From cfc182ba12e53e0bfab5b78bc75a58660dde308c Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 23 Aug 2024 02:09:27 -0600 Subject: [PATCH] add example build for small static psk case --- mplabx/small-psk-build/Makefile | 87 ++++++ mplabx/small-psk-build/example-client-psk.c | 299 ++++++++++++++++++++ mplabx/small-psk-build/user_settings.h | 7 +- 3 files changed, 392 insertions(+), 1 deletion(-) create mode 100644 mplabx/small-psk-build/Makefile create mode 100644 mplabx/small-psk-build/example-client-psk.c diff --git a/mplabx/small-psk-build/Makefile b/mplabx/small-psk-build/Makefile new file mode 100644 index 0000000000..ec493c4196 --- /dev/null +++ b/mplabx/small-psk-build/Makefile @@ -0,0 +1,87 @@ +# Set to @ if you want to suppress command echo +CMD_ECHO = + +# Important directories +BUILD_DIR = ./Build + +# Toolchain location and prefix +TOOLCHAIN ?= + +# Tools selection +CC = $(TOOLCHAIN)gcc +AS = $(CC) +LD = $(CC) +AR = $(TOOLCHAIN)ar +NM = $(TOOLCHAIN)nm +OBJCOPY ?= $(TOOLCHAIN)objcopy +OBJDUMP ?= $(TOOLCHAIN)objdump +SIZE ?= $(TOOLCHAIN)size + +# Includes +USER_SETTINGS_DIR ?= . +INC = -I$(USER_SETTINGS_DIR) \ + -I../.. + +# Defines +DEF = -DWOLFSSL_USER_SETTINGS -DWOLFSSL_GENSEED_FORTEST +#DEF = -DUSE_LIBFUZZER +#CFLAGS = -fsanitize=fuzzer,address + +# LD: generate map +LDFLAGS += -Wl,-Map=$(BUILD_DIR)/$(BIN).map + +# LD: Entry point +LDFLAGS += -Wl,-ereset_handler + +# Math lib (for DH) +LIBS = -lm + +# Optimization level and place functions / data into separate sections to allow dead code removal +CFLAGS += -Os -ffunction-sections -fdata-sections -fno-builtin +# Remove unused sections and link time optimizations +LDFLAGS += -Wl,--gc-sections -flto + +# Debugging +#DBGFLAGS = -ggdb -g3 +CFLAGS += $(DBGFLAGS) +LDFLAGS += $(DBGFLAGS) + + +# FILES +SRC_C += ../../wolfcrypt/src/aes.c +SRC_C += ../../wolfcrypt/src/hmac.c +SRC_C += ../../wolfcrypt/src/random.c +SRC_C += ../../wolfcrypt/src/sha256.c +SRC_C += ../../wolfcrypt/src/misc.c +SRC_C += ../../src/wolfio.c +SRC_C += psk-ssl.c +SRC_C += psk-tls.c +SRC_C += example-client-psk.c + + +FILENAMES_C = $(notdir $(SRC_C)) +FILENAMES_C := $(filter-out evp.c, $(FILENAMES_C)) +OBJS_C = $(addprefix $(BUILD_DIR)/, $(FILENAMES_C:.c=.o)) +vpath %.c $(dir $(SRC_C)) + +APP = example-client-psk + +all: $(BUILD_DIR)/$(APP) + @echo "" + $(CMD_ECHO) $(SIZE) $(BUILD_DIR)/$(APP) + +$(BUILD_DIR): + $(CMD_ECHO) mkdir -p $(BUILD_DIR) + +$(BUILD_DIR)/%.o: %.c + @echo "Compiling C file: $(notdir $<)" + $(CMD_ECHO) $(CC) $(CFLAGS) $(DEF) $(INC) -c -o $@ $< + +$(BUILD_DIR)/$(APP): $(OBJS_C) + @echo "Linking object files:" + $(CMD_ECHO) $(CC) $(CFLAGS) $(DEF) $(INC) -o $@ $(OBJS_C) + + +clean: + rm -f $(BUILD_DIR)/*.o $(BUILD_DIR)/$(APP) + diff --git a/mplabx/small-psk-build/example-client-psk.c b/mplabx/small-psk-build/example-client-psk.c new file mode 100644 index 0000000000..b2ca1ef016 --- /dev/null +++ b/mplabx/small-psk-build/example-client-psk.c @@ -0,0 +1,299 @@ +/* example-client-psk.c + * + * Copyright (C) 2006-2024 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + **/ + +#include /* must include this to use wolfSSL security */ + +#include +#include +#include +#include +#include +#include +#include + +#define MAXLINE 256 /* max text line length */ +#define SERV_PORT 11111 /* default port*/ +#define PSK_KEY_LEN 4 +#define DEFAULT_IP "127.0.0.1" +static int sockfd = SOCKET_INVALID; + +static int cannedLen = 0; +static byte canned[4096]; +static int cannedIdx = 0; + +#ifndef NO_PSK +/* + *psk client set up. + */ +static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, + char* identity, unsigned int id_max_len, unsigned char* key, + unsigned int key_max_len) +{ + (void)ssl; + (void)hint; + (void)key_max_len; + + /* identity is OpenSSL testing default for openssl s_client, keep same*/ + strncpy(identity, "Client_identity", id_max_len); + + /* test key n hex is 0x1a2b3c4d , in decimal 439,041,101, we're using + * unsigned binary */ + key[0] = 26; + key[1] = 43; + key[2] = 60; + key[3] = 77; + + return PSK_KEY_LEN; +} +#endif + +int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + /* By default, ctx will be a pointer to the file descriptor to read from. + * This can be changed by calling wolfSSL_SetIOReadCtx(). */ + int recvd; + + + if (cannedLen > 0) { + recvd = (sz < (cannedLen - cannedIdx))? sz : cannedLen - cannedIdx; + memcpy(buff, canned + cannedIdx, recvd); + cannedIdx += recvd; + if (recvd == 0) { + fprintf(stderr, "ran out of input\n"); + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + } + } + else { + /* Receive message from socket */ + if ((recvd = recv(sockfd, buff, sz, 0)) == -1) { + /* error encountered. Be responsible and report it in wolfSSL terms */ + + fprintf(stderr, "IO RECEIVE ERROR: "); + switch (errno) { + #if EAGAIN != EWOULDBLOCK + case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */ + #endif + case EWOULDBLOCK: + fprintf(stderr, "would block\n"); + return WOLFSSL_CBIO_ERR_WANT_READ; + case ECONNRESET: + fprintf(stderr, "connection reset\n"); + return WOLFSSL_CBIO_ERR_CONN_RST; + case EINTR: + fprintf(stderr, "socket interrupted\n"); + return WOLFSSL_CBIO_ERR_ISR; + case ECONNREFUSED: + fprintf(stderr, "connection refused\n"); + return WOLFSSL_CBIO_ERR_WANT_READ; + case ECONNABORTED: + fprintf(stderr, "connection aborted\n"); + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + default: + fprintf(stderr, "general error\n"); + return WOLFSSL_CBIO_ERR_GENERAL; + } + } + else if (recvd == 0) { + printf("Connection closed\n"); + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + } + +#if 0 + { + FILE* f; + char fname[200]; + + sprintf(fname, "%d-recv.out", getpid()); + f=fopen(fname, "ab"); + fwrite(buff, 1, recvd, f); + fclose(f); + } +#endif + } + /* successful receive */ + printf("my_IORecv: received %d bytes\n", sz); + return recvd; +} + + +int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx) +{ + /* By default, ctx will be a pointer to the file descriptor to write to. + * This can be changed by calling wolfSSL_SetIOWriteCtx(). */ + int sent; + + + if (cannedLen > 0) { + sent = sz; + } + else { + /* Receive message from socket */ + if ((sent = send(sockfd, buff, sz, 0)) == -1) { + /* error encountered. Be responsible and report it in wolfSSL terms */ + + fprintf(stderr, "IO SEND ERROR: "); + switch (errno) { + #if EAGAIN != EWOULDBLOCK + case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */ + #endif + case EWOULDBLOCK: + fprintf(stderr, "would block\n"); + return WOLFSSL_CBIO_ERR_WANT_WRITE; + case ECONNRESET: + fprintf(stderr, "connection reset\n"); + return WOLFSSL_CBIO_ERR_CONN_RST; + case EINTR: + fprintf(stderr, "socket interrupted\n"); + return WOLFSSL_CBIO_ERR_ISR; + case EPIPE: + fprintf(stderr, "socket EPIPE\n"); + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + default: + fprintf(stderr, "general error\n"); + return WOLFSSL_CBIO_ERR_GENERAL; + } + } + else if (sent == 0) { + printf("Connection closed\n"); + return 0; + } + } + /* successful send */ + printf("my_IOSend: sent %d bytes\n", sz); + return sent; +} + +#define CIPHER_BYTE 0x00 +#define TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE + +#define SUITE0 CIPHER_BYTE +#define SUITE1 TLS_PSK_WITH_AES_128_CBC_SHA256 +#define TLS_RANDOM_SIZE 48 +#ifndef USE_LIBFUZZER +int main(int argc, char **argv) +#else +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) +#endif +{ + int ret, read = 0; + char recvline[MAXLINE]="Hello Server"; /* string to send to the server */ + struct sockaddr_in servaddr;; + byte ran[TLS_RANDOM_SIZE]; + byte *ptr; + WOLFSSL_METHOD* meth = NULL; + + WOLFSSL* ssl = NULL; + + memset(ran, 0, sizeof(ran)); +#ifndef USE_LIBFUZZER + if (argc == 2) { + FILE* f = fopen(argv[1], "rb"); + + if (f == NULL) { + printf("Unable to open file %s\n", argv[1]); + return 1; + } + else { + cannedLen = fread(canned, 1, 4096, f); + fclose(f); + } + } + else { + /* create a stream socket using tcp,internet protocal IPv4, + * full-duplex stream */ + sockfd = socket(AF_INET, SOCK_STREAM, 0); + + /* places n zero-valued bytes in the address servaddr */ + memset(&servaddr, 0, sizeof(servaddr)); + + servaddr.sin_family = AF_INET; + servaddr.sin_port = htons(SERV_PORT); + + /* converts IPv4 addresses from text to binary form */ + ret = inet_pton(AF_INET, DEFAULT_IP, &servaddr.sin_addr); + if (ret != 1) { + printf("inet_pton error\n"); + ret = -1; + goto exit; + } + + /* attempts to make a connection on a socket */ + ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); + if (ret != 0) { + printf("Connection Error\n"); + ret = -1; + goto exit; + } + } +#else + cannedLen = sz; + memcpy(canned, data, cannedLen); +#endif + wolfSSL_Init(); /* initialize wolfSSL */ + + meth = wolfTLSv1_2_client_method(); + /* creat wolfssl object after each tcp connect */ + if ( (ssl = wolfSSL_new_leanpsk(meth, SUITE0, SUITE1, ran, + TLS_RANDOM_SIZE)) == NULL) { + fprintf(stderr, "wolfSSL_new_leanpsk error.\n"); + ret = -1; + goto exit; + } + wolfSSL_set_psk_client_callback(ssl, My_Psk_Client_Cb); + wolfSSL_SSLSetIORecv(ssl, my_IORecv); + wolfSSL_SSLSetIOSend(ssl, my_IOSend); + + ret = wolfSSL_connect(ssl); + printf("ret of connect = %d\n", ret); + + /* write string to the server */ + if (wolfSSL_write_inline(ssl, recvline, strlen(recvline), MAXLINE) < 0) { + printf("Write Error to Server\n"); + ret = -1; + goto exit; + } + + /* check if server ended before client could read a response */ + if ((read = wolfSSL_read_inline(ssl, recvline, MAXLINE, (void**)&ptr, + MAXLINE)) < 0 ) { + printf("Client: Server Terminated Prematurely!\n"); + ret = -1; + goto exit; + } + + /* show message from the server */ + ptr[read] = '\0'; + printf("Server Message: %s\n", ptr); + + ret = 0; + +exit: + /* Cleanup and return */ + if (ssl) + wolfSSL_free(ssl); /* Free the wolfSSL object */ + if (sockfd != SOCKET_INVALID) + close(sockfd); /* Close the socket */ + if (meth) + free(meth); + wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */ + + return ret; /* Return reporting a success */ +} diff --git a/mplabx/small-psk-build/user_settings.h b/mplabx/small-psk-build/user_settings.h index 1c2a7ae996..57ef74f951 100644 --- a/mplabx/small-psk-build/user_settings.h +++ b/mplabx/small-psk-build/user_settings.h @@ -302,7 +302,12 @@ extern "C" { //#define WOLFSSL_STATIC_MEMORY #ifndef WOLFSSL_STATIC_MEMORY - #define XMALLOC_USER + #ifdef __18CXX + /* use custom malloc on target */ + #define XMALLOC_USER + #else + #define NO_WOLFSSL_MEMORY + #endif #else #define WOLFSSL_STATIC_MEMORY_LEAN #define USE_WOLFSSL_MEMORY