Multicast DTLS
1. Update API 2. Update unit test 3. Partially implemented wolfSSL_set_secret().
This commit is contained in:
John Safranek
parent
0838a3828b
commit
b616b8df02
85
src/ssl.c
85
src/ssl.c
@ -844,46 +844,75 @@ int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, word16 newMtu)
|
||||
#endif /* WOLFSSL_DTLS && WOLFSSL_SCTP */
|
||||
|
||||
|
||||
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
|
||||
#if defined(WOLFSSL_MULTICAST)
|
||||
|
||||
int wolfSSL_dtls_mcast_set_member_id(WOLFSSL* ssl, byte id)
|
||||
int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX* ctx, byte id)
|
||||
{
|
||||
int ret = SSL_SUCCESS;
|
||||
int ret = 0;
|
||||
|
||||
(void)ssl;
|
||||
(void)id;
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_mcast_set_member_id()");
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_dtls_mcast_set_member_id()");
|
||||
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_set_member_id()", ret);
|
||||
if (ctx == NULL)
|
||||
ret = BAD_FUNC_ARG;
|
||||
|
||||
if (ret == 0) {
|
||||
/* check if side == MASTER. only work for client */
|
||||
ctx->haveEMS = 0;
|
||||
ctx->mcastID = id;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = SSL_SUCCESS;
|
||||
WOLFSSL_LEAVE("wolfSSL_CTX_mcast_set_member_id()", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_dtls_mcast_set_secret(WOLFSSL* ssl, unsigned short epoch,
|
||||
const byte* preMasterSecret,
|
||||
word32 preMasterSz,
|
||||
const byte* clientRandom,
|
||||
const byte* serverRandom,
|
||||
const byte* suite)
|
||||
int wolfSSL_set_secret(WOLFSSL* ssl, unsigned short epoch,
|
||||
const byte* preMasterSecret, word32 preMasterSz,
|
||||
const byte* clientRandom, const byte* serverRandom,
|
||||
const byte* suite)
|
||||
{
|
||||
int ret = SSL_SUCCESS;
|
||||
int ret = 0;
|
||||
|
||||
(void)ssl;
|
||||
(void)epoch;
|
||||
(void)preMasterSecret;
|
||||
(void)preMasterSz;
|
||||
(void)clientRandom;
|
||||
(void)serverRandom;
|
||||
(void)suite;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_dtls_mcast_set_secret()");
|
||||
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_set_secret()", ret);
|
||||
WOLFSSL_ENTER("wolfSSL_set_secret()");
|
||||
|
||||
if (ssl == NULL || preMasterSecret == NULL || preMasterSz == 0 ||
|
||||
preMasterSz > sizeof(ssl->arrays->preMasterSecret) ||
|
||||
clientRandom == NULL || serverRandom == NULL || suite == NULL) {
|
||||
|
||||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
XMEMCPY(ssl->arrays->preMasterSecret, preMasterSecret, preMasterSz);
|
||||
ssl->arrays->preMasterSz = preMasterSz;
|
||||
XMEMCPY(ssl->arrays->clientRandom, clientRandom, RAN_LEN);
|
||||
XMEMCPY(ssl->arrays->serverRandom, serverRandom, RAN_LEN);
|
||||
ssl->options.cipherSuite0 = suite[0];
|
||||
ssl->options.cipherSuite = suite[1];
|
||||
|
||||
ret = SetCipherSpecs(ssl);
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = MakeTlsMasterSecret(ssl);
|
||||
|
||||
if (ret == 0)
|
||||
ret = SSL_SUCCESS;
|
||||
else {
|
||||
if (ssl)
|
||||
ssl->error = ret;
|
||||
ret = SSL_FATAL_ERROR;
|
||||
}
|
||||
WOLFSSL_LEAVE("wolfSSL_set_secret()", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_dtls_mcast_read(WOLFSSL* ssl, unsigned char* id,
|
||||
void* data, int sz)
|
||||
int wolfSSL_mcast_read(WOLFSSL* ssl, unsigned char* id, void* data, int sz)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
@ -891,14 +920,14 @@ int wolfSSL_dtls_mcast_read(WOLFSSL* ssl, unsigned char* id,
|
||||
(void)data;
|
||||
(void)sz;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_dtls_mcast_read()");
|
||||
if (id != NULL)
|
||||
WOLFSSL_ENTER("wolfSSL_mcast_read()");
|
||||
if (ssl->options.dtls && id != NULL)
|
||||
*id = 0;
|
||||
WOLFSSL_LEAVE("wolfSSL_dtls_mcast_read()", ret);
|
||||
WOLFSSL_LEAVE("wolfSSL_mcast_read()", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST */
|
||||
#endif /* WOLFSSL_MULTICAST */
|
||||
|
||||
|
||||
#endif /* WOLFSSL_LEANPSK */
|
||||
|
||||
23
tests/api.c
23
tests/api.c
@ -2345,9 +2345,9 @@ static int test_wolfSSL_UseOCSPStaplingV2 (void)
|
||||
} /*END test_wolfSSL_UseOCSPStaplingV2*/
|
||||
|
||||
/*----------------------------------------------------------------------------*
|
||||
| DTLS Multicast Tests
|
||||
| Multicast Tests
|
||||
*----------------------------------------------------------------------------*/
|
||||
static void test_wolfSSL_dtls_mcast(void)
|
||||
static void test_wolfSSL_mcast(void)
|
||||
{
|
||||
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
|
||||
WOLFSSL_CTX* ctx;
|
||||
@ -2362,21 +2362,22 @@ static void test_wolfSSL_dtls_mcast(void)
|
||||
|
||||
ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
|
||||
AssertNotNull(ctx);
|
||||
|
||||
result = wolfSSL_CTX_mcast_set_member_id(ctx, 0);
|
||||
AssertIntEQ(result, SSL_SUCCESS);
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
AssertNotNull(ssl);
|
||||
|
||||
result = wolfSSL_dtls_mcast_set_member_id(ssl, 0);
|
||||
AssertIntEQ(result, SSL_SUCCESS);
|
||||
|
||||
XMEMSET(preMasterSecret, 0x23, sizeof(preMasterSecret));
|
||||
XMEMSET(clientRandom, 0xA5, sizeof(clientRandom));
|
||||
XMEMSET(serverRandom, 0x5A, sizeof(serverRandom));
|
||||
result = wolfSSL_dtls_mcast_set_secret(ssl, 23,
|
||||
preMasterSecret, sizeof(preMasterSecret),
|
||||
clientRandom, serverRandom, suite);
|
||||
result = wolfSSL_set_secret(ssl, 23,
|
||||
preMasterSecret, sizeof(preMasterSecret),
|
||||
clientRandom, serverRandom, suite);
|
||||
AssertIntEQ(result, SSL_SUCCESS);
|
||||
|
||||
result = wolfSSL_dtls_mcast_read(ssl, &newId, buf, sizeof(buf));
|
||||
result = wolfSSL_mcast_read(ssl, &newId, buf, sizeof(buf));
|
||||
AssertIntLE(result, 0);
|
||||
AssertIntLE(newId, 100);
|
||||
|
||||
@ -9717,8 +9718,8 @@ void ApiTest(void)
|
||||
AssertIntEQ(test_wolfSSL_UseOCSPStapling(), SSL_SUCCESS);
|
||||
AssertIntEQ(test_wolfSSL_UseOCSPStaplingV2(), SSL_SUCCESS);
|
||||
|
||||
/* DTLS-MULTICAST */
|
||||
test_wolfSSL_dtls_mcast();
|
||||
/* Multicast */
|
||||
test_wolfSSL_mcast();
|
||||
|
||||
/* compatibility tests */
|
||||
test_wolfSSL_DES();
|
||||
|
||||
@ -1035,7 +1035,7 @@ enum Misc {
|
||||
DTLS_EXPORT_LEN = 2, /* 2 bytes for length and protocol */
|
||||
DTLS_EXPORT_IP = 46, /* max ip size IPv4 mapped IPv6 */
|
||||
MAX_EXPORT_BUFFER = 514, /* max size of buffer for exporting */
|
||||
DTLS_MCAST_ID_MAX = 100, /* max allowed multicast group ID */
|
||||
MULTICAST_SZ = 100, /* max allowed multicast group peers */
|
||||
FINISHED_LABEL_SZ = 15, /* TLS finished label size */
|
||||
TLS_FINISHED_SZ = 12, /* TLS has a shorter size */
|
||||
EXT_MASTER_LABEL_SZ = 22, /* TLS extended master secret label sz */
|
||||
@ -2240,6 +2240,9 @@ struct WOLFSSL_CTX {
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
byte postHandshakeAuth:1; /* Post-handshake auth supported. */
|
||||
#endif
|
||||
#ifdef WOLFSSL_MULTICAST
|
||||
byte mcastID; /* multicast group ID */
|
||||
#endif
|
||||
#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
|
||||
byte dtlsSctp; /* DTLS-over-SCTP mode */
|
||||
word16 dtlsMtuSz; /* DTLS MTU size */
|
||||
|
||||
@ -509,12 +509,12 @@ WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX*, unsigned short);
|
||||
WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL*, unsigned short);
|
||||
|
||||
WOLFSSL_API int wolfSSL_dtls_mcast_set_member_id(WOLFSSL*, unsigned char);
|
||||
WOLFSSL_API int wolfSSL_dtls_mcast_set_secret(WOLFSSL*, unsigned short,
|
||||
WOLFSSL_API int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX*, unsigned char);
|
||||
WOLFSSL_API int wolfSSL_set_secret(WOLFSSL*, unsigned short,
|
||||
const unsigned char*, unsigned int,
|
||||
const unsigned char*, const unsigned char*,
|
||||
const unsigned char*);
|
||||
WOLFSSL_API int wolfSSL_dtls_mcast_read(WOLFSSL*, unsigned char*, void*, int);
|
||||
WOLFSSL_API int wolfSSL_mcast_read(WOLFSSL*, unsigned char*, void*, int);
|
||||
|
||||
WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err);
|
||||
WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user