From bb74dca6e751eb4e29b4a2eef3718cab38c4c2b3 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 14 Jan 2019 14:04:44 -0800
Subject: [PATCH] Added certificate and private key to server example. Enable
 error strings, server side code and remove slow sha option for Arduino.

---
 .../wolfssl_client/wolfssl_client.ino         |  7 +++--
 .../wolfssl_server/wolfssl_server.ino         | 30 +++++++++++++++++--
 wolfssl/wolfcrypt/settings.h                  |  3 --
 3 files changed, 31 insertions(+), 9 deletions(-)

diff --git a/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino b/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
index 5e45a4cb0..383181524 100644
--- a/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+++ b/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
@@ -33,11 +33,12 @@ int reconnect = 10;
 
 EthernetClient client;
 
-WOLFSSL_CTX* ctx = 0;
-WOLFSSL* ssl = 0;
-WOLFSSL_METHOD* method = 0;
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
 
 void setup() {
+  WOLFSSL_METHOD* method;
+
   Serial.begin(9600);
 
   method = wolfTLSv1_2_client_method();
diff --git a/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino b/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
index 0a71322d8..49ab819e0 100644
--- a/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
+++ b/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
@@ -24,6 +24,13 @@
 #include <wolfssl/ssl.h>
 #include <Ethernet.h>
 
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+
+#ifdef NO_WOLFSSL_SERVER
+  #error Please undefine NO_WOLFSSL_SERVER for this example
+#endif
+
 const int port = 11111; // port to listen on
 
 int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
@@ -32,11 +39,13 @@ int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
 EthernetServer server(port);
 EthernetClient client;
 
-WOLFSSL_CTX* ctx = 0;
-WOLFSSL* ssl = 0;
-WOLFSSL_METHOD* method = 0;
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
 
 void setup() {
+  int err;
+  WOLFSSL_METHOD* method;
+
   Serial.begin(9600);
 
   method = wolfTLSv1_2_server_method();
@@ -49,11 +58,26 @@ void setup() {
     Serial.println("unable to get ctx");
     return;
   }
+
   // initialize wolfSSL using callback functions
   wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
   wolfSSL_SetIOSend(ctx, EthernetSend);
   wolfSSL_SetIORecv(ctx, EthernetReceive);
 
+  // setup the private key and certificate
+  err = wolfSSL_CTX_use_PrivateKey_buffer(ctx, ecc_key_der_256, 
+    sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting key");
+    return;
+  }
+  err = wolfSSL_CTX_use_certificate_buffer(ctx, serv_ecc_der_256, 
+    sizeof_serv_ecc_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting certificate");
+    return;
+  }
+
   // Start the server
   server.begin();
   
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index 791c05912..00a370dde 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -427,9 +427,6 @@
     #define HAVE_ECC
     #define NO_DH
     #define NO_SESSION_CACHE
-    #define USE_SLOW_SHA
-    #define NO_WOLFSSL_SERVER
-    #define NO_ERROR_STRINGS
 #endif