wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Multicast DTLS

Browse Source 
1. Add DTLS-multicast to the enable options.
2. Reorg DTLS related enable options together.
3. Update a couple enable option texts to use the AS_HELP_STRING() macro.
4. Add three new APIs for managing a DTLS Multicast session.
5. Add test code for new APIs.
6. Add stub code for the new APIs.
This commit is contained in:
John Safranek
2016-12-06 14:08:52 -08:00
parent b3a20470fd
commit 5154584576
5 changed files with 143 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
configure.ac
View File

@@ -349,6 +349,29 @@ AS_IF([test "x$ENABLED_SCTP" = "xyes"],
]) ])
# DTLS-MULTICAST
AC_ARG_ENABLE([mcast],
[AS_HELP_STRING([--enable-mcast],[Enable wolfSSL DTLS multicast support (default: disabled)])],
[ENABLED_MCAST=$enableval],
[ENABLED_MCAST=no])
AM_CONDITIONAL([BUILD_MCAST], [test "x$ENABLED_MCAST" = "xyes"])
# RNG
AC_ARG_ENABLE([rng],
[AS_HELP_STRING([--enable-rng],[Enable compiling and using RNG (default: enabled)])],
[ ENABLED_RNG=$enableval ],
[ ENABLED_RNG=yes ]
)
if test "$ENABLED_RNG" = "no"
then
AM_CFLAGS="$AM_CFLAGS -DWC_NO_RNG"
fi
AM_CONDITIONAL([BUILD_RNG], [test "x$ENABLED_RNG" = "xyes"])
# OpenSSH compatibility Build # OpenSSH compatibility Build
AC_ARG_ENABLE([openssh], AC_ARG_ENABLE([openssh],
[AS_HELP_STRING([--enable-openssh],[Enable OpenSSH compatibility build (default: disabled)])], [AS_HELP_STRING([--enable-openssh],[Enable OpenSSH compatibility build (default: disabled)])],
@@ -3532,9 +3555,12 @@ AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
AS_IF([test "x$ENABLED_SCTP" = "xyes"], AS_IF([test "x$ENABLED_SCTP" = "xyes"],
[AM_CFLAGS="-DWOLFSSL_SCTP $AM_CFLAGS"]) [AM_CFLAGS="-DWOLFSSL_SCTP $AM_CFLAGS"])
# SCTP requires DTLS AS_IF([test "x$ENABLED_MCAST" = "xyes"],
AS_IF([test "x$ENABLED_DTLS" = "xno" && \ [AM_CFLAGS="-DWOLFSSL_MULTICAST $AM_CFLAGS"])
test "x$ENABLED_SCTP" = "xyes"],
# SCTP and Multicast require DTLS
AS_IF([(test "x$ENABLED_DTLS" = "xno") && \
(test "x$ENABLED_SCTP" = "xyes" || test "x$ENABLED_MCAST" = "xyes")],
[AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS" [AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
ENABLED_DTLS=yes]) ENABLED_DTLS=yes])
@@ -3816,6 +3842,7 @@ echo " * NGINX: $ENABLED_NGINX"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS" echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS" echo " * DTLS: $ENABLED_DTLS"
echo " * SCTP: $ENABLED_SCTP" echo " * SCTP: $ENABLED_SCTP"
echo " * Multicast: $ENABLED_MCAST"
echo " * Old TLS Versions: $ENABLED_OLD_TLS" echo " * Old TLS Versions: $ENABLED_OLD_TLS"
echo " * SSL version 3.0: $ENABLED_SSLV3" echo " * SSL version 3.0: $ENABLED_SSLV3"
echo " * TLS v1.3: $ENABLED_TLS13" echo " * TLS v1.3: $ENABLED_TLS13"

58
src/ssl.c
View File

@@ -843,6 +843,64 @@ int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, word16 newMtu)
#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */ #endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
int wolfSSL_dtls_mcast_set_member_id(WOLFSSL* ssl, byte id)
{
int ret = SSL_SUCCESS;
(void)ssl;
(void)id;
WOLFSSL_ENTER("wolfSSL_dtls_mcast_set_member_id()");
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_set_member_id()", ret);
return ret;
}
int wolfSSL_dtls_mcast_set_secret(WOLFSSL* ssl, unsigned short epoch,
const byte* preMasterSecret,
word32 preMasterSz,
const byte* clientRandom,
const byte* serverRandom,
const byte* suite)
{
int ret = SSL_SUCCESS;
(void)ssl;
(void)epoch;
(void)preMasterSecret;
(void)preMasterSz;
(void)clientRandom;
(void)serverRandom;
(void)suite;
WOLFSSL_ENTER("wolfSSL_dtls_mcast_set_secret()");
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_set_secret()", ret);
return ret;
}
int wolfSSL_dtls_mcast_read(WOLFSSL* ssl, unsigned char* id,
void* data, int sz)
{
int ret = 0;
(void)ssl;
(void)data;
(void)sz;
WOLFSSL_ENTER("wolfSSL_dtls_mcast_read()");
if (id != NULL)
*id = 0;
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_read()", ret);
return ret;
}
#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST */
#endif /* WOLFSSL_LEANPSK */ #endif /* WOLFSSL_LEANPSK */

45
tests/api.c
View File

@@ -2344,6 +2344,48 @@ static int test_wolfSSL_UseOCSPStaplingV2 (void)
} /*END test_wolfSSL_UseOCSPStaplingV2*/ } /*END test_wolfSSL_UseOCSPStaplingV2*/
/*----------------------------------------------------------------------------*
| DTLS Multicast Tests
*----------------------------------------------------------------------------*/
static void test_wolfSSL_dtls_mcast(void)
{
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
int result;
byte preMasterSecret[512];
byte clientRandom[32];
byte serverRandom[32];
byte suite[2] = {0, 0xb0}; /* TLS_PSK_WITH_NULL_SHA256 */
byte buf[256];
byte newId;
ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
AssertNotNull(ctx);
ssl = wolfSSL_new(ctx);
AssertNotNull(ssl);
result = wolfSSL_dtls_mcast_set_member_id(ssl, 0);
AssertIntEQ(result, SSL_SUCCESS);
XMEMSET(preMasterSecret, 0x23, sizeof(preMasterSecret));
XMEMSET(clientRandom, 0xA5, sizeof(clientRandom));
XMEMSET(serverRandom, 0x5A, sizeof(serverRandom));
result = wolfSSL_dtls_mcast_set_secret(ssl, 23,
preMasterSecret, sizeof(preMasterSecret),
clientRandom, serverRandom, suite);
AssertIntEQ(result, SSL_SUCCESS);
result = wolfSSL_dtls_mcast_read(ssl, &newId, buf, sizeof(buf));
AssertIntLE(result, 0);
AssertIntLE(newId, 100);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST */
}
/*----------------------------------------------------------------------------* /*----------------------------------------------------------------------------*
| Wolfcrypt | Wolfcrypt
*----------------------------------------------------------------------------*/ *----------------------------------------------------------------------------*/
@@ -9675,6 +9717,9 @@ void ApiTest(void)
AssertIntEQ(test_wolfSSL_UseOCSPStapling(), SSL_SUCCESS); AssertIntEQ(test_wolfSSL_UseOCSPStapling(), SSL_SUCCESS);
AssertIntEQ(test_wolfSSL_UseOCSPStaplingV2(), SSL_SUCCESS); AssertIntEQ(test_wolfSSL_UseOCSPStaplingV2(), SSL_SUCCESS);
/* DTLS-MULTICAST */
test_wolfSSL_dtls_mcast();
/* compatibility tests */ /* compatibility tests */
test_wolfSSL_DES(); test_wolfSSL_DES();
test_wolfSSL_certs(); test_wolfSSL_certs();

3
wolfssl/internal.h
View File

@@ -2832,6 +2832,9 @@ typedef struct Options {
#ifdef WOLFSSL_SCTP #ifdef WOLFSSL_SCTP
word16 dtlsSctp:1; /* DTLS-over-SCTP mode */ word16 dtlsSctp:1; /* DTLS-over-SCTP mode */
#endif #endif
#ifdef WOLFSSL_MULTICAST
word16 dtlsMcast:1; /* using multicast ? */
#endif
#endif #endif
word16 haveEMS:1; /* using extended master secret */ word16 haveEMS:1; /* using extended master secret */
#if defined(HAVE_TLS_EXTENSIONS) && defined(HAVE_SUPPORTED_CURVES) #if defined(HAVE_TLS_EXTENSIONS) && defined(HAVE_SUPPORTED_CURVES)

7
wolfssl/ssl.h
View File

@@ -509,6 +509,13 @@ WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL*);
WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short); WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short);
WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short); WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short);
WOLFSSL_API int wolfSSL_dtls_mcast_set_member_id(WOLFSSL*, unsigned char);
WOLFSSL_API int wolfSSL_dtls_mcast_set_secret(WOLFSSL*, unsigned short,
const unsigned char*, unsigned int,
const unsigned char*, const unsigned char*,
const unsigned char*);
WOLFSSL_API int wolfSSL_dtls_mcast_read(WOLFSSL*, unsigned char*, void*, int);
WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err); WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err);
WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*); WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,