From 5e1eee091a9681f28c972f80a0ac6b40efb056fa Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 12 Feb 2019 17:26:56 +1000 Subject: [PATCH] Add threaded samples using buffers and sockets --- IDE/zephyr/lib/install_lib.sh | 3 +- .../lib/settings/user_settings-tls-generic.h | 2 +- IDE/zephyr/lib/user_settings.h | 2 +- IDE/zephyr/wolfssl_test/prj.conf | 12 +- IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt | 8 + IDE/zephyr/wolfssl_tls_sock/install_sample.sh | 31 ++ IDE/zephyr/wolfssl_tls_sock/prj.conf | 53 ++ IDE/zephyr/wolfssl_tls_sock/sample.yaml | 9 + IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c | 512 ++++++++++++++++++ IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt | 8 + .../wolfssl_tls_thread/install_sample.sh | 31 ++ IDE/zephyr/wolfssl_tls_thread/prj.conf | 29 + IDE/zephyr/wolfssl_tls_thread/sample.yaml | 9 + .../wolfssl_tls_thread/src/tls_threaded.c | 504 +++++++++++++++++ src/wolfio.c | 5 + wolfcrypt/test/test.c | 2 +- wolfssl/internal.h | 2 - wolfssl/ssl.h | 1 + wolfssl/test.h | 8 +- wolfssl/wolfcrypt/settings.h | 1 - wolfssl/wolfcrypt/wc_port.h | 4 - wolfssl/wolfio.h | 6 +- 22 files changed, 1224 insertions(+), 18 deletions(-) create mode 100644 IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt create mode 100755 IDE/zephyr/wolfssl_tls_sock/install_sample.sh create mode 100644 IDE/zephyr/wolfssl_tls_sock/prj.conf create mode 100644 IDE/zephyr/wolfssl_tls_sock/sample.yaml create mode 100755 IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c create mode 100644 IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt create mode 100755 IDE/zephyr/wolfssl_tls_thread/install_sample.sh create mode 100644 IDE/zephyr/wolfssl_tls_thread/prj.conf create mode 100644 IDE/zephyr/wolfssl_tls_thread/sample.yaml create mode 100755 IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c diff --git a/IDE/zephyr/lib/install_lib.sh b/IDE/zephyr/lib/install_lib.sh index 77d0a1358..fea8c8181 100755 --- a/IDE/zephyr/lib/install_lib.sh +++ b/IDE/zephyr/lib/install_lib.sh @@ -29,7 +29,7 @@ if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then fi ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl -echo "wolfSSL directory:" +echo "wolfSSL directory in Zephyr:" echo " $ZEPHYR_WOLFSSL_DIR" rm -rf $ZEPHYR_WOLFSSL_DIR mkdir $ZEPHYR_WOLFSSL_DIR @@ -56,6 +56,7 @@ mkdir $ZEPHYR_WOLFSSL_DIR/include cp $ZEPHYR_WOLFSSL_DIR/user_settings.h $ZEPHYR_WOLFSSL_DIR/include/ cp -rf ${WOLFSSL_SRC_DIR}/wolfssl $ZEPHYR_WOLFSSL_DIR/include/ rm -f $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h +touch $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h rm -rf $ZEPHYR_WOLFSSL_DIR/include/wolfssl/wolfcrypt/port diff --git a/IDE/zephyr/lib/settings/user_settings-tls-generic.h b/IDE/zephyr/lib/settings/user_settings-tls-generic.h index b0eb7ec24..722f44eeb 100644 --- a/IDE/zephyr/lib/settings/user_settings-tls-generic.h +++ b/IDE/zephyr/lib/settings/user_settings-tls-generic.h @@ -18,7 +18,7 @@ extern "C" { #undef WOLFSSL_ZEPHYR #define WOLFSSL_ZEPHYR -#if 1 +#if 0 #undef SINGLE_THREADED #define SINGLE_THREADED #endif diff --git a/IDE/zephyr/lib/user_settings.h b/IDE/zephyr/lib/user_settings.h index 7210be06d..9fb1bd416 100644 --- a/IDE/zephyr/lib/user_settings.h +++ b/IDE/zephyr/lib/user_settings.h @@ -16,7 +16,7 @@ extern "C" { #undef WOLFSSL_ZEPHYR #define WOLFSSL_ZEPHYR -#if 1 +#if 0 #undef SINGLE_THREADED #define SINGLE_THREADED #endif diff --git a/IDE/zephyr/wolfssl_test/prj.conf b/IDE/zephyr/wolfssl_test/prj.conf index 852937ba6..4becb6196 100644 --- a/IDE/zephyr/wolfssl_test/prj.conf +++ b/IDE/zephyr/wolfssl_test/prj.conf @@ -3,11 +3,17 @@ CONFIG_MAIN_STACK_SIZE=32768 CONFIG_ENTROPY_GENERATOR=y CONFIG_POSIX_API=y CONFIG_INIT_STACKS=y -CONFIG_FLOAT=y -CONFIG_SSE=y +#CONFIG_FLOAT=y CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 -#CONFIG_FILE_SYSTEM=y +# Networking +CONFIG_NETWORKING=y +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=y +CONFIG_NET_SOCKETS=y +CONFIG_DNS_RESOLVER=y # Logging CONFIG_PRINTK=y diff --git a/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt b/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt new file mode 100644 index 000000000..512a0006f --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_tls_threaded) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_tls_sock/install_sample.sh b/IDE/zephyr/wolfssl_tls_sock/install_sample.sh new file mode 100755 index 000000000..9806af20c --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/install_sample.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_tls_sock + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Sample files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_tls_sock/prj.conf b/IDE/zephyr/wolfssl_tls_sock/prj.conf new file mode 100644 index 000000000..2312ea0f6 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/prj.conf @@ -0,0 +1,53 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=12288 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +# General config +CONFIG_NEWLIB_LIBC=y + +# Networking config +CONFIG_NETWORKING=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=n +CONFIG_NET_TCP=y +CONFIG_NET_SOCKETS=y +CONFIG_NET_SOCKETS_POSIX_NAMES=y + +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_DNS_RESOLVER=y +CONFIG_DNS_SERVER_IP_ADDRESSES=y +CONFIG_DNS_SERVER1="192.0.2.2" + +# Network driver config +CONFIG_TEST_RANDOM_GENERATOR=y + +# Network address config +CONFIG_NET_CONFIG_SETTINGS=y +CONFIG_NET_CONFIG_NEED_IPV4=y +CONFIG_NET_CONFIG_MY_IPV4_ADDR="192.0.2.1" +CONFIG_NET_CONFIG_PEER_IPV4_ADDR="192.0.2.2" +CONFIG_NET_CONFIG_MY_IPV4_GW="192.0.2.2" + +CONFIG_NET_PKT_TX_COUNT=10 + +# Network debug config +#CONFIG_NET_LOG=y +#CONFIG_NET_PKT_LOG_LEVEL_DBG=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + +CONFIG_WOLFSSL_TLS_VERSION_1_2=y +CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y +CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y +CONFIG_WOLFSSL_MAC_ALL_ENABLED=y +CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y diff --git a/IDE/zephyr/wolfssl_tls_sock/sample.yaml b/IDE/zephyr/wolfssl_tls_sock/sample.yaml new file mode 100644 index 000000000..86f7f9a79 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL TLS test application + name: wolfSSL TLS Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c new file mode 100755 index 000000000..2ac6fc6cd --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c @@ -0,0 +1,512 @@ +/* tls_sock.c + * + * Copyright (C) 2006-2019 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#define USE_CERT_BUFFERS_2048 +#include +#include + +#ifdef WOLFSSL_ZEPHYR +#define printf printk +#endif + +#define BUFFER_SIZE 2048 +#define STATIC_MEM_SIZE (96*1024) +#define THREAD_STACK_SIZE (12*1024) +#define MAX_SEND_SIZE 256 + +/* The stack to use in the server's thread. */ +K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE); + +#ifdef WOLFSSL_STATIC_MEMORY + static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER; + static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT; + + static byte gMemoryServer[STATIC_MEM_SIZE]; + static byte gMemoryClient[STATIC_MEM_SIZE]; +#else + #define HEAP_HINT_SERVER NULL + #define HEAP_HINT_CLIENT NULL +#endif /* WOLFSSL_STATIC_MEMORY */ + +/* Application data to send. */ +static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n"; +static const char msgHTTPIndex[] = + "HTTP/1.1 200 OK\n" + "Content-Type: text/html\n" + "Connection: close\n" + "\n" + "\n" + "\n" + "Welcome to wolfSSL!\n" + "\n" + "\n" + "

wolfSSL has successfully performed handshake!

\n" + "\n" + "\n"; + + +/* Create a new wolfSSL client with a server CA certificate. */ +static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(), + HEAP_HINT_CLIENT)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048, + sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != + WOLFSSL_SUCCESS) { + printf("ERROR: failed to load CA certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(client_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = client_ctx; + *ssl = client_ssl; + } + else { + if (client_ssl != NULL) + wolfSSL_free(client_ssl); + if (client_ctx != NULL) + wolfSSL_CTX_free(client_ctx); + } + + return ret; +} + +/* Client connecting to server using TLS */ +static int wolfssl_client_connect(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) { + printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1)); + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + + +/* Create a new wolfSSL server with a certificate for authentication. */ +static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(), + HEAP_HINT_SERVER)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_certificate_buffer(server_ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, + server_key_der_2048, sizeof_server_key_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server key\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(server_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = server_ctx; + *ssl = server_ssl; + } + else { + if (server_ssl != NULL) + wolfSSL_free(server_ssl); + if (server_ctx != NULL) + wolfSSL_CTX_free(server_ctx); + } + + return ret; +} + +/* Server accepting a client using TLS */ +static int wolfssl_server_accept(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) { + printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1)); + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + +/* Send application data. */ +static int wolfssl_send(WOLFSSL* ssl, const char* msg) +{ + int ret = 0; + int len; + + printf("Sending:\n%s\n", msg); + len = wolfSSL_write(ssl, msg, XSTRLEN(msg)); + if (len < 0) + ret = len; + else if (len != XSTRLEN(msg)) + ret = -1; + + return ret; +} + +/* Receive application data. */ +static int wolfssl_recv(WOLFSSL* ssl) +{ + int ret; + byte reply[256]; + + ret = wolfSSL_read(ssl, reply, sizeof(reply)-1); + if (ret > 0) { + reply[ret] = '\0'; + printf("Received:\n%s\n", reply); + ret = 1; + } + else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl)) + ret = 0; + + return ret; +} + + +/* Free the WOLFSSL object and context. */ +static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + if (ssl != NULL) + wolfSSL_free(ssl); + if (ctx != NULL) + wolfSSL_CTX_free(ctx); +} + + +/* Display the static memory usage. */ +static void wolfssl_memstats(WOLFSSL* ssl) +{ +#ifdef WOLFSSL_STATIC_MEMORY + WOLFSSL_MEM_CONN_STATS ssl_stats; + + XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats)); + + if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1) + printf("static memory was not used with ssl"); + else { + printf("*** This is memory state before wolfSSL_free is called\n"); + printf("peak connection memory = %d\n", ssl_stats.peakMem); + printf("current memory in use = %d\n", ssl_stats.curMem); + printf("peak connection allocs = %d\n", ssl_stats.peakAlloc); + printf("current connection allocs = %d\n",ssl_stats.curAlloc); + printf("total connection allocs = %d\n",ssl_stats.totalAlloc); + printf("total connection frees = %d\n\n", ssl_stats.totalFr); + } +#else + (void)ssl; +#endif +} + + +/* Start the server thread. */ +void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread) +{ + k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack), + func, args, NULL, NULL, 5, 0, K_NO_WAIT); +} + +void join_thread(THREAD_TYPE thread) +{ + /* Threads are handled in the kernel. */ +} + + +int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd) +{ + int ret = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID; + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + word16 port = 443; + struct sockaddr_in bind_addr; + + if (ret == 0) { + sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + bind_addr.sin_family = AF_INET; + bind_addr.sin_addr.s_addr = htonl(INADDR_ANY); + bind_addr.sin_port = htons(port); + if (bind(sockfd, (struct sockaddr *)&bind_addr, sizeof(bind_addr)) != 0) + ret = -1; + } + if (ret == 0) { + *fd = sockfd; + printf("Server Listen\n"); + listen(sockfd, 5); + if (WOLFSSL_SOCKET_IS_INVALID(sockfd)) + ret = -1; + } + if (ret == 0) { + printf("Server Accept\n"); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); + if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) + ret = -1; + } + if (ret == 0) { + *acceptfd = clientfd; + tcp_set_nonblocking(&clientfd); + } + + if (ret == 0) { + printf("Server has client\n"); + if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) + ret = -1; + } + + return ret; +} + +/* Thread to do the server operations. */ +void server_thread(void* arg1, void* arg2, void* arg3) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID; + + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer, + sizeof(gMemoryServer), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + if (ret == 0) + ret = wolfssl_server_new(&server_ctx, &server_ssl); + + if (ret == 0) + ret = wolfssl_server_accept_tcp(server_ssl, &sockfd, &clientfd); + + while (ret == 0) { + k_sleep(100); + ret = wolfssl_server_accept(server_ssl); + if (ret == 0 && wolfSSL_is_init_finished(server_ssl)) + break; + } + + /* Receive HTTP request */ + while (ret == 0) { + ret = wolfssl_recv(server_ssl); + } + if (ret == 1) + ret = 0; + /* Send HTTP repsonse */ + if (ret == 0) + ret = wolfssl_send(server_ssl, msgHTTPIndex); + + printf("Server Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Server Memory Stats\n"); +#endif + wolfssl_memstats(server_ssl); + wolfssl_free(server_ctx, server_ssl); + if (clientfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(clientfd); + if (sockfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(sockfd); +} + +int wolfssl_client_connect_tcp(WOLFSSL* ssl, SOCKET_T* fd) +{ + int ret = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + static struct addrinfo hints; + struct addrinfo* res; + + XMEMSET(&hints, 0, sizeof(hints)); + hints.ai_family = AF_INET; + hints.ai_socktype = SOCK_STREAM; + if (getaddrinfo("192.0.2.1", "443", &hints, &res) != 0) + ret = -1; + + if (ret == 0) { + printf("Client socket\n"); + sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (WOLFSSL_SOCKET_IS_INVALID(sockfd)) + ret = -1; + } + if (ret == 0) { + *fd = sockfd; + tcp_set_nonblocking(&sockfd); + } + if (ret == 0) { + printf("Client Connect\n"); + if (connect(sockfd, res->ai_addr, res->ai_addrlen) != 0) + ret = -1; + } + + if (ret == 0) { + printf("Client Connected\n"); + if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) + ret = -1; + } + + return ret; +} + +/* Thread to do the client operations. */ +void client_thread() +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient, + sizeof(gMemoryClient), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + /* Client connection */ + if (ret == 0) + ret = wolfssl_client_new(&client_ctx, &client_ssl); + + if (ret == 0) + ret = wolfssl_client_connect_tcp(client_ssl, &sockfd); + + while (ret == 0) { + k_sleep(10); + ret = wolfssl_client_connect(client_ssl); + if (ret == 0 && wolfSSL_is_init_finished(client_ssl)) + break; + } + + if (ret == 0) + printf("Handshake complete\n"); + + /* Send HTTP request */ + if (ret == 0) + ret = wolfssl_send(client_ssl, msgHTTPGet); + /* Receive HTTP response */ + while (ret == 0) { + k_sleep(10); + ret = wolfssl_recv(client_ssl); + } + if (ret == 1) + ret = 0; + + printf("Client Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Client Memory Stats\n"); +#endif + wolfssl_memstats(client_ssl); + wolfssl_free(client_ctx, client_ssl); + if (sockfd != WOLFSSL_SOCKET_INVALID) + CloseSocket(sockfd); +} + +int main() +{ + int ret = 0; + THREAD_TYPE serverThread; + + wolfSSL_Init(); + + /* Start server */ + start_thread(server_thread, NULL, &serverThread); + + k_sleep(100); + client_thread(); + + join_thread(serverThread); + + wolfSSL_Cleanup(); + + printf("Done\n"); + + return (ret == 0) ? 0 : 1; +} + diff --git a/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt b/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt new file mode 100644 index 000000000..512a0006f --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/CMakeLists.txt @@ -0,0 +1,8 @@ +cmake_minimum_required(VERSION 3.13.1) +include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE) +project(wolfssl_tls_threaded) + +FILE(GLOB app_sources src/*.c) +target_sources(app PRIVATE ${app_sources}) +add_definitions(-DWOLFSSL_USER_SETTINGS) + diff --git a/IDE/zephyr/wolfssl_tls_thread/install_sample.sh b/IDE/zephyr/wolfssl_tls_thread/install_sample.sh new file mode 100755 index 000000000..4bd0ea084 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/install_sample.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +ZEPHYR_DIR= +if [ $# -ne 1 ]; then + echo "Need location of zephyr project as a command line argument" + exit 1 +else + ZEPHYR_DIR=$1 +fi +if [ ! -d $ZEPHR_DIR ]; then + echo "Zephyr project directory does not exist: $ZEPHYR_DIR" + exit 1 +fi +ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto +if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then + echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR" + exit 1 +fi +ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_tls_thread + +echo "wolfSSL directory:" +echo " $ZEPHYR_WOLFSSL_DIR" +rm -rf $ZEPHYR_WOLFSSL_DIR +mkdir $ZEPHYR_WOLFSSL_DIR + +echo "Copy in Sample files ..." +cp -r * $ZEPHYR_WOLFSSL_DIR/ +rm $ZEPHYR_WOLFSSL_DIR/$0 + +echo "Done" + diff --git a/IDE/zephyr/wolfssl_tls_thread/prj.conf b/IDE/zephyr/wolfssl_tls_thread/prj.conf new file mode 100644 index 000000000..402cd7fa7 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/prj.conf @@ -0,0 +1,29 @@ +# Kernel options +CONFIG_MAIN_STACK_SIZE=12288 +CONFIG_ENTROPY_GENERATOR=y +CONFIG_POSIX_API=y +CONFIG_INIT_STACKS=y +CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192 + +# Networking +CONFIG_NETWORKING=y +CONFIG_NET_TEST=y +CONFIG_NET_LOOPBACK=y +CONFIG_NET_IPV4=y +CONFIG_NET_IPV6=y +CONFIG_NET_SOCKETS=y +CONFIG_DNS_RESOLVER=y + +# Logging +CONFIG_PRINTK=y +CONFIG_WOLFSSL_DEBUG=y + +# TLS configuration +CONFIG_WOLFSSL=y +CONFIG_WOLFSSL_BUILTIN=y + +CONFIG_WOLFSSL_TLS_VERSION_1_2=y +CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y +CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y +CONFIG_WOLFSSL_MAC_ALL_ENABLED=y +CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y diff --git a/IDE/zephyr/wolfssl_tls_thread/sample.yaml b/IDE/zephyr/wolfssl_tls_thread/sample.yaml new file mode 100644 index 000000000..86f7f9a79 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/sample.yaml @@ -0,0 +1,9 @@ +common: + harness: crypto + tags: crypto +sample: + description: wolfSSL TLS test application + name: wolfSSL TLS Test +tests: + test: + platform_whitelist: qemu_x86 diff --git a/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c new file mode 100755 index 000000000..41db03d83 --- /dev/null +++ b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c @@ -0,0 +1,504 @@ +/* tls_threaded.c + * + * Copyright (C) 2006-2019 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include +#include +#define USE_CERT_BUFFERS_2048 +#include +#include + +#ifdef WOLFSSL_ZEPHYR +#define printf printk +#endif + +#define BUFFER_SIZE 2048 +#define STATIC_MEM_SIZE (96*1024) +#define THREAD_STACK_SIZE (12*1024) + +/* The stack to use in the server's thread. */ +K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE); + +#ifdef WOLFSSL_STATIC_MEMORY + static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER; + static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT; + + static byte gMemoryServer[STATIC_MEM_SIZE]; + static byte gMemoryClient[STATIC_MEM_SIZE]; +#else + #define HEAP_HINT_SERVER NULL + #define HEAP_HINT_CLIENT NULL +#endif /* WOLFSSL_STATIC_MEMORY */ + +/* Buffer to hold data for client to read. */ +unsigned char client_buffer[BUFFER_SIZE]; +int client_buffer_sz = 0; +wolfSSL_Mutex client_mutex; + +/* Buffer to hold data for server to read. */ +unsigned char server_buffer[BUFFER_SIZE]; +int server_buffer_sz = 0; +wolfSSL_Mutex server_mutex; + +/* Application data to send. */ +static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n"; +static const char msgHTTPIndex[] = + "HTTP/1.1 200 OK\n" + "Content-Type: text/html\n" + "Connection: close\n" + "\n" + "\n" + "\n" + "Welcome to wolfSSL!\n" + "\n" + "\n" + "

wolfSSL has successfully performed handshake!

\n" + "\n" + "\n"; + +/* wolfSSL client wants to read data from the server. */ +static int recv_client(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&client_mutex); + if (client_buffer_sz > 0) { + /* Take as many bytes is available or requested from buffer. */ + if (sz > client_buffer_sz) + sz = client_buffer_sz; + XMEMCPY(buff, client_buffer, sz); + if (sz < client_buffer_sz) { + XMEMMOVE(client_buffer, client_buffer + sz, client_buffer_sz - sz); + } + client_buffer_sz -= sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_READ; + wc_UnLockMutex(&client_mutex); + + return sz; +} + +/* wolfSSL client wants to write data to the server. */ +static int send_client(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&server_mutex); + if (server_buffer_sz < BUFFER_SIZE) + { + /* Put in as many bytes requested or will fit in buffer. */ + if (sz > BUFFER_SIZE - server_buffer_sz) + sz = BUFFER_SIZE - server_buffer_sz; + XMEMCPY(server_buffer + server_buffer_sz, buff, sz); + server_buffer_sz += sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_WRITE; + wc_UnLockMutex(&server_mutex); + + return sz; +} + +/* wolfSSL server wants to read data from the client. */ +static int recv_server(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&server_mutex); + if (server_buffer_sz > 0) { + /* Take as many bytes is available or requested from buffer. */ + if (sz > server_buffer_sz) + sz = server_buffer_sz; + XMEMCPY(buff, server_buffer, sz); + if (sz < server_buffer_sz) { + XMEMMOVE(server_buffer, server_buffer + sz, server_buffer_sz - sz); + } + server_buffer_sz -= sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_READ; + wc_UnLockMutex(&server_mutex); + + return sz; +} + +/* wolfSSL server wants to write data to the client. */ +static int send_server(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + wc_LockMutex(&client_mutex); + if (client_buffer_sz < BUFFER_SIZE) + { + /* Put in as many bytes requested or will fit in buffer. */ + if (sz > BUFFER_SIZE - client_buffer_sz) + sz = BUFFER_SIZE - client_buffer_sz; + XMEMCPY(client_buffer + client_buffer_sz, buff, sz); + client_buffer_sz += sz; + } + else + sz = WOLFSSL_CBIO_ERR_WANT_WRITE; + wc_UnLockMutex(&client_mutex); + + return sz; +} + +/* Create a new wolfSSL client with a server CA certificate. */ +static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(), + HEAP_HINT_CLIENT)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048, + sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != + WOLFSSL_SUCCESS) { + printf("ERROR: failed to load CA certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Register callbacks */ + wolfSSL_SetIORecv(client_ctx, recv_client); + wolfSSL_SetIOSend(client_ctx, send_client); + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(client_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = client_ctx; + *ssl = client_ssl; + } + else { + if (client_ssl != NULL) + wolfSSL_free(client_ssl); + if (client_ctx != NULL) + wolfSSL_CTX_free(client_ctx); + } + + return ret; +} + +/* Client connecting to server using TLS */ +static int wolfssl_client_connect(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) { + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + + +/* Create a new wolfSSL server with a certificate for authentication. */ +static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + /* Create and initialize WOLFSSL_CTX */ + if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(), + HEAP_HINT_SERVER)) == NULL) { + printf("ERROR: failed to create WOLFSSL_CTX\n"); + ret = -1; + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_certificate_buffer(server_ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server certiifcate\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Load client certificates into WOLFSSL_CTX */ + if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, + server_key_der_2048, sizeof_server_key_der_2048, + WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) { + printf("ERROR: failed to load server key\n"); + ret = -1; + } + } + + if (ret == 0) { + /* Register callbacks */ + wolfSSL_SetIORecv(server_ctx, recv_server); + wolfSSL_SetIOSend(server_ctx, send_server); + } + + if (ret == 0) { + /* Create a WOLFSSL object */ + if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) { + printf("ERROR: failed to create WOLFSSL object\n"); + ret = -1; + } + } + + if (ret == 0) { + /* make wolfSSL object nonblocking */ + wolfSSL_set_using_nonblock(server_ssl, 1); + } + + if (ret == 0) { + /* Return newly created wolfSSL context and object */ + *ctx = server_ctx; + *ssl = server_ssl; + } + else { + if (server_ssl != NULL) + wolfSSL_free(server_ssl); + if (server_ctx != NULL) + wolfSSL_CTX_free(server_ctx); + } + + return ret; +} + +/* Server accepting a client using TLS */ +static int wolfssl_server_accept(WOLFSSL* ssl) +{ + int ret = 0; + + if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) { + if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl)) + ret = -1; + } + + return ret; +} + + +/* Send application data. */ +static int wolfssl_send(WOLFSSL* ssl, const char* msg) +{ + int ret = 0; + int len; + + printf("Sending:\n%s\n", msg); + len = wolfSSL_write(ssl, msg, XSTRLEN(msg)); + if (len < 0) + ret = len; + else if (len != XSTRLEN(msg)) + ret = -1; + + return ret; +} + +/* Receive application data. */ +static int wolfssl_recv(WOLFSSL* ssl) +{ + int ret; + byte reply[256]; + + ret = wolfSSL_read(ssl, reply, sizeof(reply)-1); + if (ret > 0) { + reply[ret] = '\0'; + printf("Received:\n%s\n", reply); + ret = 1; + } + else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl)) + ret = 0; + + return ret; +} + + +/* Free the WOLFSSL object and context. */ +static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl) +{ + if (ssl != NULL) + wolfSSL_free(ssl); + if (ctx != NULL) + wolfSSL_CTX_free(ctx); +} + + +/* Display the static memory usage. */ +static void wolfssl_memstats(WOLFSSL* ssl) +{ +#ifdef WOLFSSL_STATIC_MEMORY + WOLFSSL_MEM_CONN_STATS ssl_stats; + + XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats)); + + if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1) + printf("static memory was not used with ssl"); + else { + printf("*** This is memory state before wolfSSL_free is called\n"); + printf("peak connection memory = %d\n", ssl_stats.peakMem); + printf("current memory in use = %d\n", ssl_stats.curMem); + printf("peak connection allocs = %d\n", ssl_stats.peakAlloc); + printf("current connection allocs = %d\n",ssl_stats.curAlloc); + printf("total connection allocs = %d\n",ssl_stats.totalAlloc); + printf("total connection frees = %d\n\n", ssl_stats.totalFr); + } +#else + (void)ssl; +#endif +} + + +/* Start the server thread. */ +void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread) +{ + k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack), + func, args, NULL, NULL, 5, 0, K_NO_WAIT); +} + +void join_thread(THREAD_TYPE thread) +{ + /* Threads are handled in the kernel. */ +} + + +/* Thread to do the server operations. */ +void server_thread(void* arg1, void* arg2, void* arg3) +{ + int ret = 0; + WOLFSSL_CTX* server_ctx = NULL; + WOLFSSL* server_ssl = NULL; + + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer, + sizeof(gMemoryServer), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + if (ret == 0) + ret = wolfssl_server_new(&server_ctx, &server_ssl); + + while (ret == 0) { + ret = wolfssl_server_accept(server_ssl); + if (ret == 0 && wolfSSL_is_init_finished(server_ssl)) + break; + } + + /* Receive HTTP request */ + while (ret == 0) { + ret = wolfssl_recv(server_ssl); + } + if (ret == 1) + ret = 0; + /* Send HTTP repsonse */ + if (ret == 0) + ret = wolfssl_send(server_ssl, msgHTTPIndex); + + printf("Server Return: %d\n", ret); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Server Memory Stats\n"); +#endif + wolfssl_memstats(server_ssl); + wolfssl_free(server_ctx, server_ssl); +} + +int main() +{ + int ret = 0; + WOLFSSL_CTX* client_ctx = NULL; + WOLFSSL* client_ssl = NULL; + THREAD_TYPE serverThread; + + wolfSSL_Init(); + + wc_InitMutex(&client_mutex); + wc_InitMutex(&server_mutex); + + /* Start server */ + start_thread(server_thread, NULL, &serverThread); + +#ifdef WOLFSSL_STATIC_MEMORY + if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient, + sizeof(gMemoryClient), + WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) { + printf("unable to load static memory"); + ret = -1; + } +#endif + + /* Client connection */ + if (ret == 0) + ret = wolfssl_client_new(&client_ctx, &client_ssl); + + while (ret == 0) { + ret = wolfssl_client_connect(client_ssl); + if (ret == 0 && wolfSSL_is_init_finished(client_ssl)) + break; + k_sleep(10); + } + + if (ret == 0) + printf("Handshake complete\n"); + + /* Send HTTP request */ + if (ret == 0) + ret = wolfssl_send(client_ssl, msgHTTPGet); + /* Receive HTTP response */ + while (ret == 0) { + k_sleep(10); + ret = wolfssl_recv(client_ssl); + } + if (ret == 1) + ret = 0; + + printf("Client Return: %d\n", ret); + + join_thread(serverThread); + +#ifdef WOLFSSL_STATIC_MEMORY + printf("Client Memory Stats\n"); +#endif + wolfssl_memstats(client_ssl); + wolfssl_free(client_ctx, client_ssl); + + wolfSSL_Cleanup(); + + printf("Done\n"); + + return (ret == 0) ? 0 : 1; +} + diff --git a/src/wolfio.c b/src/wolfio.c index 122d65d18..36d8f4695 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -238,6 +238,11 @@ int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) int sd = *(int*)ctx; int sent; +#ifdef MAX_SEND_SZ + if (sz > MAX_SEND_SZ) + sz = MAX_SEND_SZ; +#endif + sent = wolfIO_Send(sd, buf, sz, ssl->wflags); if (sent < 0) { int err = wolfSSL_LastError(); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index af06bc6dc..122c08112 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -434,7 +434,7 @@ static void myFipsCb(int ok, int err, const char* hash) #elif defined(WOLFSSL_CERT_EXT) static byte gTestMemory[140000]; #elif defined(USE_FAST_MATH) && !defined(ALT_ECC_SIZE) - static byte gTestMemory[150000]; + static byte gTestMemory[160000]; #else static byte gTestMemory[80000]; #endif diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 4b8906fd9..32551223a 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2730,8 +2730,6 @@ struct WOLFSSL_CTX { #endif }; -WOLFSSL_LOCAL -WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_LOCAL int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*, void* heap); WOLFSSL_LOCAL diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index d5e5f97ce..beb27957e 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -568,6 +568,7 @@ WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int); #endif /* !NO_FILESYSTEM && !NO_CERTS */ +WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap); WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*); WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*); WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl); diff --git a/wolfssl/test.h b/wolfssl/test.h index 1267d6424..5ed9e0518 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -228,8 +228,8 @@ typedef Task_Handle THREAD_TYPE; #define WOLFSSL_THREAD #elif defined(WOLFSSL_ZEPHYR) - typedef unsigned int THREAD_RETURN; - typedef k_tid_t THREAD_TYPE; + typedef void THREAD_RETURN; + typedef struct k_thread THREAD_TYPE; #define WOLFSSL_THREAD #else typedef unsigned int THREAD_RETURN; @@ -399,7 +399,11 @@ typedef struct func_args { void wait_tcp_ready(func_args*); +#ifdef WOLFSSL_ZEPHYR +typedef void THREAD_FUNC(void*, void*, void*); +#else typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*); +#endif void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); void join_thread(THREAD_TYPE); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 5c46a4ec2..d96e550b6 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1397,7 +1397,6 @@ extern void uITRON4_free(void *p) ; void *z_realloc(void *ptr, size_t size); #define realloc z_realloc - #define CONFIG_NET_BUF_USER_DATA_SIZE 10 #define CONFIG_NET_SOCKETS_POSIX_NAMES #endif diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 66e8a39bf..429559300 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -111,10 +111,6 @@ #elif defined(WOLFSSL_ZEPHYR) #ifndef SINGLE_THREADED #include - - #define WOLFSSL_PTHREADS - #define HAVE_PTHREAD - #include #endif #else #ifndef SINGLE_THREADED diff --git a/wolfssl/wolfio.h b/wolfssl/wolfio.h index 4cc238478..f9a2368d8 100644 --- a/wolfssl/wolfio.h +++ b/wolfssl/wolfio.h @@ -260,8 +260,10 @@ #define SEND_FUNCTION NU_Send #define RECV_FUNCTION NU_Recv #elif defined(WOLFSSL_ZEPHYR) - #define SEND_FUNCTION zsock_send - #define RECV_FUNCTION zsock_recv + #define MAX_SEND_SZ 256 + + #define SEND_FUNCTION send + #define RECV_FUNCTION recv #else #define SEND_FUNCTION send #define RECV_FUNCTION recv