123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685 |
- /* testsuite.c
- *
- * Copyright (C) 2006-2024 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <wolfssl/wolfcrypt/settings.h>
- #ifndef WOLFSSL_USER_SETTINGS
- #include <wolfssl/options.h>
- #endif
- #undef TEST_OPENSSL_COEXIST /* can't use this option with this example */
- #undef OPENSSL_COEXIST /* can't use this option with this example */
- #include <wolfssl/wolfcrypt/types.h>
- #include <wolfssl/ssl.h>
- #include <wolfssl/test.h>
- #include <wolfcrypt/test/test.h>
- #ifndef SINGLE_THREADED
- #ifdef OPENSSL_EXTRA
- #include <wolfssl/openssl/ssl.h>
- #endif
- #include <wolfssl/wolfcrypt/sha256.h>
- #include <wolfssl/wolfcrypt/ecc.h>
- #include <examples/echoclient/echoclient.h>
- #include <examples/echoserver/echoserver.h>
- #include <examples/server/server.h>
- #include <examples/client/client.h>
- #include "tests/utils.h"
- #ifndef NO_SHA256
- void file_test(const char* file, byte* check);
- #endif
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
- #ifdef HAVE_STACK_SIZE
- static THREAD_RETURN simple_test(func_args *args);
- #else
- static void simple_test(func_args *args);
- #endif
- static int test_tls(func_args* server_args);
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
- static int test_crl_monitor(void);
- #endif
- static void show_ciphers(void);
- static void cleanup_output(void);
- static int validate_cleanup_output(void);
- enum {
- NUMARGS = 3
- };
- static const char *outputName;
- #endif
- int myoptind = 0;
- char* myoptarg = NULL;
- #ifndef NO_TESTSUITE_MAIN_DRIVER
- static int testsuite_test(int argc, char** argv);
- int main(int argc, char** argv)
- {
- return testsuite_test(argc, argv);
- }
- #endif /* NO_TESTSUITE_MAIN_DRIVER */
- #ifdef HAVE_STACK_SIZE
- /* Wrap TLS echo client to free thread locals. */
- static void *echoclient_test_wrapper(void* args) {
- echoclient_test(args);
- #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
- wc_ecc_fp_free(); /* free per thread cache */
- #endif
- return (void *)0;
- }
- #endif
- int testsuite_test(int argc, char** argv)
- {
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
- func_args server_args;
- tcp_ready ready;
- #if !defined(NETOS)
- THREAD_TYPE serverThread;
- int ret;
- #endif
- #ifndef USE_WINDOWS_API
- const char *tempDir = NULL;
- char tempName[128];
- int tempName_len;
- int tempName_Xnum;
- #else
- char tempName[] = "fnXXXXXX";
- const int tempName_len = 8;
- const int tempName_Xnum = 6;
- #endif
- #ifdef HAVE_STACK_SIZE
- void *serverThreadStackContext = NULL;
- #endif
- #ifndef USE_WINDOWS_API
- #ifdef XGETENV
- tempDir = XGETENV("TMPDIR");
- if (tempDir == NULL)
- #endif
- {
- tempDir = "/tmp";
- }
- XSTRLCPY(tempName, tempDir, sizeof(tempName));
- XSTRLCAT(tempName, "/testsuite-output-XXXXXX", sizeof(tempName));
- tempName_len = (int)XSTRLEN(tempName);
- tempName_Xnum = 6;
- #endif /* !USE_WINDOWS_API */
- #ifdef HAVE_WNR
- if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0) {
- err_sys("Whitewood netRandom global config failed");
- return -1237;
- }
- #endif /* HAVE_WNR */
- StartTCP();
- server_args.argc = argc;
- server_args.argv = argv;
- wolfSSL_Init();
- #if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
- wolfSSL_Debugging_ON();
- #endif
- #if !defined(WOLFSSL_TIRTOS)
- ChangeToWolfRoot();
- #endif
- #ifdef WOLFSSL_TIRTOS
- fdOpenSession(Task_self());
- #endif
- server_args.signal = &ready;
- InitTcpReady(&ready);
- #ifndef NO_CRYPT_TEST
- /* wc_ test */
- #ifdef HAVE_STACK_SIZE
- StackSizeCheck(&server_args, wolfcrypt_test);
- #else
- wolfcrypt_test(&server_args);
- #endif
- if (server_args.return_code != 0) return server_args.return_code;
- #endif
- /* Simple wolfSSL client server test */
- #ifdef HAVE_STACK_SIZE
- StackSizeCheck(&server_args, (THREAD_RETURN (*)(void *))simple_test);
- #else
- simple_test(&server_args);
- #endif
- if (server_args.return_code != 0) return server_args.return_code;
- #if !defined(NETOS)
- /* Echo input wolfSSL client server test */
- #ifdef HAVE_STACK_SIZE
- StackSizeCheck_launch(&server_args, echoserver_test, &serverThread,
- &serverThreadStackContext);
- #else
- start_thread(echoserver_test, &server_args, &serverThread);
- #endif
- /* Create unique file name */
- outputName = mymktemp(tempName, tempName_len, tempName_Xnum);
- if (outputName == NULL) {
- printf("Could not create unique file name");
- return EXIT_FAILURE;
- }
- ret = test_tls(&server_args);
- if (ret != 0) {
- cleanup_output();
- return ret;
- }
- /* Server won't quit unless TLS test has worked. */
- #ifdef HAVE_STACK_SIZE
- fputs("reaping echoserver_test: ", stdout);
- StackSizeCheck_reap(serverThread, serverThreadStackContext);
- #else
- join_thread(serverThread);
- #endif
- if (server_args.return_code != 0) {
- cleanup_output();
- return server_args.return_code;
- }
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
- ret = test_crl_monitor();
- if (ret != 0) {
- cleanup_output();
- return ret;
- }
- #endif
- #endif /* !NETOS */
- show_ciphers();
- #if !defined(NETOS)
- ret = validate_cleanup_output();
- if (ret != 0)
- return EXIT_FAILURE;
- #endif
- wolfSSL_Cleanup();
- FreeTcpReady(&ready);
- #ifdef WOLFSSL_TIRTOS
- fdCloseSession(Task_self());
- #endif
- #ifdef HAVE_WNR
- if (wc_FreeNetRandom() < 0)
- err_sys("Failed to free netRandom context");
- #endif /* HAVE_WNR */
- printf("\nAll tests passed!\n");
- #else
- (void)argc;
- (void)argv;
- #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
- return EXIT_SUCCESS;
- }
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
- #define CRL_MONITOR_TEST_ROUNDS 6
- #define CRL_MONITOR_REM_FILE_ATTEMPTS 20
- static int test_crl_monitor(void)
- {
- func_args server_args;
- func_args client_args;
- THREAD_TYPE serverThread;
- tcp_ready ready;
- char buf[128];
- char tmpDir[16];
- char rounds[4];
- char portNum[8];
- const char* serverArgv[] = {
- "testsuite",
- "-A", "certs/ca-cert.pem",
- "--crl-dir", tmpDir,
- "-C", rounds,
- "--quieter",
- "-x",
- "-p", "0"
- };
- const char* clientArgv[] = {
- "testsuite",
- "-C",
- "-c", "certs/server-cert.pem",
- "-k", "certs/server-key.pem",
- "--quieter",
- "-H", "exitWithRet",
- "-p", portNum
- };
- int ret = -1;
- int i = -1, j;
- printf("\nRunning CRL monitor test\n");
- (void)XSNPRINTF(rounds, sizeof(rounds), "%d", CRL_MONITOR_TEST_ROUNDS);
- XMEMSET(&server_args, 0, sizeof(func_args));
- XMEMSET(&client_args, 0, sizeof(func_args));
- /* Create temp dir */
- if (create_tmp_dir(tmpDir, sizeof(tmpDir) - 1) == NULL) {
- fprintf(stderr, "Failed to create tmp dir");
- goto cleanup;
- }
- server_args.argv = (char**)serverArgv;
- server_args.argc = sizeof(serverArgv) / sizeof(*serverArgv);
- client_args.signal = server_args.signal = &ready;
- client_args.argv = (char**)clientArgv;
- client_args.argc = sizeof(clientArgv) / sizeof(*clientArgv);
- InitTcpReady(&ready);
- start_thread(server_test, &server_args, &serverThread);
- wait_tcp_ready(&server_args);
- (void)XSNPRINTF(portNum, sizeof(portNum), "%d", server_args.signal->port);
- for (i = 0; i < CRL_MONITOR_TEST_ROUNDS; i++) {
- int expectFail;
- if (i % 2 == 0) {
- /* succeed on even rounds */
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.pem");
- if (STAGE_FILE("certs/crl/crl.pem", buf) != 0) {
- fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
- goto cleanup;
- }
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.revoked");
- /* The monitor can be holding the file handle and this will cause
- * the remove call to fail. Let's give the monitor a some time to
- * finish up. */
- for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
- /* i == 0 since there is nothing to delete in the first round */
- if (i == 0 || rem_file(buf) == 0)
- break;
- XSLEEP_MS(100);
- }
- if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
- fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
- goto cleanup;
- }
- expectFail = 0;
- }
- else {
- /* fail on odd rounds */
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.revoked");
- if (STAGE_FILE("certs/crl/crl.revoked", buf) != 0) {
- fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
- goto cleanup;
- }
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.pem");
- /* The monitor can be holding the file handle and this will cause
- * the remove call to fail. Let's give the monitor a some time to
- * finish up. */
- for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
- if (rem_file(buf) == 0)
- break;
- XSLEEP_MS(100);
- }
- if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
- fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
- goto cleanup;
- }
- expectFail = 1;
- }
- /* Give server a moment to register the file change */
- XSLEEP_MS(100);
- client_args.return_code = 0;
- client_test(&client_args);
- if (!expectFail) {
- if (client_args.return_code != 0) {
- fprintf(stderr, "[%d] Incorrect return %d\n", i,
- client_args.return_code);
- goto cleanup;
- }
- }
- else {
- if (client_args.return_code == 0) {
- fprintf(stderr, "[%d] Expected failure\n", i);
- goto cleanup;
- }
- }
- }
- join_thread(serverThread);
- ret = 0;
- cleanup:
- if (ret != 0 && i >= 0)
- fprintf(stderr, "test_crl_monitor failed on iteration %d\n", i);
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.pem");
- rem_file(buf);
- (void)XSNPRINTF(buf, sizeof(buf), "%s/%s", tmpDir, "crl.revoked");
- rem_file(buf);
- (void)rem_dir(tmpDir);
- return ret;
- }
- #endif
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
- /* Perform a basic TLS handshake.
- *
- * First connection to echo a file.
- * Second to tell TLS server to quit.
- *
- * @param [in,out] server_args Object sent to server thread.
- * @return 0 on success.
- * @return echoclient error return code on failure.
- */
- static int test_tls(func_args* server_args)
- {
- func_args echo_args;
- char* myArgv[NUMARGS];
- char arg[3][128];
- printf("\nRunning TLS test\n");
- /* Set up command line arguments for echoclient to send input file
- * and write echoed data to temporary output file. */
- myArgv[0] = arg[0];
- myArgv[1] = arg[1];
- myArgv[2] = arg[2];
- echo_args.argc = 3;
- echo_args.argv = myArgv;
- XSTRLCPY(arg[0], "testsuite", sizeof(arg[0]));
- XSTRLCPY(arg[1], "input", sizeof(arg[1]));
- XSTRLCPY(arg[2], outputName, sizeof(arg[2]));
- /* Share the signal, it has the new port number in it. */
- echo_args.signal = server_args->signal;
- /* Ready to execute client - wait for server to be ready. */
- wait_tcp_ready(server_args);
- /* Do a client TLS connection. */
- #ifdef HAVE_STACK_SIZE
- fputs("echoclient_test #1: ", stdout);
- StackSizeCheck(&echo_args, echoclient_test_wrapper);
- #else
- echoclient_test(&echo_args);
- #endif
- if (echo_args.return_code != 0)
- return echo_args.return_code;
- #ifdef WOLFSSL_DTLS
- /* Ensure server is ready for UDP data. */
- wait_tcp_ready(server_args);
- #endif
- /* Next client connection - send quit to shutdown server. */
- echo_args.argc = 2;
- XSTRLCPY(arg[1], "quit", sizeof(arg[1]));
- /* Do a client TLS connection. */
- #ifdef HAVE_STACK_SIZE
- fputs("echoclient_test #2: ", stdout);
- StackSizeCheck(&echo_args, echoclient_test_wrapper);
- #else
- echoclient_test(&echo_args);
- #endif
- if (echo_args.return_code != 0)
- return echo_args.return_code;
- return 0;
- }
- /* Show cipher suites available. */
- static void show_ciphers(void)
- {
- char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
- XMEMSET(ciphers, 0, sizeof(ciphers));
- wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
- printf("ciphers = %s\n", ciphers);
- }
- /* Cleanup temporary output file. */
- static void cleanup_output(void)
- {
- remove(outputName);
- }
- /* Validate output equals input using a hash. Remove temporary output file.
- *
- * @return 0 on success.
- * @return 1 on failure.
- */
- static int validate_cleanup_output(void)
- {
- #ifndef NO_SHA256
- byte input[WC_SHA256_DIGEST_SIZE];
- byte output[WC_SHA256_DIGEST_SIZE];
- file_test("input", input);
- file_test(outputName, output);
- #endif
- cleanup_output();
- #ifndef NO_SHA256
- if (memcmp(input, output, sizeof(input)) != 0)
- return 1;
- #endif
- return 0;
- }
- /* Simple server.
- *
- * @param [in] args Object for server data in thread.
- * @return Return code.
- */
- #ifdef HAVE_STACK_SIZE
- static THREAD_RETURN simple_test(func_args* args)
- #else
- static void simple_test(func_args* args)
- #endif
- {
- THREAD_TYPE serverThread;
- int i;
- func_args svrArgs;
- char *svrArgv[9];
- char argvs[9][32];
- func_args cliArgs;
- char *cliArgv[NUMARGS];
- char argvc[3][32];
- printf("\nRunning simple test\n");
- for (i = 0; i < 9; i++)
- svrArgv[i] = argvs[i];
- for (i = 0; i < 3; i++)
- cliArgv[i] = argvc[i];
- XSTRLCPY(argvs[0], "SimpleServer", sizeof(argvs[0]));
- svrArgs.argc = 1;
- svrArgs.argv = svrArgv;
- svrArgs.return_code = 0;
- #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_SNIFFER) && \
- !defined(WOLFSSL_TIRTOS)
- XSTRLCPY(argvs[svrArgs.argc++], "-p", sizeof(argvs[svrArgs.argc]));
- XSTRLCPY(argvs[svrArgs.argc++], "0", sizeof(argvs[svrArgs.argc]));
- #endif
- /* Set the last arg later, when it is known. */
- args->return_code = 0;
- svrArgs.signal = args->signal;
- start_thread(server_test, &svrArgs, &serverThread);
- wait_tcp_ready(&svrArgs);
- /* Setting the actual port number. */
- XSTRLCPY(argvc[0], "SimpleClient", sizeof(argvc[0]));
- cliArgs.argv = cliArgv;
- cliArgs.return_code = 0;
- #ifndef USE_WINDOWS_API
- cliArgs.argc = NUMARGS;
- XSTRLCPY(argvc[1], "-p", sizeof(argvc[1]));
- (void)snprintf(argvc[2], sizeof(argvc[2]), "%d", (int)svrArgs.signal->port);
- #else
- cliArgs.argc = 1;
- #endif
- client_test(&cliArgs);
- if (cliArgs.return_code != 0) {
- args->return_code = cliArgs.return_code;
- #ifdef HAVE_STACK_SIZE
- return (THREAD_RETURN)0;
- #else
- return;
- #endif
- }
- join_thread(serverThread);
- if (svrArgs.return_code != 0) args->return_code = svrArgs.return_code;
- #ifdef HAVE_STACK_SIZE
- return (THREAD_RETURN)0;
- #endif
- }
- #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
- #ifndef NO_SHA256
- /* Create SHA-256 hash of the file based on filename.
- *
- * @param [in] file Name of file.
- * @param [out] check Buffer to hold SHA-256 hash.
- */
- void file_test(const char* file, byte* check)
- {
- FILE* f;
- int i = 0, j, ret;
- wc_Sha256 sha256;
- byte buf[1024];
- byte shasum[WC_SHA256_DIGEST_SIZE];
- ret = wc_InitSha256(&sha256);
- if (ret != 0) {
- printf("Can't wc_InitSha256 %d\n", ret);
- return;
- }
- if( !( f = fopen( file, "rb" ) )) {
- printf("Can't open %s\n", file);
- return;
- }
- while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) {
- if (ferror(f)) {
- printf("I/O error reading %s\n", file);
- fclose(f);
- return;
- }
- ret = wc_Sha256Update(&sha256, buf, (word32)i);
- if (ret != 0) {
- printf("Can't wc_Sha256Update %d\n", ret);
- fclose(f);
- return;
- }
- if (feof(f))
- break;
- }
- ret = wc_Sha256Final(&sha256, shasum);
- wc_Sha256Free(&sha256);
- if (ret != 0) {
- printf("Can't wc_Sha256Final %d\n", ret);
- fclose(f);
- return;
- }
- XMEMCPY(check, shasum, sizeof(shasum));
- for(j = 0; j < WC_SHA256_DIGEST_SIZE; ++j )
- printf( "%02x", shasum[j] );
- printf(" %s\n", file);
- fclose(f);
- }
- #endif
- #else /* SINGLE_THREADED */
- int myoptind = 0;
- char* myoptarg = NULL;
- int main(int argc, char** argv)
- {
- func_args wolfcrypt_test_args;
- wolfcrypt_test_args.argc = argc;
- wolfcrypt_test_args.argv = argv;
- wolfSSL_Init();
- ChangeToWolfRoot();
- /* No TLS - only doing cryptographic algorithm testing. */
- wolfcrypt_test(&wolfcrypt_test_args);
- if (wolfcrypt_test_args.return_code != 0)
- return wolfcrypt_test_args.return_code;
- wolfSSL_Cleanup();
- printf("\nAll tests passed!\n");
- return EXIT_SUCCESS;
- }
- #endif /* SINGLE_THREADED */
|