wolf SSL / wolfSSL-TLS13-Beta

wolfSSL 3.11.1 for TLS1.3 beta

Fork of wolfSSL by wolf SSL

wolfssl/test.h@11:cee25a834751, 2017-05-30 (annotated)

Committer:
wolfSSL
Date:
Tue May 30 01:44:10 2017 +0000
Revision:
11:cee25a834751
wolfSSL 3.11.0

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 11:cee25a834751 1 /* test.h */
wolfSSL 11:cee25a834751 2
wolfSSL 11:cee25a834751 3 #ifndef wolfSSL_TEST_H
wolfSSL 11:cee25a834751 4 #define wolfSSL_TEST_H
wolfSSL 11:cee25a834751 5
wolfSSL 11:cee25a834751 6 #include <stdio.h>
wolfSSL 11:cee25a834751 7 #include <stdlib.h>
wolfSSL 11:cee25a834751 8 #include <assert.h>
wolfSSL 11:cee25a834751 9 #include <ctype.h>
wolfSSL 11:cee25a834751 10 #include <wolfssl/wolfcrypt/types.h>
wolfSSL 11:cee25a834751 11 #include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL 11:cee25a834751 12 #include <wolfssl/wolfcrypt/random.h>
wolfSSL 11:cee25a834751 13
wolfSSL 11:cee25a834751 14 #ifdef ATOMIC_USER
wolfSSL 11:cee25a834751 15 #include <wolfssl/wolfcrypt/aes.h>
wolfSSL 11:cee25a834751 16 #include <wolfssl/wolfcrypt/arc4.h>
wolfSSL 11:cee25a834751 17 #include <wolfssl/wolfcrypt/hmac.h>
wolfSSL 11:cee25a834751 18 #endif
wolfSSL 11:cee25a834751 19 #ifdef HAVE_PK_CALLBACKS
wolfSSL 11:cee25a834751 20 #include <wolfssl/wolfcrypt/asn.h>
wolfSSL 11:cee25a834751 21 #ifndef NO_RSA
wolfSSL 11:cee25a834751 22 #include <wolfssl/wolfcrypt/rsa.h>
wolfSSL 11:cee25a834751 23 #endif
wolfSSL 11:cee25a834751 24 #ifdef HAVE_ECC
wolfSSL 11:cee25a834751 25 #include <wolfssl/wolfcrypt/ecc.h>
wolfSSL 11:cee25a834751 26 #endif /* HAVE_ECC */
wolfSSL 11:cee25a834751 27 #endif /*HAVE_PK_CALLBACKS */
wolfSSL 11:cee25a834751 28
wolfSSL 11:cee25a834751 29 #ifdef USE_WINDOWS_API
wolfSSL 11:cee25a834751 30 #include <winsock2.h>
wolfSSL 11:cee25a834751 31 #include <process.h>
wolfSSL 11:cee25a834751 32 #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */
wolfSSL 11:cee25a834751 33 #include <ws2tcpip.h>
wolfSSL 11:cee25a834751 34 #include <wspiapi.h>
wolfSSL 11:cee25a834751 35 #endif
wolfSSL 11:cee25a834751 36 #define SOCKET_T SOCKET
wolfSSL 11:cee25a834751 37 #define SNPRINTF _snprintf
wolfSSL 11:cee25a834751 38 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 39 #include <string.h>
wolfSSL 11:cee25a834751 40 #include "rl_net.h"
wolfSSL 11:cee25a834751 41 #define SOCKET_T int
wolfSSL 11:cee25a834751 42 typedef int socklen_t ;
wolfSSL 11:cee25a834751 43 static unsigned long inet_addr(const char *cp)
wolfSSL 11:cee25a834751 44 {
wolfSSL 11:cee25a834751 45 unsigned int a[4] ; unsigned long ret ;
wolfSSL 11:cee25a834751 46 sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ;
wolfSSL 11:cee25a834751 47 ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;
wolfSSL 11:cee25a834751 48 return(ret) ;
wolfSSL 11:cee25a834751 49 }
wolfSSL 11:cee25a834751 50 #if defined(HAVE_KEIL_RTX)
wolfSSL 11:cee25a834751 51 #define sleep(t) os_dly_wait(t/1000+1) ;
wolfSSL 11:cee25a834751 52 #elif defined (WOLFSSL_CMSIS_RTOS)
wolfSSL 11:cee25a834751 53 #define sleep(t) osDelay(t/1000+1) ;
wolfSSL 11:cee25a834751 54 #endif
wolfSSL 11:cee25a834751 55
wolfSSL 11:cee25a834751 56 static int wolfssl_tcp_select(int sd, int timeout)
wolfSSL 11:cee25a834751 57 { return 0 ; }
wolfSSL 11:cee25a834751 58 #define tcp_select(sd,t) wolfssl_tcp_select(sd, t) /* avoid conflicting Keil TCP tcp_select */
wolfSSL 11:cee25a834751 59 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 60 #include <string.h>
wolfSSL 11:cee25a834751 61 #include <netdb.h>
wolfSSL 11:cee25a834751 62 #include <sys/types.h>
wolfSSL 11:cee25a834751 63 #include <arpa/inet.h>
wolfSSL 11:cee25a834751 64 #include <sys/socket.h>
wolfSSL 11:cee25a834751 65 #include <ti/sysbios/knl/Task.h>
wolfSSL 11:cee25a834751 66 struct hostent {
wolfSSL 11:cee25a834751 67 char *h_name; /* official name of host */
wolfSSL 11:cee25a834751 68 char **h_aliases; /* alias list */
wolfSSL 11:cee25a834751 69 int h_addrtype; /* host address type */
wolfSSL 11:cee25a834751 70 int h_length; /* length of address */
wolfSSL 11:cee25a834751 71 char **h_addr_list; /* list of addresses from name server */
wolfSSL 11:cee25a834751 72 };
wolfSSL 11:cee25a834751 73 #define SOCKET_T int
wolfSSL 11:cee25a834751 74 #elif defined(WOLFSSL_VXWORKS)
wolfSSL 11:cee25a834751 75 #include <hostLib.h>
wolfSSL 11:cee25a834751 76 #include <sockLib.h>
wolfSSL 11:cee25a834751 77 #include <arpa/inet.h>
wolfSSL 11:cee25a834751 78 #include <string.h>
wolfSSL 11:cee25a834751 79 #include <selectLib.h>
wolfSSL 11:cee25a834751 80 #include <sys/types.h>
wolfSSL 11:cee25a834751 81 #include <netinet/in.h>
wolfSSL 11:cee25a834751 82 #include <fcntl.h>
wolfSSL 11:cee25a834751 83 #include <sys/time.h>
wolfSSL 11:cee25a834751 84 #include <netdb.h>
wolfSSL 11:cee25a834751 85 #include <pthread.h>
wolfSSL 11:cee25a834751 86 #define SOCKET_T int
wolfSSL 11:cee25a834751 87 #else
wolfSSL 11:cee25a834751 88 #include <string.h>
wolfSSL 11:cee25a834751 89 #include <sys/types.h>
wolfSSL 11:cee25a834751 90 #ifndef WOLFSSL_LEANPSK
wolfSSL 11:cee25a834751 91 #include <unistd.h>
wolfSSL 11:cee25a834751 92 #include <netdb.h>
wolfSSL 11:cee25a834751 93 #include <netinet/in.h>
wolfSSL 11:cee25a834751 94 #include <netinet/tcp.h>
wolfSSL 11:cee25a834751 95 #include <arpa/inet.h>
wolfSSL 11:cee25a834751 96 #include <sys/ioctl.h>
wolfSSL 11:cee25a834751 97 #include <sys/time.h>
wolfSSL 11:cee25a834751 98 #include <sys/socket.h>
wolfSSL 11:cee25a834751 99 #include <pthread.h>
wolfSSL 11:cee25a834751 100 #include <fcntl.h>
wolfSSL 11:cee25a834751 101 #ifdef TEST_IPV6
wolfSSL 11:cee25a834751 102 #include <netdb.h>
wolfSSL 11:cee25a834751 103 #endif
wolfSSL 11:cee25a834751 104 #endif
wolfSSL 11:cee25a834751 105 #define SOCKET_T int
wolfSSL 11:cee25a834751 106 #ifndef SO_NOSIGPIPE
wolfSSL 11:cee25a834751 107 #include <signal.h> /* ignore SIGPIPE */
wolfSSL 11:cee25a834751 108 #endif
wolfSSL 11:cee25a834751 109 #define SNPRINTF snprintf
wolfSSL 11:cee25a834751 110 #endif /* USE_WINDOWS_API */
wolfSSL 11:cee25a834751 111
wolfSSL 11:cee25a834751 112 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 11:cee25a834751 113 #include <wolfssl/wolfcrypt/async.h>
wolfSSL 11:cee25a834751 114 #endif
wolfSSL 11:cee25a834751 115 #ifdef HAVE_CAVIUM
wolfSSL 11:cee25a834751 116 #include <wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h>
wolfSSL 11:cee25a834751 117 #endif
wolfSSL 11:cee25a834751 118
wolfSSL 11:cee25a834751 119 #ifdef _MSC_VER
wolfSSL 11:cee25a834751 120 /* disable conversion warning */
wolfSSL 11:cee25a834751 121 /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
wolfSSL 11:cee25a834751 122 #pragma warning(disable:4244 4996)
wolfSSL 11:cee25a834751 123 #endif
wolfSSL 11:cee25a834751 124
wolfSSL 11:cee25a834751 125 /* Buffer for benchmark tests */
wolfSSL 11:cee25a834751 126 #ifndef TEST_BUFFER_SIZE
wolfSSL 11:cee25a834751 127 #define TEST_BUFFER_SIZE 16384
wolfSSL 11:cee25a834751 128 #endif
wolfSSL 11:cee25a834751 129
wolfSSL 11:cee25a834751 130 #ifndef WOLFSSL_HAVE_MIN
wolfSSL 11:cee25a834751 131 #define WOLFSSL_HAVE_MIN
wolfSSL 11:cee25a834751 132 static INLINE word32 min(word32 a, word32 b)
wolfSSL 11:cee25a834751 133 {
wolfSSL 11:cee25a834751 134 return a > b ? b : a;
wolfSSL 11:cee25a834751 135 }
wolfSSL 11:cee25a834751 136 #endif /* WOLFSSL_HAVE_MIN */
wolfSSL 11:cee25a834751 137
wolfSSL 11:cee25a834751 138 /* Socket Handling */
wolfSSL 11:cee25a834751 139 #ifndef WOLFSSL_SOCKET_INVALID
wolfSSL 11:cee25a834751 140 #ifdef USE_WINDOWS_API
wolfSSL 11:cee25a834751 141 #define WOLFSSL_SOCKET_INVALID ((SOCKET_T)INVALID_SOCKET)
wolfSSL 11:cee25a834751 142 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 143 #define WOLFSSL_SOCKET_INVALID ((SOCKET_T)-1)
wolfSSL 11:cee25a834751 144 #else
wolfSSL 11:cee25a834751 145 #define WOLFSSL_SOCKET_INVALID (SOCKET_T)(0)
wolfSSL 11:cee25a834751 146 #endif
wolfSSL 11:cee25a834751 147 #endif /* WOLFSSL_SOCKET_INVALID */
wolfSSL 11:cee25a834751 148
wolfSSL 11:cee25a834751 149 #ifndef WOLFSSL_SOCKET_IS_INVALID
wolfSSL 11:cee25a834751 150 #if defined(USE_WINDOWS_API) || defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 151 #define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) == WOLFSSL_SOCKET_INVALID)
wolfSSL 11:cee25a834751 152 #else
wolfSSL 11:cee25a834751 153 #define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) < WOLFSSL_SOCKET_INVALID)
wolfSSL 11:cee25a834751 154 #endif
wolfSSL 11:cee25a834751 155 #endif /* WOLFSSL_SOCKET_IS_INVALID */
wolfSSL 11:cee25a834751 156
wolfSSL 11:cee25a834751 157 #if defined(__MACH__) || defined(USE_WINDOWS_API)
wolfSSL 11:cee25a834751 158 #ifndef _SOCKLEN_T
wolfSSL 11:cee25a834751 159 typedef int socklen_t;
wolfSSL 11:cee25a834751 160 #endif
wolfSSL 11:cee25a834751 161 #endif
wolfSSL 11:cee25a834751 162
wolfSSL 11:cee25a834751 163
wolfSSL 11:cee25a834751 164 /* HPUX doesn't use socklent_t for third parameter to accept, unless
wolfSSL 11:cee25a834751 165 _XOPEN_SOURCE_EXTENDED is defined */
wolfSSL 11:cee25a834751 166 #if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)\
wolfSSL 11:cee25a834751 167 && !defined(WOLFSSL_ROWLEY_ARM) && !defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 168 typedef socklen_t* ACCEPT_THIRD_T;
wolfSSL 11:cee25a834751 169 #else
wolfSSL 11:cee25a834751 170 #if defined _XOPEN_SOURCE_EXTENDED
wolfSSL 11:cee25a834751 171 typedef socklen_t* ACCEPT_THIRD_T;
wolfSSL 11:cee25a834751 172 #else
wolfSSL 11:cee25a834751 173 typedef int* ACCEPT_THIRD_T;
wolfSSL 11:cee25a834751 174 #endif
wolfSSL 11:cee25a834751 175 #endif
wolfSSL 11:cee25a834751 176
wolfSSL 11:cee25a834751 177
wolfSSL 11:cee25a834751 178 #ifdef USE_WINDOWS_API
wolfSSL 11:cee25a834751 179 #define CloseSocket(s) closesocket(s)
wolfSSL 11:cee25a834751 180 #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
wolfSSL 11:cee25a834751 181 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 182 #define CloseSocket(s) closesocket(s)
wolfSSL 11:cee25a834751 183 #define StartTCP()
wolfSSL 11:cee25a834751 184 #else
wolfSSL 11:cee25a834751 185 #define CloseSocket(s) close(s)
wolfSSL 11:cee25a834751 186 #define StartTCP()
wolfSSL 11:cee25a834751 187 #endif
wolfSSL 11:cee25a834751 188
wolfSSL 11:cee25a834751 189
wolfSSL 11:cee25a834751 190 #ifdef SINGLE_THREADED
wolfSSL 11:cee25a834751 191 typedef unsigned int THREAD_RETURN;
wolfSSL 11:cee25a834751 192 typedef void* THREAD_TYPE;
wolfSSL 11:cee25a834751 193 #define WOLFSSL_THREAD
wolfSSL 11:cee25a834751 194 #else
wolfSSL 11:cee25a834751 195 #if defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 196 typedef void* THREAD_RETURN;
wolfSSL 11:cee25a834751 197 typedef pthread_t THREAD_TYPE;
wolfSSL 11:cee25a834751 198 #define WOLFSSL_THREAD
wolfSSL 11:cee25a834751 199 #define INFINITE -1
wolfSSL 11:cee25a834751 200 #define WAIT_OBJECT_0 0L
wolfSSL 11:cee25a834751 201 #elif defined(WOLFSSL_MDK_ARM)|| defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 202 typedef unsigned int THREAD_RETURN;
wolfSSL 11:cee25a834751 203 typedef int THREAD_TYPE;
wolfSSL 11:cee25a834751 204 #define WOLFSSL_THREAD
wolfSSL 11:cee25a834751 205 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 206 typedef void THREAD_RETURN;
wolfSSL 11:cee25a834751 207 typedef Task_Handle THREAD_TYPE;
wolfSSL 11:cee25a834751 208 #define WOLFSSL_THREAD
wolfSSL 11:cee25a834751 209 #else
wolfSSL 11:cee25a834751 210 typedef unsigned int THREAD_RETURN;
wolfSSL 11:cee25a834751 211 typedef intptr_t THREAD_TYPE;
wolfSSL 11:cee25a834751 212 #define WOLFSSL_THREAD __stdcall
wolfSSL 11:cee25a834751 213 #endif
wolfSSL 11:cee25a834751 214 #endif
wolfSSL 11:cee25a834751 215
wolfSSL 11:cee25a834751 216
wolfSSL 11:cee25a834751 217 #ifdef TEST_IPV6
wolfSSL 11:cee25a834751 218 typedef struct sockaddr_in6 SOCKADDR_IN_T;
wolfSSL 11:cee25a834751 219 #define AF_INET_V AF_INET6
wolfSSL 11:cee25a834751 220 #else
wolfSSL 11:cee25a834751 221 typedef struct sockaddr_in SOCKADDR_IN_T;
wolfSSL 11:cee25a834751 222 #define AF_INET_V AF_INET
wolfSSL 11:cee25a834751 223 #endif
wolfSSL 11:cee25a834751 224
wolfSSL 11:cee25a834751 225
wolfSSL 11:cee25a834751 226 #define SERVER_DEFAULT_VERSION 3
wolfSSL 11:cee25a834751 227 #define SERVER_DTLS_DEFAULT_VERSION (-2)
wolfSSL 11:cee25a834751 228 #define SERVER_INVALID_VERSION (-99)
wolfSSL 11:cee25a834751 229 #define CLIENT_DEFAULT_VERSION 3
wolfSSL 11:cee25a834751 230 #define CLIENT_DTLS_DEFAULT_VERSION (-2)
wolfSSL 11:cee25a834751 231 #define CLIENT_INVALID_VERSION (-99)
wolfSSL 11:cee25a834751 232 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)
wolfSSL 11:cee25a834751 233 #define DEFAULT_MIN_DHKEY_BITS 2048
wolfSSL 11:cee25a834751 234 #else
wolfSSL 11:cee25a834751 235 #define DEFAULT_MIN_DHKEY_BITS 1024
wolfSSL 11:cee25a834751 236 #endif
wolfSSL 11:cee25a834751 237 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)
wolfSSL 11:cee25a834751 238 #define DEFAULT_MIN_RSAKEY_BITS 2048
wolfSSL 11:cee25a834751 239 #else
wolfSSL 11:cee25a834751 240 #define DEFAULT_MIN_RSAKEY_BITS 1024
wolfSSL 11:cee25a834751 241 #endif
wolfSSL 11:cee25a834751 242 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)
wolfSSL 11:cee25a834751 243 #define DEFAULT_MIN_ECCKEY_BITS 256
wolfSSL 11:cee25a834751 244 #else
wolfSSL 11:cee25a834751 245 #define DEFAULT_MIN_ECCKEY_BITS 224
wolfSSL 11:cee25a834751 246 #endif
wolfSSL 11:cee25a834751 247
wolfSSL 11:cee25a834751 248 /* all certs relative to wolfSSL home directory now */
wolfSSL 11:cee25a834751 249 #if defined(WOLFSSL_NO_CURRDIR) || defined(WOLFSSL_MDK_SHELL)
wolfSSL 11:cee25a834751 250 #define caCertFile "certs/ca-cert.pem"
wolfSSL 11:cee25a834751 251 #define eccCertFile "certs/server-ecc.pem"
wolfSSL 11:cee25a834751 252 #define eccKeyFile "certs/ecc-key.pem"
wolfSSL 11:cee25a834751 253 #define svrCertFile "certs/server-cert.pem"
wolfSSL 11:cee25a834751 254 #define svrKeyFile "certs/server-key.pem"
wolfSSL 11:cee25a834751 255 #define cliCertFile "certs/client-cert.pem"
wolfSSL 11:cee25a834751 256 #define cliKeyFile "certs/client-key.pem"
wolfSSL 11:cee25a834751 257 #define ntruCertFile "certs/ntru-cert.pem"
wolfSSL 11:cee25a834751 258 #define ntruKeyFile "certs/ntru-key.raw"
wolfSSL 11:cee25a834751 259 #define dhParamFile "certs/dh2048.pem"
wolfSSL 11:cee25a834751 260 #define cliEccKeyFile "certs/ecc-client-key.pem"
wolfSSL 11:cee25a834751 261 #define cliEccCertFile "certs/client-ecc-cert.pem"
wolfSSL 11:cee25a834751 262 #define crlPemDir "certs/crl"
wolfSSL 11:cee25a834751 263 #ifdef HAVE_WNR
wolfSSL 11:cee25a834751 264 /* Whitewood netRandom default config file */
wolfSSL 11:cee25a834751 265 #define wnrConfig "wnr-example.conf"
wolfSSL 11:cee25a834751 266 #endif
wolfSSL 11:cee25a834751 267 #else
wolfSSL 11:cee25a834751 268 #define caCertFile "./certs/ca-cert.pem"
wolfSSL 11:cee25a834751 269 #define eccCertFile "./certs/server-ecc.pem"
wolfSSL 11:cee25a834751 270 #define eccKeyFile "./certs/ecc-key.pem"
wolfSSL 11:cee25a834751 271 #define svrCertFile "./certs/server-cert.pem"
wolfSSL 11:cee25a834751 272 #define svrKeyFile "./certs/server-key.pem"
wolfSSL 11:cee25a834751 273 #define cliCertFile "./certs/client-cert.pem"
wolfSSL 11:cee25a834751 274 #define cliKeyFile "./certs/client-key.pem"
wolfSSL 11:cee25a834751 275 #define ntruCertFile "./certs/ntru-cert.pem"
wolfSSL 11:cee25a834751 276 #define ntruKeyFile "./certs/ntru-key.raw"
wolfSSL 11:cee25a834751 277 #define dhParamFile "./certs/dh2048.pem"
wolfSSL 11:cee25a834751 278 #define cliEccKeyFile "./certs/ecc-client-key.pem"
wolfSSL 11:cee25a834751 279 #define cliEccCertFile "./certs/client-ecc-cert.pem"
wolfSSL 11:cee25a834751 280 #define crlPemDir "./certs/crl"
wolfSSL 11:cee25a834751 281 #ifdef HAVE_WNR
wolfSSL 11:cee25a834751 282 /* Whitewood netRandom default config file */
wolfSSL 11:cee25a834751 283 #define wnrConfig "./wnr-example.conf"
wolfSSL 11:cee25a834751 284 #endif
wolfSSL 11:cee25a834751 285 #endif
wolfSSL 11:cee25a834751 286
wolfSSL 11:cee25a834751 287 typedef struct tcp_ready {
wolfSSL 11:cee25a834751 288 word16 ready; /* predicate */
wolfSSL 11:cee25a834751 289 word16 port;
wolfSSL 11:cee25a834751 290 char* srfName; /* server ready file name */
wolfSSL 11:cee25a834751 291 #if defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 292 pthread_mutex_t mutex;
wolfSSL 11:cee25a834751 293 pthread_cond_t cond;
wolfSSL 11:cee25a834751 294 #endif
wolfSSL 11:cee25a834751 295 } tcp_ready;
wolfSSL 11:cee25a834751 296
wolfSSL 11:cee25a834751 297
wolfSSL 11:cee25a834751 298 static INLINE void InitTcpReady(tcp_ready* ready)
wolfSSL 11:cee25a834751 299 {
wolfSSL 11:cee25a834751 300 ready->ready = 0;
wolfSSL 11:cee25a834751 301 ready->port = 0;
wolfSSL 11:cee25a834751 302 ready->srfName = NULL;
wolfSSL 11:cee25a834751 303 #ifdef SINGLE_THREADED
wolfSSL 11:cee25a834751 304 #elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 305 pthread_mutex_init(&ready->mutex, 0);
wolfSSL 11:cee25a834751 306 pthread_cond_init(&ready->cond, 0);
wolfSSL 11:cee25a834751 307 #endif
wolfSSL 11:cee25a834751 308 }
wolfSSL 11:cee25a834751 309
wolfSSL 11:cee25a834751 310
wolfSSL 11:cee25a834751 311 static INLINE void FreeTcpReady(tcp_ready* ready)
wolfSSL 11:cee25a834751 312 {
wolfSSL 11:cee25a834751 313 #ifdef SINGLE_THREADED
wolfSSL 11:cee25a834751 314 (void)ready;
wolfSSL 11:cee25a834751 315 #elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 316 pthread_mutex_destroy(&ready->mutex);
wolfSSL 11:cee25a834751 317 pthread_cond_destroy(&ready->cond);
wolfSSL 11:cee25a834751 318 #else
wolfSSL 11:cee25a834751 319 (void)ready;
wolfSSL 11:cee25a834751 320 #endif
wolfSSL 11:cee25a834751 321 }
wolfSSL 11:cee25a834751 322
wolfSSL 11:cee25a834751 323 typedef WOLFSSL_METHOD* (*method_provider)(void);
wolfSSL 11:cee25a834751 324 typedef void (*ctx_callback)(WOLFSSL_CTX* ctx);
wolfSSL 11:cee25a834751 325 typedef void (*ssl_callback)(WOLFSSL* ssl);
wolfSSL 11:cee25a834751 326
wolfSSL 11:cee25a834751 327 typedef struct callback_functions {
wolfSSL 11:cee25a834751 328 method_provider method;
wolfSSL 11:cee25a834751 329 ctx_callback ctx_ready;
wolfSSL 11:cee25a834751 330 ssl_callback ssl_ready;
wolfSSL 11:cee25a834751 331 ssl_callback on_result;
wolfSSL 11:cee25a834751 332 } callback_functions;
wolfSSL 11:cee25a834751 333
wolfSSL 11:cee25a834751 334 typedef struct func_args {
wolfSSL 11:cee25a834751 335 int argc;
wolfSSL 11:cee25a834751 336 char** argv;
wolfSSL 11:cee25a834751 337 int return_code;
wolfSSL 11:cee25a834751 338 tcp_ready* signal;
wolfSSL 11:cee25a834751 339 callback_functions *callbacks;
wolfSSL 11:cee25a834751 340 } func_args;
wolfSSL 11:cee25a834751 341
wolfSSL 11:cee25a834751 342
wolfSSL 11:cee25a834751 343
wolfSSL 11:cee25a834751 344
wolfSSL 11:cee25a834751 345 void wait_tcp_ready(func_args*);
wolfSSL 11:cee25a834751 346
wolfSSL 11:cee25a834751 347 typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*);
wolfSSL 11:cee25a834751 348
wolfSSL 11:cee25a834751 349 void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*);
wolfSSL 11:cee25a834751 350 void join_thread(THREAD_TYPE);
wolfSSL 11:cee25a834751 351
wolfSSL 11:cee25a834751 352 /* wolfSSL */
wolfSSL 11:cee25a834751 353 #ifndef TEST_IPV6
wolfSSL 11:cee25a834751 354 static const char* const wolfSSLIP = "127.0.0.1";
wolfSSL 11:cee25a834751 355 #else
wolfSSL 11:cee25a834751 356 static const char* const wolfSSLIP = "::1";
wolfSSL 11:cee25a834751 357 #endif
wolfSSL 11:cee25a834751 358 static const word16 wolfSSLPort = 11111;
wolfSSL 11:cee25a834751 359
wolfSSL 11:cee25a834751 360
wolfSSL 11:cee25a834751 361 #if defined(__GNUC__)
wolfSSL 11:cee25a834751 362 #define WC_NORETURN __attribute__((noreturn))
wolfSSL 11:cee25a834751 363 #else
wolfSSL 11:cee25a834751 364 #define WC_NORETURN
wolfSSL 11:cee25a834751 365 #endif
wolfSSL 11:cee25a834751 366
wolfSSL 11:cee25a834751 367 static INLINE WC_NORETURN void err_sys(const char* msg)
wolfSSL 11:cee25a834751 368 {
wolfSSL 11:cee25a834751 369 printf("wolfSSL error: %s\n", msg);
wolfSSL 11:cee25a834751 370
wolfSSL 11:cee25a834751 371 #if !defined(__GNUC__)
wolfSSL 11:cee25a834751 372 /* scan-build (which pretends to be gnuc) can get confused and think the
wolfSSL 11:cee25a834751 373 * msg pointer can be null even when hardcoded and then it won't exit,
wolfSSL 11:cee25a834751 374 * making null pointer checks above the err_sys() call useless.
wolfSSL 11:cee25a834751 375 * We could just always exit() but some compilers will complain about no
wolfSSL 11:cee25a834751 376 * possible return, with gcc we know the attribute to handle that with
wolfSSL 11:cee25a834751 377 * WC_NORETURN. */
wolfSSL 11:cee25a834751 378 if (msg)
wolfSSL 11:cee25a834751 379 #endif
wolfSSL 11:cee25a834751 380 {
wolfSSL 11:cee25a834751 381 exit(EXIT_FAILURE);
wolfSSL 11:cee25a834751 382 }
wolfSSL 11:cee25a834751 383 }
wolfSSL 11:cee25a834751 384
wolfSSL 11:cee25a834751 385
wolfSSL 11:cee25a834751 386 #define MY_EX_USAGE 2
wolfSSL 11:cee25a834751 387
wolfSSL 11:cee25a834751 388 extern int myoptind;
wolfSSL 11:cee25a834751 389 extern char* myoptarg;
wolfSSL 11:cee25a834751 390
wolfSSL 11:cee25a834751 391 static INLINE int mygetopt(int argc, char** argv, const char* optstring)
wolfSSL 11:cee25a834751 392 {
wolfSSL 11:cee25a834751 393 static char* next = NULL;
wolfSSL 11:cee25a834751 394
wolfSSL 11:cee25a834751 395 char c;
wolfSSL 11:cee25a834751 396 char* cp;
wolfSSL 11:cee25a834751 397
wolfSSL 11:cee25a834751 398 if (myoptind == 0)
wolfSSL 11:cee25a834751 399 next = NULL; /* we're starting new/over */
wolfSSL 11:cee25a834751 400
wolfSSL 11:cee25a834751 401 if (next == NULL || *next == '\0') {
wolfSSL 11:cee25a834751 402 if (myoptind == 0)
wolfSSL 11:cee25a834751 403 myoptind++;
wolfSSL 11:cee25a834751 404
wolfSSL 11:cee25a834751 405 if (myoptind >= argc || argv[myoptind][0] != '-' ||
wolfSSL 11:cee25a834751 406 argv[myoptind][1] == '\0') {
wolfSSL 11:cee25a834751 407 myoptarg = NULL;
wolfSSL 11:cee25a834751 408 if (myoptind < argc)
wolfSSL 11:cee25a834751 409 myoptarg = argv[myoptind];
wolfSSL 11:cee25a834751 410
wolfSSL 11:cee25a834751 411 return -1;
wolfSSL 11:cee25a834751 412 }
wolfSSL 11:cee25a834751 413
wolfSSL 11:cee25a834751 414 if (strcmp(argv[myoptind], "--") == 0) {
wolfSSL 11:cee25a834751 415 myoptind++;
wolfSSL 11:cee25a834751 416 myoptarg = NULL;
wolfSSL 11:cee25a834751 417
wolfSSL 11:cee25a834751 418 if (myoptind < argc)
wolfSSL 11:cee25a834751 419 myoptarg = argv[myoptind];
wolfSSL 11:cee25a834751 420
wolfSSL 11:cee25a834751 421 return -1;
wolfSSL 11:cee25a834751 422 }
wolfSSL 11:cee25a834751 423
wolfSSL 11:cee25a834751 424 next = argv[myoptind];
wolfSSL 11:cee25a834751 425 next++; /* skip - */
wolfSSL 11:cee25a834751 426 myoptind++;
wolfSSL 11:cee25a834751 427 }
wolfSSL 11:cee25a834751 428
wolfSSL 11:cee25a834751 429 c = *next++;
wolfSSL 11:cee25a834751 430 /* The C++ strchr can return a different value */
wolfSSL 11:cee25a834751 431 cp = (char*)strchr(optstring, c);
wolfSSL 11:cee25a834751 432
wolfSSL 11:cee25a834751 433 if (cp == NULL || c == ':')
wolfSSL 11:cee25a834751 434 return '?';
wolfSSL 11:cee25a834751 435
wolfSSL 11:cee25a834751 436 cp++;
wolfSSL 11:cee25a834751 437
wolfSSL 11:cee25a834751 438 if (*cp == ':') {
wolfSSL 11:cee25a834751 439 if (*next != '\0') {
wolfSSL 11:cee25a834751 440 myoptarg = next;
wolfSSL 11:cee25a834751 441 next = NULL;
wolfSSL 11:cee25a834751 442 }
wolfSSL 11:cee25a834751 443 else if (myoptind < argc) {
wolfSSL 11:cee25a834751 444 myoptarg = argv[myoptind];
wolfSSL 11:cee25a834751 445 myoptind++;
wolfSSL 11:cee25a834751 446 }
wolfSSL 11:cee25a834751 447 else
wolfSSL 11:cee25a834751 448 return '?';
wolfSSL 11:cee25a834751 449 }
wolfSSL 11:cee25a834751 450
wolfSSL 11:cee25a834751 451 return c;
wolfSSL 11:cee25a834751 452 }
wolfSSL 11:cee25a834751 453
wolfSSL 11:cee25a834751 454
wolfSSL 11:cee25a834751 455 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
wolfSSL 11:cee25a834751 456
wolfSSL 11:cee25a834751 457 static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
wolfSSL 11:cee25a834751 458 {
wolfSSL 11:cee25a834751 459 (void)rw;
wolfSSL 11:cee25a834751 460 (void)userdata;
wolfSSL 11:cee25a834751 461 strncpy(passwd, "yassl123", sz);
wolfSSL 11:cee25a834751 462 return 8;
wolfSSL 11:cee25a834751 463 }
wolfSSL 11:cee25a834751 464
wolfSSL 11:cee25a834751 465 #endif
wolfSSL 11:cee25a834751 466
wolfSSL 11:cee25a834751 467
wolfSSL 11:cee25a834751 468 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
wolfSSL 11:cee25a834751 469
wolfSSL 11:cee25a834751 470 static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr)
wolfSSL 11:cee25a834751 471 {
wolfSSL 11:cee25a834751 472 char* altName;
wolfSSL 11:cee25a834751 473 char* issuer;
wolfSSL 11:cee25a834751 474 char* subject;
wolfSSL 11:cee25a834751 475 byte serial[32];
wolfSSL 11:cee25a834751 476 int ret;
wolfSSL 11:cee25a834751 477 int sz = sizeof(serial);
wolfSSL 11:cee25a834751 478
wolfSSL 11:cee25a834751 479 if (x509 == NULL) {
wolfSSL 11:cee25a834751 480 printf("%s No Cert\n", hdr);
wolfSSL 11:cee25a834751 481 return;
wolfSSL 11:cee25a834751 482 }
wolfSSL 11:cee25a834751 483
wolfSSL 11:cee25a834751 484 issuer = wolfSSL_X509_NAME_oneline(
wolfSSL 11:cee25a834751 485 wolfSSL_X509_get_issuer_name(x509), 0, 0);
wolfSSL 11:cee25a834751 486 subject = wolfSSL_X509_NAME_oneline(
wolfSSL 11:cee25a834751 487 wolfSSL_X509_get_subject_name(x509), 0, 0);
wolfSSL 11:cee25a834751 488
wolfSSL 11:cee25a834751 489 printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);
wolfSSL 11:cee25a834751 490
wolfSSL 11:cee25a834751 491 while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL)
wolfSSL 11:cee25a834751 492 printf(" altname = %s\n", altName);
wolfSSL 11:cee25a834751 493
wolfSSL 11:cee25a834751 494 ret = wolfSSL_X509_get_serial_number(x509, serial, &sz);
wolfSSL 11:cee25a834751 495 if (ret == SSL_SUCCESS) {
wolfSSL 11:cee25a834751 496 int i;
wolfSSL 11:cee25a834751 497 int strLen;
wolfSSL 11:cee25a834751 498 char serialMsg[80];
wolfSSL 11:cee25a834751 499
wolfSSL 11:cee25a834751 500 /* testsuite has multiple threads writing to stdout, get output
wolfSSL 11:cee25a834751 501 message ready to write once */
wolfSSL 11:cee25a834751 502 strLen = sprintf(serialMsg, " serial number");
wolfSSL 11:cee25a834751 503 for (i = 0; i < sz; i++)
wolfSSL 11:cee25a834751 504 sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]);
wolfSSL 11:cee25a834751 505 printf("%s\n", serialMsg);
wolfSSL 11:cee25a834751 506 }
wolfSSL 11:cee25a834751 507
wolfSSL 11:cee25a834751 508 XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL 11:cee25a834751 509 XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL 11:cee25a834751 510 }
wolfSSL 11:cee25a834751 511
wolfSSL 11:cee25a834751 512 #endif /* KEEP_PEER_CERT || SESSION_CERTS */
wolfSSL 11:cee25a834751 513
wolfSSL 11:cee25a834751 514
wolfSSL 11:cee25a834751 515 static INLINE void showPeer(WOLFSSL* ssl)
wolfSSL 11:cee25a834751 516 {
wolfSSL 11:cee25a834751 517
wolfSSL 11:cee25a834751 518 WOLFSSL_CIPHER* cipher;
wolfSSL 11:cee25a834751 519 #ifdef HAVE_ECC
wolfSSL 11:cee25a834751 520 const char *name;
wolfSSL 11:cee25a834751 521 #endif
wolfSSL 11:cee25a834751 522 #ifndef NO_DH
wolfSSL 11:cee25a834751 523 int bits;
wolfSSL 11:cee25a834751 524 #endif
wolfSSL 11:cee25a834751 525 #ifdef KEEP_PEER_CERT
wolfSSL 11:cee25a834751 526 WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl);
wolfSSL 11:cee25a834751 527 if (peer)
wolfSSL 11:cee25a834751 528 ShowX509(peer, "peer's cert info:");
wolfSSL 11:cee25a834751 529 else
wolfSSL 11:cee25a834751 530 printf("peer has no cert!\n");
wolfSSL 11:cee25a834751 531 wolfSSL_FreeX509(peer);
wolfSSL 11:cee25a834751 532 #endif
wolfSSL 11:cee25a834751 533 #if defined(SHOW_CERTS) && defined(OPENSSL_EXTRA) && defined(KEEP_OUR_CERT)
wolfSSL 11:cee25a834751 534 ShowX509(wolfSSL_get_certificate(ssl), "our cert info:");
wolfSSL 11:cee25a834751 535 printf("Peer verify result = %lu\n", wolfSSL_get_verify_result(ssl));
wolfSSL 11:cee25a834751 536 #endif /* SHOW_CERTS */
wolfSSL 11:cee25a834751 537 printf("SSL version is %s\n", wolfSSL_get_version(ssl));
wolfSSL 11:cee25a834751 538
wolfSSL 11:cee25a834751 539 cipher = wolfSSL_get_current_cipher(ssl);
wolfSSL 11:cee25a834751 540 #ifdef HAVE_QSH
wolfSSL 11:cee25a834751 541 printf("SSL cipher suite is %s%s\n", (wolfSSL_isQSH(ssl))? "QSH:": "",
wolfSSL 11:cee25a834751 542 wolfSSL_CIPHER_get_name(cipher));
wolfSSL 11:cee25a834751 543 #else
wolfSSL 11:cee25a834751 544 printf("SSL cipher suite is %s\n", wolfSSL_CIPHER_get_name(cipher));
wolfSSL 11:cee25a834751 545 #endif
wolfSSL 11:cee25a834751 546 #ifdef HAVE_ECC
wolfSSL 11:cee25a834751 547 if ((name = wolfSSL_get_curve_name(ssl)) != NULL)
wolfSSL 11:cee25a834751 548 printf("SSL curve name is %s\n", name);
wolfSSL 11:cee25a834751 549 #endif
wolfSSL 11:cee25a834751 550 #ifndef NO_DH
wolfSSL 11:cee25a834751 551 if ((bits = wolfSSL_GetDhKey_Sz(ssl)) > 0)
wolfSSL 11:cee25a834751 552 printf("SSL DH size is %d bits\n", bits);
wolfSSL 11:cee25a834751 553 #endif
wolfSSL 11:cee25a834751 554 if (wolfSSL_session_reused(ssl))
wolfSSL 11:cee25a834751 555 printf("SSL reused session\n");
wolfSSL 11:cee25a834751 556
wolfSSL 11:cee25a834751 557 #if defined(SESSION_CERTS) && defined(SHOW_CERTS)
wolfSSL 11:cee25a834751 558 {
wolfSSL 11:cee25a834751 559 WOLFSSL_X509_CHAIN* chain = wolfSSL_get_peer_chain(ssl);
wolfSSL 11:cee25a834751 560 int count = wolfSSL_get_chain_count(chain);
wolfSSL 11:cee25a834751 561 int i;
wolfSSL 11:cee25a834751 562
wolfSSL 11:cee25a834751 563 for (i = 0; i < count; i++) {
wolfSSL 11:cee25a834751 564 int length;
wolfSSL 11:cee25a834751 565 unsigned char buffer[3072];
wolfSSL 11:cee25a834751 566 WOLFSSL_X509* chainX509;
wolfSSL 11:cee25a834751 567
wolfSSL 11:cee25a834751 568 wolfSSL_get_chain_cert_pem(chain,i,buffer, sizeof(buffer), &length);
wolfSSL 11:cee25a834751 569 buffer[length] = 0;
wolfSSL 11:cee25a834751 570 printf("cert %d has length %d data = \n%s\n", i, length, buffer);
wolfSSL 11:cee25a834751 571
wolfSSL 11:cee25a834751 572 chainX509 = wolfSSL_get_chain_X509(chain, i);
wolfSSL 11:cee25a834751 573 if (chainX509)
wolfSSL 11:cee25a834751 574 ShowX509(chainX509, "session cert info:");
wolfSSL 11:cee25a834751 575 else
wolfSSL 11:cee25a834751 576 printf("get_chain_X509 failed\n");
wolfSSL 11:cee25a834751 577 wolfSSL_FreeX509(chainX509);
wolfSSL 11:cee25a834751 578 }
wolfSSL 11:cee25a834751 579 }
wolfSSL 11:cee25a834751 580 #endif
wolfSSL 11:cee25a834751 581 (void)ssl;
wolfSSL 11:cee25a834751 582 }
wolfSSL 11:cee25a834751 583
wolfSSL 11:cee25a834751 584
wolfSSL 11:cee25a834751 585 static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
wolfSSL 11:cee25a834751 586 word16 port, int udp, int sctp)
wolfSSL 11:cee25a834751 587 {
wolfSSL 11:cee25a834751 588 int useLookup = 0;
wolfSSL 11:cee25a834751 589 (void)useLookup;
wolfSSL 11:cee25a834751 590 (void)udp;
wolfSSL 11:cee25a834751 591 (void)sctp;
wolfSSL 11:cee25a834751 592
wolfSSL 11:cee25a834751 593 if (addr == NULL)
wolfSSL 11:cee25a834751 594 err_sys("invalid argument to build_addr, addr is NULL");
wolfSSL 11:cee25a834751 595
wolfSSL 11:cee25a834751 596 memset(addr, 0, sizeof(SOCKADDR_IN_T));
wolfSSL 11:cee25a834751 597
wolfSSL 11:cee25a834751 598 #ifndef TEST_IPV6
wolfSSL 11:cee25a834751 599 /* peer could be in human readable form */
wolfSSL 11:cee25a834751 600 if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) {
wolfSSL 11:cee25a834751 601 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 602 int err;
wolfSSL 11:cee25a834751 603 struct hostent* entry = gethostbyname(peer, &err);
wolfSSL 11:cee25a834751 604 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 605 struct hostent* entry = DNSGetHostByName(peer);
wolfSSL 11:cee25a834751 606 #elif defined(WOLFSSL_VXWORKS)
wolfSSL 11:cee25a834751 607 struct hostent* entry = (struct hostent*)hostGetByName((char*)peer);
wolfSSL 11:cee25a834751 608 #else
wolfSSL 11:cee25a834751 609 struct hostent* entry = gethostbyname(peer);
wolfSSL 11:cee25a834751 610 #endif
wolfSSL 11:cee25a834751 611
wolfSSL 11:cee25a834751 612 if (entry) {
wolfSSL 11:cee25a834751 613 XMEMCPY(&addr->sin_addr.s_addr, entry->h_addr_list[0],
wolfSSL 11:cee25a834751 614 entry->h_length);
wolfSSL 11:cee25a834751 615 useLookup = 1;
wolfSSL 11:cee25a834751 616 }
wolfSSL 11:cee25a834751 617 else
wolfSSL 11:cee25a834751 618 err_sys("no entry for host");
wolfSSL 11:cee25a834751 619 }
wolfSSL 11:cee25a834751 620 #endif
wolfSSL 11:cee25a834751 621
wolfSSL 11:cee25a834751 622
wolfSSL 11:cee25a834751 623 #ifndef TEST_IPV6
wolfSSL 11:cee25a834751 624 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 625 addr->sin_family = PF_INET;
wolfSSL 11:cee25a834751 626 #else
wolfSSL 11:cee25a834751 627 addr->sin_family = AF_INET_V;
wolfSSL 11:cee25a834751 628 #endif
wolfSSL 11:cee25a834751 629 addr->sin_port = XHTONS(port);
wolfSSL 11:cee25a834751 630 if (peer == INADDR_ANY)
wolfSSL 11:cee25a834751 631 addr->sin_addr.s_addr = INADDR_ANY;
wolfSSL 11:cee25a834751 632 else {
wolfSSL 11:cee25a834751 633 if (!useLookup)
wolfSSL 11:cee25a834751 634 addr->sin_addr.s_addr = inet_addr(peer);
wolfSSL 11:cee25a834751 635 }
wolfSSL 11:cee25a834751 636 #else
wolfSSL 11:cee25a834751 637 addr->sin6_family = AF_INET_V;
wolfSSL 11:cee25a834751 638 addr->sin6_port = XHTONS(port);
wolfSSL 11:cee25a834751 639 if (peer == INADDR_ANY)
wolfSSL 11:cee25a834751 640 addr->sin6_addr = in6addr_any;
wolfSSL 11:cee25a834751 641 else {
wolfSSL 11:cee25a834751 642 #ifdef HAVE_GETADDRINFO
wolfSSL 11:cee25a834751 643 struct addrinfo hints;
wolfSSL 11:cee25a834751 644 struct addrinfo* answer = NULL;
wolfSSL 11:cee25a834751 645 int ret;
wolfSSL 11:cee25a834751 646 char strPort[80];
wolfSSL 11:cee25a834751 647
wolfSSL 11:cee25a834751 648 memset(&hints, 0, sizeof(hints));
wolfSSL 11:cee25a834751 649
wolfSSL 11:cee25a834751 650 hints.ai_family = AF_INET_V;
wolfSSL 11:cee25a834751 651 if (udp) {
wolfSSL 11:cee25a834751 652 hints.ai_socktype = SOCK_DGRAM;
wolfSSL 11:cee25a834751 653 hints.ai_protocol = IPPROTO_UDP;
wolfSSL 11:cee25a834751 654 }
wolfSSL 11:cee25a834751 655 #ifdef WOLFSSL_SCTP
wolfSSL 11:cee25a834751 656 else if (sctp) {
wolfSSL 11:cee25a834751 657 hints.ai_socktype = SOCK_STREAM;
wolfSSL 11:cee25a834751 658 hints.ai_protocol = IPPROTO_SCTP;
wolfSSL 11:cee25a834751 659 }
wolfSSL 11:cee25a834751 660 #endif
wolfSSL 11:cee25a834751 661 else {
wolfSSL 11:cee25a834751 662 hints.ai_socktype = SOCK_STREAM;
wolfSSL 11:cee25a834751 663 hints.ai_protocol = IPPROTO_TCP;
wolfSSL 11:cee25a834751 664 }
wolfSSL 11:cee25a834751 665
wolfSSL 11:cee25a834751 666 SNPRINTF(strPort, sizeof(strPort), "%d", port);
wolfSSL 11:cee25a834751 667 strPort[79] = '\0';
wolfSSL 11:cee25a834751 668
wolfSSL 11:cee25a834751 669 ret = getaddrinfo(peer, strPort, &hints, &answer);
wolfSSL 11:cee25a834751 670 if (ret < 0 || answer == NULL)
wolfSSL 11:cee25a834751 671 err_sys("getaddrinfo failed");
wolfSSL 11:cee25a834751 672
wolfSSL 11:cee25a834751 673 XMEMCPY(addr, answer->ai_addr, answer->ai_addrlen);
wolfSSL 11:cee25a834751 674 freeaddrinfo(answer);
wolfSSL 11:cee25a834751 675 #else
wolfSSL 11:cee25a834751 676 printf("no ipv6 getaddrinfo, loopback only tests/examples\n");
wolfSSL 11:cee25a834751 677 addr->sin6_addr = in6addr_loopback;
wolfSSL 11:cee25a834751 678 #endif
wolfSSL 11:cee25a834751 679 }
wolfSSL 11:cee25a834751 680 #endif
wolfSSL 11:cee25a834751 681 }
wolfSSL 11:cee25a834751 682
wolfSSL 11:cee25a834751 683
wolfSSL 11:cee25a834751 684 static INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp)
wolfSSL 11:cee25a834751 685 {
wolfSSL 11:cee25a834751 686 (void)sctp;
wolfSSL 11:cee25a834751 687
wolfSSL 11:cee25a834751 688 if (udp)
wolfSSL 11:cee25a834751 689 *sockfd = socket(AF_INET_V, SOCK_DGRAM, IPPROTO_UDP);
wolfSSL 11:cee25a834751 690 #ifdef WOLFSSL_SCTP
wolfSSL 11:cee25a834751 691 else if (sctp)
wolfSSL 11:cee25a834751 692 *sockfd = socket(AF_INET_V, SOCK_STREAM, IPPROTO_SCTP);
wolfSSL 11:cee25a834751 693 #endif
wolfSSL 11:cee25a834751 694 else
wolfSSL 11:cee25a834751 695 *sockfd = socket(AF_INET_V, SOCK_STREAM, IPPROTO_TCP);
wolfSSL 11:cee25a834751 696
wolfSSL 11:cee25a834751 697 if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) {
wolfSSL 11:cee25a834751 698 err_sys("socket failed\n");
wolfSSL 11:cee25a834751 699 }
wolfSSL 11:cee25a834751 700
wolfSSL 11:cee25a834751 701 #ifndef USE_WINDOWS_API
wolfSSL 11:cee25a834751 702 #ifdef SO_NOSIGPIPE
wolfSSL 11:cee25a834751 703 {
wolfSSL 11:cee25a834751 704 int on = 1;
wolfSSL 11:cee25a834751 705 socklen_t len = sizeof(on);
wolfSSL 11:cee25a834751 706 int res = setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
wolfSSL 11:cee25a834751 707 if (res < 0)
wolfSSL 11:cee25a834751 708 err_sys("setsockopt SO_NOSIGPIPE failed\n");
wolfSSL 11:cee25a834751 709 }
wolfSSL 11:cee25a834751 710 #elif defined(WOLFSSL_MDK_ARM) || defined (WOLFSSL_TIRTOS) ||\
wolfSSL 11:cee25a834751 711 defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 712 /* nothing to define */
wolfSSL 11:cee25a834751 713 #else /* no S_NOSIGPIPE */
wolfSSL 11:cee25a834751 714 signal(SIGPIPE, SIG_IGN);
wolfSSL 11:cee25a834751 715 #endif /* S_NOSIGPIPE */
wolfSSL 11:cee25a834751 716
wolfSSL 11:cee25a834751 717 #if defined(TCP_NODELAY)
wolfSSL 11:cee25a834751 718 if (!udp && !sctp)
wolfSSL 11:cee25a834751 719 {
wolfSSL 11:cee25a834751 720 int on = 1;
wolfSSL 11:cee25a834751 721 socklen_t len = sizeof(on);
wolfSSL 11:cee25a834751 722 int res = setsockopt(*sockfd, IPPROTO_TCP, TCP_NODELAY, &on, len);
wolfSSL 11:cee25a834751 723 if (res < 0)
wolfSSL 11:cee25a834751 724 err_sys("setsockopt TCP_NODELAY failed\n");
wolfSSL 11:cee25a834751 725 }
wolfSSL 11:cee25a834751 726 #endif
wolfSSL 11:cee25a834751 727 #endif /* USE_WINDOWS_API */
wolfSSL 11:cee25a834751 728 }
wolfSSL 11:cee25a834751 729
wolfSSL 11:cee25a834751 730 static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
wolfSSL 11:cee25a834751 731 int udp, int sctp, WOLFSSL* ssl)
wolfSSL 11:cee25a834751 732 {
wolfSSL 11:cee25a834751 733 SOCKADDR_IN_T addr;
wolfSSL 11:cee25a834751 734 build_addr(&addr, ip, port, udp, sctp);
wolfSSL 11:cee25a834751 735 if (udp) {
wolfSSL 11:cee25a834751 736 wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
wolfSSL 11:cee25a834751 737 }
wolfSSL 11:cee25a834751 738 tcp_socket(sockfd, udp, sctp);
wolfSSL 11:cee25a834751 739
wolfSSL 11:cee25a834751 740 if (!udp) {
wolfSSL 11:cee25a834751 741 if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
wolfSSL 11:cee25a834751 742 err_sys("tcp connect failed");
wolfSSL 11:cee25a834751 743 }
wolfSSL 11:cee25a834751 744 }
wolfSSL 11:cee25a834751 745
wolfSSL 11:cee25a834751 746
wolfSSL 11:cee25a834751 747 static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz)
wolfSSL 11:cee25a834751 748 {
wolfSSL 11:cee25a834751 749 if (connect(*sockfd, (const struct sockaddr*)addr, addrSz) != 0)
wolfSSL 11:cee25a834751 750 err_sys("tcp connect failed");
wolfSSL 11:cee25a834751 751 }
wolfSSL 11:cee25a834751 752
wolfSSL 11:cee25a834751 753
wolfSSL 11:cee25a834751 754 enum {
wolfSSL 11:cee25a834751 755 TEST_SELECT_FAIL,
wolfSSL 11:cee25a834751 756 TEST_TIMEOUT,
wolfSSL 11:cee25a834751 757 TEST_RECV_READY,
wolfSSL 11:cee25a834751 758 TEST_ERROR_READY
wolfSSL 11:cee25a834751 759 };
wolfSSL 11:cee25a834751 760
wolfSSL 11:cee25a834751 761
wolfSSL 11:cee25a834751 762 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET) && \
wolfSSL 11:cee25a834751 763 !defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 764 static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
wolfSSL 11:cee25a834751 765 {
wolfSSL 11:cee25a834751 766 fd_set recvfds, errfds;
wolfSSL 11:cee25a834751 767 SOCKET_T nfds = socketfd + 1;
wolfSSL 11:cee25a834751 768 struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
wolfSSL 11:cee25a834751 769 int result;
wolfSSL 11:cee25a834751 770
wolfSSL 11:cee25a834751 771 FD_ZERO(&recvfds);
wolfSSL 11:cee25a834751 772 FD_SET(socketfd, &recvfds);
wolfSSL 11:cee25a834751 773 FD_ZERO(&errfds);
wolfSSL 11:cee25a834751 774 FD_SET(socketfd, &errfds);
wolfSSL 11:cee25a834751 775
wolfSSL 11:cee25a834751 776 result = select(nfds, &recvfds, NULL, &errfds, &timeout);
wolfSSL 11:cee25a834751 777
wolfSSL 11:cee25a834751 778 if (result == 0)
wolfSSL 11:cee25a834751 779 return TEST_TIMEOUT;
wolfSSL 11:cee25a834751 780 else if (result > 0) {
wolfSSL 11:cee25a834751 781 if (FD_ISSET(socketfd, &recvfds))
wolfSSL 11:cee25a834751 782 return TEST_RECV_READY;
wolfSSL 11:cee25a834751 783 else if(FD_ISSET(socketfd, &errfds))
wolfSSL 11:cee25a834751 784 return TEST_ERROR_READY;
wolfSSL 11:cee25a834751 785 }
wolfSSL 11:cee25a834751 786
wolfSSL 11:cee25a834751 787 return TEST_SELECT_FAIL;
wolfSSL 11:cee25a834751 788 }
wolfSSL 11:cee25a834751 789 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 790 static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
wolfSSL 11:cee25a834751 791 {
wolfSSL 11:cee25a834751 792 return TEST_RECV_READY;
wolfSSL 11:cee25a834751 793 }
wolfSSL 11:cee25a834751 794 #endif /* !WOLFSSL_MDK_ARM */
wolfSSL 11:cee25a834751 795
wolfSSL 11:cee25a834751 796
wolfSSL 11:cee25a834751 797 static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr,
wolfSSL 11:cee25a834751 798 int udp, int sctp)
wolfSSL 11:cee25a834751 799 {
wolfSSL 11:cee25a834751 800 SOCKADDR_IN_T addr;
wolfSSL 11:cee25a834751 801
wolfSSL 11:cee25a834751 802 /* don't use INADDR_ANY by default, firewall may block, make user switch
wolfSSL 11:cee25a834751 803 on */
wolfSSL 11:cee25a834751 804 build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), *port, udp, sctp);
wolfSSL 11:cee25a834751 805 tcp_socket(sockfd, udp, sctp);
wolfSSL 11:cee25a834751 806
wolfSSL 11:cee25a834751 807 #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)\
wolfSSL 11:cee25a834751 808 && !defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 809 {
wolfSSL 11:cee25a834751 810 int res, on = 1;
wolfSSL 11:cee25a834751 811 socklen_t len = sizeof(on);
wolfSSL 11:cee25a834751 812 res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
wolfSSL 11:cee25a834751 813 if (res < 0)
wolfSSL 11:cee25a834751 814 err_sys("setsockopt SO_REUSEADDR failed\n");
wolfSSL 11:cee25a834751 815 }
wolfSSL 11:cee25a834751 816 #endif
wolfSSL 11:cee25a834751 817
wolfSSL 11:cee25a834751 818 if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
wolfSSL 11:cee25a834751 819 err_sys("tcp bind failed");
wolfSSL 11:cee25a834751 820 if (!udp) {
wolfSSL 11:cee25a834751 821 if (listen(*sockfd, 5) != 0)
wolfSSL 11:cee25a834751 822 err_sys("tcp listen failed");
wolfSSL 11:cee25a834751 823 }
wolfSSL 11:cee25a834751 824 #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 825 if (*port == 0) {
wolfSSL 11:cee25a834751 826 socklen_t len = sizeof(addr);
wolfSSL 11:cee25a834751 827 if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
wolfSSL 11:cee25a834751 828 #ifndef TEST_IPV6
wolfSSL 11:cee25a834751 829 *port = XNTOHS(addr.sin_port);
wolfSSL 11:cee25a834751 830 #else
wolfSSL 11:cee25a834751 831 *port = XNTOHS(addr.sin6_port);
wolfSSL 11:cee25a834751 832 #endif
wolfSSL 11:cee25a834751 833 }
wolfSSL 11:cee25a834751 834 }
wolfSSL 11:cee25a834751 835 #endif
wolfSSL 11:cee25a834751 836 }
wolfSSL 11:cee25a834751 837
wolfSSL 11:cee25a834751 838
wolfSSL 11:cee25a834751 839 #if 0
wolfSSL 11:cee25a834751 840 static INLINE int udp_read_connect(SOCKET_T sockfd)
wolfSSL 11:cee25a834751 841 {
wolfSSL 11:cee25a834751 842 SOCKADDR_IN_T cliaddr;
wolfSSL 11:cee25a834751 843 byte b[1500];
wolfSSL 11:cee25a834751 844 int n;
wolfSSL 11:cee25a834751 845 socklen_t len = sizeof(cliaddr);
wolfSSL 11:cee25a834751 846
wolfSSL 11:cee25a834751 847 n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
wolfSSL 11:cee25a834751 848 (struct sockaddr*)&cliaddr, &len);
wolfSSL 11:cee25a834751 849 if (n > 0) {
wolfSSL 11:cee25a834751 850 if (connect(sockfd, (const struct sockaddr*)&cliaddr,
wolfSSL 11:cee25a834751 851 sizeof(cliaddr)) != 0)
wolfSSL 11:cee25a834751 852 err_sys("udp connect failed");
wolfSSL 11:cee25a834751 853 }
wolfSSL 11:cee25a834751 854 else
wolfSSL 11:cee25a834751 855 err_sys("recvfrom failed");
wolfSSL 11:cee25a834751 856
wolfSSL 11:cee25a834751 857 return sockfd;
wolfSSL 11:cee25a834751 858 }
wolfSSL 11:cee25a834751 859 #endif
wolfSSL 11:cee25a834751 860
wolfSSL 11:cee25a834751 861 static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
wolfSSL 11:cee25a834751 862 int useAnyAddr, word16 port, func_args* args)
wolfSSL 11:cee25a834751 863 {
wolfSSL 11:cee25a834751 864 SOCKADDR_IN_T addr;
wolfSSL 11:cee25a834751 865
wolfSSL 11:cee25a834751 866 (void)args;
wolfSSL 11:cee25a834751 867 build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), port, 1, 0);
wolfSSL 11:cee25a834751 868 tcp_socket(sockfd, 1, 0);
wolfSSL 11:cee25a834751 869
wolfSSL 11:cee25a834751 870
wolfSSL 11:cee25a834751 871 #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM) \
wolfSSL 11:cee25a834751 872 && !defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 873 {
wolfSSL 11:cee25a834751 874 int res, on = 1;
wolfSSL 11:cee25a834751 875 socklen_t len = sizeof(on);
wolfSSL 11:cee25a834751 876 res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
wolfSSL 11:cee25a834751 877 if (res < 0)
wolfSSL 11:cee25a834751 878 err_sys("setsockopt SO_REUSEADDR failed\n");
wolfSSL 11:cee25a834751 879 }
wolfSSL 11:cee25a834751 880 #endif
wolfSSL 11:cee25a834751 881
wolfSSL 11:cee25a834751 882 if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
wolfSSL 11:cee25a834751 883 err_sys("tcp bind failed");
wolfSSL 11:cee25a834751 884
wolfSSL 11:cee25a834751 885 #if (defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)) && !defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 886 if (port == 0) {
wolfSSL 11:cee25a834751 887 socklen_t len = sizeof(addr);
wolfSSL 11:cee25a834751 888 if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
wolfSSL 11:cee25a834751 889 #ifndef TEST_IPV6
wolfSSL 11:cee25a834751 890 port = XNTOHS(addr.sin_port);
wolfSSL 11:cee25a834751 891 #else
wolfSSL 11:cee25a834751 892 port = XNTOHS(addr.sin6_port);
wolfSSL 11:cee25a834751 893 #endif
wolfSSL 11:cee25a834751 894 }
wolfSSL 11:cee25a834751 895 }
wolfSSL 11:cee25a834751 896 #endif
wolfSSL 11:cee25a834751 897
wolfSSL 11:cee25a834751 898 #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 899 /* signal ready to accept data */
wolfSSL 11:cee25a834751 900 {
wolfSSL 11:cee25a834751 901 tcp_ready* ready = args->signal;
wolfSSL 11:cee25a834751 902 pthread_mutex_lock(&ready->mutex);
wolfSSL 11:cee25a834751 903 ready->ready = 1;
wolfSSL 11:cee25a834751 904 ready->port = port;
wolfSSL 11:cee25a834751 905 pthread_cond_signal(&ready->cond);
wolfSSL 11:cee25a834751 906 pthread_mutex_unlock(&ready->mutex);
wolfSSL 11:cee25a834751 907 }
wolfSSL 11:cee25a834751 908 #elif defined (WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 909 /* Need mutex? */
wolfSSL 11:cee25a834751 910 tcp_ready* ready = args->signal;
wolfSSL 11:cee25a834751 911 ready->ready = 1;
wolfSSL 11:cee25a834751 912 ready->port = port;
wolfSSL 11:cee25a834751 913 #endif
wolfSSL 11:cee25a834751 914
wolfSSL 11:cee25a834751 915 *clientfd = *sockfd;
wolfSSL 11:cee25a834751 916 }
wolfSSL 11:cee25a834751 917
wolfSSL 11:cee25a834751 918 static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
wolfSSL 11:cee25a834751 919 func_args* args, word16 port, int useAnyAddr,
wolfSSL 11:cee25a834751 920 int udp, int sctp, int ready_file, int do_listen)
wolfSSL 11:cee25a834751 921 {
wolfSSL 11:cee25a834751 922 SOCKADDR_IN_T client;
wolfSSL 11:cee25a834751 923 socklen_t client_len = sizeof(client);
wolfSSL 11:cee25a834751 924 tcp_ready* ready = NULL;
wolfSSL 11:cee25a834751 925
wolfSSL 11:cee25a834751 926 (void) ready; /* Account for case when "ready" is not used */
wolfSSL 11:cee25a834751 927
wolfSSL 11:cee25a834751 928 if (udp) {
wolfSSL 11:cee25a834751 929 udp_accept(sockfd, clientfd, useAnyAddr, port, args);
wolfSSL 11:cee25a834751 930 return;
wolfSSL 11:cee25a834751 931 }
wolfSSL 11:cee25a834751 932
wolfSSL 11:cee25a834751 933 if(do_listen) {
wolfSSL 11:cee25a834751 934 tcp_listen(sockfd, &port, useAnyAddr, udp, sctp);
wolfSSL 11:cee25a834751 935
wolfSSL 11:cee25a834751 936 #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
wolfSSL 11:cee25a834751 937 /* signal ready to tcp_accept */
wolfSSL 11:cee25a834751 938 if (args)
wolfSSL 11:cee25a834751 939 ready = args->signal;
wolfSSL 11:cee25a834751 940 if (ready) {
wolfSSL 11:cee25a834751 941 pthread_mutex_lock(&ready->mutex);
wolfSSL 11:cee25a834751 942 ready->ready = 1;
wolfSSL 11:cee25a834751 943 ready->port = port;
wolfSSL 11:cee25a834751 944 pthread_cond_signal(&ready->cond);
wolfSSL 11:cee25a834751 945 pthread_mutex_unlock(&ready->mutex);
wolfSSL 11:cee25a834751 946 }
wolfSSL 11:cee25a834751 947 #elif defined (WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 948 /* Need mutex? */
wolfSSL 11:cee25a834751 949 if (args)
wolfSSL 11:cee25a834751 950 ready = args->signal;
wolfSSL 11:cee25a834751 951 if (ready) {
wolfSSL 11:cee25a834751 952 ready->ready = 1;
wolfSSL 11:cee25a834751 953 ready->port = port;
wolfSSL 11:cee25a834751 954 }
wolfSSL 11:cee25a834751 955 #endif
wolfSSL 11:cee25a834751 956
wolfSSL 11:cee25a834751 957 if (ready_file) {
wolfSSL 11:cee25a834751 958 #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST)
wolfSSL 11:cee25a834751 959 FILE* srf = NULL;
wolfSSL 11:cee25a834751 960 if (args)
wolfSSL 11:cee25a834751 961 ready = args->signal;
wolfSSL 11:cee25a834751 962
wolfSSL 11:cee25a834751 963 if (ready) {
wolfSSL 11:cee25a834751 964 srf = fopen(ready->srfName, "w");
wolfSSL 11:cee25a834751 965
wolfSSL 11:cee25a834751 966 if (srf) {
wolfSSL 11:cee25a834751 967 /* let's write port sever is listening on to ready file
wolfSSL 11:cee25a834751 968 external monitor can then do ephemeral ports by passing
wolfSSL 11:cee25a834751 969 -p 0 to server on supported platforms with -R ready_file
wolfSSL 11:cee25a834751 970 client can then wait for existence of ready_file and see
wolfSSL 11:cee25a834751 971 which port the server is listening on. */
wolfSSL 11:cee25a834751 972 fprintf(srf, "%d\n", (int)port);
wolfSSL 11:cee25a834751 973 fclose(srf);
wolfSSL 11:cee25a834751 974 }
wolfSSL 11:cee25a834751 975 }
wolfSSL 11:cee25a834751 976 #endif
wolfSSL 11:cee25a834751 977 }
wolfSSL 11:cee25a834751 978 }
wolfSSL 11:cee25a834751 979
wolfSSL 11:cee25a834751 980 *clientfd = accept(*sockfd, (struct sockaddr*)&client,
wolfSSL 11:cee25a834751 981 (ACCEPT_THIRD_T)&client_len);
wolfSSL 11:cee25a834751 982 if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) {
wolfSSL 11:cee25a834751 983 err_sys("tcp accept failed");
wolfSSL 11:cee25a834751 984 }
wolfSSL 11:cee25a834751 985 }
wolfSSL 11:cee25a834751 986
wolfSSL 11:cee25a834751 987
wolfSSL 11:cee25a834751 988 static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
wolfSSL 11:cee25a834751 989 {
wolfSSL 11:cee25a834751 990 #ifdef USE_WINDOWS_API
wolfSSL 11:cee25a834751 991 unsigned long blocking = 1;
wolfSSL 11:cee25a834751 992 int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
wolfSSL 11:cee25a834751 993 if (ret == SOCKET_ERROR)
wolfSSL 11:cee25a834751 994 err_sys("ioctlsocket failed");
wolfSSL 11:cee25a834751 995 #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) \
wolfSSL 11:cee25a834751 996 || defined (WOLFSSL_TIRTOS)|| defined(WOLFSSL_VXWORKS)
wolfSSL 11:cee25a834751 997 /* non blocking not supported, for now */
wolfSSL 11:cee25a834751 998 #else
wolfSSL 11:cee25a834751 999 int flags = fcntl(*sockfd, F_GETFL, 0);
wolfSSL 11:cee25a834751 1000 if (flags < 0)
wolfSSL 11:cee25a834751 1001 err_sys("fcntl get failed");
wolfSSL 11:cee25a834751 1002 flags = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK);
wolfSSL 11:cee25a834751 1003 if (flags < 0)
wolfSSL 11:cee25a834751 1004 err_sys("fcntl set failed");
wolfSSL 11:cee25a834751 1005 #endif
wolfSSL 11:cee25a834751 1006 }
wolfSSL 11:cee25a834751 1007
wolfSSL 11:cee25a834751 1008
wolfSSL 11:cee25a834751 1009 #ifndef NO_PSK
wolfSSL 11:cee25a834751 1010
wolfSSL 11:cee25a834751 1011 /* identity is OpenSSL testing default for openssl s_client, keep same */
wolfSSL 11:cee25a834751 1012 static const char* kIdentityStr = "Client_identity";
wolfSSL 11:cee25a834751 1013
wolfSSL 11:cee25a834751 1014 static INLINE unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint,
wolfSSL 11:cee25a834751 1015 char* identity, unsigned int id_max_len, unsigned char* key,
wolfSSL 11:cee25a834751 1016 unsigned int key_max_len)
wolfSSL 11:cee25a834751 1017 {
wolfSSL 11:cee25a834751 1018 (void)ssl;
wolfSSL 11:cee25a834751 1019 (void)hint;
wolfSSL 11:cee25a834751 1020 (void)key_max_len;
wolfSSL 11:cee25a834751 1021
wolfSSL 11:cee25a834751 1022 /* see internal.h MAX_PSK_ID_LEN for PSK identity limit */
wolfSSL 11:cee25a834751 1023 strncpy(identity, kIdentityStr, id_max_len);
wolfSSL 11:cee25a834751 1024
wolfSSL 11:cee25a834751 1025 /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
wolfSSL 11:cee25a834751 1026 unsigned binary */
wolfSSL 11:cee25a834751 1027 key[0] = 26;
wolfSSL 11:cee25a834751 1028 key[1] = 43;
wolfSSL 11:cee25a834751 1029 key[2] = 60;
wolfSSL 11:cee25a834751 1030 key[3] = 77;
wolfSSL 11:cee25a834751 1031
wolfSSL 11:cee25a834751 1032 return 4; /* length of key in octets or 0 for error */
wolfSSL 11:cee25a834751 1033 }
wolfSSL 11:cee25a834751 1034
wolfSSL 11:cee25a834751 1035
wolfSSL 11:cee25a834751 1036 static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
wolfSSL 11:cee25a834751 1037 unsigned char* key, unsigned int key_max_len)
wolfSSL 11:cee25a834751 1038 {
wolfSSL 11:cee25a834751 1039 (void)ssl;
wolfSSL 11:cee25a834751 1040 (void)key_max_len;
wolfSSL 11:cee25a834751 1041
wolfSSL 11:cee25a834751 1042 /* see internal.h MAX_PSK_ID_LEN for PSK identity limit */
wolfSSL 11:cee25a834751 1043 if (strncmp(identity, kIdentityStr, strlen(kIdentityStr)) != 0)
wolfSSL 11:cee25a834751 1044 return 0;
wolfSSL 11:cee25a834751 1045
wolfSSL 11:cee25a834751 1046 /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
wolfSSL 11:cee25a834751 1047 unsigned binary */
wolfSSL 11:cee25a834751 1048 key[0] = 26;
wolfSSL 11:cee25a834751 1049 key[1] = 43;
wolfSSL 11:cee25a834751 1050 key[2] = 60;
wolfSSL 11:cee25a834751 1051 key[3] = 77;
wolfSSL 11:cee25a834751 1052
wolfSSL 11:cee25a834751 1053 return 4; /* length of key in octets or 0 for error */
wolfSSL 11:cee25a834751 1054 }
wolfSSL 11:cee25a834751 1055
wolfSSL 11:cee25a834751 1056 #endif /* NO_PSK */
wolfSSL 11:cee25a834751 1057
wolfSSL 11:cee25a834751 1058
wolfSSL 11:cee25a834751 1059 #if defined(WOLFSSL_USER_CURRTIME)
wolfSSL 11:cee25a834751 1060 extern double current_time(int reset);
wolfSSL 11:cee25a834751 1061
wolfSSL 11:cee25a834751 1062 #elif defined(USE_WINDOWS_API)
wolfSSL 11:cee25a834751 1063
wolfSSL 11:cee25a834751 1064 #define WIN32_LEAN_AND_MEAN
wolfSSL 11:cee25a834751 1065 #include <windows.h>
wolfSSL 11:cee25a834751 1066
wolfSSL 11:cee25a834751 1067 static INLINE double current_time(int reset)
wolfSSL 11:cee25a834751 1068 {
wolfSSL 11:cee25a834751 1069 static int init = 0;
wolfSSL 11:cee25a834751 1070 static LARGE_INTEGER freq;
wolfSSL 11:cee25a834751 1071
wolfSSL 11:cee25a834751 1072 LARGE_INTEGER count;
wolfSSL 11:cee25a834751 1073
wolfSSL 11:cee25a834751 1074 if (!init) {
wolfSSL 11:cee25a834751 1075 QueryPerformanceFrequency(&freq);
wolfSSL 11:cee25a834751 1076 init = 1;
wolfSSL 11:cee25a834751 1077 }
wolfSSL 11:cee25a834751 1078
wolfSSL 11:cee25a834751 1079 QueryPerformanceCounter(&count);
wolfSSL 11:cee25a834751 1080
wolfSSL 11:cee25a834751 1081 (void)reset;
wolfSSL 11:cee25a834751 1082 return (double)count.QuadPart / freq.QuadPart;
wolfSSL 11:cee25a834751 1083 }
wolfSSL 11:cee25a834751 1084
wolfSSL 11:cee25a834751 1085 #elif defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 1086 extern double current_time();
wolfSSL 11:cee25a834751 1087 #else
wolfSSL 11:cee25a834751 1088
wolfSSL 11:cee25a834751 1089 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_TCP_NET)
wolfSSL 11:cee25a834751 1090 #include <sys/time.h>
wolfSSL 11:cee25a834751 1091
wolfSSL 11:cee25a834751 1092 static INLINE double current_time(int reset)
wolfSSL 11:cee25a834751 1093 {
wolfSSL 11:cee25a834751 1094 struct timeval tv;
wolfSSL 11:cee25a834751 1095 gettimeofday(&tv, 0);
wolfSSL 11:cee25a834751 1096 (void)reset;
wolfSSL 11:cee25a834751 1097
wolfSSL 11:cee25a834751 1098 return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
wolfSSL 11:cee25a834751 1099 }
wolfSSL 11:cee25a834751 1100 #else
wolfSSL 11:cee25a834751 1101 extern double current_time(int reset);
wolfSSL 11:cee25a834751 1102 #endif
wolfSSL 11:cee25a834751 1103 #endif /* USE_WINDOWS_API */
wolfSSL 11:cee25a834751 1104
wolfSSL 11:cee25a834751 1105
wolfSSL 11:cee25a834751 1106 #if !defined(NO_CERTS)
wolfSSL 11:cee25a834751 1107 #if !defined(NO_FILESYSTEM) || \
wolfSSL 11:cee25a834751 1108 (defined(NO_FILESYSTEM) && defined(FORCE_BUFFER_TEST))
wolfSSL 11:cee25a834751 1109
wolfSSL 11:cee25a834751 1110 /* reads file size, allocates buffer, reads into buffer, returns buffer */
wolfSSL 11:cee25a834751 1111 static INLINE int load_file(const char* fname, byte** buf, size_t* bufLen)
wolfSSL 11:cee25a834751 1112 {
wolfSSL 11:cee25a834751 1113 int ret;
wolfSSL 11:cee25a834751 1114 long int fileSz;
wolfSSL 11:cee25a834751 1115 FILE* file;
wolfSSL 11:cee25a834751 1116
wolfSSL 11:cee25a834751 1117 if (fname == NULL || buf == NULL || bufLen == NULL)
wolfSSL 11:cee25a834751 1118 return BAD_FUNC_ARG;
wolfSSL 11:cee25a834751 1119
wolfSSL 11:cee25a834751 1120 /* set defaults */
wolfSSL 11:cee25a834751 1121 *buf = NULL;
wolfSSL 11:cee25a834751 1122 *bufLen = 0;
wolfSSL 11:cee25a834751 1123
wolfSSL 11:cee25a834751 1124 /* open file (read-only binary) */
wolfSSL 11:cee25a834751 1125 file = fopen(fname, "rb");
wolfSSL 11:cee25a834751 1126 if (!file) {
wolfSSL 11:cee25a834751 1127 printf("Error loading %s\n", fname);
wolfSSL 11:cee25a834751 1128 return BAD_PATH_ERROR;
wolfSSL 11:cee25a834751 1129 }
wolfSSL 11:cee25a834751 1130
wolfSSL 11:cee25a834751 1131 fseek(file, 0, SEEK_END);
wolfSSL 11:cee25a834751 1132 fileSz = (int)ftell(file);
wolfSSL 11:cee25a834751 1133 rewind(file);
wolfSSL 11:cee25a834751 1134 if (fileSz > 0) {
wolfSSL 11:cee25a834751 1135 *bufLen = (size_t)fileSz;
wolfSSL 11:cee25a834751 1136 *buf = (byte*)malloc(*bufLen);
wolfSSL 11:cee25a834751 1137 if (*buf == NULL) {
wolfSSL 11:cee25a834751 1138 ret = MEMORY_E;
wolfSSL 11:cee25a834751 1139 printf("Error allocating %lu bytes\n", (unsigned long)*bufLen);
wolfSSL 11:cee25a834751 1140 }
wolfSSL 11:cee25a834751 1141 else {
wolfSSL 11:cee25a834751 1142 size_t readLen = fread(*buf, *bufLen, 1, file);
wolfSSL 11:cee25a834751 1143
wolfSSL 11:cee25a834751 1144 /* check response code */
wolfSSL 11:cee25a834751 1145 ret = (readLen > 0) ? 0 : -1;
wolfSSL 11:cee25a834751 1146 }
wolfSSL 11:cee25a834751 1147 }
wolfSSL 11:cee25a834751 1148 else {
wolfSSL 11:cee25a834751 1149 ret = BUFFER_E;
wolfSSL 11:cee25a834751 1150 }
wolfSSL 11:cee25a834751 1151 fclose(file);
wolfSSL 11:cee25a834751 1152
wolfSSL 11:cee25a834751 1153 return ret;
wolfSSL 11:cee25a834751 1154 }
wolfSSL 11:cee25a834751 1155
wolfSSL 11:cee25a834751 1156 enum {
wolfSSL 11:cee25a834751 1157 WOLFSSL_CA = 1,
wolfSSL 11:cee25a834751 1158 WOLFSSL_CERT = 2,
wolfSSL 11:cee25a834751 1159 WOLFSSL_KEY = 3,
wolfSSL 11:cee25a834751 1160 WOLFSSL_CERT_CHAIN = 4,
wolfSSL 11:cee25a834751 1161 };
wolfSSL 11:cee25a834751 1162
wolfSSL 11:cee25a834751 1163 static INLINE void load_buffer(WOLFSSL_CTX* ctx, const char* fname, int type)
wolfSSL 11:cee25a834751 1164 {
wolfSSL 11:cee25a834751 1165 int format = SSL_FILETYPE_PEM;
wolfSSL 11:cee25a834751 1166 byte* buff = NULL;
wolfSSL 11:cee25a834751 1167 size_t sz = 0;
wolfSSL 11:cee25a834751 1168
wolfSSL 11:cee25a834751 1169 if (load_file(fname, &buff, &sz) != 0) {
wolfSSL 11:cee25a834751 1170 err_sys("can't open file for buffer load "
wolfSSL 11:cee25a834751 1171 "Please run from wolfSSL home directory if not");
wolfSSL 11:cee25a834751 1172 }
wolfSSL 11:cee25a834751 1173
wolfSSL 11:cee25a834751 1174 /* determine format */
wolfSSL 11:cee25a834751 1175 if (strstr(fname, ".der"))
wolfSSL 11:cee25a834751 1176 format = SSL_FILETYPE_ASN1;
wolfSSL 11:cee25a834751 1177
wolfSSL 11:cee25a834751 1178 if (type == WOLFSSL_CA) {
wolfSSL 11:cee25a834751 1179 if (wolfSSL_CTX_load_verify_buffer(ctx, buff, (long)sz, format)
wolfSSL 11:cee25a834751 1180 != SSL_SUCCESS)
wolfSSL 11:cee25a834751 1181 err_sys("can't load buffer ca file");
wolfSSL 11:cee25a834751 1182 }
wolfSSL 11:cee25a834751 1183 else if (type == WOLFSSL_CERT) {
wolfSSL 11:cee25a834751 1184 if (wolfSSL_CTX_use_certificate_buffer(ctx, buff, (long)sz,
wolfSSL 11:cee25a834751 1185 format) != SSL_SUCCESS)
wolfSSL 11:cee25a834751 1186 err_sys("can't load buffer cert file");
wolfSSL 11:cee25a834751 1187 }
wolfSSL 11:cee25a834751 1188 else if (type == WOLFSSL_KEY) {
wolfSSL 11:cee25a834751 1189 if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, (long)sz,
wolfSSL 11:cee25a834751 1190 format) != SSL_SUCCESS)
wolfSSL 11:cee25a834751 1191 err_sys("can't load buffer key file");
wolfSSL 11:cee25a834751 1192 }
wolfSSL 11:cee25a834751 1193 else if (type == WOLFSSL_CERT_CHAIN) {
wolfSSL 11:cee25a834751 1194 if (wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buff,
wolfSSL 11:cee25a834751 1195 (long)sz, format) != SSL_SUCCESS)
wolfSSL 11:cee25a834751 1196 err_sys("can't load cert chain buffer");
wolfSSL 11:cee25a834751 1197 }
wolfSSL 11:cee25a834751 1198
wolfSSL 11:cee25a834751 1199 if (buff)
wolfSSL 11:cee25a834751 1200 free(buff);
wolfSSL 11:cee25a834751 1201 }
wolfSSL 11:cee25a834751 1202 #endif /* !NO_FILESYSTEM || (NO_FILESYSTEM && FORCE_BUFFER_TEST) */
wolfSSL 11:cee25a834751 1203 #endif /* !NO_CERTS */
wolfSSL 11:cee25a834751 1204
wolfSSL 11:cee25a834751 1205 #ifdef VERIFY_CALLBACK
wolfSSL 11:cee25a834751 1206
wolfSSL 11:cee25a834751 1207 static INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
wolfSSL 11:cee25a834751 1208 {
wolfSSL 11:cee25a834751 1209 (void)preverify;
wolfSSL 11:cee25a834751 1210 char buffer[WOLFSSL_MAX_ERROR_SZ];
wolfSSL 11:cee25a834751 1211
wolfSSL 11:cee25a834751 1212 #ifdef OPENSSL_EXTRA
wolfSSL 11:cee25a834751 1213 WOLFSSL_X509* peer;
wolfSSL 11:cee25a834751 1214 #endif
wolfSSL 11:cee25a834751 1215
wolfSSL 11:cee25a834751 1216 printf("In verification callback, error = %d, %s\n", store->error,
wolfSSL 11:cee25a834751 1217 wolfSSL_ERR_error_string(store->error, buffer));
wolfSSL 11:cee25a834751 1218 #ifdef OPENSSL_EXTRA
wolfSSL 11:cee25a834751 1219 peer = store->current_cert;
wolfSSL 11:cee25a834751 1220 if (peer) {
wolfSSL 11:cee25a834751 1221 char* issuer = wolfSSL_X509_NAME_oneline(
wolfSSL 11:cee25a834751 1222 wolfSSL_X509_get_issuer_name(peer), 0, 0);
wolfSSL 11:cee25a834751 1223 char* subject = wolfSSL_X509_NAME_oneline(
wolfSSL 11:cee25a834751 1224 wolfSSL_X509_get_subject_name(peer), 0, 0);
wolfSSL 11:cee25a834751 1225 printf("\tPeer's cert info:\n issuer : %s\n subject: %s\n", issuer,
wolfSSL 11:cee25a834751 1226 subject);
wolfSSL 11:cee25a834751 1227 XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL 11:cee25a834751 1228 XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL 11:cee25a834751 1229 }
wolfSSL 11:cee25a834751 1230 else
wolfSSL 11:cee25a834751 1231 printf("\tPeer has no cert!\n");
wolfSSL 11:cee25a834751 1232 #else
wolfSSL 11:cee25a834751 1233 printf("\tPeer certs: %d\n", store->totalCerts);
wolfSSL 11:cee25a834751 1234 #ifdef VERIFY_CALLBACK_SHOW_PEER_CERTS
wolfSSL 11:cee25a834751 1235 { int i;
wolfSSL 11:cee25a834751 1236 for (i=0; i<store->totalCerts; i++) {
wolfSSL 11:cee25a834751 1237 WOLFSSL_BUFFER_INFO* cert = &store->certs[i];
wolfSSL 11:cee25a834751 1238 printf("\t\tCert %d: Ptr %p, Len %u\n", i, cert->buffer, cert->length);
wolfSSL 11:cee25a834751 1239 }
wolfSSL 11:cee25a834751 1240 }
wolfSSL 11:cee25a834751 1241 #endif
wolfSSL 11:cee25a834751 1242 #endif
wolfSSL 11:cee25a834751 1243
wolfSSL 11:cee25a834751 1244 printf("\tSubject's domain name is %s\n", store->domain);
wolfSSL 11:cee25a834751 1245
wolfSSL 11:cee25a834751 1246 printf("\tAllowing to continue anyway (shouldn't do this, EVER!!!)\n");
wolfSSL 11:cee25a834751 1247 return 1;
wolfSSL 11:cee25a834751 1248 }
wolfSSL 11:cee25a834751 1249
wolfSSL 11:cee25a834751 1250 #endif /* VERIFY_CALLBACK */
wolfSSL 11:cee25a834751 1251
wolfSSL 11:cee25a834751 1252
wolfSSL 11:cee25a834751 1253 static INLINE int myDateCb(int preverify, WOLFSSL_X509_STORE_CTX* store)
wolfSSL 11:cee25a834751 1254 {
wolfSSL 11:cee25a834751 1255 char buffer[WOLFSSL_MAX_ERROR_SZ];
wolfSSL 11:cee25a834751 1256 (void)preverify;
wolfSSL 11:cee25a834751 1257
wolfSSL 11:cee25a834751 1258 printf("In verification callback, error = %d, %s\n", store->error,
wolfSSL 11:cee25a834751 1259 wolfSSL_ERR_error_string(store->error, buffer));
wolfSSL 11:cee25a834751 1260 printf("Subject's domain name is %s\n", store->domain);
wolfSSL 11:cee25a834751 1261
wolfSSL 11:cee25a834751 1262 if (store->error == ASN_BEFORE_DATE_E || store->error == ASN_AFTER_DATE_E) {
wolfSSL 11:cee25a834751 1263 printf("Overriding cert date error as example for bad clock testing\n");
wolfSSL 11:cee25a834751 1264 return 1;
wolfSSL 11:cee25a834751 1265 }
wolfSSL 11:cee25a834751 1266 printf("Cert error is not date error, not overriding\n");
wolfSSL 11:cee25a834751 1267
wolfSSL 11:cee25a834751 1268 return 0;
wolfSSL 11:cee25a834751 1269 }
wolfSSL 11:cee25a834751 1270
wolfSSL 11:cee25a834751 1271
wolfSSL 11:cee25a834751 1272 #ifdef HAVE_CRL
wolfSSL 11:cee25a834751 1273
wolfSSL 11:cee25a834751 1274 static INLINE void CRL_CallBack(const char* url)
wolfSSL 11:cee25a834751 1275 {
wolfSSL 11:cee25a834751 1276 printf("CRL callback url = %s\n", url);
wolfSSL 11:cee25a834751 1277 }
wolfSSL 11:cee25a834751 1278
wolfSSL 11:cee25a834751 1279 #endif
wolfSSL 11:cee25a834751 1280
wolfSSL 11:cee25a834751 1281 #ifndef NO_DH
wolfSSL 11:cee25a834751 1282 static INLINE void SetDH(WOLFSSL* ssl)
wolfSSL 11:cee25a834751 1283 {
wolfSSL 11:cee25a834751 1284 /* dh1024 p */
wolfSSL 11:cee25a834751 1285 static unsigned char p[] =
wolfSSL 11:cee25a834751 1286 {
wolfSSL 11:cee25a834751 1287 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
wolfSSL 11:cee25a834751 1288 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
wolfSSL 11:cee25a834751 1289 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
wolfSSL 11:cee25a834751 1290 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
wolfSSL 11:cee25a834751 1291 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
wolfSSL 11:cee25a834751 1292 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
wolfSSL 11:cee25a834751 1293 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
wolfSSL 11:cee25a834751 1294 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
wolfSSL 11:cee25a834751 1295 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
wolfSSL 11:cee25a834751 1296 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
wolfSSL 11:cee25a834751 1297 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
wolfSSL 11:cee25a834751 1298 };
wolfSSL 11:cee25a834751 1299
wolfSSL 11:cee25a834751 1300 /* dh1024 g */
wolfSSL 11:cee25a834751 1301 static unsigned char g[] =
wolfSSL 11:cee25a834751 1302 {
wolfSSL 11:cee25a834751 1303 0x02,
wolfSSL 11:cee25a834751 1304 };
wolfSSL 11:cee25a834751 1305
wolfSSL 11:cee25a834751 1306 wolfSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g));
wolfSSL 11:cee25a834751 1307 }
wolfSSL 11:cee25a834751 1308
wolfSSL 11:cee25a834751 1309 static INLINE void SetDHCtx(WOLFSSL_CTX* ctx)
wolfSSL 11:cee25a834751 1310 {
wolfSSL 11:cee25a834751 1311 /* dh1024 p */
wolfSSL 11:cee25a834751 1312 static unsigned char p[] =
wolfSSL 11:cee25a834751 1313 {
wolfSSL 11:cee25a834751 1314 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
wolfSSL 11:cee25a834751 1315 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
wolfSSL 11:cee25a834751 1316 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
wolfSSL 11:cee25a834751 1317 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
wolfSSL 11:cee25a834751 1318 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
wolfSSL 11:cee25a834751 1319 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
wolfSSL 11:cee25a834751 1320 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
wolfSSL 11:cee25a834751 1321 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
wolfSSL 11:cee25a834751 1322 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
wolfSSL 11:cee25a834751 1323 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
wolfSSL 11:cee25a834751 1324 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
wolfSSL 11:cee25a834751 1325 };
wolfSSL 11:cee25a834751 1326
wolfSSL 11:cee25a834751 1327 /* dh1024 g */
wolfSSL 11:cee25a834751 1328 static unsigned char g[] =
wolfSSL 11:cee25a834751 1329 {
wolfSSL 11:cee25a834751 1330 0x02,
wolfSSL 11:cee25a834751 1331 };
wolfSSL 11:cee25a834751 1332
wolfSSL 11:cee25a834751 1333 wolfSSL_CTX_SetTmpDH(ctx, p, sizeof(p), g, sizeof(g));
wolfSSL 11:cee25a834751 1334 }
wolfSSL 11:cee25a834751 1335 #endif /* NO_DH */
wolfSSL 11:cee25a834751 1336
wolfSSL 11:cee25a834751 1337 #ifndef NO_CERTS
wolfSSL 11:cee25a834751 1338
wolfSSL 11:cee25a834751 1339 static INLINE void CaCb(unsigned char* der, int sz, int type)
wolfSSL 11:cee25a834751 1340 {
wolfSSL 11:cee25a834751 1341 (void)der;
wolfSSL 11:cee25a834751 1342 printf("Got CA cache add callback, derSz = %d, type = %d\n", sz, type);
wolfSSL 11:cee25a834751 1343 }
wolfSSL 11:cee25a834751 1344
wolfSSL 11:cee25a834751 1345 #endif /* !NO_CERTS */
wolfSSL 11:cee25a834751 1346
wolfSSL 11:cee25a834751 1347
wolfSSL 11:cee25a834751 1348 /* Wolf Root Directory Helper */
wolfSSL 11:cee25a834751 1349 /* KEIL-RL File System does not support relative directory */
wolfSSL 11:cee25a834751 1350 #if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_FS) && !defined(WOLFSSL_TIRTOS)
wolfSSL 11:cee25a834751 1351 /* Maximum depth to search for WolfSSL root */
wolfSSL 11:cee25a834751 1352 #define MAX_WOLF_ROOT_DEPTH 5
wolfSSL 11:cee25a834751 1353
wolfSSL 11:cee25a834751 1354 static INLINE int ChangeToWolfRoot(void)
wolfSSL 11:cee25a834751 1355 {
wolfSSL 11:cee25a834751 1356 #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST)
wolfSSL 11:cee25a834751 1357 int depth, res;
wolfSSL 11:cee25a834751 1358 FILE* file;
wolfSSL 11:cee25a834751 1359 for(depth = 0; depth <= MAX_WOLF_ROOT_DEPTH; depth++) {
wolfSSL 11:cee25a834751 1360 file = fopen(ntruKeyFile, "rb");
wolfSSL 11:cee25a834751 1361 if (file != NULL) {
wolfSSL 11:cee25a834751 1362 fclose(file);
wolfSSL 11:cee25a834751 1363 return depth;
wolfSSL 11:cee25a834751 1364 }
wolfSSL 11:cee25a834751 1365 #ifdef USE_WINDOWS_API
wolfSSL 11:cee25a834751 1366 res = SetCurrentDirectoryA("..\\");
wolfSSL 11:cee25a834751 1367 #else
wolfSSL 11:cee25a834751 1368 res = chdir("../");
wolfSSL 11:cee25a834751 1369 #endif
wolfSSL 11:cee25a834751 1370 if (res < 0) {
wolfSSL 11:cee25a834751 1371 printf("chdir to ../ failed!\n");
wolfSSL 11:cee25a834751 1372 break;
wolfSSL 11:cee25a834751 1373 }
wolfSSL 11:cee25a834751 1374 }
wolfSSL 11:cee25a834751 1375
wolfSSL 11:cee25a834751 1376 err_sys("wolf root not found");
wolfSSL 11:cee25a834751 1377 return -1;
wolfSSL 11:cee25a834751 1378 #else
wolfSSL 11:cee25a834751 1379 return 0;
wolfSSL 11:cee25a834751 1380 #endif
wolfSSL 11:cee25a834751 1381 }
wolfSSL 11:cee25a834751 1382 #endif /* !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_KEIL_FS) && !defined(WOLFSSL_TIRTOS) */
wolfSSL 11:cee25a834751 1383
wolfSSL 11:cee25a834751 1384 #ifdef HAVE_STACK_SIZE
wolfSSL 11:cee25a834751 1385
wolfSSL 11:cee25a834751 1386 typedef THREAD_RETURN WOLFSSL_THREAD (*thread_func)(void* args);
wolfSSL 11:cee25a834751 1387
wolfSSL 11:cee25a834751 1388
wolfSSL 11:cee25a834751 1389 static INLINE int StackSizeCheck(func_args* args, thread_func tf)
wolfSSL 11:cee25a834751 1390 {
wolfSSL 11:cee25a834751 1391 int ret, i, used;
wolfSSL 11:cee25a834751 1392 void* status;
wolfSSL 11:cee25a834751 1393 unsigned char* myStack = NULL;
wolfSSL 11:cee25a834751 1394 int stackSize = 1024*128;
wolfSSL 11:cee25a834751 1395 pthread_attr_t myAttr;
wolfSSL 11:cee25a834751 1396 pthread_t threadId;
wolfSSL 11:cee25a834751 1397
wolfSSL 11:cee25a834751 1398 #ifdef PTHREAD_STACK_MIN
wolfSSL 11:cee25a834751 1399 if (stackSize < PTHREAD_STACK_MIN)
wolfSSL 11:cee25a834751 1400 stackSize = PTHREAD_STACK_MIN;
wolfSSL 11:cee25a834751 1401 #endif
wolfSSL 11:cee25a834751 1402
wolfSSL 11:cee25a834751 1403 ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
wolfSSL 11:cee25a834751 1404 if (ret != 0 || myStack == NULL)
wolfSSL 11:cee25a834751 1405 err_sys("posix_memalign failed\n");
wolfSSL 11:cee25a834751 1406
wolfSSL 11:cee25a834751 1407 XMEMSET(myStack, 0x01, stackSize);
wolfSSL 11:cee25a834751 1408
wolfSSL 11:cee25a834751 1409 ret = pthread_attr_init(&myAttr);
wolfSSL 11:cee25a834751 1410 if (ret != 0)
wolfSSL 11:cee25a834751 1411 err_sys("attr_init failed");
wolfSSL 11:cee25a834751 1412
wolfSSL 11:cee25a834751 1413 ret = pthread_attr_setstack(&myAttr, myStack, stackSize);
wolfSSL 11:cee25a834751 1414 if (ret != 0)
wolfSSL 11:cee25a834751 1415 err_sys("attr_setstackaddr failed");
wolfSSL 11:cee25a834751 1416
wolfSSL 11:cee25a834751 1417 ret = pthread_create(&threadId, &myAttr, tf, args);
wolfSSL 11:cee25a834751 1418 if (ret != 0) {
wolfSSL 11:cee25a834751 1419 perror("pthread_create failed");
wolfSSL 11:cee25a834751 1420 exit(EXIT_FAILURE);
wolfSSL 11:cee25a834751 1421 }
wolfSSL 11:cee25a834751 1422
wolfSSL 11:cee25a834751 1423 ret = pthread_join(threadId, &status);
wolfSSL 11:cee25a834751 1424 if (ret != 0)
wolfSSL 11:cee25a834751 1425 err_sys("pthread_join failed");
wolfSSL 11:cee25a834751 1426
wolfSSL 11:cee25a834751 1427 for (i = 0; i < stackSize; i++) {
wolfSSL 11:cee25a834751 1428 if (myStack[i] != 0x01) {
wolfSSL 11:cee25a834751 1429 break;
wolfSSL 11:cee25a834751 1430 }
wolfSSL 11:cee25a834751 1431 }
wolfSSL 11:cee25a834751 1432
wolfSSL 11:cee25a834751 1433 free(myStack);
wolfSSL 11:cee25a834751 1434
wolfSSL 11:cee25a834751 1435 used = stackSize - i;
wolfSSL 11:cee25a834751 1436 printf("stack used = %d\n", used);
wolfSSL 11:cee25a834751 1437
wolfSSL 11:cee25a834751 1438 return (int)((size_t)status);
wolfSSL 11:cee25a834751 1439 }
wolfSSL 11:cee25a834751 1440
wolfSSL 11:cee25a834751 1441
wolfSSL 11:cee25a834751 1442 #endif /* HAVE_STACK_SIZE */
wolfSSL 11:cee25a834751 1443
wolfSSL 11:cee25a834751 1444
wolfSSL 11:cee25a834751 1445 #ifdef STACK_TRAP
wolfSSL 11:cee25a834751 1446
wolfSSL 11:cee25a834751 1447 /* good settings
wolfSSL 11:cee25a834751 1448 --enable-debug --disable-shared C_EXTRA_FLAGS="-DUSER_TIME -DTFM_TIMING_RESISTANT -DPOSITIVE_EXP_ONLY -DSTACK_TRAP"
wolfSSL 11:cee25a834751 1449
wolfSSL 11:cee25a834751 1450 */
wolfSSL 11:cee25a834751 1451
wolfSSL 11:cee25a834751 1452 #ifdef HAVE_STACK_SIZE
wolfSSL 11:cee25a834751 1453 /* client only for now, setrlimit will fail if pthread_create() called */
wolfSSL 11:cee25a834751 1454 /* STACK_SIZE does pthread_create() on client */
wolfSSL 11:cee25a834751 1455 #error "can't use STACK_TRAP with STACK_SIZE, setrlimit will fail"
wolfSSL 11:cee25a834751 1456 #endif /* HAVE_STACK_SIZE */
wolfSSL 11:cee25a834751 1457
wolfSSL 11:cee25a834751 1458 static INLINE void StackTrap(void)
wolfSSL 11:cee25a834751 1459 {
wolfSSL 11:cee25a834751 1460 struct rlimit rl;
wolfSSL 11:cee25a834751 1461 if (getrlimit(RLIMIT_STACK, &rl) != 0)
wolfSSL 11:cee25a834751 1462 err_sys("getrlimit failed");
wolfSSL 11:cee25a834751 1463 printf("rlim_cur = %llu\n", rl.rlim_cur);
wolfSSL 11:cee25a834751 1464 rl.rlim_cur = 1024*21; /* adjust trap size here */
wolfSSL 11:cee25a834751 1465 if (setrlimit(RLIMIT_STACK, &rl) != 0) {
wolfSSL 11:cee25a834751 1466 perror("setrlimit");
wolfSSL 11:cee25a834751 1467 err_sys("setrlimit failed");
wolfSSL 11:cee25a834751 1468 }
wolfSSL 11:cee25a834751 1469 }
wolfSSL 11:cee25a834751 1470
wolfSSL 11:cee25a834751 1471 #else /* STACK_TRAP */
wolfSSL 11:cee25a834751 1472
wolfSSL 11:cee25a834751 1473 static INLINE void StackTrap(void)
wolfSSL 11:cee25a834751 1474 {
wolfSSL 11:cee25a834751 1475 }
wolfSSL 11:cee25a834751 1476
wolfSSL 11:cee25a834751 1477 #endif /* STACK_TRAP */
wolfSSL 11:cee25a834751 1478
wolfSSL 11:cee25a834751 1479
wolfSSL 11:cee25a834751 1480 #ifdef ATOMIC_USER
wolfSSL 11:cee25a834751 1481
wolfSSL 11:cee25a834751 1482 /* Atomic Encrypt Context example */
wolfSSL 11:cee25a834751 1483 typedef struct AtomicEncCtx {
wolfSSL 11:cee25a834751 1484 int keySetup; /* have we done key setup yet */
wolfSSL 11:cee25a834751 1485 Aes aes; /* for aes example */
wolfSSL 11:cee25a834751 1486 } AtomicEncCtx;
wolfSSL 11:cee25a834751 1487
wolfSSL 11:cee25a834751 1488
wolfSSL 11:cee25a834751 1489 /* Atomic Decrypt Context example */
wolfSSL 11:cee25a834751 1490 typedef struct AtomicDecCtx {
wolfSSL 11:cee25a834751 1491 int keySetup; /* have we done key setup yet */
wolfSSL 11:cee25a834751 1492 Aes aes; /* for aes example */
wolfSSL 11:cee25a834751 1493 } AtomicDecCtx;
wolfSSL 11:cee25a834751 1494
wolfSSL 11:cee25a834751 1495
wolfSSL 11:cee25a834751 1496 static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
wolfSSL 11:cee25a834751 1497 const unsigned char* macIn, unsigned int macInSz, int macContent,
wolfSSL 11:cee25a834751 1498 int macVerify, unsigned char* encOut, const unsigned char* encIn,
wolfSSL 11:cee25a834751 1499 unsigned int encSz, void* ctx)
wolfSSL 11:cee25a834751 1500 {
wolfSSL 11:cee25a834751 1501 int ret;
wolfSSL 11:cee25a834751 1502 Hmac hmac;
wolfSSL 11:cee25a834751 1503 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
wolfSSL 11:cee25a834751 1504 AtomicEncCtx* encCtx = (AtomicEncCtx*)ctx;
wolfSSL 11:cee25a834751 1505 const char* tlsStr = "TLS";
wolfSSL 11:cee25a834751 1506
wolfSSL 11:cee25a834751 1507 /* example supports (d)tls aes */
wolfSSL 11:cee25a834751 1508 if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) {
wolfSSL 11:cee25a834751 1509 printf("myMacEncryptCb not using AES\n");
wolfSSL 11:cee25a834751 1510 return -1;
wolfSSL 11:cee25a834751 1511 }
wolfSSL 11:cee25a834751 1512
wolfSSL 11:cee25a834751 1513 if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) {
wolfSSL 11:cee25a834751 1514 printf("myMacEncryptCb not using (D)TLS\n");
wolfSSL 11:cee25a834751 1515 return -1;
wolfSSL 11:cee25a834751 1516 }
wolfSSL 11:cee25a834751 1517
wolfSSL 11:cee25a834751 1518 /* hmac, not needed if aead mode */
wolfSSL 11:cee25a834751 1519 wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
wolfSSL 11:cee25a834751 1520
wolfSSL 11:cee25a834751 1521 ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
wolfSSL 11:cee25a834751 1522 wolfSSL_GetMacSecret(ssl, macVerify), wolfSSL_GetHmacSize(ssl));
wolfSSL 11:cee25a834751 1523 if (ret != 0)
wolfSSL 11:cee25a834751 1524 return ret;
wolfSSL 11:cee25a834751 1525 ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
wolfSSL 11:cee25a834751 1526 if (ret != 0)
wolfSSL 11:cee25a834751 1527 return ret;
wolfSSL 11:cee25a834751 1528 ret = wc_HmacUpdate(&hmac, macIn, macInSz);
wolfSSL 11:cee25a834751 1529 if (ret != 0)
wolfSSL 11:cee25a834751 1530 return ret;
wolfSSL 11:cee25a834751 1531 ret = wc_HmacFinal(&hmac, macOut);
wolfSSL 11:cee25a834751 1532 if (ret != 0)
wolfSSL 11:cee25a834751 1533 return ret;
wolfSSL 11:cee25a834751 1534
wolfSSL 11:cee25a834751 1535
wolfSSL 11:cee25a834751 1536 /* encrypt setup on first time */
wolfSSL 11:cee25a834751 1537 if (encCtx->keySetup == 0) {
wolfSSL 11:cee25a834751 1538 int keyLen = wolfSSL_GetKeySize(ssl);
wolfSSL 11:cee25a834751 1539 const byte* key;
wolfSSL 11:cee25a834751 1540 const byte* iv;
wolfSSL 11:cee25a834751 1541
wolfSSL 11:cee25a834751 1542 if (wolfSSL_GetSide(ssl) == WOLFSSL_CLIENT_END) {
wolfSSL 11:cee25a834751 1543 key = wolfSSL_GetClientWriteKey(ssl);
wolfSSL 11:cee25a834751 1544 iv = wolfSSL_GetClientWriteIV(ssl);
wolfSSL 11:cee25a834751 1545 }
wolfSSL 11:cee25a834751 1546 else {
wolfSSL 11:cee25a834751 1547 key = wolfSSL_GetServerWriteKey(ssl);
wolfSSL 11:cee25a834751 1548 iv = wolfSSL_GetServerWriteIV(ssl);
wolfSSL 11:cee25a834751 1549 }
wolfSSL 11:cee25a834751 1550
wolfSSL 11:cee25a834751 1551 ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
wolfSSL 11:cee25a834751 1552 if (ret != 0) {
wolfSSL 11:cee25a834751 1553 printf("AesSetKey failed in myMacEncryptCb\n");
wolfSSL 11:cee25a834751 1554 return ret;
wolfSSL 11:cee25a834751 1555 }
wolfSSL 11:cee25a834751 1556 encCtx->keySetup = 1;
wolfSSL 11:cee25a834751 1557 }
wolfSSL 11:cee25a834751 1558
wolfSSL 11:cee25a834751 1559 /* encrypt */
wolfSSL 11:cee25a834751 1560 return wc_AesCbcEncrypt(&encCtx->aes, encOut, encIn, encSz);
wolfSSL 11:cee25a834751 1561 }
wolfSSL 11:cee25a834751 1562
wolfSSL 11:cee25a834751 1563
wolfSSL 11:cee25a834751 1564 static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
wolfSSL 11:cee25a834751 1565 unsigned char* decOut, const unsigned char* decIn,
wolfSSL 11:cee25a834751 1566 unsigned int decSz, int macContent, int macVerify,
wolfSSL 11:cee25a834751 1567 unsigned int* padSz, void* ctx)
wolfSSL 11:cee25a834751 1568 {
wolfSSL 11:cee25a834751 1569 AtomicDecCtx* decCtx = (AtomicDecCtx*)ctx;
wolfSSL 11:cee25a834751 1570 int ret = 0;
wolfSSL 11:cee25a834751 1571 int macInSz = 0;
wolfSSL 11:cee25a834751 1572 int ivExtra = 0;
wolfSSL 11:cee25a834751 1573 int digestSz = wolfSSL_GetHmacSize(ssl);
wolfSSL 11:cee25a834751 1574 unsigned int pad = 0;
wolfSSL 11:cee25a834751 1575 unsigned int padByte = 0;
wolfSSL 11:cee25a834751 1576 Hmac hmac;
wolfSSL 11:cee25a834751 1577 byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
wolfSSL 11:cee25a834751 1578 byte verify[MAX_DIGEST_SIZE];
wolfSSL 11:cee25a834751 1579 const char* tlsStr = "TLS";
wolfSSL 11:cee25a834751 1580
wolfSSL 11:cee25a834751 1581 /* example supports (d)tls aes */
wolfSSL 11:cee25a834751 1582 if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) {
wolfSSL 11:cee25a834751 1583 printf("myMacEncryptCb not using AES\n");
wolfSSL 11:cee25a834751 1584 return -1;
wolfSSL 11:cee25a834751 1585 }
wolfSSL 11:cee25a834751 1586
wolfSSL 11:cee25a834751 1587 if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) {
wolfSSL 11:cee25a834751 1588 printf("myMacEncryptCb not using (D)TLS\n");
wolfSSL 11:cee25a834751 1589 return -1;
wolfSSL 11:cee25a834751 1590 }
wolfSSL 11:cee25a834751 1591
wolfSSL 11:cee25a834751 1592 /*decrypt */
wolfSSL 11:cee25a834751 1593 if (decCtx->keySetup == 0) {
wolfSSL 11:cee25a834751 1594 int keyLen = wolfSSL_GetKeySize(ssl);
wolfSSL 11:cee25a834751 1595 const byte* key;
wolfSSL 11:cee25a834751 1596 const byte* iv;
wolfSSL 11:cee25a834751 1597
wolfSSL 11:cee25a834751 1598 /* decrypt is from other side (peer) */
wolfSSL 11:cee25a834751 1599 if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
wolfSSL 11:cee25a834751 1600 key = wolfSSL_GetClientWriteKey(ssl);
wolfSSL 11:cee25a834751 1601 iv = wolfSSL_GetClientWriteIV(ssl);
wolfSSL 11:cee25a834751 1602 }
wolfSSL 11:cee25a834751 1603 else {
wolfSSL 11:cee25a834751 1604 key = wolfSSL_GetServerWriteKey(ssl);
wolfSSL 11:cee25a834751 1605 iv = wolfSSL_GetServerWriteIV(ssl);
wolfSSL 11:cee25a834751 1606 }
wolfSSL 11:cee25a834751 1607
wolfSSL 11:cee25a834751 1608 ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
wolfSSL 11:cee25a834751 1609 if (ret != 0) {
wolfSSL 11:cee25a834751 1610 printf("AesSetKey failed in myDecryptVerifyCb\n");
wolfSSL 11:cee25a834751 1611 return ret;
wolfSSL 11:cee25a834751 1612 }
wolfSSL 11:cee25a834751 1613 decCtx->keySetup = 1;
wolfSSL 11:cee25a834751 1614 }
wolfSSL 11:cee25a834751 1615
wolfSSL 11:cee25a834751 1616 /* decrypt */
wolfSSL 11:cee25a834751 1617 ret = wc_AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz);
wolfSSL 11:cee25a834751 1618 if (ret != 0)
wolfSSL 11:cee25a834751 1619 return ret;
wolfSSL 11:cee25a834751 1620
wolfSSL 11:cee25a834751 1621 if (wolfSSL_GetCipherType(ssl) == WOLFSSL_AEAD_TYPE) {
wolfSSL 11:cee25a834751 1622 *padSz = wolfSSL_GetAeadMacSize(ssl);
wolfSSL 11:cee25a834751 1623 return 0; /* hmac, not needed if aead mode */
wolfSSL 11:cee25a834751 1624 }
wolfSSL 11:cee25a834751 1625
wolfSSL 11:cee25a834751 1626 if (wolfSSL_GetCipherType(ssl) == WOLFSSL_BLOCK_TYPE) {
wolfSSL 11:cee25a834751 1627 pad = *(decOut + decSz - 1);
wolfSSL 11:cee25a834751 1628 padByte = 1;
wolfSSL 11:cee25a834751 1629 if (wolfSSL_IsTLSv1_1(ssl))
wolfSSL 11:cee25a834751 1630 ivExtra = wolfSSL_GetCipherBlockSize(ssl);
wolfSSL 11:cee25a834751 1631 }
wolfSSL 11:cee25a834751 1632
wolfSSL 11:cee25a834751 1633 *padSz = wolfSSL_GetHmacSize(ssl) + pad + padByte;
wolfSSL 11:cee25a834751 1634 macInSz = decSz - ivExtra - digestSz - pad - padByte;
wolfSSL 11:cee25a834751 1635
wolfSSL 11:cee25a834751 1636 wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
wolfSSL 11:cee25a834751 1637
wolfSSL 11:cee25a834751 1638 ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
wolfSSL 11:cee25a834751 1639 wolfSSL_GetMacSecret(ssl, macVerify), digestSz);
wolfSSL 11:cee25a834751 1640 if (ret != 0)
wolfSSL 11:cee25a834751 1641 return ret;
wolfSSL 11:cee25a834751 1642 ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
wolfSSL 11:cee25a834751 1643 if (ret != 0)
wolfSSL 11:cee25a834751 1644 return ret;
wolfSSL 11:cee25a834751 1645 ret = wc_HmacUpdate(&hmac, decOut + ivExtra, macInSz);
wolfSSL 11:cee25a834751 1646 if (ret != 0)
wolfSSL 11:cee25a834751 1647 return ret;
wolfSSL 11:cee25a834751 1648 ret = wc_HmacFinal(&hmac, verify);
wolfSSL 11:cee25a834751 1649 if (ret != 0)
wolfSSL 11:cee25a834751 1650 return ret;
wolfSSL 11:cee25a834751 1651
wolfSSL 11:cee25a834751 1652 if (XMEMCMP(verify, decOut + decSz - digestSz - pad - padByte,
wolfSSL 11:cee25a834751 1653 digestSz) != 0) {
wolfSSL 11:cee25a834751 1654 printf("myDecryptVerify verify failed\n");
wolfSSL 11:cee25a834751 1655 return -1;
wolfSSL 11:cee25a834751 1656 }
wolfSSL 11:cee25a834751 1657
wolfSSL 11:cee25a834751 1658 return ret;
wolfSSL 11:cee25a834751 1659 }
wolfSSL 11:cee25a834751 1660
wolfSSL 11:cee25a834751 1661
wolfSSL 11:cee25a834751 1662 static INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
wolfSSL 11:cee25a834751 1663 {
wolfSSL 11:cee25a834751 1664 AtomicEncCtx* encCtx;
wolfSSL 11:cee25a834751 1665 AtomicDecCtx* decCtx;
wolfSSL 11:cee25a834751 1666
wolfSSL 11:cee25a834751 1667 encCtx = (AtomicEncCtx*)malloc(sizeof(AtomicEncCtx));
wolfSSL 11:cee25a834751 1668 if (encCtx == NULL)
wolfSSL 11:cee25a834751 1669 err_sys("AtomicEncCtx malloc failed");
wolfSSL 11:cee25a834751 1670 memset(encCtx, 0, sizeof(AtomicEncCtx));
wolfSSL 11:cee25a834751 1671
wolfSSL 11:cee25a834751 1672 decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx));
wolfSSL 11:cee25a834751 1673 if (decCtx == NULL) {
wolfSSL 11:cee25a834751 1674 free(encCtx);
wolfSSL 11:cee25a834751 1675 err_sys("AtomicDecCtx malloc failed");
wolfSSL 11:cee25a834751 1676 }
wolfSSL 11:cee25a834751 1677 memset(decCtx, 0, sizeof(AtomicDecCtx));
wolfSSL 11:cee25a834751 1678
wolfSSL 11:cee25a834751 1679 wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb);
wolfSSL 11:cee25a834751 1680 wolfSSL_SetMacEncryptCtx(ssl, encCtx);
wolfSSL 11:cee25a834751 1681
wolfSSL 11:cee25a834751 1682 wolfSSL_CTX_SetDecryptVerifyCb(ctx, myDecryptVerifyCb);
wolfSSL 11:cee25a834751 1683 wolfSSL_SetDecryptVerifyCtx(ssl, decCtx);
wolfSSL 11:cee25a834751 1684 }
wolfSSL 11:cee25a834751 1685
wolfSSL 11:cee25a834751 1686
wolfSSL 11:cee25a834751 1687 static INLINE void FreeAtomicUser(WOLFSSL* ssl)
wolfSSL 11:cee25a834751 1688 {
wolfSSL 11:cee25a834751 1689 AtomicEncCtx* encCtx = (AtomicEncCtx*)wolfSSL_GetMacEncryptCtx(ssl);
wolfSSL 11:cee25a834751 1690 AtomicDecCtx* decCtx = (AtomicDecCtx*)wolfSSL_GetDecryptVerifyCtx(ssl);
wolfSSL 11:cee25a834751 1691
wolfSSL 11:cee25a834751 1692 free(decCtx);
wolfSSL 11:cee25a834751 1693 free(encCtx);
wolfSSL 11:cee25a834751 1694 }
wolfSSL 11:cee25a834751 1695
wolfSSL 11:cee25a834751 1696 #endif /* ATOMIC_USER */
wolfSSL 11:cee25a834751 1697
wolfSSL 11:cee25a834751 1698 #ifdef WOLFSSL_STATIC_MEMORY
wolfSSL 11:cee25a834751 1699 static INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats)
wolfSSL 11:cee25a834751 1700 {
wolfSSL 11:cee25a834751 1701 word16 i;
wolfSSL 11:cee25a834751 1702
wolfSSL 11:cee25a834751 1703 if (stats == NULL) {
wolfSSL 11:cee25a834751 1704 return 0;
wolfSSL 11:cee25a834751 1705 }
wolfSSL 11:cee25a834751 1706
wolfSSL 11:cee25a834751 1707 /* print to stderr so is on the same pipe as WOLFSSL_DEBUG */
wolfSSL 11:cee25a834751 1708 fprintf(stderr, "Total mallocs = %d\n", stats->totalAlloc);
wolfSSL 11:cee25a834751 1709 fprintf(stderr, "Total frees = %d\n", stats->totalFr);
wolfSSL 11:cee25a834751 1710 fprintf(stderr, "Current mallocs = %d\n", stats->curAlloc);
wolfSSL 11:cee25a834751 1711 fprintf(stderr, "Available IO = %d\n", stats->avaIO);
wolfSSL 11:cee25a834751 1712 fprintf(stderr, "Max con. handshakes = %d\n", stats->maxHa);
wolfSSL 11:cee25a834751 1713 fprintf(stderr, "Max con. IO = %d\n", stats->maxIO);
wolfSSL 11:cee25a834751 1714 fprintf(stderr, "State of memory blocks: size : available \n");
wolfSSL 11:cee25a834751 1715 for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
wolfSSL 11:cee25a834751 1716 fprintf(stderr, " : %d\t : %d\n", stats->blockSz[i],
wolfSSL 11:cee25a834751 1717 stats->avaBlock[i]);
wolfSSL 11:cee25a834751 1718 }
wolfSSL 11:cee25a834751 1719
wolfSSL 11:cee25a834751 1720 return 1;
wolfSSL 11:cee25a834751 1721 }
wolfSSL 11:cee25a834751 1722 #endif /* WOLFSSL_STATIC_MEMORY */
wolfSSL 11:cee25a834751 1723
wolfSSL 11:cee25a834751 1724 #ifdef HAVE_PK_CALLBACKS
wolfSSL 11:cee25a834751 1725
wolfSSL 11:cee25a834751 1726 #ifdef HAVE_ECC
wolfSSL 11:cee25a834751 1727
wolfSSL 11:cee25a834751 1728 static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
wolfSSL 11:cee25a834751 1729 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
wolfSSL 11:cee25a834751 1730 {
wolfSSL 11:cee25a834751 1731 WC_RNG rng;
wolfSSL 11:cee25a834751 1732 int ret;
wolfSSL 11:cee25a834751 1733 word32 idx = 0;
wolfSSL 11:cee25a834751 1734 ecc_key myKey;
wolfSSL 11:cee25a834751 1735
wolfSSL 11:cee25a834751 1736 (void)ssl;
wolfSSL 11:cee25a834751 1737 (void)ctx;
wolfSSL 11:cee25a834751 1738
wolfSSL 11:cee25a834751 1739 ret = wc_InitRng(&rng);
wolfSSL 11:cee25a834751 1740 if (ret != 0)
wolfSSL 11:cee25a834751 1741 return ret;
wolfSSL 11:cee25a834751 1742
wolfSSL 11:cee25a834751 1743 ret = wc_ecc_init(&myKey);
wolfSSL 11:cee25a834751 1744 if (ret == 0) {
wolfSSL 11:cee25a834751 1745 ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL 11:cee25a834751 1746 if (ret == 0)
wolfSSL 11:cee25a834751 1747 ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey);
wolfSSL 11:cee25a834751 1748 wc_ecc_free(&myKey);
wolfSSL 11:cee25a834751 1749 }
wolfSSL 11:cee25a834751 1750 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 1751
wolfSSL 11:cee25a834751 1752 return ret;
wolfSSL 11:cee25a834751 1753 }
wolfSSL 11:cee25a834751 1754
wolfSSL 11:cee25a834751 1755
wolfSSL 11:cee25a834751 1756 static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
wolfSSL 11:cee25a834751 1757 const byte* hash, word32 hashSz, const byte* key, word32 keySz,
wolfSSL 11:cee25a834751 1758 int* result, void* ctx)
wolfSSL 11:cee25a834751 1759 {
wolfSSL 11:cee25a834751 1760 int ret;
wolfSSL 11:cee25a834751 1761 ecc_key myKey;
wolfSSL 11:cee25a834751 1762
wolfSSL 11:cee25a834751 1763 (void)ssl;
wolfSSL 11:cee25a834751 1764 (void)ctx;
wolfSSL 11:cee25a834751 1765
wolfSSL 11:cee25a834751 1766 ret = wc_ecc_init(&myKey);
wolfSSL 11:cee25a834751 1767 if (ret == 0) {
wolfSSL 11:cee25a834751 1768 ret = wc_ecc_import_x963(key, keySz, &myKey);
wolfSSL 11:cee25a834751 1769 if (ret == 0)
wolfSSL 11:cee25a834751 1770 ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey);
wolfSSL 11:cee25a834751 1771 wc_ecc_free(&myKey);
wolfSSL 11:cee25a834751 1772 }
wolfSSL 11:cee25a834751 1773
wolfSSL 11:cee25a834751 1774 return ret;
wolfSSL 11:cee25a834751 1775 }
wolfSSL 11:cee25a834751 1776
wolfSSL 11:cee25a834751 1777 static INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
wolfSSL 11:cee25a834751 1778 unsigned char* pubKeyDer, unsigned int* pubKeySz,
wolfSSL 11:cee25a834751 1779 unsigned char* out, unsigned int* outlen,
wolfSSL 11:cee25a834751 1780 int side, void* ctx)
wolfSSL 11:cee25a834751 1781 {
wolfSSL 11:cee25a834751 1782 int ret;
wolfSSL 11:cee25a834751 1783 ecc_key* privKey = NULL;
wolfSSL 11:cee25a834751 1784 ecc_key* pubKey = NULL;
wolfSSL 11:cee25a834751 1785 ecc_key tmpKey;
wolfSSL 11:cee25a834751 1786
wolfSSL 11:cee25a834751 1787 (void)ssl;
wolfSSL 11:cee25a834751 1788 (void)ctx;
wolfSSL 11:cee25a834751 1789
wolfSSL 11:cee25a834751 1790 ret = wc_ecc_init(&tmpKey);
wolfSSL 11:cee25a834751 1791 if (ret != 0) {
wolfSSL 11:cee25a834751 1792 return ret;
wolfSSL 11:cee25a834751 1793 }
wolfSSL 11:cee25a834751 1794
wolfSSL 11:cee25a834751 1795 /* for client: create and export public key */
wolfSSL 11:cee25a834751 1796 if (side == WOLFSSL_CLIENT_END) {
wolfSSL 11:cee25a834751 1797 WC_RNG rng;
wolfSSL 11:cee25a834751 1798
wolfSSL 11:cee25a834751 1799 privKey = &tmpKey;
wolfSSL 11:cee25a834751 1800 pubKey = otherKey;
wolfSSL 11:cee25a834751 1801
wolfSSL 11:cee25a834751 1802 ret = wc_InitRng(&rng);
wolfSSL 11:cee25a834751 1803 if (ret == 0) {
wolfSSL 11:cee25a834751 1804 ret = wc_ecc_make_key_ex(&rng, 0, privKey, otherKey->dp->id);
wolfSSL 11:cee25a834751 1805 if (ret == 0)
wolfSSL 11:cee25a834751 1806 ret = wc_ecc_export_x963(privKey, pubKeyDer, pubKeySz);
wolfSSL 11:cee25a834751 1807 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 1808 }
wolfSSL 11:cee25a834751 1809 }
wolfSSL 11:cee25a834751 1810
wolfSSL 11:cee25a834751 1811 /* for server: import public key */
wolfSSL 11:cee25a834751 1812 else if (side == WOLFSSL_SERVER_END) {
wolfSSL 11:cee25a834751 1813 privKey = otherKey;
wolfSSL 11:cee25a834751 1814 pubKey = &tmpKey;
wolfSSL 11:cee25a834751 1815
wolfSSL 11:cee25a834751 1816 ret = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, pubKey,
wolfSSL 11:cee25a834751 1817 otherKey->dp->id);
wolfSSL 11:cee25a834751 1818 }
wolfSSL 11:cee25a834751 1819 else {
wolfSSL 11:cee25a834751 1820 ret = BAD_FUNC_ARG;
wolfSSL 11:cee25a834751 1821 }
wolfSSL 11:cee25a834751 1822
wolfSSL 11:cee25a834751 1823 /* generate shared secret and return it */
wolfSSL 11:cee25a834751 1824 if (ret == 0) {
wolfSSL 11:cee25a834751 1825 ret = wc_ecc_shared_secret(privKey, pubKey, out, outlen);
wolfSSL 11:cee25a834751 1826 }
wolfSSL 11:cee25a834751 1827
wolfSSL 11:cee25a834751 1828 wc_ecc_free(&tmpKey);
wolfSSL 11:cee25a834751 1829
wolfSSL 11:cee25a834751 1830 return ret;
wolfSSL 11:cee25a834751 1831 }
wolfSSL 11:cee25a834751 1832
wolfSSL 11:cee25a834751 1833 #endif /* HAVE_ECC */
wolfSSL 11:cee25a834751 1834
wolfSSL 11:cee25a834751 1835 #ifndef NO_RSA
wolfSSL 11:cee25a834751 1836
wolfSSL 11:cee25a834751 1837 static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
wolfSSL 11:cee25a834751 1838 byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
wolfSSL 11:cee25a834751 1839 {
wolfSSL 11:cee25a834751 1840 WC_RNG rng;
wolfSSL 11:cee25a834751 1841 int ret;
wolfSSL 11:cee25a834751 1842 word32 idx = 0;
wolfSSL 11:cee25a834751 1843 RsaKey myKey;
wolfSSL 11:cee25a834751 1844
wolfSSL 11:cee25a834751 1845 (void)ssl;
wolfSSL 11:cee25a834751 1846 (void)ctx;
wolfSSL 11:cee25a834751 1847
wolfSSL 11:cee25a834751 1848 ret = wc_InitRng(&rng);
wolfSSL 11:cee25a834751 1849 if (ret != 0)
wolfSSL 11:cee25a834751 1850 return ret;
wolfSSL 11:cee25a834751 1851
wolfSSL 11:cee25a834751 1852 ret = wc_InitRsaKey(&myKey, NULL);
wolfSSL 11:cee25a834751 1853 if (ret == 0) {
wolfSSL 11:cee25a834751 1854 ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL 11:cee25a834751 1855 if (ret == 0)
wolfSSL 11:cee25a834751 1856 ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng);
wolfSSL 11:cee25a834751 1857 if (ret > 0) { /* save and convert to 0 success */
wolfSSL 11:cee25a834751 1858 *outSz = ret;
wolfSSL 11:cee25a834751 1859 ret = 0;
wolfSSL 11:cee25a834751 1860 }
wolfSSL 11:cee25a834751 1861 wc_FreeRsaKey(&myKey);
wolfSSL 11:cee25a834751 1862 }
wolfSSL 11:cee25a834751 1863 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 1864
wolfSSL 11:cee25a834751 1865 return ret;
wolfSSL 11:cee25a834751 1866 }
wolfSSL 11:cee25a834751 1867
wolfSSL 11:cee25a834751 1868
wolfSSL 11:cee25a834751 1869 static INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz,
wolfSSL 11:cee25a834751 1870 byte** out,
wolfSSL 11:cee25a834751 1871 const byte* key, word32 keySz,
wolfSSL 11:cee25a834751 1872 void* ctx)
wolfSSL 11:cee25a834751 1873 {
wolfSSL 11:cee25a834751 1874 int ret;
wolfSSL 11:cee25a834751 1875 word32 idx = 0;
wolfSSL 11:cee25a834751 1876 RsaKey myKey;
wolfSSL 11:cee25a834751 1877
wolfSSL 11:cee25a834751 1878 (void)ssl;
wolfSSL 11:cee25a834751 1879 (void)ctx;
wolfSSL 11:cee25a834751 1880
wolfSSL 11:cee25a834751 1881 ret = wc_InitRsaKey(&myKey, NULL);
wolfSSL 11:cee25a834751 1882 if (ret == 0) {
wolfSSL 11:cee25a834751 1883 ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
wolfSSL 11:cee25a834751 1884 if (ret == 0)
wolfSSL 11:cee25a834751 1885 ret = wc_RsaSSL_VerifyInline(sig, sigSz, out, &myKey);
wolfSSL 11:cee25a834751 1886 wc_FreeRsaKey(&myKey);
wolfSSL 11:cee25a834751 1887 }
wolfSSL 11:cee25a834751 1888
wolfSSL 11:cee25a834751 1889 return ret;
wolfSSL 11:cee25a834751 1890 }
wolfSSL 11:cee25a834751 1891
wolfSSL 11:cee25a834751 1892
wolfSSL 11:cee25a834751 1893 static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
wolfSSL 11:cee25a834751 1894 byte* out, word32* outSz, const byte* key,
wolfSSL 11:cee25a834751 1895 word32 keySz, void* ctx)
wolfSSL 11:cee25a834751 1896 {
wolfSSL 11:cee25a834751 1897 int ret;
wolfSSL 11:cee25a834751 1898 word32 idx = 0;
wolfSSL 11:cee25a834751 1899 RsaKey myKey;
wolfSSL 11:cee25a834751 1900 WC_RNG rng;
wolfSSL 11:cee25a834751 1901
wolfSSL 11:cee25a834751 1902 (void)ssl;
wolfSSL 11:cee25a834751 1903 (void)ctx;
wolfSSL 11:cee25a834751 1904
wolfSSL 11:cee25a834751 1905 ret = wc_InitRng(&rng);
wolfSSL 11:cee25a834751 1906 if (ret != 0)
wolfSSL 11:cee25a834751 1907 return ret;
wolfSSL 11:cee25a834751 1908
wolfSSL 11:cee25a834751 1909 ret = wc_InitRsaKey(&myKey, NULL);
wolfSSL 11:cee25a834751 1910 if (ret == 0) {
wolfSSL 11:cee25a834751 1911 ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
wolfSSL 11:cee25a834751 1912 if (ret == 0) {
wolfSSL 11:cee25a834751 1913 ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng);
wolfSSL 11:cee25a834751 1914 if (ret > 0) {
wolfSSL 11:cee25a834751 1915 *outSz = ret;
wolfSSL 11:cee25a834751 1916 ret = 0; /* reset to success */
wolfSSL 11:cee25a834751 1917 }
wolfSSL 11:cee25a834751 1918 }
wolfSSL 11:cee25a834751 1919 wc_FreeRsaKey(&myKey);
wolfSSL 11:cee25a834751 1920 }
wolfSSL 11:cee25a834751 1921 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 1922
wolfSSL 11:cee25a834751 1923 return ret;
wolfSSL 11:cee25a834751 1924 }
wolfSSL 11:cee25a834751 1925
wolfSSL 11:cee25a834751 1926 static INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz,
wolfSSL 11:cee25a834751 1927 byte** out,
wolfSSL 11:cee25a834751 1928 const byte* key, word32 keySz, void* ctx)
wolfSSL 11:cee25a834751 1929 {
wolfSSL 11:cee25a834751 1930 int ret;
wolfSSL 11:cee25a834751 1931 word32 idx = 0;
wolfSSL 11:cee25a834751 1932 RsaKey myKey;
wolfSSL 11:cee25a834751 1933
wolfSSL 11:cee25a834751 1934 (void)ssl;
wolfSSL 11:cee25a834751 1935 (void)ctx;
wolfSSL 11:cee25a834751 1936
wolfSSL 11:cee25a834751 1937 ret = wc_InitRsaKey(&myKey, NULL);
wolfSSL 11:cee25a834751 1938 if (ret == 0) {
wolfSSL 11:cee25a834751 1939 ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL 11:cee25a834751 1940 if (ret == 0) {
wolfSSL 11:cee25a834751 1941 #ifdef WC_RSA_BLINDING
wolfSSL 11:cee25a834751 1942 ret = wc_RsaSetRNG(&myKey, wolfSSL_GetRNG(ssl));
wolfSSL 11:cee25a834751 1943 if (ret != 0) {
wolfSSL 11:cee25a834751 1944 wc_FreeRsaKey(&myKey);
wolfSSL 11:cee25a834751 1945 return ret;
wolfSSL 11:cee25a834751 1946 }
wolfSSL 11:cee25a834751 1947 #endif
wolfSSL 11:cee25a834751 1948 ret = wc_RsaPrivateDecryptInline(in, inSz, out, &myKey);
wolfSSL 11:cee25a834751 1949 }
wolfSSL 11:cee25a834751 1950 wc_FreeRsaKey(&myKey);
wolfSSL 11:cee25a834751 1951 }
wolfSSL 11:cee25a834751 1952
wolfSSL 11:cee25a834751 1953 return ret;
wolfSSL 11:cee25a834751 1954 }
wolfSSL 11:cee25a834751 1955
wolfSSL 11:cee25a834751 1956 #endif /* NO_RSA */
wolfSSL 11:cee25a834751 1957
wolfSSL 11:cee25a834751 1958 static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
wolfSSL 11:cee25a834751 1959 {
wolfSSL 11:cee25a834751 1960 (void)ctx;
wolfSSL 11:cee25a834751 1961 (void)ssl;
wolfSSL 11:cee25a834751 1962
wolfSSL 11:cee25a834751 1963 #ifdef HAVE_ECC
wolfSSL 11:cee25a834751 1964 wolfSSL_CTX_SetEccSignCb(ctx, myEccSign);
wolfSSL 11:cee25a834751 1965 wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
wolfSSL 11:cee25a834751 1966 wolfSSL_CTX_SetEccSharedSecretCb(ctx, myEccSharedSecret);
wolfSSL 11:cee25a834751 1967 #endif /* HAVE_ECC */
wolfSSL 11:cee25a834751 1968 #ifndef NO_RSA
wolfSSL 11:cee25a834751 1969 wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign);
wolfSSL 11:cee25a834751 1970 wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify);
wolfSSL 11:cee25a834751 1971 wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);
wolfSSL 11:cee25a834751 1972 wolfSSL_CTX_SetRsaDecCb(ctx, myRsaDec);
wolfSSL 11:cee25a834751 1973 #endif /* NO_RSA */
wolfSSL 11:cee25a834751 1974 }
wolfSSL 11:cee25a834751 1975
wolfSSL 11:cee25a834751 1976 #endif /* HAVE_PK_CALLBACKS */
wolfSSL 11:cee25a834751 1977
wolfSSL 11:cee25a834751 1978
wolfSSL 11:cee25a834751 1979
wolfSSL 11:cee25a834751 1980
wolfSSL 11:cee25a834751 1981
wolfSSL 11:cee25a834751 1982 #if defined(__hpux__) || defined(__MINGW32__) || defined (WOLFSSL_TIRTOS) \
wolfSSL 11:cee25a834751 1983 || defined(_MSC_VER)
wolfSSL 11:cee25a834751 1984
wolfSSL 11:cee25a834751 1985 /* HP/UX doesn't have strsep, needed by test/suites.c */
wolfSSL 11:cee25a834751 1986 static INLINE char* strsep(char **stringp, const char *delim)
wolfSSL 11:cee25a834751 1987 {
wolfSSL 11:cee25a834751 1988 char* start;
wolfSSL 11:cee25a834751 1989 char* end;
wolfSSL 11:cee25a834751 1990
wolfSSL 11:cee25a834751 1991 start = *stringp;
wolfSSL 11:cee25a834751 1992 if (start == NULL)
wolfSSL 11:cee25a834751 1993 return NULL;
wolfSSL 11:cee25a834751 1994
wolfSSL 11:cee25a834751 1995 if ((end = strpbrk(start, delim))) {
wolfSSL 11:cee25a834751 1996 *end++ = '\0';
wolfSSL 11:cee25a834751 1997 *stringp = end;
wolfSSL 11:cee25a834751 1998 } else {
wolfSSL 11:cee25a834751 1999 *stringp = NULL;
wolfSSL 11:cee25a834751 2000 }
wolfSSL 11:cee25a834751 2001
wolfSSL 11:cee25a834751 2002 return start;
wolfSSL 11:cee25a834751 2003 }
wolfSSL 11:cee25a834751 2004
wolfSSL 11:cee25a834751 2005 #endif /* __hpux__ and others */
wolfSSL 11:cee25a834751 2006
wolfSSL 11:cee25a834751 2007 /* Create unique filename, len is length of tempfn name, assuming
wolfSSL 11:cee25a834751 2008 len does not include null terminating character,
wolfSSL 11:cee25a834751 2009 num is number of characters in tempfn name to randomize */
wolfSSL 11:cee25a834751 2010 static INLINE const char* mymktemp(char *tempfn, int len, int num)
wolfSSL 11:cee25a834751 2011 {
wolfSSL 11:cee25a834751 2012 int x, size;
wolfSSL 11:cee25a834751 2013 static const char alphanum[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
wolfSSL 11:cee25a834751 2014 "abcdefghijklmnopqrstuvwxyz";
wolfSSL 11:cee25a834751 2015 WC_RNG rng;
wolfSSL 11:cee25a834751 2016 byte out;
wolfSSL 11:cee25a834751 2017
wolfSSL 11:cee25a834751 2018 if (tempfn == NULL || len < 1 || num < 1 || len <= num) {
wolfSSL 11:cee25a834751 2019 printf("Bad input\n");
wolfSSL 11:cee25a834751 2020 return NULL;
wolfSSL 11:cee25a834751 2021 }
wolfSSL 11:cee25a834751 2022
wolfSSL 11:cee25a834751 2023 size = len - 1;
wolfSSL 11:cee25a834751 2024
wolfSSL 11:cee25a834751 2025 if (wc_InitRng(&rng) != 0) {
wolfSSL 11:cee25a834751 2026 printf("InitRng failed\n");
wolfSSL 11:cee25a834751 2027 return NULL;
wolfSSL 11:cee25a834751 2028 }
wolfSSL 11:cee25a834751 2029
wolfSSL 11:cee25a834751 2030 for (x = size; x > size - num; x--) {
wolfSSL 11:cee25a834751 2031 if (wc_RNG_GenerateBlock(&rng,(byte*)&out, sizeof(out)) != 0) {
wolfSSL 11:cee25a834751 2032 printf("RNG_GenerateBlock failed\n");
wolfSSL 11:cee25a834751 2033 return NULL;
wolfSSL 11:cee25a834751 2034 }
wolfSSL 11:cee25a834751 2035 tempfn[x] = alphanum[out % (sizeof(alphanum) - 1)];
wolfSSL 11:cee25a834751 2036 }
wolfSSL 11:cee25a834751 2037 tempfn[len] = '\0';
wolfSSL 11:cee25a834751 2038
wolfSSL 11:cee25a834751 2039 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 2040
wolfSSL 11:cee25a834751 2041 return tempfn;
wolfSSL 11:cee25a834751 2042 }
wolfSSL 11:cee25a834751 2043
wolfSSL 11:cee25a834751 2044
wolfSSL 11:cee25a834751 2045
wolfSSL 11:cee25a834751 2046 #if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \
wolfSSL 11:cee25a834751 2047 defined(HAVE_POLY1305)
wolfSSL 11:cee25a834751 2048
wolfSSL 11:cee25a834751 2049 #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
wolfSSL 11:cee25a834751 2050
wolfSSL 11:cee25a834751 2051 typedef struct key_ctx {
wolfSSL 11:cee25a834751 2052 byte name[WOLFSSL_TICKET_NAME_SZ]; /* name for this context */
wolfSSL 11:cee25a834751 2053 byte key[CHACHA20_POLY1305_AEAD_KEYSIZE]; /* cipher key */
wolfSSL 11:cee25a834751 2054 } key_ctx;
wolfSSL 11:cee25a834751 2055
wolfSSL 11:cee25a834751 2056 static key_ctx myKey_ctx;
wolfSSL 11:cee25a834751 2057 static WC_RNG myKey_rng;
wolfSSL 11:cee25a834751 2058
wolfSSL 11:cee25a834751 2059 static INLINE int TicketInit(void)
wolfSSL 11:cee25a834751 2060 {
wolfSSL 11:cee25a834751 2061 int ret = wc_InitRng(&myKey_rng);
wolfSSL 11:cee25a834751 2062 if (ret != 0) return ret;
wolfSSL 11:cee25a834751 2063
wolfSSL 11:cee25a834751 2064 ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key));
wolfSSL 11:cee25a834751 2065 if (ret != 0) return ret;
wolfSSL 11:cee25a834751 2066
wolfSSL 11:cee25a834751 2067 ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name,sizeof(myKey_ctx.name));
wolfSSL 11:cee25a834751 2068 if (ret != 0) return ret;
wolfSSL 11:cee25a834751 2069
wolfSSL 11:cee25a834751 2070 return 0;
wolfSSL 11:cee25a834751 2071 }
wolfSSL 11:cee25a834751 2072
wolfSSL 11:cee25a834751 2073 static INLINE void TicketCleanup(void)
wolfSSL 11:cee25a834751 2074 {
wolfSSL 11:cee25a834751 2075 wc_FreeRng(&myKey_rng);
wolfSSL 11:cee25a834751 2076 }
wolfSSL 11:cee25a834751 2077
wolfSSL 11:cee25a834751 2078 static INLINE int myTicketEncCb(WOLFSSL* ssl,
wolfSSL 11:cee25a834751 2079 byte key_name[WOLFSSL_TICKET_NAME_SZ],
wolfSSL 11:cee25a834751 2080 byte iv[WOLFSSL_TICKET_IV_SZ],
wolfSSL 11:cee25a834751 2081 byte mac[WOLFSSL_TICKET_MAC_SZ],
wolfSSL 11:cee25a834751 2082 int enc, byte* ticket, int inLen, int* outLen,
wolfSSL 11:cee25a834751 2083 void* userCtx)
wolfSSL 11:cee25a834751 2084 {
wolfSSL 11:cee25a834751 2085 (void)ssl;
wolfSSL 11:cee25a834751 2086 (void)userCtx;
wolfSSL 11:cee25a834751 2087
wolfSSL 11:cee25a834751 2088 int ret;
wolfSSL 11:cee25a834751 2089 word16 sLen = XHTONS(inLen);
wolfSSL 11:cee25a834751 2090 byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2];
wolfSSL 11:cee25a834751 2091 int aadSz = WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2;
wolfSSL 11:cee25a834751 2092 byte* tmp = aad;
wolfSSL 11:cee25a834751 2093
wolfSSL 11:cee25a834751 2094 if (enc) {
wolfSSL 11:cee25a834751 2095 XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ);
wolfSSL 11:cee25a834751 2096
wolfSSL 11:cee25a834751 2097 ret = wc_RNG_GenerateBlock(&myKey_rng, iv, WOLFSSL_TICKET_IV_SZ);
wolfSSL 11:cee25a834751 2098 if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
wolfSSL 11:cee25a834751 2099
wolfSSL 11:cee25a834751 2100 /* build aad from key name, iv, and length */
wolfSSL 11:cee25a834751 2101 XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ);
wolfSSL 11:cee25a834751 2102 tmp += WOLFSSL_TICKET_NAME_SZ;
wolfSSL 11:cee25a834751 2103 XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ);
wolfSSL 11:cee25a834751 2104 tmp += WOLFSSL_TICKET_IV_SZ;
wolfSSL 11:cee25a834751 2105 XMEMCPY(tmp, &sLen, 2);
wolfSSL 11:cee25a834751 2106
wolfSSL 11:cee25a834751 2107 ret = wc_ChaCha20Poly1305_Encrypt(myKey_ctx.key, iv,
wolfSSL 11:cee25a834751 2108 aad, aadSz,
wolfSSL 11:cee25a834751 2109 ticket, inLen,
wolfSSL 11:cee25a834751 2110 ticket,
wolfSSL 11:cee25a834751 2111 mac);
wolfSSL 11:cee25a834751 2112 if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
wolfSSL 11:cee25a834751 2113 *outLen = inLen; /* no padding in this mode */
wolfSSL 11:cee25a834751 2114 } else {
wolfSSL 11:cee25a834751 2115 /* decrypt */
wolfSSL 11:cee25a834751 2116
wolfSSL 11:cee25a834751 2117 /* see if we know this key */
wolfSSL 11:cee25a834751 2118 if (XMEMCMP(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ) != 0){
wolfSSL 11:cee25a834751 2119 printf("client presented unknown ticket key name ");
wolfSSL 11:cee25a834751 2120 return WOLFSSL_TICKET_RET_FATAL;
wolfSSL 11:cee25a834751 2121 }
wolfSSL 11:cee25a834751 2122
wolfSSL 11:cee25a834751 2123 /* build aad from key name, iv, and length */
wolfSSL 11:cee25a834751 2124 XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ);
wolfSSL 11:cee25a834751 2125 tmp += WOLFSSL_TICKET_NAME_SZ;
wolfSSL 11:cee25a834751 2126 XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ);
wolfSSL 11:cee25a834751 2127 tmp += WOLFSSL_TICKET_IV_SZ;
wolfSSL 11:cee25a834751 2128 XMEMCPY(tmp, &sLen, 2);
wolfSSL 11:cee25a834751 2129
wolfSSL 11:cee25a834751 2130 ret = wc_ChaCha20Poly1305_Decrypt(myKey_ctx.key, iv,
wolfSSL 11:cee25a834751 2131 aad, aadSz,
wolfSSL 11:cee25a834751 2132 ticket, inLen,
wolfSSL 11:cee25a834751 2133 mac,
wolfSSL 11:cee25a834751 2134 ticket);
wolfSSL 11:cee25a834751 2135 if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
wolfSSL 11:cee25a834751 2136 *outLen = inLen; /* no padding in this mode */
wolfSSL 11:cee25a834751 2137 }
wolfSSL 11:cee25a834751 2138
wolfSSL 11:cee25a834751 2139 return WOLFSSL_TICKET_RET_OK;
wolfSSL 11:cee25a834751 2140 }
wolfSSL 11:cee25a834751 2141
wolfSSL 11:cee25a834751 2142 #endif /* HAVE_SESSION_TICKET && CHACHA20 && POLY1305 */
wolfSSL 11:cee25a834751 2143
wolfSSL 11:cee25a834751 2144 static INLINE word16 GetRandomPort(void)
wolfSSL 11:cee25a834751 2145 {
wolfSSL 11:cee25a834751 2146 word16 port = 0;
wolfSSL 11:cee25a834751 2147
wolfSSL 11:cee25a834751 2148 /* Generate random port for testing */
wolfSSL 11:cee25a834751 2149 WC_RNG rng;
wolfSSL 11:cee25a834751 2150 if (wc_InitRng(&rng) == 0) {
wolfSSL 11:cee25a834751 2151 wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port));
wolfSSL 11:cee25a834751 2152 port |= 0xC000; /* Make sure its in the 49152 - 65535 range */
wolfSSL 11:cee25a834751 2153 wc_FreeRng(&rng);
wolfSSL 11:cee25a834751 2154 }
wolfSSL 11:cee25a834751 2155 return port;
wolfSSL 11:cee25a834751 2156 }
wolfSSL 11:cee25a834751 2157
wolfSSL 11:cee25a834751 2158 #endif /* wolfSSL_TEST_H */
wolfSSL 11:cee25a834751 2159