Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions X9.146/gen_dual_keysig_cert.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/memory.h>

#if defined(WOLFSSL_DUAL_ALG_CERTS)

Expand Down Expand Up @@ -121,6 +122,7 @@ static int do_certgen(int argc, char** argv)
#endif /* !GEN_ROOT_CERT */
int initPreTBS = 0;
ecc_key altCaKey;
int initAltCaKey = 0;
word32 idx = 0;

#if 0
Expand Down Expand Up @@ -241,6 +243,7 @@ static int do_certgen(int argc, char** argv)
printf("Decoding the CA alt private key\n");
ret = wc_ecc_init(&altCaKey);
if (ret != 0) goto exit;
initAltCaKey = 1;

idx = 0;
ret = wc_EccPrivateKeyDecode(altPrivBuf, &idx, &altCaKey,
Expand Down Expand Up @@ -368,12 +371,20 @@ static int do_certgen(int argc, char** argv)
printf("SUCCESS!\n");
exit:

wc_ForceZero(caKeyBuf, sizeof(caKeyBuf));
#ifndef GEN_ROOT_CERT
wc_ForceZero(serverKeyBuf, sizeof(serverKeyBuf));
#endif
wc_ForceZero(altPrivBuf, sizeof(altPrivBuf));

if (initCaKey)
wc_FreeRsaKey(&caKey);
#ifndef GEN_ROOT_CERT
if (initServerKey)
wc_FreeRsaKey(&serverKey);
#endif
if (initAltCaKey)
wc_ecc_free(&altCaKey);
if (initPreTBS)
wc_FreeDecodedCert(&preTBS);
if (initRng)
Expand Down
11 changes: 11 additions & 0 deletions X9.146/gen_ecdsa_mldsa_dual_keysig_cert.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/memory.h>

#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_DILITHIUM)

Expand Down Expand Up @@ -153,6 +154,7 @@ static int do_certgen(int argc, char** argv)
#endif /* !GEN_ROOT_CERT */
int initPreTBS = 0;
dilithium_key altCaKey;
int initAltCaKey = 0;
word32 idx = 0;
byte level = 0;

Expand Down Expand Up @@ -257,6 +259,7 @@ static int do_certgen(int argc, char** argv)

printf("Decoding the CA alt private key\n");
wc_dilithium_init(&altCaKey);
initAltCaKey = 1;
ret = wc_dilithium_set_level(&altCaKey, level);
if (ret < 0) goto exit;

Expand Down Expand Up @@ -445,12 +448,20 @@ static int do_certgen(int argc, char** argv)
printf("SUCCESS!\n");
exit:

wc_ForceZero(caKeyBuf, sizeof(caKeyBuf));
#ifndef GEN_ROOT_CERT
wc_ForceZero(serverKeyBuf, sizeof(serverKeyBuf));
#endif
wc_ForceZero(altPrivBuf, sizeof(altPrivBuf));

if (initCaKey)
wc_ecc_free(&caKey);
#ifndef GEN_ROOT_CERT
if (initServerKey)
wc_ecc_free(&serverKey);
#endif
if (initAltCaKey)
wc_dilithium_free(&altCaKey);
if (initPreTBS)
wc_FreeDecodedCert(&preTBS);
if (initRng)
Expand Down
11 changes: 11 additions & 0 deletions X9.146/gen_rsa_mldsa_dual_keysig_cert.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/memory.h>

#if defined(WOLFSSL_DUAL_ALG_CERTS) && defined(HAVE_DILITHIUM)

Expand Down Expand Up @@ -138,6 +139,7 @@ static int do_certgen(int argc, char** argv)
#endif /* !GEN_ROOT_CERT */
int initPreTBS = 0;
dilithium_key altCaKey;
int initAltCaKey = 0;
word32 idx = 0;

#if 0
Expand Down Expand Up @@ -217,6 +219,7 @@ static int do_certgen(int argc, char** argv)

printf("Decoding the CA alt private key\n");
wc_dilithium_init(&altCaKey);
initAltCaKey = 1;
ret = wc_dilithium_set_level(&altCaKey, 2);
if (ret < 0) goto exit;

Expand Down Expand Up @@ -356,12 +359,20 @@ static int do_certgen(int argc, char** argv)
printf("SUCCESS!\n");
exit:

wc_ForceZero(caKeyBuf, sizeof(caKeyBuf));
#ifndef GEN_ROOT_CERT
wc_ForceZero(serverKeyBuf, sizeof(serverKeyBuf));
#endif
wc_ForceZero(altPrivBuf, sizeof(altPrivBuf));

if (initCaKey)
wc_FreeRsaKey(&caKey);
#ifndef GEN_ROOT_CERT
if (initServerKey)
wc_FreeRsaKey(&serverKey);
#endif
if (initAltCaKey)
wc_dilithium_free(&altCaKey);
if (initPreTBS)
wc_FreeDecodedCert(&preTBS);
if (initRng)
Expand Down
9 changes: 9 additions & 0 deletions btle/ecies/ecc-client.c
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ int main(int argc, char** argv)
word32 plainSz;
ecc_key myKey, peerKey;
int type;
int initRng = 0;

wolfCrypt_Init();

Expand Down Expand Up @@ -70,6 +71,7 @@ int main(int argc, char** argv)
printf("wc_InitRng failed! %d\n", ret);
goto cleanup;
}
initRng = 1;

ret = wc_ecc_make_key(&rng, 32, &myKey);
if (ret != 0) {
Expand Down Expand Up @@ -216,6 +218,13 @@ int main(int argc, char** argv)

cleanup:

wc_ecc_free(&myKey);
wc_ecc_free(&peerKey);
if (cliCtx != NULL)
wc_ecc_ctx_free(cliCtx);
if (initRng)
wc_FreeRng(&rng);

if (devCtx != NULL)
btle_close(devCtx);

Expand Down
9 changes: 9 additions & 0 deletions btle/ecies/ecc-server.c
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ int main(int argc, char** argv)
word32 plainSz;
ecc_key myKey, peerKey;
int type;
int initRng = 0;

wolfCrypt_Init();

Expand Down Expand Up @@ -71,6 +72,7 @@ int main(int argc, char** argv)
printf("wc_InitRng failed! %d\n", ret);
goto cleanup;
}
initRng = 1;

ret = wc_ecc_make_key(&rng, 32, &myKey);
if (ret != 0) {
Expand Down Expand Up @@ -206,6 +208,13 @@ int main(int argc, char** argv)

cleanup:

wc_ecc_free(&myKey);
wc_ecc_free(&peerKey);
if (srvCtx != NULL)
wc_ecc_ctx_free(srvCtx);
if (initRng)
wc_FreeRng(&rng);

if (devCtx != NULL)
btle_close(devCtx);

Expand Down
5 changes: 3 additions & 2 deletions can-bus/client.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ int main(int argc, char *argv[])
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_METHOD* method = NULL;
WOLFSSL* ssl = NULL;
char *receive_buffer = NULL;
int ret;

if (argc != 2) {
Expand All @@ -40,7 +41,7 @@ int main(int argc, char *argv[])
return ret;
}

ret = setup_ssl(SERVICE_TYPE_CLIENT, &ctx, &method, &ssl);
ret = setup_ssl(SERVICE_TYPE_CLIENT, &ctx, &method, &ssl, &receive_buffer);
if (ret) {
return ret;
}
Expand All @@ -58,7 +59,7 @@ int main(int argc, char *argv[])
free(line);
}

close_ssl(ctx, ssl);
close_ssl(ctx, ssl, receive_buffer);

return 0;
}
26 changes: 18 additions & 8 deletions can-bus/common.c
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ int can_connect(const char *address, uint16_t filter)
addr.can_ifindex = ifr.ifr_ifindex;
if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
perror("Bind error\n");
close(sock);
return -1;
}

Expand All @@ -122,7 +123,7 @@ void can_close()
close(can_con_info.sock);
}

void close_ssl(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
void close_ssl(WOLFSSL_CTX *ctx, WOLFSSL *ssl, char *receive_buffer)
{
if (ssl) {
int ret = WOLFSSL_SHUTDOWN_NOT_DONE;
Expand All @@ -134,11 +135,12 @@ void close_ssl(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
int err = wolfSSL_get_error(ssl, ret);
fprintf(stderr, "Error shutting down TLS connection: %d, %s",
err, wolfSSL_ERR_error_string(err, buffer));
return;
}
}
can_close();

free(receive_buffer);

wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_Cleanup();
Expand Down Expand Up @@ -170,13 +172,19 @@ int setup_connection(const char *interface, int local_id, int remote_id)
}

int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,
WOLFSSL_METHOD **new_method, WOLFSSL **new_ssl)
WOLFSSL_METHOD **new_method, WOLFSSL **new_ssl,
char **new_receive_buffer)
{
int ret;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_METHOD* method = NULL;
WOLFSSL* ssl = NULL;
char *receive_buffer = malloc(ISOTP_DEFAULT_BUFFER_SIZE);
if (receive_buffer == NULL) {
fprintf(stderr, "Could not allocate receive buffer\n");
close_ssl(NULL, NULL, NULL);
return -1;
}

if (type == SERVICE_TYPE_CLIENT) {
method = wolfTLSv1_3_client_method();
Expand All @@ -186,13 +194,14 @@ int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,

if (!method) {
fprintf(stderr, "Could not init wolfSSL method\n");
close_ssl(NULL, NULL, receive_buffer);
return -1;
}

ctx = wolfSSL_CTX_new(method);
if (!ctx) {
fprintf(stderr, "Could not init wolfSSL context\n");
close_ssl(NULL, NULL);
close_ssl(NULL, NULL, receive_buffer);
return -1;
}

Expand All @@ -208,7 +217,7 @@ int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load cert, "
"please check the file.\n");
close_ssl(ctx, NULL);
close_ssl(ctx, NULL, receive_buffer);
return -1;
}

Expand All @@ -217,15 +226,15 @@ int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to load key file, "
"please check the file.\n");
close_ssl(ctx, NULL);
close_ssl(ctx, NULL, receive_buffer);
return -1;
}
}

ssl = wolfSSL_new(ctx);
if (!ssl) {
fprintf(stderr, "Could not init wolfSSL\n");
close_ssl(ctx, NULL);
close_ssl(ctx, NULL, receive_buffer);
return -1;
}

Expand All @@ -245,12 +254,13 @@ int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,
int err = wolfSSL_get_error(ssl, ret);
fprintf(stderr, "ERROR: failed to connect using wolfSSL: %d, %s\n",
err, wolfSSL_ERR_error_string(err, buffer));
close_ssl(ctx, ssl);
close_ssl(ctx, ssl, receive_buffer);
return -1;
}
*new_ctx = ctx;
*new_method = method;
*new_ssl = ssl;
*new_receive_buffer = receive_buffer;

printf("SSL handshake done!\n");

Expand Down
5 changes: 3 additions & 2 deletions can-bus/common.h
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,9 @@ int can_send(struct isotp_can_data *data, void *arg);
int can_connect(const char *address, uint16_t filter);
void can_close(void);

void close_ssl(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
void close_ssl(WOLFSSL_CTX *ctx, WOLFSSL *ssl, char *receive_buffer);
int setup_connection(const char *interface, int local_id, int remote_id);
int setup_ssl(enum service_type type, WOLFSSL_CTX **new_ctx,
WOLFSSL_METHOD **new_method, WOLFSSL **new_ssl);
WOLFSSL_METHOD **new_method, WOLFSSL **new_ssl,
char **new_receive_buffer);
#endif /* __CANCOMMON_H__ */
5 changes: 3 additions & 2 deletions can-bus/server.c
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ int main(int argc, char *argv[])
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_METHOD* method = NULL;
WOLFSSL* ssl = NULL;
char *receive_buffer = NULL;
int ret;

if (argc != 2) {
Expand All @@ -42,7 +43,7 @@ int main(int argc, char *argv[])
return ret;
}

ret = setup_ssl(SERVICE_TYPE_SERVER, &ctx, &method, &ssl);
ret = setup_ssl(SERVICE_TYPE_SERVER, &ctx, &method, &ssl, &receive_buffer);
if (ret) {
return ret;
}
Expand All @@ -57,7 +58,7 @@ int main(int argc, char *argv[])
}
}

close_ssl(ctx, ssl);
close_ssl(ctx, ssl, receive_buffer);

return 0;
}
Loading