Skip to content

Commit

Permalink
fix warnings and alternate build errors, adjust example client
Browse files Browse the repository at this point in the history
  • Loading branch information
@JacobBarthelmeh
JacobBarthelmeh committed Aug 23, 2024
1 parent cfc182b commit e3c392d
Show file tree
Hide file tree
Showing 8 changed files with 121 additions and 111 deletions.
7 changes: 3 additions & 4 deletions mplabx/small-psk-build/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ INC = -I$(USER_SETTINGS_DIR) \

# Defines
DEF = -DWOLFSSL_USER_SETTINGS -DWOLFSSL_GENSEED_FORTEST
#DEF = -DUSE_LIBFUZZER
#CFLAGS = -fsanitize=fuzzer,address
#DEF += -DUSE_LIBFUZZER
#CFLAGS = -fsanitize=fuzzer,address -g

# LD: generate map
LDFLAGS += -Wl,-Map=$(BUILD_DIR)/$(BIN).map
Expand Down Expand Up @@ -53,7 +53,6 @@ SRC_C += ../../wolfcrypt/src/hmac.c
SRC_C += ../../wolfcrypt/src/random.c
SRC_C += ../../wolfcrypt/src/sha256.c
SRC_C += ../../wolfcrypt/src/misc.c
SRC_C += ../../src/wolfio.c
SRC_C += psk-ssl.c
SRC_C += psk-tls.c
SRC_C += example-client-psk.c
Expand All @@ -66,7 +65,7 @@ vpath %.c $(dir $(SRC_C))

APP = example-client-psk

all: $(BUILD_DIR)/$(APP)
all: $(BUILD_DIR) $(BUILD_DIR)/$(APP)
@echo ""
$(CMD_ECHO) $(SIZE) $(BUILD_DIR)/$(APP)

Expand Down
124 changes: 74 additions & 50 deletions mplabx/small-psk-build/example-client-psk.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,11 @@
#define DEFAULT_IP "127.0.0.1"
static int sockfd = SOCKET_INVALID;

static int cannedLen = 0;
static byte canned[4096];
static int cannedIdx = 0;
typedef struct cannedStruct {
int bufferLen;
byte buffer[4096];
int bufferIdx;
} cannedStruct;

#ifndef NO_PSK
/*
Expand Down Expand Up @@ -67,17 +69,17 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,

int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
{
/* By default, ctx will be a pointer to the file descriptor to read from.
* This can be changed by calling wolfSSL_SetIOReadCtx(). */
int recvd;


if (cannedLen > 0) {
recvd = (sz < (cannedLen - cannedIdx))? sz : cannedLen - cannedIdx;
memcpy(buff, canned + cannedIdx, recvd);
cannedIdx += recvd;
if (ctx != NULL) {
cannedStruct *cannedData = (cannedStruct*)ctx;
recvd = sz;
if (recvd > (cannedData->bufferLen - cannedData->bufferIdx)) {
recvd = cannedData->bufferLen - cannedData->bufferIdx;
}
memcpy(buff, cannedData->buffer + cannedData->bufferIdx, recvd);
cannedData->bufferIdx += recvd;
if (recvd == 0) {
fprintf(stderr, "ran out of input\n");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
}
Expand Down Expand Up @@ -129,7 +131,9 @@ int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
#endif
}
/* successful receive */
#ifndef USE_LIBFUZZER
printf("my_IORecv: received %d bytes\n", sz);
#endif
return recvd;
}

Expand All @@ -140,44 +144,45 @@ int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
* This can be changed by calling wolfSSL_SetIOWriteCtx(). */
int sent;


if (cannedLen > 0) {
if (ctx != NULL) {
/* drop sent data */
sent = sz;
}
else {
/* Receive message from socket */
if ((sent = send(sockfd, buff, sz, 0)) == -1) {
/* error encountered. Be responsible and report it in wolfSSL terms */

fprintf(stderr, "IO SEND ERROR: ");
switch (errno) {
#if EAGAIN != EWOULDBLOCK
case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */
#endif
case EWOULDBLOCK:
fprintf(stderr, "would block\n");
return WOLFSSL_CBIO_ERR_WANT_WRITE;
case ECONNRESET:
fprintf(stderr, "connection reset\n");
return WOLFSSL_CBIO_ERR_CONN_RST;
case EINTR:
fprintf(stderr, "socket interrupted\n");
return WOLFSSL_CBIO_ERR_ISR;
case EPIPE:
fprintf(stderr, "socket EPIPE\n");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
default:
fprintf(stderr, "general error\n");
return WOLFSSL_CBIO_ERR_GENERAL;
/* Receive message from socket */
if ((sent = send(sockfd, buff, sz, 0)) == -1) {
fprintf(stderr, "IO SEND ERROR: ");
switch (errno) {
#if EAGAIN != EWOULDBLOCK
case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems */
#endif
case EWOULDBLOCK:
fprintf(stderr, "would block\n");
return WOLFSSL_CBIO_ERR_WANT_WRITE;
case ECONNRESET:
fprintf(stderr, "connection reset\n");
return WOLFSSL_CBIO_ERR_CONN_RST;
case EINTR:
fprintf(stderr, "socket interrupted\n");
return WOLFSSL_CBIO_ERR_ISR;
case EPIPE:
fprintf(stderr, "socket EPIPE\n");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
default:
fprintf(stderr, "general error\n");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
else if (sent == 0) {
printf("Connection closed\n");
return 0;
}
}
else if (sent == 0) {
printf("Connection closed\n");
return 0;
}
}

/* successful send */
#ifndef USE_LIBFUZZER
printf("my_IOSend: sent %d bytes\n", sz);
#endif
return sent;
}

Expand All @@ -199,10 +204,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz)
byte ran[TLS_RANDOM_SIZE];
byte *ptr;
WOLFSSL_METHOD* meth = NULL;

WOLFSSL* ssl = NULL;
cannedStruct cannedData;

memset(ran, 0, sizeof(ran));
cannedData.bufferLen = 0;
#ifndef USE_LIBFUZZER
if (argc == 2) {
FILE* f = fopen(argv[1], "rb");
Expand All @@ -212,7 +217,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz)
return 1;
}
else {
cannedLen = fread(canned, 1, 4096, f);
cannedData.bufferLen = fread(cannedData.buffer, 1, 4096, f);
cannedData.bufferIdx = 0;
fclose(f);
}
}
Expand Down Expand Up @@ -244,13 +250,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz)
}
}
#else
cannedLen = sz;
memcpy(canned, data, cannedLen);
cannedData.bufferLen = sz;
memcpy(cannedData.buffer, data, cannedData.bufferLen);
cannedData.bufferIdx = 0;
#endif
wolfSSL_Init(); /* initialize wolfSSL */

meth = wolfTLSv1_2_client_method();

/* creat wolfssl object after each tcp connect */
memset(ran, 0, sizeof(ran));
if ( (ssl = wolfSSL_new_leanpsk(meth, SUITE0, SUITE1, ran,
TLS_RANDOM_SIZE)) == NULL) {
fprintf(stderr, "wolfSSL_new_leanpsk error.\n");
Expand All @@ -261,27 +270,42 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz)
wolfSSL_SSLSetIORecv(ssl, my_IORecv);
wolfSSL_SSLSetIOSend(ssl, my_IOSend);

if (cannedData.bufferLen > 0) {
wolfSSL_SetIOWriteCtx(ssl, (void*)&cannedData);
wolfSSL_SetIOReadCtx(ssl, (void*)&cannedData);
}

ret = wolfSSL_connect(ssl);
#ifndef USE_LIBFUZZER
printf("ret of connect = %d\n", ret);
#endif

/* write string to the server */
if (wolfSSL_write_inline(ssl, recvline, strlen(recvline), MAXLINE) < 0) {
#ifndef USE_LIBFUZZER
printf("Write Error to Server\n");
#endif
ret = -1;
goto exit;
}

/* check if server ended before client could read a response */
if ((read = wolfSSL_read_inline(ssl, recvline, MAXLINE, (void**)&ptr,
MAXLINE)) < 0 ) {
#ifndef USE_LIBFUZZER
printf("Client: Server Terminated Prematurely!\n");
#endif
ret = -1;
goto exit;
}

/* show message from the server */
ptr[read] = '\0';
printf("Server Message: %s\n", ptr);
if (read > 0) {
/* show message from the server */
ptr[read] = '\0';
#ifndef USE_LIBFUZZER
printf("Server Message: %s\n", ptr);
#endif
}

ret = 0;

Expand Down
55 changes: 21 additions & 34 deletions mplabx/small-psk-build/psk-ssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -903,7 +903,7 @@ static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz)

retry:
recvd = ssl->CBIORecv(ssl, (char *)buf, (int)sz,
#ifndef WOLFSSL_LEANPSK_STATIC_IO
#ifndef WOLFSSL_LEANPSK_STATIC_IO
ssl->IOCB_ReadCtx
#else
NULL
Expand Down Expand Up @@ -2653,7 +2653,6 @@ static WC_INLINE int CipherHasExpIV(WOLFSSL *ssl)
}


#ifndef WOLFSSL_LEANPSK_STATIC
/* check cipher text size for sanity */
static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz)
{
Expand Down Expand Up @@ -2706,7 +2705,6 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz)

return 0;
}
#endif /* WOLFSSL_LEANPSK _STATIC */

#ifndef WOLFSSL_AEAD_ONLY
#ifdef WOLSSL_OLD_TIMINGPADVERIFY
Expand Down Expand Up @@ -3097,14 +3095,8 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz,
/* 4th argument has potential to underflow, ssl->hmac function should
* either increment the size by (macSz + padLen + 1) before use or check on
* the size to make sure is valid. */
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen,
content, 1, PEER_ORDER);
#else
ret = TLS_hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen,
content, 1, PEER_ORDER);
#endif
good |= MaskMac(input, pLen, WC_SHA256_DIGEST_SIZE, verify);

/* Non-zero on failure. */
Expand Down Expand Up @@ -3675,10 +3667,8 @@ static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,

if (ssl->specs.cipher_type == (byte)block) {
int ivExtra = 0;
//#ifndef NO_OLD_TLS
if (ssl->options.tls1_1)
ivExtra = ssl->specs.block_size;
//#endif
pad = *(input + msgSz - ivExtra - 1);
padByte = 1;

Expand Down Expand Up @@ -3890,15 +3880,13 @@ int ProcessReply(WOLFSSL* ssl)
{
bufferStatic* in = &ssl->buffers.inputBuffer;

#ifndef WOLFSSL_LEANPSK_STATIC
ret = SanityCheckCipherText(ssl, ssl->curSize);
if (ret < 0) {
#ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal, bad_record_mac);
#endif
return ret;
}
#endif

if (atomicUser) {
}
Expand Down Expand Up @@ -4779,14 +4767,9 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
else
#endif
{
#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = ssl->hmac(ssl, output + args->idx, output +
args->headerSz + args->ivSz, (word32)inSz, -1, type, 0, epochOrder);
#else
ret = TLS_hmac(ssl, output + args->idx, output +
args->headerSz + args->ivSz, (word32)inSz, -1, type, 0, epochOrder);
#endif
args->headerSz + args->ivSz,
(word32)inSz, -1, type, 0, epochOrder);
}
}
#endif /* WOLFSSL_AEAD_ONLY */
Expand Down Expand Up @@ -6140,14 +6123,12 @@ int SendClientKeyExchange(WOLFSSL* ssl)
c16toa((word16)psk_keySz, pms);
pms += OPAQUE16_LEN;
if (psk_keySz < (int)MAX_PSK_KEY_LEN) {
XMEMMOVE((void*)pms, (void*)(pms + (MAX_PSK_KEY_LEN - psk_keySz)),
XMEMMOVE((void*)pms,
(void*)(pms + (MAX_PSK_KEY_LEN - psk_keySz)),
psk_keySz);
}
ssl->arrays->preMasterSz = (psk_keySz * 2)
+ (2 * OPAQUE16_LEN);
#ifndef WOLFSSL_NO_FORCE_ZERO
ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
#endif
}
psk_keySz = 0; /* No further need */
break;
Expand Down Expand Up @@ -6544,8 +6525,8 @@ int wolfSSL_read_inline(WOLFSSL* ssl, void* buf, int bufSz, void** data,
int dataSz)
{
int ret;
WOLFSSL_ENTER("wolfSSL_read");

WOLFSSL_ENTER("wolfSSL_read_inline");

#ifdef OPENSSL_EXTRA
if (ssl == NULL) {
Expand Down Expand Up @@ -7055,15 +7036,25 @@ int wolfSSL_get_shutdown(const WOLFSSL* ssl)
return isShutdown;
}

#ifdef WOLFSSL_LEANPSK_STATIC_IO
#ifndef WOLFSSL_LEANPSK_STATIC_IO
void wolfSSL_SetIOReadCtx(WOLFSSL* ssl, void *rctx)
{
if (ssl)
ssl->IOCB_ReadCtx = rctx;
}

void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *wctx)
{
if (ssl)
ssl->IOCB_WriteCtx = wctx;
}
#endif

/* sets the IO callback to use for receives at WOLFSSL level */
void wolfSSL_SSLSetIORecv(WOLFSSL *ssl, CallbackIORecv CBIORecv)
{
if (ssl) {
ssl->CBIORecv = CBIORecv;
#ifdef OPENSSL_EXTRA
ssl->cbioFlag |= WOLFSSL_CBIO_RECV;
#endif
}
}

Expand All @@ -7073,12 +7064,8 @@ void wolfSSL_SSLSetIOSend(WOLFSSL *ssl, CallbackIOSend CBIOSend)
{
if (ssl) {
ssl->CBIOSend = CBIOSend;
#ifdef OPENSSL_EXTRA
ssl->cbioFlag |= WOLFSSL_CBIO_SEND;
#endif
}
}
#endif

#endif /* !WOLFCRYPT_ONLY */

Loading

0 comments on commit e3c392d

Please sign in to comment.