feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #249 from lchristina26/master

Browse Source 
Updates for VxWorks entropy and README, Arduino functionality
This commit is contained in:
toddouska
2016-01-08 16:08:13 -08:00
parent 431951a692 86ddeeb110
commit db1f321ae3
9 changed files with 396 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
IDE/ARDUINO/README.md Normal file
View File

@ -0,0 +1,19 @@
### wolfSSL with Arduino
##### Reformatting wolfSSL as a compatible Arduino Library
This is a shell script that will re-organize the wolfSSL library to be
compatible with Arduino projects. The Arduino IDE requires a library's source
files to be in the library's root directory with a header file in the name of
the library. This script moves all src/ files to the root wolfssl directory and
creates a stub header file called wolfssl.h.
To configure wolfSSL with Arduino, enter the following from within the
wolfssl/IDE/ARDUINO directory:
./wolfssl-arduino.sh
#####Including wolfSSL in Arduino Libraries (for Arduino version 1.6.6)
1. Copy the wolfSSL directory into Arduino/libraries (or wherever Arduino searches for libraries).
2. In the Arduino IDE:
- Go to ```Sketch > Include Libraries > Manage Libraries```. This refreshes your changes to the libraries.
- Next go to ```Sketch > Include Libraries > wolfSSL```. This includes wolfSSL in your sketch.

8
IDE/ARDUINO/include.am Normal file
View File

@ -0,0 +1,8 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
EXTRA_DIST+= IDE/ARDUINO/README.md
EXTRA_DIST+= IDE/ARDUINO/sketches/wolfssl_client.ino
EXTRA_DIST+= IDE/ARDUINO/wolfssl-arduino.sh

144
IDE/ARDUINO/sketches/wolfssl_client.ino Normal file
View File

@ -0,0 +1,144 @@
/* wolfssl_client.ino
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <wolfssl.h>
#include <wolfssl/ssl.h>
#include <Ethernet.h>
const char host[] = "192.168.1.148"; // server to connect to
int port = 11111; // port on server to connect to
int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
int reconnect = 10;
EthernetClient client;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
WOLFSSL_METHOD* method = 0;
void setup() {
Serial.begin(9600);
method = wolfTLSv1_2_client_method();
if (method == NULL) {
Serial.println("unable to get method");
return;
}
ctx = wolfSSL_CTX_new(method);
if (ctx == NULL) {
Serial.println("unable to get ctx");
return;
}
// initialize wolfSSL using callback functions
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_SetIOSend(ctx, EthernetSend);
wolfSSL_SetIORecv(ctx, EthernetReceive);
return;
}
int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
int sent = 0;
sent = client.write((byte*)msg, sz);
return sent;
}
int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
int ret = 0;
while (client.available() > 0 && ret < sz) {
reply[ret++] = client.read();
}
return ret;
}
void loop() {
int err = 0;
int input = 0;
int sent = 0;
int total_input = 0;
char msg[32] = "hello wolfssl!";
int msgSz = (int)strlen(msg);
char errBuf[80];
char reply[80];
WOLFSSL_CIPHER* cipher;
if (reconnect) {
reconnect--;
if (client.connect(host, port)) {
Serial.print("Connected to ");
Serial.println(host);
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("Unable to get SSL object. Error = ");
Serial.println(errBuf);
}
Serial.print("SSL version is ");
Serial.println(wolfSSL_get_version(ssl));
if ((wolfSSL_write(ssl, msg, strlen(msg))) == msgSz) {
cipher = wolfSSL_get_current_cipher(ssl);
Serial.print("SSL cipher suite is ");
Serial.println(wolfSSL_CIPHER_get_name(cipher));
Serial.print("Server response: ");
while (client.available() || wolfSSL_pending(ssl)) {
input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
total_input += input;
if ( input > 0 ) {
reply[input] = '\0';
Serial.print(reply);
} else if (input < 0) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("wolfSSL_read failed. Error: ");
Serial.println(errBuf);
} else {
Serial.println();
}
}
} else {
Serial.println("SSL_write failed");
}
if (ssl != NULL)
wolfSSL_free(ssl);
client.stop();
Serial.println("Connection complete.");
reconnect = 0;
} else {
Serial.println("Trying to reconnect...");
}
}
delay(1000);
}

15
IDE/ARDUINO/wolfssl-arduino.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/sh
# this script will reformat the wolfSSL source code to be compatible with
# an Arduino project
# run as bash ./wolfssl-arduino.sh
DIR=${PWD##*/}
if [ "$DIR" == "ARDUINO" ]; then
cp ../../src/*.c ../../
cp ../../wolfcrypt/src/*.c ../../
echo "/* stub header file for Arduino compatibility */" >> ../../wolfssl.h
else
echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
fi

327
IDE/WORKBENCH/README.md
View File

@ -1,5 +1,170 @@
## Wind River Workbench using VxWorks with wolfSSL
####1 Necessary Files if Using VxWorks Simulator
####1 Steps to Add wolfSSL to Workbench Project
1. Start by creating a new VxWorks image in Workbench by going to File > New >
Project and then selecting VxWorks Image Project.
2. Right click on the project and go to Import > General > Filesystem. Click Next.
Choose the path to the wolfSSL library here. Uncheck everything except the examples,
src and wolfcrypt directories. Uncheck the following:
wolfcrypt/src/aes_asm.asm
wolfcrypt/src/aes_asm.s
examples/echoclient/
examples/echoserver/
wolfcrypt/user-crypto
Uncheck "Create top level folder". Click Finish.
3. To include the path to the wolfSSL header files, right click on the project
and go to Properties > Build Properties and select the "Paths" tab. Click "Add"
then "Browse" and select:
<path_to_wolfssl>/
Click "OK" then "OK" again.
4. In ```<path_to_wolfssl>/wolfssl/wolfcrypt/settings.h```, uncomment
#define WOLFSSL_VXWORKS
5. If using the VxWorks simulator add the following to EXTRA\_DEFINE:
-DVXWORKS_SIM /* only if using the VxWorks simulator */
This can be done by right clicking on the project in Project Explorer, going to
Build Properties and selecting the "Variables" tab. Highlight EXTRA\_DEFINE and
click "Edit". Enter the above define to the end of the line.
6. Copy the certs folder in ```<path_to_wolfssl>/``` to the Wind River Workbench
workspace folder. This is where the simulator looks for the filesystem.
7. Include Entropy:
- Create a new project, similar to step 1 but choose VxWorks Source Build
Project as the type of project instead of VxWorks Image Project.
- In the project directory, double click "Source Build Configuration" and
under os > core > CORE\_KERNEL Menu > VxWorks Kernel Component
Configuration find "Inject entropy in interrupts". Double click this.
- Go back to your VIP project. Right click the project and select "Properties".
- In "Properties", select "Project References". Check the box next to the
new project you created. Click "Ok".
- Rebuild the project.
####2 Testing wolfSSL with VxWorks:
#####2.1 wolfCrypt Test and Benchmark Applications
The wolfCrypt test application will test each of the cryptographic algorithms
and output the status for each as a success or failure. The benchmark application will output the runtime of the cryptographic algorithms in milliseconds.
1. Include the following at the top of usrAppInit.c:
#include <wolfcrypt/test/test.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/test.h>
extern int benchmark_test(void* args);
2. In usrAppInit.c, make a call to the wolfCrypt test and benchmark applications
by adding the following to the usrAppInit() function:
typedef struct func_args {
int argc;
char** argv;
int return_code;
tcp_ready* signal;
callback_functions *callbacks;
} func_args;
func_args args;
wolfcrypt_test(&args);
benchmark_test(&args);
3. Right click on the project and select "Build Project".
4. To run the VxWorks simulator, click the dropdown list next to "VxWorks Simulator" at the top of Workbench and go to "Open Connection Details". Add the correct Kernel Image file. This will be located in ```workspace/<project_name>/default/vxWorks```. Click Apply. Start the simulator by clicking the green, "Connect 'VxWorks Simulator'" button to the right of the "VxWorks Simulator" dropdown list. Verify in the simulator terminal that all wolfCrypt tests pass.
#####2.2 Example Client
The wolfSSL example client.c file can be found in ```<path_to_wolfssl>/wolfssl/examples/client```.
1. Add the following include to usrAppInit.c:
#include <examples/client/client.h>
2. In usrAppInit.c, include the func\_args as described in the Test Application
section, and add a call to the client function:
client_test(&args);
3. The char* host in ```examples/client/client.c``` will need to be changed to the IP address to connect to. For example:
char* host = "192.168.15.1";
4. Right click on the project and select "Build Project".
5. If using the VxWorks Simulator, localhost will not work. NAT should be selected in the Simulator Connection Advanced setup. To do this, click the dropdown button next to VxWorks Simulator at the top of Workbench and select "Open Connection Details". Make sure the correct kernel image file is selected for you project as stated in section 3.1 step 4. Then click Advanced and select NAT as the Network Config. Click OK and Apply.
6. There is an example server in ```<path_to_wolfssl>``` that can be used for testing the client. wolfSSL will first need to be built. Follow the instructions [here](https://www.wolfssl.com/wolfSSL/Docs-wolfssl-manual-2-building-wolfssl.html) to do so. See the [wolfSSL manual]( https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-3-getting-started.html) for instructions on setting up the example server. From within ```<path_to_wolfssl>/wolfssl```, the following command can be used to run the server on the host machine:
./examples/server/server -d -b
7. Start the example client in Workbench by following step 3 in section 3.1.
8. The following output should be expected in the simulator terminal:
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Server response: I hear you fa shizzle!
#####2.3 Example Server
The example server requires more configuration than the client if using the
VxWorks simulator.
Note: The wolfSSL example server and client cannot run at the same time on the VxWorks simulator. Either remove or comment out the ```client_test(&args);``` line.
1. Add the following include to usrAppInit.c:
#include </examples/server/server.h>
2. In usrAppInit.c, after the ```func_args args;``` call, add:
tcp_ready ready;
ready.ready = 0;
ready.port = 0;
args.signal = &ready;
server_test(&args);
3. Right click on the project and select "Build Project".
4. Start the server and complete the following:
Go to "Open Connection Details" under VxWorks Simulator which is in the connections
dropdown. Follow step 4 of section 3.1 to select the correct kernel image for the simulator. In "Open Connection Details" of the simulator, go to "Advanced...". Select simnetd from the Network Config dropdown and enter
192.168.200.1 as the IP address. To connect to the server running on the VxWorks Simulator, enter these commands
into the host machine's terminal from any directory (for Ubuntu 14.04):
sudo openvpn --mktun --dev tap0
Note: openvpn may need to be installed first.
In Wind River directory on the host machine:
sudo vxworks-7/host/x86-linux2/bin/vxsimnetd
This will start the vxsimnetd application. Leave it running in the background.
5. There is an example client in ```<path_to_wolfssl>/wolfssl/examples``` . Again, wolfSSL will first need to be built. Follow the instructions [here](https://www.wolfssl.com/wolfSSL/Docs-wolfssl-manual-2-building-wolfssl.html) to do so. See the [wolfSSL manual]( https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-3-getting-started.html) for instructions on how to set up the client. From within ```<path_to_wolfssl>/wolfssl``` , the following command can be used to run the client on the host machine:
./examples/client/client -h 192.168.200.1 -d
The -d option disables peer checks.
6. The following output should be expected in the simulator terminal:
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Client message: hello wolfssl!
####3 Necessary Files if Using VxWorks Simulator
The following files are required to replicate this build:
* vxsim\_linux\_1\_0\_2\_2 (directory)
* compilers/gnu-4.8.1.5/include/c++/4.8
@ -15,163 +180,3 @@ The following files are required to replicate this build:
Note: This project was tested with a pre-built image in the VxWorks distribution
called vip\_vxsim\_linux\_gnu.
####2 Steps to Add wolfSSL to Workbench Project
1. Start by creating a new VxWorks image in Workbench by going to File > New >
Project and then selecting VxWorks Image Project.
2. Right click on the project and go to Import > General > Filesystem. Choose the path
to the wolfSSL library here. Uncheck everything except the examples, src and
wolfcrypt directories. Uncheck the following:
wolfcrypt/src/aes_asm.asm
wolfcrypt/src/aes_asm.s
examples/echoclient/
examples/echoserver/
wolfcrypt/user-crypto
Leave "Create top level folder" unchecked. Click Finish.
3. To include the path to the wolfSSL header files, right click on the project and go to Properties > Build Properties > Paths.
Choose Browse and select:
<path_to_wolfssl>/
Click ok.
4. In ```<path_to_wolfssl>/wolfssl/wolfcrypt/settings.h```, uncomment #define WOLFSSL_VXWORKS
5. If using the VxWorks simulator add the following to EXTRA\_DEFINE:
-DVXWORKS_SIM /* only if using the VxWorks simulator */
6. Copy the certs folder in ```<path_to_wolfssl>/``` to the Wind River Workbench workspace folder. This is where the simulator looks for the filesystem.
7. If NO\_DEV\_RANDOM is defined in ```<path_to_wolfssl>wolfssl/wolfcrypt/settings.h``` inside the
\#ifdef WOLFSSL\_VXWORKS block, a new GenerateSeed() function will need to be defined
in wolfcrypt/src/random.c.
8. Include Entropy:
- Create a new project, similar to step 1 but choose VxWorks Source Build Project as the type of project instead of VxWorks Image Project.
- In the project directory, double click "Source Build Configuration" and under os > core > CORE\_KERNEL Menu > VxWorks Kernel Component Configuration find "Inject entropy in interrupts". Double click this.
- Go back to your VIP project. Right click the project and select "Properties".
- In "Properties", select "Project References". Check the box next to the new project you created. Click "Ok".
- Rebuild the project.
####3 Testing wolfSSL with VxWorks:
#####3.1 wolfCrypt Test and Benchmark Applications
The wolfCrypt test application will test each of the cryptographic algorithms
and output the status for each as a success or failure. The benchmark application will output the runtime of the cryptographic algorithms in milliseconds.
1. Include the following at the top of usrAppInit.c:
#include <wolfcrypt/test/test.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/test.h>
extern int benchmark_test(void* args);
2. In usrAppInit.c, make a call to the wolfCrypt test and benchmark applications
by adding the following to the usrAppInit() function:
typedef struct func_args {
int argc;
char** argv;
int return_code;
tcp_ready* signal;
callback_functions *callbacks;
} func_args;
func_args args;
wolfcrypt_test(&args);
benchmark_test(&args);
3. Right click on the project and select "Build Project".
4. To run the VxWorks simulator, click the dropdown list next to "VxWorks Simulator" at the top of Workbench and go to "Open Connection Details". Add the correct Kernel Image file. This will be located in ```workspace/<project_name>/default/vxWorks```. Click Apply. Start the simulator by clicking the green, "Connect 'VxWorks Simulator'" button to the right of the "VxWorks Simulator" dropdown list. Verify in the simulator terminal that all wolfCrypt tests pass.
#####3.2 Example Client
The wolfSSL example client.c file can be found in ```<path_to_wolfssl>/wolfssl/examples/client```.
1. Add the following include to usrAppInit.c:
#include <examples/client/client.h>
2. In usrAppInit.c, include the func\_args as described in the Test Application
section, and add a call to the client function:
client_test(&args);
3. The char* host in ```examples/client/client.c``` will need to be changed to the IP address to connect to. For example:
char* host = "192.168.15.1";
4. Right click on the project and select "Build Project".
5. If using the VxWorks Simulator, localhost will not work. NAT should be selected in the Simulator Connection Advanced setup. To do this, click the dropdown button next to VxWorks Simulator at the top of Workbench and select "Open Connection Details". Make sure the correct kernel image file is selected for you project as stated in section 3.1 step 4. Then click Advanced and select NAT as the Network Config. Click OK and Apply.
6. There is an example server in ```<path_to_wolfssl>``` that can be used for testing the client. wolfSSL will first need to be built. Follow the instructions [here](https://www.wolfssl.com/wolfSSL/Docs-wolfssl-manual-2-building-wolfssl.html) to do so. See the [wolfSSL manual]( https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-3-getting-started.html) for instructions on setting up the example server. From within ```<path_to_wolfssl>/wolfssl```, the following command can be used to run the server on the host machine:
./examples/server/server -d -b
7. Start the example client in Workbench by following step 3 in section 3.1.
8. The following output should be expected in the simulator terminal:
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Server response: I hear you fa shizzle!
#####3.3 Example Server
The example server requires more configuration than the client if using the
VxWorks simulator.
Note: The wolfSSL example server and client cannot run at the same time on the VxWorks simulator. Either remove or comment out the ```client_test(&args);``` line.
1. Add the following include to usrAppInit.c:
#include </examples/server/server.h>
2. In usrAppInit.c, after the ```func_args args;``` call, add:
tcp_ready ready;
ready.ready = 0;
ready.port = 0;
args.signal = &ready;
server_test(&args);
3. Right click on the project and select "Build Project".
4. Start the server and complete the following:
Go to "Open Connection Details" under VxWorks Simulator which is in the connections
dropdown. Follow step 4 of section 3.1 to select the correct kernel image for the simulator. In "Open Connection Details" of the simulator, go to "Advanced...". Select simnetd from the Network Config dropdown and enter
192.168.200.1 as the IP address. To connect to the server running on the VxWorks Simulator, enter these commands
into the host machine's terminal from any directory (for Ubuntu 14.04):
sudo openvpn --mktun --dev tap0
Note: openvpn may need to be installed first.
In Wind River directory on the host machine:
sudo vxworks-7/host/x86-linux2/bin/vxsimnetd
This will start the vxsimnetd application. Leave it running in the background.
5. There is an example client in ```<path_to_wolfssl>/wolfssl/examples``` . Again, wolfSSL will first need to be built. Follow the instructions [here](https://www.wolfssl.com/wolfSSL/Docs-wolfssl-manual-2-building-wolfssl.html) to do so. See the [wolfSSL manual]( https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-3-getting-started.html) for instructions on how to set up the client. From within ```<path_to_wolfssl>/wolfssl``` , the following command can be used to run the client on the host machine:
./examples/client/client -h 192.168.200.1 -d
The -d option disables peer checks.
6. The following output should be expected in the simulator terminal:
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Client message: hello wolfssl!

1
IDE/include.am
View File

@ -6,5 +6,6 @@ include IDE/iOS/include.am
include IDE/WIN/include.am
include IDE/WORKBENCH/include.am
include IDE/ROWLEY-CROSSWORKS-ARM/include.am
include IDE/ARDUINO/include.am
EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO

17
INSTALL
View File

@ -38,12 +38,19 @@
Please see the README in mqx
8. Porting to a new platform
8. Building with Rowley CrossWorks for ARM
Use the CrossWorks project in IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
There is a README.md in IDE/ROWLEY-CROSSWORKS-ARM with more information
9. Building with Arduino
Use the script IDE/ARDUINO/wolfssl-arduino.sh to reformat the wolfSSL
library for compatibility with the Arduino IDE. There is a README.md in
IDE/ARDUINO for detailed instructions.
10. Porting to a new platform
Please see section 2.4 in the manual:
http://www.wolfssl.com/yaSSL/Docs-cyassl-manual-2-building-cyassl.html
9. Building with Rowley CrossWorks for ARM
Use the CrossWorks project in IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
There is a README.md in IDE/ROWLEY-CROSSWORKS-ARM with more information

12
wolfcrypt/src/random.c
View File

@ -1292,10 +1292,18 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) {
STATUS status;
/* RANDOM ENTORPY INJECT component must be enabled in VSB project */
#ifdef VXWORKS_SIM
/* cannot generate true entropy with VxWorks simulator */
#warning "not enough entropy, simulator for testing only"
int i = 0;
for (i = 0; i < 1000; i++) {
randomAddTimeStamp();
}
#endif
status = randBytes (output, sz);
if (status == ERROR) {
WOLFSSL_MSG("Random seed failed! Enable RANDOM ENTROPY INJECT.");
return RNG_FAILURE_E;
}

21
wolfssl/wolfcrypt/settings.h
View File

@ -132,6 +132,9 @@
/* Uncomment next line to enable deprecated less secure static RSA suites */
/* #define WOLFSSL_STATIC_RSA */
/* Uncomment next line if building for ARDUINO */
/* #define WOLFSSL_ARDUINO */
#include <wolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
@ -318,6 +321,24 @@
#endif
#ifdef WOLFSSL_ARDUINO
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define SINGLE_THREADED
#define NO_DEV_RANDOM
#ifndef INTEL_GALILEO /* Galileo has time.h compatibility */
#define TIME_OVERRIDES /* must define XTIME and XGMTIME externally */
#endif
#define WOLFSSL_USER_IO
#define HAVE_ECC
#define NO_DH
#define NO_SESSION_CACHE
#define USE_SLOW_SHA
#define NO_WOLFSSL_SERVER
#define NO_ERROR_STRINGS
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && !defined(FREERTOS_TCP)\
&& !defined(EBSNET) && !defined(WOLFSSL_EROAD)