wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7007 from night1rider/ardunio-wolfssl

Browse Source 
Ardunio Fixes relating to internal Intel Galileo Tests
This commit is contained in:
JacobBarthelmeh
2023-12-07 14:48:58 -07:00
committed by GitHub
parent 6c8bf7be55 0ff02e59ba
commit c4b77adf48
3 changed files with 244 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
IDE/ARDUINO/README.md
View File

@ -2,10 +2,11 @@
##### Reformatting wolfSSL as a compatible Arduino Library
This is a shell script that will re-organize the wolfSSL library to be
compatible with Arduino projects. The Arduino IDE requires a library's source
files to be in the library's root directory with a header file in the name of
the library. This script moves all src/ files to the `IDE/ARDUINO/wolfSSL`
directory and creates a stub header file called `wolfssl.h`.
compatible with Arduino projects that use Arduino IDE 1.5.0 or newer.
The Arduino IDE requires a library's source files to be in the library's root
directory with a header file in the name of the library. This script moves all
src/ files to the `IDE/ARDUINO/wolfSSL/src` directory and creates a stub header
file called `wolfssl.h` inside that directory.
Step 1: To configure wolfSSL with Arduino, enter the following from within the
wolfssl/IDE/ARDUINO directory:
@ -15,7 +16,7 @@ wolfssl/IDE/ARDUINO directory:
Step 2: Copy the directory wolfSSL that was just created to:
`~/Documents/Arduino/libraries/` directory so the Arduino IDE can find it.
Step 3: Edit `<arduino-libraries>/wolfSSL/user_settings.h`
Step 3: Edit `<arduino-libraries>/wolfSSL/src/user_settings.h`
If building for Intel Galileo platform add: `#define INTEL_GALILEO`.
Add any other custom settings, for a good start see the examples in wolfssl root
"/examples/configs/user_settings_*.h"

229
IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
View File

@ -19,10 +19,18 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*
This was original tested with Intel Galileo acting as the Client, with a
laptop acting as a server using the server example provided in examples/server.
Legacy Ardunio v1.86 was used to compile and program the Galileo
*/
#define USE_CERT_BUFFERS_2048
#include <wolfssl.h>
#include <wolfssl/ssl.h>
#include <Ethernet.h>
#include <wolfssl/certs_test.h>
const char host[] = "192.168.1.148"; /* server to connect to */
const int port = 11111; /* port on server to connect to */
@ -37,123 +45,132 @@ WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
void setup() {
WOLFSSL_METHOD* method;
WOLFSSL_METHOD* method;
/* Initialize Return Code */
int rc;
Serial.begin(9600);
/* Delay need to ensure connection to server */
delay(4000);
Serial.begin(9600);
method = wolfTLSv1_2_client_method();
if (method == NULL) {
Serial.println("unable to get method");
method = wolfTLSv1_2_client_method();
if (method == NULL) {
Serial.println("unable to get method");
return;
}
ctx = wolfSSL_CTX_new(method);
if (ctx == NULL) {
Serial.println("unable to get ctx");
}
ctx = wolfSSL_CTX_new(method);
if (ctx == NULL) {
Serial.println("unable to get ctx");
return;
}
/* initialize wolfSSL using callback functions */
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
rc = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,\
sizeof_ca_cert_der_2048,\
WOLFSSL_FILETYPE_ASN1);
Serial.print("\n\n Return code of load_verify is:");
Serial.println(rc);
Serial.println("");
rc = wolfSSL_CTX_use_certificate_buffer(ctx, client_cert_der_2048,\
sizeof_client_cert_der_2048,\
WOLFSSL_FILETYPE_ASN1);
Serial.print("\n\n Return code of use_certificate_buffer is:");
Serial.println(rc);
Serial.println("");
rc = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,\
sizeof_client_key_der_2048,\
WOLFSSL_FILETYPE_ASN1);
Serial.print("\n\n Return code of use_PrivateKey_buffer is:");
Serial.println(rc);
Serial.println("");
wolfSSL_SetIOSend(ctx, EthernetSend);
wolfSSL_SetIORecv(ctx, EthernetReceive);
return;
}
/* initialize wolfSSL using callback functions */
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_SetIOSend(ctx, EthernetSend);
wolfSSL_SetIORecv(ctx, EthernetReceive);
return;
}
int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
int sent = 0;
sent = client.write((byte*)msg, sz);
return sent;
int sent = 0;
sent = client.write((byte*)msg, sz);
return sent;
}
int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
int ret = 0;
while (client.available() > 0 && ret < sz) {
reply[ret++] = client.read();
}
return ret;
int ret = 0;
while (client.available() > 0 && ret < sz) {
reply[ret++] = client.read();
}
return ret;
}
void loop() {
int err = 0;
int input = 0;
int total_input = 0;
char msg[32] = "hello wolfssl!";
int msgSz = (int)strlen(msg);
char errBuf[80];
char reply[80];
const char* cipherName;
if (reconnect) {
reconnect--;
if (client.connect(host, port)) {
Serial.print("Connected to ");
Serial.println(host);
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
Serial.println("Unable to allocate SSL object");
return;
}
err = wolfSSL_connect(ssl);
if (err != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Connect Error: ");
Serial.println(errBuf);
}
Serial.print("SSL version is ");
Serial.println(wolfSSL_get_version(ssl));
cipherName = wolfSSL_get_cipher(ssl);
Serial.print("SSL cipher suite is ");
Serial.println(cipherName);
if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
Serial.print("Server response: ");
/* wait for data */
while (!client.available()) {}
/* read data */
while (wolfSSL_pending(ssl)) {
input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
total_input += input;
if (input < 0) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Read Error: ");
Serial.println(errBuf);
break;
} else if (input > 0) {
reply[input] = '\0';
Serial.print(reply);
} else {
Serial.println();
}
}
} else {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Write Error: ");
Serial.println(errBuf);
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
client.stop();
Serial.println("Connection complete.");
reconnect = 0;
} else {
Serial.println("Trying to reconnect...");
int err = 0;
int input = 0;
int total_input = 0;
char msg[32] = "hello wolfssl!";
int msgSz = (int)strlen(msg);
char errBuf[80];
char reply[80];
const char* cipherName;
if (reconnect) {
reconnect--;
if (client.connect(host, port)) {
Serial.print("Connected to ");
Serial.println(host);
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
Serial.println("Unable to allocate SSL object");
return;
}
err = wolfSSL_connect(ssl);
if (err != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Connect Error: ");
Serial.println(errBuf);
}
Serial.print("SSL version is ");
Serial.println(wolfSSL_get_version(ssl));
cipherName = wolfSSL_get_cipher(ssl);
Serial.print("SSL cipher suite is ");
Serial.println(cipherName);
if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
Serial.print("Server response: ");
/* wait for data */
while (!client.available()) {}
/* read data */
while (wolfSSL_pending(ssl)) {
input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
total_input += input;
if (input < 0) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Read Error: ");
Serial.println(errBuf);
break;
}
else if (input > 0) {
reply[input] = '\0';
Serial.print(reply);
}
else {
Serial.println();
}
}
}
else {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Write Error: ");
Serial.println(errBuf);
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
client.stop();
Serial.println("Connection complete.");
reconnect = 0;
}
else {
Serial.println("Trying to reconnect...");
}
}
}
delay(1000);
delay(1000);
}

175
IDE/ARDUINO/wolfssl-arduino.sh
View File

@ -4,86 +4,141 @@
# an Arduino project
# run as bash ./wolfssl-arduino.sh
ROOT_DIR="/wolfSSL"
ROOT_SRC_DIR="${ROOT_DIR}/src"
WOLFSSL_SRC="${ROOT_SRC_DIR}/src"
WOLFSSL_HEADERS="${ROOT_SRC_DIR}/wolfssl"
WOLFCRYPT_ROOT="${ROOT_SRC_DIR}/wolfcrypt"
WOLFCRYPT_SRC="${WOLFCRYPT_ROOT}/src"
WOLFCRYPT_HEADERS="${WOLFSSL_HEADERS}/wolfcrypt"
OPENSSL_DIR="${WOLFSSL_HEADERS}/openssl"
WOLFSSL_VERSION="5.6.4"
# TOP indicates the file directory comes from the top level of the wolfssl repo
TOP_DIR="../.."
WOLFSSL_SRC_TOP="${TOP_DIR}/src"
WOLFSSL_HEADERS_TOP="${TOP_DIR}/wolfssl"
WOLFCRYPT_ROOT_TOP="${TOP_DIR}/wolfcrypt"
WOLFCRYPT_SRC_TOP="${WOLFCRYPT_ROOT_TOP}/src"
WOLFCRYPT_HEADERS_TOP="${WOLFSSL_HEADERS_TOP}/wolfcrypt"
OPENSSL_DIR_TOP="${WOLFSSL_HEADERS_TOP}/openssl"
# TODO: Parse version number
WOLFSSL_VERSION=$(grep -i "LIBWOLFSSL_VERSION_STRING" ${TOP_DIR}/wolfssl/version.h | cut -d '"' -f 2)
DIR=${PWD##*/}
space(){
echo "" >> "$1"
}
if [ "$DIR" = "ARDUINO" ]; then
if [ ! -d "wolfSSL" ]; then
mkdir wolfSSL
if [ ! -d ".${ROOT_DIR}" ]; then
mkdir .${ROOT_DIR}
fi
if [ ! -d ".${ROOT_SRC_DIR}" ]; then
mkdir .${ROOT_SRC_DIR}
fi
cp ../../src/*.c ./wolfSSL
cp ../../wolfcrypt/src/*.c ./wolfSSL
if [ ! -d ".${WOLFSSL_HEADERS}" ]; then
mkdir .${WOLFSSL_HEADERS}
fi
if [ ! -d "wolfSSL/wolfssl" ]; then
mkdir wolfSSL/wolfssl
cp ${WOLFSSL_HEADERS_TOP}/*.h .${WOLFSSL_HEADERS}
if [ ! -d ".${WOLFCRYPT_HEADERS}" ]; then
mkdir .${WOLFCRYPT_HEADERS}
fi
cp ../../wolfssl/*.h ./wolfSSL/wolfssl
if [ ! -d "wolfSSL/wolfssl/wolfcrypt" ]; then
mkdir wolfSSL/wolfssl/wolfcrypt
fi
cp ../../wolfssl/wolfcrypt/*.h ./wolfSSL/wolfssl/wolfcrypt
cp ${WOLFCRYPT_HEADERS_TOP}/*.h .${WOLFCRYPT_HEADERS}
# support misc.c as include in wolfcrypt/src
if [ ! -d "./wolfSSL/wolfcrypt" ]; then
mkdir ./wolfSSL/wolfcrypt
# Add in source files to wolfcrypt/src
if [ ! -d ".${WOLFCRYPT_ROOT}" ]; then
mkdir .${WOLFCRYPT_ROOT}
fi
if [ ! -d "./wolfSSL/wolfcrypt/src" ]; then
mkdir ./wolfSSL/wolfcrypt/src
if [ ! -d ".${WOLFCRYPT_SRC}" ]; then
mkdir .${WOLFCRYPT_SRC}
fi
cp ../../wolfcrypt/src/misc.c ./wolfSSL/wolfcrypt/src
cp ../../wolfcrypt/src/asm.c ./wolfSSL/wolfcrypt/src
cp ${WOLFCRYPT_SRC_TOP}/*.c .${WOLFCRYPT_SRC}
# Add in source files to top level src folders
if [ ! -d ".${WOLFSSL_SRC}" ]; then
mkdir .${WOLFSSL_SRC}
fi
cp ${WOLFSSL_SRC_TOP}/*.c .${WOLFSSL_SRC}
# put bio and evp as includes
mv ./wolfSSL/bio.c ./wolfSSL/wolfssl
mv ./wolfSSL/evp.c ./wolfSSL/wolfssl
cp .${WOLFSSL_SRC}/bio.c .${WOLFSSL_HEADERS}
cp .${WOLFCRYPT_SRC}/evp.c .${WOLFSSL_HEADERS}
# make a copy of evp.c and bio.c for ssl.c to include inline
cp ./wolfSSL/wolfssl/evp.c ./wolfSSL/wolfcrypt/src/evp.c
cp ./wolfSSL/wolfssl/bio.c ./wolfSSL/wolfcrypt/src/bio.c
cp .${WOLFSSL_HEADERS}/evp.c .${WOLFCRYPT_SRC}/evp.c
cp .${WOLFSSL_HEADERS}/bio.c .${WOLFCRYPT_SRC}/bio.c
# copy openssl compatibility headers to their appropriate location
if [ ! -d "./wolfSSL/wolfssl/openssl" ]; then
mkdir ./wolfSSL/wolfssl/openssl
if [ ! -d ".${OPENSSL_DIR}" ]; then
mkdir .${OPENSSL_DIR}
fi
cp ../../wolfssl/openssl/* ./wolfSSL/wolfssl/openssl
cp ${OPENSSL_DIR_TOP}/* .${OPENSSL_DIR}
echo "/* Generated wolfSSL header file for Arduino */" > ./wolfSSL/wolfssl.h
echo "#include <user_settings.h>" >> ./wolfSSL/wolfssl.h
echo "#include <wolfssl/wolfcrypt/settings.h>" >> ./wolfSSL/wolfssl.h
echo "#include <wolfssl/ssl.h>" >> ./wolfSSL/wolfssl.h
if [ ! -f "./wolfSSL/user_settings.h" ]; then
echo "/* Generated wolfSSL user_settings.h file for Arduino */" > ./wolfSSL/user_settings.h
echo "#ifndef ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
echo "#define ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
space ./wolfSSL/user_settings.h
echo "/* Platform */" >> ./wolfSSL/user_settings.h
echo "#define WOLFSSL_ARDUINO" >> ./wolfSSL/user_settings.h
space ./wolfSSL/user_settings.h
echo "/* Math library (remove this to use normal math)*/" >> ./wolfSSL/user_settings.h
echo "#define USE_FAST_MATH" >> ./wolfSSL/user_settings.h
echo "#define TFM_NO_ASM" >> ./wolfSSL/user_settings.h
space ./wolfSSL/user_settings.h
echo "/* RNG DEFAULT !!FOR TESTING ONLY!! */" >> ./wolfSSL/user_settings.h
echo "/* comment out the error below to get started w/ bad entropy source" >> ./wolfSSL/user_settings.h
echo " * This will need fixed before distribution but is OK to test with */" >> ./wolfSSL/user_settings.h
echo "#error \"needs solved, see: https://www.wolfssl.com/docs/porting-guide/\"" >> ./wolfSSL/user_settings.h
echo "#define WOLFSSL_GENSEED_FORTEST" >> ./wolfSSL/user_settings.h
space ./wolfSSL/user_settings.h
echo "#endif /* ARDUINO_USER_SETTINGS_H */" >> ./wolfSSL/user_settings.h
cat > .${ROOT_SRC_DIR}/wolfssl.h <<EOF
/* Generated wolfSSL header file for Arduino */
#include <user_settings.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
EOF
# Creates user_settings file if one does not exist
if [ ! -f ".${ROOT_SRC_DIR}/user_settings.h" ]; then
cat > .${ROOT_SRC_DIR}/user_settings.h <<EOF
/* Generated wolfSSL user_settings.h file for Arduino */
#ifndef ARDUINO_USER_SETTINGS_H
#define ARDUINO_USER_SETTINGS_H
/* Platform */
#define WOLFSSL_ARDUINO
/* Math library (remove this to use normal math)*/
#define USE_FAST_MATH
#define TFM_NO_ASM
#define NO_ASN_TIME
/* When using Intel Galileo Uncomment the line below */
/* #define INTEL_GALILEO */
/* RNG DEFAULT !!FOR TESTING ONLY!! */
/* comment out the error below to get started w/ bad entropy source
* This will need fixed before distribution but is OK to test with */
#error "needs solved, see: https://www.wolfssl.com/docs/porting-guide/"
#define WOLFSSL_GENSEED_FORTEST
#endif /* ARDUINO_USER_SETTINGS_H */
EOF
fi
cp wolfSSL/wolfssl/wolfcrypt/settings.h wolfSSL/wolfssl/wolfcrypt/settings.h.bak
echo " /* wolfSSL Generated ARDUINO settings */" > ./wolfSSL/wolfssl/wolfcrypt/settings.h
echo "#ifndef WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
echo " #define WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
echo "#endif /* WOLFSSL_USER_SETTINGS */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
echo " /* wolfSSL Generated ARDUINO settings: END */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
cat ./wolfSSL/wolfssl/wolfcrypt/settings.h.bak >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
cp .${WOLFCRYPT_HEADERS}/settings.h .${WOLFCRYPT_HEADERS}/settings.h.bak
cat > .${WOLFCRYPT_HEADERS}/settings.h <<EOF
/*wolfSSL Generated ARDUINO settings */
#ifndef WOLFSSL_USER_SETTINGS
#define WOLFSSL_USER_SETTINGS
#endif /* WOLFSSL_USER_SETTINGS */
/*wolfSSL Generated ARDUINO settings: END */
EOF
cat .${WOLFCRYPT_HEADERS}/settings.h.bak >> .${WOLFCRYPT_HEADERS}/settings.h
#Creating library.properties file based off of:
#https://arduino.github.io/arduino-cli/0.35/library-specification/#libraryproperties-file-format
cat > .${ROOT_DIR}/library.properties <<EOF
name=wolfSSL
version=${WOLFSSL_VERSION}
author=wolfSSL inc
maintainer=wolfSSL inc <support@wolfssl.com>
sentence=A lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments.
paragraph=Manual: https://www.wolfssl.com/documentation/manuals/wolfssl/index.html.
category=Communication
url=https://www.wolfssl.com/
architectures=*
EOF
else
echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"