diff --git a/src/certgen/clu_certgen_ed25519.c b/src/certgen/clu_certgen_ed25519.c deleted file mode 100644 index 12daebfa..00000000 --- a/src/certgen/clu_certgen_ed25519.c +++ /dev/null @@ -1,278 +0,0 @@ -/* clu_certgen_ed25519.c - * - * Copyright (C) 2006-2025 wolfSSL Inc. - * - * This file is part of wolfSSL. - * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA - */ - -#include -#include -#include - -#ifndef WOLFCLU_NO_FILESYSTEM - -void free_things_ed25519(byte** a, byte** b, byte** c, ed25519_key* d, ed25519_key* e, - WC_RNG* f); - -int make_self_signed_ed25519_certificate(char* keyPath, char* certOut) -{ - int ret = 0; - int keyInit = 0, rngInit = 0; - - Cert newCert; - ed25519_key key; - WC_RNG rng; - - int keyFileSz; - XFILE keyFile; - XFILE file = NULL; - byte* keyBuf = NULL; - int certBufSz; - byte* certBuf = NULL; - - int pemBufSz; - byte* pemBuf = NULL; - XFILE pemFile = NULL; - - keyFile = XFOPEN(keyPath, "rb"); - if (keyFile == NULL) { - wolfCLU_LogError("unable to open key file %s", keyPath); - return BAD_FUNC_ARG; - } - - XFSEEK(keyFile, 0, SEEK_END); - keyFileSz = (int)XFTELL(keyFile); - keyBuf = (byte*)XMALLOC(keyFileSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (keyBuf == NULL) { - XFCLOSE(keyFile); - return MEMORY_E; - } - if (XFSEEK(keyFile, 0, SEEK_SET) != 0 || (int)XFREAD(keyBuf, 1, keyFileSz, keyFile) != keyFileSz) { - XFCLOSE(keyFile); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFCLU_FAILURE; - } - XFCLOSE(keyFile); - - ret = wc_ed25519_init(&key); - if (ret != 0) { - wolfCLU_LogError("Failed to initialize ed25519 key\nRET: %d", ret); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - return ret; - } - keyInit = 1; - - ret = wc_InitRng(&rng); - if (ret != 0) { - wolfCLU_LogError("Failed to initialize rng.\nRET: %d", ret); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - wc_ed25519_free(&key); - return ret; - } - rngInit = 1; - - ret = wc_ed25519_import_private_key(keyBuf, - ED25519_KEY_SIZE, - keyBuf + ED25519_KEY_SIZE, - ED25519_KEY_SIZE, &key); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (ret != 0 ) { - wolfCLU_LogError("Failed to decode private key.\nRET: %d", ret); - goto cleanup; - } - - wc_InitCert(&newCert); - char country[CTC_NAME_SIZE]; - char province[CTC_NAME_SIZE]; - char city[CTC_NAME_SIZE]; - char org[CTC_NAME_SIZE]; - char unit[CTC_NAME_SIZE]; - char commonName[CTC_NAME_SIZE]; - char email[CTC_NAME_SIZE]; - char daysValid[CTC_NAME_SIZE]; - - WOLFCLU_LOG(WOLFCLU_L0, "Enter your countries 2 digit code (ex: United States -> US): "); - if (XFGETS(country,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - country[CTC_NAME_SIZE-1] = '\0'; - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of the province you are located at: "); - if (XFGETS(province,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of the city you are located at: "); - if (XFGETS(city,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of your orginization: "); - if (XFGETS(org,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of your unit: "); - if (XFGETS(unit,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the common name of your domain: "); - if (XFGETS(commonName,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter your email address: "); - if (XFGETS(email,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the number of days this certificate should be valid: "); - if (XFGETS(daysValid,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - - XSTRNCPY(newCert.subject.country, country, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.state, province, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.locality, city, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.org, org, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.unit, unit, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.commonName, commonName, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.email, email, CTC_NAME_SIZE); - newCert.daysValid = XATOI(daysValid); - newCert.isCA = 0; - newCert.sigType = CTC_ED25519; - - certBuf = (byte*)XMALLOC(FOURK_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (certBuf == NULL) { - wolfCLU_LogError("Failed to initialize buffer to stort certificate."); - ret = MEMORY_E; - goto cleanup; - } - XMEMSET(certBuf, 0, FOURK_SZ); - - ret = wc_MakeCert_ex(&newCert, certBuf, FOURK_SZ, ED25519_TYPE, &key, &rng); - if (ret < 0) { - wolfCLU_LogError("Failed to make certificate."); - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "MakeCert returned %d", ret); - - ret = wc_SignCert_ex(newCert.bodySz, newCert.sigType, certBuf, FOURK_SZ, - ED25519_TYPE, &key, &rng); - if (ret < 0) { - wolfCLU_LogError("Failed to sign certificate."); - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "SignCert returned %d", ret); - - certBufSz = ret; - - WOLFCLU_LOG(WOLFCLU_L0, "Successfully created new certificate"); - WOLFCLU_LOG(WOLFCLU_L0, "Writing newly generated certificate to file \"%s\"", - certOut); - file = XFOPEN(certOut, "wb"); - if (!file) { - wolfCLU_LogError("failed to open file: %s", certOut); - ret = WOLFCLU_FATAL_ERROR; - goto cleanup; - } - - ret = (int)XFWRITE(certBuf, 1, certBufSz, file); - XFCLOSE(file); - WOLFCLU_LOG(WOLFCLU_L0, "Successfully output %d bytes", ret); - -/*---------------------------------------------------------------------------*/ -/* convert the der to a pem and write it to a file */ -/*---------------------------------------------------------------------------*/ - - WOLFCLU_LOG(WOLFCLU_L0, "Convert the der cert to pem formatted cert"); - - pemBuf = (byte*)XMALLOC(FOURK_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (pemBuf == NULL) { - wolfCLU_LogError("Failed to initialize pem buffer."); - ret = MEMORY_E; - goto cleanup; - } - XMEMSET(pemBuf, 0, FOURK_SZ); - - pemBufSz = wc_DerToPem(certBuf, certBufSz, pemBuf, FOURK_SZ, CERT_TYPE); - if (pemBufSz < 0) { - wolfCLU_LogError("Failed to convert from der to pem."); - ret = pemBufSz; - goto cleanup; - } - - WOLFCLU_LOG(WOLFCLU_L0, "Resulting pem buffer is %d bytes", pemBufSz); - - pemFile = XFOPEN(certOut, "wb"); - if (!pemFile) { - wolfCLU_LogError("failed to open file: %s", certOut); - ret = WOLFCLU_FATAL_ERROR; - goto cleanup; - } - XFWRITE(pemBuf, 1, pemBufSz, pemFile); - XFCLOSE(pemFile); - WOLFCLU_LOG(WOLFCLU_L0, "Successfully converted the der to pem. Result is in: %s\n", - certOut); - ret = WOLFCLU_SUCCESS; - -cleanup: - if (pemBuf != NULL) - XFREE(pemBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (certBuf != NULL) - XFREE(certBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (keyInit) - wc_ed25519_free(&key); - if (rngInit) - wc_FreeRng(&rng); - return ret; -} - -void free_things_ed25519(byte** a, byte** b, byte** c, ed25519_key* d, ed25519_key* e, - WC_RNG* f) -{ - if (a != NULL) { - if (*a != NULL) { - XFREE(*a, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *a = NULL; - } - } - if (b != NULL) { - if (*b != NULL) { - XFREE(*b, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *b = NULL; - } - } - if (c != NULL) { - if (*c != NULL) { - XFREE(*c, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *c = NULL; - } - } - - wc_ed25519_free(d); - wc_ed25519_free(e); - wc_FreeRng(f); - -} -#endif diff --git a/src/certgen/clu_certgen_rsa.c b/src/certgen/clu_certgen_rsa.c deleted file mode 100644 index 7933c12c..00000000 --- a/src/certgen/clu_certgen_rsa.c +++ /dev/null @@ -1,295 +0,0 @@ -/* clu_certgen_rsa.c - * - * Copyright (C) 2006-2025 wolfSSL Inc. - * - * This file is part of wolfSSL. - * - * wolfSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * wolfSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA - */ - -#include -#include -#include - -#ifndef WOLFCLU_NO_FILESYSTEM - -void free_things_rsa(byte** a, byte** b, byte** c, RsaKey* d, RsaKey* e, - WC_RNG* f); - -int make_self_signed_rsa_certificate(char* keyPath, char* certOut, int oid) -{ - int ret = 0; - word32 index = 0; - int keyInit = 0, rngInit = 0; - - Cert newCert; - RsaKey key; - WC_RNG rng; - - int keyFileSz; - XFILE keyFile; - XFILE file; - XFILE pemFile; - byte* keyBuf; - int certBufSz = 0; - byte* certBuf = NULL; - int pemBufSz; - byte* pemBuf = NULL; - - keyFile = XFOPEN(keyPath, "rb"); - if (keyFile == NULL) { - wolfCLU_LogError("unable to open key file %s", keyPath); - return BAD_FUNC_ARG; - } - - XFSEEK(keyFile, 0, SEEK_END); - keyFileSz = (int)XFTELL(keyFile); - keyBuf = (byte*)XMALLOC(keyFileSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (keyBuf == NULL) { - XFCLOSE(keyFile); - return MEMORY_E; - } - if (XFSEEK(keyFile, 0, SEEK_SET) != 0 || (int)XFREAD(keyBuf, 1, keyFileSz, keyFile) != keyFileSz) { - XFCLOSE(keyFile); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFCLU_FAILURE; - } - XFCLOSE(keyFile); - - ret = wc_InitRsaKey(&key, NULL); - if (ret != 0) { - wolfCLU_LogError("Failed to initialize RsaKey\nRET: %d", ret); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - return ret; - } - keyInit = 1; - - ret = wc_InitRng(&rng); - if (ret != 0) { - wolfCLU_LogError("Failed to initialize rng.\nRET: %d", ret); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - wc_FreeRsaKey(&key); - return ret; - } - rngInit = 1; - - ret = wc_RsaPrivateKeyDecode(keyBuf, &index, &key, keyFileSz); - wolfCLU_ForceZero(keyBuf, keyFileSz); - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (ret != 0 ) { - wolfCLU_LogError("Failed to decode private key.\nRET: %d", ret); - goto cleanup; - } - - wc_InitCert(&newCert); - char country[CTC_NAME_SIZE]; - char province[CTC_NAME_SIZE]; - char city[CTC_NAME_SIZE]; - char org[CTC_NAME_SIZE]; - char unit[CTC_NAME_SIZE]; - char commonName[CTC_NAME_SIZE]; - char email[CTC_NAME_SIZE]; - char daysValid[CTC_NAME_SIZE]; - - WOLFCLU_LOG(WOLFCLU_L0, "Enter your countries 2 digit code (ex: United States -> US): "); - if (XFGETS(country,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - country[CTC_NAME_SIZE-1] = '\0'; - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of the province you are located at: "); - if (XFGETS(province,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of the city you are located at: "); - if (XFGETS(city,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of your orginization: "); - if (XFGETS(org,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the name of your unit: "); - if (XFGETS(unit,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the common name of your domain: "); - if (XFGETS(commonName,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter your email address: "); - if (XFGETS(email,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "Enter the number of days this certificate should be valid: "); - if (XFGETS(daysValid,CTC_NAME_SIZE, stdin) == NULL) { - ret = WOLFCLU_FAILURE; - goto cleanup; - } - - XSTRNCPY(newCert.subject.country, country, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.state, province, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.locality, city, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.org, org, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.unit, unit, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.commonName, commonName, CTC_NAME_SIZE); - XSTRNCPY(newCert.subject.email, email, CTC_NAME_SIZE); - newCert.daysValid = XATOI(daysValid); - newCert.isCA = 0; - - switch(oid) { - case SHA_HASH: - newCert.sigType = CTC_SHAwRSA; - break; - case SHA_HASH224: - newCert.sigType = CTC_SHA224wRSA; - break; - case SHA_HASH256: - newCert.sigType = CTC_SHA256wRSA; - break; - case SHA_HASH384: - newCert.sigType = CTC_SHA384wRSA; - break; - case SHA_HASH512: - newCert.sigType = CTC_SHA512wRSA; - break; - } - - certBuf = (byte*) XMALLOC(FOURK_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (certBuf == NULL) { - wolfCLU_LogError("Failed to initialize buffer to stort certificate."); - ret = -1; - goto cleanup; - } - XMEMSET(certBuf, 0, FOURK_SZ); - - ret = wc_MakeCert(&newCert, certBuf, FOURK_SZ, &key, NULL, &rng); - if (ret < 0) { - wolfCLU_LogError("Failed to make certificate."); - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "MakeCert returned %d", ret); - - ret = wc_SignCert(newCert.bodySz, newCert.sigType, certBuf, FOURK_SZ, &key, - NULL, &rng); - if (ret < 0) { - wolfCLU_LogError("Failed to sign certificate."); - goto cleanup; - } - WOLFCLU_LOG(WOLFCLU_L0, "SignCert returned %d", ret); - - certBufSz = ret; - - WOLFCLU_LOG(WOLFCLU_L0, "Successfully created new certificate"); - WOLFCLU_LOG(WOLFCLU_L0, "Writing newly generated certificate to file \"%s\"", - certOut); - file = XFOPEN(certOut, "wb"); - if (!file) { - wolfCLU_LogError("failed to open file: %s", certOut); - ret = -1; - goto cleanup; - } - - ret = (int)XFWRITE(certBuf, 1, certBufSz, file); - XFCLOSE(file); - WOLFCLU_LOG(WOLFCLU_L0, "Successfully output %d bytes", ret); - -/*---------------------------------------------------------------------------*/ -/* convert the der to a pem and write it to a file */ -/*---------------------------------------------------------------------------*/ - - WOLFCLU_LOG(WOLFCLU_L0, "Convert the der cert to pem formatted cert"); - - pemBuf = (byte*)XMALLOC(FOURK_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (pemBuf == NULL) { - wolfCLU_LogError("Failed to initialize pem buffer."); - ret = -1; - goto cleanup; - } - XMEMSET(pemBuf, 0, FOURK_SZ); - - pemBufSz = wc_DerToPem(certBuf, certBufSz, pemBuf, FOURK_SZ, CERT_TYPE); - if (pemBufSz < 0) { - wolfCLU_LogError("Failed to convert from der to pem."); - ret = -1; - goto cleanup; - } - - WOLFCLU_LOG(WOLFCLU_L0, "Resulting pem buffer is %d bytes", pemBufSz); - - pemFile = XFOPEN(certOut, "wb"); - if (!pemFile) { - wolfCLU_LogError("failed to open file: %s", certOut); - ret = -1; - goto cleanup; - } - XFWRITE(pemBuf, 1, pemBufSz, pemFile); - XFCLOSE(pemFile); - WOLFCLU_LOG(WOLFCLU_L0, "Successfully converted the der to pem. Result is in: %s\n", - certOut); - - ret = 1; - -cleanup: - if (pemBuf != NULL) - XFREE(pemBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (certBuf != NULL) - XFREE(certBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (keyInit) - wc_FreeRsaKey(&key); - if (rngInit) - wc_FreeRng(&rng); - - return ret; -} - -void free_things_rsa(byte** a, byte** b, byte** c, RsaKey* d, RsaKey* e, - WC_RNG* f) -{ - if (a != NULL) { - if (*a != NULL) { - XFREE(*a, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *a = NULL; - } - } - if (b != NULL) { - if (*b != NULL) { - XFREE(*b, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *b = NULL; - } - } - if (c != NULL) { - if (*c != NULL) { - XFREE(*c, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - *c = NULL; - } - } - - wc_FreeRsaKey(d); - wc_FreeRsaKey(e); - wc_FreeRng(f); - -} - -#endif /* !WOLFCLU_NO_FILESYSTEM */ diff --git a/src/include.am b/src/include.am index d79caeea..776b7c65 100644 --- a/src/include.am +++ b/src/include.am @@ -33,8 +33,6 @@ wolfssl_SOURCES = src/clu_main.c \ src/sign-verify/clu_crl_verify.c \ src/sign-verify/clu_sign_verify_setup.c \ src/sign-verify/clu_dgst_setup.c \ - src/certgen/clu_certgen_ed25519.c \ - src/certgen/clu_certgen_rsa.c \ src/pkey/clu_rsa.c \ src/pkey/clu_pkey.c \ src/pkcs/clu_pkcs12.c \ diff --git a/src/sign-verify/clu_verify.c b/src/sign-verify/clu_verify.c index 11a25f20..789a090a 100644 --- a/src/sign-verify/clu_verify.c +++ b/src/sign-verify/clu_verify.c @@ -27,111 +27,6 @@ * and ED25519_SIG_VER */ #ifndef WOLFCLU_NO_FILESYSTEM -# if 0 -static int wolfCLU_generate_public_key_ed25519(char* privKey, int inForm, byte* outBuf, - word32 outLen) -{ -#ifdef HAVE_ED25519 - int ret; - int privFileSz; - word32 index = 0; - - XFILE privKeyFile = NULL; - byte* keyBuf = NULL; - ed25519_key key; - - XMEMSET(&key, 0, sizeof(key)); - - /* initialize ED25519 key */ - ret = wc_ed25519_init(&key); - if (ret != 0) { - wolfCLU_LogError("Failed to initialize ed25519 key\nRET: %d", ret); - } - - /* open, read, and store ED25519 key */ - if (ret == 0) { - privKeyFile = XFOPEN(privKey, "rb"); - if (privKeyFile == NULL) { - wolfCLU_LogError("unable to open file %s", privKey); - ret = BAD_FUNC_ARG; - } - } - if (ret == 0) { - XFSEEK(privKeyFile, 0, SEEK_END); - privFileSz = (int)XFTELL(privKeyFile); - keyBuf = (byte*)XMALLOC(privFileSz+1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (keyBuf == NULL) { - ret = MEMORY_E; - } - } - if (ret == 0) { - XMEMSET(keyBuf, 0, privFileSz+1); - if (XFSEEK(privKeyFile, 0, SEEK_SET) != 0 || - (int)XFREAD(keyBuf, 1, privFileSz, privKeyFile) != privFileSz) { - ret = WOLFCLU_FATAL_ERROR; - } - } - - /* convert PEM to DER if necessary */ - if (inForm == PEM_FORM && ret == 0) { - ret = wolfCLU_KeyPemToDer(&keyBuf, privFileSz, 0); - if (ret < 0) { - wolfCLU_LogError("Failed to convert PEM to DER.\nRET: %d", ret); - } - else { - privFileSz = ret; - ret = 0; - } - } - - /* decode the private key from the DER-encoded input */ - if (ret == 0) { - ret = wc_Ed25519PrivateKeyDecode(keyBuf, &index, &key, privFileSz); - if (ret == 0) { - /* Calculate the public key */ - ret = wc_ed25519_make_public(&key, key.p, ED25519_PUB_KEY_SIZE); - if (ret == 0) { - key.pubKeySet = 1; - } - } - else { - wolfCLU_LogError("Failed to import private key.\nRET: %d", ret); - } - } - - /* export public key */ - if (ret == 0) { - if (outLen < ED25519_PUB_KEY_SIZE) { - wolfCLU_LogError("Output buffer too small. Required: %d, Provided: %d", - ED25519_PUB_KEY_SIZE, outLen); - ret = BUFFER_E; - } - else { - outLen = ED25519_PUB_KEY_SIZE; - ret = wc_ed25519_export_public(&key, outBuf, &outLen); - if (ret != 0) { - wolfCLU_LogError("Failed to export ED25519 public key.\nRET: %d", ret); - } - } - } - - /* cleanup allocated resources */ - XFCLOSE(privKeyFile); - - if (keyBuf!= NULL) { - XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - } - - wc_ed25519_free(&key); - - /* expected ret == WOLFCLU_SUCCESS */ - return (ret >= 0) ? WOLFCLU_SUCCESS : ret; -#else - return NOT_COMPILED_IN; -#endif -} -#endif - int wolfCLU_verify_signature(char* sig, char* hashFile, char* out, char* keyPath, int keyType, int pubIn, int inForm) @@ -998,7 +893,7 @@ int wolfCLU_verify_signature_xmss(byte* sig, int sigSz, } if (ret == 0) { - for (int i = 0; i < XMSS_OID_LEN; i++) { + for (unsigned int i = 0; i < XMSS_OID_LEN; i++) { oid = (oid << 8) | keyBuf[i]; } @@ -1153,7 +1048,7 @@ int wolfCLU_verify_signature_xmssmt(byte* sig, int sigSz, } if (ret == 0) { - for (int i = 0; i < XMSS_OID_LEN; i++) { + for (unsigned int i = 0; i < XMSS_OID_LEN; i++) { oid = (oid << 8) | keyBuf[i]; } diff --git a/src/tools/clu_funcs.c b/src/tools/clu_funcs.c index 603bfccf..b746d248 100644 --- a/src/tools/clu_funcs.c +++ b/src/tools/clu_funcs.c @@ -33,8 +33,6 @@ #define MAX_ENTRY_NAME 64 -static int loop = 0; - static const struct option crypt_algo_options[] = { /* AES */ {"-aes-128-ctr", no_argument, 0, WOLFCLU_AES128CTR}, @@ -1061,27 +1059,6 @@ int wolfCLU_getAlgo(int argc, char** argv, int* alg, char** mode, int* size) return ret; } - -/* - * adds character to end of string - */ -void wolfCLU_append(char* s, char c) -{ - int len = (int) XSTRLEN(s); /* length of string*/ - - s[len] = c; - s[len+1] = '\0'; -} - -/* - * resets benchmarking loop - */ -void wolfCLU_stop(int signo) -{ - (void) signo; /* type cast to void for unused variable */ - loop = 0; -} - /* * gets current time durring program execution */ diff --git a/src/tools/clu_http.c b/src/tools/clu_http.c index 0b624f75..191ba4ba 100644 --- a/src/tools/clu_http.c +++ b/src/tools/clu_http.c @@ -95,125 +95,6 @@ int wolfCLU_GetDefaultHttpResponseLength(void) return (int)(sizeof(kDefaultHttpResponse) - 1); } -/** - * @brief Build a custom HTTP GET request - * @param path the path to request (e.g., "/index.html") - * @param host optional host header value (can be NULL) - * @param buffer buffer to write the request to - * @param bufferSz size of the buffer - * @return number of bytes written to buffer, or negative on error - */ -int wolfCLU_BuildHttpGet(const char* path, const char* host, char* buffer, - int bufferSz) -{ - int sz = 0; - - if (path == NULL || buffer == NULL || bufferSz < 32) { - return -1; - } - - /* Build GET request */ - sz = XSNPRINTF(buffer, bufferSz, "GET %s HTTP/1.0\r\n", path); - if (sz < 0 || sz >= bufferSz) { - return -1; - } - - /* Add Host header if provided */ - if (host != NULL) { - int hostSz = XSNPRINTF(buffer + sz, bufferSz - sz, - "Host: %s\r\n", host); - if (hostSz < 0 || sz + hostSz >= bufferSz) { - return -1; - } - sz += hostSz; - } - - /* Add final CRLF */ - if (sz + 2 >= bufferSz) { - return -1; - } - buffer[sz++] = '\r'; - buffer[sz++] = '\n'; - buffer[sz] = '\0'; - - return sz; -} - -/** - * @brief Build a simple HTTP response - * @param statusCode HTTP status code (e.g., 200, 404) - * @param statusText HTTP status text (e.g., "OK", "Not Found") - * @param contentType MIME type (e.g., "text/html") - * @param body response body content - * @param buffer buffer to write the response to - * @param bufferSz size of the buffer - * @return number of bytes written to buffer, or negative on error - */ -int wolfCLU_BuildHttpResponse(int statusCode, const char* statusText, - const char* contentType, const char* body, - char* buffer, int bufferSz) -{ - int sz = 0; - int bodySz = 0; - - if (statusText == NULL || buffer == NULL || bufferSz < 64) { - return -1; - } - - if (body != NULL) { - bodySz = (int)XSTRLEN(body); - } - - /* Build status line */ - sz = XSNPRINTF(buffer, bufferSz, "HTTP/1.1 %d %s\r\n", - statusCode, statusText); - if (sz < 0 || sz >= bufferSz) { - return -1; - } - - /* Add Content-Type header */ - if (contentType != NULL) { - int ctSz = XSNPRINTF(buffer + sz, bufferSz - sz, - "Content-Type: %s\r\n", contentType); - if (ctSz < 0 || sz + ctSz >= bufferSz) { - return -1; - } - sz += ctSz; - } - - /* Add Connection header */ - if (sz + 22 >= bufferSz) { - return -1; - } - sz += XSNPRINTF(buffer + sz, bufferSz - sz, "Connection: close\r\n"); - - /* Add Content-Length header */ - if (sz + 30 >= bufferSz) { - return -1; - } - sz += XSNPRINTF(buffer + sz, bufferSz - sz, "Content-Length: %d\r\n", - bodySz); - - /* Add final CRLF before body */ - if (sz + 2 >= bufferSz) { - return -1; - } - buffer[sz++] = '\r'; - buffer[sz++] = '\n'; - - /* Add body if provided */ - if (body != NULL && bodySz > 0) { - if (sz + bodySz >= bufferSz) { - return -1; - } - XMEMCPY(buffer + sz, body, bodySz); - sz += bodySz; - buffer[sz] = '\0'; - } - - return sz; -} - /** * @brief Create and bind a server socket using tcp_listen * @param port port number to bind to (pointer will be updated with actual port) diff --git a/wolfCLU.vcxproj b/wolfCLU.vcxproj index 468bea77..8faba25e 100644 --- a/wolfCLU.vcxproj +++ b/wolfCLU.vcxproj @@ -144,8 +144,6 @@ - - @@ -213,4 +211,4 @@ - \ No newline at end of file + diff --git a/wolfCLU.vcxproj.filters b/wolfCLU.vcxproj.filters index de176b32..9c43d2c1 100644 --- a/wolfCLU.vcxproj.filters +++ b/wolfCLU.vcxproj.filters @@ -27,12 +27,6 @@ Source Files - - Source Files - - - Source Files - Source Files @@ -213,4 +207,4 @@ Header Files - \ No newline at end of file + diff --git a/wolfclu/certgen/clu_certgen.h b/wolfclu/certgen/clu_certgen.h index b4635152..89cd8da2 100644 --- a/wolfclu/certgen/clu_certgen.h +++ b/wolfclu/certgen/clu_certgen.h @@ -23,7 +23,3 @@ enum { SHA_HASH384, SHA_HASH512 }; - -int make_self_signed_rsa_certificate(char*, char*, int); - -int make_self_signed_ed25519_certificate(char*, char*); diff --git a/wolfclu/clu_header_main.h b/wolfclu/clu_header_main.h index bea785c6..dafc4f9b 100644 --- a/wolfclu/clu_header_main.h +++ b/wolfclu/clu_header_main.h @@ -282,19 +282,6 @@ int wolfCLU_getAlgo(int argc, char** argv, int* alg, char** mode, int* size); */ const WOLFSSL_EVP_CIPHER* wolfCLU_CipherTypeFromAlgo(int alg); -/* adds characters to end of string - * - * @param s the char array we'll be appending to - * @param c the char that will be appended to s - */ -void wolfCLU_append(char* s, char c); - -/* interrupt function - * - * @param signo gets type cast to void, interrupts the loop. - */ -void wolfCLU_stop(int signo); - /* finds current time during runtime */ double wolfCLU_getTime(void); @@ -665,31 +652,6 @@ const char* wolfCLU_GetDefaultHttpResponse(void); */ int wolfCLU_GetDefaultHttpResponseLength(void); -/** - * @brief Build a custom HTTP GET request - * @param path the path to request (e.g., "/index.html") - * @param host optional host header value (can be NULL) - * @param buffer buffer to write the request to - * @param bufferSz size of the buffer - * @return number of bytes written to buffer, or negative on error - */ -int wolfCLU_BuildHttpGet(const char* path, const char* host, char* buffer, - int bufferSz); - -/** - * @brief Build a simple HTTP response - * @param statusCode HTTP status code (e.g., 200, 404) - * @param statusText HTTP status text (e.g., "OK", "Not Found") - * @param contentType MIME type (e.g., "text/html") - * @param body response body content - * @param buffer buffer to write the response to - * @param bufferSz size of the buffer - * @return number of bytes written to buffer, or negative on error - */ -int wolfCLU_BuildHttpResponse(int statusCode, const char* statusText, - const char* contentType, const char* body, - char* buffer, int bufferSz); - /* Platform-specific socket type */ #ifdef _WIN32 #ifndef SOCKET_T