/* test.h

*

* Copyright (C) 2006-2025 wolfSSL Inc.

*

* This file is part of wolfSSL.

*

* wolfSSL is free software; you can redistribute it and/or modify

* it under the terms of the GNU General Public License as published by

* the Free Software Foundation; either version 3 of the License, or

* (at your option) any later version.

*

* wolfSSL is distributed in the hope that it will be useful,

* but WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

* GNU General Public License for more details.

*

* You should have received a copy of the GNU General Public License

* along with this program; if not, write to the Free Software

* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA

*/

/*!

\file ../wolfssl/test.h

\brief Header file containing test inline functions

*/

/* Testing functions */

#ifndef wolfSSL_TEST_H

#define wolfSSL_TEST_H

#include <wolfssl/wolfcrypt/settings.h>

#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */

#if defined(OPENSSL_EXTRA) && defined(OPENSSL_COEXIST)

#error "Example apps built with OPENSSL_EXTRA can't also be built with OPENSSL_COEXIST."

#endif

#include <wolfssl/wolfcrypt/wc_port.h>

#ifdef FUSION_RTOS

#include <fclstdio.h>

#include <fclstdlib.h>

#else

#include <stdio.h>

#include <stdlib.h>

#endif

#include <assert.h>

#include <ctype.h>

#ifdef HAVE_ERRNO_H

#include <errno.h>

#endif

#include <wolfssl/wolfcrypt/types.h>

#include <wolfssl/error-ssl.h>

#include <wolfssl/wolfcrypt/random.h>

#include <wolfssl/wolfcrypt/mem_track.h>

#include <wolfssl/wolfio.h>

#include <wolfssl/wolfcrypt/asn.h>

#ifdef ATOMIC_USER

#include <wolfssl/wolfcrypt/aes.h>

#include <wolfssl/wolfcrypt/arc4.h>

#include <wolfssl/wolfcrypt/hmac.h>

#endif

#ifdef HAVE_PK_CALLBACKS

#ifndef NO_RSA

#include <wolfssl/wolfcrypt/rsa.h>

#endif

#ifdef HAVE_ECC

#include <wolfssl/wolfcrypt/ecc.h>

#endif /* HAVE_ECC */

#ifndef NO_DH

#include <wolfssl/wolfcrypt/dh.h>

#endif /* !NO_DH */

#ifdef HAVE_ED25519

#include <wolfssl/wolfcrypt/ed25519.h>

#endif /* HAVE_ED25519 */

#ifdef HAVE_CURVE25519

#include <wolfssl/wolfcrypt/curve25519.h>

#endif /* HAVE_ECC */

#ifdef HAVE_ED448

#include <wolfssl/wolfcrypt/ed448.h>

#endif /* HAVE_ED448 */

#ifdef HAVE_CURVE448

#include <wolfssl/wolfcrypt/curve448.h>

#endif /* HAVE_ECC */

#endif /*HAVE_PK_CALLBACKS */

#ifdef __WATCOMC__

#define SNPRINTF snprintf

#if defined(__NT__)

#include <winsock2.h>

#include <ws2tcpip.h>

#include <process.h>

#ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */

#include <wspiapi.h>

#endif

#define SOCKET_T SOCKET

#define XSLEEP_MS(t) Sleep(t)

#elif defined(__OS2__)

#include <netdb.h>

#include <sys/ioctl.h>

#include <tcpustd.h>

#define SOCKET_T int

#elif defined(__UNIX__)

#include <string.h>

#include <netdb.h>

#include <netinet/tcp.h>

#ifndef WOLFSSL_NDS

#include <sys/ioctl.h>

#endif

#include <time.h>

#include <sys/time.h>

#ifdef HAVE_PTHREAD

#include <pthread.h>

#endif

#define SOCKET_T int

#ifndef SO_NOSIGPIPE

#include <signal.h> /* ignore SIGPIPE */

#endif

#define XSLEEP_MS(m) \

{ \

struct timespec req = { (m)/1000, ((m) % 1000) * 1000 }; \

nanosleep( &req, NULL ); \

}

#endif

#elif defined(USE_WINDOWS_API)

#include <winsock2.h>

#include <ws2tcpip.h>

#include <process.h>

#ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */

#include <wspiapi.h>

#endif

#define SOCKET_T SOCKET

#define SNPRINTF _snprintf

#define XSLEEP_MS(t) Sleep(t)

#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)

#include <string.h>

#include "rl_net.h"

#define SOCKET_T int

typedef int socklen_t ;

#define inet_addr wolfSSL_inet_addr

static unsigned long wolfSSL_inet_addr(const char *cp)

{

unsigned int a[4] ; unsigned long ret ;

sscanf(cp, "%u.%u.%u.%u", &a[0], &a[1], &a[2], &a[3]) ;

ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;

return(ret) ;

}

#if defined(HAVE_KEIL_RTX)

#define XSLEEP_MS(t) os_dly_wait(t)

#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)

#define XSLEEP_MS(t) osDelay(t)

#endif

#elif defined(WOLFSSL_TIRTOS)

#include <string.h>

#include <netdb.h>

#if !defined(__ti__) /* conflicts with sys/socket.h */

#include <sys/types.h>

#endif

#include <arpa/inet.h>

#include <sys/socket.h>

#include <ti/sysbios/knl/Task.h>

struct hostent {

char *h_name; /* official name of host */

char **h_aliases; /* alias list */

int h_addrtype; /* host address type */

int h_length; /* length of address */

char **h_addr_list; /* list of addresses from name server */

};

#define SOCKET_T int

#define XSLEEP_MS(t) Task_sleep(t/1000)

#elif defined(WOLFSSL_VXWORKS)

#include <hostLib.h>

#include <sockLib.h>

#include <arpa/inet.h>

#include <string.h>

#include <selectLib.h>

#include <sys/types.h>

#include <netinet/in.h>

#include <fcntl.h>

#ifdef WOLFSSL_VXWORKS_6_x

#include <time.h>

#else

#include <sys/time.h>

#endif

#include <netdb.h>

#include <pthread.h>

#define SOCKET_T int

#elif defined(WOLFSSL_ZEPHYR)

#include <version.h>

#include <string.h>

#include <sys/types.h>

#if KERNEL_VERSION_NUMBER >= 0x30100

#include <zephyr/net/socket.h>

#ifdef CONFIG_POSIX_API

#include <zephyr/posix/poll.h>

#include <zephyr/posix/netdb.h>

#include <zephyr/posix/sys/socket.h>

#include <zephyr/posix/sys/select.h>

#endif

#else

#include <net/socket.h>

#ifdef CONFIG_POSIX_API

#include <posix/poll.h>

#include <posix/netdb.h>

#include <posix/sys/socket.h>

#include <posix/sys/select.h>

#endif

#endif

#define SOCKET_T int

#define SOL_SOCKET 1

#define WOLFSSL_USE_GETADDRINFO

static unsigned long inet_addr(const char *cp)

{

unsigned int a[4]; unsigned long ret;

int i, j;

for (i=0, j=0; i<4; i++) {

a[i] = 0;

while (cp[j] != '.' && cp[j] != '\0') {

a[i] *= 10;

a[i] += cp[j] - '0';

j++;

}

}

ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;

return(ret) ;

}

#elif defined(NETOS)

#include <string.h>

#include <sys/types.h>

struct hostent {

char* h_name; /* official name of host */

char** h_aliases; /* alias list */

int h_addrtype; /* host address type */

int h_length; /* length of address */

char** h_addr_list; /* list of addresses from the name server */

};

#elif defined(ARDUINO)

/* TODO, define board-specific */

#else

#include <string.h>

#include <sys/types.h>

#ifndef WOLFSSL_LEANPSK

#include <unistd.h>

#include <netdb.h>

#include <netinet/in.h>

#include <netinet/tcp.h>

#include <arpa/inet.h>

#ifndef WOLFSSL_NDS

#include <sys/ioctl.h>

#endif

#include <sys/time.h>

#include <sys/socket.h>

#ifdef HAVE_PTHREAD

#include <pthread.h>

#endif

#include <fcntl.h>

#ifdef TEST_IPV6

#include <netdb.h>

#endif

#endif

#ifdef FREESCALE_MQX

typedef int socklen_t ;

#endif

#define SOCKET_T int

#ifndef SO_NOSIGPIPE

#include <signal.h> /* ignore SIGPIPE */

#endif

#define SNPRINTF snprintf

#define XSELECT_WAIT(x,y) do { \

struct timeval tv = {((x) + ((y) / 1000000)),((y) % 1000000)}; \

if ((select(0, NULL, NULL, NULL, &tv) < 0) && (errno != EINTR)) \

err_sys("select for XSELECT_WAIT failed."); \

} while (0)

#define XSLEEP_US(u) XSELECT_WAIT(0,u)

#define XSLEEP_MS(m) XSELECT_WAIT(0,(m)*1000)

#endif /* USE_WINDOWS_API */

#ifndef XSLEEP_MS

#define XSLEEP_MS(t) sleep(t/1000)

#endif

#ifdef WOLFSSL_ASYNC_CRYPT

#include <wolfssl/wolfcrypt/async.h>

#endif

#ifdef HAVE_CAVIUM

#include <wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h>

#endif

#ifdef _MSC_VER

/* disable conversion warning */

/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */

#pragma warning(disable:4244 4996)

#endif

#ifndef WOLFSSL_CIPHER_LIST_MAX_SIZE

#define WOLFSSL_CIPHER_LIST_MAX_SIZE 4096

#endif

/* Buffer for benchmark tests */

#ifndef TEST_BUFFER_SIZE

#define TEST_BUFFER_SIZE 16384

#endif

#ifndef WOLFSSL_HAVE_MIN

#define WOLFSSL_HAVE_MIN

#ifdef NO_INLINE

#define min no_inline_min

#endif

static WC_INLINE word32 min(word32 a, word32 b)

{

return a > b ? b : a;

}

#endif /* WOLFSSL_HAVE_MIN */

/* Socket Handling */

#ifndef WOLFSSL_SOCKET_INVALID

#ifdef USE_WINDOWS_API

#define WOLFSSL_SOCKET_INVALID ((SOCKET_T)INVALID_SOCKET)

#elif defined(WOLFSSL_TIRTOS)

#define WOLFSSL_SOCKET_INVALID ((SOCKET_T)-1)

#else

#define WOLFSSL_SOCKET_INVALID (SOCKET_T)(-1)

#endif

#endif /* WOLFSSL_SOCKET_INVALID */

#ifndef WOLFSSL_SOCKET_IS_INVALID

#if defined(USE_WINDOWS_API) || defined(WOLFSSL_TIRTOS)

#define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) == WOLFSSL_SOCKET_INVALID)

#else

#define WOLFSSL_SOCKET_IS_INVALID(s) ((SOCKET_T)(s) < WOLFSSL_SOCKET_INVALID)

#endif

#endif /* WOLFSSL_SOCKET_IS_INVALID */

#if defined(__MACH__) || defined(USE_WINDOWS_API)

#ifndef _SOCKLEN_T

typedef int socklen_t;

#endif

#endif

/* HPUX doesn't use socklent_t for third parameter to accept, unless

_XOPEN_SOURCE_EXTENDED is defined */

#if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)\

&& !defined(WOLFSSL_ROWLEY_ARM) && !defined(WOLFSSL_KEIL_TCP_NET)

typedef socklen_t* ACCEPT_THIRD_T;

#else

#if defined _XOPEN_SOURCE_EXTENDED

typedef socklen_t* ACCEPT_THIRD_T;

#else

typedef int* ACCEPT_THIRD_T;

#endif

#endif

#if defined(DEBUG_PK_CB) || defined(TEST_PK_PRIVKEY) || defined(TEST_PK_PSK)

#define WOLFSSL_PKMSG(...) printf(__VA_ARGS__)

#else

#define WOLFSSL_PKMSG(...) WC_DO_NOTHING

#endif

#ifndef MY_EX_USAGE

#define MY_EX_USAGE 2

#endif

#ifndef EXIT_FAILURE

#define EXIT_FAILURE 1

#endif

#if defined(WOLFSSL_FORCE_MALLOC_FAIL_TEST) || defined(WOLFSSL_ZEPHYR)

#ifndef EXIT_SUCCESS

#define EXIT_SUCCESS 0

#endif

#define XEXIT(rc) return rc

#define XEXIT_T(rc) return (THREAD_RETURN)rc

#else

#define XEXIT(rc) exit((int)(rc))

#define XEXIT_T(rc) exit((int)(rc))

#endif

static WC_INLINE

#if defined(WOLFSSL_FORCE_MALLOC_FAIL_TEST) || defined(WOLFSSL_ZEPHYR)

THREAD_RETURN

#else

WC_NORETURN void

#endif

err_sys(const char* msg)

{

#if !defined(__GNUC__)

/* scan-build (which pretends to be gnuc) can get confused and think the

* msg pointer can be null even when hardcoded and then it won't exit,

* making null pointer checks above the err_sys() call useless.

* We could just always exit() but some compilers will complain about no

* possible return, with gcc we know the attribute to handle that with

* WC_NORETURN. */

if (msg)

#endif

{

fprintf(stderr, "wolfSSL error: %s\n", msg);

}

XEXIT_T(EXIT_FAILURE);

}

static WC_INLINE

#if defined(WOLFSSL_FORCE_MALLOC_FAIL_TEST) || defined(WOLFSSL_ZEPHYR)

THREAD_RETURN

#else

WC_NORETURN void

#endif

err_sys_with_errno(const char* msg)

{

#if !defined(__GNUC__)

/* scan-build (which pretends to be gnuc) can get confused and think the

* msg pointer can be null even when hardcoded and then it won't exit,

* making null pointer checks above the err_sys() call useless.

* We could just always exit() but some compilers will complain about no

* possible return, with gcc we know the attribute to handle that with

* WC_NORETURN. */

if (msg)

#endif

{

#if defined(HAVE_STRING_H) && defined(HAVE_ERRNO_H)

fprintf(stderr, "wolfSSL error: %s: %s\n", msg, strerror(errno));

#else

fprintf(stderr, "wolfSSL error: %s\n", msg);

#endif

}

XEXIT_T(EXIT_FAILURE);

}

#define LIBCALL_CHECK_RET(...) do { \

int _libcall_ret = (__VA_ARGS__); \

if (_libcall_ret < 0) { \

fprintf(stderr, "%s L%d error %d for \"%s\"\n", \

__FILE__, __LINE__, errno, #__VA_ARGS__); \

err_sys("library/system call failed"); \

} \

} while(0)

#define THREAD_CHECK_RET(...) do { \

int _thread_ret = (__VA_ARGS__); \

if (_thread_ret != 0) { \

errno = _thread_ret; \

fprintf(stderr, "%s L%d error %d for \"%s\"\n", \

__FILE__, __LINE__, _thread_ret, #__VA_ARGS__); \

err_sys("thread call failed"); \

} \

} while(0)

#ifndef WOLFSSL_NO_TLS12

#define SERVER_DEFAULT_VERSION 3

#else

#define SERVER_DEFAULT_VERSION 4

#endif

#define SERVER_DTLS_DEFAULT_VERSION (-2)

#define SERVER_INVALID_VERSION (-99)

#define SERVER_DOWNGRADE_VERSION (-98)

#ifndef WOLFSSL_NO_TLS12

#define CLIENT_DEFAULT_VERSION 3

#else

#define CLIENT_DEFAULT_VERSION 4

#endif

#define CLIENT_DTLS_DEFAULT_VERSION (-2)

#define CLIENT_INVALID_VERSION (-99)

#define CLIENT_DOWNGRADE_VERSION (-98)

#define EITHER_DOWNGRADE_VERSION (-97)

#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)

#define DEFAULT_MIN_DHKEY_BITS 2048

#define DEFAULT_MAX_DHKEY_BITS 3072

#else

#define DEFAULT_MIN_DHKEY_BITS 1024

#define DEFAULT_MAX_DHKEY_BITS 2048

#endif

#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)

#define DEFAULT_MIN_RSAKEY_BITS 2048

#else

#ifndef DEFAULT_MIN_RSAKEY_BITS

#define DEFAULT_MIN_RSAKEY_BITS 1024

#endif

#endif

#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)

#define DEFAULT_MIN_ECCKEY_BITS 256

#else

#ifndef DEFAULT_MIN_ECCKEY_BITS

#define DEFAULT_MIN_ECCKEY_BITS 224

#endif

#endif

#ifndef DEFAULT_TIMEOUT_SEC

#define DEFAULT_TIMEOUT_SEC 2

#endif

/* all certs relative to wolfSSL home directory now */

#if defined(WOLFSSL_NO_CURRDIR) || defined(WOLFSSL_MDK_SHELL)

#ifdef WOLFSSL_PEM_TO_DER

#define caCertFile "certs/ca-cert.pem"

#define eccCertFile "certs/server-ecc.pem"

#define eccKeyFile "certs/ecc-key.pem"

#define eccKeyPubFile "certs/ecc-keyPub.pem"

#define eccRsaCertFile "certs/server-ecc-rsa.pem"

#define svrCertFile "certs/server-cert.pem"

#define svrKeyFile "certs/server-key.pem"

#define svrKeyPubFile "certs/server-keyPub.pem"

#define cliCertFile "certs/client-cert.pem"

#define cliCertDerFile "certs/client-cert.der"

#define cliCertFileExt "certs/client-cert-ext.pem"

#define cliCertDerFileExt "certs/client-cert-ext.der"

#define cliKeyFile "certs/client-key.pem"

#define cliKeyPubFile "certs/client-keyPub.pem"

#define dhParamFile "certs/dh2048.pem"

#define cliEccKeyFile "certs/ecc-client-key.pem"

#define cliEccKeyPubFile "certs/ecc-client-keyPub.pem"

#define cliEccCertFile "certs/client-ecc-cert.pem"

#define caEccCertFile "certs/ca-ecc-cert.pem"

#define crlPemDir "certs/crl"

#define edCertFile "certs/ed25519/server-ed25519-cert.pem"

#define edKeyFile "certs/ed25519/server-ed25519-priv.pem"

#define edKeyPubFile "certs/ed25519/server-ed25519-key.pem"

#define cliEdCertFile "certs/ed25519/client-ed25519.pem"

#define cliEdKeyFile "certs/ed25519/client-ed25519-priv.pem"

#define cliEdKeyPubFile "certs/ed25519/client-ed25519-key.pem"

#define caEdCertFile "certs/ed25519/ca-ed25519.pem"

#define ed448CertFile "certs/ed448/server-ed448-cert.pem"

#define ed448KeyFile "certs/ed448/server-ed448-priv.pem"

#define cliEd448CertFile "certs/ed448/client-ed448.pem"

#define cliEd448KeyFile "certs/ed448/client-ed448-priv.pem"

#define caEd448CertFile "certs/ed448/ca-ed448.pem"

#define noIssuerCertFile "certs/empty-issuer-cert.pem"

#else

#define caCertFile "certs/ca-cert.der"

#define eccCertFile "certs/server-ecc.der"

#define eccKeyFile "certs/ecc-key.der"

#define eccKeyPubFile "certs/ecc-keyPub.der"

#define eccRsaCertFile "certs/server-ecc-rsa.der"

#define svrCertFile "certs/server-cert.der"

#define svrKeyFile "certs/server-key.der"

#define svrKeyPubFile "certs/server-keyPub.der"

#define cliCertFile "certs/client-cert.der"

#define cliCertDerFile "certs/client-cert.der"

#define cliCertFileExt "certs/client-cert-ext.der"

#define cliCertDerFileExt "certs/client-cert-ext.der"

#define cliKeyFile "certs/client-key.der"

#define cliKeyPubFile "certs/client-keyPub.der"

#define dhParamFile "certs/dh2048.der"

#define cliEccKeyFile "certs/ecc-client-key.der"

#define cliEccKeyPubFile "certs/ecc-client-keyPub.der"

#define cliEccCertFile "certs/client-ecc-cert.der"

#define caEccCertFile "certs/ca-ecc-cert.der"

#define crlPemDir "certs/crl"

#define edCertFile "certs/ed25519/server-ed25519-cert.der"

#define edKeyFile "certs/ed25519/server-ed25519-priv.der"

#define edKeyPubFile "certs/ed25519/server-ed25519-key.der"

#define cliEdCertFile "certs/ed25519/client-ed25519.der"

#define cliEdKeyFile "certs/ed25519/client-ed25519-priv.der"

#define cliEdKeyPubFile "certs/ed25519/client-ed25519-key.der"

#define caEdCertFile "certs/ed25519/ca-ed25519.der"

#define ed448CertFile "certs/ed448/server-ed448-cert.der"

#define ed448KeyFile "certs/ed448/server-ed448-priv.der"

#define cliEd448CertFile "certs/ed448/client-ed448.der"

#define cliEd448KeyFile "certs/ed448/client-ed448-priv.der"

#define caEd448CertFile "certs/ed448/ca-ed448.der"

#define noIssuerCertFile "certs/empty-issuer-cert.der"

#endif

#define caCertFolder "certs/"

#ifdef HAVE_WNR

/* Whitewood netRandom default config file */

#define wnrConfig "wnr-example.conf"

#endif

#elif defined(NETOS) && defined(HAVE_FIPS)

/* These defines specify the file system volume and root directory used by

* the FTP server used in the only supported NETOS FIPS solution (at this

* time), these can be tailored in the event a future FIPS solution is added

* for an alternate NETOS use-case */

#define FS_VOLUME1 "FLASH0"

#define FS_VOLUME1_DIR FS_VOLUME1 "/"

#define caCertFile FS_VOLUME1_DIR "certs/ca-cert.pem"

#define eccCertFile FS_VOLUME1_DIR "certs/server-ecc.pem"

#define eccKeyFile FS_VOLUME1_DIR "certs/ecc-key.pem"

#define svrCertFile FS_VOLUME1_DIR "certs/server-cert.pem"

#define svrKeyFile FS_VOLUME1_DIR "certs/server-key.pem"

#define cliCertFile FS_VOLUME1_DIR "certs/client-cert.pem"

#define cliKeyFile FS_VOLUME1_DIR "certs/client-key.pem"

#define ntruCertFile FS_VOLUME1_DIR "certs/ntru-cert.pem"

#define ntruKeyFile FS_VOLUME1_DIR "certs/ntru-key.raw"

#define dhParamFile FS_VOLUME1_DIR "certs/dh2048.pem"

#define cliEccKeyFile FS_VOLUME1_DIR "certs/ecc-client-key.pem"

#define cliEccCertFile FS_VOLUME1_DIR "certs/client-ecc-cert.pem"

#define caEccCertFile FS_VOLUME1_DIR "certs/ca-ecc-cert/pem"

#define crlPemDir FS_VOLUME1_DIR "certs/crl"

#ifdef HAVE_WNR

/* Whitewood netRandom default config file */

#define wnrConfig "wnr-example.conf"

#endif

#else

#ifdef WOLFSSL_PEM_TO_DER

#define caCertFile "./certs/ca-cert.pem"

#define eccCertFile "./certs/server-ecc.pem"

#define eccKeyFile "./certs/ecc-key.pem"

#define eccKeyPubFile "./certs/ecc-keyPub.pem"

#define eccRsaCertFile "./certs/server-ecc-rsa.pem"

#define svrCertFile "./certs/server-cert.pem"

#define svrKeyFile "./certs/server-key.pem"

#define svrKeyPubFile "./certs/server-keyPub.pem"

#define cliCertFile "./certs/client-cert.pem"

#define cliCertDerFile "./certs/client-cert.der"

#define cliCertFileExt "./certs/client-cert-ext.pem"

#define cliCertDerFileExt "./certs/client-cert-ext.der"

#define cliKeyFile "./certs/client-key.pem"

#define cliKeyPubFile "./certs/client-keyPub.pem"

#define dhParamFile "./certs/dh2048.pem"

#define cliEccKeyFile "./certs/ecc-client-key.pem"

#define cliEccKeyPubFile "./certs/ecc-client-keyPub.pem"

#define cliEccCertFile "./certs/client-ecc-cert.pem"

#define caEccCertFile "./certs/ca-ecc-cert.pem"

#define crlPemDir "./certs/crl"

#define edCertFile "./certs/ed25519/server-ed25519-cert.pem"

#define edKeyFile "./certs/ed25519/server-ed25519-priv.pem"

#define edKeyPubFile "./certs/ed25519/server-ed25519-key.pem"

#define cliEdCertFile "./certs/ed25519/client-ed25519.pem"

#define cliEdKeyFile "./certs/ed25519/client-ed25519-priv.pem"

#define cliEdKeyPubFile "./certs/ed25519/client-ed25519-key.pem"

#define caEdCertFile "./certs/ed25519/ca-ed25519.pem"

#define ed448CertFile "./certs/ed448/server-ed448-cert.pem"

#define ed448KeyFile "./certs/ed448/server-ed448-priv.pem"

#define cliEd448CertFile "./certs/ed448/client-ed448.pem"

#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.pem"

#define caEd448CertFile "./certs/ed448/ca-ed448.pem"

#define noIssuerCertFile "./certs/empty-issuer-cert.pem"

#else

#define caCertFile "./certs/ca-cert.der"

#define eccCertFile "./certs/server-ecc.der"

#define eccKeyFile "./certs/ecc-key.der"

#define eccKeyPubFile "./certs/ecc-keyPub.der"

#define eccRsaCertFile "./certs/server-ecc-rsa.der"

#define svrCertFile "./certs/server-cert.der"

#define svrKeyFile "./certs/server-key.der"

#define svrKeyPubFile "./certs/server-keyPub.der"

#define cliCertFile "./certs/client-cert.der"

#define cliCertDerFile "./certs/client-cert.der"

#define cliCertFileExt "./certs/client-cert-ext.der"

#define cliCertDerFileExt "./certs/client-cert-ext.der"

#define cliKeyFile "./certs/client-key.der"

#define cliKeyPubFile "./certs/client-keyPub.der"

#define dhParamFile "./certs/dh2048.der"

#define cliEccKeyFile "./certs/ecc-client-key.der"

#define cliEccKeyPubFile "./certs/ecc-client-keyPub.der"

#define cliEccCertFile "./certs/client-ecc-cert.der"

#define caEccCertFile "./certs/ca-ecc-cert.der"

#define crlPemDir "./certs/crl"

#define edCertFile "./certs/ed25519/server-ed25519-cert.der"

#define edKeyFile "./certs/ed25519/server-ed25519-priv.der"

#define edKeyPubFile "./certs/ed25519/server-ed25519-key.der"

#define cliEdCertFile "./certs/ed25519/client-ed25519.der"

#define cliEdKeyFile "./certs/ed25519/client-ed25519-priv.der"

#define cliEdKeyPubFile "./certs/ed25519/client-ed25519-key.der"

#define caEdCertFile "./certs/ed25519/ca-ed25519.der"

#define ed448CertFile "./certs/ed448/server-ed448-cert.der"

#define ed448KeyFile "./certs/ed448/server-ed448-priv.der"

#define cliEd448CertFile "./certs/ed448/client-ed448.der"

#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.der"

#define caEd448CertFile "./certs/ed448/ca-ed448.der"

#define noIssuerCertFile "./certs/empty-issuer-cert.der"

#endif

#define caCertFolder "./certs/"

#ifdef HAVE_WNR

/* Whitewood netRandom default config file */

#define wnrConfig "./wnr-example.conf"

#endif

#endif

#ifdef WOLFSSL_PEM_TO_DER

#define CERT_FILETYPE WOLFSSL_FILETYPE_PEM

#else

#define CERT_FILETYPE WOLFSSL_FILETYPE_ASN1

#endif

#ifdef TEST_IPV6

typedef struct sockaddr_in6 SOCKADDR_IN_T;

#define AF_INET_V AF_INET6

#else

typedef struct sockaddr_in SOCKADDR_IN_T;

#define AF_INET_V AF_INET

#endif

typedef struct tcp_ready {

word16 ready; /* predicate */

word16 port;

char* srfName; /* server ready file name */

#ifndef SINGLE_THREADED

#ifdef WOLFSSL_COND

wolfSSL_Mutex mutex;

COND_TYPE cond;

#else /* No signaling available, rely only on the mutex */

wolfSSL_Mutex mutex;

#endif

#endif

} tcp_ready;

static WC_INLINE void InitTcpReady(tcp_ready* ready)

{

ready->ready = 0;

ready->port = 0;

ready->srfName = NULL;

#ifndef SINGLE_THREADED

THREAD_CHECK_RET(wc_InitMutex(&ready->mutex));

#ifdef WOLFSSL_COND

THREAD_CHECK_RET(wolfSSL_CondInit(&ready->cond));

#endif

#endif

}

#ifdef NETOS

struct hostent* gethostbyname(const char* name);

#endif

static WC_INLINE void FreeTcpReady(tcp_ready* ready)

{

#ifndef SINGLE_THREADED

THREAD_CHECK_RET(wc_FreeMutex(&ready->mutex));

#ifdef WOLFSSL_COND

THREAD_CHECK_RET(wolfSSL_CondFree(&ready->cond));

#endif

#else

(void)ready;

#endif

}

typedef WOLFSSL_METHOD* (*method_provider)(void);

typedef void (*ctx_callback)(WOLFSSL_CTX* ctx);

typedef void (*ssl_callback)(WOLFSSL* ssl);

typedef struct callback_functions {

method_provider method;

ctx_callback ctx_ready;

ssl_callback ssl_ready;

ssl_callback on_result;

ssl_callback on_cleanup;

WOLFSSL_CTX* ctx;

const char* caPemFile;

const char* certPemFile;

const char* keyPemFile;

const char* crlPemFile;

#ifdef WOLFSSL_STATIC_MEMORY

byte* mem;

word32 memSz;

wolfSSL_method_func method_ex;

#endif

int devId;

int return_code;

int last_err;

unsigned char isSharedCtx:1;

unsigned char loadToSSL:1;

unsigned char ticNoInit:1;

unsigned char doUdp:1;

} callback_functions;

#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)

typedef struct srtp_test_helper {

wolfSSL_Mutex mutex;

COND_TYPE cond;

uint8_t* server_srtp_ekm;

size_t server_srtp_ekm_size;

} srtp_test_helper;

#endif /* WOLFSSL_SRTP WOLFSSL_COND */

typedef struct func_args {

int argc;

char** argv;

int return_code;

tcp_ready* signal;

callback_functions *callbacks;

#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)

srtp_test_helper* srtp_helper;

#endif

} func_args;

#ifdef NETOS

int dc_log_printf(char* format, ...);

#undef printf

#define printf dc_log_printf

#endif

void wait_tcp_ready(func_args* args);

#ifndef SINGLE_THREADED

void start_thread(THREAD_CB fun, func_args* args, THREAD_TYPE* thread);

void join_thread(THREAD_TYPE thread);

#endif

typedef int (*cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);

void test_wolfSSL_client_server_nofail_ex(callback_functions* client_cb,

callback_functions* server_cb, cbType client_on_handshake);

void test_wolfSSL_client_server_nofail(callback_functions* client_cb,

callback_functions* server_cb);

#if defined(__MACH__) || defined(__FreeBSD__)

int link_file(const char* in, const char* out);

#define STAGE_FILE(x,y) link_file((x),(y))

#else

#define STAGE_FILE(x,y) copy_file((x),(y))

#endif

void signal_ready(tcp_ready* ready);

/* wolfSSL */

#ifndef TEST_IPV6

static const char* const wolfSSLIP = "127.0.0.1";

#else

static const char* const wolfSSLIP = "::1";

#endif

static const word16 wolfSSLPort = 11111;

extern int myoptind;

extern char* myoptarg;

#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)

static WC_INLINE void srtp_helper_init(srtp_test_helper *srtp)

{

srtp->server_srtp_ekm_size = 0;

srtp->server_srtp_ekm = NULL;

THREAD_CHECK_RET(wc_InitMutex(&srtp->mutex));

THREAD_CHECK_RET(wolfSSL_CondInit(&srtp->cond));

}

/**

* strp_helper_get_ekm() - get exported key material of other peer

* @srtp: srtp_test_helper struct shared with other peer [in]

* @ekm: where to store the shared buffer pointer [out]

* @size: size of the shared buffer returned [out]

*

* This function wait that the other peer calls strp_helper_set_ekm() and then

* store the buffer pointer/size in @ekm and @size.

*/

static WC_INLINE void srtp_helper_get_ekm(srtp_test_helper *srtp,

uint8_t **ekm, size_t *size)

{

THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));

if (srtp->server_srtp_ekm == NULL) {

THREAD_CHECK_RET(wolfSSL_CondWait(&srtp->cond));

}

*ekm = srtp->server_srtp_ekm;

*size = srtp->server_srtp_ekm_size;

/* reset */

srtp->server_srtp_ekm = NULL;

srtp->server_srtp_ekm_size = 0;

THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));

}

/**

* strp_helper_set_ekm() - set exported key material of other peer

* @srtp: srtp_test_helper struct shared with other peer [in]

* @ekm: pointer to the shared buffer [in]

* @size: size of the shared buffer [in]

*

* This function set the @ekm and wakes up a peer waiting in

* srtp_helper_get_ekm().

*

* used in client_srtp_test()/server_srtp_test()

*/

static WC_INLINE void srtp_helper_set_ekm(srtp_test_helper *srtp,

uint8_t *ekm, size_t size)

{

THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));

srtp->server_srtp_ekm_size = size;

srtp->server_srtp_ekm = ekm;

THREAD_CHECK_RET(wolfSSL_CondSignal(&srtp->cond));

THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));

}

static WC_INLINE void srtp_helper_free(srtp_test_helper *srtp)

{

THREAD_CHECK_RET(wc_FreeMutex(&srtp->mutex));

THREAD_CHECK_RET(wolfSSL_CondFree(&srtp->cond));

}

#endif /* WOLFSSL_SRTP && WOLFSSL_COND */

/**

*

* @param argc Number of argv strings

* @param argv Array of string arguments

* @param optstring String containing the supported alphanumeric arguments.

* A ':' following a character means that it requires a

* value in myoptarg to be set. A ';' means that the

* myoptarg is optional. myoptarg is set to "" if not

* present.

* @return Option letter in argument

*/

static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring)

{

static char* next = NULL;

char c;

char* cp;

/* Added sanity check because scan-build complains argv[myoptind] access

* results in a null pointer dereference. */

if (argv == NULL) {

myoptarg = NULL;

return -1;

}

if (myoptind == 0)

next = NULL; /* we're starting new/over */

if (next == NULL || *next == '\0') {

if (myoptind == 0)

myoptind++;

if (myoptind >= argc || argv[myoptind] == NULL ||

argv[myoptind][0] != '-' || argv[myoptind][1] == '\0') {

myoptarg = NULL;

if (myoptind < argc)

myoptarg = argv[myoptind];

return -1;

}

if (strcmp(argv[myoptind], "--") == 0) {

myoptind++;

myoptarg = NULL;

if (myoptind < argc)

myoptarg = argv[myoptind];

return -1;

}

next = argv[myoptind];

next++; /* skip - */

myoptind++;

}

c = *next++;

/* The C++ strchr can return a different value */

cp = (char*)strchr(optstring, c);

if (cp == NULL || c == ':' || c == ';')

return '?';

cp++;

if (*cp == ':') {

if (*next != '\0') {

myoptarg = next;

next = NULL;

}

else if (myoptind < argc) {

myoptarg = argv[myoptind];

myoptind++;

}

else

return '?';

}

else if (*cp == ';') {

myoptarg = (char*)"";

if (*next != '\0') {

myoptarg = next;

next = NULL;

}

else if (myoptind < argc) {

/* Check if next argument is not a parameter argument */

if (argv[myoptind] && argv[myoptind][0] != '-') {

myoptarg = argv[myoptind];

myoptind++;

}

}

}

return c;

}

struct mygetopt_long_config {

const char *name;

int takes_arg; /* 0=no arg, 1=required arg, 2=optional arg */

int value;

};

/**

*

* @param argc Number of argv strings

* @param argv Array of string arguments

* @param optstring String containing the supported alphanumeric arguments.

* A ':' following a character means that it requires a

* value in myoptarg to be set. A ';' means that the

* myoptarg is optional. myoptarg is set to "" if not

* present.

* @return Option letter in argument

*/