Update code to v1.0.14 (10)

2026-05-20 16:35:47 +08:00 · 2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
--- a/android/extern/wolfssl/IDE/MQX/README-jp.md
+++ b/android/extern/wolfssl/IDE/MQX/README-jp.md
@@ -0,0 +1,29 @@
+# MQX向けビルド方法
+## 概要
+このMakefileはwolfSSLライブラリーとサンプルプログラムをMQX向けにビルドするためのものです。
+以下のターゲットを含んでいます。
+ - wolfssllib: wolfSSL静的ライブラリー
+ - test: 暗号アルゴリズムのテスト
+ - benchmark: 暗号アルゴリズムのベンチマーク
+ - client: TLS クライアントサンプルプログラム
+ - server: TLS サーバサンプルプログラム
+
+
+## 準備
+- 事前にGCCをインストールしておいてください。
+  GNU Arm Embedded Toolchain, https://developer.arm.com
+- 事前にMQXをインストールしておいてください。
+  Freescale MQX RTOS 4.1以降, https://www.nxp.com/
+  Freescale_MQX_4_1/doc/MQX_Getting_Started.pdfをご参照ください。
+
+## 設定
+- wolfSSL コンフィグレーションオプション
+　<wolfSSL-root>/IDE/MQX/user_settings.hファイルに必要なオプションを追加または削除してください。
+
+- Makefileの設定
+  MQX_ROOT: MQX のインストールパス
+  MQXLIB:   リンクするMQX ライブラリのパス
+  CC:       コンパイラコマンド
+  AR:       ARコマンド
+  WOLF_ROOT: Makefileの格納位置を変える場合はこの定義を変更してください
+  
--- a/android/extern/wolfssl/IDE/MQX/README.md
+++ b/android/extern/wolfssl/IDE/MQX/README.md
@@ -0,0 +1,27 @@
+#How to build with MQX
+## Overview
+This Makefile is for building wolfSSL library and sample programs running with MQX.
+It has following targets.
+ - wolfssllib: wolfSSL static library (libwolfssl.a)
+ - test: crypt test
+ - benchmark: cypher benchmark
+ - client: TLS client example
+ - server: TLS server example
+
+## Prerequisites
+- Installed GCC
+  Download from GNU Arm Embedded Toolchain at https://developer.arm.com/
+- Installed MQX
+  Download Freescale MQX RTOS 4.1 or later at https://www.nxp.com/
+  Follow Freescale_MQX_4_1/doc/MQX_Getting_Started.pdf
+
+## Setup
+- wolfSSL configuration parameters
+  You can add or remove configuration options in <wolfSSL-root>/IDE/MQX/user_settings.h.
+
+- Setup Makefile
+  MQX_ROOT: MQX source code installed path
+  MQXLIB:   MQX library path to like with
+  CC:       compiler
+  AR:       archiver
+  WOLF_ROOT: change this if you move this Makefile location
--- a/android/extern/wolfssl/IDE/MQX/client-tls.c
+++ b/android/extern/wolfssl/IDE/MQX/client-tls.c
@@ -0,0 +1,165 @@
+/* client-tls.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+
+#define DEFAULT_PORT 11111
+
+#define CERT_FILE "../certs/ca-cert.pem"
+
+
+
+int main(int argc, char** argv)
+{
+    int                sockfd;
+    struct sockaddr_in servAddr;
+    char               buff[256];
+    size_t             len;
+    int                ret;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
+
+
+
+    /* Check for proper calling convention */
+    if (argc != 2) {
+        printf("usage: %s <IPv4 address>\n", argv[0]);
+        return 0;
+    }
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        fprintf(stderr, "ERROR: failed to create the socket\n");
+        ret = -1;
+        goto end;
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family = AF_INET;             /* using IPv4      */
+    servAddr.sin_port   = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+    /* Get the server IPv4 address from the command line call */
+    if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr, sizeof(servAddr.sin_addr)) != 1) {
+        fprintf(stderr, "ERROR: invalid address\n");
+        ret = -1;
+        goto end;
+    }
+
+    /* Connect to the server */
+    if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr)))
+         == -1) {
+        fprintf(stderr, "ERROR: failed to connect\n");
+        goto end;
+    }
+
+    /*---------------------------------*/
+    /* Start of security */
+    /*---------------------------------*/
+    /* Initialize wolfSSL */
+    if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: Failed to initialize the library\n");
+        goto socket_cleanup;
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1;
+        goto socket_cleanup;
+    }
+
+    /* Load client certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CERT_FILE, NULL))
+         != SSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CERT_FILE);
+        goto ctx_cleanup;
+    }
+
+    /* Create a WOLFSSL object */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+        ret = -1;
+        goto ctx_cleanup;
+    }
+
+    /* Attach wolfSSL to the socket */
+    if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: Failed to set the file descriptor\n");
+        goto cleanup;
+    }
+
+    /* Connect to wolfSSL on the server side */
+    if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to connect to wolfSSL\n");
+        goto cleanup;
+    }
+
+    /* Get a message for the server from stdin */
+    printf("Message for server: ");
+    memset(buff, 0, sizeof(buff));
+    if (fgets(buff, sizeof(buff), stdin) == NULL) {
+        fprintf(stderr, "ERROR: failed to get message for server\n");
+        ret = -1;
+        goto cleanup;
+    }
+    len = strnlen(buff, sizeof(buff));
+
+    /* Send the message to the server */
+    if ((ret = wolfSSL_write(ssl, buff, len)) != len) {
+        fprintf(stderr, "ERROR: failed to write entire message\n");
+        fprintf(stderr, "%d bytes of %d bytes were sent", ret, (int) len);
+        goto cleanup;
+    }
+
+    /* Read the server data into our buff array */
+    memset(buff, 0, sizeof(buff));
+    if ((ret = wolfSSL_read(ssl, buff, sizeof(buff)-1)) == -1) {
+        fprintf(stderr, "ERROR: failed to read\n");
+        goto cleanup;
+    }
+
+    /* Print to stdout any data the server sends */
+    printf("Server: %s\n", buff);
+
+    /* Cleanup and return */
+cleanup:
+    wolfSSL_free(ssl);      /* Free the wolfSSL object                  */
+ctx_cleanup:
+    wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
+socket_cleanup:
+    close(sockfd);          /* Close the connection to the server       */
+end:
+    return ret;               /* Return reporting a success               */
+}
--- a/android/extern/wolfssl/IDE/MQX/include.am
+++ b/android/extern/wolfssl/IDE/MQX/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/MQX/client-tls.c
+EXTRA_DIST+= IDE/MQX/Makefile
+EXTRA_DIST+= IDE/MQX/README-jp.md
+EXTRA_DIST+= IDE/MQX/README.md
+EXTRA_DIST+= IDE/MQX/server-tls.c
+EXTRA_DIST+= IDE/MQX/user_config.h
+EXTRA_DIST+= IDE/MQX/user_settings.h
--- a/android/extern/wolfssl/IDE/MQX/server-tls.c
+++ b/android/extern/wolfssl/IDE/MQX/server-tls.c
@@ -0,0 +1,196 @@
+/* server-tls.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <addrinfo.h>
+
+#define DEFAULT_PORT 11111
+
+#define CERT_FILE "../certs/server-cert.pem"
+#define KEY_FILE  "../certs/server-key.pem"
+
+
+
+int main()
+{
+    int                sockfd;
+    int                connd;
+    struct sockaddr_in servAddr;
+    struct sockaddr_in clientAddr;
+    socklen_t          size = sizeof(clientAddr);
+    char               buff[256];
+    size_t             len;
+    int                shutdown = 0;
+    int                ret;
+    const char*        reply = "I hear ya fa shizzle!\n";
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
+
+
+
+    /* Initialize wolfSSL */
+    wolfSSL_Init();
+
+
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        fprintf(stderr, "ERROR: failed to create the socket\n");
+        return -1;
+    }
+
+
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+        return -1;
+    }
+
+    /* Load server certificates into WOLFSSL_CTX */
+    if (wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)
+        != SSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CERT_FILE);
+        return -1;
+    }
+
+    /* Load server key into WOLFSSL_CTX */
+    if (wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)
+        != SSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                KEY_FILE);
+        return -1;
+    }
+
+
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family      = AF_INET;             /* using IPv4      */
+    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
+
+
+
+    /* Bind the server socket to our port */
+    if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+        fprintf(stderr, "ERROR: failed to bind\n");
+        return -1;
+    }
+
+    /* Listen for a new connection, allow 5 pending connections */
+    if (listen(sockfd, 5) == -1) {
+        fprintf(stderr, "ERROR: failed to listen\n");
+        return -1;
+    }
+
+
+
+    /* Continue to accept clients until shutdown is issued */
+    while (!shutdown) {
+        printf("Waiting for a connection...\n");
+
+        /* Accept client connections */
+        if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
+            == -1) {
+            fprintf(stderr, "ERROR: failed to accept the connection\n\n");
+            return -1;
+        }
+
+        /* Create a WOLFSSL object */
+        if ((ssl = wolfSSL_new(ctx)) == NULL) {
+            fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+            return -1;
+        }
+
+        /* Attach wolfSSL to the socket */
+        wolfSSL_set_fd(ssl, connd);
+
+        /* Establish TLS connection */
+        ret = wolfSSL_accept(ssl);
+        if (ret != SSL_SUCCESS) {
+            fprintf(stderr, "wolfSSL_accept error = %d\n",
+                wolfSSL_get_error(ssl, ret));
+            return -1;
+        }
+
+
+        printf("Client connected successfully\n");
+
+
+
+        /* Read the client data into our buff array */
+        memset(buff, 0, sizeof(buff));
+        if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
+            fprintf(stderr, "ERROR: failed to read\n");
+            return -1;
+        }
+
+        /* Print to stdout any data the client sends */
+        printf("Client: %s\n", buff);
+
+        /* Check for server shutdown command */
+        if (strncmp(buff, "shutdown", 8) == 0) {
+            printf("Shutdown command issued!\n");
+            shutdown = 1;
+        }
+
+
+
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, reply, strlen(reply));
+        len = strnlen(buff, sizeof(buff));
+
+        /* Reply back to the client */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            fprintf(stderr, "ERROR: failed to write\n");
+            return -1;
+        }
+
+
+
+        /* Cleanup after this connection */
+        wolfSSL_free(ssl);      /* Free the wolfSSL object              */
+        close(connd);           /* Close the connection to the client   */
+    }
+
+    printf("Shutdown complete\n");
+
+
+
+    /* Cleanup and return */
+    wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
+    close(sockfd);          /* Close the socket listening for clients   */
+    return 0;               /* Return reporting a success               */
+}
--- a/android/extern/wolfssl/IDE/MQX/user_config.h
+++ b/android/extern/wolfssl/IDE/MQX/user_config.h
@@ -0,0 +1 @@
+#define MQX_CPU                 PSP_CPU_MK60DN512Z
--- a/android/extern/wolfssl/IDE/MQX/user_settings.h
+++ b/android/extern/wolfssl/IDE/MQX/user_settings.h
@@ -0,0 +1,61 @@
+
+/* wolfSSH */
+#define WOLFSSL_PUBLIC_MP
+
+/* TLS1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_FFDHE_2048
+#define HAVE_THREAD_LS
+
+/* SP optimization */
+#define WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_SP_4096
+#define WOLFSSL_HAVE_SP_ECC
+#define HAVE_ECC384
+#define WOLFSSL_SP_384
+
+/* Hardening */
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+/* Default Cyphers */
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA384
+#define HAVE_HKDF
+#define NO_DSA
+#define HAVE_ECC
+#define TFM_ECC256
+#define ECC_SHAMIR
+#define WC_RSA_PSS
+#define WOLFSSL_BASE64_ENCODE
+#define NO_RC4
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA3
+#define WOLFSSL_SHAKE256
+#define HAVE_POLY1305
+#define HAVE_ONE_TIME_AUTH
+#define HAVE_CHACHA
+#define HAVE_HASHDRBG
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_EXTENDED_MASTER
+#define NO_RC4
+#define HAVE_ENCRYPT_THEN_MAC
+#define NO_PSK
+#define NO_MD4
+#define NO_PWDBASED
+#define USE_FAST_MATH
+#define WC_NO_ASYNC_THREADING
+#define HAVE_DH_DEFAULT_PARAMS
+#define NO_DES3
+#define WOLFSSL_DH_CONST
+
+/* MQX */
+#define FREESCALE_MQX
+#define FREESCALE_NO_RNG
+