XFOPEN(clientKey, "rb"); if (!file) { err_sys("can't open ./certs/client-key.der, " "Please run from wolfSSL home dir", -40); ERROR_OUT(-6901, exit_rsa_nopadding); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #else /* No key to use. */ ERROR_OUT(-6902, exit_rsa_nopadding); @@ -10276,7 +10282,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp) size_t bytes3; word32 idx3 = 0; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - FILE* file3; + XFILE file3; #endif #ifdef WOLFSSL_TEST_CERT DecodedCert decode; @@ -10397,12 +10403,12 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp) XMEMCPY(tmp, ca_cert_der_2048, sizeof_ca_cert_der_2048); bytes3 = sizeof_ca_cert_der_2048; #else - file3 = fopen(rsaCaCertDerFile, "rb"); + file3 = XFOPEN(rsaCaCertDerFile, "rb"); if (!file3) { ERROR_OUT(-6930, exit_rsa); } - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); + bytes3 = XFREAD(tmp, 1, FOURK_BUF, file3); + XFCLOSE(file3); #endif /* USE_CERT_BUFFERS */ #if !defined(NO_FILESYSTEM) && !defined(USE_CERT_BUFFERS_1024) && \ @@ -10440,13 +10446,13 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp) XMEMCPY(tmp, ca_key_der_2048, sizeof_ca_key_der_2048); bytes3 = sizeof_ca_key_der_2048; #else - file3 = fopen(rsaCaKeyFile, "rb"); + file3 = XFOPEN(rsaCaKeyFile, "rb"); if (!file3) { ERROR_OUT(-6935, exit_rsa); } - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); + bytes3 = XFREAD(tmp, 1, FOURK_BUF, file3); + XFCLOSE(file3); #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&caKey, HEAP_HINT); @@ -10575,7 +10581,7 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp) word32 idx3 = 0; #if (!defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)) \ || !defined(USE_CERT_BUFFERS_256) - FILE* file3; + XFILE file3; #endif #ifdef WOLFSSL_TEST_CERT DecodedCert decode; @@ -10607,13 +10613,13 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp) XMEMCPY(tmp, ca_key_der_2048, sizeof_ca_key_der_2048); bytes3 = sizeof_ca_key_der_2048; #else - file3 = fopen(rsaCaKeyFile, "rb"); + file3 = XFOPEN(rsaCaKeyFile, "rb"); if (!file3) { ERROR_OUT(-6948, exit_rsa); } - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); + bytes3 = XFREAD(tmp, 1, FOURK_BUF, file3); + XFCLOSE(file3); #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&caKey, HEAP_HINT); @@ -10630,13 +10636,13 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp) XMEMCPY(tmp, ecc_key_pub_der_256, sizeof_ecc_key_pub_der_256); bytes3 = sizeof_ecc_key_pub_der_256; #else - file3 = fopen(eccKeyPubFile, "rb"); + file3 = XFOPEN(eccKeyPubFile, "rb"); if (!file3) { ERROR_OUT(-6951, exit_rsa); } - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); + bytes3 = XFREAD(tmp, 1, FOURK_BUF, file3); + XFCLOSE(file3); #endif ret = wc_ecc_init_ex(&caEccKeyPub, HEAP_HINT, devId); @@ -10870,7 +10876,8 @@ int rsa_test(void) const word32 plainSz = RSA_TEST_BYTES; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) \ && !defined(NO_FILESYSTEM) - FILE *file, *file2; + XFILE file; + XFILE file2; #endif #ifdef WOLFSSL_TEST_CERT DecodedCert cert; @@ -10927,15 +10934,15 @@ int rsa_test(void) #elif defined(USE_CERT_BUFFERS_2048) XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048); #elif !defined(NO_FILESYSTEM) - file = fopen(clientKey, "rb"); + file = XFOPEN(clientKey, "rb"); if (!file) { err_sys("can't open ./certs/client-key.der, " "Please run from wolfSSL home dir", -40); ERROR_OUT(-7001, exit_rsa); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #else /* No key to use. */ ERROR_OUT(-7002, exit_rsa); @@ -11447,13 +11454,13 @@ int rsa_test(void) XMEMCPY(tmp, client_cert_der_2048, (size_t)sizeof_client_cert_der_2048); bytes = (size_t)sizeof_client_cert_der_2048; #elif !defined(NO_FILESYSTEM) - file2 = fopen(clientCert, "rb"); + file2 = XFOPEN(clientCert, "rb"); if (!file2) { ERROR_OUT(-7038, exit_rsa); } - bytes = fread(tmp, 1, FOURK_BUF, file2); - fclose(file2); + bytes = XFREAD(tmp, 1, FOURK_BUF, file2); + XFCLOSE(file2); #else /* No certificate to use. */ ERROR_OUT(-7039, exit_rsa); @@ -11486,15 +11493,15 @@ int rsa_test(void) XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048); bytes = sizeof_client_keypub_der_2048; #else - file = fopen(clientKeyPub, "rb"); + file = XFOPEN(clientKeyPub, "rb"); if (!file) { err_sys("can't open ./certs/client-keyPub.der, " "Please run from wolfSSL home dir", -40); ERROR_OUT(-7041, exit_rsa); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&keypub, HEAP_HINT); @@ -11531,9 +11538,9 @@ int rsa_test(void) { Cert myCert; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - FILE* caFile; + XFILE caFile; #endif - FILE* ntruPrivFile; + XFILE ntruPrivFile; int certSz; word32 idx3 = 0; #ifdef WOLFSSL_TEST_CERT @@ -11579,13 +11586,13 @@ int rsa_test(void) XMEMCPY(tmp, ca_key_der_2048, sizeof_ca_key_der_2048); bytes = sizeof_ca_key_der_2048; #else - caFile = fopen(rsaCaKeyFile, "rb"); + caFile = XFOPEN(rsaCaKeyFile, "rb"); if (!caFile) { ERROR_OUT(-7048, exit_rsa); } - bytes = fread(tmp, 1, FOURK_BUF, caFile); - fclose(caFile); + bytes = XFREAD(tmp, 1, FOURK_BUF, caFile); + XFCLOSE(caFile); #endif /* USE_CERT_BUFFERS */ ret = wc_InitRsaKey(&caKey, HEAP_HINT); @@ -11692,12 +11699,12 @@ int rsa_test(void) } #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) - ntruPrivFile = fopen("./ntru-key.raw", "wb"); + ntruPrivFile = XFOPEN("./ntru-key.raw", "wb"); if (!ntruPrivFile) { ERROR_OUT(-7061, exit_rsa); } - ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); - fclose(ntruPrivFile); + ret = (int)XFWRITE(private_key, 1, private_key_len, ntruPrivFile); + XFCLOSE(ntruPrivFile); if (ret != private_key_len) { ERROR_OUT(-7062, exit_rsa); } @@ -12159,12 +12166,12 @@ int dh_test(void) #elif defined(NO_ASN) /* don't use file, no DER parsing */ #elif !defined(NO_FILESYSTEM) - FILE* file = fopen(dhKey, "rb"); + XFILE file = XFOPEN(dhKey, "rb"); if (!file) return -7100; - bytes = (word32) fread(tmp, 1, sizeof(tmp), file); - fclose(file); + bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), file); + XFCLOSE(file); #else /* No DH key to use. */ return -7101; @@ -12326,12 +12333,12 @@ int dsa_test(void) XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); bytes = sizeof_dsa_key_der_2048; #else - FILE* file = fopen(dsaKey, "rb"); + XFILE file = XFOPEN(dsaKey, "rb"); if (!file) return -7200; - bytes = (word32) fread(tmp, 1, sizeof(tmp), file); - fclose(file); + bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), file); + XFCLOSE(file); #endif /* USE_CERT_BUFFERS */ ret = wc_InitSha_ex(&sha, HEAP_HINT, devId); @@ -14129,7 +14136,8 @@ int openssl_pkey0_test(void) size_t keySz; byte plain[256]; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - FILE *keyFile, *keypubFile; + XFILE keyFile; + XFILE keypubFile; char cliKey[] = "./certs/client-key.der"; char cliKeypub[] = "./certs/client-keyPub.der"; @@ -14155,7 +14163,7 @@ int openssl_pkey0_test(void) XMEMCPY(pubTmp, client_keypub_der_2048, sizeof_client_keypub_der_2048); pubBytes = sizeof_client_keypub_der_2048; #else - keyFile = fopen(cliKey, "rb"); + keyFile = XFOPEN(cliKey, "rb"); if (!keyFile) { XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); @@ -14163,9 +14171,9 @@ int openssl_pkey0_test(void) "Please run from wolfSSL home dir", ERR_BASE_PKEY-3); return ERR_BASE_PKEY-3; } - prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile); - fclose(keyFile); - keypubFile = fopen(cliKeypub, "rb"); + prvBytes = (int)XFREAD(prvTmp, 1, (int)FOURK_BUFF, keyFile); + XFCLOSE(keyFile); + keypubFile = XFOPEN(cliKeypub, "rb"); if (!keypubFile) { XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); @@ -14173,8 +14181,8 @@ int openssl_pkey0_test(void) "Please run from wolfSSL home dir", -4); return ERR_BASE_PKEY-4; } - pubBytes = (int)fread(pubTmp, 1, (int)FOURK_BUFF, keypubFile); - fclose(keypubFile); + pubBytes = (int)XFREAD(pubTmp, 1, (int)FOURK_BUFF, keypubFile); + XFCLOSE(keypubFile); #endif /* USE_CERT_BUFFERS */ prvRsa = wolfSSL_RSA_new(); @@ -14351,9 +14359,9 @@ int openssl_pkey1_test(void) x509 = wolfSSL_X509_load_certificate_buffer(client_cert_der_2048, sizeof_client_cert_der_2048, SSL_FILETYPE_ASN1); #else - FILE* f; + XFILE f; - f = fopen(clientKey, "rb"); + f = XFOPEN(clientKey, "rb"); if (!f) { err_sys("can't open ./certs/client-key.der, " @@ -14361,8 +14369,8 @@ int openssl_pkey1_test(void) return -7700; } - cliKeySz = (long)fread(tmp, 1, FOURK_BUF, f); - fclose(f); + cliKeySz = (long)XFREAD(tmp, 1, FOURK_BUF, f); + XFCLOSE(f); /* using existing wolfSSL api to get public and private key */ x509 = wolfSSL_X509_load_certificate_file(clientCert, SSL_FILETYPE_ASN1); @@ -14495,7 +14503,8 @@ int openssl_evpSig_test(void) int ret, ret1, ret2; #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - FILE *keyFile, *keypubFile; + XFILE keyFile; + XFILE keypubFile; char cliKey[] = "./certs/client-key.der"; char cliKeypub[] = "./certs/client-keyPub.der"; #endif @@ -14520,7 +14529,7 @@ int openssl_evpSig_test(void) XMEMCPY(pubTmp, client_keypub_der_2048, sizeof_client_keypub_der_2048); pubBytes = sizeof_client_keypub_der_2048; #else - keyFile = fopen(cliKey, "rb"); + keyFile = XFOPEN(cliKey, "rb"); if (!keyFile) { XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); @@ -14528,9 +14537,9 @@ int openssl_evpSig_test(void) "Please run from wolfSSL home dir", -40); return ERR_BASE_EVPSIG-3; } - prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile); - fclose(keyFile); - keypubFile = fopen(cliKeypub, "rb"); + prvBytes = (int)XFREAD(prvTmp, 1, (int)FOURK_BUFF, keyFile); + XFCLOSE(keyFile); + keypubFile = XFOPEN(cliKeypub, "rb"); if (!keypubFile) { XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER); @@ -14538,8 +14547,8 @@ int openssl_evpSig_test(void) "Please run from wolfSSL home dir", -41); return ERR_BASE_EVPSIG-4; } - pubBytes = (int)fread(pubTmp, 1, (int)FOURK_BUFF, keypubFile); - fclose(keypubFile); + pubBytes = (int)XFREAD(pubTmp, 1, (int)FOURK_BUFF, keypubFile); + XFCLOSE(keypubFile); #endif /* USE_CERT_BUFFERS */ prvRsa = wolfSSL_RSA_new(); @@ -15467,10 +15476,10 @@ static int ecc_test_cdh_vectors(void) const char* ZIUT = "46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b"; /* setup private and public keys */ - ret = wc_ecc_init(&pub_key); + ret = wc_ecc_init_ex(&pub_key, HEAP_HINT, devId); if (ret != 0) return ret; - ret = wc_ecc_init(&priv_key); + ret = wc_ecc_init_ex(&priv_key, HEAP_HINT, devId); if (ret != 0) { wc_ecc_free(&pub_key); goto done; @@ -15528,10 +15537,10 @@ static int ecc_test_make_pub(WC_RNG* rng) int verify = 0; #endif #ifndef USE_CERT_BUFFERS_256 - FILE* file; + XFILE file; #endif - wc_ecc_init(&key); + wc_ecc_init_ex(&key, HEAP_HINT, devId); tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { @@ -15547,13 +15556,13 @@ static int ecc_test_make_pub(WC_RNG* rng) XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256); tmpSz = (size_t)sizeof_ecc_key_der_256; #else - file = fopen(eccKeyDerFile, "rb"); + file = XFOPEN(eccKeyDerFile, "rb"); if (!file) { ERROR_OUT(-8313, done); } - tmpSz = (word32)fread(tmp, 1, FOURK_BUF, file); - fclose(file); + tmpSz = (word32)XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #endif /* USE_CERT_BUFFERS_256 */ /* import private only then test with */ @@ -15582,7 +15591,7 @@ static int ecc_test_make_pub(WC_RNG* rng) /* make private only key */ wc_ecc_free(&key); - wc_ecc_init(&key); + wc_ecc_init_ex(&key, HEAP_HINT, devId); ret = wc_ecc_import_private_key(exportBuf, x, NULL, 0, &key); if (ret != 0) { ERROR_OUT(-8318, done); @@ -15659,7 +15668,7 @@ static int ecc_test_make_pub(WC_RNG* rng) /* make private only key */ wc_ecc_free(&key); - wc_ecc_init(&key); + wc_ecc_init_ex(&key, HEAP_HINT, devId); ret = wc_ecc_import_private_key(exportBuf, x, NULL, 0, &key); if (ret != 0) { ERROR_OUT(-8329, done); @@ -15673,7 +15682,7 @@ static int ecc_test_make_pub(WC_RNG* rng) } /* make public key for shared secret */ - wc_ecc_init(&pub); + wc_ecc_init_ex(&pub, HEAP_HINT, devId); ret = wc_ecc_make_key(rng, 32, &pub); #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &pub.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); @@ -16434,7 +16443,7 @@ static int ecc_exp_imp_test(ecc_key* key) const char d[] = "8c14b793cb19137e323a6d2e2a870bca" "2e7a493ec1153b3a95feb8a4873f8d08"; - wc_ecc_init(&keyImp); + wc_ecc_init_ex(&keyImp, HEAP_HINT, devId); privLen = sizeof(priv); ret = wc_ecc_export_private_only(key, priv, &privLen); @@ -16456,7 +16465,7 @@ static int ecc_exp_imp_test(ecc_key* key) } wc_ecc_free(&keyImp); - wc_ecc_init(&keyImp); + wc_ecc_init_ex(&keyImp, HEAP_HINT, devId); ret = wc_ecc_import_raw_ex(&keyImp, qx, qy, d, ECC_SECP256R1); if (ret != 0) { @@ -16465,7 +16474,7 @@ static int ecc_exp_imp_test(ecc_key* key) } wc_ecc_free(&keyImp); - wc_ecc_init(&keyImp); + wc_ecc_init_ex(&keyImp, HEAP_HINT, devId); curve_id = wc_ecc_get_curve_id(key->idx); if (curve_id < 0) { @@ -16482,7 +16491,7 @@ static int ecc_exp_imp_test(ecc_key* key) } wc_ecc_free(&keyImp); - wc_ecc_init(&keyImp); + wc_ecc_init_ex(&keyImp, HEAP_HINT, devId); /* test export public raw */ pubLenX = pubLenY = 32; @@ -16502,7 +16511,7 @@ static int ecc_exp_imp_test(ecc_key* key) #endif wc_ecc_free(&keyImp); - wc_ecc_init(&keyImp); + wc_ecc_init_ex(&keyImp, HEAP_HINT, devId); /* test export private and public raw */ pubLenX = pubLenY = privLen = 32; @@ -16536,8 +16545,8 @@ static int ecc_mulmod_test(ecc_key* key1) ecc_key key2; ecc_key key3; - wc_ecc_init(&key2); - wc_ecc_init(&key3); + wc_ecc_init_ex(&key2, HEAP_HINT, devId); + wc_ecc_init_ex(&key3, HEAP_HINT, devId); /* TODO: Use test data, test with WOLFSSL_VALIDATE_ECC_IMPORT. */ /* Need base point (Gx,Gy) and parameter A - load them as the public and @@ -16603,7 +16612,7 @@ static int ecc_def_curve_test(WC_RNG *rng) int ret; ecc_key key; - wc_ecc_init(&key); + wc_ecc_init_ex(&key, HEAP_HINT, devId); /* Use API */ ret = wc_ecc_set_flags(NULL, 0); @@ -16687,7 +16696,7 @@ static int ecc_decode_test(void) 0x03, 0x03, 0x00, 0x04, 0x01 }; XMEMSET(&key, 0, sizeof(key)); - wc_ecc_init(&key); + wc_ecc_init_ex(&key, HEAP_HINT, devId); inSz = sizeof(good); ret = wc_EccPublicKeyDecode(NULL, &inOutIdx, &key, inSz); @@ -16912,7 +16921,7 @@ static int ecc_test_cert_gen(WC_RNG* rng) size_t bytes; word32 idx = 0; #ifndef USE_CERT_BUFFERS_256 - FILE* file; + XFILE file; #endif #ifdef WOLFSSL_TEST_CERT DecodedCert decode; @@ -16941,13 +16950,13 @@ static int ecc_test_cert_gen(WC_RNG* rng) XMEMCPY(der, ca_ecc_key_der_384, sizeof_ca_ecc_key_der_384); bytes = sizeof_ca_ecc_key_der_384; #else - file = fopen(eccCaKey384File, "rb"); + file = XFOPEN(eccCaKey384File, "rb"); if (!file) { ERROR_OUT(-8519, exit); } - bytes = fread(der, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(der, 1, FOURK_BUF, file); + XFCLOSE(file); (void)eccCaKeyFile; #endif /* USE_CERT_BUFFERS_256 */ #else @@ -16955,12 +16964,12 @@ static int ecc_test_cert_gen(WC_RNG* rng) XMEMCPY(der, ca_ecc_key_der_256, sizeof_ca_ecc_key_der_256); bytes = sizeof_ca_ecc_key_der_256; #else - file = fopen(eccCaKeyFile, "rb"); + file = XFOPEN(eccCaKeyFile, "rb"); if (!file) { ERROR_OUT(-8520, exit); } - bytes = fread(der, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(der, 1, FOURK_BUF, file); + XFCLOSE(file); #ifdef ENABLE_ECC384_CERT_GEN_TEST (void)eccCaKey384File; #endif @@ -17845,7 +17854,7 @@ static int ed25519_test_cert(void) int ret; byte* tmp; size_t bytes; - FILE* file; + XFILE file; tmp = XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { @@ -17856,12 +17865,12 @@ static int ed25519_test_cert(void) XMEMCPY(tmp, ca_ed25519_cert, sizeof_ca_ed25519_cert); bytes = sizeof_ca_ed25519_cert; #elif !defined(NO_FILESYSTEM) - file = fopen(caEd25519Cert, "rb"); + file = XFOPEN(caEd25519Cert, "rb"); if (file == NULL) { ERROR_OUT(-8824, done); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #else /* No certificate to use. */ ERROR_OUT(-8825, done); @@ -17878,12 +17887,12 @@ static int ed25519_test_cert(void) XMEMCPY(tmp, server_ed25519_cert, sizeof_server_ed25519_cert); bytes = sizeof_server_ed25519_cert; #elif !defined(NO_FILESYSTEM) - file = fopen(serverEd25519Cert, "rb"); + file = XFOPEN(serverEd25519Cert, "rb"); if (file == NULL) { ERROR_OUT(-8827, done); } - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); + bytes = XFREAD(tmp, 1, FOURK_BUF, file); + XFCLOSE(file); #else /* No certificate to use. */ ERROR_OUT(-8828, done); @@ -19098,8 +19107,8 @@ static int pkcs7_load_certs_keys( byte* eccClientPrivKeyBuf, word32* eccClientPrivKeyBufSz) { #ifndef NO_FILESYSTEM - FILE* certFile; - FILE* keyFile; + XFILE certFile; + XFILE keyFile; #endif #ifndef NO_RSA @@ -19166,32 +19175,32 @@ static int pkcs7_load_certs_keys( *rsaCaCertBufSz = sizeof_ca_cert_der_2048; } #else - certFile = fopen(clientCert, "rb"); + certFile = XFOPEN(clientCert, "rb"); if (!certFile) return -9210; - *rsaClientCertBufSz = (word32)fread(rsaClientCertBuf, 1, + *rsaClientCertBufSz = (word32)XFREAD(rsaClientCertBuf, 1, *rsaClientCertBufSz, certFile); - fclose(certFile); + XFCLOSE(certFile); if (rsaServerCertBuf != NULL) { - certFile = fopen(rsaServerCertDerFile, "rb"); + certFile = XFOPEN(rsaServerCertDerFile, "rb"); if (!certFile) return -9211; - *rsaServerCertBufSz = (word32)fread(rsaServerCertBuf, 1, + *rsaServerCertBufSz = (word32)XFREAD(rsaServerCertBuf, 1, *rsaServerCertBufSz, certFile); - fclose(certFile); + XFCLOSE(certFile); } if (rsaCaCertBuf != NULL) { - certFile = fopen(rsaCaCertDerFile, "rb"); + certFile = XFOPEN(rsaCaCertDerFile, "rb"); if (!certFile) return -9212; - *rsaCaCertBufSz = (word32)fread(rsaCaCertBuf, 1, *rsaCaCertBufSz, + *rsaCaCertBufSz = (word32)XFREAD(rsaCaCertBuf, 1, *rsaCaCertBufSz, certFile); - fclose(certFile); + XFCLOSE(certFile); } #endif @@ -19244,32 +19253,32 @@ static int pkcs7_load_certs_keys( *rsaCaPrivKeyBufSz = sizeof_ca_key_der_2048; } #else - keyFile = fopen(clientKey, "rb"); + keyFile = XFOPEN(clientKey, "rb"); if (!keyFile) return -9219; - *rsaClientPrivKeyBufSz = (word32)fread(rsaClientPrivKeyBuf, 1, + *rsaClientPrivKeyBufSz = (word32)XFREAD(rsaClientPrivKeyBuf, 1, *rsaClientPrivKeyBufSz, keyFile); - fclose(keyFile); + XFCLOSE(keyFile); if (rsaServerPrivKeyBuf != NULL) { - keyFile = fopen(rsaServerKeyDerFile, "rb"); + keyFile = XFOPEN(rsaServerKeyDerFile, "rb"); if (!keyFile) return -9220; - *rsaServerPrivKeyBufSz = (word32)fread(rsaServerPrivKeyBuf, 1, + *rsaServerPrivKeyBufSz = (word32)XFREAD(rsaServerPrivKeyBuf, 1, *rsaServerPrivKeyBufSz, keyFile); - fclose(keyFile); + XFCLOSE(keyFile); } if (rsaCaPrivKeyBuf != NULL) { - keyFile = fopen(rsaCaKeyFile, "rb"); + keyFile = XFOPEN(rsaCaKeyFile, "rb"); if (!keyFile) return -9221; - *rsaCaPrivKeyBufSz = (word32)fread(rsaCaPrivKeyBuf, 1, + *rsaCaPrivKeyBufSz = (word32)XFREAD(rsaCaPrivKeyBuf, 1, *rsaCaPrivKeyBufSz, keyFile); - fclose(keyFile); + XFCLOSE(keyFile); } #endif /* USE_CERT_BUFFERS */ @@ -19285,13 +19294,13 @@ static int pkcs7_load_certs_keys( XMEMCPY(eccClientCertBuf, cliecc_cert_der_256, sizeof_cliecc_cert_der_256); *eccClientCertBufSz = sizeof_cliecc_cert_der_256; #else - certFile = fopen(eccClientCert, "rb"); + certFile = XFOPEN(eccClientCert, "rb"); if (!certFile) return -9211; - *eccClientCertBufSz = (word32)fread(eccClientCertBuf, 1, + *eccClientCertBufSz = (word32)XFREAD(eccClientCertBuf, 1, *eccClientCertBufSz, certFile); - fclose(certFile); + XFCLOSE(certFile); #endif /* USE_CERT_BUFFERS_256 */ #ifdef USE_CERT_BUFFERS_256 @@ -19301,13 +19310,13 @@ static int pkcs7_load_certs_keys( XMEMCPY(eccClientPrivKeyBuf, ecc_clikey_der_256, sizeof_ecc_clikey_der_256); *eccClientPrivKeyBufSz = sizeof_ecc_clikey_der_256; #else - keyFile = fopen(eccClientKey, "rb"); + keyFile = XFOPEN(eccClientKey, "rb"); if (!keyFile) return -9213; - *eccClientPrivKeyBufSz = (word32)fread(eccClientPrivKeyBuf, 1, + *eccClientPrivKeyBufSz = (word32)XFREAD(eccClientPrivKeyBuf, 1, *eccClientPrivKeyBufSz, keyFile); - fclose(keyFile); + XFCLOSE(keyFile); #endif /* USE_CERT_BUFFERS_256 */ #endif /* HAVE_ECC */ @@ -19473,7 +19482,7 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, byte decoded[2048]; PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* pkcs7File; + XFILE pkcs7File; #endif const byte data[] = { /* Hello World */ @@ -19827,14 +19836,14 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, #endif #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* output pkcs7 envelopedData for external testing */ - pkcs7File = fopen(testVectors[i].outFileName, "wb"); + pkcs7File = XFOPEN(testVectors[i].outFileName, "wb"); if (!pkcs7File) { wc_PKCS7_Free(pkcs7); return -9327; } - ret = (int)fwrite(enveloped, 1, envelopedSz, pkcs7File); - fclose(pkcs7File); + ret = (int)XFWRITE(enveloped, 1, envelopedSz, pkcs7File); + XFCLOSE(pkcs7File); if (ret != envelopedSz) { wc_PKCS7_Free(pkcs7); return -9328; @@ -20015,7 +20024,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, WC_RNG rng; PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* pkcs7File; + XFILE pkcs7File; #endif const byte data[] = { /* Hello World */ @@ -20457,14 +20466,14 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* output pkcs7 envelopedData for external testing */ - pkcs7File = fopen(testVectors[i].outFileName, "wb"); + pkcs7File = XFOPEN(testVectors[i].outFileName, "wb"); if (!pkcs7File) { wc_PKCS7_Free(pkcs7); return -9388; } - ret = (int)fwrite(enveloped, 1, envelopedSz, pkcs7File); - fclose(pkcs7File); + ret = (int)XFWRITE(enveloped, 1, envelopedSz, pkcs7File); + XFCLOSE(pkcs7File); if (ret != envelopedSz) { wc_PKCS7_Free(pkcs7); return -9389; @@ -20608,7 +20617,7 @@ int pkcs7encrypted_test(void) byte encrypted[2048]; byte decoded[2048]; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* pkcs7File; + XFILE pkcs7File; #endif PKCS7Attrib* expectedAttrib; @@ -20819,14 +20828,14 @@ int pkcs7encrypted_test(void) #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* output pkcs7 envelopedData for external testing */ - pkcs7File = fopen(testVectors[i].outFileName, "wb"); + pkcs7File = XFOPEN(testVectors[i].outFileName, "wb"); if (!pkcs7File) { wc_PKCS7_Free(pkcs7); return -9406; } - ret = (int)fwrite(encrypted, encryptedSz, 1, pkcs7File); - fclose(pkcs7File); + ret = (int)XFWRITE(encrypted, encryptedSz, 1, pkcs7File); + XFCLOSE(pkcs7File); if (ret > 0) ret = 0; @@ -20860,7 +20869,7 @@ int pkcs7compressed_test(void) byte compressed[2048]; byte decoded[2048]; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* pkcs7File; + XFILE pkcs7File; #endif const byte data[] = { /* Hello World */ @@ -20917,14 +20926,14 @@ int pkcs7compressed_test(void) #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* output pkcs7 compressedData for external testing */ - pkcs7File = fopen(testVectors[i].outFileName, "wb"); + pkcs7File = XFOPEN(testVectors[i].outFileName, "wb"); if (!pkcs7File) { wc_PKCS7_Free(pkcs7); return -9455; } - ret = (int)fwrite(compressed, compressedSz, 1, pkcs7File); - fclose(pkcs7File); + ret = (int)XFWRITE(compressed, compressedSz, 1, pkcs7File); + XFCLOSE(pkcs7File); if (ret > 0) ret = 0; @@ -20984,7 +20993,7 @@ static int pkcs7signed_run_vectors( WC_RNG rng; PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* file; + XFILE file; #endif const byte data[] = { /* Hello World */ @@ -21343,14 +21352,14 @@ static int pkcs7signed_run_vectors( #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* write PKCS#7 to output file for more testing */ - file = fopen(testVectors[i].outFileName, "wb"); + file = XFOPEN(testVectors[i].outFileName, "wb"); if (!file) { XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_PKCS7_Free(pkcs7); return -9523; } - ret = (int)fwrite(out, 1, encodedSz, file); - fclose(file); + ret = (int)XFWRITE(out, 1, encodedSz, file); + XFCLOSE(file); if (ret != (int)encodedSz) { XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_PKCS7_Free(pkcs7); @@ -21430,14 +21439,14 @@ static int pkcs7signed_run_vectors( } #ifdef PKCS7_OUTPUT_TEST_BUNDLES - file = fopen("./pkcs7cert.der", "wb"); + file = XFOPEN("./pkcs7cert.der", "wb"); if (!file) { XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_PKCS7_Free(pkcs7); return -9533; } - ret = (int)fwrite(pkcs7->singleCert, 1, pkcs7->singleCertSz, file); - fclose(file); + ret = (int)XFWRITE(pkcs7->singleCert, 1, pkcs7->singleCertSz, file); + XFCLOSE(file); #endif /* PKCS7_OUTPUT_TEST_BUNDLES */ wc_PKCS7_Free(pkcs7); @@ -21487,7 +21496,7 @@ static int pkcs7signed_run_SingleShotVectors( WC_RNG rng; PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES - FILE* file; + XFILE file; #endif const byte data[] = { /* Hello World */ @@ -21834,14 +21843,14 @@ static int pkcs7signed_run_SingleShotVectors( #ifdef PKCS7_OUTPUT_TEST_BUNDLES /* write PKCS#7 to output file for more testing */ - file = fopen(testVectors[i].outFileName, "wb"); + file = XFOPEN(testVectors[i].outFileName, "wb"); if (!file) { XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_PKCS7_Free(pkcs7); return -9562; } - ret = (int)fwrite(out, 1, encodedSz, file); - fclose(file); + ret = (int)XFWRITE(out, 1, encodedSz, file); + XFCLOSE(file); if (ret != (int)encodedSz) { XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_PKCS7_Free(pkcs7); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index d4fbefaba..32551223a 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -169,6 +169,10 @@ void mynewt_ctx_clear(void *ctx); void* mynewt_ctx_new(); #endif +#elif defined(WOLFSSL_ZEPHYR) + #ifndef SINGLE_THREADED + #include + #endif #else #ifndef SINGLE_THREADED #define WOLFSSL_PTHREADS @@ -2726,8 +2730,6 @@ struct WOLFSSL_CTX { #endif }; -WOLFSSL_LOCAL -WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_LOCAL int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*, void* heap); WOLFSSL_LOCAL diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 44bc2367b..beb27957e 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -568,6 +568,7 @@ WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); #endif /* !NO_FILESYSTEM && !NO_CERTS */ +WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); @@ -1707,7 +1708,8 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \ !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM) && \ !defined(WOLFSSL_EMBOS) && !defined(WOLFSSL_FROSTED) && \ - !defined(WOLFSSL_CHIBIOS) && !defined(WOLFSSL_CONTIKI) + !defined(WOLFSSL_CHIBIOS) && !defined(WOLFSSL_CONTIKI) && \ + !defined(WOLFSSL_ZEPHYR) #include #endif /* allow writev style writing */ diff --git a/wolfssl/test.h b/wolfssl/test.h index a9af40315..5ed9e0518 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -93,6 +93,30 @@ #include #include #define SOCKET_T int +#elif defined(WOLFSSL_ZEPHYR) + #include + #include + #include + #define SOCKET_T int + #define SOL_SOCKET 1 + #define SO_REUSEADDR 201 + #define WOLFSSL_USE_GETADDRINFO + + static unsigned long inet_addr(const char *cp) + { + unsigned int a[4]; unsigned long ret; + int i, j; + for (i=0, j=0; i<4; i++) { + a[i] = 0; + while (cp[j] != '.' && cp[j] != '\0') { + a[i] *= 10; + a[i] += cp[j] - '0'; + j++; + } + } + ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ; + return(ret) ; + } #else #include #include @@ -203,6 +227,10 @@ typedef void THREAD_RETURN; typedef Task_Handle THREAD_TYPE; #define WOLFSSL_THREAD + #elif defined(WOLFSSL_ZEPHYR) + typedef void THREAD_RETURN; + typedef struct k_thread THREAD_TYPE; + #define WOLFSSL_THREAD #else typedef unsigned int THREAD_RETURN; typedef intptr_t THREAD_TYPE; @@ -371,7 +399,11 @@ typedef struct func_args { void wait_tcp_ready(func_args*); +#ifdef WOLFSSL_ZEPHYR +typedef void THREAD_FUNC(void*, void*, void*); +#else typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*); +#endif void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); void join_thread(THREAD_TYPE); @@ -394,7 +426,10 @@ static const word16 wolfSSLPort = 11111; #define EXIT_FAILURE 1 #endif -#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST +#if defined(WOLFSSL_FORCE_MALLOC_FAIL_TEST) || defined(WOLFSSL_ZEPHYR) + #ifndef EXIT_SUCCESS + #define EXIT_SUCCESS 0 + #endif #define XEXIT(rc) return rc #define XEXIT_T(rc) return (THREAD_RETURN)rc #else @@ -404,7 +439,7 @@ static const word16 wolfSSLPort = 11111; static WC_INLINE -#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST +#if defined(WOLFSSL_FORCE_MALLOC_FAIL_TEST) || defined(WOLFSSL_ZEPHYR) THREAD_RETURN #else WC_NORETURN void @@ -751,6 +786,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, #ifndef TEST_IPV6 /* peer could be in human readable form */ if ( ((size_t)peer != INADDR_ANY) && isalpha((int)peer[0])) { + #ifndef WOLFSSL_USE_GETADDRINFO #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) int err; struct hostent* entry = gethostbyname(peer, &err); @@ -767,6 +803,19 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, entry->h_length); useLookup = 1; } + #else + struct zsock_addrinfo hints, *addrInfo; + char portStr[6]; + XSNPRINTF(portStr, sizeof(portStr), "%d", port); + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP; + if (getaddrinfo((char*)peer, portStr, &hints, &addrInfo) == 0) { + XMEMCPY(addr, addrInfo->ai_addr, sizeof(*addr)); + useLookup = 1; + } + #endif else err_sys("no entry for host"); } @@ -862,7 +911,7 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp) err_sys("setsockopt SO_NOSIGPIPE failed\n"); } #elif defined(WOLFSSL_MDK_ARM) || defined (WOLFSSL_TIRTOS) ||\ - defined(WOLFSSL_KEIL_TCP_NET) + defined(WOLFSSL_KEIL_TCP_NET) || defined(WOLFSSL_ZEPHYR) /* nothing to define */ #else /* no S_NOSIGPIPE */ signal(SIGPIPE, SIG_IGN); @@ -993,7 +1042,7 @@ static WC_INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr, tcp_socket(sockfd, udp, sctp); #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)\ - && !defined(WOLFSSL_KEIL_TCP_NET) + && !defined(WOLFSSL_KEIL_TCP_NET) && !defined(WOLFSSL_ZEPHYR) { int res, on = 1; socklen_t len = sizeof(on); @@ -1014,7 +1063,8 @@ static WC_INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr, if (listen(*sockfd, SOCK_LISTEN_MAX_QUEUE) != 0) err_sys("tcp listen failed"); } - #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) + #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) \ + && !defined(WOLFSSL_ZEPHYR) if (*port == 0) { socklen_t len = sizeof(addr); if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) { @@ -1062,7 +1112,7 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM) \ - && !defined(WOLFSSL_KEIL_TCP_NET) + && !defined(WOLFSSL_KEIL_TCP_NET) && !defined(WOLFSSL_ZEPHYR) { int res, on = 1; socklen_t len = sizeof(on); @@ -1186,7 +1236,8 @@ static WC_INLINE void tcp_set_nonblocking(SOCKET_T* sockfd) if (ret == SOCKET_ERROR) err_sys("ioctlsocket failed"); #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) \ - || defined (WOLFSSL_TIRTOS)|| defined(WOLFSSL_VXWORKS) + || defined (WOLFSSL_TIRTOS)|| defined(WOLFSSL_VXWORKS) \ + || defined(WOLFSSL_ZEPHYR) /* non blocking not supported, for now */ #else int flags = fcntl(*sockfd, F_GETFL, 0); @@ -1357,6 +1408,8 @@ static WC_INLINE unsigned int my_psk_server_tls13_cb(WOLFSSL* ssl, #elif defined(WOLFSSL_TIRTOS) extern double current_time(); +#elif defined(WOLFSSL_ZEPHYR) + extern double current_time(); #else #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) && !defined(WOLFSSL_CHIBIOS) diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index e7fa29e85..d96e550b6 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1378,6 +1378,28 @@ extern void uITRON4_free(void *p) ; #endif /*(WOLFSSL_APACHE_MYNEWT)*/ +#ifdef WOLFSSL_ZEPHYR + #include + #include + #include + #include + + #define WOLFSSL_DH_CONST + #define WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MAX + #define NO_WRITEV + + #define USE_FLAT_BENCHMARK_H + #define USE_FLAT_TEST_H + #define EXIT_FAILURE 1 + #define MAIN_NO_ARGS + + void *z_realloc(void *ptr, size_t size); + #define realloc z_realloc + + #define CONFIG_NET_SOCKETS_POSIX_NAMES +#endif + #ifdef WOLFSSL_IMX6 #ifndef SIZEOF_LONG_LONG #define SIZEOF_LONG_LONG 8 diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 59a4a4cf0..e29f8fcbd 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -175,7 +175,8 @@ #if defined(_MSC_VER) #define THREAD_LS_T __declspec(thread) /* Thread local storage only in FreeRTOS v8.2.1 and higher */ - #elif defined(FREERTOS) || defined(FREERTOS_TCP) + #elif defined(FREERTOS) || defined(FREERTOS_TCP) || \ + defined(WOLFSSL_ZEPHYR) #define THREAD_LS_T #else #define THREAD_LS_T __thread @@ -360,7 +361,8 @@ #endif #ifndef XSTRNCASECMP - #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) + #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) || \ + defined(WOLFSSL_ZEPHYR) /* XC32 does not support strncasecmp, so use case sensitive one */ #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) #elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM) diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index ee91b1a08..429559300 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -108,6 +108,10 @@ #include "nucleus.h" #elif defined(WOLFSSL_APACHE_MYNEWT) /* do nothing */ +#elif defined(WOLFSSL_ZEPHYR) + #ifndef SINGLE_THREADED + #include + #endif #else #ifndef SINGLE_THREADED #define WOLFSSL_PTHREADS @@ -185,6 +189,8 @@ typedef RTHANDLE wolfSSL_Mutex; #elif defined(WOLFSSL_NUCLEUS_1_2) typedef NU_SEMAPHORE wolfSSL_Mutex; + #elif defined(WOLFSSL_ZEPHYR) + typedef struct k_mutex wolfSSL_Mutex; #else #error Need a mutex type in multithreaded mode #endif /* USE_WINDOWS_API */ @@ -321,6 +327,27 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XSEEK_END 2 #define XBADFILE NULL #define XFGETS(b,s,f) -2 /* Not ported yet */ +#elif defined(WOLFSSL_ZEPHYR) + #include + + #define XFILE struct fs_file_t* + #define STAT struct fs_dirent + + XFILE z_fs_open(const char* filename, const char* perm); + int z_fs_close(XFILE file); + + #define XFOPEN z_fs_open + #define XFCLOSE z_fs_close + #define XFSEEK fs_seek + #define XFTELL fs_tell + #define XFREWIND fs_rewind + #define XREWIND(F) fs_seek(F, 0, FS_SEEK_SET) + #define XFREAD(P,S,N,F) fs_read(F, P, S*N) + #define XFWRITE(P,S,N,F) fs_write(F, P, S*N) + #define XSEEK_END FS_SEEK_END + #define XBADFILE NULL + #define XFGETS(b,s,f) -2 /* Not ported yet */ + #elif defined(WOLFSSL_USER_FILESYSTEM) /* To be defined in user_settings.h */ #else @@ -364,6 +391,11 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #ifdef USE_WINDOWS_API WIN32_FIND_DATAA FindFileData; HANDLE hFind; + #elif defined(WOLFSSL_ZEPHYR) + struct fs_dirent entry; + struct fs_dir_t dir; + struct fs_dirent s; + struct fs_dir_t* dirp; #else struct dirent* entry; DIR* dir; @@ -486,6 +518,24 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define WOLFSSL_GMTIME #define USE_WOLF_TM #define USE_WOLF_TIME_T + +#elif defined(WOLFSSL_ZEPHYR) + #ifndef _POSIX_C_SOURCE + #include + #else + #include + #endif + + typedef signed int time_t; + + time_t z_time(time_t *timer); + + #define XTIME(tl) z_time((tl)) + #define XGMTIME(c, t) gmtime((c)) + #define WOLFSSL_GMTIME + + #define USE_WOLF_TM + #else /* default */ /* uses complete facility */ diff --git a/wolfssl/wolfio.h b/wolfssl/wolfio.h index a92f27d90..83b27749a 100644 --- a/wolfssl/wolfio.h +++ b/wolfssl/wolfio.h @@ -116,6 +116,8 @@ #include #include #include + #elif defined(WOLFSSL_ZEPHYR) + #include #elif !defined(WOLFSSL_NO_SOCK) #include #include @@ -257,6 +259,13 @@ #elif defined(WOLFSSL_NUCLEUS_1_2) #define SEND_FUNCTION NU_Send #define RECV_FUNCTION NU_Recv +#elif defined(WOLFSSL_ZEPHYR) + #ifndef WOLFSSL_MAX_SEND_SZ + #define WOLFSSL_MAX_SEND_SZ 256 + #endif + + #define SEND_FUNCTION send + #define RECV_FUNCTION recv #else #define SEND_FUNCTION send #define RECV_FUNCTION recv