feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4017 from SparkiDev/not_ecc_pk_cb

Browse Source 
ECC: Disable ECC but have Curve25519/448 and PK callbacks fix
This commit is contained in:
David Garske
2021-06-09 12:38:37 -07:00
committed by GitHub
parent c6fc709502 8779c3a884
commit a6edff7bd5
30 changed files with 538 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
certs/ed25519/ca-ed25519-key.der
View File

Binary file not shown.

7
certs/ed25519/ca-ed25519-key.pem
View File

@ -1,4 +1,3 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIAw37caag1d0w0pY63b7oe9Frg8SA0rLDtnWWDl7MafZ
oSIEIKqWfWdx1/6tqF8UGL4C0BV+gGS5IXuyP3x0bv/1hOKB
-----END EDDSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAQjt6+YLP+d8Z3fPwMilt+v12T2jCwuBsR67CVWisDU0=
-----END PUBLIC KEY-----

BIN
certs/ed25519/ca-ed25519-priv.der
View File

Binary file not shown.

2
certs/ed25519/ca-ed25519-priv.pem
View File

@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIAw37caag1d0w0pY63b7oe9Frg8SA0rLDtnWWDl7MafZ
MC4CAQAwBQYDK2VwBCIEIPhVt7ZJP5mciOPFQmqkR0rkldrbv/inQp0O59BXjxZp
-----END PRIVATE KEY-----

BIN
certs/ed25519/ca-ed25519.der
View File

Binary file not shown.

58
certs/ed25519/ca-ed25519.pem
View File

@ -1,15 +1,47 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
42:3b:7a:f9:82:cf:f9:df:19:dd:f3:f0:32:29:6d:
fa:fd:76:4f:68:c2:c2:e0:6c:47:ae:c2:55:68:ac:
0d:4d
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9
X509v3 Authority Key Identifier:
keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be:
b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29:
35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8:
ce:1e:e4:8a:95:ba:cd:1d:ce:0d
-----BEGIN CERTIFICATE-----
MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD
VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j
b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe
MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G
A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF
BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+
3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F
MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx
MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh
AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU
dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW
77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA
2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd
dRes4/a4zh7kipW6zR3ODQ==
-----END CERTIFICATE-----

BIN
certs/ed25519/client-ed25519-key.der
View File

Binary file not shown.

7
certs/ed25519/client-ed25519-key.pem
View File

@ -1,4 +1,3 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEICkn2+pW4KyBhuv1IuoymGLEqp9hTFcALhcvKrmHgkhs
oSIEIE6fglljSpes+m6VbFo7Uuuj2ef2J7uJ+3e046zCCGrA
-----END EDDSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA5ldbExvHURRr7Tv10fqrnmy26wIJo5n1br+dPP5UOeY=
-----END PUBLIC KEY-----

BIN
certs/ed25519/client-ed25519-priv.der
View File

Binary file not shown.

2
certs/ed25519/client-ed25519-priv.pem
View File

@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEICkn2+pW4KyBhuv1IuoymGLEqp9hTFcALhcvKrmHgkhs
MC4CAQAwBQYDK2VwBCIEIJK1TOyvgca7AdbV3r03l1rSxvbDhbU75uTsMunHylLr
-----END PRIVATE KEY-----

BIN
certs/ed25519/client-ed25519.der
View File

Binary file not shown.

68
certs/ed25519/client-ed25519.pem
View File

@ -1,15 +1,57 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:66:c6:11:bc:00:f8:51:f9:e4:4b:bb:0b:ad:c1:09:38:b0:4a:e4
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
e6:57:5b:13:1b:c7:51:14:6b:ed:3b:f5:d1:fa:ab:
9e:6c:b6:eb:02:09:a3:99:f5:6e:bf:9d:3c:fe:54:
39:e6
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A
X509v3 Authority Key Identifier:
keyid:FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed25519/OU=Client-ed25519/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:40:66:C6:11:BC:00:F8:51:F9:E4:4B:BB:0B:AD:C1:09:38:B0:4A:E4
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Alternative Name:
DNS:example.com, IP Address:127.0.0.1
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ED25519
e0:87:e2:ce:d3:87:77:9d:f7:44:c0:73:00:ff:07:6d:2e:90:
90:5c:bf:30:46:9c:75:a9:48:50:8a:da:09:0f:a8:a8:04:b4:
33:c8:f4:28:61:9e:c2:a5:19:b7:70:1e:69:cd:49:5c:9a:f3:
81:e0:de:38:b3:37:ff:33:bb:07
-----BEGIN CERTIFICATE-----
MIICTDCCAf6gAwIBAgIQFcHfya6OWie0wxPOBaz6TDAFBgMrZXAwgZsxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ8wDQYD
VQQEDAZjbGllbnQxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEZMBcGA1UEBQAQaW5mb0B3b2xmc3Ns
LmNvbTAiGA8yMDIxMDIwOTE5NTAwNFoYDzIwMjMwMjEwMTk1MDA0WjCBmzELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xDzAN
BgNVBAQMBmNsaWVudDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUx
OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZz
c2wuY29tMCowBQYDK2VwAyEATp+CWWNKl6z6bpVsWjtS66PZ5/Ynu4n7d7TjrMII
asCjUjBQMB0GA1UdDgQWBBQxmyle67rNf5gcL3e47pgvKH2Z+DAfBgNVHSMEGDAW
gBQxmyle67rNf5gcL3e47pgvKH2Z+DAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EA
2DDJOFXo02UBBQyoCvcK5n21/GJmFQiwlQQICFMzq//6xYm8eYtNN/RkCnBDysvj
p6jnAwZw6/MMujoxC3PtCg==
MIIDVDCCAwagAwIBAgIUQGbGEbwA+FH55Eu7C63BCTiwSuQwBQYDK2VwMIGfMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUx
OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMB4XDTIxMDMxMDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZ8x
CzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFu
MRgwFgYDVQQKDA93b2xmU1NMX2VkMjU1MTkxFzAVBgNVBAsMDkNsaWVudC1lZDI1
NTE5MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb20wKjAFBgMrZXADIQDmV1sTG8dRFGvtO/XR+quebLbrAgmj
mfVuv508/lQ55qOCAVAwggFMMB0GA1UdDgQWBBT+QV4+geIuRrM+R4mQ1MK0jhHW
ijCB3wYDVR0jBIHXMIHUgBT+QV4+geIuRrM+R4mQ1MK0jhHWiqGBpaSBojCBnzEL
MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
GDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOQ2xpZW50LWVkMjU1
MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
b0B3b2xmc3NsLmNvbYIUQGbGEbwA+FH55Eu7C63BCTiwSuQwDAYDVR0TBAUwAwEB
/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwBQYDK2VwA0EA4IfiztOHd533RMBzAP8HbS6QkFy/MEac
dalIUIraCQ+oqAS0M8j0KGGewqUZt3Aeac1JXJrzgeDeOLM3/zO7Bw==
-----END CERTIFICATE-----

BIN
certs/ed25519/root-ed25519-key.der
View File

Binary file not shown.

7
certs/ed25519/root-ed25519-key.pem
View File

@ -1,4 +1,3 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIPUBUd1CTNITOelSbDQlzuGA30xv42CVcvpe92sq7N+o
oSIEIIgura+qJ+c7nKcbmd2OK5+dL++bfwkNtP5Cs9JL+nwO
-----END EDDSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA6bNvfHCKq8pUIE5kdjwaT/f6Xkr/89u5ZC0QpQxaP9o=
-----END PUBLIC KEY-----

BIN
certs/ed25519/root-ed25519-priv.der
View File

Binary file not shown.

2
certs/ed25519/root-ed25519-priv.pem
View File

@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIPUBUd1CTNITOelSbDQlzuGA30xv42CVcvpe92sq7N+o
MC4CAQAwBQYDK2VwBCIEIFcyr6XNVwsNpxIoY6ENIWmuvF/LJs2xkuvuxmoPrf1w
-----END PRIVATE KEY-----

BIN
certs/ed25519/root-ed25519.der
View File

Binary file not shown.

59
certs/ed25519/root-ed25519.pem
View File

@ -1,15 +1,48 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:8f:b8:f9:5c:f1:81:97:76:e0:cc:04:c6:f6:77:7b:4f:92:4c:c6
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
e9:b3:6f:7c:70:8a:ab:ca:54:20:4e:64:76:3c:1a:
4f:f7:fa:5e:4a:ff:f3:db:b9:64:2d:10:a5:0c:5a:
3f:da
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE
X509v3 Authority Key Identifier:
keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
44:f7:5d:ad:c0:68:5e:0c:af:c5:dd:da:a4:f9:34:4f:33:4f:
b3:db:bb:b6:36:67:f4:4d:63:a5:61:e8:b8:98:b7:e7:d3:52:
8b:fb:ca:61:97:db:34:55:63:a8:27:e8:22:16:b6:a9:f1:8d:
0e:f8:d1:56:08:45:b6:40:d9:09
-----BEGIN CERTIFICATE-----
MIICVjCCAgigAwIBAgIQYlI7cNFaPvFoHcYXLFMPzTAFBgMrZXAwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD
VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j
b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD
VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j
b20wKjAFBgMrZXADIQCILq2vqifnO5ynG5ndjiufnS/vm38JDbT+QrPSS/p8DqNg
MF4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUGXoJpuYmX18GUs5jJFqPXHE9u3cw
HwYDVR0jBBgwFoAUGXoJpuYmX18GUs5jJFqPXHE9u3cwDgYDVR0PAQH/BAQDAgHG
MAUGAytlcANBAOzVbL+V/Ik567gy9xUG5NwC1PE/SXEl6pNWTewxHAj8wU1IkDLT
FLYfC9ezVkWy9aOYaLH79T63Hl/tIahybgc=
MIICYTCCAhOgAwIBAgIUPI+4+VzxgZd24MwExvZ3e0+STMYwBQYDK2VwMIGdMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAeFw0yMTAzMTAwNjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGdMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAqMAUGAytlcAMhAOmzb3xwiqvKVCBOZHY8Gk/3+l5K//PbuWQt
EKUMWj/ao2MwYTAdBgNVHQ4EFgQU+rpbdh3xHR1NdEjYmDtW77MU894wHwYDVR0j
BBgwFoAU+rpbdh3xHR1NdEjYmDtW77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAYYwBQYDK2VwA0EARPddrcBoXgyvxd3apPk0TzNPs9u7tjZn9E1j
pWHouJi359NSi/vKYZfbNFVjqCfoIha2qfGNDvjRVghFtkDZCQ==
-----END CERTIFICATE-----

78
certs/ed25519/server-ed25519-cert.pem
View File

@ -1,30 +1,52 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
23:aa:4d:60:50:e0:13:d3:3a:ed:ab:f6:a9:cc:4a:
fe:d7:4d:2f:d2:5b:1a:10:05:ef:5a:41:25:ce:1b:
53:78
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:29:81:E7:90:6F:B9:60:F8:AF:CC:15:7A:AE:D7:A1:F4:B4:86:BA
X509v3 Authority Key Identifier:
keyid:74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Netscape Cert Type:
SSL Server
Signature Algorithm: ED25519
f3:c2:ef:8b:55:65:4f:bc:e3:df:fc:d8:a1:ad:8e:43:07:73:
c8:58:c3:46:0a:c1:f1:4d:3f:fb:3d:78:e6:76:58:26:ce:d7:
59:55:ec:c5:b5:b4:05:ed:f9:d4:97:69:66:d6:2c:1b:43:5a:
51:5c:be:10:28:95:c4:96:af:00
-----BEGIN CERTIFICATE-----
MIICRjCCAfigAwIBAgIQQyBFY/XbM3h5GPnWdnTeajAFBgMrZXAwgZcxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCIYDzIwMjEwMjA5MTk1MDA0WhgPMjAyMzAyMTAxOTUwMDRaMIGZMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE
BAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCowBQYDK2VwAyEAi/OP+P/p9GU5NF71Iny3X/19LSd1vDHlmtPu8us3ryijUjBQ
MB0GA1UdDgQWBBQp8hOvwv+m0cj7fJgvDhEuOGSijjAfBgNVHSMEGDAWgBRuiw3J
LFlDYK+lMoVs9XTzulSbzDAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EAo/sGXBKn
xIvogGi7VbdCmq1KbS04WEC2Kiu6DI22jOpQecqeUQ+iJ+Ua7tIlSsv0NPqqraq8
KKxhcSh1nWQbDQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD
VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j
b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe
MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G
A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF
BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+
3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F
MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTAzMTAw
NjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1
NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw
AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O
BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK
NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQDzwu+LVWVP
vOPf/NihrY5DB3PIWMNGCsHxTT/7PXjmdlgmztdZVezFtbQF7fnUl2lm1iwbQ1pR
XL4QKJXElq8A
-----END CERTIFICATE-----

BIN
certs/ed25519/server-ed25519-key.der
View File

Binary file not shown.

7
certs/ed25519/server-ed25519-key.pem
View File

@ -1,4 +1,3 @@
-----BEGIN EDDSA PRIVATE KEY-----
MFICAQAwBQYDK2VwBCIEIHyd6hRAi4voY3m+UTepnRnoKo50DlIF3i9js6EkbTEG
oSIEIIvzj/j/6fRlOTRe9SJ8t1/9fS0ndbwx5ZrT7vLrN68o
-----END EDDSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3g=
-----END PUBLIC KEY-----

BIN
certs/ed25519/server-ed25519-priv.der
View File

Binary file not shown.

2
certs/ed25519/server-ed25519-priv.pem
View File

@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIHyd6hRAi4voY3m+UTepnRnoKo50DlIF3i9js6EkbTEG
MC4CAQAwBQYDK2VwBCIEII6YRLBUgcY6R9j7wza/GXBhCSN24xxvgziuSVXFnoci
-----END PRIVATE KEY-----

BIN
certs/ed25519/server-ed25519.der
View File

Binary file not shown.

121
certs/ed25519/server-ed25519.pem
View File

@ -1,30 +1,99 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
23:aa:4d:60:50:e0:13:d3:3a:ed:ab:f6:a9:cc:4a:
fe:d7:4d:2f:d2:5b:1a:10:05:ef:5a:41:25:ce:1b:
53:78
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:29:81:E7:90:6F:B9:60:F8:AF:CC:15:7A:AE:D7:A1:F4:B4:86:BA
X509v3 Authority Key Identifier:
keyid:74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Netscape Cert Type:
SSL Server
Signature Algorithm: ED25519
f3:c2:ef:8b:55:65:4f:bc:e3:df:fc:d8:a1:ad:8e:43:07:73:
c8:58:c3:46:0a:c1:f1:4d:3f:fb:3d:78:e6:76:58:26:ce:d7:
59:55:ec:c5:b5:b4:05:ed:f9:d4:97:69:66:d6:2c:1b:43:5a:
51:5c:be:10:28:95:c4:96:af:00
-----BEGIN CERTIFICATE-----
MIICRjCCAfigAwIBAgIQQyBFY/XbM3h5GPnWdnTeajAFBgMrZXAwgZcxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCIYDzIwMjEwMjA5MTk1MDA0WhgPMjAyMzAyMTAxOTUwMDRaMIGZMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE
BAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCowBQYDK2VwAyEAi/OP+P/p9GU5NF71Iny3X/19LSd1vDHlmtPu8us3ryijUjBQ
MB0GA1UdDgQWBBQp8hOvwv+m0cj7fJgvDhEuOGSijjAfBgNVHSMEGDAWgBRuiw3J
LFlDYK+lMoVs9XTzulSbzDAOBgNVHQ8BAf8EBAMCBsAwBQYDK2VwA0EAo/sGXBKn
xIvogGi7VbdCmq1KbS04WEC2Kiu6DI22jOpQecqeUQ+iJ+Ua7tIlSsv0NPqqraq8
KKxhcSh1nWQbDQ==
MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTAzMTAw
NjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1
NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw
AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O
BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK
NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQDzwu+LVWVP
vOPf/NihrY5DB3PIWMNGCsHxTT/7PXjmdlgmztdZVezFtbQF7fnUl2lm1iwbQ1pR
XL4QKJXElq8A
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Mar 10 06:49:03 2021 GMT
Not After : Dec 5 06:49:03 2023 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
42:3b:7a:f9:82:cf:f9:df:19:dd:f3:f0:32:29:6d:
fa:fd:76:4f:68:c2:c2:e0:6c:47:ae:c2:55:68:ac:
0d:4d
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D5:38:19:5E:83:B9:03:F8:01:8A:35:35:BB:89:4C:49:B4:23:E9
X509v3 Authority Key Identifier:
keyid:FA:BA:5B:76:1D:F1:1D:1D:4D:74:48:D8:98:3B:56:EF:B3:14:F3:DE
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be:
b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29:
35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8:
ce:1e:e4:8a:95:ba:cd:1d:ce:0d
-----BEGIN CERTIFICATE-----
MIICVDCCAgagAwIBAgIQQAiKTYWESER1OSfza785ITAFBgMrZXAwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ0wCwYD
VQQEDARSb290MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xGTAXBgNVBAUAEGluZm9Ad29sZnNzbC5j
b20wIhgPMjAyMTAyMDkxOTUwMDRaGA8yMDIzMDIxMDE5NTAwNFowgZcxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMRkwFwYDVQQFABBpbmZvQHdvbGZzc2wuY29t
MCowBQYDK2VwAyEAqpZ9Z3HX/q2oXxQYvgLQFX6AZLkhe7I/fHRu//WE4oGjYDBe
MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFG6LDcksWUNgr6UyhWz1dPO6VJvMMB8G
A1UdIwQYMBaAFBl6CabmJl9fBlLOYyRaj1xxPbt3MA4GA1UdDwEB/wQEAwIBxjAF
BgMrZXADQQC7w3pxbsKWWTZl1BQDkNAauSRVUoKYgLK67OcsHMYTpbjNLan5jeT+
3z62i4fbzNBLDJD89XUSjtqQt1LRoE0F
MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx
MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh
AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU
dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW
77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA
2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd
dRes4/a4zh7kipW6zR3ODQ==
-----END CERTIFICATE-----

5
src/internal.c
View File

@ -24108,9 +24108,14 @@ int SendClientKeyExchange(WOLFSSL* ssl)
}
else
#endif
#ifdef HAVE_ECC
if (ssl->ctx->EccSharedSecretCb != NULL) {
break;
}
else
#endif
{
}
#endif /* HAVE_PK_CALLBACKS */
#ifdef HAVE_CURVE25519

12
tests/test-ed25519.conf
View File

@ -2,7 +2,7 @@
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-key.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
@ -28,7 +28,7 @@
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-key.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-A ./certs/ed25519/client-ed25519.pem
-V
# Remove -V when CRL for ED25519 certificates available.
@ -37,7 +37,7 @@
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/client-ed25519.pem
-k ./certs/ed25519/client-ed25519-key.pem
-k ./certs/ed25519/client-ed25519-priv.pem
-A ./certs/ed25519/root-ed25519.pem
-C
@ -45,7 +45,7 @@
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-key.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
@ -59,7 +59,7 @@
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-key.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-A ./certs/ed25519/client-ed25519.pem
-V
# Remove -V when CRL for ED25519 certificates available.
@ -68,7 +68,7 @@
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/client-ed25519.pem
-k ./certs/ed25519/client-ed25519-key.pem
-k ./certs/ed25519/client-ed25519-priv.pem
-A ./certs/ed25519/root-ed25519.pem
-C

239
testsuite/testsuite.c
View File

@ -56,6 +56,10 @@ static THREAD_RETURN simple_test(func_args*);
#else
static void simple_test(func_args*);
#endif
static int test_tls(func_args* server_args);
static void show_ciphers(void);
static void cleanup_output(void);
static int validate_cleanup_output(void);
enum {
NUMARGS = 3
@ -79,6 +83,7 @@ char* myoptarg = NULL;
#endif /* NO_TESTSUITE_MAIN_DRIVER */
#ifdef HAVE_STACK_SIZE
/* Wrap TLS echo client to free thread locals. */
static void *echoclient_test_wrapper(void* args) {
echoclient_test(args);
@ -108,8 +113,9 @@ int testsuite_test(int argc, char** argv)
int num = 6;
#endif
#ifdef HAVE_STACK_SIZE
void *serverThreadStackContext = 0;
void *serverThreadStackContext = NULL;
#endif
int ret;
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) {
@ -158,23 +164,11 @@ int testsuite_test(int argc, char** argv)
if (server_args.return_code != 0) return server_args.return_code;
/* Echo input wolfSSL client server test */
#ifdef HAVE_STACK_SIZE
StackSizeCheck_launch(&server_args, echoserver_test, &serverThread, &serverThreadStackContext);
StackSizeCheck_launch(&server_args, echoserver_test, &serverThread,
&serverThreadStackContext);
#else
start_thread(echoserver_test, &server_args, &serverThread);
#endif
wait_tcp_ready(&server_args);
{
func_args echo_args;
char* myArgv[NUMARGS];
char arg[3][32];
myArgv[0] = arg[0];
myArgv[1] = arg[1];
myArgv[2] = arg[2];
echo_args.argc = 3;
echo_args.argv = myArgv;
/* Create unique file name */
outputName = mymktemp(tempName, len, num);
@ -183,69 +177,29 @@ int testsuite_test(int argc, char** argv)
return EXIT_FAILURE;
}
strcpy(arg[0], "testsuite");
strcpy(arg[1], "input");
strcpy(arg[2], outputName);
ret = test_tls(&server_args);
if (ret != 0) {
cleanup_output();
return ret;
}
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args.signal;
/* make sure OK */
#ifdef HAVE_STACK_SIZE
fputs("echoclient_test #1: ", stdout);
StackSizeCheck(&echo_args, echoclient_test_wrapper);
#else
echoclient_test(&echo_args);
#endif
if (echo_args.return_code != 0) return echo_args.return_code;
#ifdef WOLFSSL_DTLS
wait_tcp_ready(&server_args);
#endif
/* send quit to echoserver */
echo_args.argc = 2;
strcpy(echo_args.argv[1], "quit");
#ifdef HAVE_STACK_SIZE
fputs("echoclient_test #2: ", stdout);
StackSizeCheck(&echo_args, echoclient_test_wrapper);
#else
echoclient_test(&echo_args);
#endif
if (echo_args.return_code != 0) return echo_args.return_code;
#ifdef HAVE_STACK_SIZE
/* Server won't quit unless TLS test has worked. */
#ifdef HAVE_STACK_SIZE
fputs("reaping echoserver_test: ", stdout);
StackSizeCheck_reap(serverThread, serverThreadStackContext);
#else
#else
join_thread(serverThread);
#endif
if (server_args.return_code != 0) return server_args.return_code;
#endif
if (server_args.return_code != 0) {
cleanup_output();
return server_args.return_code;
}
/* show ciphers */
{
char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
XMEMSET(ciphers, 0, sizeof(ciphers));
wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
printf("ciphers = %s\n", ciphers);
}
show_ciphers();
/* validate output equals input */
{
#ifndef NO_SHA256
byte input[WC_SHA256_DIGEST_SIZE];
byte output[WC_SHA256_DIGEST_SIZE];
file_test("input", input);
file_test(outputName, output);
#endif
remove(outputName);
#ifndef NO_SHA256
if (memcmp(input, output, sizeof(input)) != 0)
ret = validate_cleanup_output();
if (ret != 0)
return EXIT_FAILURE;
#endif
}
wolfSSL_Cleanup();
FreeTcpReady(&ready);
@ -270,6 +224,114 @@ int testsuite_test(int argc, char** argv)
}
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
/* Perform a basic TLS handshake.
*
* First connection to echo a file.
* Second to tell TLS server to quit.
*
* @param [in,out] server_args Object sent to server thread.
* @return 0 on success.
* @return echoclient error return code on failure.
*/
static int test_tls(func_args* server_args)
{
func_args echo_args;
char* myArgv[NUMARGS];
char arg[3][32];
/* Set up command line arguments for echoclient to send input file
* and write echoed data to temporary output file. */
myArgv[0] = arg[0];
myArgv[1] = arg[1];
myArgv[2] = arg[2];
echo_args.argc = 3;
echo_args.argv = myArgv;
strcpy(arg[0], "testsuite");
strcpy(arg[1], "input");
strcpy(arg[2], outputName);
/* Share the signal, it has the new port number in it. */
echo_args.signal = server_args->signal;
/* Ready to execute client - wait for server to be ready. */
wait_tcp_ready(server_args);
/* Do a client TLS connection. */
#ifdef HAVE_STACK_SIZE
fputs("echoclient_test #1: ", stdout);
StackSizeCheck(&echo_args, echoclient_test_wrapper);
#else
echoclient_test(&echo_args);
#endif
if (echo_args.return_code != 0)
return echo_args.return_code;
#ifdef WOLFSSL_DTLS
/* Ensure server is ready for UDP data. */
wait_tcp_ready(server_args);
#endif
/* Next client connection - send quit to shutdown server. */
echo_args.argc = 2;
strcpy(echo_args.argv[1], "quit");
/* Do a client TLS connection. */
#ifdef HAVE_STACK_SIZE
fputs("echoclient_test #2: ", stdout);
StackSizeCheck(&echo_args, echoclient_test_wrapper);
#else
echoclient_test(&echo_args);
#endif
if (echo_args.return_code != 0)
return echo_args.return_code;
return 0;
}
/* Show cipher suites available. */
static void show_ciphers()
{
char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
XMEMSET(ciphers, 0, sizeof(ciphers));
wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
printf("ciphers = %s\n", ciphers);
}
/* Cleanup temporary output file. */
static void cleanup_output()
{
remove(outputName);
}
/* Validate output equals input using a hash. Remove temporary output file.
*
* @return 0 on success.
* @return 1 on failure.
*/
static int validate_cleanup_output()
{
#ifndef NO_SHA256
byte input[WC_SHA256_DIGEST_SIZE];
byte output[WC_SHA256_DIGEST_SIZE];
file_test("input", input);
file_test(outputName, output);
#endif
cleanup_output();
#ifndef NO_SHA256
if (memcmp(input, output, sizeof(input)) != 0)
return 1;
#endif
return 0;
}
/* Simple server.
*
* @param [in] args Object for server data in thread.
* @return Return code.
*/
#ifdef HAVE_STACK_SIZE
static THREAD_RETURN simple_test(func_args* args)
#else
@ -313,13 +375,13 @@ static void simple_test(func_args* args)
strcpy(argvc[0], "SimpleClient");
cliArgs.argv = cliArgv;
cliArgs.return_code = 0;
#ifndef USE_WINDOWS_API
#ifndef USE_WINDOWS_API
cliArgs.argc = NUMARGS;
strcpy(argvc[1], "-p");
snprintf(argvc[2], sizeof(argvc[2]), "%d", svrArgs.signal->port);
#else
#else
cliArgs.argc = 1;
#endif
#endif
client_test(&cliArgs);
if (cliArgs.return_code != 0) {
@ -339,6 +401,10 @@ static void simple_test(func_args* args)
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
/* Wait for the server to be ready for a connection.
*
* @param [in] args Object to send to thread.
*/
void wait_tcp_ready(func_args* args)
{
#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
@ -355,6 +421,12 @@ void wait_tcp_ready(func_args* args)
}
/* Start a thread.
*
* @param [in] fun Function to executre in thread.
* @param [in] args Object to send to function in thread.
* @param [out] thread Handle to thread.
*/
void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
{
#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
@ -377,6 +449,10 @@ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
}
/* Join thread to wait for completion.
*
* @param [in] thread Handle to thread.
*/
void join_thread(THREAD_TYPE thread)
{
#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
@ -400,6 +476,11 @@ void join_thread(THREAD_TYPE thread)
#ifndef NO_SHA256
/* Create SHA-256 hash of the file based on filename.
*
* @param [in] file Name of file.
* @parma [out] check Buffer to hold SHA-256 hash.
*/
void file_test(const char* file, byte* check)
{
FILE* f;
@ -455,16 +536,18 @@ char* myoptarg = NULL;
int main(int argc, char** argv)
{
func_args server_args;
func_args wolfcrypt_test_args;
server_args.argc = argc;
server_args.argv = argv;
wolfcrypt_test_args.argc = argc;
wolfcrypt_test_args.argv = argv;
wolfSSL_Init();
ChangeToWolfRoot();
wolfcrypt_test(&server_args);
if (server_args.return_code != 0) return server_args.return_code;
/* No TLS - only doing cryptographic algorithm testing. */
wolfcrypt_test(&wolfcrypt_test_args);
if (wolfcrypt_test_args.return_code != 0)
return wolfcrypt_test_args.return_code;
wolfSSL_Cleanup();
printf("\nAll tests passed!\n");

4
wolfssl/internal.h
View File

@ -2978,6 +2978,7 @@ struct WOLFSSL_CTX {
CallbackEccSign EccSignCb; /* User EccSign Callback handler */
CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */
CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
/* User Ed25519Sign Callback handler */
CallbackEd25519Sign Ed25519SignCb;
@ -3002,7 +3003,6 @@ struct WOLFSSL_CTX {
/* User X448 SharedSecret Callback handler */
CallbackX448SharedSecret X448SharedSecretCb;
#endif
#endif /* HAVE_ECC */
#ifndef NO_DH
CallbackDhAgree DhAgreeCb; /* User DH Agree Callback handler */
#endif
@ -4362,6 +4362,7 @@ struct WOLFSSL {
void* EccSignCtx; /* Ecc Sign Callback Context */
void* EccVerifyCtx; /* Ecc Verify Callback Context */
void* EccSharedSecretCtx; /* Ecc Pms Callback Context */
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
void* Ed25519SignCtx; /* ED25519 Sign Callback Context */
void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */
@ -4378,7 +4379,6 @@ struct WOLFSSL {
void* X448KeyGenCtx; /* X448 KeyGen Callback Context */
void* X448SharedSecretCtx; /* X448 Pms Callback Context */
#endif
#endif /* HAVE_ECC */
#ifndef NO_DH
void* DhAgreeCtx; /* DH Pms Callback Context */
#endif /* !NO_DH */

4
wolfssl/test.h
View File

@ -3088,6 +3088,8 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
return ret;
}
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
static WC_INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
@ -3410,8 +3412,6 @@ static WC_INLINE int myX448SharedSecret(WOLFSSL* ssl, curve448_key* otherKey,
}
#endif /* HAVE_CURVE448 */
#endif /* HAVE_ECC */
#ifndef NO_DH
static WC_INLINE int myDhCallback(WOLFSSL* ssl, struct DhKey* key,
const unsigned char* priv, unsigned int privSz,