feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Zephyr port update

Browse Source 
- Add CONFIG_PTHREAD_IPC when using threads
- Add logging config suggestions
- test.c: fix undefined `ret` error
- Increase stack size for samples
- Ignore ASN_BEFORE_DATE_E in examples
- wc_port.h: add missing posix thread includes
- wc_port.h: move definitions to relevant section
- benchmark.c: fix missing `arc` and `argv` errors
- benchmark.c: fflush does not work on stdout in Zephyr
- Update z_fs_open implementation to support flags
This commit is contained in:
Juliusz Sosinowicz
2023-04-07 18:10:58 +02:00
parent 81ab16b105
commit c9d91c5e79
10 changed files with 141 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
wolfcrypt/benchmark/benchmark.c
View File

@ -97,8 +97,11 @@
#endif
#endif
#ifdef NO_STDIO_FILESYSTEM
#define fflush(...) do {} while (0)
#if defined(WOLFSSL_ZEPHYR) || defined(NO_STDIO_FILESYSTEM) || !defined(XFFLUSH)
/* fflush in Zephyr doesn't work on stdout and stderr. Use
* CONFIG_LOG_MODE_IMMEDIATE compilation option instead. */
#undef XFFLUSH
#define XFFLUSH(...) do {} while (0)
#endif
/* Macro to disable benchmark */
@ -359,7 +362,7 @@
printf("%s%s L%d error %d for \"%s\"\n", \
err_prefix, __FILE__, __LINE__, \
errno, #__VA_ARGS__); \
fflush(stdout); \
XFFLUSH(stdout); \
_exit(1); \
} \
} while(0)
@ -373,7 +376,7 @@
printf("%s%s L%d error %d for \"%s\"\n", \
err_prefix, __FILE__, __LINE__, \
_pthread_ret, #__VA_ARGS__); \
fflush(stdout); \
XFFLUSH(stdout); \
_exit(1); \
} \
} while(0)
@ -1948,7 +1951,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
}
#ifndef WOLFSSL_SGX
fflush(stdout);
XFFLUSH(stdout);
#endif
/* Add to thread stats */
@ -2081,7 +2084,7 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
}
#ifndef WOLFSSL_SGX
fflush(stdout);
XFFLUSH(stdout);
#endif
/* Add to thread stats */
@ -9125,6 +9128,9 @@ static int string_matches(const char* arg, const char* str)
ESP_ERROR_CHECK(gptimer_enable(esp_gptimer));
ESP_ERROR_CHECK(gptimer_start(esp_gptimer));
#endif
#elif defined(MAIN_NO_ARGS)
int argc = 0;
char** argv = NULL;
#endif

39
wolfcrypt/src/wc_port.c
View File

@ -915,13 +915,48 @@ void wc_ReadDirClose(ReadDirCtx* ctx)
#endif /* !NO_FILESYSTEM */
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_ZEPHYR)
XFILE z_fs_open(const char* filename, const char* perm)
XFILE z_fs_open(const char* filename, const char* mode)
{
XFILE file;
fs_mode_t flags = 0;
if (mode == NULL)
return NULL;
/* Parse mode */
switch (*mode++) {
case 'r':
flags |= FS_O_READ;
break;
case 'w':
flags |= FS_O_WRITE|FS_O_CREATE;
break;
case 'a':
flags |= FS_O_APPEND|FS_O_CREATE;
break;
default:
return NULL;
}
/* Ignore binary flag */
if (*mode == 'b')
mode++;
if (*mode == '+') {
flags |= FS_O_READ;
/* Don't add write flag if already appending */
if (!(flags & FS_O_APPEND))
flags |= FS_O_RDWR;
}
/* Ignore binary flag */
if (*mode == 'b')
mode++;
/* Incorrect mode string */
if (*mode != '\0')
return NULL;
file = (XFILE)XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE);
if (file != NULL) {
if (fs_open(file, filename) != 0) {
if (fs_open(file, filename, flags) != 0) {
XFREE(file, NULL, DYNAMIC_TYPE_FILE);
file = NULL;
}

3
wolfcrypt/test/test.c
View File

@ -43777,6 +43777,9 @@ WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
{
#ifdef WOLFSSL_PTHREADS
wolfSSL_Mutex m;
#endif
#if defined(WOLFSSL_PTHREADS) || (!defined(WOLFSSL_NO_MALLOC) && \
!defined(WOLFSSL_USER_MUTEX) && defined(WOLFSSL_STATIC_MEMORY))
int ret;
#endif
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_USER_MUTEX)

20
wolfssl/wolfcrypt/wc_port.h
View File

@ -139,7 +139,12 @@
/* do nothing */
#elif defined(WOLFSSL_ZEPHYR)
#ifndef SINGLE_THREADED
#ifndef CONFIG_PTHREAD_IPC
#error "Need CONFIG_PTHREAD_IPC for threading"
#endif
#include <zephyr/kernel.h>
#include <zephyr/posix/posix_types.h>
#include <zephyr/posix/pthread.h>
#endif
#elif defined(WOLFSSL_TELIT_M2MB)
@ -513,11 +518,14 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XFILE struct fs_file_t*
#define STAT struct fs_dirent
XFILE z_fs_open(const char* filename, const char* perm);
/* These are our wrappers for opening and closing files to
* make the API more POSIX like. */
XFILE z_fs_open(const char* filename, const char* mode);
int z_fs_close(XFILE file);
#define XFOPEN z_fs_open
#define XFCLOSE z_fs_close
#define XFFLUSH fs_sync
#define XFSEEK fs_seek
#define XFTELL fs_tell
#define XFREWIND fs_rewind
@ -528,6 +536,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XBADFILE NULL
#define XFGETS(b,s,f) -2 /* Not ported yet */
#define XSTAT fs_stat
#define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE)
#define SEPARATOR_CHAR ':'
#elif defined(WOLFSSL_TELIT_M2MB)
#define XFILE INT32
#define XFOPEN(NAME, MODE) m2mb_fs_open((NAME), 0, (MODE))
@ -655,12 +667,6 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XREAD read
#define XCLOSE close
#elif defined(WOLFSSL_ZEPHYR)
#ifndef XSTAT
#define XSTAT fs_stat
#endif
#define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE)
#define SEPARATOR_CHAR ':'
#elif defined(WOLFSSL_TELIT_M2MB)
#ifndef XSTAT
#define XSTAT m2mb_fs_stat

3
zephyr/samples/wolfssl_benchmark/prj.conf
View File

@ -3,6 +3,9 @@
CONFIG_MAIN_STACK_SIZE=32768
CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y

3
zephyr/samples/wolfssl_test/prj.conf
View File

@ -3,6 +3,9 @@
CONFIG_MAIN_STACK_SIZE=32768
CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y

5
zephyr/samples/wolfssl_tls_sock/prj.conf
View File

@ -7,6 +7,9 @@ CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192
# General config
CONFIG_NEWLIB_LIBC=y
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y
@ -43,6 +46,8 @@ CONFIG_NET_PKT_TX_COUNT=10
# Logging
CONFIG_PRINTK=y
#CONFIG_WOLFSSL_DEBUG=y
#CONFIG_LOG=y
#CONFIG_LOG_MODE_IMMEDIATE=y
# TLS configuration
CONFIG_WOLFSSL=y

29
zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
View File

@ -30,8 +30,8 @@
#endif
#define BUFFER_SIZE 2048
#define STATIC_MEM_SIZE (96*1024)
#define THREAD_STACK_SIZE (12*1024)
#define STATIC_MEM_SIZE (192*1024)
#define THREAD_STACK_SIZE (24*1024)
#define MAX_SEND_SIZE 256
/* The stack to use in the server's thread. */
@ -64,6 +64,15 @@ static const char msgHTTPIndex[] =
"</body>\n"
"</html>\n";
/* DO NOT use this in production. You should implement a way
* to get the current date. */
static int verifyIgnoreDateError(int preverify, WOLFSSL_X509_STORE_CTX* store)
{
if (store->error == ASN_BEFORE_DATE_E)
return 1; /* override error */
else
return preverify;
}
/* Create a new wolfSSL client with a server CA certificate. */
static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
@ -81,8 +90,11 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
if (ret == 0) {
/* Load client certificates into WOLFSSL_CTX */
if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) !=
if (wolfSSL_CTX_load_verify_buffer_ex(client_ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1, 0,
/* DO NOT use this in production. You should
* implement a way to get the current date. */
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) !=
WOLFSSL_SUCCESS) {
printf("ERROR: failed to load CA certificate\n");
ret = -1;
@ -97,6 +109,11 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
}
}
if (ret == 0)
wolfSSL_set_verify(client_ssl,
WOLFSSL_VERIFY_PEER|WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verifyIgnoreDateError);
if (ret == 0) {
/* Return newly created wolfSSL context and object */
*ctx = client_ctx;
@ -170,6 +187,10 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
}
}
if (ret == 0)
wolfSSL_set_verify(server_ssl, WOLFSSL_VERIFY_PEER,
verifyIgnoreDateError);
if (ret == 0) {
/* Return newly created wolfSSL context and object */
*ctx = server_ctx;

17
zephyr/samples/wolfssl_tls_thread/prj.conf
View File

@ -4,6 +4,9 @@ CONFIG_ENTROPY_GENERATOR=y
CONFIG_INIT_STACKS=y
CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=65536
# Pthreads
CONFIG_PTHREAD_IPC=y
# Clock for time()
CONFIG_POSIX_CLOCK=y
@ -16,16 +19,18 @@ CONFIG_NET_SOCKETS=y
CONFIG_DNS_RESOLVER=y
# Logging
# Enable logging using RTT and UART
CONFIG_PRINTK=y
CONFIG_CBPRINTF_LIBC_SUBSTS=y
CONFIG_CBPRINTF_FP_SUPPORT=y
CONFIG_CONSOLE=y
CONFIG_LOG=y
CONFIG_LOG_BACKEND_UART=y
CONFIG_LOG_BUFFER_SIZE=15360
CONFIG_LOG_MODE_IMMEDIATE=y
#CONFIG_WOLFSSL_DEBUG=y
# Enable logging using RTT and UART
#CONFIG_CBPRINTF_LIBC_SUBSTS=y
#CONFIG_CBPRINTF_FP_SUPPORT=y
#CONFIG_CONSOLE=y
#CONFIG_LOG_BACKEND_UART=y
#CONFIG_LOG_BUFFER_SIZE=15360
# TLS configuration
CONFIG_WOLFSSL=y
CONFIG_WOLFSSL_BUILTIN=y

33
zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
View File

@ -43,8 +43,8 @@
#endif
#define BUFFER_SIZE 2048
#define STATIC_MEM_SIZE (96*1024)
#define THREAD_STACK_SIZE (13*1024)
#define STATIC_MEM_SIZE (192*1024)
#define THREAD_STACK_SIZE (24*1024)
/* The stack to use in the server's thread. */
K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
@ -173,6 +173,16 @@ static int send_server(WOLFSSL* ssl, char* buff, int sz, void* ctx)
return sz;
}
/* DO NOT use this in production. You should implement a way
* to get the current date. */
static int verifyIgnoreDateError(int preverify, WOLFSSL_X509_STORE_CTX* store)
{
if (store->error == ASN_BEFORE_DATE_E)
return 1; /* override error */
else
return preverify;
}
/* Create a new wolfSSL client with a server CA certificate. */
static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
{
@ -189,8 +199,11 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
if (ret == 0) {
/* Load client certificates into WOLFSSL_CTX */
if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_ecc_cert_der_256,
sizeof_ca_ecc_cert_der_256, WOLFSSL_FILETYPE_ASN1) !=
if (wolfSSL_CTX_load_verify_buffer_ex(client_ctx, ca_ecc_cert_der_256,
sizeof_ca_ecc_cert_der_256, WOLFSSL_FILETYPE_ASN1, 0,
/* DO NOT use this in production. You should
* implement a way to get the current date. */
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) !=
WOLFSSL_SUCCESS) {
printf("ERROR: failed to load CA certificate\n");
ret = -1;
@ -218,6 +231,11 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
}
}
if (ret == 0)
wolfSSL_set_verify(client_ssl,
WOLFSSL_VERIFY_PEER|WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verifyIgnoreDateError);
#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
if (ret == 0) {
XMEMSET(&client_psa_ctx, 0, sizeof(client_psa_ctx));
@ -378,6 +396,10 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
}
}
if (ret == 0)
wolfSSL_set_verify(server_ssl, WOLFSSL_VERIFY_PEER,
verifyIgnoreDateError);
#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
if (ret == 0) {
if (wolfSSL_set_psa_ctx(server_ssl, &server_psa_ctx)
@ -543,6 +565,7 @@ void server_thread(void* arg1, void* arg2, void* arg3)
ret = wolfssl_send(server_ssl, msgHTTPIndex);
printf("Server Return: %d\n", ret);
printf("Server Error: %d\n", wolfSSL_get_error(server_ssl, ret));
#ifdef WOLFSSL_STATIC_MEMORY
printf("Server Memory Stats\n");
@ -618,6 +641,8 @@ int main()
ret = 0;
printf("Client Return: %d\n", ret);
printf("Client Error: %d\n", wolfSSL_get_error(client_ssl, ret));
join_thread(serverThread);