From 7bf1976034fe32893e44f2a510190db122bc8b48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 10:09:37 +0000 Subject: [PATCH 001/100] Prepare Changelog for 1.3 branch development This is meant to minimize/simplify merge conflict between topic branches. --- ChangeLog | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index f5a3867b..87098c9e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS 1.3 branch + +Security + +Features + +Bugfix + +Changes + = mbed TLS 1.3.10 released 2015-02-09 Security * NULL pointer dereference in the buffer-based allocator when the buffer is From 1fef5ff5ec5fffeacd4c8c7c433a210382d92421 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Mon, 2 Feb 2015 11:57:21 +0000 Subject: [PATCH 002/100] fix always true assertion --- tests/suites/helpers.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 2cc129a5..f5dff8e7 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -43,7 +43,7 @@ static int unhexify(unsigned char *obuf, const char *ibuf) { unsigned char c, c2; int len = strlen(ibuf) / 2; - assert(!(strlen(ibuf) %1)); // must be even number of bytes + assert( strlen(ibuf) % 2 == 0 ); // must be even number of bytes while (*ibuf != 0) { From 4291445377a7b6fccfaa3b964c72f18d69bb25d9 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Mon, 2 Feb 2015 12:09:25 +0000 Subject: [PATCH 003/100] fix style issues with tests/suites/helpers.function --- tests/suites/helpers.function | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index f5dff8e7..73d6767f 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -73,14 +73,14 @@ static int unhexify(unsigned char *obuf, const char *ibuf) return len; } -static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) +static void hexify( unsigned char *obuf, const unsigned char *ibuf, int len ) { unsigned char l, h; - while (len != 0) + while( len != 0 ) { - h = (*ibuf) / 16; - l = (*ibuf) % 16; + h = *ibuf / 16; + l = *ibuf % 16; if( h < 10 ) *obuf++ = '0' + h; @@ -107,7 +107,7 @@ static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) static unsigned char *zero_alloc( size_t len ) { void *p; - size_t actual_len = len != 0 ? len : 1; + size_t actual_len = ( len != 0 ) ? len : 1; p = polarssl_malloc( actual_len ); assert( p != NULL ); @@ -131,7 +131,7 @@ static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen ) { unsigned char *obuf; - *olen = strlen(ibuf) / 2; + *olen = strlen( ibuf ) / 2; if( *olen == 0 ) return( zero_alloc( *olen ) ); @@ -269,9 +269,11 @@ static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) for( i = 0; i < 32; i++ ) { - info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); + info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) ) + + info->v1 ) ^ ( sum + k[sum & 3] ); sum += delta; - info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); + info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) ) + + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] ); } PUT_UINT32_BE( info->v0, result, 0 ); From b1c846e41feabc3b601ebf35629148080b073520 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Mon, 2 Feb 2015 12:15:44 +0000 Subject: [PATCH 004/100] fix bug in makefile that a test doesn't count as a fail even if an assertion fails by inverting logic --- tests/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index 850ff7bc..6489e52b 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -417,9 +417,9 @@ ifndef WINDOWS do \ echo " - $${i}"; \ RESULT=`$(CHECK_PRELOAD) ./$${i} | grep -v 'PASS$$' | grep -v -- '----' | grep -v '^$$'`; \ - FAILED=`echo $$RESULT |grep FAILED`; \ + PASSED=`echo $$RESULT |grep PASSED`; \ echo " $$RESULT"; \ - if [ "$$FAILED" != "" ]; \ + if [ "$$PASSED" == "" ]; \ then \ echo "**** Failed ***************"; \ RETURN=1; \ From e83ac1d7d1dc8503d150ba836ebadab542fd740f Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 3 Feb 2015 11:29:35 +0000 Subject: [PATCH 005/100] modify include .gitignore to ignore check_config generated when build fails due to incorrect config --- include/.gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/include/.gitignore b/include/.gitignore index feab4e23..53a36d44 100644 --- a/include/.gitignore +++ b/include/.gitignore @@ -1,3 +1,4 @@ Makefile *.sln *.vcxproj +polarssl/check_config From 70dbfaa9ea144902b314c487188e73a41baa8b16 Mon Sep 17 00:00:00 2001 From: Reini Urban Date: Mon, 9 Feb 2015 15:24:08 +0100 Subject: [PATCH 006/100] README typos --- README.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.rst b/README.rst index 8e2a53ff..004f0944 100644 --- a/README.rst +++ b/README.rst @@ -59,7 +59,7 @@ There are many different build modes available within the CMake buildsystem. Mos - ASan. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) - (With recent version of clang, this mode also intruments the code with + (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.) - ASanDbg. Same as ASan but slower, with debug information and better stack traces. @@ -70,7 +70,7 @@ There are many different build modes available within the CMake buildsystem. Mos Same as ASan but slower, with debug information, better stack traces and origin tracking. - Check. - This activates the compiler warnings that depend on optimisation and treats + This activates the compiler warnings that depend on optimization and treats all warnings as errors. Switching build modes in CMake is simple. For debug mode, enter at the command line: @@ -103,7 +103,7 @@ Tests mbed TLS includes an elaborate test suite in *tests/* that initially requires Perl to generate the tests files (e.g. *test_suite_mpi.c*). These files are generates from a **function file** (e.g. *suites/test_suite_mpi.function*) and a **data file** (e.g. *suites/test_suite_mpi.data*). The **function file** contains the template for each test function. The **data file** contains the test cases, specified as parameters that should be pushed into a template function. -For machines with a Unix shell and OpenSSL (and optionnally GnuTLS) installed, additional test scripts are available: +For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available: - *tests/ssl-opt.sh* runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations. - *tests/compat.sh* tests interoperability of every ciphersuite with other implementations. From 00ab47026bde24fca88362dab620c6ff835606ac Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 6 Feb 2015 13:43:58 +0000 Subject: [PATCH 007/100] cleanup library and some basic tests. Includes, add guards to includes --- include/polarssl/aes.h | 2 +- include/polarssl/arc4.h | 2 +- include/polarssl/asn1.h | 4 ++-- include/polarssl/base64.h | 2 +- include/polarssl/bignum.h | 4 ++-- include/polarssl/blowfish.h | 2 +- include/polarssl/camellia.h | 2 +- include/polarssl/cipher.h | 4 ++-- include/polarssl/cipher_wrap.h | 1 + include/polarssl/ctr_drbg.h | 2 -- include/polarssl/debug.h | 2 ++ include/polarssl/des.h | 2 +- include/polarssl/entropy.h | 4 ++-- include/polarssl/entropy_poll.h | 4 ++-- include/polarssl/error.h | 2 +- include/polarssl/havege.h | 2 +- include/polarssl/md.h | 2 +- include/polarssl/md2.h | 2 +- include/polarssl/md4.h | 2 +- include/polarssl/md5.h | 2 +- include/polarssl/md_wrap.h | 1 + include/polarssl/memory_buffer_alloc.h | 2 +- include/polarssl/net.h | 2 +- include/polarssl/oid.h | 5 ++++- include/polarssl/padlock.h | 1 - include/polarssl/pbkdf2.h | 4 ++-- include/polarssl/pem.h | 2 +- include/polarssl/pkcs12.h | 4 ++-- include/polarssl/pkcs5.h | 4 ++-- include/polarssl/platform.h | 7 +++---- include/polarssl/ripemd160.h | 2 +- include/polarssl/sha1.h | 2 +- include/polarssl/sha256.h | 2 +- include/polarssl/sha512.h | 2 +- include/polarssl/x509_crt.h | 1 - include/polarssl/xtea.h | 2 +- library/aes.c | 11 ++++++----- library/aesni.c | 3 ++- library/arc4.c | 11 ++++++----- library/asn1parse.c | 6 +++--- library/asn1write.c | 2 ++ library/base64.c | 9 +++++---- library/bignum.c | 6 ++++-- library/blowfish.c | 2 ++ library/camellia.c | 8 +++++--- library/ccm.c | 19 +++++++++++-------- library/cipher.c | 5 +++-- library/cipher_wrap.c | 3 +-- library/ctr_drbg.c | 9 ++++++--- library/debug.c | 2 +- library/des.c | 10 ++++++---- library/dhm.c | 2 ++ library/ecdh.c | 2 ++ library/ecdsa.c | 2 ++ library/ecp.c | 5 +++-- library/ecp_curves.c | 2 ++ library/entropy.c | 19 +++++++++++-------- library/entropy_poll.c | 1 + library/error.c | 8 +++----- library/gcm.c | 10 ++++++---- library/hmac_drbg.c | 9 ++++++--- library/md.c | 1 + library/md2.c | 7 +++++-- library/md4.c | 9 +++++++-- library/md5.c | 9 +++++++-- library/md_wrap.c | 3 +-- library/memory_buffer_alloc.c | 13 ++++++------- library/net.c | 2 ++ library/oid.c | 5 +++-- library/pem.c | 5 +++-- library/pk.c | 1 - library/pk_wrap.c | 3 ++- library/pkcs11.c | 1 + library/pkcs12.c | 2 ++ library/pkcs5.c | 5 +++-- library/pkparse.c | 2 ++ library/pkwrite.c | 2 ++ library/ripemd160.c | 11 ++++++----- library/rsa.c | 6 +++++- library/sha1.c | 9 +++++++-- library/sha256.c | 9 +++++++-- library/sha512.c | 9 +++++++-- library/ssl_cache.c | 5 +++-- library/ssl_ciphersuites.c | 3 ++- library/ssl_cli.c | 6 +++--- library/ssl_srv.c | 7 ++++--- library/ssl_tls.c | 5 +++-- library/x509.c | 9 +++++---- library/x509_create.c | 2 ++ library/x509_crl.c | 7 ++++--- library/x509_crt.c | 12 +++++++----- library/x509_csr.c | 7 ++++--- library/x509write_crt.c | 2 ++ library/x509write_csr.c | 6 +++--- library/xtea.c | 10 ++++++---- tests/scripts/generate_code.pl | 4 ++-- tests/suites/helpers.function | 3 +++ tests/suites/main_test.function | 12 ------------ tests/suites/test_suite_ctr_drbg.function | 2 ++ tests/suites/test_suite_hmac_drbg.function | 2 ++ 100 files changed, 284 insertions(+), 192 deletions(-) diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h index 1b3f1e80..4ca69b7c 100644 --- a/include/polarssl/aes.h +++ b/include/polarssl/aes.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h index 6c9788c7..96e520d8 100644 --- a/include/polarssl/arc4.h +++ b/include/polarssl/arc4.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if !defined(POLARSSL_ARC4_ALT) // Regular implementation diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h index 0a657e1c..c723c008 100644 --- a/include/polarssl/asn1.h +++ b/include/polarssl/asn1.h @@ -30,12 +30,12 @@ #include POLARSSL_CONFIG_FILE #endif +#include + #if defined(POLARSSL_BIGNUM_C) #include "bignum.h" #endif -#include - /** * \addtogroup asn1_module * \{ diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h index 2da935b9..6610a18b 100644 --- a/include/polarssl/base64.h +++ b/include/polarssl/base64.h @@ -24,7 +24,7 @@ #ifndef POLARSSL_BASE64_H #define POLARSSL_BASE64_H -#include +#include #define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ #define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h index 8ffd5627..9e4e05b0 100644 --- a/include/polarssl/bignum.h +++ b/include/polarssl/bignum.h @@ -24,14 +24,14 @@ #ifndef POLARSSL_BIGNUM_H #define POLARSSL_BIGNUM_H -#include - #if !defined(POLARSSL_CONFIG_FILE) #include "config.h" #else #include POLARSSL_CONFIG_FILE #endif +#include + #if defined(POLARSSL_FS_IO) #include #endif diff --git a/include/polarssl/blowfish.h b/include/polarssl/blowfish.h index a03d6d76..246b053e 100644 --- a/include/polarssl/blowfish.h +++ b/include/polarssl/blowfish.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h index dedfba9c..c17988eb 100644 --- a/include/polarssl/camellia.h +++ b/include/polarssl/camellia.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 999d24b5..e291ef67 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -33,6 +33,8 @@ #include POLARSSL_CONFIG_FILE #endif +#include + #if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) #define POLARSSL_CIPHER_MODE_AEAD #endif @@ -41,8 +43,6 @@ #define POLARSSL_CIPHER_MODE_WITH_PADDING #endif -#include - #if defined(_MSC_VER) && !defined(inline) #define inline _inline #else diff --git a/include/polarssl/cipher_wrap.h b/include/polarssl/cipher_wrap.h index 94ba5785..ffa8c53b 100644 --- a/include/polarssl/cipher_wrap.h +++ b/include/polarssl/cipher_wrap.h @@ -31,6 +31,7 @@ #else #include POLARSSL_CONFIG_FILE #endif + #include "cipher.h" #ifdef __cplusplus diff --git a/include/polarssl/ctr_drbg.h b/include/polarssl/ctr_drbg.h index 1424bd74..c473e76d 100644 --- a/include/polarssl/ctr_drbg.h +++ b/include/polarssl/ctr_drbg.h @@ -24,8 +24,6 @@ #ifndef POLARSSL_CTR_DRBG_H #define POLARSSL_CTR_DRBG_H -#include - #include "aes.h" #define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h index a9d00f5e..a4d2bdb9 100644 --- a/include/polarssl/debug.h +++ b/include/polarssl/debug.h @@ -29,7 +29,9 @@ #else #include POLARSSL_CONFIG_FILE #endif + #include "ssl.h" + #if defined(POLARSSL_ECP_C) #include "ecp.h" #endif diff --git a/include/polarssl/des.h b/include/polarssl/des.h index b18ca030..3155e5ec 100644 --- a/include/polarssl/des.h +++ b/include/polarssl/des.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/entropy.h b/include/polarssl/entropy.h index 92aa5a5b..53a1f0e2 100644 --- a/include/polarssl/entropy.h +++ b/include/polarssl/entropy.h @@ -24,14 +24,14 @@ #ifndef POLARSSL_ENTROPY_H #define POLARSSL_ENTROPY_H -#include - #if !defined(POLARSSL_CONFIG_FILE) #include "config.h" #else #include POLARSSL_CONFIG_FILE #endif +#include + #if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256) #include "sha512.h" #define POLARSSL_ENTROPY_SHA512_ACCUMULATOR diff --git a/include/polarssl/entropy_poll.h b/include/polarssl/entropy_poll.h index 9c349da2..523a7cd4 100644 --- a/include/polarssl/entropy_poll.h +++ b/include/polarssl/entropy_poll.h @@ -24,14 +24,14 @@ #ifndef POLARSSL_ENTROPY_POLL_H #define POLARSSL_ENTROPY_POLL_H -#include - #if !defined(POLARSSL_CONFIG_FILE) #include "config.h" #else #include POLARSSL_CONFIG_FILE #endif +#include + #ifdef __cplusplus extern "C" { #endif diff --git a/include/polarssl/error.h b/include/polarssl/error.h index b642c088..da3ef3de 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -24,7 +24,7 @@ #ifndef POLARSSL_ERROR_H #define POLARSSL_ERROR_H -#include +#include /** * Error code layout. diff --git a/include/polarssl/havege.h b/include/polarssl/havege.h index 1bad2b95..df267554 100644 --- a/include/polarssl/havege.h +++ b/include/polarssl/havege.h @@ -24,7 +24,7 @@ #ifndef POLARSSL_HAVEGE_H #define POLARSSL_HAVEGE_H -#include +#include #define COLLECT_SIZE 1024 diff --git a/include/polarssl/md.h b/include/polarssl/md.h index 33a67a33..3bbff6e7 100644 --- a/include/polarssl/md.h +++ b/include/polarssl/md.h @@ -26,7 +26,7 @@ #ifndef POLARSSL_MD_H #define POLARSSL_MD_H -#include +#include #if defined(_MSC_VER) && !defined(inline) #define inline _inline diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h index 6727ed26..84260374 100644 --- a/include/polarssl/md2.h +++ b/include/polarssl/md2.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */ diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h index 774300d9..9fc7c861 100644 --- a/include/polarssl/md4.h +++ b/include/polarssl/md4.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h index 6566eb3f..50c7774b 100644 --- a/include/polarssl/md5.h +++ b/include/polarssl/md5.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/md_wrap.h b/include/polarssl/md_wrap.h index 7aeb27a8..2cb6e511 100644 --- a/include/polarssl/md_wrap.h +++ b/include/polarssl/md_wrap.h @@ -31,6 +31,7 @@ #else #include POLARSSL_CONFIG_FILE #endif + #include "md.h" #ifdef __cplusplus diff --git a/include/polarssl/memory_buffer_alloc.h b/include/polarssl/memory_buffer_alloc.h index 5f8e3297..ab36b416 100644 --- a/include/polarssl/memory_buffer_alloc.h +++ b/include/polarssl/memory_buffer_alloc.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include /** * \name SECTION: Module settings diff --git a/include/polarssl/net.h b/include/polarssl/net.h index d86732f1..5f0b9ca6 100644 --- a/include/polarssl/net.h +++ b/include/polarssl/net.h @@ -24,7 +24,7 @@ #ifndef POLARSSL_NET_H #define POLARSSL_NET_H -#include +#include #define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */ #define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h index 309d8c51..497eac82 100644 --- a/include/polarssl/oid.h +++ b/include/polarssl/oid.h @@ -24,14 +24,17 @@ #ifndef POLARSSL_OID_H #define POLARSSL_OID_H -#include #if !defined(POLARSSL_CONFIG_FILE) #include "config.h" #else #include POLARSSL_CONFIG_FILE #endif + #include "asn1.h" #include "pk.h" + +#include + #if defined(POLARSSL_CIPHER_C) #include "cipher.h" #endif diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h index af84d634..185eff8f 100644 --- a/include/polarssl/padlock.h +++ b/include/polarssl/padlock.h @@ -42,7 +42,6 @@ typedef INT32 int32_t; #include #endif - #define PADLOCK_RNG 0x000C #define PADLOCK_ACE 0x00C0 #define PADLOCK_PHE 0x0C00 diff --git a/include/polarssl/pbkdf2.h b/include/polarssl/pbkdf2.h index 0548ad03..7c98eaec 100644 --- a/include/polarssl/pbkdf2.h +++ b/include/polarssl/pbkdf2.h @@ -27,10 +27,10 @@ #ifndef POLARSSL_PBKDF2_H #define POLARSSL_PBKDF2_H -#include - #include "md.h" +#include + #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include typedef UINT32 uint32_t; diff --git a/include/polarssl/pem.h b/include/polarssl/pem.h index c0775d05..9ccdbef2 100644 --- a/include/polarssl/pem.h +++ b/include/polarssl/pem.h @@ -24,7 +24,7 @@ #ifndef POLARSSL_PEM_H #define POLARSSL_PEM_H -#include +#include /** * \name PEM Error codes diff --git a/include/polarssl/pkcs12.h b/include/polarssl/pkcs12.h index 4a131025..0920cd16 100644 --- a/include/polarssl/pkcs12.h +++ b/include/polarssl/pkcs12.h @@ -24,12 +24,12 @@ #ifndef POLARSSL_PKCS12_H #define POLARSSL_PKCS12_H -#include - #include "md.h" #include "cipher.h" #include "asn1.h" +#include + #define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ #define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ #define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ diff --git a/include/polarssl/pkcs5.h b/include/polarssl/pkcs5.h index d9b6856b..fda40b52 100644 --- a/include/polarssl/pkcs5.h +++ b/include/polarssl/pkcs5.h @@ -26,11 +26,11 @@ #ifndef POLARSSL_PKCS5_H #define POLARSSL_PKCS5_H -#include - #include "asn1.h" #include "md.h" +#include + #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include typedef UINT32 uint32_t; diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index 4473d505..127b7fe3 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -35,8 +35,6 @@ #define POLARSSL_PLATFORM_MEMORY #endif -#include - #ifdef __cplusplus extern "C" { #endif @@ -50,6 +48,7 @@ extern "C" { */ #if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) +#include #include #if !defined(POLARSSL_PLATFORM_STD_PRINTF) #define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */ @@ -88,10 +87,10 @@ extern void (*polarssl_free)( void *ptr ); */ int platform_set_malloc_free( void * (*malloc_func)( size_t ), void (*free_func)( void * ) ); -#else /* POLARSSL_PLATFORM_ENTROPY */ +#else /* !POLARSSL_PLATFORM_MEMORY */ #define polarssl_malloc malloc #define polarssl_free free -#endif /* POLARSSL_PLATFORM_ENTROPY */ +#endif /* POLARSSL_PLATFORM_MEMORY */ /* * The function pointers for printf diff --git a/include/polarssl/ripemd160.h b/include/polarssl/ripemd160.h index 49c36c04..4762720f 100644 --- a/include/polarssl/ripemd160.h +++ b/include/polarssl/ripemd160.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h index 258a3de2..84975011 100644 --- a/include/polarssl/sha1.h +++ b/include/polarssl/sha1.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/sha256.h b/include/polarssl/sha256.h index 195996db..b7362dd8 100644 --- a/include/polarssl/sha256.h +++ b/include/polarssl/sha256.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/include/polarssl/sha512.h b/include/polarssl/sha512.h index 6afb8367..90b5e3e5 100644 --- a/include/polarssl/sha512.h +++ b/include/polarssl/sha512.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 4fad932b..ab6b1645 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -31,7 +31,6 @@ #endif #include "x509.h" - #include "x509_crl.h" /** diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h index 0c58ab54..f055490e 100644 --- a/include/polarssl/xtea.h +++ b/include/polarssl/xtea.h @@ -30,7 +30,7 @@ #include POLARSSL_CONFIG_FILE #endif -#include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include diff --git a/library/aes.c b/library/aes.c index c579d780..69505ef4 100644 --- a/library/aes.c +++ b/library/aes.c @@ -34,6 +34,8 @@ #if defined(POLARSSL_AES_C) +#include + #include "polarssl/aes.h" #if defined(POLARSSL_PADLOCK_C) #include "polarssl/padlock.h" @@ -42,11 +44,14 @@ #include "polarssl/aesni.h" #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ #if !defined(POLARSSL_AES_ALT) @@ -926,7 +931,6 @@ int aes_crypt_cfb128( aes_context *ctx, /* * AES-CFB8 buffer encryption/decryption */ -#include int aes_crypt_cfb8( aes_context *ctx, int mode, size_t length, @@ -996,9 +1000,6 @@ int aes_crypt_ctr( aes_context *ctx, #endif /* !POLARSSL_AES_ALT */ #if defined(POLARSSL_SELF_TEST) - -#include - /* * AES test vectors from: * diff --git a/library/aesni.c b/library/aesni.c index d4ec9ecb..a235904e 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -34,7 +34,8 @@ #if defined(POLARSSL_AESNI_C) #include "polarssl/aesni.h" -#include + +#include #if defined(POLARSSL_HAVE_X86_64) diff --git a/library/arc4.c b/library/arc4.c index ef0e7f89..90970ef7 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -35,11 +35,16 @@ #include "polarssl/arc4.h" +#include + +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ #if !defined(POLARSSL_ARC4_ALT) @@ -126,10 +131,6 @@ int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, #endif /* !POLARSSL_ARC4_ALT */ #if defined(POLARSSL_SELF_TEST) - -#include -#include - /* * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994: * diff --git a/library/asn1parse.c b/library/asn1parse.c index 7e8fc32f..67821404 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -30,6 +30,8 @@ #include "polarssl/asn1.h" +#include + #if defined(POLARSSL_BIGNUM_C) #include "polarssl/bignum.h" #endif @@ -37,13 +39,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/asn1write.c b/library/asn1write.c index 8d92888b..efdd6489 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -30,6 +30,8 @@ #include "polarssl/asn1write.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else diff --git a/library/base64.c b/library/base64.c index 21cd3a6c..684c537e 100644 --- a/library/base64.c +++ b/library/base64.c @@ -37,11 +37,15 @@ typedef UINT32 uint32_t; #include #endif +#if defined(POLARSSL_SELF_TEST) +#include #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ static const unsigned char base64_enc_map[64] = { @@ -221,9 +225,6 @@ int base64_decode( unsigned char *dst, size_t *dlen, #if defined(POLARSSL_SELF_TEST) -#include -#include - static const unsigned char base64_test_dec[64] = { 0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD, diff --git a/library/bignum.c b/library/bignum.c index 0eb95ee4..91cbf298 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -38,16 +38,18 @@ #include "polarssl/bignum.h" #include "polarssl/bn_mul.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include +#include #define polarssl_printf printf #define polarssl_malloc malloc #define polarssl_free free #endif -#include - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/blowfish.c b/library/blowfish.c index 4bbaaf20..07cd060b 100644 --- a/library/blowfish.c +++ b/library/blowfish.c @@ -36,6 +36,8 @@ #include "polarssl/blowfish.h" +#include + #if !defined(POLARSSL_BLOWFISH_ALT) /* Implementation that should never be optimized out by the compiler */ diff --git a/library/camellia.c b/library/camellia.c index 92f74faa..826d8834 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -36,11 +36,15 @@ #include "polarssl/camellia.h" +#if defined(POLARSSL_SELF_TEST) +#include #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ #if !defined(POLARSSL_CAMELLIA_ALT) @@ -689,8 +693,6 @@ int camellia_crypt_ctr( camellia_context *ctx, #if defined(POLARSSL_SELF_TEST) -#include - /* * Camellia test vectors from: * diff --git a/library/ccm.c b/library/ccm.c index 8590c297..bfa9ed9e 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -39,6 +39,17 @@ #include "polarssl/ccm.h" +#include + +#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#include +#define polarssl_printf printf +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ + /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; @@ -333,14 +344,6 @@ int ccm_auth_decrypt( ccm_context *ctx, size_t length, #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) - -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#include -#define polarssl_printf printf -#endif - /* * Examples 1 to 3 from SP800-38C Appendix C */ diff --git a/library/cipher.c b/library/cipher.c index 2f886d98..b98b4a2b 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -35,6 +35,9 @@ #include "polarssl/cipher.h" #include "polarssl/cipher_wrap.h" +#include +#include + #if defined(POLARSSL_GCM_C) #include "polarssl/gcm.h" #endif @@ -43,8 +46,6 @@ #include "polarssl/ccm.h" #endif -#include - #if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) #define POLARSSL_CIPHER_MODE_STREAM #endif diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index e289aa2e..b623b3c5 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -65,12 +65,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include - #if defined(POLARSSL_GCM_C) /* shared by all GCM ciphers */ static void *gcm_ctx_alloc( void ) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 5e638480..4fc1deb0 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -35,15 +35,20 @@ #include "polarssl/ctr_drbg.h" +#include + #if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { @@ -443,8 +448,6 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ) #if defined(POLARSSL_SELF_TEST) -#include - static unsigned char entropy_source_pr[96] = { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16, 0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02, diff --git a/library/debug.c b/library/debug.c index 24c5e704..f327baab 100644 --- a/library/debug.c +++ b/library/debug.c @@ -31,8 +31,8 @@ #include "polarssl/debug.h" #include -#include #include +#include #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #if !defined snprintf diff --git a/library/des.c b/library/des.c index 6e08cf2c..16a2e74f 100644 --- a/library/des.c +++ b/library/des.c @@ -36,11 +36,16 @@ #include "polarssl/des.h" +#include + +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ #if !defined(POLARSSL_DES_ALT) @@ -802,9 +807,6 @@ int des3_crypt_cbc( des3_context *ctx, #endif /* !POLARSSL_DES_ALT */ #if defined(POLARSSL_SELF_TEST) - -#include - /* * DES and 3DES test vectors from: * diff --git a/library/dhm.c b/library/dhm.c index fb7826aa..5861f946 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -35,6 +35,8 @@ #include "polarssl/dhm.h" +#include + #if defined(POLARSSL_PEM_PARSE_C) #include "polarssl/pem.h" #endif diff --git a/library/ecdh.c b/library/ecdh.c index 21823c65..d2879480 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -37,6 +37,8 @@ #include "polarssl/ecdh.h" +#include + /* * Generate public key: simple wrapper around ecp_gen_keypair */ diff --git a/library/ecdsa.c b/library/ecdsa.c index 5b62939b..60dd427c 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -37,6 +37,8 @@ #include "polarssl/ecdsa.h" #include "polarssl/asn1write.h" +#include + #if defined(POLARSSL_ECDSA_DETERMINISTIC) #include "polarssl/hmac_drbg.h" #endif diff --git a/library/ecp.c b/library/ecp.c index aca3a2d2..1bb8dfe2 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -51,16 +51,17 @@ #include "polarssl/ecp.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #define polarssl_malloc malloc #define polarssl_free free #endif -#include - #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ !defined(EFI32) #define strcasecmp _stricmp diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 0464e7d7..0659111a 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -30,6 +30,8 @@ #include "polarssl/ecp.h" +#include + #if defined(_MSC_VER) && !defined(inline) #define inline _inline #else diff --git a/library/entropy.c b/library/entropy.c index 7604e0f2..846d5ee4 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -31,10 +31,21 @@ #include "polarssl/entropy.h" #include "polarssl/entropy_poll.h" +#include + #if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#include +#define polarssl_printf printf +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ + #if defined(POLARSSL_HAVEGE_C) #include "polarssl/havege.h" #endif @@ -378,14 +389,6 @@ int entropy_update_seed_file( entropy_context *ctx, const char *path ) #endif /* POLARSSL_FS_IO */ #if defined(POLARSSL_SELF_TEST) - -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#include -#define polarssl_printf printf -#endif - /* * Dummy source function */ diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 467268c4..8d98d895 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -32,6 +32,7 @@ #include "polarssl/entropy_poll.h" #if defined(POLARSSL_TIMING_C) +#include #include "polarssl/timing.h" #endif #if defined(POLARSSL_HAVEGE_C) diff --git a/library/error.c b/library/error.c index a4e6fc31..1be54e8b 100644 --- a/library/error.c +++ b/library/error.c @@ -28,10 +28,13 @@ #if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY) #include "polarssl/error.h" +#include #endif #if defined(POLARSSL_ERROR_C) +#include + #if defined(POLARSSL_AES_C) #include "polarssl/aes.h" #endif @@ -172,9 +175,6 @@ #include "polarssl/xtea.h" #endif -#include -#include - #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ !defined(EFI32) #define snprintf _snprintf @@ -746,8 +746,6 @@ void error_strerror( int ret, char *buf, size_t buflen ) #if defined(POLARSSL_ERROR_STRERROR_DUMMY) -#include - /* * Provide an non-function in case POLARSSL_ERROR_C is not defined */ diff --git a/library/gcm.c b/library/gcm.c index 415e53af..39cb189a 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -40,15 +40,20 @@ #include "polarssl/gcm.h" +#include + #if defined(POLARSSL_AESNI_C) #include "polarssl/aesni.h" #endif +#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ /* * 32-bit integer manipulation macros (big endian) @@ -496,9 +501,6 @@ void gcm_free( gcm_context *ctx ) } #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) - -#include - /* * AES-GCM test vectors from: * diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index ed06cce8..55163014 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -36,15 +36,20 @@ #include "polarssl/hmac_drbg.h" +#include + #if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_SELF_TEST */ +#endif /* POLARSSL_PLATFORM_C */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { @@ -376,8 +381,6 @@ int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path ) #if defined(POLARSSL_SELF_TEST) -#include - #if !defined(POLARSSL_SHA1_C) /* Dummy checkup routine */ int hmac_drbg_self_test( int verbose ) diff --git a/library/md.c b/library/md.c index b83e6ecd..9df21b51 100644 --- a/library/md.c +++ b/library/md.c @@ -36,6 +36,7 @@ #include "polarssl/md_wrap.h" #include +#include #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ !defined(EFI32) diff --git a/library/md2.c b/library/md2.c index 9e9a3a21..180a25b2 100644 --- a/library/md2.c +++ b/library/md2.c @@ -36,15 +36,18 @@ #include "polarssl/md2.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/md4.c b/library/md4.c index 47f5c9c9..d14390bb 100644 --- a/library/md4.c +++ b/library/md4.c @@ -36,15 +36,20 @@ #include "polarssl/md4.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/md5.c b/library/md5.c index 50f4ee3a..9c5d73aa 100644 --- a/library/md5.c +++ b/library/md5.c @@ -35,15 +35,20 @@ #include "polarssl/md5.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/md_wrap.c b/library/md_wrap.c index 62110ce7..95543736 100644 --- a/library/md_wrap.c +++ b/library/md_wrap.c @@ -65,12 +65,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 6cde16a9..b7d583b0 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -33,8 +33,13 @@ #include #if defined(POLARSSL_MEMORY_DEBUG) +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else #include -#endif +#define polarssl_fprintf fprintf +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_MEMORY_DEBUG */ #if defined(POLARSSL_MEMORY_BACKTRACE) #include #endif @@ -43,12 +48,6 @@ #include "polarssl/threading.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#define polarssl_fprintf fprintf -#endif - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/net.c b/library/net.c index fefeaabc..a8591ed0 100644 --- a/library/net.c +++ b/library/net.c @@ -30,6 +30,8 @@ #include "polarssl/net.h" +#include + #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) diff --git a/library/oid.c b/library/oid.c index e42f20d9..3cca1fa4 100644 --- a/library/oid.c +++ b/library/oid.c @@ -33,12 +33,13 @@ #include "polarssl/oid.h" #include "polarssl/rsa.h" +#include +#include + #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) #include "polarssl/x509.h" #endif -#include - /* * Macro to automatically add the size of #define'd OIDs */ diff --git a/library/pem.c b/library/pem.c index aeaa4b68..c6d077c6 100644 --- a/library/pem.c +++ b/library/pem.c @@ -34,15 +34,16 @@ #include "polarssl/md5.h" #include "polarssl/cipher.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/pk.c b/library/pk.c index 572e6c8a..6736bde5 100644 --- a/library/pk.c +++ b/library/pk.c @@ -27,7 +27,6 @@ #endif #if defined(POLARSSL_PK_C) - #include "polarssl/pk.h" #include "polarssl/pk_wrap.h" diff --git a/library/pk_wrap.c b/library/pk_wrap.c index b6b8218a..f0f09cbe 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -27,12 +27,13 @@ #endif #if defined(POLARSSL_PK_C) - #include "polarssl/pk_wrap.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "polarssl/rsa.h" +#include + #if defined(POLARSSL_ECP_C) #include "polarssl/ecp.h" #endif diff --git a/library/pkcs11.c b/library/pkcs11.c index a5ad23c7..303b7b1e 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -27,6 +27,7 @@ #include "polarssl/pkcs11.h" #if defined(POLARSSL_PKCS11_C) + #include "polarssl/md.h" #include "polarssl/oid.h" #include "polarssl/x509_crt.h" diff --git a/library/pkcs12.c b/library/pkcs12.c index b992dba2..f445955a 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -38,6 +38,8 @@ #include "polarssl/asn1.h" #include "polarssl/cipher.h" +#include + #if defined(POLARSSL_ARC4_C) #include "polarssl/arc4.h" #endif diff --git a/library/pkcs5.c b/library/pkcs5.c index ca740460..b9b51e53 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -43,9 +43,12 @@ #include "polarssl/cipher.h" #include "polarssl/oid.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif @@ -295,8 +298,6 @@ int pkcs5_self_test( int verbose ) } #else -#include - #define MAX_TESTS 6 size_t plen[MAX_TESTS] = diff --git a/library/pkparse.c b/library/pkparse.c index bc4fc6e2..9a55d6df 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -32,6 +32,8 @@ #include "polarssl/asn1.h" #include "polarssl/oid.h" +#include + #if defined(POLARSSL_RSA_C) #include "polarssl/rsa.h" #endif diff --git a/library/pkwrite.c b/library/pkwrite.c index f761ea04..29e172d6 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -32,6 +32,8 @@ #include "polarssl/asn1write.h" #include "polarssl/oid.h" +#include + #if defined(POLARSSL_RSA_C) #include "polarssl/rsa.h" #endif diff --git a/library/ripemd160.c b/library/ripemd160.c index 768e2659..2c81138d 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -36,19 +36,20 @@ #include "polarssl/ripemd160.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif #if defined(POLARSSL_SELF_TEST) -#include -#endif - #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* * 32-bit integer manipulation macros (little endian) diff --git a/library/rsa.c b/library/rsa.c index f09231e2..5f86173d 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -37,16 +37,20 @@ #include "polarssl/rsa.h" #include "polarssl/oid.h" +#include + #if defined(POLARSSL_PKCS1_V21) #include "polarssl/md.h" #endif +#if defined(POLARSSL_PKCS1_V15) && !defined(__OpenBSD__) #include -#include +#endif #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif diff --git a/library/sha1.c b/library/sha1.c index 455c7808..c477e9a6 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -35,15 +35,20 @@ #include "polarssl/sha1.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/sha256.c b/library/sha256.c index 102402e1..dedc6b84 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -35,15 +35,20 @@ #include "polarssl/sha256.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/sha512.c b/library/sha512.c index b9dac62d..ed044ed8 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -35,15 +35,20 @@ #include "polarssl/sha512.h" -#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include + +#if defined(POLARSSL_FS_IO) #include #endif +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { diff --git a/library/ssl_cache.c b/library/ssl_cache.c index c649129b..30da95a5 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -34,15 +34,16 @@ #include "polarssl/ssl_cache.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include - void ssl_cache_init( ssl_cache_context *cache ) { memset( cache, 0, sizeof( ssl_cache_context ) ); diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 014cfc90..43e5e7b5 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -33,7 +33,8 @@ #include "polarssl/ssl_ciphersuites.h" #include "polarssl/ssl.h" -#include +// #include +#include #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ !defined(EFI32) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 62ff3cfc..c84f8d27 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -31,16 +31,16 @@ #include "polarssl/debug.h" #include "polarssl/ssl.h" +#include + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include - #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #include typedef UINT32 uint32_t; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 8cb140e6..755bba9f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -30,6 +30,9 @@ #include "polarssl/debug.h" #include "polarssl/ssl.h" + +#include + #if defined(POLARSSL_ECP_C) #include "polarssl/ecp.h" #endif @@ -37,13 +40,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include - #if defined(POLARSSL_HAVE_TIME) #include #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4b541870..961f4dcf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -39,6 +39,8 @@ #include "polarssl/debug.h" #include "polarssl/ssl.h" +#include + #if defined(POLARSSL_X509_CRT_PARSE_C) && \ defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) #include "polarssl/oid.h" @@ -47,12 +49,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include - #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ !defined(EFI32) #define strcasecmp _stricmp diff --git a/library/x509.c b/library/x509.c index a3cb6694..c9b196f4 100644 --- a/library/x509.c +++ b/library/x509.c @@ -41,6 +41,9 @@ #include "polarssl/x509.h" #include "polarssl/asn1.h" #include "polarssl/oid.h" + +#include + #if defined(POLARSSL_PEM_PARSE_C) #include "polarssl/pem.h" #endif @@ -48,21 +51,19 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include +#include #define polarssl_printf printf #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif -#include - #if defined(POLARSSL_FS_IO) #if !defined(_WIN32) #include diff --git a/library/x509_create.c b/library/x509_create.c index ab87ac71..0a75c388 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -32,6 +32,8 @@ #include "polarssl/asn1write.h" #include "polarssl/oid.h" +#include + #if defined(_MSC_VER) && !defined strncasecmp && !defined(EFIX64) && \ !defined(EFI32) #define strncasecmp _strnicmp diff --git a/library/x509_crl.c b/library/x509_crl.c index 2c90582a..b957e376 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -40,6 +40,9 @@ #include "polarssl/x509_crl.h" #include "polarssl/oid.h" + +#include + #if defined(POLARSSL_PEM_PARSE_C) #include "polarssl/pem.h" #endif @@ -47,14 +50,12 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - #include #else #include diff --git a/library/x509_crt.c b/library/x509_crt.c index d1d7d739..ea3b4422 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -40,6 +40,10 @@ #include "polarssl/x509_crt.h" #include "polarssl/oid.h" + +#include +#include + #if defined(POLARSSL_PEM_PARSE_C) #include "polarssl/pem.h" #endif @@ -47,6 +51,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif @@ -55,22 +60,19 @@ #include "polarssl/threading.h" #endif -#include -#include #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif -#include - #if defined(POLARSSL_FS_IO) +#include #if !defined(_WIN32) || defined(EFIX64) || defined(EFI32) #include #include #include -#endif +#endif /* !_WIN32 || EFIX64 || EFI32 */ #endif /* Implementation that should never be optimized out by the compiler */ diff --git a/library/x509_csr.c b/library/x509_csr.c index a6fe5817..a4b8ad75 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -40,6 +40,9 @@ #include "polarssl/x509_csr.h" #include "polarssl/oid.h" + +#include + #if defined(POLARSSL_PEM_PARSE_C) #include "polarssl/pem.h" #endif @@ -47,13 +50,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_malloc malloc #define polarssl_free free #endif -#include -#include - #if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32) #include #endif diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 3e850cec..5bf44a06 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -39,6 +39,8 @@ #include "polarssl/asn1write.h" #include "polarssl/sha1.h" +#include + #if defined(POLARSSL_PEM_WRITE_C) #include "polarssl/pem.h" #endif /* POLARSSL_PEM_WRITE_C */ diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 8f297a01..5e2a5e19 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -37,13 +37,13 @@ #include "polarssl/oid.h" #include "polarssl/asn1write.h" +#include +#include + #if defined(POLARSSL_PEM_WRITE_C) #include "polarssl/pem.h" #endif -#include -#include - /* Implementation that should never be optimized out by the compiler */ static void polarssl_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; diff --git a/library/xtea.c b/library/xtea.c index cea9ff82..e543d654 100644 --- a/library/xtea.c +++ b/library/xtea.c @@ -30,11 +30,16 @@ #include "polarssl/xtea.h" +#include + +#if defined(POLARSSL_SELF_TEST) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf -#endif +#endif /* POLARSSL_PLATFORM_C */ +#endif /* POLARSSL_SELF_TEST */ #if !defined(POLARSSL_XTEA_ALT) @@ -190,9 +195,6 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length, #if defined(POLARSSL_SELF_TEST) -#include -#include - /* * XTEA tests vectors (non-official) */ diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index 45913781..ba747381 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -65,12 +65,12 @@ print TEST_FILE << "END"; #include POLARSSL_CONFIG_FILE #endif +$test_helpers + $suite_pre_code $suite_header $suite_post_code -$test_helpers - END $test_main =~ s/SUITE_PRE_DEP/$suite_pre_code/; diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 73d6767f..4e1bac1e 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -1,6 +1,9 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include +#define polarssl_printf printf +#define polarssl_fprintf fprintf #define polarssl_malloc malloc #define polarssl_free free #endif diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 4a5e1041..9d9ebe5f 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -1,15 +1,3 @@ -#include -#include - -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#define polarssl_printf printf -#define polarssl_fprintf fprintf -#define polarssl_malloc malloc -#define polarssl_free free -#endif - #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) #include "polarssl/memory_buffer_alloc.h" #endif diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index a36bab24..c9cb22ea 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -1,6 +1,8 @@ /* BEGIN_HEADER */ #include +#include + int test_offset_idx; int entropy_func( void *data, unsigned char *buf, size_t len ) { diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index bd451126..d58c426c 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -1,6 +1,8 @@ /* BEGIN_HEADER */ #include +#include + typedef struct { unsigned char *p; From ce2f2376975bc691a9a62d5f0505b1585fcbf8e6 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 6 Feb 2015 13:57:42 +0000 Subject: [PATCH 008/100] change test function includes to use one convention --- library/pem.c | 1 + tests/suites/test_suite_aes.function | 2 +- tests/suites/test_suite_arc4.function | 2 +- tests/suites/test_suite_asn1write.function | 2 +- tests/suites/test_suite_base64.function | 2 +- tests/suites/test_suite_camellia.function | 2 +- tests/suites/test_suite_ccm.function | 2 +- tests/suites/test_suite_cipher.function | 4 ++-- tests/suites/test_suite_ctr_drbg.function | 4 +--- tests/suites/test_suite_debug.function | 2 +- tests/suites/test_suite_des.function | 2 +- tests/suites/test_suite_dhm.function | 2 +- tests/suites/test_suite_ecdh.function | 2 +- tests/suites/test_suite_ecdsa.function | 2 +- tests/suites/test_suite_ecp.function | 2 +- tests/suites/test_suite_entropy.function | 2 +- tests/suites/test_suite_error.function | 2 +- tests/suites/test_suite_gcm.function | 2 +- tests/suites/test_suite_hmac_drbg.function | 4 +--- tests/suites/test_suite_hmac_shax.function | 6 +++--- tests/suites/test_suite_md.function | 2 +- tests/suites/test_suite_mdx.function | 8 ++++---- .../test_suite_memory_buffer_alloc.function | 2 +- tests/suites/test_suite_mpi.function | 2 +- tests/suites/test_suite_pbkdf2.function | 2 +- tests/suites/test_suite_pem.function | 4 ++-- tests/suites/test_suite_pk.function | 6 +++--- tests/suites/test_suite_pkcs1_v21.function | 4 ++-- tests/suites/test_suite_pkcs5.function | 2 +- tests/suites/test_suite_pkparse.function | 6 +++--- tests/suites/test_suite_pkwrite.function | 6 +++--- tests/suites/test_suite_rsa.function | 18 +++++++++--------- tests/suites/test_suite_shax.function | 6 +++--- tests/suites/test_suite_version.function | 2 +- tests/suites/test_suite_x509parse.function | 12 ++++++------ tests/suites/test_suite_x509write.function | 8 ++++---- tests/suites/test_suite_xtea.function | 2 +- 37 files changed, 69 insertions(+), 72 deletions(-) diff --git a/library/pem.c b/library/pem.c index c6d077c6..b5e8eeed 100644 --- a/library/pem.c +++ b/library/pem.c @@ -27,6 +27,7 @@ #endif #if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C) + #include "polarssl/pem.h" #include "polarssl/base64.h" #include "polarssl/des.h" diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 3bd7d4a2..7027247a 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/aes.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function index b6d3d4ca..dc7b24b5 100644 --- a/tests/suites/test_suite_arc4.function +++ b/tests/suites/test_suite_arc4.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/arc4.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 72e9b4bf..49b073aa 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/asn1write.h" #define GUARD_LEN 4 #define GUARD_VAL 0x2a diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index 01d8aa6f..a8348d2e 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/base64.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 6d88f8cc..e73aa867 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/camellia.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index d513a150..f597c691 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/ccm.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 2bc1ef9d..448bfccc 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1,8 +1,8 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/cipher.h" #if defined(POLARSSL_GCM_C) -#include +#include "polarssl/gcm.h" #endif /* END_HEADER */ diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c9cb22ea..644eb467 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -1,7 +1,5 @@ /* BEGIN_HEADER */ -#include - -#include +#include "polarssl/ctr_drbg.h" int test_offset_idx; int entropy_func( void *data, unsigned char *buf, size_t len ) diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index b31b72a5..7db04e5d 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/debug.h" struct buffer_data { diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function index 4b5d53d0..dfa168f2 100644 --- a/tests/suites/test_suite_des.function +++ b/tests/suites/test_suite_des.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/des.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function index ba9477f9..d7cabf46 100644 --- a/tests/suites/test_suite_dhm.function +++ b/tests/suites/test_suite_dhm.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/dhm.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function index c84d2b1f..27be9691 100644 --- a/tests/suites/test_suite_ecdh.function +++ b/tests/suites/test_suite_ecdh.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/ecdh.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 144326bc..ee379dcf 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/ecdsa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 1c22a846..696c5977 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/ecp.h" #define POLARSSL_ECP_PF_UNKNOWN -1 /* END_HEADER */ diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 6d137ad8..c46246c4 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/entropy.h" /* * Number of calls made to entropy_dummy_source() diff --git a/tests/suites/test_suite_error.function b/tests/suites/test_suite_error.function index 4532530e..87287b7a 100644 --- a/tests/suites/test_suite_error.function +++ b/tests/suites/test_suite_error.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/error.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index c30b755b..2ac76280 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/gcm.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index d58c426c..56267e07 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -1,7 +1,5 @@ /* BEGIN_HEADER */ -#include - -#include +#include "polarssl/hmac_drbg.h" typedef struct { diff --git a/tests/suites/test_suite_hmac_shax.function b/tests/suites/test_suite_hmac_shax.function index 54ad02f4..b31d7726 100644 --- a/tests/suites/test_suite_hmac_shax.function +++ b/tests/suites/test_suite_hmac_shax.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ -#include -#include -#include +#include "polarssl/sha1.h" +#include "polarssl/sha256.h" +#include "polarssl/sha512.h" /* END_HEADER */ /* BEGIN_CASE depends_on:POLARSSL_SHA1_C */ diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index ea927260..40eb7177 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function index ecc1b921..6e4c6d83 100644 --- a/tests/suites/test_suite_mdx.function +++ b/tests/suites/test_suite_mdx.function @@ -1,8 +1,8 @@ /* BEGIN_HEADER */ -#include -#include -#include -#include +#include "polarssl/md2.h" +#include "polarssl/md4.h" +#include "polarssl/md5.h" +#include "polarssl/ripemd160.h" /* END_HEADER */ /* BEGIN_CASE depends_on:POLARSSL_MD2_C */ diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function index 88c36abc..e9cd0217 100644 --- a/tests/suites/test_suite_memory_buffer_alloc.function +++ b/tests/suites/test_suite_memory_buffer_alloc.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/memory_buffer_alloc.h" #define TEST_SUITE_MEMORY_BUFFER_ALLOC /* END_HEADER */ diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 2835acb1..795d2a02 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/bignum.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pbkdf2.function b/tests/suites/test_suite_pbkdf2.function index cbac80ed..f99cb6d1 100644 --- a/tests/suites/test_suite_pbkdf2.function +++ b/tests/suites/test_suite_pbkdf2.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/pbkdf2.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index e8b05eb3..f8aab47c 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ -#include -#include +#include "polarssl/base64.h" +#include "polarssl/pem.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index fb86c99f..cc378c49 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1,9 +1,9 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/pk.h" /* For error codes */ -#include -#include +#include "polarssl/ecp.h" +#include "polarssl/rsa.h" static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 24b200e6..6fbe2e1d 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ -#include -#include +#include "polarssl/rsa.h" +#include "polarssl/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 1f61db68..f7165f6e 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/pkcs5.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index c0743268..9479cd99 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ -#include -#include -#include +#include "polarssl/pk.h" +#include "polarssl/pem.h" +#include "polarssl/oid.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index b6cb943f..8b5fafbc 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ -#include -#include -#include +#include "polarssl/pk.h" +#include "polarssl/pem.h" +#include "polarssl/oid.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index bafacac9..45d57233 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1,13 +1,13 @@ /* BEGIN_HEADER */ -#include -#include -#include -#include -#include -#include -#include -#include -#include +#include "polarssl/rsa.h" +#include "polarssl/md2.h" +#include "polarssl/md4.h" +#include "polarssl/md5.h" +#include "polarssl/sha1.h" +#include "polarssl/sha256.h" +#include "polarssl/sha512.h" +#include "polarssl/entropy.h" +#include "polarssl/ctr_drbg.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index 73190dcb..51c33011 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ -#include -#include -#include +#include "polarssl/sha1.h" +#include "polarssl/sha256.h" +#include "polarssl/sha512.h" /* END_HEADER */ /* BEGIN_CASE depends_on:POLARSSL_SHA1_C */ diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function index 72c3ab1c..f50a6c29 100644 --- a/tests/suites/test_suite_version.function +++ b/tests/suites/test_suite_version.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/version.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 4329dccf..50de457b 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -1,10 +1,10 @@ /* BEGIN_HEADER */ -#include -#include -#include -#include -#include -#include +#include "polarssl/x509_crt.h" +#include "polarssl/x509_crl.h" +#include "polarssl/x509_csr.h" +#include "polarssl/pem.h" +#include "polarssl/oid.h" +#include "polarssl/base64.h" int verify_none( void *data, x509_crt *crt, int certificate_depth, int *flags ) { diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 701ed004..63f35a6d 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -1,8 +1,8 @@ /* BEGIN_HEADER */ -#include -#include -#include -#include +#include "polarssl/x509_crt.h" +#include "polarssl/x509_csr.h" +#include "polarssl/pem.h" +#include "polarssl/oid.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function index 74ca6787..d22c7fdc 100644 --- a/tests/suites/test_suite_xtea.function +++ b/tests/suites/test_suite_xtea.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include +#include "polarssl/xtea.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES From 6f60cd848b6ed1d25bedf7804d6fee819edbde0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 10:47:03 +0000 Subject: [PATCH 009/100] Move from SHA-1 to SHA-256 as default in programs --- ChangeLog | 2 ++ programs/pkey/dh_client.c | 10 +++++----- programs/pkey/dh_server.c | 8 ++++---- programs/pkey/pk_sign.c | 12 ++++++------ programs/pkey/pk_verify.c | 14 +++++++------- programs/pkey/rsa_sign.c | 14 +++++++------- programs/pkey/rsa_sign_pss.c | 16 ++++++++-------- programs/pkey/rsa_verify.c | 16 ++++++++-------- programs/pkey/rsa_verify_pss.c | 18 +++++++++--------- programs/x509/cert_req.c | 2 +- programs/x509/cert_write.c | 2 +- 11 files changed, 58 insertions(+), 56 deletions(-) diff --git a/ChangeLog b/ChangeLog index 87098c9e..1b98cb25 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,8 @@ Features Bugfix Changes + * Move from SHA-1 to SHA-256 in example programs using signatures + (suggested by Thorsten Mühlfelder). = mbed TLS 1.3.10 released 2015-02-09 Security diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 6fb569b8..f9a40b55 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -48,7 +48,7 @@ #if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \ + !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) int main( int argc, char *argv[] ) { @@ -57,7 +57,7 @@ int main( int argc, char *argv[] ) polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or " + "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); return( 0 ); } @@ -193,7 +193,7 @@ int main( int argc, char *argv[] ) /* * 5. Check that the server's RSA signature matches - * the SHA-1 hash of (P,G,Ys) + * the SHA-256 hash of (P,G,Ys) */ polarssl_printf( "\n . Verifying the server's RSA signature" ); fflush( stdout ); @@ -210,7 +210,7 @@ int main( int argc, char *argv[] ) sha1( buf, (int)( p - 2 - buf ), hash ); if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, - POLARSSL_MD_SHA1, 0, hash, p ) ) != 0 ) + POLARSSL_MD_SHA256, 0, hash, p ) ) != 0 ) { polarssl_printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret ); goto exit; @@ -297,5 +297,5 @@ exit: return( ret ); } #endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C && - POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && + POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index b7e6482f..f37a2b8f 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -48,7 +48,7 @@ #if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \ + !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) int main( int argc, char *argv[] ) { @@ -57,7 +57,7 @@ int main( int argc, char *argv[] ) polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or " + "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DBRG_C not defined.\n"); return( 0 ); } @@ -201,7 +201,7 @@ int main( int argc, char *argv[] ) buf[n ] = (unsigned char)( rsa.len >> 8 ); buf[n + 1] = (unsigned char)( rsa.len ); - if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1, + if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256, 0, hash, buf + n + 2 ) ) != 0 ) { polarssl_printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret ); @@ -298,5 +298,5 @@ exit: return( ret ); } #endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C && - POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && + POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */ diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 981591d2..0d029359 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -47,7 +47,7 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SHA1_C) || \ + !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) int main( int argc, char *argv[] ) @@ -56,7 +56,7 @@ int main( int argc, char *argv[] ) ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_SHA1_C and/or " + "POLARSSL_SHA256_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); return( 0 ); @@ -111,10 +111,10 @@ int main( int argc, char *argv[] ) } /* - * Compute the SHA-1 hash of the input file, + * Compute the SHA-256 hash of the input file, * then calculate the signature of the hash. */ - polarssl_printf( "\n . Generating the SHA-1 signature" ); + polarssl_printf( "\n . Generating the SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[2], hash ) ) != 0 ) @@ -123,7 +123,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen, + if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! pk_sign returned -0x%04x\n", -ret ); @@ -170,5 +170,5 @@ exit: return( ret ); } #endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && - POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO && + POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */ diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 0ce45f6e..55f977cc 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -45,7 +45,7 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || \ - !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \ + !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { @@ -53,7 +53,7 @@ int main( int argc, char *argv[] ) ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or " + "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO not defined.\n"); return( 0 ); } @@ -108,10 +108,10 @@ int main( int argc, char *argv[] ) fclose( f ); /* - * Compute the SHA-1 hash of the input file and compare + * Compute the SHA-256 hash of the input file and compare * it with the hash decrypted from the signature. */ - polarssl_printf( "\n . Verifying the SHA-1 signature" ); + polarssl_printf( "\n . Verifying the SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[2], hash ) ) != 0 ) @@ -120,14 +120,14 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0, + if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0, buf, i ) ) != 0 ) { polarssl_printf( " failed\n ! pk_verify returned -0x%04x\n", -ret ); goto exit; } - polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" ); + polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" ); ret = 0; @@ -146,5 +146,5 @@ exit: return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA1_C && +#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */ diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index e4f49701..f65c2a74 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -1,5 +1,5 @@ /* - * RSA/SHA-1 signature creation program + * RSA/SHA-256 signature creation program * * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved * @@ -40,14 +40,14 @@ #include "polarssl/sha1.h" #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO) + !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n"); + "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else @@ -112,10 +112,10 @@ int main( int argc, char *argv[] ) } /* - * Compute the SHA-1 hash of the input file, + * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - polarssl_printf( "\n . Generating the RSA/SHA-1 signature" ); + polarssl_printf( "\n . Generating the RSA/SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[1], hash ) ) != 0 ) @@ -124,7 +124,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1, + if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA256, 20, hash, buf ) ) != 0 ) { polarssl_printf( " failed\n ! rsa_pkcs1_sign returned -0x%0x\n\n", -ret ); @@ -160,5 +160,5 @@ exit: return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && +#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index e022db2e..de90b7ec 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -1,5 +1,5 @@ /* - * RSASSA-PSS/SHA-1 signature creation program + * RSASSA-PSS/SHA-256 signature creation program * * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved * @@ -47,7 +47,7 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \ + !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) int main( int argc, char *argv[] ) @@ -56,7 +56,7 @@ int main( int argc, char *argv[] ) ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or " + "POLARSSL_RSA_C and/or POLARSSL_SHA256_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); return( 0 ); @@ -118,13 +118,13 @@ int main( int argc, char *argv[] ) goto exit; } - rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 ); + rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 ); /* - * Compute the SHA-1 hash of the input file, + * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - polarssl_printf( "\n . Generating the RSA/SHA-1 signature" ); + polarssl_printf( "\n . Generating the RSA/SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[2], hash ) ) != 0 ) @@ -133,7 +133,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen, + if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA256, hash, 0, buf, &olen, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! pk_sign returned %d\n\n", ret ); @@ -175,5 +175,5 @@ exit: return( ret ); } #endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C && - POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO && + POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 6ff16e4e..4b433807 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -1,5 +1,5 @@ /* - * RSA/SHA-1 signature verification program + * RSA/SHA-256 signature verification program * * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved * @@ -39,14 +39,14 @@ #include "polarssl/sha1.h" #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO) + !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n"); + "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else @@ -122,10 +122,10 @@ int main( int argc, char *argv[] ) } /* - * Compute the SHA-1 hash of the input file and compare + * Compute the SHA-256 hash of the input file and compare * it with the hash decrypted from the RSA signature. */ - polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" ); + polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[1], hash ) ) != 0 ) @@ -135,13 +135,13 @@ int main( int argc, char *argv[] ) } if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, - POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 ) + POLARSSL_MD_SHA256, 20, hash, buf ) ) != 0 ) { polarssl_printf( " failed\n ! rsa_pkcs1_verify returned -0x%0x\n\n", -ret ); goto exit; } - polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" ); + polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" ); ret = 0; @@ -154,5 +154,5 @@ exit: return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && +#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 3ffdfbe3..dd625b48 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -1,5 +1,5 @@ /* - * RSASSA-PSS/SHA-1 signature verification program + * RSASSA-PSS/SHA-256 signature verification program * * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved * @@ -46,7 +46,7 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \ + !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { @@ -54,7 +54,7 @@ int main( int argc, char *argv[] ) ((void) argv); polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or " + "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO not defined.\n"); return( 0 ); } @@ -99,7 +99,7 @@ int main( int argc, char *argv[] ) goto exit; } - rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA1 ); + rsa_set_padding( pk_rsa( pk ), RSA_PKCS_V21, POLARSSL_MD_SHA256 ); /* * Extract the RSA signature from the text file @@ -119,10 +119,10 @@ int main( int argc, char *argv[] ) fclose( f ); /* - * Compute the SHA-1 hash of the input file and compare + * Compute the SHA-256 hash of the input file and compare * it with the hash decrypted from the RSA signature. */ - polarssl_printf( "\n . Verifying the RSA/SHA-1 signature" ); + polarssl_printf( "\n . Verifying the RSA/SHA-256 signature" ); fflush( stdout ); if( ( ret = sha1_file( argv[2], hash ) ) != 0 ) @@ -131,14 +131,14 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0, + if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0, buf, i ) ) != 0 ) { polarssl_printf( " failed\n ! pk_verify returned %d\n\n", ret ); goto exit; } - polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" ); + polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" ); ret = 0; @@ -152,5 +152,5 @@ exit: return( ret ); } -#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && +#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA256_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */ diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 3b67f650..f9360974 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -149,7 +149,7 @@ int main( int argc, char *argv[] ) * Set to sane values */ x509write_csr_init( &req ); - x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA1 ); + x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA256 ); pk_init( &key ); memset( buf, 0, sizeof( buf ) ); diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index eed12cfd..7d688587 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -209,7 +209,7 @@ int main( int argc, char *argv[] ) * Set to sane values */ x509write_crt_init( &crt ); - x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 ); + x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA256 ); pk_init( &loaded_issuer_key ); pk_init( &loaded_subject_key ); mpi_init( &serial ); From 677af93baa57db131cc9b1c2f9e268e154c2ed5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 11:41:57 +0000 Subject: [PATCH 010/100] Update Changelog for the cleanup branch --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 1b98cb25..0b491b85 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,10 @@ Bugfix Changes * Move from SHA-1 to SHA-256 in example programs using signatures (suggested by Thorsten Mühlfelder). + * Remove some unneeded inclusions of header files from the standard library + "minimize" others (eg use stddef.h if only size_t is needed). + * Change #include lines in test files to use double quotes instead of angle + brackets for uniformity with the rest of the code. = mbed TLS 1.3.10 released 2015-02-09 Security From 1cc0a3405c771e2be332381901c2e6f4e0846e43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 12:18:15 +0000 Subject: [PATCH 011/100] Fix missing includes in program --- programs/pkey/dh_genprime.c | 1 + programs/pkey/rsa_genkey.c | 1 + 2 files changed, 2 insertions(+) diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 720232fe..a06a7925 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -33,6 +33,7 @@ #endif #include +#include #include "polarssl/bignum.h" #include "polarssl/entropy.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index ff315987..56d32737 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -33,6 +33,7 @@ #endif #include +#include #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" From 0c851ee1c8d940a1a0314a7a0035f025e4cd8566 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 12:47:52 +0000 Subject: [PATCH 012/100] Fix missing include in non-default things --- library/cipher_wrap.c | 4 ++++ library/md2.c | 2 ++ 2 files changed, 6 insertions(+) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index b623b3c5..7b597d61 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -62,6 +62,10 @@ #include "polarssl/ccm.h" #endif +#if defined(POLARSSL_CIPHER_NULL_CIPHER) +#include +#endif + #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else diff --git a/library/md2.c b/library/md2.c index 180a25b2..43c129fb 100644 --- a/library/md2.c +++ b/library/md2.c @@ -36,6 +36,8 @@ #include "polarssl/md2.h" +#include + #if defined(POLARSSL_FS_IO) #include #endif From 45ec8da7e51d22f0fd37ead0cb92deda9bd0a0d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 13:50:47 +0000 Subject: [PATCH 013/100] Fix missing include in i386-specific file --- library/padlock.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/padlock.c b/library/padlock.c index 3a59a22d..bad25da1 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -36,6 +36,8 @@ #include "polarssl/padlock.h" +#include + #if defined(POLARSSL_HAVE_X86) /* From edb2dc93c6e69a7d3d9ceeccb63af28dd330e1af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 14:36:31 +0000 Subject: [PATCH 014/100] Add some cross-compile runs to all.sh --- tests/scripts/all.sh | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fb0fe268..6c923286 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -128,10 +128,33 @@ tests/scripts/curves.pl msg "build: Unix make, -O2 (gcc)" # ~ 30s cleanup -CC=gcc make +CC=gcc CFLAGS=-Werror make -# MemSan currently only available on Linux -if [ `uname` = 'Linux' ]; then +if uname -a | grep -F x86_64 >/dev/null; then +msg "build: i386, make, gcc" # ~ 30s +cleanup +CC=gcc CFLAGS='-Werror -m32' make +fi # x86_64 + +if which arm-none-eabi-gcc >/dev/null; then +msg "build: arm-none-eabi-gcc, make" # ~ 10s +cleanup +cp "$CONFIG_H" "$CONFIG_BAK" +scripts/config.pl full +scripts/config.pl unset POLARSSL_NET_C +scripts/config.pl unset POLARSSL_TIMING_C +scripts/config.pl unset POLARSSL_FS_IO +# following things are not in the default config +scripts/config.pl unset POLARSSL_HAVEGE_C # depends on timing.c +scripts/config.pl unset POLARSSL_THREADING_PTHREAD +scripts/config.pl unset POLARSSL_THREADING_C +scripts/config.pl unset POLARSSL_MEMORY_BACKTRACE # execinfo.h +scripts/config.pl unset POLARSSL_MEMORY_BUFFER_ALLOC_C # calls exit +CC=arm-none-eabi-gcc CFLAGS=-Werror make lib +fi # arm-gcc + +# MemSan currently only available on Linux 64 bits +if uname -a | grep 'Linux.*x86_64' >/dev/null; then msg "build: MSan (clang)" # ~ 1 min 20s cleanup From 63adb490625f3fd964760c8d5ac3c7e249e436c2 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 10 Feb 2015 12:44:07 +0000 Subject: [PATCH 015/100] Fix compile warning in tests/ where result_len at tests/suites/test_suite_ccm.function:165 is potentially uninitialized using gcc-4.8.2. --- tests/suites/test_suite_ccm.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index f597c691..d8ca4f5d 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -146,6 +146,7 @@ void ccm_auth_decrypt( int cipher_id, if( strcmp( "FAIL", result_hex ) == 0 ) { ret = POLARSSL_ERR_CCM_AUTH_FAILED; + result_len = -1; } else { From 7f84905552766d115a1a9a044c8c270df61fe6ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 17:12:44 +0100 Subject: [PATCH 016/100] Fix two warnings from armcc v5 assignment in condition --- library/camellia.c | 2 +- library/pkparse.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/camellia.c b/library/camellia.c index 826d8834..72d902b8 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -456,7 +456,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, camellia_init( &cty ); /* Also checks keysize */ - if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) ) + if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) != 0 ) goto exit; ctx->nr = cty.nr; diff --git a/library/pkparse.c b/library/pkparse.c index 9a55d6df..4ca359a4 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -345,7 +345,7 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) /* * order INTEGER */ - if( ( ret = asn1_get_mpi( &p, end, &grp->N ) ) ) + if( ( ret = asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); grp->nbits = mpi_msb( &grp->N ); From a273371fc48bdd5a71ef6e8b2da4326b7c12e104 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 17:32:14 +0100 Subject: [PATCH 017/100] Fix "int vs enum" warnings from armcc v5 enumerated type mixed with another type --- library/cipher_wrap.c | 2 +- library/ecdsa.c | 2 +- library/oid.c | 12 ++++++------ library/pkcs12.c | 2 +- library/pkcs5.c | 2 +- library/rsa.c | 6 +++--- library/ssl_ciphersuites.c | 4 +++- 7 files changed, 16 insertions(+), 14 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7b597d61..736c2927 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1442,7 +1442,7 @@ const cipher_definition_t cipher_definitions[] = { POLARSSL_CIPHER_NULL, &null_cipher_info }, #endif /* POLARSSL_CIPHER_NULL_CIPHER */ - { 0, NULL } + { POLARSSL_CIPHER_NONE, NULL } }; #define NUM_CIPHERS sizeof cipher_definitions / sizeof cipher_definitions[0] diff --git a/library/ecdsa.c b/library/ecdsa.c index 60dd427c..05857489 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -59,7 +59,7 @@ static const md_info_t *md_info_by_size( size_t min_size ) for( md_alg = md_list(); *md_alg != 0; md_alg++ ) { - if( ( md_cur = md_info_from_type( *md_alg ) ) == NULL || + if( ( md_cur = md_info_from_type( (md_type_t) *md_alg ) ) == NULL || (size_t) md_cur->size < min_size || ( md_picked != NULL && md_cur->size > md_picked->size ) ) continue; diff --git a/library/oid.c b/library/oid.c index 3cca1fa4..75b0ee0e 100644 --- a/library/oid.c +++ b/library/oid.c @@ -367,7 +367,7 @@ static const oid_sig_alg_t oid_sig_alg[] = }, { { NULL, 0, NULL, NULL }, - 0, 0, + POLARSSL_MD_NONE, POLARSSL_PK_NONE, }, }; @@ -401,7 +401,7 @@ static const oid_pk_alg_t oid_pk_alg[] = }, { { NULL, 0, NULL, NULL }, - 0, + POLARSSL_PK_NONE, }, }; @@ -466,7 +466,7 @@ static const oid_ecp_grp_t oid_ecp_grp[] = }, { { NULL, 0, NULL, NULL }, - 0, + POLARSSL_ECP_DP_NONE, }, }; @@ -496,7 +496,7 @@ static const oid_cipher_alg_t oid_cipher_alg[] = }, { { NULL, 0, NULL, NULL }, - 0, + POLARSSL_CIPHER_NONE, }, }; @@ -549,7 +549,7 @@ static const oid_md_alg_t oid_md_alg[] = }, { { NULL, 0, NULL, NULL }, - 0, + POLARSSL_MD_NONE, }, }; @@ -580,7 +580,7 @@ static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = }, { { NULL, 0, NULL, NULL }, - 0, 0, + POLARSSL_MD_NONE, POLARSSL_CIPHER_NONE, }, }; diff --git a/library/pkcs12.c b/library/pkcs12.c index f445955a..3b190516 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -198,7 +198,7 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode, if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) goto exit; - if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, mode ) ) != 0 ) + if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 ) goto exit; if( ( ret = cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 ) diff --git a/library/pkcs5.c b/library/pkcs5.c index b9b51e53..182d632d 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -201,7 +201,7 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode, if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) goto exit; - if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, mode ) ) != 0 ) + if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 ) goto exit; if( ( ret = cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, diff --git a/library/rsa.c b/library/rsa.c index 5f86173d..23382643 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -526,7 +526,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, if( f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); - md_info = md_info_from_type( ctx->hash_id ); + md_info = md_info_from_type( (md_type_t) ctx->hash_id ); if( md_info == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); @@ -705,7 +705,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, if( ilen < 16 || ilen > sizeof( buf ) ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); - md_info = md_info_from_type( ctx->hash_id ); + md_info = md_info_from_type( (md_type_t) ctx->hash_id ); if( md_info == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); @@ -943,7 +943,7 @@ int rsa_rsassa_pss_sign( rsa_context *ctx, hashlen = md_get_size( md_info ); } - md_info = md_info_from_type( ctx->hash_id ); + md_info = md_info_from_type( (md_type_t) ctx->hash_id ); if( md_info == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 43e5e7b5..dffcd224 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1674,7 +1674,9 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_DES_C */ #endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */ - { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 } + { 0, "", + POLARSSL_CIPHER_NONE, POLARSSL_MD_NONE, POLARSSL_KEY_EXCHANGE_NONE, + 0, 0, 0, 0, 0 } }; #if defined(SSL_CIPHERSUITES) From c5c593957736bc631c5150e5190f9b6f1bc43fbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Feb 2015 17:38:54 +0100 Subject: [PATCH 018/100] Add armcc to all.sh if available --- tests/scripts/all.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6c923286..7430b388 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -153,6 +153,26 @@ scripts/config.pl unset POLARSSL_MEMORY_BUFFER_ALLOC_C # calls exit CC=arm-none-eabi-gcc CFLAGS=-Werror make lib fi # arm-gcc +if which armcc >/dev/null; then +msg "build: armcc, make" +cleanup +cp "$CONFIG_H" "$CONFIG_BAK" +scripts/config.pl full +scripts/config.pl unset POLARSSL_NET_C +scripts/config.pl unset POLARSSL_TIMING_C +scripts/config.pl unset POLARSSL_FS_IO +scripts/config.pl unset POLARSSL_HAVE_TIME +# following things are not in the default config +scripts/config.pl unset POLARSSL_HAVEGE_C # depends on timing.c +scripts/config.pl unset POLARSSL_THREADING_PTHREAD +scripts/config.pl unset POLARSSL_THREADING_C +scripts/config.pl unset POLARSSL_MEMORY_BACKTRACE # execinfo.h +scripts/config.pl unset POLARSSL_MEMORY_BUFFER_ALLOC_C # calls exit +CC=arm-none-eabi-gcc CFLAGS=-Werror make lib 2> armcc.stderr +grep -v '^ar: creating' armcc.stderr || exit 1 +rm armcc.stderr +fi # armcc + # MemSan currently only available on Linux 64 bits if uname -a | grep 'Linux.*x86_64' >/dev/null; then From 38433535e3b99ad301e8ec2541baaf7a384d65ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 11:35:58 +0000 Subject: [PATCH 019/100] Fix hardclock() with mingw64 --- ChangeLog | 2 ++ library/timing.c | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 0b491b85..c5456679 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,8 @@ Security Features Bugfix + * Fix hardclock() (only used in the benchmarking program) with some + versions of mingw64 (found by kxjhlele). Changes * Move from SHA-1 to SHA-256 in example programs using signatures diff --git a/library/timing.c b/library/timing.c index fe1daa24..a6122085 100644 --- a/library/timing.c +++ b/library/timing.c @@ -77,8 +77,10 @@ unsigned long hardclock( void ) #endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ +/* some versions of mingw-64 have 32-bit longs even on x84_64 */ #if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ - defined(__GNUC__) && defined(__i386__) + defined(__GNUC__) && ( defined(__i386__) || ( \ + ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) #define POLARSSL_HAVE_HARDCLOCK From dda5213982f7e245b6444f4340f692d5cacdec97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 11:36:31 +0000 Subject: [PATCH 020/100] Fix harmless warnings with mingw in timing.c --- ChangeLog | 1 + include/polarssl/timing.h | 4 ++++ library/timing.c | 12 ++++++++---- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index c5456679..27917581 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,7 @@ Features Bugfix * Fix hardclock() (only used in the benchmarking program) with some versions of mingw64 (found by kxjhlele). + * Fix warnings from mingw64 in timing.c (found by kxjklele). Changes * Move from SHA-1 to SHA-256 in example programs using signatures diff --git a/include/polarssl/timing.h b/include/polarssl/timing.h index a3eb510d..5f3acfa1 100644 --- a/include/polarssl/timing.h +++ b/include/polarssl/timing.h @@ -65,6 +65,10 @@ unsigned long get_timer( struct hr_time *val, int reset ); * \brief Setup an alarm clock * * \param seconds delay before the "alarmed" flag is set + * + * \warning Only one alarm at a time is supported. In a threaded + * context, this means one for the whole process, not one per + * thread. */ void set_alarm( int seconds ); diff --git a/library/timing.c b/library/timing.c index a6122085..913cbdce 100644 --- a/library/timing.c +++ b/library/timing.c @@ -251,9 +251,13 @@ unsigned long get_timer( struct hr_time *val, int reset ) return( delta ); } -DWORD WINAPI TimerProc( LPVOID uElapse ) +/* It's OK to use a global because alarm() is supposed to be global anyway */ +static DWORD alarmMs; + +DWORD WINAPI TimerProc( LPVOID TimerContext ) { - Sleep( (DWORD) uElapse ); + ((void) TimerContext); + Sleep( alarmMs ); alarmed = 1; return( TRUE ); } @@ -263,8 +267,8 @@ void set_alarm( int seconds ) DWORD ThreadId; alarmed = 0; - CloseHandle( CreateThread( NULL, 0, TimerProc, - (LPVOID) ( seconds * 1000 ), 0, &ThreadId ) ); + alarmMs = seconds * 1000; + CloseHandle( CreateThread( NULL, 0, TimerProc, NULL, 0, &ThreadId ) ); } void m_sleep( int milliseconds ) From 6d71e4e6c3db1b936112a54679976ddc61d8063f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 12:54:35 +0000 Subject: [PATCH 021/100] Fix one more warning on windows --- library/timing.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/timing.c b/library/timing.c index 913cbdce..5791ef42 100644 --- a/library/timing.c +++ b/library/timing.c @@ -254,7 +254,7 @@ unsigned long get_timer( struct hr_time *val, int reset ) /* It's OK to use a global because alarm() is supposed to be global anyway */ static DWORD alarmMs; -DWORD WINAPI TimerProc( LPVOID TimerContext ) +static DWORD WINAPI TimerProc( LPVOID TimerContext ) { ((void) TimerContext); Sleep( alarmMs ); From fba22fdc7ed828866274bbd5e4db9f86ad6ae210 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 14:24:47 +0000 Subject: [PATCH 022/100] Avoid warning from ar --- library/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/Makefile b/library/Makefile index 37ba14e6..5575ded4 100644 --- a/library/Makefile +++ b/library/Makefile @@ -85,7 +85,7 @@ endif libmbedtls.a: $(OBJS) echo " AR $@" - $(AR) r $@ $(OBJS) + $(AR) rc $@ $(OBJS) echo " RL $@" $(AR) s $@ From 06d751969761d7351c06957f4ac832be980e6ae3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 14:54:11 +0000 Subject: [PATCH 023/100] Fix msvc warning --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 961f4dcf..2df81342 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1490,7 +1490,7 @@ static int ssl_decrypt_buf( ssl_context *ssl ) unsigned char explicit_iv_len = ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen; - if( ssl->in_msglen < explicit_iv_len + taglen ) + if( ssl->in_msglen < (size_t) explicit_iv_len + taglen ) { SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) " "+ taglen (%d)", ssl->in_msglen, From 2ee8d24ca273487caa0b9b75e8791db75a77f51e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 11 Feb 2015 15:29:15 +0000 Subject: [PATCH 024/100] Simplify some constant-time code Some people recommend using bit operations to avoid the compiler producing a branch on `ret != 0`, but: - this makes the code less readable, - here I got a warning from some compilers about unsigned unary minus - and anyway modern compilers don't produce a branch here, checked on x64 and arm with various -O values. --- library/ssl_srv.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 755bba9f..7ff203be 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2887,7 +2887,6 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, unsigned char *pms = ssl->handshake->premaster + pms_offset; unsigned char fake_pms[48], peer_pms[48]; unsigned char mask; - unsigned int uret; size_t i; if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) ) @@ -2951,10 +2950,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, } ssl->handshake->pmslen = 48; - uret = (unsigned) ret; - uret |= -uret; /* msb = ( ret != 0 ) */ - uret >>= 8 * sizeof( uret ) - 1; /* uret = ( ret != 0 ) */ - mask = (unsigned char)( -uret ) ; /* ret ? 0xff : 0x00 */ + mask = (unsigned char)( - ( ret != 0 ) ); /* ret ? 0xff : 0x00 */ for( i = 0; i < ssl->handshake->pmslen; i++ ) pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); From d72704b0d5151f8f2999514f28e4a7d6dd021605 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 12 Feb 2015 09:38:54 +0000 Subject: [PATCH 025/100] Remove work-around for alleged compiler bug It turns out the problem was with the way the reporter was invoking its toolchain, not the toolchain itself. --- library/bignum.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 91cbf298..e2cb92ef 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1240,17 +1240,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) Z.p[i - t - 1] = ~0; else { - /* - * The version of Clang shipped by Apple with Mavericks around - * 2014-03 can't handle 128-bit division properly. Disable - * 128-bits division for this version. Let's be optimistic and - * assume it'll be fixed in the next minor version (next - * patchlevel is probably a bit too optimistic). - */ -#if defined(POLARSSL_HAVE_UDBL) && \ - ! ( defined(__x86_64__) && defined(__APPLE__) && \ - defined(__clang_major__) && __clang_major__ == 5 && \ - defined(__clang_minor__) && __clang_minor__ == 0 ) +#if defined(POLARSSL_HAVE_UDBL) t_udbl r; r = (t_udbl) X.p[i] << biL; From 5d46cca09a380410965cc65568a5fafbc2658e2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 11:59:19 +0000 Subject: [PATCH 026/100] Require unix-utils in path for windows make --- ChangeLog | 3 +++ README.rst | 6 ++++++ library/Makefile | 13 ------------- programs/Makefile | 5 ----- tests/Makefile | 7 ------- 5 files changed, 9 insertions(+), 25 deletions(-) diff --git a/ChangeLog b/ChangeLog index 27917581..21cd6fdb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,9 @@ Changes "minimize" others (eg use stddef.h if only size_t is needed). * Change #include lines in test files to use double quotes instead of angle brackets for uniformity with the rest of the code. + * Building with 'make' on windows now requires Unix utilities in the PATH + as well as a Unix shell. This enables more features such as the 'check' + target. = mbed TLS 1.3.10 released 2015-02-09 Security diff --git a/README.rst b/README.rst index 004f0944..5275e1b7 100644 --- a/README.rst +++ b/README.rst @@ -35,6 +35,12 @@ In order to run the tests, enter:: make check +If you're building on windows using mingw, msys, or some similar environment, you should define the WINDOWS variable (and possibly the CC variable too), eg:: + + make CC=gcc WINDOWS=1 + +You need to make sure the usual Unix utilities such as `ln` and `rm` are in your PATH and that make has access to a Unix shell. + Depending on your platform, you might run into some issues. Please check the Makefiles in *library/*, *programs/* and *tests/* for options to manually add or remove for specific platforms. You can also check `the mbed TLS Knowledge Base `_ for articles on your platform or issue. In case you find that you need to do something else as well, please let us know what, so we can add it to the KB. diff --git a/library/Makefile b/library/Makefile index 5575ded4..552cbf22 100644 --- a/library/Makefile +++ b/library/Makefile @@ -77,11 +77,7 @@ shared: libpolarssl.so libpolarssl.a: libmbedtls.a echo " LN $@ -> $?" -ifndef WINDOWS ln -sf $? $@ -else - copy /y /b $? $@ -endif libmbedtls.a: $(OBJS) echo " AR $@" @@ -91,11 +87,7 @@ libmbedtls.a: $(OBJS) libpolarssl.so: libmbedtls.so echo " LN $@ -> $?" -ifndef WINDOWS ln -sf $? $@ -else - copy /y /b $? $@ -endif libmbedtls.${DLEXT}: $(OBJS) echo " LD $@" @@ -118,9 +110,4 @@ libmbedtls.dll: $(OBJS) $(CC) $(CFLAGS) $(OFLAGS) -c $< clean: -ifndef WINDOWS rm -f *.o libpolarssl.* libmbedtls.* -endif -ifdef WINDOWS - del /Q /F *.o libpolarssl.* libmbedtls.* -endif diff --git a/programs/Makefile b/programs/Makefile index ba8dd316..802e73c2 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -242,12 +242,7 @@ x509/cert_req: x509/cert_req.c ../library/libmbedtls.a $(CC) $(CFLAGS) $(OFLAGS) x509/cert_req.c $(LDFLAGS) -o $@ clean: -ifndef WINDOWS rm -f $(APPS) -endif -ifdef WINDOWS - del /S /Q /F *.o *.exe -endif list: echo $(APPS) diff --git a/tests/Makefile b/tests/Makefile index 6489e52b..b64eaffc 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -402,15 +402,9 @@ test_suite_version: test_suite_version.c $(DEP) $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ clean: -ifndef WINDOWS rm -f $(APPS) *.c -endif -ifdef WINDOWS - del /Q /F *.c *.exe -endif check: $(APPS) -ifndef WINDOWS echo "Running checks (Success if all tests PASSED)" RETURN=0; \ for i in $(APPS); \ @@ -427,4 +421,3 @@ ifndef WINDOWS echo ""; \ done; \ if [ "$$RETURN" -eq 1 ]; then exit 1; fi -endif From 418080010a1dcc1cdcb192e603a8c3b9656dcb1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 13:15:13 +0000 Subject: [PATCH 027/100] Replace SONAME with SOVERSION in makefile - avoids duplication - fixes warning about redefined rule with WINDOWS=1 --- library/Makefile | 12 ++++++------ scripts/bump_version.sh | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/Makefile b/library/Makefile index 552cbf22..44a725c1 100644 --- a/library/Makefile +++ b/library/Makefile @@ -22,9 +22,9 @@ ifdef SHARED CFLAGS += -fPIC endif -SONAME=libmbedtls.so.7 +SOVERSION=8 -DLEXT=so.8 +DLEXT=so.$(SOVERSION) # OSX shared library extension: # DLEXT=dylib @@ -89,14 +89,14 @@ libpolarssl.so: libmbedtls.so echo " LN $@ -> $?" ln -sf $? $@ -libmbedtls.${DLEXT}: $(OBJS) - echo " LD $@" - $(CC) ${LDFLAGS} -shared -Wl,-soname,$(SONAME) -o $@ $(OBJS) - libmbedtls.so: libmbedtls.${DLEXT} echo " LN $@ -> libmbedtls.${DLEXT}" ln -sf libmbedtls.${DLEXT} $@ +libmbedtls.so.$(SOVERSION): $(OBJS) + echo " LD $@" + $(CC) ${LDFLAGS} -shared -Wl,-soname,$@ -o $@ $(OBJS) + libmbedtls.dylib: $(OBJS) echo " LD $@" $(CC) ${LDFLAGS} -dynamiclib -o $@ $(OBJS) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index ae744516..3ff5b609 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -56,7 +56,7 @@ then mv tmp library/CMakeLists.txt [ $VERBOSE ] && echo "Bumping SOVERSION in library/Makefile" - sed -e "s/SONAME=libpolarssl.so.[0-9]\+/SONAME=libpolarssl.so.$SOVERSION/g" -e "s/DLEXT=so.[0-9]\+/DLEXT=so.$SOVERSION/g" < library/Makefile > tmp + sed -e "s/SOVERSION=[0-9]\+/SOVERSION=$SOVERSION/g" < library/Makefile > tmp mv tmp library/Makefile fi From 3cfb34564f7e420659b831f99b42eb81b141e938 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 13:34:08 +0000 Subject: [PATCH 028/100] Avoid warning from mingw for shared library --- library/Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/Makefile b/library/Makefile index 44a725c1..f2e553f0 100644 --- a/library/Makefile +++ b/library/Makefile @@ -19,8 +19,11 @@ endif # To compile as a shared library: ifdef SHARED +# all code is position-indep with mingw, avoid warning about useless flag +ifndef WINDOWS CFLAGS += -fPIC endif +endif SOVERSION=8 From 18b78c74986c8d3fbb1e904fee835e21b9765534 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Wed, 11 Feb 2015 14:06:19 +0000 Subject: [PATCH 029/100] cleanup programs Clean up the contents of programs, add more guards to includes, move all defines to the top of the top of files, remove some unused includes --- programs/aes/aescrypt2.c | 28 +++-- programs/aes/crypt_and_hash.c | 28 +++-- programs/hash/generic_sum.c | 17 +-- programs/hash/hello.c | 5 +- programs/hash/md5sum.c | 11 +- programs/hash/sha1sum.c | 11 +- programs/hash/sha2sum.c | 11 +- programs/pkey/dh_client.c | 12 +- programs/pkey/dh_genprime.c | 11 +- programs/pkey/dh_server.c | 12 +- programs/pkey/ecdsa.c | 6 +- programs/pkey/gen_key.c | 136 +++++++++++----------- programs/pkey/key_app.c | 50 +++++---- programs/pkey/key_app_writer.c | 86 +++++++------- programs/pkey/mpi_demo.c | 7 +- programs/pkey/pk_decrypt.c | 12 +- programs/pkey/pk_encrypt.c | 13 ++- programs/pkey/pk_sign.c | 12 +- programs/pkey/pk_verify.c | 11 +- programs/pkey/rsa_decrypt.c | 11 +- programs/pkey/rsa_encrypt.c | 13 ++- programs/pkey/rsa_genkey.c | 11 +- programs/pkey/rsa_sign.c | 12 +- programs/pkey/rsa_sign_pss.c | 12 +- programs/pkey/rsa_verify.c | 10 +- programs/pkey/rsa_verify_pss.c | 11 +- programs/random/gen_entropy.c | 9 +- programs/random/gen_random_ctr_drbg.c | 11 +- programs/random/gen_random_havege.c | 9 +- programs/ssl/ssl_client1.c | 27 +++-- programs/ssl/ssl_client2.c | 45 ++++---- programs/ssl/ssl_fork_server.c | 30 +++-- programs/ssl/ssl_mail_client.c | 68 +++++------ programs/ssl/ssl_pthread_server.c | 35 +++--- programs/ssl/ssl_server.c | 34 +++--- programs/ssl/ssl_server2.c | 60 +++++----- programs/test/benchmark.c | 12 +- programs/test/o_p_test.c | 18 ++- programs/test/selftest.c | 19 ++-- programs/test/ssl_cert_test.c | 26 +++-- programs/test/ssl_test.c | 59 +++++----- programs/util/pem2der.c | 29 ++--- programs/util/strerror.c | 9 +- programs/x509/cert_app.c | 46 ++++---- programs/x509/cert_req.c | 82 +++++++------- programs/x509/cert_write.c | 155 +++++++++++++------------- programs/x509/crl_app.c | 31 +++--- programs/x509/req_app.c | 31 +++--- 48 files changed, 801 insertions(+), 603 deletions(-) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index 1f34748c..be832e01 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -29,8 +29,19 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf +#endif + +#if defined(POLARSSL_AES_C) && defined(POLARSSL_SHA256_C) &&\ + defined(POLARSSL_FS_IO) +#include "polarssl/aes.h" +#include "polarssl/sha256.h" + +#include +#include +#include #endif #if defined(_WIN32) @@ -43,14 +54,6 @@ #include #endif -#include -#include -#include -#include - -#include "polarssl/aes.h" -#include "polarssl/sha256.h" - #define MODE_ENCRYPT 0 #define MODE_DECRYPT 1 @@ -60,12 +63,13 @@ "\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \ "\n" -#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) +#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) ||\ + !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C not defined.\n"); + polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else @@ -442,4 +446,4 @@ exit: return( ret ); } -#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C */ +#endif /* POLARSSL_AES_C && POLARSSL_SHA256_C && POLARSSL_FS_IO */ diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 7ad07b47..67b5f2b6 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -30,8 +30,19 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf +#endif + +#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) &&\ + defined(POLARSSL_FS_IO) +#include "polarssl/cipher.h" +#include "polarssl/md.h" + +#include +#include +#include #endif #if defined(_WIN32) @@ -44,14 +55,6 @@ #include #endif -#include -#include -#include -#include - -#include "polarssl/cipher.h" -#include "polarssl/md.h" - #define MODE_ENCRYPT 0 #define MODE_DECRYPT 1 @@ -61,13 +64,14 @@ "\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \ "\n" -#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) +#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) ||\ + !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C not defined.\n"); + polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else @@ -542,4 +546,4 @@ exit: return( ret ); } -#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C */ +#endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C && POLARSSL_FS_IO */ diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 20ff2526..9183874d 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -29,22 +29,25 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_MD_C) && defined(POLARSSL_FS_IO) #include "polarssl/md.h" -#if !defined(POLARSSL_MD_C) +#include +#include +#endif + +#if !defined(POLARSSL_MD_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_MD_C not defined.\n"); + polarssl_printf("POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else @@ -225,4 +228,4 @@ exit: return( ret ); } -#endif /* POLARSSL_MD_C */ +#endif /* POLARSSL_MD_C && POLARSSL_FS_IO */ diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 7c0546e6..384ade1c 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -29,12 +29,13 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include - +#if defined(POLARSSL_MD5_C) #include "polarssl/md5.h" +#endif #if !defined(POLARSSL_MD5_C) int main( int argc, char *argv[] ) diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c index 58c2d0c8..318fb77e 100644 --- a/programs/hash/md5sum.c +++ b/programs/hash/md5sum.c @@ -29,15 +29,18 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_MD5_C) && defined(POLARSSL_FS_IO) #include "polarssl/md5.h" +#include +#include +#endif + #if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c index 3eafc4f1..1e247d8b 100644 --- a/programs/hash/sha1sum.c +++ b/programs/hash/sha1sum.c @@ -29,15 +29,18 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_SHA1_C) && defined(POLARSSL_FS_IO) #include "polarssl/sha1.h" +#include +#include +#endif + #if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c index 3fc1baa8..a9c56989 100644 --- a/programs/hash/sha2sum.c +++ b/programs/hash/sha2sum.c @@ -29,15 +29,18 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO) #include "polarssl/sha256.h" +#include +#include +#endif + #if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index f9a40b55..5c8470d4 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -29,12 +29,14 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/aes.h" #include "polarssl/dhm.h" @@ -43,6 +45,10 @@ #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + #define SERVER_NAME "localhost" #define SERVER_PORT 11999 diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index a06a7925..6e0d0184 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -29,16 +29,21 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) &&\ + defined(POLARSSL_GENPRIME) #include "polarssl/bignum.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + /* * Note: G = 4 is always a quadratic residue mod P, * so it is a generator of order Q (with P = 2*Q+1). diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index f37a2b8f..7ccb818f 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -29,12 +29,14 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/aes.h" #include "polarssl/dhm.h" @@ -43,6 +45,10 @@ #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + #define SERVER_PORT 11999 #define PLAINTEXT "==Hello there!==" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index b5336736..8eaed553 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -29,15 +29,18 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif +#if defined(POLARSSL_ECDSA_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/ecdsa.h" #include -#include +#endif /* * Uncomment to show key and signature details @@ -65,7 +68,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - #if defined(VERBOSE) static void dump_buf( const char *title, unsigned char *buf, size_t len ) { diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 2d981abc..b3531ff1 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -29,17 +29,12 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - -#if !defined(_WIN32) && defined(POLARSSL_FS_IO) -#include -#endif /* !_WIN32 && POLARSSL_FS_IO */ - +#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" #include "polarssl/ecdsa.h" @@ -48,49 +43,12 @@ #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" -#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); +#include +#include +#include - polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or " - "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C " - "not defined.\n" ); - return( 0 ); -} -#else - -#define FORMAT_PEM 0 -#define FORMAT_DER 1 - -#define DFL_TYPE POLARSSL_PK_RSA -#define DFL_RSA_KEYSIZE 4096 -#define DFL_FILENAME "keyfile.key" -#define DFL_FORMAT FORMAT_PEM -#define DFL_USE_DEV_RANDOM 0 - -#if defined(POLARSSL_ECP_C) -#define DFL_EC_CURVE ecp_curve_list()->grp_id -#else -#define DFL_EC_CURVE 0 -#endif - -/* - * global options - */ -struct options -{ - int type; /* the type of key to generate */ - int rsa_keysize; /* length of key in bits */ - int ec_curve; /* curve identifier for EC keys */ - const char *filename; /* filename of the key file */ - int format; /* the output format to use */ - int use_dev_random; /* use /dev/random as entropy source */ -} opt; - -#if !defined(_WIN32) && defined(POLARSSL_FS_IO) +#if !defined(_WIN32) +#include #define DEV_RANDOM_THRESHOLD 32 @@ -127,8 +85,68 @@ int dev_random_entropy_poll( void *data, unsigned char *output, return( 0 ); } +#endif /* !_WIN32 */ +#endif + +#if defined(POLARSSL_ECP_C) +#define DFL_EC_CURVE ecp_curve_list()->grp_id +#else +#define DFL_EC_CURVE 0 +#endif + +#if !defined(_WIN32) && defined(POLARSSL_FS_IO) +#define USAGE_DEV_RANDOM \ + " use_dev_random=0|1 default: 0\n" +#else +#define USAGE_DEV_RANDOM "" #endif /* !_WIN32 && POLARSSL_FS_IO */ +#define FORMAT_PEM 0 +#define FORMAT_DER 1 + +#define DFL_TYPE POLARSSL_PK_RSA +#define DFL_RSA_KEYSIZE 4096 +#define DFL_FILENAME "keyfile.key" +#define DFL_FORMAT FORMAT_PEM +#define DFL_USE_DEV_RANDOM 0 + +#define USAGE \ + "\n usage: gen_key param=<>...\n" \ + "\n acceptable parameters:\n" \ + " type=rsa|ec default: rsa\n" \ + " rsa_keysize=%%d default: 4096\n" \ + " ec_curve=%%s see below\n" \ + " filename=%%s default: keyfile.key\n" \ + " format=pem|der default: pem\n" \ + USAGE_DEV_RANDOM \ + "\n" + +#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \ + !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or " + "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C " + "not defined.\n" ); + return( 0 ); +} +#else +/* + * global options + */ +struct options +{ + int type; /* the type of key to generate */ + int rsa_keysize; /* length of key in bits */ + int ec_curve; /* curve identifier for EC keys */ + const char *filename; /* filename of the key file */ + int format; /* the output format to use */ + int use_dev_random; /* use /dev/random as entropy source */ +} opt; + static int write_private_key( pk_context *key, const char *output_file ) { int ret; @@ -168,24 +186,6 @@ static int write_private_key( pk_context *key, const char *output_file ) return( 0 ); } -#if !defined(_WIN32) && defined(POLARSSL_FS_IO) -#define USAGE_DEV_RANDOM \ - " use_dev_random=0|1 default: 0\n" -#else -#define USAGE_DEV_RANDOM "" -#endif /* !_WIN32 && POLARSSL_FS_IO */ - -#define USAGE \ - "\n usage: gen_key param=<>...\n" \ - "\n acceptable parameters:\n" \ - " type=rsa|ec default: rsa\n" \ - " rsa_keysize=%%d default: 4096\n" \ - " ec_curve=%%s see below\n" \ - " filename=%%s default: keyfile.key\n" \ - " format=pem|der default: pem\n" \ - USAGE_DEV_RANDOM \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 04bad874..f89f436c 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -29,17 +29,39 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) &&\ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/rsa.h" #include "polarssl/x509.h" +#include +#endif + +#define MODE_NONE 0 +#define MODE_PRIVATE 1 +#define MODE_PUBLIC 2 + +#define DFL_MODE MODE_NONE +#define DFL_FILENAME "keyfile.key" +#define DFL_PASSWORD "" +#define DFL_PASSWORD_FILE "" +#define DFL_DEBUG_LEVEL 0 + +#define USAGE \ + "\n usage: key_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " mode=private|public default: none\n" \ + " filename=%%s default: keyfile.key\n" \ + " password=%%s default: \"\"\n" \ + " password_file=%%s default: \"\"\n" \ + "\n" + + #if !defined(POLARSSL_BIGNUM_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) @@ -52,17 +74,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define MODE_NONE 0 -#define MODE_PRIVATE 1 -#define MODE_PUBLIC 2 - -#define DFL_MODE MODE_NONE -#define DFL_FILENAME "keyfile.key" -#define DFL_PASSWORD "" -#define DFL_PASSWORD_FILE "" -#define DFL_DEBUG_LEVEL 0 - /* * global options */ @@ -74,15 +85,6 @@ struct options const char *password_file; /* password_file for the private key */ } opt; -#define USAGE \ - "\n usage: key_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " mode=private|public default: none\n" \ - " filename=%%s default: keyfile.key\n" \ - " password=%%s default: \"\"\n" \ - " password_file=%%s default: \"\"\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index c9830c25..8fcd6318 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -29,27 +29,41 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/pk.h" #include "polarssl/error.h" -#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); +#include +#include +#endif - polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" ); - return( 0 ); -} +#if defined(POLARSSL_PEM_WRITE_C) +#define USAGE_OUT \ + " output_file=%%s default: keyfile.pem\n" \ + " output_format=pem|der default: pem\n" #else +#define USAGE_OUT \ + " output_file=%%s default: keyfile.der\n" \ + " output_format=der default: der\n" +#endif + +#if defined(POLARSSL_PEM_WRITE_C) +#define DFL_OUTPUT_FILENAME "keyfile.pem" +#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM +#else +#define DFL_OUTPUT_FILENAME "keyfile.der" +#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER +#endif + +#define DFL_MODE MODE_NONE +#define DFL_FILENAME "keyfile.key" +#define DFL_DEBUG_LEVEL 0 +#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE #define MODE_NONE 0 #define MODE_PRIVATE 1 @@ -62,18 +76,25 @@ int main( int argc, char *argv[] ) #define OUTPUT_FORMAT_PEM 0 #define OUTPUT_FORMAT_DER 1 -#define DFL_MODE MODE_NONE -#define DFL_FILENAME "keyfile.key" -#define DFL_DEBUG_LEVEL 0 -#define DFL_OUTPUT_MODE OUTPUT_MODE_NONE -#if defined(POLARSSL_PEM_WRITE_C) -#define DFL_OUTPUT_FILENAME "keyfile.pem" -#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_PEM -#else -#define DFL_OUTPUT_FILENAME "keyfile.der" -#define DFL_OUTPUT_FORMAT OUTPUT_FORMAT_DER -#endif +#define USAGE \ + "\n usage: key_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " mode=private|public default: none\n" \ + " filename=%%s default: keyfile.key\n" \ + " output_mode=private|public default: none\n" \ + USAGE_OUT \ + "\n" + +#if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" ); + return( 0 ); +} +#else /* * global options */ @@ -170,25 +191,6 @@ static int write_private_key( pk_context *key, const char *output_file ) return( 0 ); } -#if defined(POLARSSL_PEM_WRITE_C) -#define USAGE_OUT \ - " output_file=%%s default: keyfile.pem\n" \ - " output_format=pem|der default: pem\n" -#else -#define USAGE_OUT \ - " output_file=%%s default: keyfile.der\n" \ - " output_format=der default: der\n" -#endif - -#define USAGE \ - "\n usage: key_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " mode=private|public default: none\n" \ - " filename=%%s default: keyfile.key\n" \ - " output_mode=private|public default: none\n" \ - USAGE_OUT \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index b5ae13e0..a6d11987 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -29,13 +29,16 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_FS_IO) #include "polarssl/bignum.h" +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index 86446986..f2f8e59b 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -29,17 +29,23 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_CTR_DRBG_C) diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 663c2ee7..5e427626 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -29,18 +29,23 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 0d029359..c11bc3a0 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -29,12 +29,14 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_SHA256_C) &&\ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" @@ -42,6 +44,10 @@ #include "polarssl/pk.h" #include "polarssl/sha1.h" +#include +#include +#endif + #if defined _MSC_VER && !defined snprintf #define snprintf _snprintf #endif diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 55f977cc..bed3261c 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -29,17 +29,22 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) &&\ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) &&\ + defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/md.h" #include "polarssl/pk.h" #include "polarssl/sha1.h" +#include +#include +#endif + #if defined _MSC_VER && !defined snprintf #define snprintf _snprintf #endif diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 8df5f007..084619c6 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -29,16 +29,21 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/rsa.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_CTR_DRBG_C) diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 58817e3f..2f88209d 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -29,17 +29,22 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/rsa.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 56d32737..5741d466 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -29,17 +29,22 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/bignum.h" #include "polarssl/x509.h" #include "polarssl/rsa.h" + +#include +#include +#endif #define KEY_SIZE 1024 #define EXPONENT 65537 diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index f65c2a74..685db517 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -29,16 +29,20 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO) #include "polarssl/rsa.h" #include "polarssl/sha1.h" +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index de90b7ec..3d84b693 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -29,12 +29,14 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/md.h" @@ -42,6 +44,10 @@ #include "polarssl/sha1.h" #include "polarssl/x509.h" +#include +#include +#endif + #if defined _MSC_VER && !defined snprintf #define snprintf _snprintf #endif diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 4b433807..7d944514 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -29,15 +29,19 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO) #include "polarssl/rsa.h" #include "polarssl/sha1.h" +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index dd625b48..5af230dd 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -29,18 +29,23 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) &&\ + defined(POLARSSL_FS_IO) #include "polarssl/md.h" #include "polarssl/pem.h" #include "polarssl/pk.h" #include "polarssl/sha1.h" #include "polarssl/x509.h" +#include +#include +#endif + #if defined _MSC_VER && !defined snprintf #define snprintf _snprintf #endif diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 0ff443f9..3de16809 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -29,21 +29,24 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif +#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include +#endif -#if !defined(POLARSSL_ENTROPY_C) +#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_ENTROPY_C not defined.\n"); + polarssl_printf("POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index c21e0948..58d7368a 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -29,22 +29,27 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif +#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include +#endif -#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) +#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) ||\ + !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); - polarssl_printf("POLARSSL_CTR_DRBG_C or POLARSSL_ENTROPY_C not defined.\n"); + polarssl_printf("POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c index 5336fc4e..946d3341 100644 --- a/programs/random/gen_random_havege.c +++ b/programs/random/gen_random_havege.c @@ -29,16 +29,19 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif +#if defined(POLARSSL_HAVEGE_C) && defined(POLARSSL_FS_IO) #include "polarssl/havege.h" -#include #include +#include +#endif -#if !defined(POLARSSL_HAVEGE_C) +#if !defined(POLARSSL_HAVEGE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 10a21d18..36be15f6 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -29,13 +29,15 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ + defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C) #include "polarssl/net.h" #include "polarssl/debug.h" #include "polarssl/ssl.h" @@ -44,6 +46,16 @@ #include "polarssl/error.h" #include "polarssl/certs.h" +#include +#include +#endif + +#define SERVER_PORT 4433 +#define SERVER_NAME "localhost" +#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" + +#define DEBUG_LEVEL 1 + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ @@ -61,13 +73,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define SERVER_PORT 4433 -#define SERVER_NAME "localhost" -#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" - -#define DEBUG_LEVEL 1 - static void my_debug( void *ctx, int level, const char *str ) { ((void) level); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 0d4a0f20..4243ccaf 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -29,30 +29,14 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#if !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) -#include -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else - -#include -#include -#include - +#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ + defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/ssl.h" #include "polarssl/entropy.h" @@ -62,6 +46,11 @@ int main( int argc, char *argv[] ) #include "polarssl/error.h" #include "polarssl/debug.h" +#include +#include +#include +#endif + #if defined(POLARSSL_TIMING_C) #include "polarssl/timing.h" #endif @@ -108,6 +97,20 @@ int main( int argc, char *argv[] ) #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " #define GET_REQUEST_END "\r\n\r\n" +#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else /* * global options */ diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index ee2e1b80..575160f8 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -29,23 +29,21 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif #if defined(_WIN32) #include #endif -#include -#include -#include -#include - -#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) -#include -#endif - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) &&\ + defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_TIMING_C) &&\ + defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/certs.h" @@ -54,6 +52,15 @@ #include "polarssl/net.h" #include "polarssl/timing.h" +#include +#include +#include +#endif + +#if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) +#include +#endif + #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ "

mbed TLS Test Server

\r\n" \ @@ -63,7 +70,8 @@ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) + !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) ||\ + !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 769dd267..a148171d 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -29,13 +29,29 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ + defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \ + defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \ + defined(POLARSSL_FS_IO) +#include "polarssl/base64.h" +#include "polarssl/error.h" +#include "polarssl/net.h" +#include "polarssl/ssl.h" +#include "polarssl/entropy.h" +#include "polarssl/ctr_drbg.h" +#include "polarssl/certs.h" +#include "polarssl/x509.h" + #include +#include +#include +#endif #if !defined(_MSC_VER) || defined(EFIX64) || defined(EFI32) #include @@ -46,7 +62,6 @@ #endif #if defined(_WIN32) || defined(_WIN32_WCE) - #include #include @@ -59,33 +74,6 @@ #endif /* _MSC_VER */ #endif -#include "polarssl/base64.h" -#include "polarssl/error.h" -#include "polarssl/net.h" -#include "polarssl/ssl.h" -#include "polarssl/entropy.h" -#include "polarssl/ctr_drbg.h" -#include "polarssl/certs.h" -#include "polarssl/x509.h" - -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C " - "not defined.\n"); - return( 0 ); -} -#else - #define DFL_SERVER_NAME "localhost" #define DFL_SERVER_PORT 465 #define DFL_USER_NAME "user" @@ -103,6 +91,24 @@ int main( int argc, char *argv[] ) #define MODE_SSL_TLS 0 #define MODE_STARTTLS 0 +#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ + !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ + !defined(POLARSSL_FS_IO) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " + "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " + "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_CRT_PARSE_C " + "not defined.\n"); + return( 0 ); +} +#else /* * global options */ diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 8c671736..f95a6d88 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -30,18 +30,21 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif #if defined(_WIN32) #include #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) &&\ + defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_THREADING_C) && defined(POLARSSL_THREADING_PTHREAD) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/certs.h" @@ -50,6 +53,11 @@ #include "polarssl/net.h" #include "polarssl/error.h" +#include +#include +#include +#endif + #if defined(POLARSSL_SSL_CACHE_C) #include "polarssl/ssl_cache.h" #endif @@ -58,11 +66,18 @@ #include "polarssl/memory_buffer_alloc.h" #endif +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" + +#define DEBUG_LEVEL 0 + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || \ + !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD) int main( int argc, char *argv[] ) { @@ -78,14 +93,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" - -#define DEBUG_LEVEL 0 - threading_mutex_t debug_mutex; static void my_mutexed_debug( void *ctx, int level, const char *str ) diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index fe8eca43..0486517d 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -29,18 +29,20 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif #if defined(_WIN32) #include #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \ + defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/certs.h" @@ -50,15 +52,27 @@ #include "polarssl/error.h" #include "polarssl/debug.h" +#include +#include +#include +#endif + #if defined(POLARSSL_SSL_CACHE_C) #include "polarssl/ssl_cache.h" #endif +#define HTTP_RESPONSE \ + "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ + "

mbed TLS Test Server

\r\n" \ + "

Successful connection using: %s

\r\n" + +#define DEBUG_LEVEL 0 + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) + !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { ((void) argc); @@ -72,14 +86,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define HTTP_RESPONSE \ - "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ - "

Successful connection using: %s

\r\n" - -#define DEBUG_LEVEL 0 - static void my_debug( void *ctx, int level, const char *str ) { ((void) level); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a98eff8a..e39a7fdd 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -29,27 +29,12 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf -#define polarssl_fprintf fprintf -#define polarssl_malloc malloc -#define polarssl_free free -#endif - -#if !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) #include -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else +#define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_fprintf fprintf +#define polarssl_printf printf +#endif #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && defined(POLARSSL_FS_IO) #define POLARSSL_SNI @@ -59,14 +44,9 @@ int main( int argc, char *argv[] ) #include #endif -#include -#include -#include - -#if !defined(_WIN32) -#include -#endif - +#if defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) &&\ + defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/ssl.h" #include "polarssl/entropy.h" @@ -76,6 +56,15 @@ int main( int argc, char *argv[] ) #include "polarssl/error.h" #include "polarssl/debug.h" +#include +#include +#include +#endif + +#if !defined(_WIN32) +#include +#endif + #if defined(POLARSSL_SSL_CACHE_C) #include "polarssl/ssl_cache.h" #endif @@ -144,6 +133,21 @@ int main( int argc, char *argv[] ) */ #define IO_BUF_LEN 200 +#if !defined(POLARSSL_ENTROPY_C) ||\ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#include +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else /* * global options */ diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index cc83746d..37840811 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -29,13 +29,11 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_TIMING_C) #include "polarssl/timing.h" #include "polarssl/md4.h" @@ -60,6 +58,11 @@ #include "polarssl/ecdh.h" #include "polarssl/error.h" +#include +#include +#include +#endif + #if defined _MSC_VER && !defined snprintf #define snprintf _snprintf #endif @@ -78,7 +81,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - static int myrand( void *rng_state, unsigned char *output, size_t len ) { size_t use_len; diff --git a/programs/test/o_p_test.c b/programs/test/o_p_test.c index b904a9f8..19fef9c9 100644 --- a/programs/test/o_p_test.c +++ b/programs/test/o_p_test.c @@ -29,19 +29,18 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) #include + #ifndef OPENSSL_NO_ENGINE #include #endif + #include #include @@ -50,6 +49,13 @@ #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" +#include +#include +#include +#include +#include +#endif + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index d2f70d2d..edecbb8f 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -26,15 +26,6 @@ #include POLARSSL_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#define polarssl_printf printf -#endif - -#include -#include - #include "polarssl/entropy.h" #include "polarssl/hmac_drbg.h" #include "polarssl/ctr_drbg.h" @@ -62,6 +53,16 @@ #include "polarssl/ecp.h" #include "polarssl/timing.h" +#include +#include + +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#include +#define polarssl_printf printf +#endif + #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) #include "polarssl/memory_buffer_alloc.h" #endif diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 037c4748..3e006d32 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -29,11 +29,24 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include +#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) &&\ + defined(POLARSSL_FS_IO) && defined(POLARSSL_X509_CRL_PARSE_C) +#include "polarssl/certs.h" +#include "polarssl/x509_crt.h" + #include +#include +#endif + +#if defined _MSC_VER && !defined snprintf +#define snprintf _snprintf +#endif + +#define MAX_CLIENT_CERTS 8 #if !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_X509_CRL_PARSE_C) @@ -48,17 +61,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#include "polarssl/certs.h" -#include "polarssl/x509_crt.h" - -#if defined _MSC_VER && !defined snprintf -#define snprintf _snprintf -#endif - - -#define MAX_CLIENT_CERTS 8 - const char *client_certificates[MAX_CLIENT_CERTS] = { "client1.crt", diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 63c32206..c414ad03 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -29,44 +29,33 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf -#define polarssl_fprintf fprintf -#define polarssl_malloc malloc +#include #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) &&\ + defined(POLARSSL_SSL_CLI_C) && defined(POLARSSL_NET_C) &&\ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ + defined(POLARSSL_X509_CRT_PARSE_C) #include "polarssl/net.h" #include "polarssl/ssl.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/certs.h" + +#include +#include +#include +#endif + #if defined(POLARSSL_TIMING_C) #include "polarssl/timing.h" #endif -#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ - !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \ - !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or " - "POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or " - "POLARSSL_X509_CRT_PARSE_C not defined.\n"); - return( 0 ); -} -#else - #define OPMODE_NONE 0 #define OPMODE_CLIENT 1 #define OPMODE_SERVER 2 @@ -92,6 +81,24 @@ int main( int argc, char *argv[] ) #define DFL_SESSION_LIFETIME 86400 #define DFL_FORCE_CIPHER 0 +#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ + !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \ + !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ + !defined(POLARSSL_X509_CRT_PARSE_C) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " + "POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or " + "POLARSSL_RSA_C and/or POLARSSL_CTR_DRBG_C and/or " + "POLARSSL_X509_CRT_PARSE_C not defined.\n"); + return( 0 ); +} +#else int server_fd = -1; /* diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 74f7a3e8..c967e53d 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -29,21 +29,31 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf -#define polarssl_malloc malloc +#include #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BASE64_C) && defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/base64.h" +#include +#include +#include +#endif + #define DFL_FILENAME "file.pem" #define DFL_OUTPUT_FILENAME "file.der" +#define USAGE \ + "\n usage: pem2der param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: file.pem\n" \ + " output_file=%%s default: file.der\n" \ + "\n" + #if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { @@ -170,13 +180,6 @@ static int write_file( const char *path, unsigned char *buf, size_t n ) return( 0 ); } -#define USAGE \ - "\n usage: pem2der param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: file.pem\n" \ - " output_file=%%s default: file.der\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/util/strerror.c b/programs/util/strerror.c index c5598fcc..f4da587e 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -29,14 +29,17 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif +#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY) +#include "polarssl/error.h" + +#include #include #include -#include - -#include "polarssl/error.h" +#endif #define USAGE \ "\n usage: strerror \n" \ diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index a945440f..5d9348d3 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -29,20 +29,41 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else -#define polarssl_printf printf +#include #define polarssl_fprintf fprintf +#define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ + defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/net.h" #include "polarssl/ssl.h" #include "polarssl/x509.h" +#include +#include +#include +#endif + +#define MODE_NONE 0 +#define MODE_FILE 1 +#define MODE_SSL 2 + +#define DFL_MODE MODE_NONE +#define DFL_FILENAME "cert.crt" +#define DFL_CA_FILE "" +#define DFL_CRL_FILE "" +#define DFL_CA_PATH "" +#define DFL_SERVER_NAME "localhost" +#define DFL_SERVER_PORT 4433 +#define DFL_DEBUG_LEVEL 0 +#define DFL_PERMISSIVE 0 + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ @@ -61,21 +82,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define MODE_NONE 0 -#define MODE_FILE 1 -#define MODE_SSL 2 - -#define DFL_MODE MODE_NONE -#define DFL_FILENAME "cert.crt" -#define DFL_CA_FILE "" -#define DFL_CRL_FILE "" -#define DFL_CA_PATH "" -#define DFL_SERVER_NAME "localhost" -#define DFL_SERVER_PORT 4433 -#define DFL_DEBUG_LEVEL 0 -#define DFL_PERMISSIVE 0 - /* * global options */ diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index f9360974..e978201a 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -29,18 +29,57 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_X509_CSR_WRITE_C) && defined(POLARSSL_FS_IO) && \ + defined(POLARSSL_PK_PARSE_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/x509_csr.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/error.h" +#include +#include +#include +#endif + +#define DFL_FILENAME "keyfile.key" +#define DFL_DEBUG_LEVEL 0 +#define DFL_OUTPUT_FILENAME "cert.req" +#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" +#define DFL_KEY_USAGE 0 +#define DFL_NS_CERT_TYPE 0 + +#define USAGE \ + "\n usage: cert_req param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: keyfile.key\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " output_file=%%s default: cert.req\n" \ + " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ + " key_usage=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " digital_signature\n" \ + " non_repudiation\n" \ + " key_encipherment\n" \ + " data_encipherment\n" \ + " key_agreement\n" \ + " key_certificate_sign\n" \ + " crl_sign\n" \ + " ns_cert_type=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " ssl_client\n" \ + " ssl_server\n" \ + " email\n" \ + " object_signing\n" \ + " ssl_ca\n" \ + " email_ca\n" \ + " object_signing_ca\n" \ + "\n" + #if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) @@ -56,14 +95,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define DFL_FILENAME "keyfile.key" -#define DFL_DEBUG_LEVEL 0 -#define DFL_OUTPUT_FILENAME "cert.req" -#define DFL_SUBJECT_NAME "CN=Cert,O=mbed TLS,C=UK" -#define DFL_KEY_USAGE 0 -#define DFL_NS_CERT_TYPE 0 - /* * global options */ @@ -106,33 +137,6 @@ int write_certificate_request( x509write_csr *req, const char *output_file, return( 0 ); } -#define USAGE \ - "\n usage: cert_req param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: keyfile.key\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " output_file=%%s default: cert.req\n" \ - " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ - " key_usage=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " digital_signature\n" \ - " non_repudiation\n" \ - " key_encipherment\n" \ - " data_encipherment\n" \ - " key_agreement\n" \ - " key_certificate_sign\n" \ - " crl_sign\n" \ - " ns_cert_type=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " ssl_client\n" \ - " ssl_server\n" \ - " email\n" \ - " object_signing\n" \ - " ssl_ca\n" \ - " email_ca\n" \ - " object_signing_ca\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 7d688587..aa1cf54e 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -29,36 +29,34 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - -#if !defined(POLARSSL_X509_CRT_WRITE_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_ERROR_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or " - "POLARSSL_FS_IO and/or " - "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or " - "POLARSSL_ERROR_C not defined.\n"); - return( 0 ); -} -#else - +#if defined(POLARSSL_X509_CRT_WRITE_C) &&\ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) &&\ + defined(POLARSSL_ERROR_C) #include "polarssl/x509_crt.h" #include "polarssl/x509_csr.h" #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" #include "polarssl/error.h" +#include +#include +#include +#endif + +#if defined(POLARSSL_X509_CSR_PARSE_C) +#define USAGE_CSR \ + " request_file=%%s default: (empty)\n" \ + " If request_file is specified, subject_key,\n" \ + " subject_pwd and subject_name are ignored!\n" +#else +#define USAGE_CSR "" +#endif /* POLARSSL_X509_CSR_PARSE_C */ + #define DFL_ISSUER_CRT "" #define DFL_REQUEST_FILE "" #define DFL_SUBJECT_KEY "subject.key" @@ -77,6 +75,67 @@ int main( int argc, char *argv[] ) #define DFL_KEY_USAGE 0 #define DFL_NS_CERT_TYPE 0 +#define USAGE \ + "\n usage: cert_write param=<>...\n" \ + "\n acceptable parameters:\n" \ + USAGE_CSR \ + " subject_key=%%s default: subject.key\n" \ + " subject_pwd=%%s default: (empty)\n" \ + " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ + "\n" \ + " issuer_crt=%%s default: (empty)\n" \ + " If issuer_crt is specified, issuer_name is\n" \ + " ignored!\n" \ + " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \ + "\n" \ + " selfsign=%%d default: 0 (false)\n" \ + " If selfsign is enabled, issuer_name and\n" \ + " issuer_key are required (issuer_crt and\n" \ + " subject_* are ignored\n" \ + " issuer_key=%%s default: ca.key\n" \ + " issuer_pwd=%%s default: (empty)\n" \ + " output_file=%%s default: cert.crt\n" \ + " serial=%%s default: 1\n" \ + " not_before=%%s default: 20010101000000\n"\ + " not_after=%%s default: 20301231235959\n"\ + " is_ca=%%d default: 0 (disabled)\n" \ + " max_pathlen=%%d default: -1 (none)\n" \ + " key_usage=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " digital_signature\n" \ + " non_repudiation\n" \ + " key_encipherment\n" \ + " data_encipherment\n" \ + " key_agreement\n" \ + " key_certificate_sign\n" \ + " crl_sign\n" \ + " ns_cert_type=%%s default: (empty)\n" \ + " Comma-separated-list of values:\n" \ + " ssl_client\n" \ + " ssl_server\n" \ + " email\n" \ + " object_signing\n" \ + " ssl_ca\n" \ + " email_ca\n" \ + " object_signing_ca\n" \ + "\n" + +#if !defined(POLARSSL_X509_CRT_WRITE_C) || \ + !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ + !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ + !defined(POLARSSL_ERROR_C) +int main( int argc, char *argv[] ) +{ + ((void) argc); + ((void) argv); + + polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or " + "POLARSSL_FS_IO and/or " + "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or " + "POLARSSL_ERROR_C not defined.\n"); + return( 0 ); +} +#else /* * global options */ @@ -130,60 +189,6 @@ int write_certificate( x509write_cert *crt, const char *output_file, return( 0 ); } -#if defined(POLARSSL_X509_CSR_PARSE_C) -#define USAGE_CSR \ - " request_file=%%s default: (empty)\n" \ - " If request_file is specified, subject_key,\n" \ - " subject_pwd and subject_name are ignored!\n" -#else -#define USAGE_CSR "" -#endif /* POLARSSL_X509_CSR_PARSE_C */ - -#define USAGE \ - "\n usage: cert_write param=<>...\n" \ - "\n acceptable parameters:\n" \ - USAGE_CSR \ - " subject_key=%%s default: subject.key\n" \ - " subject_pwd=%%s default: (empty)\n" \ - " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ - "\n" \ - " issuer_crt=%%s default: (empty)\n" \ - " If issuer_crt is specified, issuer_name is\n" \ - " ignored!\n" \ - " issuer_name=%%s default: CN=CA,O=mbed TLS,C=UK\n" \ - "\n" \ - " selfsign=%%d default: 0 (false)\n" \ - " If selfsign is enabled, issuer_name and\n" \ - " issuer_key are required (issuer_crt and\n" \ - " subject_* are ignored\n" \ - " issuer_key=%%s default: ca.key\n" \ - " issuer_pwd=%%s default: (empty)\n" \ - " output_file=%%s default: cert.crt\n" \ - " serial=%%s default: 1\n" \ - " not_before=%%s default: 20010101000000\n"\ - " not_after=%%s default: 20301231235959\n"\ - " is_ca=%%d default: 0 (disabled)\n" \ - " max_pathlen=%%d default: -1 (none)\n" \ - " key_usage=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " digital_signature\n" \ - " non_repudiation\n" \ - " key_encipherment\n" \ - " data_encipherment\n" \ - " key_agreement\n" \ - " key_certificate_sign\n" \ - " crl_sign\n" \ - " ns_cert_type=%%s default: (empty)\n" \ - " Comma-separated-list of values:\n" \ - " ssl_client\n" \ - " ssl_server\n" \ - " email\n" \ - " object_signing\n" \ - " ssl_ca\n" \ - " email_ca\n" \ - " object_signing_ca\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 43702279..e634cca3 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -29,15 +29,28 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_X509_CRL_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/x509_crl.h" +#include +#include +#include +#endif + +#define DFL_FILENAME "crl.pem" +#define DFL_DEBUG_LEVEL 0 + +#define USAGE \ + "\n usage: crl_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: crl.pem\n" \ + "\n" + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) @@ -50,10 +63,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define DFL_FILENAME "crl.pem" -#define DFL_DEBUG_LEVEL 0 - /* * global options */ @@ -62,12 +71,6 @@ struct options const char *filename; /* filename of the certificate file */ } opt; -#define USAGE \ - "\n usage: crl_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: crl.pem\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index a4be7e69..3aa5f41a 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -29,15 +29,28 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_printf printf #endif -#include -#include -#include - +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ + defined(POLARSSL_X509_CSR_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/x509_csr.h" +#include +#include +#include +#endif + +#define DFL_FILENAME "cert.req" +#define DFL_DEBUG_LEVEL 0 + +#define USAGE \ + "\n usage: req_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " filename=%%s default: cert.req\n" \ + "\n" + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) @@ -50,10 +63,6 @@ int main( int argc, char *argv[] ) return( 0 ); } #else - -#define DFL_FILENAME "cert.req" -#define DFL_DEBUG_LEVEL 0 - /* * global options */ @@ -62,12 +71,6 @@ struct options const char *filename; /* filename of the certificate request */ } opt; -#define USAGE \ - "\n usage: req_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " filename=%%s default: cert.req\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0; From 85b05ec38905d2ad0815e7f7914465f6a63e65e4 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Thu, 12 Feb 2015 11:37:29 +0000 Subject: [PATCH 030/100] Cleanup programs further removed casting of main args to void --- programs/aes/aescrypt2.c | 4 +- programs/aes/crypt_and_hash.c | 5 +- programs/hash/generic_sum.c | 5 +- programs/hash/hello.c | 10 +- programs/hash/md5sum.c | 5 +- programs/hash/sha1sum.c | 5 +- programs/hash/sha2sum.c | 5 +- programs/pkey/dh_client.c | 10 +- programs/pkey/dh_genprime.c | 10 +- programs/pkey/dh_server.c | 10 +- programs/pkey/ecdsa.c | 5 +- programs/pkey/gen_key.c | 5 +- programs/pkey/key_app.c | 5 +- programs/pkey/key_app_writer.c | 5 +- programs/pkey/mpi_demo.c | 10 +- programs/pkey/pk_decrypt.c | 5 +- programs/pkey/pk_encrypt.c | 5 +- programs/pkey/pk_sign.c | 5 +- programs/pkey/pk_verify.c | 5 +- programs/pkey/rsa_decrypt.c | 5 +- programs/pkey/rsa_encrypt.c | 5 +- programs/pkey/rsa_genkey.c | 10 +- programs/pkey/rsa_sign.c | 5 +- programs/pkey/rsa_sign_pss.c | 5 +- programs/pkey/rsa_verify.c | 5 +- programs/pkey/rsa_verify_pss.c | 5 +- programs/random/gen_entropy.c | 5 +- programs/random/gen_random_ctr_drbg.c | 5 +- programs/random/gen_random_havege.c | 5 +- programs/ssl/ssl_client1.c | 10 +- programs/ssl/ssl_client2.c | 279 +++++++++++++------------- programs/ssl/ssl_fork_server.c | 10 +- programs/ssl/ssl_mail_client.c | 73 ++++--- programs/ssl/ssl_pthread_server.c | 14 +- programs/ssl/ssl_server.c | 10 +- programs/ssl/ssl_server2.c | 205 ++++++++++--------- programs/test/benchmark.c | 130 ++++++------ programs/test/o_p_test.c | 5 +- programs/test/ssl_cert_test.c | 10 +- programs/test/ssl_test.c | 5 +- programs/util/pem2der.c | 5 +- programs/util/strerror.c | 5 +- programs/x509/cert_app.c | 45 ++--- programs/x509/cert_req.c | 5 +- programs/x509/cert_write.c | 5 +- programs/x509/crl_app.c | 5 +- programs/x509/req_app.c | 5 +- 47 files changed, 414 insertions(+), 586 deletions(-) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index be832e01..9e41c598 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -65,10 +65,8 @@ #if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) ||\ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); polarssl_printf("POLARSSL_AES_C and/or POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 67b5f2b6..85a144b7 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -66,11 +66,8 @@ #if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) ||\ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 9183874d..a49dbb7b 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -42,11 +42,8 @@ #endif #if !defined(POLARSSL_MD_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_MD_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 384ade1c..c7741105 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -38,24 +38,18 @@ #endif #if !defined(POLARSSL_MD5_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_MD5_C not defined.\n"); return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { int i; unsigned char digest[16]; char str[] = "Hello, world!"; - ((void) argc); - ((void) argv); - polarssl_printf( "\n MD5('%s') = ", str ); md5( (unsigned char *) str, 13, digest ); diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c index 318fb77e..afe34545 100644 --- a/programs/hash/md5sum.c +++ b/programs/hash/md5sum.c @@ -42,11 +42,8 @@ #endif #if !defined(POLARSSL_MD5_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_MD5_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c index 1e247d8b..8dc4e086 100644 --- a/programs/hash/sha1sum.c +++ b/programs/hash/sha1sum.c @@ -42,11 +42,8 @@ #endif #if !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_SHA1_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c index a9c56989..268d170b 100644 --- a/programs/hash/sha2sum.c +++ b/programs/hash/sha2sum.c @@ -42,11 +42,8 @@ #endif #if !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 5c8470d4..a29da4b0 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -56,11 +56,8 @@ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or " @@ -68,7 +65,7 @@ int main( int argc, char *argv[] ) return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { FILE *f; @@ -87,9 +84,6 @@ int main( int argc, char *argv[] ) dhm_context dhm; aes_context aes; - ((void) argc); - ((void) argv); - memset( &rsa, 0, sizeof( rsa ) ); dhm_init( &dhm ); aes_init( &aes ); diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 6e0d0184..a3d574c7 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -54,18 +54,15 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_GENPRIME) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C and/or " "POLARSSL_GENPRIME not defined.\n"); return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { int ret = 1; mpi G, P, Q; @@ -74,9 +71,6 @@ int main( int argc, char *argv[] ) const char *pers = "dh_genprime"; FILE *fout; - ((void) argc); - ((void) argv); - mpi_init( &G ); mpi_init( &P ); mpi_init( &Q ); entropy_init( &entropy ); diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 7ccb818f..197e4f2d 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -56,11 +56,8 @@ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or " @@ -68,7 +65,7 @@ int main( int argc, char *argv[] ) return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { FILE *f; @@ -88,9 +85,6 @@ int main( int argc, char *argv[] ) dhm_context dhm; aes_context aes; - ((void) argc); - ((void) argv); - memset( &rsa, 0, sizeof( rsa ) ); dhm_init( &dhm ); aes_init( &aes ); diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 8eaed553..ecbe15a1 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -58,11 +58,8 @@ #if !defined(POLARSSL_ECDSA_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_ECDSA_C and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C not defined\n"); return( 0 ); diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index b3531ff1..d047d71c 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -123,11 +123,8 @@ int dev_random_entropy_poll( void *data, unsigned char *output, #if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C " "not defined.\n" ); diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index f89f436c..7c01caf4 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -64,11 +64,8 @@ #if !defined(POLARSSL_BIGNUM_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 8fcd6318..ddd5e19f 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -86,11 +86,8 @@ "\n" #if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf( "POLARSSL_PK_WRITE_C and/or POLARSSL_FS_IO not defined.\n" ); return( 0 ); } diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index a6d11987..3b7c0857 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -40,22 +40,16 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { mpi E, P, Q, N, H, D, X, Y, Z; - ((void) argc); - ((void) argv); - mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N ); mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index f2f8e59b..c53e7ef3 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -49,11 +49,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 5e427626..11533434 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -49,11 +49,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index c11bc3a0..021d154f 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -56,11 +56,8 @@ !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_SHA256_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or " diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index bed3261c..1bfb66f1 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -52,11 +52,8 @@ #if !defined(POLARSSL_BIGNUM_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO not defined.\n"); diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 084619c6..e7606929 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -47,11 +47,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_FS_IO and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 2f88209d..afef96dc 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -48,11 +48,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 5741d466..d3854592 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -52,18 +52,15 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_GENPRIME) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_RSA_C and/or POLARSSL_GENPRIME and/or " "POLARSSL_FS_IO and/or POLARSSL_CTR_DRBG_C not defined.\n"); return( 0 ); } #else -int main( int argc, char *argv[] ) +int main( void ) { int ret; rsa_context rsa; @@ -73,9 +70,6 @@ int main( int argc, char *argv[] ) FILE *fpriv = NULL; const char *pers = "rsa_genkey"; - ((void) argc); - ((void) argv); - polarssl_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 685db517..0693a36f 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -45,11 +45,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 3d84b693..45b7364c 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -56,11 +56,8 @@ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_RSA_C and/or POLARSSL_SHA256_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or " diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 7d944514..c43fc305 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -44,11 +44,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 5af230dd..c313512c 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -53,11 +53,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO not defined.\n"); diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 3de16809..54baa18b 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -41,11 +41,8 @@ #endif #if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index 58d7368a..acd0778d 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -44,11 +44,8 @@ #if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) ||\ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c index 946d3341..0f5800c3 100644 --- a/programs/random/gen_random_havege.c +++ b/programs/random/gen_random_havege.c @@ -42,11 +42,8 @@ #endif #if !defined(POLARSSL_HAVEGE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_HAVEGE_C not defined.\n"); return( 0 ); } diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 36be15f6..bbb84109 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -60,11 +60,8 @@ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " @@ -81,7 +78,7 @@ static void my_debug( void *ctx, int level, const char *str ) fflush( (FILE *) ctx ); } -int main( int argc, char *argv[] ) +int main( void ) { int ret, len, server_fd = -1; unsigned char buf[1024]; @@ -92,9 +89,6 @@ int main( int argc, char *argv[] ) ssl_context ssl; x509_crt cacert; - ((void) argc); - ((void) argv); - #if defined(POLARSSL_DEBUG_C) debug_set_threshold( DEBUG_LEVEL ); #endif diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 4243ccaf..32a55b62 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -97,147 +97,6 @@ #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " #define GET_REQUEST_END "\r\n\r\n" -#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else -/* - * global options - */ -struct options -{ - const char *server_name; /* hostname of the server (client only) */ - const char *server_addr; /* address of the server (client only) */ - int server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int nbio; /* should I/O be blocking? */ - const char *request_page; /* page on server to request */ - int request_size; /* pad request with header to requested size */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *ca_path; /* the path with the CA certificate(s) reside */ - const char *crt_file; /* the file with the client certificate */ - const char *key_file; /* the file with the client key */ - const char *psk; /* the pre-shared key */ - const char *psk_identity; /* the pre-shared key identity */ - int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ - int renegotiation; /* enable / disable renegotiation */ - int allow_legacy; /* allow legacy renegotiation */ - int renegotiate; /* attempt renegotiation? */ - int renego_delay; /* delay before enforcing renegotiation */ - int exchanges; /* number of data exchanges */ - int min_version; /* minimum protocol version accepted */ - int max_version; /* maximum protocol version accepted */ - int arc4; /* flag for arc4 suites support */ - int auth_mode; /* verify mode for connection */ - unsigned char mfl_code; /* code for maximum fragment length */ - int trunc_hmac; /* negotiate truncated hmac or not */ - int recsplit; /* enable record splitting? */ - int reconnect; /* attempt to resume session */ - int reco_delay; /* delay in seconds before resuming session */ - int tickets; /* enable / disable session tickets */ - const char *alpn_string; /* ALPN supported protocols */ - int fallback; /* is this a fallback connection? */ - int extended_ms; /* negotiate extended master secret? */ - int etm; /* negotiate encrypt then mac? */ -} opt; - -static void my_debug( void *ctx, int level, const char *str ) -{ - ((void) level); - - polarssl_fprintf( (FILE *) ctx, "%s", str ); - fflush( (FILE *) ctx ); -} - -/* - * Test recv/send functions that make sure each try returns - * WANT_READ/WANT_WRITE at least once before sucesseding - */ -static int my_recv( void *ctx, unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( POLARSSL_ERR_NET_WANT_READ ); - } - - ret = net_recv( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_READ ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -static int my_send( void *ctx, const unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( POLARSSL_ERR_NET_WANT_WRITE ); - } - - ret = net_send( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_WRITE ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -#if defined(POLARSSL_X509_CRT_PARSE_C) -/* - * Enabled if debug_level > 1 in code below - */ -static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) -{ - char buf[1024]; - ((void) data); - - polarssl_printf( "\nVerify requested for (Depth %d):\n", depth ); - x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - polarssl_printf( "%s", buf ); - - if( ( (*flags) & BADCERT_EXPIRED ) != 0 ) - polarssl_printf( " ! server certificate has expired\n" ); - - if( ( (*flags) & BADCERT_REVOKED ) != 0 ) - polarssl_printf( " ! server certificate has been revoked\n" ); - - if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 ) - polarssl_printf( " ! CN mismatch\n" ); - - if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); - - if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 ) - polarssl_printf( " ! CRL not trusted\n" ); - - if( ( (*flags) & BADCRL_EXPIRED ) != 0 ) - polarssl_printf( " ! CRL expired\n" ); - - if( ( (*flags) & BADCERT_OTHER ) != 0 ) - polarssl_printf( " ! other (unknown) flag\n" ); - - if ( ( *flags ) == 0 ) - polarssl_printf( " This certificate has no flags\n" ); - - return( 0 ); -} -#endif /* POLARSSL_X509_CRT_PARSE_C */ - #if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_FS_IO) #define USAGE_IO \ @@ -379,6 +238,144 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) " force_ciphersuite= default: all enabled\n"\ " acceptable ciphersuite names:\n" +#if !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_FS_IO) || \ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +int main( void ) +{ + polarssl_printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else +/* + * global options + */ +struct options +{ + const char *server_name; /* hostname of the server (client only) */ + const char *server_addr; /* address of the server (client only) */ + int server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int nbio; /* should I/O be blocking? */ + const char *request_page; /* page on server to request */ + int request_size; /* pad request with header to requested size */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *ca_path; /* the path with the CA certificate(s) reside */ + const char *crt_file; /* the file with the client certificate */ + const char *key_file; /* the file with the client key */ + const char *psk; /* the pre-shared key */ + const char *psk_identity; /* the pre-shared key identity */ + int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ + int renegotiation; /* enable / disable renegotiation */ + int allow_legacy; /* allow legacy renegotiation */ + int renegotiate; /* attempt renegotiation? */ + int renego_delay; /* delay before enforcing renegotiation */ + int exchanges; /* number of data exchanges */ + int min_version; /* minimum protocol version accepted */ + int max_version; /* maximum protocol version accepted */ + int arc4; /* flag for arc4 suites support */ + int auth_mode; /* verify mode for connection */ + unsigned char mfl_code; /* code for maximum fragment length */ + int trunc_hmac; /* negotiate truncated hmac or not */ + int recsplit; /* enable record splitting? */ + int reconnect; /* attempt to resume session */ + int reco_delay; /* delay in seconds before resuming session */ + int tickets; /* enable / disable session tickets */ + const char *alpn_string; /* ALPN supported protocols */ + int fallback; /* is this a fallback connection? */ + int extended_ms; /* negotiate extended master secret? */ + int etm; /* negotiate encrypt then mac? */ +} opt; + +static void my_debug( void *ctx, int level, const char *str ) +{ + ((void) level); + + polarssl_fprintf( (FILE *) ctx, "%s", str ); + fflush( (FILE *) ctx ); +} + +/* + * Test recv/send functions that make sure each try returns + * WANT_READ/WANT_WRITE at least once before sucesseding + */ +static int my_recv( void *ctx, unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( POLARSSL_ERR_NET_WANT_READ ); + } + + ret = net_recv( ctx, buf, len ); + if( ret != POLARSSL_ERR_NET_WANT_READ ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +static int my_send( void *ctx, const unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( POLARSSL_ERR_NET_WANT_WRITE ); + } + + ret = net_send( ctx, buf, len ); + if( ret != POLARSSL_ERR_NET_WANT_WRITE ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +#if defined(POLARSSL_X509_CRT_PARSE_C) +/* + * Enabled if debug_level > 1 in code below + */ +static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) +{ + char buf[1024]; + ((void) data); + + polarssl_printf( "\nVerify requested for (Depth %d):\n", depth ); + x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + polarssl_printf( "%s", buf ); + + if( ( (*flags) & BADCERT_EXPIRED ) != 0 ) + polarssl_printf( " ! server certificate has expired\n" ); + + if( ( (*flags) & BADCERT_REVOKED ) != 0 ) + polarssl_printf( " ! server certificate has been revoked\n" ); + + if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 ) + polarssl_printf( " ! CN mismatch\n" ); + + if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 ) + polarssl_printf( " ! self-signed or not signed by a trusted CA\n" ); + + if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 ) + polarssl_printf( " ! CRL not trusted\n" ); + + if( ( (*flags) & BADCRL_EXPIRED ) != 0 ) + polarssl_printf( " ! CRL expired\n" ); + + if( ( (*flags) & BADCERT_OTHER ) != 0 ) + polarssl_printf( " ! other (unknown) flag\n" ); + + if ( ( *flags ) == 0 ) + polarssl_printf( " This certificate has no flags\n" ); + + return( 0 ); +} +#endif /* POLARSSL_X509_CRT_PARSE_C */ + int main( int argc, char *argv[] ) { int ret = 0, len, tail_len, server_fd, i, written, frags; diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 575160f8..2bdf3f60 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -85,11 +85,8 @@ int main( int argc, char *argv[] ) return( 0 ); } #elif defined(_WIN32) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("_WIN32 defined. This application requires fork() and signals " "to work correctly.\n"); return( 0 ); @@ -107,7 +104,7 @@ static void my_debug( void *ctx, int level, const char *str ) } } -int main( int argc, char *argv[] ) +int main( void ) { int ret, len, cnt = 0, pid; int listen_fd; @@ -121,9 +118,6 @@ int main( int argc, char *argv[] ) x509_crt srvcert; pk_context pkey; - ((void) argc); - ((void) argv); - memset( &ssl, 0, sizeof(ssl_context) ); entropy_init( &entropy ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index a148171d..f39a5d85 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -91,16 +91,47 @@ #define MODE_SSL_TLS 0 #define MODE_STARTTLS 0 +#if defined(POLARSSL_BASE64_C) +#define USAGE_AUTH \ + " authentication=%%d default: 0 (disabled)\n" \ + " user_name=%%s default: \"user\"\n" \ + " user_pwd=%%s default: \"password\"\n" +#else +#define USAGE_AUTH \ + " authentication options disabled. (Require POLARSSL_BASE64_C)\n" +#endif /* POLARSSL_BASE64_C */ + +#if defined(POLARSSL_FS_IO) +#define USAGE_IO \ + " ca_file=%%s default: \"\" (pre-loaded)\n" \ + " crt_file=%%s default: \"\" (pre-loaded)\n" \ + " key_file=%%s default: \"\" (pre-loaded)\n" +#else +#define USAGE_IO \ + " No file operations available (POLARSSL_FS_IO not defined)\n" +#endif /* POLARSSL_FS_IO */ + +#define USAGE \ + "\n usage: ssl_mail_client param=<>...\n" \ + "\n acceptable parameters:\n" \ + " server_name=%%s default: localhost\n" \ + " server_port=%%d default: 4433\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ + USAGE_AUTH \ + " mail_from=%%s default: \"\"\n" \ + " mail_to=%%s default: \"\"\n" \ + USAGE_IO \ + " force_ciphersuite= default: all enabled\n"\ + " acceptable ciphersuite names:\n" + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " @@ -325,40 +356,6 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len ) while( 1 ); } -#if defined(POLARSSL_BASE64_C) -#define USAGE_AUTH \ - " authentication=%%d default: 0 (disabled)\n" \ - " user_name=%%s default: \"user\"\n" \ - " user_pwd=%%s default: \"password\"\n" -#else -#define USAGE_AUTH \ - " authentication options disabled. (Require POLARSSL_BASE64_C)\n" -#endif /* POLARSSL_BASE64_C */ - -#if defined(POLARSSL_FS_IO) -#define USAGE_IO \ - " ca_file=%%s default: \"\" (pre-loaded)\n" \ - " crt_file=%%s default: \"\" (pre-loaded)\n" \ - " key_file=%%s default: \"\" (pre-loaded)\n" -#else -#define USAGE_IO \ - " No file operations available (POLARSSL_FS_IO not defined)\n" -#endif /* POLARSSL_FS_IO */ - -#define USAGE \ - "\n usage: ssl_mail_client param=<>...\n" \ - "\n acceptable parameters:\n" \ - " server_name=%%s default: localhost\n" \ - " server_port=%%d default: 4433\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ - USAGE_AUTH \ - " mail_from=%%s default: \"\"\n" \ - " mail_to=%%s default: \"\"\n" \ - USAGE_IO \ - " force_ciphersuite= default: all enabled\n"\ - " acceptable ciphersuite names:\n" - int main( int argc, char *argv[] ) { int ret = 0, len, server_fd; diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index f95a6d88..a2254855 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -73,17 +73,16 @@ #define DEBUG_LEVEL 0 +#define MAX_NUM_THREADS 5 + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_CERTS_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_THREADING_C) || !defined(POLARSSL_THREADING_PTHREAD) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " @@ -124,8 +123,6 @@ typedef struct { pthread_t thread; } pthread_info_t; -#define MAX_NUM_THREADS 5 - static thread_info_t base_info; static pthread_info_t threads[MAX_NUM_THREADS]; @@ -373,7 +370,7 @@ static int thread_create( int client_fd ) return( 0 ); } -int main( int argc, char *argv[] ) +int main( void ) { int ret; int listen_fd; @@ -389,9 +386,6 @@ int main( int argc, char *argv[] ) ssl_cache_context cache; #endif - ((void) argc); - ((void) argv); - #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); #endif diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 0486517d..58d99d69 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -73,11 +73,8 @@ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " @@ -94,7 +91,7 @@ static void my_debug( void *ctx, int level, const char *str ) fflush( (FILE *) ctx ); } -int main( int argc, char *argv[] ) +int main( void ) { int ret, len; int listen_fd; @@ -111,9 +108,6 @@ int main( int argc, char *argv[] ) ssl_cache_context cache; #endif - ((void) argc); - ((void) argv); - memset( &ssl, 0, sizeof(ssl_context) ); #if defined(POLARSSL_SSL_CACHE_C) ssl_cache_init( &cache ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index e39a7fdd..cebf3bff 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -133,110 +133,6 @@ */ #define IO_BUF_LEN 200 -#if !defined(POLARSSL_ENTROPY_C) ||\ - !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ - !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) -#include -int main( int argc, char *argv[] ) -{ - ((void) argc); - ((void) argv); - - polarssl_printf("POLARSSL_ENTROPY_C and/or " - "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " - "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); - return( 0 ); -} -#else -/* - * global options - */ -struct options -{ - const char *server_addr; /* address on which the ssl service runs */ - int server_port; /* port on which the ssl service runs */ - int debug_level; /* level of debugging */ - int nbio; /* should I/O be blocking? */ - const char *ca_file; /* the file with the CA certificate(s) */ - const char *ca_path; /* the path with the CA certificate(s) reside */ - const char *crt_file; /* the file with the server certificate */ - const char *key_file; /* the file with the server key */ - const char *crt_file2; /* the file with the 2nd server certificate */ - const char *key_file2; /* the file with the 2nd server key */ - const char *psk; /* the pre-shared key */ - const char *psk_identity; /* the pre-shared key identity */ - char *psk_list; /* list of PSK id/key pairs for callback */ - int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ - const char *version_suites; /* per-version ciphersuites */ - int renegotiation; /* enable / disable renegotiation */ - int allow_legacy; /* allow legacy renegotiation */ - int renegotiate; /* attempt renegotiation? */ - int renego_delay; /* delay before enforcing renegotiation */ - int renego_period; /* period for automatic renegotiation */ - int exchanges; /* number of data exchanges */ - int min_version; /* minimum protocol version accepted */ - int max_version; /* maximum protocol version accepted */ - int arc4; /* flag for arc4 suites support */ - int auth_mode; /* verify mode for connection */ - unsigned char mfl_code; /* code for maximum fragment length */ - int trunc_hmac; /* accept truncated hmac? */ - int tickets; /* enable / disable session tickets */ - int ticket_timeout; /* session ticket lifetime */ - int cache_max; /* max number of session cache entries */ - int cache_timeout; /* expiration delay of session cache entries */ - char *sni; /* string describing sni information */ - const char *alpn_string; /* ALPN supported protocols */ - const char *dhm_file; /* the file with the DH parameters */ - int extended_ms; /* allow negotiation of extended MS? */ - int etm; /* allow negotiation of encrypt-then-MAC? */ -} opt; - -static void my_debug( void *ctx, int level, const char *str ) -{ - ((void) level); - - polarssl_fprintf( (FILE *) ctx, "%s", str ); - fflush( (FILE *) ctx ); -} - -/* - * Test recv/send functions that make sure each try returns - * WANT_READ/WANT_WRITE at least once before sucesseding - */ -static int my_recv( void *ctx, unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( POLARSSL_ERR_NET_WANT_READ ); - } - - ret = net_recv( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_READ ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - -static int my_send( void *ctx, const unsigned char *buf, size_t len ) -{ - static int first_try = 1; - int ret; - - if( first_try ) - { - first_try = 0; - return( POLARSSL_ERR_NET_WANT_WRITE ); - } - - ret = net_send( ctx, buf, len ); - if( ret != POLARSSL_ERR_NET_WANT_WRITE ) - first_try = 1; /* Next call will be a new operation */ - return( ret ); -} - #if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_FS_IO) #define USAGE_IO \ @@ -382,6 +278,107 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len ) " force_ciphersuite= default: all enabled\n" \ " acceptable ciphersuite names:\n" +#if !defined(POLARSSL_ENTROPY_C) ||\ + !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) +#include +int main( void ) +{ + polarssl_printf("POLARSSL_ENTROPY_C and/or " + "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " + "POLARSSL_NET_C and/or POLARSSL_CTR_DRBG_C not defined.\n"); + return( 0 ); +} +#else +/* + * global options + */ +struct options +{ + const char *server_addr; /* address on which the ssl service runs */ + int server_port; /* port on which the ssl service runs */ + int debug_level; /* level of debugging */ + int nbio; /* should I/O be blocking? */ + const char *ca_file; /* the file with the CA certificate(s) */ + const char *ca_path; /* the path with the CA certificate(s) reside */ + const char *crt_file; /* the file with the server certificate */ + const char *key_file; /* the file with the server key */ + const char *crt_file2; /* the file with the 2nd server certificate */ + const char *key_file2; /* the file with the 2nd server key */ + const char *psk; /* the pre-shared key */ + const char *psk_identity; /* the pre-shared key identity */ + char *psk_list; /* list of PSK id/key pairs for callback */ + int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ + const char *version_suites; /* per-version ciphersuites */ + int renegotiation; /* enable / disable renegotiation */ + int allow_legacy; /* allow legacy renegotiation */ + int renegotiate; /* attempt renegotiation? */ + int renego_delay; /* delay before enforcing renegotiation */ + int renego_period; /* period for automatic renegotiation */ + int exchanges; /* number of data exchanges */ + int min_version; /* minimum protocol version accepted */ + int max_version; /* maximum protocol version accepted */ + int arc4; /* flag for arc4 suites support */ + int auth_mode; /* verify mode for connection */ + unsigned char mfl_code; /* code for maximum fragment length */ + int trunc_hmac; /* accept truncated hmac? */ + int tickets; /* enable / disable session tickets */ + int ticket_timeout; /* session ticket lifetime */ + int cache_max; /* max number of session cache entries */ + int cache_timeout; /* expiration delay of session cache entries */ + char *sni; /* string describing sni information */ + const char *alpn_string; /* ALPN supported protocols */ + const char *dhm_file; /* the file with the DH parameters */ + int extended_ms; /* allow negotiation of extended MS? */ + int etm; /* allow negotiation of encrypt-then-MAC? */ +} opt; + +static void my_debug( void *ctx, int level, const char *str ) +{ + ((void) level); + + polarssl_fprintf( (FILE *) ctx, "%s", str ); + fflush( (FILE *) ctx ); +} + +/* + * Test recv/send functions that make sure each try returns + * WANT_READ/WANT_WRITE at least once before sucesseding + */ +static int my_recv( void *ctx, unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( POLARSSL_ERR_NET_WANT_READ ); + } + + ret = net_recv( ctx, buf, len ); + if( ret != POLARSSL_ERR_NET_WANT_READ ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + +static int my_send( void *ctx, const unsigned char *buf, size_t len ) +{ + static int first_try = 1; + int ret; + + if( first_try ) + { + first_try = 0; + return( POLARSSL_ERR_NET_WANT_WRITE ); + } + + ret = net_send( ctx, buf, len ); + if( ret != POLARSSL_ERR_NET_WANT_WRITE ) + first_try = 1; /* Next call will be a new operation */ + return( ret ); +} + /* * Used by sni_parse and psk_parse to handle coma-separated lists */ diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 37840811..6d8d8e51 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -70,13 +70,73 @@ #define BUFSIZE 1024 #define HEADER_FORMAT " %-24s : " #define TITLE_LEN 25 + +#define DHM_SIZES 3 + +#define OPTIONS \ + "md4, md5, ripemd160, sha1, sha256, sha512,\n" \ + "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \ + "havege, ctr_drbg, hmac_drbg\n" \ + "rsa, dhm, ecdsa, ecdh.\n" + +#if defined(POLARSSL_ERROR_C) +#define PRINT_ERROR \ + polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \ + polarssl_printf( "FAILED: %s\n", tmp ); +#else +#define PRINT_ERROR \ + polarssl_printf( "FAILED: -0x%04x\n", -ret ); +#endif + +#define TIME_AND_TSC( TITLE, CODE ) \ +do { \ + unsigned long i, j, tsc; \ + \ + polarssl_printf( HEADER_FORMAT, TITLE ); \ + fflush( stdout ); \ + \ + set_alarm( 1 ); \ + for( i = 1; ! alarmed; i++ ) \ + { \ + CODE; \ + } \ + \ + tsc = hardclock(); \ + for( j = 0; j < 1024; j++ ) \ + { \ + CODE; \ + } \ + \ + polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, \ + ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \ +} while( 0 ) + +#define TIME_PUBLIC( TITLE, TYPE, CODE ) \ +do { \ + unsigned long i; \ + int ret; \ + \ + polarssl_printf( HEADER_FORMAT, TITLE ); \ + fflush( stdout ); \ + set_alarm( 3 ); \ + \ + ret = 0; \ + for( i = 1; ! alarmed && ! ret ; i++ ) \ + { \ + CODE; \ + } \ + \ + if( ret != 0 ) \ + { \ +PRINT_ERROR; \ + } \ + else \ + polarssl_printf( "%9lu " TYPE "/s\n", i / 3 ); \ +} while( 0 ) #if !defined(POLARSSL_TIMING_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_TIMING_C not defined.\n"); return( 0 ); } @@ -104,61 +164,6 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } -#define TIME_AND_TSC( TITLE, CODE ) \ -do { \ - unsigned long i, j, tsc; \ - \ - polarssl_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ - \ - set_alarm( 1 ); \ - for( i = 1; ! alarmed; i++ ) \ - { \ - CODE; \ - } \ - \ - tsc = hardclock(); \ - for( j = 0; j < 1024; j++ ) \ - { \ - CODE; \ - } \ - \ - polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, \ - ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \ -} while( 0 ) - -#if defined(POLARSSL_ERROR_C) -#define PRINT_ERROR \ - polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \ - polarssl_printf( "FAILED: %s\n", tmp ); -#else -#define PRINT_ERROR \ - polarssl_printf( "FAILED: -0x%04x\n", -ret ); -#endif - -#define TIME_PUBLIC( TITLE, TYPE, CODE ) \ -do { \ - unsigned long i; \ - int ret; \ - \ - polarssl_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ - set_alarm( 3 ); \ - \ - ret = 0; \ - for( i = 1; ! alarmed && ! ret ; i++ ) \ - { \ - CODE; \ - } \ - \ - if( ret != 0 ) \ - { \ -PRINT_ERROR; \ - } \ - else \ - polarssl_printf( "%9lu " TYPE "/s\n", i / 3 ); \ -} while( 0 ) - unsigned char buf[BUFSIZE]; typedef struct { @@ -168,12 +173,6 @@ typedef struct { rsa, dhm, ecdsa, ecdh; } todo_list; -#define OPTIONS \ - "md4, md5, ripemd160, sha1, sha256, sha512,\n" \ - "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \ - "havege, ctr_drbg, hmac_drbg\n" \ - "rsa, dhm, ecdsa, ecdh.\n" - int main( int argc, char *argv[] ) { int keysize, i; @@ -521,7 +520,6 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_DHM_C) && defined(POLARSSL_BIGNUM_C) if( todo.dhm ) { -#define DHM_SIZES 3 int dhm_sizes[DHM_SIZES] = { 1024, 2048, 3072 }; const char *dhm_P[DHM_SIZES] = { POLARSSL_DHM_RFC5114_MODP_1024_P, diff --git a/programs/test/o_p_test.c b/programs/test/o_p_test.c index 19fef9c9..3e77c55c 100644 --- a/programs/test/o_p_test.c +++ b/programs/test/o_p_test.c @@ -58,11 +58,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 3e006d32..2b1d5a7b 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -50,11 +50,8 @@ #if !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ !defined(POLARSSL_FS_IO) || !defined(POLARSSL_X509_CRL_PARSE_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C " "POLARSSL_FS_IO and/or POLARSSL_X509_CRL_PARSE_C " "not defined.\n"); @@ -85,16 +82,13 @@ const char *client_private_keys[MAX_CLIENT_CERTS] = "cert_digest.key" }; -int main( int argc, char *argv[] ) +int main( void ) { int ret, i; x509_crt cacert; x509_crl crl; char buf[10240]; - ((void) argc); - ((void) argv); - x509_crt_init( &cacert ); x509_crl_init( &crl ); diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index c414ad03..7d24c0be 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -86,11 +86,8 @@ !defined(POLARSSL_SSL_CLI_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " "POLARSSL_SSL_CLI_C and/or POLARSSL_NET_C and/or " diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index c967e53d..670daea0 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -55,11 +55,8 @@ "\n" #if !defined(POLARSSL_BASE64_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BASE64_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); } diff --git a/programs/util/strerror.c b/programs/util/strerror.c index f4da587e..e785ffa7 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -46,11 +46,8 @@ "\n where can be a decimal or hexadecimal (starts with 0x or -0x)\n" #if !defined(POLARSSL_ERROR_C) && !defined(POLARSSL_ERROR_STRERROR_DUMMY) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_ERROR_C and/or POLARSSL_ERROR_STRERROR_DUMMY not defined.\n"); return( 0 ); } diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 5d9348d3..d74b4daf 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -64,16 +64,33 @@ #define DFL_DEBUG_LEVEL 0 #define DFL_PERMISSIVE 0 +#define USAGE_IO \ + " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (none)\n" \ + " crl_file=%%s The single CRL file you want to use\n" \ + " default: \"\" (none)\n" \ + " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ + " default: \"\" (none) (overrides ca_file)\n" + +#define USAGE \ + "\n usage: cert_app param=<>...\n" \ + "\n acceptable parameters:\n" \ + " mode=file|ssl default: none\n" \ + " filename=%%s default: cert.crt\n" \ + USAGE_IO \ + " server_name=%%s default: localhost\n" \ + " server_port=%%d default: 4433\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " permissive=%%d default: 0 (disabled)\n" \ + "\n" + #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " @@ -143,26 +160,6 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) return( 0 ); } -#define USAGE_IO \ - " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (none)\n" \ - " crl_file=%%s The single CRL file you want to use\n" \ - " default: \"\" (none)\n" \ - " ca_path=%%s The path containing the top-level CA(s) you fully trust\n" \ - " default: \"\" (none) (overrides ca_file)\n" - -#define USAGE \ - "\n usage: cert_app param=<>...\n" \ - "\n acceptable parameters:\n" \ - " mode=file|ssl default: none\n" \ - " filename=%%s default: cert.crt\n" \ - USAGE_IO \ - " server_name=%%s default: localhost\n" \ - " server_port=%%d default: 4433\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " permissive=%%d default: 0 (disabled)\n" \ - "\n" - int main( int argc, char *argv[] ) { int ret = 0, server_fd; diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index e978201a..d8527c6e 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -83,11 +83,8 @@ #if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_PK_PARSE_C and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C " diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index aa1cf54e..ed6f218d 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -124,11 +124,8 @@ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_ERROR_C) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or " "POLARSSL_FS_IO and/or " "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or " diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index e634cca3..06395668 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -53,11 +53,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 3aa5f41a..2058e4c4 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -53,11 +53,8 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO) -int main( int argc, char *argv[] ) +int main( void ) { - ((void) argc); - ((void) argv); - polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " "POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n"); return( 0 ); From d08a605dacb33f89a63c5a396e06d369adebca1c Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Thu, 12 Feb 2015 12:17:10 +0000 Subject: [PATCH 031/100] Remove platform guard in mem buffer alloc --- library/memory_buffer_alloc.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index b7d583b0..773e54ff 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -30,16 +30,12 @@ #include "polarssl/memory_buffer_alloc.h" +/* No need for the header guard as POLARSSL_MEMORY_BUFFER_ALLOC_C + is dependent upon POLARSSL_PLATFORM_C */ +#include "polarssl/platform.h" + #include -#if defined(POLARSSL_MEMORY_DEBUG) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#include -#define polarssl_fprintf fprintf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_MEMORY_DEBUG */ #if defined(POLARSSL_MEMORY_BACKTRACE) #include #endif From 36796df81552d8ad7ca194c12ac71853aeca73c5 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Thu, 12 Feb 2015 18:27:14 +0000 Subject: [PATCH 032/100] Added missing stdio in lib x509.c needed for sscanf --- library/x509.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/x509.c b/library/x509.c index c9b196f4..4946ce6b 100644 --- a/library/x509.c +++ b/library/x509.c @@ -42,6 +42,7 @@ #include "polarssl/asn1.h" #include "polarssl/oid.h" +#include #include #if defined(POLARSSL_PEM_PARSE_C) @@ -65,6 +66,7 @@ #endif #if defined(POLARSSL_FS_IO) +#include #if !defined(_WIN32) #include #include From 46b0a8d15a0043fbe4e293de26ebbf3093f10b8d Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 10:47:32 +0000 Subject: [PATCH 033/100] add platform_set_snprintf --- include/polarssl/check_config.h | 5 +++++ include/polarssl/config.h | 7 ++++++- include/polarssl/platform.h | 22 ++++++++++++++++++++++ library/platform.c | 30 ++++++++++++++++++++++++++++++ 4 files changed, 63 insertions(+), 1 deletion(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 51b124d6..be7aefee 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -198,6 +198,11 @@ #error "POLARSSL_PKCS11_C defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && ( defined(_WIN32)\ + && !defined(EFIX64) && !defined(EFI32) ) +#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" +#endif + #if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \ !defined(POLARSSL_OID_C) ) #error "POLARSSL_RSA_C defined, but not all prerequisites" diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 02e8985a..75cf677c 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -159,9 +159,13 @@ * * All these define require POLARSSL_PLATFORM_C to be defined! * + * WARNING: POLARSSL_PLATFORM_SNPRINTF_ALT is not available on Windows + * for compatibility reasons. + * * Uncomment a macro to enable alternate implementation of specific base * platform function */ +//#define POLARSSL_PLATFORM_SNPRINTF_ALT //#define POLARSSL_PLATFORM_PRINTF_ALT //#define POLARSSL_PLATFORM_FPRINTF_ALT /* \} name SECTION: System support */ @@ -1890,7 +1894,7 @@ * \def POLARSSL_PLATFORM_C * * Enable the platform abstraction layer that allows you to re-assign - * functions like malloc(), free(), printf(), fprintf() + * functions like malloc(), free(), snprintf(), printf(), fprintf() * * Module: library/platform.c * Caller: Most other .c files @@ -2238,6 +2242,7 @@ //#define POLARSSL_PLATFORM_STD_MEM_HDR /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ //#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index 127b7fe3..4844d2d0 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -50,6 +50,9 @@ extern "C" { #if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) #include #include +#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF) +#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use */ +#endif #if !defined(POLARSSL_PLATFORM_STD_PRINTF) #define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */ #endif @@ -92,6 +95,25 @@ int platform_set_malloc_free( void * (*malloc_func)( size_t ), #define polarssl_free free #endif /* POLARSSL_PLATFORM_MEMORY */ +/* + * The function pointers for snprintf + */ +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) +extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... ); + +/** + * \brief Set your own snprintf function pointer + * + * \param snprintf_func the snprintf function implementation + * + * \return 0 + */ +int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, + const char * format, ... ) ); +#else /* POLARSSL_PLATFORM_SNPRINTF_ALT */ +#define polarssl_snprintf snprintf +#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ + /* * The function pointers for printf */ diff --git a/library/platform.c b/library/platform.c index 3eb4b1a8..8a26f7b8 100644 --- a/library/platform.c +++ b/library/platform.c @@ -62,6 +62,36 @@ int platform_set_malloc_free( void * (*malloc_func)( size_t ), } #endif /* POLARSSL_PLATFORM_MEMORY */ +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) +#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF) +/* + * Make dummy function to prevent NULL pointer dereferences + */ +static int platform_snprintf_uninit( char * s, size_t n, + const char * format, ... ) +{ + ((void) s); + ((void) n); + ((void) format) + return( 0 ); +} + +#define POLARSSL_PLATFORM_STD_SNPRINTF platform_snprintf_uninit +#endif /* !POLARSSL_PLATFORM_STD_SNPRINTF */ + +int (*polarssl_snprintf)( char * s, size_t n, + const char * format, + ... ) = POLARSSL_PLATFORM_STD_SNPRINTF; + +int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, + const char * format, + ... ) ) +{ + polarssl_snprintf = snprintf_func; + return( 0 ); +} +#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ + #if defined(POLARSSL_PLATFORM_PRINTF_ALT) #if !defined(POLARSSL_PLATFORM_STD_PRINTF) /* From 8f3a9436a952e8fad6f275082b7ac7b554c387bf Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 10:54:04 +0000 Subject: [PATCH 034/100] modify oid.c to use polarssl_snprintf --- library/oid.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/library/oid.c b/library/oid.c index 75b0ee0e..7bb56317 100644 --- a/library/oid.c +++ b/library/oid.c @@ -36,6 +36,12 @@ #include #include +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_snprintf snprintf +#endif + #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) #include "polarssl/x509.h" #endif @@ -653,7 +659,7 @@ int oid_get_numeric_string( char *buf, size_t size, /* First byte contains first two dots */ if( oid->len > 0 ) { - ret = snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); + ret = polarssl_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); SAFE_SNPRINTF(); } @@ -670,7 +676,7 @@ int oid_get_numeric_string( char *buf, size_t size, if( !( oid->p[i] & 0x80 ) ) { /* Last byte */ - ret = snprintf( p, n, ".%d", value ); + ret = polarssl_snprintf( p, n, ".%d", value ); SAFE_SNPRINTF(); value = 0; } From a18b11f285f3df2b98d2455fd07e6db96c010089 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 10:58:35 +0000 Subject: [PATCH 035/100] modify library/net.c to use polarssl_snprintf --- library/net.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/library/net.c b/library/net.c index a8591ed0..023e0e3d 100644 --- a/library/net.c +++ b/library/net.c @@ -129,6 +129,12 @@ typedef UINT32 uint32_t; (((unsigned long )(n) & 0xFF000000) >> 24)) #endif +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_snprintf snprintf +#endif + unsigned short net_htons( unsigned short n ); unsigned long net_htonl( unsigned long n ); #define net_htons(n) POLARSSL_HTONS(n) @@ -173,7 +179,7 @@ int net_connect( int *fd, const char *host, int port ) /* getaddrinfo expects port as a string */ memset( port_str, 0, sizeof( port_str ) ); - snprintf( port_str, sizeof( port_str ), "%d", port ); + polarssl_snprintf( port_str, sizeof( port_str ), "%d", port ); /* Do name resolution with both IPv6 and IPv4, but only TCP */ memset( &hints, 0, sizeof( hints ) ); @@ -259,7 +265,7 @@ int net_bind( int *fd, const char *bind_ip, int port ) /* getaddrinfo expects port as a string */ memset( port_str, 0, sizeof( port_str ) ); - snprintf( port_str, sizeof( port_str ), "%d", port ); + polarssl_snprintf( port_str, sizeof( port_str ), "%d", port ); /* Bind to IPv6 and/or IPv4, but only in TCP */ memset( &hints, 0, sizeof( hints ) ); From fac657fd5249f09bc7c69ff728edb9f9b0fd39ee Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 11:00:01 +0000 Subject: [PATCH 036/100] modify library/x509*.c to use polarssl_snprintf --- library/x509.c | 25 +++++++++++++------------ library/x509_crl.c | 21 +++++++++++---------- library/x509_crt.c | 39 ++++++++++++++++++++------------------- library/x509_csr.c | 11 ++++++----- 4 files changed, 50 insertions(+), 46 deletions(-) diff --git a/library/x509.c b/library/x509.c index c9b196f4..3b6cd1bb 100644 --- a/library/x509.c +++ b/library/x509.c @@ -53,9 +53,10 @@ #else #include #include -#define polarssl_printf printf -#define polarssl_malloc malloc #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -734,16 +735,16 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) if( name != dn ) { - ret = snprintf( p, n, merge ? " + " : ", " ); + ret = polarssl_snprintf( p, n, merge ? " + " : ", " ); SAFE_SNPRINTF(); } ret = oid_get_attr_short_name( &name->oid, &short_name ); if( ret == 0 ) - ret = snprintf( p, n, "%s=", short_name ); + ret = polarssl_snprintf( p, n, "%s=", short_name ); else - ret = snprintf( p, n, "\?\?=" ); + ret = polarssl_snprintf( p, n, "\?\?=" ); SAFE_SNPRINTF(); for( i = 0; i < name->val.len; i++ ) @@ -757,7 +758,7 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) else s[i] = c; } s[i] = '\0'; - ret = snprintf( p, n, "%s", s ); + ret = polarssl_snprintf( p, n, "%s", s ); SAFE_SNPRINTF(); merge = name->next_merged; @@ -788,14 +789,14 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) continue; - ret = snprintf( p, n, "%02X%s", + ret = polarssl_snprintf( p, n, "%02X%s", serial->p[i], ( i < nr - 1 ) ? ":" : "" ); SAFE_SNPRINTF(); } if( nr != serial->len ) { - ret = snprintf( p, n, "...." ); + ret = polarssl_snprintf( p, n, "...." ); SAFE_SNPRINTF(); } @@ -816,9 +817,9 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, ret = oid_get_sig_alg_desc( sig_oid, &desc ); if( ret != 0 ) - ret = snprintf( p, n, "???" ); + ret = polarssl_snprintf( p, n, "???" ); else - ret = snprintf( p, n, "%s", desc ); + ret = polarssl_snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) @@ -832,7 +833,7 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, md_info = md_info_from_type( md_alg ); mgf_md_info = md_info_from_type( pss_opts->mgf1_hash_id ); - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", + ret = polarssl_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", md_info ? md_info->name : "???", mgf_md_info ? mgf_md_info->name : "???", pss_opts->expected_salt_len ); @@ -859,7 +860,7 @@ int x509_key_size_helper( char *buf, size_t size, const char *name ) if( strlen( name ) + sizeof( " key size" ) > size ) return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); - ret = snprintf( p, n, "%s key size", name ); + ret = polarssl_snprintf( p, n, "%s key size", name ); SAFE_SNPRINTF(); return( 0 ); diff --git a/library/x509_crl.c b/library/x509_crl.c index b957e376..ce6df6ea 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -51,8 +51,9 @@ #include "polarssl/platform.h" #else #include -#define polarssl_malloc malloc #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_snprintf snprintf #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -630,23 +631,23 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = snprintf( p, n, "%sCRL version : %d", + ret = polarssl_snprintf( p, n, "%sCRL version : %d", prefix, crl->version ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crl->issuer ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%sthis update : " \ + ret = polarssl_snprintf( p, n, "\n%sthis update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->this_update.year, crl->this_update.mon, crl->this_update.day, crl->this_update.hour, crl->this_update.min, crl->this_update.sec ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%snext update : " \ + ret = polarssl_snprintf( p, n, "\n%snext update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->next_update.year, crl->next_update.mon, crl->next_update.day, crl->next_update.hour, @@ -655,20 +656,20 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, entry = &crl->entry; - ret = snprintf( p, n, "\n%sRevoked certificates:", + ret = polarssl_snprintf( p, n, "\n%sRevoked certificates:", prefix ); SAFE_SNPRINTF(); while( entry != NULL && entry->raw.len != 0 ) { - ret = snprintf( p, n, "\n%sserial number: ", + ret = polarssl_snprintf( p, n, "\n%sserial number: ", prefix ); SAFE_SNPRINTF(); ret = x509_serial_gets( p, n, &entry->serial ); SAFE_SNPRINTF(); - ret = snprintf( p, n, " revocation date: " \ + ret = polarssl_snprintf( p, n, " revocation date: " \ "%04d-%02d-%02d %02d:%02d:%02d", entry->revocation_date.year, entry->revocation_date.mon, entry->revocation_date.day, entry->revocation_date.hour, @@ -678,14 +679,14 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, entry = entry->next; } - ret = snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md, crl->sig_opts ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n" ); + ret = polarssl_snprintf( p, n, "\n" ); SAFE_SNPRINTF(); return( (int) ( size - n ) ); diff --git a/library/x509_crt.c b/library/x509_crt.c index ea3b4422..565435cb 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -52,8 +52,9 @@ #include "polarssl/platform.h" #else #include -#define polarssl_malloc malloc #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_THREADING_C) @@ -1040,7 +1041,7 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) while( ( entry = readdir( dir ) ) != NULL ) { - snprintf( entry_name, sizeof entry_name, "%s/%s", path, entry->d_name ); + polarssl_snprintf( entry_name, sizeof entry_name, "%s/%s", path, entry->d_name ); if( stat( entry_name, &sb ) == -1 ) { @@ -1166,7 +1167,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, #define PRINT_ITEM(i) \ { \ - ret = snprintf( p, n, "%s" i, sep ); \ + ret = polarssl_snprintf( p, n, "%s" i, sep ); \ SAFE_SNPRINTF(); \ sep = ", "; \ } @@ -1239,7 +1240,7 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, if( oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) desc = "???"; - ret = snprintf( p, n, "%s%s", sep, desc ); + ret = polarssl_snprintf( p, n, "%s%s", sep, desc ); SAFE_SNPRINTF(); sep = ", "; @@ -1269,41 +1270,41 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = snprintf( p, n, "%scert. version : %d\n", + ret = polarssl_snprintf( p, n, "%scert. version : %d\n", prefix, crt->version ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "%sserial number : ", + ret = polarssl_snprintf( p, n, "%sserial number : ", prefix ); SAFE_SNPRINTF(); ret = x509_serial_gets( p, n, &crt->serial ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crt->issuer ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &crt->subject ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%sissued on : " \ + ret = polarssl_snprintf( p, n, "\n%sissued on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_from.year, crt->valid_from.mon, crt->valid_from.day, crt->valid_from.hour, crt->valid_from.min, crt->valid_from.sec ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%sexpires on : " \ + ret = polarssl_snprintf( p, n, "\n%sexpires on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_to.year, crt->valid_to.mon, crt->valid_to.day, crt->valid_to.hour, crt->valid_to.min, crt->valid_to.sec ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, @@ -1317,7 +1318,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, return( ret ); } - ret = snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, + ret = polarssl_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, (int) pk_get_size( &crt->pk ) ); SAFE_SNPRINTF(); @@ -1327,20 +1328,20 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->ext_types & EXT_BASIC_CONSTRAINTS ) { - ret = snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, + ret = polarssl_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, crt->ca_istrue ? "true" : "false" ); SAFE_SNPRINTF(); if( crt->max_pathlen > 0 ) { - ret = snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); + ret = polarssl_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); SAFE_SNPRINTF(); } } if( crt->ext_types & EXT_SUBJECT_ALT_NAME ) { - ret = snprintf( p, n, "\n%ssubject alt name : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssubject alt name : ", prefix ); SAFE_SNPRINTF(); if( ( ret = x509_info_subject_alt_name( &p, &n, @@ -1350,7 +1351,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->ext_types & EXT_NS_CERT_TYPE ) { - ret = snprintf( p, n, "\n%scert. type : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%scert. type : ", prefix ); SAFE_SNPRINTF(); if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) @@ -1359,7 +1360,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->ext_types & EXT_KEY_USAGE ) { - ret = snprintf( p, n, "\n%skey usage : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%skey usage : ", prefix ); SAFE_SNPRINTF(); if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) @@ -1368,7 +1369,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->ext_types & EXT_EXTENDED_KEY_USAGE ) { - ret = snprintf( p, n, "\n%sext key usage : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%sext key usage : ", prefix ); SAFE_SNPRINTF(); if( ( ret = x509_info_ext_key_usage( &p, &n, @@ -1376,7 +1377,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, return( ret ); } - ret = snprintf( p, n, "\n" ); + ret = polarssl_snprintf( p, n, "\n" ); SAFE_SNPRINTF(); return( (int) ( size - n ) ); diff --git a/library/x509_csr.c b/library/x509_csr.c index a4b8ad75..a5c96936 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -51,8 +51,9 @@ #include "polarssl/platform.h" #else #include -#define polarssl_malloc malloc #define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32) @@ -388,16 +389,16 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = snprintf( p, n, "%sCSR version : %d", + ret = polarssl_snprintf( p, n, "%sCSR version : %d", prefix, csr->version ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); ret = x509_dn_gets( p, n, &csr->subject ); SAFE_SNPRINTF(); - ret = snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, @@ -410,7 +411,7 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, return( ret ); } - ret = snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, + ret = polarssl_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, (int) pk_get_size( &csr->pk ) ); SAFE_SNPRINTF(); From 2387c7d1054233ea8f580e9c5c1470659f0eb93d Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 11:10:20 +0000 Subject: [PATCH 037/100] modify library/debug.c to use polarssl_snprintf --- library/debug.c | 56 +++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 25 deletions(-) diff --git a/library/debug.c b/library/debug.c index f327baab..88a9dacf 100644 --- a/library/debug.c +++ b/library/debug.c @@ -44,6 +44,12 @@ #endif #endif /* _MSC_VER */ +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_snprintf snprintf +#endif + static int debug_log_mode = POLARSSL_DEBUG_DFL_MODE; static int debug_threshold = 0; @@ -86,7 +92,7 @@ void debug_print_msg( const ssl_context *ssl, int level, return; } - snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text ); + polarssl_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text ); str[maxlen] = '\0'; ssl->f_dbg( ssl->p_dbg, level, str ); } @@ -103,9 +109,9 @@ void debug_print_ret( const ssl_context *ssl, int level, return; if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n", + polarssl_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n", text, ret, -ret ); str[maxlen] = '\0'; @@ -124,9 +130,9 @@ void debug_print_buf( const ssl_context *ssl, int level, return; if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n", + polarssl_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n", text, (unsigned int) len ); str[maxlen] = '\0'; @@ -143,7 +149,7 @@ void debug_print_buf( const ssl_context *ssl, int level, { if( i > 0 ) { - snprintf( str + idx, maxlen - idx, " %s\n", txt ); + polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); ssl->f_dbg( ssl->p_dbg, level, str ); idx = 0; @@ -151,14 +157,14 @@ void debug_print_buf( const ssl_context *ssl, int level, } if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - idx += snprintf( str + idx, maxlen - idx, "%04x: ", + idx += polarssl_snprintf( str + idx, maxlen - idx, "%04x: ", (unsigned int) i ); } - idx += snprintf( str + idx, maxlen - idx, " %02x", + idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int) buf[i] ); txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; } @@ -166,9 +172,9 @@ void debug_print_buf( const ssl_context *ssl, int level, if( len > 0 ) { for( /* i = i */; i % 16 != 0; i++ ) - idx += snprintf( str + idx, maxlen - idx, " " ); + idx += polarssl_snprintf( str + idx, maxlen - idx, " " ); - snprintf( str + idx, maxlen - idx, " %s\n", txt ); + polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); ssl->f_dbg( ssl->p_dbg, level, str ); } } @@ -184,11 +190,11 @@ void debug_print_ecp( const ssl_context *ssl, int level, if( ssl->f_dbg == NULL || level > debug_threshold ) return; - snprintf( str, maxlen, "%s(X)", text ); + polarssl_snprintf( str, maxlen, "%s(X)", text ); str[maxlen] = '\0'; debug_print_mpi( ssl, level, file, line, str, &X->X ); - snprintf( str, maxlen, "%s(Y)", text ); + polarssl_snprintf( str, maxlen, "%s(Y)", text ); str[maxlen] = '\0'; debug_print_mpi( ssl, level, file, line, str, &X->Y ); } @@ -215,9 +221,9 @@ void debug_print_mpi( const ssl_context *ssl, int level, break; if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n", + polarssl_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n", text, (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) ); str[maxlen] = '\0'; @@ -240,16 +246,16 @@ void debug_print_mpi( const ssl_context *ssl, int level, { if( j > 0 ) { - snprintf( str + idx, maxlen - idx, "\n" ); + polarssl_snprintf( str + idx, maxlen - idx, "\n" ); ssl->f_dbg( ssl->p_dbg, level, str ); idx = 0; } if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); } - idx += snprintf( str + idx, maxlen - idx, " %02x", (unsigned int) + idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int) ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); j++; @@ -261,13 +267,13 @@ void debug_print_mpi( const ssl_context *ssl, int level, { if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) { - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); } - idx += snprintf( str + idx, maxlen - idx, " 00" ); + idx += polarssl_snprintf( str + idx, maxlen - idx, " 00" ); } - snprintf( str + idx, maxlen - idx, "\n" ); + polarssl_snprintf( str + idx, maxlen - idx, "\n" ); ssl->f_dbg( ssl->p_dbg, level, str ); } #endif /* POLARSSL_BIGNUM_C */ @@ -294,7 +300,7 @@ static void debug_print_pk( const ssl_context *ssl, int level, if( items[i].type == POLARSSL_PK_DEBUG_NONE ) return; - snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); + polarssl_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); name[sizeof( name ) - 1] = '\0'; if( items[i].type == POLARSSL_PK_DEBUG_MPI ) @@ -321,7 +327,7 @@ void debug_print_crt( const ssl_context *ssl, int level, if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) { - snprintf( prefix, maxlen, "%s(%04d): ", file, line ); + polarssl_snprintf( prefix, maxlen, "%s(%04d): ", file, line ); prefix[maxlen] = '\0'; } else @@ -335,9 +341,9 @@ void debug_print_crt( const ssl_context *ssl, int level, x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt ); if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = snprintf( str, maxlen, "%s(%04d): ", file, line ); + idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - snprintf( str + idx, maxlen - idx, "%s #%d:\n%s", + polarssl_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s", text, ++i, buf ); str[maxlen] = '\0'; From 783d9d1c3e03a7cf9f473e452804d7e28b35bf43 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 11:11:57 +0000 Subject: [PATCH 038/100] modify programs/*.c to use polarssl_snprintf --- programs/pkey/pk_sign.c | 3 ++- programs/pkey/pk_verify.c | 3 ++- programs/pkey/rsa_sign_pss.c | 3 ++- programs/pkey/rsa_verify_pss.c | 3 ++- programs/ssl/ssl_client2.c | 3 ++- programs/ssl/ssl_pthread_server.c | 3 ++- programs/test/benchmark.c | 23 ++++++++++++----------- programs/test/ssl_cert_test.c | 5 +++-- 8 files changed, 27 insertions(+), 19 deletions(-) diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 0d029359..ada29f2a 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -133,7 +134,7 @@ int main( int argc, char *argv[] ) /* * Write the signature into -sig.txt */ - snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); if( ( f = fopen( filename, "wb+" ) ) == NULL ) { diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 55f977cc..88ad575b 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -94,7 +95,7 @@ int main( int argc, char *argv[] ) * Extract the signature from the text file */ ret = 1; - snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + polarssl_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); if( ( f = fopen( filename, "rb" ) ) == NULL ) { diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index de90b7ec..45e84828 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -143,7 +144,7 @@ int main( int argc, char *argv[] ) /* * Write the signature into -sig.txt */ - snprintf( filename, 512, "%s.sig", argv[2] ); + polarssl_snprintf( filename, 512, "%s.sig", argv[2] ); if( ( f = fopen( filename, "wb+" ) ) == NULL ) { diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index dd625b48..5595be54 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -105,7 +106,7 @@ int main( int argc, char *argv[] ) * Extract the RSA signature from the text file */ ret = 1; - snprintf( filename, 512, "%s.sig", argv[2] ); + polarssl_snprintf( filename, 512, "%s.sig", argv[2] ); if( ( f = fopen( filename, "rb" ) ) == NULL ) { diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 0d4a0f20..9aa98c7b 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #define polarssl_fprintf fprintf #endif @@ -1197,7 +1198,7 @@ send_request: polarssl_printf( " > Write to server:" ); fflush( stdout ); - len = snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST, + len = polarssl_snprintf( (char *) buf, sizeof(buf) - 1, GET_REQUEST, opt.request_page ); tail_len = strlen( GET_REQUEST_END ); diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 8c671736..b75464b7 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -30,6 +30,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #define polarssl_fprintf fprintf #endif @@ -137,7 +138,7 @@ static void *handle_ssl_connection( void *data ) memset( &ssl, 0, sizeof( ssl_context ) ); memset( &ctr_drbg, 0, sizeof( ctr_drbg_context ) ); - snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id ); + polarssl_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id ); polarssl_printf( " [ #%d ] Client FD %d\n", thread_id, client_fd ); polarssl_printf( " [ #%d ] Seeding the random number generator...\n", thread_id ); diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index cc83746d..3acf78bf 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -313,7 +314,7 @@ int main( int argc, char *argv[] ) aes_init( &aes ); for( keysize = 128; keysize <= 256; keysize += 64 ) { - snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); @@ -331,7 +332,7 @@ int main( int argc, char *argv[] ) gcm_context gcm; for( keysize = 128; keysize <= 256; keysize += 64 ) { - snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); @@ -351,7 +352,7 @@ int main( int argc, char *argv[] ) ccm_context ccm; for( keysize = 128; keysize <= 256; keysize += 64 ) { - snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); @@ -374,7 +375,7 @@ int main( int argc, char *argv[] ) camellia_init( &camellia ); for( keysize = 128; keysize <= 256; keysize += 64 ) { - snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); @@ -396,7 +397,7 @@ int main( int argc, char *argv[] ) for( keysize = 128; keysize <= 256; keysize += 64 ) { - snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); @@ -498,7 +499,7 @@ int main( int argc, char *argv[] ) rsa_context rsa; for( keysize = 1024; keysize <= 4096; keysize *= 2 ) { - snprintf( title, sizeof( title ), "RSA-%d", keysize ); + polarssl_snprintf( title, sizeof( title ), "RSA-%d", keysize ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 ); @@ -549,14 +550,14 @@ int main( int argc, char *argv[] ) if( mpi_copy( &dhm.GY, &dhm.GX ) != 0 ) exit( 1 ); - snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); + polarssl_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); TIME_PUBLIC( title, "handshake", olen = sizeof( buf ); ret |= dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL ); ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) ); - snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] ); + polarssl_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] ); TIME_PUBLIC( title, "handshake", olen = sizeof( buf ); ret |= dhm_calc_secret( &dhm, buf, &olen, myrand, NULL ) ); @@ -584,7 +585,7 @@ int main( int argc, char *argv[] ) if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) exit( 1 ); - snprintf( title, sizeof( title ), "ECDSA-%s", + polarssl_snprintf( title, sizeof( title ), "ECDSA-%s", curve_info->name ); TIME_PUBLIC( title, "sign", ret = ecdsa_write_signature( &ecdsa, buf, curve_info->size, @@ -620,7 +621,7 @@ int main( int argc, char *argv[] ) exit( 1 ); } - snprintf( title, sizeof( title ), "ECDHE-%s", + polarssl_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", ret |= ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), @@ -628,7 +629,7 @@ int main( int argc, char *argv[] ) ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), myrand, NULL ) ); - snprintf( title, sizeof( title ), "ECDH-%s", + polarssl_snprintf( title, sizeof( title ), "ECDH-%s", curve_info->name ); TIME_PUBLIC( title, "handshake", ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 037c4748..a646c255 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -29,6 +29,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#define polarssl_snprintf snprintf #define polarssl_printf printf #endif @@ -149,7 +150,7 @@ int main( int argc, char *argv[] ) x509_crt_init( &clicert ); pk_init( &pk ); - snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]); + polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]); polarssl_printf( " . Loading the client certificate %s...", name ); fflush( stdout ); @@ -198,7 +199,7 @@ int main( int argc, char *argv[] ) /* * 1.5. Load own private key */ - snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]); + polarssl_snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]); polarssl_printf( " . Loading the client private key %s...", name ); fflush( stdout ); From 6aa04bcd853dca13be268aa9bfd56be6374371b3 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 11:18:42 +0000 Subject: [PATCH 039/100] modify scripts/* and tests/* to use polarssl_snprintf --- scripts/data_files/error.fmt | 12 +++++++++--- scripts/generate_errors.pl | 4 ++-- tests/suites/test_suite_version.function | 8 ++++---- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index b7bfbf20..107b5e11 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -30,6 +30,12 @@ #include "polarssl/error.h" #endif +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_snprintf snprintf +#endif + #if defined(POLARSSL_ERROR_C) HEADER_INCLUDED @@ -67,7 +73,7 @@ HIGH_LEVEL_CODE_CHECKS // END generated code if( strlen( buf ) == 0 ) - snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } use_ret = ret & ~0xFF80; @@ -85,7 +91,7 @@ HIGH_LEVEL_CODE_CHECKS if( buflen - len < 5 ) return; - snprintf( buf + len, buflen - len, " : " ); + polarssl_snprintf( buf + len, buflen - len, " : " ); buf += len + 3; buflen -= len + 3; @@ -100,7 +106,7 @@ LOW_LEVEL_CODE_CHECKS if( strlen( buf ) != 0 ) return; - snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } #if defined(POLARSSL_ERROR_STRERROR_BC) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 04591b28..c0d9685f 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -152,14 +152,14 @@ while (my $line = ) { ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". "${white_space}\{\n". - "${white_space} snprintf( buf, buflen, \"$module_name - $description\" );\n". + "${white_space} polarssl_snprintf( buf, buflen, \"$module_name - $description\" );\n". "${white_space} return;\n". "${white_space}}\n" } else { ${$code_check} .= "${white_space}if( use_ret == -($error_name) )\n". - "${white_space} snprintf( buf, buflen, \"$module_name - $description\" );\n" + "${white_space} polarssl_snprintf( buf, buflen, \"$module_name - $description\" );\n" } }; diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function index f50a6c29..fd12032e 100644 --- a/tests/suites/test_suite_version.function +++ b/tests/suites/test_suite_version.function @@ -17,10 +17,10 @@ void check_compiletime_version( char *version_str ) memset( build_str, 0, 100 ); memset( build_str_full, 0, 100 ); - snprintf (build_str, 100, "%d.%d.%d", POLARSSL_VERSION_MAJOR, + polarssl_snprintf( build_str, 100, "%d.%d.%d", POLARSSL_VERSION_MAJOR, POLARSSL_VERSION_MINOR, POLARSSL_VERSION_PATCH ); - snprintf( build_str_full, 100, "mbed TLS %d.%d.%d", POLARSSL_VERSION_MAJOR, + polarssl_snprintf( build_str_full, 100, "mbed TLS %d.%d.%d", POLARSSL_VERSION_MAJOR, POLARSSL_VERSION_MINOR, POLARSSL_VERSION_PATCH ); build_int = POLARSSL_VERSION_MAJOR << 24 | @@ -52,11 +52,11 @@ void check_runtime_version( char *version_str ) version_get_string( get_str ); version_get_string_full( get_str_full ); - snprintf( build_str, 100, "%d.%d.%d", + polarssl_snprintf( build_str, 100, "%d.%d.%d", (get_int >> 24) & 0xFF, (get_int >> 16) & 0xFF, (get_int >> 8) & 0xFF ); - snprintf( build_str_full, 100, "mbed TLS %s", version_str ); + polarssl_snprintf( build_str_full, 100, "mbed TLS %s", version_str ); TEST_ASSERT( strcmp( build_str, version_str ) == 0 ); TEST_ASSERT( strcmp( build_str_full, get_str_full ) == 0 ); From c39cb4986b922bacf400f9563864b3c9efcabf66 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 12:01:34 +0000 Subject: [PATCH 040/100] add POLARSSL_PLATFORM_EXIT_ALT --- include/polarssl/config.h | 6 ++++-- include/polarssl/platform.h | 30 +++++++++++++++++++++++++++++- library/platform.c | 23 +++++++++++++++++++++++ 3 files changed, 56 insertions(+), 3 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 75cf677c..d0893759 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -168,6 +168,7 @@ //#define POLARSSL_PLATFORM_SNPRINTF_ALT //#define POLARSSL_PLATFORM_PRINTF_ALT //#define POLARSSL_PLATFORM_FPRINTF_ALT +//#define POLARSSL_PLATFORM_EXIT_ALT /* \} name SECTION: System support */ /** @@ -1894,7 +1895,7 @@ * \def POLARSSL_PLATFORM_C * * Enable the platform abstraction layer that allows you to re-assign - * functions like malloc(), free(), snprintf(), printf(), fprintf() + * functions like malloc(), free(), snprintf(), printf(), fprintf(), exit() * * Module: library/platform.c * Caller: Most other .c files @@ -2242,9 +2243,10 @@ //#define POLARSSL_PLATFORM_STD_MEM_HDR /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ //#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ /* SSL Cache options */ //#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index 4844d2d0..17150300 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -65,6 +65,9 @@ extern "C" { #if !defined(POLARSSL_PLATFORM_STD_FREE) #define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use */ #endif +#if !defined(POLARSSL_PLATFORM_STD_EXIT) +#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default free to use */ +#endif #else /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ #if defined(POLARSSL_PLATFORM_STD_MEM_HDR) #include POLARSSL_PLATFORM_STD_MEM_HDR @@ -138,11 +141,36 @@ int platform_set_printf( int (*printf_func)( const char *, ... ) ); #if defined(POLARSSL_PLATFORM_FPRINTF_ALT) extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... ); +/** + * \brief Set your own fprintf function pointer + * + * \param fprintf_func the fprintf function implementation + * + * \return 0 + */ int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, ... ) ); #else #define polarssl_fprintf fprintf -#endif +#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ + +/* + * The function pointers for exit + */ +#if defined(POLARSSL_PLATFORM_EXIT_ALT) +extern void (*polarssl_exit)( int status ); + +/** + * \brief Set your own exit function pointer + * + * \param exit_func the exit function implementation + * + * \return 0 + */ +int platform_set_exit( void (*exit_func)( int status ) ); +#else +#define polarssl_exit exit +#endif /* POLARSSL_PLATFORM_EXIT_ALT */ #ifdef __cplusplus } diff --git a/library/platform.c b/library/platform.c index 8a26f7b8..34295adc 100644 --- a/library/platform.c +++ b/library/platform.c @@ -140,4 +140,27 @@ int platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) ) } #endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_EXIT_ALT) +#if !defined(POLARSSL_STD_EXIT) +/* + * Make dummy function to prevent NULL pointer dereferences + */ +static void platform_exit_uninit( int status ) +{ + ((void) status); + return( 0 ); +} + +#define POLARSSL_STD_EXIT platform_exit_uninit +#endif /* !POLARSSL_STD_EXIT */ + +int (*polarssl_exit)( int status ) = POLARSSL_STD_EXIT; + +int platform_set_exit( void (*exit_func)( int status ) ) +{ + polarssl_exit = exit_func; + return( 0 ); +} +#endif /* POLARSSL_PLATFORM_EXIT_ALT */ + #endif /* POLARSSL_PLATFORM_C */ From 77d3638497270bb8cd51a0199d7d899c1ba8b12f Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 12:12:11 +0000 Subject: [PATCH 041/100] modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit --- library/memory_buffer_alloc.c | 16 +++++++------- programs/test/benchmark.c | 37 +++++++++++++++++---------------- tests/suites/main_test.function | 15 ++++++++++++- 3 files changed, 42 insertions(+), 26 deletions(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index b7d583b0..44deac00 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -37,9 +37,11 @@ #include "polarssl/platform.h" #else #include +#define polarssl_exit exit #define polarssl_fprintf fprintf #endif /* POLARSSL_PLATFORM_C */ #endif /* POLARSSL_MEMORY_DEBUG */ + #if defined(POLARSSL_MEMORY_BACKTRACE) #include #endif @@ -273,7 +275,7 @@ static void *buffer_alloc_malloc( size_t len ) polarssl_fprintf( stderr, "FATAL: block in free_list but allocated " "data\n" ); #endif - exit( 1 ); + polarssl_exit( 1 ); } #if defined(POLARSSL_MEMORY_DEBUG) @@ -312,7 +314,7 @@ static void *buffer_alloc_malloc( size_t len ) #endif if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - exit( 1 ); + polarssl_exit( 1 ); return( ( (unsigned char *) cur ) + sizeof(memory_header) ); } @@ -367,7 +369,7 @@ static void *buffer_alloc_malloc( size_t len ) #endif if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - exit( 1 ); + polarssl_exit( 1 ); return( ( (unsigned char *) cur ) + sizeof(memory_header) ); } @@ -386,14 +388,14 @@ static void buffer_alloc_free( void *ptr ) polarssl_fprintf( stderr, "FATAL: polarssl_free() outside of managed " "space\n" ); #endif - exit( 1 ); + polarssl_exit( 1 ); } p -= sizeof(memory_header); hdr = (memory_header *) p; if( verify_header( hdr ) != 0 ) - exit( 1 ); + polarssl_exit( 1 ); if( hdr->alloc != 1 ) { @@ -401,7 +403,7 @@ static void buffer_alloc_free( void *ptr ) polarssl_fprintf( stderr, "FATAL: polarssl_free() on unallocated " "data\n" ); #endif - exit( 1 ); + polarssl_exit( 1 ); } hdr->alloc = 0; @@ -491,7 +493,7 @@ static void buffer_alloc_free( void *ptr ) #endif if( ( heap.verify & MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) - exit( 1 ); + polarssl_exit( 1 ); } void memory_buffer_set_verify( int verify ) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3acf78bf..b6ab1a12 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -31,6 +31,7 @@ #else #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_exit exit #endif #include @@ -428,17 +429,17 @@ int main( int argc, char *argv[] ) ctr_drbg_context ctr_drbg; if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); TIME_AND_TSC( "CTR_DRBG (NOPR)", if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON ); TIME_AND_TSC( "CTR_DRBG (PR)", if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); ctr_drbg_free( &ctr_drbg ); } #endif @@ -451,43 +452,43 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_SHA1_C) if( ( md_info = md_info_from_type( POLARSSL_MD_SHA1 ) ) == NULL ) - exit(1); + polarssl_exit(1); if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)", if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); hmac_drbg_free( &hmac_drbg ); if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); hmac_drbg_set_prediction_resistance( &hmac_drbg, POLARSSL_HMAC_DRBG_PR_ON ); TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)", if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); hmac_drbg_free( &hmac_drbg ); #endif #if defined(POLARSSL_SHA256_C) if( ( md_info = md_info_from_type( POLARSSL_MD_SHA256 ) ) == NULL ) - exit(1); + polarssl_exit(1); if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)", if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); hmac_drbg_free( &hmac_drbg ); if( hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) - exit(1); + polarssl_exit(1); hmac_drbg_set_prediction_resistance( &hmac_drbg, POLARSSL_HMAC_DRBG_PR_ON ); TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)", if( hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 ) - exit(1) ); + polarssl_exit(1) ); hmac_drbg_free( &hmac_drbg ); #endif } @@ -542,13 +543,13 @@ int main( int argc, char *argv[] ) if( mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 || mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } dhm.len = mpi_size( &dhm.P ); dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL ); if( mpi_copy( &dhm.GY, &dhm.GX ) != 0 ) - exit( 1 ); + polarssl_exit( 1 ); polarssl_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); TIME_PUBLIC( title, "handshake", @@ -583,7 +584,7 @@ int main( int argc, char *argv[] ) ecdsa_init( &ecdsa ); if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) - exit( 1 ); + polarssl_exit( 1 ); polarssl_snprintf( title, sizeof( title ), "ECDSA-%s", curve_info->name ); @@ -618,7 +619,7 @@ int main( int argc, char *argv[] ) myrand, NULL ) != 0 || ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } polarssl_snprintf( title, sizeof( title ), "ECDHE-%s", diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 9d9ebe5f..f3468856 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -1,3 +1,16 @@ +#include +#include + +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_exit exit +#define polarssl_free free +#define polarssl_malloc malloc +#define polarssl_fprintf fprintf +#define polarssl_printf printf +#endif + #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) #include "polarssl/memory_buffer_alloc.h" #endif @@ -268,7 +281,7 @@ int main() { polarssl_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" ); fclose(file); - exit( 2 ); + polarssl_exit( 2 ); } else total_errors++; From 4c09114c32349689e9ff3726150fe370502fd797 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Mon, 2 Feb 2015 12:04:10 +0000 Subject: [PATCH 042/100] add macro definition of assert using polarssl_exit --- tests/suites/helpers.function | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 4e1bac1e..3ae9a40a 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -15,10 +15,16 @@ typedef UINT32 uint32_t; #include #endif -#include #include #include +#define assert(a) if( !( a ) ) \ +{ \ + polarssl_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ + __FILE__, __LINE__, #a ); \ + polarssl_exit( 1 ); \ +} + /* * 32-bit integer manipulation macros (big endian) */ @@ -42,13 +48,13 @@ typedef UINT32 uint32_t; } #endif -static int unhexify(unsigned char *obuf, const char *ibuf) +static int unhexify( unsigned char *obuf, const char *ibuf ) { unsigned char c, c2; - int len = strlen(ibuf) / 2; - assert( strlen(ibuf) % 2 == 0 ); // must be even number of bytes + int len = strlen( ibuf ) / 2; + assert( strlen( ibuf ) % 2 == 0 ); // must be even number of bytes - while (*ibuf != 0) + while( *ibuf != 0 ) { c = *ibuf++; if( c >= '0' && c <= '9' ) From c0b6da3b439b4971aac241d15656abdcddc1616f Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 3 Feb 2015 10:58:06 +0000 Subject: [PATCH 043/100] add missing checks to check_config --- include/polarssl/check_config.h | 57 +++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index be7aefee..51745c95 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -198,11 +198,68 @@ #error "POLARSSL_PKCS11_C defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_EXIT_ALT) && !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_EXIT_ALT defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_MEMORY) && !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_MEMORY defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_PRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_PRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" +#endif + #if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && ( defined(_WIN32)\ && !defined(EFIX64) && !defined(EFI32) ) #error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" #endif +#if defined(POLARSSL_PLATFORM_STD_MEM_HDR) &&\ + !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) +#error "POLARSSL_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) +#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) +#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_FREE) && !defined(POLARSSL_PLATFORM_MEMORY) +#error "POLARSSL_PLATFORM_STD_FREE defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_EXIT) &&\ + !defined(POLARSSL_PLATFORM_EXIT_ALT) +#error "POLARSSL_PLATFORM_STD_EXIT defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_FPRINTF) &&\ + !defined(POLARSSL_PLATFORM_FPRINTF_ALT) +#error "POLARSSL_PLATFORM_STD_FPRINTF defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_PRINTF) &&\ + !defined(POLARSSL_PLATFORM_PRINTF_ALT) +#error "POLARSSL_PLATFORM_STD_PRINTF defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_STD_SNPRINTF) &&\ + !defined(POLARSSL_PLATFORM_SNPRINTF_ALT) +#error "POLARSSL_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" +#endif + #if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \ !defined(POLARSSL_OID_C) ) #error "POLARSSL_RSA_C defined, but not all prerequisites" From 98081c5ec64caf356065ce1834bf4e8fff6b4099 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 3 Feb 2015 11:00:54 +0000 Subject: [PATCH 044/100] reformat and arrange additions to config alphabetically --- include/polarssl/config.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index d0893759..7db377e0 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -165,10 +165,10 @@ * Uncomment a macro to enable alternate implementation of specific base * platform function */ -//#define POLARSSL_PLATFORM_SNPRINTF_ALT -//#define POLARSSL_PLATFORM_PRINTF_ALT -//#define POLARSSL_PLATFORM_FPRINTF_ALT //#define POLARSSL_PLATFORM_EXIT_ALT +//#define POLARSSL_PLATFORM_FPRINTF_ALT +//#define POLARSSL_PLATFORM_PRINTF_ALT +//#define POLARSSL_PLATFORM_SNPRINTF_ALT /* \} name SECTION: System support */ /** @@ -2240,13 +2240,13 @@ //#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ /* Platform options */ -//#define POLARSSL_PLATFORM_STD_MEM_HDR /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_MEM_HDR /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ +//#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ /* SSL Cache options */ //#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ From 4cc8a22d8845aee4b26074ae320abf5bdd156e79 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 3 Feb 2015 11:26:31 +0000 Subject: [PATCH 045/100] add initial symbols to config and checks to check_config to allow use of macros to define standard functions --- include/polarssl/check_config.h | 75 +++++++++++++++++++++++++++++++++ include/polarssl/config.h | 17 ++++++++ 2 files changed, 92 insertions(+) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 51745c95..eb2fecd8 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -198,14 +198,65 @@ #error "POLARSSL_PKCS11_C defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) &&\ + !defined(POLARSSL_PLATFORM_C) +#error "POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS defined, but not prerequisites" +#endif + #if defined(POLARSSL_PLATFORM_EXIT_ALT) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_EXIT_ALT defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_EXIT_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_EXIT_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_EXIT_MACRO) &&\ + ( defined(POLARSSL_PLATFORM_STD_EXIT) ||\ + defined(POLARSSL_PLATFORM_EXIT_ALT) ) +#error "POLARSSL_PLATFORM_EXIT_MACRO and POLARSSL_PLATFORM_STD_EXIT/POLARSSL_PLATFORM_EXIT_ALT cannot be defined simultaneously" +#endif + #if defined(POLARSSL_PLATFORM_FPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) &&\ + ( defined(POLARSSL_PLATFORM_STD_FPRINTF) ||\ + defined(POLARSSL_PLATFORM_FPRINTF_ALT) ) +#error "POLARSSL_PLATFORM_FPRINTF_MACRO and POLARSSL_PLATFORM_STD_FPRINTF/POLARSSL_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_FREE_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ + defined(POLARSSL_PLATFORM_STD_FREE) +#error "POLARSSL_PLATFORM_FREE_MACRO and POLARSSL_PLATFORM_STD_FREE cannot be defined simultaneously" +#endif + +#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_MALLOC_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ + defined(POLARSSL_PLATFORM_STD_MALLOC) +#error "POLARSSL_PLATFORM_MALLOC_MACRO and POLARSSL_PLATFORM_STD_MALLOC cannot be defined simultaneously" +#endif + #if defined(POLARSSL_PLATFORM_MEMORY) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_MEMORY defined, but not all prerequisites" #endif @@ -214,6 +265,18 @@ #error "POLARSSL_PLATFORM_PRINTF_ALT defined, but not all prerequisites" #endif +#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) &&\ + ( defined(POLARSSL_PLATFORM_STD_PRINTF) ||\ + defined(POLARSSL_PLATFORM_PRINTF_ALT) ) +#error "POLARSSL_PLATFORM_PRINTF_MACRO and POLARSSL_PLATFORM_STD_PRINTF/POLARSSL_PLATFORM_PRINTF_ALT cannot be defined simultaneously" +#endif + #if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" #endif @@ -223,6 +286,18 @@ #error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" #endif +#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) &&\ + ( !defined(POLARSSL_PLATFORM_C) ||\ + !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#error "POLARSSL_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) &&\ + ( defined(POLARSSL_PLATFORM_STD_SNPRINTF) ||\ + defined(POLARSSL_PLATFORM_SNPRINTF_ALT) ) +#error "POLARSSL_PLATFORM_SNPRINTF_MACRO and POLARSSL_PLATFORM_STD_SNPRINTF/POLARSSL_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" +#endif + #if defined(POLARSSL_PLATFORM_STD_MEM_HDR) &&\ !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) #error "POLARSSL_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 7db377e0..6f134401 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -147,6 +147,16 @@ */ //#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS +/** + * \def POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS + * + * TO-DO: ADD DESCRIPTION & ANY WARNINGS ETC + * + * Requires: POLARSSL_PLATFORM_C + * + */ +//#define POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS + /** * \def POLARSSL_PLATFORM_XXX_ALT * @@ -2248,6 +2258,13 @@ //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +//#define POLARSSL_PLATFORM_MALLOC_MACRO malloc /**< Default allocator macro to use, can be undefined */ +//#define POLARSSL_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define POLARSSL_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define POLARSSL_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ +//#define POLARSSL_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ +//#define POLARSSL_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ + /* SSL Cache options */ //#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ //#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ From 3d62e726485d24d67a39ffb8e168eb8bd6114110 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 3 Feb 2015 11:48:59 +0000 Subject: [PATCH 046/100] fix bug introduced by the addition of snprintf and assert macro which caused tests to fail without polarssl_platform_c defined --- tests/suites/helpers.function | 5 +++++ tests/suites/main_test.function | 1 - 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 3ae9a40a..0f074859 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -6,6 +6,10 @@ #define polarssl_fprintf fprintf #define polarssl_malloc malloc #define polarssl_free free +#define polarssl_exit exit +#define polarssl_fprintf fprintf +#define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #ifdef _MSC_VER @@ -15,6 +19,7 @@ typedef UINT32 uint32_t; #include #endif +#include #include #include diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index f3468856..bb1083ac 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -1,4 +1,3 @@ -#include #include #if defined(POLARSSL_PLATFORM_C) From 16f8cd8e87493eb34975f7900eef3b91a30df007 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 6 Feb 2015 16:14:34 +0000 Subject: [PATCH 047/100] implemented macro overriding for polarssl_* library functions --- include/polarssl/check_config.h | 35 +++++------ include/polarssl/config.h | 32 ++++++---- include/polarssl/platform.h | 102 ++++++++++++++++++++------------ 3 files changed, 98 insertions(+), 71 deletions(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index eb2fecd8..818aef3f 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -198,18 +198,11 @@ #error "POLARSSL_PKCS11_C defined, but not all prerequisites" #endif -#if defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) &&\ - !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS defined, but not prerequisites" -#endif - #if defined(POLARSSL_PLATFORM_EXIT_ALT) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_EXIT_ALT defined, but not all prerequisites" #endif -#if defined(POLARSSL_PLATFORM_EXIT_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#if defined(POLARSSL_PLATFORM_EXIT_MACRO) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_EXIT_MACRO defined, but not all prerequisites" #endif @@ -223,9 +216,7 @@ #error "POLARSSL_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" #endif -#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" #endif @@ -236,8 +227,7 @@ #endif #if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) + ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) #error "POLARSSL_PLATFORM_FREE_MACRO defined, but not all prerequisites" #endif @@ -246,9 +236,12 @@ #error "POLARSSL_PLATFORM_FREE_MACRO and POLARSSL_PLATFORM_STD_FREE cannot be defined simultaneously" #endif +#if defined(POLARSSL_PLATFORM_FREE_MACRO) && !defined(POLARSSL_PLATFORM_MALLOC_MACRO) +#error "POLARSSL_PLATFORM_MALLOC_MACRO must be defined if POLARSSL_PLATFORM_FREE_MACRO is" +#endif + #if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) + ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) #error "POLARSSL_PLATFORM_MALLOC_MACRO defined, but not all prerequisites" #endif @@ -257,6 +250,10 @@ #error "POLARSSL_PLATFORM_MALLOC_MACRO and POLARSSL_PLATFORM_STD_MALLOC cannot be defined simultaneously" #endif +#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) && !defined(POLARSSL_PLATFORM_FREE_MACRO) +#error "POLARSSL_PLATFORM_FREE_MACRO must be defined if POLARSSL_PLATFORM_MALLOC_MACRO is" +#endif + #if defined(POLARSSL_PLATFORM_MEMORY) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_MEMORY defined, but not all prerequisites" #endif @@ -265,9 +262,7 @@ #error "POLARSSL_PLATFORM_PRINTF_ALT defined, but not all prerequisites" #endif -#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" #endif @@ -286,9 +281,7 @@ #error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" #endif -#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) ||\ - !defined(POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS) ) +#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #error "POLARSSL_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" #endif diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 6f134401..74255085 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -120,8 +120,14 @@ * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * - * Enabling POLARSSL_PLATFORM_MEMORY will provide "platform_set_malloc_free()" - * to allow you to set an alternative malloc() and free() function pointer. + * Enabling POLARSSL_PLATFORM_MEMORY without the + * POLARSSL_PLATFORM_{FREE,MALLOC}_MACROs will provide + * "platform_set_malloc_free()" allowing you to set an alternative malloc() and + * free() function pointer at runtime. + * + * Enabling POLARSSL_PLATFORM_MEMORY and specifying + * POLARSSL_PLATFORM_{MALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. * * Requires: POLARSSL_PLATFORM_C * @@ -138,7 +144,8 @@ * This makes sure there are no linking errors on platforms that do not support * these functions. You will HAVE to provide alternatives, either at runtime * via the platform_set_xxx() functions or at compile time by setting - * the POLARSSL_PLATFORM_STD_XXX defines. + * the POLARSSL_PLATFORM_STD_XXX defines, or enabling a + * POLARSSL_PLATFORM_XXX_MACRO. * * Requires: POLARSSL_PLATFORM_C * @@ -147,16 +154,6 @@ */ //#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS -/** - * \def POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS - * - * TO-DO: ADD DESCRIPTION & ANY WARNINGS ETC - * - * Requires: POLARSSL_PLATFORM_C - * - */ -//#define POLARSSL_PLATFORM_ENABLE_FUNCTION_MACROS - /** * \def POLARSSL_PLATFORM_XXX_ALT * @@ -172,6 +169,9 @@ * WARNING: POLARSSL_PLATFORM_SNPRINTF_ALT is not available on Windows * for compatibility reasons. * + * WARNING: POLARSSL_PLATFORM_XXX_ALT cannot be defined at the same time as + * POLARSSL_PLATFORM_XXX_MACRO! + * * Uncomment a macro to enable alternate implementation of specific base * platform function */ @@ -1907,6 +1907,10 @@ * Enable the platform abstraction layer that allows you to re-assign * functions like malloc(), free(), snprintf(), printf(), fprintf(), exit() * + * Enabling POLARSSL_PLATFORM_C enables to use of POLARSSL_PLATFORM_XXX_ALT + * or POLARSSL_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * * Module: library/platform.c * Caller: Most other .c files * @@ -2258,6 +2262,8 @@ //#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ //#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ +/* To Use Function Macros POLARSSL_PLATFORM_C must be enabled */ +/* POLARSSL_PLATFORM_XXX_MACRO and POLARSSL_PLATFORM_XXX_ALT cannot both be defined */ //#define POLARSSL_PLATFORM_MALLOC_MACRO malloc /**< Default allocator macro to use, can be undefined */ //#define POLARSSL_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ //#define POLARSSL_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index 17150300..dd7e5580 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -97,43 +97,18 @@ int platform_set_malloc_free( void * (*malloc_func)( size_t ), #define polarssl_malloc malloc #define polarssl_free free #endif /* POLARSSL_PLATFORM_MEMORY */ - -/* - * The function pointers for snprintf - */ -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) -extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... ); - -/** - * \brief Set your own snprintf function pointer - * - * \param snprintf_func the snprintf function implementation - * - * \return 0 - */ -int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, ... ) ); -#else /* POLARSSL_PLATFORM_SNPRINTF_ALT */ -#define polarssl_snprintf snprintf -#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ - -/* - * The function pointers for printf - */ -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) -extern int (*polarssl_printf)( const char *format, ... ); - -/** - * \brief Set your own printf function pointer - * - * \param printf_func the printf function implementation - * - * \return 0 - */ -int platform_set_printf( int (*printf_func)( const char *, ... ) ); -#else /* POLARSSL_PLATFORM_PRINTF_ALT */ -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ +#else /* POLARSSL_PLATFORM_ENTROPY */ +#if defined(POLARSSL_PLATFORM_FREE_MACRO) +#define polarssl_free POLARSSL_PLATFORM_FREE_MACRO +#else +#define polarssl_free free +#endif /* POLARSSL_PLATFORM_FREE_MACRO */ +#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) +#define polarssl_malloc POLARSSL_PLATFORM_MALLOC_MACRO +#else +#define polarssl_malloc malloc +#endif /* POLARSSL_PLATFORM_MALLOC_MACRO */ +#endif /* POLARSSL_PLATFORM_ENTROPY */ /* * The function pointers for fprintf @@ -151,9 +126,58 @@ extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... ); int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, ... ) ); #else +#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) +#define polarssl_fprintf POLARSSL_PLATFORM_FPRINTF_MACRO +#else #define polarssl_fprintf fprintf +#endif /* POLARSSL_PLATFORM_FPRINTF_MACRO */ #endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ +/* + * The function pointers for printf + */ +#if defined(POLARSSL_PLATFORM_PRINTF_ALT) +extern int (*polarssl_printf)( const char *format, ... ); + +/** + * \brief Set your own printf function pointer + * + * \param printf_func the printf function implementation + * + * \return 0 + */ +int platform_set_printf( int (*printf_func)( const char *, ... ) ); +#else /* !POLARSSL_PLATFORM_PRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) +#define polarssl_printf POLARSSL_PLATFORM_PRINTF_MACRO +#else +#define polarssl_printf printf +#endif /* POLARSSL_PLATFORM_PRINTF_MACRO */ +#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ + +/* + * The function pointers for snprintf + */ +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) +extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... ); + +/** + * \brief Set your own snprintf function pointer + * + * \param snprintf_func the snprintf function implementation + * + * \return 0 + */ +int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, + const char * format, ... ) ); +#else /* POLARSSL_PLATFORM_SNPRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) +#define polarssl_snprintf POLARSSL_PLATFORM_SNPRINTF_MACRO +#else +#define polarssl_snprintf snprintf +#endif /* POLARSSL_PLATFORM_SNPRINTF_MACRO */ +#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ + /* * The function pointers for exit */ @@ -169,7 +193,11 @@ extern void (*polarssl_exit)( int status ); */ int platform_set_exit( void (*exit_func)( int status ) ); #else +#if defined(POLARSSL_PLATFORM_EXIT_MACRO) +#define polarssl_exit POLARSSL_PLATFORM_EXIT_MACRO +#else #define polarssl_exit exit +#endif /* POLARSSL_PLATFORM_EXIT_MACRO */ #endif /* POLARSSL_PLATFORM_EXIT_ALT */ #ifdef __cplusplus From 401bb90ac00d616313377bc99d6e810973adabac Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Tue, 10 Feb 2015 12:28:15 +0000 Subject: [PATCH 048/100] rebase from development --- include/polarssl/platform.h | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/include/polarssl/platform.h b/include/polarssl/platform.h index dd7e5580..3e76c301 100644 --- a/include/polarssl/platform.h +++ b/include/polarssl/platform.h @@ -80,6 +80,11 @@ extern "C" { * The function pointers for malloc and free */ #if defined(POLARSSL_PLATFORM_MEMORY) +#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ + defined(POLARSSL_PLATFORM_MALLOC_MACRO) +#define polarssl_free POLARSSL_PLATFORM_FREE_MACRO +#define polarssl_malloc POLARSSL_PLATFORM_MALLOC_MACRO +#else extern void * (*polarssl_malloc)( size_t len ); extern void (*polarssl_free)( void *ptr ); @@ -93,22 +98,11 @@ extern void (*polarssl_free)( void *ptr ); */ int platform_set_malloc_free( void * (*malloc_func)( size_t ), void (*free_func)( void * ) ); +#endif /* POLARSSL_PLATFORM_FREE_MACRO && POLARSSL_PLATFORM_MALLOC_MACRO */ #else /* !POLARSSL_PLATFORM_MEMORY */ -#define polarssl_malloc malloc -#define polarssl_free free -#endif /* POLARSSL_PLATFORM_MEMORY */ -#else /* POLARSSL_PLATFORM_ENTROPY */ -#if defined(POLARSSL_PLATFORM_FREE_MACRO) -#define polarssl_free POLARSSL_PLATFORM_FREE_MACRO -#else #define polarssl_free free -#endif /* POLARSSL_PLATFORM_FREE_MACRO */ -#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) -#define polarssl_malloc POLARSSL_PLATFORM_MALLOC_MACRO -#else #define polarssl_malloc malloc -#endif /* POLARSSL_PLATFORM_MALLOC_MACRO */ -#endif /* POLARSSL_PLATFORM_ENTROPY */ +#endif /* POLARSSL_PLATFORM_MEMORY && !POLARSSL_PLATFORM_{FREE,MALLOC}_MACRO */ /* * The function pointers for fprintf From c8ada6d41090223f11967389defd8325d7e9c8c8 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Thu, 12 Feb 2015 12:47:09 +0000 Subject: [PATCH 049/100] Fix extra guard in memory_buffer_alloc --- library/memory_buffer_alloc.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 44deac00..456b4713 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -27,12 +27,10 @@ #endif #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - #include "polarssl/memory_buffer_alloc.h" #include -#if defined(POLARSSL_MEMORY_DEBUG) #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else @@ -40,7 +38,6 @@ #define polarssl_exit exit #define polarssl_fprintf fprintf #endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_MEMORY_DEBUG */ #if defined(POLARSSL_MEMORY_BACKTRACE) #include From 7d5a55a365736b35f9731cdb8cd91cf419050470 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 13 Feb 2015 11:48:02 +0000 Subject: [PATCH 050/100] Remove dependency on sscanf in lib x509 --- library/x509.c | 47 ++++++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/library/x509.c b/library/x509.c index 3b6cd1bb..46d88fa4 100644 --- a/library/x509.c +++ b/library/x509.c @@ -73,6 +73,8 @@ #endif #endif +#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); } + /* * CertificateSerialNumber ::= INTEGER */ @@ -474,6 +476,16 @@ int x509_get_name( unsigned char **p, const unsigned char *end, } } +static int x509_parse_int(unsigned char **p, unsigned n, int *res){ + *res = 0; + for( ; n > 0; --n ){ + if( ( **p < '0') || ( **p > '9' ) ) return POLARSSL_ERR_X509_INVALID_DATE; + *res *= 10; + *res += (*(*p)++ - '0'); + } + return 0; +} + /* * Time ::= CHOICE { * utcTime UTCTime, @@ -484,7 +496,6 @@ int x509_get_time( unsigned char **p, const unsigned char *end, { int ret; size_t len; - char date[64]; unsigned char tag; if( ( end - *p ) < 1 ) @@ -501,20 +512,19 @@ int x509_get_time( unsigned char **p, const unsigned char *end, if( ret != 0 ) return( POLARSSL_ERR_X509_INVALID_DATE + ret ); - memset( date, 0, sizeof( date ) ); - memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? - len : sizeof( date ) - 1 ); - - if( sscanf( date, "%2d%2d%2d%2d%2d%2dZ", - &time->year, &time->mon, &time->day, - &time->hour, &time->min, &time->sec ) < 5 ) + CHECK( x509_parse_int( p, 2, &time->year ) ); + CHECK( x509_parse_int( p, 2, &time->mon ) ); + CHECK( x509_parse_int( p, 2, &time->day ) ); + CHECK( x509_parse_int( p, 2, &time->hour ) ); + CHECK( x509_parse_int( p, 2, &time->min ) ); + if( len > 10 ) + CHECK( x509_parse_int( p, 2, &time->sec ) ); + if( len > 12 && *(*p)++ != 'Z' ) return( POLARSSL_ERR_X509_INVALID_DATE ); time->year += 100 * ( time->year < 50 ); time->year += 1900; - *p += len; - return( 0 ); } else if( tag == ASN1_GENERALIZED_TIME ) @@ -525,17 +535,16 @@ int x509_get_time( unsigned char **p, const unsigned char *end, if( ret != 0 ) return( POLARSSL_ERR_X509_INVALID_DATE + ret ); - memset( date, 0, sizeof( date ) ); - memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? - len : sizeof( date ) - 1 ); - - if( sscanf( date, "%4d%2d%2d%2d%2d%2dZ", - &time->year, &time->mon, &time->day, - &time->hour, &time->min, &time->sec ) < 5 ) + CHECK( x509_parse_int( p, 4, &time->year ) ); + CHECK( x509_parse_int( p, 2, &time->mon ) ); + CHECK( x509_parse_int( p, 2, &time->day ) ); + CHECK( x509_parse_int( p, 2, &time->hour ) ); + CHECK( x509_parse_int( p, 2, &time->min ) ); + if( len > 12 ) + CHECK( x509_parse_int( p, 2, &time->sec ) ); + if( len > 14 && *(*p)++ != 'Z' ) return( POLARSSL_ERR_X509_INVALID_DATE ); - *p += len; - return( 0 ); } else From a71780e4754978058c49c1dccf4942a95a23a458 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 13:56:55 +0000 Subject: [PATCH 051/100] Add test for no platform.c in all.sh --- tests/scripts/all.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7430b388..4c746e7f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -130,6 +130,16 @@ msg "build: Unix make, -O2 (gcc)" # ~ 30s cleanup CC=gcc CFLAGS=-Werror make +# this is meant to cath missing #define polarssl_printf etc +msg "build: full config except platform.c" # ~ 30s +cleanup +cp "$CONFIG_H" "$CONFIG_BAK" +scripts/config.pl full +scripts/config.pl unset POLARSSL_PLATFORM_C +scripts/config.pl unset POLARSSL_MEMORY_C +scripts/config.pl unset POLARSSL_MEMORY_BUFFER_ALLOC_C +CC=gcc CFLAGS=-Werror make + if uname -a | grep -F x86_64 >/dev/null; then msg "build: i386, make, gcc" # ~ 30s cleanup From 013bffe5a711e877bef42587ab5862d1d8e11c9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 14:09:44 +0000 Subject: [PATCH 052/100] Style: add spaces before line continuation --- include/polarssl/check_config.h | 4 ++-- programs/aes/aescrypt2.c | 4 ++-- programs/aes/crypt_and_hash.c | 4 ++-- programs/pkey/dh_client.c | 6 +++--- programs/pkey/dh_genprime.c | 4 ++-- programs/pkey/dh_server.c | 6 +++--- programs/pkey/ecdsa.c | 2 +- programs/pkey/gen_key.c | 2 +- programs/pkey/key_app.c | 2 +- programs/pkey/pk_decrypt.c | 4 ++-- programs/pkey/pk_encrypt.c | 4 ++-- programs/pkey/pk_sign.c | 6 +++--- programs/pkey/pk_verify.c | 4 ++-- programs/pkey/rsa_decrypt.c | 4 ++-- programs/pkey/rsa_encrypt.c | 4 ++-- programs/pkey/rsa_genkey.c | 4 ++-- programs/pkey/rsa_sign.c | 2 +- programs/pkey/rsa_sign_pss.c | 6 +++--- programs/pkey/rsa_verify.c | 2 +- programs/pkey/rsa_verify_pss.c | 4 ++-- programs/random/gen_random_ctr_drbg.c | 4 ++-- programs/ssl/ssl_client1.c | 6 +++--- programs/ssl/ssl_client2.c | 4 ++-- programs/ssl/ssl_fork_server.c | 12 ++++++------ programs/ssl/ssl_mail_client.c | 2 +- programs/ssl/ssl_pthread_server.c | 10 +++++----- programs/ssl/ssl_server2.c | 6 +++--- programs/test/o_p_test.c | 2 +- programs/test/ssl_cert_test.c | 2 +- programs/test/ssl_test.c | 8 ++++---- programs/x509/cert_app.c | 8 ++++---- programs/x509/cert_write.c | 6 +++--- programs/x509/crl_app.c | 2 +- programs/x509/req_app.c | 2 +- 34 files changed, 76 insertions(+), 76 deletions(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 51b124d6..db7d76be 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -145,13 +145,13 @@ #endif #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ + ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ !defined(POLARSSL_PKCS1_V15) ) #error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" #endif #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ + ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ !defined(POLARSSL_PKCS1_V15) ) #error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" #endif diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c index 9e41c598..430b87f2 100644 --- a/programs/aes/aescrypt2.c +++ b/programs/aes/aescrypt2.c @@ -34,7 +34,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_AES_C) && defined(POLARSSL_SHA256_C) &&\ +#if defined(POLARSSL_AES_C) && defined(POLARSSL_SHA256_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/aes.h" #include "polarssl/sha256.h" @@ -63,7 +63,7 @@ "\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \ "\n" -#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) ||\ +#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \ !defined(POLARSSL_FS_IO) int main( void ) { diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 85a144b7..dfba7eb1 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -35,7 +35,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) &&\ +#if defined(POLARSSL_CIPHER_C) && defined(POLARSSL_MD_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/cipher.h" #include "polarssl/md.h" @@ -64,7 +64,7 @@ "\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \ "\n" -#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) ||\ +#if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C) || \ !defined(POLARSSL_FS_IO) int main( void ) { diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index a29da4b0..6c77a561 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -33,9 +33,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ +#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/aes.h" diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index a3d574c7..e0ca260e 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) && \ defined(POLARSSL_GENPRIME) #include "polarssl/bignum.h" #include "polarssl/entropy.h" diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 197e4f2d..e824902b 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -33,9 +33,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ +#if defined(POLARSSL_AES_C) && defined(POLARSSL_DHM_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/aes.h" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index ecbe15a1..640d3e76 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_ECDSA_C) &&\ +#if defined(POLARSSL_ECDSA_C) && \ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index d047d71c..a4095da5 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 7c01caf4..2ebeb41b 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && \ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/rsa.h" diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index c53e7ef3..2bd8b348 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) &&\ - defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \ + defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 11533434..9a3e7824 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -34,8 +34,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_PK_PARSE_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/pk.h" diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 021d154f..162db1e9 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -33,9 +33,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_SHA256_C) &&\ - defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SHA256_C) && \ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/error.h" #include "polarssl/entropy.h" diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 1bfb66f1..6f8755bd 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) &&\ - defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && \ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/error.h" #include "polarssl/md.h" diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index e7606929..368089f7 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ - defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ + defined(POLARSSL_FS_IO) && defined(POLARSSL_ENTROPY_C) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/rsa.h" #include "polarssl/entropy.h" diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index afef96dc..bbf7678c 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -34,8 +34,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/rsa.h" #include "polarssl/entropy.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index d3854592..f1be5367 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) && \ defined(POLARSSL_FS_IO) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 0693a36f..f033eab4 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -34,7 +34,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO) #include "polarssl/rsa.h" #include "polarssl/sha1.h" diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 45b7364c..be42ad18 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -33,9 +33,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) &&\ - defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_SHA256_C) && \ + defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index c43fc305..88d4d04c 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_SHA256_C) && defined(POLARSSL_FS_IO) #include "polarssl/rsa.h" #include "polarssl/sha1.h" diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index c313512c..d679a58f 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -33,8 +33,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ - defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ + defined(POLARSSL_SHA256_C) && defined(POLARSSL_PK_PARSE_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/md.h" #include "polarssl/pem.h" diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index acd0778d..4c2286d9 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -34,7 +34,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) &&\ +#if defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_ENTROPY_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" @@ -42,7 +42,7 @@ #include #endif -#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) ||\ +#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_FS_IO) int main( void ) { diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index bbb84109..25554f41 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -34,9 +34,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ - defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ + defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_CTR_DRBG_C) && defined(POLARSSL_X509_CRT_PARSE_C) #include "polarssl/net.h" #include "polarssl/debug.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 32a55b62..e0ba186f 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -34,8 +34,8 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) &&\ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ +#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_FS_IO) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/ssl.h" diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 2bdf3f60..3f3c6ade 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -38,11 +38,11 @@ #include #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) &&\ - defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ - defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_TIMING_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \ + defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_TIMING_C) && \ defined(POLARSSL_FS_IO) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" @@ -70,7 +70,7 @@ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) ||\ + !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_TIMING_C) || \ !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index f39a5d85..226baf57 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -128,7 +128,7 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ + !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ !defined(POLARSSL_FS_IO) int main( void ) { diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index a2254855..091d07a7 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -39,11 +39,11 @@ #include #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) &&\ - defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ - defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_CERTS_C) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SSL_TLS_C) && \ + defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_THREADING_C) && defined(POLARSSL_THREADING_PTHREAD) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index cebf3bff..bf90c10b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -44,8 +44,8 @@ #include #endif -#if defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) &&\ +#if defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \ defined(POLARSSL_NET_C) && defined(POLARSSL_CTR_DRBG_C) #include "polarssl/net.h" #include "polarssl/ssl.h" @@ -278,7 +278,7 @@ " force_ciphersuite= default: all enabled\n" \ " acceptable ciphersuite names:\n" -#if !defined(POLARSSL_ENTROPY_C) ||\ +#if !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_SRV_C) || \ !defined(POLARSSL_NET_C) || !defined(POLARSSL_CTR_DRBG_C) #include diff --git a/programs/test/o_p_test.c b/programs/test/o_p_test.c index 3e77c55c..0d1cccfa 100644 --- a/programs/test/o_p_test.c +++ b/programs/test/o_p_test.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_FS_IO) #include diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 2b1d5a7b..393651fc 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) &&\ +#if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \ defined(POLARSSL_FS_IO) && defined(POLARSSL_X509_CRL_PARSE_C) #include "polarssl/certs.h" #include "polarssl/x509_crt.h" diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 7d24c0be..1aa7ee17 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -36,10 +36,10 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) &&\ - defined(POLARSSL_SSL_CLI_C) && defined(POLARSSL_NET_C) &&\ - defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_SRV_C) && \ + defined(POLARSSL_SSL_CLI_C) && defined(POLARSSL_NET_C) && \ + defined(POLARSSL_RSA_C) && defined(POLARSSL_CTR_DRBG_C) && \ defined(POLARSSL_X509_CRT_PARSE_C) #include "polarssl/net.h" #include "polarssl/ssl.h" diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index d74b4daf..dc541d3d 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -34,10 +34,10 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) &&\ - defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) &&\ - defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) &&\ - defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ + defined(POLARSSL_SSL_TLS_C) && defined(POLARSSL_SSL_CLI_C) && \ + defined(POLARSSL_NET_C) && defined(POLARSSL_RSA_C) && \ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \ defined(POLARSSL_CTR_DRBG_C) #include "polarssl/entropy.h" #include "polarssl/ctr_drbg.h" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index ed6f218d..cbcd3594 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -33,9 +33,9 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_X509_CRT_WRITE_C) &&\ - defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) &&\ - defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) &&\ +#if defined(POLARSSL_X509_CRT_WRITE_C) && \ + defined(POLARSSL_X509_CRT_PARSE_C) && defined(POLARSSL_FS_IO) && \ + defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_CTR_DRBG_C) && \ defined(POLARSSL_ERROR_C) #include "polarssl/x509_crt.h" #include "polarssl/x509_csr.h" diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 06395668..83543911 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_X509_CRL_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/x509_crl.h" diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 2058e4c4..0b070fc9 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -33,7 +33,7 @@ #define polarssl_printf printf #endif -#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) &&\ +#if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ defined(POLARSSL_X509_CSR_PARSE_C) && defined(POLARSSL_FS_IO) #include "polarssl/x509_csr.h" From 6c5abfa42b8c2a8c6a812c34bf3fa04439db254a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 14:12:07 +0000 Subject: [PATCH 053/100] Style: fix trailing spaces --- include/polarssl/cipher_wrap.h | 2 +- include/polarssl/md_wrap.h | 2 +- programs/aes/crypt_and_hash.c | 2 +- programs/pkey/dh_server.c | 2 +- programs/pkey/key_app.c | 2 +- programs/pkey/key_app_writer.c | 2 +- programs/pkey/rsa_encrypt.c | 2 +- programs/pkey/rsa_genkey.c | 4 ++-- programs/pkey/rsa_sign.c | 2 +- programs/ssl/ssl_mail_client.c | 4 ++-- programs/test/benchmark.c | 2 +- programs/test/ssl_test.c | 2 +- programs/x509/cert_write.c | 2 +- 13 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/polarssl/cipher_wrap.h b/include/polarssl/cipher_wrap.h index ffa8c53b..92dfe458 100644 --- a/include/polarssl/cipher_wrap.h +++ b/include/polarssl/cipher_wrap.h @@ -31,7 +31,7 @@ #else #include POLARSSL_CONFIG_FILE #endif - + #include "cipher.h" #ifdef __cplusplus diff --git a/include/polarssl/md_wrap.h b/include/polarssl/md_wrap.h index 2cb6e511..92c3a2cc 100644 --- a/include/polarssl/md_wrap.h +++ b/include/polarssl/md_wrap.h @@ -31,7 +31,7 @@ #else #include POLARSSL_CONFIG_FILE #endif - + #include "md.h" #ifdef __cplusplus diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index dfba7eb1..c76b8dbd 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -400,7 +400,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ( filesize - md_get_size( md_info ) ) % + if( ( ( filesize - md_get_size( md_info ) ) % cipher_get_block_size( &cipher_ctx ) ) != 0 ) { polarssl_fprintf( stderr, "File content not a multiple of the block size (%d).\n", diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index e824902b..c625d027 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -134,7 +134,7 @@ int main( void ) } rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3; - + fclose( f ); /* diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 2ebeb41b..98f36db1 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -51,7 +51,7 @@ #define DFL_PASSWORD "" #define DFL_PASSWORD_FILE "" #define DFL_DEBUG_LEVEL 0 - + #define USAGE \ "\n usage: key_app param=<>...\n" \ "\n acceptable parameters:\n" \ diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index ddd5e19f..09233ffe 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -84,7 +84,7 @@ " output_mode=private|public default: none\n" \ USAGE_OUT \ "\n" - + #if !defined(POLARSSL_PK_WRITE_C) || !defined(POLARSSL_FS_IO) int main( void ) { diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index bbf7678c..e73ad2ff 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -105,7 +105,7 @@ int main( int argc, char *argv[] ) } rsa_init( &rsa, RSA_PKCS_V15, 0 ); - + if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 || ( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 ) { diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index f1be5367..0314d39e 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -41,7 +41,7 @@ #include "polarssl/bignum.h" #include "polarssl/x509.h" #include "polarssl/rsa.h" - + #include #include #endif @@ -86,7 +86,7 @@ int main( void ) fflush( stdout ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); - + if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE, EXPONENT ) ) != 0 ) { diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index f033eab4..277034d2 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -86,7 +86,7 @@ int main( int argc, char *argv[] ) } rsa_init( &rsa, RSA_PKCS_V15, 0 ); - + if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 || ( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 || ( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 || diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 226baf57..d39e6c50 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -95,7 +95,7 @@ #define USAGE_AUTH \ " authentication=%%d default: 0 (disabled)\n" \ " user_name=%%s default: \"user\"\n" \ - " user_pwd=%%s default: \"password\"\n" + " user_pwd=%%s default: \"password\"\n" #else #define USAGE_AUTH \ " authentication options disabled. (Require POLARSSL_BASE64_C)\n" @@ -349,7 +349,7 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len ) code[3] = '\0'; return atoi( code ); } - + idx = 0; } } diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 6d8d8e51..2882ecfc 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -70,7 +70,7 @@ #define BUFSIZE 1024 #define HEADER_FORMAT " %-24s : " #define TITLE_LEN 25 - + #define DHM_SIZES 3 #define OPTIONS \ diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 1aa7ee17..5860683f 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -457,7 +457,7 @@ exit: " session_reuse=on/off default: on (enabled)\n" \ " session_lifetime=%%d (s) default: 86400\n" \ " force_ciphersuite= default: all enabled\n" \ - " acceptable ciphersuite names:\n" + " acceptable ciphersuite names:\n" int main( int argc, char *argv[] ) { diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index cbcd3594..45e2456d 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -119,7 +119,7 @@ " email_ca\n" \ " object_signing_ca\n" \ "\n" - + #if !defined(POLARSSL_X509_CRT_WRITE_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \ From f5dc8ec3581a471739949091b658d3afced53a40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 14:32:17 +0000 Subject: [PATCH 054/100] Update error.fmt to match update error.c --- scripts/data_files/error.fmt | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index b7bfbf20..1b5bb7af 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -28,14 +28,14 @@ #if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY) #include "polarssl/error.h" +#include #endif #if defined(POLARSSL_ERROR_C) -HEADER_INCLUDED #include -#include +HEADER_INCLUDED #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ !defined(EFI32) #define snprintf _snprintf @@ -114,8 +114,6 @@ void error_strerror( int ret, char *buf, size_t buflen ) #if defined(POLARSSL_ERROR_STRERROR_DUMMY) -#include - /* * Provide an non-function in case POLARSSL_ERROR_C is not defined */ From b3b8e43a124be166e2c12b940e1d51e00f66b0ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 14:52:19 +0000 Subject: [PATCH 055/100] New test script for generated files --- tests/scripts/all.sh | 3 +++ tests/scripts/check-generated-files.sh | 24 ++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100755 tests/scripts/check-generated-files.sh diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4c746e7f..ba78dfb2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -73,6 +73,9 @@ msg() msg "test: recursion.pl" # < 1s scripts/recursion.pl library/*.c +msg "test: freshness of generated source files" # < 1s +tests/scripts/check-generated-files.sh + msg "build: cmake, gcc, ASan" # ~ 1 min 50s cleanup CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh new file mode 100755 index 00000000..0400bc75 --- /dev/null +++ b/tests/scripts/check-generated-files.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +# check if generated files are up-to-date + +set -eu + +if [ -d library -a -d include -a -d tests ]; then :; else + echo "Must be run from mbed TLS root" >&2 + exit 1 +fi + +check() +{ + FILE=$1 + SCRIPT=$2 + + cp $FILE $FILE.bak + $SCRIPT + diff $FILE $FILE.bak + mv $FILE.bak $FILE +} + +check library/error.c scripts/generate_errors.pl +check library/version_features.c scripts/generate_features.pl From 00c220123d44bc41ce106bed2f0821d014d21682 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 15:14:10 +0000 Subject: [PATCH 056/100] Update Changelog for portability improvements --- ChangeLog | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ChangeLog b/ChangeLog index 21cd6fdb..5d44eb11 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ mbed TLS ChangeLog (Sorted per branch, date) Security Features + * Add support for overriding snprintf() (except on Windows) and exit() in + the platform layer. + * Add an option to use macros instead of function pointers in the platform + layer (helps get rid of unwanted references). Bugfix * Fix hardclock() (only used in the benchmarking program) with some @@ -21,6 +25,7 @@ Changes * Building with 'make' on windows now requires Unix utilities in the PATH as well as a Unix shell. This enables more features such as the 'check' target. + * Remove dependency on sscanf() in X.509 parsing modules. = mbed TLS 1.3.10 released 2015-02-09 Security From 092864009526dfb16383e97ea26574291480db5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 15:18:33 +0000 Subject: [PATCH 057/100] Update generated files --- library/error.c | 398 +++++++++++++++++++------------------ library/version_features.c | 12 +- 2 files changed, 211 insertions(+), 199 deletions(-) diff --git a/library/error.c b/library/error.c index 1be54e8b..91e804ba 100644 --- a/library/error.c +++ b/library/error.c @@ -31,6 +31,12 @@ #include #endif +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_snprintf snprintf +#endif + #if defined(POLARSSL_ERROR_C) #include @@ -204,297 +210,297 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) // BEGIN generated code #if defined(POLARSSL_CIPHER_C) if( use_ret == -(POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "CIPHER - The selected feature is not available" ); + polarssl_snprintf( buf, buflen, "CIPHER - The selected feature is not available" ); if( use_ret == -(POLARSSL_ERR_CIPHER_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "CIPHER - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_CIPHER_ALLOC_FAILED) ) - snprintf( buf, buflen, "CIPHER - Failed to allocate memory" ); + polarssl_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" ); if( use_ret == -(POLARSSL_ERR_CIPHER_INVALID_PADDING) ) - snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" ); + polarssl_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" ); if( use_ret == -(POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED) ) - snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" ); + polarssl_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" ); if( use_ret == -(POLARSSL_ERR_CIPHER_AUTH_FAILED) ) - snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" ); + polarssl_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" ); #endif /* POLARSSL_CIPHER_C */ #if defined(POLARSSL_DHM_C) if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "DHM - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "DHM - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) ) - snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" ); + polarssl_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" ); if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) ) - snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" ); + polarssl_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" ); if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) ) - snprintf( buf, buflen, "DHM - Reading of the public values failed" ); + polarssl_snprintf( buf, buflen, "DHM - Reading of the public values failed" ); if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) ) - snprintf( buf, buflen, "DHM - Making of the public value failed" ); + polarssl_snprintf( buf, buflen, "DHM - Making of the public value failed" ); if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) ) - snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" ); + polarssl_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" ); if( use_ret == -(POLARSSL_ERR_DHM_INVALID_FORMAT) ) - snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" ); + polarssl_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" ); if( use_ret == -(POLARSSL_ERR_DHM_MALLOC_FAILED) ) - snprintf( buf, buflen, "DHM - Allocation of memory failed" ); + polarssl_snprintf( buf, buflen, "DHM - Allocation of memory failed" ); if( use_ret == -(POLARSSL_ERR_DHM_FILE_IO_ERROR) ) - snprintf( buf, buflen, "DHM - Read/write of file failed" ); + polarssl_snprintf( buf, buflen, "DHM - Read/write of file failed" ); #endif /* POLARSSL_DHM_C */ #if defined(POLARSSL_ECP_C) if( use_ret == -(POLARSSL_ERR_ECP_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "ECP - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "ECP - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) ) - snprintf( buf, buflen, "ECP - The buffer is too small to write to" ); + polarssl_snprintf( buf, buflen, "ECP - The buffer is too small to write to" ); if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "ECP - Requested curve not available" ); + polarssl_snprintf( buf, buflen, "ECP - Requested curve not available" ); if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) ) - snprintf( buf, buflen, "ECP - The signature is not valid" ); + polarssl_snprintf( buf, buflen, "ECP - The signature is not valid" ); if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) ) - snprintf( buf, buflen, "ECP - Memory allocation failed" ); + polarssl_snprintf( buf, buflen, "ECP - Memory allocation failed" ); if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) ) - snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" ); + polarssl_snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" ); if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) ) - snprintf( buf, buflen, "ECP - Invalid private or public key" ); + polarssl_snprintf( buf, buflen, "ECP - Invalid private or public key" ); if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) ) - snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" ); + polarssl_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" ); #endif /* POLARSSL_ECP_C */ #if defined(POLARSSL_MD_C) if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "MD - The selected feature is not available" ); + polarssl_snprintf( buf, buflen, "MD - The selected feature is not available" ); if( use_ret == -(POLARSSL_ERR_MD_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "MD - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "MD - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) ) - snprintf( buf, buflen, "MD - Failed to allocate memory" ); + polarssl_snprintf( buf, buflen, "MD - Failed to allocate memory" ); if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) ) - snprintf( buf, buflen, "MD - Opening or reading of file failed" ); + polarssl_snprintf( buf, buflen, "MD - Opening or reading of file failed" ); #endif /* POLARSSL_MD_C */ #if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C) if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT) ) - snprintf( buf, buflen, "PEM - No PEM header or footer found" ); + polarssl_snprintf( buf, buflen, "PEM - No PEM header or footer found" ); if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) ) - snprintf( buf, buflen, "PEM - PEM string is not as expected" ); + polarssl_snprintf( buf, buflen, "PEM - PEM string is not as expected" ); if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) ) - snprintf( buf, buflen, "PEM - Failed to allocate memory" ); + polarssl_snprintf( buf, buflen, "PEM - Failed to allocate memory" ); if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) ) - snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" ); + polarssl_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" ); if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) ) - snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" ); + polarssl_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" ); if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) ) - snprintf( buf, buflen, "PEM - Private key password can't be empty" ); + polarssl_snprintf( buf, buflen, "PEM - Private key password can't be empty" ); if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) ) - snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" ); + polarssl_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" ); if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" ); + polarssl_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" ); if( use_ret == -(POLARSSL_ERR_PEM_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "PEM - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "PEM - Bad input parameters to function" ); #endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */ #if defined(POLARSSL_PK_C) if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) ) - snprintf( buf, buflen, "PK - Memory alloation failed" ); + polarssl_snprintf( buf, buflen, "PK - Memory alloation failed" ); if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) ) - snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); + polarssl_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "PK - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "PK - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_PK_FILE_IO_ERROR) ) - snprintf( buf, buflen, "PK - Read/write of file failed" ); + polarssl_snprintf( buf, buflen, "PK - Read/write of file failed" ); if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_VERSION) ) - snprintf( buf, buflen, "PK - Unsupported key version" ); + polarssl_snprintf( buf, buflen, "PK - Unsupported key version" ); if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_FORMAT) ) - snprintf( buf, buflen, "PK - Invalid key tag or value" ); + polarssl_snprintf( buf, buflen, "PK - Invalid key tag or value" ); if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_PK_ALG) ) - snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); + polarssl_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_REQUIRED) ) - snprintf( buf, buflen, "PK - Private key password can't be empty" ); + polarssl_snprintf( buf, buflen, "PK - Private key password can't be empty" ); if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_MISMATCH) ) - snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" ); + polarssl_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" ); if( use_ret == -(POLARSSL_ERR_PK_INVALID_PUBKEY) ) - snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); + polarssl_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); if( use_ret == -(POLARSSL_ERR_PK_INVALID_ALG) ) - snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE) ) - snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); + polarssl_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); if( use_ret == -(POLARSSL_ERR_PK_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); + polarssl_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); if( use_ret == -(POLARSSL_ERR_PK_SIG_LEN_MISMATCH) ) - snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" ); + polarssl_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" ); #endif /* POLARSSL_PK_C */ #if defined(POLARSSL_PKCS12_C) if( use_ret == -(POLARSSL_ERR_PKCS12_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); + polarssl_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) ) - snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" ); + polarssl_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" ); if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) ) - snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" ); + polarssl_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" ); #endif /* POLARSSL_PKCS12_C */ #if defined(POLARSSL_PKCS5_C) if( use_ret == -(POLARSSL_ERR_PKCS5_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_PKCS5_INVALID_FORMAT) ) - snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" ); + polarssl_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" ); if( use_ret == -(POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" ); + polarssl_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" ); if( use_ret == -(POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH) ) - snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" ); + polarssl_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" ); #endif /* POLARSSL_PKCS5_C */ #if defined(POLARSSL_RSA_C) if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "RSA - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "RSA - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) ) - snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" ); + polarssl_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" ); if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) ) - snprintf( buf, buflen, "RSA - Something failed during generation of a key" ); + polarssl_snprintf( buf, buflen, "RSA - Something failed during generation of a key" ); if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) ) - snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" ); + polarssl_snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" ); if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) ) - snprintf( buf, buflen, "RSA - The public key operation failed" ); + polarssl_snprintf( buf, buflen, "RSA - The public key operation failed" ); if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) ) - snprintf( buf, buflen, "RSA - The private key operation failed" ); + polarssl_snprintf( buf, buflen, "RSA - The private key operation failed" ); if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) ) - snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" ); + polarssl_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" ); if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) ) - snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" ); + polarssl_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" ); if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) ) - snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); + polarssl_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); #endif /* POLARSSL_RSA_C */ #if defined(POLARSSL_SSL_TLS_C) if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "SSL - The requested feature is not available" ); + polarssl_snprintf( buf, buflen, "SSL - The requested feature is not available" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "SSL - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "SSL - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) ) - snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); + polarssl_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) ) - snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); + polarssl_snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) ) - snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); + polarssl_snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) ) - snprintf( buf, buflen, "SSL - An unknown cipher was received" ); + polarssl_snprintf( buf, buflen, "SSL - An unknown cipher was received" ); if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) ) - snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); + polarssl_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); if( use_ret == -(POLARSSL_ERR_SSL_NO_RNG) ) - snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); + polarssl_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) ) - snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); + polarssl_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) ) - snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); + polarssl_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) ) - snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); + polarssl_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) ) - snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); + polarssl_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) ) - snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); + polarssl_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) ) - snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); + polarssl_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) ) { - snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); + polarssl_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); return; } if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) ) - snprintf( buf, buflen, "SSL - Verification of our peer failed" ); + polarssl_snprintf( buf, buflen, "SSL - Verification of our peer failed" ); if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) ) - snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); + polarssl_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) ) - snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) ) - snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) ) - snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) - snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) - snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) - snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) - snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) ) - snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) ) - snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) - snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) - snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) ) - snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) ) - snprintf( buf, buflen, "SSL - Memory allocation failed" ); + polarssl_snprintf( buf, buflen, "SSL - Memory allocation failed" ); if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FAILED) ) - snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); + polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) - snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); + polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); if( use_ret == -(POLARSSL_ERR_SSL_COMPRESSION_FAILED) ) - snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) - snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); + polarssl_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) ) - snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); + polarssl_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED) ) - snprintf( buf, buflen, "SSL - Session ticket has expired" ); + polarssl_snprintf( buf, buflen, "SSL - Session ticket has expired" ); if( use_ret == -(POLARSSL_ERR_SSL_PK_TYPE_MISMATCH) ) - snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); + polarssl_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_IDENTITY) ) - snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); + polarssl_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) ) - snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); + polarssl_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) ) - snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); + polarssl_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); if( use_ret == -(POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) ) - snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); + polarssl_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); if( use_ret == -(POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE) ) - snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); + polarssl_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); #endif /* POLARSSL_SSL_TLS_C */ #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); + polarssl_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_OID) ) - snprintf( buf, buflen, "X509 - Requested OID is unknown" ); + polarssl_snprintf( buf, buflen, "X509 - Requested OID is unknown" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_FORMAT) ) - snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); + polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_VERSION) ) - snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_SERIAL) ) - snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_ALG) ) - snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_NAME) ) - snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_DATE) ) - snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_SIGNATURE) ) - snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); if( use_ret == -(POLARSSL_ERR_X509_INVALID_EXTENSIONS) ) - snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); + polarssl_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_VERSION) ) - snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); + polarssl_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_SIG_ALG) ) - snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); + polarssl_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); if( use_ret == -(POLARSSL_ERR_X509_SIG_MISMATCH) ) - snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::x509_crt sig_oid)" ); + polarssl_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::x509_crt sig_oid)" ); if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) ) - snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); + polarssl_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) ) - snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); + polarssl_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); if( use_ret == -(POLARSSL_ERR_X509_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "X509 - Input invalid" ); + polarssl_snprintf( buf, buflen, "X509 - Input invalid" ); if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) ) - snprintf( buf, buflen, "X509 - Allocation of memory failed" ); + polarssl_snprintf( buf, buflen, "X509 - Allocation of memory failed" ); if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) ) - snprintf( buf, buflen, "X509 - Read/write of file failed" ); + polarssl_snprintf( buf, buflen, "X509 - Read/write of file failed" ); #endif /* POLARSSL_X509_USE,X509_CREATE_C */ // END generated code if( strlen( buf ) == 0 ) - snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } use_ret = ret & ~0xFF80; @@ -512,7 +518,7 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) if( buflen - len < 5 ) return; - snprintf( buf + len, buflen - len, " : " ); + polarssl_snprintf( buf + len, buflen - len, " : " ); buf += len + 3; buflen -= len + 3; @@ -523,216 +529,216 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) // BEGIN generated code #if defined(POLARSSL_AES_C) if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) ) - snprintf( buf, buflen, "AES - Invalid key length" ); + polarssl_snprintf( buf, buflen, "AES - Invalid key length" ); if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) ) - snprintf( buf, buflen, "AES - Invalid data input length" ); + polarssl_snprintf( buf, buflen, "AES - Invalid data input length" ); #endif /* POLARSSL_AES_C */ #if defined(POLARSSL_ASN1_PARSE_C) if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) ) - snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" ); + polarssl_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" ); if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) ) - snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" ); + polarssl_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" ); if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) ) - snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" ); + polarssl_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" ); if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) ) - snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); + polarssl_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) ) - snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); + polarssl_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) ) - snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); + polarssl_snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); if( use_ret == -(POLARSSL_ERR_ASN1_BUF_TOO_SMALL) ) - snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" ); + polarssl_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" ); #endif /* POLARSSL_ASN1_PARSE_C */ #if defined(POLARSSL_BASE64_C) if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) ) - snprintf( buf, buflen, "BASE64 - Output buffer too small" ); + polarssl_snprintf( buf, buflen, "BASE64 - Output buffer too small" ); if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) ) - snprintf( buf, buflen, "BASE64 - Invalid character in input" ); + polarssl_snprintf( buf, buflen, "BASE64 - Invalid character in input" ); #endif /* POLARSSL_BASE64_C */ #if defined(POLARSSL_BIGNUM_C) if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) ) - snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" ); + polarssl_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" ); if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) ) - snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" ); + polarssl_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" ); if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) ) - snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" ); + polarssl_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" ); if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) ) - snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" ); + polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" ); if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) ) - snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" ); + polarssl_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" ); if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) ) - snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" ); + polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" ); if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) ) - snprintf( buf, buflen, "BIGNUM - Memory allocation failed" ); + polarssl_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" ); #endif /* POLARSSL_BIGNUM_C */ #if defined(POLARSSL_BLOWFISH_C) if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH) ) - snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); + polarssl_snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH) ) - snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); + polarssl_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); #endif /* POLARSSL_BLOWFISH_C */ #if defined(POLARSSL_CAMELLIA_C) if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH) ) - snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); + polarssl_snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH) ) - snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); + polarssl_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); #endif /* POLARSSL_CAMELLIA_C */ #if defined(POLARSSL_CCM_C) if( use_ret == -(POLARSSL_ERR_CCM_BAD_INPUT) ) - snprintf( buf, buflen, "CCM - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "CCM - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_CCM_AUTH_FAILED) ) - snprintf( buf, buflen, "CCM - Authenticated decryption failed" ); + polarssl_snprintf( buf, buflen, "CCM - Authenticated decryption failed" ); #endif /* POLARSSL_CCM_C */ #if defined(POLARSSL_CTR_DRBG_C) if( use_ret == -(POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) ) - snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" ); + polarssl_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" ); if( use_ret == -(POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG) ) - snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" ); + polarssl_snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" ); if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) ) - snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" ); + polarssl_snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" ); if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) ) - snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" ); #endif /* POLARSSL_CTR_DRBG_C */ #if defined(POLARSSL_DES_C) if( use_ret == -(POLARSSL_ERR_DES_INVALID_INPUT_LENGTH) ) - snprintf( buf, buflen, "DES - The data input has an invalid length" ); + polarssl_snprintf( buf, buflen, "DES - The data input has an invalid length" ); #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ENTROPY_C) if( use_ret == -(POLARSSL_ERR_ENTROPY_SOURCE_FAILED) ) - snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" ); + polarssl_snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" ); if( use_ret == -(POLARSSL_ERR_ENTROPY_MAX_SOURCES) ) - snprintf( buf, buflen, "ENTROPY - No more sources can be added" ); + polarssl_snprintf( buf, buflen, "ENTROPY - No more sources can be added" ); if( use_ret == -(POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED) ) - snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" ); + polarssl_snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" ); if( use_ret == -(POLARSSL_ERR_ENTROPY_FILE_IO_ERROR) ) - snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); #endif /* POLARSSL_ENTROPY_C */ #if defined(POLARSSL_GCM_C) if( use_ret == -(POLARSSL_ERR_GCM_AUTH_FAILED) ) - snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); + polarssl_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); if( use_ret == -(POLARSSL_ERR_GCM_BAD_INPUT) ) - snprintf( buf, buflen, "GCM - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "GCM - Bad input parameters to function" ); #endif /* POLARSSL_GCM_C */ #if defined(POLARSSL_HMAC_DRBG_C) if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG) ) - snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); + polarssl_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG) ) - snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" ); + polarssl_snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" ); if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR) ) - snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" ); if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) ) - snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" ); + polarssl_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" ); #endif /* POLARSSL_HMAC_DRBG_C */ #if defined(POLARSSL_MD2_C) if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) ) - snprintf( buf, buflen, "MD2 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "MD2 - Read/write error in file" ); #endif /* POLARSSL_MD2_C */ #if defined(POLARSSL_MD4_C) if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) ) - snprintf( buf, buflen, "MD4 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "MD4 - Read/write error in file" ); #endif /* POLARSSL_MD4_C */ #if defined(POLARSSL_MD5_C) if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) ) - snprintf( buf, buflen, "MD5 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "MD5 - Read/write error in file" ); #endif /* POLARSSL_MD5_C */ #if defined(POLARSSL_NET_C) if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) ) - snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); + polarssl_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); if( use_ret == -(POLARSSL_ERR_NET_SOCKET_FAILED) ) - snprintf( buf, buflen, "NET - Failed to open a socket" ); + polarssl_snprintf( buf, buflen, "NET - Failed to open a socket" ); if( use_ret == -(POLARSSL_ERR_NET_CONNECT_FAILED) ) - snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); + polarssl_snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); if( use_ret == -(POLARSSL_ERR_NET_BIND_FAILED) ) - snprintf( buf, buflen, "NET - Binding of the socket failed" ); + polarssl_snprintf( buf, buflen, "NET - Binding of the socket failed" ); if( use_ret == -(POLARSSL_ERR_NET_LISTEN_FAILED) ) - snprintf( buf, buflen, "NET - Could not listen on the socket" ); + polarssl_snprintf( buf, buflen, "NET - Could not listen on the socket" ); if( use_ret == -(POLARSSL_ERR_NET_ACCEPT_FAILED) ) - snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); + polarssl_snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); if( use_ret == -(POLARSSL_ERR_NET_RECV_FAILED) ) - snprintf( buf, buflen, "NET - Reading information from the socket failed" ); + polarssl_snprintf( buf, buflen, "NET - Reading information from the socket failed" ); if( use_ret == -(POLARSSL_ERR_NET_SEND_FAILED) ) - snprintf( buf, buflen, "NET - Sending information through the socket failed" ); + polarssl_snprintf( buf, buflen, "NET - Sending information through the socket failed" ); if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) ) - snprintf( buf, buflen, "NET - Connection was reset by peer" ); + polarssl_snprintf( buf, buflen, "NET - Connection was reset by peer" ); if( use_ret == -(POLARSSL_ERR_NET_WANT_READ) ) - snprintf( buf, buflen, "NET - Connection requires a read call" ); + polarssl_snprintf( buf, buflen, "NET - Connection requires a read call" ); if( use_ret == -(POLARSSL_ERR_NET_WANT_WRITE) ) - snprintf( buf, buflen, "NET - Connection requires a write call" ); + polarssl_snprintf( buf, buflen, "NET - Connection requires a write call" ); #endif /* POLARSSL_NET_C */ #if defined(POLARSSL_OID_C) if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) ) - snprintf( buf, buflen, "OID - OID is not found" ); + polarssl_snprintf( buf, buflen, "OID - OID is not found" ); if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) ) - snprintf( buf, buflen, "OID - output buffer is too small" ); + polarssl_snprintf( buf, buflen, "OID - output buffer is too small" ); #endif /* POLARSSL_OID_C */ #if defined(POLARSSL_PADLOCK_C) if( use_ret == -(POLARSSL_ERR_PADLOCK_DATA_MISALIGNED) ) - snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); + polarssl_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); #endif /* POLARSSL_PADLOCK_C */ #if defined(POLARSSL_PBKDF2_C) if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" ); #endif /* POLARSSL_PBKDF2_C */ #if defined(POLARSSL_RIPEMD160_C) if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) ) - snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" ); #endif /* POLARSSL_RIPEMD160_C */ #if defined(POLARSSL_SHA1_C) if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) ) - snprintf( buf, buflen, "SHA1 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "SHA1 - Read/write error in file" ); #endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) if( use_ret == -(POLARSSL_ERR_SHA256_FILE_IO_ERROR) ) - snprintf( buf, buflen, "SHA256 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "SHA256 - Read/write error in file" ); #endif /* POLARSSL_SHA256_C */ #if defined(POLARSSL_SHA512_C) if( use_ret == -(POLARSSL_ERR_SHA512_FILE_IO_ERROR) ) - snprintf( buf, buflen, "SHA512 - Read/write error in file" ); + polarssl_snprintf( buf, buflen, "SHA512 - Read/write error in file" ); #endif /* POLARSSL_SHA512_C */ #if defined(POLARSSL_THREADING_C) if( use_ret == -(POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE) ) - snprintf( buf, buflen, "THREADING - The selected feature is not available" ); + polarssl_snprintf( buf, buflen, "THREADING - The selected feature is not available" ); if( use_ret == -(POLARSSL_ERR_THREADING_BAD_INPUT_DATA) ) - snprintf( buf, buflen, "THREADING - Bad input parameters to function" ); + polarssl_snprintf( buf, buflen, "THREADING - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_THREADING_MUTEX_ERROR) ) - snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" ); + polarssl_snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" ); #endif /* POLARSSL_THREADING_C */ #if defined(POLARSSL_XTEA_C) if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) ) - snprintf( buf, buflen, "XTEA - The data input has an invalid length" ); + polarssl_snprintf( buf, buflen, "XTEA - The data input has an invalid length" ); #endif /* POLARSSL_XTEA_C */ // END generated code if( strlen( buf ) != 0 ) return; - snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } #if defined(POLARSSL_ERROR_STRERROR_BC) diff --git a/library/version_features.c b/library/version_features.c index 658b7cda..adaf5dec 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -66,12 +66,18 @@ const char *features[] = { #if defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) "POLARSSL_PLATFORM_NO_STD_FUNCTIONS", #endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) - "POLARSSL_PLATFORM_PRINTF_ALT", -#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_EXIT_ALT) + "POLARSSL_PLATFORM_EXIT_ALT", +#endif /* POLARSSL_PLATFORM_EXIT_ALT */ #if defined(POLARSSL_PLATFORM_FPRINTF_ALT) "POLARSSL_PLATFORM_FPRINTF_ALT", #endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_PRINTF_ALT) + "POLARSSL_PLATFORM_PRINTF_ALT", +#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ +#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) + "POLARSSL_PLATFORM_SNPRINTF_ALT", +#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ #if defined(POLARSSL_TIMING_ALT) "POLARSSL_TIMING_ALT", #endif /* POLARSSL_TIMING_ALT */ From 6ca40764683d4ee2fe3e8e950f253de59054b346 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 15:57:35 +0000 Subject: [PATCH 058/100] Update all.sh for new dependency --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ba78dfb2..bbd59baa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -139,6 +139,7 @@ cleanup cp "$CONFIG_H" "$CONFIG_BAK" scripts/config.pl full scripts/config.pl unset POLARSSL_PLATFORM_C +scripts/config.pl unset POLARSSL_PLATFORM_MEMORY scripts/config.pl unset POLARSSL_MEMORY_C scripts/config.pl unset POLARSSL_MEMORY_BUFFER_ALLOC_C CC=gcc CFLAGS=-Werror make From b92965be740f3eb28f37b249a0332711eb65c497 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 11:11:57 +0000 Subject: [PATCH 059/100] modify programs/*.c to use polarssl_snprintf --- programs/pkey/pk_sign.c | 1 + programs/pkey/pk_verify.c | 1 + programs/pkey/rsa_sign_pss.c | 1 + programs/pkey/rsa_verify_pss.c | 1 + programs/ssl/ssl_client2.c | 1 + programs/test/benchmark.c | 4 ++-- programs/test/ssl_cert_test.c | 1 + 7 files changed, 8 insertions(+), 2 deletions(-) diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 88561b18..e85350d9 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -32,6 +32,7 @@ #include #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index d8cd9a14..923afc15 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -32,6 +32,7 @@ #include #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_BIGNUM_C) && \ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 24330962..ad4d0b5f 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -32,6 +32,7 @@ #include #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_ENTROPY_C) && \ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 65fcfbe8..2b1570a9 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -32,6 +32,7 @@ #include #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_BIGNUM_C) && defined(POLARSSL_RSA_C) && \ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index e2dac431..ee2ea130 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -30,6 +30,7 @@ #include "polarssl/platform.h" #else #include +#define polarssl_printf printf #define polarssl_fprintf fprintf #define polarssl_printf printf #define polarssl_snprintf snprintf diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index edb7c076..0f2993ce 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -30,9 +30,9 @@ #include "polarssl/platform.h" #else #include -#define polarssl_snprintf snprintf -#define polarssl_printf printf #define polarssl_exit exit +#define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_TIMING_C) diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 782d6f38..49786031 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -32,6 +32,7 @@ #include #define polarssl_snprintf snprintf #define polarssl_printf printf +#define polarssl_snprintf snprintf #endif #if defined(POLARSSL_RSA_C) && defined(POLARSSL_X509_CRT_PARSE_C) && \ From 012acfc20f663d31ef0718f52bf8ce2bef2d82f2 Mon Sep 17 00:00:00 2001 From: Rich Evans Date: Fri, 30 Jan 2015 12:12:11 +0000 Subject: [PATCH 060/100] modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit --- programs/test/benchmark.c | 1 + tests/suites/main_test.function | 1 + 2 files changed, 2 insertions(+) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 0f2993ce..675547b3 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -33,6 +33,7 @@ #define polarssl_exit exit #define polarssl_printf printf #define polarssl_snprintf snprintf +#define polarssl_exit exit #endif #if defined(POLARSSL_TIMING_C) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index bb1083ac..d67d875c 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -3,6 +3,7 @@ #if defined(POLARSSL_PLATFORM_C) #include "polarssl/platform.h" #else +#include #define polarssl_exit exit #define polarssl_free free #define polarssl_malloc malloc From 18ba0cce8b4e8c8cad2d73be9e9f8c32fab92ef8 Mon Sep 17 00:00:00 2001 From: Alon Bar-Lev Date: Sat, 14 Feb 2015 01:04:58 +0200 Subject: [PATCH 061/100] build: make: support windows cross compile Add WINDOWS_BUILD macro to enable Windows build on *NIX host. Add optional suffix for executables. Fix shared object suffix logic to support multiple suffixes. Fix soname handling to always match output. WINDOWS macro sets WINDOWS_BUILD. WINDOWS_BUILD sets .exe executable suffix. WINDOWS_BUILD shared mode creates dll import library. WINDOWS_BUILD shared mode link against dll. Signed-off-by: Alon Bar-Lev --- library/Makefile | 37 ++-- programs/Makefile | 155 ++++++++-------- tests/Makefile | 438 ++++++++++++++++++++++++---------------------- 3 files changed, 336 insertions(+), 294 deletions(-) diff --git a/library/Makefile b/library/Makefile index 37ba14e6..9feecb08 100644 --- a/library/Makefile +++ b/library/Makefile @@ -22,14 +22,22 @@ ifdef SHARED CFLAGS += -fPIC endif -SONAME=libmbedtls.so.7 +SOEXT=so.8 -DLEXT=so.8 +DLEXT=so # OSX shared library extension: # DLEXT=dylib -# Windows shared library extension: +# +# if we running on Windows build +# for Windows +# ifdef WINDOWS +WINDOWS_BUILD=1 +endif + +# Windows shared library extension: +ifdef WINDOWS_BUILD DLEXT=dll LDFLAGS += -lws2_32 endif @@ -73,7 +81,7 @@ endif static: libpolarssl.a -shared: libpolarssl.so +shared: libpolarssl.$(DLEXT) libpolarssl.a: libmbedtls.a echo " LN $@ -> $?" @@ -89,21 +97,28 @@ libmbedtls.a: $(OBJS) echo " RL $@" $(AR) s $@ -libpolarssl.so: libmbedtls.so +libpolarssl.$(DLEXT): libmbedtls.$(DLEXT) echo " LN $@ -> $?" ifndef WINDOWS ln -sf $? $@ else copy /y /b $? $@ endif +ifdef WINDOWS_BUILD +ifndef WINDOWS + ln -sf $?.a $@.a +else + copy /y /b $?.a $@.a +endif +endif -libmbedtls.${DLEXT}: $(OBJS) +libmbedtls.$(SOEXT): $(OBJS) echo " LD $@" - $(CC) ${LDFLAGS} -shared -Wl,-soname,$(SONAME) -o $@ $(OBJS) + $(CC) ${LDFLAGS} -shared -Wl,-soname,$@ -o $@ $(OBJS) -libmbedtls.so: libmbedtls.${DLEXT} - echo " LN $@ -> libmbedtls.${DLEXT}" - ln -sf libmbedtls.${DLEXT} $@ +libmbedtls.so: libmbedtls.$(SOEXT) + echo " LN $@ -> libmbedtls.$(SOEXT)" + ln -sf libmbedtls.$(SOEXT) $@ libmbedtls.dylib: $(OBJS) echo " LD $@" @@ -111,7 +126,7 @@ libmbedtls.dylib: $(OBJS) libmbedtls.dll: $(OBJS) echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS) -lws2_32 -lwinmm -lgdi32 + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS) -lws2_32 -lwinmm -lgdi32 .c.o: echo " CC $<" diff --git a/programs/Makefile b/programs/Makefile index ba8dd316..cda68e5e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -5,14 +5,27 @@ CFLAGS += -I../include -D_FILE_OFFSET_BITS=64 -Wall -W -Wdeclaration-after-statement OFLAGS = -O2 -LDFLAGS += -L../library -lmbedtls $(SYS_LDFLAGS) +LDFLAGS += -L../library -lmbedtls$(SHARED_SUFFIX) $(SYS_LDFLAGS) ifdef DEBUG CFLAGS += -g3 endif +# +# if we running on Windows build +# for Windows +# ifdef WINDOWS +WINDOWS_BUILD=1 +endif + +ifdef WINDOWS_BUILD +DLEXT=dll +EXEXT=.exe LDFLAGS += -lws2_32 +ifdef SHARED +SHARED_SUFFIX=.$(DLEXT) +endif endif # Zlib shared library extensions: @@ -20,30 +33,30 @@ ifdef ZLIB LDFLAGS += -lz endif -APPS = aes/aescrypt2 aes/crypt_and_hash \ - hash/hello hash/generic_sum \ - hash/md5sum hash/sha1sum \ - hash/sha2sum pkey/dh_client \ - pkey/dh_genprime pkey/dh_server \ - pkey/gen_key \ - pkey/key_app pkey/key_app_writer \ - pkey/mpi_demo pkey/pk_decrypt \ - pkey/pk_encrypt pkey/pk_sign \ - pkey/pk_verify pkey/rsa_genkey \ - pkey/rsa_decrypt pkey/rsa_encrypt \ - pkey/rsa_sign pkey/rsa_verify \ - pkey/rsa_sign_pss pkey/rsa_verify_pss \ - ssl/ssl_client1 ssl/ssl_client2 \ - ssl/ssl_server ssl/ssl_server2 \ - ssl/ssl_fork_server \ - ssl/ssl_mail_client random/gen_entropy \ - random/gen_random_havege \ - random/gen_random_ctr_drbg \ - test/ssl_cert_test test/benchmark \ - test/selftest test/ssl_test \ - util/pem2der util/strerror \ - x509/cert_app x509/crl_app \ - x509/cert_req +APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ + hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \ + hash/md5sum$(EXEXT) hash/sha1sum$(EXEXT) \ + hash/sha2sum$(EXEXT) pkey/dh_client$(EXEXT) \ + pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \ + pkey/gen_key$(EXEXT) \ + pkey/key_app$(EXEXT) pkey/key_app_writer$(EXEXT) \ + pkey/mpi_demo$(EXEXT) pkey/pk_decrypt$(EXEXT) \ + pkey/pk_encrypt$(EXEXT) pkey/pk_sign$(EXEXT) \ + pkey/pk_verify$(EXEXT) pkey/rsa_genkey$(EXEXT) \ + pkey/rsa_decrypt$(EXEXT) pkey/rsa_encrypt$(EXEXT) \ + pkey/rsa_sign$(EXEXT) pkey/rsa_verify$(EXEXT) \ + pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ + ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ + ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \ + ssl/ssl_fork_server$(EXEXT) \ + ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \ + random/gen_random_havege$(EXEXT) \ + random/gen_random_ctr_drbg$(EXEXT) \ + test/ssl_cert_test$(EXEXT) test/benchmark$(EXEXT) \ + test/selftest$(EXEXT) test/ssl_test$(EXEXT) \ + util/pem2der$(EXEXT) util/strerror$(EXEXT) \ + x509/cert_app$(EXEXT) x509/crl_app$(EXEXT) \ + x509/cert_req$(EXEXT) ifdef OPENSSL APPS += test/o_p_test @@ -57,187 +70,187 @@ endif all: $(APPS) -aes/aescrypt2: aes/aescrypt2.c ../library/libmbedtls.a +aes/aescrypt2$(EXEXT): aes/aescrypt2.c ../library/libmbedtls.a echo " CC aes/aescrypt2.c" $(CC) $(CFLAGS) $(OFLAGS) aes/aescrypt2.c $(LDFLAGS) -o $@ -aes/crypt_and_hash: aes/crypt_and_hash.c ../library/libmbedtls.a +aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c ../library/libmbedtls.a echo " CC aes/crypt_and_hash.c" $(CC) $(CFLAGS) $(OFLAGS) aes/crypt_and_hash.c $(LDFLAGS) -o $@ -hash/hello: hash/hello.c ../library/libmbedtls.a +hash/hello$(EXEXT): hash/hello.c ../library/libmbedtls.a echo " CC hash/hello.c" $(CC) $(CFLAGS) $(OFLAGS) hash/hello.c $(LDFLAGS) -o $@ -hash/generic_sum: hash/generic_sum.c ../library/libmbedtls.a +hash/generic_sum$(EXEXT): hash/generic_sum.c ../library/libmbedtls.a echo " CC hash/generic_sum.c" $(CC) $(CFLAGS) $(OFLAGS) hash/generic_sum.c $(LDFLAGS) -o $@ -hash/md5sum: hash/md5sum.c ../library/libmbedtls.a +hash/md5sum$(EXEXT): hash/md5sum.c ../library/libmbedtls.a echo " CC hash/md5sum.c" $(CC) $(CFLAGS) $(OFLAGS) hash/md5sum.c $(LDFLAGS) -o $@ -hash/sha1sum: hash/sha1sum.c ../library/libmbedtls.a +hash/sha1sum$(EXEXT): hash/sha1sum.c ../library/libmbedtls.a echo " CC hash/sha1sum.c" $(CC) $(CFLAGS) $(OFLAGS) hash/sha1sum.c $(LDFLAGS) -o $@ -hash/sha2sum: hash/sha2sum.c ../library/libmbedtls.a +hash/sha2sum$(EXEXT): hash/sha2sum.c ../library/libmbedtls.a echo " CC hash/sha2sum.c" $(CC) $(CFLAGS) $(OFLAGS) hash/sha2sum.c $(LDFLAGS) -o $@ -pkey/dh_client: pkey/dh_client.c ../library/libmbedtls.a +pkey/dh_client$(EXEXT): pkey/dh_client.c ../library/libmbedtls.a echo " CC pkey/dh_client.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/dh_client.c $(LDFLAGS) -o $@ -pkey/dh_genprime: pkey/dh_genprime.c ../library/libmbedtls.a +pkey/dh_genprime$(EXEXT): pkey/dh_genprime.c ../library/libmbedtls.a echo " CC pkey/dh_genprime.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/dh_genprime.c $(LDFLAGS) -o $@ -pkey/dh_server: pkey/dh_server.c ../library/libmbedtls.a +pkey/dh_server$(EXEXT): pkey/dh_server.c ../library/libmbedtls.a echo " CC pkey/dh_server.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/dh_server.c $(LDFLAGS) -o $@ -pkey/ecdsa: pkey/ecdsa.c ../library/libmbedtls.a +pkey/ecdsa$(EXEXT): pkey/ecdsa.c ../library/libmbedtls.a echo " CC pkey/ecdsa.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/ecdsa.c $(LDFLAGS) -o $@ -pkey/gen_key: pkey/gen_key.c ../library/libmbedtls.a +pkey/gen_key$(EXEXT): pkey/gen_key.c ../library/libmbedtls.a echo " CC pkey/gen_key.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/gen_key.c $(LDFLAGS) -o $@ -pkey/key_app: pkey/key_app.c ../library/libmbedtls.a +pkey/key_app$(EXEXT): pkey/key_app.c ../library/libmbedtls.a echo " CC pkey/key_app.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/key_app.c $(LDFLAGS) -o $@ -pkey/key_app_writer: pkey/key_app_writer.c ../library/libmbedtls.a +pkey/key_app_writer$(EXEXT): pkey/key_app_writer.c ../library/libmbedtls.a echo " CC pkey/key_app_writer.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/key_app_writer.c $(LDFLAGS) -o $@ -pkey/mpi_demo: pkey/mpi_demo.c ../library/libmbedtls.a +pkey/mpi_demo$(EXEXT): pkey/mpi_demo.c ../library/libmbedtls.a echo " CC pkey/mpi_demo.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/mpi_demo.c $(LDFLAGS) -o $@ -pkey/pk_decrypt: pkey/pk_decrypt.c ../library/libmbedtls.a +pkey/pk_decrypt$(EXEXT): pkey/pk_decrypt.c ../library/libmbedtls.a echo " CC pkey/pk_decrypt.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/pk_decrypt.c $(LDFLAGS) -o $@ -pkey/pk_encrypt: pkey/pk_encrypt.c ../library/libmbedtls.a +pkey/pk_encrypt$(EXEXT): pkey/pk_encrypt.c ../library/libmbedtls.a echo " CC pkey/pk_encrypt.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/pk_encrypt.c $(LDFLAGS) -o $@ -pkey/pk_sign: pkey/pk_sign.c ../library/libmbedtls.a +pkey/pk_sign$(EXEXT): pkey/pk_sign.c ../library/libmbedtls.a echo " CC pkey/pk_sign.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/pk_sign.c $(LDFLAGS) -o $@ -pkey/pk_verify: pkey/pk_verify.c ../library/libmbedtls.a +pkey/pk_verify$(EXEXT): pkey/pk_verify.c ../library/libmbedtls.a echo " CC pkey/pk_verify.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/pk_verify.c $(LDFLAGS) -o $@ -pkey/rsa_genkey: pkey/rsa_genkey.c ../library/libmbedtls.a +pkey/rsa_genkey$(EXEXT): pkey/rsa_genkey.c ../library/libmbedtls.a echo " CC pkey/rsa_genkey.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_genkey.c $(LDFLAGS) -o $@ -pkey/rsa_sign: pkey/rsa_sign.c ../library/libmbedtls.a +pkey/rsa_sign$(EXEXT): pkey/rsa_sign.c ../library/libmbedtls.a echo " CC pkey/rsa_sign.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign.c $(LDFLAGS) -o $@ -pkey/rsa_verify: pkey/rsa_verify.c ../library/libmbedtls.a +pkey/rsa_verify$(EXEXT): pkey/rsa_verify.c ../library/libmbedtls.a echo " CC pkey/rsa_verify.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify.c $(LDFLAGS) -o $@ -pkey/rsa_sign_pss: pkey/rsa_sign_pss.c ../library/libmbedtls.a +pkey/rsa_sign_pss$(EXEXT): pkey/rsa_sign_pss.c ../library/libmbedtls.a echo " CC pkey/rsa_sign_pss.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_sign_pss.c $(LDFLAGS) -o $@ -pkey/rsa_verify_pss: pkey/rsa_verify_pss.c ../library/libmbedtls.a +pkey/rsa_verify_pss$(EXEXT): pkey/rsa_verify_pss.c ../library/libmbedtls.a echo " CC pkey/rsa_verify_pss.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_verify_pss.c $(LDFLAGS) -o $@ -pkey/rsa_decrypt: pkey/rsa_decrypt.c ../library/libmbedtls.a +pkey/rsa_decrypt$(EXEXT): pkey/rsa_decrypt.c ../library/libmbedtls.a echo " CC pkey/rsa_decrypt.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_decrypt.c $(LDFLAGS) -o $@ -pkey/rsa_encrypt: pkey/rsa_encrypt.c ../library/libmbedtls.a +pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c ../library/libmbedtls.a echo " CC pkey/rsa_encrypt.c" $(CC) $(CFLAGS) $(OFLAGS) pkey/rsa_encrypt.c $(LDFLAGS) -o $@ -random/gen_entropy: random/gen_entropy.c ../library/libmbedtls.a +random/gen_entropy$(EXEXT): random/gen_entropy.c ../library/libmbedtls.a echo " CC random/gen_entropy.c" $(CC) $(CFLAGS) $(OFLAGS) random/gen_entropy.c $(LDFLAGS) -o $@ -random/gen_random_havege: random/gen_random_havege.c ../library/libmbedtls.a +random/gen_random_havege$(EXEXT): random/gen_random_havege.c ../library/libmbedtls.a echo " CC random/gen_random_havege.c" $(CC) $(CFLAGS) $(OFLAGS) random/gen_random_havege.c $(LDFLAGS) -o $@ -random/gen_random_ctr_drbg: random/gen_random_ctr_drbg.c ../library/libmbedtls.a +random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c ../library/libmbedtls.a echo " CC random/gen_random_ctr_drbg.c" $(CC) $(CFLAGS) $(OFLAGS) random/gen_random_ctr_drbg.c $(LDFLAGS) -o $@ -ssl/ssl_client1: ssl/ssl_client1.c ../library/libmbedtls.a +ssl/ssl_client1$(EXEXT): ssl/ssl_client1.c ../library/libmbedtls.a echo " CC ssl/ssl_client1.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client1.c $(LDFLAGS) -o $@ -ssl/ssl_client2: ssl/ssl_client2.c ../library/libmbedtls.a +ssl/ssl_client2$(EXEXT): ssl/ssl_client2.c ../library/libmbedtls.a echo " CC ssl/ssl_client2.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_client2.c $(LDFLAGS) -o $@ -ssl/ssl_server: ssl/ssl_server.c ../library/libmbedtls.a +ssl/ssl_server$(EXEXT): ssl/ssl_server.c ../library/libmbedtls.a echo " CC ssl/ssl_server.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server.c $(LDFLAGS) -o $@ -ssl/ssl_server2: ssl/ssl_server2.c ../library/libmbedtls.a +ssl/ssl_server2$(EXEXT): ssl/ssl_server2.c ../library/libmbedtls.a echo " CC ssl/ssl_server2.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_server2.c $(LDFLAGS) -o $@ -ssl/ssl_fork_server: ssl/ssl_fork_server.c ../library/libmbedtls.a +ssl/ssl_fork_server$(EXEXT): ssl/ssl_fork_server.c ../library/libmbedtls.a echo " CC ssl/ssl_fork_server.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_fork_server.c $(LDFLAGS) -o $@ -ssl/ssl_pthread_server: ssl/ssl_pthread_server.c ../library/libmbedtls.a +ssl/ssl_pthread_server$(EXEXT): ssl/ssl_pthread_server.c ../library/libmbedtls.a echo " CC ssl/ssl_pthread_server.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_pthread_server.c $(LDFLAGS) -o $@ -lpthread -ssl/ssl_mail_client: ssl/ssl_mail_client.c ../library/libmbedtls.a +ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c ../library/libmbedtls.a echo " CC ssl/ssl_mail_client.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_mail_client.c $(LDFLAGS) -o $@ -test/ssl_cert_test: test/ssl_cert_test.c ../library/libmbedtls.a +test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c ../library/libmbedtls.a echo " CC test/ssl_cert_test.c" $(CC) $(CFLAGS) $(OFLAGS) test/ssl_cert_test.c $(LDFLAGS) -o $@ -test/benchmark: test/benchmark.c ../library/libmbedtls.a +test/benchmark$(EXEXT): test/benchmark.c ../library/libmbedtls.a echo " CC test/benchmark.c" $(CC) $(CFLAGS) $(OFLAGS) test/benchmark.c $(LDFLAGS) -o $@ -test/selftest: test/selftest.c ../library/libmbedtls.a +test/selftest$(EXEXT): test/selftest.c ../library/libmbedtls.a echo " CC test/selftest.c" $(CC) $(CFLAGS) $(OFLAGS) test/selftest.c $(LDFLAGS) -o $@ -test/ssl_test: test/ssl_test.c ../library/libmbedtls.a +test/ssl_test$(EXEXT): test/ssl_test.c ../library/libmbedtls.a echo " CC test/ssl_test.c" $(CC) $(CFLAGS) $(OFLAGS) test/ssl_test.c $(LDFLAGS) -o $@ -test/o_p_test: test/o_p_test.c ../library/libmbedtls.a +test/o_p_test$(EXEXT): test/o_p_test.c ../library/libmbedtls.a echo " CC test/o_p_test.c" $(CC) $(CFLAGS) $(OFLAGS) test/o_p_test.c $(LDFLAGS) -o $@ -lssl -lcrypto -util/pem2der: util/pem2der.c ../library/libmbedtls.a +util/pem2der$(EXEXT): util/pem2der.c ../library/libmbedtls.a echo " CC util/pem2der.c" $(CC) $(CFLAGS) $(OFLAGS) util/pem2der.c $(LDFLAGS) -o $@ -util/strerror: util/strerror.c ../library/libmbedtls.a +util/strerror$(EXEXT): util/strerror.c ../library/libmbedtls.a echo " CC util/strerror.c" $(CC) $(CFLAGS) $(OFLAGS) util/strerror.c $(LDFLAGS) -o $@ -x509/cert_app: x509/cert_app.c ../library/libmbedtls.a +x509/cert_app$(EXEXT): x509/cert_app.c ../library/libmbedtls.a echo " CC x509/cert_app.c" $(CC) $(CFLAGS) $(OFLAGS) x509/cert_app.c $(LDFLAGS) -o $@ -x509/crl_app: x509/crl_app.c ../library/libmbedtls.a +x509/crl_app$(EXEXT): x509/crl_app.c ../library/libmbedtls.a echo " CC x509/crl_app.c" $(CC) $(CFLAGS) $(OFLAGS) x509/crl_app.c $(LDFLAGS) -o $@ -x509/cert_req: x509/cert_req.c ../library/libmbedtls.a +x509/cert_req$(EXEXT): x509/cert_req.c ../library/libmbedtls.a echo " CC x509/cert_req.c" $(CC) $(CFLAGS) $(OFLAGS) x509/cert_req.c $(LDFLAGS) -o $@ diff --git a/tests/Makefile b/tests/Makefile index 850ff7bc..a39027e7 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -7,22 +7,36 @@ CFLAGS += -I../include -D_FILE_OFFSET_BITS=64 -Wall -W -Wdeclaration-after-state -Wno-unused-function -Wno-unused-value OFLAGS = -O2 -LDFLAGS += -L../library -lmbedtls $(SYS_LDFLAGS) +LDFLAGS += -L../library -lmbedtls$(SHARED_SUFFIX) $(SYS_LDFLAGS) +DLEXT=so ifndef SHARED DEP=../library/libmbedtls.a CHECK_PRELOAD= else -DEP=../library/libmbedtls.so -CHECK_PRELOAD= LD_PRELOAD=../library/libmbedtls.so +DEP=../library/libmbedtls.$(DLEXT) +CHECK_PRELOAD= LD_PRELOAD=../library/libmbedtls.$(DLEXT) endif ifdef DEBUG CFLAGS += -g3 endif +# +# if we running on Windows build +# for Windows +# ifdef WINDOWS +WINDOWS_BUILD=1 +endif + +ifdef WINDOWS_BUILD +DLEXT=dll +EXEXT=.exe LDFLAGS += -lws2_32 +ifdef SHARED +SHARED_SUFFIX=.$(DLEXT) +endif endif # Zlib shared library extensions: @@ -30,44 +44,44 @@ ifdef ZLIB LDFLAGS += -lz endif -APPS = test_suite_aes.ecb test_suite_aes.cbc \ - test_suite_aes.cfb test_suite_aes.rest \ - test_suite_arc4 test_suite_asn1write \ - test_suite_base64 test_suite_blowfish \ - test_suite_camellia test_suite_ccm \ - test_suite_cipher.aes \ - test_suite_cipher.arc4 test_suite_cipher.ccm \ - test_suite_cipher.gcm \ - test_suite_cipher.blowfish \ - test_suite_cipher.camellia \ - test_suite_cipher.des test_suite_cipher.null \ - test_suite_cipher.padding \ - test_suite_ctr_drbg test_suite_debug \ - test_suite_des test_suite_dhm \ - test_suite_ecdh test_suite_ecdsa \ - test_suite_ecp \ - test_suite_error test_suite_entropy \ - test_suite_gcm.aes128_de \ - test_suite_gcm.aes192_de \ - test_suite_gcm.aes256_de \ - test_suite_gcm.aes128_en \ - test_suite_gcm.aes192_en \ - test_suite_gcm.aes256_en \ - test_suite_gcm.camellia test_suite_hmac_shax \ - test_suite_hmac_drbg.misc \ - test_suite_hmac_drbg.no_reseed \ - test_suite_hmac_drbg.nopr \ - test_suite_hmac_drbg.pr \ - test_suite_md test_suite_mdx \ - test_suite_memory_buffer_alloc \ - test_suite_mpi test_suite_pbkdf2 \ - test_suite_pem \ - test_suite_pkcs1_v21 test_suite_pkcs5 \ - test_suite_pkparse test_suite_pkwrite \ - test_suite_pk \ - test_suite_rsa test_suite_shax \ - test_suite_x509parse test_suite_x509write \ - test_suite_xtea test_suite_version +APPS = test_suite_aes.ecb$(EXEXT) test_suite_aes.cbc$(EXEXT) \ + test_suite_aes.cfb$(EXEXT) test_suite_aes.rest$(EXEXT) \ + test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \ + test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \ + test_suite_camellia$(EXEXT) test_suite_ccm$(EXEXT) \ + test_suite_cipher.aes$(EXEXT) \ + test_suite_cipher.arc4$(EXEXT) test_suite_cipher.ccm$(EXEXT) \ + test_suite_cipher.gcm$(EXEXT) \ + test_suite_cipher.blowfish$(EXEXT) \ + test_suite_cipher.camellia$(EXEXT) \ + test_suite_cipher.des$(EXEXT) test_suite_cipher.null$(EXEXT) \ + test_suite_cipher.padding$(EXEXT) \ + test_suite_ctr_drbg$(EXEXT) test_suite_debug$(EXEXT) \ + test_suite_des$(EXEXT) test_suite_dhm$(EXEXT) \ + test_suite_ecdh$(EXEXT) test_suite_ecdsa$(EXEXT) \ + test_suite_ecp$(EXEXT) \ + test_suite_error$(EXEXT) test_suite_entropy$(EXEXT) \ + test_suite_gcm.aes128_de$(EXEXT) \ + test_suite_gcm.aes192_de$(EXEXT) \ + test_suite_gcm.aes256_de$(EXEXT) \ + test_suite_gcm.aes128_en$(EXEXT) \ + test_suite_gcm.aes192_en$(EXEXT) \ + test_suite_gcm.aes256_en$(EXEXT) \ + test_suite_gcm.camellia$(EXEXT) test_suite_hmac_shax$(EXEXT) \ + test_suite_hmac_drbg.misc$(EXEXT) \ + test_suite_hmac_drbg.no_reseed$(EXEXT) \ + test_suite_hmac_drbg.nopr$(EXEXT) \ + test_suite_hmac_drbg.pr$(EXEXT) \ + test_suite_md$(EXEXT) test_suite_mdx$(EXEXT) \ + test_suite_memory_buffer_alloc$(EXEXT) \ + test_suite_mpi$(EXEXT) test_suite_pbkdf2$(EXEXT) \ + test_suite_pem$(EXEXT) \ + test_suite_pkcs1_v21$(EXEXT) test_suite_pkcs5$(EXEXT) \ + test_suite_pkparse$(EXEXT) test_suite_pkwrite$(EXEXT) \ + test_suite_pk$(EXEXT) \ + test_suite_rsa$(EXEXT) test_suite_shax$(EXEXT) \ + test_suite_x509parse$(EXEXT) test_suite_x509write$(EXEXT) \ + test_suite_xtea$(EXEXT) test_suite_version$(EXEXT) .SILENT: @@ -173,233 +187,233 @@ test_suite_hmac_drbg.pr.c : suites/test_suite_hmac_drbg.function suites/test_sui echo " Generate $@" scripts/generate_code.pl suites $* $* -test_suite_aes.ecb: test_suite_aes.ecb.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_aes.ecb$(EXEXT): test_suite_aes.ecb.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_aes.cbc: test_suite_aes.cbc.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_aes.cbc$(EXEXT): test_suite_aes.cbc.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_aes.cfb: test_suite_aes.cfb.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_aes.cfb$(EXEXT): test_suite_aes.cfb.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_aes.rest: test_suite_aes.rest.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_aes.rest$(EXEXT): test_suite_aes.rest.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_arc4: test_suite_arc4.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_arc4$(EXEXT): test_suite_arc4.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_asn1write: test_suite_asn1write.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_asn1write$(EXEXT): test_suite_asn1write.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_base64: test_suite_base64.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_base64$(EXEXT): test_suite_base64.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_blowfish: test_suite_blowfish.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_blowfish$(EXEXT): test_suite_blowfish.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_camellia: test_suite_camellia.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_camellia$(EXEXT): test_suite_camellia.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_ccm: test_suite_ccm.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_ccm$(EXEXT): test_suite_ccm.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.aes: test_suite_cipher.aes.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.aes$(EXEXT): test_suite_cipher.aes.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.arc4: test_suite_cipher.arc4.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.arc4$(EXEXT): test_suite_cipher.arc4.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.ccm: test_suite_cipher.ccm.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.ccm$(EXEXT): test_suite_cipher.ccm.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.gcm: test_suite_cipher.gcm.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.gcm$(EXEXT): test_suite_cipher.gcm.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.blowfish: test_suite_cipher.blowfish.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.blowfish$(EXEXT): test_suite_cipher.blowfish.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.camellia: test_suite_cipher.camellia.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.camellia$(EXEXT): test_suite_cipher.camellia.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.des: test_suite_cipher.des.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.des$(EXEXT): test_suite_cipher.des.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.null: test_suite_cipher.null.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.null$(EXEXT): test_suite_cipher.null.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_cipher.padding: test_suite_cipher.padding.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_cipher.padding$(EXEXT): test_suite_cipher.padding.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_ctr_drbg: test_suite_ctr_drbg.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_ctr_drbg$(EXEXT): test_suite_ctr_drbg.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_des: test_suite_des.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_des$(EXEXT): test_suite_des.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_dhm: test_suite_dhm.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_dhm$(EXEXT): test_suite_dhm.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_ecdh: test_suite_ecdh.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_ecdh$(EXEXT): test_suite_ecdh.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_ecdsa: test_suite_ecdsa.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_ecdsa$(EXEXT): test_suite_ecdsa.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_ecp: test_suite_ecp.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_ecp$(EXEXT): test_suite_ecp.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_entropy: test_suite_entropy.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_entropy$(EXEXT): test_suite_entropy.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_error: test_suite_error.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_error$(EXEXT): test_suite_error.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes128_de: test_suite_gcm.aes128_de.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes128_de$(EXEXT): test_suite_gcm.aes128_de.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes192_de: test_suite_gcm.aes192_de.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes192_de$(EXEXT): test_suite_gcm.aes192_de.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes256_de: test_suite_gcm.aes256_de.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes256_de$(EXEXT): test_suite_gcm.aes256_de.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes128_en: test_suite_gcm.aes128_en.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes128_en$(EXEXT): test_suite_gcm.aes128_en.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes192_en: test_suite_gcm.aes192_en.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes192_en$(EXEXT): test_suite_gcm.aes192_en.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.aes256_en: test_suite_gcm.aes256_en.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.aes256_en$(EXEXT): test_suite_gcm.aes256_en.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_gcm.camellia: test_suite_gcm.camellia.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_gcm.camellia$(EXEXT): test_suite_gcm.camellia.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_hmac_drbg.misc: test_suite_hmac_drbg.misc.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_hmac_drbg.misc$(EXEXT): test_suite_hmac_drbg.misc.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_hmac_drbg.no_reseed: test_suite_hmac_drbg.no_reseed.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_hmac_drbg.no_reseed$(EXEXT): test_suite_hmac_drbg.no_reseed.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_hmac_drbg.nopr: test_suite_hmac_drbg.nopr.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_hmac_drbg.nopr$(EXEXT): test_suite_hmac_drbg.nopr.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_hmac_drbg.pr: test_suite_hmac_drbg.pr.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_hmac_drbg.pr$(EXEXT): test_suite_hmac_drbg.pr.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_hmac_shax: test_suite_hmac_shax.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_hmac_shax$(EXEXT): test_suite_hmac_shax.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_md: test_suite_md.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_md$(EXEXT): test_suite_md.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_mdx: test_suite_mdx.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_mdx$(EXEXT): test_suite_mdx.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_memory_buffer_alloc: test_suite_memory_buffer_alloc.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_memory_buffer_alloc$(EXEXT): test_suite_memory_buffer_alloc.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_mpi: test_suite_mpi.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_mpi$(EXEXT): test_suite_mpi.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pbkdf2: test_suite_pbkdf2.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pbkdf2$(EXEXT): test_suite_pbkdf2.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pem: test_suite_pem.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pem$(EXEXT): test_suite_pem.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pkcs1_v21: test_suite_pkcs1_v21.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pkcs1_v21$(EXEXT): test_suite_pkcs1_v21.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pkcs5: test_suite_pkcs5.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pkcs5$(EXEXT): test_suite_pkcs5.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pkparse: test_suite_pkparse.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pkparse$(EXEXT): test_suite_pkparse.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pkwrite: test_suite_pkwrite.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pkwrite$(EXEXT): test_suite_pkwrite.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_pk: test_suite_pk.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_pk$(EXEXT): test_suite_pk.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_rsa: test_suite_rsa.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_rsa$(EXEXT): test_suite_rsa.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_shax: test_suite_shax.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_shax$(EXEXT): test_suite_shax.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_x509parse: test_suite_x509parse.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_x509parse$(EXEXT): test_suite_x509parse.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_x509write: test_suite_x509write.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_x509write$(EXEXT): test_suite_x509write.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_xtea: test_suite_xtea.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_xtea$(EXEXT): test_suite_xtea.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_debug: test_suite_debug.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_debug$(EXEXT): test_suite_debug.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ -test_suite_version: test_suite_version.c $(DEP) - echo " CC $@.c" - $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_version$(EXEXT): test_suite_version.c $(DEP) + echo " CC $<" + $(CC) $(CFLAGS) $(OFLAGS) $< $(LDFLAGS) -o $@ clean: ifndef WINDOWS From 6fdc4cae53bc2a7db5f02c5e02a3ca1041cc5dbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 17:15:18 +0000 Subject: [PATCH 062/100] Fix potential signedness issue --- ChangeLog | 2 ++ library/asn1parse.c | 9 +++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5d44eb11..43b86124 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,8 @@ Bugfix * Fix hardclock() (only used in the benchmarking program) with some versions of mingw64 (found by kxjhlele). * Fix warnings from mingw64 in timing.c (found by kxjklele). + * Fix potential unintended sign extension in asn1_get_len() on 64-bit + platforms. Changes * Move from SHA-1 to SHA-256 in example programs using signatures diff --git a/library/asn1parse.c b/library/asn1parse.c index 67821404..763f32ad 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -77,7 +77,7 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 3 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 8 ) | (*p)[2]; + *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; (*p) += 3; break; @@ -85,7 +85,8 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 4 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 16 ) | ( (*p)[2] << 8 ) | (*p)[3]; + *len = ( (size_t)(*p)[1] << 16 ) | + ( (size_t)(*p)[2] << 8 ) | (*p)[3]; (*p) += 4; break; @@ -93,8 +94,8 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 5 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 24 ) | ( (*p)[2] << 16 ) | ( (*p)[3] << 8 ) | - (*p)[4]; + *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | + ( (size_t)(*p)[3] << 8 ) | (*p)[4]; (*p) += 5; break; From 5c078e17b966722b473951d1e4dd99d782a91990 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 13:56:39 +0000 Subject: [PATCH 063/100] Fix memory leak on bad arguments in ssl_server2 Not a big deal, but was annoying in coverity results. --- programs/ssl/ssl_server2.c | 146 +++++++++++++++++++++---------------- 1 file changed, 82 insertions(+), 64 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index bf90c10b..d1b76ac4 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -386,7 +386,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len ) dst = p; \ while( *p != ',' ) \ if( ++p > end ) \ - return( NULL ); \ + goto error; \ *p++ = '\0'; #if defined(POLARSSL_SNI) @@ -399,53 +399,6 @@ struct _sni_entry { sni_entry *next; }; -/* - * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]] - * into a usable sni_entry list. - * - * Modifies the input string! This is not production quality! - * (leaks memory if parsing fails, no error reporting, ...) - */ -sni_entry *sni_parse( char *sni_string ) -{ - sni_entry *cur = NULL, *new = NULL; - char *p = sni_string; - char *end = p; - char *crt_file, *key_file; - - while( *end != '\0' ) - ++end; - *end = ','; - - while( p <= end ) - { - if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL ) - return( NULL ); - - memset( new, 0, sizeof( sni_entry ) ); - - if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL || - ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL ) - return( NULL ); - - x509_crt_init( new->cert ); - pk_init( new->key ); - - GET_ITEM( new->name ); - GET_ITEM( crt_file ); - GET_ITEM( key_file ); - - if( x509_crt_parse_file( new->cert, crt_file ) != 0 || - pk_parse_keyfile( new->key, key_file, "" ) != 0 ) - return( NULL ); - - new->next = cur; - cur = new; - } - - return( cur ); -} - void sni_free( sni_entry *head ) { sni_entry *cur = head, *next; @@ -464,6 +417,67 @@ void sni_free( sni_entry *head ) } } +/* + * Parse a string of triplets name1,crt1,key1[,name2,crt2,key2[,...]] + * into a usable sni_entry list. + * + * Modifies the input string! This is not production quality! + */ +sni_entry *sni_parse( char *sni_string ) +{ + sni_entry *cur = NULL, *new = NULL; + char *p = sni_string; + char *end = p; + char *crt_file, *key_file; + + while( *end != '\0' ) + ++end; + *end = ','; + + while( p <= end ) + { + if( ( new = polarssl_malloc( sizeof( sni_entry ) ) ) == NULL ) + { + sni_free( cur ); + return( NULL ); + } + + memset( new, 0, sizeof( sni_entry ) ); + + if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL || + ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL ) + { + polarssl_free( new->cert ); + polarssl_free( new ); + sni_free( cur ); + return( NULL ); + } + + x509_crt_init( new->cert ); + pk_init( new->key ); + + GET_ITEM( new->name ); + GET_ITEM( crt_file ); + GET_ITEM( key_file ); + + if( x509_crt_parse_file( new->cert, crt_file ) != 0 || + pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + { + goto error; + } + + new->next = cur; + cur = new; + } + + return( cur ); + +error: + sni_free( new ); + sni_free( cur ); + return( NULL ); +} + /* * SNI callback. */ @@ -538,12 +552,26 @@ struct _psk_entry psk_entry *next; }; +/* + * Free a list of psk_entry's + */ +void psk_free( psk_entry *head ) +{ + psk_entry *next; + + while( head != NULL ) + { + next = head->next; + polarssl_free( head ); + head = next; + } +} + /* * Parse a string of pairs name1,key1[,name2,key2[,...]] * into a usable psk_entry list. * * Modifies the input string! This is not production quality! - * (leaks memory if parsing fails, no error reporting, ...) */ psk_entry *psk_parse( char *psk_string ) { @@ -567,28 +595,18 @@ psk_entry *psk_parse( char *psk_string ) GET_ITEM( key_hex ); if( unhexify( new->key, key_hex, &new->key_len ) != 0 ) - return( NULL ); + goto error; new->next = cur; cur = new; } return( cur ); -} -/* - * Free a list of psk_entry's - */ -void psk_free( psk_entry *head ) -{ - psk_entry *next; - - while( head != NULL ) - { - next = head->next; - polarssl_free( head ); - head = next; - } +error: + psk_free( new ); + psk_free( cur ); + return( 0 ); } /* From 85fadb749cf670d9774e407eb9c9fb6569346fcb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 14:57:25 +0000 Subject: [PATCH 064/100] Make loop bound more obvious Helps static analyzers and does not decrease human readability. --- library/gcm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/gcm.c b/library/gcm.c index 39cb189a..522a8b19 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -136,7 +136,7 @@ static int gcm_gen_table( gcm_context *ctx ) ctx->HH[i] = vh; } - for( i = 2; i < 16; i <<= 1 ) + for( i = 2; i <= 8; i *= 2 ) { uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i; vh = *HiH; From d48bf6892cad90aaf93346fc0d170f212884b466 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 15:05:32 +0000 Subject: [PATCH 065/100] Write literal byte more clearly --- library/md5.c | 2 +- library/sha1.c | 2 +- library/sha256.c | 2 +- library/sha512.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/library/md5.c b/library/md5.c index 9c5d73aa..b68bd4bc 100644 --- a/library/md5.c +++ b/library/md5.c @@ -580,7 +580,7 @@ int md5_self_test( int verbose ) if( i == 5 || i == 6 ) { - memset( buf, '\xAA', buflen = 80 ); + memset( buf, 0xAA, buflen = 80 ); md5_hmac_starts( &ctx, buf, buflen ); } else diff --git a/library/sha1.c b/library/sha1.c index c477e9a6..604f8ee1 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -622,7 +622,7 @@ int sha1_self_test( int verbose ) if( i == 5 || i == 6 ) { - memset( buf, '\xAA', buflen = 80 ); + memset( buf, 0xAA, buflen = 80 ); sha1_hmac_starts( &ctx, buf, buflen ); } else diff --git a/library/sha256.c b/library/sha256.c index dedc6b84..39444bc8 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -703,7 +703,7 @@ int sha256_self_test( int verbose ) if( j == 5 || j == 6 ) { - memset( buf, '\xAA', buflen = 131 ); + memset( buf, 0xAA, buflen = 131 ); sha256_hmac_starts( &ctx, buf, buflen, k ); } else diff --git a/library/sha512.c b/library/sha512.c index ed044ed8..5decc8fa 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -757,7 +757,7 @@ int sha512_self_test( int verbose ) if( j == 5 || j == 6 ) { - memset( buf, '\xAA', buflen = 131 ); + memset( buf, 0xAA, buflen = 131 ); sha512_hmac_starts( &ctx, buf, buflen, k ); } else From f53df4fcd8d94f1631418e0259e5b186b1485ac4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 15:48:23 +0000 Subject: [PATCH 066/100] Fix unchecked return values in mpi_demo --- programs/pkey/mpi_demo.c | 46 +++++++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 19 deletions(-) diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index 3b7c0857..7281c3a6 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -48,55 +48,63 @@ int main( void ) #else int main( void ) { + int ret; mpi E, P, Q, N, H, D, X, Y, Z; mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N ); mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); - mpi_read_string( &P, 10, "2789" ); - mpi_read_string( &Q, 10, "3203" ); - mpi_read_string( &E, 10, "257" ); - mpi_mul_mpi( &N, &P, &Q ); + MPI_CHK( mpi_read_string( &P, 10, "2789" ) ); + MPI_CHK( mpi_read_string( &Q, 10, "3203" ) ); + MPI_CHK( mpi_read_string( &E, 10, "257" ) ); + MPI_CHK( mpi_mul_mpi( &N, &P, &Q ) ); polarssl_printf( "\n Public key:\n\n" ); - mpi_write_file( " N = ", &N, 10, NULL ); - mpi_write_file( " E = ", &E, 10, NULL ); + MPI_CHK( mpi_write_file( " N = ", &N, 10, NULL ) ); + MPI_CHK( mpi_write_file( " E = ", &E, 10, NULL ) ); polarssl_printf( "\n Private key:\n\n" ); - mpi_write_file( " P = ", &P, 10, NULL ); - mpi_write_file( " Q = ", &Q, 10, NULL ); + MPI_CHK( mpi_write_file( " P = ", &P, 10, NULL ) ); + MPI_CHK( mpi_write_file( " Q = ", &Q, 10, NULL ) ); #if defined(POLARSSL_GENPRIME) - mpi_sub_int( &P, &P, 1 ); - mpi_sub_int( &Q, &Q, 1 ); - mpi_mul_mpi( &H, &P, &Q ); - mpi_inv_mod( &D, &E, &H ); + MPI_CHK( mpi_sub_int( &P, &P, 1 ) ); + MPI_CHK( mpi_sub_int( &Q, &Q, 1 ) ); + MPI_CHK( mpi_mul_mpi( &H, &P, &Q ) ); + MPI_CHK( mpi_inv_mod( &D, &E, &H ) ); mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ", &D, 10, NULL ); #else polarssl_printf("\nTest skipped (POLARSSL_GENPRIME not defined).\n\n"); #endif - mpi_read_string( &X, 10, "55555" ); - mpi_exp_mod( &Y, &X, &E, &N, NULL ); - mpi_exp_mod( &Z, &Y, &D, &N, NULL ); + MPI_CHK( mpi_read_string( &X, 10, "55555" ) ); + MPI_CHK( mpi_exp_mod( &Y, &X, &E, &N, NULL ) ); + MPI_CHK( mpi_exp_mod( &Z, &Y, &D, &N, NULL ) ); polarssl_printf( "\n RSA operation:\n\n" ); - mpi_write_file( " X (plaintext) = ", &X, 10, NULL ); - mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ); - mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ); + MPI_CHK( mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) ); + MPI_CHK( mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) ); + MPI_CHK( mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) ); polarssl_printf( "\n" ); +cleanup: mpi_free( &E ); mpi_free( &P ); mpi_free( &Q ); mpi_free( &N ); mpi_free( &H ); mpi_free( &D ); mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); + if( ret != 0 ) + { + polarssl_printf( "\nAn error occured.\n" ); + ret = 1; + } + #if defined(_WIN32) polarssl_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif - return( 0 ); + return( ret ); } #endif /* POLARSSL_BIGNUM_C && POLARSSL_FS_IO */ From 401caadebdb63ddf837e117a7ec1832c4f16d2d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 15:53:24 +0000 Subject: [PATCH 067/100] Align ssl_read in fork_server on ssl_server It was the only program using a weird do while( 0 ) with a continue inside --- programs/ssl/ssl_fork_server.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 3f3c6ade..42bba720 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -342,8 +342,11 @@ int main( void ) len = ret; polarssl_printf( " %d bytes read\n\n%s", len, (char *) buf ); + + if( ret > 0 ) + break; } - while( 0 ); + while( 1 ); /* * 7. Write the 200 Response From e43187d59d66deeda6be2c459f5a75c347b76a67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 14 Feb 2015 16:01:34 +0000 Subject: [PATCH 068/100] Fix possible fd leak in test file --- tests/suites/test_suite_mpi.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index 795d2a02..ce1a0720 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -97,6 +97,7 @@ void mpi_read_file( int radix_X, char *input_file, char *input_A, unsigned char buf[1000]; size_t buflen; FILE *file; + int ret; memset( buf, 0x00, 1000 ); memset( str, 0x00, 1000 ); @@ -105,8 +106,9 @@ void mpi_read_file( int radix_X, char *input_file, char *input_A, file = fopen( input_file, "r" ); TEST_ASSERT( file != NULL ); - TEST_ASSERT( mpi_read_file( &X, radix_X, file ) == result ); + ret = mpi_read_file( &X, radix_X, file ); fclose(file); + TEST_ASSERT( ret == result ); if( result == 0 ) { From 671589d9a207fe20e8949eb7f9b15d86a3e9b5e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 09:24:08 +0000 Subject: [PATCH 069/100] Fix return code in cert_app --- programs/x509/cert_app.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index dc541d3d..c97fa04d 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -351,6 +351,8 @@ int main( int argc, char *argv[] ) cur = cur->next; } + ret = 0; + /* * 1.3 Verify the certificate */ From fd9afb29d3c5969179319af171f8d6181f10eeb0 Mon Sep 17 00:00:00 2001 From: Mansour Moufid Date: Sun, 15 Feb 2015 17:34:22 -0500 Subject: [PATCH 070/100] Add a semantic patch to remove casts of malloc. --- scripts/rm-malloc-cast.cocci | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 scripts/rm-malloc-cast.cocci diff --git a/scripts/rm-malloc-cast.cocci b/scripts/rm-malloc-cast.cocci new file mode 100644 index 00000000..04893d97 --- /dev/null +++ b/scripts/rm-malloc-cast.cocci @@ -0,0 +1,7 @@ +@rm_malloc_cast@ +expression x, n; +type T; +@@ + x = +- (T *) + polarssl_malloc(n) From c531b4af3c711b668f469b7cef4e683c54000822 Mon Sep 17 00:00:00 2001 From: Mansour Moufid Date: Sun, 15 Feb 2015 17:35:38 -0500 Subject: [PATCH 071/100] Apply the semantic patch rm-malloc-cast.cocci. for dir in library programs; do spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \ --in-place; done --- library/asn1parse.c | 2 +- library/bignum.c | 4 ++-- library/cipher_wrap.c | 12 ++++++------ library/dhm.c | 2 +- library/ecp.c | 4 ++-- library/md_wrap.c | 8 ++++---- library/pem.c | 2 +- library/pkparse.c | 2 +- library/ssl_cache.c | 6 +++--- library/ssl_tls.c | 30 +++++++++++++++--------------- library/x509.c | 4 ++-- library/x509_crl.c | 2 +- library/x509_crt.c | 6 +++--- library/x509_csr.c | 2 +- programs/test/ssl_test.c | 4 ++-- programs/util/pem2der.c | 2 +- 16 files changed, 46 insertions(+), 46 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 763f32ad..4847f789 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -270,7 +270,7 @@ int asn1_get_sequence_of( unsigned char **p, /* Allocate and assign next pointer */ if( *p < end ) { - cur->next = (asn1_sequence *) polarssl_malloc( + cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); if( cur->next == NULL ) diff --git a/library/bignum.c b/library/bignum.c index e2cb92ef..91c79639 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -109,7 +109,7 @@ int mpi_grow( mpi *X, size_t nblimbs ) if( X->n < nblimbs ) { - if( ( p = (t_uint *) polarssl_malloc( nblimbs * ciL ) ) == NULL ) + if( ( p = polarssl_malloc( nblimbs * ciL ) ) == NULL ) return( POLARSSL_ERR_MPI_MALLOC_FAILED ); memset( p, 0, nblimbs * ciL ); @@ -149,7 +149,7 @@ int mpi_shrink( mpi *X, size_t nblimbs ) if( i < nblimbs ) i = nblimbs; - if( ( p = (t_uint *) polarssl_malloc( i * ciL ) ) == NULL ) + if( ( p = polarssl_malloc( i * ciL ) ) == NULL ) return( POLARSSL_ERR_MPI_MALLOC_FAILED ); memset( p, 0, i * ciL ); diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 736c2927..c958cf6c 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -182,7 +182,7 @@ static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, static void * aes_ctx_alloc( void ) { - aes_context *aes = (aes_context *) polarssl_malloc( sizeof( aes_context ) ); + aes_context *aes = polarssl_malloc( sizeof( aes_context ) ); if( aes == NULL ) return( NULL ); @@ -544,7 +544,7 @@ static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, static void * camellia_ctx_alloc( void ) { camellia_context *ctx; - ctx = (camellia_context *) polarssl_malloc( sizeof( camellia_context ) ); + ctx = polarssl_malloc( sizeof( camellia_context ) ); if( ctx == NULL ) return( NULL ); @@ -925,7 +925,7 @@ static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, static void * des_ctx_alloc( void ) { - des_context *des = (des_context *) polarssl_malloc( sizeof( des_context ) ); + des_context *des = polarssl_malloc( sizeof( des_context ) ); if( des == NULL ) return( NULL ); @@ -944,7 +944,7 @@ static void des_ctx_free( void *ctx ) static void * des3_ctx_alloc( void ) { des3_context *des3; - des3 = (des3_context *) polarssl_malloc( sizeof( des3_context ) ); + des3 = polarssl_malloc( sizeof( des3_context ) ); if( des3 == NULL ) return( NULL ); @@ -1148,7 +1148,7 @@ static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, static void * blowfish_ctx_alloc( void ) { blowfish_context *ctx; - ctx = (blowfish_context *) polarssl_malloc( sizeof( blowfish_context ) ); + ctx = polarssl_malloc( sizeof( blowfish_context ) ); if( ctx == NULL ) return( NULL ); @@ -1250,7 +1250,7 @@ static int arc4_setkey_wrap( void *ctx, const unsigned char *key, static void * arc4_ctx_alloc( void ) { arc4_context *ctx; - ctx = (arc4_context *) polarssl_malloc( sizeof( arc4_context ) ); + ctx = polarssl_malloc( sizeof( arc4_context ) ); if( ctx == NULL ) return( NULL ); diff --git a/library/dhm.c b/library/dhm.c index 5861f946..a7b275fe 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -507,7 +507,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n ) *n = (size_t) size; if( *n + 1 == 0 || - ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL ) + ( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) { fclose( f ); return( POLARSSL_ERR_DHM_MALLOC_FAILED ); diff --git a/library/ecp.c b/library/ecp.c index 1bb8dfe2..298c9643 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -813,7 +813,7 @@ static int ecp_normalize_jac_many( const ecp_group *grp, if( t_len < 2 ) return( ecp_normalize_jac( grp, *T ) ); - if( ( c = (mpi *) polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL ) + if( ( c = polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL ) return( POLARSSL_ERR_ECP_MALLOC_FAILED ); mpi_init( &u ); mpi_init( &Zi ); mpi_init( &ZZi ); @@ -1416,7 +1416,7 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, if( T == NULL ) { - T = (ecp_point *) polarssl_malloc( pre_len * sizeof( ecp_point ) ); + T = polarssl_malloc( pre_len * sizeof( ecp_point ) ); if( T == NULL ) { ret = POLARSSL_ERR_ECP_MALLOC_FAILED; diff --git a/library/md_wrap.c b/library/md_wrap.c index 95543736..ed5a63e4 100644 --- a/library/md_wrap.c +++ b/library/md_wrap.c @@ -395,7 +395,7 @@ static void ripemd160_hmac_reset_wrap( void *ctx ) static void * ripemd160_ctx_alloc( void ) { ripemd160_context *ctx; - ctx = (ripemd160_context *) polarssl_malloc( sizeof( ripemd160_context ) ); + ctx = polarssl_malloc( sizeof( ripemd160_context ) ); if( ctx == NULL ) return( NULL ); @@ -491,7 +491,7 @@ static void sha1_hmac_reset_wrap( void *ctx ) static void * sha1_ctx_alloc( void ) { sha1_context *ctx; - ctx = (sha1_context *) polarssl_malloc( sizeof( sha1_context ) ); + ctx = polarssl_malloc( sizeof( sha1_context ) ); if( ctx == NULL ) return( NULL ); @@ -700,7 +700,7 @@ static void sha256_hmac_wrap( const unsigned char *key, size_t keylen, static void * sha256_ctx_alloc( void ) { sha256_context *ctx; - ctx = (sha256_context *) polarssl_malloc( sizeof( sha256_context ) ); + ctx = polarssl_malloc( sizeof( sha256_context ) ); if( ctx == NULL ) return( NULL ); @@ -906,7 +906,7 @@ static void sha512_hmac_wrap( const unsigned char *key, size_t keylen, static void * sha512_ctx_alloc( void ) { sha512_context *ctx; - ctx = (sha512_context *) polarssl_malloc( sizeof( sha512_context ) ); + ctx = polarssl_malloc( sizeof( sha512_context ) ); if( ctx == NULL ) return( NULL ); diff --git a/library/pem.c b/library/pem.c index b5e8eeed..d850d40c 100644 --- a/library/pem.c +++ b/library/pem.c @@ -321,7 +321,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER ) return( POLARSSL_ERR_PEM_INVALID_DATA + ret ); - if( ( buf = (unsigned char *) polarssl_malloc( len ) ) == NULL ) + if( ( buf = polarssl_malloc( len ) ) == NULL ) return( POLARSSL_ERR_PEM_MALLOC_FAILED ); if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 ) diff --git a/library/pkparse.c b/library/pkparse.c index 4ca359a4..d8ee64af 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -89,7 +89,7 @@ int pk_load_file( const char *path, unsigned char **buf, size_t *n ) *n = (size_t) size; if( *n + 1 == 0 || - ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL ) + ( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) { fclose( f ); return( POLARSSL_ERR_PK_MALLOC_FAILED ); diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 30da95a5..7519f361 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -103,7 +103,7 @@ int ssl_cache_get( void *data, ssl_session *session ) */ if( entry->peer_cert.p != NULL ) { - if( ( session->peer_cert = (x509_crt *) polarssl_malloc( + if( ( session->peer_cert = polarssl_malloc( sizeof(x509_crt) ) ) == NULL ) { ret = 1; @@ -222,7 +222,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) /* * max_entries not reached, create new entry */ - cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) ); + cur = polarssl_malloc( sizeof(ssl_cache_entry) ); if( cur == NULL ) { ret = 1; @@ -259,7 +259,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) */ if( session->peer_cert != NULL ) { - cur->peer_cert.p = (unsigned char *) polarssl_malloc( + cur->peer_cert.p = polarssl_malloc( session->peer_cert->raw.len ); if( cur->peer_cert.p == NULL ) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2df81342..f526b5f6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -93,7 +93,7 @@ static int ssl_session_copy( ssl_session *dst, const ssl_session *src ) { int ret; - dst->peer_cert = (x509_crt *) polarssl_malloc( sizeof(x509_crt) ); + dst->peer_cert = polarssl_malloc( sizeof(x509_crt) ); if( dst->peer_cert == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); @@ -112,7 +112,7 @@ static int ssl_session_copy( ssl_session *dst, const ssl_session *src ) #if defined(POLARSSL_SSL_SESSION_TICKETS) if( src->ticket != NULL ) { - dst->ticket = (unsigned char *) polarssl_malloc( src->ticket_len ); + dst->ticket = polarssl_malloc( src->ticket_len ); if( dst->ticket == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); @@ -2748,7 +2748,7 @@ int ssl_parse_certificate( ssl_context *ssl ) polarssl_free( ssl->session_negotiate->peer_cert ); } - if( ( ssl->session_negotiate->peer_cert = (x509_crt *) polarssl_malloc( + if( ( ssl->session_negotiate->peer_cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ) { SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", @@ -3545,19 +3545,19 @@ static int ssl_handshake_init( ssl_context *ssl ) */ if( ssl->transform_negotiate == NULL ) { - ssl->transform_negotiate = (ssl_transform *) polarssl_malloc( + ssl->transform_negotiate = polarssl_malloc( sizeof(ssl_transform) ); } if( ssl->session_negotiate == NULL ) { - ssl->session_negotiate = (ssl_session *) polarssl_malloc( + ssl->session_negotiate = polarssl_malloc( sizeof(ssl_session) ); } if( ssl->handshake == NULL ) { - ssl->handshake = (ssl_handshake_params *) + ssl->handshake = polarssl_malloc( sizeof(ssl_handshake_params) ); } @@ -3631,7 +3631,7 @@ int ssl_init( ssl_context *ssl ) /* * Prepare base structures */ - ssl->in_ctr = (unsigned char *) polarssl_malloc( len ); + ssl->in_ctr = polarssl_malloc( len ); ssl->in_hdr = ssl->in_ctr + 8; ssl->in_iv = ssl->in_ctr + 13; ssl->in_msg = ssl->in_ctr + 13; @@ -3642,7 +3642,7 @@ int ssl_init( ssl_context *ssl ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); } - ssl->out_ctr = (unsigned char *) polarssl_malloc( len ); + ssl->out_ctr = polarssl_malloc( len ); ssl->out_hdr = ssl->out_ctr + 8; ssl->out_iv = ssl->out_ctr + 13; ssl->out_msg = ssl->out_ctr + 13; @@ -3783,7 +3783,7 @@ static int ssl_ticket_keys_init( ssl_context *ssl ) if( ssl->ticket_keys != NULL ) return( 0 ); - tkeys = (ssl_ticket_keys *) polarssl_malloc( sizeof(ssl_ticket_keys) ); + tkeys = polarssl_malloc( sizeof(ssl_ticket_keys) ); if( tkeys == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); @@ -3940,7 +3940,7 @@ static ssl_key_cert *ssl_add_key_cert( ssl_context *ssl ) { ssl_key_cert *key_cert, *last; - key_cert = (ssl_key_cert *) polarssl_malloc( sizeof(ssl_key_cert) ); + key_cert = polarssl_malloc( sizeof(ssl_key_cert) ); if( key_cert == NULL ) return( NULL ); @@ -3996,7 +3996,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, if( key_cert == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - key_cert->key = (pk_context *) polarssl_malloc( sizeof(pk_context) ); + key_cert->key = polarssl_malloc( sizeof(pk_context) ); if( key_cert->key == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); @@ -4028,7 +4028,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, if( key_cert == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - key_cert->key = (pk_context *) polarssl_malloc( sizeof(pk_context) ); + key_cert->key = polarssl_malloc( sizeof(pk_context) ); if( key_cert->key == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); @@ -4064,8 +4064,8 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, ssl->psk_len = psk_len; ssl->psk_identity_len = psk_identity_len; - ssl->psk = (unsigned char *) polarssl_malloc( ssl->psk_len ); - ssl->psk_identity = (unsigned char *) + ssl->psk = polarssl_malloc( ssl->psk_len ); + ssl->psk_identity = polarssl_malloc( ssl->psk_identity_len ); if( ssl->psk == NULL || ssl->psk_identity == NULL ) @@ -4148,7 +4148,7 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname ) if( ssl->hostname_len + 1 == 0 ) return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - ssl->hostname = (unsigned char *) polarssl_malloc( ssl->hostname_len + 1 ); + ssl->hostname = polarssl_malloc( ssl->hostname_len + 1 ); if( ssl->hostname == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); diff --git a/library/x509.c b/library/x509.c index 955d3496..3818c3f5 100644 --- a/library/x509.c +++ b/library/x509.c @@ -451,7 +451,7 @@ int x509_get_name( unsigned char **p, const unsigned char *end, /* Mark this item as being only one in a set */ cur->next_merged = 1; - cur->next = (x509_name *) polarssl_malloc( sizeof( x509_name ) ); + cur->next = polarssl_malloc( sizeof( x509_name ) ); if( cur->next == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); @@ -467,7 +467,7 @@ int x509_get_name( unsigned char **p, const unsigned char *end, if( *p == end ) return( 0 ); - cur->next = (x509_name *) polarssl_malloc( sizeof( x509_name ) ); + cur->next = polarssl_malloc( sizeof( x509_name ) ); if( cur->next == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); diff --git a/library/x509_crl.c b/library/x509_crl.c index ce6df6ea..78b925ca 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -279,7 +279,7 @@ int x509_crl_parse_der( x509_crl *chain, if( crl->version != 0 && crl->next == NULL ) { - crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) ); + crl->next = polarssl_malloc( sizeof( x509_crl ) ); if( crl->next == NULL ) { diff --git a/library/x509_crt.c b/library/x509_crt.c index 565435cb..9d5aa94e 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -359,7 +359,7 @@ static int x509_get_subject_alt_name( unsigned char **p, if( cur->next != NULL ) return( POLARSSL_ERR_X509_INVALID_EXTENSIONS ); - cur->next = (asn1_sequence *) polarssl_malloc( + cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); if( cur->next == NULL ) @@ -553,7 +553,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( crt == NULL || buf == NULL ) return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); - p = (unsigned char *) polarssl_malloc( len = buflen ); + p = polarssl_malloc( len = buflen ); if( p == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); @@ -810,7 +810,7 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, */ if( crt->version != 0 && crt->next == NULL ) { - crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) ); + crt->next = polarssl_malloc( sizeof( x509_crt ) ); if( crt->next == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); diff --git a/library/x509_csr.c b/library/x509_csr.c index a5c96936..ad49abc9 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -112,7 +112,7 @@ int x509_csr_parse_der( x509_csr *csr, /* * first copy the raw DER data */ - p = (unsigned char *) polarssl_malloc( len = buflen ); + p = polarssl_malloc( len = buflen ); if( p == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 5860683f..4e89eac1 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -299,8 +299,8 @@ static int ssl_test( struct options *opt ) } } - read_buf = (unsigned char *) polarssl_malloc( opt->buffer_size ); - write_buf = (unsigned char *) polarssl_malloc( opt->buffer_size ); + read_buf = polarssl_malloc( opt->buffer_size ); + write_buf = polarssl_malloc( opt->buffer_size ); if( read_buf == NULL || write_buf == NULL ) { diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 670daea0..2c0e585b 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -136,7 +136,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n ) *n = (size_t) size; if( *n + 1 == 0 || - ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL ) + ( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) { fclose( f ); return( -1 ); From 99b9259f76facffd66013851f5394bd21c1fcf84 Mon Sep 17 00:00:00 2001 From: Mansour Moufid Date: Sun, 15 Feb 2015 17:46:32 -0500 Subject: [PATCH 072/100] Fix whitespace of 369e6c20. --- library/asn1parse.c | 3 +-- library/ssl_cache.c | 3 +-- library/ssl_tls.c | 12 ++++-------- library/x509_crt.c | 3 +-- 4 files changed, 7 insertions(+), 14 deletions(-) diff --git a/library/asn1parse.c b/library/asn1parse.c index 4847f789..2cfd1295 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -270,8 +270,7 @@ int asn1_get_sequence_of( unsigned char **p, /* Allocate and assign next pointer */ if( *p < end ) { - cur->next = polarssl_malloc( - sizeof( asn1_sequence ) ); + cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); if( cur->next == NULL ) return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 7519f361..7fb30896 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -259,8 +259,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) */ if( session->peer_cert != NULL ) { - cur->peer_cert.p = polarssl_malloc( - session->peer_cert->raw.len ); + cur->peer_cert.p = polarssl_malloc( session->peer_cert->raw.len ); if( cur->peer_cert.p == NULL ) { ret = 1; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f526b5f6..c0fc3a2a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3545,20 +3545,17 @@ static int ssl_handshake_init( ssl_context *ssl ) */ if( ssl->transform_negotiate == NULL ) { - ssl->transform_negotiate = polarssl_malloc( - sizeof(ssl_transform) ); + ssl->transform_negotiate = polarssl_malloc( sizeof(ssl_transform) ); } if( ssl->session_negotiate == NULL ) { - ssl->session_negotiate = polarssl_malloc( - sizeof(ssl_session) ); + ssl->session_negotiate = polarssl_malloc( sizeof(ssl_session) ); } if( ssl->handshake == NULL ) { - ssl->handshake = - polarssl_malloc( sizeof(ssl_handshake_params) ); + ssl->handshake = polarssl_malloc( sizeof(ssl_handshake_params) ); } /* All pointers should exist and can be directly freed without issue */ @@ -4065,8 +4062,7 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, ssl->psk_identity_len = psk_identity_len; ssl->psk = polarssl_malloc( ssl->psk_len ); - ssl->psk_identity = - polarssl_malloc( ssl->psk_identity_len ); + ssl->psk_identity = polarssl_malloc( ssl->psk_identity_len ); if( ssl->psk == NULL || ssl->psk_identity == NULL ) return( POLARSSL_ERR_SSL_MALLOC_FAILED ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 9d5aa94e..d9f5fac2 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -359,8 +359,7 @@ static int x509_get_subject_alt_name( unsigned char **p, if( cur->next != NULL ) return( POLARSSL_ERR_X509_INVALID_EXTENSIONS ); - cur->next = polarssl_malloc( - sizeof( asn1_sequence ) ); + cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); if( cur->next == NULL ) return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + From f812054d00fca00ba78f514e18cc41f7ca7ff048 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 15:24:17 +0000 Subject: [PATCH 073/100] Revert "Replace SONAME with SOVERSION in makefile" This reverts commit 418080010a1dcc1cdcb192e603a8c3b9656dcb1a. In preparation of merging one external contribution that supersedes this. --- library/Makefile | 12 ++++++------ scripts/bump_version.sh | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/Makefile b/library/Makefile index f2e553f0..9a4c3fd7 100644 --- a/library/Makefile +++ b/library/Makefile @@ -25,9 +25,9 @@ CFLAGS += -fPIC endif endif -SOVERSION=8 +SONAME=libmbedtls.so.7 -DLEXT=so.$(SOVERSION) +DLEXT=so.8 # OSX shared library extension: # DLEXT=dylib @@ -92,14 +92,14 @@ libpolarssl.so: libmbedtls.so echo " LN $@ -> $?" ln -sf $? $@ +libmbedtls.${DLEXT}: $(OBJS) + echo " LD $@" + $(CC) ${LDFLAGS} -shared -Wl,-soname,$(SONAME) -o $@ $(OBJS) + libmbedtls.so: libmbedtls.${DLEXT} echo " LN $@ -> libmbedtls.${DLEXT}" ln -sf libmbedtls.${DLEXT} $@ -libmbedtls.so.$(SOVERSION): $(OBJS) - echo " LD $@" - $(CC) ${LDFLAGS} -shared -Wl,-soname,$@ -o $@ $(OBJS) - libmbedtls.dylib: $(OBJS) echo " LD $@" $(CC) ${LDFLAGS} -dynamiclib -o $@ $(OBJS) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 3ff5b609..ae744516 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -56,7 +56,7 @@ then mv tmp library/CMakeLists.txt [ $VERBOSE ] && echo "Bumping SOVERSION in library/Makefile" - sed -e "s/SOVERSION=[0-9]\+/SOVERSION=$SOVERSION/g" < library/Makefile > tmp + sed -e "s/SONAME=libpolarssl.so.[0-9]\+/SONAME=libpolarssl.so.$SOVERSION/g" -e "s/DLEXT=so.[0-9]\+/DLEXT=so.$SOVERSION/g" < library/Makefile > tmp mv tmp library/Makefile fi From 09eb14c01e378208db15f9c39588cc9c5dbfd946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 15:25:31 +0000 Subject: [PATCH 074/100] Revert "Require unix-utils in path for windows make" This reverts commit 5d46cca09a380410965cc65568a5fafbc2658e2e. In preparation of merging an external contribution that superseedes this Conflicts: ChangeLog --- ChangeLog | 3 --- README.rst | 6 ------ library/Makefile | 13 +++++++++++++ programs/Makefile | 5 +++++ tests/Makefile | 7 +++++++ 5 files changed, 25 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 43b86124..82f2310c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,9 +24,6 @@ Changes "minimize" others (eg use stddef.h if only size_t is needed). * Change #include lines in test files to use double quotes instead of angle brackets for uniformity with the rest of the code. - * Building with 'make' on windows now requires Unix utilities in the PATH - as well as a Unix shell. This enables more features such as the 'check' - target. * Remove dependency on sscanf() in X.509 parsing modules. = mbed TLS 1.3.10 released 2015-02-09 diff --git a/README.rst b/README.rst index 5275e1b7..004f0944 100644 --- a/README.rst +++ b/README.rst @@ -35,12 +35,6 @@ In order to run the tests, enter:: make check -If you're building on windows using mingw, msys, or some similar environment, you should define the WINDOWS variable (and possibly the CC variable too), eg:: - - make CC=gcc WINDOWS=1 - -You need to make sure the usual Unix utilities such as `ln` and `rm` are in your PATH and that make has access to a Unix shell. - Depending on your platform, you might run into some issues. Please check the Makefiles in *library/*, *programs/* and *tests/* for options to manually add or remove for specific platforms. You can also check `the mbed TLS Knowledge Base `_ for articles on your platform or issue. In case you find that you need to do something else as well, please let us know what, so we can add it to the KB. diff --git a/library/Makefile b/library/Makefile index 9a4c3fd7..d92d8039 100644 --- a/library/Makefile +++ b/library/Makefile @@ -80,7 +80,11 @@ shared: libpolarssl.so libpolarssl.a: libmbedtls.a echo " LN $@ -> $?" +ifndef WINDOWS ln -sf $? $@ +else + copy /y /b $? $@ +endif libmbedtls.a: $(OBJS) echo " AR $@" @@ -90,7 +94,11 @@ libmbedtls.a: $(OBJS) libpolarssl.so: libmbedtls.so echo " LN $@ -> $?" +ifndef WINDOWS ln -sf $? $@ +else + copy /y /b $? $@ +endif libmbedtls.${DLEXT}: $(OBJS) echo " LD $@" @@ -113,4 +121,9 @@ libmbedtls.dll: $(OBJS) $(CC) $(CFLAGS) $(OFLAGS) -c $< clean: +ifndef WINDOWS rm -f *.o libpolarssl.* libmbedtls.* +endif +ifdef WINDOWS + del /Q /F *.o libpolarssl.* libmbedtls.* +endif diff --git a/programs/Makefile b/programs/Makefile index 802e73c2..ba8dd316 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -242,7 +242,12 @@ x509/cert_req: x509/cert_req.c ../library/libmbedtls.a $(CC) $(CFLAGS) $(OFLAGS) x509/cert_req.c $(LDFLAGS) -o $@ clean: +ifndef WINDOWS rm -f $(APPS) +endif +ifdef WINDOWS + del /S /Q /F *.o *.exe +endif list: echo $(APPS) diff --git a/tests/Makefile b/tests/Makefile index b64eaffc..6489e52b 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -402,9 +402,15 @@ test_suite_version: test_suite_version.c $(DEP) $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ clean: +ifndef WINDOWS rm -f $(APPS) *.c +endif +ifdef WINDOWS + del /Q /F *.c *.exe +endif check: $(APPS) +ifndef WINDOWS echo "Running checks (Success if all tests PASSED)" RETURN=0; \ for i in $(APPS); \ @@ -421,3 +427,4 @@ check: $(APPS) echo ""; \ done; \ if [ "$$RETURN" -eq 1 ]; then exit 1; fi +endif From efd9dd0c44f7df279bd9478eb19c759f21731402 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 15:35:41 +0000 Subject: [PATCH 075/100] Adapt bump_version.sh to new Makefile --- scripts/bump_version.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index ae744516..64af2dcb 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -56,7 +56,7 @@ then mv tmp library/CMakeLists.txt [ $VERBOSE ] && echo "Bumping SOVERSION in library/Makefile" - sed -e "s/SONAME=libpolarssl.so.[0-9]\+/SONAME=libpolarssl.so.$SOVERSION/g" -e "s/DLEXT=so.[0-9]\+/DLEXT=so.$SOVERSION/g" < library/Makefile > tmp + sed -e "s/SOEXT=so.[0-9]\+/SOEXT=so.$SOVERSION/g" < library/Makefile > tmp mv tmp library/Makefile fi From ea0184bbeb711c5d538b2ff3420e2b67c958dafe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 15:42:16 +0000 Subject: [PATCH 076/100] Document changes to make for windows --- ChangeLog | 2 ++ README.rst | 2 ++ 2 files changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 82f2310c..790126c2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,8 @@ Features the platform layer. * Add an option to use macros instead of function pointers in the platform layer (helps get rid of unwanted references). + * Improved Makefiles for Windows targets by fixing library targets and making + cross-compilation easier (thanks to Alon Bar-Lev). Bugfix * Fix hardclock() (only used in the benchmarking program) with some diff --git a/README.rst b/README.rst index 004f0944..14f725d2 100644 --- a/README.rst +++ b/README.rst @@ -35,6 +35,8 @@ In order to run the tests, enter:: make check +In order to build for a Windows platform, you should use WINDOWS_BUILD=1 if the target is Windows but the build environment is Unix-like (eg when cross-compiling, or compiling from an MSYS shell), and WINDOWS=1 if the build environment is a Windows shell. + Depending on your platform, you might run into some issues. Please check the Makefiles in *library/*, *programs/* and *tests/* for options to manually add or remove for specific platforms. You can also check `the mbed TLS Knowledge Base `_ for articles on your platform or issue. In case you find that you need to do something else as well, please let us know what, so we can add it to the KB. From 1052022f5018ae66de6a0eaf2203895bfff07302 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 15:52:48 +0000 Subject: [PATCH 077/100] Remove gnutls from the travis build Causing spurious fails of ssl-opt.sh. Likely a version issue. It would be better to investigate the exact problem, and maybe adapt ssl-opt.sh to be check for a minimum version just as compat.sh does, but this is a quick fix. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 7f100c3b..0a51e7ee 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,7 @@ compiler: - clang - gcc before_install: sudo apt-get update -install: sudo apt-get install gnutls-bin valgrind perl +install: sudo apt-get install valgrind perl script: - cmake -D CMAKE_BUILD_TYPE:String="Check" . - make From 6448bceeb6fdc738bc4e78892fbc4dcb81834461 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 17:18:36 +0100 Subject: [PATCH 078/100] Add mingw cross-compile test to all.sh --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bbd59baa..62d02744 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -187,6 +187,12 @@ grep -v '^ar: creating' armcc.stderr || exit 1 rm armcc.stderr fi # armcc +if which i686-w64-mingw32-gcc >/dev/null; then +msg "build: cross-mingw64, make" # ~ 30s +cleanup +CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar CFLAGS=-Werror WINDOWS_BUILD=1 make +fi + # MemSan currently only available on Linux 64 bits if uname -a | grep 'Linux.*x86_64' >/dev/null; then From a6fc5b2c6a617a269ad95bb49e4f0c84cc2c762d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 24 Nov 2014 14:05:25 +0100 Subject: [PATCH 079/100] Add mini_client.c --- programs/.gitignore | 1 + programs/Makefile | 6 +- programs/ssl/CMakeLists.txt | 4 + programs/ssl/mini_client.c | 176 ++++++++++++++++++++++++++++++++++++ 4 files changed, 186 insertions(+), 1 deletion(-) create mode 100644 programs/ssl/mini_client.c diff --git a/programs/.gitignore b/programs/.gitignore index ae8617f1..80d75595 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -38,6 +38,7 @@ ssl/ssl_mail_client ssl/ssl_pthread_server ssl/ssl_server ssl/ssl_server2 +ssl/mini_client test/benchmark test/ecp-bench test/o_p_test diff --git a/programs/Makefile b/programs/Makefile index cda68e5e..c7aec12b 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -48,7 +48,7 @@ APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \ pkey/rsa_sign_pss$(EXEXT) pkey/rsa_verify_pss$(EXEXT) \ ssl/ssl_client1$(EXEXT) ssl/ssl_client2$(EXEXT) \ ssl/ssl_server$(EXEXT) ssl/ssl_server2$(EXEXT) \ - ssl/ssl_fork_server$(EXEXT) \ + ssl/ssl_fork_server$(EXEXT) ssl/mini_client$(EXEXT) \ ssl/ssl_mail_client$(EXEXT) random/gen_entropy$(EXEXT) \ random/gen_random_havege$(EXEXT) \ random/gen_random_ctr_drbg$(EXEXT) \ @@ -214,6 +214,10 @@ ssl/ssl_mail_client$(EXEXT): ssl/ssl_mail_client.c ../library/libmbedtls.a echo " CC ssl/ssl_mail_client.c" $(CC) $(CFLAGS) $(OFLAGS) ssl/ssl_mail_client.c $(LDFLAGS) -o $@ +ssl/mini_client$(EXEXT): ssl/mini_client.c ../library/libmbedtls.a + echo " CC ssl/mini_client.c" + $(CC) $(CFLAGS) $(OFLAGS) ssl/mini_client.c $(LDFLAGS) -o $@ + test/ssl_cert_test$(EXEXT): test/ssl_cert_test.c ../library/libmbedtls.a echo " CC test/ssl_cert_test.c" $(CC) $(CFLAGS) $(OFLAGS) test/ssl_cert_test.c $(LDFLAGS) -o $@ diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt index 9ba92410..b1b9fa8b 100644 --- a/programs/ssl/CMakeLists.txt +++ b/programs/ssl/CMakeLists.txt @@ -11,6 +11,7 @@ set(targets ssl_server ssl_fork_server ssl_mail_client + mini_client ) if(USE_PKCS11_HELPER_LIBRARY) @@ -39,6 +40,9 @@ target_link_libraries(ssl_fork_server ${libs}) add_executable(ssl_mail_client ssl_mail_client.c) target_link_libraries(ssl_mail_client ${libs}) +add_executable(mini_client mini_client.c) +target_link_libraries(mini_client ${libs}) + if(THREADS_FOUND) add_executable(ssl_pthread_server ssl_pthread_server.c) target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT}) diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c new file mode 100644 index 00000000..8223154d --- /dev/null +++ b/programs/ssl/mini_client.c @@ -0,0 +1,176 @@ +/* + * Minimal SSL client, used for memory measurements. + * + * Copyright (C) 2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://polarssl.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#if !defined(POLARSSL_CONFIG_FILE) +#include "polarssl/config.h" +#else +#include POLARSSL_CONFIG_FILE +#endif + +/* + * We're creating and connecting the socket "manually" rather than using the + * NET module, in order to avoid the overhead of getaddrinfo() which tends to + * dominate memory usage in small configurations. For the sake of simplicity, + * only a Unix version is implemented. + */ +#if defined(unix) || defined(__unix__) || defined(__unix) +#define UNIX +#endif + +#if !defined(POLARSSL_CTR_DRBG_C) || !defined(POLARSSL_ENTROPY_C) || \ + !defined(POLARSSL_NET_C) || !defined(POLARSSL_SSL_CLI_C) || \ + !defined(UNIX) +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#include +#define polarssl_printf printf +#endif +int main( void ) +{ + polarssl_printf( "POLARSSL_CTR_DRBG_C and/or POLARSSL_ENTROPY_C and/or " + "POLARSSL_NET_C and/or POLARSSL_SSL_CLI_C and/or UNIX " + "not defined.\n"); + return( 0 ); +} +#else + +#include + +#include "polarssl/net.h" +#include "polarssl/ssl.h" +#include "polarssl/entropy.h" +#include "polarssl/ctr_drbg.h" + +#include +#include +#include + +/* + * Hardcoded values for server host and port + */ +#define PORT_BE 0x1151 /* 4433 */ +#define PORT_LE 0x5111 +#define ADDR_BE 0x7f000001 /* 127.0.0.1 */ +#define ADDR_LE 0x0100007f + +#define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" + +const unsigned char psk[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f +}; +const char psk_id[] = "Client_identity"; + +const char *pers = "mini_client"; + +int main( void ) +{ + int ret = 0; + int server_fd = -1; + struct sockaddr_in addr; + + entropy_context entropy; + ctr_drbg_context ctr_drbg; + ssl_context ssl; + + /* + * 1. Initialize and setup stuff + */ + memset( &ssl, 0, sizeof( ssl_context ) ); + + entropy_init( &entropy ); + if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, + (const unsigned char *) pers, strlen( pers ) ) != 0 ) + { + ret = 1; + goto exit; + } + + if( ssl_init( &ssl ) != 0 ) + { + ret = 2; + goto exit; + } + + ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); + + ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); + + ssl_set_psk( &ssl, psk, sizeof( psk ), + (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + + /* + * 1. Start the connection + */ + memset( &addr, 0, sizeof( addr ) ); + addr.sin_family = AF_INET; + + ret = 1; /* for endianness detection */ + addr.sin_port = *((char *) &ret) == ret ? PORT_LE : PORT_BE; + addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; + ret = 0; + + if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) + { + ret = 3; + goto exit; + } + + if( connect( server_fd, + (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) + { + ret = 4; + goto exit; + } + + ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); + + if( ssl_handshake( &ssl ) != 0 ) + { + ret = 5; + goto exit; + } + + /* + * 2. Write the GET request and close the connection + */ + if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST, + sizeof( GET_REQUEST ) - 1 ) <= 0 ) + { + ret = 6; + goto exit; + } + + ssl_close_notify( &ssl ); + +exit: + if( server_fd != -1 ) + net_close( server_fd ); + + ssl_free( &ssl ); + ctr_drbg_free( &ctr_drbg ); + entropy_free( &entropy ); + + return( ret ); +} +#endif From 4d5cc11ed6a3dbb101aa0941af62a0e694d798f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Nov 2014 12:21:48 +0100 Subject: [PATCH 080/100] Add script to automate memory usage measurement --- scripts/massif_max.pl | 31 ++++++++++++++++++++++ scripts/memory.sh | 61 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100755 scripts/massif_max.pl create mode 100755 scripts/memory.sh diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl new file mode 100755 index 00000000..df30f0f8 --- /dev/null +++ b/scripts/massif_max.pl @@ -0,0 +1,31 @@ +#!/usr/bin/perl + +# Parse a massif.out.xxx file and output peak total memory usage + +use warnings; +use strict; + +use utf8; +use open qw(:std utf8); + +die unless @ARGV == 1; + +my @snaps; +open my $fh, '<', $ARGV[0] or die; +{ local $/ = 'snapshot='; @snaps = <$fh>; } +close $fh or die; + +my $max = 0; +for (@snaps) +{ + my ($heap, $heap_extra, $stack) = m{ + mem_heap_B=(\d+)\n + mem_heap_extra_B=(\d+)\n + mem_stacks_B=(\d+) + }xm; + next unless defined $heap; + my $total = $heap + $heap_extra + $stack; + $max = $total if $total > $max; +} + +printf "$max\n"; diff --git a/scripts/memory.sh b/scripts/memory.sh new file mode 100755 index 00000000..53b20e50 --- /dev/null +++ b/scripts/memory.sh @@ -0,0 +1,61 @@ +#!/bin/sh + +# Measure memory usage of a minimal client using a small configuration +# Currently hardwired to the ccm-psk configuration, may be expanded later + +set -eu + +CONFIG_H='include/polarssl/config.h' +CLIENT='mini_client' + +if [ -r $CONFIG_H ]; then :; else + echo "$CONFIG_H not found" >&2 + exit 1 +fi + +CONFIG_BAK=${CONFIG_H}.bak +cp $CONFIG_H $CONFIG_BAK + +cp configs/config-ccm-psk-tls1_2.h $CONFIG_H + +printf "Executable size... " + +make clean +CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os lib >/dev/null 2>&1 +cd programs +CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os ssl/$CLIENT >/dev/null +strip ssl/$CLIENT +stat -c'%s' ssl/$CLIENT +cd .. + +printf "Peak ram usage... " + +make clean +CFLAGS=-g3 make OFLAGS=-Os lib >/dev/null 2>&1 +cd programs +CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT ssl/ssl_server2 >/dev/null +cd .. + +rm -f massif.out.* + +programs/ssl/ssl_server2 psk=000102030405060708090A0B0C0D0E0F >/dev/null & +SRV_PID=$! +sleep 1; + +if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT > /dev/null 2>&1 +then + FAILED=0 +else + echo "client failed" >&2 + FAILED=1 +fi + +kill $SRV_PID +wait $SRV_PID + +scripts/massif_max.pl massif.out.* + +rm -f massif.out.* +mv $CONFIG_BAK $CONFIG_H + +exit $FAILED From 3b8926c9d162c308ac8d694594df479fe4be9ce5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 11:18:00 +0100 Subject: [PATCH 081/100] Adapt mini-client for config-suite-b.h --- programs/ssl/mini_client.c | 112 ++++++++++++++++++++++++++++++++++--- 1 file changed, 103 insertions(+), 9 deletions(-) diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 8223154d..a06d3455 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -1,5 +1,6 @@ /* * Minimal SSL client, used for memory measurements. + * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) * * Copyright (C) 2014, ARM Limited, All Rights Reserved * @@ -72,43 +73,120 @@ int main( void ) #define PORT_LE 0x5111 #define ADDR_BE 0x7f000001 /* 127.0.0.1 */ #define ADDR_LE 0x0100007f +#define HOSTNAME "localhost" /* for cert verification if enabled */ #define GET_REQUEST "GET / HTTP/1.0\r\n\r\n" +const char *pers = "mini_client"; + +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) const unsigned char psk[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; const char psk_id[] = "Client_identity"; +#endif -const char *pers = "mini_client"; +#if defined(POLARSSL_X509_CRT_PARSE_C) +/* This is tests/data_files/test-ca2.crt, a CA using EC secp384r1 */ +const unsigned char ca_cert[] = { + 0x30, 0x82, 0x02, 0x52, 0x30, 0x82, 0x01, 0xd7, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, + 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, + 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, + 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, + 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, + 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30, 0x39, + 0x32, 0x34, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, 0x17, 0x0d, 0x32, + 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x34, 0x39, 0x34, 0x38, 0x5a, + 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, + 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, + 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, + 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, + 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, + 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, + 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, + 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, + 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, + 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, + 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, + 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, + 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, + 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x81, 0xa0, 0x30, 0x81, 0x9d, 0x30, 0x1d, + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, 0x6d, 0x20, + 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, + 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, + 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, + 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, + 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, + 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0c, 0x06, + 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, + 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, + 0x69, 0x00, 0x30, 0x66, 0x02, 0x31, 0x00, 0xc3, 0xb4, 0x62, 0x73, 0x56, + 0x28, 0x95, 0x00, 0x7d, 0x78, 0x12, 0x26, 0xd2, 0x71, 0x7b, 0x19, 0xf8, + 0x8a, 0x98, 0x3e, 0x92, 0xfe, 0x33, 0x9e, 0xe4, 0x79, 0xd2, 0xfe, 0x7a, + 0xb7, 0x87, 0x74, 0x3c, 0x2b, 0xb8, 0xd7, 0x69, 0x94, 0x0b, 0xa3, 0x67, + 0x77, 0xb8, 0xb3, 0xbe, 0xd1, 0x36, 0x32, 0x02, 0x31, 0x00, 0xfd, 0x67, + 0x9c, 0x94, 0x23, 0x67, 0xc0, 0x56, 0xba, 0x4b, 0x33, 0x15, 0x00, 0xc6, + 0xe3, 0xcc, 0x31, 0x08, 0x2c, 0x9c, 0x8b, 0xda, 0xa9, 0x75, 0x23, 0x2f, + 0xb8, 0x28, 0xe7, 0xf2, 0x9c, 0x14, 0x3a, 0x40, 0x01, 0x5c, 0xaf, 0x0c, + 0xb2, 0xcf, 0x74, 0x7f, 0x30, 0x9f, 0x08, 0x43, 0xad, 0x20, +}; +#endif /* POLARSSL_X509_CRT_PARSE_C */ + +enum exit_codes +{ + exit_ok = 0, + ctr_drbg_init_failed, + ssl_init_failed, + socket_failed, + connect_failed, + x509_crt_parse_failed, + ssl_handshake_failed, + ssl_write_failed, +}; int main( void ) { - int ret = 0; + int ret = exit_ok; int server_fd = -1; struct sockaddr_in addr; +#if defined(POLARSSL_X509_CRT_PARSE_C) + x509_crt ca; +#endif entropy_context entropy; ctr_drbg_context ctr_drbg; ssl_context ssl; /* - * 1. Initialize and setup stuff + * 0. Initialize and setup stuff */ memset( &ssl, 0, sizeof( ssl_context ) ); +#if defined(POLARSSL_X509_CRT_PARSE_C) + x509_crt_init( &ca ); +#endif entropy_init( &entropy ); if( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) != 0 ) { - ret = 1; + ret = ssl_init_failed; goto exit; } if( ssl_init( &ssl ) != 0 ) { - ret = 2; + ret = ssl_init_failed; goto exit; } @@ -116,8 +194,21 @@ int main( void ) ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) ssl_set_psk( &ssl, psk, sizeof( psk ), (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); +#endif + +#if defined(POLARSSL_X509_CRT_PARSE_C) + if( x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) + { + ret = x509_crt_parse_failed; + goto exit; + } + + ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME ); + ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED ); +#endif /* * 1. Start the connection @@ -132,14 +223,14 @@ int main( void ) if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) { - ret = 3; + ret = socket_failed; goto exit; } if( connect( server_fd, (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) { - ret = 4; + ret = connect_failed; goto exit; } @@ -147,7 +238,7 @@ int main( void ) if( ssl_handshake( &ssl ) != 0 ) { - ret = 5; + ret = ssl_handshake_failed; goto exit; } @@ -157,7 +248,7 @@ int main( void ) if( ssl_write( &ssl, (const unsigned char *) GET_REQUEST, sizeof( GET_REQUEST ) - 1 ) <= 0 ) { - ret = 6; + ret = ssl_write_failed; goto exit; } @@ -170,6 +261,9 @@ exit: ssl_free( &ssl ); ctr_drbg_free( &ctr_drbg ); entropy_free( &entropy ); +#if defined(POLARSSL_X509_CRT_PARSE_C) + x509_crt_free( &ca ); +#endif return( ret ); } From f166c543ffc65c11bd46e6d84ac283ecd2534368 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 11:30:56 +0100 Subject: [PATCH 082/100] Adapt memory.sh to config-suite-b --- .gitignore | 3 ++ scripts/memory.sh | 95 +++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 90 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 916d7311..fee2a31c 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,9 @@ Coverage *.gcno *.gcda +# generated by scripts/memory.sh +massif-* + # MSVC files generated by CMake: /*.sln /*.vcxproj diff --git a/scripts/memory.sh b/scripts/memory.sh index 53b20e50..fb178eb9 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -1,7 +1,10 @@ #!/bin/sh # Measure memory usage of a minimal client using a small configuration -# Currently hardwired to the ccm-psk configuration, may be expanded later +# Currently hardwired to ccm-psk and suite-b, may be expanded later +# +# Use different build options for measuring executable size and memory usage, +# since for memory we want debug information. set -eu @@ -13,12 +16,39 @@ if [ -r $CONFIG_H ]; then :; else exit 1 fi +if grep -i cmake Makefile >/dev/null; then + echo "Not compatible with CMake" >&2 + exit 1 +fi + +if git status | grep -F $CONFIG_H >/dev/null 2>&1; then + echo "config.h not clean" >&2 + exit 1 +fi + +# preparation + CONFIG_BAK=${CONFIG_H}.bak cp $CONFIG_H $CONFIG_BAK +rm -f massif.out.* + +printf "building server... " + +make clean +make lib >/dev/null 2>&1 +(cd programs && make ssl/ssl_server2) >/dev/null +cp programs/ssl/ssl_server2 . + +echo "done" + +# first config + +echo "" +echo "config-ccm-psk-tls1_2:" cp configs/config-ccm-psk-tls1_2.h $CONFIG_H -printf "Executable size... " +printf " Executable size... " make clean CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os lib >/dev/null 2>&1 @@ -28,21 +58,19 @@ strip ssl/$CLIENT stat -c'%s' ssl/$CLIENT cd .. -printf "Peak ram usage... " +printf " Peak ram usage... " make clean CFLAGS=-g3 make OFLAGS=-Os lib >/dev/null 2>&1 cd programs -CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT ssl/ssl_server2 >/dev/null +CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT >/dev/null cd .. -rm -f massif.out.* - -programs/ssl/ssl_server2 psk=000102030405060708090A0B0C0D0E0F >/dev/null & +./ssl_server2 psk=000102030405060708090A0B0C0D0E0F >/dev/null & SRV_PID=$! sleep 1; -if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT > /dev/null 2>&1 +if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 then FAILED=0 else @@ -54,8 +82,59 @@ kill $SRV_PID wait $SRV_PID scripts/massif_max.pl massif.out.* +mv massif.out.* massif-ccm-psk.$$ + +# second config + +echo "" +echo "config-suite-b:" +cp configs/config-suite-b.h $CONFIG_H +scripts/config.pl unset POLARSSL_BASE64_C +scripts/config.pl unset POLARSSL_PEM_PARSE_C +scripts/config.pl unset POLARSSL_CERTS_C + +printf " Executable size... " + +make clean +CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os lib >/dev/null 2>&1 +cd programs +CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os ssl/$CLIENT >/dev/null +strip ssl/$CLIENT +stat -c'%s' ssl/$CLIENT +cd .. + +printf " Peak ram usage... " + +make clean +CFLAGS=-g3 make OFLAGS=-Os lib >/dev/null 2>&1 +cd programs +CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT >/dev/null +cd .. rm -f massif.out.* + +./ssl_server2 >/dev/null & +SRV_PID=$! +sleep 1; + +if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 +then + FAILED=0 +else + echo "client failed" >&2 + FAILED=1 +fi + +kill $SRV_PID +wait $SRV_PID + +scripts/massif_max.pl massif.out.* +mv massif.out.* massif-suite-b.$$ + +# cleanup + mv $CONFIG_BAK $CONFIG_H +make clean +rm ssl_server2 exit $FAILED From c5b849bb7d09ae97fc215ebc3d4063571e524d61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 12:15:47 +0100 Subject: [PATCH 083/100] Refactor memory.sh --- scripts/memory.sh | 150 ++++++++++++++++++++-------------------------- 1 file changed, 64 insertions(+), 86 deletions(-) diff --git a/scripts/memory.sh b/scripts/memory.sh index fb178eb9..4900fe1e 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -9,8 +9,12 @@ set -eu CONFIG_H='include/polarssl/config.h' + CLIENT='mini_client' +CFLAGS_EXEC=-fno-asynchronous-unwind-tables +CFLAGS_MEM=-g3 + if [ -r $CONFIG_H ]; then :; else echo "$CONFIG_H not found" >&2 exit 1 @@ -26,6 +30,59 @@ if git status | grep -F $CONFIG_H >/dev/null 2>&1; then exit 1 fi +# make measurements with one configuration +# usage: do_config +do_config() +{ + NAME=$1 + UNSET_LIST=$2 + SERVER_ARGS=$3 + + echo "" + echo "config-$NAME:" + cp configs/config-$NAME.h $CONFIG_H + + for FLAG in $UNSET_LIST; do + scripts/config.pl unset $FLAG + done + + printf " Executable size... " + + make clean + CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os lib >/dev/null 2>&1 + cd programs + CFLAGS=$CFLAGS_EXEC make OFLAGS=-Os ssl/$CLIENT >/dev/null + strip ssl/$CLIENT + stat -f '%z' ssl/$CLIENT + cd .. + + printf " Peak ram usage... " + + make clean + CFLAGS=$CFLAGS_MEM make OFLAGS=-Os lib >/dev/null 2>&1 + cd programs + CFLAGS=$CFLAGS_MEM make OFLAGS=-Os ssl/$CLIENT >/dev/null + cd .. + + ./ssl_server2 $SERVER_ARGS >/dev/null & + SRV_PID=$! + sleep 1; + + if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 + then + FAILED=0 + else + echo "client failed" >&2 + FAILED=1 + fi + + kill $SRV_PID + wait $SRV_PID + + scripts/massif_max.pl massif.out.* + mv massif.out.* massif-$NAME.$$ +} + # preparation CONFIG_BAK=${CONFIG_H}.bak @@ -42,94 +99,15 @@ cp programs/ssl/ssl_server2 . echo "done" -# first config +# actual measurements -echo "" -echo "config-ccm-psk-tls1_2:" -cp configs/config-ccm-psk-tls1_2.h $CONFIG_H +do_config "ccm-psk-tls1_2" \ + "" \ + "psk=000102030405060708090A0B0C0D0E0F" -printf " Executable size... " - -make clean -CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os lib >/dev/null 2>&1 -cd programs -CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os ssl/$CLIENT >/dev/null -strip ssl/$CLIENT -stat -c'%s' ssl/$CLIENT -cd .. - -printf " Peak ram usage... " - -make clean -CFLAGS=-g3 make OFLAGS=-Os lib >/dev/null 2>&1 -cd programs -CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT >/dev/null -cd .. - -./ssl_server2 psk=000102030405060708090A0B0C0D0E0F >/dev/null & -SRV_PID=$! -sleep 1; - -if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 -then - FAILED=0 -else - echo "client failed" >&2 - FAILED=1 -fi - -kill $SRV_PID -wait $SRV_PID - -scripts/massif_max.pl massif.out.* -mv massif.out.* massif-ccm-psk.$$ - -# second config - -echo "" -echo "config-suite-b:" -cp configs/config-suite-b.h $CONFIG_H -scripts/config.pl unset POLARSSL_BASE64_C -scripts/config.pl unset POLARSSL_PEM_PARSE_C -scripts/config.pl unset POLARSSL_CERTS_C - -printf " Executable size... " - -make clean -CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os lib >/dev/null 2>&1 -cd programs -CFLAGS=-fno-asynchronous-unwind-tables make OFLAGS=-Os ssl/$CLIENT >/dev/null -strip ssl/$CLIENT -stat -c'%s' ssl/$CLIENT -cd .. - -printf " Peak ram usage... " - -make clean -CFLAGS=-g3 make OFLAGS=-Os lib >/dev/null 2>&1 -cd programs -CFLAGS=-g3 make OFLAGS=-Os ssl/$CLIENT >/dev/null -cd .. - -rm -f massif.out.* - -./ssl_server2 >/dev/null & -SRV_PID=$! -sleep 1; - -if valgrind --tool=massif --stacks=yes programs/ssl/$CLIENT >/dev/null 2>&1 -then - FAILED=0 -else - echo "client failed" >&2 - FAILED=1 -fi - -kill $SRV_PID -wait $SRV_PID - -scripts/massif_max.pl massif.out.* -mv massif.out.* massif-suite-b.$$ +do_config "suite-b" \ + "POLARSSL_BASE64_C POLARSSL_PEM_PARSE_C POLARSSL_CERTS_C" \ + "" # cleanup From 0de7f947733fb77dbd9c98f3cba03457ce2a985a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 12:21:01 +0100 Subject: [PATCH 084/100] Enable NIST_OPTIM by default for config-suite-b --- configs/config-suite-b.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 81ec7256..3e8f1531 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -68,8 +68,8 @@ #define POLARSSL_ECP_WINDOW_SIZE 2 #define POLARSSL_ECP_FIXED_POINT_OPTIM 0 -/* Uncomment for a significant speed benefit at the expense of some ROM */ -//#define POLARSSL_ECP_NIST_OPTIM +/* Significant speed benefit at the expense of some ROM */ +#define POLARSSL_ECP_NIST_OPTIM /* * You should adjust this to the exact number of sources you're using: default From c6dbc8eb84082748c2e9eb619c0e58ea1695de4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 14:05:45 +0100 Subject: [PATCH 085/100] Output stack+heap usage with massif --- scripts/massif_max.pl | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl index df30f0f8..d1ce4ca7 100755 --- a/scripts/massif_max.pl +++ b/scripts/massif_max.pl @@ -15,7 +15,7 @@ open my $fh, '<', $ARGV[0] or die; { local $/ = 'snapshot='; @snaps = <$fh>; } close $fh or die; -my $max = 0; +my ($max, $max_heap, $max_he, $max_stack) = (0, 0, 0, 0); for (@snaps) { my ($heap, $heap_extra, $stack) = m{ @@ -25,7 +25,9 @@ for (@snaps) }xm; next unless defined $heap; my $total = $heap + $heap_extra + $stack; - $max = $total if $total > $max; + if( $total > $max ) { + ($max, $max_heap, $max_he, $max_stack) = ($total, $heap, $heap_extra, $stack); + } } -printf "$max\n"; +printf "$max (heap $max_heap+$max_he, stack $max_stack)\n"; From 92471fb3e5db4affd9beef351bbeefd823c9edde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 17:56:03 +0100 Subject: [PATCH 086/100] Disable SRV_C for client measurement --- scripts/memory.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/memory.sh b/scripts/memory.sh index 4900fe1e..710ee96e 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -41,6 +41,7 @@ do_config() echo "" echo "config-$NAME:" cp configs/config-$NAME.h $CONFIG_H + scripts/config.pl unset POLARSSL_SSL_SRV_C for FLAG in $UNSET_LIST; do scripts/config.pl unset $FLAG From a2424a045afa2253071150e11db4d70a638eb172 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 1 Dec 2014 18:04:58 +0100 Subject: [PATCH 087/100] PKCS8 encrypted key depend on PKCS5 or PKCS12 --- library/pkparse.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/pkparse.c b/library/pkparse.c index d8ee64af..aec43f1d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -924,6 +924,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( /* * Parse an encrypted PKCS#8 encoded private key */ +#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) static int pk_parse_key_pkcs8_encrypted_der( pk_context *pk, const unsigned char *key, size_t keylen, @@ -1041,6 +1042,7 @@ static int pk_parse_key_pkcs8_encrypted_der( return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); } +#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ /* * Parse a private key @@ -1132,6 +1134,7 @@ int pk_parse_key( pk_context *pk, else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); +#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) ret = pem_read_buffer( &pem, "-----BEGIN ENCRYPTED PRIVATE KEY-----", "-----END ENCRYPTED PRIVATE KEY-----", @@ -1150,6 +1153,7 @@ int pk_parse_key( pk_context *pk, } else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); +#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ #else ((void) pwd); ((void) pwdlen); @@ -1162,6 +1166,7 @@ int pk_parse_key( pk_context *pk, * We try the different DER format parsers to see if one passes without * error */ +#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen, pwd, pwdlen ) ) == 0 ) { @@ -1174,6 +1179,7 @@ int pk_parse_key( pk_context *pk, { return( ret ); } +#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 ) return( 0 ); From b8ca72315411ea2b659c5d7dba0c36097f0574a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 2 Dec 2014 10:09:10 +0100 Subject: [PATCH 088/100] Only define mode_func if mode is enabled (CBC etc) --- include/polarssl/cipher.h | 14 +++ library/cipher_wrap.c | 245 ++++++++++++++++++-------------------- 2 files changed, 132 insertions(+), 127 deletions(-) diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index e291ef67..d890ff9c 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -43,6 +43,10 @@ #define POLARSSL_CIPHER_MODE_WITH_PADDING #endif +#if defined(POLARSSL_ARC4_C) +#define POLARSSL_CIPHER_MODE_STREAM +#endif + #if defined(_MSC_VER) && !defined(inline) #define inline _inline #else @@ -182,24 +186,32 @@ typedef struct { int (*ecb_func)( void *ctx, operation_t mode, const unsigned char *input, unsigned char *output ); +#if defined(POLARSSL_CIPHER_MODE_CBC) /** Encrypt using CBC */ int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ); +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) /** Encrypt using CFB (Full length) */ int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ); +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) /** Encrypt using CTR */ int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ); +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) /** Encrypt using STREAM */ int (*stream_func)( void *ctx, size_t length, const unsigned char *input, unsigned char *output ); +#endif /** Set key for encryption purposes */ int (*setkey_enc_func)( void *ctx, const unsigned char *key, @@ -262,9 +274,11 @@ typedef struct { /** Operation that the context's key has been initialised for */ operation_t operation; +#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) /** Padding functions to use, if relevant for cipher mode */ void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); +#endif /** Buffer for data that hasn't been encrypted yet */ unsigned char unprocessed_data[POLARSSL_MAX_BLOCK_LENGTH]; diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index c958cf6c..12fc5c68 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -110,63 +110,34 @@ static int aes_crypt_ecb_wrap( void *ctx, operation_t operation, return aes_crypt_ecb( (aes_context *) ctx, operation, input, output ); } +#if defined(POLARSSL_CIPHER_MODE_CBC) static int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CBC) return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ } +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#if defined(POLARSSL_CIPHER_MODE_CFB) static int aes_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CFB) return aes_crypt_cfb128( (aes_context *) ctx, operation, length, iv_off, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv_off); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CFB */ } +#endif /* POLARSSL_CIPHER_MODE_CFB */ +#if defined(POLARSSL_CIPHER_MODE_CTR) static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CTR) return aes_crypt_ctr( (aes_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); -#else - ((void) ctx); - ((void) length); - ((void) nc_off); - ((void) nonce_counter); - ((void) stream_block); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ } +#endif /* POLARSSL_CIPHER_MODE_CTR */ static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) @@ -201,10 +172,18 @@ static void aes_ctx_free( void *ctx ) const cipher_base_t aes_info = { POLARSSL_CIPHER_ID_AES, aes_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) aes_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) aes_crypt_cfb128_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) aes_crypt_ctr_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif aes_setkey_enc_wrap, aes_setkey_dec_wrap, aes_ctx_alloc, @@ -360,10 +339,18 @@ static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, const cipher_base_t gcm_aes_info = { POLARSSL_CIPHER_ID_AES, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif gcm_aes_setkey_wrap, gcm_aes_setkey_wrap, gcm_ctx_alloc, @@ -415,10 +402,18 @@ static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, const cipher_base_t ccm_aes_info = { POLARSSL_CIPHER_ID_AES, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif ccm_aes_setkey_wrap, ccm_aes_setkey_wrap, ccm_ctx_alloc, @@ -470,64 +465,35 @@ static int camellia_crypt_ecb_wrap( void *ctx, operation_t operation, output ); } +#if defined(POLARSSL_CIPHER_MODE_CBC) static int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CBC) return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ } +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#if defined(POLARSSL_CIPHER_MODE_CFB) static int camellia_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CFB) return camellia_crypt_cfb128( (camellia_context *) ctx, operation, length, iv_off, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv_off); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CFB */ } +#endif /* POLARSSL_CIPHER_MODE_CFB */ +#if defined(POLARSSL_CIPHER_MODE_CTR) static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CTR) return camellia_crypt_ctr( (camellia_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); -#else - ((void) ctx); - ((void) length); - ((void) nc_off); - ((void) nonce_counter); - ((void) stream_block); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ } +#endif /* POLARSSL_CIPHER_MODE_CTR */ static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) @@ -563,10 +529,18 @@ static void camellia_ctx_free( void *ctx ) const cipher_base_t camellia_info = { POLARSSL_CIPHER_ID_CAMELLIA, camellia_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) camellia_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) camellia_crypt_cfb128_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) camellia_crypt_ctr_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif camellia_setkey_enc_wrap, camellia_setkey_dec_wrap, camellia_ctx_alloc, @@ -722,10 +696,18 @@ static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, const cipher_base_t gcm_camellia_info = { POLARSSL_CIPHER_ID_CAMELLIA, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif gcm_camellia_setkey_wrap, gcm_camellia_setkey_wrap, gcm_ctx_alloc, @@ -777,10 +759,18 @@ static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, const cipher_base_t ccm_camellia_info = { POLARSSL_CIPHER_ID_CAMELLIA, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif ccm_camellia_setkey_wrap, ccm_camellia_setkey_wrap, ccm_ctx_alloc, @@ -839,41 +829,23 @@ static int des3_crypt_ecb_wrap( void *ctx, operation_t operation, return des3_crypt_ecb( (des3_context *) ctx, input, output ); } +#if defined(POLARSSL_CIPHER_MODE_CBC) static int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CBC) return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ } +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#if defined(POLARSSL_CIPHER_MODE_CBC) static int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CBC) return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ } +#endif /* POLARSSL_CIPHER_MODE_CBC */ static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) @@ -963,10 +935,18 @@ static void des3_ctx_free( void *ctx ) const cipher_base_t des_info = { POLARSSL_CIPHER_ID_DES, des_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) des_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif des_setkey_enc_wrap, des_setkey_dec_wrap, des_ctx_alloc, @@ -1000,10 +980,18 @@ const cipher_info_t des_cbc_info = { const cipher_base_t des_ede_info = { POLARSSL_CIPHER_ID_DES, des3_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) des3_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif des3_set2key_enc_wrap, des3_set2key_dec_wrap, des3_ctx_alloc, @@ -1037,10 +1025,18 @@ const cipher_info_t des_ede_cbc_info = { const cipher_base_t des_ede3_info = { POLARSSL_CIPHER_ID_DES, des3_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) des3_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif des3_set3key_enc_wrap, des3_set3key_dec_wrap, des3_ctx_alloc, @@ -1080,64 +1076,35 @@ static int blowfish_crypt_ecb_wrap( void *ctx, operation_t operation, output ); } +#if defined(POLARSSL_CIPHER_MODE_CBC) static int blowfish_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CBC) return blowfish_crypt_cbc( (blowfish_context *) ctx, operation, length, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ } +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#if defined(POLARSSL_CIPHER_MODE_CFB) static int blowfish_crypt_cfb64_wrap( void *ctx, operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CFB) return blowfish_crypt_cfb64( (blowfish_context *) ctx, operation, length, iv_off, iv, input, output ); -#else - ((void) ctx); - ((void) operation); - ((void) length); - ((void) iv_off); - ((void) iv); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CFB */ } +#endif /* POLARSSL_CIPHER_MODE_CFB */ +#if defined(POLARSSL_CIPHER_MODE_CTR) static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { -#if defined(POLARSSL_CIPHER_MODE_CTR) return blowfish_crypt_ctr( (blowfish_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); -#else - ((void) ctx); - ((void) length); - ((void) nc_off); - ((void) nonce_counter); - ((void) stream_block); - ((void) input); - ((void) output); - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ } +#endif /* POLARSSL_CIPHER_MODE_CTR */ static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) @@ -1167,10 +1134,18 @@ static void blowfish_ctx_free( void *ctx ) const cipher_base_t blowfish_info = { POLARSSL_CIPHER_ID_BLOWFISH, blowfish_crypt_ecb_wrap, +#if defined(POLARSSL_CIPHER_MODE_CBC) blowfish_crypt_cbc_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) blowfish_crypt_cfb64_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) blowfish_crypt_ctr_wrap, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) NULL, +#endif blowfish_setkey_wrap, blowfish_setkey_wrap, blowfish_ctx_alloc, @@ -1269,10 +1244,18 @@ static void arc4_ctx_free( void *ctx ) const cipher_base_t arc4_base_info = { POLARSSL_CIPHER_ID_ARC4, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) arc4_crypt_stream_wrap, +#endif arc4_setkey_wrap, arc4_setkey_wrap, arc4_ctx_alloc, @@ -1324,10 +1307,18 @@ static void null_ctx_free( void *ctx ) const cipher_base_t null_base_info = { POLARSSL_CIPHER_ID_NULL, NULL, +#if defined(POLARSSL_CIPHER_MODE_CBC) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CFB) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) NULL, +#endif +#if defined(POLARSSL_CIPHER_MODE_STREAM) null_crypt_stream, +#endif null_setkey, null_setkey, null_ctx_alloc, From 128657d64525475a14902d2c11c3013cf47ba5b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 18 Dec 2014 16:35:52 +0000 Subject: [PATCH 089/100] Use memory_buffer_alloc() in benchmark if available Allows to measure memory by primitive. --- programs/test/benchmark.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 675547b3..c0c7a11e 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -61,9 +61,8 @@ #include "polarssl/ecdh.h" #include "polarssl/error.h" -#include -#include -#include +#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) +#include "polarssl/memory_buffer_alloc.h" #endif #if defined _MSC_VER && !defined snprintf @@ -182,6 +181,9 @@ int main( int argc, char *argv[] ) unsigned char tmp[200]; char title[TITLE_LEN]; todo_list todo; +#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) + unsigned char malloc_buf[1000000] = { 0 }; +#endif if( argc == 1 ) memset( &todo, 1, sizeof( todo ) ); @@ -243,6 +245,9 @@ int main( int argc, char *argv[] ) polarssl_printf( "\n" ); +#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) + memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) ); +#endif memset( buf, 0xAA, sizeof( buf ) ); memset( tmp, 0xBB, sizeof( tmp ) ); @@ -642,6 +647,13 @@ int main( int argc, char *argv[] ) #endif polarssl_printf( "\n" ); +#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) +#if defined(POLARSSL_MEMORY_DEBUG) + memory_buffer_alloc_status(); +#endif + memory_buffer_alloc_free(); +#endif + #if defined(_WIN32) polarssl_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); From 50da0482e0a0759182df74ee6e1605735be8e42f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 19 Dec 2014 12:10:37 +0100 Subject: [PATCH 090/100] Add heap usage for PK in benchmark --- include/polarssl/memory_buffer_alloc.h | 21 +++++ library/memory_buffer_alloc.c | 18 ++++ programs/test/benchmark.c | 119 +++++++++++++++++++++++-- 3 files changed, 151 insertions(+), 7 deletions(-) diff --git a/include/polarssl/memory_buffer_alloc.h b/include/polarssl/memory_buffer_alloc.h index ab36b416..3bba1c19 100644 --- a/include/polarssl/memory_buffer_alloc.h +++ b/include/polarssl/memory_buffer_alloc.h @@ -97,6 +97,27 @@ void memory_buffer_set_verify( int verify ); * trace if POLARSSL_MEMORY_BACKTRACE is defined. */ void memory_buffer_alloc_status( void ); + +/** + * \brief Get the peak heap usage so far + * + * \param max_used Peak number of bytes reauested by the application + * \param max_blocks Peak number of blocks reauested by the application + */ +void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); + +/** + * \brief Reset peak statistics + */ +void memory_buffer_alloc_max_reset( void ); + +/** + * \brief Get the current heap usage + * + * \param cur_used Number of bytes reauested by the application + * \param cur_blocks Number of blocks reauested by the application + */ +void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); #endif /* POLARSSL_MEMORY_DEBUG */ /** diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index bf488835..3713f805 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -519,6 +519,24 @@ void memory_buffer_alloc_status() debug_chain(); } } + +void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) +{ + *max_used = heap.maximum_used; + *max_blocks = heap.maximum_header_count; +} + +void memory_buffer_alloc_max_reset( void ) +{ + heap.maximum_used = 0; + heap.maximum_header_count = 0; +} + +void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) +{ + *cur_used = heap.total_used; + *cur_blocks = heap.header_count; +} #endif /* POLARSSL_MEMORY_DEBUG */ #if defined(POLARSSL_THREADING_C) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index c0c7a11e..5f102681 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -36,6 +36,18 @@ #define polarssl_exit exit #endif +/* + * For heap usage estimates, we need an estimate of the overhead per allocated + * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, + * so use that as our baseline. + */ +#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) ) + +/* + * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined. + */ +#define HEAP_SIZE (1u << 16) // 64k + #if defined(POLARSSL_TIMING_C) #include "polarssl/timing.h" @@ -113,12 +125,43 @@ do { \ ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \ } while( 0 ) +#if defined(POLARSSL_ERROR_C) +#define PRINT_ERROR \ + polarssl_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \ + polarssl_printf( "FAILED: %s\n", tmp ); +#else +#define PRINT_ERROR \ + polarssl_printf( "FAILED: -0x%04x\n", -ret ); +#endif + +#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && defined(POLARSSL_MEMORY_DEBUG) + +#define MEMORY_MEASURE_INIT \ + size_t max_used, max_blocks, max_bytes; \ + size_t prv_used, prv_blocks; \ + memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \ + memory_buffer_alloc_max_reset( ); + +#define MEMORY_MEASURE_PRINT( title_len ) \ + memory_buffer_alloc_max_get( &max_used, &max_blocks ); \ + for( i = 12 - title_len; i != 0; i-- ) polarssl_printf( " " ); \ + max_used -= prv_used; \ + max_blocks -= prv_blocks; \ + max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \ + polarssl_printf( "%6u heap bytes", (unsigned) max_bytes ); + +#else +#define MEMORY_MEASURE_INIT( l ) +#define MEMORY_MEASURE_PRINT +#endif + #define TIME_PUBLIC( TITLE, TYPE, CODE ) \ do { \ unsigned long i; \ int ret; \ + MEMORY_MEASURE_INIT; \ \ - polarssl_printf( HEADER_FORMAT, TITLE ); \ + polarssl_printf( HEADER_FORMAT, TITLE ); \ fflush( stdout ); \ set_alarm( 3 ); \ \ @@ -130,10 +173,14 @@ do { \ \ if( ret != 0 ) \ { \ -PRINT_ERROR; \ + PRINT_ERROR; \ } \ else \ - polarssl_printf( "%9lu " TYPE "/s\n", i / 3 ); \ + { \ + polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \ + MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \ + polarssl_printf( "\n" ); \ + } \ } while( 0 ) #if !defined(POLARSSL_TIMING_C) @@ -166,6 +213,26 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } +/* + * Clear some memory that was used to prepare the context + */ +#if defined(POLARSSL_ECP_C) +void ecp_clear_precomputed( ecp_group *grp ) +{ + if( grp->T != NULL ) + { + size_t i; + for( i = 0; i < grp->T_size; i++ ) + ecp_point_free( &grp->T[i] ); + polarssl_free( grp->T ); + } + grp->T = NULL; + grp->T_size = 0; +} +#else +#define ecp_clear_precomputed( g ) +#endif + unsigned char buf[BUFSIZE]; typedef struct { @@ -182,7 +249,7 @@ int main( int argc, char *argv[] ) char title[TITLE_LEN]; todo_list todo; #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - unsigned char malloc_buf[1000000] = { 0 }; + unsigned char malloc_buf[HEAP_SIZE] = { 0 }; #endif if( argc == 1 ) @@ -591,6 +658,7 @@ int main( int argc, char *argv[] ) if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) polarssl_exit( 1 ); + ecp_clear_precomputed( &ecdsa.grp ); polarssl_snprintf( title, sizeof( title ), "ECDSA-%s", curve_info->name ); @@ -598,6 +666,25 @@ int main( int argc, char *argv[] ) ret = ecdsa_write_signature( &ecdsa, buf, curve_info->size, tmp, &sig_len, myrand, NULL ) ); + ecdsa_free( &ecdsa ); + } + + for( curve_info = ecp_curve_list(); + curve_info->grp_id != POLARSSL_ECP_DP_NONE; + curve_info++ ) + { + ecdsa_init( &ecdsa ); + + if( ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 || + ecdsa_write_signature( &ecdsa, buf, curve_info->size, + tmp, &sig_len, myrand, NULL ) != 0 ) + { + exit( 1 ); + } + ecp_clear_precomputed( &ecdsa.grp ); + + snprintf( title, sizeof( title ), "ECDSA-%s", + curve_info->name ); TIME_PUBLIC( title, "verify", ret = ecdsa_read_signature( &ecdsa, buf, curve_info->size, tmp, sig_len ) ); @@ -627,6 +714,7 @@ int main( int argc, char *argv[] ) { polarssl_exit( 1 ); } + ecp_clear_precomputed( &ecdh.grp ); polarssl_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); @@ -635,6 +723,25 @@ int main( int argc, char *argv[] ) myrand, NULL ); ret |= ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), myrand, NULL ) ); + ecdh_free( &ecdh ); + } + + for( curve_info = ecp_curve_list(); + curve_info->grp_id != POLARSSL_ECP_DP_NONE; + curve_info++ ) + { + ecdh_init( &ecdh ); + + if( ecp_use_known_dp( &ecdh.grp, curve_info->grp_id ) != 0 || + ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), + myrand, NULL ) != 0 || + ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 || + ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), + myrand, NULL ) != 0 ) + { + exit( 1 ); + } + ecp_clear_precomputed( &ecdh.grp ); polarssl_snprintf( title, sizeof( title ), "ECDH-%s", curve_info->name ); @@ -645,12 +752,10 @@ int main( int argc, char *argv[] ) } } #endif + polarssl_printf( "\n" ); #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) -#if defined(POLARSSL_MEMORY_DEBUG) - memory_buffer_alloc_status(); -#endif memory_buffer_alloc_free(); #endif From 0da7b040d1a0bc1163edb76690f520516ca32517 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 19 Dec 2014 17:52:32 +0100 Subject: [PATCH 091/100] Rm usunused member in private struct --- library/memory_buffer_alloc.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 3713f805..48cda6ca 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -75,7 +75,6 @@ typedef struct size_t len; memory_header *first; memory_header *first_free; - size_t current_alloc_size; int verify; #if defined(POLARSSL_MEMORY_DEBUG) size_t malloc_count; From 71e75dc2f06b043e312396ff94c4b9652a4010b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 19 Dec 2014 18:05:43 +0100 Subject: [PATCH 092/100] Fix unused variable issue in some configs --- programs/test/benchmark.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 5f102681..725c2d09 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -244,7 +244,7 @@ typedef struct { int main( int argc, char *argv[] ) { - int keysize, i; + int i; unsigned char tmp[200]; char title[TITLE_LEN]; todo_list todo; @@ -385,6 +385,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_CIPHER_MODE_CBC) if( todo.aes_cbc ) { + int keysize; aes_context aes; aes_init( &aes ); for( keysize = 128; keysize <= 256; keysize += 64 ) @@ -404,6 +405,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_GCM_C) if( todo.aes_gcm ) { + int keysize; gcm_context gcm; for( keysize = 128; keysize <= 256; keysize += 64 ) { @@ -424,6 +426,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_CCM_C) if( todo.aes_ccm ) { + int keysize; ccm_context ccm; for( keysize = 128; keysize <= 256; keysize += 64 ) { @@ -446,6 +449,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_CAMELLIA_C) && defined(POLARSSL_CIPHER_MODE_CBC) if( todo.camellia ) { + int keysize; camellia_context camellia; camellia_init( &camellia ); for( keysize = 128; keysize <= 256; keysize += 64 ) @@ -467,6 +471,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_BLOWFISH_C) && defined(POLARSSL_CIPHER_MODE_CBC) if( todo.blowfish ) { + int keysize; blowfish_context blowfish; blowfish_init( &blowfish ); @@ -571,6 +576,7 @@ int main( int argc, char *argv[] ) #if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) if( todo.rsa ) { + int keysize; rsa_context rsa; for( keysize = 1024; keysize <= 4096; keysize *= 2 ) { From 500de6eb184629f245d1b3ec3eb302b631588f88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 19 Dec 2014 18:06:47 +0100 Subject: [PATCH 093/100] New script ecc-heap.sh --- scripts/ecc-heap.sh | 69 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100755 scripts/ecc-heap.sh diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh new file mode 100755 index 00000000..edd41323 --- /dev/null +++ b/scripts/ecc-heap.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +# Measure heap usage (and perfomance) of ECC operations with various values of +# the relevant tunable compile-time parameters. + +set -eu + +CONFIG_H='include/polarssl/config.h' + +if [ -r $CONFIG_H ]; then :; else + echo "$CONFIG_H not found" >&2 + exit 1 +fi + +if grep -i cmake Makefile >/dev/null; then :; else + echo "Needs Cmake" >&2 + exit 1 +fi + +if git status | grep -F $CONFIG_H >/dev/null 2>&1; then + echo "config.h not clean" >&2 + exit 1 +fi + +CONFIG_BAK=${CONFIG_H}.bak +cp $CONFIG_H $CONFIG_BAK + +cat << EOF >$CONFIG_H +#define POLARSSL_PLATFORM_C +#define POLARSSL_PLATFORM_MEMORY +#define POLARSSL_MEMORY_BUFFER_ALLOC_C +#define POLARSSL_MEMORY_DEBUG + +#define POLARSSL_TIMING_C + +#define POLARSSL_BIGNUM_C +#define POLARSSL_ECP_C +#define POLARSSL_ASN1_PARSE_C +#define POLARSSL_ASN1_WRITE_C +#define POLARSSL_ECDSA_C +#define POLARSSL_ECDH_C + +#define POLARSSL_ECP_DP_SECP192R1_ENABLED +#define POLARSSL_ECP_DP_SECP224R1_ENABLED +#define POLARSSL_ECP_DP_SECP256R1_ENABLED +#define POLARSSL_ECP_DP_SECP384R1_ENABLED +#define POLARSSL_ECP_DP_SECP521R1_ENABLED + +#include "check_config.h" + +//#define POLARSSL_ECP_WINDOW_SIZE 6 +//#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 +EOF + +for F in 0 1; do + for W in 2 3 4 5 6; do + scripts/config.pl set POLARSSL_ECP_WINDOW_SIZE $W + scripts/config.pl set POLARSSL_ECP_FIXED_POINT_OPTIM $F + make benchmark >/dev/null 2>&1 + echo "fixed point optim = $F, max window size = $W" + echo "--------------------------------------------" + programs/test/benchmark + done +done + +# cleanup + +mv $CONFIG_BAK $CONFIG_H +make clean From e579dab5f06bbf1dacfb2e36786adf91ea97dca7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 29 Jan 2015 16:28:44 +0000 Subject: [PATCH 094/100] Fix compile issue when buffer_alloc not available --- programs/test/benchmark.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 725c2d09..5b28dcfc 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -151,8 +151,8 @@ do { \ polarssl_printf( "%6u heap bytes", (unsigned) max_bytes ); #else -#define MEMORY_MEASURE_INIT( l ) -#define MEMORY_MEASURE_PRINT +#define MEMORY_MEASURE_INIT +#define MEMORY_MEASURE_PRINT( title_len ) #endif #define TIME_PUBLIC( TITLE, TYPE, CODE ) \ From 85391f2a6503fdb245c06dce038d09b902d44926 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Feb 2015 09:54:48 +0000 Subject: [PATCH 095/100] Add curve25519 to the benchmark program --- programs/test/benchmark.c | 45 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 5b28dcfc..26db6839 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -704,6 +704,9 @@ int main( int argc, char *argv[] ) if( todo.ecdh ) { ecdh_context ecdh; +#if defined(POLARSSL_ECP_DP_M255_ENABLED) + mpi z; +#endif const ecp_curve_info *curve_info; size_t olen; @@ -732,6 +735,27 @@ int main( int argc, char *argv[] ) ecdh_free( &ecdh ); } + /* Curve25519 needs to be handled separately */ +#if defined(POLARSSL_ECP_DP_M255_ENABLED) + ecdh_init( &ecdh ); + mpi_init( &z ); + + if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 || + ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 ) + { + exit( 1 ); + } + + TIME_PUBLIC( "ECDHE-Curve25519", "handshake", + ret |= ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, + myrand, NULL ); + ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, + myrand, NULL ) ); + + ecdh_free( &ecdh ); + mpi_free( &z ); +#endif + for( curve_info = ecp_curve_list(); curve_info->grp_id != POLARSSL_ECP_DP_NONE; curve_info++ ) @@ -756,6 +780,27 @@ int main( int argc, char *argv[] ) myrand, NULL ) ); ecdh_free( &ecdh ); } + + /* Curve25519 needs to be handled separately */ +#if defined(POLARSSL_ECP_DP_M255_ENABLED) + ecdh_init( &ecdh ); + mpi_init( &z ); + + if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 || + ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, + myrand, NULL ) != 0 || + ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 ) + { + exit( 1 ); + } + + TIME_PUBLIC( "ECDH-Curve25519", "handshake", + ret |= ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, + myrand, NULL ) ); + + ecdh_free( &ecdh ); + mpi_free( &z ); +#endif } #endif From 8b7d7d6c0bee1dc0c0f02e7a5a70f725d4682525 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Feb 2015 10:00:30 +0000 Subject: [PATCH 096/100] Add curve25519 to ecc-heap.sh --- scripts/ecc-heap.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index edd41323..4f88a442 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -2,6 +2,10 @@ # Measure heap usage (and perfomance) of ECC operations with various values of # the relevant tunable compile-time parameters. +# +# Usage (preferably on a 32-bit platform): +# cmake -D CMAKE_BUILD_TYPE=Release . +# scripts/ecc-heap.sh | tee ecc-heap.log set -eu @@ -45,6 +49,7 @@ cat << EOF >$CONFIG_H #define POLARSSL_ECP_DP_SECP256R1_ENABLED #define POLARSSL_ECP_DP_SECP384R1_ENABLED #define POLARSSL_ECP_DP_SECP521R1_ENABLED +#define POLARSSL_ECP_DP_M255_ENABLED #include "check_config.h" From 7defc7759d2bd47a692b1d607e210b1ca5be135b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Feb 2015 11:42:42 +0100 Subject: [PATCH 097/100] Code cosmetics --- programs/test/benchmark.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 26db6839..65580ec6 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -106,7 +106,7 @@ do { \ unsigned long i, j, tsc; \ \ - polarssl_printf( HEADER_FORMAT, TITLE ); \ + polarssl_printf( HEADER_FORMAT, TITLE ); \ fflush( stdout ); \ \ set_alarm( 1 ); \ @@ -121,8 +121,9 @@ do { \ CODE; \ } \ \ - polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, \ - ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \ + polarssl_printf( "%9lu Kb/s, %9lu cycles/byte\n", \ + i * BUFSIZE / 1024, \ + ( hardclock() - tsc ) / ( j * BUFSIZE ) ); \ } while( 0 ) #if defined(POLARSSL_ERROR_C) @@ -177,9 +178,9 @@ do { \ } \ else \ { \ - polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \ + polarssl_printf( "%6lu " TYPE "/s", i / 3 ); \ MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \ - polarssl_printf( "\n" ); \ + polarssl_printf( "\n" ); \ } \ } while( 0 ) From 491a3fe0578b570d823c199d367c73c36e4063c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Feb 2015 12:08:47 +0100 Subject: [PATCH 098/100] Fix compile error in memory_buffer_alloc_selftest --- library/memory_buffer_alloc.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 48cda6ca..73710081 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -611,7 +611,10 @@ static int check_pointer( void *p ) static int check_all_free( ) { - if( heap.current_alloc_size != 0 || + if( +#if defined(POLARSSL_MEMORY_DEBUG) + heap.total_used != 0 || +#endif heap.first != heap.first_free || (void *) heap.first != (void *) heap.buf ) { From 714929bf0da39d2c5b73173ea7a28a8864f3cb9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 17:32:47 +0000 Subject: [PATCH 099/100] Fix issues introduced when rebasing --- programs/test/benchmark.c | 49 ++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 65580ec6..735b443a 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -33,22 +33,18 @@ #define polarssl_exit exit #define polarssl_printf printf #define polarssl_snprintf snprintf -#define polarssl_exit exit #endif -/* - * For heap usage estimates, we need an estimate of the overhead per allocated - * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, - * so use that as our baseline. - */ -#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) ) +#if !defined(POLARSSL_TIMING_C) +int main( void ) +{ + polarssl_printf("POLARSSL_TIMING_C not defined.\n"); + return( 0 ); +} +#else -/* - * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined. - */ -#define HEAP_SIZE (1u << 16) // 64k +#include -#if defined(POLARSSL_TIMING_C) #include "polarssl/timing.h" #include "polarssl/md4.h" @@ -81,6 +77,18 @@ #define snprintf _snprintf #endif +/* + * For heap usage estimates, we need an estimate of the overhead per allocated + * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, + * so use that as our baseline. + */ +#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) ) + +/* + * Size to use for the malloc buffer if MEMORY_BUFFER_ALLOC_C is defined. + */ +#define HEAP_SIZE (1u << 16) // 64k + #define BUFSIZE 1024 #define HEADER_FORMAT " %-24s : " #define TITLE_LEN 25 @@ -184,13 +192,6 @@ do { \ } \ } while( 0 ) -#if !defined(POLARSSL_TIMING_C) -int main( void ) -{ - polarssl_printf("POLARSSL_TIMING_C not defined.\n"); - return( 0 ); -} -#else static int myrand( void *rng_state, unsigned char *output, size_t len ) { size_t use_len; @@ -686,11 +687,11 @@ int main( int argc, char *argv[] ) ecdsa_write_signature( &ecdsa, buf, curve_info->size, tmp, &sig_len, myrand, NULL ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } ecp_clear_precomputed( &ecdsa.grp ); - snprintf( title, sizeof( title ), "ECDSA-%s", + polarssl_snprintf( title, sizeof( title ), "ECDSA-%s", curve_info->name ); TIME_PUBLIC( title, "verify", ret = ecdsa_read_signature( &ecdsa, buf, curve_info->size, @@ -744,7 +745,7 @@ int main( int argc, char *argv[] ) if( ecp_use_known_dp( &ecdh.grp, POLARSSL_ECP_DP_M255 ) != 0 || ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } TIME_PUBLIC( "ECDHE-Curve25519", "handshake", @@ -770,7 +771,7 @@ int main( int argc, char *argv[] ) ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), myrand, NULL ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } ecp_clear_precomputed( &ecdh.grp ); @@ -792,7 +793,7 @@ int main( int argc, char *argv[] ) myrand, NULL ) != 0 || ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 ) { - exit( 1 ); + polarssl_exit( 1 ); } TIME_PUBLIC( "ECDH-Curve25519", "handshake", From ad350ed75909e5d1083e1e171bf07ce71b590e84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 16 Feb 2015 17:45:35 +0000 Subject: [PATCH 100/100] Update Changelog for the mem-measure branch --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ChangeLog b/ChangeLog index 790126c2..a834aa7c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,12 @@ Features layer (helps get rid of unwanted references). * Improved Makefiles for Windows targets by fixing library targets and making cross-compilation easier (thanks to Alon Bar-Lev). + * The benchmark program also prints heap usage for public-key primitives + if POLARSSL_MEMORY_BUFFER_ALLOC_C and POLARSSL_MEMORY_DEBUG are defined. + * New script ecc-heap.sh helps measuring the impact of ECC parameters on + speed and RAM (heap only for now) usage. + * New script memory.sh helps measuring the ROM and RAM requirements of two + reduced configurations (PSK-CCM and NSA suite B). Bugfix * Fix hardclock() (only used in the benchmarking program) with some