Initial version

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/PythonBuild.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+echo
+swig -python wolfssl.i
+pythonIncludes=`python-config --includes`
+pythonLibs=`python-config --libs`
+gcc -c -fpic wolfssl_wrap.c -I$pythonIncludes
+gcc -c -fpic wolfssl_adds.c 
+gcc -shared -flat_namespace  wolfssl_adds.o  wolfssl_wrap.o -lwolfssl $pythonLibs -o _wolfssl.so
+python runme.py

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/README

@@ -0,0 +1,44 @@
+
+
+Initial swig interface file
+
+Please send questions to support@wolfssl.com
+
+
+
+**Python Support**
+
+    For Linux, OS X, or *nix
+
+1) build wolfSSL with fpic on Linux, not needed on OS X
+    ./configure --disable-shared CFLAGS=-fpic
+    make
+    sudo make install
+
+
+2) start the example server from the root directory
+    ./examples/server/server -d
+
+3) run ./PythonBuild.sh from this directory it will
+    a) build the swig wrapper file
+    b) compile the swig wrapper and wolfssl wrapper files
+    c) place them into a wolfssl shared library for python
+    d) run runme.py which will connect to the wolfSSL server, write a
+       string, then read the result and output it
+
+
+    Windows only
+
+1) Make sure the install path to wolfssl doesn't have any spaces anywhere in the
+   directory path because swig doesn't like that
+2) Have python for Windows installed, note install directory
+3) Have swigwin installed, note install directory
+4) Make sure swigwin install direcotry is added to PATH env. variable
+5) Make sure env. variables PYTHON_INCLUDE and PYTHON_LIB are set correctly e.g.
+    PYTHON_INCLUE="c:\Python26\include"
+    PYTHON_LIB="c:\Python26\libs\python26.lib"
+6) Build python_wolfssl in Release mode only, Debug build fails to find a debug
+    python library that isn't included by default
+7) The outputs _wolfssl.pyd and wolfssl.py are the wolfssl import library
+8) Can now run python runme.py from the swig directory
+

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/include.am

@@ -0,0 +1,12 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+EXTRA_DIST+= \
+	     swig/PythonBuild.sh \
+	     swig/README \
+	     swig/wolfssl.i \
+	     swig/wolfssl_adds.c \
+	     swig/python_wolfssl.vcproj \
+	     swig/rsasign.py \
+	     swig/runme.py
+

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/python_wolfssl.vcproj

@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="9.00"
+	Name="python_wolfssl"
+	ProjectGUID="{47A3ABA9-EC54-4788-BC7E-370595B2011A}"
+	RootNamespace="python_wolfssl"
+	Keyword="Win32Proj"
+	TargetFrameworkVersion="196613"
+	>
+	<Platforms>
+		<Platform
+			Name="Win32"
+		/>
+	</Platforms>
+	<ToolFiles>
+	</ToolFiles>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="../include;../wolfcrypt/include;&quot;$(PYTHON_INCLUDE)&quot;"
+				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;PYTHON_WOLFSSL_EXPORTS"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="4"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="$(PYTHON_LIB) Ws2_32.lib"
+				OutputFile="_wolfssl.pyd"
+				LinkIncremental="2"
+				GenerateDebugInformation="true"
+				SubSystem="2"
+				TargetMachine="1"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="2"
+				EnableIntrinsicFunctions="true"
+				AdditionalIncludeDirectories="../include;../wolfcrypt/include;&quot;$(PYTHON_INCLUDE)&quot;"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;PYTHON_WOLFSSL_EXPORTS"
+				RuntimeLibrary="2"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="$(PYTHON_LIB) Ws2_32.lib"
+				OutputFile="_wolfssl.pyd"
+				LinkIncremental="1"
+				GenerateDebugInformation="true"
+				SubSystem="2"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="1"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+			>
+			<File
+				RelativePath=".\wolfssl_adds.c"
+				>
+			</File>
+			<File
+				RelativePath=".\wolfssl_wrap.c"
+				>
+			</File>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+			>
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+			>
+		</Filter>
+		<File
+			RelativePath=".\wolfssl.i"
+			>
+			<FileConfiguration
+				Name="Debug|Win32"
+				>
+				<Tool
+					Name="VCCustomBuildTool"
+					CommandLine="echo In order to function correctly, please ensure the following environment variables are correctly set:&#x0D;&#x0A;echo PYTHON_INCLUDE: %PYTHON_INCLUDE%&#x0D;&#x0A;echo PYTHON_LIB: %PYTHON_LIB%&#x0D;&#x0A;echo on&#x0D;&#x0A;swig.exe -python $(InputPath)&#x0D;&#x0A;"
+					Outputs="$(InputName)_wrap.c"
+				/>
+			</FileConfiguration>
+			<FileConfiguration
+				Name="Release|Win32"
+				>
+				<Tool
+					Name="VCCustomBuildTool"
+					CommandLine="echo In order to function correctly, please ensure the following environment variables are correctly set:&#x0D;&#x0A;echo PYTHON_INCLUDE: %PYTHON_INCLUDE%&#x0D;&#x0A;echo PYTHON_LIB: %PYTHON_LIB%&#x0D;&#x0A;echo on&#x0D;&#x0A;swig.exe -python $(InputPath)"
+					Outputs="$(InputName)_wrap.c"
+				/>
+			</FileConfiguration>
+		</File>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/rsasign.py

@@ -0,0 +1,35 @@
+# file: rsasign.py
+
+import wolfssl
+
+
+# start Random Number Generator
+rng = wolfssl.GetRng()
+if rng == None:
+    print "Couldn't get an RNG"
+    exit(-1)
+
+# load RSA private key in DER format
+key = wolfssl.GetRsaPrivateKey("../certs/client-key.der")
+if key == None:
+    print "Couldn't load DER private key file"
+    exit(-1)
+
+# Make byte Arrays and fill input
+signOutput = wolfssl.byteArray(128)   # 128 allows 1024 bit private key
+signStr    = wolfssl.byteArray(25)    # input can't be larger then key size
+                                     # 64 for 512 bit 128 for 1024 bit
+wolfssl.FillSignStr(signStr, "Everybody gets Friday off", 25)
+
+# Do RSA Sign
+signedSize = wolfssl.RsaSSL_Sign(signStr, 25, signOutput, 128, key, rng)
+
+# Show output
+print "Signed Size = ", signedSize, " signed array = ", wolfssl.cdata(signOutput, signedSize)
+
+# let's verify this worked
+signVerify = wolfssl.byteArray(signedSize)
+verifySize = wolfssl.RsaSSL_Verify(signOutput, signedSize, signVerify, signedSize, key)
+
+print "Verify Size = ", verifySize, " verify array = ", wolfssl.cdata(signVerify, verifySize)
+

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/runme.py

@@ -0,0 +1,43 @@
+# file: runme.py
+
+import wolfssl
+
+print ""
+print "Trying to connect to the example server -d..."
+
+wolfssl.wolfSSL_Init()
+#wolfssl.wolfSSL_Debugging_ON()
+ctx = wolfssl.wolfSSL_CTX_new(wolfssl.wolfTLSv1_2_client_method())
+if ctx == None:
+    print "Couldn't get SSL CTX for TLSv1.2"
+    exit(-1)
+
+ret = wolfssl.wolfSSL_CTX_load_verify_locations(ctx, "../certs/ca-cert.pem", None)
+if ret != wolfssl.SSL_SUCCESS:
+    print "Couldn't do SSL_CTX_load_verify_locations "
+    print "error string = ", ret
+    exit(-1)
+
+ssl = wolfssl.wolfSSL_new(ctx)
+ret = wolfssl.wolfSSL_swig_connect(ssl, "localhost", 11111)
+
+if ret != wolfssl.SSL_SUCCESS:
+    print "Couldn't do SSL connect"
+    err    = wolfssl.wolfSSL_get_error(ssl, 0)
+    if ret == -2:
+        print "tcp error, is example server running?"
+    else:
+        print "error string = ", wolfssl.wolfSSL_error_string(err)
+    exit(-1)
+
+print "...Connected"
+written = wolfssl.wolfSSL_write(ssl, "hello from python\r\n", 19)
+
+if written > 0:
+    print "Wrote ", written, " bytes"
+
+byteArray = wolfssl.byteArray(100)
+readBytes = wolfssl.wolfSSL_read(ssl, byteArray, 100)
+
+print "server reply: ", wolfssl.cdata(byteArray, readBytes)
+

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/wolfssl.i

@@ -0,0 +1,63 @@
+/* wolfssl.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+%module wolfssl
+%{
+    #include <wolfssl/ssl.h>
+    #include <wolfssl/wolfcrypt/rsa.h>
+
+    /* defn adds */
+    char* wolfSSL_error_string(int err);
+    int   wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
+    RNG*  GetRng(void);
+    RsaKey* GetRsaPrivateKey(const char* file);
+    void    FillSignStr(unsigned char*, const char*, int);
+%}
+
+
+WOLFSSL_METHOD* wolfTLSv1_2_client_method(void);
+WOLFSSL_CTX*    wolfSSL_CTX_new(WOLFSSL_METHOD*);
+int             wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, const char*);
+WOLFSSL*        wolfSSL_new(WOLFSSL_CTX*);
+int             wolfSSL_get_error(WOLFSSL*, int);
+int             wolfSSL_write(WOLFSSL*, const char*, int);
+int             wolfSSL_Debugging_ON(void);
+int             wolfSSL_Init(void);
+char*           wolfSSL_error_string(int);
+int             wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
+
+int         wc_RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, RNG* rng);
+
+int         wc_RsaSSL_Verify(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key);
+
+RNG* GetRng(void);
+RsaKey* GetRsaPrivateKey(const char* file);
+void    FillSignStr(unsigned char*, const char*, int);
+
+%include carrays.i
+%include cdata.i
+%array_class(unsigned char, byteArray);
+int         wolfSSL_read(WOLFSSL*, unsigned char*, int);
+
+
+#define    SSL_FAILURE      0
+#define    SSL_SUCCESS      1
+

FreeRTOSv10.2.1/FreeRTOS-Plus/Source/WolfSSL/swig/wolfssl_adds.c

@@ -0,0 +1,234 @@
+/* wolfssl_adds.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef _WIN32
+    #define HAVE_CONFIG_H
+#endif
+
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/asn.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <ctype.h>
+
+#ifdef _WIN32
+    #include <winsock2.h>
+    #include <process.h>
+    #ifdef TEST_IPV6            /* don't require newer SDK for IPV4 */
+	    #include <ws2tcpip.h>
+        #include <wspiapi.h>
+    #endif
+    #define SOCKET_T int
+#else
+    #include <string.h>
+    #include <unistd.h>
+    #include <netdb.h>
+    #include <netinet/in.h>
+    #include <arpa/inet.h>
+    #include <sys/ioctl.h>
+    #include <sys/time.h>
+    #include <sys/types.h>
+    #include <sys/socket.h>
+    #include <pthread.h>
+    #ifdef NON_BLOCKING
+        #include <fcntl.h>
+    #endif
+    #ifdef TEST_IPV6
+        #include <netdb.h>
+    #endif
+    #define SOCKET_T unsigned int
+#endif /* _WIN32 */
+
+#ifdef _MSC_VER
+    /* disable conversion warning */
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable:4244 4996)
+#endif
+
+#if defined(__MACH__) || defined(_WIN32)
+    #ifndef _SOCKLEN_T
+        typedef int socklen_t;
+    #endif
+#endif
+
+
+/* HPUX doesn't use socklent_t for third parameter to accept */
+#if !defined(__hpux__)
+    typedef socklen_t* ACCEPT_THIRD_T;
+#else
+    typedef int*       ACCEPT_THIRD_T;
+#endif
+
+
+#ifdef _WIN32
+    #define CloseSocket(s) closesocket(s)
+    #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
+#else
+    #define CloseSocket(s) close(s)
+    #define StartTCP()
+#endif
+
+
+#ifdef TEST_IPV6
+    typedef struct sockaddr_in6 SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET6
+#else
+    typedef struct sockaddr_in  SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET
+#endif
+
+
+enum {
+    SSL_BLOCKING    = 2,
+    SSL_NONBLOCKING = 4
+};
+
+
+static int tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, const char* peer,
+                       short port)
+{
+    const char* host = peer;
+
+    /* peer could be in human readable form */
+    if (isalpha(peer[0])) {
+        struct hostent* entry = gethostbyname(peer);
+
+        if (entry) {
+            struct sockaddr_in tmp;
+            memset(&tmp, 0, sizeof(struct sockaddr_in));
+            memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0],entry->h_length);
+            host = inet_ntoa(tmp.sin_addr);
+        }
+        else
+            return -1;   /* no entry for host */
+    }
+
+    *sockfd = socket(AF_INET, SOCK_STREAM, 0);
+    memset(addr, 0, sizeof(SOCKADDR_IN_T));
+
+    addr->sin_family = AF_INET;
+    addr->sin_port = htons(port);
+    addr->sin_addr.s_addr = inet_addr(host);
+
+#ifdef SO_NOSIGPIPE
+    {
+        int on = 1;
+        socklen_t len = sizeof(on);
+        setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
+    }
+#endif
+
+    return 0;
+}
+
+
+static int tcp_connect(SOCKET_T* sockfd, const char* ip, short port)
+{
+    SOCKADDR_IN_T addr;
+    int ret = tcp_socket(sockfd, &addr, ip, port);
+    if (ret != 0) return ret;
+
+    if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
+        return -2; /* can't connect */
+
+    return 0;
+}
+
+
+int wolfSSL_swig_connect(WOLFSSL* ssl, const char* server, int port)
+{
+    SOCKET_T sockfd;
+    int ret = tcp_connect(&sockfd, server, port);
+    if (ret != 0) return ret;
+
+    wolfSSL_set_fd(ssl, sockfd);
+
+    return wolfSSL_connect(ssl);
+}
+
+
+char* wolfSSL_error_string(int err)
+{
+    static char buffer[WOLFSSL_MAX_ERROR_SZ];
+
+    return wolfSSL_ERR_error_string(err, buffer);
+}
+
+
+RNG* GetRng(void)
+{
+    RNG* rng = (RNG*)malloc(sizeof(RNG));
+
+    if (rng)
+        if (wc_InitRng(rng) != 0) {
+            free(rng);
+            rng = 0;
+        }
+
+    return rng;
+}
+
+
+RsaKey* GetRsaPrivateKey(const char* keyFile)
+{
+    RsaKey* key = (RsaKey*)malloc(sizeof(RsaKey));
+
+    if (key) {
+        byte   tmp[1024];
+        size_t bytes;
+        int    ret;
+        word32 idx = 0;
+        FILE*  file = fopen(keyFile, "rb");
+
+        if (!file) {
+            free(key);
+            return 0;
+        }
+
+        bytes = fread(tmp, 1, sizeof(tmp), file);
+        fclose(file);
+        wc_InitRsaKey(key, 0);
+
+        ret = wc_RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes);
+        if (ret != 0) {
+            wc_FreeRsaKey(key);
+            free(key);
+            return 0;
+        }
+    }
+    return key;
+}
+
+
+void FillSignStr(unsigned char* dst, const char* src, int size)
+{
+    memcpy(dst, src, size);
+}
+