kaspar/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-12-25 14:33:52 +01:00
Code Releases Activity

wolfSSL pkg: new set of examples and tests

Browse Source
This commit is contained in:
Daniele Lacamera 2019-06-06 11:15:12 +02:00
parent b3f32f83bb
commit 8bb1ee1cd5
38 changed files with 932 additions and 1571 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
examples/dtls-wolfssl/Makefile
View File

@ -8,16 +8,18 @@ BOARD ?= native
RIOTBASE ?= $(CURDIR)/../..
# wolfSSL supports 32-bit architectures only
BOARD_BLACKLIST := arduino-duemilanove arduino-mega2560 arduino-uno chronos \
jiminy-mega256rfr2 mega-xplained msb-430 msb-430h telosb \
BOARD_BLACKLIST := arduino-duemilanove arduino-leonardo arduino-mega2560 arduino-nano arduino-uno \
chronos jiminy-mega256rfr2 mega-xplained msb-430 msb-430h telosb \
waspmote-pro wsn430-v1_3b wsn430-v1_4 z1
BOARD_INSUFFICIENT_MEMORY := airfy-beacon b-l072z-lrwan1 bluepill calliope-mini \
cc2650-launchpad cc2650stk hifive1 maple-mini \
microbit nrf51dongle nrf6310 nucleo-f031k6 \
nucleo-f042k6 nucleo-f303k8 nucleo-l031k6 nucleo-f030r8 \
BOARD_INSUFFICIENT_MEMORY := airfy-beacon b-l072z-lrwan1 bluepill \
calliope-mini cc2650-launchpad cc2650stk hifive1 i-nucleo-lrwan1 \
maple-mini microbit nrf51dongle nrf6310 nucleo-f031k6 \
nucleo-f042k6 nucleo-f303k8 nucleo-f303k8 nucleo-l031k6 nucleo-f030r8 \
nucleo-f070rb nucleo-f072rb nucleo-f103rb nucleo-f302r8 nucleo-f334r8 \
nucleo-l053r8 nucleo-l073rz opencm904 \
nucleo-l031k6 nucleo-l053r8 nucleo-l073rz opencm904 \
saml11-xpro bluepill blackpill saml10-xpro \
stm32l0538-disco \
spark-core stm32f0discovery stm32mindev yunjia-nrf51822
# Include packages that pull up and auto-init the link layer.
@ -35,15 +37,19 @@ USEMODULE += shell_commands
USEPKG += wolfssl
USEMODULE += wolfcrypt
USEMODULE += wolfssl
USEMODULE += wolfcrypt-test
USEMODULE += wolfcrypt_ecc
USEMODULE += wolfssl_dtls
# Select public key algorithm (or PSK) support fot ciphersuite(s):
#USEMODULE += wolfcrypt_ecc
#USEMODULE += wolfcrypt_rsa wolfcrypt_dh
USEMODULE += wolfssl_psk
# Uncomment the following line to add debug symbols
#CFLAGS+=-g -ggdb3
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT) -DDTLS_WOLFSSL
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT) -DDTLS_WOLFSSL -Wno-unused-parameter -Wno-unused-variable
# FIXME: This is a temporary patch taken from the TinyDTLS example to ensure proper stack allocation
# A larger stack size is required if using ECC or RSA
CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(3*THREAD_STACKSIZE_DEFAULT\)
# Comment this out to disable code in RIOT that does safety checking
@ -52,6 +58,6 @@ CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(3*THREAD_STACKSIZE_DEFAULT\)
CFLAGS += -DDEVELHELP
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 0
QUIET ?= 1
include $(RIOTBASE)/Makefile.include

14
examples/dtls-wolfssl/README.md
View File

@ -5,8 +5,9 @@ This example shows how to use DTLS with wolfSSL
## SOCK vs. Socket
This example is configured to use socks instead of sockets (over GNRC).
It's possible to use sockets, which give a more similar approach to the
UNIX version of wolfSSL.
It's possible to use POSIX sockets, which give a more similar approach to the
UNIX version of wolfSSL. POSIX sockets are supported by RIOT-OS via lwIP, but
no example is available at this time.
## Fast configuration (Between RIOT instances)
@ -33,11 +34,16 @@ $ make all; PORT=tap1 make term
$ PORT=tap0 make term
> dtlsc <IPv6's server address[%netif]>
```
### Certificate/key
Test certificate and key arrays are provided in `cert.c`. You can generate your own arrays starting from existing certificate and key in .der format using `xxd -i`.
### Testing against host endpoints
Riot-to-host can be tested against the DTLS examples provided in the [wolfSSL-examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/dtls) repository.
## Boards
Boards that do not support the `../gnrc_networking` example are included
in the `BOARD_INSUFFICIENT_MEMORY`, plus the board `cc2650stk`.
Boards that due to insufficient memory are not able to support GNRC are included
in the `BOARD_INSUFFICIENT_MEMORY`.

358
examples/dtls-wolfssl/cert.c
View File

@ -1,72 +1,80 @@
/* Created from wolfssl-examples test certificate+keys, ECC/RSA. 28/08/2019 */
#ifdef MODULE_WOLFCRYPT_ECC
const unsigned char server_cert[] = {
0x30, 0x82, 0x03, 0x10, 0x30, 0x82, 0x02, 0xb5, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x09, 0x00, 0xef, 0x46, 0xc7, 0xa4, 0x9b, 0xbb, 0x60, 0xd3,
0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f,
0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07,
0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06,
0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70, 0x74, 0x69,
0x63, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03,
0x45, 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73,
0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e,
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63,
0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31,
0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30,
0x35, 0x30, 0x38, 0x32, 0x30, 0x30, 0x37, 0x33, 0x38, 0x5a, 0x30, 0x81,
0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65,
0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x45, 0x43,
0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f,
0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
0x42, 0x00, 0x04, 0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6, 0x4a,
0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36, 0xdb, 0x72, 0x2d, 0xce, 0x94,
0xea, 0x2b, 0xfa, 0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61, 0x02,
0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a, 0x31, 0x5b, 0x97, 0x92, 0x21,
0x7f, 0xf0, 0xcf, 0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8, 0x20,
0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8, 0xa3, 0x81, 0xf7, 0x30, 0x81,
0xf4, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
0x5d, 0x5d, 0x26, 0xef, 0xac, 0x7e, 0x36, 0xf9, 0x9b, 0x76, 0x15, 0x2b,
0x4a, 0x25, 0x02, 0x23, 0xef, 0xb2, 0x89, 0x30, 0x30, 0x81, 0xc4, 0x06,
0x03, 0x55, 0x1d, 0x23, 0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14,
0x5d, 0x5d, 0x26, 0xef, 0xac, 0x7e, 0x36, 0xf9, 0x9b, 0x76, 0x15, 0x2b,
0x4a, 0x25, 0x02, 0x23, 0xef, 0xb2, 0x89, 0x30, 0xa1, 0x81, 0x95, 0xa4,
0x81, 0x92, 0x30, 0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67,
0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07,
0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30,
0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70,
0x74, 0x69, 0x63, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b,
0x0c, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66,
0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10,
0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c,
0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x09, 0x00, 0xef, 0x46, 0xc7, 0xa4, 0x9b,
0xbb, 0x60, 0xd3, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05,
0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21,
0x00, 0xf1, 0xd0, 0xa6, 0x3e, 0x83, 0x33, 0x24, 0xd1, 0x7a, 0x05, 0x5f,
0x1e, 0x0e, 0xbd, 0x7d, 0x6b, 0x33, 0xe9, 0xf2, 0x86, 0xf3, 0xf3, 0x3d,
0xa9, 0xef, 0x6a, 0x87, 0x31, 0xb3, 0xb7, 0x7e, 0x50, 0x02, 0x21, 0x00,
0xf0, 0x60, 0xdd, 0xce, 0xa2, 0xdb, 0x56, 0xec, 0xd9, 0xf4, 0xe4, 0xe3,
0x25, 0xd4, 0xb0, 0xc9, 0x25, 0x7d, 0xca, 0x7a, 0x5d, 0xba, 0xc4, 0xb2,
0xf6, 0x7d, 0x04, 0xc7, 0xbd, 0x62, 0xc9, 0x20
0x30, 0x82, 0x03, 0x50, 0x30, 0x82, 0x02, 0xf5, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x02, 0x10, 0x00, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68,
0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77,
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x44, 0x65, 0x76, 0x65, 0x6c, 0x6f, 0x70,
0x6d, 0x65, 0x6e, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73,
0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69,
0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e,
0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x37, 0x31, 0x30, 0x32,
0x30, 0x31, 0x38, 0x31, 0x39, 0x30, 0x36, 0x5a, 0x17, 0x0d, 0x32, 0x37,
0x31, 0x30, 0x31, 0x38, 0x31, 0x38, 0x31, 0x39, 0x30, 0x36, 0x5a, 0x30,
0x81, 0x8f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53,
0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x07, 0x45, 0x6c, 0x69, 0x70, 0x74, 0x69, 0x63,
0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x45,
0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c,
0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66,
0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f,
0x6d, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
0x03, 0x42, 0x00, 0x04, 0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6,
0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36, 0xdb, 0x72, 0x2d, 0xce,
0x94, 0xea, 0x2b, 0xfa, 0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61,
0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a, 0x31, 0x5b, 0x97, 0x92,
0x21, 0x7f, 0xf0, 0xcf, 0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8,
0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8, 0xa3, 0x82, 0x01, 0x35,
0x30, 0x82, 0x01, 0x31, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
0x02, 0x30, 0x00, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86,
0xf8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x1d,
0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x5d, 0x5d, 0x26,
0xef, 0xac, 0x7e, 0x36, 0xf9, 0x9b, 0x76, 0x15, 0x2b, 0x4a, 0x25, 0x02,
0x23, 0xef, 0xb2, 0x89, 0x30, 0x30, 0x81, 0xcc, 0x06, 0x03, 0x55, 0x1d,
0x23, 0x04, 0x81, 0xc4, 0x30, 0x81, 0xc1, 0x80, 0x14, 0x56, 0x8e, 0x9a,
0xc3, 0xf0, 0x42, 0xde, 0x18, 0xb9, 0x45, 0x55, 0x6e, 0xf9, 0x93, 0xcf,
0xea, 0xc3, 0xf3, 0xa5, 0x21, 0xa1, 0x81, 0x9d, 0xa4, 0x81, 0x9a, 0x30,
0x81, 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53,
0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c,
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x44,
0x65, 0x76, 0x65, 0x6c, 0x6f, 0x70, 0x6d, 0x65, 0x6e, 0x74, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77,
0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f,
0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x09, 0x00,
0x97, 0xb4, 0xbd, 0x16, 0x78, 0xf8, 0x47, 0xf2, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x03, 0xa8,
0x30, 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a, 0x06,
0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x0a, 0x06,
0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00,
0x30, 0x46, 0x02, 0x21, 0x00, 0xbe, 0xb8, 0x58, 0xf0, 0xe4, 0x15, 0x01,
0x1f, 0xdf, 0x70, 0x54, 0x73, 0x4a, 0x6c, 0x40, 0x1f, 0x77, 0xa8, 0xb4,
0xeb, 0x52, 0x1e, 0xbf, 0xf5, 0x0d, 0xb1, 0x33, 0xca, 0x6a, 0xc4, 0x76,
0xb9, 0x02, 0x21, 0x00, 0x97, 0x08, 0xde, 0x2c, 0x28, 0xc1, 0x45, 0x71,
0xb6, 0x2c, 0x54, 0x87, 0x98, 0x63, 0x76, 0xa8, 0x21, 0x34, 0x90, 0xa8,
0xf7, 0x9e, 0x3f, 0xfc, 0x02, 0xb0, 0xe7, 0xd3, 0x09, 0x31, 0x27, 0xe4
};
unsigned int server_cert_len = 788;
unsigned int server_cert_len = 852;
const unsigned char server_key[] = {
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x45, 0xb6, 0x69, 0x02, 0x73,
0x9c, 0x6c, 0x85, 0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac, 0xc4,
@ -81,3 +89,219 @@ const unsigned char server_key[] = {
0xd8
};
unsigned int server_key_len = 121;
#endif
#ifdef MODULE_WOLFCRYPT_RSA
const unsigned char server_cert[] = {
0x30, 0x82, 0x04, 0x9e, 0x30, 0x82, 0x03, 0x86, 0xa0, 0x03, 0x02, 0x01,
0x02, 0x02, 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b,
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f,
0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31,
0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61,
0x77, 0x74, 0x6f, 0x6f, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
0x55, 0x04, 0x0b, 0x0c, 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74,
0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73,
0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e,
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63,
0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x34, 0x31, 0x33,
0x31, 0x35, 0x32, 0x33, 0x31, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30,
0x31, 0x30, 0x37, 0x31, 0x35, 0x32, 0x33, 0x31, 0x30, 0x5a, 0x30, 0x81,
0x90, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d,
0x61, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c,
0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x10, 0x30, 0x0e,
0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x07, 0x53, 0x75, 0x70, 0x70, 0x6f,
0x72, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c,
0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66,
0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f,
0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f,
0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc0, 0x95,
0x08, 0xe1, 0x57, 0x41, 0xf2, 0x71, 0x6d, 0xb7, 0xd2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xc6, 0x45, 0xae, 0xf2, 0xbc, 0x24, 0x30, 0xb8, 0x95, 0xce,
0x2f, 0x4e, 0xd6, 0xf6, 0x1c, 0x88, 0xbc, 0x7c, 0x9f, 0xfb, 0xa8, 0x67,
0x7f, 0xfe, 0x5c, 0x9c, 0x51, 0x75, 0xf7, 0x8a, 0xca, 0x07, 0xe7, 0x35,
0x2f, 0x8f, 0xe1, 0xbd, 0x7b, 0xc0, 0x2f, 0x7c, 0xab, 0x64, 0xa8, 0x17,
0xfc, 0xca, 0x5d, 0x7b, 0xba, 0xe0, 0x21, 0xe5, 0x72, 0x2e, 0x6f, 0x2e,
0x86, 0xd8, 0x95, 0x73, 0xda, 0xac, 0x1b, 0x53, 0xb9, 0x5f, 0x3f, 0xd7,
0x19, 0x0d, 0x25, 0x4f, 0xe1, 0x63, 0x63, 0x51, 0x8b, 0x0b, 0x64, 0x3f,
0xad, 0x43, 0xb8, 0xa5, 0x1c, 0x5c, 0x34, 0xb3, 0xae, 0x00, 0xa0, 0x63,
0xc5, 0xf6, 0x7f, 0x0b, 0x59, 0x68, 0x78, 0x73, 0xa6, 0x8c, 0x18, 0xa9,
0x02, 0x6d, 0xaf, 0xc3, 0x19, 0x01, 0x2e, 0xb8, 0x10, 0xe3, 0xc6, 0xcc,
0x40, 0xb4, 0x69, 0xa3, 0x46, 0x33, 0x69, 0x87, 0x6e, 0xc4, 0xbb, 0x17,
0xa6, 0xf3, 0xe8, 0xdd, 0xad, 0x73, 0xbc, 0x7b, 0x2f, 0x21, 0xb5, 0xfd,
0x66, 0x51, 0x0c, 0xbd, 0x54, 0xb3, 0xe1, 0x6d, 0x5f, 0x1c, 0xbc, 0x23,
0x73, 0xd1, 0x09, 0x03, 0x89, 0x14, 0xd2, 0x10, 0xb9, 0x64, 0xc3, 0x2a,
0xd0, 0xa1, 0x96, 0x4a, 0xbc, 0xe1, 0xd4, 0x1a, 0x5b, 0xc7, 0xa0, 0xc0,
0xc1, 0x63, 0x78, 0x0f, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23,
0x95, 0xa1, 0x77, 0xba, 0x13, 0xd2, 0x97, 0x73, 0xe2, 0x5d, 0x25, 0xc9,
0x6a, 0x0d, 0xc3, 0x39, 0x60, 0xa4, 0xb4, 0xb0, 0x69, 0x42, 0x42, 0x09,
0xe9, 0xd8, 0x08, 0xbc, 0x33, 0x20, 0xb3, 0x58, 0x22, 0xa7, 0xaa, 0xeb,
0xc4, 0xe1, 0xe6, 0x61, 0x83, 0xc5, 0xd2, 0x96, 0xdf, 0xd9, 0xd0, 0x4f,
0xad, 0xd7, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0xfc, 0x30, 0x81,
0xf9, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
0xb3, 0x11, 0x32, 0xc9, 0x92, 0x98, 0x84, 0xe2, 0xc9, 0xf8, 0xd0, 0x3b,
0x6e, 0x03, 0x42, 0xca, 0x1f, 0x0e, 0x8e, 0x3c, 0x30, 0x81, 0xc9, 0x06,
0x03, 0x55, 0x1d, 0x23, 0x04, 0x81, 0xc1, 0x30, 0x81, 0xbe, 0x80, 0x14,
0x27, 0x8e, 0x67, 0x11, 0x74, 0xc3, 0x26, 0x1d, 0x3f, 0xed, 0x33, 0x63,
0xb3, 0xa4, 0xd8, 0x1d, 0x30, 0xe5, 0xe8, 0xd5, 0xa1, 0x81, 0x9a, 0xa4,
0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42,
0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74,
0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0a,
0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77,
0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f,
0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x09, 0x00,
0x86, 0xff, 0xf5, 0x8e, 0x10, 0xde, 0xb8, 0xfb, 0x30, 0x0c, 0x06, 0x03,
0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xb4, 0x54, 0x60, 0xad, 0xa0, 0x03,
0x32, 0xde, 0x02, 0x7f, 0x21, 0x4a, 0x81, 0xc6, 0xed, 0xcd, 0xcd, 0xd8,
0x12, 0x8a, 0xc0, 0xba, 0x82, 0x5b, 0x75, 0xad, 0x54, 0xe3, 0x7c, 0x80,
0x6a, 0xac, 0x2e, 0x6c, 0x20, 0x4e, 0xbe, 0x4d, 0x82, 0xa7, 0x47, 0x13,
0x5c, 0xf4, 0xc6, 0x6a, 0x2b, 0x10, 0x99, 0x58, 0xde, 0xab, 0x6b, 0x7c,
0x22, 0x05, 0xc1, 0x83, 0x9d, 0xcb, 0xff, 0x3c, 0xe4, 0x2d, 0x57, 0x6a,
0xa6, 0x96, 0xdf, 0xd3, 0xc1, 0x68, 0xe3, 0xd2, 0xc6, 0x83, 0x4b, 0x97,
0xe2, 0xc6, 0x32, 0x0e, 0xbe, 0xc4, 0x03, 0xb9, 0x07, 0x8a, 0x5b, 0xb8,
0x84, 0xba, 0xc5, 0x39, 0x3f, 0x1c, 0x58, 0xa7, 0x55, 0xd7, 0xf0, 0x9b,
0xe8, 0xd2, 0x45, 0xb9, 0xe3, 0x83, 0x2e, 0xee, 0xb6, 0x71, 0x56, 0xb9,
0x3a, 0xee, 0x3f, 0x27, 0xd8, 0x77, 0xe8, 0xfb, 0x44, 0x48, 0x65, 0x27,
0x47, 0x4c, 0xfb, 0xfe, 0x72, 0xc3, 0xac, 0x05, 0x7b, 0x1d, 0xcb, 0xeb,
0x5e, 0x65, 0x9a, 0xab, 0x02, 0xe4, 0x88, 0x5b, 0x3b, 0x8b, 0x0b, 0xc7,
0xcc, 0xa9, 0xa6, 0x8b, 0xe1, 0x87, 0xb0, 0x19, 0x1a, 0x0c, 0x28, 0x58,
0x6f, 0x99, 0x52, 0x7e, 0xed, 0xb0, 0x3a, 0x68, 0x3b, 0x8c, 0x0a, 0x08,
0x74, 0x72, 0xab, 0xb9, 0x09, 0xc5, 0xed, 0x04, 0x7e, 0x6f, 0x0b, 0x1c,
0x09, 0x21, 0xd0, 0xcd, 0x7f, 0xf9, 0xc4, 0x5e, 0x27, 0x20, 0xe4, 0x85,
0x73, 0x52, 0x05, 0xd2, 0xba, 0xf8, 0xd5, 0x8f, 0x41, 0xcc, 0x23, 0x2e,
0x12, 0x6d, 0xbc, 0x31, 0x98, 0xe7, 0x63, 0xa3, 0x8e, 0x26, 0xcd, 0xe8,
0x2b, 0x88, 0xee, 0xe2, 0xfe, 0x3a, 0x74, 0x52, 0x34, 0x0e, 0xfd, 0x12,
0xe5, 0x5e, 0x69, 0x50, 0x20, 0x31, 0x34, 0xe4, 0x31, 0xf1, 0xe7, 0xe4,
0x5b, 0x03, 0x13, 0xda, 0xac, 0x41, 0x6c, 0xe7, 0xcf, 0x2b
};
const unsigned int server_cert_len = 1186;
const unsigned char server_key[] = {
0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
0xc0, 0x95, 0x08, 0xe1, 0x57, 0x41, 0xf2, 0x71, 0x6d, 0xb7, 0xd2, 0x45,
0x41, 0x27, 0x01, 0x65, 0xc6, 0x45, 0xae, 0xf2, 0xbc, 0x24, 0x30, 0xb8,
0x95, 0xce, 0x2f, 0x4e, 0xd6, 0xf6, 0x1c, 0x88, 0xbc, 0x7c, 0x9f, 0xfb,
0xa8, 0x67, 0x7f, 0xfe, 0x5c, 0x9c, 0x51, 0x75, 0xf7, 0x8a, 0xca, 0x07,
0xe7, 0x35, 0x2f, 0x8f, 0xe1, 0xbd, 0x7b, 0xc0, 0x2f, 0x7c, 0xab, 0x64,
0xa8, 0x17, 0xfc, 0xca, 0x5d, 0x7b, 0xba, 0xe0, 0x21, 0xe5, 0x72, 0x2e,
0x6f, 0x2e, 0x86, 0xd8, 0x95, 0x73, 0xda, 0xac, 0x1b, 0x53, 0xb9, 0x5f,
0x3f, 0xd7, 0x19, 0x0d, 0x25, 0x4f, 0xe1, 0x63, 0x63, 0x51, 0x8b, 0x0b,
0x64, 0x3f, 0xad, 0x43, 0xb8, 0xa5, 0x1c, 0x5c, 0x34, 0xb3, 0xae, 0x00,
0xa0, 0x63, 0xc5, 0xf6, 0x7f, 0x0b, 0x59, 0x68, 0x78, 0x73, 0xa6, 0x8c,
0x18, 0xa9, 0x02, 0x6d, 0xaf, 0xc3, 0x19, 0x01, 0x2e, 0xb8, 0x10, 0xe3,
0xc6, 0xcc, 0x40, 0xb4, 0x69, 0xa3, 0x46, 0x33, 0x69, 0x87, 0x6e, 0xc4,
0xbb, 0x17, 0xa6, 0xf3, 0xe8, 0xdd, 0xad, 0x73, 0xbc, 0x7b, 0x2f, 0x21,
0xb5, 0xfd, 0x66, 0x51, 0x0c, 0xbd, 0x54, 0xb3, 0xe1, 0x6d, 0x5f, 0x1c,
0xbc, 0x23, 0x73, 0xd1, 0x09, 0x03, 0x89, 0x14, 0xd2, 0x10, 0xb9, 0x64,
0xc3, 0x2a, 0xd0, 0xa1, 0x96, 0x4a, 0xbc, 0xe1, 0xd4, 0x1a, 0x5b, 0xc7,
0xa0, 0xc0, 0xc1, 0x63, 0x78, 0x0f, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80,
0x32, 0x23, 0x95, 0xa1, 0x77, 0xba, 0x13, 0xd2, 0x97, 0x73, 0xe2, 0x5d,
0x25, 0xc9, 0x6a, 0x0d, 0xc3, 0x39, 0x60, 0xa4, 0xb4, 0xb0, 0x69, 0x42,
0x42, 0x09, 0xe9, 0xd8, 0x08, 0xbc, 0x33, 0x20, 0xb3, 0x58, 0x22, 0xa7,
0xaa, 0xeb, 0xc4, 0xe1, 0xe6, 0x61, 0x83, 0xc5, 0xd2, 0x96, 0xdf, 0xd9,
0xd0, 0x4f, 0xad, 0xd7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
0x01, 0x00, 0x9a, 0xd0, 0x34, 0x0f, 0x52, 0x62, 0x05, 0x50, 0x01, 0xef,
0x9f, 0xed, 0x64, 0x6e, 0xc2, 0xc4, 0xda, 0x1a, 0xf2, 0x84, 0xd7, 0x92,
0x10, 0x48, 0x92, 0xc4, 0xe9, 0x6a, 0xeb, 0x8b, 0x75, 0x6c, 0xc6, 0x79,
0x38, 0xf2, 0xc9, 0x72, 0x4a, 0x86, 0x64, 0x54, 0x95, 0x77, 0xcb, 0xc3,
0x9a, 0x9d, 0xb7, 0xd4, 0x1d, 0xa4, 0x00, 0xc8, 0x9e, 0x4e, 0xe4, 0xdd,
0xc7, 0xba, 0x67, 0x16, 0xc1, 0x74, 0xbc, 0xa9, 0xd6, 0x94, 0x8f, 0x2b,
0x30, 0x1a, 0xfb, 0xed, 0xdf, 0x21, 0x05, 0x23, 0xd9, 0x4a, 0x39, 0xbd,
0x98, 0x6b, 0x65, 0x9a, 0xb8, 0xdc, 0xc4, 0x7d, 0xee, 0xa6, 0x43, 0x15,
0x2e, 0x3d, 0xbe, 0x1d, 0x22, 0x60, 0x2a, 0x73, 0x30, 0xd5, 0x3e, 0xd8,
0xa2, 0xac, 0x86, 0x43, 0x2e, 0xc4, 0xf5, 0x64, 0x5e, 0x3f, 0x89, 0x75,
0x0f, 0x11, 0xd8, 0x51, 0x25, 0x4e, 0x9f, 0xd8, 0xaa, 0xa3, 0xce, 0x60,
0xb3, 0xe2, 0x8a, 0xd9, 0x7e, 0x1b, 0xf0, 0x64, 0xca, 0x9a, 0x5b, 0x05,
0x0b, 0x5b, 0xaa, 0xcb, 0xe5, 0xe3, 0x3f, 0x6e, 0x32, 0x22, 0x05, 0xf3,
0xd0, 0xfa, 0xef, 0x74, 0x52, 0x81, 0xe2, 0x5f, 0x74, 0xd3, 0xbd, 0xff,
0x31, 0x83, 0x45, 0x75, 0xfa, 0x63, 0x7a, 0x97, 0x2e, 0xd6, 0xb6, 0x19,
0xc6, 0x92, 0x26, 0xe4, 0x28, 0x06, 0x50, 0x50, 0x0e, 0x78, 0x2e, 0xa9,
0x78, 0x0d, 0x14, 0x97, 0xb4, 0x12, 0xd8, 0x31, 0x40, 0xab, 0xa1, 0x01,
0x41, 0xc2, 0x30, 0xf8, 0x07, 0x5f, 0x16, 0xe4, 0x61, 0x77, 0xd2, 0x60,
0xf2, 0x9f, 0x8d, 0xe8, 0xf4, 0xba, 0xeb, 0x63, 0xde, 0x2a, 0x97, 0x81,
0xef, 0x4c, 0x6c, 0xe6, 0x55, 0x34, 0x51, 0x2b, 0x28, 0x34, 0xf4, 0x53,
0x1c, 0xc4, 0x58, 0x0a, 0x3f, 0xbb, 0xaf, 0xb5, 0xf7, 0x4a, 0x85, 0x43,
0x2d, 0x3c, 0xf1, 0x58, 0x58, 0x81, 0x02, 0x81, 0x81, 0x00, 0xf2, 0x2c,
0x54, 0x76, 0x39, 0x23, 0x63, 0xc9, 0x10, 0x32, 0xb7, 0x93, 0xad, 0xaf,
0xbe, 0x19, 0x75, 0x96, 0x81, 0x64, 0xe6, 0xb5, 0xb8, 0x89, 0x42, 0x41,
0xd1, 0x6d, 0xd0, 0x1c, 0x1b, 0xf8, 0x1b, 0xac, 0x69, 0xcb, 0x36, 0x3c,
0x64, 0x7d, 0xdc, 0xf4, 0x19, 0xb8, 0xc3, 0x60, 0xb1, 0x57, 0x48, 0x5f,
0x52, 0x4f, 0x59, 0x3a, 0x55, 0x7f, 0x32, 0xc0, 0x19, 0x43, 0x50, 0x3f,
0xae, 0xce, 0x6f, 0x17, 0xf3, 0x0e, 0x9f, 0x40, 0xca, 0x4e, 0xad, 0x15,
0x3b, 0xc9, 0x79, 0xe9, 0xc0, 0x59, 0x38, 0x73, 0x70, 0x9c, 0x0a, 0x7c,
0xc9, 0x3a, 0x48, 0x32, 0xa7, 0xd8, 0x49, 0x75, 0x0a, 0x85, 0xc2, 0xc2,
0xfd, 0x15, 0x73, 0xda, 0x99, 0x09, 0x2a, 0x69, 0x9a, 0x9f, 0x0a, 0x71,
0xbf, 0xb0, 0x04, 0xa6, 0x8c, 0x7a, 0x5a, 0x6f, 0x48, 0x5a, 0x54, 0x3b,
0xc6, 0xb1, 0x53, 0x17, 0xdf, 0xe7, 0x02, 0x81, 0x81, 0x00, 0xcb, 0x93,
0xde, 0x77, 0x15, 0x5d, 0xb7, 0x5c, 0x5c, 0x7c, 0xd8, 0x90, 0xa9, 0x98,
0x2d, 0xd6, 0x69, 0x0e, 0x63, 0xb3, 0xa3, 0xdc, 0xa6, 0xcc, 0x8b, 0x6a,
0xa4, 0xa2, 0x12, 0x8c, 0x8e, 0x7b, 0x48, 0x2c, 0xb2, 0x4b, 0x37, 0xdc,
0x06, 0x18, 0x7d, 0xea, 0xfe, 0x76, 0xa1, 0xd4, 0xa1, 0xe9, 0x3f, 0x0d,
0xcd, 0x1b, 0x5f, 0xaf, 0x5f, 0x9e, 0x96, 0x5b, 0x5b, 0x0f, 0xa1, 0x7c,
0xaf, 0xb3, 0x9b, 0x90, 0xdb, 0x57, 0x73, 0x3a, 0xed, 0xb0, 0x23, 0x44,
0xae, 0x41, 0x4f, 0x1f, 0x07, 0x42, 0x13, 0x23, 0x4c, 0xcb, 0xfa, 0xf4,
0x14, 0xa4, 0xd5, 0xf7, 0x9e, 0x36, 0x7c, 0x5b, 0x9f, 0xa8, 0x3c, 0xc1,
0x85, 0x5f, 0x74, 0xd2, 0x39, 0x2d, 0xff, 0xd0, 0x84, 0xdf, 0xfb, 0xb3,
0x20, 0x7a, 0x2e, 0x9b, 0x17, 0xae, 0xe6, 0xba, 0x0b, 0xae, 0x5f, 0x53,
0xa4, 0x52, 0xed, 0x1b, 0xc4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xec, 0x98,
0xda, 0xbb, 0xd5, 0xfe, 0xf9, 0x52, 0x4a, 0x7d, 0x02, 0x55, 0x49, 0x6f,
0x55, 0x6e, 0x52, 0x2f, 0x84, 0xa3, 0x2b, 0xb3, 0x86, 0x62, 0xb3, 0x54,
0xd2, 0x63, 0x52, 0xda, 0xe3, 0x88, 0x76, 0xa0, 0xef, 0x8b, 0x15, 0xa5,
0xd3, 0x18, 0x14, 0x72, 0x77, 0x5e, 0xc7, 0xa3, 0x04, 0x1f, 0x9e, 0x19,
0x62, 0xb5, 0x1b, 0x1b, 0x9e, 0xc3, 0xf2, 0xb5, 0x32, 0xf9, 0x4c, 0xc1,
0xaa, 0xeb, 0x0c, 0x26, 0x7d, 0xd4, 0x5f, 0x4a, 0x51, 0x5c, 0xa4, 0x45,
0x06, 0x70, 0x44, 0xa7, 0x56, 0xc0, 0xd4, 0x22, 0x14, 0x76, 0x9e, 0xd8,
0x63, 0x50, 0x89, 0x90, 0xd3, 0xe2, 0xbf, 0x81, 0x95, 0x92, 0x31, 0x41,
0x87, 0x39, 0x1a, 0x43, 0x0b, 0x18, 0xa5, 0x53, 0x1f, 0x39, 0x1a, 0x5f,
0x1f, 0x43, 0xbc, 0x87, 0x6a, 0xdf, 0x6e, 0xd3, 0x22, 0x00, 0xfe, 0x22,
0x98, 0x70, 0x4e, 0x1a, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8a, 0x41,
0x56, 0x28, 0x51, 0x9e, 0x5f, 0xd4, 0x9e, 0x0b, 0x3b, 0x98, 0xa3, 0x54,
0xf2, 0x6c, 0x56, 0xd4, 0xaa, 0xe9, 0x69, 0x33, 0x85, 0x24, 0x0c, 0xda,
0xd4, 0x0c, 0x2d, 0xc4, 0xbf, 0x4f, 0x02, 0x69, 0x38, 0x7c, 0xd4, 0xe6,
0xdc, 0x4c, 0xed, 0xd7, 0x16, 0x11, 0xc3, 0x3e, 0x00, 0xe7, 0xc3, 0x26,
0xc0, 0x51, 0x02, 0xde, 0xbb, 0x75, 0x9c, 0x6f, 0x56, 0x9c, 0x7a, 0xf3,
0x8e, 0xef, 0xcf, 0x8a, 0xc5, 0x2b, 0xd2, 0xda, 0x06, 0x6a, 0x44, 0xc9,
0x73, 0xfe, 0x6e, 0x99, 0x87, 0xf8, 0x5b, 0xbe, 0xf1, 0x7c, 0xe6, 0x65,
0xb5, 0x4f, 0x6c, 0xf0, 0xc9, 0xc5, 0xff, 0x16, 0xca, 0x8b, 0x1b, 0x17,
0xe2, 0x58, 0x3d, 0xa2, 0x37, 0xab, 0x01, 0xbc, 0xbf, 0x40, 0xce, 0x53,
0x8c, 0x8e, 0xed, 0xef, 0xee, 0x59, 0x9d, 0xe0, 0x63, 0xe6, 0x7c, 0x5e,
0xf5, 0x8e, 0x4b, 0xf1, 0x3b, 0xc1, 0x02, 0x81, 0x80, 0x4d, 0x45, 0xf9,
0x40, 0x8c, 0xc5, 0x5b, 0xf4, 0x2a, 0x1a, 0x8a, 0xb4, 0xf2, 0x1c, 0xac,
0x6b, 0xe9, 0x0c, 0x56, 0x36, 0xb7, 0x4e, 0x72, 0x96, 0xd5, 0xe5, 0x8a,
0xd2, 0xe2, 0xff, 0xf1, 0xf1, 0x18, 0x13, 0x3d, 0x86, 0x09, 0xb8, 0xd8,
0x76, 0xa7, 0xc9, 0x1c, 0x71, 0x52, 0x94, 0x30, 0x43, 0xe0, 0xf1, 0x78,
0x74, 0xfd, 0x61, 0x1b, 0x4c, 0x09, 0xcc, 0xe6, 0x68, 0x2a, 0x71, 0xad,
0x1c, 0xdf, 0x43, 0xbc, 0x56, 0xdb, 0xa5, 0xa4, 0xbe, 0x35, 0x70, 0xa4,
0x5e, 0xcf, 0x4f, 0xfc, 0x00, 0x55, 0x99, 0x3a, 0x3d, 0x23, 0xcf, 0x67,
0x5a, 0xf5, 0x22, 0xf8, 0xb5, 0x29, 0xd0, 0x44, 0x11, 0xeb, 0x35, 0x2e,
0x46, 0xbe, 0xfd, 0x8e, 0x18, 0xb2, 0x5f, 0xa8, 0xbf, 0x19, 0x32, 0xa1,
0xf5, 0xdc, 0x03, 0xe6, 0x7c, 0x9a, 0x1f, 0x0c, 0x7c, 0xa9, 0xb0, 0x0e,
0x21, 0x37, 0x3b, 0xf1, 0xb0
};
const unsigned int server_key_len = 1193;
#endif
#ifdef MODULE_WOLFSSL_PSK
const unsigned char server_key[1] = { 0 };
const unsigned int server_key_len = 0;
#endif

151
examples/dtls-wolfssl/dtls-client.c
View File

@ -1,36 +1,24 @@
/*
* Copyright (C) 2015 Freie Universität Berlin
* Copyright (C) 2018 Inria
* Copyright (C) 2019 Daniele Lacamera
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/*
* **** This file incorporates work covered by the following copyright and ****
* **** permission notice: ****
/**
* @ingroup examples
* @{
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
* @file
* @brief Demonstrating DTLS 1.2 client using wolfSSL
*
* @author Daniele Lacamera <daniele@wolfssl.com>
* @}
*/
#include <wolfssl/ssl.h>
#include <wolfssl/error-ssl.h>
#include <sock_tls.h>
#include <net/sock.h>
@ -38,24 +26,81 @@
#include <stdlib.h>
#include <string.h>
#define SERVER_PORT 11111
#include "log.h"
extern const unsigned char server_cert[788];
#define SERVER_PORT 11111
#define APP_DTLS_BUF_SIZE 64
extern const unsigned char server_cert[];
extern const unsigned long server_cert_len;
static sock_tls_t skv;
static sock_tls_t *sk = &skv;
static void usage(const char *cmd_name)
{
LOG(LOG_ERROR, "Usage: %s <server-address>\n", cmd_name);
}
#ifdef MODULE_WOLFSSL_PSK
/* identity is OpenSSL testing default for openssl s_client, keep same */
static const char* kIdentityStr = "Client_identity";
static inline unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len)
{
(void)ssl;
(void)hint;
(void)key_max_len;
/* see internal.h MAX_PSK_ID_LEN for PSK identity limit */
strncpy(identity, kIdentityStr, id_max_len);
if (wolfSSL_GetVersion(ssl) < WOLFSSL_TLSV1_3) {
/* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
unsigned binary */
key[0] = 0x1a;
key[1] = 0x2b;
key[2] = 0x3c;
key[3] = 0x4d;
return 4; /* length of key in octets or 0 for error */
}
else {
int i;
int b = 0x01;
for (i = 0; i < 32; i++, b += 0x22) {
if (b >= 0x100)
b = 0x01;
key[i] = b;
}
return 32; /* length of key in octets or 0 for error */
}
}
#endif
int dtls_client(int argc, char **argv)
{
int ret = 0;
char buf[64] = "Hello from DTLS client!";
char buf[APP_DTLS_BUF_SIZE] = "Hello from DTLS client!";
int iface;
char *addr_str = argv[1];
char *addr_str;
int connect_timeout = 0;
const int max_connect_timeouts = 5;
if (argc != 2) {
usage(argv[0]);
return -1;
}
addr_str = argv[1];
sock_udp_ep_t local = SOCK_IPV6_EP_ANY;
sock_udp_ep_t remote = SOCK_IPV6_EP_ANY;
/* Parsing <address>[:<iface>]:Port */
/* Parsing <address> */
iface = ipv6_addr_split_iface(addr_str);
if (iface == -1) {
if (gnrc_netif_numof() == 1) {
@ -65,25 +110,24 @@ int dtls_client(int argc, char **argv)
}
else {
if (gnrc_netif_get_by_pid(iface) == NULL) {
puts("ERROR: interface not valid");
LOG(LOG_ERROR, "ERROR: interface not valid");
usage(argv[0]);
return -1;
}
remote.netif = (uint16_t)gnrc_netif_iter(NULL)->pid;
}
if (ipv6_addr_from_str((ipv6_addr_t *)remote.addr.ipv6, addr_str) == NULL) {
puts("ERROR: unable to parse destination address");
return -1;
}
if (argc != 2) {
printf("Usage: %s <server-address>\n", argv[0]);
LOG(LOG_ERROR, "ERROR: unable to parse destination address");
usage(argv[0]);
return -1;
}
remote.port = SERVER_PORT;
if (sock_dtls_create(sk, &local, &remote, 0, wolfDTLSv1_2_client_method()) != 0) {
puts("ERROR: Unable to create DTLS sock");
LOG(LOG_ERROR, "ERROR: Unable to create DTLS sock");
return -1;
}
#ifndef MODULE_WOLFSSL_PSK
/* Disable certificate validation from the client side */
wolfSSL_CTX_set_verify(sk->ctx, SSL_VERIFY_NONE, 0);
@ -91,18 +135,37 @@ int dtls_client(int argc, char **argv)
if (wolfSSL_CTX_use_certificate_buffer(sk->ctx, server_cert,
server_cert_len, SSL_FILETYPE_ASN1 ) != SSL_SUCCESS)
{
printf("Error loading cert buffer\n");
LOG(LOG_ERROR, "Error loading cert buffer\n");
return -1;
}
#else /* !def MODULE_WOLFSSL_PSK */
wolfSSL_CTX_set_psk_client_callback(sk->ctx, my_psk_client_cb);
#endif
if (sock_dtls_session_create(sk) < 0)
return -1;
wolfSSL_dtls_set_timeout_init(sk->ssl, 5);
LOG(LOG_INFO, "connecting to server...");
/* attempt to connect until the connection is successful */
do {
printf("connecting to server...\n");
if (sock_dtls_session_create(sk) < 0)
return -1;
ret = wolfSSL_connect(sk->ssl);
if (ret != SSL_SUCCESS) {
sock_dtls_session_destroy(sk);
if ((ret != SSL_SUCCESS)) {
if(wolfSSL_get_error(sk->ssl, ret) == SOCKET_ERROR_E) {
LOG(LOG_WARNING, "Socket error: reconnecting...\n");
sock_dtls_session_destroy(sk);
connect_timeout = 0;
if (sock_dtls_session_create(sk) < 0)
return -1;
}
if ((wolfSSL_get_error(sk->ssl, ret) == WOLFSSL_ERROR_WANT_READ) &&
(connect_timeout++ >= max_connect_timeouts)) {
LOG(LOG_WARNING, "Server not responding: reconnecting...\n");
sock_dtls_session_destroy(sk);
connect_timeout = 0;
if (sock_dtls_session_create(sk) < 0)
return -1;
}
}
} while(ret != SSL_SUCCESS);
@ -114,14 +177,14 @@ int dtls_client(int argc, char **argv)
/* wait for a reply, indefinitely */
do {
ret = wolfSSL_read(sk->ssl, buf, 63);
printf("wolfSSL_read returned %d\r\n", ret);
ret = wolfSSL_read(sk->ssl, buf, APP_DTLS_BUF_SIZE - 1);
LOG(LOG_INFO, "wolfSSL_read returned %d\r\n", ret);
} while (ret <= 0);
buf[ret] = (char)0;
printf("Received: '%s'\r\n", buf);
LOG(LOG_INFO, "Received: '%s'\r\n", buf);
/* Clean up and exit. */
printf("Closing connection.\r\n");
LOG(LOG_INFO, "Closing connection.\r\n");
sock_dtls_session_destroy(sk);
sock_dtls_close(sk);
return 0;

109
examples/dtls-wolfssl/dtls-server.c
View File

@ -1,41 +1,17 @@
/*
* Copyright (C) 2015 Freie Universität Berlin
* Copyright (C) 2018 Inria
* Copyright (C) 2019 Daniele Lacamera
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/*
* **** This file incorporates work covered by the following copyright and ****
* **** permission notice: ****
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief Demonstrating DTLS 1.2 client using wolfSSL
* @brief Demonstrating DTLS 1.2 server using wolfSSL
*
* @author Daniele Lacamera <daniele@wolfssl.com>
* @}
@ -44,7 +20,6 @@
#include <wolfssl/ssl.h>
#include <sock_tls.h>
#include <stdio.h>
#include <inttypes.h>
#include <net/sock/udp.h>
@ -53,10 +28,12 @@
#include <stdlib.h>
#include <string.h>
#include "log.h"
#define SERVER_PORT 11111
#define DEBUG 1
extern const unsigned char server_cert[788];
extern const unsigned char server_key[121];
extern const unsigned char server_cert[];
extern const unsigned char server_key[];
extern unsigned int server_cert_len;
extern unsigned int server_key_len;
@ -65,9 +42,50 @@ static sock_tls_t *sk = &skv;
static const char Test_dtls_string[] = "DTLS OK!";
#ifdef MODULE_WOLFSSL_PSK
/* identity is OpenSSL testing default for openssl s_client, keep same */
static const char* kIdentityStr = "Client_identity";
static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
unsigned char* key, unsigned int key_max_len)
{
(void)ssl;
(void)key_max_len;
/* see internal.h MAX_PSK_ID_LEN for PSK identity limit */
if (strncmp(identity, kIdentityStr, strlen(kIdentityStr)) != 0)
return 0;
if (wolfSSL_GetVersion(ssl) < WOLFSSL_TLSV1_3) {
/* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
unsigned binary */
key[0] = 0x1a;
key[1] = 0x2b;
key[2] = 0x3c;
key[3] = 0x4d;
return 4; /* length of key in octets or 0 for error */
}
else {
int i;
int b = 0x01;
for (i = 0; i < 32; i++, b += 0x22) {
if (b >= 0x100)
b = 0x01;
key[i] = b;
}
return 32; /* length of key in octets or 0 for error */
}
}
#endif /* MODULE_WOLFSSL_PSK */
#define APP_DTLS_BUF_SIZE 64
int dtls_server(int argc, char **argv)
{
char buf[64];
char buf[APP_DTLS_BUF_SIZE];
int ret;
sock_udp_ep_t local = SOCK_IPV6_EP_ANY;
local.port = SERVER_PORT;
@ -76,15 +94,16 @@ int dtls_server(int argc, char **argv)
(void)argv;
if (sock_dtls_create(sk, &local, NULL, 0, wolfDTLSv1_2_server_method()) != 0) {
printf("ERROR: Unable to create DTLS sock\r\n");
LOG(LOG_ERROR, "ERROR: Unable to create DTLS sock\r\n");
return -1;
}
#ifndef MODULE_WOLFSSL_PSK
/* Load certificate file for the DTLS server */
if (wolfSSL_CTX_use_certificate_buffer(sk->ctx, server_cert,
server_cert_len, SSL_FILETYPE_ASN1 ) != SSL_SUCCESS)
{
printf("Failed to load certificate from memory.\r\n");
LOG(LOG_ERROR, "Failed to load certificate from memory.\r\n");
return -1;
}
@ -92,41 +111,49 @@ int dtls_server(int argc, char **argv)
if (wolfSSL_CTX_use_PrivateKey_buffer(sk->ctx, server_key,
server_key_len, SSL_FILETYPE_ASN1 ) != SSL_SUCCESS)
{
printf("Failed to load private key from memory.\r\n");
LOG(LOG_ERROR, "Failed to load private key from memory.\r\n");
return -1;
}
#else
wolfSSL_CTX_set_psk_server_callback(sk->ctx, my_psk_server_cb);
wolfSSL_CTX_use_psk_identity_hint(sk->ctx, "hint");
#endif /* MODULE_WOLFSSL_PSK */
/* Create the DTLS session */
ret = sock_dtls_session_create(sk);
if (ret < 0)
{
printf("Failed to create DTLS session (err: %s)\r\n", strerror(-ret));
LOG(LOG_ERROR, "Failed to create DTLS session (err: %s)\r\n", strerror(-ret));
return -1;
}
printf("Listening on %d\n", SERVER_PORT);
LOG(LOG_INFO, "Listening on %d\n", SERVER_PORT);
while(1) {
/* Wait until a new client connects */
ret = wolfSSL_accept(sk->ssl);
if (ret != SSL_SUCCESS) {
if (wolfSSL_get_error(sk->ssl, ret) != WOLFSSL_ERROR_WANT_READ) {
sock_dtls_session_destroy(sk);
if (sock_dtls_session_create(sk) < 0)
return -1;
}
continue;
}
/* Wait until data is received */
printf("Connection accepted\r\n");
ret = wolfSSL_read(sk->ssl, buf, 64);
LOG(LOG_INFO, "Connection accepted\r\n");
ret = wolfSSL_read(sk->ssl, buf, APP_DTLS_BUF_SIZE);
if (ret > 0) {
buf[ret] = (char)0;
printf("Received '%s'\r\n", buf);
LOG(LOG_INFO, "Received '%s'\r\n", buf);
}
/* Send reply */
printf("Sending 'DTLS OK'...\r\n");
LOG(LOG_INFO, "Sending 'DTLS OK'...\r\n");
wolfSSL_write(sk->ssl, Test_dtls_string, sizeof(Test_dtls_string));
/* Cleanup/shutdown */
printf("Closing connection.\r\n");
LOG(LOG_INFO, "Closing connection.\r\n");
sock_dtls_session_destroy(sk);
sock_dtls_close(sk);
break;

10
examples/dtls-wolfssl/main.c
View File

@ -1,6 +1,6 @@
/*
* Copyright (C) 2015 Freie Universität Berlin
* Copyright (C) 2018 Inria
* Copyright (C) 2019 Daniele Lacamera
*
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
@ -20,11 +20,11 @@
* @}
*/
#include <stdio.h>
#include <wolfssl/ssl.h>
#include "shell.h"
#include "msg.h"
#include "log.h"
#ifdef WITH_RIOT_SOCKETS
@ -62,12 +62,12 @@ int main(void)
/* we need a message queue for the thread running the shell in order to
* receive potentially fast incoming networking packets */
msg_init_queue(_main_msg_queue, MAIN_QUEUE_SIZE);
puts("RIOT wolfSSL DTLS testing implementation");
LOG(LOG_INFO, "RIOT wolfSSL DTLS testing implementation");
wolfSSL_Init();
wolfSSL_Debugging_ON();
/* start shell */
puts("All up, running the shell now");
LOG(LOG_INFO, "All up, running the shell now");
char line_buf[SHELL_DEFAULT_BUFSIZE];
shell_run(shell_commands, line_buf, SHELL_DEFAULT_BUFSIZE);

55
examples/wolfssl_client/Makefile
View File

@ -1,55 +0,0 @@
APPLICATION = wolf_client
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
# If no BOARD is found in the environment, use this default:
BOARD ?= native
# lwIP's memory management doesn't seem to work on non 32-bit platforms at the
# moment.
BOARD_BLACKLIST := arduino-uno arduino-duemilanove arduino-mega2560 chronos \
msb-430 msb-430h telosb waspmote-pro wsn430-v1_3b \
wsn430-v1_4 z1 jiminy-mega256rfr2 mega-xplained
BOARD_INSUFFICIENT_MEMORY = nucleo-f031k6 nucleo-f042k6 nucleo-l031k6 nucleo-f030r8 \
nucleo-f303k8 nucleo-f334r8 nucleo-l053r8 \
stm32f0discovery
LWIP_IPV4 ?= 1
ifneq (0, $(LWIP_IPV4))
USEMODULE += ipv4_addr
USEMODULE += lwip_arp
USEMODULE += lwip_ipv4
CFLAGS += -DETHARP_SUPPORT_STATIC_ENTRIES=1
LWIP_IPV6 ?= 0
else
LWIP_IPV6 ?= 1
endif
ifneq (0, $(LWIP_IPV6))
USEMODULE += ipv6_addr
USEMODULE += lwip_ipv6_autoconfig
endif
USEMODULE += inet_csum
USEMODULE += lwip_netdev
USEMODULE += lwip_sock_tcp
USEMODULE += netdev_eth
USEMODULE += netdev_test
USEMODULE += ps
#CFLAGS += ??
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
# May need these for seeding wolfCrypt DRBG
#USEMODULE += random
#USEMODULE += prng_minstd
USEPKG += wolfssl
USEMODULE += wolfssl_socket wolfcrypt_rsa wolfcrypt_dh
include $(RIOTBASE)/Makefile.include

4
examples/wolfssl_client/README.md
View File

@ -1,4 +0,0 @@
# wolfSSL on RIOT
This application demonstrates an SSL/TLS client
from [wolfSSL Inc](https://www.wolfssl.com) on RIOT.

43
examples/wolfssl_client/application_user_settings.h
View File

@ -1,43 +0,0 @@
/*
* example
*/
#ifndef APPLICATION_USER_SETTINGS_H
#define APPLICATION_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
#undef WOLFSSL_RIOT_OS
#define WOLFSSL_RIOT_OS
#undef NO_MAIN_DRIVER
#define NO_MAIN_DRIVER
#undef HAVE_ECC
#define HAVE_ECC
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
#undef SINGLE_THREADED
#define SINGLE_THREADED
#undef NO_FILESYSTEM
#define NO_FILESYSTEM
#undef USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
#ifdef __cplusplus
}
#endif
#endif /* APPLICATION_USER_SETTINGS_H */

87
examples/wolfssl_client/certs/ca-cert.pem
View File

@ -1,87 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b7:b6:90:33:66:1b:6b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Aug 11 20:07:37 2016 GMT
Not After : May 8 20:07:37 2019 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:B7:B6:90:33:66:1B:6B:23
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
0e:93:48:44:4a:72:96:60:71:25:82:a9:2c:ca:60:5b:f2:88:
3e:cf:11:74:5a:11:4a:dc:d9:d8:f6:58:2c:05:d3:56:d9:e9:
8f:37:ef:8e:3e:3b:ff:22:36:00:ca:d8:e2:96:3f:a7:d1:ed:
1f:de:7a:b0:d7:8f:36:bd:41:55:1e:d4:b9:86:3b:87:25:69:
35:60:48:d6:e4:5a:94:ce:a2:fa:70:38:36:c4:85:b4:4b:23:
fe:71:9e:2f:db:06:c7:b5:9c:21:f0:3e:7c:eb:91:f8:5c:09:
fd:84:43:a4:b3:4e:04:0c:22:31:71:6a:48:c8:ab:bb:e8:ce:
fa:67:15:1a:3a:82:98:43:33:b5:0e:1f:1e:89:f8:37:de:1b:
e6:b5:a0:f4:a2:8b:b7:1c:90:ba:98:6d:94:21:08:80:5d:f3:
bf:66:ad:c9:72:28:7a:6a:48:ee:cf:63:69:31:8c:c5:8e:66:
da:4b:78:65:e8:03:3a:4b:f8:cc:42:54:d3:52:5c:2d:04:ae:
26:87:e1:7e:40:cb:45:41:16:4b:6e:a3:2e:4a:76:bd:29:7f:
1c:53:37:06:ad:e9:5b:6a:d6:b7:4e:94:a2:7c:e8:ac:4e:a6:
50:3e:2b:32:9e:68:42:1b:e4:59:67:61:ea:c7:9a:51:9c:1c:
55:a3:77:76
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJALe2kDNmG2sjMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNjA4MTEyMDA3MzdaFw0xOTA1MDgyMDA3MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAt7aQM2YbayMwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEADpNIREpylmBxJYKpLMpgW/KI
Ps8RdFoRStzZ2PZYLAXTVtnpjzfvjj47/yI2AMrY4pY/p9HtH956sNePNr1BVR7U
uYY7hyVpNWBI1uRalM6i+nA4NsSFtEsj/nGeL9sGx7WcIfA+fOuR+FwJ/YRDpLNO
BAwiMXFqSMiru+jO+mcVGjqCmEMztQ4fHon4N94b5rWg9KKLtxyQuphtlCEIgF3z
v2atyXIoempI7s9jaTGMxY5m2kt4ZegDOkv4zEJU01JcLQSuJofhfkDLRUEWS26j
Lkp2vSl/HFM3Bq3pW2rWt06UonzorE6mUD4rMp5oQhvkWWdh6seaUZwcVaN3dg==
-----END CERTIFICATE-----

158
examples/wolfssl_client/main.c
View File

@ -1,158 +0,0 @@
/*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief wolfSSL client example
*
* @author Kaleb J. Himes <kaleb@wolfssl.com>
*
* @}
*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
/* socket includes */
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
/* wolfSSL */
#include <wolfssl/ssl.h>
#include <wolfssl/certs_test.h>
#define DEFAULT_PORT 11111
int main(void)
{
int sockfd;
struct sockaddr_in servAddr;
char buff[22] = "Hello wolfSSL Server!\0";
char server_ip[10] = "127.0.0.1\0";
size_t len;
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
/*----------------------------------------------------------------------------*/
/* TLS Setup:
* This section will need resolved on a per-device basis depending on the
* available TCP/IP stack
*/
/*----------------------------------------------------------------------------*/
/* Create a socket that uses an internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol. */
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
fprintf(stderr, "ERROR: failed to create the socket\n");
exit(-1);
}
/* Initialize the server address struct with zeros */
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
/* Get the server IPv4 address from the command line call */
if (inet_pton(AF_INET, server_ip, &servAddr.sin_addr) != 1) {
fprintf(stderr, "ERROR: invalid address\n");
exit(-1);
}
/* Connect to the server */
if (connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr)) == -1) {
fprintf(stderr, "ERROR: failed to connect\n");
exit(-1);
}
/*----------------------------------------------------------------------------*/
/* END TCP SETUP, BEGIN TLS */
/*----------------------------------------------------------------------------*/
/* Initialize wolfSSL */
wolfSSL_Init();
/* Create and initialize WOLFSSL_CTX */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
exit(-1);
}
/* Load client certificates into WOLFSSL_CTX */
if (wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048,
SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load ca buffer\n");
exit(-1);
}
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
exit(-1);
}
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, sockfd);
/* Connect to wolfSSL on the server side */
if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to connect to wolfSSL\n");
exit(-1);
}
/* Get a message for the server from stdin */
printf("Message for server: %s\n", buff);
len = strnlen(buff, sizeof(buff));
/* Send the message to the server */
if (wolfSSL_write(ssl, buff, len) != (int) len) {
fprintf(stderr, "ERROR: failed to write\n");
exit(-1);
}
/* Read the server data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
fprintf(stderr, "ERROR: failed to read\n");
exit(-1);
}
/* Print to stdout any data the server sends */
printf("Server sent a reply!\n");
printf("Server Response was: %s\n", buff);
/* Cleanup and exit */
wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the connection to the server */
exit(0); /* Return reporting a success */
}

57
examples/wolfssl_server/Makefile
View File

@ -1,57 +0,0 @@
APPLICATION = wolf_server
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
# If no BOARD is found in the environment, use this default:
BOARD ?= native
# lwIP's memory management doesn't seem to work on non 32-bit platforms at the
# moment.
BOARD_BLACKLIST := arduino-uno arduino-duemilanove arduino-mega2560 chronos \
msb-430 msb-430h telosb waspmote-pro wsn430-v1_3b \
wsn430-v1_4 z1 jiminy-mega256rfr2 mega-xplained
BOARD_INSUFFICIENT_MEMORY = nucleo-f031k6 nucleo-f042k6 nucleo-l031k6 nucleo-f030r8 \
nucleo-f303k8 nucleo-f334r8 nucleo-l053r8 \
stm32f0discovery
LWIP_IPV4 ?= 1
ifneq (0, $(LWIP_IPV4))
USEMODULE += ipv4_addr
USEMODULE += lwip_arp
USEMODULE += lwip_ipv4
CFLAGS += -DETHARP_SUPPORT_STATIC_ENTRIES=1
LWIP_IPV6 ?= 0
else
LWIP_IPV6 ?= 1
endif
ifneq (0, $(LWIP_IPV6))
USEMODULE += ipv6_addr
USEMODULE += lwip_ipv6_autoconfig
endif
USEMODULE += inet_csum
USEMODULE += lwip_netdev
USEMODULE += lwip_sock_tcp
USEMODULE += netdev_eth
USEMODULE += netdev_test
USEMODULE += ps
#DISABLE_MODULE += auto_init
#CFLAGS += ??
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
# May need these for seeding wolfCrypt DRBG
#USEMODULE += random
#USEMODULE += prng_minstd
USEPKG += wolfssl
USEMODULE += wolfssl_socket wolfcrypt_rsa wolfcrypt_dh
include $(RIOTBASE)/Makefile.include

4
examples/wolfssl_server/README.md
View File

@ -1,4 +0,0 @@
# wolfSSL on RIOT
This application demonstrates an SSL/TLS server
from [wolfSSL Inc](https://www.wolfssl.com) on RIOT.

41
examples/wolfssl_server/application_user_settings.h
View File

@ -1,41 +0,0 @@
/*
* example
*/
#ifndef APPLICATION_USER_SETTINGS_H
#define APPLICATION_USER_SETTINGS_H
#ifdef __cplusplus
extern "C" {
#endif
#undef WOLFSSL_RIOT_OS
#define WOLFSSL_RIOT_OS
#undef NO_MAIN_DRIVER
#define NO_MAIN_DRIVER
#undef HAVE_ECC
#define HAVE_ECC
#undef TFM_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#undef ECC_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#undef WC_RSA_BLINDING
#define WC_RSA_BLINDING
#undef NO_FILESYSTEM
#define NO_FILESYSTEM
#undef SINGLE_THREADED
#define SINGLE_THREADED
#undef USE_CERT_BUFFER_2048
#define USE_CERT_BUFFERS_2048
#ifdef __cplusplus
}
#endif
#endif /* APPLICATION_USER_SETTINGS_H */

173
examples/wolfssl_server/certs/server-cert.pem
View File

@ -1,173 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Aug 11 20:07:37 2016 GMT
Not After : May 8 20:07:37 2019 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:B7:B6:90:33:66:1B:6B:23
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
51:fe:2a:df:07:7e:43:ca:66:8d:15:c4:2b:db:57:b2:06:6d:
0d:90:66:ff:a5:24:9c:14:ef:81:f2:a4:ab:99:a9:6a:49:20:
a5:d2:71:e7:1c:3c:99:07:c7:47:fc:e8:96:b4:f5:42:30:ce:
39:01:4b:d1:c2:e8:bc:95:84:87:ce:55:5d:97:9f:cf:78:f3:
56:9b:a5:08:6d:ac:f6:a5:5c:c4:ef:3e:2a:39:a6:48:26:29:
7b:2d:e0:cd:a6:8c:57:48:0b:bb:31:32:c2:bf:d9:43:4c:47:
25:18:81:a8:c9:33:82:41:9b:ba:61:86:d7:84:93:17:24:25:
36:ca:4d:63:6b:4f:95:79:d8:60:e0:1e:f5:ac:c1:8a:a1:b1:
7e:85:8e:87:20:2f:08:31:ad:5e:c6:4a:c8:61:f4:9e:07:1e:
a2:22:ed:73:7c:85:ee:fa:62:dc:50:36:aa:fd:c7:9d:aa:18:
04:fb:ea:cc:2c:68:9b:b3:a9:c2:96:d8:c1:cc:5a:7e:f7:0d:
9e:08:e0:9d:29:8b:84:46:8f:d3:91:6a:b5:b8:7a:5c:cc:4f:
55:01:b8:9a:48:a0:94:43:ca:25:47:52:0a:f7:f4:be:b0:d1:
71:6d:a5:52:4a:65:50:b2:ad:4e:1d:e0:6c:01:d8:fb:43:80:
e6:e4:0c:37
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTYwODEx
MjAwNzM3WhcNMTkwNTA4MjAwNzM3WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn
f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X
GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM
QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq
0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ
6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU
sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj
s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h
MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK
Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tggkAt7aQM2YbayMwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQsFAAOCAQEAUf4q3wd+Q8pmjRXEK9tXsgZtDZBm/6UknBTvgfKk
q5mpakkgpdJx5xw8mQfHR/zolrT1QjDOOQFL0cLovJWEh85VXZefz3jzVpulCG2s
9qVcxO8+KjmmSCYpey3gzaaMV0gLuzEywr/ZQ0xHJRiBqMkzgkGbumGG14STFyQl
NspNY2tPlXnYYOAe9azBiqGxfoWOhyAvCDGtXsZKyGH0ngceoiLtc3yF7vpi3FA2
qv3HnaoYBPvqzCxom7OpwpbYwcxafvcNngjgnSmLhEaP05Fqtbh6XMxPVQG4mkig
lEPKJUdSCvf0vrDRcW2lUkplULKtTh3gbAHY+0OA5uQMNw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b7:b6:90:33:66:1b:6b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Aug 11 20:07:37 2016 GMT
Not After : May 8 20:07:37 2019 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:B7:B6:90:33:66:1B:6B:23
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
0e:93:48:44:4a:72:96:60:71:25:82:a9:2c:ca:60:5b:f2:88:
3e:cf:11:74:5a:11:4a:dc:d9:d8:f6:58:2c:05:d3:56:d9:e9:
8f:37:ef:8e:3e:3b:ff:22:36:00:ca:d8:e2:96:3f:a7:d1:ed:
1f:de:7a:b0:d7:8f:36:bd:41:55:1e:d4:b9:86:3b:87:25:69:
35:60:48:d6:e4:5a:94:ce:a2:fa:70:38:36:c4:85:b4:4b:23:
fe:71:9e:2f:db:06:c7:b5:9c:21:f0:3e:7c:eb:91:f8:5c:09:
fd:84:43:a4:b3:4e:04:0c:22:31:71:6a:48:c8:ab:bb:e8:ce:
fa:67:15:1a:3a:82:98:43:33:b5:0e:1f:1e:89:f8:37:de:1b:
e6:b5:a0:f4:a2:8b:b7:1c:90:ba:98:6d:94:21:08:80:5d:f3:
bf:66:ad:c9:72:28:7a:6a:48:ee:cf:63:69:31:8c:c5:8e:66:
da:4b:78:65:e8:03:3a:4b:f8:cc:42:54:d3:52:5c:2d:04:ae:
26:87:e1:7e:40:cb:45:41:16:4b:6e:a3:2e:4a:76:bd:29:7f:
1c:53:37:06:ad:e9:5b:6a:d6:b7:4e:94:a2:7c:e8:ac:4e:a6:
50:3e:2b:32:9e:68:42:1b:e4:59:67:61:ea:c7:9a:51:9c:1c:
55:a3:77:76
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJALe2kDNmG2sjMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNjA4MTEyMDA3MzdaFw0xOTA1MDgyMDA3MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAt7aQM2YbayMwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEADpNIREpylmBxJYKpLMpgW/KI
Ps8RdFoRStzZ2PZYLAXTVtnpjzfvjj47/yI2AMrY4pY/p9HtH956sNePNr1BVR7U
uYY7hyVpNWBI1uRalM6i+nA4NsSFtEsj/nGeL9sGx7WcIfA+fOuR+FwJ/YRDpLNO
BAwiMXFqSMiru+jO+mcVGjqCmEMztQ4fHon4N94b5rWg9KKLtxyQuphtlCEIgF3z
v2atyXIoempI7s9jaTGMxY5m2kt4ZegDOkv4zEJU01JcLQSuJofhfkDLRUEWS26j
Lkp2vSl/HFM3Bq3pW2rWt06UonzorE6mUD4rMp5oQhvkWWdh6seaUZwcVaN3dg==
-----END CERTIFICATE-----

27
examples/wolfssl_server/certs/server-key.pem
View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2HIi8fJ/7
qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lf
P9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDj
xsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlk
wyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlC
Qgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABAoIBAQCa0DQPUmIFUAHv
n+1kbsLE2hryhNeSEEiSxOlq64t1bMZ5OPLJckqGZFSVd8vDmp231B2kAMieTuTd
x7pnFsF0vKnWlI8rMBr77d8hBSPZSjm9mGtlmrjcxH3upkMVLj2+HSJgKnMw1T7Y
oqyGQy7E9WReP4l1DxHYUSVOn9iqo85gs+KK2X4b8GTKmlsFC1uqy+XjP24yIgXz
0PrvdFKB4l90073/MYNFdfpjepcu1rYZxpIm5CgGUFAOeC6peA0Ul7QS2DFAq6EB
QcIw+AdfFuRhd9Jg8p+N6PS662PeKpeB70xs5lU0USsoNPRTHMRYCj+7r7X3SoVD
LTzxWFiBAoGBAPIsVHY5I2PJEDK3k62vvhl1loFk5rW4iUJB0W3QHBv4G6xpyzY8
ZH3c9Bm4w2CxV0hfUk9ZOlV/MsAZQ1A/rs5vF/MOn0DKTq0VO8l56cBZOHNwnAp8
yTpIMqfYSXUKhcLC/RVz2pkJKmmanwpxv7AEpox6Wm9IWlQ7xrFTF9/nAoGBAMuT
3ncVXbdcXHzYkKmYLdZpDmOzo9ymzItqpKISjI57SCyySzfcBhh96v52odSh6T8N
zRtfr1+elltbD6F8r7ObkNtXczrtsCNErkFPHwdCEyNMy/r0FKTV9542fFufqDzB
hV900jkt/9CE3/uzIHoumxeu5roLrl9TpFLtG8SRAoGBAOyY2rvV/vlSSn0CVUlv
VW5SL4SjK7OGYrNU0mNS2uOIdqDvixWl0xgUcndex6MEH54ZYrUbG57D8rUy+UzB
qusMJn3UX0pRXKRFBnBEp1bA1CIUdp7YY1CJkNPiv4GVkjFBhzkaQwsYpVMfORpf
H0O8h2rfbtMiAP4imHBOGhkpAoGBAIpBVihRnl/Ungs7mKNU8mxW1KrpaTOFJAza
1AwtxL9PAmk4fNTm3Ezt1xYRwz4A58MmwFEC3rt1nG9WnHrzju/PisUr0toGakTJ
c/5umYf4W77xfOZltU9s8MnF/xbKixsX4lg9ojerAby/QM5TjI7t7+5ZneBj5nxe
9Y5L8TvBAoGATUX5QIzFW/QqGoq08hysa+kMVja3TnKW1eWK0uL/8fEYEz2GCbjY
dqfJHHFSlDBD4PF4dP1hG0wJzOZoKnGtHN9DvFbbpaS+NXCkXs9P/ABVmTo9I89n
WvUi+LUp0EQR6zUuRr79jhiyX6i/GTKh9dwD5nyaHwx8qbAOITc78bA=
-----END RSA PRIVATE KEY-----

189
examples/wolfssl_server/main.c
View File

@ -1,189 +0,0 @@
/*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief wolfSSL server example
*
* @author Kaleb J. Himes <kaleb@wolfssl.com>
*
* @}
*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
/* socket includes */
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <unistd.h>
/* wolfSSL */
#include <wolfssl/ssl.h>
#include <wolfssl/certs_test.h>
#define DEFAULT_PORT 11111
int main(void)
{
int sockfd;
struct sockaddr_in servAddr;
struct sockaddr_in clientAddr;
socklen_t size = sizeof(clientAddr);
char buff[256];
int shutdown = 0;
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
puts("This is the wolfSSL Server!");
puts("Server is running on 127.0.0.1 and listening on port 11111");
/*----------------------------------------------------------------------------*/
/* TLS Setup:
* This section will need resolved on a per-device basis depending on the
* available TCP/IP stack
*/
/*----------------------------------------------------------------------------*/
/* Create a socket that uses an internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol. */
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
fprintf(stderr, "ERROR: failed to create the socket\n");
return -1;
}
/* Initialize the server address struct with zeros */
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */
/* Bind the server socket to our port */
if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
fprintf(stderr, "ERROR: failed to bind\n");
return -1;
}
/* Listen for a new connection, allow 5 pending connections */
if (listen(sockfd, 5) == -1) {
fprintf(stderr, "ERROR: failed to listen\n");
return -1;
}
/* Initialize wolfSSL */
wolfSSL_Init();
/* Create and initialize WOLFSSL_CTX */
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
return -1;
}
/* Load server certificates into WOLFSSL_CTX */
if (wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
sizeof_server_cert_der_2048,
SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load server_cert_der_2048\n");
return -1;
}
/* Load server key into WOLFSSL_CTX */
if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
sizeof_server_key_der_2048,
SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load server_key_der_2048\n");
return -1;
}
/* Continue to accept clients until shutdown is issued */
while (!shutdown) {
int connd;
size_t len;
WOLFSSL* ssl;
printf("Waiting for a connection...\n");
/* Accept client connections */
if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
== -1) {
fprintf(stderr, "ERROR: failed to accept the connection\n\n");
return -1;
}
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
return -1;
}
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, connd);
printf("Client connected successfully\n");
/* Read the client data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
fprintf(stderr, "ERROR: failed to read\n");
return -1;
}
/* Print to stdout any data the client sends */
printf("Client sent a message!\n");
printf("Client said: %s\n", buff);
/* Check for server shutdown command */
if (strncmp(buff, "shutdown", 8) == 0) {
printf("Shutdown command issued!\n");
shutdown = 1;
}
/* Write our reply into buff */
strncpy(buff, "I hear ya fa shizzle!\n", sizeof(buff) - 1);
len = strnlen(buff, sizeof(buff));
printf("Sending reply to client, reply reads: %s\n", buff);
/* Reply back to the client */
if (wolfSSL_write(ssl, buff, len) != (int) len) {
fprintf(stderr, "ERROR: failed to write\n");
return -1;
}
/* Cleanup after this connection */
wolfSSL_free(ssl); /* Free the wolfSSL object */
close(connd); /* Close the connection to the client */
}
printf("Shutdown complete\n");
/* Cleanup and return */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the socket listening for clients */
return 0; /* Return reporting a success */
}

7
pkg/wolfssl/Makefile
View File

@ -1,7 +1,8 @@
PKG_NAME=wolfssl
PKG_URL=https://github.com/danielinux/wolfssl.git
#PKG_URL=https://github.com/wolfssl/wolfssl.git
PKG_VERSION=d871e777d3e944adf66afb698bb930434739231b
PKG_URL=https://github.com/wolfssl/wolfssl.git
# Current version: v4.1.0+
PKG_VERSION=eaeaaf12c11dd52ab0cd6833252ed559656e9826
PKG_LICENSE=GPLv2
.PHONY: all

17
pkg/wolfssl/Makefile.dep
View File

@ -7,6 +7,8 @@ endif
ifneq (,$(filter wolfcrypt-benchmark,$(USEMODULE)))
USEMODULE += wolfcrypt
USEMODULE += wolfcrypt_coding
USEMODULE += printf_float
USEMODULE += xtimer
endif
ifneq (,$(filter wolfcrypt_poly1305,$(USEMODULE)))
@ -16,20 +18,20 @@ ifneq (,$(filter wolfcrypt_poly1305,$(USEMODULE)))
endif
ifneq (,$(filter wolfcrypt_ed25519,$(USEMODULE)))
USEMODULE += wolfcrypt_sha512
USEMODULE += wolfcrypt_sha512
endif
ifneq (,$(filter wolfcrypt_aes,$(USEMODULE)))
USEMODULE += wolfcrypt_cmac
USEMODULE += wolfcrypt_coding
USEMODULE += wolfcrypt_cmac
USEMODULE += wolfcrypt_coding
endif
ifneq (,$(filter wolfcrypt_pwdbased,$(USEMODULE)))
USEMODULE += wolfcrypt_pkcs12
USEMODULE += wolfcrypt_pkcs12
endif
ifneq (,$(filter wolfcrypt_asn,$(USEMODULE)))
USEMODULE += wolfcrypt_pkcs12
USEMODULE += wolfcrypt_pkcs12
endif
ifneq (,$(filter wolfssl_tls13,$(USEMODULE)))
@ -41,6 +43,10 @@ ifneq (,$(filter wolfssl_dtls,$(USEMODULE)))
USEMODULE += sock_tls
endif
ifneq (,$(filter wolfssl_psk,$(USEMODULE)))
USEMODULE += sock_tls
endif
ifneq (,$(filter sock_tls,$(USEMODULE)))
USEMODULE += wolfcrypt
USEMODULE += wolfcrypt_aes
@ -70,6 +76,7 @@ ifneq (,$(filter wolfssl_socket,$(USEMODULE)))
USEMODULE += wolfssl_ssl
USEMODULE += wolfssl_tls
USEMODULE += posix_sockets
USEMODULE += posix_inet
endif
ifneq (,$(filter wolfcrypt_random,$(USEMODULE)))

138
pkg/wolfssl/doc.txt
View File

@ -12,7 +12,7 @@
* # License
*
* wolfSSLs software is available under two distinct licensing models:
* open source and standard commercial licensing.
* Open Source (GPLv2) or proprietary.
*
* Open Source
*
@ -24,7 +24,7 @@
* wolfMQTT
* wolfSSH
*
* These software products are free software downloads and may be modified to
* These software products are free software and may be modified to
* the needs of the user as long as the user adheres to version two of the GPL
* License. The GPLv2 license can be found on the gnu.org website
* (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html).
@ -68,113 +68,85 @@
* FEATURES:
*
* Because wolfSSL was designed with embedded systems in mind the library is
* extremely modular. There are very fiew dependancies in wolfSSL Cryptographic
* extremely modular. There are very few dependancies in wolfSSL Cryptographic
* library and we have chosen to setup the pkg makefile to allow for easy
* modification by developers. We chose to include the core of our library in a
* singular list and then seperate out the features that a developer may or may
* singular list and then separate out the features that a developer may or may
* not wish to use by default. Please reference the Makefile.wolfssl in
* "<RIOT-root>/pkg/wolfssl" directory. wolfSSL has chosen to enable a
* significant portion of our wolfcrypt functionality by default and provided
* informative comments to explain how a feature might be enabled/disabled.
*
* Features should be controlled with the header "user_settings.h" in the root
* directory of the application. Since RIOT uses the "Empty Translation Unit"
* warning in combination with the "-Werror" flag you will need to exclude
* source files from your application by modifying the Makefile.wolfssl in the
* "<RIOT-root>/pkg/wolfssl" directory when disabling a feature or adding a
* feature that wolfSSL chose to leave out by default.
* Features should be controlled with the header "user_settings.h" included with
* the package.
* On RIOT-OS, wolfSSL and wolfCrypt libraries can be configured using
* PSEUDOMODULES. After selecting the wolfSSL package via:
*
* Default ENABLED Features are:
* aes, arc4, asn, coding, des3, dh, dsa, hmac, md4, md5, pkcs12, pwdbased,
* rabbit, random, rsa, sha, sha256, signature, tfm (fast math), ecc, and memory
* ```makefile
* USEPKG+=wolfssl
* ```
*
* Default DISABLED Features are:
* integer (normal math), misc (included inline by default), md2, pkcs7,
* chacha, poly1305, ripemd, sha3 (keccak), sha512, srp, hc128, idea,
* blake2b (sha3 runner-up IE sha3 alternative to keccak), camellia, compress,
* curve25519, ed25519, cmac, evp, and asm
* Single ciphers, algorithms and features can be selected by including the
* associated pseudomodule, e.g.:
*
* ```makefile
* USEMODULE += wolfcrypt
* USEMODULE += wolfssl
* USEMODULE += wolfcrypt-test
* USEMODULE += wolfssl_dtls
* ```
*
* NOTES ON TRANSPORT LAYER:
*
* wolfSSL package for RIOT-OS supports two types of socket communication:
* - GNRC UDP/IP interface (based on sock_udp)
* - generic full-POSIX socket support (based on module posix-socket)
*
* By default, GNRC support is compiled in for UDP/IP communication when the
* module `wolfssl_dtls` is selected. Ensure that the module `gnrc_sock_udp`
* is also included in the build.
*
* Alternatively, to enable full-POSIX TLS/DTLS, select the `wolfssl_socket` module by
* adding the followint to the application's Makefile:
*
* ```makefile
* USEMODULE += wolfssl_socket
* ```
*
* Refer to the examples in the following section for more details about the API
* and the integration with the transport layer.
*
* EXAMPLES:
*
* wolfSSL has provided a few examples of using this package in the RIOT
* examples directory. To test these do any of the following:
*
* Benchmark Example:
* wolfSSL Test/Benchmark:
* Useful to verify that the ciphers are working properly
* on the target, and comparing performance on different
* platforms.
*
* ```makefile
* cd <path-to>/RIOT/examples/wolfssl_crypto_benchmark
* cd <path-to>/RIOT/tests/wolfssl-test
* make
* ./bin/native/wolfssl_crypto_benchmark.elf
* ./bin/native/wolfssl-test.elf # execute native port
* ```
*
* Crypto Test Example:
* ED25519 signature verification demo
* Very small footprint application to demonstrate
* Ed25519 signature verification with a very small footprint
* and memory requirements
*
* ```makefile
* cd <path-to>/RIOT/examples/wolfssl_crypto_test
* cd <path-to>/RIOT/tests/wolfcrypt-ed25519-verify
* make
* ./bin/native/wolfssl_crypto_test.elf
* ./bin/native/wolfcrypt-ed25519-verify.elf # execute native port
* ```
*
* Client and Server Example(s):
*
* ```makefile
* cd <path-to>/RIOT/examples/wolfssl_server
* make
* ./bin/native/wolf_server.elf
* ```
*
* Now open a second terminal and do...
*
* ```makefile
* cd <path-to>/RIOT/examples/wolfssl_client
* make
* ./bin/native/wolf_client.elf
* ```
*
* You should see the following output:
*
* SERVER OUTPUT:
*
* ```makefile
* RIOT native interrupts/signals initialized.
* LED_RED_OFF
* LED_GREEN_ON
* RIOT native board initialized.
* RIOT native hardware initialization complete.
*
* main(): This is RIOT!
* This is the wolfSSL Server!
* Server is running on 127.0.0.1 and listening on port 11111
* Waiting for a connection...
* Client connected successfully
* Client sent a message!
* Client said: Hello wolfSSL Server!
* Sending reply to client, reply reads: I hear ya fa shizzle!
*
* Waiting for a connection...
* ```
*
* After the client connection the server cleans up and returns to wait for
* another client connection. You can kill the server with a Ctrl+C (SIG INT) or
* by modifying the client to send the string "shutdown" instead of
* "Hello wolfSSL Server!".
*
* CLIENT OUTPUT:
*
* ```makefile
* RIOT native interrupts/signals initialized.
* LED_RED_OFF
* LED_GREEN_ON
* RIOT native board initialized.
* RIOT native hardware initialization complete.
*
* main(): This is RIOT!
* Message for server: Hello wolfSSL Server!
* Server sent a reply!
* Server Response was: I hear ya fa shizzle!
* ```
*
* At this point the client simply terminates and does nothing interesting.
* DTLS Client and Server Example
* DTLS example over GNRC UDP/IP stack.
* See documentation in `examples/dtls-wolfssl/README.md`
*
* QUESTIONS / CONCERNS / FEEDBACK:
*

224
pkg/wolfssl/include/user_settings.h
View File

@ -9,7 +9,7 @@ extern "C" {
/* System */
#ifndef WOLFSSL_RIOT_OS
# define WOLFSSL_RIOT_OS 1
#define WOLFSSL_RIOT_OS 1
#endif
#include <random.h>
#define CUSTOM_RAND_GENERATE random_uint32
@ -21,40 +21,66 @@ extern "C" {
#define NO_MAIN_DRIVER
#define NO_SIG_WRAPPER
#define NO_OLD_RNGNAME
#define WOLFSSL_SMALL_STACK
/* Uncomment the next two lines to enable wolfSSL debug */
// #define DEBUG_WOLFSSL
// #define WOLFSSL_LOG_PRINTF
/* Single precision math */
#define WOLFSSL_SP_MATH
#define WOLFSSL_SP_SMALL
#define SP_WORD_SIZE 32
#define WOLFSSL_SP
/* GNRC support enabled if not
* using sockets
*/
#ifndef MODULE_WOLFSSL_SOCKET
# define WOLFSSL_GNRC
# define WOLFSSL_USER_IO
#endif
#ifndef MODULE_WOLFSSL_TLS
# ifndef MODULE_WOLFSSL_TLS13
# define WOLFCRYPT_ONLY
# else
# define NO_OLD_TLS
# endif
#endif
#ifdef BOARD_NATIVE
//# define WOLFSSL_GENERAL_ALIGNMENT 8
#define WOLFSSL_GNRC
#define WOLFSSL_USER_IO
#else
# define WOLFSSL_GENERAL_ALIGNMENT 4
# ifdef CPU_ARM
# define TFM_ARM
# endif
#include <sys/socket.h>
#endif
/* Select wolfcrypt only / +wolfssl
* at compile time (via USEMODULE)
*/
#ifndef MODULE_WOLFSSL_TLS
#ifndef MODULE_WOLFSSL_TLS13
#define WOLFCRYPT_ONLY
#else
#define NO_OLD_TLS
#define HAVE_TLS_EXTENSIONS
#define HAVE_AES_DECRYPT
#define HAVE_AESGCM
#define GCM_SMALL
#define HAVE_AESCCM
#define WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_DIRECT
#endif
#else
#define HAVE_TLS_EXTENSIONS
#endif
/* Align on 32-bit (exc. native,
* don't modify default alignment.)
*/
#ifndef BOARD_NATIVE
#define WOLFSSL_GENERAL_ALIGNMENT 4
#endif
/* ARM-specific optimizations */
#ifdef CPU_ARM
#define TFM_ARM
#endif
/* defined somewhere else */
#ifndef __mips__
int strncasecmp(const char *s1, const char * s2, unsigned int sz);
#endif
/* Fixme: add mt */
#define SINGLE_THREADED
/* Global settings */
@ -65,244 +91,232 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz);
#define USE_CERT_BUFFERS_2048
#define NO_RC4
/* Random */
/* Modules */
#undef WC_NO_RNG
#ifndef MODULE_WOLFCRYPT_RANDOM
# define WC_NO_RNG
#define WC_NO_RNG
#endif
/* DTLS */
#undef WOLFSSL_DTLS
#ifdef MODULE_WOLFSSL_DTLS
# define WOLFSSL_DTLS
#define WOLFSSL_DTLS
#endif
/* FFDHE_2048 */
#undef HAVE_FFDHE_2048
#ifdef MODULE_WOLFCRYPT_FFDHE_2048
# define HAVE_FFDHE_2048
#define HAVE_FFDHE_2048
#endif
/* ChaCha20 */
#undef HAVE_CHACHA
#ifdef MODULE_WOLFCRYPT_CHACHA
# define HAVE_CHACHA
#define HAVE_CHACHA
#endif
/* Poly 1305 */
#undef HAVE_POLY1305
#ifdef MODULE_WOLFCRYPT_POLY1305
# define HAVE_POLY1305
# define HAVE_ONE_TIME_AUTH
#define HAVE_POLY1305
#define HAVE_ONE_TIME_AUTH
#endif
/* x25519 */
#undef HAVE_CURVE25519
#ifdef MODULE_WOLFCRYPT_CURVE25519
# define HAVE_CURVE25519
# define CURVE25519_SMALL
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#endif
/* ed25519 */
#undef HAVE_ED25519
#ifdef MODULE_WOLFCRYPT_ED25519
# define HAVE_ED25519
# define ED25519_SMALL
#define HAVE_ED25519
#define ED25519_SMALL
#endif
/* AES */
#undef NO_AES
#undef NO_CODING
#undef NO_CMAC
#ifndef MODULE_WOLFCRYPT_AES
# define NO_AES
#define NO_AES
#endif
#ifndef MODULE_WOLFCRYPT_CMAC
# define NO_CMAC
#define NO_CMAC
#endif
#ifndef MODULE_WOLFCRYPT_CODING
# define NO_CODING
#define NO_CODING
#endif
/* ASN */
#ifndef MODULE_WOLFCRYPT_ASN
# define NO_ASN
#define NO_ASN
#endif
/* HMAC */
#ifndef MODULE_WOLFCRYPT_HMAC
# define NO_HMAC
#define NO_HMAC
#endif
#undef NO_SHA
#ifndef MODULE_WOLFCRYPT_SHA
# define NO_SHA
#define NO_SHA
#else
# define USE_SLOW_SHA
# define USE_SLOW_SHA2
#define USE_SLOW_SHA
#define USE_SLOW_SHA2
#endif
/* SHA-2 */
#undef HAVE_SHA512
#undef HAVE_SHA384
#undef WOLFSSL_SHA384
#undef WOLFSSL_SHA512
#ifdef MODULE_WOLFCRYPT_SHA512
# define HAVE_SHA384
# define HAVE_SHA512
# define WOLFSSL_SHA384
# define WOLFSSL_SHA512
# define USE_SLOW_SHA512
#define HAVE_SHA384
#define HAVE_SHA512
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define USE_SLOW_SHA512
#endif
/* SHA-3 Keccac */
#undef WOLFSSL_SHA3
#ifdef MODULE_WOLFCRYPT_SHA3
# define WOLFSSL_SHA3
#define WOLFSSL_SHA3
#endif
/* ecc */
#undef HAVE_ECC
#ifdef MODULE_WOLFCRYPT_ECC
#define HAVE_ECC
#define FP_ECC
#define WOLFSSL_HAVE_SP_ECC
#define ECC_TIMING_RESISTANT
#define HAVE_ECC
#define FP_ECC
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_HAVE_SP_ECC
#define ECC_TIMING_RESISTANT
#define HAVE_SUPPORTED_CURVES
#endif
#undef HAVE_BLAKE2B
#ifdef MODULE_WOLFCRYPT_BLAKE2B
# define HAVE_BLAKE2B
#define HAVE_BLAKE2B
#endif
#undef HAVE_CAMELLIA
#ifdef MODULE_WOLFCRYPT_CAMELLIA
# define HAVE_CAMELLIA
#define HAVE_CAMELLIA
#endif
#undef HAVE_IDEA
#ifdef MODULE_WOLFCRYPT_IDEA
# define HAVE_IDEA
#define HAVE_IDEA
#endif
#undef HAVE_HC128
#ifdef MODULE_WOLFCRYPT_HC128
# define HAVE_HC128
#define HAVE_HC128
#endif
#undef HAVE_PKCS7
#ifdef MODULE_WOLFCRYPT_PKCS7
# define HAVE_PKCS7
#define HAVE_PKCS7
#endif
/* PKCS12 */
#undef NO_PKCS12
#ifndef MODULE_WOLFCRYPT_PKCS12
# define NO_PKCS12
#define NO_PKCS12
#endif
/* PWDBASED */
#undef NO_PWDBASED
#ifndef MODULE_WOLFCRYPT_PWDBASED
# define NO_PWDBASED
#define NO_PWDBASED
#endif
#undef WOLFSSL_STATIC_PSK
#ifdef MODULE_WOLFSSL_PSK
#define WOLFSSL_STATIC_PSK
#endif
#undef HAVE_LIBZ
#ifdef MODULE_WOLFCRYPT_COMPRESS
# define HAVE_LIBZ
#define HAVE_LIBZ
#endif
/* rsa */
#ifdef MODULE_WOLFCRYPT_RSA
# define HAVE_RSA
# define RSA_LOW_MEM
# define WC_RSA_BLINDING
#define HAVE_RSA
#define RSA_LOW_MEM
#define WC_RSA_BLINDING
#define WOLFSSL_STATIC_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_RSA
#else
# define NO_RSA
#define NO_RSA
#endif
/* 3-DES */
#undef NO_DES3
#ifndef MODULE_WOLFCRYPT_DES3
# define NO_DES3
#define NO_DES3
#endif
/* DH */
#undef NO_DH
#ifndef MODULE_WOLFCRYPT_DH
# define NO_DH
#define NO_DH
#endif
/* DSA */
#undef NO_DSA
#ifndef MODULE_WOLFCRYPT_DSA
# define NO_DSA
#define NO_DSA
#endif
/* MD2 */
#undef WOLFSSL_MD2
#ifdef MODULE_WOLFSSL_MD2
#define WOLFSSL_MD2
#define WOLFSSL_MD2
#endif
/* MD4 */
#undef NO_MD4
#ifndef MODULE_WOLFCRYPT_MD4
# define NO_MD4
#define NO_MD4
#endif
/* RABBIT */
#undef NO_RABBIT
#ifndef MODULE_WOLFCRYPT_RABBIT
# define NO_RABBIT
#define NO_RABBIT
#endif
/* MD5 */
#undef NO_MD5
#ifndef MODULE_WOLFCRYPT_MD5
# define NO_MD5
#define NO_MD5
#endif
/* ripe-md */
#undef WOLFSSL_RIPEMD
#ifdef MODULE_WOLFCRYPT_RIPEMD
# define WOLFSSL_RIPEMD
#define WOLFSSL_RIPEMD
#endif
/* signature wrapper */
#undef NO_SIG_WRAPPER
#ifndef MODULE_WOLFCRYPT_SIGNATURE
# define NO_SIG_WRAPPER
#define NO_SIG_WRAPPER
#endif
/* SRP */
#undef HAVE_SRP
#ifdef MODULE_WOLFCRYPT_SRP
#define HAVE_SRP
#define HAVE_SRP
#endif
/** TLS Options **/
#undef HAVE_OCSP
#ifdef MODULE_WOLFSSL_OCSP
#define HAVE_OCSP
#define HAVE_OCSP
#endif
#undef HAVE_CRL
#ifdef MODULE_WOLFSSL_CRL
#define HAVE_CRL
#define HAVE_CRL
#endif
#undef HAVE_TLS13
#ifdef MODULE_WOLFSSL_TLS13
#define HAVE_TLS13
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define BUILD_TLS_AES_128_GCM_SHA256
#define HAVE_TLS13
#define WOLFSSL_TLS13
#define BUILD_TLS_AES_128_GCM_SHA256
#endif
#ifdef __cplusplus
}
#endif
/* The following defines should prevent declaration of name-colliding "Aes"
* structure on SAML21, SAME54 platform code
*/
#define _SAML21_AES_COMPONENT_
#define _SAME54_AES_COMPONENT_
#endif /* USER_SETTINGS_H */

54
pkg/wolfssl/sock_tls/sock_tls.c
View File

@ -1,41 +1,20 @@
/* Copyright (C) 2014 Freie Universität Berlin
/*
* Copyright (C) 2019 Daniele Lacamera
*
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*
* **** This file incorporates work covered by the following copyright and ****
* **** permission notice: ****
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*
*/
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <net/sock.h>
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>
#define MODE_TLS 0
#define MODE_DTLS 1
#include <log.h>
void sock_dtls_close(sock_tls_t *sk)
{
@ -44,8 +23,8 @@ void sock_dtls_close(sock_tls_t *sk)
void sock_dtls_set_endpoint(sock_tls_t *sk, const sock_udp_ep_t *addr)
{
printf("wolfSSL: Setting peer address and port\n");
memcpy(&sk->peer_addr, addr, sizeof (sock_udp_ep_t));
LOG(LOG_INFO, "wolfSSL: Setting peer address and port\n");
XMEMCPY(&sk->peer_addr, addr, sizeof (sock_udp_ep_t));
}
int sock_dtls_create(sock_tls_t *sock, const sock_udp_ep_t *local, const sock_udp_ep_t *remote, uint16_t flags, WOLFSSL_METHOD *method)
@ -66,8 +45,6 @@ int sock_dtls_create(sock_tls_t *sock, const sock_udp_ep_t *local, const sock_ud
if (remote) {
XMEMCPY(&sock->peer_addr, remote, sizeof(sock_udp_ep_t));
}
wolfSSL_SetIORecv(sock->ctx, GNRC_Receive);
wolfSSL_SetIOSend(sock->ctx, GNRC_SendTo);
return 0;
}
@ -77,11 +54,12 @@ static int tls_session_create(sock_tls_t *sk)
return -EINVAL;
sk->ssl = wolfSSL_new(sk->ctx);
if (sk->ssl == NULL) {
printf("Error allocating ssl session\n");
LOG(LOG_ERROR, "Error allocating ssl session\n");
return -ENOMEM;
}
wolfSSL_SetIOReadCtx(sk->ssl, sk);
wolfSSL_SetIOWriteCtx(sk->ssl, sk);
sk->ssl->gnrcCtx = sk;
return 0;
}
@ -109,11 +87,19 @@ void sock_dtls_session_destroy(sock_tls_t *sk)
#ifndef __mips__
#include <ctype.h>
int strncasecmp(const char *s1, const char * s2, unsigned int sz)
{
for( ; sz>0; sz--)
if(toupper(*s1++) != toupper(*s2++))
return 1;
unsigned int i;
for( i = 0; i < sz; i++) {
int res;
const unsigned char *us1 = (const unsigned char *)s1;
const unsigned char *us2 = (const unsigned char *)s2;
res = toupper(us1[i]) - toupper(us2[i]);
if (res != 0)
return res;
}
return 0;
}
#endif

21
pkg/wolfssl/sock_tls/sock_tls.h
View File

@ -1,3 +1,12 @@
/*
* Copyright (C) 2019 Daniele Lacamera
*
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/* @defgroup module sock_tls
* @ingroup pkg_wolfssl
* @brief Sock submodule for TLS/DTLS sessions
@ -225,11 +234,7 @@
#ifdef __cplusplus
extern "C" {
#endif
#define MODE_TLS 0
#define MODE_DTLS 1
#define MODE_TLS 0
#define MODE_DTLS 1
/**
* @brief Creates a new DTLS sock object.
*
@ -277,7 +282,7 @@ extern "C" {
* ((local->netif != SOCK_ADDR_ANY_NETIF) ||
* (remote->netif != SOCK_ADDR_ANY_NETIF))` if neither is `NULL`).
* @return -ENOMEM, if not enough resources can be provided for `sock` to be
* created, 0 upon success.
* created.
*/
int sock_dtls_create(sock_tls_t *sock, const sock_udp_ep_t *local, const sock_udp_ep_t *remote, uint16_t flags, WOLFSSL_METHOD *method);
@ -287,7 +292,7 @@ int sock_dtls_create(sock_tls_t *sock, const sock_udp_ep_t *local, const sock_ud
* @pre `(sk != NULL)`
* @pre `(addr != NULL)`
*
* @param[in] sock The resulting sock object.
* @param[in] sk The resulting sock object.
* @param[in] addr Remote end point for the DTLS session.
*
*/
@ -298,7 +303,7 @@ void sock_dtls_set_endpoint(sock_tls_t *sk, const sock_udp_ep_t *addr);
*
* @pre `(sk != NULL)`
*
* @param[in] sock The sock object previously created using @ref sock_dtls_create
* @param[in] sk The sock object previously created using @ref sock_dtls_create
*
* @return 0 on success.
* @return -EINVAL, if @sock is null or the SSL context is not initialized yet.
@ -329,7 +334,7 @@ void sock_dtls_close(sock_tls_t *sk);
#ifdef MODULE_SOCK_TCP
/* TODO */
# error Only support for UDP/IP provided via GNRC stack.
#endif
#ifdef __cplusplus

15
tests/wolfcrypt-ed25519-verify/Makefile → tests/pkg_wolfcrypt-ed25519-verify/Makefile
View File

@ -1,9 +1,16 @@
# name of your application
APPLICATION = wolfcrypt-ed25519-verify
include ../Makefile.tests_common
# If no BOARD is found in the environment, use this default:
BOARD ?= native
# Only 32-bit targets
BOARD_BLACKLIST := arduino-duemilanove arduino-leonardo \
arduino-mega2560 arduino-nano \
arduino-uno chronos esp8266-esp-12x esp8266-olimex-mod \
esp8266-sparkfun-thing jiminy-mega256rfr2 mega-xplained \
msb-430 msb-430h telosb waspmote-pro \
wsn430-v1_3b wsn430-v1_4 z1
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
@ -15,10 +22,12 @@ DEVELHELP ?= 1
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
# Ensure there is enough stack space
CFLAGS += -DTHREAD_STACKSIZE_MAIN=THREAD_STACKSIZE_LARGE
CFLAGS+=-DNO_ED25519_SIGN -DNO_ED25519_KEY_EXPORT
USEPKG +=wolfssl
USEMODULE += wolfssl
USEMODULE += wolfcrypt
USEMODULE += wolfcrypt_ed25519

0
tests/wolfcrypt-ed25519-verify/README.md → tests/pkg_wolfcrypt-ed25519-verify/README.md
View File

40
tests/wolfcrypt-ed25519-verify/main.c → tests/pkg_wolfcrypt-ed25519-verify/main.c
View File

@ -1,31 +1,10 @@
/*
* Copyright (C) 2014 Freie Universität Berlin
* Copyright (C) 2019 Daniele Lacamera
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*
* **** This file incorporates work covered by the following copyright and ****
* **** permission notice: ****
*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*
*/
/**
@ -35,14 +14,14 @@
* @file
* @brief ed25519 signature verification application
*
* @author wolfSSL <info@wolfssl.com>
* @author Daniele Lacamera <daniele@wolfssl.com>
*
* @}
*/
#include <stdio.h>
#include <stdint.h>
#include <wolfssl/wolfcrypt/ed25519.h>
#include "log.h"
const uint8_t ed_public_key[ED25519_KEY_SIZE] = {
0x9A, 0xBC, 0xA2, 0xE2, 0x4D, 0x19, 0x9E, 0x02,
@ -70,21 +49,20 @@ int main(void)
int stat;
int ret;
ed25519_key key;
printf("You are running RIOT on a(n) %s board.\n", RIOT_BOARD);
printf("This board features a(n) %s MCU.\n", RIOT_MCU);
printf("\n\n\n");
LOG(LOG_INFO, "You are running RIOT on a(n) %s board.\n", RIOT_BOARD);
LOG(LOG_INFO, "This board features a(n) %s MCU.\n", RIOT_MCU);
wc_ed25519_init(&key);
puts("Starting ed25519 test.");
LOG(LOG_INFO, "Starting ed25519 test.");
ret = wc_ed25519_import_public(ed_public_key, ED25519_KEY_SIZE, &key);
if (ret != 0) {
printf("Error importing public key for signature verification (%d)\n", ret);
LOG(LOG_ERROR, "Error importing public key for signature verification (%d)\n", ret);
return 1;
}
if ((wc_ed25519_verify_msg(msg_signature, ED25519_SIG_SIZE, msg, 12, &stat, &key) < 0) || (stat == 0)) {
printf("The signature is not valid!\n");
LOG(LOG_WARNING, "The signature is not valid!\n");
} else {
printf("The signature is valid!\n");
LOG(LOG_INFO, "The signature is valid!\n");
}
return 0;

0
tests/wolfcrypt-ed25519-verify/tools/Makefile → tests/pkg_wolfcrypt-ed25519-verify/tools/Makefile
View File

64
tests/pkg_wolfcrypt-ed25519-verify/tools/ed25519_sign_msg.c Normal file
View File

@ -0,0 +1,64 @@
/*
* Copyright (C) 2019 Daniele Lacamera
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*
*/
#include <stdint.h>
#include <stdio.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/ed25519.h>
#include "od.h"
void print_key(void *key_in)
{
uint8_t * key = key_in;
od_hex_dump(key, ED25519_KEY_SIZE, 8);
}
void print_sig(void *sig_in)
{
uint8_t * sig = sig_in;
od_hex_dump(sig, ED25519_SIG_SIZE, 8);
}
int main(void)
{
uint8_t priv[ED25519_KEY_SIZE], pub[ED25519_KEY_SIZE];
uint8_t sig[ED25519_SIG_SIZE];
uint32_t outlen;
RNG rng;
ed25519_key key;
wc_ed25519_init(&key);
wc_InitRng(&rng);
if (wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key) != 0) {
LOG(LOG_ERROR, "Failed to create ED25519 key!\n");
exit(1);
}
outlen = ED25519_KEY_SIZE;
wc_ed25519_export_private_only(&key, priv, &outlen);
printf("const uint8_t ed_private_key[ED25519_KEY_SIZE] = {\n");
print_key(priv);
printf("};\n\n");
outlen = ED25519_KEY_SIZE;
wc_ed25519_export_public(&key, pub, &outlen);
printf("const uint8_t ed_public_key[ED25519_KEY_SIZE] = {\n");
print_key(pub);
printf("};\n\n");
printf("const uint8_t msg[] = \"Hello World!\";\n\n");
printf("const uint8_t msg_signature[ED25519_SIG_SIZE] = {\n");
outlen = ED25519_SIG_SIZE;
wc_ed25519_sign_msg("Hello World!", 12, sig, &outlen, &key);
print_sig(sig);
printf("};\n\n");
exit(0);
}

57
tests/pkg_wolfssl/Makefile Normal file
View File

@ -0,0 +1,57 @@
include ../Makefile.tests_common
# If no BOARD is found in the environment, use this default:
BOARD ?= native
# Only 32-bit targets
BOARD_BLACKLIST := arduino-duemilanove arduino-leonardo \
arduino-mega2560 arduino-nano \
arduino-uno chronos esp8266-esp-12x esp8266-olimex-mod \
esp8266-sparkfun-thing jiminy-mega256rfr2 mega-xplained \
msb-430 msb-430h telosb waspmote-pro \
wsn430-v1_3b wsn430-v1_4 z1
#
# If the test fails to run on a target, disable the algorithms
# that you do not plan to use, by removing the associated wolfcrypt_* modules
# from USEMODULE list below.
#
# You may be able to remove your target from the list below by selecting a
# smaller set of modules.
#
# Targets not included in the BOARD_INSUFFICIENT_MEMORY are capable of
# running all the benchmarks selected by default.
#
BOARD_INSUFFICIENT_MEMORY := nucleo-f042k6 stm32f0discovery nucleo-f334r8 \
i-nucleo-lrwan1 nucleo-f302r8 nucleo-l053r8 saml11-xpro \
nucleo-l031k6 bluepill stm32l0538-disco saml10-xpro \
nucleo-f030r8 nucleo-f031k6 nucleo-f303k8 blackpill
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
# This is an optimized stack value based on testing, if you observe
# a segmentation fault please increase this stack size.
CFLAGS += -DTHREAD_STACKSIZE_MAIN=2*THREAD_STACKSIZE_LARGE
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
USEPKG += wolfssl
USEMODULE += wolfcrypt wolfcrypt-test wolfcrypt_sha512 wolfcrypt_curve25519 \
wolfcrypt_ed25519 wolfcrypt_chacha wolfcrypt_poly1305 wolfcrypt_aes \
wolfcrypt_ecc wolfcrypt_asn wolfcrypt_random
# Uncomment the following line to enable RSA tests
# (e.g. when enough resources are available on platform)
#USEMODULE += wolfcrypt_rsa wolfcrypt_dh
# Comment the following line to disable full-benchmark test
USEMODULE += wolfcrypt-benchmark
ifneq ($(BOARD),native)
CFLAGS += -DBENCH_EMBEDDED
endif
include $(RIOTBASE)/Makefile.include

21
tests/pkg_wolfssl/README.md Normal file
View File

@ -0,0 +1,21 @@
# wolfssl tests and benchmarks
This test can be used to validate the usability and performance of a wolfcrypt/wolfssl
port to a specific target.
## Compile options
Specific modules can be enabled/disabled using the `USEMODULE` variable in `Makefile`.
To disable full-benchmark test, comment out the line `USEMODULE += wolfssl-benchmarks`.
## Modules vs. Resources
This test tool can be used to benchmark single pseudo-modules in the wolfSSL package,
on the selected target.
The default `BOARD_INSUFFICIENT_MEMORY` list provided in [Makefile](Makefile) excludes
all the targets that are unable to run the full test. Targets included in this list
may still be able to run a build with a reduced set of algorithms compiled in.
To enable/disable single modules to include in the build, see the `USEMODULE` list.

47
tests/pkg_wolfssl/main.c Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (C) 2019 Kaleb J. Himes, Daniele Lacamera
*
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief wolfSSL cryptographic library test
*
* @author Kaleb J. Himes <kaleb@wolfssl.com>
* Daniele Lacamera <daniele@wolfssl.com>
*
* @}
*/
#include <stdio.h>
#include "xtimer.h"
#include "log.h"
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/test/test.h>
#ifdef MODULE_WOLFCRYPT_BENCHMARK
#include <wolfcrypt/benchmark/benchmark.h>
#endif
int main(void)
{
LOG(LOG_INFO, "wolfSSL Crypto Test!");
/* Wait to work around a failing tests
* on platforms that don't have RTC synchronized
*/
xtimer_sleep(1);
wolfcrypt_test(NULL);
#ifdef MODULE_WOLFCRYPT_BENCHMARK
LOG(LOG_INFO, "wolfSSL Benchmark!");
benchmark_test(NULL);
#endif
return 0;
}

98
tests/wolfcrypt-ed25519-verify/tools/ed25519_sign_msg.c
View File

@ -1,98 +0,0 @@
/*
* Copyright (C) 2014 Freie Universität Berlin
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*
* **** This file incorporates work covered by the following copyright and ****
* **** permission notice: ****
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*
*/
#include <stdint.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/ed25519.h>
void print_buf(uint8_t *buf, int len)
{
int i;
for (i = 0; i < len; i++) {
int p = i % 8;
if (p == 0)
printf("\t");
printf("0x%02X", buf[i]);
if (i < len - 1)
printf(",");
if (p == 7)
printf("\n");
else
printf(" ");
}
}
void print_key(void *key_in)
{
uint8_t * key = key_in;
print_buf(key, ED25519_KEY_SIZE);
}
void print_sig(void *sig_in)
{
uint8_t * sig = sig_in;
print_buf(sig, ED25519_SIG_SIZE);
}
int main(void)
{
uint8_t priv[ED25519_KEY_SIZE], pub[ED25519_KEY_SIZE];
uint8_t sig[ED25519_SIG_SIZE];
uint32_t outlen;
RNG rng;
ed25519_key key;
wc_ed25519_init(&key);
wc_InitRng(&rng);
if (wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key) != 0) {
printf("Failed to create ED25519 key!\n");
exit(1);
}
outlen = ED25519_KEY_SIZE;
wc_ed25519_export_private_only(&key, priv, &outlen);
printf("const uint8_t ed_private_key[ED25519_KEY_SIZE] = {\n");
print_key(priv);
printf("};\n\n");
outlen = ED25519_KEY_SIZE;
wc_ed25519_export_public(&key, pub, &outlen);
printf("const uint8_t ed_public_key[ED25519_KEY_SIZE] = {\n");
print_key(pub);
printf("};\n\n");
printf("const uint8_t msg[] = \"Hello World!\";\n\n");
printf("const uint8_t msg_signature[ED25519_SIG_SIZE] = {\n");
outlen = ED25519_SIG_SIZE;
wc_ed25519_sign_msg("Hello World!", 12, sig, &outlen, &key);
print_sig(sig);
printf("};\n\n");
exit(0);
}

48
tests/wolfssl_crypto_benchmark/Makefile
View File

@ -1,48 +0,0 @@
APPLICATION = wolf_crypto_benchark
# If no BOARD is found in the environment, use this default:
#BOARD ?= native
BOARD ?= samd21-xpro #Currently missing implementation for strncasecmp
#BOARD ?= pic32-wifire
#BOARD ?= frdm-k64f
#BOARD ?= stm32f4discovery
# BOARD_WHITELIST := To Be Determined
# BOARD_BLACKLIST := To Be Determined
# BOARD_INSUFFICIENT_MEMORY := To Be Determined
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
# Used for inserting debug symbols into library for portability
# testing on Ubuntu 16.04 LTS w/ gcc v 5.4.0
#CFLAGS += -g
#LDFLAGS += -g
# Necessary to set the stacksize on Ubuntu Native device when using
# gcc v 5.4.0 on 16.04 LTS
# This is an optimized stack value based on testing, if you observe
# a segmentation fault please increase this stack size.
CFLAGS += -DTHREAD_STACKSIZE_MAIN=20000
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
# May need these for seeding wolfCrypt DRBG
#USEMODULE += random
#USEMODULE += prng_minstd
USEPKG += wolfssl
USEMODULE += wolfcrypt wolfcrypt-benchmark wolfcrypt_sha512 wolfcrypt_curve25519 \
wolfcrypt_ed25519 wolfcrypt_chacha wolfcrypt_poly1305 wolfcrypt_aes \
wolfcrypt_ecc wolfcrypt_asn wolfcrypt_random
ifneq (native, $(BOARD))
# for TCP/IP recommend working with lwip or other third-party TCP/IP stack.
# Also need third-party string library if attempting to use ecc that will
# implement strncasecomp
# USEPKG += lwip
# export CFLAGS += "-DHAVE_LWIP_NATIVE=1"
endif
include $(RIOTBASE)/Makefile.include

4
tests/wolfssl_crypto_benchmark/README.md
View File

@ -1,4 +0,0 @@
# wolfSSL on RIOT
This application measures the performance of wolfCrypt libraries in wolfSSL
from [wolfSSL Inc](https://www.wolfssl.com) on RIOT.

44
tests/wolfssl_crypto_benchmark/main.c
View File

@ -1,44 +0,0 @@
/*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief wolfSSL cryptographic benchmark application
*
* @author Kaleb J. Himes <kaleb@wolfssl.com>
*
* @}
*/
#include <stdio.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/benchmark/benchmark.h>
int main(void)
{
puts("wolfSSL Crypto Benchmarks!");
benchmark_test(NULL);
return 0;
}

47
tests/wolfssl_crypto_test/Makefile
View File

@ -1,47 +0,0 @@
APPLICATION = wolf_crypto_test
# If no BOARD is found in the environment, use this default:
#BOARD ?= native
#BOARD ?= samd21-xpro #Currently missing implementation for strncasecmp
#BOARD ?= pic32-wifire
#BOARD ?= frdm-k64f
BOARD ?= stm32f4discovery
# BOARD_WHITELIST := To Be Determined
# BOARD_BLACKLIST := To Be Determined
# BOARD_INSUFFICIENT_MEMORY := To Be Determined
# This has to be the absolute path to the RIOT base directory:
RIOTBASE ?= $(CURDIR)/../..
# Used for inserting debug symbols into library for portability
# testing on Ubuntu 16.04 LTS w/ gcc v 5.4.0
#CFLAGS += -g
#LDFLAGS += -g
# Necessary to set the stacksize on Ubuntu Native device when using
# gcc v 5.4.0 on 16.04 LTS
# This is an optimized stack value based on testing, if you observe
# a segmentation fault please increase this stack size.
CFLAGS += -DTHREAD_STACKSIZE_MAIN=35000
# Change this to 0 show compiler invocation lines by default:
QUIET ?= 1
# May need these for seeding wolfCrypt DRBG
#USEMODULE += prng_minstd
USEPKG += wolfssl
USEMODULE += wolfcrypt wolfcrypt-test wolfcrypt_sha512 wolfcrypt_curve25519 \
wolfcrypt_ed25519 wolfcrypt_chacha wolfcrypt_poly1305 wolfcrypt_aes \
wolfcrypt_ecc wolfcrypt_asn wolfcrypt_random
ifneq (native, $(BOARD))
# for TCP/IP recommend working with lwip or other third-party TCP/IP stack.
# Also need third-party string library if attempting to use ecc that will
# implement strncasecomp
# USEPKG += lwip
# export CFLAGS += "-DHAVE_LWIP_NATIVE=1"
endif
include $(RIOTBASE)/Makefile.include

4
tests/wolfssl_crypto_test/README.md
View File

@ -1,4 +0,0 @@
# wolfSSL on RIOT
This application demonstrates the underlying wolfCrypt libraries in wolfSSL
from [wolfSSL Inc](https://www.wolfssl.com) on RIOT.

43
tests/wolfssl_crypto_test/main.c
View File

@ -1,43 +0,0 @@
/*
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/**
* @ingroup examples
* @{
*
* @file
* @brief wolfSSL cryptographic library test
*
* @author Kaleb J. Himes <kaleb@wolfssl.com>
*
* @}
*/
#include <stdio.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/test/test.h>
int main(void)
{
puts("wolfSSL Crypto Test!");
wolfcrypt_test(NULL);
return 0;
}